manualshive.com logo in svg

FoxGate S6124, Руководство по управлению

Поделиться
Скачать
FoxGate S6124 Скачать руководство пользователя страница 22

 

22 

 

Chapter 1 Commands for Basic Switch 

Configuration 

1.1 Commands for Basic Configuration 

1.1.1 authentication line 

Command: authentication line {console | vty | web} login {local | radius | tacacs} 

no authentication line {console | vty | web} login 

Function: 

Configure VTY (login with Telnet and SSH), Web and Console, so as to select 

the priority of the authentication mode for the login user. The no form command restores 

the default authentication mode.     

Default: 

No  configuration  is  enabled  for  the  console  login  method  by  default.  Local 

authentication is enabled for the VTY and Web login method by default.

 

Command Mode: 

Global Mode. 

Usage  Guide: 

The  authentication  method  for  Console,  VTY  and  Web  login  can  be 

configured  respectively.  And  authentication  method  can  be  any  one  or  combination  of 

Local,  RADIUS  or  TACCACS.  When  login  method  is  configuration  in  combination,  the 

preference  goes  from  left  to  right.  If  the  users  have  passed  the  authentication  method, 

authentication method of lower preferences will be ignored. To be mentioned, if the user 

receives correspond protocol

‘s answer whether refuse or incept, it will not attempt the next 

authentication method (Exception: if the local authentication method failed, it will attempt 

the  next  authentication  method  );  it  will  attempt  the  next  authentication  method  if    it 

receives  nothing.  And  AAA  function  RADIUS  server  should  be  configured  before  the 

RADIUS  configuration  method  can  be  used.  And  TACACS  server  should  be  configured 

before the TACACS configuration method can be used. 

 

The 

authentication  line  console  login

  command  is  exclusive  with  the 

login

 

command. The 

authentication line console login

 command configures the switch to use 

the Console login method. And the 

login

 command makes the Console login to use the 

passwords configured by the 

password

 command for authentication. 

 

If local authentication is configured while no local users are configured, users will be 

able to login the switch via the Console method. 

Example: 

To  configure  the  Telnet  and  ssh  login  method  to  use  RADIUS  authentication 

method.

 

Switch(config)# authentication line vty login local radius 

Содержание S6124

Страница 1: ...able password 25 1 1 9 end 25 1 1 10 exec timeout 26 1 1 11 exit 26 1 1 12 help 26 1 1 13 hostname 27 1 1 14 ip host 27 1 1 15 ipv6 host 28 1 1 16 ip http server 28 1 1 17 language 29 1 1 18 login 29...

Страница 2: ...ax connection 40 1 2 12 ssh server authentication retries 40 1 2 13 ssh server enable 41 1 2 14 ssh server host key create rsa 41 1 2 15 ssh server max connection 41 1 2 16 ssh server timeout 42 1 2 1...

Страница 3: ...TCH UPGRADE 57 1 5 1 copy FTP 57 1 5 2 copy TFTP 59 1 5 3 ftp dir 60 1 5 4 ftp server enable 60 1 5 5 ftp server timeout 61 1 5 6 ip ftp 61 1 5 7 show ftp 61 1 5 8 show tftp 62 1 5 9 tftp server enabl...

Страница 4: ...width 76 3 1 2 combo forced mode 77 3 1 3 clear counters interface 78 3 1 4 flow control 78 3 1 5 interface ethernet 79 3 1 6 loopback 79 3 1 7 mdi 80 3 1 8 name 80 3 1 9 negotiation 81 3 1 10 port sc...

Страница 5: ...AL SHUTDOWN 96 6 6 ULDP RESET 97 6 7 ULDP RECOVERY TIME 97 6 8 SHOW ULDP 97 6 9 DEBUG ULDP FSM INTERFACE ETHERNET 98 6 10 DEBUG ULDP ERROR 98 6 11 DEBUG ULDP EVENT 99 6 12 DEBUG ULDP PACKET 99 6 13 DE...

Страница 6: ...GROUP 112 CHAPTER 9 COMMANDS FOR JUMBO 117 9 1 JUMBO ENABLE 117 CHAPTER 10 VLAN CONFIGURATION 117 10 1 COMMANDS FOR VLAN CONFIGURATION 117 10 1 1 debug gvrp 117 10 1 2 gvrp 118 10 1 3 garp timer hold...

Страница 7: ...130 11 2 4 show port security 131 11 2 5 show port security address 132 11 2 6 show port security interface 132 11 2 7 switchport port security 133 11 2 8 switchport port security convert 134 11 2 9...

Страница 8: ...spanning tree digest snooping 147 12 1 23 spanning tree tcflush Global mode 148 12 1 24 spanning tree tcflush Port mode 148 12 2 COMMANDS FOR MONITOR AND DEBUG 149 12 2 1 show spanning tree 149 12 2 2...

Страница 9: ...ACE 169 15 1 1 interface vlan 169 15 1 2 ip address 169 15 1 3 ip default gateway 170 15 1 4 debug ip packet 170 15 1 5 show ip traffic 171 15 1 6 show ip route 173 15 2 COMMANDS FOR IPV6 CONFIGURATIO...

Страница 10: ...I ARPSCAN TRUST IP 190 16 6 ANTI ARPSCAN RECOVERY ENABLE 190 16 7 ANTI ARPSCAN RECOVERY TIME 191 16 8 ANTI ARPSCAN LOG ENABLE 191 16 9 ANTI ARPSCAN TRAP ENABLE 191 16 10 SHOW ANTI ARPSCAN 192 16 11 DE...

Страница 11: ...ng 204 20 1 13 ip dhcp excluded address 205 20 1 14 ip dhcp pool 205 20 1 15 ip dhcp conflict ping detection enable 205 20 1 16 ip dhcp ping packets 206 20 1 17 ip dhcp ping timeout 206 20 1 18 lease...

Страница 12: ...21 22 SERVICE DHCPV6 223 21 23 SHOW IPV6 DHCP 223 21 24 SHOW IPV6 DHCP BINDING 224 21 25 SHOW IPV6 DHCP INTERFACE 224 21 26 SHOW IPV6 DHCP LOCAL POOL 225 21 27 SHOW IPV6 DHCP POOL 225 21 28 SHOW IPV6...

Страница 13: ...OOPING INFORMATION ENABLE 245 CHAPTER 24 IPV4 MULTICAST PROTOCOL 245 24 1 COMMANDS FOR DCSCM 245 24 1 1 access list Multicast Destination Control 245 24 1 2 access list Multicast Source Control 246 24...

Страница 14: ...source address 260 24 2 17 ip igmp snooping vlan static group 260 24 2 18 ip igmp snooping vlan suppression query time 261 24 2 19 show ip igmp snooping 261 CHAPTER 25 IPV6 MULTICAST PROTOCOL 264 25 1...

Страница 15: ...2 27 9 FIREWALL 282 27 10 FIREWALL DEFAULT 282 27 11 IP ACCESS EXTENDED 283 27 12 IP ACCESS STANDARD 283 27 13 IPV6 ACCESS LIST 284 27 14 IPV6 ACCESS STANDARD 284 27 15 IP IPV6 MAC MAC IP ACCESS GROUP...

Страница 16: ...28 17 DOT1X PRIVATECLIENT ENABLE 305 28 18 DOT1X RE AUTHENTICATE 306 28 19 DOT1X RE AUTHENTICATION 306 28 20 DOT1X TIMEOUT QUIET PERIOD 307 28 21 DOT1X TIMEOUT RE AUTHPERIOD 307 28 22 DOT1X TIMEOUT TX...

Страница 17: ...2 1 TACACS SERVER AUTHENTICATION HOST 322 32 2 TACACS SERVER KEY 322 32 3 TACACS SERVER NAS IPV4 323 32 4 TACACS SERVER TIMEOUT 323 32 5 DEBUG TACACS SERVER 324 CHAPTER 33 COMMANDS FOR RADIUS 325 33 1...

Страница 18: ...HTTP SECURE SERVER STATUS 338 34 5 DEBUG SSL 338 CHAPTER 35 COMMANDS FOR IPV6 SECURITY RA 340 35 1 IPV6 SECURITY RA ENABLE 340 35 2 IPV6 SECURITY RA ENABLE 340 35 3 SHOW IPV6 SECURITY RA 341 35 4 DEB...

Страница 19: ...3 38 6 SFLOW COUNTER INTERVAL 353 38 7 SFLOW RATE 353 38 8 SHOW SFLOW 354 CHAPTER 39 COMMANDS FOR SNTP 355 39 1 DEBUG SNTP 355 39 2 SNTP SERVER 356 39 3 SNTP POLLTIME 356 39 4 SNTP TIMEZONE 357 39 5 S...

Страница 20: ...GGING 371 41 8 SHOW FLASH 371 41 9 SHOW HISTORY 371 41 10 SHOW LOGGING BUFFERED 372 41 11 SHOW MEMORY 372 41 12 SHOW RUNNING CONFIG 373 41 13 SHOW STARTUP CONFIG 373 41 14 SHOW SWITCHPORT INTERFACE 37...

Страница 21: ...OTOCOL 382 43 7 DEBUG DRIVER 383 CHAPTER 44 COMMANDS FOR POE 383 44 1 COMMANDS FOR POE CONFIGURATION 383 44 1 1 power inline enable Global 383 44 1 2 power inline enable Port 384 44 1 3 power inline l...

Страница 22: ...cation method of lower preferences will be ignored To be mentioned if the user receives correspond protocol s answer whether refuse or incept it will not attempt the next authentication method Excepti...

Страница 23: ...e first booting IMG file the nos img file in the FLASH without the second one Usage Guide The first and second img files can only use img files stored in switch Example Set flash nos img as the second...

Страница 24: ...Command mode Admin Mode Default upon first time start up it is defaulted to 2001 1 1 0 0 0 Usage guide The switch can not continue timing with power off hence the current date and time must be first s...

Страница 25: ...ommand enable password 0 7 password no enable password Function Configure the password used for enter Admin Mode from the User Mode The no enable password command deletes this password Parameter passw...

Страница 26: ...es Usage guide To secure the switch as well to prevent malicious actions from unauthorized user the time will be count from the last configuration the admin had made and the system will exit the admin...

Страница 27: ...s of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is...

