NETGEAR FSM726v3 - ProSafe Fast Ethernet L2 Managed Switch Скачать руководство пользователя страница 305

Страница: 305 / 558

Managed Switch CLI Manual, Release 8.0

Quality of Service (QoS) Commands

5-38

v1.0, July 2009

IP Extended ACL:

Format

access-list <100-199> {deny | permit} {every | {{icmp | igmp | ip |

tcp | udp | <number>} <srcip> <srcmask>[{eq {<portkey> | <0-65535>}

<dstip> <dstmask> [{eq {<portkey>| <0-65535>}] [precedence

<precedence> | tos <tos> <tosmask> | dscp <dscp>] [log] [assign-queue

<queue-id>] [{mirror | redirect} <unit/slot/port>]

Mode

Global Config

Parameter

Description

<1-99>

<100-199>

Range 1 to 99 is the access list number for an IP standard ACL.
Range 100 to 199 is the access list number for an IP extended ACL.

{deny | permit}

Specifies whether the IP ACL rule permits or denies an action.

every

Match every packet

{icmp | igmp | ip | tcp | udp

| <number>}

Specifies the protocol to filter for an extended IP ACL rule.

Specifies a source IP address and source netmask for match
condition of the IP ACL rule.

[{eq {<portkey> |

<0-65535>}]

Specifies the source layer 4 port match condition for the IP ACL rule.
You can use the port number, which ranges from 0-65535, or you
specify the

<portkey>

, which can be one of the following keywords:

domain, echo, ftp, ftpdata, http, smtp, snmp,

telnet, tftp

, and

www

. Each of these keywords translates into its

equivalent port number, which is used as both the start and end of a
port range.

Specifies a destination IP address and netmask for match condition
of the IP ACL rule.

[precedence <precedence> |

tos <tos> <tosmask> | dscp

<dscp>]

Specifies the TOS for an IP ACL rule depending on a match of
precedence or DSCP values using the parameters

dscp

precedence

tos/tosmask

[log]

Specifies that this rule is to be logged.

[assign-queue <queue-id>]

Specifies the assign-queue, which is the queue identifier to which
packets matching this rule are assigned.

[{mirror | redirect} <unit/

slot/port>]

Specifies the mirror or redirect interface which is the unit/slot/port to
which packets matching this rule are copied or forwarded,
respectively. The

mirror

and

redirect

parameters are not

available on the GSM7328Sv1 and GSM7352Sv1 platforms.

Содержание FSM726v3 - ProSafe Fast Ethernet L2 Managed Switch

Страница 1: ...202 10530 01 July 2009 NETGEAR Inc 350 Plumeria Dr San Jose CA 95124 USA ProSafe 7200 Managed Switches CLI Manual Software Version 8 0...

Страница 2: ...1992 The operation of some equipment for example test transmitters in accordance with the regulations may however be subject to certain restrictions Please refer to the notes in the operating instruct...

Страница 3: ...umber FSM72xx GSM72xx Publication Date July 2009 Product Family managed switch Product Name ProSafe 7200 Series Stackable Managed Switches Home or Business Product Business Language English Publicatio...

Страница 4: ...v1 0 July 2009 iv...

Страница 5: ...ng Convention 1 3 Using the No Form of a Command 1 4 Managed Switch Modules 1 5 Command Modes 1 5 Command Completion and Abbreviation 1 9 CLI Error Messages 1 9 CLI Line Editing Conventions 1 10 Using...

Страница 6: ...P Inspection Commands 3 130 IGMP Snooping Configuration Commands 3 138 IGMP Snooping Querier Commands 3 147 Port Security Commands 3 153 LLDP 802 1AB Commands 3 157 LLDP MED Commands 3 168 Denial of S...

Страница 7: ...ommands 6 6 Logging Commands 6 18 System Utility and Clear Commands 6 24 Simple Network Time Protocol SNTP Commands 6 34 DHCP Server Commands 6 40 DNS Client Commands 6 55 Packet Capture Commands 6 61...

Страница 8: ...10 QoS 8 16 Routing IPv6 Routing 8 17 Multicast 8 21 Stacking 8 23 Technologies 8 23 O S Support 8 26 Chapter 9 Captive Portal Commands Capitve Portal Global Commands 9 1 Captive Portal Configuration...

Страница 9: ...hat the reader has an understanding of the software base and has read the appropriate specification for the relevant networking device platform It also assumes that the reader has a basic knowledge of...

Страница 10: ...erformance and feature sets continue to improve Devices that are capable of switching Layers 2 3 and 4 are increasingly in demand The software provides a flexible solution to these ever increasing nee...

Страница 11: ...ommand prompt CLI text code italic URL links Note This format is used to highlight information of importance or special interest Tip This format is used to highlight a procedure that will save time or...

Страница 12: ...omputer must have the free Adobe Acrobat reader installed in order to view and print PDF files The Acrobat reader is available on the Adobe Web site at http www adobe com Revision History Part Number...

Страница 13: ...Switch Modules on page 1 5 Command Modes on page 1 5 Command Completion and Abbreviation on page 1 9 CLI Error Messages on page 1 9 CLI Line Editing Conventions on page 1 10 Using CLI Help on page 1 1...

Страница 14: ...f the information that the command shows Command Conventions In this document the command name is in bold font Parameters are in italic font You must replace the parameter name with an appropriate val...

Страница 15: ...s in the following formats a 32 bits a b 8 24 bits a b c 8 8 16 bits a b c d 8 8 8 8 In addition to these formats the CLI accepts decimal hexadecimal and octal formats through the following input form...

Страница 16: ...to the maximum number of physical slots Logical slot numbers Logical slots immediately follow physical slots and identify port channel LAG or router interfaces CPU slot numbers The CPU slots immediat...

Страница 17: ...management of the device through an IPv6 through an IPv6 address without requiring the IPv6 Routing package in the system The management address can be associated with the network port front panel sw...

Страница 18: ...ntains commands to configure outbound telnet settings and console interface settings Policy Map Config Switch Config policy map Contains the QoS Policy Map configuration commands Policy Class Config S...

Страница 19: ...o exit to the User EXEC mode enter exit or press Ctrl Z Global Config From the Privileged EXEC mode enter configure To exit to the Privileged EXEC mode enter exit or press Ctrl Z VLAN Config From the...

Страница 20: ...exit to the Global Config mode enter exit To return to the Privileged EXEC mode enter Ctrl Z Router RIP Config From the Global Config mode enter router rip To exit to the Global Config mode enter exit...

Страница 21: ...v6 Pool Config From the Global Config mode enter ip dhcpv6 pool pool name To exit to the Global Config mode enter exit To return to the Privileged EXEC mode enter Ctrl Z Stack Global Config Mode From...

Страница 22: ...the command Table 8 CLI Editing Conventions Key Sequence Description DEL or Backspace Delete previous character Ctrl A Go to beginning of line Ctrl E Go to end of line Ctrl F Go forward one character...

Страница 23: ...ble Disable mgmt_vlan Configure the Management VLAN ID of the switch parms Configure Network Parameters of the router protocol Select DHCP BootP or None as the network config protocol If the help outp...

Страница 24: ...connection from a remote management host For the initial connection you must use a direct connection to the console port You cannot access the system remotely until the system has an IP address subne...

Страница 25: ...ort stacking stack This command sets the mode to Stack Global Config Note The commands in this chapter are in one of two functional groups Note Show commands display switch settings statistics and oth...

Страница 26: ...he ability of a switch to become the Primary Management Unit The unit is the switch identifier The value is the preference parameter that allows the user to specify priority of one backup switch over...

Страница 27: ...tounit is the switch identifier on the new Primary Management Unit Upon execution the entire stack including all interfaces in the stack is unconfigured and reconfigured with the configuration on the...

Страница 28: ...d and the slot will be re configured with default information for the card no slot This command removes configured information from an existing slot in the system set slot disable This command configu...

Страница 29: ...es the configuration from the contents of the slot If the slot is empty this administrative mode removes the configuration from any module inserted into the slot If a card is disabled all the ports on...

Страница 30: ...command resets the entire stack or the identified unit The unit is the switch identifier The system prompts you to confirm that you want to reset the switch show slot This command displays informatio...

Страница 31: ...the card inserted in the slot Model Identifier is a 32 character field used to identify a card This field is displayed only if the slot is full Inserted Card Description The card description This fiel...

Страница 32: ...tifier The model identifier of the switch in the stack Model Identifier is a 32 character field assigned by the device manufacturer to identify the device Switch Status The switch status Possible valu...

Страница 33: ...e configuration then the code version is None Detected Code in Flash The version of code that is currently stored in FLASH memory on the switch This code executes after the switch is reset If the swit...

Страница 34: ...is command is not supported on the FSM7226RS or FSM7250RS show stack port This command displays summary stack port information for all interfaces Model Identifier The model identifier for the supporte...

Страница 35: ...of the stack port link Format show stack port counters Mode Privileged EXEC Term Definition Unit The unit number Interface The slot and port numbers Tx Data Rate Trashing data rate in megabits per sec...

Страница 36: ...neers FAEs and developers An FAE will advise on the necessity to run this command and capture this information Format show stack port diag Mode Privileged EXEC Term Definition Unit The unit number Int...

Страница 37: ...3 50 Protected Ports Commands on page 3 51 Private Group Commands on page 3 53 GVRP Commands on page 3 58 GMRP Commands on page 3 60 Port Based Network Access Control Commands on page 3 63 Storm Cont...

Страница 38: ...ce port interface range This command gives you access to a range of port interfaces allowing the same port configuration to be applied to a set of ports Warning The commands in this chapter are in one...

Страница 39: ...e LAG link aggregation or port channel virtual interface which allows certain port configurations to be applied to the LAG interface Type a question mark after entering the interface configuration mod...

Страница 40: ...egotiate all This command disables automatic negotiation on all ports description Use this command to create an alpha numeric description of the port Note Automatic sensing is disabled when automatic...

Страница 41: ...lid integer between 1518 9216 for untagged packets no mtu This command sets the default MTU size in bytes for the interface shutdown This command disables a port Note To receive and process packets th...

Страница 42: ...ll ports no shutdown all This command enables all ports Format shutdown Mode Interface Config Format no shutdown Mode Interface Config Note You can use the shutdown all command on physical and port ch...

Страница 43: ...rmation Format speed 100 10 half duplex full duplex Mode Interface Config Acceptable Values Definition 100h 100BASE T half duplex 100f 100BASE T full duplex 10h 10BASE T half duplex 10f 10BASE T full...

Страница 44: ...desired port speed and duplex mode If auto negotiation support is selected then the duplex mode and speed is set from the auto negotiation process Note that the maximum capability of the port full dup...

Страница 45: ...by forward slashes Description Shows the port description configured via the description command Format show port status unit slot port all Mode Privileged EXEC Term Definition Interface Valid slot a...

Страница 46: ...anning tree This command sets the spanning tree operational mode to disabled While disabled the spanning tree configuration is retained and can be changed but is not activated spanning tree bpdufilter...

Страница 47: ...rface spanning tree bpduguard Use this command to enable BPDU Guard on the switch no spanning tree bpduguard Use this command to disable BPDU Guard on the switch Default enabled Format no spanning tre...

Страница 48: ...stem configuration or have a no version spanning tree configuration name This command sets the Configuration Identifier Name for use in identifying the configuration that this switch is currently usin...

Страница 49: ...e configuration that this switch is currently using to the default value spanning tree edgeport This command specifies that this port is an Edge Port within the common and internal spanning tree This...

Страница 50: ...ather than MST BPDUs IEEE 802 1w functionality supported no spanning tree forceversion This command sets the Force Protocol Version parameter to the default value spanning tree forward time This comma...

Страница 51: ...ng tree protocol no spanning tree guard This command disables loop guard or root guard on the interface spanning tree max age This command sets the Bridge Max Age parameter to a new value for the comm...

Страница 52: ...l spanning tree to the default value spanning tree mst This command sets the Path Cost or Port Priority for this port within the multiple spanning tree instance or in the common and internal spanning...

Страница 53: ...ity for this port within the multiple spanning tree instance or in the common and internal spanning tree to the respective default values If you specify an mstid parameter that corresponds to an exist...

Страница 54: ...eleted instance to the common and internal spanning tree The parameter mstid is a number that corresponds to the desired existing multiple spanning tree instance to be removed spanning tree mst priori...

Страница 55: ...s the default CIST ID is passed as the mstid this command sets the Bridge Priority parameter for the common and internal spanning tree to the default value spanning tree mst vlan This command adds an...

Страница 56: ...ministrative Switch Port State for this port to enabled no spanning tree port mode This command sets the Administrative Switch Port State for this port to disabled spanning tree port mode all This com...

Страница 57: ...all This command disables Edge Port mode for all ports within the common and internal spanning tree spanning tree bpduforwarding Normally a switch will not forward Spanning Tree Protocol STP BPDU pack...

Страница 58: ...and 61440 It is displayed in multiples of 4096 Bridge Identifier The bridge identifier for the CST It is made up using the bridge priority and the base MAC address of the bridge Time Since Topology C...

