NETGEAR ProSafe GSM7228PS Скачать руководство пользователя страница 303 | Manualshive

Страница: 303 / 569

NETGEAR ProSafe GSM7228PS Скачать руководство пользователя страница 303

ProSafe 7200 Managed Switches CLI Manual, Software Version 8.0.3

Quality of Service (QoS) Commands

6-27

v1.0, May 2010

If the class-name is specified the following fields are displayed:

If you do not specify the Class Name, this command displays a list of all defined DiffServ classes.
The following fields are displayed:

show diffserv

This command displays the DiffServ General Status Group information, which includes the
current administrative mode setting as well as the current and maximum number of rows in each of
the main DiffServ private MIB tables. This command takes no options.

Term

Definition

Class Name

The name of this class.

Class Type

A class type of ‘all’ means every match criterion defined for the class is evaluated
simultaneously and must all be true to indicate a class match.

Class Layer3
Protocol

The Layer 3 protocol for this class. Possible values are IPv4 and IPv6.

Match Criteria

The Match Criteria fields are only displayed if they have been configured. Not all platforms
support all match criteria values. They are displayed in the order entered by the user. The
fields are evaluated in accordance with the class type. The possible Match Criteria fields
are: Destination IP Address, Destination Layer 4 Port, Destination MAC Address,
Ethertype, Source MAC Address, VLAN, Class of Service, Every, IP DSCP, IP
Precedence, IP TOS, Protocol Keyword, Reference Class, Source IP Address, and
Source Layer 4 Port.

Values

The values of the Match Criteria.

Term

Definition

Class Name

The name of this class. (Note that the order in which classes are displayed is not
necessarily the same order in which they were created.)

Class Type

A class type of ‘all’ means every match criterion defined for the class is evaluated
simultaneously and must all be true to indicate a class match.

Reference Class
Name

The name of an existing DiffServ class whose match conditions are being referenced by
the specified class definition.

Format

show diffserv

Mode

Privileged EXEC

«
...
301
302
303
304
305
...
»

Содержание ProSafe GSM7228PS

Страница 1: ...202 10530 03 May 2010 NETGEAR Inc 350 Plumeria Dr San Jose CA 95124 USA ProSafe 7200 Managed Switches CLI Manual Software Version 8 0 3...

Страница 2: ...e operation of some equipment for example test transmitters in accordance with the regulations may however be subject to certain restrictions Please refer to the notes in the operating instructions Th...

Страница 3: ...er GSM7228PS and GSM752PS Publication Date May 2010 Product Family managed switch Product Name ProSafe 7200 Series Stackable Managed Switches Home or Business Product Business Language English Publica...

Страница 4: ...v1 0 May 2010 iv...

Страница 5: ...and Syntax 1 1 Command Conventions 1 2 Common Parameter Values 1 3 Unit Slot Port Naming Convention 1 3 Using the No Form of a Command 1 4 Managed Switch Modules 1 5 Command Modes 1 5 Command Completi...

Страница 6: ...53 GARP Commands 3 55 GVRP Commands 3 58 GMRP Commands 3 60 Port Based Network Access Control Commands 3 63 Storm Control Commands 3 77 Port Channel LAG 802 3ad Commands 3 89 Port Mirroring 3 112 Sta...

Страница 7: ...4 30 Chapter 5 Power Over Ethernet PoE Commands Power Over Ethernet PoE Commands 5 2 Chapter 6 Quality of Service QoS Commands Class of Service CoS Commands 6 2 Differentiated Services DiffServ Comman...

Страница 8: ...mand 7 83 sFlow Commands 7 83 Software License Commands 7 88 Chapter 8 Management Commands Configuring the Switch Management CPU 8 2 Network Interface Commands 8 4 Console Port Access Commands 8 8 Tel...

Страница 9: ...O S Support 9 26 Chapter 10 Captive Portal Commands Capitve Portal Global Commands 10 1 Captive Portal Configuration Commands 10 5 Captive Portal Status Commands 10 14 Captive Portal Client Connectio...

Страница 10: ...ProSafe 7200 Managed Switches CLI Manual Software Version 8 0 3 x v1 0 May 2010...

Страница 11: ...that the reader has an understanding of the software base and has read the appropriate specification for the relevant networking device platform It also assumes that the reader has a basic knowledge...

Страница 12: ...ecline while performance and feature sets continue to improve Devices that are capable of switching Layers 2 3 and 4 are increasingly in demand The software provides a flexible solution to these ever...

Страница 13: ...t Fixed Command prompt CLI text code italic URL links Note This format is used to highlight information of importance or special interest Tip This format is used to highlight a procedure that will sav...

Страница 14: ...manual your computer must have the free Adobe Acrobat reader installed in order to view and print PDF files The Acrobat reader is available on the Adobe Web site at http www adobe com Revision History...

Страница 15: ...tch Modules on page 1 5 Command Modes on page 1 5 Command Completion and Abbreviation on page 1 9 CLI Error Messages on page 1 9 CLI Line Editing Conventions on page 1 10 Using CLI Help on page 1 11 A...

Страница 16: ...description of the information that the command shows Command Conventions In this document the command name is in bold font Parameters are in italic font You must replace the parameter name with an ap...

Страница 17: ...he IP address in the following formats a 32 bits a b 8 24 bits a b c 8 8 16 bits a b c d 8 8 8 8 In addition to these formats the CLI accepts decimal hexadecimal and octal formats through the followin...

Страница 18: ...allocated up to the maximum number of physical slots Logical slot numbers Logical slots immediately follow physical slots and identify port channel LAG or router interfaces CPU slot numbers The CPU sl...

Страница 19: ...gement Allows management of the device through an IPv6 through an IPv6 address without requiring the IPv6 Routing package in the system The management address can be associated with the network port f...

Страница 20: ...witch line Contains commands to configure outbound telnet settings and console interface settings Policy Map Config Switch Config policy map Contains the QoS Policy Map configuration commands Policy C...

Страница 21: ...ter enable To exit to the User EXEC mode enter exit or press Ctrl Z Global Config From the Privileged EXEC mode enter configure To exit to the Privileged EXEC mode enter exit or press Ctrl Z VLAN Conf...

Страница 22: ...ter ospf To exit to the Global Config mode enter exit To return to the Privileged EXEC mode enter Ctrl Z Router RIP Config From the Global Config mode enter router rip To exit to the Global Config mod...

Страница 23: ...essages DHCPv6 Pool Config From the Global Config mode enter ip dhcpv6 pool pool name To exit to the Global Config mode enter exit To return to the Privileged EXEC mode enter Ctrl Z Stack Global Confi...

Страница 24: ...ely identify the command Table 8 CLI Editing Conventions Key Sequence Description DEL or Backspace Delete previous character Ctrl A Go to beginning of line Ctrl E Go to end of line Ctrl F Go forward o...

Страница 25: ...javamode Enable Disable mgmt_vlan Configure the Management VLAN ID of the switch parms Configure Network Parameters of the router protocol Select DHCP BootP or None as the network config protocol If...

Страница 26: ...telnet or SSH connection from a remote management host For the initial connection you must use a direct connection to the console port You cannot access the system remotely until the system has an IP...

Страница 27: ...ort stacking stack This command sets the mode to Stack Global Config Note The commands in this chapter are in one of two functional groups Note Show commands display switch settings statistics and oth...

Страница 28: ...configures the ability of a switch to become the Primary Management Unit The unit is the switch identifier The value is the preference parameter that allows the user to specify priority of one backup...

Страница 29: ...ent Unit The tounit is the switch identifier on the new Primary Management Unit Upon execution the entire stack including all interfaces in the stack is unconfigured and reconfigured with the configur...

Страница 30: ...ill be deleted and the slot will be re configured with default information for the card no slot This command removes configured information from an existing slot in the system set slot disable This co...

Страница 31: ...e mode removes the configuration from the contents of the slot If the slot is empty this administrative mode removes the configuration from any module inserted into the slot If a card is disabled all...

Страница 32: ...d Stack This command resets the entire stack or the identified unit The unit is the switch identifier The system prompts you to confirm that you want to reset the switch show slot This command display...

Страница 33: ...dentifier of the card inserted in the slot Model Identifier is a 32 character field used to identify a card This field is displayed only if the slot is full Inserted Card Description The card descript...

Страница 34: ...n Model Identifier The model identifier of the switch in the stack Model Identifier is a 32 character field assigned by the device manufacturer to identify the device Switch Status The switch status P...

Страница 35: ...ta is from pre configuration then the code version is None Detected Code in Flash The version of code that is currently stored in FLASH memory on the switch This code executes after the switch is rese...

Страница 36: ...rnet mode This command is not supported on the FSM7226RS or FSM7250RS show stack port This command displays summary stack port information for all interfaces Model Identifier The model identifier for...

Страница 37: ...d Speed Gbps of the stack port link Format show stack port counters Mode Privileged EXEC Term Definition Unit The unit number Interface The slot and port numbers Tx Data Rate Trashing data rate in meg...

Страница 38: ...lication Engineers FAEs and developers An FAE will advise on the necessity to run this command and capture this information Format show stack port diag Mode Privileged EXEC Term Definition Unit The un...

Страница 39: ...3 50 Protected Ports Commands on page 3 51 Private Group Commands on page 3 53 GVRP Commands on page 3 58 GMRP Commands on page 3 60 Port Based Network Access Control Commands on page 3 63 Storm Contr...

Страница 40: ...f an interface port interface range This command gives you access to a range of port interfaces allowing the same port configuration to be applied to a set of ports Warning The commands in this chapte...

Страница 41: ...access to the LAG link aggregation or port channel virtual interface which allows certain port configurations to be applied to the LAG interface Type a question mark after entering the interface confi...

Страница 42: ...ts no auto negotiate all This command disables automatic negotiation on all ports description Use this command to create an alpha numeric description of the port Note Automatic sensing is disabled whe...

Страница 43: ...ets and a valid integer between 1518 9216 for untagged packets no mtu This command sets the default MTU size in bytes for the interface shutdown This command disables a port Note To receive and proces...

Страница 44: ...d disables all ports no shutdown all This command enables all ports Format shutdown Mode Interface Config Format no shutdown Mode Interface Config Note You can use the shutdown all command on physical...

Страница 45: ...ays port information Format speed 100 10 half duplex full duplex Mode Interface Config Acceptable Values Definition 100h 100BASE T half duplex 100f 100BASE T full duplex 10h 10BASE T half duplex 10f 1...

Страница 46: ...Mode The desired port speed and duplex mode If auto negotiation support is selected then the duplex mode and speed is set from the auto negotiation process Note that the maximum capability of the por...

Страница 47: ...er separated by forward slashes Description Shows the port description configured via the description command Format show port status unit slot port all Mode Privileged EXEC Term Definition Interface...

Страница 48: ...enabled no spanning tree This command sets the spanning tree operational mode to disabled While disabled the spanning tree configuration is retained and can be changed but is not activated spanning tr...

Страница 49: ...d on the interface spanning tree bpduguard Use this command to enable BPDU Guard on the switch no spanning tree bpduguard Use this command to disable BPDU Guard on the switch Default enabled Format no...

Страница 50: ...hange the system configuration or have a no version spanning tree configuration name This command sets the Configuration Identifier Name for use in identifying the configuration that this switch is cu...

Страница 51: ...entifying the configuration that this switch is currently using to the default value spanning tree edgeport This command specifies that this port is an Edge Port within the common and internal spannin...

Страница 52: ...s RST BPDUs rather than MST BPDUs IEEE 802 1w functionality supported no spanning tree forceversion This command sets the Force Protocol Version parameter to the default value spanning tree forward ti...

Страница 53: ...ltiple spanning tree protocol no spanning tree guard This command disables loop guard or root guard on the interface spanning tree max age This command sets the Bridge Max Age parameter to a new value...

Страница 54: ...n and internal spanning tree to the default value spanning tree mst This command sets the Path Cost or Port Priority for this port within the multiple spanning tree instance or in the common and inter...

Страница 55: ...r Port Priority for this port within the multiple spanning tree instance or in the common and internal spanning tree to the respective default values If you specify an mstid parameter that corresponds...

Страница 56: ...ted to the deleted instance to the common and internal spanning tree The parameter mstid is a number that corresponds to the desired existing multiple spanning tree instance to be removed spanning tre...

Страница 57: ...f 0 defined as the default CIST ID is passed as the mstid this command sets the Bridge Priority parameter for the common and internal spanning tree to the default value spanning tree mst vlan This com...

Страница 58: ...d sets the Administrative Switch Port State for this port to enabled no spanning tree port mode This command sets the Administrative Switch Port State for this port to disabled spanning tree port mode...

Страница 59: ...ee edgeport all This command disables Edge Port mode for all ports within the common and internal spanning tree spanning tree bpduforwarding Normally a switch will not forward Spanning Tree Protocol S...

Страница 60: ...es between 0 and 61440 It is displayed in multiples of 4096 Bridge Identifier The bridge identifier for the CST It is made up using the bridge priority and the base MAC address of the bridge Time Sinc...

Страница 61: ...MAC address of the bridge Regional Root Path Cost Path Cost to the CST Regional Root Associated FIDs List of forwarding database identifiers currently associated with this instance Associated VLANs Li...

Страница 62: ...ge notifications and topology changes to other ports BPDU Filter Mode Enabled or disabled BPDU Flood Mode Enabled or disabled Auto Edge To enable or disable the feature that causes a port that has not...

Страница 63: ...Current spanning tree state of this port Port Role Each enabled MST Bridge Port receives a Port Role for each spanning tree The port role is one of the following values Root Port Designated Port Alter...

Страница 64: ...n the CST PortForwarding State The forwarding state of the port within the CST Port Role The role of the specified interface within the CST Auto Calculate Port Path Cost Indicates whether auto calcula...

Страница 65: ...Port Status The derived value of the edge port status True if operating as an edge port false otherwise Point To Point MAC Status Derived value indicating if this port is part of a point to point link...

Страница 66: ...enabled or disabled on the port Type Currently not used STP State The forwarding state of the port in the specified spanning tree instance Port Role The role of the specified port within the spanning...

Страница 67: ...Tree Version Version of 802 1 currently supported IEEE 802 1s IEEE 802 1w or IEEE 802 1d based upon the Force Protocol Version parameter BPDU Guard Mode Enabled or disabled BPDU Filter Mode Enabled o...

Страница 68: ...mt_vlan This command configures the Management VLAN ID no network mgmt_vlan This command sets the Management VLAN ID to the default Term Definition VLAN Identifier The VLANs associated with the select...

Страница 69: ...an list contains VlanId s in range 1 4093 Separate non consecutive IDs with and no spaces and no zeros in between the range Use for range vlan acceptframe This command sets the frame acceptance mode p...

Страница 70: ...This command disables ingress filtering If ingress filtering is disabled frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to po...

Страница 71: ...face is a valid interface number Participation options are Default VLAN ID 1 default other VLANS blank string Format vlan name 1 4093 name Mode VLAN Config Format no vlan name 1 4093 Mode VLAN Config...

Страница 72: ...Global Config Participation Options Definition include The interface is always a member of this VLAN This is equivalent to registration fixed exclude The interface is never a member of this VLAN This...

Страница 73: ...g is disabled frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN no vlan port ingressfilte...

Страница 74: ...ll This command configures the tagging behavior for all interfaces in a VLAN to disabled If tagging is disabled traffic is transmitted as untagged frames The ID is a valid VLAN identification number v...

Страница 75: ...l are ip arp and ipx no vlan protocol group add protocol This command removes the protocol from this protocol based VLAN group that is identified by this groupid The possible values for protocol are i...

Страница 76: ...each interface and protocol combination with one group If adding an interface to a group causes any conflicts with protocols currently associated with the group this command fails and the interface s...

Страница 77: ...ith protocols currently associated with the group this command will fail and the interface s will not be added to the group no protocol vlan group all This command removes all interfaces from this pro...

Страница 78: ...configures the tagging behavior for a specific interface in a VLAN to disabled If tagging is disabled traffic is transmitted as untagged frames The vlan list contains VlanId s in range 1 4093 Separat...

Страница 79: ...n number Format vlan association mac macaddr 1 4093 Mode VLAN database Format no vlan association mac macaddr Mode VLAN database Format show vlan Mode Privileged EXEC User EXEC Term Definition VLAN ID...

Страница 80: ...of this VLAN This is equivalent to registration fixed in the IEEE 802 1Q standard Exclude This port is never a member of this VLAN This is equivalent to registration forbidden in the IEEE 802 1Q stan...

Страница 81: ...selectors on the top line Port VLAN ID The VLAN ID that this port will assign to untagged frames or priority tagged frames received on this port The value must be for an existing VLAN The factory defa...

Страница 82: ...e enabled or disabled Default Priority The 802 1p priority assigned to tagged packets arriving on the port Format show vlan association subnet ipaddr netmask Mode Privileged EXEC Term Definition IP Su...

Страница 83: ...2 1Q domain dvlan tunnel ethertype This command configures the ether type for all interfaces The ether type may have the values of 802 1Q vMAN or custom If the ether type has a value of custom the opt...

Страница 84: ...s to display detailed information about Double VLAN Tunneling for the specified interface or all interfaces Note When you use the mode dvlan tunnel command on an interface it becomes a service provide...

Страница 85: ...LAN tunnel There are three different EtherType tags The first is 802 1Q which represents the commonly used value of 0x8100 The second is vMAN which represents the commonly used value of 0x88A8 If Ethe...

Страница 86: ...e data flow voice vlan Global Config Use this command to enable the Voice VLAN capability on the switch no voice vlan Global Config Use this command to disable the Voice VLAN capability on the switch...

Страница 87: ...interface parameter is not specified only the global mode of the Voice VLAN is displayed When the interface is specified none Allow the IP phone to use its own configuration to send untagged voice tra...

Страница 88: ...ng vlan priority This command configures the default 802 1p port priority assigned for untagged packets for a specific interface The range for the priority is 0 7 Term Definition Voice VLAN Interface...

Страница 89: ...the interface remains unchanged Once the interface is no longer a member of a LAG the current configuration for that interface automatically becomes effective switchport protected Global Config Use t...

Страница 90: ...the set of protected ports to which this interface is assigned show switchport protected This command displays the status of all the interfaces including protected and unprotected interfaces Note Por...

Страница 91: ...from a port in private group can be forwarded to other ports either in the same private group or anyone in the same VLAN that are not in a private group Name An optional name of the protected port gro...

Страница 92: ...total number of private groups is 192 such that the valid range for the ID is 1 192 The private group id field is optional If not specified a group id not used will be assigned automatically The mode...

Страница 93: ...ulticast Registration Protocol GMRP GARP is a protocol that allows client stations to register with the switch for membership in VLANS by using GVMP or multicast groups by using GVMP Format private gr...

Страница 94: ...o the default and only has an effect when GVRP is enabled set garp timer leave This command sets the GVRP leave time for one port Interface Config mode or all ports Global Config mode and only has an...

Страница 95: ...per port and per GARP participation The time may range from 200 to 6000 centiseconds The value 1000 centiseconds is 10 seconds You can use this command on all ports Global Config mode or a single port...

Страница 96: ...n on trunk ports and automatic VLAN pruning set gvrp adminmode This command enables GVRP on the system no set gvrp adminmode This command disables GVRP Format show garp Mode Privileged EXEC User EXEC...

Страница 97: ...isabled Join Time Leave Time and Leave All Time have no effect show gvrp configuration This command displays Generic Attributes Registration Protocol GARP information for one or all interfaces Format...

Страница 98: ...econd 0 01 seconds Leave Timer The period of time to wait after receiving an unregister request for an attribute before deleting the attribute Current attributes are a VLAN or multicast group This may...

Страница 99: ...subsequently re enabled if routing is disabled and port channel LAG membership is removed from an interface that has GARP enabled no set gmrp interfacemode This command disables GARP Multicast Registr...

Страница 100: ...ceiving an unregister request for an attribute before deleting the attribute Current attributes are a VLAN or multicast group This may be considered a buffer time for another station to assert registr...

Страница 101: ...r radius statistics This command is used to clear all RADIUS statistics Format show mac address table gmrp Mode Privileged EXEC Term Definition Mac Address A unicast MAC address for which the switch h...

Страница 102: ...mand disables Guest VLAN on the interface dot1x initialize This command begins the initialization sequence on the specified port This command is only valid if the control mode for the specified port i...

Страница 103: ...nsmit an EAPOL EAP Request Identity frame before timing out the supplicant dot1x max users Use this command to set the maximum number of clients supported on the port when MAC based dot1x authenticati...

Страница 104: ...the 802 1x port control mode on the specified port to the default value dot1x port control all This command sets the authentication mode to use on all ports Select force unauthorized to specify that t...

Страница 105: ...ified port is auto or mac based If the control mode is not auto or mac based an error will be returned dot1x re authentication This command enables re authentication of the supplicant for the specifie...

Страница 106: ...efinition guest vlan period The time in seconds for which the authenticator waits to see if any EAPOL packets are received on a port before authorizing the port and placing the port in the guest vlan...

Страница 107: ...and not operational supp timeout The value in seconds of the timer used by the authenticator state machine on this port to timeout the supplicant The supp timeout must be a value in the range 1 65535...

Страница 108: ...list of users with access to the specified port or all ports The user parameter must be a configured user no dot1x user This command removes the user from the list of users with access to the specifie...

Страница 109: ..._Default Console_Default Telnet Network_Default Network_Default SSH Network_Default Network_Default http Local https Local dot1x show dot1x This command is used to show a summary of the global dot1x c...

Страница 110: ...he control mode under which this port is operating Possible values are authorized unauthorized Reauthenticatio n Enabled Indicates whether re authentication is enabled on this port Port Status Indicat...

Страница 111: ...out The timer used by the authenticator on this port to timeout the authentication server The value is expressed in seconds and will be in the range of 1 and 65535 Maximum Requests The maximum number...

Страница 112: ...is valid The time period in seconds is returned by the RADIUS server on authentication of the port This value is valid for the port only when the port control mode is not MAC based Session Terminatio...

Страница 113: ...cently received EAPOL frame Last EAPOL Frame Source The source MAC address carried in the most recently received EAPOL frame EAP Response Id Frames Received The number of EAP response identity frames...

Страница 114: ...LAN Assigned The reason the VLAN identified in the VLAN ID field has been assigned to the port Possible values are RADIUS Unauthenticated VLAN or Default When the VLAN Assigned reason is Default it me...

Страница 115: ...a per port per type basis Configuring a storm control level also enables that form of storm control Disabling a storm control level using the no version of the command sets the storm control level ba...

Страница 116: ...active and if the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold the traffic is dropped Therefore the rate of broadcast traffic is limited to the con...

Страница 117: ...ecovery threshold to the default value for an interface and disables broadcast storm recovery storm control broadcast Global This command enables broadcast storm recovery mode for all interfaces If th...

Страница 118: ...recovery mode for all interfaces no storm control broadcast level This command sets the broadcast storm recovery threshold to the default value for all interfaces and disables broadcast storm recovery...

Страница 119: ...storm recovery is active and if the rate of L2 multicast traffic ingressing on an interface increases beyond the configured threshold the traffic will be dropped Therefore the rate of multicast traff...

Страница 120: ...default value for an interface and disables multicast storm recovery storm control multicast rate Use this command to configure the multicast storm recovery threshold for an interface in packets per s...

Страница 121: ...very mode for all interfaces storm control multicast level Global This command configures the multicast storm recovery threshold for all interfaces as a percentage of link speed and enables multicast...

Страница 122: ...of multicast traffic is limited to the configured threshold no storm control broadcast rate This command sets the broadcast storm recovery threshold to the default value for all interfaces and disabl...

Страница 123: ...re traffic ingressing on an interface increases beyond the configured threshold the traffic will be dropped Therefore the rate of unknown unicast traffic will be limited to the configured threshold Th...

Страница 124: ...d to the default value for an interface and disables unicast storm recovery storm control unicast Global This command enables unicast storm recovery mode for all interfaces If the mode is enabled unic...

Страница 125: ...ntrol unicast level This command sets the unicast storm recovery threshold to the default value and disables unicast storm recovery for all interfaces storm control unicast rate Global Use this comman...

Страница 126: ...plex mode ports no storm control flowcontrol This command disables 802 3x flow control for the switch Format no storm control unicast rate Mode Global Config Note 802 3x flow control works by pausing...

Страница 127: ...ay the per port configuration parameters for all interfaces or specify the unit slot port to display information about a specific interface Port Channel LAG 802 3ad Commands This section describes the...

Страница 128: ...o aggregate its member ports port channel This command configures a new port channel LAG and generates a logical unit slot port number for the port channel The name field is a character string which a...

Страница 129: ...D of a configured port channel deleteport Global Config This command deletes all configured ports from the port channel LAG The interface is a logical unit slot port number of a configured port channe...

Страница 130: ...ult administrative value of the key for the port channel lacp collector max delay Use this command to configure the port channel collector max delay The valid range of delay is 0 65535 Default 0x8000...

Страница 131: ...key Use this command to configure the administrative value of the LACP actor admin key The valid range for key is 0 65535 no lacp actor admin key Use this command to configure the default administrat...

Страница 132: ...et the LACP actor admin state to aggregation lacp actor admin state longtimeout Use this command to set LACP actor admin state to longtimeout Format lacp actor admin state individual Mode Interface Co...

Страница 133: ...nd to set the LACP actor admin state to passive no lacp actor admin state passive Use this command to set the LACP actor admin state to active Format no lacp actor admin state longtimeout Mode Interfa...

Страница 134: ...y value assigned to the Aggregation Port lacp actor system priority Use this command to configure the priority value associated with the LACP Actor s SystemID The range for priority is 0 to 65535 Defa...

Страница 135: ...e for key is 0 to 65535 no lacp partner admin key Use this command to configure the administrative value of the Key for the protocol partner lacp partner admin state individual Use this command to set...

Страница 136: ...gtimeout no lacp partner admin state longtimeout Use this command to set the LACP partner admin state to short timeout Note This command is only applicable to physical interfaces Format no lacp partne...

Страница 137: ...P partner admin state to active lacp partner port id Use this command to configure the LACP partner port id The valid range for port id is 0 to 65535 Format lacp partner admin state passive Mode Inter...