Страница 28: ...ipv6 host hostname all Function Configure the mapping relationship between the IPv6 address and the host the no ipv6 host hostname command deletes this mapping relationship Parameter hostname is the n...

Страница 29: ...1 1 18 login Command login no login Function login enable password authentication no login command cancels the login configuration Command mode Global mode Default No login by default Usage guide By...

Страница 30: ...d encryption by system default Usage guide The current unencrypted passwords as well as the coming passwords configured by password enable password ip ftp and username command will be encrypted by exe...

Страница 31: ...Example Set the factory contact mode to test Switch config sysContact test 1 1 24 sysLocation Command sysLocation LINE no sysLocation Function Set the factory address the no sysLocation command reset...

Страница 32: ...mand show clock Function Display the current system clock Command mode Admin and Configuration Mode Usage Guide If the system clock is inaccurate user can adjust the time by examining the system date...

Страница 33: ...e level of the commands that the user is able to execute its value is limited between 1 and 15 and 1 by default password is the password for the user If input option 0 on password setting the password...

Страница 34: ...figuration user1 and user2 will be denied Switch config username admin privilege 15 password 0 admin Switch config username user1 privilege 1 password 7 4a7d1ed414474e4033ac29ccb8653d9b The password i...

Страница 35: ...tication ipv6 access class num std name no authentication ipv6 access class Function Binding standard IPv6 ACL protocol to login with Telnet SSH Web the no form command will cancel the binding ACL Par...

Страница 36: ...the TACACS configuration method can be used The authentication line console login command is exclusive with the login command The authentication line console login command configures the switch to us...

Страница 37: ...the trusted IPv6 address is configured only clients with trusted IPv6 addresses are able to login the switch Up to 32 trusted IPv6 addresses can be configured in the switch Example Configure the secur...

Страница 38: ...l no length cancels the screen switching operation and display content once in all Parameter Columns of characters displayed in each screen ranging between 0 512 0 refers to non stop display Command m...

Страница 39: ...TCP connection with the remote host To connect to another remote host the current TCP connection must be disconnected with a hotkey CTRL To telnet a host name mapping relationship between the host nam...

Страница 40: ...on Default The system default value of the max connection number is 5 Command Mode Global Mode Usage Guide None Example Set the max connection number supported by the Telnet service as 10 Switch confi...

Страница 41: ...t value is 1024 Command mode Global Mode Default The system uses the key generated when the ssh server is started at the first time Usage Guide This command is used to generate the new host key When S...

Страница 42: ...t value for SSH authentication the no ssh server timeout command restores the default timeout value for SSH authentication Parameter timeout is timeout value valid range is 10 to 600 seconds Command m...

Страница 43: ...ace vlan vlan id Function Enter the VLAN interface configuration mode the no operation of this command will delete the existing VLAN interface Parameters vlan id is the VLAN ID of an existing VLAN ran...

Страница 44: ...dress Command ipv6 address ipv6address prefix length eui 64 no ipv6 address ipv6address prefix length eui 64 Function Configure aggregatable global unicast address site local address and link local ad...

Страница 45: ...k Example Get IP address through BootP Switch config interface vlan 1 Switch Config if Vlan1 ip bootp client enable Switch Config if Vlan1 exit Switch config Relative command ip address ip dhcp client...

Страница 46: ...ocate the problem causes Example Switch debug snmp mib 1 4 2 debug snmp kernel Command debug snmp kernel no debug snmp kernel Function Enable the SNMP kernel debugging the no debug snmp kernel command...

Страница 47: ...errors 0 Number of requested variables 0 Number of altered variables 0 Get request PDUs 0 Get next PDUs 0 Set request PDUs 0 SNMP packets output 0 Too big errors Max packet size 1500 0 No such name er...

Страница 48: ...or SNMP packets maximum packet size Maximum length of SNMP packets no such name errors Number of packets requesting for non existent MIB objects bad values errors Number of Bad_values error SNMP packe...

Страница 49: ...ew name Notify View Notify view name no writeview specified No view name specified by the user 1 4 7 show snmp mib Command show snmp mib Function Display all MIB supported by the switch Command Mode A...

Страница 50: ...e ID 1234567890 Auth Protocol MD5 Priv Protocol DES CBC Row status active Displayed Information Explanation User name User name Engine ID Engine ID Priv Protocol Employed encryption algorithm Auth Pro...

Страница 51: ...for standard numeric ACL ranging between 1 99 name is the access class name for standard ACL the character string length is ranging between 1 32 ipv6 num std is the access class number for standard nu...

Страница 52: ...proxy server function Command mode Global mode Default SNMP proxy server function is disabled by system default Usage guide To perform configuration management on the switch with network manage softw...

Страница 53: ...ring access num std name ipv6 access ipv6 num std ipv6 name no snmp server group group string NoauthNopriv AuthNopriv AuthPriv access num std name ipv6 access ipv6 num std ipv6 name Function This comm...

Страница 54: ...1 v2c versions this command configures the IPv4 or IPv6 address and Trap community character string of the network manage station receiving the SNMP Trap message And for v3 version this command is use...

Страница 55: ...Command Mode Global Mode Parameter ipv4 address is NMS security IPv4 address point separated decimal format ipv6 address is NMS security IPv6 address colon separated hex format Usage Guide It is only...

Страница 56: ...able OID as parameter But also supports the input using the node name of the parameter Example Create a view the name is readview including iso node but not including the iso 3 node Switch config snmp...

Страница 57: ...n is selected the authentication must be done When deleting a user if correct username and incorrect group name is inputted the user can still be deleted Example Add a new user tester in the UserGroup...

Страница 58: ...command supports command line hints namely if the user can enter commands in following forms copy filename ftp or copy ftp filename and press Enter following hints will be provided by the system ftp s...

Страница 59: ...ddress is the IPv4 or IPv6 address of the TFTP server client hostname is the name of the host mapping with the IPv6 address it does not support the file download and upload with hosts mapping with IPv...

Страница 60: ...er name password is the FTP user password ipv4address ipv6address is the IPv4 or IPv6 address of the FTP server Command Mode Admin Mode Example Browse the list of the files on the server with the FTP...

Страница 61: ...ip ftp username username Function Configure the username and password for logging in to the FTP the no operation of this command will delete the configured username and password simultaneously Paramet...

Страница 62: ...imeout Timeout time Retry Times Retransmission times 1 5 9 tftp server enable Command tftp server enable no tftp server enable Function Start TFTP server the no ftp server enable command shuts down TF...

Страница 63: ...0 times Switch config Switch config tftp server retransmission number 10 1 5 11 tftp server transmission timeout Command tftp server transmission timeout seconds Function Set the transmission timeout...

Страница 64: ...gy and re add this node But after being readded the candidate id of the switch might change The command can only be executed on commander switches Example Clear all candidate switch lists found by the...

Страница 65: ...ember switches of the cluster Parameters commander ip cluster IP address pool for allocating internal IP addresses of the cluster commander ip is the head address of the address pool of which the vali...

Страница 66: ...he one distributed by its commander Commander will send DP messages within the cluster once in every keepalive interval Members will respond to the received DP messages with DR messages The no operati...

Страница 67: ...e loss count 5 2 7 cluster member Command cluster member nodes sn candidate sn list mac address mac addr id member id no cluster member id member id mac address mac addr Function On a commander switch...

Страница 68: ...uring no cluster auto add Users need to change automatically added members to manually added ones to keep them Parameter None Default None Command Mode Global Mode Usage Guide Execute this command on...

Страница 69: ...rivate route of the cluster Example Disable cluster function in the local switch Switch config no cluster run 2 11 cluster update member Command cluster update member member id src url dst filename as...

Страница 70: ...being 1 src ul being ftp admin admin 192 168 1 1 nos img and dst url being nos img Switch cluster update member 1 ftp admin admin 192 168 1 1 nos img nos img 2 12 debug cluster Command debug cluster...

Страница 71: ...the debug information of receiving DP messages Switch debug cluster packets DP receive 2 14 show cluster Command show cluster Function Display cluster information of the switch Command Mode Admin and...

Страница 72: ...Configuration Mode Usage Guide Executing this command on a commander switch will display the configuration information of all cluster member switches Example Execute this command on a commander switc...

Страница 73: ...min and Configuration Mode Usage Guide Executing this command on the switch will display the information of the candidate member switches Example Display configuration information of all cluster candi...

Страница 74: ...x12 x 1 1 ES4626H LAB_SWITCH_1 CM 01 02 03 04 05 01 root root 2 ES4626H LAB_SWITCH_2 M 01 02 03 04 05 02 eth 1 1 eth 1 2 N 3 ES4626H LAB_SWITCH_3 CA 01 02 03 04 05 03 eth 1 1 eth 1 3 Y 4 ES4626H LAB_S...

Страница 75: ...626H Hostname LAB_SWITCH_2 Upstream local port eth 1 1 Upstream node 01 02 03 04 05 01 Upstream remote port eth 1 2 Upstream speed 100full 2 18 rcommand commander Command rcommand commander Function I...

Страница 76: ...This command can only be executed on commander switches Example In the commander switch enter the configuration interface of the member switch with mem id 1 Switch rcommand member 1 Chapter 3 Commands...

Страница 77: ...forces use of fiber cable port sfp preferred auto for fiber cable port first Command mode Port Mode Default The default setting for combo mode of combo ports is fiber cable port first Usage Guide The...

Страница 78: ...erface under Admin Mode to check for the active port of a combo port The following result indicates if the active port for a combo port is the fiber cable port Hardware is Gigabit combo active is fibe...

Страница 79: ...not recommended unless the users need a slow speed low performance network with low packet loss Flow control will not work between different cards in the switch When enable the port flow control func...

Страница 80: ...uto indicates auto identification of cable types across indicates crossover cable support only normal indicates straight through cable support only Command mode Port Mode Default Port cable type is se...

Страница 81: ...iation is enabled by default Usage Guide This command applies to 1000Base FX interface only The negotiation command is not available for 1000Base TX or 100Base TX interface For combo port this command...

Страница 82: ...ports in the switch i e enables broadcasts multicasts and unknown destination unicasts to pass through the switch at line speed Parameters use dlf to limit unicast traffic for unknown destination mul...