Страница 59: ...of the bridge Regional Root Path Cost Path Cost to the CST Regional Root Associated FIDs List of forwarding database identifiers currently associated with this instance Associated VLANs List of VLAN I...

Страница 60: ...ions and topology changes to other ports BPDU Filter Mode Enabled or disabled BPDU Flood Mode Enabled or disabled Auto Edge To enable or disable the feature that causes a port that has not seen a BPDU...

Страница 61: ...ning tree state of this port Port Role Each enabled MST Bridge Port receives a Port Role for each spanning tree The port role is one of the following values Root Port Designated Port Alternate Port Ba...

Страница 62: ...tForwarding State The forwarding state of the port within the CST Port Role The role of the specified interface within the CST Auto Calculate Port Path Cost Indicates whether auto calculation for port...

Страница 63: ...The derived value of the edge port status True if operating as an edge port false otherwise Point To Point MAC Status Derived value indicating if this port is part of a point to point link CST Regiona...

Страница 64: ...r disabled on the port Type Currently not used STP State The forwarding state of the port in the specified spanning tree instance Port Role The role of the specified port within the spanning tree Desc...

Страница 65: ...Version of 802 1 currently supported IEEE 802 1s IEEE 802 1w or IEEE 802 1d based upon the Force Protocol Version parameter BPDU Guard Mode Enabled or disabled BPDU Filter Mode Enabled or disabled Co...

Страница 66: ...command configures the Management VLAN ID no network mgmt_vlan This command sets the Management VLAN ID to the default Term Definition VLAN Identifier The VLANs associated with the selected MST insta...

Страница 67: ...ains VlanId s in range 1 4093 Separate non consecutive IDs with and no spaces and no zeros in between the range Use for range vlan acceptframe This command sets the frame acceptance mode per interface...

Страница 68: ...disables ingress filtering If ingress filtering is disabled frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are...

Страница 69: ...lid interface number Participation options are Default VLAN ID 1 default other VLANS blank string Format vlan name 1 4093 name Mode VLAN Config Format no vlan name 1 4093 Mode VLAN Config Format vlan...

Страница 70: ...ig Participation Options Definition include The interface is always a member of this VLAN This is equivalent to registration fixed exclude The interface is never a member of this VLAN This is equivale...

Страница 71: ...d frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN no vlan port ingressfilter all This c...

Страница 72: ...nd configures the tagging behavior for all interfaces in a VLAN to disabled If tagging is disabled traffic is transmitted as untagged frames The ID is a valid VLAN identification number vlan protocol...

Страница 73: ...and ipx no vlan protocol group add protocol This command removes the protocol from this protocol based VLAN group that is identified by this groupid The possible values for protocol are ip arp and ip...

Страница 74: ...ce and protocol combination with one group If adding an interface to a group causes any conflicts with protocols currently associated with the group this command fails and the interface s are not adde...

Страница 75: ...currently associated with the group this command will fail and the interface s will not be added to the group no protocol vlan group all This command removes all interfaces from this protocol based V...

Страница 76: ...the tagging behavior for a specific interface in a VLAN to disabled If tagging is disabled traffic is transmitted as untagged frames The vlan list contains VlanId s in range 1 4093 Separate non consec...

Страница 77: ...mat vlan association mac macaddr 1 4093 Mode VLAN database Format no vlan association mac macaddr Mode VLAN database Format show vlan Mode Privileged EXEC User EXEC Term Definition VLAN ID There is a...

Страница 78: ...LAN This is equivalent to registration fixed in the IEEE 802 1Q standard Exclude This port is never a member of this VLAN This is equivalent to registration forbidden in the IEEE 802 1Q standard Autod...

Страница 79: ...on the top line Port VLAN ID The VLAN ID that this port will assign to untagged frames or priority tagged frames received on this port The value must be for an existing VLAN The factory default is 1 A...

Страница 80: ...disabled Default Priority The 802 1p priority assigned to tagged packets arriving on the port Format show vlan association subnet ipaddr netmask Mode Privileged EXEC Term Definition IP Subnet The IP a...

Страница 81: ...vlan tunnel ethertype This command configures the ether type for all interfaces The ether type may have the values of 802 1Q vMAN or custom If the ether type has a value of custom the optional value o...

Страница 82: ...tailed information about Double VLAN Tunneling for the specified interface or all interfaces Note When you use the mode dvlan tunnel command on an interface it becomes a service provider port Ports th...

Страница 83: ...e are three different EtherType tags The first is 802 1Q which represents the commonly used value of 0x8100 The second is vMAN which represents the commonly used value of 0x88A8 If EtherType is not on...

Страница 84: ...voice vlan Global Config Use this command to enable the Voice VLAN capability on the switch no voice vlan Global Config Use this command to disable the Voice VLAN capability on the switch voice vlan I...

Страница 85: ...ameter is not specified only the global mode of the Voice VLAN is displayed When the interface is specified none Allow the IP phone to use its own configuration to send untagged voice traffic untagged...

Страница 86: ...rity This command configures the default 802 1p port priority assigned for untagged packets for a specific interface The range for the priority is 0 7 Term Definition Voice VLAN Interface Mode The adm...

Страница 87: ...ce remains unchanged Once the interface is no longer a member of a LAG the current configuration for that interface automatically becomes effective switchport protected Global Config Use this command...

Страница 88: ...protected ports to which this interface is assigned show switchport protected This command displays the status of all the interfaces including protected and unprotected interfaces Note Port protection...

Страница 89: ...in private group can be forwarded to other ports either in the same private group or anyone in the same VLAN that are not in a private group Name An optional name of the protected port group The name...

Страница 90: ...r of private groups is 192 such that the valid range for the ID is 1 192 The private group id field is optional If not specified a group id not used will be assigned automatically The mode can be eith...

Страница 91: ...istration Protocol GMRP GARP is a protocol that allows client stations to register with the switch for membership in VLANS by using GVMP or multicast groups by using GVMP Format private group name pri...

Страница 92: ...t and only has an effect when GVRP is enabled set garp timer leave This command sets the GVRP leave time for one port Interface Config mode or all ports Global Config mode and only has an effect when...

Страница 93: ...per GARP participation The time may range from 200 to 6000 centiseconds The value 1000 centiseconds is 10 seconds You can use this command on all ports Global Config mode or a single port Interface C...

Страница 94: ...orts and automatic VLAN pruning set gvrp adminmode This command enables GVRP on the system no set gvrp adminmode This command disables GVRP Format show garp Mode Privileged EXEC User EXEC Term Definit...

Страница 95: ...me Leave Time and Leave All Time have no effect show gvrp configuration This command displays Generic Attributes Registration Protocol GARP information for one or all interfaces Format no set gvrp adm...

Страница 96: ...conds Leave Timer The period of time to wait after receiving an unregister request for an attribute before deleting the attribute Current attributes are a VLAN or multicast group This may be considere...

Страница 97: ...re enabled if routing is disabled and port channel LAG membership is removed from an interface that has GARP enabled no set gmrp interfacemode This command disables GARP Multicast Registration Protoc...

Страница 98: ...register request for an attribute before deleting the attribute Current attributes are a VLAN or multicast group This may be considered a buffer time for another station to assert registration for the...

Страница 99: ...tistics This command is used to clear all RADIUS statistics Format show mac address table gmrp Mode Privileged EXEC Term Definition Mac Address A unicast MAC address for which the switch has forwardin...

Страница 100: ...Guest VLAN on the interface dot1x initialize This command begins the initialization sequence on the specified port This command is only valid if the control mode for the specified port is auto or mac...

Страница 101: ...OL EAP Request Identity frame before timing out the supplicant dot1x max users Use this command to set the maximum number of clients supported on the port when MAC based dot1x authentication is enable...

Страница 102: ...rt control mode on the specified port to the default value dot1x port control all This command sets the authentication mode to use on all ports Select force unauthorized to specify that the authentica...

Страница 103: ...s auto or mac based If the control mode is not auto or mac based an error will be returned dot1x re authentication This command enables re authentication of the supplicant for the specified port no do...

Страница 104: ...st vlan period The time in seconds for which the authenticator waits to see if any EAPOL packets are received on a port before authorizing the port and placing the port in the guest vlan if configured...

Страница 105: ...rational supp timeout The value in seconds of the timer used by the authenticator state machine on this port to timeout the supplicant The supp timeout must be a value in the range 1 65535 server time...

Страница 106: ...s with access to the specified port or all ports The user parameter must be a configured user no dot1x user This command removes the user from the list of users with access to the specified port or al...

Страница 107: ...sole_Default Telnet Network_Default Network_Default SSH Network_Default Network_Default http Local https Local dot1x show dot1x This command is used to show a summary of the global dot1x configuration...

Страница 108: ...de under which this port is operating Possible values are authorized unauthorized Reauthenticatio n Enabled Indicates whether re authentication is enabled on this port Port Status Indicates whether th...

Страница 109: ...r used by the authenticator on this port to timeout the authentication server The value is expressed in seconds and will be in the range of 1 and 65535 Maximum Requests The maximum number of times the...

Страница 110: ...time period in seconds is returned by the RADIUS server on authentication of the port This value is valid for the port only when the port control mode is not MAC based Session Termination Action This...

Страница 111: ...ed EAPOL frame Last EAPOL Frame Source The source MAC address carried in the most recently received EAPOL frame EAP Response Id Frames Received The number of EAP response identity frames that have bee...

Страница 112: ...The reason the VLAN identified in the VLAN ID field has been assigned to the port Possible values are RADIUS Unauthenticated VLAN or Default When the VLAN Assigned reason is Default it means that the...

Страница 113: ...per type basis Configuring a storm control level also enables that form of storm control Disabling a storm control level using the no version of the command sets the storm control level back to the de...

Страница 114: ...the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold the traffic is dropped Therefore the rate of broadcast traffic is limited to the configured thres...

Страница 115: ...shold to the default value for an interface and disables broadcast storm recovery storm control broadcast Global This command enables broadcast storm recovery mode for all interfaces If the mode is en...

Страница 116: ...for all interfaces no storm control broadcast level This command sets the broadcast storm recovery threshold to the default value for all interfaces and disables broadcast storm recovery storm contro...

Страница 117: ...ery is active and if the rate of L2 multicast traffic ingressing on an interface increases beyond the configured threshold the traffic will be dropped Therefore the rate of multicast traffic will be l...

Страница 118: ...for an interface and disables multicast storm recovery storm control multicast rate Use this command to configure the multicast storm recovery threshold for an interface in packets per second If the...

Страница 119: ...all interfaces storm control multicast level Global This command configures the multicast storm recovery threshold for all interfaces as a percentage of link speed and enables multicast storm recover...

Страница 120: ...traffic is limited to the configured threshold no storm control broadcast rate This command sets the broadcast storm recovery threshold to the default value for all interfaces and disables broadcast...

Страница 121: ...gressing on an interface increases beyond the configured threshold the traffic will be dropped Therefore the rate of unknown unicast traffic will be limited to the configured threshold This command al...

Страница 122: ...ult value for an interface and disables unicast storm recovery storm control unicast Global This command enables unicast storm recovery mode for all interfaces If the mode is enabled unicast storm rec...

Страница 123: ...level This command sets the unicast storm recovery threshold to the default value and disables unicast storm recovery for all interfaces storm control unicast rate Global Use this command to configur...

Страница 124: ...rts no storm control flowcontrol This command disables 802 3x flow control for the switch Format no storm control unicast rate Mode Global Config Note 802 3x flow control works by pausing a port when...

Страница 125: ...ort configuration parameters for all interfaces or specify the unit slot port to display information about a specific interface Port Channel LAG 802 3ad Commands This section describes the commands yo...

Страница 126: ...its member ports port channel This command configures a new port channel LAG and generates a logical unit slot port number for the port channel The name field is a character string which allows the da...

Страница 127: ...ured port channel deleteport Global Config This command deletes all configured ports from the port channel LAG The interface is a logical unit slot port number of a configured port channel To clear th...

Страница 128: ...ative value of the key for the port channel lacp collector max delay Use this command to configure the port channel collector max delay The valid range of delay is 0 65535 Default 0x8000 Format lacp a...

Страница 129: ...command to configure the administrative value of the LACP actor admin key The valid range for key is 0 65535 no lacp actor admin key Use this command to configure the default administrative value of...

Страница 130: ...actor admin state to aggregation lacp actor admin state longtimeout Use this command to set LACP actor admin state to longtimeout Format lacp actor admin state individual Mode Interface Config Note Th...

Страница 131: ...e LACP actor admin state to passive no lacp actor admin state passive Use this command to set the LACP actor admin state to active Format no lacp actor admin state longtimeout Mode Interface Config No...

Страница 132: ...ned to the Aggregation Port lacp actor system priority Use this command to configure the priority value associated with the LACP Actor s SystemID The range for priority is 0 to 65535 Default 0x80 Form...

Страница 133: ...0 to 65535 no lacp partner admin key Use this command to configure the administrative value of the Key for the protocol partner lacp partner admin state individual Use this command to set LACP partner...