Страница 138: ...d to configure the LACP partner port priority The valid range for priority is 0 to 255 no lacp partner port priority Use this command to configure the default LACP partner port priority Format no lacp...

Страница 139: ...to configure the default value representing the administrative value of the Aggregation Port s protocol Partner s System ID lacp partner system priority Use this command to configure the administrativ...

Страница 140: ...imum number of allowable dynamic port channels are already present in the system the static mode for a new port channel enabled which means the port channel is static You can only use this command on...

Страница 141: ...Control Protocol LACP on a port port lacpmode enable all This command enables Link Aggregation Control Protocol LACP on all ports no port lacpmode enable all This command disables Link Aggregation Co...

Страница 142: ...partner port lacptimeout Global Config This command sets the timeout for all interfaces of a particular device type actor or partner to either long or short timeout no port lacptimeout This command se...

Страница 143: ...hannel LAG The interface is a logical unit slot port for a configured port channel The option all enables link trap notifications for all the configured port channels no port channel linktrap This com...

Страница 144: ...ype and port 6 Source Destination IP and source destination TCP UDP port no hashing mode This command sets the hashing algorithm on Trunk ports to default 3 The command is available in the interface c...

Страница 145: ...packet 3 Source Destination MAC VLAN EtherType and incoming port associated with the packet 4 Source IP and Source TCP UDP fields of the packet 5 Destination IP and Destination TCP UDP Port fields of...

Страница 146: ...priority is 0 65535 no port channel system priority Use this command to configure the default port channel system priority value show lacp actor Use this command to display LACP actor attributes The...

Страница 147: ...the actor state as transmitted by the Actor in LACPDUs Format show lacp partner unit slot port all Mode Privileged EXEC Parameter Description System Priority The administrative value of priority asso...

Страница 148: ...the link is up or down Trap Flag Shows whether trap flags are enabled or disabled Type Shows whether the port channel is statically or dynamically maintained Mbr Ports The members of this port channel...

Страница 149: ...y be enabled or disabled The factory default is enabled Type The status designating whether a particular port channel LAG is statically or dynamically maintained Static The port channel is statically...

Страница 150: ...to enabled the administrative mode of the session If enabled the probe port monitors all the traffic received and transmitted on the physical monitored port no monitor session Use this command withou...

Страница 151: ...source interface unit slot port destination interface unit slot port mode Mode Global Config Note This is a stand alone no command This command does not have a normal form Default enabled Format no m...

Страница 152: ...red For unicast MAC address filters and multicast MAC address filters with source port lists the maximum number of static MAC filters supported is 20 For multicast MAC address filters with destination...

Страница 153: ...5 b6 The vlanid parameter must identify a valid VLAN macfilter adddest Use this command to add the interface to the destination filter set for the MAC filter with the given macaddr and VLAN of vlanid...

Страница 154: ...lanid The macaddr parameter must be specified as a 6 byte hexadecimal number in the format of b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN no macfilter adddest all This command re...

Страница 155: ...the format of b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN macfilter addsrc all This command adds all interfaces to the source filter set for the MAC filter with the MAC address o...

Страница 156: ...ter information only for that MAC address and VLAN show mac address table staticfiltering This command displays the Static Filtering entries in the Multicast Forwarding Database MFDB table Format no m...

Страница 157: ...forwarding and or filtering information As the data is gleaned from the MFDB the address will be a multicast address The format is 6 or 8 two digit hexadecimal numbers that are separated by colons fo...

Страница 158: ...erify mac address Use this command to disable verification of the source MAC address with the client hardware address ip dhcp snooping database Use this command to configure the persistent location of...

Страница 159: ...the default value ip dhcp snooping binding Use this command to configure static DHCP Snooping binding no ip dhcp snooping binding mac address Use this command to remove the DHCP static entry from the...

Страница 160: ...30 pps The default burst level is 1 second with a range of 1 to 15 seconds no ip dhcp snooping limit Use this command to set the rate at which the DHCP Snooping messages come and the burst level to th...

Страница 161: ...able the logging DHCP messages filtration by the DHCP Snooping application ip dhcp snooping trust Use this command to configure the port as trusted no ip dhcp snooping trust Use this command to config...

Страница 162: ...a traffic will be filtered based on the IP and MAC addresses no ip verify source Use this command to disable the IPSG configuration in the hardware You cannot disable port security alone if it is conf...

Страница 163: ...y the DHCP Snooping binding entries To restrict the output use the following options Dynamic Restrict the output based on DCHP snooping Interface Restrict the output based on a specific interface Stat...

Страница 164: ...ng shows example CLI display output for the command switch show ip dhcp snooping database Term Definition MAC Address Displays the MAC address for the binding that was added The MAC address is the key...

Страница 165: ...0 0 0 1 0 4 0 0 0 1 0 5 0 0 0 1 0 6 0 0 0 1 0 7 0 0 0 1 0 8 0 0 0 1 0 9 0 0 0 1 0 10 0 0 0 1 0 11 0 0 0 1 0 12 0 0 0 1 0 13 0 0 0 Format show ip dhcp snooping statistics Mode Privileged EXEC User EXE...

Страница 166: ...r on a specific interface clear ip dhcp snooping statistics Use this command to clear all DHCP Snooping statistics show ip verify source Use this command to display the IPSG configurations on all port...

Страница 167: ...filtering on this interface IP Address IP address of the interface MAC Address If MAC address filtering is not configured on the interface the MAC Address field is empty If port security is disabled...

Страница 168: ...ng the ARP caches of its unsuspecting neighbors The miscreant sends ARP requests or responses mapping another station s IP address to its own MAC address DAI relies on DHCP snooping DHCP snooping list...

Страница 169: ...validation only the src mac and dst mac validations are disabled as a result of the second command no ip arp inspection validate Use this command to disable the additional validation checks on the rec...

Страница 170: ...ace as untrusted for Dynamic ARP Inspection ip arp inspection limit Use this command to configure the rate limit and burst interval values for an interface Configuring none for the limit means the int...

Страница 171: ...hat do not match a permit statement are dropped without consulting the DHCP snooping bindings no ip arp inspection filter Use this command to unconfigure the ARP ACL used to filter invalid ARP packets...

Страница 172: ...to configure a rule for a valid IP address and MAC address combination used in ARP packet validation no permit ip host mac host Use this command to delete a rule for a valid IP and MAC combination For...

Страница 173: ...led Destination Mac Validation Disabled IP Address Validation Disabled Vlan Configuration Log Invalid ACL Name Static flag 10 Enabled Enabled H2 Enabled 11 Disabled Enabled 12 Enabled Disabled Format...

Страница 174: ...output for the command show ip arp inspection statistics vlan vlan list VLAN DHCP ACL DHCP ACL Bad Src Bad Dest Invalid Drops Drops Permits Permits MAC MAC IP Format show ip arp inspection statistics...

Страница 175: ...interface argument the command displays the values for that interface whether the interface is enabled for DAI or not Example The following shows example CLI display output for the command Switch sho...

Страница 176: ...ost 2 1 1 2 mac host 00 03 04 05 06 08 IGMP Snooping Configuration Commands This section describes the commands you use to configure IGMP snooping The software supports IGMP Versions 1 2 and 3 The IGM...

Страница 177: ...abled The IGMP application supports the following activities Validation of the IP header checksum as well as the IGMP header checksum and discarding of the frame upon checksum error Maintenance of the...

Страница 178: ...on a selected interface or VLAN Enabling fast leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an IGMP leave message for that mul...

Страница 179: ...fore deleting the interface from the entry This value must be greater than the IGMPv3 Maximum Response time value The range is 2 to 3600 seconds no set igmp groupmembership interval This command sets...

Страница 180: ...se time on the interface or VLAN to the default value set igmp mcrtrexpiretime This command sets the Multicast Router Present Expiration time The time is set for the system on a particular interface o...

Страница 181: ...Id that has the multicast router mode enabled no set igmp mrouter This command disables multicast router mode for a particular VLAN ID vlan_id Format set igmp mcrtrexpiretime 0 3600 Mode Global Config...

Страница 182: ...d enables the filtering of unknown multicast packets to the VLAN Packets with an unknown mulicast address in the destination field will be dropped This command is mainly used when IGMP snooping is ena...

Страница 183: ...s on which IGMP Snooping is enabled VLANS Enabled for IGMP Snooping The list of VLANS on which IGMP Snooping is enabled Term Definition IGMP Snooping Admin Mode Indicates whether IGMP Snooping is acti...

Страница 184: ...s participating in the VLAN before deleting the interface from the entry This value may be configured Maximum Response Time The amount of time the switch waits after it sends a query on an interface p...

Страница 185: ...s located Format show igmpsnooping mrouter vlan unit slot port Mode Privileged EXEC Term Definition Interface The port on which multicast router information is being displayed VLAN ID The list of VLAN...

Страница 186: ...nabled and IGMP Snooping is operationally disabled on it IGMP Snooping Querier functionality is disabled on that VLAN IGMP Snooping functionality is re enabled if IGMP Snooping is operational on the V...

Страница 187: ...er timer expiry Use this command to set the IGMP Querier timer expiration period It is the time period that the switch remains in Non Querier mode once it has discovered that there is a Multicast Quer...

Страница 188: ...is enabled if the Snooping Querier finds that the other Querier s source address is better less than the Snooping Querier s address it stops sending periodic queries If the Snooping Querier wins the e...

Страница 189: ...out The amount of time to wait in the Non Querier operational state before moving to a Querier state Field Description VLAN Admin Mode Indicates whether iGMP Snooping Querier is active on the VLAN VLA...

Страница 190: ...P version of the most recent Querier from which a Query was received on this VLAN Default disabled Format set mld Mode Global Config Interface Config Format no set mld vlanid Mode VLAN Mode Default di...

Страница 191: ...ith a matching source MAC address are forwarded normally and all other packets are discarded Format no set mld maxresponse Mode Global Config Interface Config Default 0 Format set mld mcrtexpiretime 0...

Страница 192: ...max dynamic This command sets the maximum number of dynamically locked MAC addresses allowed on a specific port no port security max dynamic This command resets the maximum number of dynamically lock...

Страница 193: ...lt value port security mac address This command adds a MAC address to the list of statically locked MAC addresses The vid is the VLAN ID no port security mac address This command removes a MAC address...

Страница 194: ...erface you specify the following information appears show port security dynamic This command displays the dynamically locked MAC addresses for the port Format port security mac address move Mode Inter...

Страница 195: ...covery Protocol LLDP which is defined in the IEEE 802 1AB specification LLDP allows stations on an 802 LAN to advertise major capabilities and physical descriptions The advertisements allow a network...

Страница 196: ...eive Use this command to return the reception of LLDPDUs to the default value lldp timers Use this command to set the timing parameters for local data transmission on ports enabled for LLDP The interv...

Страница 197: ...n the 802 1AB basic management set are transmitted in the LLDPDUs Use sys name to transmit the system name TLV To configure the system name see snmp server on page 8 41 Use sys descto transmit the sys...

Страница 198: ...tion in the LLDPDUs no lldp transmit mgmt Use this command to include transmission of the local system management address information in the LLDPDUs Use this command to cancel inclusion of the managem...

Страница 199: ...s to wait between sending notifications The valid interval range is 5 3600 seconds no lldp notification interval Use this command to return the notification interval to the default value clear lldp st...

Страница 200: ...nterfaces Format clear lldp remote data Mode Global Config Format show lldp Mode Privileged Exec Term Definition Transmit Interval How frequently the system transmits local data LLDPDUs in seconds Tra...

Страница 201: ...system management address information in the LLDPDUs Format show lldp statistics unit slot port all Mode Privileged Exec Term Definition Last Update The amount of time since the last update to the rem...

Страница 202: ...discarded TLV Unknowns Total number of LLDP TLVs received on the port where the type value is in the reserved range and not recognized TLV MED Total number of LLDP MED TLVs received on the local ports...

Страница 203: ...3 90 01 0F 00 FC E3 90 04 11 0 8 0 9 0 10 0 11 0 12 More or q uit show lldp remote device detail Use this command to display detailed information about remote devices that transmit current LLDP data t...

Страница 204: ...he remote device System Description Describes the remote system by identifying the system name and versions of hardware operating system and networking software supported in the device Port Descriptio...

Страница 205: ...interface Port Description The port description associated with the interface Format show lldp local device detail unit slot port Mode Privileged EXEC Term Definition Interface The interface that sen...

Страница 206: ...Ethernet PoE management and inventory management lldp med Use this command to enable MED By enabling MED you will be effectively enabling the transmit and receive function of LLDP no lldp med Use thi...

Страница 207: ...Discovery Protocol Data Units LLDPDUs Default enabled Format lldp med confignotification Mode Interface Config Format no lldp med confignotification Mode Interface Config Default By default the capabi...

Страница 208: ...all Use this command to configure all the ports to send the topology change notification no lldp med confignotification all Use this command to disable all the ports to send the topology change notif...

Страница 209: ...the LLDP MED set will be transmitted in the Link Layer Discovery Protocol Data Units LLDPDUs Default 3 Format lldp med faststartrepeatcount count Mode Global Config Format no lldp med faststartrepeat...

Страница 210: ...p med transmit tlv all capabilities network policy ex pse ex pd location inventory Mode Global Config Format show lldp med Mode Privileged Exec Term Definition Fast Start Repeat Count The number of LL...