Страница 83: ...dcast messages caused by a loop which affect the processing of other tasks of the switch the port will be shut down to guarantee the normal operation of the switch Example If users set the rate violat...

Страница 84: ...a row the showing information include port number Link Protocl status Speed Duplex Vlan port type and port name counter packets show package number statistics of all ethernet ports include layer 2 un...

Страница 85: ...d output rate 0 bytes sec 0 packets sec Input packets statistics 0 input packets 0 bytes 0 no buffer 0 unicast packets 0 multicast packets 0 broadcast packets 0 input errors 0 CRC 0 frame alignment 0...

Страница 86: ...OUT bytes s 1 1 5m 13 473 12 345 678 12 345 1 234 567 5s 135 65 800 245 92 600 1 2 5m 0 0 0 0 5s 0 0 0 0 1 3 5m 0 0 0 0 5s 0 0 0 0 1 4 5m 0 0 0 0 5s 0 0 0 0 3 1 14 shutdown Command shutdown no shutdow...

Страница 87: ...x mode force1g full for forced 1000Mbps at full duplex mode nonegotiate for disable auto negotiation for 1000 Mb port master to force the 1000Mb port to be master mode slave to force the 1000Mb port t...

Страница 88: ...onnected to a 100M port the results of 4 5 and 7 8 will be of no meaning The result may have deviations according to the type of the twisted pair the temperature working voltage and other conditions W...

Страница 89: ...tion groups can a switch have When the users need to change or redo the configuration of the port isolation group he can delete the existing group with the no operation of this command Example Create...

Страница 90: ...ements When an Ethernet port is a member of more than one port isolate group it will be isolated from every port of all groups it belongs to Example Add Ethernet ports 1 1 2 and 1 5 into a port isolat...

Страница 91: ...rol Command Mode Port Mode Usage Guide If there is any loopback the port will not recovery the state of be controlled after enabling control operation on the port If the overtime is configured the por...

Страница 92: ...nk Switch Config If Ethernet1 2 switchport trunk allowed vlan all Switch Config If Ethernet1 2 loopback detection specified vlan 1 3 5 20 Switch Config If Ethernet1 2 no loopback detection specified v...

Страница 93: ...The recovery time is a useful time for shutdown control mode because the port can keep on detection loopback in the other modes so suggest not to use this command Examples Enable automatic recovery of...

Страница 94: ...sages and changing states Parameters None Command Mode Admin Mode Default Disabled by default Usage Guide Display the message sending receiving and state changes with this command Example Switch debug...

Страница 95: ...ts which are available after ULDP is enabled this command should be issued in the port configuration mode to make ULDP be effect Example To enable ULDP in global configuration mode Switch config uldp...

Страница 96: ...None Command Mode Global Configuration Mode and Port Configuration Mode Default Normal mode Usage Guide The ULDP working mode can be configured only if it is enabled globally When ULDP aggressive mod...

Страница 97: ...ration Parameters recovery time is the time out value for the ULDP recovery timer Its value is limited between 30 and 86400 seconds Command Mode Global Configuration Mode Default 0 is set by default w...

Страница 98: ...ULDP for the specified interface The no form of this command will disable the debugging information Parameters IFname is the interface name Command Mode Admin Configuration Mode Default Disabled by d...

Страница 99: ...fter that Display the type and interface of the packet which receiving and sending on the client The no form command disables this function Parameter None Command Mode Admin Mode Default Disabled Usag...

Страница 100: ...100 Default Disabled Usage Guide Use this command to display the Hello packet details receiving on the interface Ethernet 1 1 Switch debug uldp hello receive interface Ethernet 1 1...

Страница 101: ...nd lldp enable lldp disable Function Enable the LLDP function module of ports in port configuration mode disable command will disable the LLDP function module of port Parameters None Default the LLDP...

Страница 102: ...terval integer no lldp tx interval Function Set the interval of sending update messages on all the ports with LLDP function enabled the value of which ranges from 5 to 32768 seconds and is 30 seconds...

Страница 103: ...multiplier as 6 Switch config lldp msgTxHold 6 7 6 lldp transmit delay Command lldp transmit delay seconds no lldp transmit delay Function Since local information might change frequently because of th...

Страница 104: ...and lldp trap enable disable Function enable configure to enable the Trap function on the specified port disable configure to disable the Trap function on the specified port Parameters None Default Th...

Страница 105: ...ntries ranging from 5 to 500 Default The maximum number of entries can be stored in Remote MIB is 100 Command Mode Port Configuration Mode Usage Guide The maximum number of entries can be stored in Re...

Страница 106: ...ldp Example Check the configuration information of global LLDP after it is enabled on the switch Switch config show lldp LLDP GLOBAL INFORMATIONS LLDP enabled port Ethernet 1 1 LLDP interval 30 LLDP t...

Страница 107: ...ig show lldp interface ethernet 1 1 Port name ethernet 1 1 LLDP Agent Adminstatus Both LLDP Operation TLV portDecs sysName sysDesc sysCap LLDP Trap Status disable LLDP maxRemote 100 LLDP Overflow hand...

Страница 108: ...nterface Ethernet1 2 debug lldp packets interface Ethernet1 3 debug lldp packets interface Ethernet1 4 debug lldp packets interface Ethernet1 5 END OF DEBUG SETTINGS 7 17 debug lldp Command debug lldp...

Страница 109: ...is enabled users can check the receiving and sending of packets and other information on the port Example Enable the debug switch of LLDP function on the switch Switch config debug lldp packets inter...

Страница 110: ...sage Guide On entering aggregated port mode configuration to GVRP or spanning tree modules will apply to aggregated ports if the aggregated port does not exist i e ports have not been aggregated an er...

Страница 111: ...g to destination IP src ip performs load balancing according to source IP dst src ip performs load balancing according to destination and source IP If a port group has formed a port channel the load b...

Страница 112: ...tch Config If Ethernet1 1 port group 1 mode active 8 5 show port group Command show port group port group number brief detail load balance port port channel Parameters port group number is the group n...

Страница 113: ...d 32768 1 ACDEF Ethernet1 6 Selected 32768 1 ACDEF Ethernet1 7 Selected 32768 1 ACDEF Ethernet1 8 Selected 32768 1 ACDEF Ethernet1 20 Unselected 32768 1 ACG Ethernet1 23 Standby 32768 1 AC Remote Acto...

Страница 114: ...ctor part Administrative Operational port number 1 port priority 0x8000 aggregator id 0 port key 0x0100 0x0101 port state LACP activety 1 LACP timeout Aggregation 1 1 Synchronization Collecting Distri...

Страница 115: ...ion Synchronization Whether port is synchronized with the partner end Collecting Whether status of port bound status machine is collecting or not Distributing Whether status of port bound status machi...

Страница 116: ...nnel does not exist the above information will not be displayed Number of port Port number in the port channel Standby port Port that is in standby status which means the port is qualified to join the...

Страница 117: ...size is 9018 9022 Default Jumbo function not enabled by default Command Mode Global Mode Usage Guide Set switch of both ends jumbo necessarily or jumbo frame will be dropped at the switch has not be s...

Страница 118: ...port 10 Switch config gvrp Switch config interface ethernet 1 10 Switch Config If Ethernet1 10 gvrp Switch config exit 10 1 3 garp timer hold Command garp timer hold timer value no garp timer hold Fu...

Страница 119: ...garp timer leave command restores the default timer setting Parameter timer value is the value for leave timer the valid range is 100 to 327650 ms Command mode Port Mode Default The default value for...

Страница 120: ...s vlan name is the specified name string Command Mode VLAN Configuration Mode Default The default VLAN name is vlanXXX where xxx is VID Usage Guide The switch can specify names for different VLANs mak...

Страница 121: ...an primary Note This will remove all the ports from vlan 100 Switch Config Vlan100 exit Switch config vlan 200 Switch Config Vlan200 private vlan isolated Note This will remove all the ports from vlan...

Страница 122: ...t to be displayed Command mode Admin Mode and other configuration Mode Usage Guide N A Example Display global GARP information Switch show garp 10 1 11 show gvrp Command show gvrp interface name Funct...

Страница 123: ...1 default Static ENET Ethernet1 1 Ethernet1 2 Ethernet1 3 Ethernet1 4 Ethernet1 9 Ethernet1 10 Ethernet1 11 Ethernet1 12 2 VLAN0002 Static ENET Ethernet1 5 Ethernet1 6 Ethernet1 7 Ethernet1 8 Switch...

Страница 124: ...annel interface name interface list Function Specify Ethernet port to VLAN the no switchport interface ethernet portchannel interface name interface list command deletes one or one set of ports from t...

Страница 125: ...rnet1 8 exit 10 1 16 switchport trunk allowed vlan Command switchport trunk allowed vlan WORD all add WORD except WORD remove WORD no switchport trunk allowed vlan Function Set trunk port to allow VLA...

Страница 126: ...port trunk native vlan 100 Switch Config If Ethernet1 5 exit 10 1 18 vlan Command vlan WORD no vlan WORD Function Create VLANs and enter VLAN configuration mode If using and connect with multi VLANs t...

Страница 127: ...ngress rule Command mode Global Mode Default VLAN ingress rules are enabled by default Usage Guide When VLAN ingress rules are enabled on the port when the system receives data it will check source po...

Страница 128: ...ss does aging when the aging time is set to 0 Example Set the aging time to 600 seconds Switch config mac address table aging time 600 11 1 2 mac address table static blackhole Command mac address tab...

Страница 129: ...em default Example Port 1 1 belongs to VLAN200 and establishes address mapping with MAC address 00 03 0f f0 00 18 Switch config mac address table static address 00 03 0f f0 00 18 vlan 200 interface et...

Страница 130: ...n port1 Switch clear port security dynamic interface Ethernet 1 1 11 2 2 mac address table periodic monitor time Command mac address table periodic monitor time 5 86400 Function Set the MAC monitor in...

Страница 131: ...ure port MAC address information Example Switch show port security Security Port MaxSecurity Addr CurrentAddr Security Action count count Ethernet1 1 1 1 Protect Ethernet1 3 10 1 Protect Ethernet1 5 1...