Страница 134: ...acp partner admin state longtimeout Use this command to set the LACP partner admin state to short timeout Note This command is only applicable to physical interfaces Format no lacp partner admin state...

Страница 135: ...in state to active lacp partner port id Use this command to configure the LACP partner port id The valid range for port id is 0 to 65535 Format lacp partner admin state passive Mode Interface Config N...

Страница 136: ...e the LACP partner port priority The valid range for priority is 0 to 255 no lacp partner port priority Use this command to configure the default LACP partner port priority Format no lacp partner port...

Страница 137: ...the default value representing the administrative value of the Aggregation Port s protocol Partner s System ID lacp partner system priority Use this command to configure the administrative value of t...

Страница 138: ...of allowable dynamic port channels are already present in the system the static mode for a new port channel enabled which means the port channel is static You can only use this command on port channel...

Страница 139: ...ocol LACP on a port port lacpmode enable all This command enables Link Aggregation Control Protocol LACP on all ports no port lacpmode enable all This command disables Link Aggregation Control Protoco...

Страница 140: ...lacptimeout Global Config This command sets the timeout for all interfaces of a particular device type actor or partner to either long or short timeout no port lacptimeout This command sets the timeo...

Страница 141: ...e interface is a logical unit slot port for a configured port channel The option all enables link trap notifications for all the configured port channels no port channel linktrap This command disables...

Страница 142: ...6 Source Destination IP and source destination TCP UDP port no hashing mode This command sets the hashing algorithm on Trunk ports to default 3 The command is available in the interface configuration...

Страница 143: ...urce Destination MAC VLAN EtherType and incoming port associated with the packet 4 Source IP and Source TCP UDP fields of the packet 5 Destination IP and Destination TCP UDP Port fields of the packet...

Страница 144: ...0 65535 no port channel system priority Use this command to configure the default port channel system priority value show lacp actor Use this command to display LACP actor attributes The following ou...

Страница 145: ...tate as transmitted by the Actor in LACPDUs Format show lacp actor unit slot port all Mode Privileged EXEC Parameter Description System Priority The administrative value of priority associated with th...

Страница 146: ...p or down Trap Flag Shows whether trap flags are enabled or disabled Type Shows whether the port channel is statically or dynamically maintained Mbr Ports The members of this port channel Active Ports...

Страница 147: ...ed or disabled The factory default is enabled Type The status designating whether a particular port channel LAG is statically or dynamically maintained Static The port channel is statically maintained...

Страница 148: ...he administrative mode of the session If enabled the probe port monitors all the traffic received and transmitted on the physical monitored port no monitor session Use this command without optional pa...

Страница 149: ...rface unit slot port destination interface unit slot port mode Mode Global Config Note This is a stand alone no command This command does not have a normal form Default enabled Format no monitor Mode...

Страница 150: ...ast MAC address filters and multicast MAC address filters with source port lists the maximum number of static MAC filters supported is 20 For multicast MAC address filters with destination ports confi...

Страница 151: ...nid parameter must identify a valid VLAN macfilter adddest Use this command to add the interface to the destination filter set for the MAC filter with the given macaddr and VLAN of vlanid The macaddr...

Страница 152: ...addr parameter must be specified as a 6 byte hexadecimal number in the format of b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN no macfilter adddest all This command removes all por...

Страница 153: ...b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN macfilter addsrc all This command adds all interfaces to the source filter set for the MAC filter with the MAC address of macaddr and...

Страница 154: ...on only for that MAC address and VLAN show mac address table staticfiltering This command displays the Static Filtering entries in the Multicast Forwarding Database MFDB table Format no macfilter adds...

Страница 155: ...and or filtering information As the data is gleaned from the MFDB the address will be a multicast address The format is 6 or 8 two digit hexadecimal numbers that are separated by colons for example 01...

Страница 156: ...dress Use this command to disable verification of the source MAC address with the client hardware address ip dhcp snooping database Use this command to configure the persistent location of the DHCP Sn...

Страница 157: ...value ip dhcp snooping binding Use this command to configure static DHCP Snooping binding no ip dhcp snooping binding mac address Use this command to remove the DHCP static entry from the DHCP Snoopi...

Страница 158: ...fault burst level is 1 second with a range of 1 to 15 seconds no ip dhcp snooping limit Use this command to set the rate at which the DHCP Snooping messages come and the burst level to the defaults Fo...

Страница 159: ...ing DHCP messages filtration by the DHCP Snooping application ip dhcp snooping trust Use this command to configure the port as trusted no ip dhcp snooping trust Use this command to configure the port...

Страница 160: ...l be filtered based on the IP and MAC addresses no ip verify source Use this command to disable the IPSG configuration in the hardware You cannot disable port security alone if it is configured show i...

Страница 161: ...nooping binding entries To restrict the output use the following options Dynamic Restrict the output based on DCHP snooping Interface Restrict the output based on a specific interface Static Restrict...

Страница 162: ...ple CLI display output for the command switch show ip dhcp snooping database Term Definition MAC Address Displays the MAC address for the binding that was added The MAC address is the key to the bindi...

Страница 163: ...0 0 0 1 0 5 0 0 0 1 0 6 0 0 0 1 0 7 0 0 0 1 0 8 0 0 0 1 0 9 0 0 0 1 0 10 0 0 0 1 0 11 0 0 0 1 0 12 0 0 0 1 0 13 0 0 0 Format show ip dhcp snooping statistics Mode Privileged EXEC User EXEC Term Defin...

Страница 164: ...fic interface clear ip dhcp snooping statistics Use this command to clear all DHCP Snooping statistics show ip verify source Use this command to display the IPSG configurations on all ports Format cle...

Страница 165: ...this interface IP Address IP address of the interface MAC Address If MAC address filtering is not configured on the interface the MAC Address field is empty If port security is disabled on the interf...

Страница 166: ...aches of its unsuspecting neighbors The miscreant sends ARP requests or responses mapping another station s IP address to its own MAC address DAI relies on DHCP snooping DHCP snooping listens to DHCP...

Страница 167: ...ly the src mac and dst mac validations are disabled as a result of the second command no ip arp inspection validate Use this command to disable the additional validation checks on the received ARP pac...

Страница 168: ...ted for Dynamic ARP Inspection ip arp inspection limit Use this command to configure the rate limit and burst interval values for an interface Configuring none for the limit means the interface is not...

Страница 169: ...tch a permit statement are dropped without consulting the DHCP snooping bindings no ip arp inspection filter Use this command to unconfigure the ARP ACL used to filter invalid ARP packets on a list of...

Страница 170: ...a rule for a valid IP address and MAC address combination used in ARP packet validation no permit ip host mac host Use this command to delete a rule for a valid IP and MAC combination Format arp acce...

Страница 171: ...ion Mac Validation Disabled IP Address Validation Disabled Vlan Configuration Log Invalid ACL Name Static flag 10 Enabled Enabled H2 Enabled 11 Disabled Enabled 12 Enabled Disabled Format show ip arp...

Страница 172: ...he command show ip arp inspection statistics vlan vlan list VLAN DHCP ACL DHCP ACL Bad Src Bad Dest Invalid Drops Drops Permits Permits MAC MAC IP Format show ip arp inspection statistics vlan vlan li...

Страница 173: ...rgument the command displays the values for that interface whether the interface is enabled for DAI or not Example The following shows example CLI display output for the command Switch show ip arp ins...

Страница 174: ...mac host 00 03 04 05 06 08 IGMP Snooping Configuration Commands This section describes the commands you use to configure IGMP snooping The software supports IGMP Versions 1 2 and 3 The IGMP snooping f...

Страница 175: ...MP application supports the following activities Validation of the IP header checksum as well as the IGMP header checksum and discarding of the frame upon checksum error Maintenance of the forwarding...

Страница 176: ...ed interface or VLAN Enabling fast leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an IGMP leave message for that multicast group...

Страница 177: ...the interface from the entry This value must be greater than the IGMPv3 Maximum Response time value The range is 2 to 3600 seconds no set igmp groupmembership interval This command sets the IGMPv3 Gr...

Страница 178: ...he interface or VLAN to the default value set igmp mcrtrexpiretime This command sets the Multicast Router Present Expiration time The time is set for the system on a particular interface or VLAN This...

Страница 179: ...he multicast router mode enabled no set igmp mrouter This command disables multicast router mode for a particular VLAN ID vlan_id Format set igmp mcrtrexpiretime 0 3600 Mode Global Config Interface Co...

Страница 180: ...filtering of unknown multicast packets to the VLAN Packets with an unknown mulicast address in the destination field will be dropped This command is mainly used when IGMP snooping is enabled to preve...

Страница 181: ...MP Snooping is enabled VLANS Enabled for IGMP Snooping The list of VLANS on which IGMP Snooping is enabled Term Definition IGMP Snooping Admin Mode Indicates whether IGMP Snooping is active on the int...

Страница 182: ...ing in the VLAN before deleting the interface from the entry This value may be configured Maximum Response Time The amount of time the switch waits after it sends a query on an interface participating...

Страница 183: ...rmat show igmpsnooping mrouter vlan unit slot port Mode Privileged EXEC Term Definition Interface The port on which multicast router information is being displayed VLAN ID The list of VLANs of which t...

Страница 184: ...GMP Snooping is operationally disabled on it IGMP Snooping Querier functionality is disabled on that VLAN IGMP Snooping functionality is re enabled if IGMP Snooping is operational on the VLAN The IGMP...

Страница 185: ...ry Use this command to set the IGMP Querier timer expiration period It is the time period that the switch remains in Non Querier mode once it has discovered that there is a Multicast Querier in the ne...

Страница 186: ...f the Snooping Querier finds that the other Querier s source address is better less than the Snooping Querier s address it stops sending periodic queries If the Snooping Querier wins the election then...

Страница 187: ...nt of time to wait in the Non Querier operational state before moving to a Querier state Field Description VLAN Admin Mode Indicates whether iGMP Snooping Querier is active on the VLAN VLAN Operationa...

Страница 188: ...the most recent Querier from which a Query was received on this VLAN Default disabled Format set mld Mode Global Config Interface Config Format no set mld vlanid Mode VLAN Mode Default disabled Forma...

Страница 189: ...ng source MAC address are forwarded normally and all other packets are discarded Format no set mld maxresponse Mode Global Config Interface Config Default 0 Format set mld mcrtexpiretime 0 3600 Mode G...

Страница 190: ...This command sets the maximum number of dynamically locked MAC addresses allowed on a specific port no port security max dynamic This command resets the maximum number of dynamically locked MAC addre...

Страница 191: ...t security mac address This command adds a MAC address to the list of statically locked MAC addresses The vid is the VLAN ID no port security mac address This command removes a MAC address from the li...

Страница 192: ...pecify the following information appears show port security dynamic This command displays the dynamically locked MAC addresses for the port Format port security mac address move Mode Interface Config...

Страница 193: ...col LLDP which is defined in the IEEE 802 1AB specification LLDP allows stations on an 802 LAN to advertise major capabilities and physical descriptions The advertisements allow a network management s...

Страница 194: ...s command to return the reception of LLDPDUs to the default value lldp timers Use this command to set the timing parameters for local data transmission on ports enabled for LLDP The interval seconds d...

Страница 195: ...B basic management set are transmitted in the LLDPDUs Use sys name to transmit the system name TLV To configure the system name see snmp server on page 7 41 Use sys descto transmit the system descript...

Страница 196: ...LDPDUs no lldp transmit mgmt Use this command to include transmission of the local system management address information in the LLDPDUs Use this command to cancel inclusion of the management informati...

Страница 197: ...tween sending notifications The valid interval range is 5 3600 seconds no lldp notification interval Use this command to return the notification interval to the default value clear lldp statistics Use...

Страница 198: ...rmat clear lldp remote data Mode Global Config Format show lldp Mode Privileged Exec Term Definition Transmit Interval How frequently the system transmits local data LLDPDUs in seconds Transmit Hold M...

Страница 199: ...ment address information in the LLDPDUs Format show lldp statistics unit slot port all Mode Privileged Exec Term Definition Last Update The amount of time since the last update to the remote table in...

Страница 200: ...V Unknowns Total number of LLDP TLVs received on the port where the type value is in the reserved range and not recognized TLV MED Total number of LLDP MED TLVs received on the local ports TVL802 1 To...

Страница 201: ...FC E3 90 04 11 0 8 0 9 0 10 0 11 0 12 More or q uit show lldp remote device detail Use this command to display detailed information about remote devices that transmit current LLDP data to an interfac...

Страница 202: ...vice System Description Describes the remote system by identifying the system name and versions of hardware operating system and networking software supported in the device Port Description Describes...

Страница 203: ...ort Description The port description associated with the interface Format show lldp local device detail unit slot port Mode Privileged EXEC Term Definition Interface The interface that sends the LLDPD...

Страница 204: ...E management and inventory management lldp med Use this command to enable MED By enabling MED you will be effectively enabling the transmit and receive function of LLDP no lldp med Use this command to...

Страница 205: ...otocol Data Units LLDPDUs Default enabled Format lldp med confignotification Mode Interface Config Format no lldp med confignotification Mode Interface Config Default By default the capabilities and n...

Страница 206: ...command to configure all the ports to send the topology change notification no lldp med confignotification all Use this command to disable all the ports to send the topology change notification Forma...

Страница 207: ...set will be transmitted in the Link Layer Discovery Protocol Data Units LLDPDUs Default 3 Format lldp med faststartrepeatcount count Mode Global Config Format no lldp med faststartrepeatcount Mode Gl...

Страница 208: ...t tlv all capabilities network policy ex pse ex pd location inventory Mode Global Config Format show lldp med Mode Privileged Exec Term Definition Fast Start Repeat Count The number of LLDP PDUs that...

Страница 209: ...sabled Disabled Disabled 0 1 1 0 8 Down Disabled Disabled Disabled 0 1 1 0 9 Down Disabled Disabled Disabled 0 1 1 0 10 Down Disabled Disabled Disabled 0 1 1 0 11 Down Disabled Disabled Disabled 0 1 1...

Страница 210: ...XEC Term Definition Media Application Type Shows the application type Types are unknown voice voicesignaling guestvoice guestvoicesignaling sfotphonevoice videoconferencing streamingvideo videosignali...

Страница 211: ...D 10 Priority 5 DSCP 1 Unknown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firmware Rev xxx...

Страница 212: ...rface Remote ID Device Class 1 0 8 1 Class I 1 0 9 2 Not Defined 1 0 10 3 Class II 1 0 11 4 Class III 1 0 12 5 Network Con Format show lldp med remote device unit slot port all Mode Privileged EXEC Te...

Страница 213: ...application type Types of applications are unknown voice voicesignaling guestvoice guestvoicesignaling sfotphonevoice videoconferencing streamingvideo videosignaling VLAN Id Shows the VLAN id associa...

Страница 214: ...False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firmware Rev xxx xxx xxx Sub Type Shows the typ...

Страница 215: ...ds you use to configure Denial of Service DoS Control The software provides support for classifying and blocking specific types of Denial of Service attacks You can configure your system to monitor an...

Страница 216: ...Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress with SIP DIP the packets will be dropped if the mode is enabled n...

Страница 217: ...dos control firstfrag This command sets Minimum TCP Header Size Denial of Service protection to the default value of disabled dos control tcpfrag This command enables TCP Fragment Denial of Service pr...

Страница 218: ...g This command sets disables TCP Flag Denial of Service protections dos control l4port This command enables L4 Port Denial of Service protections If the mode is enabled Denial of Service prevention is...

Страница 219: ...ed no dos control icmp This command disables Maximum ICMP Packet Size Denial of Service protections dos control smacdmac This command enables Source MAC address Destination MAC address SMAC DMAC Denia...

Страница 220: ...ommand is only available on FSM72xxRS switches no dos control tcpport This command disables TCP L4 source destination port number Source TCP Port Destination TCP Port Denial of Service protection This...

Страница 221: ...d a source port less than 1024 or having TCP Control Flags set to 0 and TCP Sequence Number set to 0 or having TCP Flags FIN URG and PSH set and TCP Sequence Number set to 0 or having TCP Flags SYN an...

Страница 222: ...on FSM72xxRS switches dos control tcpsyn This command enables TCP SYN and L4 source 0 1023 Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of a...

Страница 223: ...YN FIN Denial of Service protection This command is only available on FSM72xxRS switches dos control tcpfinurgpsh This command enables TCP FIN and URG and PSH and SEQ 0 checking Denial of Service prot...

Страница 224: ...evention is active for this type of attack If ICMPv4 Echo Request PING packets ingress having a size greater than the configured value the packets will be dropped if the mode is enabled This command i...

Страница 225: ...l of Service protections This command is only available on FSM72xxRS switches dos control icmpfrag This command enables ICMP Fragment Denial of Service protection If the mode is enabled Denial of Serv...

Страница 226: ...bled or disabled The factory default is disabled Max ICMPv4 Pkt Size The range is 0 1023 The factory default is 512 Max ICMPv6 Pkt Size The range is 0 16384 The factory default is 512 ICMP Fragment Mo...

Страница 227: ...address aging timeout to the default value TCP FIN URG PSH Mode May be enabled or disabled The factory default is disabled TCP Flag Sequence Mode May be enabled or disabled The factory default is dis...

Страница 228: ...dress for which the switch has forwarding and or filtering information The format is two digit hexadecimal numbers separated by colons for example 01 23 45 67 89 AB In an IVL system the MAC address wi...

Страница 229: ...his command disables ISDP on the switch Format show mac address table stats Mode Privileged EXEC Term Definition Max MFDB Table Entries The total number of entries that can possibly be in the Multicas...

Страница 230: ...imer This command sets the period of time between sending new ISDP packets The range is given in seconds isdp advertise v2 This command enables the sending of ISDP version 2 packets from the device no...

Страница 231: ...isdp counters This command clears ISDP counters clear isdp table This command clears entries in the ISDP table show isdp This command displays global ISDP settings Default Enabled Format isdp enable...

Страница 232: ...apability of the device serialNumber indicates that the device uses a serial number as the format for its Device ID macAddress indicates that the device uses a Layer 2 MAC address as the format for it...

Страница 233: ...tisement was received Port ID The port ID of the interface from which the neighbor sent the advertisement Hold Time The hold time advertised by the neighbor Version The software version that the neigh...

Страница 234: ...rface from which the neighbor sent the advertisement Hold Time The hold time advertised by the neighbor Advertisement Version The version of the advertisement packet received from the neighbor Entry L...

Страница 235: ...ISDPv2 packets transmitted ISDP Bad Header Number of packets received with a bad header ISDP Checksum Error Number of packets received with a checksum error ISDP Transmission Failure Number of packets...

Страница 236: ...Commands on page 4 30 Address Resolution Protocol ARP Commands This section describes the commands you use to configure ARP and to view ARP information on the switch ARP associates IP addresses with M...

Страница 237: ...ess of a device on a subnet attached to an existing routing interface macaddr is a unicast MAC address for that device ip proxy arp This command enables proxy ARP on a router interface Without proxy A...

Страница 238: ...e This command configures the default ARP cache size arp dynamicrenew This command enables the ARP component to automatically renew dynamic ARP entries when they age out no arp dynamicrenew This comma...

Страница 239: ...esponse timeout time in seconds The range for seconds is between 1 10 seconds no arp resptime This command configures the default ARP request response timeout arp retries This command configures the A...

Страница 240: ...e in seconds The range for seconds is between 15 21600 seconds no arp timeout This command configures the default ARP entry ageout time clear arp cache This command causes all ARP entries of type dyna...

Страница 241: ...d EXEC Format show arp Mode Privileged EXEC Term Definition Age Time seconds The time it takes for an ARP entry to age out This is configurable Age time is measured in seconds Response Time seconds Th...

Страница 242: ...ime seconds The time it takes for an ARP entry to age out This value is configurable Age time is measured in seconds Response Time seconds The time it takes for an ARP request timeout This value is co...

Страница 243: ...command disables routing for an interface You can view the current value for this function with the show ip brief command The value is labeled as Routing Mode ip routing This command enables the IP R...

Страница 244: ...re the range for a b c and d is 1 255 The value for subnetmask is a 4 digit dotted decimal number which represents the Subnet Mask of the interface To remove all of the IP addresses primary and second...

Страница 245: ...Confirm that the associated link is also up no ip route This command deletes a single next hop to a destination static route If you use the nexthopip parameter the next hop is deleted If you use the p...

Страница 246: ...te The default distance is used when no distance is specified in these commands Changing the default distance does not update the distance of existing static routes even if they were assigned the orig...

Страница 247: ...may be fragmented by the IP stack The IP stack uses its default IP MTU and ignores the value set using the ip mtu command OSPF advertises the IP MTU in the Database Description packets it sends to it...

Страница 248: ...ow ip brief This command displays all the summary information of the IP including the ICMP rate limit configuration and the global ICMP Redirect configuration Format no ip mtu mtu Mode Interface Confi...

Страница 249: ...inal destination Routing Mode Shows whether the routing mode is enabled or disabled Maximum Next Hops The maximum number of next hops the packet can travel Maximum Routes The maximum number of routes...

Страница 250: ...d interface The possible values of this field are enable or disable This value is configurable Forward Net Directed Broadcasts Displays whether forwarding of network directed broadcasts is enabled or...

Страница 251: ...ss specifies the network for which the route is to be displayed and displays the best matching best route for the address The mask specifies the subnet mask for the given ip address When you use the l...

Страница 252: ...ed routes Format show ip route ip address protocol ip address mask longer prefixes protocol protocol all all Modes Privileged EXEC User EXEC Term Definition Route Codes The key for the routing protoco...

Страница 253: ...Type 1 E2 OSPF External Type 2 N1 OSPF NSSA External Type 1 N2 OSPF NSSA External Type 2 C 1 1 1 0 24 0 1 directly connected 0 11 C 2 2 2 0 24 0 1 directly connected 0 1 C 5 5 5 0 24 0 1 directly conn...

Страница 254: ...re used in determining the best route Lower router preference values are preferred over higher router preference values A route with a preference of 255 cannot be used to forward traffic Reject Routes...

Страница 255: ...bes the commands you use to view and configure Router Discovery Protocol settings on the switch The Router Discovery Protocol enables a host to discover the IP address of routers on the subnet ip irdp...

Страница 256: ...for the interface ip irdp holdtime This command configures the value in seconds of the holdtime field of the router advertisement sent from this interface The holdtime range is the value of maxadvert...

Страница 257: ...erval This command configures the minimum time in seconds allowed between sending router advertisements from the interface The range for minadvertinterval is three to the value of maxadvertinterval no...

Страница 258: ...rmat no ip irdp preference Mode Interface Config Format show ip irdp unit slot port all Modes Privileged EXEC User EXEC Term Definition Interface The unit slot port that matches the rest of the inform...

Страница 259: ...93 show ip vlan This command displays the VLAN routing information for all VLANs with routing enabled Preference The preference of the address as a default router address relative to other router addr...

Страница 260: ...ommand disables the circuit ID option mode for BootP DHCP Relay on the system bootpdhcprelay maxhopcount This command configures the maximum allowable relay agent hops for BootP DHCP Relay on the syst...

Страница 261: ...conds since client began booting field of the request as a factor in deciding whether to relay the request or not The parameter has a range of 0 to 100 seconds no bootpdhcprelay minwaittime This comma...

Страница 262: ...another You can define many helper addresses but the total number of address port pairs is limited to 128 for the whole device The setting of a helper address for a specific interface has precedence o...

Страница 263: ...entire list of helper addresses on that interface ip helper address Use this command to add a unicast helper address to the list of helper addresses on an interface This is the address of a DHCP serv...

Страница 264: ...nfigured helper addresses on the given interface The following shows example CLI display output for the command Format no ip helper address ip address 1 65535 dhcp domain isakmp mobile ip nameserver n...

Страница 265: ...MP Destination Unreachable messages By default the generation of ICMP Destination Unreachable messages is enabled no ip unreachables Use this command to prevent the generation of ICMP Destination Unre...

Страница 266: ...mand to limit the rate at which IPv4 ICMP error messages are sent The rate limit is configured as a token bucket with two configurable parameters burst size and burst interval The burst interval speci...

Страница 267: ...nterval Use the no form of the command to return burst interval and burst size to their default values Default burst interval of 1000 msec burst size of 100 messages Format ip icmp error interval burs...

Страница 268: ...e 5 19 DiffServ Service Commands on page 5 25 DiffServ Show Commands on page 5 26 MAC Access Control List ACL Commands on page 5 32 IP Access Control List ACL Commands on page 5 37 IPv6 Access Control...

Страница 269: ...ut 802 1p priority see Voice VLAN Commands on page 3 47 no classofservice dot1p mapping This command maps each 802 1p priority to its default internal traffic class value classofservice ip dscp mappin...

Страница 270: ...you configure an interface to use Dot1p the mode does not appear in the output of the show running config command because Dot1p is the default no classofservice trust This command sets the interface...

Страница 271: ...ed 100 no cos queue min bandwidth This command restores the default for each queue s minimum bandwidth value cos queue strict This command activates the strict priority scheduler mode for each specifi...

Страница 272: ...specific interface The unit slot port parameter is optional and is only valid on platforms that support independent per port class of service mappings If specified the 802 1p mapping table of the inte...

Страница 273: ...d The following information is repeated for each user priority show classofservice ip dscp mapping This command displays the current IP DSCP mapping to internal traffic classes for the global configur...

Страница 274: ...figuration settings are displayed Format show classofservice trust unit slot port Mode Privileged EXEC Term Definition Non IP Traffic Class The traffic class used for non IP traffic This is only displ...

Страница 275: ...ria The attributes of a DiffServ policy define the way the switch processes packets You can define policy attributes on a per class instance basis The switch applies these attributes when a match occu...

Страница 276: ...ting class definition is to delete the class and re create it diffserv This command sets the DiffServ operational mode to active While disabled the DiffServ configuration is retained and can be change...

Страница 277: ...h condition this command enters the class map mode The class map name is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying an existing DiffServ class The class type of...

Страница 278: ...map rename This command changes the name of a DiffServ class The class map name is the name of an existing DiffServ class The new class map name parameter is a case sensitive alphanumeric string from...

Страница 279: ...nd adds to the specified class definition a match condition whereby all packets are considered to belong to the class match class map This command adds to the specified class definition the set of mat...

Страница 280: ...the same Only one other class may be referenced by a class Any attempts to delete the refclassname class while the class is still referenced by any class map name fails The combined match criteria of...

Страница 281: ...dd ee ff The macmask parameter is a layer 2 MAC address bit mask which need not be contiguous and is formatted as six two digit hexadecimal numbers separated by colons e g ff 07 23 ff fe dc match dsti...

Страница 282: ...is required The port number is an integer from 0 to 65535 match ip dscp This command adds to the specified class definition a match condition based on the value of the IP DiffServ Code Point DSCP fiel...

Страница 283: ...lue of tosmask is a two digit hexadecimal number from 00 to ff The tosmask denotes the bit positions in tosbits that are used for comparison against the IP TOS field in a packet For example to check f...

Страница 284: ...p tcp udp A value of ip matches all protocol number values To specify the match condition using a numeric value notation the protocol number is a standard value assigned by IANA and is interpreted as...

Страница 285: ...s of a packet The ipaddr parameter specifies an IP address The ipmask parameter specifies an IP address bit mask and must consist of a contiguous set of leading 1 bits match srcip6 This command adds t...

Страница 286: ...olicy association to an interface to form a service Specify the policy name when you create the policy Each traffic class defines a particular treatment for packets that match the class definition You...

Страница 287: ...d traffic stream are to be dropped at ingress mirror This command specifies that all incoming packets for the associated traffic stream are copied to a specific egress interface physical port or LAG F...

Страница 288: ...f an existing DiffServ class map class This command creates an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic class through subsequent...

Страница 289: ...ter 802 1Q tag of a double VLAN tagged packet If the packet does not already contain this header one is inserted The CoS value is an integer from 0 to 7 mark ip dscp mark ip dscp This command marks al...

Страница 290: ...e conforming burst size is specified in kilobytes KB and is an integer from 1 to 128 For each outcome the only possible actions are drop set cos transmit set dscp transmit set prec transmit or transmi...

Страница 291: ...erv policy The policyname parameter is the name of an existing DiffServ policy This command may be issued at any time If the policy is currently referenced by one or more interface service attachments...

Страница 292: ...Serv is not used in the outbound direction This set of commands consists of service addition removal The CLI command root is service policy service policy This command attaches a policy to an interfac...

Страница 293: ...en the DiffServ administrative mode is enabled show class map This command displays all configuration information for the specified class The class name is the name of an existing DiffServ class Forma...

Страница 294: ...Criteria The Match Criteria fields are only displayed if they have been configured Not all platforms support all match criteria values They are displayed in the order entered by the user The fields a...

Страница 295: ...le Table Policy Table Size Current Max The current number of entries rows and the maximum allowed entries rows in the Policy Table Policy Instance Table Size Current Max Current number of entries rows...

Страница 296: ...if mark ip description is not specified Mark IP Precedence The mark re mark value used as the IP Precedence for traffic matching this class This is not displayed if mark ip precedence is not specified...

Страница 297: ...which they were created Policy Type The policy type Only inbound is supported Class Members List of all class names associated with this policy Format show diffserv service unit slot port in Mode Priv...

Страница 298: ...s in an enabled mode Term Definition Interface Valid unit slot and port number separated by forward slashes Direction The traffic direction of this interface service OperStatus The current operational...

Страница 299: ...g rules apply to MAC ACLs The maximum number of ACLs you can create is hardware dependent The limit applies to all ACLs regardless of type The system supports only Ethernet II frame types The maximum...

Страница 300: ...no mac access list extended This command deletes a MAC ACL identified by name from the system mac access list extended rename This command changes the name of a MAC Access Control List ACL The name p...

Страница 301: ...same relative order as shown in the command format The Ethertype may be specified as either a keyword or a four digit hexadecimal value from 0x0600 0xFFFF The currently supported ethertypekey values a...

Страница 302: ...on A lower number indicates higher precedence order If a sequence number is already in use for this interface and direction the specified mac access list replaces the currently attached mac access lis...

Страница 303: ...Config Interface Config Format show mac access lists name Mode Privileged EXEC Term Definition Rule Number The ordered rule number identifier defined within the MAC ACL Action The action associated w...

Страница 304: ...you cannot configure an IP ACL on the same interface Wildcard masking for ACLs operates differently from a subnet mask A wildcard mask is in essence the inverse of a subnet mask With a subnet mask th...

Страница 305: ...port match condition for the IP ACL rule You can use the port number which ranges from 0 65535 or you specify the portkey which can be one of the following keywords domain echo ftp ftpdata http smtp s...

Страница 306: ...defined for the IP header of an IPv4 frame The name parameter is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IP access list If an IP ACL by this name already...

Страница 307: ...ord or the protocol source address and destination address values must be specified The source and destination IP address fields may be specified using the Format ip access list rename name newname Mo...

Страница 308: ...number may be specified to indicate the order of this IP access list relative to other IP access lists already assigned to this interface and direction A lower number indicates higher precedence order...

Страница 309: ...CL trap mode show ip access lists This command displays an IP ACL accesslistnumber is the number used to identify the IP ACL Default none Format no ip access group accesslistnumber vlan vlan id in Mod...

Страница 310: ...source IP Mask for this rule Source L4 Port Keyword The source port for this rule Destination IP Address The destination IP address for this rule Destination IP Mask The destination IP Mask for this r...

Страница 311: ...name parameter is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access list ACL ID Access List name for a MAC or IPv6 access list or the numeric identifie...

Страница 312: ...characters uniquely identifying the IPv6 access list This command fails is an IPv6 ACL by the name newname already exists deny permit IPv6 This command creates a new rule for the current IPv6 access...

Страница 313: ...e the redirect parameter allows the traffic matching this rule to be forwarded to the specified unit slot port The assign queue and redirect parameters are only valid for a permit rule ipv6 traffic fi...

Страница 314: ...ction show ipv6 access lists This command displays an IPv6 access list and all of the rules that are defined for the IPv6 ACL Use the name parameter to identify a specific IPv6 ACL to display Note You...

Страница 315: ...ime sensitive traffic auto voip all Use this command to enable VoIP Profile on the interfaces of the switch Match All Indicates whether this access list applies to every packet Possible values are Tru...

Страница 316: ...o voip Use this command to disable VoIP Profile on the interface show auto voip Use this command to display the VoIP Profile settings on the interface or interfaces of the switch Default disabled Form...

Страница 317: ...0 v1 0 July 2009 Field Description AutoVoIP Mode The Auto VoIP mode on the interface Traffic Class The CoS Queue or Traffic Class to which all VoIP traffic is mapped to This is not configurable and de...

Страница 318: ...CP Server Commands on page 6 39 DNS Client Commands on page 6 54 Packet Capture Commands on page 6 60 Cable Test Command on page 6 82 sFlow Commands on page 6 83 Note The commands in this chapter are...

Страница 319: ...and if necessary a DNS server There are three stepss to Auto Install 1 Configuration or assignment of an IP address for the device 2 Assignment of a TFTP server 3 Obtain a configuration file for the d...

Страница 320: ...om a TFTP server boot autoinstall stop The command is used to A user may terminate the Auto Install process at any time prior to the downloading of the config file This is most optimally done when the...

Страница 321: ...lows reduced down time when you upgrade or downgrade the software delete This command deletes the supplied image file from the permanent storage The image to be deleted must be a backup image If this...

Страница 322: ...ckup images on the supplied unit node of the Stack If you do not specify a unit number the command displays image details for all nodes on the Stack The command also displays any text description asso...

Страница 323: ...section describes the commands you use to view information about system features components and configurations show arp switch This command displays the contents of the IP stack s Address Resolution P...

Страница 324: ...EC Term Definition File The file in which the event originated Line The line number of the event Task Id The task ID of the event Code The event code Time The time this event occurred Unit The unit fo...

Страница 325: ...ch Description Text used to identify the product name of this switch Machine Type The machine model as defined by the Vital Product Data Machine Model The machine model as defined by the Vital Product...

Страница 326: ...rs Collisions Frames The best estimate of the total number of collisions on this Ethernet segment Time Since Counters Last Cleared The elapsed time in days hours minutes and seconds since the statisti...

Страница 327: ...kets Received Octets The total number of octets of data received by the processor excluding framing bits but including FCS octets Packets Received Without Error The total number of packets including b...

Страница 328: ...d The number of outbound packets which were chosen to be discarded even though no errors had been detected to prevent their being deliverable to a higher layer protocol A possible reason for discardin...

Страница 329: ...numbers that are separated by colons for example 01 23 45 67 89 AB In an IVL system the MAC address will be displayed as 8 bytes Interface The port through which this address was learned Interface In...

Страница 330: ...tion Report status bytes Term Definition VLAN ID The VLAN on which the MAC address was learned Term Definition Dynamic Address count Number of MAC addresses in the forwarding database that were automa...

Страница 331: ...status The following shows an example of CLI display output for the command switch show mbuf total mbufSize 9284 0x2444 Current Time 0x1897fa MbufsFree 150 MbufsRxUsed 0 Total Rx Norm Alloc Attempts...

Страница 332: ...group name all If some but not all of the flags in that group are enabled the command displays trapflags groupname flag name Note Show running config does not display the User Password even if you se...

Страница 333: ...t show running config interface unit slot port VLAN id LAG id Mode Interface Config Format show sysinfo Mode Privileged EXEC Term Definition Switch Description Text used to identify this switch System...

Страница 334: ...er in the range of 5 to 48 After the user configured number of lines is displayed in one page the system prompts the user More or q uit Press q or Q to quit or press any key to display the next set of...

Страница 335: ...es logging to an in memory log that keeps up to 128 logs no logging buffered This command disables logging to in memory log logging buffered wrap This command enables wrapping of in memory logging whe...

Страница 336: ...li command This command disables the CLI command Logging feature logging console This command enables logging to the console You can specify the severitylevel value as either an integer from 0 to 7 or...

Страница 337: ...eger from 0 to 7 or symbolically through one of the following keywords emergency 0 alert 1 critical 2 error 3 warning 4 notice 5 info 6 or debug 7 logging host remove This command disables logging to...

Страница 338: ...ogging Shows whether CLI Command logging is enabled Console Logging Shows whether console logging is enabled ConsoleLogging Severity Filter The minimum severity to log to the console log Messages with...

Страница 339: ...full situation Buffered Log Count The count of valid entries in the buffered log Format show logging hosts unit Mode Privileged EXEC Term Definition Host Index Used for deleting hosts IP Address Hostn...

Страница 340: ...ands This section describes the commands you use to help troubleshoot connectivity issues and to restore various configurations to their factory defaults Term Definition Number of Traps Since Last Res...

Страница 341: ...ed EXEC Parameter Description ipaddr hostname The ipaddr value should be a valid IP address The hostname value should be a valid hostname initTtl Use initTtl to specify the initial time to live TTL th...

Страница 342: ...2 0 msec 0 msec 1 msec 3 172 31 0 9 277 msec 276 msec 277 msec 4 10 254 1 1 289 msec 327 msec 282 msec 5 10 254 21 2 287 msec 293 msec 296 msec 6 192 168 76 2 290 msec 291 msec 289 msec 7 0 0 0 0 0 ms...

Страница 343: ...values It does not reset the switch clear mac addr table This command clears the dynamically learned MAC addresses of the switch clear logging buffered This command clears the messages maintained in t...

Страница 344: ...ts without powering off the switch You are prompted to confirm that the password reset should proceed clear port channel This command clears all port channels LAGs clear traplog This command clears th...

Страница 345: ...ecimal characters logout This command closes the current telnet connection or resets the current serial connection ping Use this command to determine whether another computer is on the network Ping pr...

Страница 346: ...unt 3 interval 1 size 255 Pinging 192 168 254 222 with 255 bytes of data Received Response Unreachable Destination Received Response Unreachable Destination Received Response Unreachable Destination 1...

Страница 347: ...is command resets the switch without powering it off Reset means that all network connections are terminated and the boot code executes The switch uses the stored configuration to initialize the switc...

Страница 348: ...to the file and filename is the name of the file you want to upload or download For SFTP and SCP the username parameter is the username for logging into the remote server via SSH For platforms that su...

Страница 349: ...e script In case of any error the command lists all the lines at the end of the validation process and prompts you to confirm before copying the script file url nvram script destfilename noval When yo...

Страница 350: ...image2 Download an image from the remote server to either image In a stacking environment the downloaded image is distributed to the stack nodes image1 image2 url Upload either image to the remote ser...

Страница 351: ...es Simple Network Time Protocol SNTP client mode sntp client port This command sets the SNTP client port id to a value from 1 65535 no sntp client port This command resets the SNTP client port back to...

Страница 352: ...set the poll timeout for SNTP unicast clients in seconds to a value from 1 30 no sntp unicast client poll timeout This command will reset the poll timeout for SNTP unicast clients to its default value...

Страница 353: ...rom the server is based on Coordinated Universal Time UTC which is the same as Greenwich Mean Time GMT This may not be the time zone in which the switch is located Use the clock timezone command to co...

Страница 354: ...lock timezone Mode Global Config Format show sntp Mode Privileged EXEC Term Definition Last Update Time Time of last clock update Last Unicast Attempt Time Time of last transmit query in unicast mode...

Страница 355: ...hostname of configured SNTP Server Server Type Address Type of Server Server Stratum Claimed stratum of the server for the last received valid packet Server Reference ID Reference clock identifier of...

Страница 356: ...address allocations Last Attempt Time Last server attempt time for the specified server Last Update Status Last server attempt status for the server Total Unicast Requests Number of requests to the se...

Страница 357: ...ifier is required instead of hardware addresses The unique identifier is a concatenation of the media type and the MAC address For example the Microsoft client identifier for Ethernet address c819 248...

Страница 358: ...ies the default router list for a DHCP client address1 address2 address8 are valid IP addresses each made up of four decimal bytes ranging from 0 to 255 IP address 0 0 0 0 is invalid no default router...

Страница 359: ...address of a DHCP client Hardware address is the MAC address of the hardware platform of the client consisting of 6 bytes in dotted hexadecimal format Type indicates the protocol of the hardware plat...

Страница 360: ...tion of the lease for an IP address that is assigned from a DHCP server to a DHCP client The overall lease time should be between 1 86400 minutes If you specify infinite the lease is set for 60 days Y...

Страница 361: ...et mask for the specified address pool The prefix length is an integer from 0 to 32 no network This command removes the subnet number and mask bootfile The command specifies the name of the default bo...

Страница 362: ...ilable to DHCP clients One IP address is required although one can specify up to eight addresses in one command line Servers are listed in order of preference address1 is the most preferred server add...

Страница 363: ...This command removes the NetBIOS node Type next server This command configures the next server in the boot process of a DHCP client The address parameter is the IP address of the next server in the bo...

Страница 364: ...or example a3 4f 22 0c colon for example a3 4f 22 0c or white space for example a3 4f 22 0c no option This command removes the DHCP Server options The code parameter specifies the DHCP option code ip...

Страница 365: ...ss as part of a ping operation By default the number of packets sent to a pool address is 2 which is the smallest allowed number when sending packets Setting the number of packets to 0 disables this c...

Страница 366: ...ress pool no ip dhcp bootp automatic This command disables the allocation of the addresses to the bootp client The address are from the automatic address pool ip dhcp conflict logging This command ena...

Страница 367: ...om 0 to 255 IP address 0 0 0 0 is invalid clear ip dhcp server statistics This command clears DHCP server statistics counters clear ip dhcp conflict The command is used to clear an address conflict fr...

Страница 368: ...Modes Privileged EXEC User EXEC Term Definition IP address The IP address of the client Hardware Address The MAC Address or the client identifier Lease expiration The lease expiration time of the IP...

Страница 369: ...e name of the configured pool Pool Type The pool type Lease Time The lease expiration time of the IP address assigned to the client DNS Servers The list of DNS servers available to the DHCP client Def...

Страница 370: ...med Bindings The number of truncated or corrupted messages that were received by the DHCP server Message Definition DHCP DISCOVER The number of DHCPDISCOVER messages the server has received DHCP REQUE...

Страница 371: ...bled the DNS client provides a hostname lookup service to other components ip domain lookup Use this command to enable the DNS client no ip domain lookup Use this command to disable the DNS client For...

Страница 372: ...ame For an unqualified hostname xxx a DNS query is made to find the IP address corresponding to xxx yahoo com no ip domain name Use this command to remove the default domain name configured using the...

Страница 373: ...ver The preference of the servers is determined by the order they were entered no ip name server Use this command to remove a name server ip host Use this command to define static host name to address...

Страница 374: ...to remove the static host name to IPv6 address mapping in the host cache ip domain retry Use this command to specify the number of times to retry sending Domain Name System DNS queries The parameter...

Страница 375: ...this command to return to the default setting clear host Use this command to delete entries from the host name to address cache This command clears the entries from the DNS cache maintained by the sof...

Страница 376: ...Stanford edu rediff com Domain Name lookup Enabled Number of retries 5 Retry timeout period 1500 Name servers Preference order 176 16 1 18 176 16 1 19 Configured host name to address mapping Host Addr...

Страница 377: ...al can be used to decode and review the packets in detail Capturing can be performed in a variety of modes either transmit side only receive side only or both The number of packets captured will depen...

Страница 378: ...ll writes to the buffer will wrap around to allow continuous packet caputure show capture packets This command displays packets being captured from the buffer The output of the show command can be red...

Страница 379: ...bug arp Use this command to disable ARP debug protocol messages debug auto voip Use this command to enable Auto VOIP debug messages Use the optional parameters to trace H323 SCCP or SIP packets respec...

Страница 380: ...ace output The output of debug trace commands will appear on all login sessions for which debug console has been enabled The configuration of this command remains in effect for the life of the login s...

Страница 381: ...igmpsnooping packet This command enables tracing of IGMP Snooping packets received and transmitted by the switch no debug igmpsnooping packet This command disables tracing of IGMP Snooping packets De...

Страница 382: ...isabled Format debug igmpsnooping packet transmit Mode Privileged EXEC Parameter Definition TX A packet transmitted by the device Intf The interface that the packet went out on Format used is unit slo...

Страница 383: ...re displayed in the trace message Format no debug igmpsnooping transmit Mode Privileged EXEC Default disabled Format debug igmpsnooping packet receive Mode Privileged EXEC Parameter Definition RX A pa...

Страница 384: ...ved DVMRP packets and transmit traces only transmitted DVMRP packets When neither keyword is used in the command then all DVMRP packet traces are dumped Vital information such as source address destin...

Страница 385: ...displayed on the console no debug ip igmp packet Use this command to disable debug tracing of IGMP packet reception and transmission debug ip mcache packet Use this command for tracing MDATA packet r...

Страница 386: ...PIMDM packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displa...

Страница 387: ...e packet length and the interface on which the packet is received or transmitted is displayed on the console no debug ip pimsm packet Use this command to disable debug tracing of PIMSM packet receptio...

Страница 388: ...ansmission debug ipv6 mld packet Use this command to trace MLDv6 packet reception and transmission receive traces only received MLDv6 packets and transmit traces only transmitted MLDv6 packets When ne...

Страница 389: ...and transmission debug ipv6 pimsm packet Use this command to trace PIMSMv6 packet reception and transmission receive traces only received PIMSMv6 packets and transmit traces only transmitted PIMSMv6 p...

Страница 390: ...ooping packet reception and transmission receive traces only received MLD snooping packets and transmit traces only transmitted MLD snooping packets When neither keyword is used in the command then al...

Страница 391: ...Src Ip 10 50 50 1 DestIp 192 168 50 2 AreaId 0 0 0 0 Type DB_DSCR Mtu 1500 Options E Flags I M MS Seq 126166 15 JAN 02 11 03 36 10 50 50 1 2 OSPF 46300472 ospf_debug c 297 25434 Pkt RX Intf 2 0 48 Sr...

Страница 392: ...tIp The destination IP address in the IP header of the packet AreaId The area ID in the OSPF header of the packet Type Could be one of the following HELLO Hello packet DB_DSCR Database descriptor LS_R...

Страница 393: ...kets debug ospfv3 packet Use this command to enable OSPFv3 packet debug trace no debug ospfv3 packet Use this command to disable tracing of OSPFv3 packets Field Definition Length Length of packet Fiel...

Страница 394: ...0 1 DEST_IP 10 50 50 2 Type ECHO_REPLY The following parameters are displayed in the trace message no debug ping packet This command disables tracing of ICMP echo requests and responses Default disabl...

Страница 395: ...rmat debug rip packet Mode Privileged EXEC Parameter Definition TX RX TX refers to a packet transmitted by the device RX refers to packets received by the device Intf The interface that the packet cam...

Страница 396: ...e no debug sflow packet Use this command to disable sFlow debug packet trace debug spanning tree bpdu This command enables tracing of spanning tree BPDUs received and transmitted by the switch Format...

Страница 397: ...Root Priority 0x8000 Path Cost 0 The following parameters are displayed in the trace message Format no debug spanning tree bpdu Mode Privileged EXEC Default disabled Format debug spanning tree bpdu r...

Страница 398: ...00 Root_Priority 0x8000 Path_Cost 0 The following parameters are displayed in the trace message Format no debug spanning tree bpdu receive Mode Privileged EXEC Default disabled Format debug spanning...

Страница 399: ...de Privileged EXEC Note The cable test feature is supported only for copper cable It is not supported for optical fiber cable If the port has an active link while the cable test is run the link can go...

Страница 400: ...ut max datagram size ip ipv6 ip port port Mode Global Config Field Description Receiver Owner The identity string for the receiver the entity making use of this sFlowRcvrTable entry The range is 127 c...

Страница 401: ...rate sampling rate maxheadersize size Mode Interface Config Field Description Receiver Index The sFlow Receiver for this sFlow sampler to which flow samples are to be sent A value of zero 0 means that...

Страница 402: ...ng rate maxheadersize size Mode Interface Config Format sflow poller rcvr indx interval poll interval Mode Interface Config Field Description Receiver Index Enter the sFlow Receiver associated with th...

Страница 403: ...y the sFlow polling instances created on the switch Use for range Format show sflow agent Mode Privileged EXEC Field Description sFlow Version Uniquely identifies the version and implementation of thi...

Страница 404: ...rs index Mode Privileged EXEC Field Description Receiver Index The sFlow Receiver associated with the sampler poller Owner String The identity string for receiver the entity making use of this sFlowRc...

Страница 405: ...leged EXEC Field Description Sampler Data Source The sFlowDataSource slot port for this sFlow sampler This agent will support Physical ports only Receiver Index The sFlowReceiver configured for this s...

Страница 406: ...page 7 20 Access Commands on page 7 28 User Account Commands on page 7 29 SNMP Commands on page 7 40 RADIUS Commands on page 7 52 TACACS Commands on page 7 67 Configuration Scripting Commands on page...

Страница 407: ...or enable password 2 Management CPU IP address and network mask 3 System name and location information The tool is interactive and uses questions to guide you through the steps required to perform its...

Страница 408: ...sword Y N Q y Enter new password Confirm new password Password Changed The enable password required for switch configuration via the command line interface is currently not configured Do you wish to c...

Страница 409: ...leged EXEC mode From the Privileged EXEC mode you can configure the network interface network parms This command sets the IP address subnet mask and gateway of the device The IP address and the gatewa...

Страница 410: ...lly administered MAC addresses The following rules apply Bit 6 of byte 0 called the U L bit indicates whether the address is universally administered b 0 or locally administered b 1 Bit 7 of byte 0 ca...

Страница 411: ...va applet show network This command displays configuration settings associated with the switch s network interface The network interface is the logical interface used for in band connectivity with the...

Страница 412: ...lt value is 0 0 0 0 IPv6 Administrative Mode Whether enabled or disabled IPv6 Address Length The IPv6 address and length IPv6 Default Router The IPv6 default router address Burned In MAC Address The b...

Страница 413: ...figure a variety of system settings including user accounts From the Global Config mode you can enter other command modes including Line Config mode line This command gives you access to the Line Conf...

Страница 414: ...sets the maximum connect time in minutes without console activity login authentication To specify login authentication method list for remote telnet or console use the login authentication command in...

Страница 415: ...r EXEC Term Definition Serial Port Login Timeout minutes The time in minutes of inactivity on a Serial port connection after which the Switch will close the connection Any numeric value between 0 and...

Страница 416: ...e Telnet listening port and disconnects all open Telnet sessions telnet This command establishes a new outbound Telnet connection to a remote host The host value must be a valid IP address or host nam...

Страница 417: ...put telnet This command regulates new outbound Telnet connections If enabled new outbound Telnet sessions can be established until the system reaches the maximum number of simultaneous outbound Telnet...

Страница 418: ...of 0 indicates that no outbound Telnet session can be established no session limit This command sets the maximum number of simultaneous outbound Telnet sessions to the default value session timeout T...

Страница 419: ...ssions that can be established to the default value telnetcon timeout This command sets the Telnet connection session timeout value in minutes A session is active as long as the session has not been i...

Страница 420: ...for active sessions does not become effective until the session is reaccessed Also any keystroke activates the new timeout duration Format no telnetcon timeout Mode Privileged EXEC Format show telnet...

Страница 421: ...short form of the ip ssh server enable command Format show telnetcon Modes Privileged EXEC User EXEC Term Definition Remote Connection Login Timeout minutes This object indicates the number of minute...

Страница 422: ...This command disables the IP secure shell server sshcon maxsessions This command specifies the maximum number of SSH connection sessions that can be established A value of 0 indicates that no ssh con...

Страница 423: ...sessions does not become effective until the session is re accessed Also any keystroke activates the new timeout duration no sshcon timeout This command sets the SSH connection session timeout value...

Страница 424: ...e device regardless of whether they are self signed or downloaded from an outside source Term Definition Administrative Mode This field indicates whether the administrative mode of SSH is enabled or d...

Страница 425: ...existing generated or downloaded DSA key files no crypto key generate dsa Use this command to delete the DSA key files from the device Hypertext Transfer Protocol HTTP Commands This section describes...

Страница 426: ...affected no ip http server This command disables access to the switch through the Web interface When access is disabled the user cannot login to the switch s Web server ip http secure server This com...

Страница 427: ...ions in hours Configuring this value to zero will give an infinite hard timeout When this timeout expires the user will be forced to re authenticate This timer begins on initiation of the web session...

Страница 428: ...tication is used if the radius server is down no ip http authentication This command restores the authentication methods to the default ip http session maxsessions This command limits the number of al...

Страница 429: ...re authenticate This timer begins on initiation of the Web session and is re started with each access to the switch no ip http session soft timeout This command resets the soft timeout for un secure...

Страница 430: ...set to zero infinite no ip http secure session soft timeout This command restores the soft timeout for secure HTTP sessions to the default value ip http secure session hard timeout This command config...

Страница 431: ...an authentication method after radius no authentication is used if the radius server is down no ip https authentication This command restores the authentication methods to the default for http server...

Страница 432: ...vileged EXEC Default SSL3 and TLS1 Format ip http secure protocol SSL3 TLS1 Mode Privileged EXEC Format show ip http Mode Privileged EXEC Term Definition HTTP Mode Unsecure The unsecure HTTP server ad...

Страница 433: ...al port connections to the switch Secure Protocol Level s The protocol level may have the values of SSL3 TSL1 or both SSL3 and TSL1 Maximum Allowable HTTPS Sessions The number of allowable secure http...

Страница 434: ...al port connection Idle Time Time this session has been idle Session Time Total time this session has been connected Session Type Shows the type of session which can be HTTP HTTPS telnet serial or SSH...

Страница 435: ...the specified login user The valid accessmode values are readonly or readwrite The username is the login user name for which the specified access mode applies The default is readwrite for the admin us...

Страница 436: ...therefore must be at least eight characters in length The username is the user name associated with the authentication protocol You must enter the username in the same case you used when you added th...

Страница 437: ...associated with the specified encryption You must enter the username in the same case you used when you added the user To see the case of the username enter the show users command no username snmpv3 e...

Страница 438: ...he SNMPv3 user is able to set and retrieve parameters on the system If the value is set to ReadOnly the SNMPv3 user is only able to retrieve parameter information The SNMPv3 access mode may be differe...

Страница 439: ...range is 0 64 no passwords min length Use this command to set the minimum password length to the default value Term Definition User Name The full name of the user Format show users login history user...

Страница 440: ...asswords history Use this command to set the password history to the default value passwords aging Use this command to implement aging on passwords for local users When a user s password expires the u...

Страница 441: ...onsole The valid range is 1 5 The default is 0 or no lockout count enforced no passwords lock out Use this command to set the password lock out count to the default value show passwords configuration...

Страница 442: ...thod in the command line For example if none is specified as an authentication method after radius no authentication is used if the radius server is down where Default Uses the listed authentication m...

Страница 443: ...s an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line For example if none is specified as an au...

Страница 444: ...is used if the radius server is down line Uses the line password for authentication none Uses no authentication radius Uses the list of all RADIUS servers for authentication Uses username enabx where...

Страница 445: ...the same as copy system running config nvram startup config SNMP Commands This section describes the commands you use to configure Simple Network Management Protocol SNMP on the switch You can configu...

Страница 446: ...ngth of name can be up to 16 case sensitive characters no snmp server community This command removes this community name from the table The name is the community name to be deleted Default none Format...

Страница 447: ...ss for an SNMP community to 0 0 0 0 The name is the applicable community name snmp server community ipmask This command sets a client IP mask for an SNMP community The address is the associated commun...

Страница 448: ...this community cannot manage the switch until the Status is changed back to Enable no snmp server community mode This command deactivates an SNMP community If the community is disabled no SNMP request...

Страница 449: ...ess is received on a locked port no snmp server enable traps violation This command disables the sending of new violation traps snmp server enable traps This command enables the Authentication Flag Fo...

Страница 450: ...command disables Link Up Down traps for the entire switch snmp server enable traps multiusers This command enables Multiple User traps When the traps are enabled a Multiple User Trap is sent when a us...

Страница 451: ...trap This command adds an SNMP trap receiver The maximum length of name is 16 case sensitive alphanumeric characters The snmpversion is the version of SNMP The version parameter options are snmpv1 or...

Страница 452: ...addr pair must be unique Multiple entries can exist with the same name as long as they are associated with a different ipaddr The reverse scenario is also acceptable The name is the community name use...

Страница 453: ...d deactivates an SNMP trap Disabled trap receivers are unable to receive traps snmp trap link status This command enables link status traps by interface Note IP addresses in the SNMP trap receiver tab...

Страница 454: ...s Format snmp trap link status Mode Interface Config Note This command is valid only when the Link Up Down Flag is enabled Format no snmp trap link status Mode Interface Config Note This command is va...

Страница 455: ...The community string to which this entry grants access A valid entry is a case sensitive alphanumeric string of up to 16 characters Each row of this table must contain a unique community name Client I...

Страница 456: ...g is case sensitive and can be up to 16 alphanumeric characters IP Address The IPv4 address to receive SNMP traps from this device IPv6 Address The IPv6 address to receive SNMP traps from this device...

Страница 457: ...her DVMRP traps are sent OSPFv2 Traps Can be enabled or disabled The factory default is disabled Indicates whether OSPF traps are sent If any of the OSPF trap flags are not enabled then the command di...

Страница 458: ...onfigured while enabling this attribute the RADIUS client uses that IP address while sending NAS IP Address attribute in RADIUS communication no radius server attribute The no version of this command...

Страница 459: ...meter the command configures the IP address or hostname to use to connect to a RADIUS authentication server You can configure up to 3 servers per RADIUS client If the maximum number of configured serv...

Страница 460: ...from the configuration Similarly if the acct token is used the previously configured RADIUS accounting server is removed from the configuration The ipaddr dnsname parameter must match the IP address o...

Страница 461: ...and is executed the secret is prompted Text based configuration supports Radius server s secrets in encrypted and non encrypted format When you save the configuration these secret keys are stored in e...

Страница 462: ...rs can be configured for each number of servers that have the same name When the RADIUS client has to perform transactions with an authenticating RADIUS server of specified name the client uses the pr...

Страница 463: ...adius server retransmit The no version of this command sets the value of this global parameter to the default value radius server timeout This command configures the global parameter for the RADIUS cl...

Страница 464: ...ries Maximum number of transmission attempts in the range 1 30 Format no radius server timeout Mode Global Config Format show radius Mode Privileged EXEC Term Definition Number of Configured Authentic...

Страница 465: ...mes a request packet is retransmitted Time Duration The configured timeout value in seconds for request re transmissions RADIUS Accounting Mode A global parameter to indicate whether the accounting mo...

Страница 466: ...port used for communication with the authenticating server Type Specifies whether this server is a primary or secondary type Current Host Address The IP address of the currently active authenticating...

Страница 467: ...Enable Number of Retransmits 4 Time Duration 10 RADIUS Accounting Mode Disable RADIUS Attribute 4 Mode Enable RADIUS Attribute 4 Value 192 168 37 60 show radius accounting This command displays a sum...

Страница 468: ..._RADIUS_Server Host Address 192 168 37 200 RADIUS Accounting Mode Disable Port 1813 Secret Configured Yes show radius accounting statistics This command displays a summary of statistics for the config...

Страница 469: ...ransmission The number of RADIUS Accounting Request packets retransmitted to this RADIUS accounting server Responses The number of RADIUS packets received on the accounting port from this server Malfo...

Страница 470: ...dnsname The DNS name of the server servername The alias name to identify the server RADIUS Server Name The name of the authenticating server Server Host Address The IP address of the host Access Reque...

Страница 471: ...onses 0 Bad Authenticators 0 Pending Requests 0 Malformed Access Responses The number of malformed RADIUS Access Response packets received from this server Malformed packets include packets with an in...

Страница 472: ...r text over the network TACACS uses TCP to ensure reliable delivery and a shared key configured on the client and daemon server to encrypt all messages tacacs server host Use the tacacs server host co...

Страница 473: ...ypted format enter the key along with the encrypted keyword In the show running config command s display these secret keys are displayed in encrypted format You cannot show these keys in plain text fo...

Страница 474: ...ters Text based configuration supports TACACS server s secrets in encrypted and non encrypted format When you save the configuration these secret keys are stored in encrypted format only If you want t...

Страница 475: ...e is used The timeout parameter has a range of 1 30 and is the timeout value in seconds show tacacs Use the show tacacs command to display the configuration and statistics of a TACACS server Default 0...

Страница 476: ...tions Scripts must conform to the following rules Script files are not distributed across the stack and only live in the unit that is the master unit at the time of the file download The file extensio...

Страница 477: ...tch script list This command lists all scripts present on the switch as well as the remaining available space Note To specify a blank password for a user in the configuration script you must specify i...

Страница 478: ...script on any given device Pre login Banner and System Prompt Commands This section describes the commands you use to configure the pre login banner and the system prompt The pre login banner is the...

Страница 479: ...length of name may be up to 64 alphanumeric characters Default none Format copy Code Sample Variable tftp ipaddr filepath filename Code Sample Variable nvram clibanner copy nvram clibanner Code Sampl...

Страница 480: ...erstanding of the system configuration and details of the problem will assist NETGEAR Inc in determining the root cause of such a problem The Log Messages chapter includes the following sections Core...

Страница 481: ...ace creation out of order NIM NIM event x intf x component x in wrong phase An event was issued to NIM during the wrong configuration phase probably Phase 1 2 or WMU NIM NIM Failed to notify users of...

Страница 482: ...the sizes version size expected version size differ The configuration file which was loaded was of a different size than expected for the version number This message indicates the configuration file n...

Страница 483: ...CP Filtering Error on call to sysapiCfgFileWrite file Error on trying to save configuration Table 8 6 NVStore Log Messages Component Message Cause NVStore Building defaults for file XXX A component s...

Страница 484: ...tempting to read data from the RADIUS server RADIUS RADIUS Accounting Response failed to validate id xxx The RADIUS Client received an invalid message from the server RADIUS RADIUS User xxx needs to r...

Страница 485: ...S TACACS received invalid packet type from server Received packet type that is not supported TACACS TACACS invalid major version in received packet Major version mismatch TACACS TACACS invalid minor v...

Страница 486: ...specified connection type EmWeb ewsNetHTTPReceive failure in NetReceiveLoop closing connection Socket receive failure EmWeb EmWeb connection allocation failed Memory allocation failure for the new con...

Страница 487: ...p upload result Unknown error returned while uploading file using TFTP from web interface WEB Web UI Screen with unspecified access attempted to be brought up Failed to get application specific author...

Страница 488: ...e SSLT SSLT Msg Queue is full event XXXX Failed to send the received message to the SSLT message queue as message queue is full XXXX indicates the event to be sent SSLT SSLT Unknown UI event in messag...

Страница 489: ...configuration cannot be saved Protected Ports protectedPortCnfgrInitPhase1Process Unable to create r w lock for protectedPort This appears when protectedPortCfgRWLock Fails Protected Ports protectedP...

Страница 490: ...table IPsubnet vlans vlanIpSubnetVlanChangeCallback Failed to add an Entry This appears when a dtl fails to add an entry for a vlan add notify event IPsubnet vlans vlanIpSubnetVlanChangeCallback Faile...

Страница 491: ...ailed Failed sending message to RADIUS server 802 1X dot1xRadiusAcceptProcess error calling radiusAccountingStart ifIndex xxx Failed sending accounting start to RADIUS server 802 1X function failed se...

Страница 492: ...ILURE The garpPduQueue is full logs specific of the GPDU internal interface number vlan id buffer handle etc GARP GVRP GMRP garpMapIntfIsConfigurable gmrpMapIntfIsConfigurable Error accessing GARP GMR...

Страница 493: ...lantagIntfIsConfigurable Error accessing dvlantag config data for interface d A default configuration does not exist for this interface Typically a case when a new interface is created and has no pre...

Страница 494: ...emberSetModify dot1qVlanTaggedMemberSetModify Dynamic entry d can only be modified after it is converted to static If this vlan is a learnt via GVRP then we cannot modify it s member set via managemen...

Страница 495: ...ges Component Message Cause ACL Total number of ACL rules x exceeds max y on intf i The combination of all ACLs applied to an interface has resulted in requiring more rules than the platform supports...

Страница 496: ...Policy invalid for service intf policy name intIfNum x direction y The DiffServ policy definition is not compatible with the capabilities of the interface specified Check the platform release notes fo...

Страница 497: ...e current size of the database OSPFv2 The number of LSAs 25165 in the OSPF LSDB has exceeded the LSDB memory allocation When the OSPFv2 LSDB becomes full OSPFv2 logs this message OSPFv2 reoriginates i...

Страница 498: ...iodically verifies the checksum of each LSA in memory OSPFv3 logs this Table 8 40 Routing Table Manager Log Messages Component Message Cause Routing Table Manager RTO is full Routing table contains 80...

Страница 499: ...RP ignored an incoming message whose time to live TTL in the IP header was not 255 Table 8 42 ARP Log Message Component Message Cause ARP ARP received mapping for IP address xxx to MAC address yyy Thi...

Страница 500: ...g IGMP data pipe Error opening IGMP data pipe When we fail to create open IGMP data pipe for Mcast data messages IGMP Error getting memory for source record When we are unable to allocate memory for a...

Страница 501: ...e entry into cache PIM_SM Config error Trying to add static RP Dynamic RP with same ip addr exists Router learns RP group mapping through Bootstrap messages received This message pops when the static...

Страница 502: ...ring a neighbor DVMRP dvmrp_recv_prune failed getting memory for prune Failed to allocate memory while receiving a prune DVMRP dvmrp_new_route failed getting memory for route Failed to get memory for...

Страница 503: ...apiBroadQosCosQueueConfig Failed to configure minimum bandwidth Available bandwidth x Attempting to configure the bandwidth beyond it s capabilities OS USL failed to put sync response on queue A respo...

Страница 504: ...e to a transport failure or API issue on remote unit A synchronization retry will be issued OS Invalid LAG id x Possible synchronization issue between the BCM driver and HAPI OS Invalid uport calculat...

Страница 505: ...ndicates the file system may be corrupted OSAPI ftruncate failed File is open for reading only ftruncate is called to correctly set the file s size in the file system after a write The file is opened...

Страница 506: ...all to remove the interface from the route table the attempt to get the ipv4 interface mask from the stack failed OSAPI osapiCleanupIf NetIpDel During the call to remove the interface from the route t...

Страница 507: ...nd HTTPS web connections In addition Captive Portal can be configured to use an optional HTTP port in support of HTTP Proxy networks If configured this additional port is then used exclusively by Capt...

Страница 508: ...rt Use this command to reset the HTTP port to the default number 80 https port Use this command to configure an additional HTTPS port for captive portal to monitor The valid range is from 0 to 65535 D...

Страница 509: ...s to be served again in order for the client to gain access to the network no authentication timeout Use this command to reset the authentication timeout to the default show captive portal Use this co...

Страница 510: ...ows the reason why the operational is disabled CP IP Address It is the captive portal server IP address Format show captive portal status Mode Privileged EXEC mode Term Definition Additional HTTP Port...

Страница 511: ...e commands in this section are related to captive portal configurations configuration Captive Portal Use this command to enter the captive portal instance mode The captive portal configuration identif...

Страница 512: ...nfiguration name Use this command to configure the name for a captive portal configuration The cp name can be up to 32 alphanumeric characters in length Format no configuration 1 10 Mode Captive Porta...

Страница 513: ...o allow access for guest users users that do not have assigned user names and passwords User verification can also be configured to allow access for authenticated users Authenticated users are require...

Страница 514: ...mmand user group 1 10 to create a group ID The default group ID is 1 for a captive portal configuration no group Use this command to reset the group number to the default redirect Captive Portal Use t...

Страница 515: ...e rate is in bits per seconds 0 indicates limit not enforced no max bandwidth down Use this command to reset the maximum rate to the default max bandwidth up Use this command to configure the maximum...

Страница 516: ...his limit has been reached the user will be disconnected The number of octets is in bytes 0 indicates limit not enforced no max input octets Use this command to reset the limit to the default Default...

Страница 517: ...and to configure the maximum number of octets the user is allowed to transfer i e the sum of octets transmitted and received After this limit has been reached the user will be disconnected The number...

Страница 518: ...timeout to the default idle timeout Use this command to configure the idle timeout for a captive portal configuration 0 indicates timeout not enforced After an idle session has been reached this the u...

Страница 519: ...ions using a text based format no locale This command is intended to delete a locale The default locale cannot be deleted interface Captive Portal Use this command to associate an interface with a cap...

Страница 520: ...a captive portal instance is a temporary command executed by the administrator and not saved in the configuration no block Use this command to unblock traffic Captive Portal Status Commands This sect...

Страница 521: ...captive portal ID If you do not specify an interface number all the interfaces assigned to the captive portal configuration will be displayed Format show captive portal configuration 1 10 Mode Privil...

Страница 522: ...erface Description Unit 1 Slot 0 Port 1 Gigab Operational Status Disabled Disable Reason Interface Not Attached Block Status Not Blocked Authenticated Users 0 Term Definition CP ID The captive portal...

Страница 523: ...up Name The name of the group associated with this captive portal instance Redirect URL Mode The redirect mode for this captive portal instance Redirect URL The redirect URL is up to 512 characters Se...

Страница 524: ...est Group Name group123 Redirect URL Mode Enabled Redirect URL www cnn com Session Timeout seconds 86400 Idle Timeout seconds 600 Max Bandwidth Up bytes sec 0 Max Bandwidth Down bytes sec 0 Max Input...

Страница 525: ...portal client status Use this command to display client connection details or a connection summary for connected captive portal users macaddr is Client MAC address If no macaddr is entered all the cl...

Страница 526: ...Address 10 254 96 47 Protocol Mode https Verification Mode Local CP ID 1 CP Name cp1 Interface 1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigabit Level User Name user123 Session Time 0d 00 00 13...

Страница 527: ...Received The number of bytes received from the client Bytes Transmitted The number of bytes transmitted to the client Packets Received The number of packets received from the client Packets Transmitt...

Страница 528: ...col Verification 0002 BC00 1290 10 254 96 47 1 cp1 http local 0002 BC00 1291 10 254 96 48 2 cp2 http local show captive portal configuration client status Use this command to display the clients authe...

Страница 529: ...2 BC00 1290 10 254 96 47 1 0 1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1291 10 254 96 48 1 0 2 Unit 1 Slot 0 Port 2 Gigabit captive portal client deauthenticate Use this command to deauthenticate a spe...

Страница 530: ...ds The following section describes captive portal local user commands user password Use this command to create a local user or change the password for an existing user The user id is user ID in the ra...

Страница 531: ...re execute this command You can create the local user using user password first user group Use this command to associate a group with a captive portal user A user must be associated with at least one...

Страница 532: ...er session timeout Use this command to reset the session timeout to the default user idle timeout Use this command to set the session idle timeout value for a captive portal user 1 128 is the user ID...

Страница 533: ...down Use this command to reset the limit to the default user max bandwidth up Use this command to configure the bandwidth at which the client can send data into the Network 1 128 is the user ID The ra...

Страница 534: ...is command to reset the limit to the default user max output octets Use this command to limit the number of octets the user is allowed to receive After this limit has been reached the user will be dis...

Страница 535: ...the user ID The range of octets is 0 4294967295 0 indicates to use the global limit Use the no form of this command to reset the limit to the default no user max total octets Use this command to rese...

Страница 536: ...client can send data into the network If the value is 0 then use the value configured for the captive portal Max Bandwidth Down bytes sec Maximum client receive rate b s Limits the bandwidth at which...

Страница 537: ...dth Up bytes sec 0 Max Bandwidth Down bytes sec 0 Max Input Octets bytes 0 Max Output Octets bytes 0 Max Total Octets bytes 0 Group ID Group Name 1 Default 2 group2 clear captive portal users Use this...

Страница 538: ...0 is the user group ID The name can be a string up to 32 characters user group rename Use this command to change a group s ID to a different group ID Default 1 Format user group 1 10 Mode Captive Port...

Страница 539: ...chesize 4 3 arp dynamicrenew 4 3 arp purge 4 4 arp resptime 4 4 arp retries 4 4 arp timeout 4 5 assign queue 5 20 authentication timeout 9 3 authorization network radius 7 52 auto negotiate 3 3 auto n...

Страница 540: ...ers 6 27 clear dot1x statistics 3 63 clear host 6 59 clear igmpsnooping 6 28 clear ip arp inspection statistics 3 137 clear ip dhcp binding 6 51 clear ip dhcp conflict 6 51 clear ip dhcp server statis...

Страница 541: ...nooping packet receive 6 67 debug igmpsnooping packet transmit 6 66 debug ip acl 6 68 debug ip dvmrp packet 6 68 debug ip igmp packet 6 69 debug ip mcache packet 6 69 debug ip pimdm packet 6 70 debug...

Страница 542: ...port 3 182 dos control sipdip 3 180 dos control smacdmac 3 183 dos control tcpfinurgpsh 3 187 dos control tcpflag 3 182 dos control tcpflagseq 3 185 dos control tcpfrag 3 181 dos control tcpoffset 3 1...

Страница 543: ...tal 9 13 interface lag 3 3 interface range 3 2 interface vlan 3 3 ip access group 5 41 ip access list 5 39 ip access list rename 5 40 ip address 4 9 ip arp inspection filter 3 133 ip arp inspection li...

Страница 544: ...p http java 7 22 ip http secure port 7 26 ip http secure protocol 7 27 ip http secure server 7 21 ip http secure session hard timeout 7 25 ip http secure session maxsessions 7 24 ip http secure sessio...

Страница 545: ...dp enable 3 195 isdp holdtime 3 194 isdp run 3 193 isdp timer 3 194 key 7 69 lacp actor admin 3 93 lacp actor admin key 3 93 lacp actor admin state individual 3 94 lacp actor admin state longtimeout 3...

Страница 546: ...ansmit mgmt 3 160 lldp transmit tlv 3 159 locale 9 13 logging buffered 6 18 logging buffered wrap 6 19 logging cli command 6 19 logging console 6 20 logging host 6 20 logging host remove 6 21 logging...

Страница 547: ...8 max bandwidth down 9 9 max bandwidth up 9 9 max input octets 9 10 max output octets 9 11 max total octets 9 11 member 2 2 mirror 5 20 mode dot1q tunnel 3 45 mode dvlan tunnel 3 46 monitor session 3...

Страница 548: ...port channel load balance 3 106 port channel name 3 108 port channel static 3 102 port channel system priority 3 108 port security 3 154 port security mac address 3 155 port security mac address move...

Страница 549: ...t garp timer join 3 56 set garp timer leave 3 56 set garp timer leaveall 3 57 set gmrp adminmode 3 60 set gmrp interfacemode 3 61 set gvrp adminmode 3 58 set gvrp interfacemode 3 59 set igmp 3 138 set...

Страница 550: ...portal configuration interface 9 15 show captive portal configuration locales 9 18 show captive portal configuration status 9 17 show captive portal configuration 9 14 show captive portal interface cl...

Страница 551: ...6 10 show interfaces cos queue 5 7 show interfaces switchport 3 53 show ip access lists 5 42 show ip arp inspection 3 135 show ip arp inspection interfaces 3 137 show ip arp inspection statistics 3 13...

Страница 552: ...etail 3 167 show lldp med 3 172 show lldp med interface 3 173 show lldp med local device detail 3 174 show lldp med remote device 3 176 show lldp med remote device detail 3 177 show lldp remote device...

Страница 553: ...ecurity dynamic 3 156 show port security static 3 157 show port security violation 3 157 show private group 3 55 show process cpu 6 13 show radius 7 59 show radius accounting 7 62 show radius accounti...

Страница 554: ...ported switchtype 2 9 show switch 2 8 show switchport protected 3 52 show sysinfo 6 16 show tacacs 7 70 show tech support 6 17 show telnet 7 15 show telnetcon 7 16 show terminal length 6 18 show trapf...

Страница 555: ...nt mode 6 35 sntp client port 6 35 sntp server 6 37 sntp unicast client poll interval 6 36 sntp unicast client poll retry 6 36 sntp unicast client poll timeout 6 36 spanning tree 3 10 spanning tree bp...

Страница 556: ...3 81 storm control multicast 3 83 storm control multicast level 3 82 storm control multicast level 3 83 storm control multicast rate 3 82 storm control multicast rate 3 84 storm control unicast 3 84 s...

Страница 557: ...s 9 28 user max total octets 9 29 user name 9 25 user password 9 24 user session timeout 9 26 username 7 29 username username unlock 7 30 username nopassword 7 30 username snmpv3 accessmode 7 30 usern...

Страница 558: ...ng all 3 36 vlan priority 3 50 vlan protocol group 3 36 vlan protocol group add protocol 3 37 vlan protocol group remove 3 37 vlan pvid 3 39 vlan routing 4 24 vlan tagging 3 40 voice vlan Global Confi...

Результаты поиска

Содержание FSM726v3 - ProSafe Fast Ethernet L2 Managed Switch

Отзывы:

Похожие инструкции для FSM726v3 - ProSafe Fast Ethernet L2 Managed Switch

Бренды по названию

Популярные бренды

NETGEAR FSM726v3 - ProSafe Fast Ethernet L2 Managed Switch, Руководство CLI

Результаты поиска

Содержание FSM726v3 - ProSafe Fast Ethernet L2 Managed Switch

Отзывы:

Похожие инструкции для FSM726v3 - ProSafe Fast Ethernet L2 Managed Switch

Бренды по названию

Популярные бренды