Страница 211: ...1 0 7 Down Disabled Disabled Disabled 0 1 1 0 8 Down Disabled Disabled Disabled 0 1 1 0 9 Down Disabled Disabled Disabled 0 1 1 0 10 Down Disabled Disabled Disabled 0 1 1 0 11 Down Disabled Disabled D...

Страница 212: ...Privileged EXEC Term Definition Media Application Type Shows the application type Types are unknown voice voicesignaling guestvoice guestvoicesignaling sfotphonevoice videoconferencing streamingvideo...

Страница 213: ...voice Vlan ID 10 Priority 5 DSCP 1 Unknown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firm...

Страница 214: ...y Local Interface Remote ID Device Class 1 0 8 1 Class I 1 0 9 2 Not Defined 1 0 10 3 Class II 1 0 11 4 Class III 1 0 12 5 Network Con Format show lldp med remote device unit slot port all Mode Privil...

Страница 215: ...ype Shows the application type Types of applications are unknown voice voicesignaling guestvoice guestvoicesignaling sfotphonevoice videoconferencing streamingvideo videosignaling VLAN Id Shows the VL...

Страница 216: ...P 1 Unknown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firmware Rev xxx xxx xxx Sub Type S...

Страница 217: ...es the commands you use to configure Denial of Service DoS Control The software provides support for classifying and blocking specific types of Denial of Service attacks You can configure your system...

Страница 218: ...ress SIP DIP Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress with SIP DIP the packets will be dropped if the mode...

Страница 219: ...lue to 20 no dos control firstfrag This command sets Minimum TCP Header Size Denial of Service protection to the default value of disabled dos control tcpfrag This command enables TCP Fragment Denial...

Страница 220: ...ntrol tcpflag This command sets disables TCP Flag Denial of Service protections dos control l4port This command enables L4 Port Denial of Service protections If the mode is enabled Denial of Service p...

Страница 221: ...mode is enabled no dos control icmp This command disables Maximum ICMP Packet Size Denial of Service protections dos control smacdmac This command enables Source MAC address Destination MAC address SM...

Страница 222: ...nabled This command is only available on FSM72xxRS switches no dos control tcpport This command disables TCP L4 source destination port number Source TCP Port Destination TCP Port Denial of Service pr...

Страница 223: ...g SYN set and a source port less than 1024 or having TCP Control Flags set to 0 and TCP Sequence Number set to 0 or having TCP Flags FIN URG and PSH set and TCP Sequence Number set to 0 or having TCP...

Страница 224: ...ly available on FSM72xxRS switches dos control tcpsyn This command enables TCP SYN and L4 source 0 1023 Denial of Service protection If the mode is enabled Denial of Service prevention is active for t...

Страница 225: ...sables TCP SYN FIN Denial of Service protection This command is only available on FSM72xxRS switches dos control tcpfinurgpsh This command enables TCP FIN and URG and PSH and SEQ 0 checking Denial of...

Страница 226: ...of Service prevention is active for this type of attack If ICMPv4 Echo Request PING packets ingress having a size greater than the configured value the packets will be dropped if the mode is enabled T...

Страница 227: ...et Size Denial of Service protections This command is only available on FSM72xxRS switches dos control icmpfrag This command enables ICMP Fragment Denial of Service protection If the mode is enabled D...

Страница 228: ...de May be enabled or disabled The factory default is disabled Max ICMPv4 Pkt Size The range is 0 1023 The factory default is 512 Max ICMPv6 Pkt Size The range is 0 16384 The factory default is 512 ICM...

Страница 229: ...ing database address aging timeout to the default value TCP FIN URG PSH Mode May be enabled or disabled The factory default is disabled TCP Flag Sequence Mode May be enabled or disabled The factory de...

Страница 230: ...ticast MAC address for which the switch has forwarding and or filtering information The format is two digit hexadecimal numbers separated by colons for example 01 23 45 67 89 AB In an IVL system the M...

Страница 231: ...o isdp run This command disables ISDP on the switch Format show mac address table stats Mode Privileged EXEC Term Definition Max MFDB Table Entries The total number of entries that can possibly be in...

Страница 232: ...econds isdp timer This command sets the period of time between sending new ISDP packets The range is given in seconds isdp advertise v2 This command enables the sending of ISDP version 2 packets from...

Страница 233: ...terface clear isdp counters This command clears ISDP counters clear isdp table This command clears entries in the ISDP table show isdp This command displays global ISDP settings Default Enabled Format...

Страница 234: ...e ID format capability of the device serialNumber indicates that the device uses a serial number as the format for its Device ID macAddress indicates that the device uses a Layer 2 MAC address as the...

Страница 235: ...ghbor s advertisement was received Port ID The port ID of the interface from which the neighbor sent the advertisement Hold Time The hold time advertised by the neighbor Version The software version t...

Страница 236: ...D of the interface from which the neighbor sent the advertisement Hold Time The hold time advertised by the neighbor Advertisement Version The version of the advertisement packet received from the nei...

Страница 237: ...l number of ISDPv2 packets transmitted ISDP Bad Header Number of packets received with a bad header ISDP Checksum Error Number of packets received with a checksum error ISDP Transmission Failure Numbe...

Страница 238: ...P and to view ARP information on the switch ARP associates IP addresses with MAC addresses and stores the information as ARP entries in the ARP cache arp This command creates an ARP entry The value fo...

Страница 239: ...d enables proxy ARP on a router interface Without proxy ARP a device only responds to an ARP request if the target IP address is an address configured on the interface where the ARP request arrived Wi...

Страница 240: ...e This command configures the default ARP cache size arp dynamicrenew This command enables the ARP component to automatically renew dynamic ARP entries when they age out no arp dynamicrenew This comma...

Страница 241: ...P ARP entry response timeout time in seconds The range for seconds is between 1 10 seconds no arp resptime This command configures the default ARP request response timeout arp retries This command con...

Страница 242: ...ry ageout time in seconds The range for seconds is between 15 21600 seconds no arp timeout This command configures the default ARP entry ageout time clear arp cache This command causes all ARP entries...

Страница 243: ...ode Privileged EXEC Format show arp Mode Privileged EXEC Term Definition Age Time seconds The time it takes for an ARP entry to age out This is configurable Age time is measured in seconds Response Ti...

Страница 244: ...inition Age Time seconds The time it takes for an ARP entry to age out This value is configurable Age time is measured in seconds Response Time seconds The time it takes for an ARP request timeout Thi...

Страница 245: ...routing This command disables routing for an interface You can view the current value for this function with the show ip brief command The value is labeled as Routing Mode ip routing This command ena...

Страница 246: ...d format where the range for a b c and d is 1 255 The value for subnetmask is a 4 digit dotted decimal number which represents the Subnet Mask of the interface To remove all of the IP addresses primar...

Страница 247: ...e interface Confirm that the associated link is also up no ip route This command deletes a single next hop to a destination static route If you use the nexthopip parameter the next hop is deleted If y...

Страница 248: ...l static route The default distance is used when no distance is specified in these commands Changing the default distance does not update the distance of existing static routes even if they were assig...

Страница 249: ...OSPF packets may be fragmented by the IP stack The IP stack uses its default IP MTU and ignores the value set using the ip mtu command OSPF advertises the IP MTU in the Database Description packets it...

Страница 250: ...e network show ip brief This command displays all the summary information of the IP including the ICMP rate limit configuration and the global ICMP Redirect configuration Format no ip mtu mtu Mode Int...

Страница 251: ...uter to the final destination Routing Mode Shows whether the routing mode is enabled or disabled Maximum Next Hops The maximum number of next hops the packet can travel Maximum Routes The maximum numb...

Страница 252: ...the specified interface The possible values of this field are enable or disable This value is configurable Forward Net Directed Broadcasts Displays whether forwarding of network directed broadcasts i...

Страница 253: ...le The ip address specifies the network for which the route is to be displayed and displays the best matching best route for the address The mask specifies the subnet mask for the given ip address Whe...

Страница 254: ...best connected routes Format show ip route ip address protocol ip address mask longer prefixes protocol protocol all all Modes Privileged EXEC User EXEC Term Definition Route Codes The key for the ro...

Страница 255: ...PF External Type 1 E2 OSPF External Type 2 N1 OSPF NSSA External Type 1 N2 OSPF NSSA External Type 2 C 1 1 1 0 24 0 1 directly connected 0 11 C 2 2 2 0 24 0 1 directly connected 0 1 C 5 5 5 0 24 0 1 d...

Страница 256: ...references are used in determining the best route Lower router preference values are preferred over higher router preference values A route with a preference of 255 cannot be used to forward traffic R...

Страница 257: ...uting and to view VLAN routing status information vlan routing This command creates routing on a VLAN The vlanid value has a range from 1 to 4093 no vlan routing This command deletes routing on a VLAN...

Страница 258: ...ay cidoptmode This command disables the circuit ID option mode for BootP DHCP Relay on the system Term Definition MAC Address used by Routing VLANs The MAC Address associated with the internal bridge...

Страница 259: ...it time in seconds for BootP DHCP Relay on the system When the BOOTP relay agent receives a BOOTREQUEST message it MAY use the seconds since client began booting field of the request as a factor in de...

Страница 260: ...different interfaces on the relay agent Format show bootpdhcprelay Modes Privileged EXEC User EXEC Term Definition Maximum Hop Count The maximum allowable relay agent hops Minimum Wait Time Seconds Th...

Страница 261: ...s use the DHCP relay commands Ip address Destination broadcast or host address to be used when forwarding UDP broadcasts You can specify 0 0 0 0 to indicate not to forward the UDP packet to any host a...

Страница 262: ...out an ip address argument removes the entire list of helper addresses on that interface ip helper address discard Use this command to drop matching packets no ip helper address discard Use this comma...

Страница 263: ...scribes the commands you use to configure options for the transmission of various types of ICMP messages ip unreachables Use this command to enable the generation of ICMP Destination Unreachable messa...

Страница 264: ...edirect messages is enabled no ip redirects Use this command to prevent the generation of ICMP Redirect messages by the router ip icmp echo reply Use this command to enable the generation of ICMP Echo...

Страница 265: ...e token bucket is initialized with burst size tokens burst interval is from 0 to 2147483647 milliseconds msec The burst size is the number of ICMP error messages that can be sent during one burst inte...

Страница 266: ...N access points and other Ethernet devices that use existing Cat5 cables Power over Ethernet when used in conjunction with an uninterrupted power supply UPS ensures continuous operation during power f...

Страница 267: ...ume 3 5 to 10 watts Power is carried on two wire pairs to comply with safety standards and existing cable limitations Management may also be added to monitor and control the PSE This management functi...

Страница 268: ...r interface This command is used to configure which types of PD s will be detected and powered by the switch 2ptdot3af IEEE 802 3af 2 Point Only 2ptdot3af legacy IEEE 802 3af 2 Point followed by Legac...

Страница 269: ...s mode if the device can power up more than 12 95 Watts with higher current and it cannot identify itself as Class 4 device Note Only ports 1 8 support this high power pre dot3at Use this mode if the...

Страница 270: ...mmand will set the power limit type to default It will also set the maximum power limit to default if the power limit type is user defined The default power limit type will be none The default user de...

Страница 271: ...ic Power Management Available Power 300 Watts 15 Watts 285 Watts Dynamic Power Management Available Power 300 Watts 3 Watts 297 Watts no poe power management This command sets the power management mod...

Страница 272: ...delivering ports poe reset auto This command is used to set the Autoreset mode When Autoreset mode is enabled the PoE port will be automatically reset if we detect an error on the port like Overload...

Страница 273: ...draw more power than the switch can provide When usage threshold is set we bring down all the PD s and bring them back up If the consumed power is less than threshold power in the above case 270 Watts...

Страница 274: ...mand will disable logging the PoE traps show poe This command gives global information regarding PoE status Switch show poe Unit 1 Firmware Version 3 9 PSE Main Operational Status ON Total Power 364 T...

Страница 275: ...delivering power OFF This indicates that the PoE controller is not delivering power FAULTY This indicates that the PoE controller is not functioning properly Total Power This indicates the total amoun...

Страница 276: ...vice according to the IEEE802 3af and IEEE802 3at definition Class Usage Max Power watts 0 Default 0 44 12 95 1 Optional 0 44 3 84 2 Optional 3 84 6 49 3 Optional 6 49 12 95 4 Optional 12 95 25 5 Powe...

Страница 277: ...6 19 DiffServ Service Commands on page 6 25 DiffServ Show Commands on page 6 26 MAC Access Control List ACL Commands on page 6 32 IP Access Control List ACL Commands on page 6 37 IPv6 Access Control...

Страница 278: ...ormation about 802 1p priority see Voice VLAN Commands on page 3 47 no classofservice dot1p mapping This command maps each 802 1p priority to its default internal traffic class value classofservice ip...

Страница 279: ...untrusted If you configure an interface to use Dot1p the mode does not appear in the output of the show running config command because Dot1p is the default no classofservice trust This command sets th...

Страница 280: ...must not exceed 100 no cos queue min bandwidth This command restores the default for each queue s minimum bandwidth value cos queue strict This command activates the strict priority scheduler mode for...

Страница 281: ...asses for a specific interface The unit slot port parameter is optional and is only valid on platforms that support independent per port class of service mappings If specified the 802 1p mapping table...

Страница 282: ...are displayed The following information is repeated for each user priority show classofservice ip dscp mapping This command displays the current IP DSCP mapping to internal traffic classes for the glo...

Страница 283: ...nt global configuration settings are displayed Format show classofservice trust unit slot port Mode Privileged EXEC Term Definition Non IP Traffic Class The traffic class used for non IP traffic This...

Страница 284: ...ltering criteria The attributes of a DiffServ policy define the way the switch processes packets You can define policy attributes on a per class instance basis The switch applies these attributes when...

Страница 285: ...from an existing class definition is to delete the class and re create it diffserv This command sets the DiffServ operational mode to active While disabled the DiffServ configuration is retained and...

Страница 286: ...out any match condition this command enters the class map mode The class map name is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying an existing DiffServ class The cl...

Страница 287: ...fails class map rename This command changes the name of a DiffServ class The class map name is the name of an existing DiffServ class The new class map name parameter is a case sensitive alphanumeric...

Страница 288: ...ny This command adds to the specified class definition a match condition whereby all packets are considered to belong to the class match class map This command adds to the specified class definition t...

Страница 289: ...me can not be the same Only one other class may be referenced by a class Any attempts to delete the refclassname class while the class is still referenced by any class map name fails The combined matc...

Страница 290: ...g 00 11 22 dd ee ff The macmask parameter is a layer 2 MAC address bit mask which need not be contiguous and is formatted as six two digit hexadecimal numbers separated by colons e g ff 07 23 ff fe d...

Страница 291: ...port number is required The port number is an integer from 0 to 65535 match ip dscp This command adds to the specified class definition a match condition based on the value of the IP DiffServ Code Po...

Страница 292: ...to ff The value of tosmask is a two digit hexadecimal number from 00 to ff The tosmask denotes the bit positions in tosbits that are used for comparison against the IP TOS field in a packet For examp...

Страница 293: ...icmp igmp ip tcp udp A value of ip matches all protocol number values To specify the match condition using a numeric value notation the protocol number is a standard value assigned by IANA and is int...

Страница 294: ...ce IP address of a packet The ipaddr parameter specifies an IP address The ipmask parameter specifies an IP address bit mask and must consist of a contiguous set of leading 1 bits match srcip6 This co...

Страница 295: ...the class policy association to an interface to form a service Specify the policy name when you create the policy Each traffic class defines a particular treatment for packets that match the class de...

Страница 296: ...he associated traffic stream are to be dropped at ingress mirror This command specifies that all incoming packets for the associated traffic stream are copied to a specific egress interface physical p...

Страница 297: ...s the name of an existing DiffServ class map class This command creates an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic class through...

Страница 298: ...e first or outer 802 1Q tag of a double VLAN tagged packet If the packet does not already contain this header one is inserted The CoS value is an integer from 0 to 7 mark ip dscp mark ip dscp This com...

Страница 299: ...4294967295 The conforming burst size is specified in kilobytes KB and is an integer from 1 to 128 For each outcome the only possible actions are drop set cos transmit set dscp transmit set prec transm...

Страница 300: ...xisting DiffServ policy The policyname parameter is the name of an existing DiffServ policy This command may be issued at any time If the policy is currently referenced by one or more interface servic...

Страница 301: ...rection DiffServ is not used in the outbound direction This set of commands consists of service addition removal The CLI command root is service policy service policy This command attaches a policy to...

Страница 302: ...only shown when the DiffServ administrative mode is enabled show class map This command displays all configuration information for the specified class The class name is the name of an existing DiffSer...

Страница 303: ...nd IPv6 Match Criteria The Match Criteria fields are only displayed if they have been configured Not all platforms support all match criteria values They are displayed in the order entered by the user...

Страница 304: ...the Class Rule Table Policy Table Size Current Max The current number of entries rows and the maximum allowed entries rows in the Policy Table Policy Instance Table Size Current Max Current number of...

Страница 305: ...ot displayed if mark ip description is not specified Mark IP Precedence The mark re mark value used as the IP Precedence for traffic matching this class This is not displayed if mark ip precedence is...

Страница 306: ...same order in which they were created Policy Type The policy type Only inbound is supported Class Members List of all class names associated with this policy Format show diffserv service unit slot po...

Страница 307: ...while DiffServ is in an enabled mode Term Definition Interface Valid slot and port number separated by forward slashes Direction The traffic direction of this interface service OperStatus The current...

Страница 308: ...es The following rules apply to MAC ACLs The maximum number of ACLs you can create is hardware dependent The limit applies to all ACLs regardless of type The system supports only Ethernet II frame typ...

Страница 309: ...sting MAC ACL no mac access list extended This command deletes a MAC ACL identified by name from the system mac access list extended rename This command changes the name of a MAC Access Control List A...

Страница 310: ...pear in the same relative order as shown in the command format The Ethertype may be specified as either a keyword or a four digit hexadecimal value from 0x0600 0xFFFF The currently supported ethertype...

Страница 311: ...e and direction A lower number indicates higher precedence order If a sequence number is already in use for this interface and direction the specified mac access list replaces the currently attached m...

Страница 312: ...Modes Global Config Interface Config Format show mac access lists name Mode Privileged EXEC Term Definition Rule Number The ordered rule number identifier defined within the MAC ACL Action The action...

Страница 313: ...an interface you cannot configure an IP ACL on the same interface Wildcard masking for ACLs operates differently from a subnet mask A wildcard mask is in essence the inverse of a subnet mask With a su...

Страница 314: ...urce layer 4 port match condition for the IP ACL rule You can use the port number which ranges from 0 65535 or you specify the portkey which can be one of the following keywords domain echo ftp ftpdat...

Страница 315: ...cation fields defined for the IP header of an IPv4 frame The name parameter is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IP access list If an IP ACL by this...

Страница 316: ...he every keyword or the protocol source address and destination address values must be specified The source and destination IP address fields may be specified using the Format ip access list rename na...

Страница 317: ...al sequence number may be specified to indicate the order of this IP access list relative to other IP access lists already assigned to this interface and direction A lower number indicates higher prec...

Страница 318: ...sables the ACL trap mode show ip access lists This command displays an IP ACL accesslistnumber is the number used to identify the IP ACL Default none Format no ip access group accesslistnumber vlan vl...

Страница 319: ...IP Mask The source IP Mask for this rule Source L4 Port Keyword The source port for this rule Destination IP Address The destination IP address for this rule Destination IP Mask The destination IP Mas...

Страница 320: ...Pv6 frame The name parameter is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access list ACL ID Access List name for a MAC or IPv6 access list or the nume...

Страница 321: ...from 1 to 31 characters uniquely identifying the IPv6 access list This command fails is an IPv6 ACL by the name newname already exists deny permit IPv6 This command creates a new rule for the current...

Страница 322: ...ot port while the redirect parameter allows the traffic matching this rule to be forwarded to the specified unit slot port The assign queue and redirect parameters are only valid for a permit rule ipv...

Страница 323: ...a given direction show ipv6 access lists This command displays an IPv6 access list and all of the rules that are defined for the IPv6 ACL Use the name parameter to identify a specific IPv6 ACL to dis...

Страница 324: ...ly used for time sensitive traffic auto voip all Use this command to enable VoIP Profile on the interfaces of the switch Match All Indicates whether this access list applies to every packet Possible v...

Страница 325: ...erface no auto voip Use this command to disable VoIP Profile on the interface show auto voip Use this command to display the VoIP Profile settings on the interface or interfaces of the switch Default...

Страница 326: ...S Commands 6 50 v1 0 May 2010 Field Description AutoVoIP Mode The Auto VoIP mode on the interface Traffic Class The CoS Queue or Traffic Class to which all VoIP traffic is mapped to This is not config...

Страница 327: ...P Server Commands on page 7 39 DNS Client Commands on page 7 54 Packet Capture Commands on page 7 60 Cable Test Command on page 7 82 sFlow Commands on page 7 83 Note The commands in this chapter are i...

Страница 328: ...TFTP server and if necessary a DNS server There are three stepss to Auto Install 1 Configuration or assignment of an IP address for the device 2 Assignment of a TFTP server 3 Obtain a configuration fi...

Страница 329: ...nfig file from a TFTP server boot autoinstall stop The command is used to A user may terminate the Auto Install process at any time prior to the downloading of the config file This is most optimally d...

Страница 330: ...s feature allows reduced down time when you upgrade or downgrade the software delete This command deletes the supplied image file from the permanent storage The image to be deleted must be a backup im...

Страница 331: ...active and backup images on the supplied unit node of the Stack If you do not specify a unit number the command displays image details for all nodes on the Stack The command also displays any text des...

Страница 332: ...mmands This section describes the commands you use to view information about system features components and configurations show arp switch This command displays the contents of the IP stack s Address...

Страница 333: ...Privileged EXEC Term Definition File The file in which the event originated Line The line number of the event Task Id The task ID of the event Code The event code Time The time this event occurred Uni...

Страница 334: ...inition Switch Description Text used to identify the product name of this switch Machine Type The machine model as defined by the Vital Product Data Machine Model The machine model as defined by the V...

Страница 335: ...cause of errors Collisions Frames The best estimate of the total number of collisions on this Ethernet segment Time Since Counters Last Cleared The elapsed time in days hours minutes and seconds since...

Страница 336: ...on Total Packets Received Octets The total number of octets of data received by the processor excluding framing bits but including FCS octets Packets Received Without Error The total number of packets...

Страница 337: ...ets Discarded The number of outbound packets which were chosen to be discarded even though no errors had been detected to prevent their being deliverable to a higher layer protocol A possible reason f...

Страница 338: ...t hexadecimal numbers that are separated by colons for example 01 23 45 67 89 AB In an IVL system the MAC address will be displayed as 8 bytes Interface The port through which this address was learned...

Страница 339: ...emory Utilization Report status bytes Term Definition VLAN ID The VLAN on which the MAC address was learned Term Definition Dynamic Address count Number of MAC addresses in the forwarding database tha...

Страница 340: ...buffer pools status The following shows an example of CLI display output for the command switch show mbuf total mbufSize 9284 0x2444 Current Time 0x1897fa MbufsFree 150 MbufsRxUsed 0 Total Rx Norm Al...

Страница 341: ...ys trapflags group name all If some but not all of the flags in that group are enabled the command displays trapflags groupname flag name Note Show running config does not display the User Password ev...

Страница 342: ...ysinfo Format show running config interface unit slot port VLAN id LAG id Mode Interface Config Format show sysinfo Mode Privileged EXEC Term Definition Switch Description Text used to identify this s...

Страница 343: ...ro or a number in the range of 5 to 48 After the user configured number of lines is displayed in one page the system prompts the user More or q uit Press q or Q to quit or press any key to display the...

Страница 344: ...command enables logging to an in memory log that keeps up to 128 logs no logging buffered This command disables logging to in memory log logging buffered wrap This command enables wrapping of in memor...

Страница 345: ...no logging cli command This command disables the CLI command Logging feature logging console This command enables logging to the console You can specify the severitylevel value as either an integer f...

Страница 346: ...ither an integer from 0 to 7 or symbolically through one of the following keywords emergency 0 alert 1 critical 2 error 3 warning 4 notice 5 info 6 or debug 7 logging host remove This command disables...

Страница 347: ...CLI Command Logging Shows whether CLI Command logging is enabled Console Logging Shows whether console logging is enabled ConsoleLogging Severity Filter The minimum severity to log to the console log...

Страница 348: ...with a log full situation Buffered Log Count The count of valid entries in the buffered log Format show logging hosts unit Mode Privileged EXEC Term Definition Host Index Used for deleting hosts IP A...

Страница 349: ...nd Clear Commands This section describes the commands you use to help troubleshoot connectivity issues and to restore various configurations to their factory defaults Term Definition Number of Traps S...

Страница 350: ...Mode Privileged EXEC Parameter Description ipaddr hostname The ipaddr value should be a valid IP address The hostname value should be a valid hostname initTtl Use initTtl to specify the initial time t...

Страница 351: ...10 240 1 252 0 msec 0 msec 1 msec 3 172 31 0 9 277 msec 276 msec 277 msec 4 10 254 1 1 289 msec 327 msec 282 msec 5 10 254 21 2 287 msec 293 msec 296 msec 6 192 168 76 2 290 msec 291 msec 289 msec 7...

Страница 352: ...the default values It does not reset the switch clear mac addr table This command clears the dynamically learned MAC addresses of the switch clear logging buffered This command clears the messages mai...

Страница 353: ...actory defaults without powering off the switch You are prompted to confirm that the password reset should proceed clear port channel This command clears all port channels LAGs clear traplog This comm...

Страница 354: ...ly 128 hexadecimal characters logout This command closes the current telnet connection or resets the current serial connection ping Use this command to determine whether another computer is on the net...

Страница 355: ...8 254 222 count 3 interval 1 size 255 Pinging 192 168 254 222 with 255 bytes of data Received Response Unreachable Destination Received Response Unreachable Destination Received Response Unreachable D...

Страница 356: ...ing reload This command resets the switch without powering it off Reset means that all network connections are terminated and the boot code executes The switch uses the stored configuration to initial...

Страница 357: ...is the path to the file and filename is the name of the file you want to upload or download For SFTP and SCP the username parameter is the username for logging into the remote server via SSH For platf...

Страница 358: ...e of any error the command lists all the lines at the end of the validation process and prompts you to confirm before copying the script file url nvram script destfilename noval When you use this opti...

Страница 359: ...e url image1 image2 Download an image from the remote server to either image In a stacking environment the downloaded image is distributed to the stack nodes image1 image2 url Upload either image to t...

Страница 360: ...mmand disables Simple Network Time Protocol SNTP client mode sntp client port This command sets the SNTP client port id to a value from 1 65535 no sntp client port This command resets the SNTP client...

Страница 361: ...command will set the poll timeout for SNTP unicast clients in seconds to a value from 1 30 no sntp unicast client poll timeout This command will reset the poll timeout for SNTP unicast clients to its...

Страница 362: ...a received from the server is based on Coordinated Universal Time UTC which is the same as Greenwich Mean Time GMT This may not be the time zone in which the switch is located Use the clock timezone c...

Страница 363: ...Format no clock timezone Mode Global Config Format show sntp Mode Privileged EXEC Term Definition Last Update Time Time of last clock update Last Unicast Attempt Time Time of last transmit query in u...

Страница 364: ...IP address or hostname of configured SNTP Server Server Type Address Type of Server Server Stratum Claimed stratum of the server for the last received valid packet Server Reference ID Reference clock...

Страница 365: ...inistration address allocations Last Attempt Time Last server attempt time for the specified server Last Update Status Last server attempt status for the server Total Unicast Requests Number of reques...

Страница 366: ...client identifier is required instead of hardware addresses The unique identifier is a concatenation of the media type and the MAC address For example the Microsoft client identifier for Ethernet add...

Страница 367: ...ommand specifies the default router list for a DHCP client address1 address2 address8 are valid IP addresses each made up of four decimal bytes ranging from 0 to 255 IP address 0 0 0 0 is invalid no d...

Страница 368: ...the hardware address of a DHCP client Hardware address is the MAC address of the hardware platform of the client consisting of 6 bytes in dotted hexadecimal format Type indicates the protocol of the h...

Страница 369: ...ures the duration of the lease for an IP address that is assigned from a DHCP server to a DHCP client The overall lease time should be between 1 86400 minutes If you specify infinite the lease is set...

Страница 370: ...s the IP subnet mask for the specified address pool The prefix length is an integer from 0 to 32 no network This command removes the subnet number and mask bootfile The command specifies the name of t...

Страница 371: ...that are available to DHCP clients One IP address is required although one can specify up to eight addresses in one command line Servers are listed in order of preference address1 is the most preferr...

Страница 372: ...s node type This command removes the NetBIOS node Type next server This command configures the next server in the boot process of a DHCP client The address parameter is the IP address of the next serv...

Страница 373: ...y a period for example a3 4f 22 0c colon for example a3 4f 22 0c or white space for example a3 4f 22 0c no option This command removes the DHCP Server options The code parameter specifies the DHCP opt...

Страница 374: ...a pool address as part of a ping operation By default the number of packets sent to a pool address is 2 which is the smallest allowed number when sending packets Setting the number of packets to 0 dis...

Страница 375: ...automatic address pool no ip dhcp bootp automatic This command disables the allocation of the addresses to the bootp client The address are from the automatic address pool ip dhcp conflict logging Thi...

Страница 376: ...s ranging from 0 to 255 IP address 0 0 0 0 is invalid clear ip dhcp server statistics This command clears DHCP server statistics counters clear ip dhcp conflict The command is used to clear an address...

Страница 377: ...ding address Modes Privileged EXEC User EXEC Term Definition IP address The IP address of the client Hardware Address The MAC Address or the client identifier Lease expiration The lease expiration tim...

Страница 378: ...Pool Name The name of the configured pool Pool Type The pool type Lease Time The lease expiration time of the IP address assigned to the client DNS Servers The list of DNS servers available to the DH...

Страница 379: ...eases Malformed Bindings The number of truncated or corrupted messages that were received by the DHCP server Message Definition DHCP DISCOVER The number of DHCPDISCOVER messages the server has receive...

Страница 380: ...sses When enabled the DNS client provides a hostname lookup service to other components ip domain lookup Use this command to enable the DNS client no ip domain lookup Use this command to disable the D...

Страница 381: ...ult domain name For an unqualified hostname xxx a DNS query is made to find the IP address corresponding to xxx yahoo com no ip domain name Use this command to remove the default domain name configure...

Страница 382: ...ss of the server The preference of the servers is determined by the order they were entered no ip name server Use this command to remove a name server ip host Use this command to define static host na...

Страница 383: ...this command to remove the static host name to IPv6 address mapping in the host cache ip domain retry Use this command to specify the number of times to retry sending Domain Name System DNS queries T...

Страница 384: ...timeout Use this command to return to the default setting clear host Use this command to delete entries from the host name to address cache This command clears the entries from the DNS cache maintaine...

Страница 385: ...t yahoo com Stanford edu rediff com Domain Name lookup Enabled Number of retries 5 Retry timeout period 1500 Name servers Preference order 176 16 1 18 176 16 1 19 Configured host name to address mappi...

Страница 386: ...s like Ethereal can be used to decode and review the packets in detail Capturing can be performed in a variety of modes either transmit side only receive side only or both The number of packets captur...

Страница 387: ...buffer is full writes to the buffer will wrap around to allow continuous packet caputure show capture packets This command displays packets being captured from the buffer The output of the show comma...

Страница 388: ...ssages no debug arp Use this command to disable ARP debug protocol messages debug auto voip Use this command to enable Auto VOIP debug messages Use the optional parameters to trace H323 SCCP or SIP pa...

Страница 389: ...o view any trace output The output of debug trace commands will appear on all login sessions for which debug console has been enabled The configuration of this command remains in effect for the life o...

Страница 390: ...g trace debug igmpsnooping packet This command enables tracing of IGMP Snooping packets received and transmitted by the switch no debug igmpsnooping packet This command disables tracing of IGMP Snoopi...

Страница 391: ...age Default disabled Format debug igmpsnooping packet transmit Mode Privileged EXEC Parameter Definition TX A packet transmitted by the device Intf The interface that the packet went out on Format use...

Страница 392: ...parameters are displayed in the trace message Format no debug igmpsnooping transmit Mode Privileged EXEC Default disabled Format debug igmpsnooping packet receive Mode Privileged EXEC Parameter Defini...

Страница 393: ...s only received DVMRP packets and transmit traces only transmitted DVMRP packets When neither keyword is used in the command then all DVMRP packet traces are dumped Vital information such as source ad...

Страница 394: ...ransmitted is displayed on the console no debug ip igmp packet Use this command to disable debug tracing of IGMP packet reception and transmission debug ip mcache packet Use this command for tracing M...

Страница 395: ...nd then all PIMDM packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitt...

Страница 396: ...l packet type packet length and the interface on which the packet is received or transmitted is displayed on the console no debug ip pimsm packet Use this command to disable debug tracing of PIMSM pac...

Страница 397: ...ption and transmission debug ipv6 mld packet Use this command to trace MLDv6 packet reception and transmission receive traces only received MLDv6 packets and transmit traces only transmitted MLDv6 pac...

Страница 398: ...t reception and transmission debug ipv6 pimsm packet Use this command to trace PIMSMv6 packet reception and transmission receive traces only received PIMSMv6 packets and transmit traces only transmitt...

Страница 399: ...trace MLD snooping packet reception and transmission receive traces only received MLD snooping packets and transmit traces only transmitted MLD snooping packets When neither keyword is used in the com...

Страница 400: ...Intf 2 0 48 Src Ip 10 50 50 1 DestIp 192 168 50 2 AreaId 0 0 0 0 Type DB_DSCR Mtu 1500 Options E Flags I M MS Seq 126166 15 JAN 02 11 03 36 10 50 50 1 2 OSPF 46300472 ospf_debug c 297 25434 Pkt RX In...

Страница 401: ...he packet DestIp The destination IP address in the IP header of the packet AreaId The area ID in the OSPF header of the packet Type Could be one of the following HELLO Hello packet DB_DSCR Database de...

Страница 402: ...of OSPF packets debug ospfv3 packet Use this command to enable OSPFv3 packet debug trace no debug ospfv3 packet Use this command to disable tracing of OSPFv3 packets Field Definition Length Length of...

Страница 403: ...C_IP 10 50 50 1 DEST_IP 10 50 50 2 Type ECHO_REPLY The following parameters are displayed in the trace message no debug ping packet This command disables tracing of ICMP echo requests and responses De...

Страница 404: ...t disabled Format debug rip packet Mode Privileged EXEC Parameter Definition TX RX TX refers to a packet transmitted by the device RX refers to packets received by the device Intf The interface that t...

Страница 405: ...packet trace no debug sflow packet Use this command to disable sFlow debug packet trace debug spanning tree bpdu This command enables tracing of spanning tree BPDUs received and transmitted by the sw...

Страница 406: ...88 4e c2 00 Root Priority 0x8000 Path Cost 0 The following parameters are displayed in the trace message Format no debug spanning tree bpdu Mode Privileged EXEC Default disabled Format debug spanning...

Страница 407: ...0 11 88 4e c2 00 Root_Priority 0x8000 Path_Cost 0 The following parameters are displayed in the trace message Format no debug spanning tree bpdu receive Mode Privileged EXEC Default disabled Format de...

Страница 408: ...u transmit Mode Privileged EXEC Note The cable test feature is supported only for copper cable It is not supported for optical fiber cable If the port has an active link while the cable test is run th...

Страница 409: ...ded Unknown is displayed if the cable length could not be determined Format sflow receiver rcvr_idx owner owner string timeout rcvr_timeout max datagram size ip ipv6 ip port port Mode Global Config Fi...

Страница 410: ...ult is 0 0 0 0 Receiver Port The destination Layer4 UDP port for sFlow datagrams The range is 1 65535 The default is 6343 Format no sflow receiver indx ip ip address maxdatagram size owner string time...

Страница 411: ...ables sampling A value of N means that out of N incoming packets 1 packet will be sampled The range is 1024 65536 and 0 The default is 0 Format no sflow sampler rcvr indx rate sampling rate maxheaders...

Страница 412: ...gear 1 0 IP Address 10 131 12 66 show sflow pollers Use this command to display the sFlow polling instances created on the switch Use for range Format no sflow poller rcvr indx interval poll interval...

Страница 413: ...s between successive samples of the counters associated with this data source Format show sflow receivers index Mode Privileged EXEC Field Description Receiver Index The sFlow Receiver associated with...

Страница 414: ...er unit if GSM72xxPS or GSM73xxSv1 is the Master of the stack It will not be available in case GSM73xxSv2 is the Master of a Stack Format show sflow samplers Mode Privileged EXEC Field Description Sam...

Страница 415: ...licence file through the GUI show license This command displays the license status License Date indicates the date of the license License Status indicates whether license is active or inactive Exampl...

Страница 416: ...ProSafe 7200 Managed Switches CLI Manual Software Version 8 0 3 Utility Commands 7 90 v1 0 May 2010 OSPFV3 IPV6...

Страница 417: ...page 8 20 Access Commands on page 8 28 User Account Commands on page 8 29 SNMP Commands on page 8 40 RADIUS Commands on page 8 52 TACACS Commands on page 8 67 Configuration Scripting Commands on page...

Страница 418: ...administrator enable password 2 Management CPU IP address and network mask 3 System name and location information The tool is interactive and uses questions to guide you through the steps required to...

Страница 419: ...ange the password Y N Q y Enter new password Confirm new password Password Changed The enable password required for switch configuration via the command line interface is currently not configured Do y...

Страница 420: ...to the Privileged EXEC mode From the Privileged EXEC mode you can configure the network interface network parms This command sets the IP address subnet mask and gateway of the device The IP address an...

Страница 421: ...nd sets locally administered MAC addresses The following rules apply Bit 6 of byte 0 called the U L bit indicates whether the address is universally administered b 0 or locally administered b 1 Bit 7...

Страница 422: ...view the Java applet show network This command displays configuration settings associated with the switch s network interface The network interface is the logical interface used for in band connectiv...

Страница 423: ...factory default value is 0 0 0 0 IPv6 Administrative Mode Whether enabled or disabled IPv6 Address Length The IPv6 address and length IPv6 Default Router The IPv6 default router address Burned In MAC...

Страница 424: ...you can configure a variety of system settings including user accounts From the Global Config mode you can enter other command modes including Line Config mode line This command gives you access to t...

Страница 425: ...This command sets the maximum connect time in minutes without console activity login authentication To specify login authentication method list for remote telnet or console use the login authenticatio...

Страница 426: ...eged EXEC User EXEC Term Definition Serial Port Login Timeout minutes The time in minutes of inactivity on a Serial port connection after which the Switch will close the connection Any numeric value b...

Страница 427: ...nd closes the Telnet listening port and disconnects all open Telnet sessions telnet This command establishes a new outbound Telnet connection to a remote host The host value must be a valid IP address...

Страница 428: ...ransport output telnet This command regulates new outbound Telnet connections If enabled new outbound Telnet sessions can be established until the system reaches the maximum number of simultaneous out...

Страница 429: ...ions A value of 0 indicates that no outbound Telnet session can be established no session limit This command sets the maximum number of simultaneous outbound Telnet sessions to the default value sessi...

Страница 430: ...onnection sessions that can be established to the default value telnetcon timeout This command sets the Telnet connection session timeout value in minutes A session is active as long as the session ha...

Страница 431: ...imeout value for active sessions does not become effective until the session is reaccessed Also any keystroke activates the new timeout duration Format no telnetcon timeout Mode Privileged EXEC Format...

Страница 432: ...mmand is the short form of the ip ssh server enable command Format show telnetcon Modes Privileged EXEC User EXEC Term Definition Remote Connection Login Timeout minutes This object indicates the numb...

Страница 433: ...erver enable This command disables the IP secure shell server sshcon maxsessions This command specifies the maximum number of SSH connection sessions that can be established A value of 0 indicates tha...

Страница 434: ...ue for active sessions does not become effective until the session is re accessed Also any keystroke activates the new timeout duration no sshcon timeout This command sets the SSH connection session t...

Страница 435: ...files from the device regardless of whether they are self signed or downloaded from an outside source Term Definition Administrative Mode This field indicates whether the administrative mode of SSH is...

Страница 436: ...overwrite any existing generated or downloaded DSA key files no crypto key generate dsa Use this command to delete the DSA key files from the device Hypertext Transfer Protocol HTTP Commands This sect...

Страница 437: ...terfaces are affected no ip http server This command disables access to the switch through the Web interface When access is disabled the user cannot login to the switch s Web server ip http secure ser...

Страница 438: ...ure HTTP sessions in hours Configuring this value to zero will give an infinite hard timeout When this timeout expires the user will be forced to re authenticate This timer begins on initiation of the...

Страница 439: ...us no authentication is used if the radius server is down no ip http authentication This command restores the authentication methods to the default ip http session maxsessions This command limits the...

Страница 440: ...be forced to re authenticate This timer begins on initiation of the Web session and is re started with each access to the switch no ip http session soft timeout This command resets the soft timeout fo...

Страница 441: ...t can not be set to zero infinite no ip http secure session soft timeout This command restores the soft timeout for secure HTTP sessions to the default value ip http secure session hard timeout This c...

Страница 442: ...specified as an authentication method after radius no authentication is used if the radius server is down no ip https authentication This command restores the authentication methods to the default for...

Страница 443: ...ort Mode Privileged EXEC Default SSL3 and TLS1 Format ip http secure protocol SSL3 TLS1 Mode Privileged EXEC Format show ip http Mode Privileged EXEC Term Definition HTTP Mode Unsecure The unsecure HT...

Страница 444: ...lnet and serial port connections to the switch Secure Protocol Level s The protocol level may have the values of SSL3 TSL1 or both SSL3 and TSL1 Maximum Allowable HTTPS Sessions The number of allowabl...

Страница 445: ...for the serial port connection Idle Time Time this session has been idle Session Time Total time this session has been connected Session Type Shows the type of session which can be HTTP HTTPS telnet...

Страница 446: ...ivileges for the specified login user The valid accessmode values are readonly or readwrite The username is the login user name for which the specified access mode applies The default is readwrite for...

Страница 447: ...password and therefore must be at least eight characters in length The username is the user name associated with the authentication protocol You must enter the username in the same case you used when...

Страница 448: ...in user name associated with the specified encryption You must enter the username in the same case you used when you added the user To see the case of the username enter the show users command no user...

Страница 449: ...ReadWrite the SNMPv3 user is able to set and retrieve parameters on the system If the value is set to ReadOnly the SNMPv3 user is only able to retrieve parameter information The SNMPv3 access mode ma...

Страница 450: ...d The valid range is 0 64 no passwords min length Use this command to set the minimum password length to the default value Term Definition User Name The full name of the user Format show users login h...

Страница 451: ...is 0 10 no passwords history Use this command to set the password history to the default value passwords aging Use this command to implement aging on passwords for local users When a user s password e...

Страница 452: ...the serial console The valid range is 1 5 The default is 0 or no lockout count enforced no passwords lock out Use this command to set the password lock out count to the default value show passwords c...

Страница 453: ...the final method in the command line For example if none is specified as an authentication method after radius no authentication is used if the radius server is down where Default Uses the listed auth...

Страница 454: ...method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line For example if none is speci...

Страница 455: ...thentication is used if the radius server is down line Uses the line password for authentication none Uses no authentication radius Uses the list of all RADIUS servers for authentication Uses username...

Страница 456: ...command is the same as copy system running config nvram startup config SNMP Commands This section describes the commands you use to configure Simple Network Management Protocol SNMP on the switch You...

Страница 457: ...level The length of name can be up to 16 case sensitive characters no snmp server community This command removes this community name from the table The name is the community name to be deleted Default...

Страница 458: ...ient IP address for an SNMP community to 0 0 0 0 The name is the applicable community name snmp server community ipmask This command sets a client IP mask for an SNMP community The address is the asso...

Страница 459: ...ociated with this community cannot manage the switch until the Status is changed back to Enable no snmp server community mode This command deactivates an SNMP community If the community is disabled no...

Страница 460: ...wed MAC address is received on a locked port no snmp server enable traps violation This command disables the sending of new violation traps snmp server enable traps This command enables the Authentica...

Страница 461: ...nkmode This command disables Link Up Down traps for the entire switch snmp server enable traps multiusers This command enables Multiple User traps When the traps are enabled a Multiple User Trap is se...

Страница 462: ...on traps snmptrap This command adds an SNMP trap receiver The maximum length of name is 16 case sensitive alphanumeric characters The snmpversion is the version of SNMP The version parameter options a...

Страница 463: ...e name and ipaddr pair must be unique Multiple entries can exist with the same name as long as they are associated with a different ipaddr The reverse scenario is also acceptable The name is the commu...

Страница 464: ...This command deactivates an SNMP trap Disabled trap receivers are unable to receive traps snmp trap link status This command enables link status traps by interface Note IP addresses in the SNMP trap...

Страница 465: ...all interfaces Format snmp trap link status Mode Interface Config Note This command is valid only when the Link Up Down Flag is enabled Format no snmp trap link status Mode Interface Config Note This...

Страница 466: ...mmunity Name The community string to which this entry grants access A valid entry is a case sensitive alphanumeric string of up to 16 characters Each row of this table must contain a unique community...

Страница 467: ...ger The string is case sensitive and can be up to 16 alphanumeric characters IP Address The IPv4 address to receive SNMP traps from this device IPv6 Address The IPv6 address to receive SNMP traps from...

Страница 468: ...dicates whether DVMRP traps are sent OSPFv2 Traps Can be enabled or disabled The factory default is disabled Indicates whether OSPF traps are sent If any of the OSPF trap flags are not enabled then th...

Страница 469: ...address is configured while enabling this attribute the RADIUS client uses that IP address while sending NAS IP Address attribute in RADIUS communication no radius server attribute The no version of...

Страница 470: ...the auth parameter the command configures the IP address or hostname to use to connect to a RADIUS authentication server You can configure up to 3 servers per RADIUS client If the maximum number of co...

Страница 471: ...r is removed from the configuration Similarly if the acct token is used the previously configured RADIUS accounting server is removed from the configuration The ipaddr dnsname parameter must match the...

Страница 472: ...hen this command is executed the secret is prompted Text based configuration supports Radius server s secrets in encrypted and non encrypted format When you save the configuration these secret keys ar...

Страница 473: ...rimary servers can be configured for each number of servers that have the same name When the RADIUS client has to perform transactions with an authenticating RADIUS server of specified name the client...

Страница 474: ...server no radius server retransmit The no version of this command sets the value of this global parameter to the default value radius server timeout This command configures the global parameter for t...

Страница 475: ...cription retries Maximum number of transmission attempts in the range 1 30 Format no radius server timeout Mode Global Config Format show radius Mode Privileged EXEC Term Definition Number of Configur...

Страница 476: ...number of times a request packet is retransmitted Time Duration The configured timeout value in seconds for request re transmissions RADIUS Accounting Mode A global parameter to indicate whether the a...

Страница 477: ...er Port The port used for communication with the authenticating server Type Specifies whether this server is a primary or secondary type Current Host Address The IP address of the currently active aut...

Страница 478: ...uthenticator Enable Number of Retransmits 4 Time Duration 10 RADIUS Accounting Mode Disable RADIUS Attribute 4 Mode Enable RADIUS Attribute 4 Value 192 168 37 60 show radius accounting This command di...

Страница 479: ...Name Default_RADIUS_Server Host Address 192 168 37 200 RADIUS Accounting Mode Disable Port 1813 Secret Configured Yes show radius accounting statistics This command displays a summary of statistics fo...

Страница 480: ...missions Retransmission The number of RADIUS Accounting Request packets retransmitted to this RADIUS accounting server Responses The number of RADIUS packets received on the accounting port from this...

Страница 481: ...the server dnsname The DNS name of the server servername The alias name to identify the server RADIUS Server Name The name of the authenticating server Server Host Address The IP address of the host...

Страница 482: ...d Access Responses 0 Bad Authenticators 0 Pending Requests 0 Malformed Access Responses The number of malformed RADIUS Access Response packets received from this server Malformed packets include packe...

Страница 483: ...ssed in clear text over the network TACACS uses TCP to ensure reliable delivery and a shared key configured on the client and daemon server to encrypt all messages tacacs server host Use the tacacs se...

Страница 484: ...key in encrypted format enter the key along with the encrypted keyword In the show running config command s display these secret keys are displayed in encrypted format You cannot show these keys in p...

Страница 485: ...0 128 characters Text based configuration supports TACACS server s secrets in encrypted and non encrypted format When you save the configuration these secret keys are stored in encrypted format only I...

Страница 486: ...global value is used The timeout parameter has a range of 1 30 and is the timeout value in seconds show tacacs Use the show tacacs command to display the configuration and statistics of a TACACS serv...

Страница 487: ...lt configurations Scripts must conform to the following rules Script files are not distributed across the stack and only live in the unit that is the master unit at the time of the file download The f...

Страница 488: ...t on the switch script list This command lists all scripts present on the switch as well as the remaining available space Note To specify a blank password for a user in the configuration script you mu...

Страница 489: ...with a given script on any given device Pre login Banner and System Prompt Commands This section describes the commands you use to configure the pre login banner and the system prompt The pre login ba...

Страница 490: ...he prompt The length of name may be up to 64 alphanumeric characters Default none Format copy Code Sample Variable tftp ipaddr filepath filename Code Sample Variable nvram clibanner copy nvram clibann...

Страница 491: ...erstanding of the system configuration and details of the problem will assist NETGEAR Inc in determining the root cause of such a problem The Log Messages chapter includes the following sections Core...

Страница 492: ...port x Interface creation out of order NIM NIM event x intf x component x in wrong phase An event was issued to NIM during the wrong configuration phase probably Phase 1 2 or WMU NIM NIM Failed to not...

Страница 493: ...sion num but the sizes version size expected version size differ The configuration file which was loaded was of a different size than expected for the version number This message indicates the configu...

Страница 494: ...functions DHCP Filtering Error on call to sysapiCfgFileWrite file Error on trying to save configuration Table 9 6 NVStore Log Messages Component Message Cause NVStore Building defaults for file XXX A...

Страница 495: ...rror while attempting to read data from the RADIUS server RADIUS RADIUS Accounting Response failed to validate id xxx The RADIUS Client received an invalid message from the server RADIUS RADIUS User x...

Страница 496: ...server TACACS TACACS received invalid packet type from server Received packet type that is not supported TACACS TACACS invalid major version in received packet Major version mismatch TACACS TACACS inv...

Страница 497: ...lure for the specified connection type EmWeb ewsNetHTTPReceive failure in NetReceiveLoop closing connection Socket receive failure EmWeb EmWeb connection allocation failed Memory allocation failure fo...

Страница 498: ...code from tftp upload result Unknown error returned while uploading file using TFTP from web interface WEB Web UI Screen with unspecified access attempted to be brought up Failed to get application sp...

Страница 499: ...he error code SSLT SSLT Msg Queue is full event XXXX Failed to send the received message to the SSLT message queue as message queue is full XXXX indicates the event to be sent SSLT SSLT Unknown UI eve...

Страница 500: ...rotected port configuration cannot be saved Protected Ports protectedPortCnfgrInitPhase1Process Unable to create r w lock for protectedPort This appears when protectedPortCfgRWLock Fails Protected Por...

Страница 501: ...try from the table IPsubnet vlans vlanIpSubnetVlanChangeCallback Failed to add an Entry This appears when a dtl fails to add an entry for a vlan add notify event IPsubnet vlans vlanIpSubnetVlanChangeC...

Страница 502: ...equestSend failed Failed sending message to RADIUS server 802 1X dot1xRadiusAcceptProcess error calling radiusAccountingStart ifIndex xxx Failed sending accounting start to RADIUS server 802 1X functi...

Страница 503: ...UEUE SEND FAILURE The garpPduQueue is full logs specific of the GPDU internal interface number vlan id buffer handle etc GARP GVRP GMRP garpMapIntfIsConfigurable gmrpMapIntfIsConfigurable Error access...

Страница 504: ...Vlan Tag dvlantagIntfIsConfigurable Error accessing dvlantag config data for interface d A default configuration does not exist for this interface Typically a case when a new interface is created and...

Страница 505: ...Q dot1qVlanMemberSetModify dot1qVlanTaggedMemberSetModify Dynamic entry d can only be modified after it is converted to static If this vlan is a learnt via GVRP then we cannot modify it s member set v...

Страница 506: ...CL Log Messages Component Message Cause ACL Total number of ACL rules x exceeds max y on intf i The combination of all ACLs applied to an interface has resulted in requiring more rules than the platfo...

Страница 507: ...sed DiffServ Policy invalid for service intf policy name intIfNum x direction y The DiffServ policy definition is not compatible with the capabilities of the interface specified Check the platform rel...

Страница 508: ...includes the current size of the database OSPFv2 The number of LSAs 25165 in the OSPF LSDB has exceeded the LSDB memory allocation When the OSPFv2 LSDB becomes full OSPFv2 logs this message OSPFv2 re...

Страница 509: ...ed OSPFv3 periodically verifies the checksum of each LSA in memory OSPFv3 logs this Table 9 40 Routing Table Manager Log Messages Component Message Cause Routing Table Manager RTO is full Routing tabl...

Страница 510: ...nvalid TTL VRRP ignored an incoming message whose time to live TTL in the IP header was not 255 Table 9 42 ARP Log Message Component Message Cause ARP ARP received mapping for IP address xxx to MAC ad...

Страница 511: ...Error creating IGMP data pipe Error opening IGMP data pipe When we fail to create open IGMP data pipe for Mcast data messages IGMP Error getting memory for source record When we are unable to allocate...

Страница 512: ...add an mroute entry into cache PIM_SM Config error Trying to add static RP Dynamic RP with same ip addr exists Router learns RP group mapping through Bootstrap messages received This message pops whe...

Страница 513: ...hile registering a neighbor DVMRP dvmrp_recv_prune failed getting memory for prune Failed to allocate memory while receiving a prune DVMRP dvmrp_new_route failed getting memory for route Failed to get...

Страница 514: ...table OS In hapiBroadQosCosQueueConfig Failed to configure minimum bandwidth Available bandwidth x Attempting to configure the bandwidth beyond it s capabilities OS USL failed to put sync response on...

Страница 515: ...ize unit x due to a transport failure or API issue on remote unit A synchronization retry will be issued OS Invalid LAG id x Possible synchronization issue between the BCM driver and HAPI OS Invalid u...

Страница 516: ...o this msg indicates the file system may be corrupted OSAPI ftruncate failed File is open for reading only ftruncate is called to correctly set the file s size in the file system after a write The fil...

Страница 517: ...During the call to remove the interface from the route table the attempt to get the ipv4 interface mask from the stack failed OSAPI osapiCleanupIf NetIpDel During the call to remove the interface from...

Страница 518: ...dition Captive Portal can be configured to use an optional HTTP port in support of HTTP Proxy networks If configured this additional port is then used exclusively by Captive Portal Note that this opti...

Страница 519: ...35 no http port Use this command to reset the HTTP port to the default number 80 https port Use this command to configure an additional HTTPS port for captive portal to monitor The valid range is from...

Страница 520: ...ion page needs to be served again in order for the client to gain access to the network no authentication timeout Use this command to reset the authentication timeout to the default show captive porta...

Страница 521: ...This field shows the reason why the operational is disabled CP IP Address It is the captive portal server IP address Format show captive portal status Mode Privileged EXEC mode Term Definition Additio...

Страница 522: ...n Commands The commands in this section are related to captive portal configurations configuration Captive Portal Use this command to enter the captive portal instance mode The captive portal configur...

Страница 523: ...disable a configuration name Use this command to configure the name for a captive portal configuration The cp name can be up to 32 alphanumeric characters in length Format no configuration 1 10 Mode...

Страница 524: ...configured to allow access for guest users users that do not have assigned user names and passwords User verification can also be configured to allow access for authenticated users Authenticated user...

Страница 525: ...an use the command user group 1 10 to create a group ID The default group ID is 1 for a captive portal configuration no group Use this command to reset the group number to the default redirect Captive...

Страница 526: ...he network The rate is in bits per seconds 0 indicates limit not enforced no max bandwidth down Use this command to reset the maximum rate to the default max bandwidth up Use this command to configure...

Страница 527: ...nsmit After this limit has been reached the user will be disconnected The number of octets is in bytes 0 indicates limit not enforced no max input octets Use this command to reset the limit to the def...

Страница 528: ...Use this command to configure the maximum number of octets the user is allowed to transfer i e the sum of octets transmitted and received After this limit has been reached the user will be disconnecte...

Страница 529: ...the session timeout to the default idle timeout Use this command to configure the idle timeout for a captive portal configuration 0 indicates timeout not enforced After an idle session has been reach...

Страница 530: ...re configurations using a text based format no locale This command is intended to delete a locale The default locale cannot be deleted interface Captive Portal Use this command to associate an interfa...

Страница 531: ...tion Blocking a captive portal instance is a temporary command executed by the administrator and not saved in the configuration no block Use this command to unblock traffic Captive Portal Status Comma...

Страница 532: ...e 1 10 is the captive portal ID If you do not specify an interface number all the interfaces assigned to the captive portal configuration will be displayed Format show captive portal configuration 1 1...

Страница 533: ...ace 1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigab Operational Status Disabled Disable Reason Interface Not Attached Block Status Not Blocked Authenticated Users 0 Term Definition CP ID The ca...

Страница 534: ...efinition Group Name The name of the group associated with this captive portal instance Redirect URL Mode The redirect mode for this captive portal instance Redirect URL The redirect URL is up to 512...

Страница 535: ...ation Mode Guest Group Name group123 Redirect URL Mode Enabled Redirect URL www cnn com Session Timeout seconds 86400 Idle Timeout seconds 600 Max Bandwidth Up bytes sec 0 Max Bandwidth Down bytes sec...

Страница 536: ...show captive portal client status Use this command to display client connection details or a connection summary for connected captive portal users macaddr is Client MAC address If no macaddr is enter...

Страница 537: ...90 Client IP Address 10 254 96 47 Protocol Mode https Verification Mode Local CP ID 1 CP Name cp1 Interface 1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigabit Level User Name user123 Session Tim...

Страница 538: ...client Bytes Received The number of bytes received from the client Bytes Transmitted The number of bytes transmitted to the client Packets Received The number of packets received from the client Pack...

Страница 539: ...CP Name Protocol Verification 0002 BC00 1290 10 254 96 47 1 cp1 http local 0002 BC00 1291 10 254 96 48 2 cp2 http local show captive portal configuration client status Use this command to display the...

Страница 540: ...scription 0002 BC00 1290 10 254 96 47 1 0 1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1291 10 254 96 48 1 0 2 Unit 1 Slot 0 Port 2 Gigabit captive portal client deauthenticate Use this command to deauthe...

Страница 541: ...l User Commands The following section describes captive portal local user commands user password Use this command to create a local user or change the password for an existing user The user id is user...

Страница 542: ...be exist before execute this command You can create the local user using user password first user group Use this command to associate a group with a captive portal user A user must be associated with...

Страница 543: ...ation t no user session timeout Use this command to reset the session timeout to the default user idle timeout Use this command to set the session idle timeout value for a captive portal user 1 128 is...

Страница 544: ...ax bandwidth down Use this command to reset the limit to the default user max bandwidth up Use this command to configure the bandwidth at which the client can send data into the Network 1 128 is the u...

Страница 545: ...octets Use this command to reset the limit to the default user max output octets Use this command to limit the number of octets the user is allowed to receive After this limit has been reached the use...

Страница 546: ...cted 1 128 is the user ID The range of octets is 0 4294967295 0 indicates to use the global limit Use the no form of this command to reset the limit to the default no user max total octets Use this co...

Страница 547: ...at which the client can send data into the network If the value is 0 then use the value configured for the captive portal Max Bandwidth Down bytes sec Maximum client receive rate b s Limits the bandwi...

Страница 548: ...0 Max Bandwidth Up bytes sec 0 Max Bandwidth Down bytes sec 0 Max Input Octets bytes 0 Max Output Octets bytes 0 Max Total Octets bytes 0 Group ID Group Name 1 Default 2 group2 clear captive portal u...

Страница 549: ...roup name 1 10 is the user group ID The name can be a string up to 32 characters user group rename Use this command to change a group s ID to a different group ID Default 1 Format user group 1 10 Mode...

Страница 550: ...esize 4 3 arp dynamicrenew 4 3 arp purge 4 4 arp resptime 4 4 arp retries 4 4 arp timeout 4 5 assign queue 6 20 authentication timeout 10 3 authorization network radius 8 52 auto negotiate 3 3 auto ne...

Страница 551: ...27 clear counters 7 27 clear dot1x statistics 3 63 clear host 7 59 clear igmpsnooping 7 28 clear ip arp inspection statistics 3 137 clear ip dhcp binding 7 51 clear ip dhcp conflict 7 51 clear ip dhcp...

Страница 552: ...5 debug igmpsnooping packet receive 7 67 debug igmpsnooping packet transmit 7 66 debug ip acl 7 68 debug ip dvmrp packet 7 68 debug ip igmp packet 7 69 debug ip mcache packet 7 69 debug ip pimdm packe...

Страница 553: ...s control l4port 3 182 dos control sipdip 3 180 dos control smacdmac 3 183 dos control tcpfinurgpsh 3 187 dos control tcpflag 3 182 dos control tcpflagseq 3 185 dos control tcpfrag 3 181 dos control t...

Страница 554: ...ace Captive Portal 10 13 interface lag 3 3 interface range 3 2 interface vlan 3 3 ip access group 6 41 ip access list 6 39 ip access list rename 6 40 ip address 4 9 ip arp inspection filter 3 133 ip a...

Страница 555: ...57 ip http authentication 8 23 ip http java 8 22 ip http secure port 8 26 ip http secure protocol 8 27 ip http secure server 8 21 ip http secure session hard timeout 8 25 ip http secure session maxses...

Страница 556: ...n key 3 93 lacp actor admin state individual 3 94 lacp actor admin state longtimeout 3 94 lacp actor admin state passive 3 95 lacp actor port priority 3 96 lacp actor system priority 3 96 lacp admin k...

Страница 557: ...7 19 logging console 7 20 logging host 7 20 logging host remove 7 21 logging persistent 7 24 logging syslog 7 21 login authentication 8 9 logout 7 29 mac access group 6 35 mac access list extended 6 3...

Страница 558: ...ts 10 11 member 2 2 mirror 6 20 mode dot1q tunnel 3 45 mode dvlan tunnel 3 46 monitor session 3 112 movemanagement 2 3 mtu 3 5 name 10 6 netbios name server 7 46 netbios node type 7 47 network DHCP Po...

Страница 559: ...ace Config 3 104 port channel 3 90 port channel adminmode 3 105 port channel linktrap 3 105 port channel load balance 3 106 port channel name 3 108 port channel static 3 102 port channel system priori...

Страница 560: ...rvice dhcp 7 49 service policy 6 25 session limit 8 13 session timeout 8 13 session timeout Captive Portal 10 12 set garp timer join 3 56 set garp timer leave 3 56 set garp timer leaveall 3 57 set gmr...

Страница 561: ...10 20 show captive portal client status 10 19 show captive portal configuration client status 10 22 show captive portal configuration interface 10 15 show captive portal configuration locales 10 18 s...

Страница 562: ...6 show igmpsnooping mrouter vlan 3 146 show igmpsnooping querier 3 151 show interface 7 9 show interface ethernet 7 10 show interfaces cos queue 6 7 show interfaces switchport 3 53 show ip access list...

Страница 563: ...ow lacp actor 3 108 show lacp partner 3 109 show license 7 89 show license features 7 89 show lldp 3 162 show lldp interface 3 162 show lldp local device 3 167 show lldp local device detail 3 167 show...

Страница 564: ...e 6 31 show port 3 7 show port description 3 9 show port protocol 3 8 show port status 3 9 show port channel 3 111 show port channel brief 3 109 show port channel 3 110 show port channel system priori...

Страница 565: ...28 show spanning tree summary 3 29 show spanning tree vlan 3 29 show stack port 2 10 show stack port counters 2 11 show stack port diag 2 11 show storm control 3 89 show supported cardtype 2 7 show su...

Страница 566: ...le traps multiusers 8 45 snmp server enable traps stpmode 8 46 snmp server enable traps violation 8 44 snmptrap 8 46 snmptrap ipaddr 8 48 snmptrap mode 8 48 snmptrap snmpversion 8 47 sntp broadcast cl...

Страница 567: ...orm control broadcast 3 77 storm control broadcast 3 79 storm control broadcast level 3 78 storm control broadcast level 3 80 storm control broadcast rate 3 79 storm control broadcast rate 3 80 storm...

Страница 568: ...te bootcode 7 6 user group name 10 32 user group rename 10 32 user group 10 25 user group Create 10 31 user idle timeout 10 26 user max bandwidth down 10 27 user max bandwidth up 10 27 user max input...

Страница 569: ...port acceptframe all 3 34 vlan port ingressfilter all 3 35 vlan port priority all 3 50 vlan port pvid all 3 35 vlan port tagging all 3 36 vlan priority 3 50 vlan protocol group 3 36 vlan protocol grou...

Отзывы:

Нет отзывов