Страница 132: ...Type Ports 1 0000 0000 1111 SecureConfigured Ethernet1 1 Total Addresses 1 Displayed information Explanation Vlan The VLAN ID for the secure MAC Address Mac Address Secure MAC address Type Secure MAC...

Страница 133: ...rrent secure static MAC address number for the port Lock Timer Whether locking timer timer timeout is enabled for the port Mac Learning function Is the MAC address learning function enabled 11 2 7 swi...

Страница 134: ...not reserve configuration Example Converting MAC addresses in port 1 to static secure MAC addresses Switch config interface Ethernet 1 1 Switch Config If Ethernet1 1 switchport port security convert...

Страница 135: ...ecure MAC addresses for a port the no switchport port security maximum command restores the maximum secure address number of 1 Command mode Port Mode Parameter value is the up limit for static secure...

Страница 136: ...chport port security violation Command switchport port security violation protect shutdown no switchport port security violation Function Configure the port violation mode The no switchport port secur...

Страница 137: ...egion configuration quit MSTP region mode and return to global mode Command mode MSTP Region Mode Usage Guide This command is to quit MSTP region mode with saving the current configuration Example Qui...

Страница 138: ...4 Example Map VLAN1 10 and VLAN 100 110 to Instance 1 Switch config spanning tree mst configuration Switch Config Mstp Region instance 1 vlan 1 10 100 110 12 1 4 name Command name name no name Functio...

Страница 139: ...led in all the ports except for the ports which are set to disable the MSTP explicitly Example Enable the MSTP in global mode and disable the MSTP in the interface1 2 Switch config spanning tree Switc...

Страница 140: ...1 0 seconds Bridge_Max_Age Bridge_Max_Age 2 Bridge_Hello_Time 1 0 seconds Example Set MSTP hello time to 5 seconds in global mode Switch config spanning tree hello time 5 12 1 9 spanning tree link ty...

Страница 141: ...age 25 12 1 11 spanning tree max hop Command spanning tree max hop hop count no spanning tree max hop Function Set maximum hops of BPDU in the MSTP region the command no spanning tree max hop restores...

Страница 142: ...stores the default setting Parameter mstp sets the switch in IEEE802 1s MSTP mode stp sets the switch in IEEE802 1D STP mode rstp sets the switch in IEEE802 1D RSTP mode Command mode Global Mode Defau...

Страница 143: ...ance the command no spanning tree mst instance id cost restores the default setting Parameter instance id sets the instance ID The valid range is from 0 to 64 cost sets path cost The valid range is fr...

Страница 144: ...Set the port priority as 32 on the port 1 2 for the instance 1 Switch config interface ethernet 1 2 Switch Config If Ethernet1 2 spanning tree mst 1 port priority 32 12 1 17 spanning tree mst priority...

Страница 145: ...etwork Example Enable rootguard function for port 1 2 in instance 0 Switch config interface ethernet 1 2 Switch Config If Ethernet1 2 spanning tree mst 0 rootguard Switch Config If Ethernet1 2 12 1 19...

Страница 146: ...with products of other companies The no command restores the default format Parameter standard The packet format provided by IEEE privacy Privacy packet format which is compatible with CISCO equipment...

Страница 147: ...mand no spanning tree digest snooping restores to use the port generated authentication string Parameter None Command mode Port Mode Default Don t use the authentication string of partner port Usage G...

Страница 148: ...to switch from one spanning tree branch to another rapidly the disable mode is not recommended Example Configure the spanning tree flush mode once the topology changes is not flush to TC Switch confi...

Страница 149: ...list detail Function Display the MSTP Information Parameter interface list sets interface list instance id sets the instance ID The valid range is from 0 to 64 detail sets the detailed spanning tree i...

Страница 150: ...Instance 3 Ethernet1 1 Ethernet1 2 Total 2 PortName ID IntRPC State Role DsgBridge DsgPort Ethernet1 1 128 001 0 FWD MSTR 0 00030f010e30 128 001 Ethernet1 2 128 002 0 BLK ALTR 0 00030f010e30 128 002 I...

Страница 151: ...tance PortName Port name ID Port priority and port index ExtRPC Port cost to the root of the entire network IntRPC Cost from the current port to the region root of the current instance State Port stat...

Страница 152: ...guration of the current MSTP region such as MSTP name revision VLAN and instance mapping Note Before quitting the MSTP region mode the displayed parameters may not be effective Example Display the con...

Страница 153: ...nterface e1 1 Chapter 13 Commands for QoS 13 1 class Command class class map name no class class map name Function Associates a class to a policy map and enters the policy class map mode the no class...

Страница 154: ...ch standard of the class map the no form of this command deletes the specified match standard Parameter access group acl index or name match specified IP ACL or MAC ACL the parameters are the number o...

Страница 155: ...e is taking effect by default when startup message will rewrite cos field according to cos dscp cos dscp mutation rewrite dscp value according to cos dscp Ingress cos value is the port default cos Exa...

Страница 156: ...nge packet CoS value port priority cos assigns a priority to the physical port cos is the priority to be assigned Priority of all incoming packets through the port will be set to this cos value This i...

Страница 157: ...rt Example Configuring Ethernet port 1 1 to trust DSCP using DSCP mutation mapping of mu1 Switch config interface ethernet 1 1 Switch Config If Ethernet1 1 mls qos trust dscp pass through cos Switch C...

Страница 158: ...list is a list of DSCP values containing up to 8 DSCP values mark down dscp are DSCP value after mark down Default Default mapping values are Default CoS to DSCP Map CoS Value 0 1 2 3 4 5 6 7 DSCP Val...

Страница 159: ...Example Setting the bandwidth for packets that matching c1 class rule to 20 Mbps with a burst value of 2 MB all packets exceed this bandwidth setting will be dropped Switch config policy map p1 Switc...

Страница 160: ...named p1 Switch config policy map p1 Switch Config PolicyMap p1 exit Switch config no policy map p1 13 12 priority queue out Command priority queue out no priority queue out Function Configure the deq...

Страница 161: ...olicy Class map Mode Usage Guide Only the classified traffic which matches the matching standard will be assigned with the new values Note ipv6 flowlabel configuration is not supported by this switch...

Страница 162: ...ort1 1 Switch config interface ethernet 1 1 Switch Config If Ethernet1 1 service policy input p1 13 16 show class map Command show class map class map name Function Displays class map of QoS Parameter...

Страница 163: ...meters interface id is the port ID buffers is the queue buffer setting on the port policy is the policy setting on the port queuing is the queue setting for the port statistics is the number of packet...

Страница 164: ...mls qos interface queuing ethernet 1 2 Cos queue map Cos 0 1 2 3 4 5 6 7 Queue 1 1 2 2 3 3 4 4 Queue and weight type Port q1 q2 q3 q4 QType 1 2 4 8 WRR Displayed information Explanation Cos queue map...

Страница 165: ...ion information for QoS Parameters cos dscp CoS for CoS DSCP inside cos queue CoS for wrr queue dscp cos DSCP inside for DSCP CoS dscp mutation dscp mutation name for DSCP DSCP mutation dscp mutation...

Страница 166: ...8 19 2 20 21 22 23 24 25 26 27 28 29 3 30 31 32 33 34 35 36 37 38 39 4 40 41 42 43 44 45 46 47 48 49 5 50 51 52 53 54 55 56 57 58 59 6 60 61 62 63 13 20 show mls qos Command show mls qos Function Disp...

Страница 167: ...ues can be set 0 and the queues which be set to 0 are at back Example Setting the bandwidth weight proportion of the four queue out to be 1 2 3 4 Switch config wrr queue bandwidth 1 2 3 4 13 22 wrr qu...

Страница 168: ...access group aclname redirect command is used to delete flow based redirection Flow based redirection function enables the switch to transmit the data frames meeting some special condition to another...

Страница 169: ...pecified Parameters vlan id is the VLAN ID of the established VLAN ranging from 1 to 4094 Default No Layer 3 interface is configured upon switch shipment Command mode Global Mode Usage Guide When crea...

Страница 170: ...net management Furthermore the switch also provides BOOTP DHCP manner to get IP address Example The IP address of switch VLAN1 interface is set to 192 168 1 10 24 Switch Config if Vlan1 ip address 192...

Страница 171: ...ffic IP statistics Rcvd 3249810 total 3180 local destination 0 header errors 0 address errors 0 unknown protocol 0 discards Frags 0 reassembled 0 timeouts 0 fragment rcvd 0 fragment dropped 0 fragment...

Страница 172: ...t rcvd 0 fragment dropped 0 fragmented 0 couldn t fragment 0 fragment sent Fragmentation statistics number of packets reassembled timeouts fragments received fragments discarded packets that cannot be...

Страница 173: ...segment packeage number passive connection number Retransfer packeage number retransfer the time of timer Retransfer the max time is allowed by timer retransfer the min time is allowed by timer UDP st...

Страница 174: ...ugh the OSPF protocol A OSPF ASE Route introduced by OSPF B BGP derived BGP route acquired by the BGP protocol Destination Target network Mask Target network mask Nexthop Next hop IP address Interface...

Страница 175: ...rc fe80 203 fff fe01 2786 Source IPv6 address Dst fe80 1 Destination IPv6 address size 64 Size of data report proto 58 Protocol field in IPv6 header from Vlan1 IPv6 data report is collected from Layer...

Страница 176: ...IPv6 ND messages while no specification means to disable that for all five types of ND message Parameter None Default The debug of receiving and sending operations for all five types of IPv6 ND messag...

Страница 177: ...s between 3 128 eui 64 means IPv6 address is generated automatically based on eui64 interface identifier of the interface Command Mode Interface Configuration Mode Default None Usage Guide IPv6 addres...

Страница 178: ...arameter parameter seconds is the time interval of sending Neighbor Solicitation Message seconds value must be between 1 3600 seconds no command restores the default value 1 second Command Mode Interf...

Страница 179: ...brief is the brief summarization of IPv6 status and configuration and parameter interface name is Layer 3 interface name Default None Command Mode Admin and Configuration Mode Usage Guide If only brie...

Страница 180: ...up up Layer 3 interface status dev index Internal index No fe80 203 fff fe00 10 Automatically configured IPv6 address of Layer 3 interface 3001 1 Configured IPv6 address of Layer 3 interface 15 2 11...

