D-Link DXS-1210-10TS Скачать руководство пользователя страница 237 | Manualshive

Страница: 237 / 394

background image

DXS-1210 Series Smart Managed Switch CLI Reference Guide

234

30.

Network Access Authentication Commands

30-1

authentication guest-vlan

This command is used to configure the guest VLAN setting. Use the no form of this command to
remove the guest VLAN.

authentication guest-vlan VLAN-ID

no authentication guest-vlan

Parameters

VLAN-ID

Specifies the authentication guest VLAN.

Default

None.

Command Mode

Interface Configuration Mode.

Command Default Level

Level: 12.

Usage Guideline

This command cannot be configured if the specified VLAN does not exist as a static VLAN. The host
cannot access the network until it passes the authentication. If the guest VLAN is configured, the host
is allowed to access the guest VLAN without passing the authentication. During authentication, if the
RADIUS server assigns a VLAN to the user, then the user will be authorized to this assigned VLAN.
Guest VLAN and VLAN assignment does not take effect on trunk VLAN port and VLAN tunnel port.

Normally guest VLAN and VLAN assignment are functioning for hosts that connect to untagged ports.
It may cause unexpected behavior if it is functioning on hosts that send tagged packets.

If the authentication host-mode is set to multi-host, the port will be added as a guest VLAN member
port and the PVID of the port will change to guest VLAN. Traffic that comes from guest VLAN can be
forward whatever whether authenticated. Traffic that comes from other VLANs will still be dropped
until it pass authentication. When one host passes authentication, the port will leave the guest VLAN
and be added to the assigned VLAN. The PVID of the port will be changed to the assigned VLAN.

If the authentication host-mode is set to multi-auth, the port will be added as a guest VLAN member
port and the PVID of the port will be changed to a guest VLAN. Hosts that are allowed to access the
guest VLAN are forbidden to access other VLANs until it pass authentication. When one host passes
authentication, the port will stay in the guest VLAN, the PVID of the port will not be changed.

If guest VLAN is disabled, the port will exit the guest VLAN and return to the native VLAN. The PVID
will change to the native VLAN.

Example

This example shows how to specify VLAN 5 as a guest VLAN.

Switch# configure terminal

Switch(config)#interface eth 1/0/1

Switch(config-if)# authentication guest-vlan 5

Switch(config-if)#

30-2

authentication host-mode

This command is used to specify the authentication mode. Use the no form of this command to revert
to the default setting.

«
...
235
236
237
238
239
...
»

Содержание DXS-1210-10TS

Страница 1: ......

Страница 2: ... ERPS Commands 125 19 Filter Database FDB Commands 137 20 IGMP Snooping Commands 145 21 Interface Commands 157 22 IP Utility Commands 168 23 Jumbo Frame Commands 170 24 Link Aggregation Control Protocol LACP Commands 171 25 Link Layer Discovery Protocol LLDP Commands 176 26 Loopback Detection LBD Commands 203 27 Mirror Commands 210 28 MLD Snooping Commands 213 29 Multiple Spanning Tree Protocol MS...

Страница 3: ...44 System Log Commands 341 45 Time and SNTP Commands 346 46 Time Range Commands 352 47 Traffic Segmentation Commands 355 48 Virtual LAN VLAN Commands 357 49 Voice VLAN Commands 367 Appendix A System Log Entries 374 Appendix B Trap Entries 382 Appendix C RADIUS Attributes Assignment 388 Appendix D IETF RADIUS Attributes Support 390 Appendix E ERPS Information 391 ...

Страница 4: ...escription Boldface Font Commands command options and keywords are printed in boldface Keywords in the command line are to be entered exactly as they are displayed UPPERCASE ITALICS Font Parameters or values that must be specified are printed in UPPERCASE ITALICS Parameters in the command lineare to be replaced with the actual values that are desired to be used with the command Square Brackets Squ...

Страница 5: ... issued Usage Guideline If necessary a detailed description of the command and its various utilization scenarios is given here Example s Each command is accompanied by a practical example of the command being issued in a suitable scenario Command Modes There are several command modes available in the command line interface CLI The set of commands available to the user depends on both the mode the ...

Страница 6: ...onfiguration modes are not provided in this section For more information on the additional sub configuration modes the user should refer to the chapters relating to these functions The available command modes and privilege levels are described below Command Mode Privilege Level Purpose User EXEC Mode Basic User level This level has the lowest priority of the user accounts It is provided only to ch...

Страница 7: ...configuration modes In order to access the global configuration mode the user must be logged in with the corresponding account level and use the configure terminal command in the privileged EXEC mode In the following example the user is logged in as an Administrator in the Privileged EXEC Mode and uses the configure terminal command to access the Global Configuration Mode Switch configure terminal...

Страница 8: ...ass1234 creates a user account with the username of user1 and a password of pass1234 and assigns a privilege level value of 15 to the user The command line console allows us to access the console interface s Line Configuration Mode Save the running configuration to the start up configuration This means to save the changes made so that when the Switch is rebooted the configuration will not be lost ...

Страница 9: ...into the open module slot of the Switch The DXS 1210 Series does not support any open modules slots thus this parameters will always by zero for this switch series Lastly the Port s ID is the physical port number of the port being configured In summary the above example will configure the stacked switch with the ID of 1 with the open slot ID of 0 and the physical port number 1 Error Messages When ...

Страница 10: ...he remainder of the text will be shifted to the right When off text can be inserted in the line and old text will automatically be replaced with the new text Return Scrolls down to display the next line or used to issue a command Space Scrolls down to display the next page ESC Escapes from the displaying page Display Result Output Modifiers Results displayed by show commands can be filtered using ...

Страница 11: ...thernet 1 0 1 no dot1x pae authenticator dot1x control direction both dot1x forward pdu dot1x max req 2 dot1x timeout server timeout 30 dot1x timeout supp timeout 30 CTRL C ESC q Quit SPACE n Next PageENTER Next Entry a All The example below shows how to use the includeFILTER STRING parameter in a show command Switch show running config include AAA DXS 1210 12SC 10GbE Smart Managed Switch Configur...

Страница 12: ...orporation All rights reserved Basic LACP configure terminal lacp system priority 32768 port channel load balance src dst mac interface ethernet 1 0 1 lacp port priority 32768 lacp timeout short exit interface ethernet 1 0 2 lacp port priority 32768 lacp timeout short exit interface ethernet 1 0 3 lacp port priority 32768 lacp timeout short exit CTRL C ESC q Quit SPACE n Next PageENTER Next Entry ...

Страница 13: ... mark at the system prompt To obtain a list of commands that begin with a particular character string enter the abbreviated command entry immediately followed by a question mark This form of help is called word help because it lists only the keywords or arguments that begin with the abbreviation entered To list the keywords and arguments associated with a command enter a question mark in place of ...

Страница 14: ...the character Switch The following example shows how to use the word help to display all the Privileged EXEC Mode commands that begin with the letters re The letters entered before the question mark are reprinted on the next command line to allow the user to continue entering the command Switch re reboot reset Switch re The following example shows how to use the command syntax help to display the ...

Страница 15: ...ing off the Switch logout Parameters None Default None Command Mode User EXEC Mode Privilege EXEC Mode Command Default Level Level 1 Usage Guideline Use this command to close an active terminal session by logging out of the device Example This example shows how to logout Switch disable Switch logout 2 4end This command is used to end the current configuration mode and return to the highest mode in...

Страница 16: ...to the last mode If the current mode is the User EXEC Mode or the Privilege EXEC Mode executing the exit command logs you out of the current session exit Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to exit the current configuration mode and go back to the last mode When the user is in the User EXEC Mod...

Страница 17: ... most recent command Repeat the key sequence to recall successively older commands CTRL N or the Down Arrow key Returns to more recent commands in the history buffer after recalling commands with Ctrl P or the Up Arrow key Repeat the key sequence to recall successively more recent commands Example This example shows how to display the command buffer history Switch show history help history Switch ...

Страница 18: ...7C 11 79C Status code temperature is out of threshold range Detail Fan Status Right Fan 1 OK Right Fan 2 OK Switch 2 8show unit This command is used to display information about system units show unit Parameters UNIT ID Optional Specify the unit to display Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays information a...

Страница 19: ...ilization information show cpu utilization Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays the system s CPU utilization information in 5second 1minute and 5 minute intervals Example This example shows how to display the information about CPU utilization Switch show cpu utilization CPU Utilization Five...

Страница 20: ...sions DXS 1210 12SC H W A2 Bootloader 1 00 006 Runtime 1 15 005 Switch 2 11 snmp server enable traps environment This command is used to enable the power temperature and fan trap state snmp server enable traps environment fan temperature no snmp server enable traps environment fan temperature Parameters fan Optional Specifies to enable the fan trap state for warning fan event fan failed or fan rec...

Страница 21: ...resholds Use the no form of this command to revert to the default setting environment temperature threshold low high negative no environment temperature threshold low high negative Parameters high Optional Specifies the high threshold of the temperature in Celsius The range is from 100 to 200 low Optional Specifies the low threshold of the temperature in Celsius The range is from 100 to 200 The lo...

Страница 22: ...3 show privilege This command is used to display current privilege level show privilege Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display current privilege level Example This example shows how to display the current privilege level Switch Switch show privilege Current privilege level is 15 Swi...

Страница 23: ... previous range No space is allowed before and after the comma Optional Specifies a range of interfaces No space is allowed before and after the hyphen Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline This command is used to clear 802 1X counters diagnostics statistics and session statistics Example This example shows how to clear 802 1X counters diagno...

Страница 24: ...OL packets only All user traffic is blocked before authentication Example This example shows how to configure the controlled direction of the traffic through Ethernet eth1 0 1 as unidirectional Switch configure terminal Switch config interface eth 1 0 1 Switch config if dot1x control direction both Switch config if 3 3dot1x default This command is used to reset the IEEE 802 1X parameters on a spec...

Страница 25: ... Level 12 Usage Guideline This command takes effect only when IEEE 802 1X PAE authenticator is globally enabled by the dot1x system auth control command and is enabled for a specific port by using the dot1x PAE authenticator This command is only available for physical port interface configuration If the port control is set to force authorized then the port is not controlled in both directions If t...

Страница 26: ...witch config interface eth 1 0 1 Switch config if dot1x forward pdu Switch config if 3 6dot1x initialize This command is used to initialize the authenticator state machine on a specific port or associated with a specific MAC address dot1x initialize interface INTERFACE ID mac address MAC ADDRESS Parameters interface INTERFACE ID Specifies the port on which the authenticator state machine will be i...

Страница 27: ... that the Switch retransmits an EAP frame to the supplicant before restarting the authentication process The range is 1 to 10 Default By default this value is 2 Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline The command is only available for physical port interface configuration If no response to an authentication request from the supplicant within the tim...

Страница 28: ...ch configure terminal Switch config interface eth 1 0 1 Switch config if dot1x pae authenticator Switch config if This example shows how to disable IEEE 802 1X authentication on Ethernet port 1 0 1 Switch configure terminal Switch config interface eth 1 0 1 Switch config if no dot1x pae authenticator Switch config if 3 9dot1x re authenticate This command is used to re authenticate a specific port ...

Страница 29: ...e Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The 802 1X authentication function restricts unauthorized hosts from accessing the network Use the dot1x system auth control command to globally enable the 802 1X authentication control When 802 1X authentication is enabled the system will authenticate the 802 1X user ...

Страница 30: ...onds The supp timeout is 30 seconds The tx period is 30 seconds Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is only available for physical port interface configuration Example This example shows how to configure the servertimeout value supplicant timeout value and the TX period on Ethernet port 1 0 1 to be15 15 and 10 seconds respectively S...

Страница 31: ...l configuration Switch show dot1x 802 1X Enabled Trap State Enabled Switch This example shows how to display the dot1X configuration on Ethernet port 1 0 1 Switch show dot1x interface eth 1 0 1 Interface eth1 0 1 PAE Authenticator Control Direction Both Port Control Auto Tx Period 30 sec Supp Timeout 30 sec Server Timeout 30 sec Max req 2 times Forward PDU Disabled Switch 3 13 show dot1x diagnosti...

Страница 32: ...tion are following pnacPortAuthEntersConnecting 2 pnacPortAuthEapLogoffsWhileConnecting 0 pnacPortAuthEntersAuthenticating 2 pnacPortAuthAuthSuccessWhileAuthenticating 0 pnacPortAuthAuthTimeoutsWhileAuthenticating 0 pnacPortAuthAuthFailWhileAuthenticating 0 pnacPortAuthAuthReauthsWhileAuthenticating 0 pnacPortAuthAuthEapStartsWhileAuthenticating 1 pnacPortAuthAuthEapLogoffWhileAuthenticating 0 pna...

Страница 33: ... the statistics on the specified interface will be displayed Example This example shows how to display dot1X statistics on Ethernet port 1 0 1 Switch show dot1x statistics interface eth 1 0 1 eth1 0 1 dot1x statistics information EAPOL Frames RX 1 EAPOL Frames TX 4 EAPOL Start Frames RX 0 EAPOL Req Id Frames TX 6 EAPOL Logoff Frames RX 0 EAPOL Req Frames TX 0 EAPOL Resp Id Frames RX 0 EAPOL Resp F...

Страница 34: ...he session statistics on the specified interface will be displayed Example This example shows how to display dot1X session statistics on Ethernet port 1 0 1 Switch show dot1x session statistics interface eth 1 0 1 eth1 0 1 session statistic counters are following Octets RX 0 Octets TX 0 Frames RX 0 Frames TX 0 ID AuthenticMethod Remote Authentication Server Time 0 TerminateCause SupplicantLogoff U...

Страница 35: ...e Guideline This command can be used to enable or disable sending SNMP notifications for 802 1X authentication Example This example shows how to enable sending trap for 802 1X authentication Switch configure terminal Switch config snmp server enable traps dot1x Switch config ...

Страница 36: ...d values is from 1 to 32 Default The default start sequence number is 10 The default increment is 10 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This feature allows the user to re sequence the entries of a specified access list with an initial sequence number determined by the STARTING SEQUENCE NUMBER parameter and continuing in the increments determined b...

Страница 37: ...is command is used to enable the ACL hardware counter of the specified access list name for access group functions or access map for the VLAN filter function Use the no form of this command to disable the ACL hardware counter function acl hardware counter access group ACCESS LIST NAME ACCESS LIST NUMBER no acl hardware counter access group ACCESS LIST NAME ACCESS LIST NUMBER Parameters access grou...

Страница 38: ...fault Level Level 12 Usage Guideline If no access list name or number is specified with the parameter access group all access group hardware counters will be cleared If no access map name is specified with the parameter vlan filter all VLAN filter hardware counters will be cleared Example This example shows how to clear the ACL hardware counter Switch config clear acl hardware counter access group...

Страница 39: ...oming packets Switch configure terminal Switch config interface eth 1 0 2 Switch config if expert access group exp_acl in Switch config if end Switch show access group interface eth 1 0 2 eth1 0 2 Inbound expert access list exp_acl ID 8999 Switch 4 5expert access list This command is used to create or modify an extended expert ACL This command will enter into the extended expert access list config...

Страница 40: ... IP accesslist to be applied The maximum length is 32 characters NUMBER Specifies the number of the IP accesslist to be applied in Optional Specifies that the IP access list will be applied to check packets in the ingress direction If the direction is not specified in is used Default None Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline If an IP access group...

Страница 41: ...of the IP accesslist to be configured The maximum length is 32 characters The first character must be a letter NUMBER Specifies the ID number of the IP access list For standard IP access lists this value is from 1 to 1999 For extended IP access lists this value is from 2000 to 3999 Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The name must be u...

Страница 42: ...erface will consume the filtering entry resource in the switch controller If the resource is insufficient to commit the command then an error message will be displayed There is a limitation on the number of port operator resources If applying the command exhausts the available port selectors then an error message will be displayed Example This example shows how to specify the IPv6 accesslist ip6 c...

Страница 43: ...d number in the range of the IPv6 access list numbers will be assigned automatically Example This example shows how to configure an IPv6 extended accesslist named ip6 control Switch configure terminal Switch config ipv6 access list extended ip6 control Swtich config ipv6 ext acl rule permit tcp any 2002 f03 1 16 Switch config ipv6 ext acl This example shows how to configure an IPv6 standard access...

Страница 44: ... from the interface mac access group NAME NUMBER in no mac access group NAME NUMBER in Parameters NAME Specifies the name of the MAC accesslist to be applied NUMBER Specifies the number of the MAC accesslist to be applied in Optional Specifies that the MAC access list will be applied to check in the ingress direction If direction is not specified in is used Default None Command Mode Interface Conf...

Страница 45: ...his value is from 6000 to 7999 Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to enter the MAC access list configuration mode and use the permit or deny command to specify the entries The name must be unique among all access lists The characters of the name are case sensitive If the accesslist number is not specified the biggest ...

Страница 46: ...ence number The range is from 1 to 65535 The lower the number is the higher the priority of the permit deny rule cos OUTER COS Optional Specifies the outer priority value This value must be between 0 and 7 vlan OUTER VLAN Optional Specifies the outer VLAN ID any Specifies to use any source MAC address any destination MAC address any source IP address or any destination IP address host SRC MAC ADDR...

Страница 47: ...ssage type is from 0 to 255 ICMP CODE Optional Specifies the ICMP message code The valid number for the message code is from 0 to 255 ICMP MESSAGE Optional Specifies the ICMP message The following pre defined parameters are available for selection beyond scope destination unreachable echo reply echo request header hop limit mld query mld reduction mld report nd na nd ns next header no admin no rou...

Страница 48: ... permit deny udp any host SRC IP ADDR SRC IP ADDR SRC IP WILDCARD eq lt gt neq PORT range MIN PORT MAX PORT any host DST IP ADDR DST IP ADDR DST IP WILDCARD eq lt gt neq PORT range MIN PORT MAX PORT precedence PRECEDENCE tos TOS dscp DSCP time range PROFILE NAME rule SEQUENCE NUMBER permit deny icmp any host SRC IP ADDR SRC IP ADDR SRC IP WILDCARD any host DST IP ADDR DST IP ADDR DST IP WILDCARD I...

Страница 49: ...ot equal to the specified port number range MIN PORT MAX PORT Optional Specifies to match if fall within the range of ports TCP FLAG Optional Specifies the TCP flag fields and the specified TCP header bits calledack acknowledge fin finish psh push rst reset syn synchronize or urg urgent fragments Optional Specifies the packet fragment s filtering time range PROFILE NAME Optional Specifies the name...

Страница 50: ...be specified Example This example shows how to create four entries for an IP extended access list named Strict Control These entries are permit TCP packets destined to network 10 20 0 0 permit TCP packets destined to host 10 100 1 2 permit all TCP packets go to TCP destination port 80 and permit all ICMP packets Switch configure terminal Switch config ip access list extended Strict Control Switch ...

Страница 51: ...ers SEQUENCE NUMBER Specifies the sequence number The range is from 1 to 65535 The lower the number is the higher the priority of the permit deny rule any Specifies any source IPv6 address or any destination IPv6 address host SRC IPV6 ADDR Specifies a specific source host IPv6 address SRC IPV6 ADDR PREFIX LENGTH Specifies a source IPv6 network host DST IPV6 ADDR Specifies a specific destination ho...

Страница 52: ...mber will be automatically assigned If it is the first entry the sequence number 10 is assigned A subsequent rule entry will be assigned a sequence number that is 10 greater than the largest sequence number in that access list and is placed at the end of the list The user can use the command access list sequence to change the start sequence number and increment number for the specified access list...

Страница 53: ... source MAC address or any destination MAC address host SRC MAC ADDR Specifies a specific source host MAC address SRC MAC ADDR SRC MAC WILDCARD Specifies a group of source MAC addresses by using a wildcard bitmap The bit corresponding to the bit value 1 will be ignored The bit corresponding to the bit value 0 will be checked host DST MAC ADDR Specifies a specific destination host MAC address DST M...

Страница 54: ...nce number that is already present an error message will be displayed Multiple entries can be added to the list and you can use permit for one entry and use deny for the other entry Different permit and deny commands can match different fields available for setting Example This example shows how to configure MAC access entries in the profile daily profile to allow two sets of source MAC addresses ...

Страница 55: ... display a listing of all IPv6 accesslists expert Optional Specifies to display a listing of all expert accesslists NAME NUMBER Specifies to display the contents of the specified accesslist arp Specifies to display the ARP access list Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays access list information If no optio...

Страница 56: ...D Switch show access list ip R D IP access list R D ID 3996 10 permit tcp any 10 20 0 0 0 0 255 255 20 permit tcp any host 10 100 1 2 30 permit icmp any any Switch This example shows how to display the content for the accesslist if its hardware counter is enabled Switch show access list ip simple ip acl IP access list simple ip acl ID 3994 10 permit tcp any 10 20 0 0 0 0 255 255 Ing 12410 packets ...

Страница 57: ... two access lists can be applied to a line If two access lists are already applied an attempt to apply a new access list will be rejected until an applied access list is removed by the no form of this command Example This example shows how a standard IP access list is created and is specified as the access list to restrict access via Telnet Only the host 226 1 1 1 is allowed to access the server S...

Страница 58: ...form of this command todisable the HTTPS server function ip http secure server ssl service policy POLICY NAME no ip http secure server Parameters POLICY NAME Optional Specifies the SSL service policy name Use this ssl service policy keyword only if you have already declared an SSL service policy using the ssl service policy command When no keywordis specified a built in local certificate will be u...

Страница 59: ...es not take effect thus no access list is checked for the user s access to HTTP Example This example shows how a standard IP access list is created and is specified as the access list to access the HTTP server Only the host 226 1 1 1 is allowed to access the server Switch configure terminal Switch config ip access list http filter Switch config ip acl rule permit 226 1 1 1 255 255 255 255 Switch c...

Страница 60: ...t to default value ip http timeout policy idle INT no ip http timeout policy idle Parameters INT Specifies the idle timeout value This value is between 60 and 36000 Default By default this value is 180 seconds Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is use to configure the idle timeout value of a http server connection in seconds Example T...

Страница 61: ...t This command is used to specify the service port for Telnet Use the no form of this command to revert to the default setting ip telnet service port TCP PORT no ip telnet service port Parameters TCP PORT Specifies the TCP port number TCP ports are numbered between 1 and 65535 The well known TCP port for the TELNET protocol is 23 Default By default this value is 23 Command Mode Global Configuratio...

Страница 62: ...the Line Configuration Mode for the console terminal line and configures its access class as vty filter Switch configure terminal Switch config line console Switch config line access class vty filter Switch config line 5 10 service password encryption This command is used to enable the encryption of the password before stored in the configuration file Use the no form of this command todisable the ...

Страница 63: ...e password affected by this command includes the user account password enable password and the authentication password Example This example shows how to enable the encryption SHA 1 of the password before stored in the configuration file Switch configure terminal Switch config service password encryption 7 Switch config 5 11 show terminal This command is used to obtain information about the termina...

Страница 64: ...on mode show ip telnet server Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display information about the Telnet server status Example This example shows how to display information about the Telnet server status Switch show ip telnet server Server State Enabled Switch 5 13 show ip http server This com...

Страница 65: ...witch show ip http server ip http server state enable Switch 5 14 show users This command is used to display information about the active lines on the Switch show users Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays information about the active lines on the Switch Example This example shows how to di...

Страница 66: ...e 50 then the display will stop after every 50 lines The terminal length is used to set the number of lines displayed on the current terminal screen This command also applies to Telnet and SSH sessions Valid entries are from 0 to 512 The default is 24 lines A selection of 0 s instructs the Switch to scroll continuously no pausing Output from a single command that overflows a single display screen ...

Страница 67: ...it doesn t affect any current sessions terminal width NUMBER no terminal width Parameters NUMBER Specifies the number of characters to display on the screen Valid values are from 40 to 255 Default By default this value is 80 characters Command Mode Use the EXEC Mode or Privilege EXEC Mode for the terminal width command Command Default Level Level 1 for the terminal width command Usage Guideline By...

Страница 68: ...L Optional Specifies the privilege level for each user The privilege level must be between 1 and 15 nopassword Optional Specifies that there will be no password associated with this account password Optional Specifies the password for the user 0 Optional Specifies the password in clear plain text The password length is between 1 and 32 characters and can contain embedded spaces It is case sensitiv...

Страница 69: ...tion is enabled the password will be converted to the encrypted form If the no username command is used without the user name specified all users are removed By default the user account is empty When the user account is empty the user will be directly in the User EXEC Mode at Level 1 The user can further enter the Privileged EXEC Mode using the enable command Example This example shows how to crea...

Страница 70: ...sed to display information about the password encryption show service password encryption Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays information about the password encryption Example This example shows how to display password encryption Switch show service password encryption Password Encryption ...

Страница 71: ...to display information about the http or telnet service port show ip http telnet service port Parameters http Specifies the http service port telnet Specifies the telnet service port Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays information about the http or telnet service port Example This example shows how to dis...

Страница 72: ... as the access list to restrict the access to ping switch Only the host 226 1 1 1 is allowed to access the server Switch configure terminal Switch config ip access list ping filter Switch config ip acl rule permit 226 1 1 1 255 255 255 0 Switch config ip acl exit Switch config ping access class ping filter Switch config 5 24 ip https access class This command is used to specify an access list to r...

Страница 73: ...ip https access class https filter Switch config 5 25 show trusted host This command is used to display trusted host information of telnet ping http https show trusted host telnet ping http https Parameters telnet Specifies the telnet trusted host information ping Specifies the ping trusted host information http Specifies http telnet trusted host information https Specifies https telnet trusted ho...

Страница 74: ...uration Mode Command Default Level Level 12 Usage Guideline Use this command to enable or disable the asymmetric VLAN function Example This example shows how to enable asymmetric VLAN Switch configure terminal Switch config asymmetric vlan This example shows how to disable asymmetric VLAN Switch configure terminal Switch config no asymmetric vlan 6 2 show asymmetric vlan This command is used to di...

Страница 75: ...Switch CLI Reference Guide 72 Usage Guideline This command displays asymmetric VLAN information Example This example shows how to display asymmetric VLAN information Switch show asymmetric vlan Asymmetric VLAN State Disabled Switch ...

Страница 76: ... use the server groups defined by the AAA group server none Normally the method is listed as the last method The user will pass authentication if it is not denied by previous method authentication Default No AAA authentication method is configured Command Mode Global Configuration Mode Command Default Level Level 15 Usage Guideline Use this command to configure the default authentication method li...

Страница 77: ...to enter the RADIUS group server configuration mode Use the server command to associate the RADIUS server hosts with the RADIUS server group Example This example shows how to create a RADIUS server group with two entries The second host entry acts as backup to the first entry Switch configure terminal Switch config aaa group server radius group1 Switch config sg radius server 172 19 10 100 Switch ...

Страница 78: ...s When the setting is 0 the unresponsive server will not be marked as dead Default By default this value is 0 Command Mode Global Configuration Mode Command Default Level Level 15 Usage Guideline This command can be used to improve the authentication processing time by setting the dead time to skip the unresponsive server host entries When the system performs authentication with the authentication...

Страница 79: ... can be associated with the RADIUS server group using the server command Example This example shows how to create two RADIUS server hosts with the different IP address Switch configure terminal Switch config radius server host 172 19 10 100 auth port 1500 Switch config radius server host 172 19 10 101 auth port 1600 Switch config 7 6server RADIUS This command is used to associate a RADIUS server h...

Страница 80: ...g sg radius exit Switch config 7 7server TACACS This command is used to associate a TACACS server with a server group Use the no form of this command to remove a server from the server group server IP ADDRESS IPV6 ADDRESS no server IP ADDRESS IPV6 ADDRESS Parameters IP ADDRESS Specifies the IPv4 address of the authentication server IPV6 ADDRESS Specifies the IPv6 address of the authentication serv...

Страница 81: ...ch config sg tacacs exit Switch config 7 8show aaa This command is used to display the AAA global state show aaa Parameters None Default None Command Mode Privilege EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display the AAA global state Example This example shows how to display the AAA global state Switch show aaa AAA is enabled Switch 7 9...

Страница 82: ...equests The number of RADIUS Access Request packets sent to this server This does not include retransmissions Access Accepts The number of RADIUS Access Accept packets valid or invalid received from this server Access Rejects The number of RADIUS Access Reject packets valid or invalid received from this server Access Challenges The number of RADIUS Access Challenge packets valid or invalid receive...

Страница 83: ...ent and decremented due to receipt of a Response a timeout or retransmission Timeouts The number of timeouts to this server After a timeout the client may retry to the same server send to a different server or give up A retry to the same server is counted as a retransmit as well as a timeout A send to a different server is counted as a Request as well as a timeout Unknown Types The number of RADIU...

Страница 84: ...l 12 Usage Guideline The ARP table keeps the network layer IP address to local data link MAC address association The association is kept so that the addresses will not have to be repeatedly resolved Use this command to add static ARP entries Example This example shows how to add a static ARP entry for a typical Ethernet host Switch configure terminal Switch config arp 10 31 7 19 0800 0900 1834 Swi...

Страница 85: ...r the dynamic ARP entries from the table clear arp cache all interface INTERFACE ID IP ADDRESS Parameters all Specifies to clear the dynamic ARP cache entries associated with all interfaces INTERFACE ID Specifies the interface ID IP ADDRESS Specifies the IP address of the specified dynamic ARP cache entry that will be cleared Default None Command Mode Privileged EXEC Mode Command Default Level Lev...

Страница 86: ...ed by the DHCP server For manual assignment the user can assign multiple networks to a VLAN each with an IP address Among these multiple IP addresses one of them must be the primary IP address and the rest are secondary IP address The primary address will be used as the source IP address for SNMP trap messages or SYSLOG messages that are sent out from the interface Use the no ip address command to...

Страница 87: ...entry all ARP entries dynamic entries or static entries or entries associated with an IP interface Example This example shows how to display the ARP cache Switch show arp S Static Entry IP Address Hardware Addr IP Interface Age min S 10 31 7 19 08 00 09 00 18 34 vlan1 forever 10 90 90 90 00 01 02 03 04 00 vlan1 forever Total Entries 2 Switch 8 6show arp timeout This command is used to display the ...

Страница 88: ... information for the specified IP interface brief Optional Specifies to display a summary of the IP interface information Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline If no parameter is specified information for all the interfaces will be displayed Example This example shows how to display the brief information of the IP interface Swit...

Страница 89: ...guration Mode Command Default Level Level 12 Usage Guideline The IPv4 address of an interface can be either manually assigned by the user or dynamically assigned by the DHCP server For manual assignment the user can assign multiple networks to a VLAN each with an IP address Among these multiple IP addresses one of them must be the primary IP address and the rest are secondary IP address The primar...

Страница 90: ...r cache entries Example This example shows how to clear IPv6 neighbor cache entries associated with interface VLAN 1 Switch enable Switch clear ipv6 neighbors vlan1 Switch 9 2 ipv6 address This command is used to manually configure an IPv6 addresses on the interface Use the no form of this command to delete a manually configured IPv6 address ipv6 address IPV6 ADDRESS PREFIX LENGTH IPV6 ADDRESS lin...

Страница 91: ...ix only one IPv6 address can be configured When the IPv6 address is configured on an interface IPv6 processing is enabled for the interface The prefix of the configured IPv6 address will automatically be advertised as prefix in the RA messages transmitted on the interface Example This example shows how to configure an IPv6 address Switch configure terminal Switch config interface vlan 2 Switch con...

Страница 92: ...erfaces that have no IPv6 address explicitly configured ipv6 enable no ipv6 enable Parameters None Default By default this option is disabled Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline When the IPv6 address is explicitly configured on the interface the IPv6 link local address is automatically generated and the IPv6 processing is started When the interf...

Страница 93: ...ate if the interface is UP or in the INCOMPLETE state if the interface is down The reachable detection process will not be applied to the static entries The clear ipv6 neighbors command will clear the dynamic neighbor cache entries Use the no ipv6 neighbor command to delete a static neighbor entry Example This example shows how to create a static ipv6 neighbor cache entry Switch configure terminal...

Страница 94: ...rief IPv6 interface information Switch show ipv6 interface brief vlan1 is up Link status is up FE80 201 1FF FE02 304 vlan2 is up Link status is down FE80 201 1FF FE02 305 200 2 vlan3 is up Link status is down FE80 201 1FF FE02 306 Total Entries 3 Switch 9 7 show ipv6 neighbors This command is used to display IPv6 neighbor information show ipv6 neighbors INTERFACE ID IPV6 ADDRESS Parameters IPV6 AD...

Страница 95: ...sponding neighbor advertisement message was received and the reachable time in milliseconds has not elapsed yet It indicates that the neighbor was functioning properly STALE More than the reachable time in milliseconds have elapsed since the last confirmation was received PROBE Sending the neighbor solicitation message to confirm the reachability 9 8 ipv6 nd ns interval This command is used to set...

Страница 96: ...DXS 1210 Series Smart Managed Switch CLI Reference Guide 93 Switch configure terminal Switch config interface vlan 1 Switch config if ipv6 nd ns interval 1200 Switch config if ...

Страница 97: ...se the test cable diagnostics command to start the test The copper port can be in one of the following status Open The cable in the error pair does not have a connection at the specified position Short The cable in the error pair has a short problem at the specified position Open or Short The cable has an open or short problem but the PHY has no capability to distinguish between them Crosstalk The...

Страница 98: ...s example shows how to display the test results for the cable diagnostics Switch show cable diagnostics Port Type Link Status Test Result Cable Length M eth1 0 1 1000BASE T Link Up OK 65 eth1 0 2 1000BASE T Link Up OK eth1 0 3 1000BASE T Link Down Shutdown 25 eth1 0 4 1000BASE T Link Down Shutdown eth1 0 5 1000BASE T Link Down Unknown eth1 0 6 1000BASE T Link Down Pair 1 Crosstalk at 30M Pair 2 Cr...

Страница 99: ...from a previous range No space before and after the comma Optional Specifies a range of interfaces No space before and after the hyphen Default None Command Mode EXEC Mode Command Default Level Level 1 Usage Guideline This command is used to clear the test results for the cable diagnostics If the test is running on the interface an error message will be displayed Example This example shows how to ...

Страница 100: ... a problem Example This example shows how to display technical support information of all the modules Switch debug show tech support DXS 1210 12SC 10GbE Smart Managed Switch Technical Support Information Firmware V1 15 005 Copyright C 2017 D Link Corporation All rights reserved Basic System Information Boot Time 0 days 3 hrs 21 min 35 secs RTC Time 01 01 2017 03 21 34 Boot PROM Version V1 00 006 F...

Страница 101: ...and Mode Privileged EXEC Mode or Any Configuration Mode Command Default Level Level 15 Usage Guideline Use this command to display the information about CPU utilization Example This example shows how to display the CPU utilization per process information Switch debug show cpu utilization Five seconds 12 Process Name 5Sec OS_UTIL 89 bcmCNTR 0 2 FAN_Pooling 2 bcmLINK 0 1 GBIC_Pooling 1 bcmL2X 0 1 HI...

Страница 102: ...er Option 60 to be sent with the DHCP discover message This specification only applies to the subsequent sending of the DHCP discover messages The setting only takes effect when the DHCP client is enabled on the interface to acquire the IP address from the DHCP server The vendor class identifier specifies the type of device that is requesting an IP address Example This example shows how to enable ...

Страница 103: ...gure terminal Switch config interface vlan 100 Switch config if ip dhcp client client id vlan 100 Switch config if 12 3 ip dhcp client hostname This command is used to specify the value of the host name option to be sent with the DHCP discover message Use the no form of this command to revert the setting to the default ip dhcp client hostname HOST NAME no ip dhcp client hostname Parameters HOST NA...

Страница 104: ...to 10000 days HOURS Optional Specifies the hour duration of the lease The range is from 0 to 23 hours MINUTES Optional Specifies the minute duration of the lease The range is from 0 to 59 minutes Default The lease option is not sent Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline The setting only takes effect when the DHCP client is enabled to request the I...

Страница 105: ...ry times Example This example shows how to set DHCP retry times Switch config configure terminal Switch config dhcp retry times 10 Switch config 12 6 show dhcp retry times This command is used to display DHCP retry times show dhcp retry times Parameters None Default None Command Mode EXEC Mode Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display DHCP...

Страница 106: ...hcp interface INTERFACE ID Parameters INTERFACE ID Specifies the interface ID Default None Command Mode EXEC Mode Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display the DHCP related settings on the interface Example This example shows how to display the DHCP related settings on the interface Switch config show ip dhcp interface Interface vlan1 DHCP...

Страница 107: ... dropped The Switch port receives a packet such as a DHCPOFFER DHCPACK or DHCPNAK packet from a DHCP server outside the firewall If ip dhcp snooping verify mac address is enabled the source MAC in the Ethernet header must be the same as the DHCP client hardware address to pass the validation The untrusted interface receives a DHCP packet that includes a relay agent IP address that is not 0 0 0 0 o...

Страница 108: ... to service specific clients If a binding entry is defined without the client s MAC address then the server message with the specified server IP address in the payload will be permitted These binding entries restrict that only specific servers are allowed to offer DHCP server services Example This example shows how to configure a DHCP server screen profile named campus profile which contains a lis...

Страница 109: ...r screen configure mode dhcp server screen profile PROFILE NAME no dhcp server screen profile PROFILE NAME Parameters PROFILE NAME Specifies the profile name with a maximum of 32 characters Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to enter the DHCP server screen configuration mode to define a server screen profile The profi...

Страница 110: ...e client addresses contained in the profile is forwarded If an entry is defined without the client s MAC address then the server message with the specified server IP address will be forwarded Each server can only have one corresponding entry in the table If the entry is defined with a profile but the entry does not exist then messages with the server IP specified by the entry are not forwarded Exa...

Страница 111: ...ll be discarded but the event will not be sent to the syslog module If the user specifies a buffer size less than the current entry number then the log buffer will automatically be cleared Example This example shows how to change the maximum buffer number to 64 Switch configure terminal Switch config ip dhcp snooping server screen log buffer entries 64 Switch config 13 7 show ip dhcp server screen...

Страница 112: ...aps dhcp server screen Parameters None Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline When DHCP Server Screen is enabled and the Switch receives the forge DHCP Server packet the Switch will log the event if any attacking packet is received You can use this command to enable or disable the sending of the SNMP notifica...

Страница 113: ...reen profile Profile Name Client MAC campus 00 08 01 02 03 04 campus 00 08 01 03 00 01 Total Entries 2 Switch 13 10 show dhcp server screen profile This command is used to display information about the DHCP server screening profile settings show dhcp server screen profile Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Thi...

Страница 114: ...eline Use this command to display the DHCP server screen SNMP trap state Example This example shows how to display the DHCP server screen SNMP trap state Switch show snmp server traps dhcp server screen dhcp server screen Disabled Switch 13 12 show dhcp server screen This command is used to display information about the DHCP server screening interface settings show dhcp server screen interface INT...

Страница 115: ... dhcp server screen Interface State Server IP Profile Name eth1 0 1 Disabled eth1 0 2 Disabled eth1 0 3 Disabled eth1 0 4 Disabled eth1 0 5 Disabled eth1 0 6 Disabled eth1 0 7 Disabled eth1 0 8 Disabled eth1 0 9 Disabled eth1 0 10 Disabled eth1 0 11 Disabled eth1 0 12 Disabled Total Entries 12 Switch Switch show dhcp server screen interface ethernet 1 0 1 Interface State Server IP Profile Name eth...

Страница 116: ...ne Use this command to display the device s DHCPv6 DUID or use the show ipv6 dhcp interface command to display DHCPv6 related setting for interfaces If the interface ID is not specified all interfaces with the DHCPv6 function will be displayed Example This example shows how to display the DHCPv6 setting for interface VLAN 1 when VLAN 1 is DHCPv6 disabled Switch show ipv6 dhcp interface vlan1 vlan1...

Страница 117: ...client function globally or per physical port based When DDP is disabled on a port the port will neither process nor generate DDP message DDP messages received by the port are flooded in VLAN Example This example shows how to enable DDP globally Switch configure terminal Switch config ddp Switch config This example shows how to enable DDP on port 1 0 1 Switch configure terminal Switch config inter...

Страница 118: ...ine Use this command to configure interval between two consecutive DDP report messages Example This example shows how to configure interval to 60 seconds Switch configure terminal Switch config ddp report timer 60 Switch config 15 3 show ddp This command is used to display the switch DDP configurations show ddp interfaces INTERFACE ID Parameters INTERFACE ID Specifies to the interface ID Default N...

Страница 119: ...I Reference Guide 116 Switch show ddp D Link Discovery Protocol state Enabled Report timer 60 seconds Switch This example shows how to display DDP on port 1 0 1 Switch show ddp interface ethernet 1 0 1 Interface State eth1 0 1 Enabled Switch ...

Страница 120: ...send packets with TCP UDP source port equals to destination port to the target device It may cause the target device respond to itself Land A LAND attack involves with IP packets where the source and destination address are set to address of the target device It may cause the target device reply to itself continuously TCP NULL scan Port scanning by using specific packets which contain a sequence n...

Страница 121: ...ism on all supported types Switch configure terminal Switch config dos prevention all Switch config This example shows how to disable the DoS prevention mechanism for all supported types Switch configure terminal Switch config no dos prevention all Switch config 16 2 show dos prevention This command is used to display the DoS prevention status and related drop counters show dos prevention DOS ATTA...

Страница 122: ...Switch 16 3 snmp server enable traps dos prevention This command is used to enable sending SNMP notifications for DoS attacking Use the no form of this command to disable sending SNMP notifications snmp server enable traps dos prevention no snmp server enable traps dos prevention Parameters None Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level...

Страница 123: ...DXS 1210 Series Smart Managed Switch CLI Reference Guide 120 Switch configure terminal Switch config snmp server enable traps dos prevention Switch config ...

Страница 124: ...ate Specifies to enable the auto recovery option foran error port caused by DHCP rate limiting loopback detect Specifies to enable the auto recovery option foran error port caused by loop detection interval SECONDS Specifies the time in seconds to recover the port from the error state caused by the specified module The valid value is 5 to 86400 The default value is 300 seconds Default Auto recover...

Страница 125: ...ne Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to verify the settings of the error disable recovery timer Example This example shows how to display the settings of the error disable recovery timer Switch config show errdisable recovery ErrDisable Cause State Interval Port Security disabled 120 seconds Storm Control disabled 120 se...

Страница 126: ...e is no limit for the notification rate Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command with the parameters asserted and cleared enables or disables the notifications for the state change of the error disabled state If you enter the command with one of the parameters only the specified notification type is enabled or disabled The state or value of...

Страница 127: ...vel Level 1 Usage Guideline Use this command to verify the settings of the SNMP notifications for error disabled state Example This example shows how to display the settings of the SNMP notifications for error disabled state Switch show snmp server traps error disable Error Disable Trap Asserted disabled Cleared disabled Notification Rate 0 ...

Страница 128: ...age Guideline This command is used to configure the description for the ERP instances Example This example shows how to configure the description for the ERP instances Switch configure terminal Switch config erps instance 1 Switch config erp instance description custom description Switch config erp instance 18 2 ring This command is used to create or modify an ITU T G 8032 ERP physical ring and en...

Страница 129: ...no form of this command to delete the specified profile erps profile PROFILE NAME no erps profile PROFILE NAME Parameters PROFILE NAME Specifies the name of the G 8032 profile with the maximum of 32 characters Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to create modify or delete a G 8032 profile and enter the ERP profile ...

Страница 130: ...isabled state Each ERP instances should have distinct APS channel VLAN Example This example shows how toconfigure the APS channel VLAN 2 for the ERP instance 1 Switch config erps instance 1 Switch config erp instance r aps channel vlan 2 Switch config erp instance 18 5 inclusion list vlan ids This command is used to configure VLAN IDs protected by the ERP mechanism Use the no form of this command ...

Страница 131: ... this command to remove an ERP instance erps instance INSTANCE ID no erps instance INSTANCE ID Parameters INSTANCE ID Specifies an ERP instance number The valid values are from 1 to 32 Default None Command Mode ERP Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to create or remove an ERP instance and enter ERP instance configuration mode Example This example...

Страница 132: ...witch config erp instance level 6 Switch config erp instance 18 8 profile This command is used to associate an ERP instance with a G 8032 profile Use the no form of this command to remove the association profile PROFILE NAME Parameters PROFILE NAME Specifies the profile name to be associated with the ERP instance Default None Command Mode ERP Instance Configuration Mode Command Default Level Level...

Страница 133: ...guration Mode Command Default Level Level 12 Usage Guideline This command is used to specify or remove the first ring port of a physical ring Example This example shows how to configure the interface eth1 0 1 as the first ring port of the G 8032 ring ring1 Switch configure terminal Switch config erps instance 1 Switch config erps instance port0 interface eth 1 0 1 Switch config erps instance 18 10...

Страница 134: ...lt Level Level 12 Usage Guideline When a defect was cleared the traffic channel will revert after the WTR timer has expired which is used to avoid toggling protection states caused by intermitted defects In the non revertive operation the traffic channel continues to use the RPL if it did not fail after a switch link defect condition was cleared Since in Ethernet ring protection the working transp...

Страница 135: ...age Guideline This command is used to configure the node as the RPL owner or RPL neighbor or assign the port as the RPL port Example This example shows how to configure port0 as the RPL port of the ERP instance 1 Switch configure terminal Switch config erps instance 1 Switch config erp instance rpl port0 Switch config erp instance 18 13 show ethernet ring g8032 This command is used to display info...

Страница 136: ...alid r aps vlan Protected VLAN Profile Guard timer 500 milliseconds Hold Off timer 0 milliseconds WTR timer 5 minutes Revertive Instance State Deactivated Admin RPL Operational RPL Admin Port0 eth1 0 1 Operational Port0 eth1 0 1 Port0 State Forwarding Admin Port1 eth1 0 2 Operational Port1 eth1 0 2 Port1 State Forwarding Admin RPL Port Operational RPL Port Ethernet ring campus instance 0 Descripti...

Страница 137: ...es is operated in revertively or non revertively in the profile Instance State Current ring node status of ERP instance Deactivated Init Idle Protection Admin Operational RPL Current config running config ring node role of ERPS instance Owner None Admin Operational Port0 port1 Current config running config ring port role Interface_id none Admin Operational RPL Port Current config running RPL port0...

Страница 138: ... the specified APS channel does not exist or the specified ports are not the tagged member port of the APS channel VLAN Example This example shows how to activate the instance 1 Switch configure terminal Switch config erps instance 1 Switch config erp instance activate Switch config erp instance 18 15 timer This command is used to configure timers for an ERP domain Use the no form of this command ...

Страница 139: ... WTR timer is 5 minutes Command Mode G 8032 Profile Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to configure timers for an ERP domain Example This example shows how to configure guard timer to 700 for the profile campus Switch configure terminal Switch config erps profile campus Switch config erps profile timer guard 700 ...

Страница 140: ... or a port channel vlan VLAN ID Specifies the VLAN ID The valid values are from 1 to 4094 Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline Using this command only clears dynamic MAC address entries Only the dynamic unicast address entry will be cleared Example This example shows how to remove the MAC address 00 08 00 70 00 07 from the dynamic MAC addres...

Страница 141: ...disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The source MAC address triggered update function is always enabled The hit bit of MAC address entries corresponding to the port that receives the packet will be updated based on the source MAC address and the VLAN of the packet When the user enables the destination MAC address triggered update function b...

Страница 142: ...Use this commands to enable or disable MACaddress learning on a physical port Example This example shows how to enable the MAC address learning option Switch configure terminal Switch config mac address table learning interface eth1 0 5 Switch config 19 5 mac address table static This command is used to add a static address to the MAC address table Use the no form of this command to remove a stati...

Страница 143: ...icast MAC address entry Example This example shows how to add the static address C2 F3 22 0A 12 F4 to the MAC address table It also specifies that when any packet received on VLAN 4 that has a destination MAC address of C2 F3 22 0A 12 F4 will be forwarded to the Ethernet interface 1 0 1 Switch configure terminal Switch config mac address table static C2 F3 22 0A 12 F4 vlan 4 interface eth1 0 1 Swi...

Страница 144: ... multicast filtering mode on VLAN 100 to filter unregistered Switch configure terminal Switch config vlan 100 Switch config vlan multicast filtering mode filter unregistered Switch config vlan 19 7 show mac address table This command is used to display a specific MAC address entry or the MAC address entries for a specific interface or VLAN show mac address table dynamic static address MAC ADDR int...

Страница 145: ...is example shows how to display all the static MAC address table entries Switch show mac address table static VLAN MAC Address Type Ports 4 00 01 00 02 00 04 Static eth1 0 2 4 C2 F3 22 0A 12 F4 Static port channel2 6 00 01 00 02 00 07 Static eth1 0 1 6 00 01 00 02 00 10 Static Drop Total Entries 6 Switch This example shows how to display all the MAC address table entries for VLAN 1 Switch show mac...

Страница 146: ...to display the MAC address learning state show mac address table learning interface INTERFACE ID Parameters INTERFACE ID Optional Specifies the interface to be display Optional Specifies a series of interfaces or separate a range of interfaces from a previous range No spaces before and after the comma Optional Specifies a range of interfaces No spaces before and after the hyphen Default None Comma...

Страница 147: ...mmand is used to display the filtering mode for handling multicast packets that are received on an interface show multicast filtering mode interface VLAN ID Parameters interfaceVLAN ID Optional Specifies the VLAN to display Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Example This example shows how to display the multicast filtering mo...

Страница 148: ... Command Default Level Level 12 Usage Guideline This command is used to clear the IGMP snooping related statistics Example This example shows how to clear all IGMP Snooping statistics Switch clear ip igmp snooping statistics all Switch 20 2 ip igmp snooping This command is used to enable the IGMP snooping function on the Switch Use the no form of this command to disable the IGMP snooping function ...

Страница 149: ... config This example shows how to disable IGMP snooping on VLAN1 Switch configure terminal Switch config vlan 1 Switch config vlan no ip igmp snooping Switch config vlan 20 3 ip igmp snooping fast leave This command is used to configure IGMP Snooping fast leave on the interface Use the noform to disable the fast leave option on the specified interface ip igmp snooping fast leave no ip igmp snoopin...

Страница 150: ...ine The command is only available for VLAN interface configuration On receiving an IGMP leave message the IGMP snooping querier will assume that there are no local members on the interface if there are no reports received after the response time Users can lower this interval to reduce the amount of time it takes a switch to detect the loss of the last member of a group Example This example shows h...

Страница 151: ... interface configuration To specify a multicast router port the valid interface can be a physical port or a port channel The specified multicast router port must be member port of the configured VLAN A multicast router port can be either dynamic learned or statically configured With the dynamic learning the IGMP snooping entity will learn IGMP PIM or DVMRP packet to identify a multicast router por...

Страница 152: ...ing query interval Parameters SECONDS Specifies to configure the interval at which the designated router sends IGMP general query messages The range is 1 to 31744 Default By default this value is 125 seconds Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is only available for VLAN interface configuration The query interval is the interval betw...

Страница 153: ...age before the IGMP Snooping deletes the membership Example This example shows how to configure the maximum response time to 20 seconds on VLAN 1000 Switch configure terminal Switch config vlan 1000 Switch config vlan ip igmp snooping query max response time 20 Switch config vlan 20 9 ip igmp snooping query version This command is used to configure the general query packet version sent by the IGMP...

Страница 154: ...stness variable The range is from 1 to 7 Default By default this value is 2 Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is only available for VLAN interface configuration The robustness variable provides fine tuning to allow for expected packet loss on an interface The value of the robustness variable is used in calculating the following IG...

Страница 155: ...evious range No space is allowed before and after the comma Optional Specifies a range of interfaces No space is allowed before and after the hyphen Default By default no static group is configured Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is only available for VLAN interface configuration This command applies to IGMP snooping on a VLAN i...

Страница 156: ...igmp snooping vlan 2 IGMP snooping state Disabled Fast leave Enabled host based Querier state Enabled Non active Query version v2 Query interval 300 seconds Max response time 20 seconds Robustness value 2 Last member query interval 3 seconds Switch 20 13 show ip igmp snooping groups This command is used to display IGMP snooping group information learned on the Switch show ip igmp snooping groups v...

Страница 157: ... Total Entries 1 Switch 20 14 show ip igmp snooping mrouter This command is used to display IGMP snooping router port information learned and configured on the Switch show ip igmp snooping mrouter vlan VLAN ID Parameters vlan VLAN ID Optional Specifies the VLAN If no VLAN is specified IGMP snooping information on all VLANs will be displayed of which IGMP snooping is enabled Default None Command Mo...

Страница 158: ...OUP ADDRESS Optional Specifies the group IP address to be displayed vlan VLAN ID Optional Specifies the VLAN ID to be displayed Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays the IGMP snooping static group information Example This example shows how to display IGMP snooping static group information Switch show ip igm...

Страница 159: ...efault Level Level 1 Usage Guideline This command displays the IGMP snooping related statistics information Example This example shows how to display IGMP snooping statistics information Switch show ip igmp snooping statistics vlan 1 VLAN 1 Statistics IGMPv1 Rx Report 1 Query 0 IGMPv2 Rx Report 0 Query 0 Leave 0 IGMPv3 Rx Report 0 Query 0 IGMPv1 Tx Report 0 Query 0 IGMPv2 Tx Report 0 Query 0 Leave...

Страница 160: ...de Privileged EXEC Mode Command Default Level Level 12 Usage Guideline Use this command to clear counters for a physical port interface Example This example shows how to clear the counters of interface eth1 0 1 Switch clear counters interface eth 1 0 1 Switch 21 2 description This command is used to add a description to an interface description STRING no description Parameters STRING Specifies a d...

Страница 161: ...t switch port with combo copper media combo fiber ethernet Ethernet switch port with combo fiber media Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command enters the interface configuration mode for a specific interface The format of the interface number is dependent on the interface type For physical port interfaces the user cannot enter...

Страница 162: ...tch config if combo 21 4 interface range This command is used to enter the interface range configuration mode for multiple interfaces interface combo copper fiber range INTERFACE ID Parameters INTERFACE ID Specifies the physical port interface Optional Specifies the interface range by delimiting a list of interface IDs with commas No spacesare allowed before and after the comma Optional Specifies ...

Страница 163: ...et 1 0 11 12 Switch config if combo range 21 5 show counters This command is used to display interface information show counters interface INTERFACE ID Parameters INTERFACE ID Specifies that the interface can be a physical port If no interface is specified counters of all interfaces will be displayed Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage ...

Страница 164: ...048to4095Octets 0 rxHCPkt4096to9216Octets 0 txHCPkt64Octets 0 txHCPkt65to127Octets 0 txHCPkt128to255Octets 0 txHCPkt256to511Octets 348 txHCPkt512to1023Octets 0 txHCPkt1024to1518Octets 0 txHCPkt1519to1522Octets 0 txHCPkt1519to2047Octets 0 txHCPkt2048to4095Octets 0 txHCPkt4096to9216Octets 0 rxCRCAlignErrors 0 rxUndersizedPkts 0 rxOversizedPkts 0 rxFragmentPkts 0 rxJabbers 0 rxSymbolErrors 0 rxMultic...

Страница 165: ...command is used to display the interface information show interfaces INTERFACE ID Parameters INTERFACE ID Optional Specifies that the interface can be a physical port VLAN or other Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline If no interfaceis specified all existing physical ports will be displayed Example This example shows how to dis...

Страница 166: ...rsize 0 RX oversize 0 RX fragment 0 RX jabber 0 RX dropped Pkts 1212 RX MTU exceeded 0 TX excessive deferral 0 TX single collision 0 TX excessive collision 0 TX late collision 0 Switch 21 7 show interfaces counters This command is used to display counters on specified interfaces show interfaces INTERFACE ID counters errors Parameters errors Optional Specifies to display the error counters INTERFAC...

Страница 167: ...0 2 0 0 0 0 eth1 0 3 0 0 0 0 eth1 0 4 0 0 0 0 eth1 0 5 0 0 0 0 eth1 0 6 0 0 0 0 eth1 0 7 0 0 0 0 eth1 0 8 0 0 0 0 Port OutOctets OutMcastPkts OutUcastPkts OutBcastPkts eth1 0 1 5387265 0 9381 0 eth1 0 2 0 0 0 0 eth1 0 3 0 0 0 0 eth1 0 4 0 0 0 0 eth1 0 5 0 0 0 0 eth1 0 6 0 0 0 0 eth1 0 7 0 0 0 0 eth1 0 8 0 0 0 0 Total Entries 8 Switch This example shows how to display switch ports error counters ...

Страница 168: ... 0 2 0 0 0 0 0 eth1 0 3 0 0 0 0 0 eth1 0 4 0 0 0 0 0 eth1 0 5 0 0 0 0 0 eth1 0 6 0 0 0 0 0 eth1 0 7 0 0 0 0 0 eth1 0 8 0 0 0 0 0 Port DeferredTx IntMacTx IntMacRx eth1 0 1 0 0 0 eth1 0 2 0 0 0 eth1 0 3 0 0 0 eth1 0 4 0 0 0 eth1 0 5 0 0 0 eth1 0 6 0 0 0 eth1 0 7 0 0 0 eth1 0 8 0 0 0 total entries 8 Switch 21 8 show interfaces status This command is used to display the Switch s port connection statu...

Страница 169: ...Auto 10GBASE T eth1 0 3 Not Connected 00 00 04 01 02 04 1 Auto Auto 10GBASE T eth1 0 4 Not Connected 00 00 04 01 02 05 1 Auto Auto 10GBASE T eth1 0 5 Connected 00 00 04 01 02 06 1 Auto Full Auto 1000M 10GBASE T eth1 0 6 Not Connected 00 00 04 01 02 07 1 Auto Auto 10GBASE T eth1 0 7 Not Connected 00 00 04 01 02 08 1 Auto Auto 10GBASE T eth1 0 8 Not Connected 00 00 04 01 02 09 1 Auto Auto 10GBASE T ...

Страница 170: ... state Under the disabled state the port will not be able to receive or transmit any packets Using the no shutdown command will put the port back into the enabled state When a port is shut down the link status will also be turned off Example This example shows how to enter the shutdown command to disable the port state of interface port 1 0 1 Switch configure terminal Switch config interface eth 1...

Страница 171: ...ust one of the IP address configured for the Switch The destination address and the source IP must be the same type of address both are IPv4 or IPv6 Default If the timeout parameter is not specified the timeout value will be 1 second Command Mode EXEC Mode Command Default Level Level 1 Usage Guideline Use this command to verify the reachability reliability and delay of the path to the destination ...

Страница 172: ...c10 41c0 6ddd ecab bytes 100 time 10 ms Reply from 2001 238 f8a 77 7c10 41c0 6ddd ecab bytes 100 time 10 ms Reply from 2001 238 f8a 77 7c10 41c0 6ddd ecab bytes 100 time 10 ms Reply from 2001 238 f8a 77 7c10 41c0 6ddd ecab bytes 100 time 10 ms Ping Statistics for 2001 238 f8a 77 7c10 41c0 6ddd ecab Packets Sent 4 Received 4 Lost 0 Switch ...

Страница 173: ...s 1536 bytes Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is available for physical ports configuration Oversize frames will be dropped and checks are carried out on ingress ports Use this command to transfer large frames or jumbo frames through the switch system to optimize server to server performance Example This example shows how to conf...

Страница 174: ...a channel group An interface can only join one channel group If the mode on is specified in the command the channel group type is static If the mode active or passive is specified in the command the channel group type is LACP A channel group can only consist of either static members or LACP members Once the type of channel group has been determined other types of interfaces cannot join the channel...

Страница 175: ...ample This example shows how to configure the port priority to 20000 on interfaces 1 0 4 to 1 0 5 Switch configure terminal Switch config interface range eth 1 0 4 5 Switch config if lacp port priority 20000 Switch config if 24 3 lacp timeout This command is used to configure the LACP long or short timer Use the no form of this command to return to the default value lacp timeout short long no lacp...

Страница 176: ...fault The default LACP system priority is 32768 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline During LACP negotiation the system priority and port priority of the local partner will be exchanged with the remote partner When the maximum number of actual members exceeds the limitation the Switch will use port priority to determine whether a port is operating i...

Страница 177: ...MAC destination address src ip Specifies that the Switch should examine the IP source address src mac Specifies that the Switch should examine the MAC source address Default The default load balance algorithm is src mac Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to specify the load balance algorithm Only one algorithm can be specified Exa...

Страница 178: ...t is being used by LACP Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline If a port channel number is not specified all port channels will be displayed If the channel load balance and sys id keywords are not specified with the show channel group command only summary channel group information will be displayed Example This example shows how ...

Страница 179: ...en Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline Use this command with the interface keyword to reset LLDP statistics of the specified interface s If the command clear lldp counters is issued with the all keyword to clear global LLDP statistics and the LLDP statistics on all interfaces When no optional keyword is selected only the LLDP global counter...

Страница 180: ... optional type length value settings TLVs in the IEEE 802 1 Organizationally Specific TLV set will be transmitted and encapsulated in the LLDPDUs and sent to neighbor devices Use the no form of this commandto disable the transmissionof TLVs lldp dot1 tlv select port vlan vlan name VLAN ID protocol identity PROTOCOL NAME no lldp dot1 tlv select port vlan vlan name VLAN ID protocol identity PROTOCOL...

Страница 181: ...tity TLV optional data type indicates whether to advertise the corresponding local system s protocol identity instance on the port The protocol identity TLV provides a way for devices to advertise protocols that are important to the operation of the network For example protocols like Spanning Tree Protocol Link Aggregation Control Protocol and numerous vendor proprietary variations are responsible...

Страница 182: ...ntains the following information Whether the link is capable of being aggregated whether the link is currently in an aggregation and the aggregated port channel ID of the port If the port is not aggregated then the ID is 0 power Optional Specifies the power via MDI TLV to send Three IEEE 802 3 PMD implementations 10BASE T 100BASE TX and 1000BASE T allow power to be supplied over the link for conne...

Страница 183: ...12 Usage Guideline When an LLDP MED Capabilities TLV is detected the application layer will start the fast start mechanism This command is used to configure the fast start repeat count which indicates the number of LLDP message transmissions for one complete fast start interval Example This example shows how to configure the LLDP MED fast start repeat count Switch configure terminal Switch config ...

Страница 184: ...Parameters IP ADDRESS Optional Specifies the IPv4 address that is carried in the management address TLV IPV6 ADDRESS Optional Specifies the IPv6 address that is carried in the management address TLV Default No LLDP management address is configured no Management Address TLV is sent Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is available for...

Страница 185: ... delete the management address 10 1 1 1 from eth3 0 1 and eth3 0 2 If 10 1 1 1 is the last one no Management Address TLV will be sent Switch configure terminal Switch config interface range eth 1 0 1 1 0 2 Switch config if range no lldp management address 10 1 1 1 Switch config if range This example shows how to delete the management address FE80 250 A2FF FEBF A056 from eth3 0 3 and eth3 0 4 Switc...

Страница 186: ...only sends LLDP packets until it receives LLDP MED packets from the end device The Switch continues to send LLDP MED packets until it only receives LLDP packets Example This example shows how to enable transmitting LLDP MED TLVs and LLDP MED Capabilities TLVs Switch configure terminal Switch config interface ethernet 1 0 1 Switch config if lldp med tlv select capabilities Switch config if 25 9 lld...

Страница 187: ...lay value for LLDP initialization on an interface This value must be between 1 and 10 seconds Default By default this value is 2 seconds Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline A re enabled LLDP physical interface will wait for the re initialization delay after the last disable command before reinitializing Example This example shows how to configure t...

Страница 188: ...ugh physical interfaces On the other hand the Switch will learn the connectivity and management information from the LLDP packets advertised from the neighbor s Example This example shows how to enable LLDP Switch configure terminal Switch config lldp run Switch config 25 12 lldp forward This command is used to enable the LLDP forwarding state Use the no form of this command to revert to the defau...

Страница 189: ...the system description TLV to send The system description should include the full name and version identification of the system s hardware type software operating system and networking software system name Optional Specifies the system name TLV to send The system name should be the system s fully qualified domain name Default No optional 802 1AB basic management TLV is selected Command Mode Interf...

Страница 190: ...P messages Example This example shows how to enable LLDP transmission Switch configure terminal Switch config interface ethernet 1 0 1 Switch config if lldp transmit Switch config if 25 15 lldp tx delay This command is used to configure the transmission delay timer This delay timer defines the minimum interval between the sending of LLDP messages due to constantly changing MIB content Use the no f...

Страница 191: ...x interval SECONDS no lldp tx interval Parameters SECONDS Specifies the interval between consecutive transmissions of LLDP advertisements on each physical interface The range is from 5 to 32768 seconds Default By default this value is 30 seconds Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This interval controls the rate at which LLDP packets are sent Examp...

Страница 192: ... subtype This command is used to configure the subtype of LLDP TLV s lldp subtype port id mac address local Parameters port id Specifies the subtype of the port ID TLV mac address Specifies the subtype of the port ID TLV to MAC Address 3 and the field of port ID will be encoded with the MAC address local Specifies the subtype of the port ID TLV to use Locally assigned 7 and the field of port ID wi...

Страница 193: ...fig if 25 19 show lldp This command is used to display the Switch s general LLDP configuration show lldp Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display the LLDP system s global configurations Example This example shows how to display the LLDP system s global configuration status ...

Страница 194: ...Power Source Primary LLDP Configurations LLDP State Disabled LLDP Forward State Disabled Message TX Interval 30 CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 25 20 show lldp interface This command is used to display the LLDP configuration at the physical interface show lldp interface INTERFACE ID Parameters INTERFACE ID Specifies to display the LLDP configuration for a specific interf...

Страница 195: ... Network Policy TLV Disabled LLDP MED Extended Power Via MDI PSE TLV Disabled LLDP MED Inventory TLV Disabled Switch Display Parameters Enabled Management Address Displays the enabled IPv4 IPv6 addresses The indicated string None means that the user did not configure the management address with the lldp management address command or the enabled default IPv4 and IPv6 addresses are not applicable En...

Страница 196: ...No spaces before and after the comma Optional Specifies a range of interfaces No spaces before and after the hyphen brief Optional Specifies to display the information in brief mode detail Optional Specifies to display the information in detailed mode If neither brief nor detail is specified display the information in the normal mode Default None Command Mode EXEC Mode or Any Configuration Mode Co...

Страница 197: ...uit SPACE n Next Page ENTER Next Entry a All This example shows how to display the local information ofport 1 in normal mode Switch show lldp local interface ethernet 1 0 1 Port ID eth1 0 1 Port ID Subtype Local Port ID eth1 0 1 Port Description D Link Corporation DXS 1210 28XMP 1 30 003 Port 1 on Unit 1 Port PVID 1 Management Address Count 2 PPVID Entries Count 0 VLAN Name Entries Count 1 Protoco...

Страница 198: ...address information show lldp management address IP ADDRESS IPV6 ADDRESS Parameters IP ADDRESS Optional Specifies to display the LLDP management information for a specific IPv4 address IPV6 ADDRESS Optional Specifies to display the LLDP management information for a specific IPv6 address Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This...

Страница 199: ...ors interface INTERFACE ID brief detail Parameters INTERFACE ID Specifies the interface ID Optional Specifies a series of interfaces or separate a range of interfaces from a previous range No spaces before and after the comma Optional Specifies a range of interfaces No spaces before and after the hyphen brief Optional Specifies to display the information in brief mode detail Optional Specifies to ...

Страница 200: ...one Port VLAN ID 0 PPVID Entries Count 0 None VLAN Name Entries Count 0 None Protocol ID Entries Count 0 None MAC PHY Configuration Status None Power Via MDI None Link Aggregation None Maximum Frame Size 0 Unknown TLVs Count 0 None LLDP MED capabilities LLDP MED device class Endpoint device class III LLDP MED capabilities support LLDP MED capabilities Support Network Policy Support Location identi...

Страница 201: ...ocol ID Entries Count 2 MAC PHY Configuration Status See Detail Power Via MDI See Detail Link Aggregation See Detail Maximum Frame Size 1536 LLDP MED capabilities See Detail Network policy See Detail Extended Power Via MDI See Detail Inventory Management See Detail Unknown TLVs Count 2 Entity 2 Chassis ID Subtype MAC Address Chassis ID 00 01 02 03 04 02 Port ID Subtype Local Port ID eth2 0 1 Port ...

Страница 202: ...sis ID Subtype MAC Address Chassis ID 00 01 02 03 04 02 Port ID Subtype Local Port ID eth4 0 1 Port Description RMON Port 1 on Unit 4 Port ID eth 1 0 2 Remote Entities Count 3 Entity 1 Chassis ID Subtype MAC Address Chassis ID 00 01 02 03 04 03 Port ID Subtype Local Port ID eth2 0 1 Port Description RMON Port 2 on Unit 1 Entity 2 Chassis ID Subtype MAC Address Chassis ID 00 01 02 03 04 04 Port ID ...

Страница 203: ...e The amount of time since the last update to the remote table in days hours minutes and seconds Total Inserts Total number of inserts to the remote data table Total Deletes Total number of deletes from the remote data table Total Drops Total number of times the complete remote data received was not inserted due to insufficient resources Total Ageouts Total number of times a complete remote data e...

Страница 204: ...s 0 Total TLV Unknowns 0 Total Ageouts 0 Switch Display Parameters Total Transmits The total number of LLDP packets transmitted on the port Total Discards The total number of LLDP frames discarded on the port for any reason Total Errors The number of invalid LLDP frames received on the port Total Receives The total number of LLDP packets received on the port Total TLV Discards The number of TLVs d...

Страница 205: ...mand Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline The global LLDP traps information display on the Switch Example This example shows how to display global LLDP traffic information Switch show snmp server traps lldp lldp Disabled lldp med Disabled Switch ...

Страница 206: ...will periodically send VLAN based LBD packets for each VLAN that the port has membership of the VLAN is enabled for loop detection If the port is a tagged member of the detecting VLAN tagged LBD packets are sent If the port is an untagged member of the detecting VLAN untagged LBD packets are sent If there is a loop occurrence on the VLAN path then packet transmitting and receiving will be temporar...

Страница 207: ...ommand Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to enable the loopback detection function on an interface This command is available for port and port channel interface configuration Example This example shows how to enable the loopback detection function on interface eth1 0 1 Switch configure terminal Switch config interface eth 1 0 1 Switch...

Страница 208: ...n vlan VLAN LIST Parameters VLAN LIST Specifies the VLAN identification number numbers or range of numbers to be matched Enter one or more VLAN values separated by commas or hyphens for a range list Default By default this option is enabled for all VLANs Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to configure the list of VLANs that are en...

Страница 209: ...cifies the interface s ID to be displayed Optional Specifies a series of interfaces or separate a range of interfaces from a previous range No spaces are allowed before and after the comma Optional Specifies a range of interfaces No spaces are allowed before and after the hyphen Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this com...

Страница 210: ... displays the loopback detection status for port 1 0 1 Switch show loopback detection interface eth 1 0 1 Interface Loopback Detection State Result Time Left sec eth1 0 11 Enabled Loop on VLAN 1 infinite Switch This example shows how to displays the loopback detection status for port channel 2 Switch show loopback detection interface port channel 2 Interface Loopback Detection State Result Time Le...

Страница 211: ...ing SNMP notifications of loopback detection Switch configure terminal Switch config snmp server enable traps loopback detection Switch config 26 7 show snmp server traps This command is used toenable the sending SNMP notifications of loopback detection Use the no form of this command to revert to the default setting show snmp server traps loopback detection Parameters None Default None Command Mo...

Страница 212: ...f this command to revert to the default setting loopback detection action shutdown none no loopback detection action Parameters shutdown Loop action to shutdown port none Loop action none Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to configure the loop action Example This example shows how to set the loop action of loopback d...

Страница 213: ...ons For a monitor session multiple source interfaces can be specified but only one destination interface can be specified An interface cannot be a source interface of one session and destination port of another session simultaneously An interface can be configured as the destination interface of multiple sessions but it can be a source interface of only one session Example This example shows how t...

Страница 214: ...r a monitor session multiple source interfaces can be specified but only one destination interface can be specified An interface cannot be a source interface of one session and destination port of another session simultaneously An interface can be configured as destination interface of multiple sessions but it can be a source interface of only one session If the direction is not specified both TX ...

Страница 215: ... If this command is used without specifying a session number all monitor sessions are displayed Example This example shows how to display a created port monitor session with the session number 1 Switch show monitor session 1 Session 1 Session Type local session Destination Port eth1 0 3 Source Port Both eth1 0 7 eth1 0 8 RX eth1 0 9 TX eth1 0 10 total entries 1 Switch ...

Страница 216: ...are cleared Default None Command Mode Privilege EXEC Mode Command Default Level Level 12 Usage Guideline This command is used to clear the statistic counter of the Switch Example This example shows how to clear all MLD snooping statistics Switch clear ipv6 mld snooping statistics all Switch 28 2 ipv6 mld snooping This command is used to enable or disable MLD snooping ipv6 mld snooping no ipv6 mld ...

Страница 217: ...VLAN1 Switch configure terminal Switch config vlan 1 Switch config vlan ipv6 mld snooping Switch config vlan 28 3 ipv6 mld snooping fast leave This command is used to configure MLD snooping fast leave on the interface Use the no form of this command to disable the fast leave option on the specified interface ipv6 mld snooping fast leave no ipv6 mld snooping fast leave Parameters None Default By de...

Страница 218: ...d is only available for VLAN interface configuration On receiving an MLD done message the MLD snooping querier will assume that there are no local members on the interface if there are no reports received after the response time Users can lower this interval to reduce the amount of time it takes a switch to detect the loss of the last member of a group Example This example shows how to configure t...

Страница 219: ...rt must be member port of the configured VLAN The multicast router port can be either dynamically learned or statically configured into an MLD snooping entity With the dynamic learning the MLD snooping entity will listen to MLD and PIMv6 packet to identify whether the partner device is a router Example This example shows how to configure eth1 0 1 as an MLD snooping multicast router port and eth1 0...

Страница 220: ...l query messages periodically Use the no form of this command to revert to the default setting ipv6 mld snooping query interval SECONDS no ipv6 mld snooping query interval Parameters SECONDS Specifies to configure the interval at which the designated router sends MLD general query messages The range is 1 to 31744 Default By default this value is 125 seconds Command Mode Interface Configuration Mod...

Страница 221: ... configures the period of which the group member can respond to an MLD query message before the MLD Snooping deletes the membership Example This example shows how to configure the maximum response time to 20 seconds on VLAN 1000 Switch configure terminal Switch config vlan 1000 Switch config vlan ipv6 mld snooping query max response time 20 Switch config vlan 28 9 ipv6 mld snooping query version T...

Страница 222: ...interface configuration The robustness variable provides fine tuning to allow for expected packet loss on an interface The value of the robustness variable is used in calculating the following MLD message intervals Group member interval Amount of time that must pass before a multicast router decides there are no more members of a group on a network This interval is calculated as follows robustness...

Страница 223: ...or a port channel Default No static group is configured Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline The command is only available for VLAN interface configuration This command applies to MLD snooping on a VLAN interface to statically add group membership entries The ipv6 mld snooping static group command allows the user to create an MLD snooping static ...

Страница 224: ...nabled Non active Query version v2 Query interval 125 seconds Max response time 10 seconds Robustness value 2 Last listener query interval 1 seconds Total Entries 1 Switch 28 13 show ipv6 mld snooping groups This command is used to display MLD snooping group related information learned on the Switch show ipv6 mld snooping groups IPV6 ADDRESS vlan VLAN ID Parameters IPV6 ADDRESS Optional Specifies ...

Страница 225: ... ipv6 mld snooping mrouter This command is used to display MLD snooping multicast router port information automatically learned or manually configured on the Switch show ipv6 mld snooping mrouter vlan VLAN ID Parameters vlan VLAN ID Optional Specifies the VLAN If no VLAN is specified MLD snooping Multicast Router Information on all VLANs will be displayed Default None Command Mode EXEC Mode or Any...

Страница 226: ...o be displayed vlan VLAN ID Specifies the VLAN ID to be displayed Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays the MLD snooping static group information Example This example shows how to display MLD snooping static group information Switch show ipv6 mld snooping static group VLAN ID Group address Interface 1 FF1E ...

Страница 227: ...ping statistics information Switch show ipv6 mld snooping statistics interface Interface eth4 0 1 Rx V1Report 1 v2Report 2 Query 1 v1Done 2 Tx v1Report 1 v2Report 2 Query 1 v1Done 2 Interface eth4 0 3 Rx V1Report 0 v2Report 0 Query 0 v1Done 0 Tx v1Report 0 v2Report 0 Query 0 v1Done 0 Interface eth4 0 4 Rx V1Report 3 v2Report 0 Query 3 v1Done 0 Tx v1Report 2 v2Report 2 Query 1 v1Done 2 Total Entrie...

Страница 228: ...aces from a previous range No space is allowed before and after the comma Optional Specifies a range of VLAN No space is allowed before and after the hyphen Default None Command Mode MST Configuration Mode Command Default Level Level 12 Usage Guideline Any unmapped VLAN is mapped to the CIST instance When mapping the VLANs to an instance if the instance doesn t exist this instance will be created ...

Страница 229: ...mple This example shows how to configure the MSTP configuration name to MName Switch configure terminal Switch config spanning tree mst configuration Switch config mst name MName Switch config mst 29 3 revision This command is used to configure the revision number for the MST configuration Use the no form of this command to revert to the default setting revision VERSION no revision Parameters VERS...

Страница 230: ...specify a series of instances or to separate a range of instances from a previous range Use to specify a range of instances No space before and after the comma or hyphen interface INTERFACE ID Specifies to display the STP information for the specified interface Optional Specifies a series of interfaces or separate a range of interfaces from a previous range No space is allowed before and after the...

Страница 231: ...00 00 00 00 priority 0 Regional Root address 00 00 00 00 00 00 priority 0 Designated bridge address 00 00 00 00 00 00 priority 0 port id 0 0 Switch This example shows how to display MSTP detailed information for interface eth1 0 1 Switch show spanning tree mst interface eth 1 0 1 detail eth1 0 1 Configured link type auto operation status point to point Configured fast forwarding auto operation sta...

Страница 232: ...h This example shows how to display MSTP summary information for interfaces eth1 0 3 to eth 1 0 4 Switch show spanning tree mst interface eth 1 0 3 4 eth1 0 3 Configured link type auto operation status point to point Configured fast forwarding auto operation status edge Priority Instance Role State Cost Port MST00 designated forwarding 20000 128 3 MST01 backup blocking 200000 128 3 eth1 0 4 Config...

Страница 233: ...21 4094 1 1 10 2 11 20 Switch 29 5 spanning tree mst This command is used to configure the path cost and portpriority parameters for any MST instance including the CIST with instance ID 0 Use the no form of this command to revert to the default setting spanning tree mst INSTANCE ID cost COST port priority PRIORITY no spanning tree mst INSTANCE ID cost port priority Parameters INSTANCE ID Specifies...

Страница 234: ...ode Use the no form of this command to revert to the default setting spanning tree mst configuration no spanning tree mst configuration Parameters None Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to enter the MST Configuration Mode Example This example shows how to enter the MST Configuration Mode Switch configure terminal...

Страница 235: ...ax hops 19 Switch config 29 8 spanning tree mst hello time This command is used to configure the per port hello time used in the MSTP version Use the no form of this command to revert to the default setting spanning tree mst hello time SECONDS no spanning tree mst hello time Parameters SECONDS Specifies to determine the time interval to send one BPDU at the designated port This value is either 1 o...

Страница 236: ... Parameters INSTANCE ID Specifies the MSTP instance identifier Instance 0 represents the default instance CIST PRIORITY Specifies the bridge priority value that must be divisible by 4096 The range is from 0 to 61440 Default By default this value is 32768 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The priority has same meaning with as the bridge priority i...

Страница 237: ...s If the authentication host mode is set to multi host the port will be added as a guest VLAN member port and the PVID of the port will change to guest VLAN Traffic that comes from guest VLAN can be forward whatever whether authenticated Traffic that comes from other VLANs will still be dropped until it pass authentication When one host passes authentication the port will leave the guest VLAN and ...

Страница 238: ...tion mode is changed to multi host the previous authentication VLAN s on this port will be cleared Default By default multi auth is used Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline If the port is operated in the multi host mode and if one of the hosts is authenticated then all other hosts are allowed to access the port According to 802 1X authentication...

Страница 239: ...witch config if 30 4 authentication timer reauthentication This command is used to configure the timer to re authenticate a session Use the no form of this command to revert to the default setting authentication timer reauthentication SECONDS no authentication timer reauthentication Parameters SECONDS Specifies the timer to re authenticate a session The range is from 1 to 65535 Default By default ...

Страница 240: ...l Level 12 Usage Guideline The Switch will be in the quiet state for a failed authentication session until the expiration of the timer Example This example shows how to configurethe restart timer to 20 for eth1 0 1 Switch configure terminal Switch config interface eth 1 0 1 Switch config if authentication timer restart 20 Switch config if 30 6 authentication username This command is used to create...

Страница 241: ...and pass1 as password Switch configure terminal Switch config authentication username user1 password pass1 Switch config 30 7 clear authentication sessions This command is used to remove authentication sessions clear authentication sessions dot1x all interface INTERFACE ID dot1x mac address MAC ADDRESS Parameters dot1x Specifies to clear all dot1x sessions all Specifies to clear all sessions inter...

Страница 242: ... configuration as the original port then re authentication is not needed The host will inherit the same authorization attributes with new port The authenticated host can do roaming from port 1 to port 2 and inherit the authorization attributes without re authentication If the new port has the different authentication configuration as the original port then re authentication is needed The authentic...

Страница 243: ... a per port basis Example This example shows how to enable the authorization status Switch configure terminal Switch config no authorization disable Switch config 30 10 show authentication sessions This command is used to display authentication information show authentication sessions dot1x interface INTERFACE ID dot1x mac address MAC ADDRESS Parameters dot1x Optional Specifies to display all dot1...

Страница 244: ...authentication start Initialization Authentication resource ready but no new authentication start Authenticating Host is under authenticating Failure Authentication failure Success Host pass authentication Accounting Session ID The accounting session ID that used to do accounting after authenticated Authentication Username It indicates the user name of host It s not available while the host is sel...

Страница 245: ...he Authenticator has successfully authenticated the supplicant ABORTING Indicates that the authentication procedure is being prematurely aborted due to the receipt of a re authentication request an EAPOL Start frame an EAPOL Logoff frame or an authentication timeout HELD Indicates that the state machine ignores and discards all EAPOL packets in order to discourage brute force attacks This state is...

Страница 246: ...DXS 1210 Series Smart Managed Switch CLI Reference Guide 243 ...

Страница 247: ...re and after the comma Optional Specifies a range of interfaces No space is allowed before and after the hyphen Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline This command clears auto learned secured entries either dynamic or permanent Example This example shows how to remove a specific secure address from the MAC address table Switch clear port secur...

Страница 248: ...of interfaces eth1 0 1 to eth1 0 3 Switch show port security interface eth 1 0 1 3 Interface No eth1 0 1 Max No 32 Curr No 0 Violation Action Protect Violation Count Security Mode DeleteOnTimeout Admin State Disabled Current State Aging Time 0 Aging Type Absolute Interface No eth1 0 2 Max No 32 Curr No 0 Violation Action Protect Violation Count Security Mode DeleteOnTimeout Admin State Disabled Cu...

Страница 249: ...or port security address violation and set the number of traps per second to 3 Switch configure terminal Switch config snmp server enable traps port security Switch config 31 4 switchport port security This command is used to configure the port security settings to restrict the number of users that are allowed to gain access rights to a port Use the no form of this command to disable port security...

Страница 250: ...figuration As the port mode security state is changed the violation counts will be cleared and the auto permanent entries will be converted to corresponding dynamic entries As the port security state is changed to disabled the auto learned secured entries either dynamic or permanent with its violation counts are cleared As the related VLAN configuration is changed the auto learned dynamic secured ...

Страница 251: ...and increment the securityviolation counter if a security violation is detected Switch configure terminal Switch config interface eth 1 0 1 Switch config if switchport port security violation restrict Switch config if 31 5 switchport port security aging This command is used to configure the aging time for auto learned dynamic secure addresses on an interface Use the no form of this command to reve...

Страница 252: ...rface eth1 0 1 Switch configure terminal Switch config interface eth 1 0 1 Switch config if switchport port security aging type inactivity Switch config if 31 6 port security limit This command is used to configure the maximum secure MAC address number on the system Use the no form of this command to revert to the default setting port security limit globalVALUE no port security limit global Parame...

Страница 253: ... Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display port security global settings Example This example shows how to display port security global settings Switch show port security global settings Trap State Disabled Trap Rate 0 System Maximum Address No Limit Switch 31 8 show snmp server traps port security This command is used to display port security...

Страница 254: ...Guide 251 Command Default Level Level 1 Usage Guideline Use this command to display port security traps states Example This example shows how to display port security traps states Switch show snmp server traps port security port security Disabled Switch ...

Страница 255: ...trate port status are all turned off to save power Example This example shows how to disable the port LED function Switch configure terminal Switch config dim led Switch config 32 2 power saving This command is used to enable individual power saving functions Use the no form of this command to disable these functions power saving port shutdown dim led hibernation no power saving port shutdown dim ...

Страница 256: ...ernation mode Switch configure terminal Switch config power saving port shutdown Switch config power saving hibernation Switch config 32 3 power saving eee This command is used to enable the Energy Efficient Ethernet EEE function on the specified port s Use the no form of this command to disable the EEE function power saving eee no power saving eee Parameters None Default By default this option is...

Страница 257: ...iguration Mode Command Default Level Level 12 Usage Guideline Use this command to add or delete a time range profile for the dim LED schedule When the schedule is up all port s LED will be turned off Example This example shows how to add a time range profile for the dim LED schedule Switch configure terminal Switch config power saving dim led time range off duty Switch config 32 5 power saving hib...

Страница 258: ...l Switch config power saving hibernation time range off duty Switch config 32 6 power saving shutdown time range This command is used to configure the timerange profile for the portshutdown schedule Use the no form of this command to delete the specified timerange profile power saving shutdown time range PROFILE NAME no power saving shutdown time range PROFILE NAME Parameters PROFILE NAME Specifie...

Страница 259: ...s to display the EEE state INTERFACE ID Optional Specifies the output interface for the EEE Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline If no optional keywords were specified all powersaving configuration information will be displayed Example This example shows how to display all powersaving configuration information Switch show power...

Страница 260: ...DXS 1210 Series Smart Managed Switch CLI Reference Guide 257 ...

Страница 261: ...e this command to create an IP static route Floating static route is supported This means that there could be two routes with the same destination network address and different next hop If primary or backup is not specified the static route will be automatically determined to be a primary route or a backup route Primary route has higher priority than backup route and is always be used for forwardi...

Страница 262: ...s and different next hop If primary or backup is not specified the static route will be automatically determined to be a primary route or a backup route Primary route has higher priority than backup route and is always be used for forwarding when it is active When primary is down the backup route will be used Example This example shows how to create a static route destined to the network where pro...

Страница 263: ... static candidate default Gateway of last resort is not set C 10 0 0 0 8 is directly connected vlan1 Total Entries 1 Switch 33 4 show ip route summary This command is used to display the brief information for the working routing entries show ip route summary Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command ...

Страница 264: ...TH Optional Specifies the prefix length for the specified network longer prefixes Optional Specifies to display the route and all of the more specific routes INTERFACE ID Optional Specifies the interface type connected Optional Specifies to display directly connected route static Optional Specifies to display the static route database Optional Specifies to display all the related entries in the ro...

Страница 265: ...101 64 1 1 via fe80 0000 00ff 1111 2233 vlan1 S 2001 0102 64 1 1 via fe80 0000 00ff 1111 2233 vlan1 Total Entries 2 entries 2 routes Switch 33 6 show ipv6 route summary This command is used to display the current state of the IPv6 routing table show ipv6 route summary Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline When th...

Страница 266: ...DXS 1210 Series Smart Managed Switch CLI Reference Guide 263 Switch show ipv6 route summary Route Source Networks Connected 2 Static 0 Total 3 Switch ...

Страница 267: ...ort default CoS if the packet is untagged When the override option is specified the port default CoS will be applied to all packets received by the port Use the override keyword when all incoming packets on certain ports deserve a higher or lower priority than packets that enter from other ports Even if a port was previously set to trust DSCP or CoS this command overrides that trust state and all ...

Страница 268: ...CP to CoS map for mapping DSCP 12 16 and 18 to CoS 1 for eth2 0 6 Switch configure terminal Switch config interface eth 1 0 6 Switch config if mls qos map dscp cos 12 16 18 to 1 Switch config if 34 3 mls qos scheduler This command is used to configure the scheduling mechanism Use the no form of this command to reset the packet scheduling mechanism to the default mls qos scheduler sp rr wrr wdrr no...

Страница 269: ... queue must also be in the strict priority mode WRR operates by transmitting permitted packets into the transmit queue in a round robin order Initially each queue sets its weight to a configurable weighting Every time a packet from a higher priority CoS queue is sent the corresponding weight is subtracted by 1 and the packet in the next lower CoS queue will be serviced When the weight of a CoS que...

Страница 270: ...ride is configured then the CoS specified by command mls qos cos will be the internal CoS of the packet and the CoS value in the packet s outer VLAN tag If the port is to trust DSCP then the CoS mapped from the DSCP code point will be the internal CoS of the packet and the CoS value in the packet s outer VLAN tag When a packet is received by a port it will be initialized to a color based on the ml...

Страница 271: ...cified queue MAX BANDWIDTH KBPS Specifies the maximum bandwidth in kilobits per second for a specified queue MIN PERCENTAGE Specifies to set the minimal bandwidth by percentage The valid range is from 1 to 100 MAX PERCENTAGE Specifies to set the maximum bandwidth by percentage The valid range is from 1 to 100 Default None Command Mode Interface Configuration Mode Command Default Level Level 12 Usa...

Страница 272: ...form of this commandto disable the bandwidth limit rate limit input output NUMBER KBPS percent PERCENTAGE BURST SIZE no rate limit input output Parameters input Specifies the bandwidth limit for ingress packets output Specifies the bandwidth limit for egress packets NUMBER KBPS Specifies the number of kilobits per second as the maximum bandwidth limit PERCENTAGE Specifies to set the limited rate b...

Страница 273: ...Specifies to displays the transmit queue scheduling settings trust Specifies to displays the port trust State rate limit Specifies to displays the bandwidth limitation configured for the port queue rate limit Specifies to displays the bandwidth allocation configured for the queue dscp cos map Specifies to displays the mapping of DSCP to CoS Default None Command Mode EXEC Mode or Any Configuration ...

Страница 274: ...1 0 1 2 scheduler Interface Scheduler Method eth1 0 1 sp eth1 0 2 wrr Switch This example shows how to display the bandwidth allocation for port 1 0 1 to 1 0 4 Switch show mls qos interface eth 1 0 1 4 rate limit Interface Rx Rate Tx Rate Rx Burst Tx Burst eth1 0 1 1000 kbps No Limit 64 kbyte No Limit eth1 0 2 No Limit 2000 kbps No Limit 2000 kbyte eth1 0 3 10 100000 kbps 20 200000 kbps 64 kbyte 6...

Страница 275: ...splay the DSCP to CoS map for port 1 0 1 Switch show mls qos interface ethernet 1 0 1 dscp cos map eth1 0 1 CoS DSCP List 0 0 7 1 8 15 2 16 23 3 24 31 4 32 39 5 40 47 6 48 55 7 56 63 Switch 34 9 show mls qos queueing This command is used to display the QoS queuing information and weight configuration for different scheduler algorithm on specified interface s show mls qos queuing interface INTERFAC...

Страница 276: ... WRR or WDRR on the specified interface s will be displayed If the interface is not specified only the system wide map of CoS to queue ID is displayed The scheduling mode which is configured by the mls qos scheduler command determines which weight configuration taking effect Use the show mls qos interface scheduler command to get the scheduling mode of an interface Example This example shows how t...

Страница 277: ...mode Use the no form of this command to revert to the default setting wdrr queue bandwidth QUANTUM1 QUANTUM127 no wdrr queue bandwidth Parameters QUANTUM1 QUANTUM127 Specifies the quantum frame length count value of every queue for weighted round robin scheduling Default None Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline The configuration of this command ...

Страница 278: ...robin scheduling Default None Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline The configuration of this command takes effect when the scheduling mode is in the WRR mode Use the mls qos scheduler wrr command to change the scheduling mode to WRR mode To satisfy the behavior requirements of Expedited Forwarding EF the highest queue is always selected by the Pe...

Страница 279: ...ntry number is dynamic Only the interface that is enabled for RMON statistics will have a corresponding entry in the table Example This example shows how to configure an RMON statistics entry with an index of 65 and the owner name guest on Ethernet interface eth 1 0 2 Switch configure terminal Switch config interface eth 1 0 2 Switch config if rmon collection stats 65 owner guest Switch config if ...

Страница 280: ...on alarm This command is used to configure an alarm entry to monitor an interface Use the no form of this commandto remove an alarm entry rmon alarm INDEX VARIABLE INTERVAL delta absolute rising threshold VALUE RISING EVENT NUMBER falling threshold VALUE FALLING EVENT NUMBER owner STRING no rmon alarm INDEX Parameters INDEX Specifies the alarm index The range is from 1 to 65535 VARIABLE Specifies ...

Страница 281: ...onfig rmon alarm 783 1 3 6 1 2 1 2 2 1 12 6 30 delta rising threshold 20 1 falling threshold 10 1 owner Name Switch config 35 4 rmon event This command is used to configure an event entry Use the no form of this commandto remove an event entry rmon event INDEX log trap COMMUNITY owner NAME description STRING no rmon event INDEX Parameters INDEX Specifies the index of the alarm entry The valid rang...

Страница 282: ...ure terminal Switch config rmon event 13 log owner it domain com description ifInNUcastPkts is too much Switch config 35 5 show rmon alarm This command is used to displays the alarm configuration show rmon alarm Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays the RMON alarm table Example This example ...

Страница 283: ... manager1 Description is Errors Event trigger action log trap sent to community manager Last triggered time 13 12 15 2014 03 12 Event 2 owned by manager2 Description is Errors Event trigger action log trap Last triggered time Switch 35 7 show rmon history This command is used to display RMON history statistics information show rmon history Parameters None Default None Command Mode EXEC Mode or Any...

Страница 284: ...abbers 1 CRC alignment errors 0 Collisions 0 Drop events 0 Sample 2 Received octets 303596354 Received packets 357898 Broadcast packets 3329 Multicast packets 7337 Estimated utilization 19 Undersized packets 213 Oversized packets 24 Fragments 2 Jabbers 1 CRC alignment errors 0 Collisions 0 Drop events 0 Switch 35 8 show rmon statistics This command is used to display RMON Ethernet statistics show ...

Страница 285: ...is used to enable the RMON trap state snmp server enable traps rmon rising alarm falling alarm no snmp server enable traps rmon rising alarm falling alarm Parameters rising alarm Optional Specifies to configure the rising alarm trap state falling alarm Optional Specifies to configure the falling alarm trap state Default By default this option is disabled Command Mode Global Configuration Mode Comm...

Страница 286: ...mand Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline To display RMON trap state Example This example shows how to display the RMON trap state Switch show snmp traps rmon Rmon Trap State RMON Rising Alarm Trap Enabled RMON Falling Alarm Trap Enabled Switch ...

Страница 287: ...erability of the device by minimizing the workload of the Switch while the attack is ongoing thus making it capable to forward essential packets over its network in a limited bandwidth Example This example shows how to enable the Safeguard Engine Switch configure terminal Switch config cpu protect safeguard Switch config 36 2 show cpu protect safeguard This command is used to display the settings ...

Страница 288: ...ries Smart Managed Switch CLI Reference Guide 285 This example shows how to display the settings and current status of the Safeguard Engine Switch show cpu protect safeguard Safeguard Engine State Disabled Switch ...

Страница 289: ...y Name policy1 Enabled Cipher Suites RSA_WITH_RC4_128_MD5 RSA_WITH_3DES_EDE_CBC_SHA RSA_EXPORT_WITH_RC4_40_MD5 Session Cache Timeout 600 SSL Policy Name policy2 Enabled Cipher Suites RSA_WITH_RC4_128_MD5 RSA_WITH_3DES_EDE_CBC_SHA RSA_EXPORT_WITH_RC4_40_MD5 Session Cache Timeout 1200 Switch 37 2 ssl service policy This command is used to configure the SSL service policy ssl service policy POLICY NA...

Страница 290: ... des encryption for message encryption and SHA key for message digest rsa with aes 128 cbc sha Use RSA key exchange with aes 128 bit encryption and cbc encryption for message encryption and SHA key for message digest rsa with aes 256 cbc sha Use RSA key exchange with aes 256 bit encryption and cbc encryption for message encryption and SHA key for message digest dhe rsa with aes 128 cbc sha Use DH ...

Страница 291: ...etting This command is used to to display the SSL global settings show ssl global setting Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline To display the SSL status Example This command is used to to display the SSL global settings Switch show ssl global setting ssl server state Disable ssl service policy name Switch ...

Страница 292: ...Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use the show snmp server command to display the SNMP server global state settings Use the show snmp server traps command to display trap related settings Example This example shows how to display the SNMP server configuration Switch show snmp server SNMP Server Enabled Name SiteA Switch Location HQ 15F Contact MIS Departm...

Страница 293: ...s disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The SNMP manager manages a SNMP agent by sending SNMP requests to agents and receiving SNMP responses and notifications from agents The SNMP server on the agent must be enabled before the agent can be managed Example This example shows how to enable the SNMP server Switch configure terminal Switch conf...

Страница 294: ...h configure terminal Switch config snmp server contact MIS Department II Switch config 38 4 snmp server enable traps This command is used to enable the sending of trap packets globally Use the no form of this command to disable the sending of trap packets snmp server enable traps no snmp server enable traps Parameters None Default By default this option is disabled Command Mode Global Configuratio...

Страница 295: ...ncorrect community string For SNMPv3 authentication failure occurs if packets are formed with an incorrect SHA MD5 authentication key linkup Optional Specifies to control the sending of SNMP linkUp notifications A linkup 3 trap is generated when the device recognizes that one of the communication links has come up linkdown Optional Specifies to control the sending of SNMP linkDown notifications A ...

Страница 296: ...rver location TEXT no snmp server location Parameters location TEXT Specifies the string that describes the system location information The maximum length is 255 characters The syntax is a general string that allows spaces Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to configure the system s location information on the Switch ...

Страница 297: ...re the system s name to SiteA switch Switch configure terminal Switch config snmp server name SiteA switch SiteA switch config 38 8 snmp server service port This command is used to configure the SNMP UDP port number Use the no form of this command to reset the UDP port number to default value snmp server service port PORT NUMBER no snmp server service port Parameters PORT NUMBER Specifies the UDP ...

Страница 298: ...e the server to response to broadcast SNMP GetRequest packet NMS tools would send broadcast SNMP GetRequest packets to discover networks device To support this function the response to the broadcast get request packet needs to be enabled Example This example shows how to enable the server to respond to the broadcast SNMP get request packet Switch configure terminal Switch config snmp server respon...

Страница 299: ... System rw sales divison checked with IP access control list SalesDvision public ro RD division checked with IP access control list HB5 Develop ro RD2 private rw Line2 checked with IP access control list HQ Total Entries 4 Switch This example shows how to display the SNMP server host setting Switch show snmp host Host IP Address 10 20 30 40 SNMP Version V1 Community Name public UDP Port 50001 Host...

Страница 300: ...p group GroupName public SecurityModel v1 ReadView CommunityView WriteView NotifyView CommunityView IP access control list GroupName public SecurityModel v2c ReadView CommunityView WriteView NotifyView CommunityView IP access control list GroupName initial SecurityModel v3 noauth ReadView restricted WriteView NotifyView restricted IP access control list GroupName private SecurityModel v1 ReadView ...

Страница 301: ... Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline When the username argument is not specified all configured users will be displayed The community string created will not displayed by this command Example This example shows how SNMP users are displayed Switch show snmp user authuser User name authuser Security Model v2c Group Name VacmGroupName IP access control list HB...

Страница 302: ...he name of the standard access list to control the user to use this community string to access to the SNMP agent Specifies the valid user in the source address field of the access list entry Default Community View Name Access right private CommunityView Read Write public CommunityView Read Only Command Mode Global Configuration Mode Command Default Level Level 15 Usage Guideline This command provi...

Страница 303: ...P engine ID to 332200000000000000000000 Switch configure terminal Switch config snmp server engineID local 332200000000000000000000 Switch config 38 14 snmp server group This command is used to configure an SNMP group Use the no form of this command to remove a SNMP group or remove a group from using a specific security model snmp server group GROUP NAME v1 v2c v3 auth noauth priv read READ VIEW w...

Страница 304: ...nes that the group user is allowed to use the specified version of SNMP to access the SNMP agent The same group name can be created with security models SNMPv1 SNMPv2c and SNMPv3 at the same time For SNMPv3 it can be created for SNMPv3 auth and SNMPv3 priv at the same time To update the view profile for a group for a specific security mode delete and create the group with the new view profile The ...

Страница 305: ...ers may conflict with other protocols Default By default the version used is 1 Command Mode Global Configuration Mode Command Default Level Level 15 Usage Guideline SNMP notifications are sent as trap packets The user should create at least one recipient of a SNMP notification by using the snmp server host command in order for the Switch to send the SNMP notifications Specify the version of the no...

Страница 306: ...tring comaccess The UDP port number is configured to 50001 Switch configure terminal Switch config snmp server community comaccess rw Switch config snmp server host 163 10 50 126 version 1 comaccess port 50001 Switch config 38 16 snmp server source interface traps This command is used to specify the interface whose IP address will be used as the source address for sending the SNMP trap packet Use ...

Страница 307: ...md5 Specifies to use HMAC MD5 96 authentication sha Specifies to use HMAC SHA 96 authentication AUTH PASSWORD Specifies the authentication password in the plain text form This password is 8 to 16 octets for MD5 and 8 to 20 octets for SHA If the keyword encrypted is specified the length is 32 for MD5 and 40 for SHA The format is a hexadecimal value PRIV PASSWORD Specifies a privacy key used by DES ...

Страница 308: ...rs VIEW NAME Specifies the name of the view entry The valid length is 1 to 32 characters The syntax is general string that does not allow spaces OID TREE Specifies the object identifier of the ASN 1 sub tree to be included or excluded from the view To identify the sub tree specify a text string consisting of numbers such as 1 3 6 2 4 or a word such as system Use the asterisk wildcard in a single s...

Страница 309: ...le This example shows how to create a MIB view called interfacesMibView and define an SNMP group guestgroup with InterfaceMIBView as the read view Switch configure terminal Switch config snmp server view interfacesMibView 1 3 6 1 2 1 2 included Switch config snmp server group guestgroup v3 auth read interfacesMibView Switch config ...

Страница 310: ...acy bridges on a given LAN have been removed If there is no STP Bridge on the LAN the port will be operated in the configured mode either in the RSTP or MSTP mode Otherwise the port will be operated in the STP mode Example This example shows how to trigger the protocol migration event for all ports Switch clear spanning tree detected protocols all Clear spanning tree detected protocols y n n y Swi...

Страница 311: ...rd Time 15 TX Hold Count 6 Max Hops 20 Topology Change Count 0 Priority Link Interface Role State Cost Port Type Edge eth1 0 3 designated forwarding 20000 128 3 p2p non edge eth1 0 5 backup blocking 200000 128 5 p2p non edge eth1 0 6 backup blocking 200000 128 6 shared non edge eth1 0 7 root forwarding 2000 128 7 P2p non edge Switch 39 3 show spanning tree configuration interface This command is u...

Страница 312: ...8 Port Identifier 128 1 Link type auto Port fast auto Guard root Disabled TCN filter Disabled Bpdu forward Disabled Hello Time 2 Switch 39 4 snmp server enable traps stp This command is used to enable the spanning tree to send SNMP notifications for STP Use the no form of this command to disable the sending of notifications for STP snmp server enable traps stp new root topology chg no snmp server ...

Страница 313: ... disable the STP s global state spanning tree global state enable disable no spanning tree global state Parameters enable Specifies to enable the STP s global state disable Specifies to disable the STP s global state Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command in the global configuration mode to e...

Страница 314: ...lue of the max age is 20 seconds Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to configure the SpanningTree timer value Example This example shows how to configure the STP timers Switch configure terminal Switch config spanning tree hello time 1 Switch config spanning tree forward time 16 Switch config spanning tree max age 21 Switch co...

Страница 315: ...t spanning tree cost COST no spanning tree cost Parameters COST Specifies the path cost for the port The range is from 1 to 200000000 Default The default path cost is computed from the interface s bandwidth setting Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline In the RSTP or STP compatible mode the administrative path cost is used by the single spanning t...

Страница 316: ...DUs on the link If the port times out the received superior BPDU it will change to the designated port role When a port changes to the alternate port state due to the root guard a system message will be generated This configuration will take effect for all the spanning tree versions Example This example shows how to configure to prevent Ethernet interface eth1 0 1 from being a root port Switch con...

Страница 317: ...onfigure the STP mode Use the no form of this command to revert to the default setting spanning tree mode mstp rstp stp no spanning tree mode Parameters mstp Specifies the Multiple Spanning Tree Protocol MSTP rstp Specifies the Rapid Spanning Tree Protocol RSTP stp Specifies the Spanning Tree Protocol IEEE 802 1D Compatible Default By default this mode isrstp Command Mode Global Configuration Mode...

Страница 318: ... port fast state Disable mode The port will always be in the non port fast state It will always wait for the forward time delay to change to forwarding state Network mode The port will remain in the non port fast state for three seconds The port will change to the port fast state if no BPDU is received and changes to the forwarding state If the port received the BPDU later it will change to the no...

Страница 319: ... It is only used for RSTP and STP versions Use the no form of this command to restore to the default setting spanning tree priority PRIORITY no spanning tree priority Parameters PRIORITY Specifies that the bridge priority and bridge MAC address together forms the Spanning Tree Bridge ID which is an important factor in the Spanning Tree topology The range is from 0 to 61440 Default By default this ...

Страница 320: ...ss flushing in that region possibly because those bridges are not under the full control of the administrator When a port is set to the TCN filter mode the TC event received by the port will be ignored This configuration will take effect for all the spanning tree modes Example This example shows how to configure TCN filtering on port eth1 0 7 Switch configure terminal Switch config interface eth 1...

Страница 321: ...nning tree tx hold count 5 Switch config 39 17 spanning tree forward bpdu This command is used to enable the forwarding of the spanningtree BPDU Use the no form of this command to disable the forwarding of the spanningtree BPDU spanning tree forward bpdu no spanning tree forward bpdu Parameters None Default By default this option is disabled Command Mode Interface Configuration Mode Command Defaul...

Страница 322: ...m clear enables or disables the notifications for storm control module If no optional keywords is specified both storm occur and storm clear notifications are enabled or disabled If you enter the command with a keyword only the specified notification type is enabled or disabled Example This example shows how to enable sending trap for storm control for both storm occurred and cleared Switch config...

Страница 323: ...ontrol function to protect the network from the storm of broadcast packets multicast packets or unknown DA flooding packets Enter the storm control command to enable storm control for a specific traffic type on the interface There are two ways to recover an error disabled port The user can use the errdisable recovery cause command to enable the automatic recovery of ports that were error disabled ...

Страница 324: ...bled state when a storm is detected Infinite means that a shutdown mode port will never enter the error disabled state even if a storm was detected Default The default polling interval is 5 seconds The default retries count value is 3 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this to specify the sample interval of received packet counts Example This ...

Страница 325: ... Retries Infinite Trap Disabled Interface Storm Action Threshold Current State eth1 0 1 Broadcast Drop 500 300 pps 200 pps Forwarding eth1 0 2 Broadcast Drop 80 64 20 Forwarding eth1 0 3 Broadcast Drop 80 64 70 Dropped eth1 0 4 Broadcast Shutdown 60 50 20 Forwarding eth1 0 5 Broadcast None 60000 50000 kbps 2000 kbps Forwarding eth1 0 6 Broadcast None Inactive Total Entries 6 Switch This example sh...

Страница 326: ... Forwarding No storm event has been detected Dropped A storm event has occurred and the storm traffic exceeding the threshold is dropped Error Disabled The port is disabled due to a storm Link Down The port is physically linked down Inactive Indicates that storm control is not enabled for the given traffic type 40 5 show snmp server traps storm control This command is used to Display storm control...

Страница 327: ...surveillance VLAN function When the surveillance VLAN is enabled for a port the port will be automatically learned as surveillance VLAN untagged member the received untagged surveillance packets will be forwarded to the surveillance VLAN The received packets are determined as surveillance packets if the source MAC addresses of packets comply with the organizationally unique identifier OUI addresse...

Страница 328: ...ration of surveillance VLAN aging timer If the surveillance traffic resumes during the aging time the aging timer will be cancelled Example This example shows how to configure the aging time of surveillance VLAN to 30 minutes Switch configure terminal Switch config surveillance vlan aging 30 Switch config 41 3 surveillance vlan enable This command is used to enable the surveillance VLAN state of p...

Страница 329: ... device OUI surveillance vlan mac address MAC ADDRESS MASK component type vms vms client video encoder network storage other description TEXT no surveillance vlan mac address MAC ADDRESS MASK Parameters MAC ADDRESS Specifies the OUI MAC address MASK Specifies the OUI MAC address matching bitmask component type Optional Specifies surveillance components that could be auto detected by surveillance V...

Страница 330: ...nce vlan mac address 00 01 02 03 00 00 FF FF FF FF 00 00 component type vms description user1 Switch config 41 5 surveillance vlan qos This command is used to configure the CoS priority for the incoming surveillance VLAN traffic Use the no form of this command to revert to the default settings surveillance vlan qos COS VALUE no surveillance vlan qos Parameters COS VALUE Specifies the priority of s...

Страница 331: ... of interfaces or separate a range of interfaces from a previous range No space is allowed before and after the comma Optional Specifies a range of interfaces No space is allowed before and after the hyphen Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display the surveillance VLAN configurations The show surveillanc...

Страница 332: ...0 minutes Surveillance VLAN OUI OUI Address Mask Component Type Description 28 10 7B 00 00 00 FF FF FF E0 00 00 D Link Device IP Surveillance Device 28 10 7B 20 00 00 FF FF FF F0 00 00 D Link Device IP Surveillance Device B0 C5 54 00 00 00 FF FF FF 80 00 00 D Link Device IP Surveillance Device F0 7D 68 00 00 00 FF FF FF F0 00 00 D Link Device IP Surveillance Device Total OUI 4 Switch ...

Страница 333: ... is set to auto and the duplex parameter is set to the fixed mode only the speed will be negotiated The advertised capability will be configured to the duplex mode combined with all the possible speeds If the speed is to set to a fixed speed and duplex is set to auto only the duplex mode is negotiated The advertised capability will be both full and half duplex mode combined with the configured spe...

Страница 334: ...be based on the negotiated result between the local side setting and the partner side setting The configured flow control setting here is the local side setting Example This example shows how to enable the flow control on interface eth1 0 1 Switch configure terminal Switch config interface eth 1 0 1 Switch config if flowcontrol on Switch config if 42 3 speed This command is used to configure the p...

Страница 335: ...r 10 Gbps Auto negotiation will be enabled if either the speed parameter is set to auto or the duplex parameter is set to auto If the speed parameter is set to auto and the duplex parameter is set to the fixed mode Only the speed will be negotiated The advertised capability will be configured to the duplex mode combined with all the possible speeds If the speed is to set to a fixed speed and duple...

Страница 336: ...cksum to determine whether the file is a valid image file The purpose of the check parameter is for checking the file information to let the user understand whether the specified file is suitable to be a boot image or not The setting of the boot image command will immediately be stored in the NVRAM which is a space separated from the start up configuration The backup image is decided automatically...

Страница 337: ...ot y n n y Saving configurations and logs to NV RAM Done Please wait the switch is rebooting 43 3 copy This command is used to copy a file to another file copy imageid IMAGE ID tftp LOCATION DESTINATION URL copy log tftp LOCATION DESTINATION URL copy running config startup config tftp LOCATION DESTINATION URL config1 config2 copy startup config tftp LOCATION DESTINATION URL copy tftp LOCATION SOUR...

Страница 338: ...uration will merge with the current running configuration The running configuration will not be cleared before applying of the specified configuration As the specified source is the system log and the specified destination is a URL the current system log will be copied to the specified URL To represent a file in the remote TFTP server the URL must be prefixed with tftp To download the firmware ima...

Страница 339: ...inactive image Switch copy tftp 10 1 1 254 image2 TFTP Firmware Upgrade processing Do not power off Firmware upgrade successfully Switch This example shows how to upload an image file to the TFTP server Switch copy imageid 2 tftp 10 1 1 254 image2 Transfering firmware 100 Firmware Backup successfully Switch This example shows how to upload the log to the TFTP server for storage Switch copy log tft...

Страница 340: ...ow to display system boot information Switch show boot Boot image image1 Boot config config1 43 5 show running config This command is used to display the commands in the running configuration file show running config Parameters None Default None Command Mode Privileged EXEC Mode Command Default Level Level 15 Usage Guideline This command displays the current running system configuration Example Th...

Страница 341: ... ethernet 1 0 1 lacp port priority 32768 lacp timeout short exit interface ethernet 1 0 2 lacp port priority 32768 lacp timeout short CTRL C ESC q Quit SPACE n Next PageENTER Next Entry a All 43 6 show startup config This command is used to display the content of the startup configuration file show startup config Parameters None Default None Command Mode Privileged EXEC Mode Command Default Level ...

Страница 342: ...face ethernet 1 0 2 lacp port priority 32768 lacp timeout short exit interface ethernet 1 0 3 lacp port priority 32768 lacp timeout short exit interface ethernet 1 0 4 lacp port priority 32768 lacp timeout short exit interface ethernet 1 0 5 lacp port priority 32768 lacp timeout short exit interface ethernet 1 0 6 CTRL C ESC q Quit SPACE n Next PageENTER Next Entry a All 43 7 boot startup config T...

Страница 343: ...p configuration file Switch config boot startup config config1 Switch config 43 8 reboot This command is used to reboot the system reboot force_agree Parameters force_agree Forcibly reboot without prompting for user input Default None Command Mode Privileged EXEC Mode Command Default Level Level 15 Usage Guideline This command is used to reboot the system Example This example shows how to reboot t...

Страница 344: ...local message buffer Use the no form of this command todisable the logging of messages to the local message buffer Use the default logging buffered command to revert to default setting logging buffered severity SEVERITY LEVEL SEVERITY NAME write delay SECONDS infinite no logging buffered default logging buffered Parameters SEVERITY LEVEL Optional Specifies the severity level of system messages The...

Страница 345: ...e interval for periodically writing the logging buffer to FLASH can be specified The content of the logged messages in the FLASH will be reloaded into the logging buffer on reboot Example This example shows how to enable the logging of messages to the logging buffer and restrict logging of messages with a security level of errors or higher Switch configure terminal Switch config logging buffered s...

Страница 346: ...al message buffer local console or remote hosts Messages must enter the local message buffer first before it can be further dispatched to logging server The following is a table for the facility Numerical code Facility 0 Kernel messages 1 User level messages 2 Mail system 3 System daemons 4 Security authorization messages 5 Messages generated internally by the SYSLOG 6 Line printer sub system 7 Ne...

Страница 347: ... the IP address of the closest interface will be used Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to specify the interface whose IP address will be used as the source address of the SYSLOG packet Example This example shows how to configure VLAN100 as the source interface for SYSLOG packets Switch configure terminal Switch config logging so...

Страница 348: ... As a message is logged a sequence number starting from 1 is allocated The sequence number will roll back to 1 when it reaches 100000 When the user specifies to display a number of messages following the reference sequence number the oldest messages are displayed prior to the newer messages When the user specifies to display a number of messages prior to the reference sequence number the newer mes...

Страница 349: ... zone specified by the configuration of the clock timezone command The clock configured by this command will be applied to RTC if it is available The configured clock will not be stored in the configuration file If the clock is manually set and the SNTP server is configured the system will still try to sync the clock with the server If the clock is manually set but a new clock time is obtained by ...

Страница 350: ...ne Use this command to automatically switch over to summer time The command has two forms One is the recurring form which is used to specify the time through the week and the day of the month The other form is the date form which is used to specify the date of the month In both the date and recurring forms of the command the first part of the command specifies when summer time begins and the secon...

Страница 351: ...the daylight saving configuration Example This example shows how to set the time zone to the Pacific Standard Time PST which is 8 hours ahead of UTC Switch configure terminal Switch config clock timezone 8 Switch config 45 4 show clock This command is used to display the time and date information show clock Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Defau...

Страница 352: ... information about the SNTP server show sntp Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display information about the SNTP server Example This example shows how to display SNTP information Switch show sntp SNTP Status Enabled SNTP Pool Interval 720 seconds SNTP Server Status SNTP Server Stratum...

Страница 353: ...within 100 milliseconds of the accurate time but it does not provide the complex filtering and statistical mechanisms of NTP In addition SNTP does not authenticate traffic although you can configure extended access lists to provide some protection Create multiple SNTP servers by enter this command multiple times with different SNTP server IP addresses Use the no form of this command to delete the ...

Страница 354: ...nfig 45 8 sntp interval This command is used to set the interval for the SNTP client to synchronize its clock with the server sntp interval SECONDS no sntp interval Parameters SECONDS Specifies the synchronization interval from 30 to 99999 seconds Default By default this value is 720 seconds Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is used ...

Страница 355: ...ge Configuration Mode Command Default Level Level 12 Usage Guideline A new period can be partially overlapped with an older one If a new period s starting and ending time is respectively the same as a previous period an error message will be displayed and the new period will not be allowed When specifying a period to remove it must be the same period originally added and cannot be a partial range ...

Страница 356: ... time ranges Switch show time range Time Range Profile rdtime Daily 09 00 to 12 00 Weekly Saturday 00 00 to Monday 00 00 Time Range Profile lunchtime Daily 12 00 to 13 00 Total Entries 2 Switch 46 3 time range This command is used to enter the time range configuration mode to define a time range Use the no form of this command to delete a time range time range NAME no time range NAME Parameters NA...

Страница 357: ...o specify a time period When a time range is created without any time interval periodic setting it implies that there is not any active period for the time range Example This example shows how to enter the time range configuration mode for the time range profile named rdtime Switch configure terminal Switch config time range rdtime Switch config time range ...

Страница 358: ...ode or Any Configuration Mode Command Default Level Level 1 Usage Guideline While entering this command without any other keywords the traffic segmentation configuration for all ports is displayed Otherwise only the specified interface s traffic segmentation is displayed Example This example shows how to display the configuration of traffic segmentation for eth1 0 1 Switch show traffic segmentatio...

Страница 359: ...egmentation forward command can be entered multiple times The following interfaces will be appended into the forwarding domain Use the no form command will remove the specified interface from the traffic segmentation forward member list The traffic segmentation member list can be comprised of different interface types for example port and port channel in the same forwarding domain If the interface...

Страница 360: ...he default option is untagged only For the other VLAN mode the default option is admit all Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to set the acceptable types of frames by a port Example This example shows how to set the acceptable frame type to tagged only for port eth1 0 1 Switch configure terminal Switch config interface eth ...

Страница 361: ...gured VLANs or one VLAN on the Switch show vlan VLAN ID interface INTERFACE ID Parameters VLAN ID Optional Specifies a list of VLANs to display the member port information If the VLAN is not specified all VLANs are displayed The valid range is from 1 to 4094 interface INTERFACE ID Optional Specifies the port to display the VLAN related setting Optional Specifies a series of interfaces or separate ...

Страница 362: ...tagged VLAN 1 Hybrid tagged VLAN Ingress checking Enabled Acceptable frame type Admit All Dynamic tagged VLAN eth1 0 2 VLAN mode Hybrid Native VLAN 1 Hybrid untagged VLAN 1 Hybrid tagged VLAN Ingress checking Enabled Acceptable frame type Admit All Dynamic tagged VLAN eth1 0 3 VLAN mode Hybrid Native VLAN 1 Hybrid untagged VLAN 1 Hybrid tagged VLAN Ingress checking Enabled Acceptable frame type Ad...

Страница 363: ...he interface 1 0 1 to access mode with access VLAN 1000 Switch configure terminal Switch config interface eth 1 0 1 Switch config if switchport mode access Switch config if switchport access vlan 1000 Switch config if 48 5 switchport hybrid allowed vlan This command is used to specify the tagged or untagged VLANs for a hybrid port Use the no form of this command to revert to the default setting sw...

Страница 364: ...the new tagged allowed VLAN list is overlap with current untagged allowed VLAN list the overlap part will change to the tagged allowed VLAN The last command will take effect The VLAN does not need to exist to configure the command Example This example shows how to configure interface eth1 0 1 to be a tagged member of VLAN 1000 and an untagged member of VLAN 2000 and 3000 Switch configure terminal ...

Страница 365: ...orm of this command to revert to the default setting switchport mode access hybrid trunk no switchport mode Parameters access Specifies the port as an access port hybrid Specifies the port as a hybrid port trunk Specifies the port as a trunk port Default By default this option is hybrid Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline When a port is set to a...

Страница 366: ...ed VLAN ID Specifies the allow VLAN list or the VLAN list to be added to or removed from the allow VLAN list Optional Specifies a series of VLANs or separate a range of VLANs from a previous range No space is required before and after the comma Optional Specifies a range of VLANs No space is required before and after the hyphen Default By default all VLANs are allowed Command Mode Interface Config...

Страница 367: ... trunk port works in the untagged mode for a native VLAN transmitting untagged packet for a native VLAN and tagged packets for all other VLANs and the acceptable frame types of the port has to be set to admit all in order to function correctly The specified VLAN does not need to exist to apply the command Example This example shows how to configure interface eth1 0 1 as a trunk interface and confi...

Страница 368: ...t be removed If the removed VLAN is a port s access VLAN the port s access VLAN will be reset to VLAN 1 Example This example shows how to add new VLANs assigning the new VLANs with the VLAN IDs 1000 to 1005 Switch configure terminal Switch config vlan 1000 1005 Switch config vlan 48 11 name This command is used to specify the name of a VLAN Use the no form of this command to reset the VLAN name to...

Страница 369: ... Managed Switch CLI Reference Guide 366 This example shows how to configure the VLAN name of VLAN 1000 to be admin vlan Switch configure terminal Switch config vlan 1000 Switch config vlan name admin vlan Switch config vlan ...

Страница 370: ...ed to be enabled for a port to start the voice VLAN function When the voice VLAN is enabled for a port the received voice packets will be forwarded in the voice VLAN The received packets are determined as voice packets if the source MAC addresses of packets comply with the organizationally unique identifier OUI addresses configured by the voice vlan mac address command The VLAN to be specified as ...

Страница 371: ...imer will be cancelled Example This example shows how to configure the aging time of the voice VLAN to 30 minutes Switch configure terminal Switch config voice vlan aging 30 Switch config 49 3 voice vlan enable This command is used to enable the voice VLAN state of ports Use the no form of this command to disable the voice VLAN sport state voice vlan enable no voice vlan enable Parameters None Def...

Страница 372: ... user defined OUI with a maximum of 32 characters Default The default OUI is listed in the following table OUI Vendor 00 E0 BB 3COM 00 03 6B Cisco 00 E0 75 Veritel 00 D0 1E Pingtel 00 01 E3 Siemens 00 60 B9 NEC Philips 00 0F E2 Huawei 3COM 00 09 6E Avaya Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to add a user defined OUI for the voice VL...

Страница 373: ...ership will be automatically be aged out When the port is working in the auto tagged mode and the port captures a voice device through the device s OUI it will join the voice VLAN as a tagged member automatically When the voice device sends tagged packets the switch will change its priority When the voice device sends untagged packets it will forward them in port s PVID VLAN When the port is worki...

Страница 374: ...affic to be distinguished from data traffic in quality of service Example This example shows how to configure the priority of the voice VLAN to be 7 Switch configure terminal Switch config voice vlan qos 7 Switch config 49 7 show voice vlan This command is used to display the voice VLAN configurations show voice vlan interface INTERFACE ID show voice vlan device lldpmed device interface INTERFACE ...

Страница 375: ...ption 00 01 E3 00 00 00 FF FF FF 00 00 00 Siemens 00 03 6B 00 00 00 FF FF FF 00 00 00 Cisco 00 09 6E 00 00 00 FF FF FF 00 00 00 Avaya 00 0F E2 00 00 00 FF FF FF 00 00 00 Huawei 3COM 00 60 B9 00 00 00 FF FF FF 00 00 00 NEC Philips 00 D0 1E 00 00 00 FF FF FF 00 00 00 Pingtel 00 E0 75 00 00 00 FF FF FF 00 00 00 Veritel 00 E0 BB 00 00 00 FF FF FF 00 00 00 3COM 00 02 03 00 00 00 FF FF FF 00 00 00 User1...

Страница 376: ...20 06 45 Aging Total Entries 5 Switch This example shows how to display the learned LLDP MED voice devices on ports eth1 0 1 1 0 2 Switch show voice vlan lldpmed device interface eth 1 0 1 2 Index 1 Interface eth1 0 1 Chassis ID Subtype MAC Address Chassis ID 00 E0 BB 00 00 11 Port ID Subtype Network Address Port ID 172 18 1 1 Create Time 2012 03 19 10 00 Remain Time 108 Seconds Index 2 Interface ...

Страница 377: ...cription Severity Event description This log will be generated when RADIUS assigned a invalid VLAN ID attributes Log Message Invalid vlan assignment by radius with vlan vid port interface id Parameters description vid The invalid assign VLAN ID that authorized by from RADIUS server interface id It indicates the port number of the client authenticated Warning Event description This log will be gene...

Страница 378: ...router port Warning Configuration Firmware Log Log Description Severity Event description Firmware upgraded successfully Log Message Firmware upgraded successfully via session Parameters description session The user s session Informational Event description Firmware upgraded failure Log Message Firmware upgraded failure via session Parameters description session The user s session Warning Event de...

Страница 379: ...ge Configuration save successful Informational Event description Configuration save failure Log Message Configuration save failure Warning Event description System log backup successfully Log Message System log backup successful via session Parameters description session The user s session Informational Event description System log backup failure Log Message System log backup failure via session P...

Страница 380: ... id detached from aggregation group group_id The group id of the aggregation group that port detach from Informational LBD Log Description Severity Event description Record the event when an interface detect loop Log Message Port interface id LBD loop occurred Port blocked Parameters description interface id Interface on which loop is detected Critical Event description Record the event when an in...

Страница 381: ...address Informational Event description Login through telnet unsuccessfully Log Message Login failed through Telnet IP ipaddr Parameters description ipaddr Represent client IP address Warning Event description Telnet session timed out Log Message Telnet session timed out IP ipaddr Parameters description ipaddr Represent client IP address Informational Event description Logout through telnet Log Me...

Страница 382: ...fan descr The FAN ID and position Critical Event description Fan Fail Log Message Right Fan fan descr failed Parameters description fan descr The FAN ID and position Critical Event description Temperature sensor enters alarm state Log Message Temperature exceeds the thresholds Critical Event description Temperature recovers to normal Log Message Temperature recover Critical Port Security Log Descr...

Страница 383: ...disabled by storm broadcast The interface is disabled by broadcast storm multicast The interface is disabled by multicast storm unicast The interface is disabled by unicast storm including both known and unknown unicast packets Warning Telnet Log Description Severity Event description Successful login through Telnet Log Message Successful login through Telnet User username IP ipaddr Parameters des...

Страница 384: ... Parameters description ipaddr The IP address of HTTP client Informational Event description Login failed through Web Log Message Login failed through Web IP ipaddr Parameters description ipaddr The IP address of HTTP client Warning Event description Logout through Web Log Message Logout through Web IP ipaddr Parameters description ipaddr The IP address of HTTP client Informational ...

Страница 385: ...orkPortAuthUserName 5 networkPortAuthFailReason 1 3 6 1 4 1 1 71 10 139 1 1 8 2 7 0 2 DHCP Server Screen Prevention Trap Name Description OID dhcpSerScrAttackDetect When DHCP Server Screen is enabled if the switch received the forge DHCP Server packet the switch will trap the event if any attacking packet is received Binding objects 1 dhcpSerScrLogVlanID 2 dhcpSerScrLogIPAddr 3 dhcpSerScrLogMacAdd...

Страница 386: ...wn state and transitioned into some other state but not into the notPresent state This other state is indicated by the included value of ifOperStatus Binding objects 1 ifIndex 2 if AdminStatus 3 ifOperStatu 1 3 6 1 6 3 1 1 5 4 linkDown A linkDown trap signifies that the SNMP entity acting in an agent role has detected that the ifOperStatus object for one of its communication links is about to ente...

Страница 387: ...gured management address and Received management address from the neighbor is same The received duplicate management address is sent with the OID as index Hence lldpRemManAddrIfId is sent in the value field Binding objects 1 lldpRemManAddr 1 3 6 1 4 1 1 71 10 139 1 1 4 7 12 0 4 lldpPVIDNotMatched A lldpPVIDNotMatched notification sent if the Port VlanId of two systems connected to the same link is...

Страница 388: ...nt by a bridge when any ofits configured ports transitions from the Learning stateto the Forwarding state or from the Forwarding state tothe Blocking state The trap is not sent if a newRoottrap is sent for the sametransition Implementation ofthis trap is optional Binding objects 1 deviceInfoMACAddress 2 mstMstiTopChanges 1 3 6 1 4 1 17 1 10 139 1 1 4 3 6 0 2 Peripheral Trap Name Description OID en...

Страница 389: ...an event that is configured for sending SNMP traps Binding objects 1 alarmIndex 2 eventDescription 3 alarmVariable 4 alarmSampleType 5 alarmValue 6 alarmRisingThreshold 1 3 6 1 2 1 16 0 1 fallingAlarm The SNMP trap that is generated when an alarm entry crosses its falling threshold and generates an event that is configured for sending SNMP traps Binding objects 1 alarmIndex 2 eventDescription 3 al...

Страница 390: ...D stormCtrlTrapsStormOccur This trap is sent when storm is occurred or detected Binding objects 1 stormCtrlIndex 1 3 6 1 4 1 1 71 10 139 1 1 8 16 1 1 6 0 1 stormCtrlTrapsStormClear This trap is sent when port storm is cleared Binding objects 1 stormCtrlIndex 1 3 6 1 4 1 1 71 10 139 1 1 8 16 1 1 6 0 2 ...

Страница 391: ...es not configure the bandwidth attribute and authenticates successfully the device will not assign any bandwidth to the port If the bandwidth attribute is configured on the RADIUS server with a value of 0 the effective bandwidth will be set no_limited and if the bandwidth is configured less than 0 or greater than maximum supported value the bandwidth will be ignored To assign the 802 1p Default Pr...

Страница 392: ...hows the parameters for a VLAN RADIUS Tunnel Attribute Description Value Usage Tunnel Type This attribute indicates the tunneling protocol s to be used in the case of a tunnel initiator or the tunneling protocol in use in the case of a tunnel terminator 13 VLAN Required Tunnel Medium Type This attribute indicates the transport medium being used 6 802 Required Tunnel Private Group ID This attribute...

Страница 393: ...ed RADIUS attribute For more information about D Link VSA refer to the RADIUS Attributes Assignment Appendix IETF standard RADIUS attributes are defined in the RFC 2865 Remote Authentication Dial In User Service RADIUS RFC 2866 RADIUS Accounting RFC 2868 RADIUS Attributes for Tunnel Protocol Support and RFC 2869 RADIUS Extensions The following table lists the IETF RADIUS attributes supported by th...

Страница 394: ...a recovery time of 50ms Model Name ERPS Port 1 to 8 Port 9 to 12 DXS 1210 12TC Hardware based Software based V V Model Name ERPS Port 1 to 8 Port 9 to 12 DXS 1210 12SC Hardware based Software based V V Model Name ERPS Port 1 to 8 Port 9 to 10 DXS 1210 10TS Hardware based Software based V V Model Name ERPS Port 1 to 8 Port 9 to 16 DXS 1210 16TC Hardware based Software based V V ...

Отзывы:

Нет отзывов

Похожие инструкции для DXS-1210-10TS

Бренд: C&H Technologies Страницы: 46

Бренд: Campbell Страницы: 42

Бренд: Watchguard Страницы: 39

Бренд: Paradyne Страницы: 112

Бренд: Cambium Networks Страницы: 215

Бренд: QNO Страницы: 106

Бренд: Face Страницы: 8

Бренд: Planet Страницы: 20

Бренд: WaiLan Страницы: 27

SUPERLOADER DLT MAGAZINE

Бренд: Tandberg Data Страницы: 6

Бренд: Eicon Networks Страницы: 32

Бренд: Teletronics International Страницы: 57

Бренд: Cisco MERAKI Страницы: 4

ExpressBox2 EB2

Бренд: Magma Страницы: 74

Бренд: Hama Страницы: 25

Бренд: Infoblox Страницы: 16

netHOST NHST-T100

Бренд: hilscher Страницы: 75

Cyclades CS4008

Бренд: Avocent Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды