D-Link xStack DWS-3200 Series страница 43 Скачать руководство пользователя

Страница: 43 / 581

ACL Commands

Page 40

•

in-port

port-num

— (Optional) Specifies the input port of the devise. In case of egress classification this port

will be devise input port.

•

out-port

port-num

— (Optional) Specifies the output port of the devise.

•

dscp

— Indicates matching the dscp number with the packet dscp value.

•

ip-precedence

— Indicates matching ip-precedence with the packet ip-precedence value.

Default Configuration

This command has no default configuration

Command Mode

IP-Access List Configuration mode

User Guidelines

Use the

ip access-list

Global Configuration mode command to enable the IP-Access List Configuration mode.

Before an Access Control Element (ACE) is added to an ACL, all packets are permitted. After an ACE is added, an
implied

deny-any-any

condition exists at the end of the list and those packets that do not match the defined

conditions are denied.

Example

The following example shows how to define a permit statement for an IP ACL.

Reservation Protocol

rsvp

General Routing Encapsulation

gre

Encapsulating Security Payload (50)

esp

Authentication Header

ICMP for IPv6

ipv6-icmp

EIGRP routing protocol

eigrp

Open Shortest Path Protocol

ospf

IP-within-IP Encapsulation Protocol

ipip

Protocol Independent Multicast

pim

103

Layer Two Tunneling Protocol

l2tp

115

ISIS over IPv4

isis

124

(any IP protocol)

any

(25504)

Console(config)#

ip access-list

ip-acl1

Console(config-ip-al)#

deny

rsvp 192.1.1.1 0.0.0.255

any

I P P r o t o c o l

A b b r e v i a t e d N a m e

P r o t o c o l N u m b e r

Содержание xStack DWS-3200 Series

Страница 2: ......

Страница 3: ......

Страница 4: ...nd Buffer 19 Negating the Effect of Commands 19 Command Completion 19 Nomenclature 19 Keyboard Shortcuts 20 CLI Command Conventions 20 Copying and Pasting Text 21 Section 2 AAA Commands 23 aaa authentication login 23 aaa authentication enable 25 login authentication 27 enable authentication 28 ip http authentication 29 ip https authentication 30 show authentication methods 31 password 32 enable pa...

Страница 5: ...an 58 show bridge address table 59 show bridge address table static 60 show bridge address table count 61 show bridge multicast address table 62 show bridge multicast filtering 64 show ports security 65 show ports security addresses 67 Section 5 Clock Commands 69 clock set 69 clock source 70 clock timezone 71 clock summer time 72 sntp authentication key 74 sntp authenticate 75 sntp trusted key 76 ...

Страница 6: ...08 port jumbo frame 109 clear counters 110 set interface active 111 show interfaces advertise 112 show interfaces configuration 113 show interfaces status 114 show interfaces description 115 show interfaces counters 116 show ports jumbo frame 119 port storm control include multicast GC 120 port storm control include multicast IC 121 port storm control broadcast enable 122 port storm control broadc...

Страница 7: ...nooping mrouter 141 show ip igmp snooping interface 142 show ip igmp snooping groups 143 Section 10 IP Address Commands 145 ip address 145 ip address dhcp 146 ip default gateway 147 show ip interface 148 arp 149 arp timeout 150 clear arp cache 151 show arp 152 ip domain lookup 153 ip domain name 154 ip name server 155 ip host 156 clear host 157 clear host dhcp 158 show hosts 159 Section 11 IP Rout...

Страница 8: ...5 permit Management 187 deny Management 188 management access class 189 show management access list 190 show management access class 191 Section 15 PHY Diagnostics Commands 193 test copper port tdr 193 show copper ports tdr 194 show copper ports cable length 195 show fiber ports optical transceiver 196 Section 16 Power Over Ethernet Commands 199 power inline 199 power inline powered device 200 pow...

Страница 9: ...os dscp 223 set 224 police 225 service policy 226 qos aggregate policer 227 show qos aggregate policer 229 police aggregate 230 wrr queue cos map 231 wrr queue bandwidth 232 priority queue out num of queues 233 traffic shape 234 show qos interface 235 qos wrr queue threshold 237 qos map policed dscp 238 qos map dscp queue 239 qos trust Global 240 qos trust Interface 241 qos cos 242 qos dscp mutati...

Страница 10: ...us server retransmit 270 radius server source ip 271 radius server timeout 272 radius server deadtime 273 show radius servers 274 Section 22 SNMP Commands 275 snmp server community 275 snmp server view 277 snmp server group 278 snmp server user 279 snmp server engineID local 281 snmp server enable traps 283 snmp server filter 284 snmp server host 285 snmp server v3 host 287 snmp server trap authen...

Страница 11: ...panning tree detected protocols 312 spanning tree mst priority 313 spanning tree mst max hops 314 spanning tree mst port priority 315 spanning tree mst cost 316 spanning tree mst configuration 317 instance mst 318 name mst 319 revision mst 320 show mst 321 exit mst 322 abort mst 323 spanning tree guard root 324 show spanning tree 325 Section 24 SSH Commands 339 ip ssh port 339 ip ssh server 340 cr...

Страница 12: ...le 364 show syslog servers 366 Section 26 System Management Commands 367 ping 367 traceroute 369 telnet 371 resume 374 reload 375 hostname 376 stack master 377 stack reload 378 stack display order 379 stack light unit 380 show stack 381 show users 383 show sessions 384 show system 385 show version 387 service cpu utilization 388 show cpu utilization 389 set system mode 390 show system mode 391 Sec...

Страница 13: ...de 417 switchport access vlan 418 switchport trunk allowed vlan 419 switchport trunk native vlan 420 switchport general allowed vlan 421 switchport general pvid 422 switchport general ingress filtering disable 423 switchport general acceptable frame type tagged only 424 switchport forbidden vlan 425 ip internal usage vlan 426 show vlan 427 show vlan internal usage 428 show interfaces switchport 42...

Страница 14: ...ion 452 dot1x timeout re authperiod 453 dot1x re authenticate 454 dot1x timeout quiet period 455 dot1x timeout tx period 456 dot1x max req 457 dot1x timeout supp timeout 458 dot1x timeout server timeout 459 show dot1x 460 show dot1x users 463 show dot1x statistics 465 ADVANCED FEATURES 467 dot1x auth not req 467 dot1x multiple hosts 468 dot1x single host violation 469 dot1x guest vlan 470 dot1x gu...

Страница 15: ...overed 503 show wlan template aps 504 Section 34 WLAN Certificates Commands 507 crypto my certificate import 507 show crypto certificate mycertificate 508 Section 35 WLAN Domain Commands 509 wlan domain member approve 509 wlan domain member passive 510 wlan domain certificate 511 show wlan domain 512 show wlan domain certificate 513 Section 36 Wireless ESS Commands 515 wlan ess create 515 wlan ess...

Страница 16: ... rogue detect enable Radio 545 rogue detect rogue scan interval 546 wlan rogue detect rogue ap 547 clear wlan rogue ap 548 show wlan rogue aps configuration 549 show wlan rogue aps list 550 show wlan rogue aps neighborhood 551 Section 39 Wireless WLAN Commands 553 wlan capwap ip address 553 wlan tx power off 554 wlan country code 555 wlan tx power auto enable 557 wlan tx power auto interval 558 wl...

Страница 17: ...Table of Contents Page 14 Appendix A Troubleshooting 571 Problem Management 572 Troubleshooting Solutions 572 ...

Страница 18: ...ion mode When starting a session the initial mode is the User EXEC mode Only a limited subset of commands are available in User EXEC mode This level is reserved for tasks that do not change the configuration To enter the next level the Privileged EXEC mode a password is required The Privileged EXEC mode gives access to commands that are restricted on User EXEC mode and provides access to the devic...

Страница 19: ...and is used to return from the Interface Configuration mode to the Global Configuration mode Global Configuration Mode Global Configuration mode commands apply to features that affect the system as a whole rather than just a specific interface The configure Privileged EXEC mode command is used to enter the Global Configuration mode To enter the Global Configuration mode perform the following steps...

Страница 20: ...in Contains commands to manually specify other device SSH public keys The crypto key pubkey chain ssh Global Configuration mode command is used to enter the SSH Public Key chain Configuration mode QoS Contains commands related to service definitions The qos Global Configuration mode command is used to enter the QoS services configuration mode MAC Access List Configures conditions required to allow...

Страница 21: ... an argument that specifies the interface type and 1 11 specifies the port To enter commands that require parameters enter the required parameters after the command keyword For example to set a password for the administrator enter When working with the CLI the command options are not displayed The command is not selected from a menu but is manually entered To see what commands are available in eac...

Страница 22: ...s displayed This assists in entering the correct command By pressing the Tab button after an incomplete command is entered the system will attempt to identify and complete the command If the characters already entered are not enough for the system to identify a single matching command press to display the available commands matching the characters already entered Nomenclature When referring to an ...

Страница 23: ...ileged EXEC mode from any configuration mode Backspace key Deletes one character left to the cursor position Convention Description In a command line square brackets indicates an optional entry In a command line curly brackets indicate a selection of compulsory parame ters separated by the character One option must be selected For example flowcontrol auto on off means that for the flowcontrol comm...

Страница 24: ...e device consists of legal commands only This feature is dependent on the baud rate of the device When copying and pasting commands from a configuration file make sure that the following conditions exist A device Configuration mode has been accessed The commands contain no encrypted data like encrypted passwords or keys Encrypted data cannot be copied and pasted into the device ...

Страница 25: ...Using the CLI Editing Features Page 22 ...

Страница 26: ...n methods activated when a user logs in Range 1 12 characters method1 method2 Specify at least one method from the following list Default Configuration The local user database is checked This has the same effect as the command aaa authentication login list name local Note If the authentication method is not defined console users will be able to log in without any authentication check Command Mode ...

Страница 27: ...string used to name this list The method argument identifies the list of methods that the authentication algorithm tries in the given sequence The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The fo...

Страница 28: ...e password is used if it exists If no password is set the process still succeeds This has the same effect as using the command aaa authentication enable default enable none Command Mode Global Configuration mode User Guidelines The default and optional list names created with the aaa authentication enable command are used with the enable authentication command The additional methods of authenticat...

Страница 29: ...mmands aaa authentication login Page 26 Example The following example sets the enable password for authentication when accessing higher privilege levels Console config aaa authentication enable default enable ...

Страница 30: ... Parameters default Uses the default list created with the aaa authentication login command list name Uses the indicated list created with the aaa authentication login command Default Configuration Uses the default set with the command aaa authentication login Command Mode Line Configuration mode User Guidelines To change or rename an authentication method use the negate command and create a new r...

Страница 31: ...t name no enable authentication Parameters default Uses the default list created with the aaa authentication enable command list name Uses the indicated list created with the aaa authentication enable command Default Configuration Uses the default set with the aaa authentication enable command Command Mode Line Configuration mode User Guidelines There are no user guidelines for this command Exampl...

Страница 32: ...he command ip http authentication local Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The following example configures the HTTP authenticati...

Страница 33: ...command ip https authentication local Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The following example configures HTTPS authentication Ke...

Страница 34: ...guration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the authentication configuration Console show authentication methods Login Authentication Method Lists Default Local Enable Authentication Method Lists Default Radius Enable Console_Enable Enable None Line Login Method List Enable Method List Console Defau...

Страница 35: ...assword for this level Range 1 159 characters encrypted Encrypted password to be entered copied from another device configuration Default Configuration No password is defined Command Mode Line Configuration mode User Guidelines If a password is defined as encrypted the required password length is 32 characters Example The following example specifies the password called secret on a console Console ...

Страница 36: ...ters password Password for this level Range 1 159 characters level Level for which the password applies If not specified the level is 15 Range 1 15 encrypted Encrypted password entered copied from another device configuration Default Configuration No enable password is defined Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following...

Страница 37: ...sword The authentication password for the user Range 1 159 characters level The user level Range 1 15 If a level is not specified the level is automaically set to 1 encrypted Encrypted password entered copied from another device configuration Default Configuration No user is defined Command Mode Global Configuration mode User Guidelines User account can be created without a password Example The fo...

Страница 38: ...e the no form of this command Syntax ip access list name no ip access list name Parameters name Specifies the name of the ACL Range 0 32 characters Default Configuration The default for all ACLs is deny all Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example shows how to create an IP ACL Console config ip access list ip...

Страница 39: ...IP address 0 0 0 0 and mask 255 255 255 255 source wildcard Specifies wildcard to be applied to the source IP address Use 1s in bit positions to be ignored Specify any to indicate IP address 0 0 0 0 and mask 255 255 255 255 destination Specifies the destination IP address of the packet Specify any to indicate IP address 0 0 0 0 and mask 255 255 255 255 destination wildcard Specifies wildcard to be...

Страница 40: ...e code Range 0 255 igmp type IGMP packets can be filtered by IGMP message type Enter a number or one of the following values dvmrp host query host report pim or trace Range 0 255 destination port Specifies the UDP TCP destination port Range 0 65535 source port Specifies the UDP TCP source port Range 0 65535 list of flags Specifies a list of TCP flags that can be triggered If a flag is set it is pr...

Страница 41: ... ACL all packets are permitted After an ACE is added an implied deny any any condition exists at the end of the list and those packets that do not match the conditions defined in the permit statement are denied Example The following example shows how to define a permit statement for an IP ACL Console config ip access list ip acl1 Console config ip al permit rsvp 192 1 1 1 0 0 0 0 any dscp 56 ...

Страница 42: ...on Specifies the IP address or host name to which the packet is being sent Specify any to indicate IP address 0 0 0 0 and mask 255 255 255 255 destination wildcard Optional for the first type Specifies wildcard bits by placing 1s in bit positions to be ignored Specify any to indicate IP address 0 0 0 0 and mask 255 255 255 255 protocol Specifies the abbreviated name or number of an IP protocol The...

Страница 43: ...ement ACE is added to an ACL all packets are permitted After an ACE is added an implied deny any any condition exists at the end of the list and those packets that do not match the defined conditions are denied Example The following example shows how to define a permit statement for an IP ACL Reservation Protocol rsvp 46 General Routing Encapsulation gre 47 Encapsulating Security Payload 50 esp 50...

Страница 44: ...rm of this command Syntax mac access list name no mac access list name Parameters name Specifies the name of the ACL Range 0 32 characters Default Configuration The default for all ACLs is deny all Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example shows how to create a MAC ACL Console config mac access list macl acl1 ...

Страница 45: ...ies the ID of the packet vlan Range 0 4095 cos Specifies the Class of Service CoS for the packet Range 0 7 cos wildcard Specifies wildcard bits to be applied to the CoS eth type Specifies the Ethernet type of the packet Range 0 65535 Default Configuration No MAC ACL is defined Command Mode MAC Access List Configuration mode User Guidelines Before an Access Control Element ACE is added to an ACL al...

Страница 46: ...ets s Class of Service CoS cos wildcard Specifies wildcard bits to be applied to the CoS eth type Specifies the packet s Ethernet type Default Configuration This command has no default configuration Command Mode MAC Access List Configuration mode User Guidelines MAC BPDU packets cannot be denied This command defines an Access Control Element ACE An ACE can only be removed by deleting the ACL using...

Страница 47: ...eters acl name Specifies the ACL to be applied to the input interface Default Configuration This command has no default configuration Command Mode Interface Ethernet port channel Configuration mode User Guidelines In advanced mode when an ACL is bound to an interface the port trust mode is set to trust 12 13 and not to 12 Example The following example binds services an ACL to VLAN 2 Console config...

Страница 48: ...ess lists name Parameters name The name of the ACL Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays access lists defined on a device Console show access lists IP access list ACL1 permit ip host 172 30 40 1 any permit rsvp host 172 30 8 8 any ...

Страница 49: ...el number Parameters interface Valid Ethernet port Full syntax unit port port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays ACLs applied to the interfaces of a device Console show interfaces access lists In...

Страница 50: ...ommand delete on reset The address is deleted after reset delete on timeout The address is deleted after age out time has expired secure The address is deleted after the port changes mode to unlock learning no port security command This parameter is only available when the port is in the learning locked mode Default Configuration No static addresses are defined The default mode for an added addres...

Страница 51: ...ddresses is disabled All multicast addresses are flooded to all ports Command Mode Global Configuration mode User Guidelines If multicast devices exist on the VLAN do not change the unregistered multicast addresses state to drop on the switch ports If multicast devices exist on the VLAN and IGMP snooping is not enabled the bridge multicast forward all command should be used to enable forwarding al...

Страница 52: ...ticast address ip multicast address A valid IP multicast address interface list Separate nonconsecutive Ethernet ports with a comma and no spaces a hyphen is used to designate a range of ports port channel number list Separate nonconsecutive port channels with a comma and no spaces a hyphen is used to designate a range of ports Default Configuration No multicast addresses are defined Command Mode ...

Страница 53: ...ddress A valid MAC multicast address ip multicast address A valid IP multicast address interface list Separate nonconsecutive Ethernet ports with a comma and no spaces hyphen is used to designate a range of ports port channel number list Separate nonconsecutive valid port channels with a comma and no spaces a hyphen is used to designate a range of port channels Default Configuration No forbidden a...

Страница 54: ... packets remove Do not force forwarding all multicast packets interface list Separate nonconsecutive Ethernet ports with a comma and no spaces a hyphen is used to designate a range of ports port channel number list Separates nonconsecutive port channels with a comma and no spaces a hyphen is used to designate a range of port channels Default Configuration This setting is disabled Command Mode Inte...

Страница 55: ...s nonconsecutive Ethernet ports with a comma and no spaces a hyphen is used to designate a range of ports port channel number list Separates nonconsecutive port channels with a comma and no spaces a hyphen is used to designate a range of port channels Default Configuration This setting is disabled Command Mode Interface Configuration VLAN mode User Guidelines IGMP snooping dynamically discovers mu...

Страница 56: ...o form of this command Syntax bridge aging time seconds no bridge aging time Parameters seconds Time in seconds Range 10 630 seconds Default Configuration The default setting is 300 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example In the following example the bridge aging time is set to 250 seconds Console config bridge aging time...

Страница 57: ... any learned entries from the forwarding database Syntax clear bridge Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In the following example the bridge tables are cleared Console clear bridge ...

Страница 58: ...icated discard shutdown Discards packets with unlearned source addresses The port is also shut down seconds Sends SNMP traps and defines the minimum amount of time in seconds between consecutive traps Range 1 1000000 max Maximum number of addresses that can be learned on the interface Range 1 128 Default Configuration This setting is disabled Command Mode Interface Configuration Ethernet port chan...

Страница 59: ...rt and disables learning relearning and aging mac addresses Deletes the current dynamic MAC addresses associated with the port and learns up to the maximum number addresses allowed on the port Relearning and aging are enabled Default Configuration This setting is disabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command E...

Страница 60: ...s Default Configuration No addresses are defined Command Mode Interface Configuration Ethernet port channel mode Cannot be configured for a range of interfaces range context User Guidelines The command enables adding secure MAC addresses to a routed port in port security mode The command is available when the port is a routed port and in port security mode The address is deleted if the port exits ...

Страница 61: ... VLANs Syntax switchport customer multicast tv vlan add vlan list remove vlan list Parameters vlan list List of Multicast TV VLANs Default Setting The port is not member in any multicast TV VLAN Command Mode Interface Configuration Ethernet port channel mode User Guidelines The user cannot transmit multicast transmissions on multicast TV VLANs Example The following example enables receiving multic...

Страница 62: ... has no default configuration Command Mode Privileged EXEC mode User Guidelines Internal usage VLANs VLANs that are automatically allocated on ports with a defined Layer 3 interface are presented in the VLAN column by a port number and not by a VLAN ID Special MAC addresses that were not statically defined or dynamically learned are displayed in the MAC address table This includes for example MAC ...

Страница 63: ...N such as VLAN 1 interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example all static entries in the bridge forwarding database are displayed Console show bridge address table static Aging time ...

Страница 64: ...ameters vlan Specifies a valid VLAN such as VLAN 1 interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example the number of addresses present in all VLANs are displayed Console show bridge addres...

Страница 65: ... address format ip mac Multicast address format Can be ip or mac If the format is unspecified the default is mac Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines A MAC address can be displayed in IP format only if it is in the range of 0100 5e00 0000 0100 5e7f ffff Example In this example multicast MAC address and IP address table in...

Страница 66: ...n above Console show bridge multicast address table format ip Vlan IP MAC Address Type Ports 1 224 239 130 2 2 3 static 1 1 2 2 19 224 239 130 2 2 8 static 1 1 1 8 19 224 239 130 2 2 8 dynamic 1 9 1 11 Forbidden ports for multicast addresses Vlan IP MAC Address Ports 1 224 239 130 2 2 3 2 8 19 224 239 130 2 2 8 2 8 ...

Страница 67: ...id Parameters vlan id Indicates the VLAN ID This has to be a valid VLAN ID value Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example the multicast configuration for VLAN 1 is displayed Console show bridge multicast filtering 1 Filtering Enabled VLAN 1 Port Static Stat...

Страница 68: ...ere are no user guidelines for this command Example In this example all classes of entries in the port lock status are displayed The following table describes the fields shown above Console show ports security Port Status Learning Action Maximum Trap Frequency 1 1 Locked Dynamic Discard 3 Enable 100 1 2 Unlocked Dynamic 28 1 3 Locked Disabled Discard Shutdown 8 Disable Field Description Port The p...

Страница 69: ...Address Table Commands bridge address Page 66 Trap Sends traps in case of a violation Frequency The minimum time interval between consecutive traps Field Description ...

Страница 70: ...port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example This example displays dynamic addresses in all currently locked ports Console show ports security addresses Port Status Learning Current Maximum 1 1 Disabled Lock 1 1 2 Disabled Lock 1 1 3 Enabled Max addresses 0...

Страница 71: ...e Commands bridge address Page 68 This example displays dynamic addresses in the currently locked port 1 1 Console show ports security addresses ethernet 1 1 Port Status Learning Current Maximum 1 1 Disabled Lock 1 ...

Страница 72: ...y format minutes and seconds hh 0 23 mm 0 59 ss 0 59 day Current day by date in the month Range 1 31 month Current month using the first three letters by name Range Jan Dec year Current year Range 2000 2097 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example set...

Страница 73: ... command to disable external time source Syntax clock source sntp no clock source Parameters sntp SNTP servers Default Configuration No external clock source Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures an external time source for the system clock Console config clock source sntp ...

Страница 74: ... Parameters hours offset Hours difference from UTC Range 12 hours to 13 hours minutes offset Minutes difference from UTC Range 0 59 acronym The acronym of the time zone Range Up to 4 characters Default Configuration Clock set to UTC Command Mode Global Configuration mode User Guidelines The system internally keeps time in UTC so this command is used only for display purposes and when the time is m...

Страница 75: ...dicates that summer time should start on the first specific date listed in the command and end on the second specific date in the command usa The summer time rules are the United States rules eu The summer time rules are the European Union rules week Week of the month Range 1 5 first last day Day of the week Range first three letters by name like sun date Date of the month Range 1 31 month Month R...

Страница 76: ...e starting month is chronologically after the ending month the system assumes that you are in the southern hemisphere USA rule for daylight savings time Start First Sunday in April End Last Sunday in October Time 2 am local time EU rule for daylight savings time Start Last Sunday in March End Last Sunday in October Time 1 00 am 01 00 Example The following example sets summer time starting on the f...

Страница 77: ...no form of this command Syntax sntp authentication key number md5 value no sntp authentication key number Parameters number Key number Range 1 4294967295 value Key value Range 1 8 characters Default Configuration No authentication key is defined Command Mode Global Configuration mode User Guidelines Multiple keys can be generated Example The following example defines the authentication key for SNT...

Страница 78: ...e the feature use the no form of this command Syntax sntp authenticate no sntp authenticate Default Configuration No authentication Command Mode Global Configuration mode User Guidelines The command is relevant for both unicast and broadcast Example The following example defines the authentication key for SNTP and grants authentication Console config sntp authentication key 8 md5 ClkKey Console co...

Страница 79: ...sted key key number no sntp trusted key key number Parameters key number Key number of authentication key to be trusted Range 1 4294967295 Default Configuration No keys are trusted Command Mode Global Configuration mode User Guidelines The command is relevant for both received unicast and broadcast If there is at least 1 trusted key then unauthenticated messages will be ignored Example The followi...

Страница 80: ...e the no form of this command Syntax sntp client poll timer seconds no sntp client poll timer Parameters seconds Polling interval in seconds Range 60 86400 Default Configuration Polling interval is 1024 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the polling time for the SNTP client to 120 seconds C...

Страница 81: ...e the no form of this command Syntax sntp broadcast client enable no sntp broadcast client enable Default Configuration The SNTP broadcast client is disabled Command Mode Global Configuration mode User Guidelines Use the sntp client enable Interface Interface Configuration mode command to enable the SNTP client on a specific interface Example The following example enables the SNTP broadcast client...

Страница 82: ...nable no sntp anycast client enable Default Configuration The SNTP anycast client is disabled Command Mode Global Configuration mode User Guidelines Polling time is determined by the sntp client poll timer Global Configuration mode command Use the sntp client enable Interface Interface Configuration mode command to enable the SNTP client on a specific interface Example The following example enable...

Страница 83: ...ntax sntp client enable no sntp client enable Default Configuration The SNTP client is disabled on an interface Command Mode Interface Configuration Ethernet port channel VLAN mode User Guidelines Use the sntp broadcast client enable Global Configuration mode command to enable broadcast clients globally Use the sntp anycast client enable Global Configuration mode command to enable anycast clients ...

Страница 84: ...P traffic from servers use the no form of this command Syntax sntp unicast client enable no sntp unicast client enable Default Configuration The SNTP unicast client is disabled Command Mode Global Configuration mode User Guidelines Use the sntp server Global Configuration mode command to define SNTP servers Example The following example enables the device to use the Simple Network Time Protocol SN...

Страница 85: ...e the polling for SNTP client use the no form of this command Syntax sntp unicast client poll no sntp unicast client poll Default Configuration Polling is disabled Command Mode Global Configuration mode User Guidelines Polling time is determined by the sntp client poll timer Global Configuration mode command Example The following example enables polling for SNTP predefined unicast clients Console ...

Страница 86: ...able polling keyid Authentication key to use when sending packets to this peer Range 1 4294967295 Default Configuration No servers are defined Command Mode Global Configuration mode User Guidelines Up to 8 SNTP servers can be defined Use the sntp unicast client enable Global Configuration mode command to enable predefined unicast clients globally To enable polling you should also use the sntp unic...

Страница 87: ...clock display indicates the following Example The following example displays the time and date from the system clock Symbol Description Time is not authoritative blank Time is authoritative Time is authoritative but SNTP is not synchronized Console show clock 15 29 03 PDT UTC 7 Jun 17 2005 Time source is SNTP Console show clock detail 15 29 03 PDT UTC 7 Jun 17 2005 Time source is SNTP Time zone Ac...

Страница 88: ...ileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the current SNTP configuration of the device Console show sntp configuration Polling interval 1024 seconds MD5 Authentication keys 8 9 Authentication is required for synchronization Trusted Keys 8 9 Unicast Clients Polling Enabled Server Polling Encryption Key 176 1 1 8 Enabled 9 1...

Страница 89: ...ollowing example shows the status of the SNTP Console show sntp status Clock is synchronized stratum 4 reference is 176 1 1 8 unicast Reference time is AFE2525E 70597B34 00 10 22 438 PDT Jul 5 1993 Unicast servers Server Status Last response Offset mSec Delay mSec 176 1 1 8 Up 19 58 22 289 PDT Feb 19 2005 7 33 117 79 176 1 8 179 Unknown 12 17 17 987 PDT Feb 19 2005 8 98 189 19 Anycast server Serve...

Страница 90: ...DXS DWS 3200 series CLI Reference Guide Page 87 2 13 0 0 0 0 00 00 00 0 Feb 19 2005 vlan 1 16 1 1 200 15 15 16 0 LLBG Feb 19 2006 ...

Страница 91: ...Clock Commands show sntp status Page 88 ...

Страница 92: ...the default in case a URL is specified without a prefix running config Represents the current running configuration file startup config Represents the startup configuration file image If the source file represents the active image file If the destination file repre sents the non active image file boot Boot file tftp Source or destination URL for a TFTP network server The syntax for this alias is t...

Страница 93: ...nning config command The commands in the loaded configuration file are added to those in the running configuration file as if the commands were typed in the command line interface CLI Thus the resulting configuration file is a combination of the previous running configuration and the loaded configuration files with the loaded configuration file taking precedence Copying a Configuration File from a...

Страница 94: ...The following example copies system image file1 from the TFTP server 172 16 101 101 to a non active image file Console copy tftp 172 16 101 101 file1 image Accessing file file1 on 172 16 101 101 Loading file1 from 172 16 101 101 OK Copy took 0 01 11 hh mm ss ...

Страница 95: ...L prefixes Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines sys prv image 1 and image 2 files cannot be deleted Example The following example deletes the file called test from the flash memory Keyword Source or Destination flash Source or destination URL for flash memory It s the default in case a URL is specified without a prefix st...

Страница 96: ...vant for a standalone device image 1 Specifies image 1 as the system startup image image 2 Specifies image 2 as the system startup image Default Configuration If the unit number is unspecified the default setting is the master unit number Command Mode Privileged EXEC mode User Guidelines Use the show bootvar command to find out which image is the active image Example The following example loads th...

Страница 97: ...ration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the contents of the running configuration file Console show running config hostname device interface ethernet 1 1 ip address 176 242 100 100 255 255 255 0 duplex full speed 1000 interface ethernet 1 2 ip address 176 ...

Страница 98: ...mmand has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the contents of the running configuration file Console show startup config hostname device interface ethernet 1 1 ip address 176 242 100 100 255 255 255 0 duplex full speed 1000 interface ethernet 1 2 ip address 176 243 100 100 25...

Страница 99: ...nd has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the contents of the backup configuration file Console show backup config software version 1 1 hostname device interface ethernet 1 1 ip address 176 242 100 100 255 255 255 0 duplex full speed 1000 interface ethernet 1 2 ip address 17...

Страница 100: ...meters unit Specifies the unit number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the active system image file that is loaded by the device at startup Console show bootvar Unit Active Image Selected for next boot 1 image 1 image 1 2 image 2 imag...

Страница 101: ...Configuration and Image File Commands show bootvar Page 98 ...

Страница 102: ... configure an Ethernet type interface Syntax interface ethernet interface Parameters interface Valid Ethernet port Full syntax unit port Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables configuring Ethernet port 5 18 Console config interface ethe...

Страница 103: ...nge of ports and group a list separated by commas in brackets all All Ethernet ports Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each active interface in the range If the command returns an error on one of the active interfaces it does not stop executi...

Страница 104: ...utdown Default Configuration The interface is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example disables Ethernet port 1 5 operations The following example restarts the disabled Ethernet port Console config interface ethernet 1 5 Console config if shutdown Console config interface ethe...

Страница 105: ... Parameters string A comment or a description of the port to allow the user to remember the purpose of the interface Range 1 64 characters Default Configuration The interface does not have a description Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example adds a description to Ethernet port 1 5 C...

Страница 106: ...10 Forces10 Mbps operation 100 Forces 100 Mbps operation 1000 Forces 1000 Mbps operation 10000 Forces 10000 Mbps operation Default Configuration Maximum port capability Command Mode Interface Configuration Ethernet port channel mode User Guidelines The no speed command in a port channel context returns each port in the port channel to its maximum capability Example The following example configures...

Страница 107: ...f duplex operation full Forces full duplex operation Default Configuration The interface is set to full duplex Command Mode Interface Configuration Ethernet mode User Guidelines When configuring a particular duplex mode on the port operating at 10 100 Mbps disable the auto negotiation on that port Half duplex mode can be set only for ports operating at 10 Mbps or 100 Mbps Example The following exa...

Страница 108: ...o advertise Possible values 10h 10f 100h 100f 1000f Default Configuration Auto negotiation is enabled If unspecified the default setting is to enable all capabilities of the port Command Mode Interface Configuration Ethernet port channel mode User Guidelines If capabilities were specified when auto negotiation was previously entered not specifying capabilities when currently entering auto negotiat...

Страница 109: ...tax flowcontrol auto on off no flowcontrol Parameters auto Indicates auto negotiation on Enables flow control off Disables flow control Default Configuration Flow control is off Command Mode Interface Configuration Ethernet port channel mode User Guidelines Negotiation should be enabled for flow control auto Example In the following example flow control is enabled on port 1 Console config interfac...

Страница 110: ... on Command Mode Interface Configuration Ethernet mode User Guidelines Auto All possibilities to connect a PC with cross or normal cables are supported and are automatically detected On It is possible to connect to a PC only with a normal cable and to connect to another device only with a cross cable No It is possible to connect to a PC only with a cross cable and to connect to another device only...

Страница 111: ...able back pressure use the no form of this command Syntax back pressure no back pressure Default Configuration Back pressure is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example In the following example back pressure is enabled on port 1 Console config interface ethernet 1 Console config if back pressure ...

Страница 112: ...no form of this command Syntax port jumbo frame no port jumbo frame Default Configuration Jumbo frames are disabled on the device Command Mode Global Configuration User Guidelines This command is relevant to Gigabit devices only This command takes effect only after resetting the device Example In the following example jumbo frames are enabled on the device Console config port jumbo frame ...

Страница 113: ...nnel port channel number Parameters interface Valid Ethernet port Full syntax unit port port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In the following example the counters for interface 1 are cleared Console clear counters ethernet ...

Страница 114: ...ters interface Valid Ethernet port Full syntax unit port port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command is used to activate interfaces that were configured to be active but were shutdown by the system for some reason e g port security Example The following example reactivat...

Страница 115: ... Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays auto negotiation information Console show interfaces advertise Port Type Neg Operational Link Advertisement 1 100M Copper Enabled 2 100M Copper Enabled 3 100M Copper Enabled 4 100M Copper Enabled 5 100M Copp...

Страница 116: ...le The following example displays the configuration of all configured interfaces Console show interfaces configuration Port Type Duplex Speed Neg Flow Ctrl Admin State Back Pressure Mdix Mode 1 100M Copper Full 100 Enabled Off Up Disabled Auto 2 100M Copper Full 100 Enabled Off Up Disabled Auto 3 100M Copper Full 100 Enabled Off Up Disabled Auto 4 100M Copper Full 100 Enabled Off Up Disabled Auto ...

Страница 117: ...Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the status of all configured interfaces Console show interfaces status Port Type Duplex Speed Neg Flow Ctrl Link State Back Pressure Mdix Mode 1 100M Copper Down 2 100M Copper Down 3 100M Copper Down 4 100M Co...

Страница 118: ...l port channel number Parameters interface Valid Ethernet port Full syntax unit port port channel number A valid port channel number Default Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays descriptions of configured interfaces Console show interfaces descr...

Страница 119: ...number A valid port channel number Default Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays traffic seen by the physical interface Console show interfaces counters Port InOctets InUcastPkts InMcastPkts InBcastPkts 1 1 183892 0 0 0 2 1 0 0 0 0 3 1 123899 0 0...

Страница 120: ...Octets OutUcastPkts OutMcastPkts OutBcastPkts 1 1 9188 0 0 0 FCS Errors 0 Single Collision Frames 0 Late Collisions 0 Excessive Collisions 0 Oversize Packets 0 Internal MAC Rx Errors 0 Received Pause Frames 0 Transmitted Pause Frames 0 Field Description InOctets Counted received octets InUcastPkts Counted received unicast packets InMcastPkts Counted received multicast packets InBcastPkts Counted r...

Страница 121: ... is detected later than one slotTime into the transmission of a packet Excessive Collisions Number of excessive collisions received on the selected interface Oversize Packets Counted frames received that exceed the maximum permitted frame size Internal MAC Rx Errors Counted frames for which reception fails due to an internal MAC sublayer received error Received Pause Frames Counted MAC Control fra...

Страница 122: ...ntax show ports jumbo frame Default Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines This command is relevant to Gigabit devices only Example The following example displays the configuration of jumbo frames on the device Console show port jumbo frame Jumbo frames are disabled Jumbo frames will be enabled after reset ...

Страница 123: ... command Syntax port storm control include multicast no port storm control include multicast Default Configuration Multicast packets are not counted Command Modes Interface Configuration Ethernet mode User Guidelines To control multicasts storms use the port storm control broadcast enable and port storm control broadcast rate commands Example The following example enables counting multicast packet...

Страница 124: ... include multicast unknown unicast no port storm control include multicast Parameters unknown unicast Specifies also counting unknown unicast packets Default Configuration Multicast packets are not counted Command Modes Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example enables counting broadcast and multicast packets o...

Страница 125: ... Default Configuration Broadcast storm control is disabled Command Modes Interface Configuration Ethernet mode User Guidelines Use the port storm control broadcast rate Interface Configuration Ethernet mode command to set the maximum allowable broadcast rate Use the port storm control include multicast Global Configuration mode command to enable counting multicast packets in the storm control calc...

Страница 126: ...e Parameters rate Maximum kilobits per second of broadcast and multicast traffic on a port Range of 3500 1000000 Default Configuration The default storm control broadcast rate is 3500 Kbits Sec Command Mode Interface Configuration Ethernet mode User Guidelines Use the port storm control broadcast enable Interface Configuration mode command to enable broadcast storm control Example The following ex...

Страница 127: ...yntax unit port Default Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the storm control configuration Console show ports storm control Port State Rate Kbits Sec Included 1 1 Disabled 3500 Broadcast 1 2 Disabled 3500 Broadcast 1 3 Disabled 3500 Broadcast ...

Страница 128: ...s for the network and all other devices on the network learn these VLANs dynamically The gvrp enable Global Configuration mode command enables GVRP globally To disable GVRP on the device use the no form of this command Syntax gvrp enable no gvrp enable Default Configuration GVRP is globally disabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this comman...

Страница 129: ...ion GVRP is disabled on all interfaces Command Mode Interface Configuration Ethernet port channel mode User Guidelines An access port does not dynamically join a VLAN because it is always a member in only one VLAN Membership in an untagged VLAN is propagated in the same way as in a tagged VLAN That is the PVID is manually defined as the untagged VLAN VID Example The following example enables GVRP ...

Страница 130: ...fault timer values Join timer 200 milliseconds Leave timer 600 milliseconds Leaveall timer 10000 milliseconds Command Mode Interface Configuration Ethernet port channel mode User Guidelines The following relationship must be maintained between the timers Leave time must be greater than or equal to three times the join time Leave all time must be greater than the leave time Set the same GARP timer ...

Страница 131: ...lt Configuration Dynamic VLAN creation or modification is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines This command forbids dynamic VLAN creation from the interface The creation or modification of dynamic VLAN registration entries as a result of the GVRP exchanges on an interface are restricted only to those VLANs for which static VLAN registration exists...

Страница 132: ...ation of VLANs on a port use the no form of this command Syntax gvrp registration forbid no gvrp registration forbid Default Configuration Dynamic registration of VLANs on the port is allowed Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example forbids dynamic registration of VLANs on Ethernet po...

Страница 133: ... port channel number Parameters interface A valid Ethernet port Full syntax unit port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example clears all GVRP statistical information on Ethernet port 1 Console clear gvr...

Страница 134: ...ace A valid Ethernet port Full syntax unit port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privieged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays GVRP configuration information Console show gvrp configuration GVRP Feature is currently enabled on the de...

Страница 135: ...his command has no default configuration Command Mode Privieged EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows GVRP statistical information Console show gvrp statistics GVRP Statistics Legend rJE Join Empty Received rJIn Join In Received rEmp Empty Received rLIn Leave In Received rLE Leave Empty Received rLA Leave All Received sJE Join E...

Страница 136: ...hannel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privieged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays GVRP statistical information Console show gvrp error statistics GVRP Error Statistics Legend INVPROT Invalid Protocol Id INVALEN Invalid Attribute Length INVATY...

Страница 137: ...GVRP Commands show gvrp error statistics Page 134 ...

Страница 138: ...snooping To disable IGMP snooping use the no form of this command Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled Command Mode Global Configuration mode User Guidelines IGMP snooping can only be enabled on static VLANs It must not be enabled on Private VLANs or their community VLANs Example The following example enables IGMP snooping Console config ip ig...

Страница 139: ... on a VLAN interface use the no form of this command Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled Command Mode Interface Configuration VLAN mode User Guidelines IGMP snooping can only be enabled on static VLANs It must not be enabled on Private VLANs or their community VLANs Example The following example enables IGMP snooping on VLAN 2 Console config ...

Страница 140: ...d Syntax ip igmp snooping mrouter learn pim dvmrp no ip igmp snooping mrouter learn pim dvmrp Default Configuration Automatic learning of multicast device ports is enabled Command Mode Interface Configuration VLAN mode User Guidelines Multicast device ports can be configured statically using the bridge multicast forward all Interface Configuration VLAN mode command Example The following example en...

Страница 141: ...ault configuration use the no form of this command Syntax ip igmp snooping host time out time out no ip igmp snooping host time out Parameters time out Specifies the host timeout in seconds Range 1 2147483647 Default Configuration The default host time out is 260 seconds Command Mode Interface Configuration VLAN mode User Guidelines The timeout should be at least greater than 2 query_interval max_...

Страница 142: ...store the default configuration use the no form of this command Syntax ip igmp snooping mrouter time out time out no ip igmp snooping mrouter time out Parameters time out Specifies the Multicast device timeout in seconds Range 1 2147483647 Default Configuration The default value is 300 seconds Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this comm...

Страница 143: ...ve no ip igmp snooping leave time out Parameters time out Specifies the leave timeout in seconds for IGMP queries Range 0 2147483647 immediate leave Indicates that the port should be immediately removed from the members list after receiving IGMP Leave Default Configuration The default leave time out configuration is 10 seconds Command Mode Interface Configuration VLAN mode User Guidelines The leav...

Страница 144: ...interface vlan id Parameters vlan id Specifies the VLAN number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays multicast device interfaces in VLAN 1000 Console show ip igmp snooping mrouter interface 1000 VLAN Ports 1000 1 1 Detected multicast devic...

Страница 145: ...ion This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays IGMP snooping information on VLAN 1000 Console show ip igmp snooping interface 4 IGMP Snooping is globaly disabled IGMP Snooping is enabled on VLAN 4 IGMP host timeout is 260 sec IGMP Immediate leave is disabled IGMP le...

Страница 146: ... address Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines To see the full multicast address table including static addresses use the show bridge multicast address table Privileged EXEC command Example The following example shows IGMP snooping information on multicast groups Console show ip igmp snooping groups Vlan IP Address Querier...

Страница 147: ...IGMP Snooping Commands show ip igmp snooping groups Page 144 ...

Страница 148: ...s prefix length Specifies the number of bits that comprise the IP address prefix The prefix length must be preceded by a forward slash Range 8 30 Default Configuration No IP address is defined for interfaces Command Mode Interface Configuration Ethernet VLAN port channel mode User Guidelines An IP address cannot be configured for a range of interfaces range context This command is only functional ...

Страница 149: ...namically learn its IP address by using the DHCP protocol Some DHCP servers require that the DHCPDISCOVER message have a specific host name The ip address dhcp hostname host name command is most typically used when the host name is provided by the system administrator If the device is configured to obtain its IP address from a DHCP server it sends a DHCPDISCOVER message to provide information abou...

Страница 150: ...mand Syntax ip default gateway ip address no ip default gateway Parameters ip address Specifies the valid IP address of the currently defined default gateway Default Configuration No default gateway is defined Command Mode Global Configuration mode User Guidelines This command is only operational in Switch mode Example The following example defines default gateway 192 168 1 1 Console config ip def...

Страница 151: ...valid Ethernet port vlan id Specifies the valid VLAN number port channel number Specifies the valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example the displays the configured IP interfaces and their types Console show ip interface Proxy ...

Страница 152: ...address hw_addr Valid MAC address to map to the specified IP address or IP alias interface number Valid Ethernet port vlan id Valid VLAN number port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines The software uses ARP cache entries to translate 32 bit IP addresses into 48 bit hardware a...

Страница 153: ...mand Syntax arp timeout seconds no arp timeout Parameters seconds Time in seconds that an entry remains in the ARP cache Range 1 40000000 Default Configuration The default timeout is 60000 seconds Command Mode Global Configuration mode User Guidelines It is recommended not to set the timeout value to less than 3600 Example The following example configures the ARP timeout to 12000 seconds Console c...

Страница 154: ... all dynamic entries from the ARP cache Syntax clear arp cache Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example deletes all dynamic entries from the ARP cache Console clear arp cache ...

Страница 155: ...his command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays entries in the ARP table Console show arp ARP timeout 80000 Seconds Interface IP address HW address Status 1 1 10 7 1 102 00 10 B5 04 DB 4B Dynamic 2 2 10 7 1 135 00 50 22 00 2A A4 Static ...

Страница 156: ... address translation use the no form of this command Syntax ip domain lookup no ip domain lookup Default Configuration IP Domain Naming System DNS based host name to address translation is enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables IP Domain Naming System DNS based host name to address translati...

Страница 157: ...p domain name name no ip domain name Parameters name Specifies the default domain name used to complete unqualified host names Do not include the initial period that separates an unqualified name from the domain name Range 1 158 characters Default Configuration A default domain name is not defined Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command ...

Страница 158: ...e server server address1 server address8 Parameters server address Specifies IP addresses of the name server Default Configuration No name server addresses are specified Command Mode Global Configuration mode User Guidelines The preference of the servers is determined by the order in which they were entered Up to 8 servers can be defined using one command or using multiple commands Example The fol...

Страница 159: ...t name address no ip host name Parameters name Specifies the name of the host Range 1 158 characters address Specifies the associated IP address Default Configuration No host is defined Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines a static host name to address mapping in the host cache Console config ip h...

Страница 160: ...ost name Parameters name Specifies the host entry to be removed Range 1 158 characters Removes all entries Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example deletes all entries from the host name to address cache Console clear host ...

Страница 161: ... Specifies the host entry to be removed Range 1 158 characters Removes all entries Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command is only operational in Switch mode This command deletes the host name to address mapping temporarily until the next renewal of the IP address Example The following example deletes all entrie...

Страница 162: ... no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays host information Console show hosts System name Device Default domain is gm com sales gm com usa sales gm com DHCP Name address lookup is enabled Name servers Preference order 176 16 1 18 176 16 1 19 Configured host name to address mapping...

Страница 163: ...IP Address Commands show hosts Page 160 ...

Страница 164: ...s network mask prefix length The number of bits that comprise the IP address prefix The prefix length must be preceded by a forward slash Range 1 32 characters gateway IP address or IP alias of the next hop that can be used to reach that network metric distance An administrative distance Range 1 255 reject route Stop routing to the destination network via all gateways Default Configuration The met...

Страница 165: ...prefix are displayed Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command is only functional if the device is in Router mode Example The following example displays the whole routing table state Console show ip route Maximum Parallel Paths 2 4 after reset Codes C connected S static R RIP O OSPF E OSPF external R 10 0 0 0 8 is...

Страница 166: ...0 2 1 17 12 19 Ethernet 1 Console show ip route address 192 168 1 0 255 255 255 0 longer prefixes Codes C connected S static R RIP O OSPF E OSPF external S 192 168 1 0 24 5 3 via 10 0 2 1 17 12 19 Ethernet 1 S 192 168 1 1 32 5 3 via 10 0 3 1 19 51 18 Ethernet 1 Field Description 0 Indicates protocol that derived the route 10 8 1 0 24 Indicates the remote network address 30 2000 The first number in...

Страница 167: ...er To disable the relay agent features use the no form of this command Syntax ip dhcp relay enable no ip dhcp relay enable Default Configuration DHCP is disabled on the router Command Mode Global Configuration mode User Guidelines This command is only functional if the device is in Router mode Example The following example enables DHCP services on the DHCP Server Console config ip dhcp relay enabl...

Страница 168: ... address ip address no ip dhcp relay address ip address Parameters ip address DHCP server IP address Up to 8 servers can be defined Default Configuration No server is defined Command Mode Global Configuration mode User Guidelines If no IP address is specified when using the no form of the command all configured servers are removed Example The following example defines the DHCP server with the addr...

Страница 169: ...r DHCP relay Syntax show ip dhcp relay Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command is only functional if the device is in Router mode Example Example The following example displays DHCP relay server addresses Console show ip dhcp relay DHCP relay is enabled Servers 172 16 1 11 172 16 8 11 ...

Страница 170: ...ion use the no form of this command Syntax lacp system priority value no lacp system priority Parameters value Specifies system priority value Range 1 65535 Default Configuration The default system priority is 1 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the system priority to 120 Console config lacp...

Страница 171: ...d Syntax lacp port priority value no lacp port priority Parameters value Specifies port priority Range 1 65535 Default Configuration The default port priority is 1 Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example defines the priority of Ethernet port 1 6 as 247 Console config interface ethernet 1 6 Consol...

Страница 172: ...long short no lacp timeout Parameters long Specifies the long timeout value short Specifies the short timeout value Default Configuration The default port timeout value is long Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example assigns a long administrative LACP timeout to Ethernet port 1 6 Console config i...

Страница 173: ... protocol state Link aggregation protocol state information Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example display LACP information for Ethernet port 1 1 Console show lacp ethernet 1 1 1 1 LACP parameters Actor system priority 1 system mac addr 00 00 12 34 ...

Страница 174: ...ort Admin priority 0 port Oper priority 0 port Oper timeout LONG LACP Activity PASSIVE Aggregation AGGREGATABLE synchronization FALSE collecting FALSE distributing FALSE expired FALSE 1 1 LACP Statistics LACP PDUs sent 2 LACP PDUs received 2 1 1 LACP Protocol State LACP State Machines Receive FSM Port Disabled State Mux FSM Detached State Periodic Tx FSM No Periodic State Control Variables BEGIN F...

Страница 175: ...LACP Commands show lacp ethernet Page 172 Selected UNSELECTED Port_moved FALSE NNT FALSE Port_enabled FALSE Timer counters periodic tx timer 0 current while timer 0 wait while timer 0 ...

Страница 176: ... Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays LACP information about port channel 1 Console show lacp port channel 1 Port Channel ch1 Port Type Gigabit Ethernet Attached Lag id Actor System Priority 1 MAC Address 00 02 85 0E 1C 00 Admin Key 1000 ...

Страница 177: ...LACP Commands show lacp port channel Page 174 ...

Страница 178: ...console Console terminal line telnet Virtual terminal for remote console access Telnet ssh Virtual terminal for secured remote console access SSH Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the device as a virtual terminal for remote cons...

Страница 179: ... values are 2400 4800 9600 19200 38400 57600 and 115200 Default Configuration The default speed is 9600 bps Command Mode Line Configuration console mode User Guidelines This command is available only on the line console The configured speed is applied when Autobaud is disabled This configuration applies only to the current session Example The following example configures the line baud rate Console...

Страница 180: ...rm of the command Syntax autobaud no autobaud Default Configuration Autobaud is disabled Command Mode Line Configuration console mode User Guidelines This command is available only on the line console To start communication using Autobaud press Enter twice This configuration applies only to the current session Example The following example enables autobaud Console config line console Console confi...

Страница 181: ...eters minutes Specifies the number of minutes for the timeout Range 0 65535 seconds Specifies additional time intervals in seconds Range 0 59 Default Configuration The default configuration is 10 minutes Command Mode Line Configuration mode User Guidelines To specify no timeout enter the exec timeout 0 command Example The following example configures the interval that the system waits until user i...

Страница 182: ...t Configuration The command history function is enabled Command Mode Line Configuration mode User Guidelines This command enables the command history function for a specified line To enable or disable the command history function for the current terminal session use the terminal history user EXEC mode command Example The following example enables the command history function for Telnet Console con...

Страница 183: ... commands that the system records in its history buffer Range 10 200 Default Configuration The default history buffer size is 10 Command Mode Line Configuration mode User Guidelines This command configures the command history buffer size for a particular line To configure the command history buffer size for the current terminal session use the terminal history size User EXEC mode command Example T...

Страница 184: ...use the no form of this command Syntax terminal history no terminal history Default Configuration The default configuration for all terminal sessions is defined by the history line configuration command Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example disables the command history function for the current terminal session Consol...

Страница 185: ...ommands the system may record in its command history buffer Range 10 200 Default Configuration The default command history buffer size is 10 Command Mode User EXEC mode User Guidelines The terminal history size user EXEC command configures the size of the command history buffer for the current terminal session To change the default size of the command history buffer use the history line configurat...

Страница 186: ...s SSH Default Configuration If the line is not specified the default value is console Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the line configuration Console show line Console configuration Interactive timeout Disabled History 10 Baudrate 9600 Databits 8 Parity none Stopbits 1 Telnet configuration Interac...

Страница 187: ...Line Commands show line Page 184 ...

Страница 188: ...using the permit Management and deny Management commands If no match criteria are defined the default is deny If you reenter an access list context the new rules are entered at the end of the access list Use the management access class command to select the active access list The active management list cannot be updated or removed Management ACL requires a valid management interface which is a por...

Страница 189: ...interfaces to be management interfaces except Ethernet interfaces 1 1 and 2 9 and makes the new access list the active list Console config management access list mlist Console config macl deny ethernet 1 1 Console config macl deny ethernet 2 9 Console config macl permit Console config macl exit Console config management access class mlist ...

Страница 190: ...ce IP address mask A valid network mask of the source IP address prefix length Number of bits that comprise the source IP address prefix The prefix length must be preceded by a forward slash Range 0 32 service Service type Possible values telnet ssh http https and snmp Default Configuration If no permit rule is defined the default is set to deny Command Mode Management Access list Configuration mo...

Страница 191: ... address mask A valid network mask of the source IP address mask prefix length Specifies the number of bits that comprise the source IP address prefix The prefix length must be preceded by a forward slash Range 0 32 service Service type Possible values telnet ssh http https and snmp Default Configuration This command has no default configuration Command Mode Management Access list Configuration mo...

Страница 192: ...ame no management access class Parameters console only Indicates that the device can be managed only from the console name Specifies the name of the access list to be used Range 1 32 characters Default Configuration If no access list is specified an empty access list is used Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following e...

Страница 193: ...s name Specifies the name of a management access list Range 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the mlist management access list Console show management access list mlist mlist permit ethernet 1 1 permit ethernet 2 Note a...

Страница 194: ... Syntax show management access class Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information about the active management access list Console show management access class Management access class is enabled using access list mlist ...

Страница 195: ...Management ACL Commands show management access class Page 192 ...

Страница 196: ...ace A valid Ethernet port Full syntax unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The port to be tested should be shut down during the test unless it is a combination port with fiber port active The maximum length of cable for the TDR test is 120 meters Example The following example results in a report on the cable att...

Страница 197: ...erface A valid Ethernet port Full syntax unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The maximum length of cable for the TDR test is 120 meters Example The following example displays information on the last TDR test performed on all copper ports Console show copper ports tdr Port Result Length meters Date 1 1 OK 1 2 Sh...

Страница 198: ...h interface Parameters interface A valid Ethernet port Full syntax unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The port must be active and working in 1000M mode Example The following example displays the estimated copper cable length attached to all ports Console show copper ports cable length Port Length meters 1 1 50...

Страница 199: ...lt configuration Command Mode Privileged EXEC mode User Guidelines To test optical transceivers ensure a fiber link is present Example The following example displays the optical transceiver diagnostics results Console show fiber ports optical transceiver 21 Current Output Port Temp Voltage Power Power Input LOS 21 OK OK OK OK OK No Temp Internally measured transceiver temperature Voltage Internall...

Страница 200: ... LOS C Volt mA mWatt mWatt 21 34 3 35 8 43 2 72 7 71 No Temp Internally measured transceiver temperature Voltage Internally measured supply voltage Current Measured TX bias current Output Power Measured TX output power in milliWatts Input Power Measured RX received power in milliWatts LOS Loss of signal N A Not Available N S Not Supported W Warning E Error ...

Страница 201: ...PHY Cable Diagnostics Commands show fiber ports optical transceiver Page 198 ...

Страница 202: ...face Syntax power inline auto never Parameters auto Turns on the device discovery protocol and applies power to the device never Turns off the device discovery protocol and stops supplying power to the device Default Configuration Auto Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example turns on the device d...

Страница 203: ...s pd type Comment or a description to assist in recognising what is the type of the powered device attached to this interface Range up to 24 characters Default Configuration There is no default configuration for this command Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example adds a description of the device...

Страница 204: ...ine priority Parameters critical The operation of the powered device is critical high The operation of the powered device is in high priority low The operation of the powered is in low priority Default Configuration Low priority Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example sets the priority of port 4 ...

Страница 205: ...inline usage threshold percents no power inline usage threshold Parameters percents Specifies the threshold in percents to compare to measured power Range 1 99 Default Configuration The default threshold is 95 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the threshold for initiating inline power usage ...

Страница 206: ...rm of this command to disable traps Syntax power inline traps enable no power inline traps enable Parameters This command has no arguments or keywords Default Configuration Disabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables inline power traps Console config power inline traps enable ...

Страница 207: ...nly Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information about the inline power Console show power inline Unit Power Nominal Power Consumer Power Usage Threshold Traps 1 On 400 Watts 0 Watts 0 95 Disable Admin Oper Port Powered Devic...

Страница 208: ...d power and initiating an alarm if threshold is exceeded Traps Indicates if inline power traps are enabled Port The Ethernet port number Powered device A description of the powered device type Admin State Indicates if the port is enabled to provide power Admin State can be Auto or Never Priority The priority of the port from the point of view of inline power management Priority can be Critical Hig...

Страница 209: ...06 Absent Counter Counts the number of times power has been removed because powered device dropout was detected Invalid Signature Counter Counts the number of times an invalid signature of a powered device was detected Field Description ...

Страница 210: ...port channel port channel number Parameters port channel number A valid port channel number Range 1 64 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Eight aggregated links can be defined with up to eight member ports per port channel The aggregated links valid IDs are 1 8 Example The following example enters the context of po...

Страница 211: ...id port channels to add Separate nonconsecutive port channels with a comma and no spaces A hyphen designates a range of port channels Range 1 64 all All valid port channels Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each interface in the range Example...

Страница 212: ...er of the valid port channel for the current port to join Range 1 64 on Forces the port to join a channel without an LACP operation auto Allows the port to join a channel as a result of an LACP operation Default Configuration The port is not assigned to a port channel Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The follow...

Страница 213: ...port channel number Parameters port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on all port channels Console show interfaces port channel Channel Ports 1 Active 1 1 2 2 2 Active 2 2 2 7 Inacti...

Страница 214: ...Configuration Ethernet mode User Guidelines This command enables traffic on one port to be copied to another port or between the source port src interface and a destination port port being configured The following restrictions apply to ports configured as destination ports The port cannot be already configured as a source port The port cannot be a member in a port channel An IP interface is not co...

Страница 215: ...mmands Page 212 Example The following example copies traffic for both directions Tx and Rx on port 1 8 source port to port 1 1 destination port Console config interface ethernet 1 1 Console config if port monitor 1 8 ...

Страница 216: ...monitor Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows how the port monitoring status is displayed Console show ports monitor Source Port Destination Port Type Status 1 1 1 8 RX TX Active 1 2 1 8 RX TX Active 1 18 1 8 RX Active ...

Страница 217: ...Port Monitor Commands Page 214 ...

Страница 218: ...e no form of this command Syntax qos basic advanced no qos Parameters basic QoS basic mode advanced QoS advanced mode which enables the full range of QoS configuration Default Configuration The QoS basic mode is enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables QoS on the device Console config qos basi...

Страница 219: ...vice Syntax show qos Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Trust mode is displayed if QoS is enabled in basic mode Example The following example displays QoS attributes when QoS is enabled in basic mode on the device Console show qos Qos basic Basic trust vpt ...

Страница 220: ...amed service policy applied on a per interface basis The Class Map Configuration mode enables entering up to two match Class map Configuration mode commands to configure the classification criteria for the specified class If two match Class map Configuration mode commands are entered each should point to a different type of ACL e g one to an IP ACL and one to a MAC ACL Since packet classification ...

Страница 221: ...e Parameters class map name Specifies the name of the class map to be displayed Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows the class map for class1 Console show class map class1 Class Map match any class1 id4 ...

Страница 222: ...l name Parameters acl name Specifies the name of an IP or MAC ACL Range 0 32 characters Default Configuration No match criterion is supported Command Mode Class map Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines the match criterion for classifying traffic as an access group called enterprise in a class map called class1 Consol...

Страница 223: ...iteria are defined in a class map use the policy map Global Configuration mode command to specify the name of the policy map to be created or modified Class policies in a policy map can only be defined if match criteria has already been defined for the classes Use the class map Global Configuration and match Class map Configuration commands to define the match criteria of a class Only one policy m...

Страница 224: ...g a policy for an existing class or creating a policy for a new class use the policy map Global Configuration mode command to specify the name of the policy map to which the policy belongs and to enter the Policy map Configuration mode Use the service policy Ethernet Port channel Interface Configuration mode command to attach a policy map to an interface Use an existing class map to attach classif...

Страница 225: ...e name of the class whose QoS policies are to be displayed Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays all policy maps Console show policy map Policy Map policy1 class class1 set Ip dscp 7 Policy Map policy2 class class 2 police 96000 4800 excee...

Страница 226: ...Configuration The port is not in the trust mode If the port is in trust mode the internal DSCP value is derived from the ingress packet Command Mode Policy map Class Configuration mode User Guidelines Action serviced to a class so that if an IP packet arrives the queue is assigned per DSCP If a non IP packet arrives the queue is assigned per CoS VPT Example The following example configures the tru...

Страница 227: ... Configuration mode User Guidelines This command is mutually exclusive with the trust Policy map Class Configuration command within the same policy map Policy maps that contain set or trust Policy map Class Configuration commands or that have ACL classifications cannot be attached to an egress interface by using the service policy Ethernet Port channel Interface Configuration mode command To retur...

Страница 228: ...d the DSCP of the packet is remarked according to the policed DSCP map as configured by the qos map policed dscp Global Configuration mode command Default Configuration This command has no default configuration Command Mode Policy map Class Configuration mode User Guidelines Policing uses a token bucket algorithm CIR represents the speed with which the token is removed from the bucket CBS represen...

Страница 229: ...nput policy map name no service policy input Parameters policy map name Specifies the name of the policy map to be applied to the input interface Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port Channel mode User Guidelines Only one policy map per interface per direction is supported Example The following example attaches a policy m...

Страница 230: ...ding to the policed DSCP map as configured by the qos map policed dscp Global Configuration mode command Default Configuration No aggregate policer is defined Command Mode Global Configuration mode User Guidelines Policers that contain set or trust Policy map Class Configuration commands or that have ACL classifications cannot be attached to an output interface Define an aggregate policer if the p...

Страница 231: ...meters of a policer called policer1 that can be applied to multiple classes in the same policy map When the average traffic rate exceeds 124 000 bps or the normal burst size exceeds 96000 bps the packet is dropped Console config qos aggregate policer policer1 124000 96000 exceed action drop ...

Страница 232: ...ggregate policer name Specifies the name of the aggregate policer to be displayed Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines Example The following example displays the parameters of the aggregate policer called policer1 Console show qos aggregate policer policer1 aggregate policer policer1 96000 480...

Страница 233: ...fault Configuration This command has no default configuration Command Mode Policy map Class Configuration mode User Guidelines An aggregate policer can be applied to multiple classes in the same policy map An aggregate policer cannot be applied across multiple policy maps or interfaces To return to the Policy map Configuration mode use the exit command To return to the Privileged EXEC mode use the...

Страница 234: ...apped to queue 3 Cos1 is mapped to queue 1 Cos2 is mapped to queue 2 Cos3 is mapped to queue 4 Cos4 is mapped to queue 5 Cos5 is mapped to queue 6 Cos6 is mapped to queue 7 Cos7 is mapped to queue 8 Command Mode Global Configuration mode User Guidelines This command can be used to distribute traffic into different queues where each queue is configured with different Weighted Round Robin WRR and We...

Страница 235: ...Use the priority queue out num of queues Global Configuration mode command to configure a queue as WRR or Strict Priority Use this command to define a WRR weight per interface The weight ratio for each queue is defined by the queue weight divided by the sum of all queue weights i e the normalized weight This sets the bandwidth allocation for each queue A queue can be assigned a WRR weight of 0 in ...

Страница 236: ... no priority queue out num of queues Parameters number of queues Specifies the number of expedite queues Expedite queues have higher indexes Range 0 8 Default Configuration All queues are expedite queues Command Mode Global Configuration mode User Guidelines Configuring the number of expedite queues affects the Weighted Round Robin WRR weight ratio because fewer queues participate in the WRR Examp...

Страница 237: ...ned Default Configuration No shape is defined Command Mode Interface Configuration Ethernet port channel mode User Guidelines This command activates the shaper on a specified egress port or egress queue To activate the shaper on an egress port enter the Interface Configuration mode and specify the port number Then run this command without the queue id parameter The CIR and the CBS will be applied ...

Страница 238: ...ity policers Displays the shaper of the specified interface and the shaper for the queue on the specified interface shapers Displays all the policers configured for this interface their setting and the number of policers currently unused Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines If no keyword is specified port QoS mod...

Страница 239: ...P0 Prob DP0 Min DP1 Max DP1 Prob DP1 Min DP2 Max DP2 Prob DP2 Weight 1 N A N A N A N A N A N A N A N A N A N A 2 N A N A N A N A N A N A N A N A N A N A 3 N A N A N A N A N A N A N A N A N A N A 4 N A N A N A N A N A N A N A N A N A N A 5 50 60 13 65 80 6 85 95 4 2 6 50 60 13 65 80 6 85 95 4 2 7 50 60 13 65 80 6 85 95 4 2 8 50 60 13 65 80 6 85 95 4 2 ...

Страница 240: ...bitethernet Indicates that the thresholds are to be applied to Gigabit Ethernet ports tengigabitethernet Indicates that the thresholds are to be applied to 10 Gigabit Ethernet ports queue id Specifies the queue number to which the threshold is assigned threshold percentage0 1 2 Specifies the queue threshold percentage value Each value is separated by a space Range 0 100 Default Configuration 80 pe...

Страница 241: ...es up to 8 DSCP values separated by a space Range 0 63 dscp mark down Specifies the DSCP value to mark down Range 0 63 Default Configuration The default map is the Null map which means that each incoming DSCP value is mapped to the same DSCP value Command Mode Global Configuration mode User Guidelines DSCP values 3 11 19 cannot be remapped to other values Example The following example marks down i...

Страница 242: ...t Specifies up to 8 DSCP values separated by a space Range 0 63 queue id Specifies the queue number to which the DSCP values are mapped Default Configuration The following table describes the default map Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example maps DSCP values 33 40 and 41 to queue 1 DSCP value 0 7 8 15 16 2...

Страница 243: ...tering a quality of service QoS domain are classified at the edge of the QoS domain When packets are classified at the edge the switch port within the QoS domain can be configured to one of the trusted states because there is no need to classify the packets at every device in the domain A switch port on an inter QoS domain boundary can be configured to the DSCP trust state and if the DSCP values a...

Страница 244: ...on each port use the no form of this command Syntax qos trust no qos trust Default Configuration qos trust is enabled on each port when the system is in basic mode Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures Ethernet port 1 15 to the default trust state Console config interfac...

Страница 245: ...efault cos Specifies the default CoS value of the port Range 0 7 Default Configuration Default CoS value of a port is 0 Command Mode Interface Configuration Ethernet port channel mode User Guidelines If the port is trusted the default CoS value of the port is used to assign a CoS value to all untagged packets entering the port Example The following example configures port 1 15 default CoS value to...

Страница 246: ...Quality of Service QoS administrative domain If two QoS domains have different DSCP definitions use the DSCP to DSCP mutation map to match one set of DSCP values with the DSCP values of another domain Apply the DSCP to DSCP mutation map only to ingress and to DSCP trusted ports Applying this map to a port causes IP packets to be rewritten with newly mapped DSCP values at the ingress ports If the D...

Страница 247: ...alues separated by spaces Range 0 63 out dscp Specifies up to 8 DSCP values separated by spaces Range 0 63 Default Configuration The default map is the Null map which means that each incoming DSCP value is mapped to the same DSCP value Command Mode Global Configuration mode User Guidelines This is the only map that is not globally configured it is possible to have several maps and assign each one ...

Страница 248: ...mmands This setting saves space in the Ternary Content Addressable Memory TCAM Default Configuration No protection is configured Command Mode Global Configuration mode User Guidelines MAC ACLs should be removed before the security suite is enabled The rules can be reentered after the security suite is enabled If ACLs or policy maps are assigned on ports per interface security suite rules cannot be...

Страница 249: ...tion is configured Command Mode Global Configuration mode User Guidelines The following table describes a list of DoS attacks and the protection type Example The following example protects the system from the Invasor Trojan Attack Keyword Protection Stacheldraht Distribution DoS attack stacheldraht Discard TCP packets with source TCP port equal to 16660 Invasor Trojan invasor trojan Discard TCP pa...

Страница 250: ...y a forward slash reserved Specify to discard packets with source address or destination address in the block of the reserved IP addresses See the usage guidelines for a list of reserved addresses Default Configuration Martian addresses are allowed Command Mode Global Configuration mode User Guidelines The following table describes the reserved addresses Address block Present use 0 0 0 0 8 except ...

Страница 251: ... 0 0 16 This is the link local block It is allocated for communication between hosts on a single link Hosts obtain these addresses by auto configuration such as when a DHCP server may not be found 172 16 0 0 12 Private Use Networks 192 88 99 0 24 This block is allocated for use as 6to4 relay anycast addresses 192 168 0 0 16 Private Use Networks 198 18 0 0 15 This block has been allocated for use i...

Страница 252: ...l number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays RMON Ethernet statistics for Ethernet port 1 1 Console show rmon statistics ethernet 1 Port 1 Octets 878128 Packets 978 Broadcast 7 Multicast 1 CRC Align Errors 0 Collisions 0 Undersize Pkts 0...

Страница 253: ...nd otherwise well formed Oversize Pkts The total number of packets received longer than 1518 octets excluding framing bits but including FCS octets and otherwise well formed Fragments The total number of packets received less than 64 octets in length excluding framing bits but including FCS octets and either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS wi...

Страница 254: ...s received that are between 512 and 1023 octets in length inclusive excluding framing bits but including FCS octets 1024 to 1518 Octets The total number of packets including bad packets received that are between 1024 and 1518 octets in length inclusive excluding framing bits but including FCS octets Field Description ...

Страница 255: ...r Number of buckets specified for the RMON collection history group of statistics If unspecified defaults to 50 Range 1 65535 seconds Number of seconds in each polling cycle Range 1 3600 Default Configuration RMON statistics group owner name is an empty string Number of buckets specified for the RMON collection history statistics group is 50 Number of seconds in each polling cycle is 1800 Command ...

Страница 256: ...C mode User Guidelines There are no user guidelines for this command Example The following example displays all RMON history group statistics The following table describes the significant fields shown in the display Console show rmon collection history Index Interface Interval Requested Samples Granted Samples Owner 1 1 1 30 50 50 CLI 2 1 1 1800 50 50 Manager Field Description Index An index that ...

Страница 257: ...seconds Specifies the period of time in seconds Range 1 4294967295 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays RMON Ethernet history statistics for index 1 Console show rmon history 1 throughput Sample Set 1 Owner CLI Interface 1 1 Interval 1800...

Страница 258: ... history 1 other Sample Set 1 Owner Me Interface 1 1 Interval 1800 Requested samples 50 Granted samples 50 Maximum table size 500 Time Dropped Collisions Jan 18 2005 21 57 00 3 0 Jan 18 2005 21 57 30 3 0 Field Description Time Date and Time the entry is recorded Octets The total number of octets of data including those in bad packets received on the network excluding framing bits but including FCS...

Страница 259: ...s but including FCS octets but were otherwise well formed Fragments The total number of packets received during this sampling interval that were less than 64 octets in length excluding framing bits but including FCS octets had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets AlignmentError It is normal for etherHist...

Страница 260: ...lating the value to be compared against the thresholds Possible values are absolute and delta If the method is absolute the value of the selected variable is compared directly with the thresholds at the end of the sampling interval If the method is delta the selected variable value of the last sample is sub tracted from the current value and the difference is compared with the thresholds direction...

Страница 261: ...llowing alarm conditions Alarm index 1000 Variable identifier D Link Sample interval 360000 seconds Rising threshold 1000000 Falling threshold 1000000 Rising threshold event index 10 Falling threshold event index 20 Console config rmon alarm 1000 D Link 360000 1000000 1000000 10 20 ...

Страница 262: ...XEC mode User Guidelines There are no user guidelines for this command Example The following example displays the alarms table The following table describes significant fields shown in the example Console show rmon alarm table Index OID Owner 1 1 3 6 1 2 1 2 2 1 10 1 CLI 2 1 3 6 1 2 1 2 2 1 10 1 Manager 3 1 3 6 1 2 1 2 2 1 10 9 CLI Field Description Index An index that uniquely identifies the entr...

Страница 263: ...ollowing table describes the significant fields shown in the display Console show rmon alarm 1 Alarm 1 OID 1 3 6 1 2 1 2 2 1 10 1 Last sample Value 878128 Interval 30 Sample Type delta Startup Alarm rising Rising Threshold 8700000 Falling Threshold 78 Rising Event 1 Falling Event 1 Owner CLI Field Description Alarm Alarm index OID Monitored variable OID Last Sample Value The statistic value during...

Страница 264: ...tup alarm is equal to rising or rising and falling then a single rising alarm is generated If the first sample is less than or equal to the falling threshold and startup alarm is equal falling or rising and falling then a single falling alarm is generated Rising Threshold A sampled statistic threshold When the current sampled value is greater than or equal to this threshold and the value at the la...

Страница 265: ... SNMP community specified by this octet string Range 0 127 characters description text Specifies a comment describing this event Range 0 127 characters name Specifies the name of the person who configured this event If unspecified the name is an empty string Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines If log is specified as...

Страница 266: ...ors Log CLI Jan 18 2006 23 58 17 2 High Broadcast Log Trap device Manager Jan 18 2006 23 59 48 Field Description Index An index that uniquely identifies the event Description A comment describing this event Type The type of notification that the device generates about this event Can have the following values none log trap log trap In the case of log an entry is made in the log table for each event...

Страница 267: ...Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the RMON log table Console show rmon log Maximum table size 500 Event Description Time 1 Errors Jan 18 2006 23 48 19 1 Errors Jan 18 2006 23 58 17 2 High Broadcast Jan 18 2006 23 59 48 Console show rmon log Maximum table size 500 800 after reset Event Description Time 1 Errors ...

Страница 268: ...uide Page 265 The following table describes the significant fields shown in the display Field Description Event An index that uniquely identifies the event Description A comment describing this event Time The time this entry was created ...

Страница 269: ...ize history log Parameters history entries Maximum number of history table entries Range 20 32767 log entries Maximum number of log table entries Range 20 32767 Default Configuration History table size is 270 Log table size is 200 Command Mode Global Configuration mode User Guidelines The configured table size taskes effect after the device is rebooted Example The following example configures the ...

Страница 270: ...r is skipped over by transaction requests Range 0 2000 key string Specifies the authentication and encryption key for all RADIUS communications between the device and the RADIUS server This key must match the encryption used on the RADIUS daemon To specify an empty string enter Range 0 128 characters source Specifies the source IP address to use for communication 0 0 0 0 is interpreted as request ...

Страница 271: ...age 268 Example The following example specifies a RADIUS server host with IP address 192 168 10 1 authentication request port number 20 and a 20 second timeout period Console config radius server host 192 168 10 1 auth port 20 timeout 20 ...

Страница 272: ...ers key string Specifies the authentication and encryption key for all RADIUS communications between the device and the RADIUS server This key must match the encryption used on the RADIUS daemon Range 0 128 characters Default Configuration The key string is an empty string Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following exa...

Страница 273: ... command Syntax radius server retransmit retries no radius server retransmit Parameters retries Specifies the retransmit value Range 1 10 Default Configuration The software searches the list of RADIUS server hosts 3 times Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the number of times the software sea...

Страница 274: ...Syntax radius server source ip source no radius source ip source Parameters source Specifies a valid source IP address Default Configuration The source IP address is the IP address of the outgoing IP interface Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the source IP address used for communication wit...

Страница 275: ...he no form of this command Syntax radius server timeout timeout no radius server timeout Parameters timeout Specifies the timeout value in seconds Range 1 30 Default Configuration The timeout value is 3 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the timeout interval on all RADIUS servers to 5...

Страница 276: ...on use the no form of this command Syntax radius server deadtime deadtime no radius server deadtime Parameters deadtime Length of time in minutes during which a RADIUS server is skipped over by transaction requests Range 0 2000 Default Configuration The deadtime setting is 0 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following e...

Страница 277: ...lt configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays RADIUS server settings Console show radius servers IP address Port Auth TimeOut Retransmit DeadTime Source IP Priority Usage 172 16 1 1 1645 Global Global Global 1 All 172 16 1 2 1645 11 8 Global Global 2 All Global values TimeOut 3 Retransmit 3 De...

Страница 278: ...oup A group defines the objects available to the community Range 1 30 characters view name Specifies the name of a previously defined view The view defines the objects available to the community Range 1 30 characters Default Configuration No communities are defined Command Mode Global Configuration mode User Guidelines The view name parameter cannot be specified for su which has access to the whol...

Страница 279: ...e 276 Example The following example defines community access string public to permit administrative access to SNMP protocol at an administrative station with IP address 192 168 1 20 Console config snmp server community public su 192 168 1 20 ...

Страница 280: ...4 or a word such as system Replace a single subidentifier with the asterisk wildcard to specify a subtree family for example 1 3 4 included Indicates that the view type is included excluded Indicates that the view type is excluded Default Configuration No view entry exists Command Mode Global Configuration mode User Guidelines This command can be entered multiple times for the same view record The...

Страница 281: ...NMP Version 3 security model name Specifies the context of a packet The following context is supported Router If the context name is unspecified all contexts are defined readview Specifies a string that is the name of the view that enables only viewing the contents of the agent If unspecified all objects except for the community table and SNMPv3 user and access tables are available writeview Speci...

Страница 282: ...ntication level The user should enter a concatenated hexadecimal string of the MD5 key MSB and the privacy key LSB If authentication is only required 16 bytes should be entered if authentication and privacy are required 32 bytes should be entered Each byte in the hexadecimal character string is two hexadecimal digits Each byte can be separated by a period or colon 16 or 32 bytes auth sha key sha d...

Страница 283: ...SNMP Commands snmp server user Page 280 Example The following example configures an SNMPv3 user John in a group called user group Console config snmp server user John user group ...

Страница 284: ... device If the SNMPv3 engine ID is deleted or the configuration file is erased SNMPv3 cannot be used By default SNMPv1 v2 are enabled on the device SNMPv3 is enabled only by defining the Local Engine ID If you want to specify your own ID you do not have to specify the entire 32 character engine ID if it contains trailing zeros Specify only the portion of the engine ID up to the point where just ze...

Страница 285: ...ay the SNMP engine ID configuration To see the SNMP engine ID configuration enter the snmp server engineID local Global Configuration mode command Example The following example enables SNMPv3 on the device and sets the local engine ID of the device to the default value Console config snmp server engineID local default ...

Страница 286: ...end SNMP traps To disable SNMP traps use the no form of the command Syntax snmp server enable traps no snmp server enable traps Default Configuration SNMP traps are enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables SNMP traps Console config snmp server enable traps ...

Страница 287: ...ng of numbers such as 1 3 6 2 4 or a word such as system Replace a single subidentifier with the asterisk wildcard to specify a subtree family for example 1 3 4 included Indicates that the filter type is included excluded Indicates that the filter type is excluded Default Configuration No filter entry exists Command Mode Global Configuration mode User Guidelines This command can be entered multipl...

Страница 288: ...pplicable to SNMPv1 1 Indicates that SNMPv1 traps will be used 2 Indicates that SNMPv2 traps will be used If port Specifies the UDP port of the host to use If unspecified the default UDP port number is 162 Range 1 65535 filtername Specifies a string that defines the filter for this host If unspecified nothing is filtered Range 1 30 characters seconds Specifies the number of seconds to wait for an ...

Страница 289: ...MP Commands snmp server host Page 286 Example The following example enables SNMP traps for host 10 1 1 1 with community string management using SNMPv2 Console config snmp server host 10 1 1 1 management 2 ...

Страница 290: ...hentication of a packet without encrypting it priv Indicates authentication of a packet with encryption port Specifies the UDP port of the host to use If unspecified the default UDP port number is 162 Range 1 65535 filtername Specifies a string that defines the filter for this host If unspecified nothing is filtered Range 1 30 characters seconds Specifies the number of seconds to wait for an ackno...

Страница 291: ...able SNMP failed authentication traps use the no form of this command Syntax snmp server trap authentication no snmp server trap authentication Default Configuration SNMP failed authentication traps are enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables SNMP failed authentication traps Console config sn...

Страница 292: ...er contact Parameters text Specifies the string that describes system contact information Range 1 160 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Do not include spaces in the text string or place text that includes spaces inside quotation marks Example The following example configures the system contact point cal...

Страница 293: ... no snmp server location Parameters text Specifies a string that describes system location information Range 1 160 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Do not include spaces in the text string or place text that includes spaces inside quotation marks Example The following example defines the device locatio...

Страница 294: ...r of name and value followed by one or more fields Range 1 160 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Although the CLI can set any required configuration there might be a situation where a SNMP user sets a MIB variable that does not have an equivalent command In order to generate configuration files that sup...

Страница 295: ...e User Guidelines There are no user guidelines for this command Example The following example displays the SNMP communications status Console show snmp Community String Community Access View name IP address public read only user view All private read write Default 172 16 1 1 private su DefaultSuper 172 17 1 1 Community string Group name IP address Type public user group all Traps are enabled Authe...

Страница 296: ...ns Target Address Type Username Security Level UDP Port Filter Name TO Sec Retries 192 122 173 42 Inform Bob Priv 162 15 3 System Contact Robert System Location Marketing Field Description Community string Community access string to permit access to the SNMP protocol Community access Type of access read only read write super access IP Address Management station IP Address Trap Rec Address Targeted...

Страница 297: ...twork Management Protocol SNMP engine Syntax show snmp engineID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the SNMP engine ID Console show snmp engineID Local SNMP engineID 08009009020C0B099C075878 ...

Страница 298: ...es the name of the view Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration of views Console show snmp views Name OID Tree Type user view 1 3 6 1 2 1 1 Included user view 1 3 6 1 2 1 1 7 Excluded user view 1 3 6 1 2 1 2 2 1 ...

Страница 299: ... fields shown above Console show snmp groups Name Security Views Model Level Read Write Notify user group V3 priv Default managers group V3 priv Default Default managers group V3 priv Default Field Description Name Name of the group Security Model SNMP model in use v1 v2 or v3 Security Level Authentication of a packet with encryption Applicable only to SNMP v3 security Views Read Name of the view ...

Страница 300: ...es the name of the filter Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration of filters Console show snmp filters Name OID Tree Type user filter 1 3 6 1 2 1 1 Included user filter 1 3 6 1 2 1 1 7 Excluded user filter 1 3 6 ...

Страница 301: ... Specifies the name of the user Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration of users Console show snmp users Name Group name Auth Method Remote John user group md5 John user group md5 08009009020C0B099C075879 ...

Страница 302: ... functionality To disable the spanning tree functionality use the no form of this command Syntax spanning tree no spanning tree Default Configuration Spanning tree is enabled Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables spanning tree functionality Console config spanning tree ...

Страница 303: ...col STP is enabled rstp Indicates that the Rapid Spanning Tree Protocol RSTP is enabled mstp Indicates that the Multiple Spanning Tree Protocol RSTP is enabled Default Configuration STP is enabled Command Modes Global Configuration mode User Guidelines In RSTP mode the device uses STP when the neighbor device uses STP In MSTP mode the device uses RSTP when the neighbor device uses RSTP and uses ST...

Страница 304: ...the no form of this command Syntax spanning tree forward time seconds no spanning tree forward time Parameters seconds Time in seconds Range 4 30 Default Configuration The default forwarding time for the IEEE Spanning Tree Protocol STP is 15 seconds Command Modes Global Configuration mode User Guidelines When configuring the forwarding time the following relationship should be kept 2 Forward Time ...

Страница 305: ...no form of this command Syntax spanning tree hello time seconds no spanning tree hello time Parameters seconds Time in seconds Range 1 10 Default Configuration The default hello time for IEEE Spanning Tree Protocol STP is 2 seconds Command Modes Global Configuration mode User Guidelines When configuring the hello time the following relationship should be kept Max Age 2 Hello Time 1 Example The fol...

Страница 306: ...nds no spanning tree max age Parameters seconds Time in seconds Range 6 40 Default Configuration The default maximum age for IEEE Spanning Tree Protocol STP is 20 seconds Command Modes Global Configuration mode User Guidelines When configuring the maximum age the following relationships should be kept 2 Forward Time 1 Max Age Max Age 2 Hello Time 1 Example The following example configures the span...

Страница 307: ...ion use the no form of this command Syntax spanning tree priority priority no spanning tree priority Parameters priority Priority of the bridge Range 0 61440 in steps of 4096 Default Configuration The default bridge priority for IEEE Spanning Tree Protocol STP is 32768 Command Modes Global Configuration mode User Guidelines The bridge with the lowest priority is elected as the root bridge Example ...

Страница 308: ...e no form of this command Syntax spanning tree disable no spanning tree disable Default Configuration Spanning tree is enabled on all ports Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example disables spanning tree on Ethernet port 1 5 Console config interface ethernet 1 5 Console config if spa...

Страница 309: ...h cost is determined by port speed and path cost method long or short as shown below Command Modes Interface Configuration Ethernet port channel mode User Guidelines The path cost method is configured using the spanning tree pathcost method Global Configuration mode command Example The following example configures the spanning tree cost on Ethernet port 1 15 to 35000 Interface Long Short Port chan...

Страница 310: ...ing tree port priority Parameters priority The priority of the port Range 0 240 in multiples of 16 Default Configuration The default port priority for IEEE Spanning TreeProtocol STP is 128 Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures the spanning priority on Ethernet port 1 15...

Страница 311: ...t Parameters auto Specifies that the software waits for 3 seconds With no BPDUs received on the interface before putting the interface into the PortFast mode Default Configuration PortFast mode is disabled Command Modes Interface Configuration Ethernet port channel mode User Guidelines This feature should be used only with interfaces connected to end stations Otherwise an accidental topology loop ...

Страница 312: ...ree spanning tree link type Parameters point to point Indicates that the port link type is point to point shared Indicates that the port link type is shared Default Configuration The device derives the port link type from the duplex mode A full duplex port is considered a point to point link and a half duplex port is considered a shared link Command Modes Interface Configuration Ethernet port chan...

Страница 313: ...ethod Parameters long Specifies port path costs with a range of 1 200 000 000 short Specifies port path costs with a range of 0 65 535 Default Configuration Short path cost method Command Mode Global Configuration mode User Guidelines This command is only operational with the device in Interface mode This command applies to all spanning tree instances on the device The cost is set using the spanni...

Страница 314: ...ering flooding no spanning tree bpdu Parameters filtering Filter BPDU packets when the spanning tree is disabled on an interface flooding Flood BPDU packets when the spanning tree is disabled on an interface Default Configuration The default setting is flooding Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example define...

Страница 315: ...ax clear spanning tree detected protocols ethernet interface port channel port channel number Parameters interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines This feature should be used only when working in RSTP or MSTP mode Example The following example res...

Страница 316: ... instance id priority Parameters instance id ID of the spanning tree instance Range 1 15 priority Device priority for the specified spanning tree instance Range 0 61440 in multiples of 4096 Default Configuration The default bridge priority for IEEE Spanning Tree Protocol STP is 32768 Command Mode Global Configuration mode User Guidelines The device with the lowest priority is selected as the root ...

Страница 317: ...of this command Syntax spanning tree mst max hops hop count no spanning tree mst max hops Parameters hop count Number of hops in an MST region before the BDPU is discarded Range 1 40 Default Configuration The default number of hops is 20 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the maximum number o...

Страница 318: ...ee mst instance id port priority Parameters instance ID ID of the spanning tree instance Range 1 15 priority The port priority Range 0 240 in multiples of 16 Default Configuration The default port priority for IEEE Multiple Spanning Tree Protocol MSTP is 128 Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The fo...

Страница 319: ...Parameters instance ID ID of the spanning tree instance Range 1 16 cost The port path cost Range 1 200 000 000 Default Configuration Default path cost is determined by port speed and path cost method long or short as shown below Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures the...

Страница 320: ...iple Spanning Tree MST mode Syntax spanning tree mst configuration Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines All devices in an MST region must have the same VLAN mapping configuration revision number and name Example The following example configures an MST region Console config spanning tree mst configuration Console conf...

Страница 321: ...nfiguration VLANs are mapped to the common and internal spanning tree CIST instance instance 0 Command Modes MST Configuration mode User Guidelines All VLANs that are not explicitly mapped to an MST instance are mapped to the common and internal spanning tree CIST instance instance 0 and cannot be unmapped from the CIST For two or more devices to be in the same MST region they must have the same V...

Страница 322: ...e string Parameters string MST configuration name The name is case sensitive Range 1 32 characters Default Configuration The default name is a radlan_guest Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines the configuration name as region1 Console config spanning tree mst_configuration Console config mst name reg...

Страница 323: ...mand Syntax revision value no revision Parameters value Configuration revision number Range 0 65535 Default Configuration The default configuration revision number is 0 Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the configuration revision to 1 Console config spanning tree mst configuration Console config mst ...

Страница 324: ...he pending region configuration Default Configuration This command has no default configuration Command Mode MST Configuration mode User Guidelines The pending MST region configuration takes effect only after exiting the MST Configuration mode Example The following example displays a pending MST region configuration Console config mst show pending Pending MST configuration Name Region1 Revision 1 ...

Страница 325: ...on changes Syntax exit Default Configuration This command has no default configuration Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example exits the MST Configuration mode and saves changes Console config spanning tree mst configuration Console config mst exit Console config ...

Страница 326: ... configuration changes Syntax abort Default Configuration This command has no default configuration Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example exits the MST Configuration mode without saving changes Console config spanning tree mst configuration Console config mst abort ...

Страница 327: ...s command Syntax spanning tree guard root no spanning tree guard root Default Configuration Root guard is disabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines Root guard can be enabled when the device operates in STP RSTP and MSTP When root guard is enabled the port changes to the alternate state if spanning tree calculations selects the port as the root port Ex...

Страница 328: ...d information active Indicates active ports only blockedports Indicates blocked ports only mst configuration Indicates the MST configuration identifier instance id Specifies ID of the spanning tree instance Default Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example di...

Страница 329: ...0000 1 4 Enabled 128 4 20000 BLK ALTN No Shared STP 1 5 Enabled 128 5 20000 DIS Console show spanning tree Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 36864 Address 00 02 4b 29 7a 00 This switch is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio Nbr Cost Sts Role PortFast Type 1 1 Enabled 128 1 20000 FWD Desg No P2p RSTP 1...

Страница 330: ... Bridge ID Priority 36864 Address 00 02 4b 29 7a 00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio Nbr Cost Sts Role PortFast Type 1 1 Enabled 128 1 20000 1 2 Enabled 128 2 20000 1 3 Disabled 128 3 20000 1 4 Enabled 128 4 20000 1 5 Enabled 128 5 20000 Console show spanning tree active Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 32...

Страница 331: ...28 2 20000 FWD Desg No Shared STP 1 4 Enabled 128 4 20000 BLK ALTN No Shared STP Console show spanning tree blockedports Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 32768 Address 00 01 42 97 e0 00 Path Cost 20000 Root Port 1 1 1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 36864 Address 00 02 4b 29 7a 00 Hello Time 2 sec Max Age 20 sec ...

Страница 332: ...hange occurred 2d18h ago Times hold 1 topology change 35 notification 2 hello 2 max age 20 forward delay 15 Port 1 1 1 enabled State Forwarding Role Root Port id 128 1 Port cost 20000 Type P2p configured auto RSTP Port Fast No configured no Designated bridge Priority 32768 Address 00 01 42 97 e0 00 Designated port id 128 25 Designated path cost 0 Number of transitions to forwarding state 1 BPDU se...

Страница 333: ...PDU sent N A received N A Port 4 1 4 enabled State Blocking Role Alternate Port id 128 4 Port cost 20000 Type Shared configured auto STP Port Fast No configured no Designated bridge Priority 28672 Address 00 30 94 41 62 c8 Designated port id 128 25 Designated path cost 20000 Number of transitions to forwarding state 1 BPDU sent 2 received 120638 Port 5 1 5 enabled State Disabled Role N A Port id 1...

Страница 334: ...gnated path cost 0 Number of transitions to forwarding state 1 BPDU sent 2 received 120638 Console show spanning tree mst configuration Name Region1 Revision 1 Instance Vlans mapped State 0 1 9 21 4094 Enabled 1 10 20 Enabled Console show spanning tree Spanning tree enabled mode MSTP Default port cost method long MST 0 Vlans Mapped 1 9 21 4094 CST Root ID Priority 32768 Address 00 01 42 97 e0 00 P...

Страница 335: ... No Shared Bound STP 1 3 Enabled 128 3 20000 FWD Desg No P2p 1 4 Enabled 128 4 20000 FWD Desg No P2p MST 1 Vlans Mapped 10 20 CST Root ID Priority 24576 Address 00 02 4b 29 89 76 Path Cost 20000 Root Port 4 1 4 Rem hops 19 Bridge ID Priority 32768 Address 00 02 4b 29 7a 00 Interfaces Name State Prio Nbr Cost Sts Role PortFast Type 1 1 Enabled 128 1 20000 FWD Boun No P2p Bound RSTP 1 2 Enabled 128 ...

Страница 336: ...7a 00 This switch is the IST master Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Max hops 20 Number of topology changes 2 last change occurred 2d18h ago Times hold 1 topology change 35 notification 2 hello 2 max age 20 forward delay 15 Port 1 1 1 enabled State Forwarding Role Root Port id 128 1 Port cost 20000 Type P2p configured auto Boundary RSTP Port Fast No configured no Designated bri...

Страница 337: ...ared configured auto Internal Port Fast No configured no Designated bridge Priority 32768 Address 00 02 4b 29 7a 00 Designated port id 128 3 Designated path cost 20000 Number of transitions to forwarding state 1 BPDU sent 2 received 170638 Port 4 1 4 enabled State Forwarding Role Designated Port id 128 4 Port cost 20000 Type Shared configured auto Internal Port Fast No configured no Designated bri...

Страница 338: ...transitions to forwarding state 1 BPDU sent 2 received 120638 Port 2 1 2 enabled State Forwarding Role Designated Port id 128 2 Port cost 20000 Type Shared configured auto Boundary STP Port Fast No configured no Designated bridge Priority 32768 Address 00 02 4b 29 7a 00 Designated port id 128 2 Designated path cost 20000 Number of transitions to forwarding state 1 BPDU sent 2 received 170638 Port ...

Страница 339: ... transitions to forwarding state 1 BPDU sent 2 received 170638 Console show spanning tree Spanning tree enabled mode MSTP Default port cost method long MST 0 Vlans Mapped 1 9 21 4094 CST Root ID Priority 32768 Address 00 01 42 97 e0 00 Path Cost 20000 Root Port 1 1 1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec IST Master ID Priority 32768 Address 00 02 4b 19 7a 00 Path Cost 10000 Rem hops...

Страница 340: ...ree Spanning tree enabled mode MSTP Default port cost method long MST 0 Vlans Mapped 1 9 21 4094 CST Root ID Priority 32768 Address 00 01 42 97 e0 00 This switch is root for CST and IST master Root Port 1 1 1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Max hops 20 ...

Страница 341: ...Spanning Tree Commands show spanning tree Page 338 ...

Страница 342: ...se the no form of this command Syntax ip ssh port port number no ip ssh port Parameters port number Port number for use by the SSH server Range 1 65535 Default Configuration The default port number is 22 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example specifies the port to be used by the SSH server as 8080 Console c...

Страница 343: ...Default Configuration Device configuration from a SSH server is disabled Command Mode Global Configuration mode User Guidelines If encryption keys are not generated the SSH server is in standby until the keys are generated To generate SSH server keys use the crypto key generate dsa and crypto key generate rsa Global Configuration mode commands Example The following example enables configuring the ...

Страница 344: ... key and one private DSA key If the device already has DSA keys a warning and prompt to replace the existing keys with new keys are displayed This command is not saved in the device configuration however the keys generated by this command are saved in the private configuration which is never displayed to the user or backed up on another device DSA keys are saved to the backup master This command m...

Страница 345: ...key and one private RSA key If the device already has RSA keys a warning and prompt to replace the existing keys with new keys are displayed This command is not saved in the device configuration however the keys generated by this command are saved in the private configuration which is never displayed to the user or backed up on another device RSA keys are saved to the backup master This command ma...

Страница 346: ...le this function use the no form of this command Syntax ip ssh pubkey auth no ip ssh pubkey auth Default Configuration Public Key authentication fo incoming SSH sessions is disabled Command Mode Global Configuration mode User Guidelines AAA authentication is independent Example The following example enables public key authentication for incoming SSH sessions Console config ip ssh pubkey auth ...

Страница 347: ...example enters the SSH Public Key chain Configuration mode and manually configures the RSA key pair for SSH public key chain bob Console config crypto key pubkey chain ssh Console config pubkey chain user key bob Console config pubkey key key string rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl Al4kpqIw9GBRonZQZxjHKcqKL6rMlQ ZNXfZSkvHG QusIZ 76ILmFT34v7u7ChFAE Vu4GRfpSwoQUvV35LqJJk67IOU zfwOl1g kTwm...

Страница 348: ...aracters rsa Indicates the RSA key pair dsa Indicates the DSA key pair Default Configuration No SSH public keys exist Command Mode SSH Public Key string Configuration mode User Guidelines Follow this command with the key string SSH Public Key String Configuration mode command to specify the key Example The following example enables manually configuring an SSH public key for SSH public key chain bo...

Страница 349: ..._keys file used by OpenSSH Range 0 160 Default Configuration No keys exist Command Mode SSH Public Key string Configuration mode User Guidelines Use the key string SSH Public Key string Configuration mode command to specify which SSH public key is to be interactively configured next To complete the command you must enter a row with no characters Use the key string row SSH Public Key string Configu...

Страница 350: ... QusIZ 76ILmFT34v7u7ChFAE Vu4GRfpSwoQUvV35LqJJk67IOU zfwOl1g kTwml75QR9gHujS6KwGN2QWXgh3ub8gDjTSq muSn Wd05iDX2IExQWu08licglk02LYciz Z4TrEU 9FJxwPiVQOjc KBXuR0juNg5nFYsY 0ZCk0N W9a tnkm1shRE7Di71 w3fNiOA 6w9o44t6 AINEICBCCA4YcF6zMzaT1wefWwX6f Rmt5nhhqdAtN 4oJfce166DqVX1gWmN zNR4DYDvSzg0lDnwCAC8Qh Fingerprint a4 16 46 23 5a 8d 1d b5 37 59 eb 44 13 b9 33 e9 Console config crypto key pubkey chain ssh...

Страница 351: ...lays the SSH server configuration The following table describes the significant fields shown in the display Console show ip ssh SSH server enabled Port 22 RSA key was generated DSA DSS key was generated SSH Public Key Authentication is enabled Active incoming sessions IP address SSH username Version Cipher Auth Code 172 16 0 1 John Brown 2 0 3 DES HMAC SHA1 Field Description IP address Client addr...

Страница 352: ...ivileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the SSH public RSA keys on the device Console show crypto key mypubkey rsa RSA key data 005C300D 06092A86 4886F70D 01010105 00034B00 30480241 00C5E23B 55D6AB22 04AEF1BA A54028A6 9ACC01C5 129D99E4 64CAB820 847EDAD9 DF0B4E4C 73A05DD2 BD62A8A9 FA603DD2 E2A8A6F8 98F76E28 D58AD221 B58...

Страница 353: ...lt Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays SSH public keys stored on the device Console show crypto key pubkey chain ssh Username Fingerprint bob 9A CC 01 C5 78 39 27 86 79 CC 23 C5 98 59 F1 86 john 98 F7 6E 28 F2 79 87 C8 18 F8 88 CC F8 89 87 C8 Co...

Страница 354: ...gging on Default Configuration Logging is enabled Command Mode Global Configuration mode User Guidelines The logging process controls the distribution of logging messages at various destinations such as the logging buffer logging file or syslog server Logging on and off at these destinations can be individually configured using the logging buffered logging file and logging Global Configuration mod...

Страница 355: ...ed messages sent to the syslog servers Possible values emergencies alerts critical errors warnings notifications informational and debugging facility Specifies the facility that is indicated in the message Possible values local0 local1 local2 local3 local4 local5 local 6 local7 text Syslog server description Range 1 64 characters Default Configuration The default port number is 514 The default log...

Страница 356: ...ers level Specifies the severity level of logged messages displayed on the console The possible values are emergencies alerts critical errors warnings notifications informational debugging Default Configuration The default severity level is informational Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example limits logging...

Страница 357: ...evel of messages logged in the buffer The possible values are emergencies alerts critical errors warnings notifications informational debugging Default Configuration The default severity level is informational Command Mode Global Configuration mode User Guidelines All the syslog messages are logged to the internal buffer This command limits the messages displayed to the user Example The following ...

Страница 358: ...nd Syntax logging buffered size number no logging buffered size Parameters number Specifies the maximum number of messages stored in the history table Range 20 400 Default Configuration The default number of messages is 200 Command Mode Global Configuration mode User Guidelines This command takes effect only after Reset Example The following example changes the number of syslog messages stored in ...

Страница 359: ...nternal logging buffer Syntax clear logging Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example clears messages from the internal logging buffer Console clear logging Clear Logging File y n ...

Страница 360: ...s level Specifies the severity level of syslog messages sent to the logging file Possible values are emergencies alerts critical errors warnings notifications informational and debugging Default Configuration The default severity level is errors Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example limits syslog messages ...

Страница 361: ...ges from the logging file Syntax clear logging file Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example clears messages from the logging file Console clear logging file Clear Logging File y n ...

Страница 362: ... aaa logging login Parameters login Indicates logging messages related to successful login events unsuccessful login events and other login related events Default Configuration Logging AAA login events is enabled Command Mode Global Configuration mode User Guidelines Other types of AAA events are not subject to this command Example The following example enables logging messages related to AAA logi...

Страница 363: ...ng delete rename no file system logging delete rename Parameters copy Indicates logging messages related to file copy operations delete rename Indicates logging messages related to file deletion and renaming operations Default Configuration Logging file system events is enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The followin...

Страница 364: ...management logging deny no management logging deny Parameters deny Indicates logging messages related to deny actions of management ACLs Default Configuration Logging management ACL events is enabled Command Mode Global Configuration mode User Guidelines Other types of management ACL events are not subject to this command Example The following example enables logging messages related to deny actio...

Страница 365: ...Console Messages 0 Dropped severity Buffer logging level debugging Buffer Messages 11 Logged 200 Max File logging level notifications File Messages 0 Dropped severity Syslog server 192 180 2 27 logging errors Messages 6 Dropped severity Syslog server 192 180 2 28 logging errors Messages 6 Dropped severity 2 messages were not logged resources Application filtering control Application Event Status A...

Страница 366: ...1 39 LINEPROTO 5 UPDOWN Line protocol on Interface FastEthernet0 0 changed state to up 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 0 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 1 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 2 changed state to down 11 Aug 200...

Страница 367: ...bugging Console Messages 0 Dropped severity Buffer logging level debugging Buffer Messages 11 Logged 200 Max File logging level notifications File Messages 0 Dropped severity Syslog server 192 180 2 27 logging errors Messages 6 Dropped severity Syslog server 192 180 2 28 logging errors Messages 6 Dropped severity 2 messages were not logged resources Application filtering control Application Event ...

Страница 368: ...1 39 LINEPROTO 5 UPDOWN Line protocol on Interface FastEthernet0 0 changed state to up 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 0 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 1 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 2 changed state to down 11 Aug 200...

Страница 369: ...ult Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the settings of the syslog servers Console show syslog servers Device Configuration IP address Port Severity Facility Description 192 180 2 27 514 Informational local7 192 180 2 28 514 Warning local7 ...

Страница 370: ...72 bytes packet_count Number of packets to send If 0 is entered it pings until stopped Range 0 65535 packets time_out Timeout in milliseconds to wait for each reply Range 50 65535 milliseconds Default Configuration Default packet size is 56 bytes Default number of packets to send is 4 Default timeout value is 2000 milliseconds Command Mode User EXEC mode User Guidelines Press Esc to stop pinging F...

Страница 371: ... 1 1 1 icmp_seq 3 time 7 ms 10 1 1 1 PING Statistics 4 packets transmitted 4 packets received 0 packet loss round trip ms min avg max 7 8 11 Console ping yahoo com Pinging yahoo com 66 218 71 198 with 64 bytes of data 64 bytes from 10 1 1 1 icmp_seq 0 time 11 ms 64 bytes from 10 1 1 1 icmp_seq 1 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 2 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 3 time 7 ms 10 1 ...

Страница 372: ... The default number of bytes in a packet is 40 The default maximum TTL value is 30 The default number of probes to be sent at each TTL level is 3 The default timeout interval in seconds is 3 Command Mode User EXEC mode User Guidelines The traceroute command takes advantage of the error messages generated by the devices when a datagram exceeds its time to live TTL value The traceroute command start...

Страница 373: ...msec 35 msec 6 iplsng kscyng abilene ucaid edu 198 32 8 80 47 msec 45 msec 45 msec 7 so 0 2 0x1 aa1 mich net 192 122 183 9 56 msec 53 msec 54 msec 8 atm1 0x24 michnet8 mich net 198 108 23 82 56 msec 56 msec 57 msec 9 10 A ARB3 LSA NG c SEB umnet umich edu 141 211 5 22 58 msec 58 msec 58 msec 11 umaxp1 physics lsa umich edu 141 211 101 64 62 msec 63 msec 63 msec Field Description 1 Indicates the se...

Страница 374: ...fault port is the Telnet port 23 on the host Command Mode User EXEC mode User Guidelines Telnet software supports special Telnet commands in the form of Telnet sequences that map generic terminal control functions to operating system specific functions To enter a Telnet sequence press the escape sequence keys Ctrl shift 6 followed by a Telnet command character Special Telnet Sequences At any time ...

Страница 375: ...uspends the session return to system command prompt Options Description echo Enables local echo quiet Prevents onscreen display of all messages from the software source interface Specifies the source interface stream Turns on stream processing which enables a raw TCP stream with no Telnet control sequences A stream connection does not process Telnet options and can be appropriate for connections t...

Страница 376: ...Protocol 113 irc Internet Relay Chat 194 klogin Kerberos login 543 kshell Kerberos shell 544 login Login 513 lpd Printer service 515 nntp Network News Transport Protocol 119 pim auto rp PIM Auto RP 496 pop2 Post Office Protocol v2 109 pop3 Post Office Protocol v3 110 smtp Simple Mail Transport Protocol 25 sunrpc Sun Remote Procedure Call 111 syslog Syslog 514 tacacs TAC Access Control System 49 ta...

Страница 377: ...e connection Parameters connection The connection number Range 1 4 connections Default Configuration The default connection number is that of the most recent connection Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following command switches to open Telnet session number 1 Console resume 1 ...

Страница 378: ...eged EXEC mode User Guidelines Caution should be exercised when resetting the device to ensure that no other activity is being performed In particular the user should verify that no configuration files are being downloaded at the time of reset Example The following example reloads the operating system Console reload This command will reset the whole system and disconnect your current session Do yo...

Страница 379: ... of the command Syntax hostname name no hostname Parameters name The host name of the device Range 1 160 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example specifies the device host name Console config hostname enterprise enterprise config ...

Страница 380: ...to return to default Syntax stack master unit unit no stack master Parameters unit Unit number of the new master Range 1 Product Specific Default Configuration No forced master Command Modes Global configuration User Guidelines There are no user guidelines for this command Example The following example forces the stack master to be unit 3 enterprise config stack master unit 3 ...

Страница 381: ...unit Parameters unit Number of the unit to be reloaded Range 1 8 Default Configuration All units are reloaded Command Modes Privileged EXEC mode User Guidelines This command is not relevant for standalone devices If no unit is specified all units are reloaded Example The following example reloads Unit 2 of the stack Console config stack reload unit 2 ...

Страница 382: ...unit displayed at the top Range 1 8 bottom unit Specifies the number of the unit displayed at the bottom Range 1 8 Default Configuration The master unit is displayed at the top Command Modes Global Configuration mode User Guidelines This command is not relevant to the TBD standalone device If the units are not adjacent in ring or chain topology the units are not at the edge and the default display...

Страница 383: ...mmand Mode Privileged EXEC mode User Guidelines Use this command to identify the unit number of each unit If you run the command with all as the unit number the software would turn off all the ports LEDs in all the units and then turn on at each unit the LED of the port with the identical number as the unit number If you run the command with a specific unit number the software would turn off all t...

Страница 384: ...tandalone devices Example The following example displays stack status Console show stack Unit MAC Address Software Master Uplink Downlink Status 1 00 00 b0 87 12 11 1 0 0 0 Enabled 2 3 Slave 2 00 00 b0 87 12 13 1 0 0 0 Enabled 1 4 Master 4 00 00 b0 87 12 14 1 0 0 0 3 5 Slave 5 00 00 b0 87 12 15 1 0 0 0 4 6 Slave 6 00 00 b0 87 12 16 1 0 0 0 5 7 Slave Configured order Unit 1 at Top Unit 2 at bottom ...

Страница 385: ... Forced 6 1 Master 2 00 00 b0 87 12 11 1 0 0 0 Enabled 2 3 Slave Configured order Unit 1 at Top Unit 6 at bottom Can t display order as requested Console show stack 1 Unit 1 MAC address 00 00 b0 87 12 11 Master Forced Product xxxx Software 1 0 0 0 Status Master Active image image 1 Selected for next boot image 2 ...

Страница 386: ...sers Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information about the active users Console show users Username Protocol Location Bob Serial John SSH 172 16 0 1 Robert HTTP 172 16 0 8 Betty Telnet 172 16 1 7 ...

Страница 387: ...es for this command Example The following example lists open Telnet sessions The following table describes significant fields shown above Console show sessions Connection Host Address Port Byte 1 Remote device 172 16 1 1 23 89 2 172 16 1 2 172 16 1 2 23 8 Field Description Connection Connection number Host Remote host to which the device is connected through a Telnet session Address IP address of ...

Страница 388: ...ack units only id Relevant for stack and standalone units mode Relevant for stack and standalone units resources Relevant in Router mode for stack and standalone units Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the system information Console sh...

Страница 389: ...System Management Commands show system Page 386 Unit Fans 1 OK 2 OK 3 OK Unit Up time 1 01 07 56 20 2 01 07 52 27 3 01 07 56 20 ...

Страница 390: ...es the number of the unit Range 1 8 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays system version information only for demonstration purposes Console show version Unit SW version Boot version HW version 1 1 0 0 0 2 178 1 0 0 2 1 0 0 0 2 178 1 0 0 ...

Страница 391: ...re the default configuration use the no form of this command Syntax service cpu utilization no service cpu utilization Default Configuration Disabled Command Mode Global Configuration mode User Guidelines Use the show cpu utilization Privileged EXEC command to view information on CPU utilization Example This example enables measuring CPU utilization Console config service cpu utilization ...

Страница 392: ...onfiguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Use the service cpu utilization Global Configuration mode command to enable measuring CPU utilization Example The following example configures the CPU utilization information display Console show cpu utilization CPU utilization service is on CPU utilization five seconds 5 one minute 3 five minu...

Страница 393: ... Deactivate QoS features policy based vlans active Activate Policy based VLANs policy based vlans inactive Deactivate Policy based VLANs Default Configuration Product specific Command Mode Priviledged EXEC mode User Guidelines After executing the command the startup config would be deleted and the device would be rebooted It is highly recommended to backup the startup config before executing this ...

Страница 394: ...mation on features control Syntax show system mode Default Configuration This command has no default configuration Command Mode Priviledged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on features control Console show system mode Mode Router QoS Inactive ...

Страница 395: ...System Management Commands show system mode Page 392 ...

Страница 396: ...host is not used for authentication if the port number is set to 0 Range 0 65535 timeout Specifies the timeout value in seconds Range 1 30 key string Specifies the authentication and encryption key for all TACACS communications between the device and the TACACS server This key must match the encryption used on the TACACS daemon To specify an empty string enter Range 0 128 characters source Specifi...

Страница 397: ...TACACS Commands tacacs server host Page 394 Example The following example specifies a TACACS host Console config tacacs server host 172 16 1 1 ...

Страница 398: ...ring no tacacs server key Parameters key string Specifies the authentication and encryption key for all TACACS communications between the device and the TACACS server This key must match the encryption used on the TACACS daemon Range 0 128 characters Default Configuration Empty string Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The f...

Страница 399: ...configuration use the no form of this command Syntax tacacs server timeout timeout no tacacs server timeout Parameters timeout Specifies the timeout value in seconds Range 1 30 Default Configuration 5 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the timeout value to 30 for all TACACS servers Console ...

Страница 400: ...form of this command Syntax tacacs server source ip source no tacacs server source ip source Parameters source Specifies the source IP address Default Configuration The source IP address is the address of the outgoing IP interface Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example specifies the source IP address for al...

Страница 401: ...ACS server Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays configuration and statistical information about a TACACS server Console show tacacs Device Configuration IP address Status Port Single Connection TimeOut Source IP Priority 172 16 1 1 Connec...

Страница 402: ...C mode Syntax enable privilege level Parameters privilege level Privilege level to enter the system Range 1 15 Default Configuration The default privilege level is 15 Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example enters Privileged EXEC mode Console enable enter password Console ...

Страница 403: ...disable privilege level Parameters privilege level Privilege level to enter the system Range 1 15 Default Configuration The default privilege level is 1 Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example return to Users EXEC mode Console disable Console ...

Страница 404: ...rname Syntax login Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example enters Privileged EXEC mode and logs in with username admin Console login User Name admin Password Console ...

Страница 405: ... the Global Configuration mode Syntax configure Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example enters Global Configuration mode Console configure Console config ...

Страница 406: ... hierarchy Syntax exit Default Configuration This command has no default configuration Command Mode All configuration modes User Guidelines There are no user guidelines for this command Example The following example changes the configuration mode from Interface Configuration mode to Privileged EXEC mode Console config if exit Console config exit Console ...

Страница 407: ...e terminal session by logging off the device Syntax exit Default Configuration This command has no default configuration Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command Example The following example closes an active terminal session Console exit ...

Страница 408: ...to the Privileged EXEC mode Syntax end Default Configuration This command has no default configuration Command Mode All configuration modes User Guidelines There are no user guidelines for this command Example The following example changes from Global Configuration mode to Privileged EXEC mode Console config end Console ...

Страница 409: ...ark If nothing matches the currently entered incomplete command the help list is empty This indicates that for a query at this point there is no command matching the current input If the request is within a command enter backspace and erase the entered characters to a point where the request results in a display Help is provided when 1 There is a valid command and a help request is made for enteri...

Страница 410: ...sabled Command Mode User EXEC mode User Guidelines By default a More prompt is displayed when the output contains more lines than can be displayed on the screen Pressing the Enter key displays the next line pressing the Spacebar displays the next screen of output The data dump command enables dumping all output immediately after entering the show command This command is relevant only for the curre...

Страница 411: ...cludes executed and unexecuted commands Commands are listed from the first to the most recent command The buffer remains unchanged when entering into and returning from configuration modes Example The following example displays all the commands entered while in the current Privileged EXEC mode Console show version SW version 3 131 date 23 Jul 2005 time 17 34 19 HW version 1 0 0 Console show clock ...

Страница 412: ...e level Syntax show privilege Default Configuration This command has no default configuration Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command Example The following example displays the current privilege level for the Privileged EXEC mode Console show privilege Current privilege level is 15 ...

Страница 413: ...User Interface Commands show privilege Page 410 ...

Страница 414: ...mmand enters the VLAN Configuration mode Syntax vlan database Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enters the VLAN database mode Console config vlan database Console config vlan ...

Страница 415: ... a list of VLAN IDs to be added Separate nonconsecutive VLAN IDs with a comma and no spaces a hyphen designates a range of IDs Range 2 4094 Default Configuration This command has no default configuration Command Mode VLAN Database mode User Guidelines There are no user guidelines for this command Example The following example VLAN number 1972 is created Console config vlan database Console config ...

Страница 416: ...e vlan vlan id Parameters vlan id Specifies an existing VLAN ID Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures VLAN 1 with IP address 131 108 1 27 Console config interface vlan 1 Console config if ip address 131 108 1 27 ...

Страница 417: ...Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each interface in the range If the command returns an error on one of the interfaces an error message is displayed and execution of the command continues on the other interfaces Configuring all ports may consume an e...

Страница 418: ...ame to be associated with this VLAN Range 1 32 characters Default Configuration No name is defined Command Mode Interface Configuration VLAN mode Cannot be configured for a range of interfaces range context User Guidelines The name string may include numbers and other characters etc but no spaces Example The following example gives VLAN number 19 the name Marketing Console config interface vlan 19...

Страница 419: ...thernet port channel mode User Guidelines PVE only operates on interfaces that do not have an IP address PVE only operates on interfaces that do not belong to VLANs that have IP addresses Private VLAN Edge PVE supports private communication by isolating PVE defined ports and ensuring that all Unicast Broadcast and Multicast traffic from these ports is only forwarded to uplink port s PVE requires o...

Страница 420: ...t trunk Indicates a trunking layer 2 VLAN port general Indicates a full 802 1q supported VLAN port customer The port is connected to customer equipment Used when the switch is in a provider network Default Configuration All ports are in access mode and belong to the default VLAN whose VID 1 Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines...

Страница 421: ...witchport access vlan Parameters vlan id Specifies the ID of the VLAN to which the port is configured Default Configuration All ports belong to VLAN 1 Command Mode Interface configuration Ethernet port channel mode User Guidelines The command automatically removes the port from the previous VLAN and adds it to the new VLAN Example The following example configures a VLAN ID of 23 to the untagged la...

Страница 422: ...designates a range of IDs remove vlan list List of VLAN IDs to be removed Separate nonconsecutive VLAN IDs with a comma and no spaces A hyphen designates a range of IDs Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example adds VLANs ...

Страница 423: ...e Configuration Ethernet port channel mode User Guidelines The command adds the port as a member in native VLAN If the port is already in the VLAN as allowed it will automatically change the last entry to native The command adds the port as a member in native VLAN 2 If the port is already configured as a native VLAN 3 it will automatically change the last entry VLAN 2 Only one native VLAN can be c...

Страница 424: ...s with a comma and no spaces A hyphen designates a range of IDs tagged Indicates that the port transmits tagged packets for the VLANs untagged Indicates that the port transmits untagged packets for the VLANs Default Configuration If the port is added to a VLAN without specifying tagged or untagged the default setting is tagged Command Mode Interface Configuration Ethernet port channel mode User Gu...

Страница 425: ...tchport general pvid Parameters vlan id Specifies the PVID Port VLAN ID Default Configuration If the default VLAN is enabled PVID 1 Otherwise PVID 4095 Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures the PVID for Ethernet port 1 when the interface is in general mode Console config...

Страница 426: ...witchport general ingress filtering disable no switchport general ingress filtering disable Default Configuration Ingress filtering is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example disables port ingress filtering on Ethernet port 1 Console config interface ethernet 1 Console config...

Страница 427: ...itchport general acceptable frame type tagged only no switchport general acceptable frame type tagged only Default Configuration All frame types are accepted at ingress Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures Ethernet port 1 to discard untagged frames at ingress Console co...

Страница 428: ...ces A hyphen designates a range of IDs remove vlan list Specifies the list of VLAN IDs to be removed Separate nonconsecutive VLAN IDs with a comma and no spaces A hyphen designates a range of IDs Default Configuration All VLANs are allowed Command Mode Interface Configuration Ethernet port channel mode User Guidelines This command can be used to prevent GVRP from automatically making the specified...

Страница 429: ...quired when an IP interface is configured on an Ethernet port or port channel This command enables the user to configure the internal usage VLAN of a port If an internal usage VLAN is not configured and the user wants to configure an IP interface an unused VLAN is selected by the software If the software selected a VLAN for internal use and the user wants to use that VLAN as a static or dynamic VL...

Страница 430: ...and has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays all VLAN information Console show vlan VLAN Name Ports Type Authorization 1 default 1 2 other Required 10 VLAN0010 1 dynamic Required 11 VLAN0011 1 static Required 20 VLAN0020 1 static Required 21 VLAN0021 static Required 30 VLAN003...

Страница 431: ...ally by the device Syntax show vlan internal usage Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays VLANs used internally by the device Console show vlan internal usage Usage VLAN Reserved IP address 14 50 Yes Inactive ...

Страница 432: ... This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the switchport configuration for Ethernet port 10 map protocol protocols group Console show interface switchport ethernet 10 Port 10 Port mode General GVRP Status General Ingress Filtering True Acceptable Frame Type AdmitA...

Страница 433: ...VLAN Commands show interfaces switchport Page 430 Forbidden VLANS VLAN Name 5 5 Classification rules Protocol based VLANs Group ID Vlan ID 213 3 ...

Страница 434: ...ocol number or one of the reserved names The format is Hex format encapsulation One of the following values ethernet rfc1042 llcOther If no option is indicated the default is ethernet group Group number of group of protocols associated together Range 1 2147483647 Default Configuration This command has no default configuration Command Mode VLAN Database mode User Guidelines The following protocol n...

Страница 435: ...and Range 1 2147483647 vlan id Define the VLAN ID in the classifying rule Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port channel mode User Guidelines Before using the command command switchport general map protocols group a protocol must be mapped to the group using the map protocol protocols group command Example The following ex...

Страница 436: ...efault Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays protocols groups information Console show vlan protocols groups Encapsulation Protocol Group Id ethernet 08 00 213 ethernet 08 06 213 ethernet 81 37 312 ethernet 81 38 312 rfc1042 08 00 213 rfc1042 08 0...

Страница 437: ...VLAN Commands show vlan protocols groups Page 434 ...

Страница 438: ...ice from a browser To disable this function use the no form of this command Syntax ip http server no ip http server Default Configuration HTTP server is enabled Command Mode Global Configuration mode User Guidelines Only a user with access level 15 can use the Web server Example The following example enables configuring the device from a browser Console config ip http server ...

Страница 439: ...f this command Syntax ip http port port number no ip http port Parameters port number Port number for use by the HTTP server Range 0 65535 Default Configuration The default port number is 80 Command Mode Global Configuration mode User Guidelines Specifying 0 as the port number effectively disables HTTP access to the device Example The following example configures the http port number to 100 Consol...

Страница 440: ...lt configuration use the no form of this command Syntax ip https server no ip https server Default Configuration Disabled Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate Example The following example enables configuring the device from a secured browser Console config ip https server ...

Страница 441: ...e no form of this command Syntax ip https port port number no ip https port Parameters port number Port number to be used by the HTTP server Range 0 65535 Default Configuration The default port number is 443 Command Mode Global Configuration mode User Guidelines Specifying 0 as the port number effectively disables HTTP access to the device Example The following example configures the https port nu...

Страница 442: ... country Specifies the country name Range 2 2 days Specifies number of days certification is valid Range 30 3650 Default Configuration The Certificate and SSL s RSA key pairs do not exist If no RSA key length is specified the default length is 1024 If no URL or IP address is specified the default common name is the lowest IP address of the device at the time that the certificate is generated If th...

Страница 443: ...or city name Range 1 64 state Specifies the state or province name Range 1 64 country Specifies the country name Range 2 2 Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines Use this command to export a certificate request to a Certification Authority The certificate request is generated in Base64 encoded X 509 format Before g...

Страница 444: ...EwNkbGQxCzAJBgNVBAMTAmxkMRAw DgKoZIhvcNAQkBFgFsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8ecwQ HdML0831i0fh F0MV Kib6Sz5p 3nUUenbfHp igVPmFM 1nbqTDekb2ymCu6K aKvEbVLF9F2LmM7VPjDBb9bb4jnxkvwW wzDLvW2rsy5NPmH1QVl 8Ubx3GyCm oW93BSOFwxwEsP58kf sPYPy 8wwmoNtDwIDAQABoB8wHQYJKoZIhvcNAQkH MRDjEyMwgICCAgICAICAgIMA0GCSqGSIb3DQEBBAUAA4GBAGb8UgIx7rB05m 2 m5ZZPhIwl8ARSPXwhVdJexFjbnmvcacqjPG8pIiRV6LkxryGF2bVU3jKEi...

Страница 445: ...ration mode User Guidelines Use this command to enter an external certificate signed by Certification Authority to the device To end the session enter an empty line The imported certificate must be based on a certificate request created by the crypto certificate request Privileged EXEC mode command If the public key found in the certificate does not match the device s SSL RSA key the command fails...

Страница 446: ...1t11a1GaqchfMqqe0kmfhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYeBABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4MT9BRD47 ZvKBAEL9Ggp 6MIIBNgYDVR0fBIIBLTCCASkwgdKggc ggcyGgclsZGFwOi8v L0VByb3h5JTIwU29mdHdhcmUlMjBSb290JTIwQ2VydGlmaWVyLENOPXNlcnZl END CERTIFICATE Certificate imported successfully Issued to router gm com Issued by www verisign com Valid from 8 9 2003 to ...

Страница 447: ... Syntax ip https certificate number no ip https certificate Parameters number Specifies the certificate number Range 1 2 Default Configuration There is no default configuration for this command Command Mode Global Configuration mode User Guidelines The crypto certificate generate command should be used to generate HTTPS certificates Example The following example configures the active certificate f...

Страница 448: ...jAIBgNVBAcTASAxFDASBgNVBAMTCzEwLjYuNDEuMTM4MQowCAYDVQQK EwEgMQowCAYDVQQLEwEgMB4XDTAzMDQzMDIwNTE1NFoXDTA0MDQyOTIwNTE1NFow UzELMAkGA1UEBhMCICAxCjAIBgNVBAgTASAxCjAIBgNVBAcTASAxFDASBgNVBAMT CzEwLjYuNDEuMTM4MQowCAYDVQQKEwEgMQowCAYDVQQLEwEgMIGfMA0GCSqGSIb3 DQEBAQUAA4GNADCBiQKBgQDrQxdrGjKwJMtq6YDF4aAoCnY2vXTivToJEn9vI55y eIwn4n2dH1fKCxhnvJSmMk jtA9pbQTALSWCm2S3jllZyWsE tnnPUkkuNtApBa6 6OOy80lpYdpJuSJ8V 0...

Страница 449: ... server configuration Syntax show ip http Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the HTTP server configuration Console show ip http HTTP server enabled Port 80 ...

Страница 450: ...ample displays the HTTP server configuration Console show ip https HTTPS server enabled Port 443 Certificate 1 is not active Issued by C ST L CN 10 6 41 138 O OU Valid From Apr 30 20 51 54 2003 GMT Valid to Apr 29 20 51 54 2004 GMT Subject C ST L CN 10 6 41 138 O OU SHA1 Fingerprint B3536E86 9487B229 C0A44199 DAB98046 7861F705 Certificate 2 is active Issued by C ST L CN 10 6 41 138 O OU Valid From...

Страница 451: ...Web Server Commands show ip https Page 448 ...

Страница 452: ...ult Configuration No authentication method is defined Command Mode Global Configuration mode User Guidelines Additional methods of authentication are used only if the previous method returns an error and not if the request for authentication is denied To ensure that authentication succeeds even if all methods return an error specify none as the final method in the command line The RADIUS server mu...

Страница 453: ...store the default configuration use the no form of this command Syntax dot1x system auth control no dot1x system auth control Default Configuration 802 1x is disabled globally Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables 802 1x globally Console config dot1x system auth control ...

Страница 454: ...ion exchange required The port resends and receives normal traffic without 802 1x based authentication of the client force unauthorized Denies all access through this interface by forcing the port to transition to the unauthorized state and ignoring all attempts by the client to authenticate The device cannot provide authentication services to the client through the interface Default Configuration...

Страница 455: ... use the no form of this command Syntax dot1x re authentication no dot1x re authentication Default Configuration Periodic re authentication is disabled Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example enables periodic re authentication of the client Console config interface ethernet 1 16 Console config if...

Страница 456: ...thperiod seconds no dot1x timeout re authperiod Parameters seconds Number of seconds between re authentication attempts Range 300 4294967295 Default Configuration Re authentication period is 3600 seconds Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example sets the number of seconds between re authentication ...

Страница 457: ...port Syntax dot1x re authenticate ethernet interface Parameters interface Valid Ethernet port Full syntax unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following command manually initiates a re authentication of 802 1x enabled Ethernet port 1 16 Console dot1x re a...

Страница 458: ...e with the client Range 0 65535 seconds Default Configuration Quiet period is 60 seconds Command Mode Interface Configuration Ethernet mode User Guidelines During the quiet period the device does not accept or initiate authentication requests The default value of this command should only be changed to adjust for unusual circumstances such as unreliable links or specific behavioral problems with ce...

Страница 459: ...n seconds that the device waits for a response to an EAP request identity frame from the client before resending the request Range 1 65535 seconds Default Configuration Timeout period is 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines The default value of this command should be changed only to adjust for unusual circumstances such as unreliable links or specific behav...

Страница 460: ...q Parameters count Number of times that the device sends an EAP request identity frame before restarting the authentication process Range 1 10 Default Configuration The default number of times is 2 Command Mode Interface Configuration Ethernet mode User Guidelines The default value of this command should be changed only to adjust for unusual circumstances such as unreliable links or specific behav...

Страница 461: ...waits for a response to an EAP request frame from the client before resending the request Range 1 65535 seconds Default Configuration Default timeout period is 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines The default value of this command should be changed only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain...

Страница 462: ...or a response from the authentication server Range 1 65535 seconds Default Configuration The timeout period is 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines The actual timeout can be determined by comparing the dot1x timeout server timeout value and the result of multiplying the radius server retransmit value with the radius server timeout value and selecting the lo...

Страница 463: ...de Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the status of 802 1x enabled Ethernet ports Console show dot1x 802 1x is enabled Port Admin Mode Oper Mode Reauth Control Reauth Period Username 1 1 Auto Authorized Ena 3600 Bob 1 2 Auto Authorized Ena 3600 John 1 3 Auto Unauthorized Ena 3600 Clark 1 4 Force auth Authorized ...

Страница 464: ...nticator State Machine State HELD Backend State Machine State IDLE Authentication success 9 Authentication fails 1 Field Description Port The port number Admin mode The port admin mode Possible values Force auth Force unauth Auto Oper mode The port oper mode Possible values Authorized Unauthorized or Down Reauth Control Reauthentication control Reauth Period Reauthentication period Username The us...

Страница 465: ...ut Time in seconds the switch waits for a response to an EAP request frame from the client before resending the request Server timeout Time in seconds the switch waits for a response from the authentication server before resending the request Session Time The amount of time the user is logged in MAC address The supplicant MAC address Authentication Method The authentication method used to establis...

Страница 466: ...ration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays 802 1x users Console show dot1x users Port Username Session Time Auth Method MAC Address 1 1 Bob 1d 03 08 58 Remote 0008 3b79 8787 1 2 John 08 19 17 None 0008 3b89 3127 Console show dot1x users username Bob Username ...

Страница 467: ...play Field Description Port The port number Username The username representing the identity of the Supplicant Session Time The period of time the Supplicant is connected to the system Authentication Method Authentication method used by the Supplicant to open the session MAC Address MAC address of the Supplicant ...

Страница 468: ...nd has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays 802 1x statistics for the specified interface Console show dot1x statistics ethernet 1 1 EapolFramesRx 11 EapolFramesTx 12 EapolStartFramesRx 12 EapolLogoffFramesRx 1 EapolRespIdFramesRx 3 EapolRespFramesRx 6 EapolReqIdFramesTx 3 Eap...

Страница 469: ...nticator EapolRespFramesRx The number of valid EAP Response frames other than Resp Id frames that have been received by this Authenticator EapolReqIdFramesTx The number of EAP Req Id frames that have been transmitted by this Authenticator EapolReqFramesTx The number of EAP Request frames other than Rq Id frames that have been transmitted by this Authenticator InvalidEapolFramesRx The number of EAP...

Страница 470: ...Default Configuration Access is enabled Command Mode Interface Configuration VLAN mode User Guidelines An access port cannot be a member in an unauthenticated VLAN The native VLAN of a trunk port cannot be an unauthenticated VLAN For a general port the PVID can be an unauthenticated VLAN although only tagged packets would be accepted in the unauthorized state Example The following example enables ...

Страница 471: ...face Configuration Ethernet mode User Guidelines This command enables the attachment of multiple clients to a single 802 1x enabled port In this mode only one of the attached hosts must be successfully authorized for all hosts to be granted network access If the port becomes unauthorized all attached clients are denied access to the network For unauthenticated VLANs multiple hosts are always enabl...

Страница 472: ...e not the supplicant address discard shutdown Discards frames with source addresses that are not the supplicant address The port is also shut down trap Indicates that SNMP traps are sent seconds Specifies the minimum amount of time in seconds between consecutive traps Range 1 1000000 Default Configuration Frames with source addresses that are not the supplicant address are discarded No traps are s...

Страница 473: ...le Interface Configuration mode command to enable unauthorized users on an interface to access the guest VLAN If the guest VLAN is defined and enabled the port automatically joins the guest VLAN when the port is unauthorized and leaves it when the port becomes authorized To be able to join or leave the guest VLAN the port should not be a static member of the guest VLAN Example The following exampl...

Страница 474: ...guest vlan enable no dot1x guest vlan enable Default Configuration Disabled Command Mode Interface Configuration Ethernet mode User Guidelines A device can have only one global guest VLAN The guest VLAN is defined using the dot1x guest vlan Interface Configuration mode command Example The following example enables unauthorized users on Ethernet port 1 1 to access the guest VLAN Console configure C...

Страница 475: ...iguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays 802 1x advanced features for the device Console show dot1x advanced Guest VLAN 2 Unauthenticated VLANs 91 92 Interface Multiple Hosts Guest VLAN 1 1 Disabled Enabled 1 2 Enabled Disabled Console show dot1x advance...

Страница 476: ...DXS DWS 3200 series CLI Reference Guide Page 473 Single host parameters Violation action Discard Trap Enabled Trap frequency 100 Status Single host locked Violations since last trap 9 ...

Страница 477: ...802 1x Commands show dot1x advanced Page 474 ...

Страница 478: ...S index Range 1 65535 ssid The SSID string of the ESS Range 1 32 characters Default Configuration The default ESS is automatically added to the radio interface Command Mode AP Interface Radio Configuration mode User Guidelines There are no user guidelines for this command Example The following example adds an ESS to a radio interface called enterprise Config wlan ap CR1 config Console Config ap in...

Страница 479: ...Syntax enable no enable Parameters This command has no keywords or arguments Default Configuration Enabled Command Mode AP Interface Radio Configuration mode User Guidelines There are no user guidelines for this command Example The following example administratively enables a BSS Console Config ap radio if enable Console Config ap radio if bss configure enterprise Console Config ap bss if ...

Страница 480: ...SS index Range 1 65535 ssid The SSID string of the ESS Range 1 32 characters Default Configuration This command has no default configuration Command Mode AP Interface Radio Configuration mode User Guidelines There are no user guidelines for this command Example The following example places SSID device called enterprise in BSS Configuration mode Console Config ap radio if bss configure enterprise C...

Страница 481: ...nd Syntax advertise ssid no advertise ssid Parameters This command has no keywords or arguments Default Configuration The BSS SSID is advertised Command Mode BSS Configuration mode User Guidelines There are no user guidelines for this command Example The following example advertises the BSS SSID Console Config ap radio bss configure enterprise Console Config ap radio bss if advertise ssid ...

Страница 482: ...rate list Specifies the data rates that should be supported Available rates are as follows 802 11g 1 2 5 5 6 9 11 12 18 24 36 48 and 54 802 11a 6 9 12 18 24 36 48 and 54 Default Configuration All rates are optional except for the following rates that are mandatory 802 11g 1 802 11a 6 Command Mode BSS Configuration mode User Guidelines There are no user guidelines for this command Example The follo...

Страница 483: ...Wireless AP BSS Commands data rates Page 480 ...

Страница 484: ...Privileged EXEC mode User Guidelines When the configurations of all the deactivated AP is deleted the AP may reappear in the AP Discovery Table The clear wlan ap command can also be used to remove an AP that is irrelevant either associated with another device or removed from the system from the APs discovery table If the AP is still relevant not associated with another device and not removed from ...

Страница 485: ...adecimal format 32 hexadecimal characters must be entered ascii string The secure key in hexadecimal format From 1 16 characters can be entered If less than 16 characters are entered the software completes the key to 16 characters with blank characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines If the secure key is not set...

Страница 486: ...ss configure Parameters name The AP name Range 1 32 characters mac address The AP MAC address Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Only active APs can be placed in AP Configuration mode Example The following example sets the device in AP Configuration mode Console Config wlan ap CR1 config Console Config wlan ap ...

Страница 487: ...e no form of this command Syntax name string no name Parameters name The AP name Default Configuration The AP s MAC address Command Mode AP Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures a wireless AP name to enterprise Console Config wlan ap CR1 config Console Config ap name enterprise ...

Страница 488: ...r VLANs Range 0 99 Default Configuration The default wireless AP priority for VLAN tunneling is 20 Command Mode AP Configuration mode User Guidelines If one of the stations that are associated with an AP is associated with a VLAN that the AP does not have a direct connection to the AP initiates a tunnel with the AP that has a direct connection to that VLAN The AP with the highest tunneling priorit...

Страница 489: ...the no form of this command Syntax wan enable no wan enable Parameters This command has no keywords or arguments Default Configuration Disabled Command Mode AP Configuration mode User Guidelines There are no user guidelines for this command Example The following example accommodates certain timing constrains in the communication to a remotely connected wireless AP separated by a WAN link or the In...

Страница 490: ... AP s serial port use the no form of this command Syntax console logging no console logging Parameters This command has no keywords or arguments Default Configuration Disabled Command Mode AP Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables logging information on a wireless AP s serial port Console config ap wan enable Console c...

Страница 491: ...figuration mode Syntax interface ethernet Parameters This command has no keywords or arguments Default Configuration This command has no default configuration Command Mode AP Configuration mode User Guidelines There are no user guidelines for this command Example The following example enters the Interface Configuration mode Console Config ap interface ethernet Console Config ap if ...

Страница 492: ...nsecutive VLAN IDs with a comma and no spaces use a hyphen to designate a range of IDs remove vlan list List of VLAN IDs to remove Separate nonconsecutive VLAN IDs with a comma and no spaces use a hyphen to designate a range of IDs Default Configuration VLAN number 1 Command Mode AP interface Ethernet Configuration mode User Guidelines A VLAN cannot be removed from the allowed VLANs if it is defin...

Страница 493: ...this command Syntax vlan native vlan id no vlan native Parameters vlan id VLAN ID of the native VLAN Default Configuration VLAN 1 Command Mode AP interface Ethernet Configuration mode User Guidelines A VLAN can be defined as a native VLAN only if it is one of the allowed VLANs Example The following example sets the native VLAN of the Ethernet port for a wireless AP to 2 Console Config ap interface...

Страница 494: ...ntax wlan template ap create name no wlan template ap create name Parameters name The name of the AP template Range 1 32 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example creates a wireless AP template called enterprise Console config wlan temp...

Страница 495: ...te Range 1 32 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines All AP configuration commands are relevant to template APs except for the name AP configuration command and wlan ap key Global Configuration commands Example The following example places the device in wireless AP template configuration mode to configure te...

Страница 496: ...me The template AP name Range 1 32 characters ap name The AP name Range 1 32 characters Default Configuration This command has no default configuration Command Mode Wireless AP template configuration mode User Guidelines Copying the template to an AP overrides the entire AP configuration with the template configuration Example The following example copies a wirless AP configuration parameters from...

Страница 497: ...c address Parameters name The AP name Range 1 32 characters mac address The AP MAC address a Radio type is 802 1a g Radio type is 802 1g ssid The ESS SSID Range 1 32 characters Default Configuration name ssid Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on active APs Console show wlan aps Name MAC...

Страница 498: ...Status Disabled 802 11a Radio Enabled 802 11g Radio Enabled VLANs Allowed 2 3 Native VLAN 2 Tunnel Priority 20 IP address 172 16 1 1 DNS name wlan switch1 ge com WAN Timing Constrains Disabled Console Logging Disabled Console show wlan aps radio Name Radio State Power Channel Traffic Oper Allow Admin AP1 a Enabled Maximum LG Enabled N A AP1 g Enabled Maximum LG Enabled Enabled AP2 a Enabled Maximu...

Страница 499: ...Wireless AP General Commands show wlan aps Page 496 AP2 g Enterprise Enabled Enabled AP2 a Guest Enabled Enabled Console show wlan aps ess Name Radio SSID State Advertise ...

Страница 500: ...thernet port 3 Priority The priority of the AP as a source for tunneling The following example displays the AP model serial number and software versions Console show wlan aps vlans Name Station VLANs Ethernet VLANs Priority AP1 1 2 3 1 2 30 AP2 1 2 3 4 1 3 4 20 Console show wlan aps versions Name Model Serial number Boot Loader Version Software Version AP1 A1 3987587439 1 1 0 1 1 2 71 d AP2 A1 398...

Страница 501: ...SID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on an AP radio interface Console show wlan ap AP1 interface radio g State Enabled Allow traffic Enabled Channel Least Congested 11 Power Maximum Allow 802 11b Enabled Preamble Long RTS ...

Страница 502: ...Parameters name The AP name mac address The AP MAC address Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on an AP radio interface Console show wlan ap AP1 interface ethernet VLANs Allowed 2 3 Native VLAN 2 Tunnel source Enabled Tunnel ...

Страница 503: ...n the AP traffic Syntax show wlan aps counters radio a g ap name Parameters radio a g Specified Radio type If unspecified shows the total traffic on the AP ap name Specified AP name Range 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command ...

Страница 504: ...unters Name Stations Name Stations AP1 19 AP1 19 AP2 23 AP2 23 Name InUcastPkts InPkts InOctets In Errors AP1 756857 8691 8432 2 AP2 846584 9132 8921 2 Name InUcastPkts InPkts InOctets In Errors AP1 756857 8691 8432 2 AP2 846584 9132 8921 2 Name OutUcastPkts OutPkts OutOctets Out Errors AP1 87398238 922982 8118710 2 AP2 846584 913287 783278 2 ...

Страница 505: ...counters ap AP1 Number of stations 19 In Octets 756857 In Packets 8691 In Unicast Packets 8432 In Data Packets 8533 In Management Packets 158 In Errors 2 Out Octets 87398238 Out Packets 922982 Out Unicast Packets 811871 Out Data Packets 881831 Out Management Packets 41151 Out Errors 0 ...

Страница 506: ...ddress MAC address of the AP Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays wireless APs that were discovered but were not activated Console show wlan aps discovered MAC Address Key Discovery Time Status 00 9E 92 4C 73 FC 3 Aug 2005 15 41 43 Discov...

Страница 507: ... aps name Parameters name Specify the AP name Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays displays the template AP configuration Console show wlan template aps Name Radio a Radio g default Enabled Enabled indoor Enabled Enabled outdoor Enabled E...

Страница 508: ... VLAN 2 Tunnel Source Enabled Tunnel Priority 20 WAN Timing Constraints Disabled Console Logging Disabled Radio a State Enabled Allow traffic Enabled Channel Least Congested Power Max Preamble Long RTS Threshold 2312 Antenna Diversity Beacon Period 100 SSID State Advertise Data Rates Enterprise Enabled Enabled 6 m 9 12 18 24 36 48 54 Console show wlan template aps Name Radio a Radio g default Enab...

Страница 509: ...ve Allow traffic Enabled Channel Least Congested Power Max Allow 802 11b Enabled Preamble Long RTS Threshold 2312 Antenna Diversity Beacon Period 100 SSID State Advertise Data Rates Enterprise Enabled Enabled 6 m 9 12 18 24 36 48 54 Guest Enabled Enabled 1 m 2 5 5 6 9 11 12 18 24 ...

Страница 510: ...lt configuration Command Mode Global Configuration mode User Guidelines To end the session use a blank line The Certificate Authority certificate is used in the WLAN inter switch communication to validate certificates of other devices A CA certificate does not have to be configured for WEB management because the device authenticates an administrator by username and password and not by certificate ...

Страница 511: ...the CA certificate Syntax show crypto certificate mycertificate number Parameters number Specifies the certificate number Range 1 2 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the certificate Console show crypto certificate mycertificate 1 ...

Страница 512: ...main member ip address approve Parameters ip address Specify the IP address of the device being approved Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Use the show wlan domain certificate EXEC command to view the remote device certificate If a you installed a CA certificate is installed the certificate can be verified Example...

Страница 513: ...cify the IP address of the device that should be passive Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines If device X has a device Y marked passive then device X will never actively initiate a connection to Y Instead X will wait passively for Y to connect to X This feature is intended eventually to support devices that might be ...

Страница 514: ...nd to restore defaults Syntax wlan domain certificate number no wlan domain certificate Parameters number Specifies the certificate number Default Configuration Certificate number 1 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the active certificate for the WLAN inter switch communication as 12345 Cons...

Страница 515: ...keywords Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on the device WLAN domain Console show wlan domain Membership Member Master 172 16 1 1 Using Certificate number 1 Other switches in the domain IP address Status Passive 172 16 1 1 ...

Страница 516: ...e verification can be viewed To validate a certificate the device clock must be updated Example The following example displays certificate information Console show wlan domain certificate 172 16 1 1 Issued by Enterprise CA server Valid from 2 2 2005 to 2 2 2006 Subject CN 172 16 1 1 0 Enterprise C US Finger print DC789788 DC88A988 127897BC BB789788 This certificate was verified with the installed ...

Страница 517: ...WLAN Domain Commands wlan domain member approve Page 514 ...

Страница 518: ...lan ess create index ssid no wlan ess create index Parameters index The ESS index Range 2 65535 ssid The ESS SSID string Range 1 32 characters Default Configuration ESS number 1 always exists Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example creates an ESS with the index of 1200 and the SSID of abc123 Console config w...

Страница 519: ...d ssid Parameters index The ESS index Range 2 65535 ssid The ESS SSID string Range 1 32 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enters the ESS enterprise configuration mode Console Config wlan ess configure id 1200 Console Config ess ...

Страница 520: ...2 characters Default Configuration This command has no default configuration Command Mode ESS Configuration mode User Guidelines The SSID string must be a unique string in the system The command fails if an SSID already exists with the same name Example The following example configures the SSID name of an ESS as enterprise Console config ssid enterprise Console config wlan ess configure ssid enter...

Страница 521: ...no open vlan Parameters vlan id VLAN ID of the ESS default VLAN ssid The ESS SSID string Range 1 32 characters Default Configuration VLAN number 1 Command Mode ESS Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the ESS VLAN when there is no security suite for the ESS to VLAN ID number 2 Console Config wlan ess configure ssi...

Страница 522: ...meters wmm Wi Fi WMM mode svp SpectraLink support ssid The ESS SSID string Range 1 32 characters Default Configuration QoS in an ESS is disabled Command Mode ESS Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables QoS in an ESS in the Wi Fi WMM mode Console Config wlan ess configure ssid enterprise Console Config ess qos wwm ...

Страница 523: ...ed to an adjacent AP in the ESS prior to association periodically Load balancing calculations are performed at a fixed interval for all APs in an ESS Stations are moved to suitable APs in the ESS based on load balancing calculations ssid The ESS SSID string Range 1 32 characters Default Configuration Disabled Command Mode ESS Configuration mode User Guidelines There are no user guidelines for this...

Страница 524: ... MAC address filtering list deny Deny stations where their MAC address is in the MAC address filtering list ssid The ESS SSID string Range 1 32 characters Default Configuration Disabled Command Mode ESS Configuration mode User Guidelines The decision to allow a station to access the ESS is done only during the association time Use the mac filtering list command to configure the MAC address filteri...

Страница 525: ... remove Removes the defined MAC addresses from the MAC address filtering list in an ESS mac address A valid MAC address ssid The ESS SSID string Range 1 32 characters Default Configuration Empty list Command Mode ESS Configuration mode User Guidelines Use the mac filtering action ESS configuration command to enable the MAC address filtering list and to define the MAC address filtering list type Ex...

Страница 526: ... Fi networks WPA implements the majority of the IEEE 802 11i standard and was intended as an intermediate measure to take the place of WEP while 802 11i was prepared WPA is designed to work with all wireless network interface cards but not necessarily with first generation wireless access points WPA2 implements the full standard but will not work with some older network cards wpa psk WPA with pre ...

Страница 527: ...S at a time Open WEP security suite and WEP security suite cannot exist simultaneously For Open WEP and WEP keys you should enter one of the following options 40 bits 10 hex or 5 ASCII characters or 104 bits 26 hex or 13 ASCII characters For WPA PSK and WPA2 PSK keys you should enter 8 63 ASCII chars It is recommended to enter at least 20 chars or 256 bits in hex format Example The following examp...

Страница 528: ...hared wep Open or shared authentication with WEP encryption 802 1x 802 1x authentication with WEP wpa Wi Fi Protected Access WPA and WPA2 are systems to secure wireless Wi Fi networks WPA implements the majority of the IEEE 802 11i standard and was intended as an intermediate measure to take the place of WEP while 802 11i was prepared WPA is designed to work with all wireless network interface car...

Страница 529: ...he no form of this command Syntax vlan vlan id no vlan Parameters vlan id VLAN ID of the ESS default VLAN Default Configuration VLAN 1 Command Mode Security Suite ESS Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the policy VLAN for a security suite to VLAN ID 5 Console Config wlan ess security suite configure wpa Console ...

Страница 530: ...ing timeout period Range 1 4294967295 rekey time multicast minutes Multicast rekeying timeout period Range 1 4294967295 reauth time seconds Re authentication timeout period Range 1 4294967295 idle time seconds DLE timeout period Range 1 9676800 never There is an unlimited rekeying timeout period Default Configuration rekey time unicast Never rekey time multicast Never reauth time 14400 idle time N...

Страница 531: ...o form of this command Syntax update gkey on leave no update gkey on leave Parameters This command has no keywords or arguments Default Configuration No key is defined Command Mode Security Suite ESS Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines that a group key should be updated after a station leaves the AP Console Config w...

Страница 532: ...o form of this command Syntax wpa2 pre authentication no wpa2 pre authentication Parameters This command has no keywords or arguments Default Configuration This command has no default configuration Command Mode ESS Configuration mode User Guidelines The command can only be enabled if WPA2 PMK caching is enabled Example The following example enables WPA2 pre authentication in an ESS Console Config ...

Страница 533: ...ameters index The ESS index Range 1 65535 ssid The SSID string of the ESS Range 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example configures the display of the WLAN ESS configuration console show wlan ess configuration Index SSID Security Suite L...

Страница 534: ...WPA VLAN 8 Unicast Rekeying Timeout Never Multicast Rekeying Timeout Never Update Group Key On Leave Enabled Security Suite WPA2 VLAN 9 Unicast Rekeying Timeout Never Multicast Rekeying Timeout Never Update Group Key On Leave Enabled Console show wlan ess configuration 2 Index 2 SSID Guest Load Balancing Disabled QoS Disabled Mac Filter Permit WPA2 Preauthentication Enabled Open VLAN 1 Security su...

Страница 535: ...onfiguration he following example configures the display of WLAN ESS radios configuration Console show wlan ess vlans Index SSID Security Suite VLAN 1 Enterprise WPA 9 1 Enterprise WPA2 9 2 Guest 1 Console show wlan ess radios Index SSID Radios 1 Enterprise AP1 a AP1 g AP2 a AP2 g AP3 a AP3 g 2 Guest AP1 g AP2 g ...

Страница 536: ...rs index The ESS index Range 1 65535 ssid The SSID string of the ESS Range 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the ESS MAC filtering lists Console show wlan ess mac filtering lists guest Action Permit 00 9E 93 82 83 A1 00...

Страница 537: ...nge 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays station numbers at each ESS The following example displays station numbers at ESS enterprise Console show wlan ess counters Index SSID Stations 1 Enterprise 182 2 Guest 3 Console sh...

Страница 538: ...eters 802 11a In accordance with 802 11a protocol 802 11g In accordance with 802 11g protocol Default Configuration This command has no default configuration Command Mode AP Configuration mode User Guidelines There are no user guidelines for this command Example The following example places the device in the Radio Configuration mode complying with the 802 11a protocol Console Config wlan ap interf...

Страница 539: ...s This command has no keywords or arguments Default Configuration Enable Command Mode AP Interface Radio Configuration mode User Guidelines Use the wlan tx power off Global Configuration command to globally enable disable TX power TX power is enabled on specific AP only if TX power is enabled globally and for the AP Example The following example administratively enables the radio Console Config wl...

Страница 540: ...ranges are as follows 802 11g 2412 2417 2422 2427 2432 2437 2442 2447 2452 2457 2462 2467 2472 2484 802 11a 5170 5180 5190 5200 5210 5220 5230 5240 5260 5280 5300 5320 5745 5765 5785 5805 least congested Enables or disables the scanning for a least busy radio channel Default Configuration Least congested channel Command Mode AP Interface Radio Configuration mode User Guidelines The valid frequenci...

Страница 541: ...aximum power eighth Eighth of the maximum power min Minimum power Default Configuration Maximum power Command Mode AP Interface Radio Configuration mode User Guidelines The maximum power depends on the country code that was set by the wlan country code Global Configuration command The power is off if the wlan tx power off Global Configuration command was activated Example The following example con...

Страница 542: ... command Syntax allow traffic no allow traffic Parameters This command has no keywords or arguments Default Configuration Users traffic is allowed Command Mode AP Interface Radio Configuration mode User Guidelines There are no user guidelines for this command Example The following example allows user traffic Console Config wlan ap interface radio 802 11g Console Config wlan ap radio allow traffic ...

Страница 543: ...t no preamble Parameters long The AP supports long and short preambles short The AP supports only short preambles Default Configuration Long Command Mode AP Interface Radio configuration mode User Guidelines This command is only relevant for 802 11g transceivers Example The following example configures the preamble support for 802 11g transceivers to long Console Config wlan ap interface radio 802...

Страница 544: ...s number Specifies the packet size in bytes above which the access point negotiates an RTS CTS before sending out the packet Range 0 2347 Default Configuration The default RTS threshold is 2312 bytes Command Mode AP Interface Radio Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the RTS threshold to 2300 bytes Console Config...

Страница 545: ...no antenna Parameters diversity Specifies the antenna with the best signal 1 Specifies antenna number 1 2 Specifies antenna number 2 Default Configuration Diversity Command Mode AP Interface Radio Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures antenna 1 for the transceiver Console Config wlan ap interface radio 802 11g Cons...

Страница 546: ...eacon period Parameters milliseconds Specifies the beacon time in milliseconds Range 10 4095 Default Configuration The default beacon period is 100 milliseconds Command Mode AP Interface Radio Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the beacon period to 2000 milliseconds Console Config wlan ap interface radio 802 11g...

Страница 547: ...Wireless AP Radio Commands beacon period Page 544 ...

Страница 548: ...nd has no keywords or arguments Default Configuration Rogue detection is disabled Command Mode AP Interface Radio Configuration mode User Guidelines Use the rogue detect enable Global Configuration command to globally enable disable rogue detection Rouge detection can be enabled on a specific AP only if rogue detection is enabled globally and for the AP Example The following example enables the de...

Страница 549: ...ing interval of 240 seconds medium Scanning interval of 150 seconds short Scanning interval of 20 seconds Default Configuration The default scanning interval is long Command Mode AP Interface Radio Configuration mode User Guidelines A long scanning interval causes the least disruption of user traffic performance while a short scanning interval causes the most disruption of user traffic performance...

Страница 550: ...lan rogue detect rogue ap mac address state Parameters mac address The rogue AP MAC address known Specify that the rogue AP is known mitigate Specify that the rogue AP should be mitigated Default Configuration New Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the status of rogue AP with the MAC address 00 9E ...

Страница 551: ...on This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Deleting a rogue AP from the list does not mitigate or suppress the rogue If the rogue AP is still physically present and active it will reappear in the Rogue Access Point list after subsequent scans for rogue APs is performed Example The following example deletes a rogue AP with the MAC address 00 9E 92...

Страница 552: ...P name Range 1 32 characters mac address Specify the AP MAC address Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information about rogue APs detection configuration Console show wlan rogue aps configuration Rogue APs detection is enabled AP name ...

Страница 553: ...ion This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The show wlan rogue aps list command displays each rogue at one entry even if it was discovered by more than one Radio Example The following example displays information about potential rogue APs Console show wlan rogue aps list MAC Address Status SSID Ch Last seen WlanSys 82 73 FC New test 1 3 Aug 2005...

Страница 554: ...dress Parameters mac address The AP MAC address detecting rogue APs Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays a list of APs that has detected a rogue AP with the MAC address 00 9E 93 82 73 FC Console show wlan rogue aps neighborhood 00 9E 93 8...

Страница 555: ...Wireless Rogue AP Commands show wlan rogue aps neighborhood Page 552 ...

Страница 556: ... CAPWAP IP address is defined Command Mode Global Configuration mode User Guidelines Reboot the device after modifying the CAPWAP IP address If an ip address is specified it must be one of the IP addresses configured to the device If hostname is specified in secure mode the hostname is translated to an IP address when the command is executed The command fails when hostname is specified in secure m...

Страница 557: ...f no wlan tx power off Parameters This command has no keywords or arguments Default Configuration Auto Command Mode Global Configuration mode User Guidelines Use the enable AP interface radio configuration command to enable disable TX power of specific AP TX power is enabled on a specific AP only if TX power is enabled globally and for the AP Example The following example turns off all AP transmit...

Страница 558: ...ion mode User Guidelines The following table lists the supported country codes Country Code Country Code Country Code Albania AL Germany DE Norway NO Algeria DZ Greece GR Oman OM Argentina AR Guatemala GT Pakistan PK Armenia AM Hong Kong HK Panama PA Australia AU Hungary HU Peru PE Austria AT Iceland IS Philippines PH Azerbaijan AZ India IN Poland PL Bahrain BH Indonesia ID Portugal PT Belarus BY ...

Страница 559: ...chtenstein LI Syria SY Cyprus CY Lithuania LT Taiwan TW Czech Republic CZ Luxembourg LU Thailand TH Denmark DK Macau MO Turkey TR Dominican Republic DO Macedonia MK U A E AE Ecuador EC Malaysia MY Ukraine UA Egypt EG Mexico MX United Kingdom GB Estonia EE Monaco MC United States US Finland FI Morocco MA Uruguay UY France FR Netherlands NL Venezuela VE Georgia GE New Zealand NZ Vietnam VN Console c...

Страница 560: ...ters This command has no keywords or arguments Default Configuration Disabled Command Mode Global Configuration mode User Guidelines The Auto Transmit Power algorithm adjusts the transmit power of APs so the signal strength heard at the second closest access point is as close as possible to the target signal strength configured by the wlan tx power auto signal strength Global Configuration command...

Страница 561: ...lan tx power auto interval minutes no wlan tx power auto interval Parameters minutes Specifies the recalculation period in minutes Range 1 15000 minutes Default Configuration The default recalculation period is 10 minutes Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the recalculation Auto Transmit Powe...

Страница 562: ...tax wlan tx power auto signal strength dbm no wlan tx power auto signal strength Parameters dbm Specifies the signal strength in dBm Range 40 dBm 80 dBm Default Configuration The default target signal strength is 68 dBm Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the target signal strength heard at th...

Страница 563: ... the signal loss in dB Range 20 80 dB Default Configuration The default minimum signal loss difference is 60 dB Command Mode Global Configuration mode User Guidelines The Auto Transmit Power algorithm adjusts AP power due to another AP which is very close because it is impossible to avoid interference in that case and the APs will have essentially the same coverage zone The minimum signal loss is ...

Страница 564: ...and Syntax wlan station idle timeout minutes no wlan station idle timeout Parameters minutes Specifies the IDLE timeout in minutes Range 3 1440 Default Configuration The default timeout is 30 minutes Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the length of time before an idle station is removed from ...

Страница 565: ... station mac address Parameters mac address The station MAC address Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example disassociates a station with the MAC address 00 9E 92 4C 73 FC Console clear wlan station 00 9E 92 4C 73 FC ...

Страница 566: ...d EXEC mode User Guidelines There are no user guidelines for this command Example The following example specifies the WLAN information for user called DLink console show wlan aps DLink NAME DLink MAC Address 00 f0 00 00 06 25 Type a g State Active 802 11a Radio Enabled 802 11g Radio Enabled VLANs Allowed 2 3 4 5 66 77 88 99 221 224 226 666 1000 Native VLAN 1 Tunnel Source State Enabled Tunnel Prio...

Страница 567: ...arameters This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on the WLAN automatic power transmission configuration Console show wlan auto tx power Automatic Transmit Power is enabled Interval 10 mi...

Страница 568: ...rameters This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on the WLAN logging configuration Console show wlan logging configuration Station authorized Disabled Station unauthorized Disabled Statio...

Страница 569: ...fault Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on the WLAN stations configuration The following example displays information on the WLAN stations configuration for AP1 Console show wlan stations MAC address State SSID AP Session Time 00 9...

Страница 570: ...ole show wlan stations mac 00 9E 93 82 83 91 MAC address 00 9E 93 82 83 91 WlanSys 82 83 91 State Authorized AP AP1 g SSID Enterprise Security WPA VLAN 8 IP address 192 16 1 21 Session Time 1d 03 23 58 Expiration time 00 08 53 802 11b station No Station data rates 6 9 11 12 18 24 36 48 54 Preferred AP AP2 g Console show wlan stations ess ssid MAC address SSID Security VLAN 00 9E 93 82 83 91 Enterp...

Страница 571: ...type of security suite used to protect communications to and from the station VLAN The VLAN that the station is on IP Address The station s IP address Session Time The time the station is connected to the AP Expiration Time The period of time in hours minutes and seconds until the station would be disconnected if no traffic is received from the station 802 11b Station Indicates if the station is 8...

Страница 572: ...eters mac mac address The station s MAC address Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on stations traffic Console show wlan stations counters Number of stations 2 MAC Address InPkts OutPkts MIC Errors 00 9E 93 82 83 91 183892 1...

Страница 573: ...Wireless WLAN Commands show wlan stations counters Page 570 ...

Страница 574: ... installing the device and how to resolve these issues This section includes the following topics Problem Management Provides information about problem management with DXS 3250 DXS 3227P DXS 3227 Troubleshooting Solutions Provides a list of troubleshooting issues and solutions for using the DXS 3250P DXS 3227P DXS 3227 devices ...

Страница 575: ...o connection is established and the port LED is on Device is in a reboot loop No connection and the port LED is off Add and Edit pages do not open Lost password Problem Possible Cause Solution Cannot connect to management using RS 232 serial connection Ensure the terminal emulator program is set to VT 100 compatible 9600 baud rate no parity 8 data bits and one stop bit Use the included cable or en...

Страница 576: ...kstation with IP protocol Faulty ethernet cable Replace the cable Faulty port Replace the module Faulty module Replace the module Incorrect initial configuration Erase the connection and reconfigure the port Device is in a reboot loop Software fault Download and install another working or previous software version from the console No connection and the port LED is off Incorrect ethernet cable e g ...

Страница 577: ...ollowing message is displayed Console reload Are you sure you want to reboot the system y n n 2 Enter Y The device reboots After the POST when the text Autoboot in 2 seconds press RETURN or Esc to abort and enter prom is displayed press Enter The Startup Menu is displayed 1 Download software 2 Erase flash file 3 Erase flash sectors 4 Password Recovery Procedure 5 Enter Diagnostic Mode 6 Back 3 Ent...

Страница 578: ...X 49 6196 7799300 URL www dlink de France Le Florilege 2 Allee de la Fresnerie 78330 Fontenay le Fleury France TEL 33 1 30238688 FAX 33 1 30238689 URL www dlink france fr Netherlands Weena 290 3012 NJ Rotterdam Netherlands Tel 31 10 282 1445 Fax 31 10 282 1331 URL www dlink benelux com Belgium Rue des Colonies 11 B 1000 Brussels Belgium Tel 32 0 2 517 7111 Fax 32 0 2 517 6500 URL www dlink benelux...

Страница 579: ...99 1800 FAX 61 2 8899 1868 URL www dlink com au India D Link House Kurla Bandra Complex Road Off CST Road Santacruz East Mumbai 400098 India TEL 91 022 26526696 56902210 FAX 91 022 26528914 URL www dlink co in Middle East Dubai P O Box 500376 Office No 103 Building 3 Dubai Internet City Dubai United Arab Emirates Tel 971 4 3916480 Fax 971 4 3908881 URL www dlink me com Turkey Regus Offices Beybi G...

Страница 580: ...k II Block B 102 106 Witch Hazel Avenue Highveld Technopark Centurion Gauteng Republic of South Africa TEL 27 12 665 2165 FAX 27 12 665 2186 URL www d link co za Russia Grafsky per 14 floor 6 Moscow 129626 Russia TEL 7 095 744 0099 FAX 7 095 744 0099 350 URL www dlink ru China No 202 C1 Building Huitong Office Park No 71 Jianguo Road Chaoyang District Beijing 100025 China TEL 86 10 58635800 FAX 86...

Страница 581: ...Page 578 ...

Результаты поиска

Содержание xStack DWS-3200 Series

Отзывы:

Похожие инструкции для xStack DWS-3200 Series

Бренды по названию

Популярные бренды

D-Link xStack DWS-3200 Series, Руководство CLI

Результаты поиска

Содержание xStack DWS-3200 Series

Отзывы:

Похожие инструкции для xStack DWS-3200 Series

Бренды по названию

Популярные бренды