Страница 181: ...ffe 3240 800d 1 64 via Vlan1 1024 O 3ffe 3240 800d 2 64 via Vlan2 1024 O 3ffe 3240 800d 10 64 via Vlan12 1024 O 3ffe 3240 800d 20 64 via fe80 20c ceff fe13 eac1 Vlan12 1024 C fe80 64 via Vlan1 256 C f...

Страница 182: ...ss Hardware Addr Interface Port State 2002 ca60 c801 1 250 baff fef2 a4f4 00 50 ba f2 a4 f4 Vlan1 Ethernet1 2 reachable 3ffe 3240 800d 1 100 00 03 0f 01 27 86 Vlan1 Ethernet1 3 reachable 3ffe 3240 800...

Страница 183: ...on Mode Example Switch show ipv6 traffic IP statistics Rcvd 90 total 17 local destination 0 header errors 0 address errors 0 unknown protocol 13 discards Frags 0 reassembled 0 timeouts 0 fragment rcvd...

Страница 184: ...tion ipv6 enable has been on IPv6 transmission switch is at on status 15 3 Commands for ARP Configuration 15 3 1 arp Command arp ip_address mac_address interface ethernet portName no arp ip_address Fu...

Страница 185: ...tch of APR state changing of the switch Default ARP debug is disabled by default Command mode Admin Mode Usage Guide Display contents for ARP packets received sent including type source and destinatio...

Страница 186: ...ddr Interface Port Flag 50 1 1 6 00 0a eb 51 51 38 Vlan50 Ethernet1 11 Dynamic 50 1 1 9 00 00 00 00 00 09 Vlan50 Ethernet1 1 Static 150 1 1 2 00 00 58 fc 48 9f Vlan150 Ethernet1 4 Dynamic Displayed in...

Страница 187: ...r box switches this command will only show statistics of APP messages received and sent from the current boardcard Command mode Admin and Config Mode Usage Guide Display statistics information of rece...

Страница 188: ...reset to its default attribute that is Untrust port Example Enable the ARP scanning prevention function of the switch Switch config anti arpscan enable 16 2 anti arpscan port based threshold Command...

Страница 189: ...the threshold of IP based ARP scanning prevention as 6 packets second Switch config anti arpscan ip based threshold 6 16 4 anti arpscan trust Command anti arpscan trust port supertrust port no anti a...

Страница 190: ...ommand Mode Global configuration mode User Guide If a port is configured as a trusted port then the ARP scanning prevention function will not deal with this port even if the rate of received ARP messa...

Страница 191: ...i arpscan log enable no anti arpscan log enable Function Enable ARP scanning prevention log function no anti arpscan log enable command will disable this function Parameters None Default Settings Enab...

Страница 192: ...isplay the operation information of ARP scanning prevention function Parameters None Default Settings Display every port to tell whether it is a trusted port and whether it is closed If the port is cl...

Страница 193: ...10 untrust N 0 Ethernet4 11 untrust N 0 Ethernet4 12 untrust N 0 Ethernet4 13 untrust N 0 Ethernet4 14 untrust N 0 Ethernet4 15 untrust N 0 Ethernet4 16 untrust N 0 Ethernet4 17 untrust N 0 Ethernet4...

Страница 194: ...switch of ARP scanning prevention Command Mode Admin Mode User Guide After enabling debug switch of ARP scanning prevention users can check corresponding debug information or enable the port based or...

Страница 195: ...timer or create a new item so the current ARP item keep unchanged and the new item can still be learned Example Switch Config if Vlan1 ip arp security updateprotect Switch config ip arp security updat...

Страница 196: ...which in combination with disabling automatic learning can prevent ARP binding Once implemented this command will lose its effect Example Switch Config if Vlan1 ip arp security convert Switch config i...

Страница 197: ...RP GUARD will be filtered If the source IP addresses of the ARP messagse match the ARP GUARD address configured on this port these messages will be judged as ARP cheating messages which will be direct...

Страница 198: ...s in the switch will be enabled to send gratuitous ARP request If gratuitous ARP is configured in interface configuration mode then only the specified interface is able to send gratuitous ARP requests...

Страница 199: ...on about gratuitous ARP configuration in both global and interface configuration modes Switch show ip gratuitous arp Gratuitous ARP send is Global enabled Interval Time is 300 s Gratuitous ARP send en...

Страница 200: ...at have a binding record Command mode Admin Mode Usage Guide show ip dhcp binding command can be used to view binding information for IP addresses and corresponding DHCP client hardware addresses If t...

Страница 201: ...statistics can be viewed with show ip dhcp server statistics command all information is accumulated You can use the clear ip dhcp server statistics command to clear the count for easier statistics ch...

Страница 202: ...decimal format Default No default gateway is configured for DHCP clients by default Command Mode DHCP Address Pool Mode Usage Guide The IP address of default gateway s should be in the same subnet as...

Страница 203: ...foxgate ua 20 1 10 hardware address Command hardware address hardware address Ethernet IEEE802 type number no hardware address Function Specifies the hardware address of the user when binding address...

Страница 204: ...nding addresses manually If the identifier or hardware address of the requesting client matches the specified identifier or hardware address the DHCP server assigns the IP address defined in host comm...

Страница 205: ...ral consecutive addresses in the pool from being assigned dynamically so that those addresses can be used by the administrator for other purposes Example Reserving addresses from 10 1 128 1 to 10 1 12...

Страница 206: ...tection enable Related Command ip dhcp conflict logging ip dhcp ping packets ip dhcp ping timeout 20 1 16 ip dhcp ping packets Command ip dhcp ping packets request num no ip dhcp ping packets Function...

Страница 207: ...setting Parameters days is number of days from 0 to 365 hours is number of hours from 0 to 23 minutes is number of minutes from 0 to 59 infinite means perpetual use Default The default lease duration...

Страница 208: ...is the node type in Hex from 0 to FF Default No client node type is specified by default Command Mode DHCP Address Pool Mode Usage Guide If client node type is to be specified it is recommended to set...

Страница 209: ...ss workstations that need to download configuration files from the server on boot up This command is used together with bootfile Example Setting the hosting server address as 10 1 128 4 Switch dhcp 1...

Страница 210: ...1 25 show ip dhcp binding Command show ip dhcp binding ip addr type all manual dynamic count Function Displays IP MAC binding information Parameters ip addr is a specified IP address in decimal format...

Страница 211: ...Address Conflicting IP address Detection method Method in which the conflict is detected Detection Time Time when the conflict is detected 20 1 27 show ip dhcp server statistics Command show ip dhcp...

Страница 212: ...dresses whose leases are expired Malformed message Number of error messages Message Received Statistics for DHCP packets received BOOTREQUEST Total packets received DHCPDISCOVER Number of DHCPDISCOVER...

Страница 213: ...6 server will not remove its bind for this address In this situation the address binding information can be removed manually through this command and if no parameter is appended this command will remo...

Страница 214: ...ug information of all kinds of packets received or sent by DHCPv6 the no form of this command disabled this function Default Disabled Command Mode Admin Mode Example Switch debug ipv6 dhcp detail 21 5...

Страница 215: ...Server address of DHCPv6 client as 2001 da8 1 Switch dhcp 1 config dns server 2001 da8 1 21 8 domain name Command domain name domain name no domain name domain name Function To configure domain name...

Страница 216: ...ing with its length no more than 32 designating or manual configuring the name of the address prefix defined in the prefix pool ipv6 prefix prefix length is latter part of the IPv6 address excluding t...

Страница 217: ...alid IPv6 address This command is exclusive with ipv6 dhcp server If the prefix delegation client is disabled for an interface then the address prefix which is get from this interface through prefix d...

Страница 218: ...is the address pool name of DHCPv6 with its length no more than 32 Default Any DHCPv6 address pool are not configured by default Command Mode Global Mode Usage Guide This command should be launched in...

Страница 219: ...nce 80 rapid commit allow hint 21 16 ipv6 general prefix Command ipv6 general prefix prefix name ipv6 prefix prefix length no ipv6 general prefix prefix name Function To define an IPv6 general prefix...

Страница 220: ...delegation pool command to allocate address prefixes to the clients If IPv6 prefix delegation is removed the associated prefix delegation command will be in effective either 21 18 lifetime Command li...

Страница 221: ...ommand Mode DHCPv6 Address Pool Configuration Mode Usage Guide This command configures the address pool for the DHCPv6 server to allocate addresses only one address range can be configured for each ad...

Страница 222: ...ty than the prefix address pool Example The following command will allocate 2001 da8 48 to the client with DUID as 0001000600000005000BBFAA2408 and IAID as 12 Switch dhcp 1 config prefix delegation 20...

Страница 223: ...obal Mode Usage Guide The DHCPv6 services include DHCPv6 server function DHCPv6 relay function DHCPv6 prefix delegation function All of the above services are configured on ports Only when DHCPv6 serv...

Страница 224: ...lifetime 604800 seconds valid lifetime 2592000 seconds Lease obtained at Jan 01 01 34 44 1970 Lease expires at Jan 31 01 34 44 1970 2592000 seconds left The number of DHCPv6 bindings is 1 21 25 show...

Страница 225: ...y and the length less than 32 characters If the poolname parameter is not provided then all the DHCPv6 address pool information will be shown Command Mode Admin and Configuration Mode Usage Guide To d...

Страница 226: ...Y 0 DHCP6RENEW 0 DHCP6REBIND 0 DHCP6RELEASE 0 DHCP6DECLINE 0 DHCP6CONFIRM 0 DHCP6RECONFIGURE 0 DHCP6INFORMREQ 0 DHCP6RELAYFORW 0 DHCP6RELAYREPLY 0 Message Send DHCP6SOLICIT 0 DHCP6ADVERTISE 0 DHCP6REQ...

Страница 227: ...FIGURE packets DHCP6INFORMREQ The number of DHCPv6 INFORMREQ packets DHCP6RELAYFORW The number of DHCPv6 RELAYFORW packets DHCP6RELAYREPLY The number of DHCPv6 RELAYREPLY packets Message Send The stat...

Страница 228: ...ion Mode Usage Guide To show the IPv6 general prefix pool information include the prefix number in general prefix pool the name of every prefix the interface of prefix obtained and the prefix value Ex...

