manualshive.com logo in svg

Enterasys Enterasys Matrix DFE-Gold Series, Руководство по настройке

У нас есть конфигурационный руководство для продукта Enterasys Matrix DFE-Gold Series. Вы можете скачать его бесплатно с нашего сайта. Руководство поможет вам настроить устройство и использовать его в полную силу. Посетите manualshive.com для скачивания.

Поделиться
Скачать
background image

Configuring Access Lists

access-list (extended)

24-18 Security Configuration

To apply ACL restrictions to IP, UDP, or ICMP packets:

access-list

 

access-list-number 

{

deny 

permit

protocol

 

source 

[

source-wildcard

[

operator

 [

port

]] 

destination 

[

destination-wildcard

] [

operator

 [

port

]] 

[

tos-extensions

][

icmp-type

 [

icmp-code

] [

log

]

To apply ACL restrictions to TCP packets:

access-list

 

access-list-number 

{

deny 

permit

protocol

 

source 

[

source-wildcard

[

operator

 [

port

]] 

destination 

[

destination-wildcard

] [

operator

 [

port

]] 

[

tos-extensions

][

icmp-type

 [

icmp-code

] [

established

] [

log

]

no access-list 

access-list-number 

[

entry

]

Parameters

access

list

number

Specifies

 

an

 

extended

 

access

 

list

 

number.

 

Valid

 

values

 

are

 

from

 

100

 

to

 

199

.

 

insert

 

|

 

replace

 

entry

(Optional)

 

Inserts

 

this

 

new

 

entry

 

before

 

a

 

specified

 

entry

 

in

 

an

 

existing

 

ACL,

 

or

 

replaces

 

a

 

specified

 

entry

 

with

 

this

 

new

 

entry.

log

 

1

5000

 

|

 

all

Enable

 

syslog

 

for

 

ACL

 

entry

 

hits.

 

Enable

 

syslog

 

for

 

sequential

 

numbers

 

of

 

ACL

 

entries

 

or

 

for

 

all

 

ACL

 

entries.

move

 

destination

 

source1

 

source2

(Optional)

 

Moves

 

a

 

sequence

 

of

 

access

 

list

 

entries

 

before

 

another

 

entry.

 

Destination

 

is

 

the

 

number

 

of

 

the

 

existing

 

entry

 

before

 

which

 

this

 

new

 

entry

 

will

 

be

 

moved.

 

Source1

 

is

 

a

 

single

 

entry

 

number

 

or

 

the

 

first

 

entry

 

number

 

in

 

the

 

range

 

to

 

be

 

moved.

 

Source2

 

(optional)

 

is

 

the

 

last

 

entry

 

number

 

in

 

the

 

range

 

to

 

be

 

moved.

 

If

 

not

 

specified,

 

only

 

the

 

source1

 

entry

 

will

 

be

 

moved.

deny

 

|

 

permit

Denies

 

or

 

permits

 

access

 

if

 

specified

 

conditions

 

are

 

met.

protocol

Specifies

 

an

 

IP

 

protocol

 

for

 

which

 

to

 

deny

 

or

 

permit

 

access.

 

Valid

 

values

 

and

 

their

 

corresponding

 

protocols

 

are:

 

0

 

 

255

 ‐ 

Any

 

IP

 

protocol

 

number,

 

as

 

listed

 

in

 

http://www.iana.org/

assignments/protocol

numbers

ip

 

‐ 

Any

 

Internet

 

protocol

icmp

 

‐ 

Internet

 

Control

 

Message

 

Protocol

udp

 

‐ 

User

 

Datagram

 

Protocol

tcp

 ‐ 

Transmission

 

Protocol

ah

 ‐ 

Authentication

 

Header

 

Protocol

esp

 ‐ 

Encapsulation

 

Security

 

Payload

gre

 ‐ 

Generic

 

Router

 

Encapsulation

 

Protocol

source

 

Specifies

 

the

 

network

 

or

 

host

 

from

 

which

 

the

 

packet

 

will

 

be

 

sent.

 

Valid

 

options

 

for

 

expressing

 

source

 

are:

IP

 

address

 

or

 

range

 

of

 

addresses

 

(A.B.C.D)

any

 ‐ 

Any

 

source

 

host

host

 

source

 ‐ 

IP

 

address

 

of

 

a

 

single

 

source

 

host

source

wildcard

(Optional)

 

Specifies

 

the

 

bits

 

to

 

ignore

 

in

 

the

 

source

 

address.

Содержание Enterasys Matrix DFE-Gold Series

Страница 1: ...P N 9033933 15 Enterasys Matrix DFE Gold Configuration Guide Firmware Version 6 11 xx...

Страница 2: ......

Страница 3: ...KS HAS BEEN ADVISED OF KNEW OF OR SHOULD HAVE KNOWN OF THE POSSIBILITY OF SUCH DAMAGES Enterasys Networks Inc 50 Minuteman Road Andover MA 01810 2008 Enterasys Networks Inc All rights reserved Part Nu...

Страница 4: ...ssemble electronically transfer or reverse engineer the Licensed Software or to translate the Licensed Software into another computer language The media embodying the Licensed Software may be copied b...

Страница 5: ...obligation under this Agreement including a failure to pay any sums due to Enterasys or in the event that You become insolvent or seek protection voluntarily or involuntarily under any bankruptcy law...

Страница 6: ...es do not allow limitations on how long an implied warranty lasts and some states do not allow the exclusion or limitation of incidental or consequential damages so the above limitation and exclusion...

Страница 7: ...onfiguring the Line Editor 2 11 Commands 2 13 show line editor 2 13 set line editor 2 14 Setting User Accounts and Passwords 2 15 Purpose 2 15 Commands 2 15 show system login 2 15 set system login 2 1...

Страница 8: ...alias 2 53 set physical alias 2 54 clear physical alias 2 55 show physical assetid 2 55 set physical assetid 2 56 clear physical assetid 2 56 Activating Licensed Features 2 58 About Redundant Manageme...

Страница 9: ...and Image Files 2 80 Purpose 2 80 Commands 2 80 dir 2 81 show file 2 83 show config 2 85 configure 2 86 copy 2 86 delete 2 87 script 2 88 Enabling or Disabling the Path MTU Discovery Protocol 2 90 Pur...

Страница 10: ...imer 3 11 set ciscodp holdtime 3 11 set ciscodp port 3 12 clear ciscodp 3 13 Link Layer Discovery Protocol and LLDP MED 3 15 LLDP Frames 3 15 Configuration Tasks 3 15 Commands 3 16 show lldp 3 17 show...

Страница 11: ...ole bits 4 9 show console stopbits 4 9 set console stopbits 4 10 clear console stopbits 4 10 show console parity 4 11 set console parity 4 11 clear console parity 4 12 Reviewing Port Status 4 13 Purpo...

Страница 12: ...ort trap 4 39 set port trap 4 40 show linkflap 4 40 set linkflap globalstate 4 43 set linkflap 4 43 set linkflap interval 4 44 set linkflap action 4 44 clear linkflap action 4 45 set linkflap threshol...

Страница 13: ...MPv1 and SNMPv2c 5 2 SNMPv3 5 2 About SNMP Security Models and Levels 5 2 Using SNMP Contexts to Access Specific MIBs 5 3 Creating a Basic SNMP Trap Configuration 5 3 Reviewing SNMP Statistics 5 5 Pur...

Страница 14: ...nmp notifyprofile 5 39 clear snmp notifyprofile 5 39 Configuring SNMP Walk Behavior 5 41 Purpose 5 41 Commands 5 41 set snmp timefilter break 5 41 Chapter 6 Spanning Tree Configuration Overview Single...

Страница 15: ...pathcost 6 30 clear spantree legacypathcost 6 31 show spantree tctrapsuppress 6 31 set spantree tctrapsuppress 6 32 clear spantree tctrapsuppress 6 32 show spantree txholdcount 6 33 set spantree txhol...

Страница 16: ...ow spantree adminedge 6 60 set spantree adminedge 6 60 clear spantree adminedge 6 61 show spantree operedge 6 61 show spantree adminpoint 6 62 show spantree operpoint 6 62 set spantree adminpoint 6 63...

Страница 17: ...e 7 9 Commands 7 9 show port vlan 7 9 set port vlan 7 10 clear port vlan 7 11 show vlan interface 7 11 set vlan interface 7 12 clear vlan interface 7 13 show port ingress filter 7 13 set port ingress...

Страница 18: ...icy Based CoS Default and User Defined Configurations 8 21 Purpose 8 22 Commands 8 22 show cos state 8 23 set cos state 8 23 show cos port type 8 24 show cos unit 8 26 show cos port config 8 27 set co...

Страница 19: ...ble 9 6 show igmp grp full action 9 7 set igmp grp full action 9 7 show igmp config 9 8 set igmp config 9 9 set igmp delete 9 10 show igmp groups 9 10 show igmp static 9 11 set igmp add static 9 11 se...

Страница 20: ...1 9 clear smon priority 11 9 show smon vlan 11 10 set smon vlan 11 11 clear smon vlan 11 11 Configuring RMON 11 13 RMON Monitoring Group Functions and Commands 11 13 show rmon stats 11 15 set rmon sta...

Страница 21: ...oute 12 5 traceroute 12 6 set ip route 12 8 clear ip route 12 8 show port mac 12 9 show mac 12 10 set mac 12 11 clear mac 12 12 show newaddrtraps 12 13 set newaddrtraps 12 14 show movedaddrtrap 12 14...

Страница 22: ...clear netflow export interval 15 7 set netflow port 15 7 clear netflow port 15 8 set netflow export version 15 8 clear netflow export version 15 9 set netflow template 15 9 clear netflow template 15 1...

Страница 23: ...show ip protocols 16 22 show ip traffic 16 23 clear ip stats 16 24 show ip route 16 25 ip route 16 26 ip icmp 16 27 ping 16 28 traceroute 16 28 Configuring Debug IP Packet 16 30 Purpose 16 30 Commands...

Страница 24: ...guring Load Sharing Network Address Translation LSNAT 19 1 About LSNAT 19 1 LSNAT Configuration Considerations 19 1 Session Persistence 19 2 Sticky Persistence Configuration Considerations 19 2 Config...

Страница 25: ...name server 20 11 netbios node type 20 11 default router 20 12 bootfile 20 13 next server 20 13 option 20 14 lease 20 15 host 20 16 client class 20 16 client identifier 20 17 client name 20 18 hardwa...

Страница 26: ...spf dead interval 21 28 ip ospf authentication key 21 29 ip ospf message digest key md5 21 30 distance ospf 21 30 area range 21 31 area authentication 21 32 area stub 21 33 area default cost 21 34 are...

Страница 27: ...vrrp 21 71 Chapter 22 Port Priority and Rate Limiting Configuration Port Priority Configuration Summary 22 1 Configuring Port Priority 22 2 Purpose 22 2 Commands 22 2 show port priority 22 2 set port...

Страница 28: ...ver Server Farm 23 20 Configure the cache1 Web Cache 23 21 Configure the Switch and Router 23 21 Chapter 24 Security Configuration Overview of Security Methods 24 1 Configuring MAC Locking 24 2 Purpos...

Страница 29: ...t shutdown 24 32 set flowlimit notification 24 33 clear flowlimit notification interval 24 34 clear flowlimit stats 24 34 Chapter 25 Authentication Configuration Overview of Authentication Methods 25...

Страница 30: ...t macauthentication reauthentication 25 34 set macauthentication portreauthenticate 25 34 set macauthentication macreauthenticate 25 35 set macauthentication reauthperiod 25 35 clear macauthentication...

Страница 31: ...acacs session 25 67 set tacacs session 25 68 clear tacacs session 25 69 show tacacs command 25 70 set tacacs command 25 71 show tacacs singleconnect 25 71 set tacacs singleconnect 25 72 Chapter 26 RAD...

Страница 32: ...Editing Emacs vi Commands 2 11 2 8 Enabling the Switch for Routing 2 101 7 1 Example of VLAN Propagation via GVRP 7 23 16 1 Example of a Simple Enterasys Matrix Series Router Config File 16 11 21 1 Ph...

Страница 33: ...ls 8 3 8 2 show policy rule Output Details 8 9 8 3 Valid Values for Policy Classification Rules 8 15 8 4 Configuring User Defined CoS 8 21 8 5 show cos port type Output Details 8 25 8 6 show ip policy...

Страница 34: ...ils 21 46 21 5 show ip ospf neighbor Output Details 21 48 21 6 show ip ospf virtual links Output Details 21 49 21 7 show ip vrrp Output Details 21 72 22 1 show port ratelimit Output Details 22 10 24 1...

Страница 35: ...w setup throttling Configure policy based routing Configure access control lists ACLs Structure of This Guide The guide is organized as follows Chapter 1 Introduction provides an overview of the tasks...

Страница 36: ...sify frames to a VLAN or Class of Service CoS and how to assign or unassign ports to policy profiles so that only ports activated for a profile will be allowed to transmit frames accordingly Chapter 9...

Страница 37: ...C locking policy based routing and IP access control lists ACLs Denial of Service DoS prevention and flow setup throttling Chapter 25 Authentication Configuration describes how to configure 802 1X Net...

Страница 38: ...choice of an optional value Note Calls the reader s attention to any item of information that may be of special importance Router Calls the reader s attention to router specific commands and informati...

Страница 39: ...rk A description of your network environment such as layout cable type other relevant environmental information Network load and frame size at the time of trouble if known The device history for examp...

Страница 40: ...Getting Help xxxviii About This Guide...

Страница 41: ...ueueing and link aggregation Customized single source management and control with SNMP port mirroring Syslog RMON multi image support and configuration upload download Matrix Series CLI Overview Enter...

Страница 42: ...IUS TACACS CEP SSHv2 MAC locking and DoS attack prevention Configure access lists ACLs Device Management Methods The Matrix Series device can be managed using the following methods Locally using a VT...

Страница 43: ...on the Matrix Series device Table 2 1 lists default settings for Matrix Series switch operation Table 2 2 lists default settings for router mode operation For information about Refer to page Startup a...

Страница 44: ...ery interval is set to 125seconds and response time is set to 100 tenths of a second IP mask and gateway Subnet mask set to 255 0 0 0 default gateway set to 0 0 0 0 IP routes No static routes configur...

Страница 45: ...bility advertised on all ports Port broadcast suppression Disabled no broadcast limit Port duplex mode Set to half duplex except for 100BASE FX and 1000BASE X which is set to full duplex Port enable d...

Страница 46: ...et to 3 Spanning Tree version Set to mstp Multiple Spanning Tree Protocol Spanning Tree Loop Protect Disabled per port and per SID Spanning Tree Loop Protect event threshold 3 events Spanning Tree Loo...

Страница 47: ...s allowed Distribute list RIP No filters applied DoS prevention Disabled DVMRP Disabled Metric set to 1 Hello interval OSPF Set to 10 seconds for broadcast and point to point networks Set to 30 second...

Страница 48: ...Read Write access will be able to modify all modifiable parameters in set and show commands as well as view Read Only commands Administrators or Super Users will be allowed all Read Write and Read Onl...

Страница 49: ...n Guide the startup screen Figure 2 1 will display You can now start the Command Line Interface CLI by Using a default user account as described in Logging in with a Default User Account on page 2 7 o...

Страница 50: ...w the steps listed in Logging in with a Default User Account on page 2 7 or Enter an administratively configured user name and password The notice of authorization and the Matrix prompt displays as sh...

Страница 51: ...k after a keyword will display all commands beginning with the keyword Figure 2 2 shows how to perform a keyword lookup for the show snmp command In this case 13 additional keywords are used by the sh...

Страница 52: ...ed in set length on page 2 52 CLI output requiring more than one screen will display More to indicate continuing screens To display additional screen output Press any key other than ENTER to advance t...

Страница 53: ...s unique If it is the CLI will complete the fragment on the current display line By default this function is disabled For more information on enabling it using the set cli completion command refer to...

Страница 54: ...X Delete all characters before cursor Ctrl W Delete word to the left of cursor Ctrl Y Restore the most recently deleted item h Move left one character l Move right one character k Get previous shell...

Страница 55: ...ete mode Matrix rw show line editor Current Line Editor mode is set to EMACS Default Line Editor mode is set to Default Current DEL mode is set to delete System DEL mode is set to delete dl Delete cha...

Страница 56: ...Write Examples This example sets the current line editor to vi mode Matrix rw set line editor vi This example sets the default line editor to emacs mode and sets the selection to persist for future s...

Страница 57: ...e Defaults None Mode Switch command Super User Example This example shows how to display login account information In this case device defaults are user names admin ro and rw and have not been changed...

Страница 58: ...mmand is executed Configured with set system password history set system password on page 2 20 Password aging Number of days user passwords will remain valid before aging out Configured with set syste...

Страница 59: ...unt NOTE This option is intended only for use in configurations generated by the show config command allowed interval HH MM HH MM Optional Specifies the start and end hour HH and minute MM time period...

Страница 60: ...ivileges can change their own passwords but cannot enter or modify other system passwords Passwords must be a minimum of 8 characters and a maximum of 40 characters If configured password length must...

Страница 61: ...shows how a user with Read Write access would change his password Matrix rw set password Please enter old password Please enter new password Please re enter new password Password changed Matrix rw sh...

Страница 62: ...equire at creation yes no allow duplicates yes no substring match len ofChars allow repeating chars yes no change first login yes no change frequency minutes Parameters aging days disable Specifies th...

Страница 63: ...account allow duplicates Specifies whether multiple accounts can share the same password yes Specifies that multiple accounts may share the same password no Specifies that multiple accounts may not s...

Страница 64: ...there is no restriction on the frequency of password changes A configured minimum change frequency interval applies only to users without super user privileges attempting to change their own passwords...

Страница 65: ...s before account lockout 3 Duration of lockout superuser accounts only 15 minutes Period of inactivity before non superuser account lockout 0 days allow duplicates Specifies that the option controllin...

Страница 66: ...unt is locked out it can only be re enabled by a super user with the set system login command set system login on page 2 16 Table 2 4 show system lockout Output Details Output What it displays Unsucce...

Страница 67: ...words Enterasys Matrix DFE Gold Series Configuration Guide 2 25 Example This example shows how to set login attempts to 5 and lockout time to 30 minutes and the inactivity timer to 60 days Matrix su s...

Страница 68: ...isted below and described in the associated section as shown show mgmt auth notify Use this command to display the current setting for the Management Authentication Notification MIB Syntax show mgmt a...

Страница 69: ...are entered than all authentications types listed above will either be enabled or disabled Mode Switch command Read Write Usage Insure that SNMP is correctly configured on the DFE in order to send th...

Страница 70: ...mt auth notify Use this command to set the current setting for the Management Authentication Notification access types to the default setting of enabled Syntax clear mgmt auth notify Parameters None D...

Страница 71: ...gement Authentication Notification MIB Enterasys Matrix DFE Gold Series Configuration Guide 2 29 Matrix su clear mgmt auth notify Matrix su show mgmt auth notify Management Type Status console enabled...

Страница 72: ...dress 2 31 set ip address 2 31 clear ip address 2 32 show ip gratuitous arp 2 32 set ip gratuitous arp 2 33 clear ip gratuitous arp 2 33 show system 2 34 show system hardware 2 35 show system utilizat...

Страница 73: ...ess and subnet mask Matrix rw show ip address Name Address Mask host 10 42 13 20 255 255 0 0 set ip address Use this command to set the system IP address subnet mask and default gateway Syntax set ip...

Страница 74: ...rw set ip address 10 1 10 1 mask 255 255 128 0 gateway 10 1 10 1 clear ip address Use this command to clear the system IP address Syntax clear ip address Parameters None Defaults None Mode Switch com...

Страница 75: ...es set ip gratuitous arp Use this command to control the gratuitous ARP processing behavior Syntax set ip gratuitous arp request reply both Parameters Defaults Disabled by default Mode Switch command...

Страница 76: ...trix rw clear ip gratuitous arp show system Use this command to display system information including contact information power and fan tray status and uptime Syntax show system Parameters None Default...

Страница 77: ...t on page 2 51 System location Where the system is located Default of a blank string can be changed with the set system location command set system location on page 2 50 System name Name identifying t...

Страница 78: ...del 7H4382 494H4282 492G4072 52 Serial Number 0123456789AB Part Number 6543210 Vendor ID 1 Base MAC Address 11 22 33 44 55 66 Router MAC Address 11 22 33 44 55 67 Hardware Version 5 Firmware Version 0...

Страница 79: ...eters Defaults If not specified CPU process and storage system utilization information will be displayed If not specified information for all modules will be displayed Mode Switch command Read Only Ex...

Страница 80: ...1 Switch IGMP 16 0 0 0 0 0 0 Switch LACP 17 0 0 0 0 0 0 Switch MAC Authentication 18 0 0 0 0 0 0 Switch MAC Locking 19 0 0 0 0 0 0 Switch MTU Discovery 20 0 0 0 0 0 0 Switch Node Alias 21 0 0 0 0 0 0...

Страница 81: ...131072 22192 Flash Images Miscellaneous 16384 4138 Flash Nonvolatile Data Storage 16384 14308 set system utilization threshold Use this command to set the threshold for sending CPU utilization notifi...

Страница 82: ...ead Write Example This example shows how to clear the system utilization threshold Matrix rw clear system utilization 1000 show time Use this command to display the current time of day in the system c...

Страница 83: ...he system clock to 7 50 a m Matrix rw set time 7 50 00 show summertime Use this command to display daylight savings time settings Syntax show summertime Parameters None Defaults None Mode Switch comma...

Страница 84: ...to configure specific dates to start and stop daylight savings time Syntax set summertime date start_month start_date start_year start_hr_min end_month end_date end_year end_hr_min offset_minutes Par...

Страница 85: ...If an offset is not specified none will be applied end_hr_min Specifies the time of day to end daylight savings time Format is hh mm offset_minutes Optional Specifies the amount of time in minutes to...

Страница 86: ...f one hour Matrix rw set summertime recurring first Sunday April 02 00 last Sunday October 02 00 60 clear summertime Use this command to clear the daylight savings time configuration Syntax clear summ...

Страница 87: ...a unique CLI command fragment using the keyboard spacebar Syntax set cli completion enable disable default Parameters Defaults If not specified the status setting will not be maintained as the default...

Страница 88: ...r message that will display at pre and post session login Syntax show banner login motd Parameters None Defaults None Mode Switch command Read Only Example This example shows how to display the banner...

Страница 89: ...proceeding with this login you are verifying that you are a member of the Enterasys documentation group and are authorized to use this system Proceed to login y n n Examples This example shows how to...

Страница 90: ...the post session message of the day banner to a blank string Matrix rw clear banner motd show version Use this command to display hardware and firmware information Refer to Downloading a New Firmware...

Страница 91: ...w 0 Bp 01 00 09 Fw 05 01 561 4G4202 60 041405833244 Hw 0 Bp 01 00 15 Fw 05 01 57 2 4H4282 49 03320004320A Hw 0 Bp 01 00 15 Fw 05 01 511 2G4072 52 041405833244 Hw 0 Bp 01 00 15 Fw 05 01 57 Table 2 6 pr...

Страница 92: ...tify the location of the system Syntax set system location string Parameters Defaults If string is not specified the location name will be cleared Mode Switch command Read Write Example This example s...

Страница 93: ...and to set the number of columns for the terminal connected to the device s console port The length of the CLI is set using the set length command as described in set length on page 2 52 Syntax set wi...

Страница 94: ...show logout Use this command to display the time in seconds an idle console or Telnet CLI session will remain connected before timing out Syntax show logout Parameters None Defaults None Mode Switch...

Страница 95: ...powersupply powersupply slot powersupply slot fan fan slot port string port string Parameters timeout Sets the number of minutes the system will remain idle before timing out chassis Optional Display...

Страница 96: ...alias of the type specified will be cleared fan slot Optional Displays an alias for the fan tray s slot port string port string Optional Displays the alias set for a specified port string For a detail...

Страница 97: ...string port string Parameters Defaults None Mode Switch command Read Write Example This example shows how to set clear the alias set for the chassis Matrix rw clear physical alias chassis show physica...

Страница 98: ...s command to set the asset ID for a module Syntax set physical assetid module module string Parameters Defaults None Mode Switch command Read Write Example This example shows how to set the asset ID i...

Страница 99: ...DFE Gold Series Configuration Guide 2 57 Parameters Defaults None Mode Switch command Read Write Example This example shows how to clear the asset ID for module 1 Matrix rw clear physical assetid modu...

Страница 100: ...FE Gold Series device you must purchase and activate a license key If you have purchased a redundancy license you can proceed to activate it as described in this section If you wish to purchase a redu...

Страница 101: ...license key Syntax show license Parameters None Defaults None Mode Switch command Read Write Example This example shows how to display your license key information Matrix rw show license advanced abcd...

Страница 102: ...s If not specified the license settings will be cleared from all modules Mode Switch command Read Write Example This example shows how to clear advanced license key settings Matrix rw clear license ad...

Страница 103: ...es only to PoE equipped Matrix devices Consult the Installation Guide shipped with your product to determine if it is PoE equipped For information about Refer to page show inlinepower 2 61 set inlinep...

Страница 104: ...cted Total Power Assigned 0 Watts Power Allocation Mode auto Power Trap Status disabled Power Redundancy Status not redundant Power Supply 1 Status installed and operating Power Supply 2 Status not in...

Страница 105: ...meters None Defaults None Mode Switch command Read Write Example This example shows how to reset the chassis power allocation mode to auto Matrix rw clear inlinepower mode set inlinepower available Us...

Страница 106: ...show inlinepower output show inlinepower on page 2 61 for a sample warning message Example This example shows how to set the maximum inline power available to the chassis to 70 percent Matrix rw set...

Страница 107: ...Defaults None Mode Switch command Read Write Example This example shows how to enable a chassis power supplies trap Matrix rw set inlinepower powertrap enable clear inlinepower powertrap Use this comm...

Страница 108: ...te these parameters a ratio of assigned power will be applied to each module Refer to the show inlinepower output show inlinepower on page 2 61 for a sample warning message Example This example shows...

Страница 109: ...de Switch command Read Write Example This example shows how to set the PoE threshold to 50 on module 1 Matrix rw set inlinepower threshold 50 1 clear inlinepower threshold Use this command to reset th...

Страница 110: ...de to class on module 1 Matrix rw set inlinepower management class 1 clear inlinepower management Use this command to reset the PoE management mode on a specified module back to the default setting of...

Страница 111: ...ameters Defaults Disabled Mode Switch command Read Write Usage The module s PoE usage threshold must be set using the set inlinepower threshold command as described in set inlinepower threshold on pag...

Страница 112: ...example shows how to display PoE information for Fast Ethernet ports 11 12 and 13 in module 1 Matrix rw show port inlinepower fe 1 1 2 Oper Admin Power Power PD Port Type Status Status Priority Class...

Страница 113: ...E priority on port fe 3 1 to low Matrix rw clear port inlinepower fe 3 1 priority port string Specifies the port s on which to configure PoE admin off auto Sets the PoE administrative state to off dis...

Страница 114: ...wing applications HyperTerminal Copyright 1999 Tera Term Pro Version 2 3 Any other terminal applications may work but are not explicitly supported For details refer to Downloading via the Serial Port...

Страница 115: ...et the system 10 Restore Configuration to factory defaults delete config files 3 Type 2 The following baud rate selection screen displays 1 1200 2 2400 3 4800 4 9600 5 19200 6 38400 7 57600 8 115200 0...

Страница 116: ...se To display and set the image file the device loads at startup Commands show boot system Use this command to display the firmware image the system will load at the next system reset Syntax show boot...

Страница 117: ...ommand to set the firmware image the switch loads at startup Syntax set boot system filename Parameters Defaults None Mode Switch command Read Write Usage This is the image that will be loaded automat...

Страница 118: ...rt and configure Telnet are listed below and described in the associated section as shown show telnet Use this command to display the status of Telnet on the device Syntax show telnet Parameters None...

Страница 119: ...en terminated telnet is now disabled telnet Use this command to start a Telnet connection to a remote host The Matrix Series device allows a total of four inbound and or outbound Telnet session to run...

Страница 120: ...arameters None Defaults None Mode Switch command Read Only Example This example shows how to display the state of Telnet service to the router Matrix rw show router telnet Telnet to Router IP is enabl...

Страница 121: ...9 clear router telnet Use this command to reset Telnet service to the router to the default state of disabled Syntax clear router telnet Parameters None Defaults None Mode Switch command Read Write Ex...

Страница 122: ...enter optional arguments that modify the actions of the commands This feature is intended to simplify the configuration of ports and VLANs by creating script files containing groups of commands that y...

Страница 123: ...rix rw dir Images Filename ets mtxe7 msi Version 01 02 00 Size 3263043 bytes Date MON FEB 24 14 07 08 2003 CheckSum 6a2398391ba885531f96f19e161b096b Location slot3 slot4 slot5 slot6 Compatibility 4H42...

Страница 124: ...ndicates this image is currently running boot Indicates this image is selected to boot on the next reset Version Firmware version of the image Size Size of image file in the local file system Date Dat...

Страница 125: ...Parameters Defaults None Mode Switch Read Only Example This example an excerpt of the complete output shows how to display the contents of the sample cfg configuration file Matrix rw show file slot4...

Страница 126: ...e file exit disable exit end router arp cdp console begin NON DEFAULT CONFIGURATION SLOT TYPE ___ ________________ 1 7G4270 12 2 3 7H4382 49 4 7H4382 49 5 7H4382 49 6 7H4382 49 7 7H4382 49 Router inst...

Страница 127: ...ayed Mode Switch Read Write Example This example shows how to display the current non default device configuration Matrix su show config This command shows non default configurations only Use show con...

Страница 128: ...h will require an automated reset of the chassis Mode Switch Read Write Example This example shows how to execute the myconfig file in the module in slot 1 Matrix rw configure slot1 myconfig copy Use...

Страница 129: ...via TFTP to the slot 3 directory Matrix rw copy tftp 134 141 89 34 myconfig slot3 myconfig This example shows how to upload a configuration file via Anonymous FTP from the module in slot 3 Matrix rw c...

Страница 130: ...Read Write Usage The script file must first be created on a PC and copied to the Matrix device using the copy command copy on page 2 86 before the script can be executed The file can contain any numbe...

Страница 131: ...set port alias 1 script_set_port set port vlan 1 2 modify egress set port jumbo enable 1 set port disable 1 set port lacp port 1 disable Matrix rw script slot4 setport scr fe 1 1 100 When the script...

Страница 132: ...will send an ICMP destination unreachable error message indicating to the transmitting station that it must fragment the frame Commands show mtu Use this command to display the status of the path MTU...

Страница 133: ...faults None Mode Switch command Read Write Example This example shows how to disable path MTU discovery Matrix rw set mtu disable clear mtu Use this command to reset the state of the path MTU discover...

Страница 134: ...e listed below and described in the associated sections as shown cls clear screen Use this command to clear the screen for the current CLI session Syntax cls Parameters None Defaults None Mode Switch...

Страница 135: ...user inactivity automatically closing your CLI session Use the set logout command as described in set logout on page 2 53 to change this default When operating in router mode the exit command jumps t...

Страница 136: ...ation are listed below and described in the associated sections as shown show reset Use this command to display information about scheduled device resets Syntax show reset Parameters None Defaults Non...

Страница 137: ...to continue y n n y Resetting This example shows how to cancel a scheduled system reset Matrix rw reset cancel Reset cancelled This example shows how to reset a Matrix Security Module installed on th...

Страница 138: ...oceed with scheduled reset y n n y Reset scheduled for 20 00 00 Sat Oct 12 2002 in 1 day 5 hours 40 minutes This example shows how to schedule a reset at a specific future time and include a reason fo...

Страница 139: ...ne or more modules Syntax clear config mod num all Parameters Defaults None Mode Read Write Usage Executing clear config on one Matrix module resets that module back to its factory defaults If that mo...

Страница 140: ...ow vlan static show vlan on page 7 3 show logging all show logging all on page 10 2 show snmp counters show snmp counters on page 5 6 show port status show port status on page 4 14 show spantree statu...

Страница 141: ...s a support3 txt file Matrix su show support slot1 support3 txt Writing output to file Writing show config output Writing Message Log output Matrix su There is no display example as the list of comman...

Страница 142: ...neral platform settings refer to Startup and General Configuration Summary on page 2 1 and Setting User Accounts and Passwords on page 2 15 Once startup and general device settings are complete IP con...

Страница 143: ...figure routing Commands Step 3 Enable global router configuration mode configure terminal Router Matrix Router Enabling Router Configuration Modes on page 2 103 Step 4 Enable interface configuration m...

Страница 144: ...isplay the module that is currently running routing services Matrix rw show router Router Services are currently running on module 1 clear router Use this command to clear the router configuration Thi...

Страница 145: ...rw access mode and a system where module 1 and VLAN 1 have been configured for routing The prompt changes depending on your current configuration mode the specific module and the interface types and...

Страница 146: ...d Balancing SLB Server Farm Configuration Mode Configure an LSNAT server farm Type ip slb serverfarm and the serverfarmname from Global Configuration Mode Matrix router config slb sfarm Server Load Ba...

Страница 147: ...dentifier and the identifier or hardware address and an address from any DHCP configuration mode Matrix router config dhcp host Note To jump to a lower configuration mode type exit at the command prom...

Страница 148: ...Reviewing and Configuring Routing router 2 106 Startup and General Configuration...

Страница 149: ...to display Network Neighbor Discovery information from all supported discovery protcols Syntax show neighbors port string Parameters For information about Refer to page Displaying Neighbors 3 1 Entera...

Страница 150: ...bors Port Device ID Port ID Type Network Address fe 1 27 00 00 1d 83 77 3f 10 21 64 135 cdp 10 21 64 135 fe 1 33 00 e0 63 9d c1 62 10 21 64 21 cdp 10 21 64 21 fe 1 34 00 01 f4 2a c8 1f 10 21 70 1 cdp...

Страница 151: ...Syntax show cdp port string Parameters Defaults If port string is not specified all CDP information will be displayed Mode Switch command Read Only Example This example shows how to display CDP infor...

Страница 152: ...the set cdp state command For details refer to set cdp state on page 3 4 CDP Versions Supported CDP version number s supported by the device CDP Hold Time Minimum time interval in seconds at which CDP...

Страница 153: ...Write Usage This value determines a device s CDP domain If two or more devices have the same CDP authentication code they will be entered into each other s CDP neighbor tables If they have different a...

Страница 154: ...y in seconds of the CDP discovery protocol Syntax set cdp interval frequency Parameters Defaults None Mode Switch command Read Write Example This example shows how to set the CDP interval frequency to...

Страница 155: ...s Defaults At least one optional parameter must be entered Mode Switch command Read Write Example This example shows how to reset the CDP state to auto enabled Matrix rw clear cdp state state Optional...

Страница 156: ...function described in Configuring Convergence End Points CEP Phone Detection on page 25 39 Commands show ciscodp Use this command to display global Cisco Discovery Protocol information Syntax show ci...

Страница 157: ...her Cisco Discovery Protocol is disabled or enabled globally Auto indicates that Cisco DP will be globally enabled only if Cisco DP PDUs are received Default setting of auto can be changed with the se...

Страница 158: ...ort ciscodp info Output Details Output What it displays Port Port designation State Whether CiscoDP is enabled or disabled on this port Default state of enabled can be changed using the set ciscodp po...

Страница 159: ...codp timer 120 set ciscodp holdtime Use this command to set the time to live TTL for Cisco Discovery Protocol PDUs This is the amount of time in seconds neighboring devices will hold PDU transmissions...

Страница 160: ...mes untagged Instructs attached phone to send untagged frames trust ext Sets the extended trust mode on the port trusted Instructs attached phone to allow the device connected to it to transmit traffi...

Страница 161: ...ommand There is a one to one correlation between the value set with the cos ext parameter and the 802 1p value assigned to ingressed traffic by the Cisco IP phone A value of 0 equates to an 802 1p pri...

Страница 162: ...the default settings Matrix clear ciscodp This example shows how to clear the Cisco DP port status on port fe 1 5 Matrix clear ciscodp port status fe 1 5 cos ext Clears the CoS priority for untrusted...

Страница 163: ...Inventory management allowing network administrators to track their network devices and to determine their characteristics such as manufacturer software and hardware versions and serial or asset numbe...

Страница 164: ...lldp port network policy 5 Configure which optional TLVs should be sent by specific ports For example if you configured an ECS ELIN and or Network Policy TLVs you must enable those optional TLVs to b...

Страница 165: ...nterval 5 MED Fast Start Count 3 Tx Enabled Ports ge 1 1 60 ge 2 1 24 ge 3 1 30 ge 4 1 12 ge 5 1 12 tg 6 1 2 fe 7 1 48 Rx Enabled Ports ge 1 1 60 ge 2 1 24 ge 3 1 30 ge 4 1 12 ge 5 1 12 tg 6 1 2 fe 7...

Страница 166: ...n for all ports Matrix ro show lldp port status Tx Enabled Ports ge 1 1 60 ge 2 1 24 ge 3 1 30 ge 4 1 12 ge 5 1 12 tg 6 1 2 fe 7 1 48 Rx Enabled Ports ge 1 1 60 ge 2 1 24 ge 3 1 30 ge 4 1 12 ge 5 1 12...

Страница 167: ...to be transmitted on ports Syntax show lldp port tx tlv port string Parameters Defaults If port string is not specified TLV configuration information will be displayed for all ports Mode Switch comman...

Страница 168: ...ration information will be displayed for all ports Mode Switch command Read Only Usage Ports are configured with a location value using the set lldp port location info command Example This example sho...

Страница 169: ...LLDP PoE test Chassis Sys Desc Enterasys Networks Inc Matrix E7 Gold Rev 05 41 Sys Cap Supported Enabled bridge router bridge Auto Neg Supported Enabled yes yes Auto Neg Advertised 10BASE T 10BASE TF...

Страница 170: ...ndicate whether the link associated with this port can be aggregated whether it is currently aggregated and if aggregated the aggregated port identifier Protocol Id IEEE 802 1 Extensions Protocol Iden...

Страница 171: ...3 1 Remote Port Id 00 09 6e 0e 14 3d PoE Pair Controllable Used IEEE 802 3 Extensions Power via MDI TLV Displayed only when a port has PoE capabilities Indicates whether pair selection can be controll...

Страница 172: ...figured using the set lldp port network policy command Syntax show lldp port network policy all voice voice signaling guest voice guest voice signaling software voice video conferencing streaming vide...

Страница 173: ...enabled untagged 1 0 0 video conferencing enabled untagged 1 0 0 streaming video enabled untagged 1 0 0 video signaling enabled untagged 1 0 0 all Displays information about all network policy applic...

Страница 174: ...nterval 20 set lldp hold multiplier Use this command to set the time to live value used in LLDP frames sent by this device Syntax set lldp hold multiplier multiplier val Parameters Defaults None Mode...

Страница 175: ...been detected Syntax set lldp trap interval frequency Parameters Defaults None Mode Switch command Read Write Example This example sets the minimum interval between LLDP traps to 10 seconds Matrix rw...

Страница 176: ...transmitting and processing received LLDPDUs on a port or range of ports Syntax set lldp port status tx enable rx enable both disable port string Parameters Defaults None Mode Switch command Read Wri...

Страница 177: ...rap Use this command to enable or disable sending an LLDP MED notification when a change in the topology has been sensed on the port that is a remote endpoint device has been attached or removed from...

Страница 178: ...he set lldp port tx tlv command This example configures the ELIN identifier 5551234567 on ports ge 1 1 through ge 1 6 and then configures the ports to send the Location Information TLV Matrix rw set l...

Страница 179: ...nabled on the port value sent includes version of protocol being used mac phy MAC PHY Configuration Status IEEE 802 3 Extensions TLV Value sent includes the operational MAU type duplex and speed of th...

Страница 180: ...the Power Limit total power the port is capable of sourcing over a maximum length cable and the power priority configured on the port Only valid for PoE enabled ports port string Specifies the port o...

Страница 181: ...lldp port network policy voice state enable tag tagged vlan dot1p fe 2 1 Matrix rw set lldp port tx tlv med pol fe 2 1 state enable disable Optional Enables or disables advertising the application inf...

Страница 182: ...are enabled Syntax clear lldp port status port string Parameters Defaults None Mode Switch command Read write all Returns all LLDP configuration parameters to their default values including port LLDP...

Страница 183: ...ers Defaults None Mode Switch command Read write Example This example returns port ge 1 1 to the default LLDP trap state of disabled Matrix rw clear lldp port trap ge 1 1 clear lldp port med trap Use...

Страница 184: ...nferencing streaming video video signaling state tag vid cos dscp port string Parameters elin Specifies that the ECS ELIN location information value should be cleared port string Specifies the port or...

Страница 185: ...ear the VLAN identifier for the port to the default value of 1 cos Optional Clear the Layer 2 priority to be used for the application being configured to the default value of 0 A value of 0 represents...

Страница 186: ...on defined by Protocol Identity IEEE 802 1 Extensions TLV from being transmitted in LLDPDUs mac phy Disables the MAC PHY Configuration Status IEEE 802 3 Extensions TLV from being transmitted in LLDPDU...

Страница 187: ...n activating redundancy on a DFE Gold Series module refer to Activating Licensed Features on page 2 58 Important Notice CLI examples in this guide illustrate a generic Matrix command prompt and chassi...

Страница 188: ...les installed in a Matrix N7 or E7 chassis can be 0 through 7 with 0 designating virtual system ports lag vlan host loopback and 1 designating the left most module slot in the chassis Slot location fo...

Страница 189: ...example shows the port string syntax for specifying all 1 Gigabit Ethernet ports in the module in chassis slot 3 ge 3 This example shows the port string syntax for specifying all 10 Gbps Ethernet port...

Страница 190: ...ole port com 1 1 Matrix rw show console com 1 1 Port Baud Flow Bits StopBits Parity Autobaud com 1 1 38400 ctsrts 8 one none disable clear console Use this command to clear the properties set for one...

Страница 191: ...te for one or more console ports Syntax show console baud port string Parameters Defaults If port string is not specified baud rate for all console ports will be displayed Mode Switch command Read Onl...

Страница 192: ...is not specified baud rate will be cleared for all console ports Mode Switch command Read Write Example This example shows how to clear the baud rate on console port com 1 1 Matrix rw clear console ba...

Страница 193: ...ole flowcontrol none ctsrts dsrdtr port string Parameters Defaults If port string is not specified flow control will be set for all console ports Mode Switch command Read Write Example This example sh...

Страница 194: ...ax show console bits port string Parameters Defaults If port string is not specified the bits per character setting for all console ports will be displayed Mode Switch command Read Only Example This e...

Страница 195: ...string Parameters Defaults If port string is not specified bits per character will be cleared for all console ports Mode Switch command Read Write Example This example shows how to clear bits per char...

Страница 196: ...sole stopbits one oneandhalf two port string Parameters Defaults If port string is not specified stop bits per character will be set for all console ports Mode Switch command Read Write Example This e...

Страница 197: ...e or more console ports Syntax show console parity port string Parameters Defaults If port string is not specified parity type for all console ports will be displayed Mode Switch command Read Only Exa...

Страница 198: ...parity type for one or more console ports Syntax clear console parity port string Parameters Defaults If port string is not specified parity type will be cleared for all console ports Mode Switch com...

Страница 199: ...switching Syntax show port port string Parameters Defaults If port string is not specified operational status information for all ports will be displayed Mode Switch command Read Only Examples This ex...

Страница 200: ...tatus information for console ports Matrix rw show port status com Port Alias Oper Admin Speed Duplex Type truncated Status Status com 5 1 up up 38 Kbps RS232 RJ45 com 7 1 up up 38 Kbps RS232 RJ45 Tab...

Страница 201: ...ils on using the set port disable command to change the default port status of enabled refer to set port disable on page 4 20 For details on using the set port enable command to re enable ports refer...

Страница 202: ...example shows how to display all fe 3 1 port counter statistics related to traffic through the device Matrix rw show port counters fe 3 1 switch Port fe 3 1 Bridge Port 2 No counter discontinuity time...

Страница 203: ...down due to link loss linkflap Optional Displays ports down due to link flap violation For more information on configuring the link flap function refer to Configuring Link Traps and Link Flap Detecti...

Страница 204: ...to a down or dormant state for one or more ports Syntax clear port operstatuscause port string admin linkflap flowlimit policy cos all Parameters Defaults If no options are specified all operating sta...

Страница 205: ...Reviewing Port Status Enterasys Matrix DFE Gold Series Configuration Guide 4 19 Mode Switch command Read Write Example This example shows how to override all operational causes on all ports Matrix rw...

Страница 206: ...ively disable one or more ports Syntax set port disable port string Parameters Defaults None Mode Switch command Read Write Example This example shows how to disable Fast Ethernet port 1 in module1 Ma...

Страница 207: ...Syntax show port alias port string Parameters Defaults If port string is not specified aliases for all ports will be displayed Mode Switch command Read Only Example This example shows how to display a...

Страница 208: ...ort alias fe 3 1 management show forcelinkdown Use this command to display the status of the force link down function Syntax show forcelinkdown Parameters None Defaults None Mode Switch command Read O...

Страница 209: ...ults None Mode Switch command Read Write Example This example shows how to enable the force link down function Matrix rw set forcelinkdown enable clear forcelinkdown Use this command to resets the for...

Страница 210: ...speed settings for all ports will display Mode Switch command Read Only Example This example shows how to display the default speed setting for 1 Gigabit Ethernet port 14 in module 3 Matrix rw show p...

Страница 211: ...s command to display the default duplex setting half or full for one or more ports Syntax show port duplex port string Parameters Defaults If port string is not specified default duplex settings for a...

Страница 212: ...set port duplex port string full half Parameters Defaults None Mode Switch command Read Write Usage This command will only take effect on ports that have auto negotiation disabled Example This exampl...

Страница 213: ...t jumbo port string Parameters Defaults If port string is not specified jumbo frame support status for all ports will display Mode Switch command Read Only Example This example shows how to display th...

Страница 214: ...4 in module 3 Matrix rw set port jumbo enable ge 3 14 This example shows how to enable jumbo frame support for router in slot 2 router instance 1 Matrix rw set port jumbo enable rtr 2 1 clear port jum...

Страница 215: ...me Support Enterasys Matrix DFE Gold Series Configuration Guide 4 29 Mode Switch command Read Write Example This example shows how to reset jumbo frame support status for 1 Gigabit Ethernet port 14 in...

Страница 216: ...The user may choose to configure a port so that only a portion of its capabilities are advertised and the others are disabled Commands show port negotiation Use this command to display the status of...

Страница 217: ...ation on 1 Gigabit Ethernet port 3 in module 14 Matrix rw set port negotiation ge 3 14 disable show port mdix Use this command to display the MDI MDIX mode on one or more ports This function detects a...

Страница 218: ...rameters Defaults If port string is not specified mode will be set for all ports Mode Switch command Read Write Example This example shows how to force 1 Gigabit Ethernet port 14 in module 3 to MDIX c...

Страница 219: ...Use this command to display the advertised ability on one or more ports Syntax show port advertise port string Parameters Defaults If port string is not specified advertised ability for all ports wil...

Страница 220: ...pause Table 4 3 show port advertise Output Details Output What it displays capability Whether or not the port is capable of operating in the following modes 10t 10BASE T half duplex mode 10tfd 10BASE...

Страница 221: ...uplex mode 10tfd Optional Advertises 10BASE T full duplex mode 100tx Optional Advertises 100BASE TX half duplex mode 100txfd Optional Advertises 100BASE TX full duplex mode 1000x Optional Advertises 1...

Страница 222: ...0BASE X LX SX CX half duplex mode from the port s advertised ability 1000xfd Optional Clears 1000BASE X LX SX CX full duplex mode from the port s advertised ability 1000t Optional Clears 1000BASE T ha...

Страница 223: ...ow control information for all ports will be displayed Mode Read Only Example This example shows how to display the port flow control state for fe 1 1 5 Matrix rw show port flowcontrol fe 1 1 5 Port T...

Страница 224: ...LI on page 4 2 TX Admin Whether or not the port is administratively enabled or disabled for sending flow control frames TX Oper Whether or not the port is operationally enabled or disabled for sending...

Страница 225: ...o network stability because it can trigger Spanning Tree and routing table recalculation Commands show port trap Use this command to display whether the port is enabled for generating an SNMP trap mes...

Страница 226: ...arameters Defaults None Mode Switch command Read Write Example This example shows how to disable link traps for Fast Ethernet port 3 in module3 Matrix rw set port trap fe 3 3 disable show linkflap Use...

Страница 227: ...trics Displays linkflap detection metrics portsupported Displays ports which can support the link flap detection function actsupported Displays link flap detection actions supported by system hardware...

Страница 228: ...e port string values refer to Port String Syntax Used in the CLI on page 4 2 LF Status Link flap enabled state Actions Actions to be taken if the port violates allowed link flap behavior D disabled S...

Страница 229: ...k trap detection function Matrix rw set linkflap globalstate enable set linkflap Use this command to enable or disable link flap monitoring on one or more ports Syntax set linkflap portstate disable e...

Страница 230: ...ntax set linkflap action port string disableInterface gensyslogentry gentrap all Parameters Defaults None port string Specifies the port s on which to set the link flap interval For a detailed descrip...

Страница 231: ...string is not specified actions will be cleared on all ports Mode Switch command Read Write Examples This example shows how to clear all link flap violation actions on all ports Matrix rw clear linkf...

Страница 232: ...ite Examples This example shows how to set the link flap downtime on port fe 1 4 to 5000 seconds Matrix rw set linkflap downtime fe 1 4 5000 port string Specifies the port s on which to set the link f...

Страница 233: ...ntax clear linkflap all stats port string parameter port string threshold interval downtime all Parameters Defaults If port string is not specified settings and or statistics will be cleared on all po...

Страница 234: ...Configuring Link Traps and Link Flap Detection clear linkflap 4 48 Port Configuration Examples This example shows how to clear all link flap options on port fe 1 4 Matrix rw clear linkflap all fe 1 4...

Страница 235: ...ports Syntax show port broadcast port string Parameters Defaults If port string is not specified broadcast status of all ports will be displayed Mode Read Only Example This example shows how to displ...

Страница 236: ...hreshold peak Table 4 7 show port broadcast Output Details Output What it displays Port Port designation For a detailed description of possible port string values refer to Port String Syntax Used in t...

Страница 237: ...broadcast suppression settings on Fast Ethernet ports 1 through 5 in module1 Matrix rw clear port broadcast fe 1 1 5 Setting Port Mirroring port string Specifies the port s on which broadcast settings...

Страница 238: ...CP on page 4 55 Active Destination Port Configurations Each Matrix DFE Gold Series device supports three mirroring destination ports which can be configured in a many to one mirroring configuration th...

Страница 239: ...rce destination both rx tx Parameters create disable enable Creates disables or enables mirroring settings on the specified ports igmp mcast enable disable Enables or disables the mirroring of IGMP mu...

Страница 240: ...ace 1 create Matrix rw set port mirroring create vlan 0 1 fe 1 1 both clear port mirroring Use this command to clear a port mirroring relationship Syntax clear port mirroring igmp mcast source destina...

Страница 241: ...up LAG Attaches the port to the aggregator used by the LAG and detaches the port from the aggregator when it is no longer used by the LAG Uses information from the partner device s link aggregation co...

Страница 242: ...h lag 0 4 LAG Link Aggregation Group Once underlying physical ports i e fe x x or ge x x are associated with an aggregator port the resulting aggregation will be represented as one LAG with a lag x x...

Страница 243: ...on on the Matrix Series device will allow up to a maximum of four ports into a LAG The device with the lowest LAG ID determines which underlying physical ports are allowed into a LAG based on the port...

Страница 244: ...ng physical ports i e fe x x ge x x are associated with an aggregator port the resulting aggregation will be represented as one Link Aggregation Group LAG with a lag x x port designation Example This...

Страница 245: ...ssociated with an aggregator port the resulting Link Aggregation Group LAG is represented with a lag x x port designation Actor Local device participating in LACP negotiation Partner Remote device par...

Страница 246: ...None Mode Switch command Read Write Example This example shows how to reset LACP to enabled Matrix rw clear lacp state set lacp asyspri Use this command to set the LACP system priority Syntax set lacp...

Страница 247: ...se this command to set the administratively assigned key for one or more aggregator ports LACP will use this value to form an oper key Only underlying physical ports with oper keys matching those of t...

Страница 248: ...same usage considerations for dynamic LAGs discussed in Matrix Series Usage Considerations on page 4 56 apply to statically created LAGs Static LAG configuration should be performed by personnel who...

Страница 249: ...d Read Write Example This example shows how to remove Fast Ethernet port 6 in module 1 from the LAG of aggregator port 4 Matrix rw clear lacp static lag 0 484 fe 1 6 show lacp singleportlag Use this c...

Страница 250: ...Syntax set lacp singleportlag enable disable Parameters Defaults None Mode Switch command Read Write Example This example shows how to enable single port LAGs Matrix rw set lacp singleportlag enable...

Страница 251: ...DC Glp MuxState Detached PartnerAdminSystemID 00 00 00 00 00 00 DebugRxState port Disabled PartnerOperSystemID 00 00 00 00 00 00 This example shows how to display summarized LACP status information f...

Страница 252: ...nkey padminkey padminportpri padminportpri padminport padminport padminstate lacpactive lacptimeout lacpagg lacpsync lacpcollect lacpdist lacpdef lacpexpire enable disable Parameters port port string...

Страница 253: ...default lacpagg Aggregation on this port lacpsync Transition to synchronization state lacpcollect Transition to collection state lacpdist Transition to distribution state lacpdef Transition to defaul...

Страница 254: ...LACP settings will be cleared For a detailed description of possible port string values refer to Port String Syntax Used in the CLI on page 4 2 aadminkey Clears a port s actor admin key aportpri Clear...

Страница 255: ...splay the LACP flow regeneration state Syntax show lacp flowRegeneration Parameters None Defaults None Mode Switch command Read Only Example This example shows how to display the current LACP flow reg...

Страница 256: ...ill leave existing flows intact Example This example shows how to enable LACP flow regeneration Matrix rw set lacp flowRegeneration enable clear lacp flowRegeneration Use this command to reset LACP fl...

Страница 257: ...Mode Switch command Read Write Example This example shows how to set the LACP outport algorithm to DA SA Matrix rw set lacp outportalgorithm da sa clear lacp outportAlgorithm Use this command to rese...

Страница 258: ...Configuring LACP clear lacp outportAlgorithm 4 72 Port Configuration Example This example shows how to reset the LACP outport algorithm to DIP SIP Matrix rw clear lacp outportAlgorithm...

Страница 259: ...ata types counter size and protocol operations Version 3 SNMPv3 This is the most recent version of SNMP and includes significant enhancements to administration and security SNMPv3 is fully described i...

Страница 260: ...and SNMP applications An SNMP engine consists of the following four components Dispatcher This component sends and receives messages Message processing subsystem This component accepts outgoing PDUs...

Страница 261: ...usm context router prefix For information on preparing the device for router mode refer back to Preparing the Device for Router Mode on page 2 100 Creating a Basic SNMP Trap Configuration Traps are n...

Страница 262: ...and authorization criteria contained in a target parameters entry called v2cExampleParams Matrix rw set snmp community mgmt Matrix rw set snmp targetparams v2cExampleParams user mgmt security model v...

Страница 263: ...t was built using the set snmp targetaddr command This command also specifies that this door leads to the management station 192 168 190 80 and the procedure targetparams to cross the doorstep is call...

Страница 264: ...e this command to display SNMP traffic counter values Syntax show snmp counters Parameters None Defaults None Mode Switch command Read Only Example This example shows how to display SNMP counter value...

Страница 265: ...es delivered to the SNMP entity for an unsupported SNMP version snmpInBadCommunityNames Number of SNMP messages delivered to the SNMP entity that used an SNMP community name not known to the entity sn...

Страница 266: ...d by the SNMP protocol entity with the value of the error status as noSuchName snmpOutBadValues Number of SNMP PDUs generated by the SNMP protocol entity with the value of the error status field as ba...

Страница 267: ...referenced a user that was not known to the SNMP engine usmStatsUnknownEngineIDs Number of packets received by the SNMP engine that were dropped because they referenced an snmpEngineID that was not kn...

Страница 268: ...red to access SNMP management Syntax show snmp user list user remote remote volatile nonvolatile read only Parameters Defaults If list is not specified detailed SNMP information will be displayed For...

Страница 269: ...y information for the SNMP guest user Matrix rw show snmp user guest SNMP user information EngineId 00 00 00 63 00 00 00 a1 00 00 00 00 Username Guest Auth protocol usmNoAuthProtocol Privacy protocol...

Страница 270: ...without authentication and encryption Entries related to this user will be stored in permanent nonvolatile memory Matrix rw set snmp user netops clear snmp user Use this command to remove a user from...

Страница 271: ...on about all SNMP groups will be displayed If user is not specified information about all SNMP users will be displayed If security model is not specified user information about all SNMP versions will...

Страница 272: ...lts If storage type is not specified nonvolatile storage will be applied Mode Switch command Read Write Table 5 6 show snmp group Output Details Output What it displays Security model SNMP version ass...

Страница 273: ...will be cleared Mode Switch command Read Write Example This example shows how to clear all settings assigned to the public user within the SNMP group anyone Matrix rw clear snmp group anyone public s...

Страница 274: ...SNMP security name to associate with this community Default If no security name is specified the community name is used context context Optional Specifies a subset of management information this comm...

Страница 275: ...o grant SNMP management privileges to vip community from the routing module operating in router mode Matrix rw set snmp community vip context router clear snmp community Use this command to delete an...

Страница 276: ...yed If noauthentication authentication or privacy are not specified access information for all security levels will be displayed If context is not specified all contexts will be displayed For informat...

Страница 277: ...Write View Notify View All Context match exact match Storage type nonVolatile Row status active Table 5 7 shows a detailed explanation of the command output Table 5 7 show snmp access Output Details...

Страница 278: ...up security model v1 v2c usm Specifies SNMP version 1 2c or 3 usm noauthentication authentication privacy Optional Applies SNMP security level as no authentication authentication without privacy or pr...

Страница 279: ...ntry of a specific group including its set SNMP security model and level of security Syntax clear snmp access groupname security model v1 v2c usm noauthentication authentication privacy context contex...

Страница 280: ...NMP MIB view configuration information will be displayed Mode Switch command Read Only Example This example shows how to display SNMP MIB view configuration information Matrix rw show snmp view SNMP M...

Страница 281: ...using the set snmp view command to assign variables refer to set snmp view on page 5 24 show snmp context Use this command to display the context list configuration for SNMP s view based access contro...

Страница 282: ...ix rw show snmp context Configured contexts default context all mibs router set snmp view Use this command to set a MIB configuration for SNMPv3 view based access VACM Syntax set snmp view viewname vi...

Страница 283: ...view viewname public subtree 1 3 6 1 included clear snmp view Use this command to delete an SNMPv3 MIB view Syntax clear snmp view viewname subtree Parameters Defaults None Mode Switch command Read W...

Страница 284: ...volatile nonvolatile read only Parameters Defaults If targetParams is not specified entries associated with all target parameters will be displayed If not specified entries of all storage types will b...

Страница 285: ...me user user security model v1 v2c usm message processing v1 v2c v3 noauthentication authentication privacy volatile nonvolatile Parameters Table 5 9 show snmp targetparams Output Details Output What...

Страница 286: ...s Defaults None Mode Switch command Read Write Example This example shows how to clear SNMP target parameters named v1ExampleParams Matrix rw clear snmp targetparams v1ExampleParams security model v1...

Страница 287: ...olatile read only Parameters Defaults If targetAddr is not specified entries for all target address names will be displayed If not specified entries of all storage types will be displayed for a target...

Страница 288: ...eout Timeout setting for the target address Retry count Retry setting for the target address Parameters Entry in the snmpTargetParamsTable Storage type Whether entry is stored in volatile nonvolatile...

Страница 289: ...e a trap notification called TrapSink This trap notification will be sent to the workstation 192 168 190 80 which is target address tr It will use security and authorization criteria contained in a ta...

Страница 290: ...ring SNMP Target Addresses clear snmp targetaddr 5 32 SNMP Configuration Mode Switch command Read Write Example This example shows how to clear SNMP target address entry tr Matrix rw clear snmp target...

Страница 291: ...f this table is empty meaning that no filtering is associated with any SNMP target then no filtering will take place Traps or informs notifications will be sent to all destinations in the SNMP targetA...

Страница 292: ...Notify Tag TrapSink Notify Type trap Storage type nonVolatile Row status active Table 5 11 shows a detailed explanation of the command output notify Optional Displays notify entries for a specific no...

Страница 293: ...using the set snmp targetaddr command set snmp targetaddr on page 5 30 Example This example shows how to set an SNMP notify configuration with a notify name of hello and a notify tag of world Notifica...

Страница 294: ...ameters Defaults If no parameters are specified all notify filter information will be displayed Mode Switch command Read Only Example This example shows how to display SNMP notify filter information I...

Страница 295: ...eful for fine tuning the amount of SNMP traffic generated Example This example shows how to create an SNMP notify filter called pilot1 with a MIB subtree ID of 1 3 6 Matrix rw set snmp notifyfilter pi...

Страница 296: ...e profile targetparam targetparam volatile nonvolatile read only Parameters Defaults If no parameters are specified all notify profile information will be displayed Mode Switch command Read Only Examp...

Страница 297: ...ermine which management targets should not receive SNMP notifications Example This example shows how to create an SNMP notify profile named area51 and associate a target parameters entry Matrix rw set...

Страница 298: ...MP Notification Parameters clear snmp notifyprofile 5 40 SNMP Configuration Example This example shows how to delete SNMP notify profile area51 Matrix rw clear snmp notifyprofile area51 targetparam v3...

Страница 299: ...he getNext walk continues to return values until the current time is reached which may not ever occur leaving the user with the impression that the walk is in a loop Enabling this command will exit th...

Страница 300: ...Configuring SNMP Walk Behavior set snmp timefilter break 5 42 SNMP Configuration...

Страница 301: ...designated port on the other side of the bridge transition to forwarding through an explicit handshake between them By default user ports are configured to rapidly transition to forwarding in RSTP MST...

Страница 302: ...stening until a BPDU is received Both upstream and downstream facing ports are protected When a root or alternate port loses its path to the root bridge due to a message age expiration it takes on the...

Страница 303: ...he port is a boundary port the MSTIs for that port follow the CIST that is the MSTI port timers are set according to the CIST port timer If the port is internal to the region then the MSTI port timers...

Страница 304: ...ow spantree mstcfgid 6 17 set spantree mstcfgid 6 17 clear spantree mstcfgid 6 18 show spantree bridgeprioritymode 6 18 set spantree bridgeprioritymode 6 19 clear spantree bridgeprioritymode 6 19 show...

Страница 305: ...guard 6 36 set spantree spanguard 6 36 clear spantree spanguard 6 37 show spantree spanguardtimeout 6 37 set spantree spanguardtimeout 6 38 clear spantree spanguardtimeout 6 38 show spantree spanguard...

Страница 306: ...s Spanning Tree configuration Matrix rw show spantree stats Spanning tree status enabled Spanning tree instance 0 Designated Root MacAddr 00 e0 63 9d c1 c8 Designated Root Priority 0 Designated Root C...

Страница 307: ...D Priority Bridge priority which is a default value or is assigned using the set spantree priority command For details refer to set spantree priority on page 6 20 Bridge Max Age Maximum time in second...

Страница 308: ...ge 1 1 Blocking Disabled 20000 128 Table 6 2 Port Specific show spantree stats Output Details Output What it displays SID The Spanning Tree instance Port The port name State The Spanning Tree forward...

Страница 309: ...e this command to set the version of the Spanning Tree protocol to MSTP Multiple Spanning Tree Protocol RSTP Rapid Spanning Tree Protocol or to STP 802 1D compatible Syntax set spantree version mstp s...

Страница 310: ...default of MSTP to RSTP Matrix rw set spantree version rstp clear spantree version Use this command to reset the Spanning Tree version to MSTP mode Syntax clear spantree version Parameters None Defaul...

Страница 311: ...ng Tree Protocol STP mode Syntax set spantree stpmode none ieee8021 Parameters Defaults None Mode Switch command Read Write Example This example shows how to disable Spanning Tree Matrix rw set spantr...

Страница 312: ...maxconfigurablestps Parameters None Defaults None Mode Switch command Read Only Example This example shows how to display the STP maximum configs setting Matrix rw show spantree maxconfigurablestps Ma...

Страница 313: ...spantree maxconfigurablestps Parameters None Defaults None Mode Switch command Read Write Example This example shows how to clear the STP max configs setting Matrix rw clearspantree maxconfigurablestp...

Страница 314: ...e msti sid 2 create clear spantree msti Use this command to delete one or more Multiple Spanning Tree instances Syntax clear spantree msti sid Parameters Defaults None Mode Switch command Read Write E...

Страница 315: ...show spantree mstmap fid 1 FID SID 1 0 set spantree mstmap Use this command to map one or more filtering database IDs FIDs to a SID Since VLANs are mapped to FIDs this essentially maps one or more VL...

Страница 316: ...Switch command Read Write Example This example shows how to map FID 2 back to SID 0 Matrix rw clear spantree mstmap 2 show spantree vlanlist Use this command to display the VLAN ID s assigned to one o...

Страница 317: ...e mstcfgid Parameters None Defaults None Mode Switch command Read Only Example This example shows how to display the MST configuration identifier elements In this case the default revision level of 0...

Страница 318: ...d the configuration name to a default string representing the bridge MAC address Syntax clear spantree mstcfgid Parameters None Defaults None Mode Switch command Read Write Example This example shows...

Страница 319: ...e root as described in set spantree priority set spantree priority on page 6 20 Syntax set spantree bridgeprioritymode 8021d 8021t Parameters Defaults None Mode Switch command Read Write Example This...

Страница 320: ...Syntax show spantree priority sid Parameters Defaults If sid is not specified priority will be shown for Spanning Tree 0 Mode Switch command Read Only Example This example shows how to show the bridge...

Страница 321: ...spantree priority 15 Bride Priority has been translated to incremental step of 61440 This example shows how to set the bridge priority to 4000 on all SIDs with 8021t priority mode enabled Matrix rw se...

Страница 322: ...ample This example shows how to reset the bridge priority on SID 1 Matrix rw clear spantree priority 1 show spantree bridgehellomode Use this command to display the status of bridge hello mode on the...

Страница 323: ...t spantree bridgehellomode enable disable Parameters Defaults None Mode Switch command Read Write Example This example shows how to disable single Spanning Tree hello mode on the device Per port hello...

Страница 324: ...Example This example shows how to display the Spanning Tree hello time Matrix rw show spantree hello Bridge Hello Time is set to 2 seconds set spantree hello Use this command to set the device s Spann...

Страница 325: ...ult value Syntax clear spantree hello Parameters None Defaults None Mode Switch command Read Write Example This example shows how to globally reset the Spanning Tree hello time Matrix rw clear spantre...

Страница 326: ...regular intervals Any port that ages out STP information provided in the last configuration message becomes the designated port for the attached LAN If it is a root port a new root port is selected fr...

Страница 327: ...Spanning Tree forward delay time Matrix rw show spantree fwddelay Bridge Forward Delay is set to 15 seconds set spantree fwddelay Use this command to set the Spanning Tree forward delay Syntax set spa...

Страница 328: ...ds Matrix rw set spantree fwddelay 16 clear spantree fwddelay Use this command to reset the Spanning Tree forward delay to the default setting of 15 seconds Syntax clear spantree fwddelay Parameters N...

Страница 329: ...tax set spantree autoedge disable enable Parameters Defaults None Mode Switch command Read Write Example This example shows how to disable automatic edge port detection Matrix rw set spantree autoedge...

Страница 330: ...Cost is disabled set spantree legacypathcost Use this command to enable or disable legacy 802 1D path cost values Syntax set spantree legacypathcost disable enable Parameters Defaults None Mode Switch...

Страница 331: ...Read Write Example This example shows how to set the default path cost values to 802 1t Matrix rw clear spantree legacypathcost show spantree tctrapsuppress Use this command to display the status of t...

Страница 332: ...Cs are prevented from sending topology change traps This is because there is usually no need for network management to monitor edge port STP transition states such as when PCs are powered on When topo...

Страница 333: ...ead Only Example This example shows how to display the transmit hold count setting Matrix rw show spantree txholdcount Tx hold count 3 set spantree txholdcount Use this command to set the maximum BPDU...

Страница 334: ...6 Syntax clear spantree txholdcount Parameters None Defaults None Mode Switch command Read Write Example This example shows how to reset the transmit hold count Matrix rw clear spantree txholdcount s...

Страница 335: ...Spanning Tree instance may traverse via relay of BPDUs within the applicable MST region before being discarded Example This example shows how to set the maximum hop count to 40 Matrix rw set spantree...

Страница 336: ...uard function Syntax set spantree spanguard enable disable Parameters Defaults None Mode Switch command Read Write Usage When enabled this prevents an unauthorized bridge from becoming part of the act...

Страница 337: ...spantree spanguard Parameters None Defaults None Mode Switch command Read Write Example This example shows how to reset the status of the span guard function to disabled Matrix rw clear spantree spang...

Страница 338: ...Example This example shows how to set the span guard timeout to 600 seconds Matrix rw set spantree spanguardtimeout 600 clear spantree spanguardtimeout Use this command to reset the Spanning Tree span...

Страница 339: ...of these commands to unlock one or more ports locked by the Spanning Tree span guard function Syntax clear spantree spanguardlock port string set spantree spanguardlock port string Parameters Defaults...

Страница 340: ...his example shows how to display the state of the span guard trap function Matrix rw show spantree spanguardtrapenable Span Guard Trap is set to enable set spantree spanguardtrapenable Use this comman...

Страница 341: ...the span guard trap function to enabled Matrix rw clear spantree spanguardtrapenable show spantree backuproot Use this command to display the state of the Spanning Tree backup root function Syntax sh...

Страница 342: ...ill dynamically lower its bridge priority so that it will be selected as the new root over the lost root bridge Example This example shows how to enable the backup root function on SID 2 Matrix rw set...

Страница 343: ...s None Mode Switch command Read Only Example This example shows how to display the status of the backup root trap function Matrix rw show spantree backuproottrapenable Backup Root Trap is set to enabl...

Страница 344: ...clear spantree backuproottrapenable Parameters None Defaults None Mode Switch command Read Write Example This example shows how to reset the backup root trap function Matrix rw clear spantree backupro...

Страница 345: ...trap message when a Spanning Tree becomes the new root of the network Example This example shows how to enable the new root trap function Matrix rw set spantree newroottrapenable enable clear spantree...

Страница 346: ...t string sid sid active Parameters Defaults If port string is not specified no port information will be displayed If sid is not specified debug counters will be displayed for Spanning Tree 0 Mode Swit...

Страница 347: ...Rx Count 0 STP TC BPDU Tx Count 0 RST BPDU Rx Count 81812 RST BPDU Tx Count 790319 RST TC BPDU Rx Count 2131 RST TC BPDU Tx Count 26623 MST BPDU Rx Count 0 MST BPDU Tx Count 0 MST CIST TC BPDU Rx Cou...

Страница 348: ...ee Configuration clear spantree debug Use this command to clear Spanning Tree debug counters Syntax clear spantree debug Parameters None Defaults None Mode Switch command Read Write Example This examp...

Страница 349: ...spantree portenable 6 50 set spantree portenable 6 50 clear spantree portenable 6 51 show spantree portadmin 6 51 set spantree portadmin 6 52 clear spantree portadmin 6 52 set spantree protomigration...

Страница 350: ...et spantree portenable Use this command to set the port status on one or more Spanning Tree ports Syntax set spantree portenable port string enable disable Parameters Defaults None Mode Switch command...

Страница 351: ...and to display the status of the Spanning Tree algorithm on one or more ports Syntax show spantree portadmin port port string Parameters Defaults If port string is not specified status will be display...

Страница 352: ...ree admin status to enable on one or more ports Syntax clear spantree portadmin port string Parameters Defaults None Mode Switch command Read Write Example This example shows how to reset the default...

Страница 353: ...or more Spanning Trees Syntax show spantree portstate port port string sid sid Parameters Defaults If port string is not specified current state will be displayed for all Spanning Tree ports If sid is...

Страница 354: ...te in the transmission of frames thus preventing duplication arising through multiple paths existing in the active topology of the bridged LAN It receives Spanning Tree configuration messages but does...

Страница 355: ...e This example shows how to set the priority of fe 1 3 to 240 on SID 1 Matrix rw set spantree portpri fe 1 3 240 sid 1 port port string Optional Specifies the port s for which to display Spanning Tree...

Страница 356: ...to set the hello time for one or more Spanning Tree ports This is the time interval in seconds the port s will transmit BPDUs Syntax set spantree porthello port string interval Parameters Defaults Non...

Страница 357: ...Defaults None Mode Switch command Read Write Example This example shows how to reset the hello time to 2 seconds for port fe 1 4 Matrix rw clear spantree porthello fe 1 4 show spantree portcost Use th...

Страница 358: ...ts will be displayed If sid is not specified admin path cost for Spanning Tree 0 will be displayed Mode Switch command Read Only Example This example shows how to display the admin path cost for fe 3...

Страница 359: ...admin path cost to 0 Syntax clear spantree adminpathcost port string sid sid Parameters Defaults If sid is not specified admin path cost will be reset for Spanning Tree 0 Mode Switch command Read Wri...

Страница 360: ...hows how to display the edge port status for fe 3 2 Matrix rw show spantree adminedge port fe 3 2 Port fe 3 2 has a Port Admin Edge of Edge Port set spantree adminedge Use this command to set the edge...

Страница 361: ...on edge port Matrix rw clear spantree adminedge fe 1 11 show spantree operedge Use this command to display the Spanning Tree edge port operating status for a port Syntax show spantree operedge port po...

Страница 362: ...tch command Read Only Example This example shows how to display the point to point status of the LAN segment attached to fe 2 7 Matrix rw show spantree adminpoint port fe 2 7 Port fe 2 7 has a Port Ad...

Страница 363: ...a Spanning Tree port Syntax set spantree adminpoint port string true false auto Parameters Defaults None Mode Switch command Read Write Example This example shows how to set the LAN attached to fe 1 3...

Страница 364: ...ree port to auto mode Syntax clear spantree adminpoint port string Parameters Defaults None Mode Switch command Read Write Example This example shows how to reset point to point status to auto on fe 2...

Страница 365: ...onally per SID Syntax set spantree lp port string enable disable sid sid For information about Refer to page set spantree lp 6 65 show spantree lp 6 66 clear spantree lp 6 67 show spantree lplock 6 67...

Страница 366: ...id Parameters Defaults If no port string is specified status is displayed for all ports port string Specifies port s on which to enable or disable the Loop Protect feature For a detailed description o...

Страница 367: ...arameters Defaults If no SID is specified SID 0 is assumed Mode Switch command Read Write Example This example shows how to return the Loop Protect state on fe 2 3 to disabled Matrix rw clear spantree...

Страница 368: ...KED clear spantree lplock Use this command to manually unlock a blocked port and optionally per SID Syntax clear spantree lplock port string sid sid Parameters Defaults If no SID is specified SID 0 is...

Страница 369: ...feature is used If the value is false then there is some ambiguity as to whether an Active Partner timeout is due to a loop protection event or is a normal situation due to the fact that the partner p...

Страница 370: ...apable clear spantree lpcapablepartner Use this command to reset the Loop Protect capability of port link partners to the default state of false Syntax clear spantree lpcapablepartner port string Para...

Страница 371: ...reaches the threshold within a given period the event window then the port for the given SID becomes locked that is held indefinitely in the blocking state If the threshold is 0 the ports are never lo...

Страница 372: ...ead Write Example This example shows how to reset the Loop Protect event threshold to the default of 3 Matrix rw clear spantree lpthreshold set spantree lpwindow Use this command to set the Loop Prote...

Страница 373: ...tree lpwindow 120 show spantree lpwindow Use this command to display the current Loop Protect event window value Syntax show spantree lpwindow Parameters None Defaults None Mode Switch command Read On...

Страница 374: ...itch command Read Write Usage Loop Protect traps are sent when a Loop Protect event occurs that is when a port goes to listening due to not receiving BPDUs The trap indicates port SID and loop protect...

Страница 375: ...e Mode Switch command Read Write Example This example shows how to reset the Loop Protect event notification state to the default of disabled Matrix rw clear spantree lptrapenable set spantree dispute...

Страница 376: ...slog message is issued For example if the threshold is 10 then a trap is issued when 10 20 30 and so on disputed BPDUs have been received If the value is 0 traps are not sent The trap indicates port S...

Страница 377: ...all ports If no SID is specified SID 0 is assumed Mode Switch command Read Only Usage Exceptional conditions causing a port to be placed in listening or blocking state include a Loop Protect event re...

Страница 378: ...Configuring Spanning Tree Loop Protect Features show spantree nonforwardingreason 6 78 Spanning Tree Configuration...

Страница 379: ...the network Once the traffic and in effect the users creating the traffic are assigned to a VLAN then broadcast and multicast traffic is contained within the VLAN and users can be allowed or denied ac...

Страница 380: ...ged frames received on those ports will be assigned to VLAN 3 By default all ports are members of VLAN ID 1 the default VLAN Policy classification to a VLAN as described in Chapter 8 set policy rule o...

Страница 381: ...and if those ports will transmit the traffic with a VLAN tag included Command show vlan Use this command to display all information related to one or more VLANs Syntax show vlan static vlan list Note...

Страница 382: ...e 2 1 4 fe 3 1 7 lag 0 1 32 Forbidden Egress Ports None Untagged Ports host 0 1 fe 1 1 10 ge 2 1 4 fe 3 1 7 lag 0 1 32 Table 7 2 provides an explanation of the command output static Optional Displays...

Страница 383: ...Gold Series Configuration Guide 7 5 Forbidden Egress Ports Ports prevented from transmitted frames for this VLAN Untagged Ports Ports configured to transmit untagged frames for this VLAN Table 7 2 sho...

Страница 384: ...must be unique If a duplicate VLAN ID is entered the device assumes that the Administrator intends to modify the existing VLAN Enter the VLAN ID using a unique number between 2 and 4094 The VLAN IDs...

Страница 385: ...me vlan list vlan name Parameters Defaults None Mode Switch command Read Write Example This example shows how to set the name for VLAN 7 to green Matrix rw set vlan name 7 green clear vlan Use this co...

Страница 386: ...Matrix rw clear vlan 9 clear vlan name Use this command to remove the name of a VLAN from the VLAN list Syntax clear vlan name vlan list Parameters Defaults None Mode Switch command Read Write Exampl...

Страница 387: ...tion Syntax show port vlan port string Parameters Defaults If port string is not specified port VLAN information for all ports will be displayed Mode Switch command Read Only For information about Ref...

Страница 388: ...list will be modified Mode Switch command Read Write Usage For information on how to configure protocol based policy classification to a VLAN including how to configure a VLAN policy to override PVID...

Страница 389: ...1Q port VLAN ID PVID to the host VLAN ID 1 Syntax clear port vlan port string Parameters Defaults None Mode Switch command Read Write Example This example shows how to reset the Fast Ethernet ports 3...

Страница 390: ...ad Write Example This example shows how to create a volatile interface entry mapped to VLAN 1 Matrix rw set vlan interface 1 volatile Table 7 3 show vlan interface Output Details Output What it displa...

Страница 391: ...ed for port ingress filtering which limits incoming VLAN ID frames according to a port VLAN egress list Syntax show port ingress filter port string Parameters Defaults If port string is not specified...

Страница 392: ...ort ingress filter port string disable enable Parameters Defaults None Mode Switch command Read Write Usage When ingress filtering is enabled on a port the VLAN IDs of incoming frames are compared to...

Страница 393: ...for Fast Ethernet port 7 in module 2 In this case the port has been set to discard all tagged frames Matrix rw show port discard fe 2 7 Port Discard Mode fe 2 7 tagged set port discard Use this comma...

Страница 394: ...his command to reset the frame discard mode to the factory default setting none Syntax clear port discard port string Parameters Defaults None Mode Switch command Read Write Example This example shows...

Страница 395: ...the specified VLAN and ensures that any dynamic requests either through GVRP or dynamic egress for the port to join the VLAN will be ignored Setting a port to untagged allows it to transmit frames wit...

Страница 396: ...ports will transmit frames for a particular VLAN Syntax set vlan egress vlan list port string untagged forbidden tagged Parameters Defaults If untagged forbidden or tagged is not specified the port wi...

Страница 397: ...r vlan egress vlan list port string forbidden Parameters Defaults If forbidden is not specified tagged and untagged settings will be cleared Mode Switch command Read Write Examples This example shows...

Страница 398: ...an dynamicegress VLAN 1 is enabled VLAN 101 is enabled VLAN 102 is enabled VLAN 105 is enabled set vlan dynamicegress Use this command to set the administrative status of one or more VLANs dynamic egr...

Страница 399: ...gress Configuring the VLAN Egress List Enterasys Matrix DFE Gold Series Configuration Guide 7 21 Example This example shows how to enable the dynamic egress function on VLAN 7 Matrix rw set vlan dynam...

Страница 400: ...out GVRP configured ports on the device in a GARP formatted frame using the GVRP multicast MAC address A switch router that receives this frame examines the frame and extracts the VLAN IDs GVRP then c...

Страница 401: ...tch 1 1 R R 3 Switch 2 1 2 D R D 2 1 4 6 8 10 12 14 16 3 5 7 9 11 13 15 18 17 20 22 24 26 28 30 32 19 21 23 25 27 29 31 34 33 36 38 40 42 44 46 48 35 37 39 41 43 45 47 Reset Console PWR CPU 1H152 51 S...

Страница 402: ...2 1 enabled 00 e0 63 97 d4 36 Table 7 4 provides an explanation of the command output show garp timer Use this command to display GARP timer values for one or more ports Syntax show garp timer port st...

Страница 403: ...n of the command output For details on using the set gvrp command to enable or disable GVRP refer to set gvrp on page 7 26 For details on using the set garp timer command to change default timer value...

Страница 404: ...le shows how to enable GVRP on Fast Ethernet port 3 in module 1 Matrix rw set gvrp enable fe 1 3 clear gvrp Use this command to clear GVRP status or on one or more ports Syntax clear gvrp port string...

Страница 405: ...nds for all ports Matrix rw set garp timer join 100 This example shows how to set the leave timer value to 300 centiseconds for all ports Matrix rw set garp timer leave 300 This example shows how to s...

Страница 406: ...tiseconds on Fast Ethernet port 5 in module 2 Matrix rw clear garp timer leave fe 2 5 join Optional Resets the join timer to 20 centiseconds leave Optional Resets the leave timer to 60 centiseconds le...

Страница 407: ...orts activated for a profile will be allowed to transmit frames accordingly Configure CoS to automatically assign policy based inbound rate limiters and transmit queues Note It is recommended that you...

Страница 408: ...or all indexes Mode Switch command Read Only Example This example shows how to display policy information for policy profile 11 Matrix rw show policy profile 11 Profile Index 11 Profile Name MacAuth1...

Страница 409: ...enabled active or disabled Port VID Status Whether or not PVID override is enabled or disabled for this policy profile If all the classification rules associated with this profile are missed then this...

Страница 410: ...the classification rules associated with this profile are missed then this parameter if specified determines default behavior cos cos Optional Specifies a COS value to assign to packets if CoS overrid...

Страница 411: ...nknown policy Syntax show policy invalid action count all Parameters Defaults None Mode Switch command Read Only Example This example shows how to display invalid policy action and count information M...

Страница 412: ...y invalid action drop clear policy invalid action Use this command to reset the action the device will apply to an invalid or unknown policy to the default action of applying the default policy Syntax...

Страница 413: ...data mask mask port string port string rule status active not in service not ready storage type non volatile volatile vlan vlan drop forward dynamic pid dynamic pid cos cos admin pid admin pid verbose...

Страница 414: ...a Not required for ipfrag classification Displays rules for a predefined classifier This value is dependent on the classification type entered Refer to Table 8 3 for valid values for each classificati...

Страница 415: ...V 1 Table 8 2 provides an explanation of the command output Table 8 2 show policy rule Output Details Output What it displays PID Profile profile index number indicating a classification rule is displ...

Страница 416: ...dministratively or dynamically The next four columns from the left indicate the actions that may be performed The last three columns indicate auditing options An x in an action column for a traffic at...

Страница 417: ...tion X X X X X X X X X TCP port source X X X X X X X X X TCP port destination X X X X X X X X X ICMP packet type X X X X X X X X X TTL IP type of service X X X X X X X X X IP proto X X X X X X X X X E...

Страница 418: ...ies Dropping of packet ether Classifies based on type field in Ethernet II packet llc DSAP SSAP pair in 802 3 type packet field 0 65535 iptos Classifies based on Type of Service field in IP packet ipp...

Страница 419: ...s are 1 1023 Note Admin profiles can be assigned to a specific ingress port by specifying port string and admin pid values as described below ether Classifies based on type field in Ethernet II packet...

Страница 420: ...1 admin pid 2 Matrix rw set policy rule admin profile ether 1526 admin pid 2 Table 8 3 provides the set policy rule data values that can be entered for a particular classification type and the mask b...

Страница 421: ...5 1 8 llcDsapSsap DSAP SSAP CTRL field in llc a b c ab 1 40 Destination or Source MAC macdest macsource MAC Address 00 00 00 00 00 00 1 48 port Port string Eg fe 1 1 1 16 Destination or Source TCP por...

Страница 422: ...licy all rules macdest Deletes associated MAC destination address classification rule macsource Deletes associated MAC source address classification rule port Deletes associated port string classifica...

Страница 423: ...ith an index of 20 to port fe 1 3 Matrix rw set policy port fe 1 3 20 show policy allowed type Use this command to display a list of currently supported traffic rules applied to the admininstrative pr...

Страница 424: ...2 C N I T 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 3 Port 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 5 6 7 8 1 ge 1 5 set policy allowed type Use this command to assign a list of traffic rules that can be a...

Страница 425: ...policy allowed type Use this command to clear the list of traffic rules currently assigned to the admin profile for one or more ports This will reassign the default setting which is all rules are all...

Страница 426: ...licy Profiles clear policy port hit 8 20 Policy Classification Configuration Defaults None Mode Switch command Read Write Example This example shows how to clear rule port hit indications on all ports...

Страница 427: ...transmit queues and traffic rate limiting When policy based CoS is enabled the default and user assigned settings will override port based settings described in Chapter 22 About Policy Based CoS Defa...

Страница 428: ...Configuring User Defined CoS To do this Use these commands For information about Refer to page show cos state 8 23 set cos state 8 23 show cos port type 8 24 show cos unit 8 26 show cos port config 8...

Страница 429: ...to show the Class of Service enable state Matrix rw show cos state Class of Service application is enabled set cos state Use this command to enable or disable Class of Service Syntax set cos state en...

Страница 430: ...and NSA modules Other port groupings can be configured using the commands in this section Example This example shows how to display all Class of Service port type information In this case no new port...

Страница 431: ...ates all other modules Port type description Resource specific text description of the port type Default names are DFE P 16Q for port type 0 TXQ Applies to 7GR4270 12 7G4270 12 7G4270 09 and 7G4270 10...

Страница 432: ...w cos unit irl Port Type Type Unit Maximum Rate Minimum Rate Granularity 0 irl Gbps 10 1 1 0 irl Mbps 10000 1 1 0 irl Kbps 10000000 5121024 1 0 irl perc 100 1 1 1 irl Gbps 10 1 1 1 irl Mbps 10000 1 1...

Страница 433: ...Configuration Entries Port Group Name DFE P 16Q Port Group 0 Port Type 0 Assigned Ports ge 1 1 12 Arbiter Mode Strict Slices queue Q 0 0 Q 1 0 Q 2 0 Q 3 0 Q 4 0 Q 5 0 Q 6 0 Q 7 0 Q 8 0 Q 9 0 Q 10 0 Q...

Страница 434: ...e ports port list append clear Parameters Defaults If a name is not specified default names described in Table 8 5 will be applied If not specified this configuration will be applied to all ports in t...

Страница 435: ...s port config irl all group type index entry name ports Parameters Defaults None Mode Switch command Read Write Example This example shows how to delete the CoS inbound rate limiting port group entry...

Страница 436: ...queue port group configurations Syntax clear cos port config txq all group type index entry name ports Parameters Defaults None group type index Specifies a transmit queue port group type index for t...

Страница 437: ...mple shows how to show all inbound rate limiting port resource configuration information for port group 0 1 Matrix rw show cos port resource irl 0 1 after the rate value indicates an invalid rate valu...

Страница 438: ...512 syslog enable trap enable group type index Specifies an inbound rate limiting port group type index for this entry Valid entries are in the form of group type Group can be 0 7 with 0 designating t...

Страница 439: ...ociated with port group 0 1 resource entry 0 Matrix rw clear cos port resource irl 0 1 0 set cos port resource txq Use this command to configure a Class of Service transmit queue port resource entry S...

Страница 440: ...t queue port group type index for this entry Valid entries are in the form of group type Group can be 0 7 with 0 designating the default group and 1 7 reserved for user defined groups Default port typ...

Страница 441: ...ts If no options are specified all reference information for all port types will be displayed Mode Switch command Read Only Example This example shows how to show all transmit queue reference configur...

Страница 442: ...r one or all Class of Service inbound rate limiting reference configurations Syntax clear cos reference irl all group type index reference Parameters group type index Specifies an inbound rate limitin...

Страница 443: ...e entry 0 for port group 0 1 referencing resources defined by TXQ entry 0 Matrix rw set cos reference irl 0 1 0 queue 0 clear cos reference txq Use this command to clear one or all non default Class o...

Страница 444: ...ers Syntax show cos settings cos list Parameters Defaults If not specified all CoS entries will be displayed Mode Switch command Read Only Example This example shows how to show all CoS settings Matri...

Страница 445: ...s command to clear Class of Service entry settings Syntax clear cos settings cos list all priority tos value txq reference irl reference Parameters cos list Specifies a Class of Service entry Valid va...

Страница 446: ...itch command Read Only Example This example shows how to show any CoS inbound rate limiting violations Matrix rw show cos violation irl There are no ports disabled by any irl rate limiters clear cos v...

Страница 447: ...clear cos all entries Use this command to clears all Class of Service entries except priority settings 0 7 Syntax clear cos all entries Parameters None Defaults None Mode Switch command Read Write Exa...

Страница 448: ...ck is exited and the map having the ACL matching the packet is checked for further routing instruction If the action of that map is permit and a next hop is specified policy based routing will forward...

Страница 449: ...ches 0 packets route map Use this command to create a route map for policy based routing and to enable policy based routing configuration mode Syntax route map id number permit deny sequence number no...

Страница 450: ...Matrix Router config route map 101 permit 20 match ip address Use this command to match a packet source IP address against a PBR access list Up to 5 access lists can be matched Syntax match ip addres...

Страница 451: ...ix Router config route map pbr Usage The no form of this command deletes next hop IP address es Example This example shows how to set IP address 10 2 3 4 as the next hop for packets matching ACL 1 Mat...

Страница 452: ...age 8 46 Priority How the PBR next hop selection will be prioritized Set with the ip policy priority command as described in ip policy priority on page 8 47 Load policy How the PBR next hop will be se...

Страница 453: ...efaults None Mode Router command Interface configuration Matrix Router config if Vlan vlan_id Usage The no form of this command resets the PBR priority configuration back to the default of first Examp...

Страница 454: ...as flagged it as unavailable The no form of this command resets the next hop behavior to first available Example This example shows how to set the load policy behavior on VLAN 1 to round robin Matrix...

Страница 455: ...command turns PBR ping to off Example This example shows how to configure the PBR ping interval to 5 and retries to 4 on VLAN 1 Matrix Router config interface vlan 1 Matrix Router config if Vlan 1 ip...

Страница 456: ...Configuring Policy Based Routing ip policy pinger 8 50 Policy Classification Configuration...

Страница 457: ...IP multicasting across the Internet IGMP provides the final step in an IP multicast packet delivery service since it is only concerned with forwarding multicast traffic from the local switch device t...

Страница 458: ...refully pruned at every multicast switch router it passes through to ensure that traffic is only passed to the hosts that subscribed to this service The Enterasys Matrix Series switch device uses IGMP...

Страница 459: ...his command to enable IGMP on one or more VLANs Syntax set igmp enable vlan list Parameters Defaults None Mode Switch command Read Write Example This example shows how to enable IGMP on VLAN 104 Matri...

Страница 460: ...Enabling Disabling IGMP set igmp disable 9 4 IGMP Configuration Example This example shows how to disable IGMP on VLAN 104 Matrix rw set igmp disable 104...

Страница 461: ...meters For information about Refer to page show igmp query 9 5 set igmp query enable 9 6 set igmp query disable 9 6 show igmp grp full action 9 7 set igmp grp full action 9 7 show igmp config 9 8 set...

Страница 462: ...ing on one or more VLANs Syntax set igmp query enable vlan list Parameters Defaults None Mode Switch command Read Write Example This example shows how to enable IGMP querying on VLAN 104 Matrix rw set...

Страница 463: ...None Mode Switch command Read Only Example This example shows how to display the action taken for multicast frames when the IGMP group table is full Matrix rw show igmp grp full action Group Table Ful...

Страница 464: ...N 1 Matrix rw show igmp config 1 IGMP config for vlan 1 VlanQueryInterval 125 VlanStatus Active Vlan IGMP Version 2 VlanQuerier 134 141 22 1 VlanQueryMaxResponseTime 10 VlanRobustness 2 VlanLastMember...

Страница 465: ...e IGMP querier has been active Table 9 1 show igmp config Output Details continued Output What it displays vlan list Specifies the VLAN s on which to configure IGMP query interval query interval Optio...

Страница 466: ...to remove IGMP configuration settings for VLAN 104 Matrix rw set igmp delete 104 show igmp groups Use this command to display information about IGMP groups known to one or more VLANs Syntax show igmp...

Страница 467: ...s If not specified static IGMP information will be displayed for all groups Mode Switch command Read Only Example This example shows how to display static IGMP information for VLAN 105 The display is...

Страница 468: ...lude ports exclude ports Parameters Defaults If not specified the static entry will be removed and not modified Mode Switch command Read Write Example This example shows how to remove port fe 1 3 from...

Страница 469: ...cast Data 17 Protocol Ids set to routing Protocol 3 7 9 42 43 45 47 48 85 86 88 89 91 92 100 103 112 Protocol Ids set to Ignore 0 4 6 10 16 18 41 44 46 49 84 87 90 93 99 101 102 104 111 113 255 set ig...

Страница 470: ...ax clear igmp protocols protocol id protocol id Parameters Defaults None Mode Switch command Read Write Example This example shows how to clear IGMP protocols for protocol id 3 Matrix rw clear igmp pr...

Страница 471: ...display IGMP reporter information Syntax show igmp reporters portlist portlist group group vlan list vlan list sip sip Parameters Defaults If no parameters are specified all IGMP reporter information...

Страница 472: ...e specified information for all IGMP flows is displayed Mode Switch command Read Only Example This example shows how to display all the IGMP flow information Matrix rw show igmp counters Multicast Flo...

Страница 473: ...ted 0 Igmp Group Specific Queries transmitted 0 Igmp Queries received 776482 Igmp Version 1 Joins received 0 Igmp Version 2 Joins received 1024 Igmp Version 3 Joins received 22 Igmp Leave Groups recei...

Страница 474: ...oups 9 18 IGMP Configuration Example This example shows how to display the number of multicast groups supported by the device Matrix rw show igmp number groups IGMP current max number of groups 4096 I...

Страница 475: ...document that contains a complete discussion on Syslog configuration exists at the following Enterasys web site http www enterasys com support manuals For information about Refer to page show logging...

Страница 476: ...ing information Matrix rw show logging all Application Current Severity Level Server List 88 RtrAcl 6 1 8 89 CLI 6 1 8 90 SNMP 6 1 8 91 Webview 6 1 8 93 System 6 1 8 95 RtrFe 6 1 8 96 Trace 6 1 8 105...

Страница 477: ...setting this value using the set logging application command refer to set logging application on page 10 9 Defaults Default facility name severity level and UDP port designation as described below Fo...

Страница 478: ...ort state enable disable Parameters index Specifies the server table index number for this server Valid values are 1 8 ip addr ip addr Optional Specifies the Syslog message server s IP address facilit...

Страница 479: ...mmand shows how to enable a Syslog server configuration for index 1 IP address 134 141 89 113 facility local4 severity level 3 on port 514 Matrix rw set logging server 1 ip addr 134 141 89 113 facilit...

Страница 480: ...Syntax set logging default facility facility severity severity port port Parameters Defaults None Mode Switch command Read Write facility facility Specifies the default facility name Valid values are...

Страница 481: ...mmand Read Write Example This example shows how to reset the Syslog default severity level to 6 Matrix rw clear logging default severity show logging application Use this command to display the severi...

Страница 482: ...how to display system logging information pertaining to the all supported applications Matrix su show logging application Application Current Severity Level Server List 88 RtrAcl 6 1 8 89 CLI 6 1 8 90...

Страница 483: ...gging application command refer to set logging application on page 10 9 Server List Servers to which log messages are being sent mnemonic Specifies a case sensitive mnemonic abbreviation of an applica...

Страница 484: ...SSH level 4 server 1 Table 10 3 Sample Mnemonic Values for Logging Applications Mnemonic Application AAA Authentication Authorization Accounting AddrNtfy Address Add and Move Notification CLI Command...

Страница 485: ...rw clear logging application SSH show logging local Use this command to display the state of message logging to the console and a persistent file Syntax show logging local Parameters None Defaults No...

Страница 486: ...ble logging to the console and disable logging to a persistent file Matrix rw set logging local console enable file disable clear logging local Use this command to clear the console and persistent sto...

Страница 487: ...ion is using Telnet or SSH but persistent on the console Example This command shows how to enable the display of logging messages to the current CLI session Matrix rw set logging here enable clear log...

Страница 488: ...ax show logging buffer Parameters None Defaults None Mode Switch command Read Only Example This example shows a portion of the information displayed with the show logging buffer command Matrix rw show...

Страница 489: ...the size of the history buffer and to display and disconnect current user sessions Commands history Use this command to display the contents of the command history buffer Syntax history For informatio...

Страница 490: ...age 11 3 Example This example shows how to display the contents of the command history buffer It shows there are five commands in the buffer Matrix rw history 1 hist 2 show gvrp 3 show vlan 4 show igm...

Страница 491: ...ics for the switch s active network connections Syntax show netstat icmp ip routes stats tcp udp Parameters Defaults If no parameters are specified show netstat will be executed as shown in the exampl...

Страница 492: ...efaults If s is not specified the ping will not be continuous If not specified packet count will be 1 Table 11 1 show netstat Output Details Output What it displays PCB Protocol Control Block designat...

Страница 493: ...icmp seq 6 time 0 ms 64 bytes from 134 141 89 29 icmp seq 7 time 0 ms 64 bytes from 134 141 89 29 icmp seq 8 time 0 ms 64 bytes from 134 141 89 29 icmp seq 9 time 0 ms 134 141 89 29 PING Statistics 10...

Страница 494: ...s command In this output there are two Telnet users logged in with Read Write access privileges from IP addresses 134 141 192 119 and 134 141 192 18 Matrix rw show users Session User Location telnet r...

Страница 495: ...sion from the switch CLI Syntax disconnect ip addr console Parameters Defaults None Mode Switch command Read Write Examples This example shows how to close a Telnet session to host 134 141 192 119 Mat...

Страница 496: ...priority queues will be displayed Mode Switch command Read Only Example This example shows how to display SMON priority 0 statistics for 1 Gigabit Ethernet port 14 in module 3 Matrix rw show smon pri...

Страница 497: ...d Read Write Example This example shows how set the device to gather SMON priority statistics from 1 Gigabit Ethernet port 14 in module 3 Matrix rw set smon priority ge 3 14 clear smon priority Clears...

Страница 498: ...vlan id is not specified statistics for all VLANs will be displayed Mode Switch command Read Only Example This example shows how to display SMON VLAN 1 statistics for 1 Gigabit Ethernet port 14 in mod...

Страница 499: ...ple shows how set the device to gather SMON VLAN related statistics from 1 Gigabit Ethernet port 14 in module 3 Matrix rw set smon vlan ge 3 14 clear smon vlan Use this command to delete an SMON VLAN...

Страница 500: ...de Switch command Read Write Example This example shows how clear an SMON VLAN statistics counting configuration from 1 Gigabit Ethernet source port 14 in module 3 Matrix rw clear smon vlan ge 3 14 po...

Страница 501: ...sized and undersized packets fragments jabbers and counters for packets show rmon stats show rmon stats on page 11 15 set rmon stats set rmon stats on page 11 17 clear rmon stats clear rmon stats on p...

Страница 502: ...device detects a new conversation it creates a new matrix entry Source and destination address pairs and packets bytes and errors for each pair show rmon matrix show rmon matrix on page 11 32 set rmo...

Страница 503: ...1 20 Port fe 1 20 Index 1011 Owner monitor Data Source 1 3 6 1 2 1 2 2 1 1 51021 Drop Events 0 Packets 0 Collisions 0 Octets 0 Jabbers 0 0 64 Octets 0 Broadcast Pkts 0 65 127 Octets 0 Multicast Pkts...

Страница 504: ...the data that was originally sent Undersize Pkts Number of frames received containing less than the minimum Ethernet frame size of 64 bytes not including the preamble but having a valid CRC Oversize...

Страница 505: ...were between 512 and 1023 bytes in length excluding framing bits but including FCS bytes 1024 1518 Octets Total number of frames including bad frames received that were between 1024 and 1518 bytes in...

Страница 506: ...display RMON history entries for Fast Ethernet port 14 in module 3 A control entry displays first followed by actual entries corresponding to the control entry In this case the default settings for en...

Страница 507: ...val will be set to 30 seconds If owner is not specified monitor will be applied Mode Switch command Read Write Example This example shows how configure RMON history entry 1 on port fe 2 1 to sample ev...

Страница 508: ...larm group periodically takes statistical samples from RMON variables and compares them with previously configured thresholds If the monitored variable crosses a threshold an RMON event is generated E...

Страница 509: ...ether the monitoring method is an absolute or a delta sampling Startup Alarm Whether alarm generated when this entry is first enabled is rising falling or either Interval Interval in seconds at which...

Страница 510: ...nerated when this event is first enabled as Rising Sends alarm when an RMON event reaches a maximum threshold condition is reached for example more than 30 collisions per second Falling Sends alarm wh...

Страница 511: ...ies command An alarm is a notification that a statistical sample of a monitored variable has crossed a configured threshold Example This example shows how to enable RMON alarm entry 3 Matrix rw set rm...

Страница 512: ...ublic Last Time Sent 0 days 0 hours 0 minutes 37 seconds Table 11 5 provides an explanation of the command output index Optional Displays RMON properties and log entries for a specific entry index ID...

Страница 513: ...TP topology change type both community public owner Manager set rmon event status Use this command to enable an RMON event entry An event entry describes the parameters of an RMON event that can be tr...

Страница 514: ...used index with the set properties command Example This example shows how to enable RMON event entry 1 Matrix rw set rmon event status 1 enable clear rmon event Use this command to delete an RMON even...

Страница 515: ...ow to display RMON host properties and statistics A control entry displays first followed by actual entries corresponding to the control entry For a description of the types of statistics shown refer...

Страница 516: ...1 Matrix rw set rmon host properties 1 fe 1 5 set rmon host status Use this command to enable an RMON host entry Syntax set rmon host status index enable Parameters Defaults None Mode Switch command...

Страница 517: ...Matrix rw clear rmon host 1 show rmon topN Use this command to displays RMON TopN properties and statistics TopN monitoring prepares tables that describe the hosts topping a list ordered by one of th...

Страница 518: ...ne top N report prepared for one interface Status Whether this event entry is enabled valid or disabled Owner Text string identifying who configured this entry Start Time System up time when this repo...

Страница 519: ...val of 60 seconds and a maximum number of entries of 20 Matrix rw set rmon topN properties 1 1 inpackets 60 20 set rmon topN status Use this command to enable an RMON topN entry Syntax set rmon topN s...

Страница 520: ...ults None Mode Switch command Read Write Example This example shows how to delete RMON TopN entry 1 Matrix rw clear rmon topN 1 show rmon matrix Use this command to display RMON matrix properties and...

Страница 521: ...x properties command as described in set rmon matrix properties on page 11 34 port string Optional Displays RMON properties and statistics for a specific port s source dest Optional Sorts the display...

Страница 522: ...nable Parameters Defaults None Octets Number of octets excluding framing bits but including FCS octets contained in all packets transmitted from the source address to the destination address Errors Er...

Страница 523: ...ters Defaults None Mode Switch command Read Write Example This example shows how to delete RMON matrix entry 1 Matrix rw clear rmon matrix 1 show rmon channel Use this command to display RMON channel...

Страница 524: ...Maximum value is 65535 port string Specifies the port on which traffic will be monitored accept matched failed Optional Specifies the action of the filters on this channel as matched Packets will be a...

Страница 525: ...be set to monitor Mode Switch command Read Write Example This example shows how to accept failed control on description capture all create an RMON channel entry Matrix rw set rmon channel 54313 fe 2...

Страница 526: ...configure an RMON filter entry Syntax set rmon filter index channel_index offset offset status status smask smask snotmask snotmask data data dmask dmask dnotmask dnotmask owner owner Parameters inde...

Страница 527: ...mmand Read Write Example This example shows how to clear RMON filter entry 1 Matrix rw clear rmon filter index 1 smask smask Optional Specifies the mask applied to status to indicate which bits are si...

Страница 528: ...k Captured packets 251 Capture slice 128 Download size 100 Download offset 0 Max Octet Requested 50000 Max Octet Granted 50000 Start time 1 days 0 hours 51 minutes 15 seconds Owner monitor captureEntr...

Страница 529: ...eate RMON capture entry 1 to listen on channel 628 Matrix rw set rmon capture 1 628 index Specifies a buffer control entry channel Specifies the channel to which this capture entry will be applied act...

Страница 530: ...capture Use this command to clears an RMON capture entry Syntax clear rmon capture index Parameters Defaults None Mode Switch command Read Write Example This example shows how to clear RMON capture e...

Страница 531: ...to display add or delete IP routing table addresses and to display MAC address information Commands Note The commands in this section pertain to the Enterasys Matrix Series device from the switch CLI...

Страница 532: ...lay the ARP table Matrix rw show arp LINK LEVEL ARP TABLE IP Address Phys Address Flags Interface 10 20 1 1 00 00 5e 00 01 1 S host0 134 142 21 194 00 00 5e 00 01 1 S host0 134 142 191 192 00 00 5e 00...

Страница 533: ...his command to delete a specific entry or all entries from the switch s ARP table Syntax clear arp ip all Table 12 1 show arp Output Details Output What it displays IP Address IP address mapped to MAC...

Страница 534: ...isplay the status of the RAD Runtime Address Discovery protocol on the switch Syntax show rad Parameters None Defaults None Mode Switch command Read Only Example This example shows how to display RAD...

Страница 535: ...ver if the lease time for the address is set to infinity unlimited This will prevent the DFE from switching addresses when a lease time expires Example This example shows how to disable RAD Matrix rw...

Страница 536: ...ry R host or net unreachable D created dynamically by redirect M modified dynamically by redirect d message confirmed C generate new routes on use X external daemon resolves name L generated by ARP S...

Страница 537: ...put will be displayed If x is not specified checksums will be calculated Mode Switch command Read Only Usage Three UDP or ICMP probes will be transmitted for each hop between the source and the tracer...

Страница 538: ...10 000 ms 20 000 ms 3 192 167 252 17 192 167 252 17 50 000 ms 0 000 ms 20 000 ms set ip route Use this command to add a route to the switch s IP routing table Syntax set ip route destination default g...

Страница 539: ...s for all ports will be displayed Mode Switch command Read Only Usage These are port MAC addresses programmed into the device during manufacturing To show the MAC addresses learned on a port through t...

Страница 540: ...ime 300 seconds This example shows how to display MAC address information for Fast Ethernet port 3 in module 1 agetime Optional Display the time in seconds that a learned MAC address will stay in the...

Страница 541: ...dentifier Port Port designation Type Address type Valid types are other entry is other than below invalid entry is no longer valid but has not been yet flushed out learned entry has been learned and i...

Страница 542: ...addresses out of the filtering database s Syntax clear mac all address address fid fid vlan id vlan id port string port string type learned mgmt agetime unicast as multicast Parameters unicast mac add...

Страница 543: ...be displayed Mode Switch command Read Only vlan id vlan id Specify a VLAN ID from which to clear the MAC address for static multicast entries only port string port string Single port to clear ex fe 1...

Страница 544: ...p port string enable disable Parameters Defaults If port string is not specified MAC address traps will be globally enabled or disabled Mode Switch command Read Write Example This example shows how to...

Страница 545: ...ing globally or on one or more ports when moved source MAC addresses are detected Syntax set movedaddrtrap port string enable disable Parameters Defaults If port string is not specified MAC address tr...

Страница 546: ...itch Network Addresses and Routes set movedaddrtrap 12 16 Network Address and Route Management Configuration Example This example shows how to globally enable MAC address traps Matrix rw set movedaddr...

Страница 547: ...h synchronizes device clocks in a network Commands For information about Refer to page show sntp 13 2 set sntp client 13 3 clear sntp client 13 4 set sntp server 13 4 clear sntp server 13 5 set sntp b...

Страница 548: ...Delay 3000 microseconds Broadcast Count 0 Poll Interval 512 seconds Poll Retry 1 Poll Timeout 5 seconds SNTP Poll Requests 1175 Last SNTP Update TUE SEP 09 16 05 24 2003 Last SNTP Request TUE SEP 09...

Страница 549: ...the set sntp poll retry command set sntp poll retry on page 13 7 Poll Timeout Timeout for a response to a unicast SNTP request Default of 5 seconds can be reset using set sntp poll timeout command cle...

Страница 550: ...is example shows how to clear the SNTP client s operational mode Matrix rw clear sntp client set sntp server Use this command to add a server from which the SNTP client will retrieve the current time...

Страница 551: ...e Switch command Read Write Example This example shows how to remove the server at IP address 10 21 1 100 from the SNTP server list Matrix rw clear sntp server 10 21 1 100 set sntp broadcastdelay Use...

Страница 552: ...stdelay Parameters None Defaults None Mode Switch command Read Write Example This example shows how to clear the SNTP broadcast delay time Matrix rw clear sntp broadcastdelay set sntp poll interval Us...

Страница 553: ...to clear the SNTP poll interval Matrix rw clear sntp poll interval set sntp poll retry Use this command to set the number of poll retries to a unicast SNTP server Syntax set sntp poll retry retry Par...

Страница 554: ...ommand to set the poll timeout in seconds for a response to a unicast SNTP request Syntax set sntp poll timeout timeout Parameters Defaults None Mode Switch command Read Write Example This example sho...

Страница 555: ...splay SNTP time zone settings Matrix rw show timezone Admin Config timezone offset from UTC is 5 hours and 0 minutes Oper Config timezone offset from UTC is 5 hours and 0 minutes set timezone Use this...

Страница 556: ...Write Example This example shows how to set the time zone to EST with an offset of minus 5 hours Matrix rw set timezone ETS 5 0 clear timezone Use this command to remove SNTP time zone adjustment val...

Страница 557: ...ealias Use this command to display node alias properties for one or more ports Syntax show nodealias port string Parameters For information about Refer to page show nodealias 14 1 show nodealias mac 1...

Страница 558: ...Alias ID 1533917044 Active true Vlan ID 1 MAC Address 00 e0 63 04 7b 00 Protocol ip Source IP 63 214 44 63 Table 14 1 provides an explanation of the command output show nodealias mac Use this command...

Страница 559: ...following protocols Internet Protocol Appletalk Media Access Control Hot Standby Routing Protocol Dynamic Host Control Protocol Server Dynamic Host Control Protocol Client Boot Protocol Server Boot P...

Страница 560: ...hrs 34 mins 54 secs Alias ID 306783579 Active true Vlan ID 1 MAC Address 00 e0 63 59 f4 55 Protocol bpdu Port ge 3 14 Time 0 days 00 hrs 00 mins 46 secs Alias ID 613566759 Active true Vlan ID 1 MAC Ad...

Страница 561: ...fig Use this command to display node alias configuration settings on one or more ports Syntax show nodealias config port string Parameters ip apl mac hsrp dhcps dhcpc bootps bootpc ospf vrrp ipx xrip...

Страница 562: ...alias Use this command to enable or disable a node alias agent on one or more ports Syntax set nodealias enable disable port string Parameters Table 14 2 show nodealias config Output Details Output Wh...

Страница 563: ...lias disable fe 1 3 set nodealias maxentries Use this command to set the maximum number of node alias entries allowed for one or more ports Syntax set nodealias maxentries val port string Parameters D...

Страница 564: ...This example shows how to reset the node alias configuration on fe 1 3 Matrix rw clear nodealias config fe 1 3 port string port string Specifies the port s on which to remove all node alias entries Fo...

Страница 565: ...and the path the frame takes through the switch Operation NetFlow can be enabled on all ports on a Enterasys Matrix system including fixed front panel ports LAG ports NEM ports and FTM1 backplane por...

Страница 566: ...support aggregation caches Provides 4 predefined templates The appropriate template is selected for each flow depending on whether the flow is routed or switched and whether it is a TCP UDP packet or...

Страница 567: ...information and statistics Matrix rw show netflow Cache Status enabled Destination IP 10 10 1 1 Destination UDP Port 2055 Export Version 5 clear netflow cache 15 4 set netflow export destination 15 5...

Страница 568: ...set netflow cache enable disable Parameters Defaults None Mode Switch command Read Write Usage A NetFlow cache maintains NetFlow information for all active flows By default NetFlow caches are not cre...

Страница 569: ...netflow export destination ip address udp port Parameters Defaults None Mode Switch command Read Write Usage By default no collector address is configured Only one collector destination per Enterasys...

Страница 570: ...set netflow export interval interval Parameters Defaults None Mode Switch command Read Write Usage Each DFE blade in the Enterasys Matrix system will transmit a NetFlow packet when It has accumulated...

Страница 571: ...how to return the NetFlow export interval to its default value Matrix rw clear netflow export interval set netflow port Use this command to enable NetFlow collection on a port Syntax set netflow port...

Страница 572: ...export version Use this command to set the NetFlow flow record format used to export data Syntax set netflow export version 5 9 Parameters Defaults None Mode Switch command Read Write Usage Refer to V...

Страница 573: ...o the default of Version 5 Syntax clear netflow export version Parameters None Defaults None Mode Switch command Read Write Usage Use the show netflow config command show netflow on page 15 3 to displ...

Страница 574: ...ur Enterasys Matrix system must be determined since the default settings of a 20 packet refresh rate and a 30 minute timeout may not be optimal for your environment For example a switch processing an...

Страница 575: ...At least one of the refresh rate or timeout parameters must be specified although both can be specified on one command line Mode Switch command Read Write Example This example shows how to return the...

Страница 576: ...Configuring NetFlow clear netflow template 15 12 NetFlow Configuration...

Страница 577: ...d interface is down IP packets routed to the loopback interface are rerouted back to the router or access server and processed locally Routing interface configuration commands in this guide will confi...

Страница 578: ...n id loopback loopback id lo local id Parameters Defaults If interface type is not specified information for all routing interfaces will be displayed Table 16 1 VLAN and Loopback Interface Configurati...

Страница 579: ...out 14400 seconds lo is Administratively UP lo is Operationally UP Internet Address is 127 0 0 1 Subnet Mask is 255 255 255 0 The name of this device is lo The MTU is 1500 bytes The bandwidth is 10000...

Страница 580: ...igure 2 8 in Pre Routing Configuration Tasks on page 2 100 Each Enterasys Matrix Series routing module or standalone device can support up to 96 routing interfaces Each interface can be configured for...

Страница 581: ...Outgoing Access List is not Set IP Helper Address is not Set MTU is 1500 bytes ARP Timeout is 14400 seconds Proxy Arp is Enabled Gratuitous arp learning is not set ICMP Re Directs are enabled ICMP Un...

Страница 582: ...d as described in ip helper address on page 16 21 MTU Interface s Maximum Transmission Unit size ARP Timeout Duration for entries to stay in the ARP table before expiring Set using the arp timeout com...

Страница 583: ...to 192 168 1 1 and the network mask to 255 255 255 0 for VLAN 1 Matrix Router config interface vlan 1 Matrix Router config if Vlan 1 ip address 192 168 1 1 255 255 255 0 no shutdown Use this command...

Страница 584: ...in router mode only For a sample of how to use these commands interchangeably with the Enterasys Matrix Series single configuration interface commands refer to Performing a Basic Router Configuration...

Страница 585: ...be displayed to the terminal session Mode Router command Privileged EXEC Matrix Router Usage The write file command must be executed in order to save the router configuration to NVRAM If this command...

Страница 586: ...isable IP routing on the device and remove the routing configuration Syntax no ip routing Parameters None Defaults None Mode Router command Global configuration Matrix Router config Usage By default I...

Страница 587: ...display or write the current router configuration to a file For details refer to show config on page 2 85 Configuring the Router You can configure the router using either of the following methods Usi...

Страница 588: ...on page 2 86 6 Run the configure command using the new config file as described in configure on page 2 86 Reviewing and Configuring the ARP Table Purpose To review and configure the routing ARP table...

Страница 589: ...rix Router show ip arp vlan 2 Protocol Address Age min Hardware Addr Type Interface Internet 134 141 235 251 0 0003 4712 7a99 ARPA Vlan2 Table 16 3 provides an explanation of the command output ip add...

Страница 590: ...0 2 3 1 and MAC address 0003 4712 7a99 Matrix Router config arp 130 2 3 1 0003 4712 7a99 arpa Table 16 3 show ip arp Output Details Output What it displays Protocol ARP entry s type of network address...

Страница 591: ...RP updating from gratuitous ARP requests on VLAN 1 Matrix Router config interface vlan 1 Matrix Router config if Vlan 1 ip gratuitous arp request ip gratuitous arp learning Use this command to allow a...

Страница 592: ...le proxy ARP on an interface This variation of the ARP protocol allows the routing module to send an ARP response on behalf of an end node to the requesting host Syntax ip proxy arp default route loca...

Страница 593: ...If the user needs interfaces to use different MAC addresses this command will allow it It is the user s responsibility to select a MAC address that will not conflict with other devices on the VLAN sin...

Страница 594: ...ws how to set the ARP timeout to 7200 seconds Matrix Router config arp timeout 7200 clear arp cache Use this command to delete all nonstatic dynamic entries from the ARP table Syntax clear arp cache P...

Страница 595: ...he routing module forwarding the request as described in ip helper address on page 16 21 The DHCP BOOTP relay function will detect the DHCP request and make the necessary changes to the header replaci...

Страница 596: ...age If a certain service exists inside the node and there is no need to forward the request to remote networks the no form of this command should be used to disable the forwarding for the specific por...

Страница 597: ...works in conjunction with the ip forward protocol command ip forward protocol on page 16 20 which defines the forward protocol and port number You can use this command to add more than one helper add...

Страница 598: ...ommand to display information about IP protocols running on the device Syntax show ip protocols Parameters None Defaults None Mode Router command Any router mode Usage Enabling CIDR for RIP on the Ent...

Страница 599: ...et Outgoing update filter list for all interfaces is not set Default Version Control Interface Send Recv Key chain Vlan 1 1 1 Vlan 2 1 1 Routing for Networks 182 127 0 0 Routing Information Sources Ga...

Страница 600: ...chable 0 echo 4 echo reply 0 mask requests 2 mask replies 0 quench 0 timestamp 0 info reply 0 time exceeded 0 parameter problem UDP Statistics Rcvd 1 total 0 checksum errors 1 no port Sent 6 total 0 f...

Страница 601: ...ains all the active static routes all the RIP routes and up to three best routes to each network as determined by OSPF The RTM selects up to three of the best routes to each network and installs these...

Страница 602: ...vlan 1 ip route Use this command to add or remove a static IP route Syntax ip route prefix mask forward addr vlan vlan id distance permanent tag value no ip route prefix mask forward addr vlan vlan id...

Страница 603: ...er config ip route 10 0 0 0 255 0 0 0 vlan 100 ip icmp Use this command to re enable the Internet Control Message Protocol ICMP allowing a router to reply to IP ping requests Syntax ip icmp echo reply...

Страница 604: ...shows output from a successful ping to IP address 182 127 63 23 Matrix Router ping 182 127 63 23 Reply from 182 127 63 23 Reply from 182 127 63 23 Reply from 182 127 63 23 PING 182 127 63 23 Statisti...

Страница 605: ...201 2 hop 2 is rtr10 at 192 4 9 10 hop 3 is rtr43 at 192 167 208 43 and hop 4 is back to the host IP address Round trip times for each of the three ICMP probes are displayed before each hop Probe tim...

Страница 606: ...mation A verbose option provides detailed packet information Options are available to both throttle the number of packets per second and limit the number of packets per board Commands debug ip packet...

Страница 607: ...et for throttle 5 and limit 20 with a detail value of verbose Matrix rw set logging here enable Opened 71 at index 5 Matrix rw router Matrix rw Router enable Matrix rw Router configure Matrix rw Route...

Страница 608: ...Example This example shows how to restart the debug IP packet utility Matrix rw Router config debug ip packet restart show debugging Use this command to display the debug IP Packet utility settings Sy...

Страница 609: ...s Matrix DFE Gold Series Configuration Guide 16 33 Parameters None Defaults None Mode Router command Router configuration Matrix Router config Example This example shows how to disable the debug IP pa...

Страница 610: ...Configuring Debug IP Packet no debug ip packet 16 34 IP Configuration...

Страница 611: ...n page 2 103 Important Notice PIM is an advanced routing feature that must be enabled with a license key If you have purchased an advanced license key and have enabled routing on the device you must a...

Страница 612: ...Router config if Vlan 1 Usage The no form of this command disables PIM on an interface Example This example enables PIM sparse mode on VLAN 1 Matrix Router config interface vlan 1 Matrix Router config...

Страница 613: ...ip pim dr priority priority no ip dr priority Parameters Defaults None pim interface Interface of the BSR candidate This interface must be enabled with PIM as described in ip pim sparse mode on page...

Страница 614: ...priority no ip rp address rp address group address group mask Parameters Defaults If not specified a priority value of 192 will be assigned Mode Router command Global configuration Matrix Router confi...

Страница 615: ...dalone device The no form of this command removes the router as an RP candidate Example This example enables the PIM interface at 35 0 0 224 0 0 240 0 0 to advertise itself as an RP candidate with a p...

Страница 616: ...own Syntax show ip pim interface interface Table 17 1 show ip pim bsr Output Details Output What it displays BSR Address IP address of the bootstrap router BSR Priority Priority as set by the ip pim b...

Страница 617: ...mation about discovered PIM neighbors Syntax show ip pim neighbor interface interface Optional Displays information about a specific PIM interface This interface must be enabled with PIM as described...

Страница 618: ...ated multicast routing entries Syntax show ip pim rp group mapping multicast group address interface Optional Displays information about a specific PIM interface This interface must be enabled with PI...

Страница 619: ...n Group s 224 0 0 0 4 RP 192 168 41 1 Priority 2 Expiry 00 01 30 Uptime 07 49 31 RP 192 168 91 1 Priority 5 Expiry 00 01 30 Uptime 07 49 31 Table 17 4 provides an explanation of the command output gro...

Страница 620: ...source address multicast group address summary Parameters Defaults If no optional parameters are specified detailed information about all source and destination addresses will be displayed Mode Route...

Страница 621: ...n 555 Forward Sparse 01 48 54 00 02 33 Vlan 910 Forward Sparse 01 52 43 00 00 00 Vlan 920 Forward Sparse 01 52 43 00 00 00 show ip mforward Use this command to display the IP multicast forwarding tabl...

Страница 622: ...n 555 Forward Sparse Vlan 910 Forward Sparse Vlan 920 Forward Sparse show ip rpf Use this command to display the reverse path of an address in the unicast table Syntax show ip rfp Parameters None Defa...

Страница 623: ...en inside and outside NAT address translation It supports one to one binding local addresses to global addresses and TCP UDP port number translations The dynamic address binding feature is designed fo...

Страница 624: ...se these commands Enable NAT on an inside or outside interface ip nat inside outside Define a NAT address pool ip nat pool name start ip address end ip address netmask netmask prefix length prefix len...

Страница 625: ...e NAT interface Matrix rw router Matrix router enable Matrix router configure terminal Enter configuration commands Matrix Router config interface vlan 1 Matrix Router config if Vlan 1 ip nat inside M...

Страница 626: ...10 10 10 25 10 10 10 45 netmask 255 255 255 0 ip nat inside source list Use this command to enable dynamic translation of inside source addresses Syntax ip nat inside source list access list pool pool...

Страница 627: ...ng pool doc1 on interface vlan 1 Matrix Router config ip nat inside source list 1 pool doc1 interface vlan 1 ip nat inside source static NAT Use this command to enable static NAT translation of inside...

Страница 628: ...s example enables a static NAPT translation of inside source addresses for private local address 10 10 10 51 on port 123 destined for and transmitting from unique public address 45 20 10 6 on port 121...

Страница 629: ...ontrol port 22 ip nat secure plus Use this command to enable force flows to block clients on the outside interface from establishing connections directly to the inside interface addresses Syntax ip na...

Страница 630: ...e number of maximum entries to the default value Example This example sets the maximum number of NAT translation entries to 20000 Matrix Router config ip nat translation max entries 20000 ip nat trans...

Страница 631: ...verbose Parameters None Defaults If verbose is not specified standard output is displayed Mode Router command Global configuration Matrix Router config Examples This example shows a dynamic NAPT trans...

Страница 632: ...00 use 00 00 03 service type ftp control tcp 81 1 1 1 1025 172 111 1 4 50021 DynOver 2 create 07 39 00 use 00 00 03 service type ftp data tcp 81 1 1 1 1026 172 111 1 4 50022 DynOver 16 create 07 39 0...

Страница 633: ...f the verbose version of the above example Matrix Router config show ip nat statistics verbose Nat current status Active Nat secure plus Disable Nat maximum allowed translation entries 32000 All nat t...

Страница 634: ...ne Defaults None Mode Router command Global configuration Matrix Router config Example This example clears dynamic ip NAT translations for this router Matrix Router config clear ip nat translation cle...

Страница 635: ...ults None Mode Router command Global configuration Matrix Router config Usage This command clears an active NAPT translation Use the no ip nat inside source static command to delete a static NAT confi...

Страница 636: ...32000 nat cache nat cache Optional Specifies the maximum NAT cache size for this router Values range from 100 to 2000 Default value of 2000 nat dynamic configs nat dynamic configs Optional Specifies...

Страница 637: ...tem Matrix su show router limits LSNAT maximum Bindings 32000 default LSNAT Cache size 2000 default LSNAT maximum Configs 50 default NAT maximum Bindings 32000 default NAT Cache size 2000 default NAT...

Страница 638: ...to the default value nat cache Optional Specifies the resetting of NAT cache size router limits to the default value nat dynamic configs Optional Specifies the resetting the number of NAT dynamic mapp...

Страница 639: ...nfiguring Network Address Translation NAT Enterasys Matrix DFE Gold Series Configuration Guide 18 17 Example This example resets the NAT cache router limits setting to the default value Matrix rw clea...

Страница 640: ...Configuring Network Address Translation NAT clear router limits NAT 18 18 Network Address Translation NAT Configuration...

Страница 641: ...ions The following considerations must be taken into account when configuring LSNAT on Enterasys Matrix Series devices On chassis based systems only one router per chassis will be allowed to run LSNAT...

Страница 642: ...ne session and would be directed to the same load balancing server for example the server with IP address 10 1 1 1 A request from a different source socket from the same client address to the same vir...

Страница 643: ...rvers configured as part of a server farm group there are two mechanisms that can provide direct client access The first mechanism configured within virtual server configuration mode with the allow ac...

Страница 644: ...d SMTP For ACV verification you specify the following A string that the router sends to a single server The string can be a simple HTTP command to get a specific HTML page or it can be a command to ex...

Страница 645: ...ns on page 19 2 for more information sticky sticky on page 19 10 Configure a real server Optional Display the real server configuration show ip slb reals show ip slb reals on page 19 10 Enable a real...

Страница 646: ...to directly access all services provided by real servers EXCEPT FOR those services configured to be accessed through a configured virtual server See Configuring Direct Access to Real Servers on page...

Страница 647: ...CTION ACTIVE 2 2 ftpserver ROUNDROBIN ACTIVE 2 2 ten ROUNDROBIN ACTIVE 3 3 big ROUNDROBIN ACTIVE 1 1 ip slb ftpctrlport Use this command to specify an FTP control port for load balancing functionality...

Страница 648: ...e Mode Router command Global configuration mode Matrix Router config Usage The no form of this command deletes the server farm from the LSNAT configuration Example This example shows how to identify a...

Страница 649: ...real server 10 1 2 3 to the server farm named httpserver and to configure the port number to be used for the service provided by this server Matrix Router config ip slb serverfarm httpserver Matrix Ro...

Страница 650: ...and SLB Server Farm Configuration mode Matrix Router config slb sfarm Usage See Sticky Persistence Configuration Considerations on page 19 2 for more information This command is used in conjunction wi...

Страница 651: ...l 15 Fail Detect Type ping Current Connections on this real server 0 Current state of this real server UP Maximum Connections Unlimited Real Server Weight 3 InService Real Server IP 10 3 0 2 Real Serv...

Страница 652: ...arm Assigned using the real command as described in real on page 19 8 Real Server Port Port number assigned to this server Fail Detect Ping App Retries Number of failure detection ping UDP application...

Страница 653: ...no form of this command removes the real server from service Example This example shows how to enable the real server IP 10 1 2 3 in the httpserver server farm Matrix Router config ip slb serverfarm h...

Страница 654: ...rm real 10 1 2 4 port 7 type both ping app upd acv udp Specifies that the failure detection mechanism will be ping TCP or UDP application ACV or that both application TCP and ping methods will be used...

Страница 655: ...ed when the faildetect type is ACV This is the command that is sent to the application port of the server and for which it s reply will be validated against the ACV reply string specified in the comma...

Страница 656: ...the command string sent to the server application port 7 Matrix Router config ip slb serverfarm SF UPD Matrix Router config slb sfarm real 10 1 2 4 port 7 Matrix Router config slb real faildetect typ...

Страница 657: ...Router config slb real inservice faildetect read till index Provides for the setting of an exact acv reply string index when the file is not known to the user Syntax faildetect read till index index n...

Страница 658: ...l server at IP 10 1 2 3 in the httpserver server farm Matrix Router config ip slb serverfarm httpserver Matrix Router config slb sfarm real 10 1 2 3 port 80 Matrix Router config slb real faildetect pi...

Страница 659: ...config slb real inservice show ip slb vservers Use this command to display server load balancing virtual server information Syntax show ip slb vservers detail virtserver name detail Parameters Default...

Страница 660: ...ual server Assigned using the ip slb vserver command as described in ip slb vserver on page 19 21 Virtual Server IP Address of the virtual server Assigned with the virtual command as described in virt...

Страница 661: ...tual server will be associated Matrix Router config ip slb serverfarm httpserver Matrix Router config slb sfarm real 10 1 2 1 port 80 Matrix Router config slb real inservice Matrix Router config slb r...

Страница 662: ...server farm Matrix Router config ip slb serverfarm httpserver Matrix Router config slb sfarm real 10 1 2 1 port 80 Matrix Router config slb real inservice Matrix Router config slb real exit Matrix Rou...

Страница 663: ...rm real 10 1 2 3 port 80 Matrix Router config slb real inservice Matrix Router config slb real exit Matrix Router config slb sfarm exit Matrix Router config ip slb vserver virtual http Matrix Router c...

Страница 664: ...ix Router config ip slb serverfarm httpserver Matrix Router config slb sfarm real 10 1 2 1 port 80 Matrix Router config slb real inservice Matrix Router config slb real exit Matrix Router config slb s...

Страница 665: ...ent to use the virtual server Example This example shows how to allow a client at 100 12 22 42 255 255 255 0 to use the virtual server named virtual lsnat Matrix Router config ip slb vserver virtual l...

Страница 666: ...Matrix Router config slb real exit Matrix Router config slb sfarm exit Matrix Router config ip slb vserver virtual http Matrix Router config slb vserver serverfarm httpserver Matrix Router config slb...

Страница 667: ...g slb vserver persistence level sticky Matrix Router config slb vserver inservice allow accessservers Use this command to allow specific clients to access the load balancing real servers in a particul...

Страница 668: ...mation about using this command in conjunction with the virtual server configuration mode command allow accessservers The no form of this command removes direct access for all clients Examples This ex...

Страница 669: ...f no parameters are specified summary information about all active connections will be displayed If detail is not specified summary information will be displayed Mode Router command Any router mode Ex...

Страница 670: ...Port 1110 Protocol TCP Created Time stamp 2004 3 24 14 34 07 Connection State outgoing server reply state Table 19 4 provides an explanation of the detailed command output show ip slb stats Use this...

Страница 671: ...lb sticky Use this command to display server load balancing active sticky connections Syntax show ip slb sticky client ip address Parameters Defaults If client is not specified all server load balanci...

Страница 672: ...r load balancing connections Matrix Router clear ip slb connections all show router limits LSNAT Use this command to display LSNAT router limits Syntax show router limits lsnat bindings lsnat cache ls...

Страница 673: ...TWCB Cache size 2000 default TWCB maximum Configs 1 default This example displays the LSNAT cache size limit for this system Matrix su show router limits lsnat cache LSNAT Cache size 2000 default set...

Страница 674: ...t to 25 This means that up to 25 server farms 25 virtual servers and 25 direct access entries can be configured and up to 250 real servers and 250 client access entries can be configured Matrix rw set...

Страница 675: ...Write Usage This command must be executed from the switch CLI Example This example shows how to reset all chassis based LSNAT limits Matrix rw clear router limits Note Router limits can also be clear...

Страница 676: ...Configuring Load Sharing Network Address Translation LSNAT clear router limits LSNAT 19 36 LSNAT Configuration...

Страница 677: ...c DHCP assigns an IP address to a client for a limited period of time or until the client explicitly relinquishes the address Manual A client s IP address is assigned by the network administrator and...

Страница 678: ...ice on a routing interface required DHCP Supported Options Table 20 1 lists the DHCP server option names and codes supported by the firmware All options specified in Table 20 1 may be configured using...

Страница 679: ...scovery 29 Mask Supplier 30 Perform Router Discovery 31 Router Solicitation Address 32 Static Route 33 Trailer Encapsulation 34 ARP Cache Timeout 35 Ethernet Encapsulation 36 TCP Default TTL 37 TCP Ke...

Страница 680: ...t Finger Server 73 Default IRC Server 74 StreetTalk Server 75 StreetTalk Directory Assistance Server 76 Relay Agent Information 82 Defined in RFC 3046 Subnet Selection 118 Defined in RFC3011 Table 20...

Страница 681: ...ess from any DHCP configuration mode Matrix Router config dhcp host Table 20 2 DHCP Command Modes continued Mode Usage Access Method Resulting Prompt For information about Refer to page ip dhcp server...

Страница 682: ...vlan 1 Matrix Router config if Vlan 1 ip dhcp server ip local pool Use this command to configure a local address pool to use as a DHCP subnet This defines the range of IP addresses to be used by DHCP...

Страница 683: ...one or more addresses from a DHCP local address pool Syntax exclude ip address number no exclude ip address number Parameters Defaults None Mode Router command IP Local Pool configuration Matrix Route...

Страница 684: ...P addresses Example This example shows how to set the number of DHCP ping attempts to 6 Matrix Router config ip dhcp ping packets 6 ip dhcp ping timeout Use this command to specify the amount of time...

Страница 685: ...name Parameters Defaults None Mode Router command Global configuration Matrix Router config Usage The no form of this command deletes a DHCP address pool Example This example shows how to assign the n...

Страница 686: ...omain name mycompany com dns server Use this command to assign one or more DNS servers to DHCP clients Syntax dns server address address2 address8 no dns server Parameters Defaults If address2 address...

Страница 687: ...additional addresses will be configured Mode Router command Any DHCP configuration mode Usage This command configures DHCP option 44 The no form of this command deletes the NetBIOS WINS server list Ex...

Страница 688: ...pe h node default router Use this command to assign a default router list to DHCP clients Syntax default router address address2 address8 no default router Parameters Defaults If address2 address8 is...

Страница 689: ...to specify the default boot image for a DHCP client Syntax bootfile filename no bootfile Parameters Defaults None Mode Router command Any DHCP configuration mode Usage The no form of this command dele...

Страница 690: ...in the boot process Matrix Router config ip dhcp pool localpool Matrix Router config dhcp pool next server 192 168 42 13 option Use this command to configure DHCP options Syntax option code instance...

Страница 691: ...with the 01 value Matrix Router config ip dhcp pool localpool Matrix Router config dhcp pool option 19 hex 01 This example shows how to configure DHCP option 72 which assigns one or more Web servers f...

Страница 692: ...s found in the IP address pool database the Class A B or C natural mask will be used Mode Router command DHCP Pool Configuration mode Matrix Router config dhcp pool Usage The no form of this command r...

Страница 693: ...Matrix Router config ip dhcp pool localpool Matrix Router config dhcp pool client class clientclass1 client identifier Use this command to enable DHCP host configuration mode and associate a client c...

Страница 694: ...uration mode Usage The no form of this command deletes a client name Example This example shows how to assign soho1 as a client name in clientclass1 Matrix Router config ip dhcp pool localpool Matrix...

Страница 695: ...01 f401 2710 ethernet show ip dhcp binding Use this command to display information about one or all DHCP address bindings Syntax show ip dhcp binding ip address Parameters Defaults If ip address is no...

Страница 696: ...d1 12f8 Infinite Manual Y clear ip dhcp binding Use this command to delete one or all automatic DHCP address bindings Syntax clear ip dhcp binding address Parameters Defaults None Mode Router command...

Страница 697: ...K 0 Table 20 3 provides an explanation of the command output Table 20 3 show ip dhcp server statistics Output Details Output What it displays Memory usage Bytes of RAM allocated by the DHCP server Add...

Страница 698: ...ics Parameters None Defaults None Mode Router command Privileged EXEC Matrix Router Example This example shows how to reset all DHCP server counters Matrix Router clear ip dhcp server statistics Recei...

Страница 699: ...cense contact Enterasys Networks Sales Configuring RIP Purpose To enable and configure the Routing Information Protocol RIP RIP Configuration Task List and Commands Table 21 1 lists the tasks and comm...

Страница 700: ...ey to the chain key on page 21 9 Specify an authentication string for the key key string on page 21 9 Set the accept time period the authentication string can be received accept lifetime on page 21 10...

Страница 701: ...isables RIP Example This example shows how to enable RIP Matrix Router configure terminal Matrix Router config router rip Matrix Router config router network Use this command to attach a network of di...

Страница 702: ...rmally a broadcast protocol In order for RIP routing updates to reach nonbroadcast networks the neighbor s IP address must be configured to permit the exchange of routing information The no form of th...

Страница 703: ...orm of this command resets RIP administrative distance to the default value of 120 Example This example shows how to change the default administrative distance for RIP to 1001 Matrix Router config rou...

Страница 704: ...ion regarding better paths is suppressed Syntax timers basic update seconds invalid seconds holdown seconds flush seconds no timers basic Parameters Defaults None Mode Router command Router configurat...

Страница 705: ...ation Matrix Router config if Vlan 1 Usage The no form of this command restores the version of update packets that was transmitted by the RIP module Example This example shows how to set the RIP send...

Страница 706: ...eceived on VLAN 1 Matrix Router config interface vlan 1 Matrix Router config if Vlan 1 ip rip receive version 2 key chain Creates or deletes a key chain used globally for RIP authentication Syntax key...

Страница 707: ...orts only one key per key chain The no form of this command removes the key from the key chain Example This example shows how to create authentication key 3 within the key chain called md5key Matrix R...

Страница 708: ...me start time month date year Parameters text Specifies the authentication string that must be sent and received in RIP packets The string can contain from 1 to 16 uppercase and lowercase alphanumeric...

Страница 709: ...lifetime start time month date year Parameters end time Specifies the hours minutes and seconds hh mm ss and the month date and year from the start time the key is valid to be received infinite Specif...

Страница 710: ...g keychain key send lifetime 02 30 00 nov 30 2002 infinite ip rip authentication keychain Use this command to enable or disable a RIP authentication key chain for use on an interface Syntax ip rip aut...

Страница 711: ...described in ip rip authentication keychain on page 21 12 before RIP authentication mode can be configured The no form of this command suppresses the use of authentication Example This example shows h...

Страница 712: ...P automatic route summarization Matrix Router config router rip Matrix Router config router no auto summary ip rip disable triggered updates Use this command to prevent RIP from sending triggered upda...

Страница 713: ...unreachable rather than implying it by not including the network in routing updates The no form of this command disables split horizon poison reverse Example This example shows how to disable split h...

Страница 714: ...to allow RIP to receive update packets on an interface This does not affect the sending of RIP updates on the specified interface Syntax receive interface vlan vlan id no receive interface vlan vlan...

Страница 715: ...y 192 5 34 0 0 0 0 255 Matrix Router config router rip Matrix Router config router distribute list 1 out vlan redistribute Use this command to allow routing information discovered through non RIP prot...

Страница 716: ...IP routing information discovered via directly connected interfaces will be redistributed ospf Specifies that OSPF routing information will be redistributed in RIP process id Specifies the process ID...

Страница 717: ...rt occurs A restart interval provides for a maximum time in seconds after which the graceful restart will terminate should it not complete or terminate for other reasons within the interval Use the gr...

Страница 718: ...e must have 256M of memory to be router protocol process eligible Upon failure of a module running the router protocol process the protocol process is started on a recovery module One of the first mes...

Страница 719: ...nated router for the network ip ospf priority ip ospf priority on page 21 25 Adjust timers and message intervals timers spf timers spf on page 21 26 ip ospf retransmit interval ip ospf retransmit inte...

Страница 720: ...on page 21 40 Disabling strict LSA checking for graceful restart graceful restart strict lsa checking disable graceful restart strict lsa checking disable on page 21 41 Monitor and maintain OSPF show...

Страница 721: ...nal Matrix Router config router ospf 1 Matrix Router config router network Use this command to configure area IDs for OSPF interfaces Syntax network ip address wildcard mask area area id no network ip...

Страница 722: ...he router ID as a tie breaker for path selection If not specified this will be set to the lowest IP address of the interfaces configured for IP routing The no form of this command resets the router ID...

Страница 723: ...if Vlan 1 ip ospf cost 20 ip ospf priority Use this command to set the OSPF priority value for router interfaces Syntax ip ospf priority number no ip ospf priority Parameters Defaults None Mode Route...

Страница 724: ...val Use this command to set the amount of time between retransmissions of link state advertisements LSAs for adjacencies that belong to an interface Syntax ip ospf retransmit interval seconds no ip os...

Страница 725: ...se this command to set the amount of time required to transmit a link state update packet on an interface Syntax ip ospf transmit delay seconds no ip ospf transmit delay Parameters Defaults None Mode...

Страница 726: ...config if Vlan 1 ip ospf hello interval 5 ip ospf dead interval Use this command to set the number of seconds a router must wait to receive a hello packet from its neighbor before determining that the...

Страница 727: ...s Defaults If password is not specified the password will be set to a blank string Mode Router command Interface configuration Matrix Router config if Vlan 1 Usage The password key set with this comma...

Страница 728: ...F MD5 routing updates between neighboring routers The no form of this command disables MD5 authentication on an interface Example This example shows how to enable OSPF MD5 authentication on VLAN 1 set...

Страница 729: ...sets OSPF administrative distance to the default value of 110 Example This example shows how to change the default administrative distance for external OSPF routes to 100 Matrix Router config router o...

Страница 730: ...nable or disable authentication for an OSPF area Syntax area area id authentication simple message digest no area area id authentication simple message digest Parameters Defaults None Mode Router comm...

Страница 731: ...specified the stub area will be able to receive LSAs Mode Router command Router configuration Matrix Router config router Usage This is an area that carries no external routes The no form of this com...

Страница 732: ...ple shows how to set the cost value for stub area 10 to 99 Matrix Router config router ospf 1 Matrix Router config router area 10 default cost 99 area nssa Use this command to configure an area as a n...

Страница 733: ...an OSPF virtual link which represents a logical connection between the backbone and a non backbone OSPF area Syntax area area id virtual link ip address The options for using this syntax are area area...

Страница 734: ...fies the number of seconds that the hello packets of a router are not communicated to neighbor routers before the neighbor routers determine that the router sending the hello packet is out of service...

Страница 735: ...t RIP routing information will be redistributed in OSPF static Specifies that non OSPF information discovered via static routes will be redistributed Static routes are those created using the ip route...

Страница 736: ...of OSPF link state database overflow a condition where the router is unable to maintain the database in its entirety Syntax database overflow external exit overflow interval interval limit limit warn...

Страница 737: ...verflow limits Example This example shows how to set the OSPF database exit overflow interval to 240 seconds the overflow limit to 3800 LSAs and the warning level to 2500 LSAs Matrix Router config rou...

Страница 738: ...k segment functions as a helper by monitoring the network for topology changes So long as the helper does not see an LSA change it continues to advertise its LSAs as though the restarting router remai...

Страница 739: ...lsa checking disable Use this command to disable strict LSA checking during graceful restart Syntax graceful restart strict lsa checking disable no graceful restart strict lsa checking disable Paramet...

Страница 740: ...p ospf Routing Process ospf 20 with ID 134 141 7 2 Supports only single TOS TOS0 route It is an area border and autonomous system boundary router Summary Link update interval is 0 seconds External Lin...

Страница 741: ...tabase summary link state id show ip ospf database asbr summary link state id show ip ospf database external link state id show ip ospf database nssa external link state id show ip ospf database datab...

Страница 742: ...States Area 0 0 0 0 LinkID ADV Router Age Seq Checksum 182 127 63 1 182 127 62 1 956 0x80000001 0xb6ca Table 21 3 provides an explanation of the command output nssa external Displays nssa external Ty...

Страница 743: ...ow ip ospf border routers OSPF internal Codes i Intra area route I Inter area route i 192 168 22 1 64 via 192 168 11 1 VLAN2 ABR Area 0 SPF 10 i 192 168 22 1 64 via 192 168 11 1 VLAN2 ABR Area 4 SPF 1...

Страница 744: ...n Pre Routing Configuration Tasks on page 2 100 Table 21 4 show ip ospf interface Output Details Output What it displays Vlan Interface VLAN administrative status as up or down Internet Address IP add...

Страница 745: ...mer represents the amount of time a router waits before initiating a designated router backup designated router election The wait timer changes when the dead interval changes The retransmit timer repr...

Страница 746: ...ents a logical connection between the backbone and a non backbone OSPF area Example This example shows how to display OSPF virtual links information Matrix Router show ip ospf virtual links Virtual Li...

Страница 747: ...of the virtual link neighbor and the virtual link status which is up or down Transit area ID of the transit area through which the virtual link is configured via interface Router s interface into the...

Страница 748: ...protocol debugging output to display information about Link State Advertisement generation Matrix Router debug ip ospf lsa generation rfc1583compatible Use this command to enable the OSPF router for R...

Страница 749: ...1 51 Mode Router command Router configuration Matrix Router config router Usage The no form of this command removes OSPF RFC 1583 compatible Example This example shows how to configure RFC 1583 compat...

Страница 750: ...eceive from a particular group Commands ip dvmrp Use this command to enable or disable DVMRP on an interface Syntax ip dvmrp no ip dvmrp Parameters None Defaults None Mode Router command Interface con...

Страница 751: ...Parameters Defaults None Mode Router command Interface configuration Matrix Router config if Vlan 1 Usage To reset the DVMRP metric back to the default value of 1 enter ip dvmrp metric 0 Example This...

Страница 752: ...ID and netmask in prunes and grafts VPGN Matrix Router show ip dvmrp route flag characters used V Neighbor is verified P Neighbor supports pruning G Neighbor supports generation ID N Neighbor supports...

Страница 753: ...ce Syntax ip irdp no ip irdp Parameters None Defaults None Mode Router command Interface configuration Matrix Router config if Vlan 1 Usage The no form of this command disables IRDP on an interface Ex...

Страница 754: ...example shows how to set the maximum IRDP advertisement interval to 1000 seconds on VLAN 1 Matrix Router config interface vlan 1 Matrix Router config if Vlan 1 ip irdp maxadvertinterval 1000 ip irdp m...

Страница 755: ...tax ip irdp holdtime holdtime no irdp holdtime Parameters Defaults None Mode Router command Interface configuration Matrix Router config if Vlan 1 Usage Hold time is automatically set at three times t...

Страница 756: ...Router config if Vlan 1 ip irdp preference 80000000 ip irdp address Use this command to add additional IP addresses for IRDP to advertise Syntax ip irdp address ip address preference no ip irdp prefer...

Страница 757: ...advertisements using broadcast rather than multicast transmissions By default the router sends IRDP advertisements via multicast Syntax no ip irdp multicast Parameters None Defaults None Mode Router c...

Страница 758: ...P information for all interfaces will be displayed Mode Router command Interface configuration Matrix Router config if Vlan 1 Example This example shows how to display IRDP information for VLAN 1 Matr...

Страница 759: ...ters decide who will become master and who will become backup in the event the master fails Commands router vrrp Use this command to enable or disable VRRP configuration mode Syntax router vrrp no rou...

Страница 760: ...Router command Router configuration Matrix Router config router Usage This command must be executed to create an instance of VRRP on a routing interface VLAN before any other VRRP settings can be con...

Страница 761: ...mmand refer to priority on page 21 64 Each VRRP routing interface can support up to 16 virtual router IP addresses A virtual router IP address can be either an address configured on the routing interf...

Страница 762: ...dress vlan 1 1 10 2 2 2 0 Matrix Router config router address vlan 1 1 10 2 2 3 0 priority Use this command to set a priority value for a VRRP router Syntax priority vlan vlan id vrid priority value n...

Страница 763: ...ss matches the real IP address of the interface Therefore when the backup router takes over there would be no device that would answer the ICMP echo for that virtual IP because only the primary was co...

Страница 764: ...AN VRID know the router is still acting as master of the VLAN VRID The no form of this command clears the VRRP advertise interval value Example This example shows how set an advertise interval of 3 se...

Страница 765: ...1 Matrix Router config router vrrp Matrix Router config router critical ip vlan 1 1 182 127 62 3 preempt Use this command to enable or disable preempt mode on a VRRP router Syntax preempt vlan id vri...

Страница 766: ...e this command to set a preempt delay time on a VRRP router Syntax preempt delay vlan id vrid delay timer no preempt delay vlan id vrid Parameters Defaults None Mode Router command Router configuratio...

Страница 767: ...VRRP on an interface Syntax enable vlan vlan id vrid no enable vlan vlan id vrid Parameters Defaults None Mode Router command Router configuration Matrix Router config router Usage Before enabling VR...

Страница 768: ...digest key Use this command to set a VRRP MD5 authentication password on an interface Syntax ip vrrp message digest key vrid md5 password hmac 96 no ip vrrp message digest key Parameters password Spe...

Страница 769: ...x Router config interface vlan 1 Matrix Router config if Vlan 1 ip vrrp message digest key 1 md5 qwer show ip vrrp Use this command to display VRRP routing information Syntax show ip vrrp Parameters N...

Страница 770: ...critical ip interfaces has decremented the priority to 0 Backup The Vrid is operating in the backup state Master The Vrid is operating in the master state ifDown The Vrid is down because the interface...

Страница 771: ...ult priority setting on the port For example if the priority of a port is set to 4 the frames received through that port without a priority indicated in their tag header are classified as a priority 4...

Страница 772: ...Commands show port priority Use this command to display the 802 1D priority for one or more ports Syntax show port priority port string Parameters Defaults If port string is not specified priority fo...

Страница 773: ...n its tag header is assigned a priority according to the priority setting on the port For example if the priority of a port is set to 5 the frames received through that port without a priority indicat...

Страница 774: ...ll cause all frames received without a priority value in its header to be set to priority 0 Example This example shows how to reset fe 1 11 to the default priority Matrix rw clear port priority fe 1 1...

Страница 775: ...ear current port priority queue settings for one or more ports Commands show port priority queue Use this command to display the port priority levels 0 through 7 with 0 as the lowest level associated...

Страница 776: ...priority of 0 frames with 4 or 5 priority at the second highest transmit priority of 2 and frames with 6 or 7 priority at the highest transmit priority of 3 Matrix rw show port priority queue fe 1 7...

Страница 777: ...ar port priority queue Use this command to reset port priority queue settings back to defaults for one or more ports Syntax clear port priority queue port string Parameters Defaults None port string S...

Страница 778: ...2 8 Port Priority and Rate Limiting Configuration Mode Switch command Read Write Example This example shows how to clear the priority queue settings on fe 2 12 Matrix rw clear port priority queue fe 2...

Страница 779: ...the rate exceeds the programmed limit frames are dropped until the rate falls below the limit Commands show port ratelimit Use this command to show the traffic rate limiting configuration on one or mo...

Страница 780: ...ble port string priority threshold disable enable inbound index Parameters Table 22 1 show port ratelimit Output Details Output What it displays Port Number Port designation For a detailed description...

Страница 781: ...clear port ratelimit port string index Parameters Defaults If not specified all index entries will be reset Mode Switch command Read Write priority Specifies the 802 1D 802 1p port priority level ass...

Страница 782: ...Traffic Rate Limiting clear port ratelimit 22 12 Port Priority and Rate Limiting Configuration Example This example shows how to clear all rate limiting parameters on port fe 2 1Matrix rw clear port...

Страница 783: ...s to configure a routed network with IP interfaces that allow the N Series router to send requests for the internet to the correct web caching device There are five aspects to TWCB configuration Creat...

Страница 784: ...an end user s cache resides Any future requests for that web object will be handled by the cache server until the cache entry expires Cache entry expiration is configured in the web based proxy cache...

Страница 785: ...xample creates the s1Server web cache server farm Matrix rw Router config ip twcb wcserverfarm s1Server Matrix rw Router config twcb wcsfarm bypass list range 23 10 hosts redirect range 23 10 ip twcb...

Страница 786: ...lists are cached in cache servers belonging to this server farm If no predictor round robin user list is configured for a server farm all other users not configured in a predictor round robin user lis...

Страница 787: ...Matrix rw Router config ip twcb wcserverfarm s1Server Matrix rw Router config twcb wcsfarm cache 186 89 10 51 Matrix rw Router config twcb cache faildetect type Use this command to specify the TWCB ca...

Страница 788: ...ter is specified all parameters remain unchanged Mode Router command Cache Server Configuration mode Matrix rw Router config twcb cache Example This example sets the failure detection type to the ping...

Страница 789: ...rw Router config twcb wcsfarm cache 186 89 10 51 Matrix rw Router config twcb cache maxconns 1000 inservice Use this command to activate this cache server or web cache Syntax inservice Parameters None...

Страница 790: ...ip twcb webcache cache1 Matrix rw Router config twcb webcache serverfarm s1Server Matrix rw Router config twcb webcache inservice ip twcb webcache Use this command to create a web cache using the spe...

Страница 791: ...web cache cache1 to 8080 Matrix rw Router config ip twcb webcache cache1 Matrix rw Router config twcb webcache http port 8080 serverfarm Use this command to add the specified server farm to this web...

Страница 792: ...ese sites can not be redirected to the cache servers This command provides for the creation of lists of IP addresses that need to bypass the cache servers Example This example creates a bypass list fo...

Страница 793: ...irect range 10 10 10 26 10 10 10 50 ip twcb redirect out Use this command to redirect outbound HTTP traffic from an interface to the cache servers Syntax ip twcb webcache name redirect out Parameters...

Страница 794: ...wcserverfarm serverfarm name Parameters Defaults If no parameter is specified displays details for all configured server farms Mode Router command Matrix rw Router Examples This example displays conf...

Страница 795: ...wcb webcache Web Cache Applied Http Active Active Name Interface Port Status Server Farms cache1 Vlan1 80 inservice s1Server s2Server show ip twcb conns Use this command to display cache server connec...

Страница 796: ...None Defaults None Mode Router Command Matrix rw Router Example This example displays connection stats data for all clients and cache servers Matrix rw Router show ip twcb stats created established de...

Страница 797: ...ow limits Use this command to display the TWCB entry and memory limits Syntax show limits Parameters None Defaults None Mode Router Command Matrix rw Router Example This example displays the TWCB entr...

Страница 798: ...this command to display TWCB router limit configuration settings Syntax show router limits twcb bindings twcb cache twcb configs Parameters Defaults If no parameter is specified all router limit setti...

Страница 799: ...ute Table Limit 12000 default TWCB maximum Bindings 32000 default TWCB Cache size 2000 default TWCB maximum Configs 1 default This example displays the TWCB cache size limit for this system Matrix su...

Страница 800: ...mits setting to the default value Matrix rw clear router limits twcb cache Note Router limits can also be cleared in the following contexts To clear LSNAT router limits see clear router limits LSNAT o...

Страница 801: ...ping with faildetect parameter values changed to an interval of 4 seconds and the number of retries to 5 The s2Server cache servers will use the application faildetect type with faildetect parameter v...

Страница 802: ...x Router config twcb cache inservice Matrix Router config twcb cache exit Matrix Router config twcb wcsfarm Configure cache server 186 89 10 55 Matrix Router config twcb wcsfarm cache 186 89 10 55 Mat...

Страница 803: ...nge 50 10 10 30 50 10 10 43 Matrix Router config twcb webcache hosts redirect deny redirect range 10 10 10 25 10 10 10 30 Matrix Router config twcb webcache exit Matrix Router config Configure the out...

Страница 804: ...TWCB Configuration Example clear router limits TWCB 23 22 Transparent Web Cache Balancing Configuration...

Страница 805: ...hell SSH provides for secure remote CLI management access For details refer to Configuring Secure Shell SSH on page 24 11 IP Access Lists ACLs permits or denies access to routing interfaces based on p...

Страница 806: ...fied ports the switch discards all subsequent frames not containing the configured source addresses The only frames forwarded on a locked port are those with the locked MAC address es for that port Co...

Страница 807: ...maclock Output Details Output What it displays Port Number Port designation For a detailed description of possible port_string values refer to Port String Syntax Used in the CLI on page 4 2 Port Statu...

Страница 808: ...08 14 4b 15 active first learned fe 2 6 08 00 20 20 32 4b active first learned fe 2 9 08 00 20 77 aa 80 active first learned fe 2 12 00 03 ba 08 4c f0 active first learned fe 2 14 00 01 f4 2c ad b4 ac...

Страница 809: ...and configured for a specific MAC address and port string this locks a port so that only designated end station addresses are allowed to participate in frame relay Example This example shows how to en...

Страница 810: ...scribed in set maclock enable on page 24 5 When created and enabled this allows only the end station designated by the MAC address to participate in frame relay port_string Optional Disables MAC locki...

Страница 811: ...o restrict MAC locking to 6 MAC addresses on fe 2 3 Matrix rw set maclock firstarrival fe 2 3 6 set maclock move Use this command to move all current first arrival MACs to static entries Syntax set ma...

Страница 812: ...3 Matrix rw clear maclock firstarrival fe 2 3 6 set maclock static Use this command to restrict MAC locking on a port to a maximum number of static management defined MAC addresses for end stations co...

Страница 813: ...le This example shows how to reset static MAC locking on fe 2 3 Matrix rw clear maclock static fe 2 3 set maclock trap Use this command to enable or disable MAC lock trap messaging Syntax set maclock...

Страница 814: ...aclock trap fe 2 3 enable clear maclock Use this command to clear MAC locking from one or more static MAC addresses Syntax clear maclock all mac address port string Parameters Defaults None Mode Switc...

Страница 815: ...of SSH on the device Syntax show ssh state Parameters None Defaults None Mode Switch command Read Only Examples This example shows how to display SSH status on the device Matrix rw show ssh state SSH...

Страница 816: ...s Syntax set ssh hostkey reinitialize Parameters Defaults None Mode Switch command Read Write Example This example shows how to regenerate SSH keys Matrix rw set ssh hostkey reinitialize show router s...

Страница 817: ...d set router ssh Use this command to enables or disable SSH service to the router Syntax set router ssh enable disable Parameters Defaults None Mode Switch command Read Write Example This example show...

Страница 818: ...re Shell SSH clear router ssh 24 14 Security Configuration Mode Switch command Read Write Example This example shows how to reset SSH service to the router to the default state of disabled Matrix rw c...

Страница 819: ...denies ICMP UDP and IP frames based on restrictions configured with the one of the access list commands For details on configuring standard access lists refer to ip access group on page 24 20 For deta...

Страница 820: ...cified entry in an existing ACL or replaces a specified entry with this new entry log 1 5000 all Enable syslog for ACL entry hits Enable syslog for sequential number of ACL entry or for all ACL entrie...

Страница 821: ...moves entry 16 to the beginning of ACL 22 Matrix Router config access list 22 move 1 16 access list extended Use this command to define an extended IP access list by number when operating in router m...

Страница 822: ...rce2 Optional Moves a sequence of access list entries before another entry Destination is the number of the existing entry before which this new entry will be moved Source1 is a single entry number or...

Страница 823: ...heir ICMP message code The code is a number from 0 to 255 operator port Optional Applies access rules to TCP or UDP source or destination port numbers Possible operands include lt port Match only pack...

Страница 824: ...TCP host 10 1 2 1 eq 42 any This example shows how to define access list 101 to deny TCP packets transmitted from any IP source port with the precedence field set to a value of 3 and the tos field se...

Страница 825: ...nd removes the specified access list Example This example shows how to apply access list 1 for all inbound frames on VLAN 1 Through the definition of access list 1 only frames with destination 192 5 3...

Страница 826: ...ICMP packets protection is enabled the Ping of Death counter will not be incremented Ping of Death is a subset of the fragmented ICMP function Example This example shows how to display Denial of Servi...

Страница 827: ...er config if Vlan vlan_id Usage The no form of this command disables the specified security features land Enables land attack protection and automatically discards illegal frames This can be enabled g...

Страница 828: ...2000 This example shows how to enable spoofed address checking on the VLAN 1 interface Matrix Router config interface vlan 1 Matrix Router config if Vlan 1 hostdos checkspoof clear hostdos counters Us...

Страница 829: ...e FST on the switch and on a port by port basis Configure the maximum flows allowed per user classification port type and the actions that will occur when flow limits are reached Assign a user classif...

Страница 830: ...case it is enabled for FST with an unspecified port classification is currently operational and has no FST action assigned Matrix rw show flowlimit limit port fe 2 1 Flow setup throttling port config...

Страница 831: ...n command as described in set flowlimit action on page 24 28 This limit can be assigned to one or more ports using the set flowlimit class command as described in set flowlimit port on page 24 31 Exam...

Страница 832: ...on2 notify drop disable userport serverport aggregateduser interswitchlink unspecified Parameters limit1 limit2 Specifies the configuration to be removed as limit 1 or 2 userport serverport aggregated...

Страница 833: ...action1 action2 notify drop disable userport serverport aggregateduser interswitchlink unspecified Parameters drop Optional When flow limit is reached drops excess flows and discard packets disable O...

Страница 834: ...userport serverport aggregateduser interswitchlink unspecified Parameters Defaults If port classification type is not specified information related to all classifications will be displayed Mode Switch...

Страница 835: ...tion1 notify limit2 0 action2 disable notify set flowlimit port Use this command to enable or disable flow limiting on one or more port s assign a flow limiting user classification to one or more port...

Страница 836: ...assification type to Fast Ethernet ports 3 5 in module 2 Matrix rw set flowlimit port class userport fe 2 3 5 clear flowlimit port class Use this command to remove flow limiting port classification pr...

Страница 837: ...it on page 24 27 Example This example shows how to enable the flow limit shut down function Matrix rw set flowlimit shutdown enable set flowlimit notification Use this command to enable or disable flo...

Страница 838: ...MP flow limit notification interval Matrix rw clear flowlimit notification interval clear flowlimit stats Use this command to reset flow limiting statistics back to default values on one or more port...

Страница 839: ...s refer to Configuring MAC Authentication on page 25 26 Convergence End Point CEP Convergence Endpoint CEP detection is an Enterasys Networks mechanism for identifying IP phones that are connected to...

Страница 840: ...anular control over user authorization The Enterasys multi user 802 1X implementation includes the following components A Multi Mode Enabled Enterasys Matrix System only when a system is set to operat...

Страница 841: ...information for all ports will be displayed For information about Refer to page show dot1x 25 3 show dot1x auth config 25 5 set dot1x 25 7 set dot1x auth config 25 7 clear dot1x auth config 25 9 auth...

Страница 842: ...henticating 0 EAP Logoff While Authenticating 0 ReAuths While Authenticated 0 EAP Starts While Authenticated 0 EAP Logoff While Authenticated 0 Backend Responses 0 Backend Access Challenges 0 Backend...

Страница 843: ...ol Optional Displays the current value of the controlled Port control parameter for the Port keytxenabled Optional Displays the state of 802 1X key transmission currently in use by the authenticator P...

Страница 844: ...display all 802 1X authentication configuration settings for fe 2 24 Matrix rw show dot1x fe 2 24 Port fe 2 24 Auth Config PAE state Initialize Backend auth State Initialize Admin controlled direction...

Страница 845: ...ix rw set dot1x enable This example shows how to reinitialize fe 2 24 Matrix rw set dot1x init fe 2 24 set dot1x auth config Use this command to configure 802 1X authentication Syntax set dot1x auth c...

Страница 846: ...or disables false 802 1X key transmission by the authenticator PAE state machine maxreq value Specifies the maximum number of authentication requests allowed by the backend authentication state machi...

Страница 847: ...auto on all ports Matrix rw clear dot1x auth config authcontrolled portcontrol This example shows how to reset reauthentication control to disabled on ports fe 1 1 3 Matrix rw clear dot1x auth config...

Страница 848: ...Configuring 802 1X Authentication clear dot1x auth config 25 10 Authentication Configuration Matrix rw clear dot1x auth config quietperiod fe 1 1 3...

Страница 849: ...quirements of an authenticating client needing to send an HTTP request with its web browser Typically the client will need DNS and ARP resolution before it can generate the HTTP request needed to do a...

Страница 850: ...explicitly return a static route for the client or to inform the client that all routes are local meaning the client is its own default gateway For more information on configuring policy profiles refe...

Страница 851: ...mple shows how to display PWA information for ge 2 1 Matrix rw show pwa ge 2 1 PWA Status enabled PWA IP Address 192 168 62 99 PWA Protocol PAP PWA Enhanced Mode N A PWA Logo enabled PWA Guest Network...

Страница 852: ...enabled with RADIUS or no authentication Default state of disabled can be changed using the set pwa gueststatus command as described in set pwa gueststatus on page 25 22 PWA Guest Name Guest user name...

Страница 853: ...formation on disabling 802 1X refer to set dot1x on page 25 7 For information on disabling MAC authentication refer to set macauthentication on page 25 29 Example This example shows how to enable port...

Страница 854: ...name Syntax clear pwa hostname Parameters None Defaults None Mode Switch command Read Write Example This example shows how to clear the PWA host name Matrix rw clear pwa hostname show pwa banner Use...

Страница 855: ...the PWA login banner to Welcome to Enterasys Networks Matrix rw set pwa banner Welcome to Enterasys Networks set pwa displaylogo hide Use this command to disable the currently configured PWA banner S...

Страница 856: ...Syntax set pwa displaylogo display hide Parameters Defaults None Mode Switch command Read Write Example This example shows how to hide the Enterasys Networks logo Matrix rw set pwa displaylogo hide s...

Страница 857: ...ipaddress ip address Parameters Defaults None Mode Switch command Read Write Usage This is the IP address of the end station from which PWA will prevent network access until the user is authenticated...

Страница 858: ...Write Usage When enabled users on unauthenticated PWA ports can type any URL into a browser and be presented the PWA login page on their initial web access They will also be granted guest networking p...

Страница 859: ...ed in set pwa enhancedmode on page 25 20 PWA will use this name to grant network access to guests without established login names and passwords Example This example shows how to set the PWA guest user...

Страница 860: ...ithout established login names and passwords Example This example shows how to set the PWA guest user password name Matrix rw set pwa guestpasword Guest Password Retype Guest Password set pwa gueststa...

Страница 861: ...initialize port string Parameters Defaults If port string is not specified all ports will be initialized Mode Read Write Example This example shows how to initialize ports fe 1 5 7 Matrix rw set pwa i...

Страница 862: ...held state Syntax set pwa maxrequests maxrequests port string Parameters Defaults If port string is not specified maximum requests will be set for all ports Mode Read Write Example This example shows...

Страница 863: ...y Example This example shows how to display PWA session information Matrix rw show pwa session Port MAC IP User Duration Status ge 2 19 00 c0 4f 20 05 4b 172 50 15 121 pwachap10 0 14 46 55 active ge 2...

Страница 864: ...nds show macauthentication Use this command to display MAC authentication information for one or more ports Syntax show macauthentication port string For information about Refer to page show macauthen...

Страница 865: ...output port string Optional Displays MAC authentication information for specific port s For a detailed description of possible port string values refer to Port String Syntax Used in the CLI on page 4...

Страница 866: ...tring Syntax Used in the CLI on page 4 2 Port State Whether or not MAC authentication is enabled or disabled on this port Quiet Period Enables a reauthentication attempt for failed entries at the peri...

Страница 867: ...n session Output Details Output What it displays Port Port designation For a detailed description of possible port string values refer to Port String Syntax Used in the CLI on page 4 2 MAC Address MAC...

Страница 868: ...d to clear the MAC authentication password Syntax clear macauthentication password Parameters None Defaults None Mode Switch command Read Write Examples This example shows how to clear the MAC authent...

Страница 869: ...ameters None Defaults None Mode Switch command Read Write Example This example shows how to clear the MAC authentication significant bits setting Matrix rw clear macauthentication significant bits set...

Страница 870: ...ort string Parameters Defaults None Mode Switch command Read Write Example This example shows how to set the number of allowed MAC authentication sessions to 4 on ge 2 1 Matrix rw set macauthenticatio...

Страница 871: ...and remove any currently active sessions on those ports Syntax set macauthentication portinitialize port string Parameters Defaults None Mode Switch command Read Write Example This example shows how t...

Страница 872: ...authentication enable disable port string Parameters Defaults None Mode Switch command Read Write Example This example shows how to enable MAC reauthentication on ge 4 1 though 5 Matrix rw set macauth...

Страница 873: ...enticate mac_addr Parameters Defaults None Mode Switch command Read Write Example This example shows how to force the MAC authentication session for address 00 60 97 b5 4c 07 to reauthenticate Matrix...

Страница 874: ...tion reauthperiod port string Parameters Defaults If port string is not specified the reauthentication period will be cleared on all ports Mode Switch command Read Write Example This example shows how...

Страница 875: ...period 120 ge 2 1 5 clear macauthentication quietperiod Use this command to clear the macauthentication quiet period on one or more ports to the default value Syntax clear macauthentication quietperi...

Страница 876: ...authentication quietperiod 25 38 Authentication Configuration Usage The default value is 0 never Example This example shows how to clear the macauthentication quietperiod for port ge 1 1 Matrix rw cle...

Страница 877: ...for detection Default UDP ports are 1718 1719 1720 Default group address is 224 0 1 41 The commands in this section can be used to configure H 323 detection using new parameters A second default H 323...

Страница 878: ...ery Time MON FEB 06 02 31 42 2006 Firmware Version Address Type unknown Endpoint IP unavailable Endpoint MAC 00 04 0d 01 f8 35 show cep detection Use this command to display CEP phone detection parame...

Страница 879: ...ection information Matrix show cep detection Global CEP state enabled Detection Rules for Index 1 Endpoint Phone Type h323 Protocol tcp udp Port Low 1718 Port High 1720 Address Type unknown Address Ma...

Страница 880: ...CEP types Syntax show cep port port string Parameters Defaults None Mode Read Only Examples This example shows how to display CEP status information for port fe 1 21 Matrix show cep port fe 1 21 Port...

Страница 881: ...ne detection on port fe 3 1 Matrix set cep port fe 3 1 cisco enable set cep policy Use this command to set a global default policy for a CEP detection type Syntax set cep policy cisco h323 siemens sip...

Страница 882: ...or enable disable or remove an existing group Syntax set cep detection id id create delete disable enable Parameters Defaults None Mode Switch command Read Write cisco Set the Cisco global default pol...

Страница 883: ...tion uses CiscoDP as its discovery method There are currently 3 manual detection types Siemens H323 SIP Under manual detection configuration for each of the types the Endpoint Phone Type will be liste...

Страница 884: ...will have no IP address configured Example This example shows how to set an IP address of 10 1 1 3 and mask for detection group 1 Matrix set cep detection id 1 address 10 1 1 3 mask 255 255 0 0 set ce...

Страница 885: ...oints detection for CEP detection group 1 Matrix set cep detection id 1 protocol both set cep detection id porthigh portlow Use this command to set the maximum and minimum ports used for TCP or UDP co...

Страница 886: ...group 1 Matrix set cep detection id 1 portlow 65 set cep initialize Use this command to clear all existing CEP connections for one or more CEP enabled ports Syntax set cep initialize port string Param...

Страница 887: ...is example shows how to clears ports fe 1 1 5 of Cisco phone detection parameters Matrix clear cep port fe 1 1 5 cisco all Restores factory defaults to all CEP configuration information policy Restore...

Страница 888: ...sical port the user device is authenticating on Filter ID Attribute Formats Enterasys Networks supports two Filter ID formats decorated and undecorated The decorated format has three forms To specify...

Страница 889: ...tion login is any set authentication login Use this command to set the authentication login method Syntax set authentication login any local radius tacacs Parameters For information about Refer to pag...

Страница 890: ...gin method to use the local password settings Matrix rw set authentication login local clear authentication login Use this command to reset the authentication login method to the default setting of an...

Страница 891: ...onfiguration Syntax show radius state retries authtype timeout server index all Parameters For information about Refer to page show radius 25 53 set radius 25 54 clear radius 25 55 show radius account...

Страница 892: ...cess any index all Parameters Table 25 4 show radius Output Details Output What it displays RADIUS state Whether the RADIUS client is enabled or disabled RADIUS retries Number of retry attempts before...

Страница 893: ...authenticate management access only Matrix rw set radius realm management access all This example shows how to set the RADIUS timeout to 5 seconds Matrix rw set radius timeout 5 This example shows how...

Страница 894: ...mum state server index all Parameters state Optional Resets the RADIUS client state to the default setting of disabled retries Optional Resets the maximum number of attempts a user can contact the RAD...

Страница 895: ...Index IP Port Retries Timeout Status 1 1 1 1 1 1236 2 5 Primary set radius accounting Use this command to configure RADIUS accounting Syntax set radius accounting enable disable intervalminimum value...

Страница 896: ...s to 10 on server 6 Matrix rw set radius accounting retries 10 6 clear radius accounting Use this command to clear RADIUS accounting configuration settings Syntax clear radius accounting server index...

Страница 897: ...terasys Matrix DFE Gold Series Configuration Guide 25 59 Defaults None Mode Switch command Read Write Example This example shows how to reset the RADIUS accounting timeout to 5 seconds on all servers...

Страница 898: ...n and class of service to be provided Enterasys Networks Layer 2 switches utilize two specific attributes to implement the provisioning of service in response to a successful authentication A propriet...

Страница 899: ...gged untagged unknown set vlanauthorization Use this command to set the VLAN Authorization attributes Syntax set vlanauthorization enable disable port port list enable disable none tagged untagged dyn...

Страница 900: ...clear vlanauthorization Use this command to clear the VLAN Authorization attributes to the defaults Syntax clear vlanauthorization port list all Parameters Defaults None Mode Switch command Read Writ...

Страница 901: ...mands show tacacs Use this command to display the current TACACS configuration information and status Syntax show tacacs state Parameters Defaults If state is not specified all TACACS configuration in...

Страница 902: ...enabled or disabled TACACS session accounting state Whether TACACS session accounting is enabled or disabled TACACS command authorization state Whether TACACS command authorization is enabled or disab...

Страница 903: ...is enabled the login authentication is switched to RADIUS or local if enabled Examples This example shows how to enable the TACACS client Matrix rw set tacacs enable show tacacs server Use this comma...

Страница 904: ...meout seconds set tacacs server index address port secret Parameters Defaults None Mode Switch command Read Write Example This example configures TACACS server 1 The default timeout value of 10 second...

Страница 905: ...display the current TACACS client session settings Syntax show tacacs session authorization accounting state Parameters Defaults If state is not specified all session accounting configuration paramet...

Страница 906: ...nable disable Enables or disables TACACS session accounting authorization Specifies that TACACS session authorization is being configured service name Specifies the name of the service that the TACACS...

Страница 907: ...service requested by the TACACS client as the service name basic Matrix rw set tacacs session authorization service basic This example maps the Matrix read write access privilege level to an attribute...

Страница 908: ...status enabled or disabled of TACACS accounting or authorization on a per command basis Syntax show tacacs command accounting authorization state Parameters Defaults If state is not specified all acc...

Страница 909: ...executed during the session When per command authorization is enabled the TACACS server will check whether each command is permitted for that authorized session and return a success or fail If the au...

Страница 910: ...t TACACS single connect state enabled set tacacs singleconnect Use this command to enable or disable the ability of the TACACS client to send multiple requests over a single TCP connection When enable...

Страница 911: ...ributes to be applied to the traffic The client sends a RADIUS Access Request frame to the RADIUS server to initiate the authentication process This request frame contains the Calling Station ID attri...

Страница 912: ...S statistics Purpose To enable configure and display information for RADIUS Snooping used by the network manager to manage downstream connections when the full complement of Enterasys SecureNetworks c...

Страница 913: ...sponse frame to be returned from the RADIUS server after successfully snooping a RADIUS request frame from the client Syntax set radius snooping timeout seconds Parameters Defaults None Mode Read Writ...

Страница 914: ...This value is the maximum number of users per port for all authentication clients In some cases it may be necessary to drop RADIUS traffic in order to maintain session consistency between the distribu...

Страница 915: ...rt Flow entries are added to the flow table based upon the entry index value The first matching entry in the table is the entry used for the continuation of the authentication process If a secret is c...

Страница 916: ...es all RS sessions associated with port ge 1 1 by initializing the port Matrix rw set radius snooping initialize port ge 1 1 clear radius snooping all Use this command to reset all RS configuration to...

Страница 917: ...the index value to clear flows for a particular port Examples This example clears all flow table entries Matrix rw clear radius snooping flow all This example clears the flow table entry for index 5 M...

Страница 918: ...ng port port string Parameters Defaults None Mode Read Only Example This example displays the RS status for port fe 1 1 Matrix rw show radius snooping port fe 1 1 Radius Snooping Enabled Port Port Sta...

Страница 919: ...s 17 Number pending 4 Total Sessions 85 Total RADIUS Access Requests 242 Table 26 2 Radius Snooping Port Settings Output What it displays Port Specifies the port s currently enabled for RS Port State...

Страница 920: ...ons Specifies the number of active sessions for this flow Number pending Specifies the number of valid RADIUS request frames pending but no matching RADIUS response frame has been seen These sessions...

Страница 921: ...adius Snooping Session Port Settings Output What it displays MAC Address Specifies the MAC address associated with the session information in this display Port Specifies the port ID associated with th...

Страница 922: ...Understanding RADIUS Snooper show radius snooping session 26 12 RADIUS Snooping Configuration...

Страница 923: ...will determine which RADIUS returned filter ID will be processed and result in an applied traffic policy profile DFE Gold Multi User Capacities Matrix DFE Gold modules support one authenticated user...

Страница 924: ...t 27 6 clear multiauth port 27 7 show multiauth station 27 8 clear multiauth station 27 8 show multiauth session 27 9 show multiauth idle timeout 27 10 set multiauth idle timeout 27 10 clear multiauth...

Страница 925: ...auth mode multi clear multiauth mode Use this command to clear the system authentication mode Syntax clear multiauth mode Parameters None Defaults None Mode Switch command Read Write Example This exam...

Страница 926: ...erational precedence dot1x mac pwa cep show multiauth counters Use this command to display multiauth counter values Syntax show multiauth counters cep dot1x mac pwa chassis port portstring chassis cep...

Страница 927: ...ed by more than one method at the same time the precedence of the authentication methods will determine which RADIUS returned filter ID will be processed and result in an applied traffic policy profil...

Страница 928: ...information will be displayed for all ports Mode Switch command Read Only Example This example shows how to display multiple authentication information for ports fe 1 1 4 Matrix rw show multiauth port...

Страница 929: ...shows how to clear the port multiple authentication mode on all 1 Gigabit Ethernet ports Matrix rw clear multiauth port mode ge mode auth opt auth reqd force auth force unauth Specifies the port s mul...

Страница 930: ...ltiauth station Port Address type Address fe 1 20 mac 00 10 a4 9e 24 87 fe 2 16 mac 00 b0 d0 e5 0c d0 clear multiauth station Use this command to clear one or more multiple authentication station entr...

Страница 931: ...mmand Read Only Example This example shows how to display multiple authentication session Matrix rw show multiauth session Multiple authentication session entries Port fe 2 2 Station address 00 01 f4...

Страница 932: ...pes dot1x pwa mac and cep Example This example shows how to display timeout values for an idle session for each of the authentication types Matrix rw show multiauth idle timeout Authentication type Ti...

Страница 933: ...tiauth idle timeout 600 clear multiauth idle timeout Use this command to reset the maximum number of consecutive seconds an authenticated session may be idle before termination of the session to the d...

Страница 934: ...Matrix rw clear multiauth idle timeout mac This example shows how to clear the idle timeout session values for all authentication types back to the default value of 300 seconds Matrix rw set multiauth...

Страница 935: ...shows how to set the session timeout value for an active session for cep and mac authentication to 500 seconds Matrix rw set multiauth session timeout cep 500 Matrix rw set multiauth session timeout...

Страница 936: ...ix rw clear multiauth idle timeout cep Matrix rw clear multiauth idle timeout mac This example shows how to clear the session timeout values for an active session for all authentication types to the d...

Страница 937: ...ed in system disabled traps are not sent when max users reached in system module Configures multiauth module trap settings as follows enabled traps are sent when max users reached in module disabled t...

Страница 938: ...uccess failed terminated max reached Parameters Defaults None Mode Switch command Read Only Example This example shows how to display multiple authentication trap settings for port ge 1 1 4 Matrix rw...

Страница 939: ...ultiple Authentication Enterasys Matrix DFE Gold Series Configuration Guide 27 17 Matrix rw This example shows how to display multiple authentication trap system settings Matrix rw show multiauth trap...

Страница 940: ...Configuring Multiple Authentication show multiauth trap 27 18 MultiAuth Configuration...

Страница 941: ...one detection 25 39 Copying Configuration or Image Files 2 86 Cost area default 21 34 OSPF 21 24 21 34 Spanning Tree port 6 60 D Debugging OSPF 21 50 Defaults CLI behavior described 2 6 factory instal...

Страница 942: ...Management assigning classification rules 8 7 classifying to a VLAN or Class of Service 8 8 8 14 profiles 8 2 8 21 Port Mirroring 4 52 Port Priority configuring 22 2 Port String syntax used in the CLI...

Страница 943: ...Trap SNMP configuration example 5 3 U Updates disable RIP triggered 21 14 RIP distribute list 21 17 User Accounts default 2 7 setting 2 15 V Version RIP receive 21 7 RIP send 21 7 Version Information...

Страница 944: ...Index 4...

Отзывы:

Нет отзывов

Похожие инструкции для Enterasys Matrix DFE-Gold Series

Fantech DB10 Installation Instructions preview
DB10
Бренд: Fantech Страницы: 4
KanexPro MX-HDBT8X818G Manual preview
MX-HDBT8X818G
Бренд: KanexPro Страницы: 16
Handic VIC-Switch User Manual preview
VIC-Switch
Бренд: Handic Страницы: 2
Cole Hersee 75920 Quick Start Manual preview
75920
Бренд: Cole Hersee Страницы: 2
netvox ZigBee Z815B User Manual preview
ZigBee Z815B
Бренд: netvox Страницы: 14
DANLERS EZ CESR Installation Notes preview
EZ CESR
Бренд: DANLERS Страницы: 2
König KNVMA3444 Instruction preview
KNVMA3444
Бренд: König Страницы: 8
KYLAND SICOM3432G Series Hardware Installation Manual preview
SICOM3432G Series
Бренд: KYLAND Страницы: 29
Lancom GS-1224P Manual preview
GS-1224P
Бренд: Lancom Страницы: 71
Cross Technologies 1582-650 Instruction Manual preview
1582-650
Бренд: Cross Technologies Страницы: 11
IMC Networks Giga-AcessEtherLinx-II Operation Manual preview
Giga-AcessEtherLinx-II
Бренд: IMC Networks Страницы: 40
Byte Delight ZX-HD Manual preview
ZX-HD
Бренд: Byte Delight Страницы: 12
Ev-ent Hire ENTERTAINMENT HUB Instructions preview
ENTERTAINMENT HUB
Бренд: Ev-ent Hire Страницы: 5
Exsys EX-1189HMVS-3 Manual preview
EX-1189HMVS-3
Бренд: Exsys Страницы: 16
Conceptronic CKVM2M Quick Installation Manual preview
CKVM2M
Бренд: Conceptronic Страницы: 28
Kramer VS-28 User Manual preview
VS-28
Бренд: Kramer Страницы: 10
Manhattan 151245 Instructions preview
151245
Бренд: Manhattan Страницы: 2
Xtreme EX-6010 TW User Manual preview
EX-6010 TW
Бренд: Xtreme Страницы: 15

Бренды по названию

Популярные бренды

Загрузить еще бренды