Страница 229: ...acket Command debug ip dhcp snooping packet no debug ip dhcp snooping packet Function This command is used to enable the DHCP SNOOPING debug switch to debug the message processing procedure of DHCP SN...

Страница 230: ...utputting the state of checking binding data and executing port action and so on 22 5 debug ip dhcp snooping binding Command debug ip dhcp snooping binding no debug ip dhcp snooping binding Function T...

Страница 231: ...he DHCP SNOOPING function is enabled the binding function can be enabled Example Enable the DHCP Snooping binding funciton switch config ip dhcp snooping binding enable Relative Command ip dhcp snoopi...

Страница 232: ...binding arp This command is not supported by switch 22 10 ip dhcp snooping binding dot1x Command ip dhcp snooping binding dot1x no ip dhcp snooping binding dot1x Function Enable the DHCP Snooping bind...

Страница 233: ...x 22 12 ip dhcp snooping binding user control max user Command ip dhcp snooping binding user control max user number no ip dhcp snooping binding user control max user Function Set the max number of us...

Страница 234: ...ode Default Settings By default all ports are non trusted ports Usage Guide Only when DHCP Snooping is globally enabled can this command be set When a port turns into a trusted port from a non trusted...

Страница 235: ...cp snooping action blackhole recovery 30 22 15 ip dhcp snooping action MaxNum Command ip dhcp snooping action maxNum default Function Set the number of defense action that can be simultaneously take e...

Страница 236: ...ction Parameters None Default Settings Option 82 function is disabled in DHCP Snooping by default Command Mode Global Configuration Mode Usage Guide Only by implementing this command can DHCP Snooping...

Страница 237: ...ion provided by the option82 field And users can retrieve different IP addresses before and after authentication When this command is applied DHCP relay should not be configured on the truck switch wh...

Страница 238: ...However if TrustView is applied version two should be applied Example To configure the switch choose private packet version two to communicate with FOXGATE inter security management background system...

Страница 239: ...ges this configuration should be updated in time Example Set the local management IP address as 100 1 1 1 primary HELPER SERVER address as 100 1 1 100 and the port as default value switch config inter...

Страница 240: ...g interface ethernet interfaceName Function Display the current cofiguration information of dhcp snooping or display the records of defense actions of a specific port Parameters interfaceName The name...

Страница 241: ...ntrust none 0second 0 0 Ethernet1 19 untrust none 0second 0 0 Ethernet1 20 untrust none 0second 0 0 Ethernet1 21 untrust none 0second 0 0 Ethernet1 22 untrust none 0second 0 0 Ethernet1 23 untrust non...

Страница 242: ...eds to notify the helper server about the information but the helper server has not acknowledged it request binding The number of REQUEST information interface The name of port trust The truest attrib...

Страница 243: ...inding The expired binding information Request Binding REQUEST information 22 24 show ip dhcp snooping binding all Command show ip dhcp snooping binding all Function Display the current global binding...

Страница 244: ...ernet1 5 1 SL 00 00 00 00 00 16 192 168 40 16 Ethernet1 5 1 SL The flag explanation of the binding state S The static binding is configured by shell command D The dynamic binding type U The binding is...

Страница 245: ...sage The format of option1 in option 82 Circuit ID option is standard vlan name plus physical port name like vlan1 ethernet1 12 That of option2 in option 82 remote ID option is CPU MAC of the switch l...

Страница 246: ...st source host address destination multicast destination address destination wildcard multicast destination address wildcard character destination host ip multicast destination host address Default No...

Страница 247: ...host ip multicast destination host address Default None Command Mode Global Mode Usage Guide ACL of Multicast source control list item is controlled by specifical ACL number from 5000 to 5099 the comm...

Страница 248: ...icast destination control access list used on specified net segment the no ip multicast destination control IPADDRESS M access group 6000 7999 command deletes this configuration Parameter IPADDRESS M...

Страница 249: ...led for adding the members to multicast group If configuring multicast destination control to source MAC address of transmitted igmp report and match configured access list such as matching permit the...

Страница 250: ...item and then they will be thrown away by switches namely only multicast data matching to PERMIT can be received and forwarded Example Switch config ip multicast source control 24 1 8 ip multicast sou...

Страница 251: ...stination control Command show ip multicast destination control detail show ip multicast destination control interface Interfacename detail show ip multicast destination control host address ipaddress...

Страница 252: ...p any host destination 224 1 1 1 access list 6000 deny ip host 2 1 1 1 any destination access list 6001 deny ip host 2 1 1 1 225 0 0 0 0 255 255 255 access list 6002 permit ip host 2 1 1 1 225 0 0 0 0...

Страница 253: ...0 0 255 255 255 24 1 14 show ip multicast source control access list Command show ip multicast source control access list show ip multicast source control access list 5000 5099 Function Display sourc...

Страница 254: ...te mrouter port in vlan 1 Switch clear ip igmp snooping vlan 1 mrouter port Relative Command show ip igmp snooping mrouter port 24 2 3 debug igmp snooping all packet event timer mfc Command debug igmp...

Страница 255: ...command disables the IGMP Snooping function for the specified VLAN Parameter vlan id is the VLAN number Command mode Global Mode Default IGMP Snooping is disabled by default Usage Guide To configure...

Страница 256: ...ng this command IGMP Snooping function will not be disabled when disabling the layer 2 general querier function This command is mainly for sending general queries regularly to help switches within thi...

Страница 257: ...This command is used to query the layer 2 version number Example Switch config ip igmp snooping vlan 2 L2 general query version 2 24 2 10 ip igmp snooping vlan limit Command ip igmp snooping vlan vla...

Страница 258: ...l ifname Function Configure static mrouter port of VLAN The no form of the command cancels this configuration Parameter vlan id ranging between 1 4094 ehternet Name of Ethernet port ifname Name of int...

Страница 259: ...le Switch config ip igmp snooping vlan 2 query interval 130 24 2 14 ip igmp snooping vlan query mrsp Command ip igmp snooping vlan vlan id query mrsp value no ip igmp snooping vlan vlan id query mrsp...

Страница 260: ...vlan id VLAN ID range 1 4094 A B C D IP address can be 0 0 0 0 Command Mode Global Mode Default Disabled Usage Guide Default configuration is recommended here If IGMP snooping needs to be configured...

Страница 261: ...vlan vlan id suppression query time command restores to the default value Parameter vlan id VLAN ID ranging between 1 4094 value ranging between 1 65535 seconds Command Mode Global mode Default 255s...

Страница 262: ...enabled with igmp snooping function whether they are l2 general querier 2 Display the IGMP Snooping summary messages of vlan1 Switch show ip igmp snooping vlan 1 Igmp snooping information for vlan 1 I...

Страница 263: ...se time of the VLAN Igmp snooping robustness IGMP Snooping robustness configured on the VLAN Igmp snooping mrouter port keep alive time keep alive time of dynamic mrouter of the VLAN Igmp snooping que...

Страница 264: ...vlan 1 4094 mrouter port Command clear ipv6 mld snooping vlan 1 4094 mrouter port ethernet IFNAME IFNAME Function Delete the mrouter port of the specific VLAN Parameters 1 4094 the specific VLAN ID et...

Страница 265: ...nfigured with MLD Snooping the no form of this command will disable MLD Snooping on all the VLANs as well as the global MLD snooping Example Enable MLD Snooping under global mode Switch config ipv6 ml...

Страница 266: ...l querier Function Set the VLAN to Level 2 general querier Parameter vlan id is the id number of the VLAN with a valid range of 1 4094 Command Mode Global Mode Default VLAN is not a MLD Snooping L2 ge...

Страница 267: ...D is in operation please make this configuration in accordance with the MLD configuration as possible Example Switch config ipv6 mld snooping vlan 2 limit group 300 25 1 9 ipv6 mld snooping vlan mrout...

Страница 268: ...alue query interval valid range 1 65535 secs Command Mode Global Mode Default 125s Usage Guide It is recommended to use default value and if layer 3 MLD is in operation please make this configuration...

Страница 269: ...c group Command ipv6 mld snooping vlan vlan id static group X X X X source X X X X interface ethernet port channel IFNAME no ipv6 mld snooping vlan vlan id static group X X X X source X X X X interfac...

Страница 270: ...n the same segment must be in accordance It is recommended to use the default value Example Switch config ipv6 mld snooping vlan 2 suppression query time 270 25 1 16 show ipv6 mld snooping Command sho...

Страница 271: ...g max reponse time 10 s Mld snooping robustness 2 Mld snooping mrouter port keep alive time 255 s Mld snooping query suppression time 255 s MLD Snooping Connect Group Membership Note All Source S Incl...

Страница 272: ...nooping query suppression time timeout of the VLAN as l2 general querier at suppressed status MLD Snooping Connect Group Membership Group membership of the VLAN namely the correspondence between the p...

Страница 273: ...Switch config vlan 2 Switch Config Vlan2 multicast vlan 26 2 multicast vlan association Command multicast vlan association vlan list no multicast vlan association vlan list Function Associate several...

Страница 274: ...Sunday end_time no periodic Monday Tuesday Wednesday Thursday Friday Saturd ay Sunday daily weekdays weekend start_time to end_time Functions Define the time range of different commands within one we...

Страница 275: ...7 2 absolute start Command no absolute start start_time start_data end end_time end_data Functions Define an absolute time range this time range operates subject to the clock of this equipment Paramet...

Страница 276: ...time range name access list num deny permit udp sIpAddr sMask any source host source sIpAddr s port sPort range sPortMin sPortMax dIpAddr dMask any destination host destination dIpAddr d port dPort r...

Страница 277: ...epresent the type of IGMP packet and usual values please refer to the following description 17 0x11 IGMP QUERY packet 18 0x12 IGMP V1 REPORT packet 22 0x16 IGMP V2 REPORT packet 23 0x17 IGMP V2 LEAVE...

Страница 278: ...0 255 255 27 5 access list mac extended Command access list num deny permit any source mac host source mac host_smac smac smac mask any destination mac host destination mac host_dmac dmac dmac mask u...

Страница 279: ...num deny permit any source mac host source mac host_smac smac smac mask any destination mac host destination mac host_dmac dmac dmac mask igmp source source wildcard any source host source source host...

Страница 280: ...ss protocol No of name or IP protocol It can be a key word eigrp gre icmp igmp igrp ip ipinip ospf tcp or udp or an integer from 0 255 of list No of IP address Use key word ip to match all Internet pr...

Страница 281: ...the serial number is created then the lists are added into this ACL the access list which marked 3200 3299 can configure not continual reverse mask of IP address Examples Permit the passage of TCP pa...

Страница 282: ...nterface Switch clear access group statistic 27 9 firewall Command firewall enable disable Functions Enable or disable firewall Parameters enable means to enable of firewall disable means to disable f...

Страница 283: ...fault No access list is configured by default Usage Guide When this command is issued for the first time an empty access list will be created Example To create a extended IP access list name tcpFlow S...

Страница 284: ...access list configured Usage Guide Creates a numbered 520 standard IP access list first time the following configuration will add to the current access list Examples Creates a numbered 520 standard IP...

Страница 285: ...can bind ingress rules Note when a ACL has multiple rules traffic statistic can t configure There are four kinds of packet head field based on concerned MAC ACL IP ACL MAC IP ACL and IPv6 ACL to some...

Страница 286: ...med mac_acl Switch config mac access list extended mac_acl Switch Config Mac Ext Nacl mac_acl 27 17 mac ip access extended Command mac ip access list extended name no mac ip access list extended name...

Страница 287: ...deny permit eigrp gre igrp ipinip ip ospf protocol num sIpAddr sMask any source host source sIpAddr dIpAddr dMask any destination host destination dIpAddr precedence prec tos tos time range time range...

Страница 288: ...e standard IP access rule Parameters sIpAddr is the source IP address the format is dotted decimal notation sMask is the reverse mask of source IP the format is dotted decimal notation Command Mode Na...

Страница 289: ...ination mac host destination mac host_dmac dmac dmac mask cos cos val cos bitmask vlanId vid value vid mask ethertype protocol protocol mask no deny permit any source mac host source mac host_smac sma...

Страница 290: ...hernet protocol No 1536 65535 protocol bitmask protocol mask 0 65535 reverse mask and mask bit is consecutive Notice mask bit is consecutive means the effective bit must be consecutively effective fro...

Страница 291: ...ion destination host ip d port port3 range dPortMin dPortMax ack fin psh rst urg syn precedence precedence tos tos time range time range name no deny permit any source mac host source mac host_smac sm...

Страница 292: ...ination wildcard mask of destination I Numbers of 32 bit binary system expressed by decimal s numbers with four point separated reverse mask s port optional means the need to match TCP UDP source port...

Страница 293: ...ccess lists access list 10 used 0 time s access list 10 deny any source access list 100 used 1 time s access list 100 deny ip any any destination access list 100 deny tcp any any destination access li...

Страница 294: ...d Examples Switch show access group interface name Ethernet 1 1 IP Ingress access list used is 100 traffic statistics Disable interface name Ethernet1 2 IP Ingress access list used is 1 packet s numbe...

Страница 295: ...igit extended IPv6 ACL number acl name is the nomenclature character string of a specific access control list lengthening within 1 32 Default None Command Mode Admin and Configuration Mode Usage Guide...

Страница 296: ...0 0 0 to Sunday 23 59 59 time range timer2 inactive used 0 times absolute periodic Monday 0 0 0 to Friday 23 59 59 27 28 time range Command no time range time_range_name Functions Create the name of t...

Страница 297: ...erbased user based authentication interface name the name of the interface Command Mode Admin Mode Usage Guide By enabling the debug information of dot1x details users can check the detailed processes...

Страница 298: ...information of Re Authentication Timer state machine interface name the name of the interface Usage Guide By enabling the debug information of dot1x users can check the negotiation process of dot1x pr...

Страница 299: ...interface name for interface name and port number Command mode Global Mode Default N A Usage Guide The dot1x address filter function is implemented according to the MAC address filter table dot1x add...

Страница 300: ...2 1x function is not enabled in global mode by default if 802 1x is enabled under Global Mode 802 1x will not be enabled for the ports by default Usage Guide The 802 1x authentication for the switch m...

Страница 301: ...king exclusive authentication supplicant system or the version of the supplicant system being too low In Guest VLAN users can get 802 1x supplicant system software update supplicant system or update s...

Страница 302: ...equest initialed by the users in the dot1x address filter table will be accepted Example Enabling dot1x address filter function for the switch Switch config dot1x macfilter enable 28 11 dot1x max req...

Страница 303: ...e configured in TrustView server and the TrustView server will distribute the configuration to the switches To be noticed only one free resource can be configured for the overall network Example To co...

Страница 304: ...r userbased 5 28 15 dot1x port control Command dot1x port control auto force authorized force unauthorized no dot1x port control Function Sets the 802 1x authentication status the no dot1x port contro...

Страница 305: ...l the network resources after authentication When either of the above two kinds of access control is applied un authenticated host cannot access any resources in the network When user based access con...

Страница 306: ...cified port Parameters interface name stands for port number omitting the parameter for all ports Command mode Global Mode Usage Guide This command is an Global Mode command It makes the switch to re...

Страница 307: ...iod Command dot1x timeout re authperiod seconds no dot1x timeout re authperiod Function Sets the supplicant re authentication interval the no dot1x timeout re authperiod command restores the default s...

Страница 308: ...unicast passthrough function of switch the no operation of this command will disable this function Command mode Global Configuration Mode Default The 802 1x unicast passthrough function is not enabled...

Страница 309: ...nterface list is the port list If no parameter is specified information for all ports is displayed Command mode Admin and Configuration Mode Usage Guide The dot1x related parameter and dot1x informati...

Страница 310: ...transmission interval authenticator mode Switch authentication mode Mac Filter Enables dot1x address filter or not MacAccessList Dot1x address filter table Dot1x EAPoR Authentication method used by th...

Страница 311: ...311 Machine...

Страница 312: ...Usage Guide When configuring the max number of dynamic MAC address allowed by the port if the number of dynamically learnt MAC address on the port is already larger than the max number of dynamic MAC...

Страница 313: ...ac count Command debug switchport mac count no debug switchport mac count Function When the number limitation function debug of MAC on the port if the number of dynamic MAC and the number of MAC on th...

Страница 314: ...314...

Страница 315: ...le Disable AM function on the switch Switch config no am enable 30 2 am port Command am iport no am port Function Enable disable AM function on port Parameters None Default AM function is disabled on...

Страница 316: ...M MAC IP address of the interface allow deny the IP messages or APR messages from a source IP within that segment to be forwarded via the interface Parameter mac address is the source MAC address ip a...

Страница 317: ...ormation of all interfaces Command Mode Admin and Configuration Mode Example Display all configured AM entries Switch show am AM is enabled Interface Ethernet1 3 am interface am ip pool 30 10 10 1 20...

Страница 318: ...318 am interface am ip pool 50 10 10 1 30 am mac ip pool 00 02 04 06 08 09 20 10 10 5 am ip pool 50 20 10 1 20...

Страница 319: ...ion address Switch config dosattack check srcip equal dstip enable 31 2 dosattack check tcp flags enable Command no dosattack check tcp flags enable Function Enable the function by which the switch wi...

Страница 320: ...fragment TCP and UDP data packet whose destination port is equal to the source port Example Drop the non fragment TCP and UDP data packet whose destination port is equal to the source port Switch conf...

Страница 321: ...length of the ICMPv4 data packet permitted by the switch Default The value is 0x200 by default Command Mode Global Mode Usage Guide To use this function you have to enable dosattack check icmp attacki...

Страница 322: ...he system by default Usage Guide This command is for specifying the IP address port number timeout timer value and the key string of the TACACS server used on authenticating with the switch The parame...

Страница 323: ...ource IP address of TACACS packet sent by the switch the no tacacs server nas ipv4 command deletes the configuration Parameter ip address is the source IP address of TACACS packet in dotted decimal no...

Страница 324: ...ACS server the switch waits for the response If no replay is received during specified period the authentication is considered failed Example Configure the timeout timer of the tacacs server to 30 sec...

Страница 325: ...ng enable command disables the AAA accounting function Command mode Global Mode Default AAA accounting is not enabled by default Usage Guide When accounting is enabled in the switch accounting will be...

Страница 326: ...about receiving and sending packets the no operation of this command will disable such debug information Parameters send Enable the debug information of AAA about sending packets receive Enable the d...

Страница 327: ...witch debug detail attribute interface Ethernet 1 1 33 6 debug aaa detail connection Command debug aaa detail connection no debug aaa detail connection Function Enable the debug information of AAA abo...

Страница 328: ...ny Example Enable the debug information of AAA about errors Switch debug aaa error 33 9 radius nas ipv4 Command radius nas ipv4 ip address no radius nas ipv4 Function Configure the source IP address f...

Страница 329: ...S packet We suggest using the IPv6 address of loopback interface as source IPv6 address it avoids that the packets from RADIUS server are dropped when the interface link down Example Configure the sou...

Страница 330: ...rver accounting host 2004 1 2 3 2 port 3000 primary 33 12 radius server authentication host Command radius server authentication host ipv4 address ipv6 address port port number key string primary acce...

Страница 331: ...ADIUS server only use 802 1x authentication or telnet authentication via access mode option It is not configure access mode option and all services can use current RADIUS server by default Example Set...

Страница 332: ...mand restores the default setting Parameters retries is a retransmission times for RADIUS server the valid range is 0 to 100 Command mode Global Mode Default The default value is 3 times Usage Guide T...

Страница 333: ...rameters seconds is the interval of sending fee counting update messages in seconds ranging from 60 to 3600 Command Mode Global Mode Default The default interval of sending fee counting update message...

Страница 334: ...about the online user the other information displayed is used for troubleshooting by technical support Example Switch show aaa authenticated user authenticated users UserName Retry RadID Port EapID C...

Страница 335: ...shifeng Authentication key authentication server sum 2 Configure the number of authentication server authentication server 0 sock_addr 2 100 100 100 60 1812 The address protocol group IP and interface...

Страница 336: ...Function Displays the statistics for users of RADIUS authentication Parameters authenticated user displays the authenticated users online authenticating user displays the authenticating users Command...

Страница 337: ...he communication Example Enable SSL function Switch config ip http secure server 34 2 ip http secure port Command ip http secure port port number no ip http secure port Function Configure delete port...

Страница 338: ...od will be used The SSL should be restarted to take effect after changes on configuration When des cbc sha is configured IE 7 0 or above is required Example Configure the secure cipher suite is rc4 12...

Страница 339: ...339 Example Switch debug ssl Jan 01 01 02 05 2006 ssl will to connect to web server 127 0 0 1 9998 Jan 01 01 02 05 2006 connect to http security server success...

Страница 340: ...isabling security RA will clear all the configured security RA ports Example Globally enable IPv6 security RA Switch config ipv6 security ra enable 35 2 ipv6 security ra enable Command ipv6 security r...

Страница 341: ...bal IPv6 Security RA State Enable Ethernet1 1 IPv6 Security RA State Yes Ethernet1 3 IPv6 Security RA State Yes 35 4 debug ipv6 security ra Command debug ipv6 security ra no debug ipv6 security ra Fun...

Страница 342: ...P loop may can t work normally or form broadcast The mrpp enable command must be start before the control vlan command be used If primary port secondary port node mode and enable commands all be confi...

Страница 343: ...disables this enabled MRPP ring Parameter Command Mode MRPP ring mode Default Default disable MRPP ring Usage Guide Executing this command it must enable MRPP protocol and if other commands have conf...

Страница 344: ...needs to modify the default and increase the value to avoid primary node doesn t receive Hello packet on fail timer due to time delay Example Configure fail timer of MRPP ring 4000 to 10s Switch conf...

Страница 345: ...fig mrpp enable 36 8 mrpp ring Command mrpp ring ring id no mrpp ring ring id Function Create MRPP ring and access MRPP ring mode the no mrpp ring ring id command deletes configured MRPP ring Paramete...

Страница 346: ...secondary port Command mrpp ring ring id secondary port no mrpp ring ring id secondary port Function Specify secondary of MRPP ring Parameter ring id is the ID of MRPP ring range is 1 4096 Command Mod...

Страница 347: ...ration Command Mode Admin and Configuration Mode Default None Usage Guide None Example Display configuration of MRPP ring 4000 of switch Switch show mrpp 4000 36 13 show mrpp statistics Command show m...

Страница 348: ...is used to configure the source interfaces for the mirror It is not restricted the source interface of the mirror on the switch The source can be one interface or can be multiple interfaces Both of t...

Страница 349: ...ce interface 1 6 access list 120 rx 37 3 monitor session destination interface Command monitor session session destination interface interface number no monitor session session destination interface i...

Страница 350: ...ation ports of all the mirror sessions Command Mode Admin Mode Usage Guide This command is used to display the source and destination ports for the configured mirror sessions For port mirroring CPU mi...

Страница 351: ...address Usage Guide If the analyzer address is configured at Port Mode this IP address and port configured at Port Mode will be applied when sending the sample packet Or else the address and port conf...

Страница 352: ...ority will be Example Configure the priority when sFlow receives packet from the hardware at global mode switch config sflow priority 1 38 4 sflow header len Command sflow header len length value no s...

Страница 353: ...terval Command sflow counter interval interval value no sflow counter interval Function Configure the max interval of the sFlow statistic sampling the no form of this command deletes the statistic sam...

Страница 354: ...h Config If Ethernet1 1 sflow rate input 10000 Switch Config If Ethernet1 1 sflow rate output 20000 38 8 show sflow Command show sflow Function Display the sFlow configuration state Parameter None Com...

Страница 355: ...343 Default value of the port on E1 1 interface sampling proxy is 6343 Counter interval is 20 The statistic sampling interval on e1 1 interface is 20 seconds Sample rate is input 10000 output 0 The in...

Страница 356: ...version_no is the version No of the SNTP on current server ranging between 1 4 and defaulted at 1 Default No SNTP NTP configured by default Command Mode Global Mode Example 1 Configure an IPv4 addres...

Страница 357: ...ence subtract means the timezone equals the UTC time subtract time_difference time difference is the time difference to UTC time range from 0 to 12 the default value is 8 Default Add 8 is default time...

Страница 358: ...s ipv6 address Function To enable specified time server of time source the no form of this command cancels the specified time server of time source Parameter ip address IPv4 address of time server ipv...

Страница 359: ...one name add subtract time_difference no ntp timezone Function To configure the time zone and time different with UTC for NTP client the no form of this command cancels the time zone sets and restores...

Страница 360: ...ne Default Disabled Command Mode Global Mode Usage Guide None Example To enable NTP authentication function Switch config ntp authenticate 40 7 ntp authentication key Command ntp authentication key ke...

Страница 361: ...d key Switch config ntp trusted key 20 40 9 ntp disable Command ntp disable no ntp disable Function To disable enable the NTP function on port Parameter None Default To enable NTP function on all port...

Страница 362: ...switch of displaying NTP packet information Parameter send The debug switch of sending NTP packet receive The debug switch of receiving NTP packet If there is no parameter that means should enable th...

Страница 363: ...s no debug ntp events Function To enable disable debug switch of displaying NTP event Parameter None Default Disable the debug switch of displaying NTP event Command Mode Admin Mode Usage Guide To ena...

Страница 364: ...or one specific session include server ID server layer and the local offset according to server The symbol means this server is the selected local time source Parameter ip address The IPv4 address of...

Страница 365: ...form of this command will disable the output at the log host output channel Parameter ipv4 addr is the IPv4 address of the host ipv6 addr is the IPv6 address of the host local number is the recording...

Страница 366: ...ber for the log the no command does not include the loghost sequence number Command Mode Port mode Default Do not include the sequence number Usage Guide Use logging command to configure the loghost b...

Страница 367: ...ping success which means reachable link Example 2 Use ping command with source address configuration and leave other fields to default Switch ping src 10 1 128 161 10 1 128 160 Type c to abort Sendin...

Страница 368: ...ress dst ipv6 address host hostname Function To check whether the destination network can be reached Parameters dst ipv6 address is the target IPv6 address of the ping command src ipv6 address is the...

Страница 369: ...1 Use source address option n y Source IPv6 address fe80 203 fff fe0b 16e3 Repeat count 5 Datagram size in byte 56 Timeout in milli seconds 2000 Extended commands n Type c to abort Sending 5 56 byte I...

Страница 370: ...oting sequence of IMG files in the corresponding storage device which IMG file is currently used in booting the configuration information of the CFG file in the storage device and the CFG file current...

Страница 371: ...ich are reserved in the system flash memory Command Mode Admin Mode and Configuration Mode Example To list the files and their size in the flash Switch show flash boot rom 329 828 1900 01 01 00 00 00...

Страница 372: ...will be displayed Usage Guide Warning and critical log information is saved in the buffer zone When displayed to the terminal their display format should be index ID time level module ID mission name...

Страница 373: ...rent active configuration parameters for the switch Default If the active configuration parameters are the same as the default operating parameters nothing will be displayed Command mode Admin Mode Us...

Страница 374: ...rface ethernet IFNAME Function Show the VLAN port mode VLAN number and Trunk port messages of the VLAN port mode on the switch Parameter IFNAME is the port number Command mode Admin mode Example Show...

Страница 375: ...eignAddress Remote address of the TCP connection ForeignPort Remote port number of the TCP connection State Current status of the TCP connection 41 16 show telnet login Command show telnet login Funct...

Страница 376: ...udp Function Display the current UDP connection status established to the switch Command mode Admin Mode Example Switch show udp LocalAddress LocalPort ForeignAddress ForeignPort State 0 0 0 0 161 0 0...

Страница 377: ...ckets in milliseconds between 100 10000 Default The default maximum gateway number is 30 timeout in 2000 ms Command mode Admin Mode Usage Guide Traceroute is usually used to locate the problem for unr...

Страница 378: ...the data packets is 30 and timeout period is defaulted at 2000 ms Command Mode Admin Mode Usage Guide Traceroute6 is normally used to locate destination network inaccessible failures Example Switch t...

Страница 379: ...successfully This command will not be reserved which means that it only has one time effect Example Set the switch to automatically reload in 10 hours and 1second Switch reload after 10 00 01 Process...

Страница 380: ...and check how long a time is left before rebooting the switch Example View the configuration of command reload after In the following case the user set the switch to be rebooted in 10 hours and 1 seco...

Страница 381: ...ets of the protocol type the no command set the max rate to default Parameter protocol type is the type of the protocol including dot1x stp snmp arp telnet http dhcp igmp ssh packets is the max rate o...

Страница 382: ...CPU receives ARP packets Switch config clear cpu rx stat protocol arp 43 5 cpu rx ratelimit channel This type of switch does not support the command 43 6 show cpu rx protocol Command show cpu rx prot...

Страница 383: ...tocol of the packet including snmp telnet http dhcp igmp arp ssh icmpv6 dot1x gvrp stp lacp cluster eapou all means all of the protocol types discard means all the discarded packets Detail show detail...

Страница 384: ...upply process if PD requires for an extra power which exceeds the max threshold value the supply will be cut off and the corresponding LED indicator will be updated When the PD is disconnected from th...

Страница 385: ...upply and an effective method to control the power consumed by connected subordinate devices Example Set the global max output power to 50W Switch Config power inline max 50 44 1 5 power inline max Po...

Страница 386: ...er is higher privileged In first come first served mode new PDs will not get power supply if available PSE power is not enough Note the first come first served mode is not supported by switch Example...

Страница 387: ...lue of remaining power Min Voltage The global threshold of under voltage Max Voltage The global threshold of over voltage Police The power priority policy status enabled or disabled Legacy The non sta...

Страница 388: ...er supply disabled Oper Working status on PD is normally connected and powered off PD is not connected faulty PD detection failed deny not enough available power or the required power is over the limi...

Страница 389: ...ters None Command Mode Admin Mode Default None Usage Guide With debugging enabled relative information will be printed in the key processes while implementing commands for further debugging reference...

Страница 390: ...ion37 38 ACL at the example o Case 1 case 2 case 3 and case 4 were deleted in the configuration steps of firewall default permit command line o In the result of the case 1 configuration access list 11...

Страница 391: ...1 configuration function order 2 instruction for the configuration of default action default action dot1x port method added userbased standard value and the same changes applied to the operation manua...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды