D-Link DES-3010FA, Cli Manual

Page 1: ......

Page 2: ...n authentication 21 enable authentication 22 ip http authentication 23 ip https authentication 24 show authentication methods 25 password 26 enable password 27 username 28 Section 3 Address Table Commands 29 bridge address 29 bridge multicast filtering 30 bridge multicast address 31 bridge multicast forbidden address 32 bridge multicast forward all 33 bridge multicast forbidden forward all 34 brid...

Page 3: ... unicast client enable 59 sntp unicast client poll 60 sntp server 61 show clock 62 show sntp configuration 63 show sntp status 64 Section 5 Configuration and Image Files 65 copy 65 delete 68 delete startup config 69 show running config 70 show startup config 71 Section 6 Ethernet Configuration Commands 72 interface ethernet 72 interface range ethernet 73 shutdown 74 description 75 speed 76 duplex ...

Page 4: ...forbid 102 clear gvrp statistics 103 show gvrp configuration 104 show gvrp statistics 105 show gvrp error statistics 106 Section 8 IGMP Snooping Commands 107 ip igmp snooping Global 107 ip igmp snooping Interface 108 ip igmp snooping host time out 109 ip igmp snooping mrouter time out 110 ip igmp snooping leave time out 111 show ip igmp snooping mrouter 112 show ip igmp snooping interface 113 show...

Page 5: ...al history size 141 show line 142 Section 12 Management ACL 143 management access list 143 permit Management 145 deny Management 146 management access class 147 show management access list 148 show management access class 149 Section 13 PHY Diagnostics Commands 150 test copper port tdr 150 show copper ports tdr 151 show copper ports cable length 152 show fiber ports optical transceiver 153 Section...

Page 6: ... show qos 172 priority queue out num of queues 173 rate limit interface configuration 174 show qos interface 175 traffic shape 177 wrr queue cos map 178 qos map dscp queue 179 qos trust Global 180 qos trust Interface 181 qos cos 182 show qos map 183 Section 18 Radius Commands 184 radius server host 184 radius server key 186 radius server retransmit 187 radius server source ip 188 radius server tim...

Page 7: ...15 snmp server community 215 snmp server view 217 snmp server group 218 snmp server user 219 snmp server engineID local 221 snmp server enable traps 223 snmp server filter 224 snmp server host 225 snmp server v3 host 226 snmp server trap authentication 227 snmp server contact 228 snmp server location 229 snmp server set 230 show snmp 231 show snmp engineid 233 show snmp views 234 show snmp groups ...

Page 8: ...y 254 spanning tree mst max hops 255 spanning tree mst port priority 256 spanning tree mst cost 257 spanning tree mst configuration 258 instance mst 259 name mst 260 revision mst 261 show mst 262 exit mst 263 abort mst 264 show spanning tree 265 Section 23 Syslog Commands 267 logging on 267 logging 268 logging console 269 logging buffered 270 logging buffered size 271 clear logging 272 logging fil...

Page 9: ...itchport access vlan 303 switchport private vlan 304 show vlan private vlan 305 switchport trunk allowed vlan 306 switchport trunk native vlan 307 switchport general allowed vlan 308 switchport general pvid 309 switchport general ingress filtering disable 310 switchport general acceptable frame type tagged only 311 switchport forbidden vlan 312 ip internal usage vlan 313 show vlan 314 show vlan in...

Page 10: ...l 332 dot1x re authentication 333 dot1x timeout re authperiod 334 dot1x re authenticate 335 dot1x timeout quiet period 336 dot1x timeout tx period 337 dot1x max req 338 dot1x timeout supp timeout 339 dot1x timeout server timeout 340 show dot1x 341 show dot1x users 344 show dot1x statistics 346 ADVANCED FEATURES 348 dot1x auth not req 348 dot1x multiple hosts 349 dot1x single host violation 350 dot...

Page 11: ...mmand mode From each mode a specific command is used to navigate from one command mode to another The standard order to access the modes is as follows User EXEC mode Privileged EXEC mode Global Configuration mode and Interface Configuration mode The following figure illustrates the command mode access path When starting a session the initial mode is the User EXEC mode Only a limited subset of comm...

Page 12: ...ameters The password is not displayed on the screen and is case sensitive Privileged users enter directly into the Privileged EXEC mode To enter the Privileged EXEC mode from the User EXEC mode perform the following steps 1 At the prompt enter the enable command and press Enter A password prompt is displayed 2 Enter the password and press Enter The password is displayed as The Privileged EXEC mode...

Page 13: ...the Line Configuration command mode VLAN Database Contains commands to create a VLAN as a whole The vlan database Global Configura tion mode command is used to enter the VLAN Database Interface Configuration mode Management Access List Contains commands to define management access lists The management access list Global Configuration mode command is used to enter the Management Access List Configu...

Page 14: ...to the RS 232 serial port of the device to the RS 232 serial port of the terminal or computer running the terminal emulation application Note The default data rate is 9600 a Set the data format to 8 data bits 1 stop bit and no parity b Set Flow Control to none c Under Properties select VT100 for Emulation mode d Select Terminal keys for Function Arrow and Ctrl keys Ensure that the setting is for T...

Page 15: ... in place of a parameter The matched keyword or parameters for this command are displayed To assist in using the CLI there is an assortment of editing features The following features are described Terminal Command Buffer Command Completion Keyboard Shortcuts 1 3 1 1 Terminal Command Buffer Every time a command is entered in the CLI it is recorded on an internally managed Command History buffer Com...

Page 16: ...certain command entry standards that apply to all commands The following table describes the command conventions Keyboard Key Description Up arrow key Recalls commands from the history buffer beginning with the most recent command Repeat the key sequence to recall successively older commands Down arrow key Returns the most recent commands from the history buffer after recalling commands with the u...

Page 17: ...a range of ports or parameters and all is an option the default for the command is all when no parameters are defined For exam ple the command interface range port channel has the option of either entering a range of channels or selecting all When the command is entered without a parameter it automatically defaults to all ...

Page 18: ... string used to name the list of authentication methods activated when a user logs in Range 1 12 characters method1 method2 Specify at least one from the following table Default Configuration The local user database is checked This has the same effect as the command aaa authentication login list name local Note If the authentication method is not defined console users will be able to log in withou...

Page 19: ...ed to name this list The method argument identifies the list of methods that the authentication algorithm tries in the given sequence The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The following e...

Page 20: ...mand aaa authentication enable default enable On the console the enable password is used if it exists If no password is set the process still succeeds This has the same effect as using the command aaa authentication enable default enable none Command Mode Global Configuration mode User Guidelines The default and optional list names created with the aaa authentication enable command are used with t...

Page 21: ...AAA Commands Page 20 Example The following example sets the enable password for authentication when accessing higher privilege levels Console config aaa authentication enable default enable ...

Page 22: ...Parameters default Uses the default list created with the aaa authentication login command list name Uses the indicated list created with the aaa authentication login command Default Configuration Uses the default set with the command aaa authentication login Command Mode Line Configuration mode User Guidelines In order to change or rename an authentication method use the negate command and create...

Page 23: ...nable authentication Parameters default Uses the default list created with the aaa authentication enable command list name Uses the indicated list created with the aaa authentication enable command Default Configuration Uses the default set with the aaa authentication enable command Command Mode Line Configuration mode User Guidelines There are no user guidelines for this command Example The follo...

Page 24: ...cked This has the same effect as the command ip http authentication local Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The following exampl...

Page 25: ... same effect as the command ip https authentication local Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The following example configures HTT...

Page 26: ...configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the authentication configuration Console show authentication methods Login Authentication Method Lists Default Local Enable Authentication Method Lists Console_Default Local Network_Default Enable Line Login Method List Enable Method List Console Defa...

Page 27: ... for this level Range 1 159 characters encrypted Encrypted password to be entered copied from another device configuration Default Configuration No password is defined Command Mode Line Configuration mode User Guidelines If a password is defined as encrypted the required password length is 32 characters Example The following example specifies password secret on a console Console config line consol...

Page 28: ...Parameters password Password for this level Range 1 159 characters level Level for which the password applies If not specified the level is 15 Range 1 15 encrypted Encrypted password entered copied from another device configuration Default Configuration No enable password is defined Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The fol...

Page 29: ...thentication password for the user Range 1 159 characters level The user level Range 1 15 If not specified the level is 1 encrypted Encrypted password entered copied from another device configuration Default Configuration No user is defined If not specified the user level is 1 Command Mode Global Configuration mode User Guidelines User account can be created without a password Example The followin...

Page 30: ...s command delete on reset The address is deleted after reset delete on timeout The address is deleted after age out time has expired secure The address is deleted after the port changes mode to unlock learning no port security com mand This parameter is only available when the port is in the learning locked mode Default Configuration No static addresses are defined The default mode for an added ad...

Page 31: ...esses is disabled All multicast addresses are flooded to all ports Command Mode Global Configuration mode User Guidelines If multicast routers exist on the VLAN do not change the unregistered multicast addresses state to drop on the switch ports If multicast routers exist on the VLAN and IGMP snooping is not enabled the bridge multicast forward all com mand should be used to enable forwarding all ...

Page 32: ...multicast address ip multicast address A valid IP multicast address interface list Separate nonconsecutive Ethernet ports with a comma and no spaces a hyphen is used to designate a range of ports port channel number list Separate nonconsecutive port channels with a comma and no spaces a hyphen is used to designate a range of ports Default Configuration No multicast addresses are defined Command Mo...

Page 33: ...ss A valid MAC multicast address ip multicast address A valid IP multicast address interface list Separate nonconsecutive Ethernet ports with a comma and no spaces hyphen is used to designate a range of ports port channel number list Separate nonconsecutive valid port channels with a comma and no spaces a hyphen is used to designate a range of port channels Default Configuration No forbidden addre...

Page 34: ...icast packets remove Do not force forwarding all multicast packets interface list Separate nonconsecutive Ethernet ports with a comma and no spaces a hyphen is used to designate a range of ports port channel number list Separate nonconsecutive port channels with a comma and no spaces a hyphen is used to designate a range of port channels Default Configuration This setting is disabled Command Mode ...

Page 35: ...secutive Ethernet ports with a comma and no spaces a hyphen is used to designate a range of ports port channel number list Separates nonconsecutive port channels with a comma and no spaces a hyphen is used to designate a range of port channels Default Configuration This setting is disabled Command Mode Interface Configuration VLAN mode User Guidelines IGMP snooping dynamically discovers multicast ...

Page 36: ... use the no form of this command Syntax bridge aging time seconds no bridge aging time Parameters seconds Time in seconds Range 10 630 seconds Default Configuration The default setting is 300 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example In this example the bridge aging time is set to 250 Console config bridge aging time 250 ...

Page 37: ...y learned entries from the forwarding database Syntax clear bridge Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example the bridge tables are cleared Console clear bridge ...

Page 38: ...addresses This is the default if no option is indicated discard shutdown Discards packets with unlearned source addresses The port is also shut down seconds Sends SNMP traps and defines the minimum amount of time in seconds between consecutive traps Range 1 1000000 Default Configuration This setting is disabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There a...

Page 39: ...lt Configuration No addresses are defined Command Mode Interface Configuration Ethernet port channel mode Cannot be configured for a range of interfaces range con text User Guidelines The command enables adding secure MAC addresses to a routed port in port security mode The command is available when the port is a routed port and in port security mode The address is deleted if the port exits the se...

Page 40: ...rt channel number Port channel number mac address MAC address Parameters Range Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines Internal usage VLANs VLANs that are automatically allocated on routed ports are presented in the VLAN column by a port number and not by a VLAN ID Example Console show bridge address table Aging time is 300 sec v...

Page 41: ...ch as VLAN 1 interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example all static entries in the bridge forwarding database are displayed Console show bridge address table static Aging time is 3...

Page 42: ...arameters vlan Specifies a valid VLAN such as VLAN 1 interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example the number of addresses present in all VLANs are displayed Console show bridge addr...

Page 43: ...c Multicast address format Can be ip or mac If the format is unspecified the default is mac Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines A MAC address can be displayed in IP format only if it is in the range of 0100 5e00 0000 0100 5e7f ffff Example In this example multicast MAC address and IP address table information is displaye...

Page 44: ...es as shown above Console show bridge multicast address table format ip Vlan IP MAC Address Type Ports 1 224 239 130 2 2 3 static 1 2 18 224 239 130 2 2 8 static 1 3 19 224 239 130 2 2 8 dynamic 5 7 Forbidden ports for multicast addresses Vlan IP MAC Address Ports 1 224 239 130 2 2 3 8 19 224 239 130 2 2 8 8 ...

Page 45: ...ult Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example In this example the multicast configuration for VLAN 1 is displayed Console show bridge multicast filtering 1 Filtering Enabled VLAN 1 Port Forward Unregistered Forward All Static Status Static Status 1 Forbidden Filter Forbidden Filter 2 For...

Page 46: ...nel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example all classes of entries in the port lock status are displayed Console show ports security Port Action Trap Frequency 1 Disabled 2 Disabled Discard Disabled 3 Disabled 4 Disabled 5 Disqbled 6 Disabled 7 Disa...

Page 47: ...es describes the fields shown above ch7 Disabled ch8 Disabled Field Description Port Port number Status Locked Unlocked Action Action on violation Trap Indicates if traps are sent in case of a violation Frequency Minimum time between consecutive traps ...

Page 48: ...litary format minutes and seconds hh 0 23 mm 0 59 ss 0 59 day Current day by date in the month 1 31 month Current month using the first three letters by name Jan Dec year Current year 2000 2097 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example sets the system ...

Page 49: ...disable external time source Syntax clock source sntp no clock source Parameters sntp SNTP servers Default Configuration No external clock source Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example configures an external time source for the system clock Console config clock source sntp ...

Page 50: ...o clock timezone Parameters hours offset Hours difference from UTC Range 12 13 minutes Minutes difference from UTC Range 0 59 zone The acronym of the time zone Range 1 4 characters Default Configuration Clock set to UTC Command Mode Global Configuration mode User Guidelines The system internally keeps time in UTC so this command is used only for display purposes and when the time is manually set E...

Page 51: ...at summer time should start on the first specific date listed in the command and end on the second specific date in the command week Week of the month Range 1 5 first last day Day of the week Range first three letters by name like sun date Date of the month Range 1 31 month Month Range first three letters by name like Jan year year no abbreviation Range 2000 2097 hh mm Time in military format in h...

Page 52: ... starting month is chronologically after the ending month the system assumes that you are in the southern hemisphere EU rules for daylight savings time Start Last Sunday in March End Last Sunday in October Time 1 am local time USA rules for daylight savings time Start First Sunday in April End Last Sunday in October Time 2 am local time Examples The following example sets summer time starting on t...

Page 53: ...ommand Syntax sntp authentication key number md5 value no sntp authentication key number Parameters number Key number Range 1 4294967295 value Key value Range 1 8 characters Default Configuration No authentication key is defined Command Mode Global Configuration mode User Guidelines Multiple keys can be generated Examples The following example defines the authentication key for SNTP Console config...

Page 54: ...le the feature use the no form of this command Syntax sntp authenticate no sntp authenticate Default Configuration No authentication Command Mode Global Configuration mode User Guidelines The command is relevant for both unicast and broadcast Examples The following example defines the authentication key for SNTP and grants authentication Console config sntp authentication key 8 md5 ClkKey Console ...

Page 55: ...usted key key number Parameters key number Key number of authentication key to be trusted Range 1 4294967295 Default Configuration No keys are trusted Command Mode Global Configuration mode User Guidelines The command is relevant for both received unicast and broadcast If there is at least 1 trusted key then unauthenticated messages will be ignored Examples The following example authenticates key ...

Page 56: ...m of this command Syntax sntp client poll timer seconds no sntp client poll timer Parameters seconds Polling interval in seconds Range 60 86400 Default Configuration Polling interval is 1024 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example sets the polling time for the Simple Network Time Protocol SNTP clien...

Page 57: ...is command Syntax sntp broadcast client enable no sntp broadcast client enable Default Configuration The SNTP broadcast client is disabled Command Mode Global Configuration mode User Guidelines Use the sntp client enable Interface Interface Configuration mode command to enable the SNTP client on a specific interface Examples The following example enables the SNTP broadcast clients Console config s...

Page 58: ... enable no sntp anycast client enable Default Configuration The SNTP anycast client is disabled Command Mode Global Configuration mode User Guidelines Polling time is determined by the sntp client poll timer Global Configuration mode command Use the sntp client enable Interface Interface Configuration mode command to enable the SNTP client on a specific interface Examples The following example ena...

Page 59: ... disabled on an interface Command Mode Interface configuration Ethernet port channel VLAN mode User Guidelines Use the sntp broadcast client enable Global Configuration mode command to enable broadcast clients globally Use the sntp anycast client enable Global Configuration mode command to enable anycast clients globally Also you can configure the sntp client enable in the Global configuration mod...

Page 60: ...NTP traffic from servers use the no form of this command Syntax sntp unicast client enable no sntp unicast client enable Default Configuration The SNTP unicast client is disabled Command Mode Global Configuration mode User Guidelines Use the sntp server Global Configuration mode command to define SNTP servers Examples The following example enables the device to use the Simple Network Time Protocol...

Page 61: ...e the no form of this com mand Syntax sntp unicast client poll no sntp unicast client poll Default Configuration Polling is disabled Command Mode Global Configuration mode User Guidelines Polling time is determined by the sntp client poll timer Global Configuration mode command Examples The following example enables polling for Simple Network Time Protocol SNTP predefined unicast clients Console c...

Page 62: ...nable polling keyid Authentication key to use when sending packets to this peer Range 1 4294967295 Default Configuration No servers are defined Command Mode Global Configuration mode User Guidelines Up to 8 SNTP servers can be defined Use the sntp unicast client enable Global Configuration mode command to enable predefined unicast clients globally To enable polling you should also use the sntp uni...

Page 63: ...dicates the following Example The following example displays the time and date from the system clock Symbol Description Time is not authoritative blank Time is authoritative Time is authoritative but SNTP is not synchronized Console show clock 15 29 03 PDT UTC 7 Jun 17 2002 Time source is SNTP Console show clock detail 15 29 03 PDT UTC 7 Jun 17 2002 Time source is SNTP Time zone Acronym is PST Off...

Page 64: ...rivileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays the current SNTP configuration of the device Console show sntp configuration Polling interval 60 seconds No MD5 Authentication keys Authentication is not required for synchronization No trusted keys Unicast Clients Polling Enabled Server Polling Encryption Key 10 6 1 8 Enabled ...

Page 65: ... the SNTP Console show sntp status Clock is synchronized stratum 4 reference is 176 1 1 8 unicast Reference time is AFE2525E 70597B34 00 10 22 438 PDT Jul 5 1993 Unicast servers Server Status Last response Offset mSec Delay mSec 176 1 1 8 Up 19 58 22 289 PDT Feb 19 2002 7 33 117 79 176 1 8 179 Unknown 12 17 17 987 PDT Feb 19 2002 8 98 189 19 Anycast server Server Interface Status Last response Off...

Page 66: ...e or destination URL The entire copying process may take several minutes and differs from protocol to protocol and from network to network Understanding Invalid Combinations of Source and Destination Keyword Source or Destination flash Source or destination URL for flash memory It s the default in case a URL is specified without a prefix running config Represents the current running configuration ...

Page 67: ...iguration and the loaded configuration files with the loaded configuration file taking precedence Copying a Configuration File from a Server to the Startup Configuration To copy a configuration file from a network server to the startup configuration file of the device enter copy source url startup config The startup configuration file is replaced by the copied configuration file Storing the Runnin...

Page 68: ...e The following example copies system image file1 from the TFTP server 172 16 101 101 to a non active image file Console copy tftp 172 16 101 101 file1 image Accessing file file1 on 172 16 101 101 Loading file1 from 172 16 101 101 OK Copy took 0 01 11 hh mm ss ...

Page 69: ...haracters The following table displays the reserved keyword Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines sys image file cannot be deleted Examples The following example deletes file test from flash memory Keyword Source or Destination startup config Represents the startup configuration file Console delete startup config Delete st...

Page 70: ... command deletes the startup config file Syntax delete startup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example deletes the startup config file Console delete startup config ...

Page 71: ...nes There are no user guidelines for this command Examples The following example displays the contents of the running configuration file Console show running config no spanning tree interface ethernet 3 ip address 10 6 39 150 255 255 255 0 exit username ews password d41d8cd98f00b204e9800998ecf8427e level 15 encrypted snmp server engineID local 8000005903001325387800 snmp server v3 host 10 6 39 23 ...

Page 72: ...ines There are no user guidelines for this command Examples The following example displays the contents of the running configuration file Console show startup config no spanning tree interface ethernet 3 ip address 10 6 39 150 255 255 255 0 exit username ews password d41d8cd98f00b204e9800998ecf8427e level 15 encrypted snmp server engineID local 8000005903001325387800 snmp server v3 host 10 6 39 23...

Page 73: ... configure an Ethernet type interface Syntax interface ethernet interface Parameters interface Valid Ethernet port Full syntax port Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables configuring Ethernet port 7 Console config if interface ethernet ...

Page 74: ... range of ports and group a list separated by commas in brackets all All Ethernet ports Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each active interface in the range If the command returns an error on one of the active interfaces it does not stop exec...

Page 75: ...down Default Configuration The interface is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Examples The following example disables Ethernet port 5 operations The following example restarts the disabled Ethernet port Console config interface ethernet 5 Console config if shutdown Console config interface ethernet ...

Page 76: ...ion Parameters string Comment or a description of the port to enable the user to remember what is attached to the port Range 1 64 characters Default Configuration The interface does not have a description Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example adds a description to Ethernet port 5 C...

Page 77: ...Parameters 10 Forces10 Mbps operation 100 Forces 100 Mbps operation 1000 Forces 1000 Mbps operation Default Configuration Maximum port capability Command Mode Interface Configuration Ethernet port channel mode User Guidelines The no speed command in a port channel context returns each port in the port channel to its maximum capability Example The following example configures the speed operation of...

Page 78: ...alf duplex operation full Forces full duplex operation Default Configuration The interface is set to full duplex Command Mode Interface Configuration Ethernet mode User Guidelines When configuring a particular duplex mode on the port operating at 10 100 Mbps disable the auto negotiation on that port Half duplex mode can be set only for ports operating at 10 Mbps or 100 Mbps Example The following e...

Page 79: ...vertise Possible values 10h 10f 100h 100f 1000f Default Configuration Auto negotiation is enabled If unspecified the default setting is to enable all capabilities of the port Command Mode Interface Configuration Ethernet port channel mode User Guidelines If capabilities were specified when auto negotiation was previously entered not specifying capabilities when cur rently entering auto negotiation...

Page 80: ...tax flowcontrol auto on off no flowcontrol Parameters auto Indicates auto negotiation on Enables flow control off Disables flow control Default Configuration Flow control is off Command Mode Interface Configuration Ethernet port channel mode User Guidelines Negotiation should be enabled for flow control auto Example In the following example flow control is enabled on port 5 Console config interfac...

Page 81: ... connect a PC with cross or normal cables are supported and are automatically detected On It is possible to connect to a PC only with a normal cable and to connect to another device only with a cross cable This is true if only one device is to be configured mdix on To configure another device no mdix No It is possible to connect to a PC only with a cross cable and to connect to another device only...

Page 82: ...le back pressure use the no form of this command Syntax back pressure no back pressure Default Configuration Back pressure is disabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example In the following example back pressure is enabled on port 5 Console config interface ethernet 5 Console config if back pressure ...

Page 83: ... port channel number Parameters interface Valid Ethernet port Full syntax port port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In the following example the counters for interface 1 are cleared Console clear counters ethernet 1...

Page 84: ...channel number Parameters interface Valid Ethernet port Full syntax port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command is used to activate interfaces that were configured to be active but were shutdown by the system for some reason e g port security Example The following example reactivates interface 5 Console set int...

Page 85: ...and has no default configuration Command Modes User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following examples display auto negotiation information Console show interfaces advertise Port Type Neg Operational Link Advertisement 1 100M Copper Enabled 2 100M Copper Enabled 3 100M Copper Enabled 4 100M Copper Enabled 5 100M Copper Enabled 100f...

Page 86: ...D Link DES 3010FA GA PA CLI Reference Guide Page 85 ch3 Enabled ch4 Enabled ch5 Enabled ch6 Enabled ...

Page 87: ...lines for this command Example The following example displays the configuration of all configured interfaces Console show interfaces configuration Port Type Duplex Speed Neg Flow Ctrl Admin State Back Pressure Mdix Mode 1 100M Copper Full 100 Enabled Off Up Disabled Auto 2 100M Copper Full 100 Enabled Off Up Disabled Auto 3 100M Copper Full 100 Enabled Off Up Disabled Auto 4 100M Copper Full 100 E...

Page 88: ...tion This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the status of all configured interfaces Console show interfaces status Port Type Duplex Speed Neg Flow Ctrl Link State Back Pressure Mdix Mode 1 100M Copper Down 2 100M Copper Down 3 100M Copper Down 4 100M Cop...

Page 89: ...Ethernet Configuration Commands Page 88 ch1 Not Present ch2 Not Present ch3 Not Present ch4 Not Present ch5 Not Present ch6 Not Present ...

Page 90: ...nnel port channel number Parameters interface Valid Ethernet port Full syntax port port channel number A valid port channel number Default Configuration This command has no default configuration Command Modes User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays descriptions of configured interfaces Console show interfaces...

Page 91: ...Ethernet Configuration Commands Page 90 ch2 ch3 ch4 ch5 ch6 ...

Page 92: ... port Full syntax port port channel number A valid port channel number Default Configuration This command has no default configuration Command Modes User or Previlaged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays traffic seen by the physical interface Console show interfaces counters Port InOctets InUcastPkts InMcastPkts InBcastPkt...

Page 93: ...5 0 0 0 0 6 0 0 0 0 7 0 0 0 0 8 0 0 0 0 9 0 0 0 0 10 0 0 0 0 Ch InOctets InUcastPkts InMcastPkts InBcastPkts ch1 0 0 0 0 ch2 0 0 0 0 ch3 0 0 0 0 ch4 0 0 0 0 ch5 0 0 0 0 ch6 0 0 0 0 Ch InOctets InUcastPkts InMcastPkts InBcastPkts ch1 0 0 0 0 ch2 0 0 0 0 ch3 0 0 0 0 ch4 0 0 0 0 ch5 0 0 0 0 ch6 0 0 0 0 Console show interfaces counters ethernet 1 Port InOctets InUcastPkts InMcastPkts InBcastPkts 1 183...

Page 94: ...cast packets OutBcastPkts Counted transmitted broadcast packets FCS Errors Counted received frames that are an integral number of octets in length but do not pass the FCS check Single Collision Frames Counted frames that are involved in a single collision and are subsequently transmitted successfully Late Collisions Number of times that a collision is detected later than one slotTime into the tran...

Page 95: ...cast Parameters unknown unicast Specifies also counting unknown unicast packets Default Configuration Multicast packets are not counted Command Modes Interface Configuration Ethernet mode User Guidelines To control multicast storms use the port storm control broadcast enable and port storm control broadcast rate commands Example The following example enables counting broadcast and multicast packet...

Page 96: ...ernet mode User Guidelines Use the port storm control broadcast rate Interface Configuration Ethernet mode command to set the maxi mum allowable broadcast rate Use the port storm control include multicast Interface Configuration Ethernet mode command to enable counting multicast packets and optionally unknown unicast packets in the storm control calculation The command can be enabled on a specific...

Page 97: ...K 1M in steps of at least 10K 1M 10M in steps of at least 1M 10M 250M in steps based on the requested rate Default Configuration The default storm control broadcast rate is 100 Kbits Sec Command Mode Interface Configuration Ethernet mode User Guidelines Use the port storm control broadcast enable Interface Configuration mode command to enable broadcast storm control Since granularity depends on th...

Page 98: ...and has no default configuration Command Modes User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the storm control configuration Console show ports storm control Port State Rate Kbits Sec Included 1 Enabled 100 Broadcast 2 Enabled 100 Broadcast 3 Enabled 100 Broadcast 4 Enabled 100 Broadcast 5 Enabled 100 Broadcast 6 E...

Page 99: ... work and all other devices on the network learn these VLANs dynamically The gvrp enable Global Configuration mode command enables GVRP globally To disable GVRP on the device use the no form of this command Syntax gvrp enable no gvrp enable Default Configuration GVRP is globally disabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example Th...

Page 100: ...guration GVRP is disabled on all interfaces Command Mode Interface Configuration Ethernet port channel mode User Guidelines An access port does not dynamically join a VLAN because it is always a member in only one VLAN Membership in an untagged VLAN is propagated in the same way as in a tagged VLAN That is the PVID is man ually defined as the untagged VLAN VID Example The following example enables...

Page 101: ...r values Join timer 200 milliseconds Leave timer 600 milliseconds Leaveall timer 10000 milliseconds Command Mode Interface configuration Ethernet port channel mode User Guidelines The following relationship must be maintained between the timers Leave time must be greater than or equal to three times the join time Leave all time must be greater than the leave time Set the same GARP timer values on ...

Page 102: ...ault Configuration Dynamic VLAN creation or modification is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines This command forbids dynamic VLAN creation from the interface The creation or modification of dynamic VLAN registration entries as a result of the GVRP exchanges on an interface are restricted only to those VLANs for which static VLAN registration exis...

Page 103: ...s on a port use the no form of this command Syntax gvrp registration forbid no gvrp registration forbid Default Configuration Dynamic registration of VLANs on the port is allowed Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example forbids dynamic registration of VLANs on Ethernet port 6 Console ...

Page 104: ...channel port channel number Parameters interface A valid Ethernet port Full syntax port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example clears all GVRP statistical information on Ethernet port 6 Console...

Page 105: ...t port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays GVRP configuration information Console show gvrp configuration GVRP Feature is currently disabled on the device Maximum VLANs 255 Timers millis...

Page 106: ... This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows GVRP statistical information Console show gvrp statistics GVRP Statistics Legend rJE Join Empty Received rJIn Join In Received rEmp Empty Received rLIn Leave In Received rLE Leave Empty Received rLA Leave All Received...

Page 107: ...valid port channel number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays GVRP statistical information Console show gvrp error statistics GVRP Error Statistics Legend INVPROT Invalid Protocol Id INVALEN Invalid Attribute Length INVATYP Invalid Attribute T...

Page 108: ...et Group Management Protocol IGMP snooping To disable IGMP snooping use the no form of this command Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled Command Mode Global Configuration mode User Guidelines IGMP snooping can only be enabled on static VLANs Example The following example enables IGMP snooping Console config ip igmp snooping ...

Page 109: ...sable IGMP snooping on a VLAN interface use the no form of this command Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled Command Mode Interface Configuration VLAN mode User Guidelines IGMP snooping can only be enabled on static VLANs Example The following example enables IGMP snooping on VLAN 2 Console config interface vlan 2 Console config if ip igmp sno...

Page 110: ...default configuration use the no form of this command Syntax ip igmp snooping host time out time out no ip igmp snooping host time out Parameters time out Host timeout in seconds Range 1 2147483647 Default Configuration The default host time out is 260 seconds Command Mode Interface Configuration VLAN mode User Guidelines The timeout should be at least greater than 2 query_interval max_response_ti...

Page 111: ...n to the default configuration use the no form of this command Syntax ip igmp snooping mrouter time out time out no ip igmp snooping mrouter time out Parameters time out Multicast router timeout in seconds Range 1 2147483647 Default Configuration The default value is 300 seconds Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example The...

Page 112: ...ip igmp snooping leave time out Parameters time out Specifies the leave time out in seconds for IGMP queries Range 0 2147483647 immediate leave Indicates that the port should be immediately removed from the members list after receiving IGMP Leave Default Configuration The default leave time out configuration is 10 seconds Command Mode Interface Configuration VLAN mode User Guidelines The leave tim...

Page 113: ...s Syntax show ip igmp snooping mrouter interface vlan id Parameters vlan id VLAN number Default Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays multicast router interfaces in VLAN 1000 Console show ip igmp snooping mrouter interface 1000 VLAN Ports ...

Page 114: ...nd has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays IGMP snooping information on VLAN 1000 Console show ip igmp snooping interface 1000 IGMP Snooping is globaly enabled IGMP Snooping is enabled on VLAN 1000 IGMP host timeout is 300 sec IGMP Immediate leave is disabled IGMP lea...

Page 115: ...Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines To see the full multicast address table including static addresses use the show bridge multicast address table Privileged EXEC command Example The following example shows IGMP snooping information on multicast groups Console show ip igmp snooping groups Vlan IP Address Querier Ports 1 224 239 130 2 ...

Page 116: ...mask of the IP address prefix length Specifies the number of bits that comprise the IP address prefix The prefix length must be preceded by a forward slash Range 8 30 Default Configuration No IP address is defined for interfaces Command Mode Interface Configuration Ethernet VLAN port channel mode User Guidelines An IP address cannot be configured for a range of interfaces range context Example The...

Page 117: ...g the DHCP pro tocol Some DHCP servers require that the DHCPDISCOVER message have a specific host name The ip address dhcp hostname host name command is most typically used when the host name is provided by the system administrator If the device is configured to obtain its IP address from a DHCP server it sends a DHCPDISCOVER message to provide information about itself to the DHCP server on the ne...

Page 118: ... no form of this command Syntax ip default gateway ip address no ip default gateway Parameters ip address Valid IP address of the default gateway Default Configuration No default gateway is defined Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines default gateway 192 168 1 1 Console config ip default gateway 1...

Page 119: ...Valid Ethernet port vlan id Valid VLAN number port channel number Valid Port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example the displays the configured IP interfaces and their types Console show ip interface Gateway IP Address Activity status...

Page 120: ...AC address hw_addr Valid MAC address to map to the specified IP address or IP alias interface number Valid Ethernet port vlan id Valid VLAN number port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines The software uses ARP cache entries to translate 32 bit IP addresses into 48 bit hardwar...

Page 121: ...d Syntax arp timeout seconds no arp timeout Parameters seconds Time in seconds that an entry remains in the ARP cache Range 1 40000000 Default Configuration The default timeout is 300 seconds Command Mode Global Configuration mode User Guidelines It is recommended not to set the timeout value to less than 3600 Example The following example configures the ARP timeout to 12000 seconds Console config...

Page 122: ...es all dynamic entries from the ARP cache Syntax clear arp cache Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example deletes all dynamic entries from the ARP cache Console clear arp cache ...

Page 123: ...is command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays entries in the ARP table Console show arp ARP timeout 80000 Seconds Interface IP address HW address Status 1 10 7 1 102 00 10 B5 04 DB 4B Dynamic 2 10 7 1 135 00 50 22 00 2A A4 Static ...

Page 124: ...ax ip domain name name no ip domain name Parameters name Specifies the default domain name used to complete unqualified host names Do not include the ini tial period that separates an unqualified name from the domain name Range 1 158 characters Default Configuration A default domain name is not defined Command Mode Global Configuration mode User Guidelines There are no user guidelines for this com...

Page 125: ...server address1 server address8 Parameters server address Specifies IP addresses of the name server Default Configuration No name server addresses are specified Command Mode Global Configuration mode User Guidelines The preference of the servers is determined by the order in which they were entered Up to 8 servers can be defined using one command or using multiple commands Examples The following e...

Page 126: ... command Syntax ip host name address no ip host name Parameters name Name of the host Range 1 158 characters address Associated IP address Default Configuration No host is defined Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines a static host name to address mapping in the host cache Console config ip host ac...

Page 127: ...Parameters name Specifies the host entry to be removed Range 1 158 characters Removes all entries Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example deletes all entries from the host name to address cache Console clear host ...

Page 128: ...st dhcp name Parameters name Specifies the host entry to be removed Range 1 158 characters Removes all entries Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command deletes the host name to address mapping temporarily until the next renewal of the IP address Examples The following example deletes all entries from the host nam...

Page 129: ...lt configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays host information Console show hosts System name Device Default domain is gm com sales gm com usa sales gm com DHCP Name address lookup is enabled Name servers Preference order 176 16 1 18 176 16 1 19 Configured host name to address mapping Host Ad...

Page 130: ...ration use the no form of this command Syntax lacp system priority value no lacp system priority Parameters value Specifies system priority value Range 1 65535 Default Configuration The default system priority is 1 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the system priority to 120 Console config l...

Page 131: ...x lacp port priority value no lacp port priority Parameters value Specifies port priority Range 1 65535 Default Configuration The default port priority is 1 Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example defines the priority of Ethernet port 6 as 247 Console config interface ethernet 6 Console config if...

Page 132: ...out long short no lacp timeout Parameters long Specifies the long timeout value short Specifies the short timeout value Default Configuration The default port timeout value is long Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example assigns a long administrative LACP timeout to Ethernet port 6 Console config...

Page 133: ...ion protocol state information Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example display LACP information for Ethernet port 1 Console show lacp ethernet 1 1 LACP parameters Actor system priority 1 system mac addr 00 00 12 34 56 78 port Admin key 30 port Oper k...

Page 134: ...Aggregation AGGREGATABLE synchronization FALSE collecting FALSE distributing FALSE expired FALSE 1 LACP Statistics LACP PDUs sent 2 LACP PDUs received 2 1 LACP Protocol State LACP State Machines Receive FSM Port Disabled State Mux FSM Detached State Periodic Tx FSM No Periodic State Control Variables BEGIN FALSE LACP_Enabled TRUE Ready_N FALSE Selected UNSELECTED Port_moved FALSE NNT FALSE Port_en...

Page 135: ...nfiguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays LACP information about port channel 1 Console show lacp port channel 1 Port Channel ch1 Port Type 100 Ethernet Attached Lag id Actor System Priority 22 MAC Address 00 55 20 88 45 11 Admin Key 1000 Oper Key 1000 ...

Page 136: ...s console Console terminal line telnet Virtual terminal for remote console access Telnet ssh Virtual terminal for secured remote console access SSH Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example configures the device as a virtual terminal for remote c...

Page 137: ...Parameters bps Baud rate in bits per second bps Possible values are 2400 4800 9600 19200 and 38400 Default Configuration The default speed is 9600 bps Command Mode Line Configuration console mode User Guidelines This command is available only on the line console Examples The following example configures the line baud rate to 38400 Console config line console Console config line speed 38400 ...

Page 138: ...xec timeout Parameters minutes Specifies the number of minutes Range 0 65535 seconds Specifies additional time intervals in seconds Range 0 59 Default Configuration The default configuration is 10 minutes Command Mode Line Configuration mode User Guidelines To specify no timeout enter the exec timeout 0 command Examples The following example configures the interval that the system waits until user...

Page 139: ...on The command history function is enabled Command Mode Line Configuration mode User Guidelines This command enables the command history function for a specified line To enable or disable the command his tory function for the current terminal session use the terminal history user EXEC mode command Example The following example enables the command history function for telnet Console config line tel...

Page 140: ...umber of commands that the system records in its history buffer Range 10 200 Default Configuration The default history buffer size is 10 Command Mode Line Configuration mode User Guidelines This command configures the command history buffer size for a particular line To configure the command history buffer size for the current terminal session use the terminal history size User EXEC mode command E...

Page 141: ... of this command Syntax terminal history no terminal history Default Configuration The default configuration for all terminal sessions is defined by the history line configuration command Command Mode User or Priviliged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example disables the command history function for the current terminal session Consol...

Page 142: ...ommands the system may record in its command history buffer Range 10 200 Default Configuration The default command history buffer size is 10 Command Mode User or Priviliged EXEC mode User Guidelines The terminal history size user EXEC command configures the size of the command history buffer for the current terminal session To change the default size of the command history buffer use the history l...

Page 143: ...Configuration If the line is not specified the default value is console Command Mode User or Priviliged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays the line configuration Console show line Console configuration Interactive timeout Disabled History 10 Baudrate 9600 Databits 8 Parity none Stopbits 1 Telnet configuration Interactive ...

Page 144: ...using the permit Management and deny Manage ment commands If no match criteria are defined the default is deny If you reenter an access list context the new rules are entered at the end of the access list Use the management access class command to select the active access list The active management list cannot be updated or removed Management ACL requires a valid management interface which is a po...

Page 145: ...o be management interfaces except Ethernet interfaces 1 and 6 and makes the new access list the active list Console config management access list mlist Console config macl deny ethernet 1 Console config macl deny ethernet 6 Console config macl permit Console config macl exit Console config management access class mlist ...

Page 146: ...e IP address mask A valid network mask of the source IP address prefix length Number of bits that comprise the source IP address prefix The prefix length must be pre ceded by a forward slash Range 0 32 service Service type Possible values telnet snmp http https ssh Default Configuration If no permit rule is defined the default is set to deny Command Mode Management Access list Configuration mode U...

Page 147: ...ce IP address mask A valid network mask of the source IP address mask prefix length Specifies the number of bits that comprise the source IP address prefix The prefix length must be preceded by a forward slash Range 0 32 Default Configuration This command has no default configuration Command Mode Management Access list Configuration mode User Guidelines Rules with Ethernet VLAN and port channel pa...

Page 148: ... name no management access class Parameters console only Indicates that the device can be managed only from the console name Specifies the name of the access list to be used Range 1 32 characters Default Configuration If no access list is specified an empty access list is used Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following...

Page 149: ...the name of a management access list Range 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the mlist management access list Console show management access list mlist mlist permit ethernet 1 permit ethernet 2 Note all other access imp...

Page 150: ...st Syntax show management access class Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information about the active management access list Console show management access class Management access class is enabled using access list mlist ...

Page 151: ...alid Ethernet port Full syntax port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The port to be tested should be shut down during the test unless it is a combination port with fiber port active The maximum length of the cable for the TDR test is 120 meters Examples The following example results in a report on the cable attached t...

Page 152: ... This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines The maximum length of the cable for the TDR test is 120 meters Example The following example displays information on the last TDR test performed on all copper ports Console show copper ports tdr Port Result Length meters Date 1 OK 2 Short 50 13 32 00 23 July 2005 3 Not Tested 4 Open 64 13 32 00 23 ...

Page 153: ...interface Parameters interface A valid Ethernet port Full syntax port Default Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines The port must be active and working in 1000M mode Example The following example displays the estimated copper cable length attached to all ports Console show copper ports cable length Port Length meters 1 50 ...

Page 154: ...default configuration Command Mode Privileged EXEC mode User Guidelines To test optical transceivers ensure a fiber link is present Examples The following examples display the optical transceiver diagnostics Console show fiber ports optical transceiver Input OK Power Port Temp Voltage Current Output LOS 10 OK OK OK OK OK Temp Internally measured transceiver temperature Voltage Internally measured ...

Page 155: ... channel port channel number Parameters port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Six aggregated links can be defined each can have up to eight member ports per port channel The aggregated links valid IDs are 1 8 Example The following example enters the context of port chann...

Page 156: ...valid port channels to add Separate nonconsecutive port channels with a comma and no spaces A hyphen designates a range of port channels all All valid port channels Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each interface in the range Example The fol...

Page 157: ...r of the valid port channel for the current port to join on Forces the port to join a channel without an LACP operation auto Allows the port to join a channel as a result of an LACP operation Default Configuration The port is not assigned to a port channel Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example ...

Page 158: ...el port channel number Parameters port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on all port channels Console show interfaces port channel Channel Ports 1 Active 1 2 2 Active 2 7 Inactive 1 ...

Page 159: ...e copied to another port or between the source port src interface and a destination port port being configured The following restrictions apply to ports configured as destination ports The port cannot be already configured as a source port The port cannot be a member in a port channel An IP interface is not configured on the port GVRP is not enabled on the port The port is not a member of a VLAN e...

Page 160: ...s command Syntax port monitor vlan tagging no port monitor vlan tagging Default Configuration Ingress mirrored packets are transmitted untagged Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example configures all ingress mirrored packets from port 9 to be transmitted as tagged packets Console config interface ...

Page 161: ...t Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows how the port monitoring status is displayed Console show ports monitor Source Port Destination Port Type Status VLAN Tagging 1 8 RX TX Active No 2 8 RX TX Active No 6 8 RX Active No ...

Page 162: ...bytes packet_count Number of packets to send If 0 is entered it pings until stopped Range 0 65535 packets time_out Timeout in milliseconds to wait for each reply Range 50 65535 milliseconds Default Configuration Default packet size is 56 bytes Default number of packets to send is 4 Default timeout value is 2000 milliseconds Command Mode User or Privileged EXEC mode User Guidelines Press Esc to sto...

Page 163: ... icmp_seq 3 time 7 ms 10 1 1 1 PING Statistics 4 packets transmitted 4 packets received 0 packet loss round trip ms min avg max 7 8 11 Console ping yahoo com Pinging yahoo com 66 218 71 198 with 64 bytes of data 64 bytes from 10 1 1 1 icmp_seq 0 time 11 ms 64 bytes from 10 1 1 1 icmp_seq 1 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 2 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 3 time 7 ms 10 1 1 1 PI...

Page 164: ...ion The default number of bytes in a packet is 40 The default maximum TTL value is 30 The default number of probes to be sent at each TTL level is 3 The default timeout interval in seconds is 3 Command Mode User or Privileged EXEC mode User Guidelines The traceroute command takes advantage of the error messages generated by the routers when a datagram exceeds its time to live TTL value The tracero...

Page 165: ...ec 6 iplsng kscyng abilene ucaid edu 198 32 8 80 47 msec 45 msec 45 msec 7 so 0 2 0x1 aa1 mich net 192 122 183 9 56 msec 53 msec 54 msec 8 atm1 0x24 michnet8 mich net 198 108 23 82 56 msec 56 msec 57 msec 9 10 A ARB3 LSA NG c SEB umnet umich edu 141 211 5 22 58 msec 58 msec 58 msec 11 umaxp1 physics lsa umich edu 141 211 101 64 62 msec 63 msec 63 msec Field Description 1 Indicates the sequence num...

Page 166: ...leged EXEC mode User Guidelines Caution should be exercised when resetting the device to ensure that no other activity is being performed In par ticular the user should verify that no configuration files are being downloaded at the time of reset Example The following example reloads the operating system Console reload This command will reset the whole system and disconnect your current session Do ...

Page 167: ...ommand Syntax hostname name no hostname Parameters name The host name of the device Range 1 158 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example specifies the device host name Console config hostname enterprise enterprise config ...

Page 168: ... users Default Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information about the active users Console show users Username Protocol Location Bob Serial John SSH 172 16 0 1 Robert HTTP 172 16 0 8 Betty Telnet 172 16 1 7 ...

Page 169: ...er Guidelines There are no user guidelines for this command Example The following example displays the system information Console show system System Description Switch 8 FE 1GE 1 SFP w embedded web h w Embedded Web System Up Time days hour min sec 0 02 07 50 System Contact System Name System Location System MAC Address 00 55 20 88 45 11 System Object ID 1 3 6 1 4 1 171 10 67 2 Main Power Supply St...

Page 170: ...uration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays system version information only for demonstration purposes Console show version SW version 1 0 0 0 date 23 Jul 2004 time 17 34 19 Boot version 1 0 0 0 date 11 Jan 2004 time 11 48 21 HW version 1 0 0 ...

Page 171: ...em ID information Syntax show system id Default Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the system ID information console show system id Serial number 09 ...

Page 172: ...ty of service QoS on the device To disable QoS on the device use the no form of this command Syntax qos no qos Default Configuration QoS is disabled on the device Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables QoS on the device Console config qos ...

Page 173: ...device Syntax show qos Default Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays QoS attributes when QoS is disabled on the device Console show qos Qos basic Basic trust dscp ...

Page 174: ...rameters number of queues Specifies the number of expedite queues The expedite queues would be the queues with higher indexes Range 0 4 Default Configuration All queues are expedite queues Command Mode Global Configuration mode User Guidelines When the specified number of expedite queues is 0 no SP is used and weights are defined as 1 2 and 4 When the specified number of expedite queues is 4 the S...

Page 175: ...t Parameters kbps Maximum of kilobits per second of ingress traffic on a port Range 62K 100M Defaults 1000 Kbits Sec Command Modes Interface configuration Ethernet Usage Guidelines The command can be enabled on a specific port only if port storm control brodcast enable interface configura tion command is not enabled on that port Examples The following example limits the rate of the incoming traffi...

Page 176: ...limit configuration shapers Display quality of service QoS shapers information at the interface level Default Configuration There is no default configuration for this command Command Mode User or Privileged EXEC mode User Guidelines If no keyword is specified port QoS information e g DSCP trusted CoS trusted untrusted etc is displayed If no interface is specified QoS information about all interfac...

Page 177: ...QoS Commands Page 176 Switch show qos interface 7 rate limit Port rate limit kbps 7 100 3 2 4 3 5 3 6 4 7 4 ...

Page 178: ...e id optional Assign shaper to the specified queue Range 4096 16769020 no traffic shape disable the shaper on the interface or use queue id to disable the shaper on the specified queue Command Mode Interface configuration Ethernet Port Channel Usage guidelines Use this command in interface configuration mode to activate the shaper on egress port or egress queue For egress port enter the interface ...

Page 179: ... values are mapped cos1 cos8 Specifies CoS values to be mapped to a specific queue Range 0 7 Default Configuration The map default values for 4 queues CoS value 1 select queue 1 CoS value 2 select queue 1 CoS value 0 select queue 2 CoS value 3 select queue 2 CoS value 4 select queue 3 CoS value 5 select queue 3 CoS value 6 select queue 4 CoS value 7 select queue 4 Command Mode Global Configuration...

Page 180: ...cp list Parameters dscp list Specifies up to 8 DSCP values separated by a space Range 0 63 queue id Specifies the queue number to which the DSCP values are mapped Default Configuration The following table describes the default map Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example maps DSCP values 33 40 and 41 to queue...

Page 181: ...the default trust mode Command Mode Global Configuration mode User Guidelines Packets entering a quality of service QoS domain are classified at the edge of the QoS domain When packets are classified at the edge the switch port within the QoS domain can be configured to one of the trusted states because there is no need to classify the packets at every device in the domain Use this command to spec...

Page 182: ...able the trust state on each port use the no form of this command Syntax qos trust no qos trust Default Configuration qos trust is enabled on each port Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures Ethernet port 4 to the default trust state console config interface ethernet 4 co...

Page 183: ...efault cos Specifies the default CoS value of the port Range 0 7 Default Configuration Default CoS value of a port is 0 Command Mode Interface Configuration Ethernet port channel mode User Guidelines If the port is trusted the default CoS value of the port is used to assign a CoS value to all untagged packets enter ing the port Example The following example configures port 4 default CoS value to 3...

Page 184: ...uidelines There are no user guidelines for this command Example The following example displays the DSCP port queue map The following table describes the significant fields shown above Console show qos map Dscp queue map d1 d2 0 1 2 3 4 5 6 7 8 9 0 01 01 01 01 01 01 01 01 01 01 1 01 01 01 01 01 01 02 02 02 02 2 02 02 02 02 02 02 02 02 02 02 3 02 02 03 03 03 03 03 03 03 03 4 03 03 03 03 03 03 03 03 ...

Page 185: ...ipped over by transaction requests Range 0 2000 key string Specifies the authentication and encryption key for all RADIUS communications between the device and the RADIUS server This key must match the encryption used on the RADIUS daemon To specify an empty string enter Range 0 128 characters source Specifies the source IP address to use for communication 0 0 0 0 is interpreted as request to use ...

Page 186: ...ide Page 185 Example The following example specifies a RADIUS server host with IP address 192 168 10 1 authentication request port number 20 and a 20 second timeout period Console config radius server host 192 168 10 1 auth port 20 timeout 20 ...

Page 187: ...ring Specifies the authentication and encryption key for all RADIUS communications between the device and the RADIUS server This key must match the encryption used on the RADIUS daemon Range 0 128 characters Default Configuration The key string is an empty string Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets ...

Page 188: ...mmand Syntax radius server retransmit retries no radius server retransmit Parameters retries Specifies the retransmit value Range 1 10 Default Configuration The software searches the list of RADIUS server hosts 3 times Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the number of times the software search...

Page 189: ...dius server source ip source no radius source ip source Parameters source Specifies a valid source IP address Default Configuration The source IP address is the IP address of the outgoing IP interface Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the source IP address used for communication with RADIUS ...

Page 190: ...iguration use the no form of this command Syntax radius server timeout timeout no radius server timeout Parameters timeout Specifies the timeout value in seconds Range 1 30 Default Configuration The timeout value is 3 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the timeout interval to 5 second...

Page 191: ...use the no form of this command Syntax radius server deadtime deadtime no radius server deadtime Parameters deadtime Length of time in minutes during which a RADIUS server is skipped over by transaction requests Range 0 2000 Default Configuration The deadtime setting is 0 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following exam...

Page 192: ...efault configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays RADIUS server settings Console show radius servers IP address Port Auth TimeOut Retransmit DeadTime Source IP Priority Usage 172 16 1 1 1645 Global Global Global 1 All 172 16 1 2 1645 11 8 Global Global 2 All Global values TimeOut 3 Re...

Page 193: ...Radius Commands Page 192 ...

Page 194: ...eters auto Turns on the device discovery protocol and applies power to the device never Turns off the device discovery protocol and stops supplying power to the device Default Configuration Auto Command Mode Interface configuration Ethernet User Guidelines There are no user guidelines for this command Examples The following example turns on the device discovery protocol on port 4 Console config in...

Page 195: ...arameters pd type Comment or a description to assist in recognizing what powered device is attached to the inter face Range Up to 24 characters Default Configuration No default configuration for this command Command Mode Interface configuration Ethernet User Guidelines There are no user guidelines for this command Example The following example adds a description of the device connected to port 4 a...

Page 196: ...er inline usage threshold percents no power inline usage threshold Parameters percent Specifies the threshold as a percentage to compare measured power Range 1 99 percent Default Configuration The default threshold is 95 Command Mode Global configuration User Guidelines There are no user guidelines for this command Examples The following example configures the threshold for initiating inline power...

Page 197: ...le traps Syntax power inline traps enable no power inline traps enable Parameters This command has no arguments or keywords Default Configuration The default for this command is disabled Command Mode Global configuration User Guidelines There are no user guidelines for this command Examples The following example enables inline power traps Console config power inline traps enable ...

Page 198: ...es There are no user guidelines for this command Examples The following example displays information about the inline power Console show power inline Unit Power Nominal Power Consumed Power Usage Threshold Traps 1 Off 1 Watts 0 Watts o 95 Disable Port Powered Device State Status Priority Class 1 Auto Searching low Class 0 2 Auto Searching low Class 0 3 Auto Searching low Class 0 Console show power...

Page 199: ...e Admin State Indicates if the port is enabled to provide power It can be Auto or Never Priority The priority of the port from the point of view of inline power management It can be Critical High or Low Oper State Describes the inline power operational state of the port It can be On Off Test Fail Testing Searching or Fault Classification Power consumption classification of the powered device Overl...

Page 200: ...annel number Default Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays RMON Ethernet statistics for Ethernet port 1 Console show rmon statistics ethernet 1 Port 1 Dropped 0 Octets 0 Packets 0 Broadcast 0 Multicast 0 CRC Align Errors 0 Collisions 0 Und...

Page 201: ...mber of packets received less than 64 octets in length excluding framing bits but including FCS octets and either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Jabbers The total number of packets received longer than 1518 octets excluding framing bits but including FCS octets and either a bad Frame Check...

Page 202: ... Number of buckets specified for the RMON collection history group of statistics If unspec ified defaults to 50 Range 1 65535 seconds Number of seconds in each polling cycle Range 1 3600 Default Configuration RMON statistics group owner name is an empty string Number of buckets specified for the RMON collection history statistics group is 50 Number of seconds in each polling cycle is 1800 Command ...

Page 203: ...EC mode User Guidelines There are no user guidelines for this command Example The following example displays all RMON history group statistics The following table describes significant fields shown above Console show rmon collection history Index Interface Interval Requested Samples Granted Samples Owner 1 3 30 50 50 CLI 2 3 1800 50 50 Manager Field Description Index An index that uniquely identif...

Page 204: ... 4294967295 Default Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following examples displays RMON Ethernet history statistics for index 1 Console show rmon history 1 throughput Sample Set 1 Owner CLI Interface 1 Interval 1800 Requested samples 50 Granted samples 50 Maximu...

Page 205: ...dcast address Multicast The number of good packets received during this sampling interval that were directed to a mul ticast address This number does not include packets addressed to the broadcast address Util The best estimate of the mean physical layer network utilization on this interface during this sampling interval in hundredths of a percent CRC Align The number of packets received during th...

Page 206: ... and noise hits Jabbers The number of packets received during this sampling interval that were longer than 1518 octets excluding framing bits but including FCS octets and had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Dropped The total number of events in which packets were dropped by the probe...

Page 207: ...ue to be com pared against the thresholds Possible values are absolute and delta If the method is absolute the value of the selected variable is compared directly with the thresholds at the end of the sampling interval If the method is delta the selected variable value of the last sample is sub tracted from the current value and the difference is compared with the thresholds direction Specifies th...

Page 208: ...table Syntax show rmon alarm table Default Configuration This command has no default configuration Command Mode User or Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the alarms table The following table describes significant fields shown above Console show rmon alarm table Index OID Owner 1 1 3 6 1 2 1 2 2 1 10 1 CLI 2 1 3...

Page 209: ...ollowing table describes the significant fields shown in the display Console show rmon alarm 1 Alarm 1 OID 1 3 6 1 2 1 2 2 1 10 1 Last sample Value 878128 Interval 30 Sample Type delta Startup Alarm rising Rising Threshold 8700000 Falling Threshold 78 Rising Event 1 Falling Event 1 Owner CLI Field Description Alarm Alarm index OID Monitored variable OID Last Sample Value The statistic value during...

Page 210: ...ld and startup alarm is equal to rising or rising and falling then a single rising alarm is generated If the first sample is less than or equal to the fall ing threshold and startup alarm is equal falling or rising and falling then a single falling alarm is generated Rising Threshold A sampled statistic threshold When the current sampled value is greater than or equal to this threshold and the val...

Page 211: ...community specified by this octet string Range 0 127 characters description text Specifies a comment describing this event Range 0 127 characters name Specifies the name of the person who configured this event If unspecified the name is an empty string Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines If log is specified as the n...

Page 212: ...CLI Jan 18 2002 23 58 17 2 High Broadcast Log Trap device Manager Jan 18 2002 23 59 48 Field Description Index An index that uniquely identifies the event Description A comment describing this event Type The type of notification that the device generates about this event Can have the following values none log trap log trap In the case of log an entry is made in the log table for each event In the ...

Page 213: ...EC mode User Guidelines There are no user guidelines for this command Example The following example displays the RMON log table Console show rmon log Maximum table size 500 Event Description Time 1 Errors Jan 18 2002 23 48 19 1 Errors Jan 18 2002 23 58 17 2 High Broadcast Jan 18 2002 23 59 48 Console show rmon log Maximum table size 500 800 after reset Event Description Time 1 Errors Jan 18 2002 2...

Page 214: ... Guide Page 213 The following table describes the significant fields shown in the display Field Description Event An index that uniquely identifies the event Description A comment describing this event Time The time this entry was created ...

Page 215: ...ory log Parameters history entries Maximum number of history table entries Range 20 32767 log entries Maximum number of log table entries Range 20 32767 Default Configuration History table size is 270 Log table size is 100 Command Mode Global Configuration mode User Guidelines The configured table size taskes effect after the device is rebooted Example The following example configures the maximum ...

Page 216: ...A group defines the objects available to the community Range 1 30 characters view name Specifies the name of a previously defined view The view defines the objects available to the community Range 1 30 characters Default Configuration No communities are defined Command Mode Global Configuration mode User Guidelines The view name parameter cannot be specified for su which has access to the whole MI...

Page 217: ...es The following example defines community access string public to permit administrative access to SNMP protocol at an administrative station with IP address 192 168 1 20 Console config snmp server community public su 192 168 1 20 ...

Page 218: ...2 4 or a word such as system Replace a single subidentifier with the asterisk wildcard to specify a subtree family for example 1 3 4 included Indicates that the view type is included excluded Indicates that the view type is excluded Default Configuration No view entry exists Command Mode Global Configuration mode User Guidelines This command can be entered multiple times for the same view record T...

Page 219: ...able only to the SNMP Version 3 security model readview Specifies a string that is the name of the view that enables only viewing the contents of the agent If unspecified all objects except for the community table and SNMPv3 user and access tables are available The range is 1 32 caracters writeview Specifies a string that is the name of the view that enables entering data and configuring the con t...

Page 220: ...entication level The user should enter a concatenated hexadecimal string of the MD5 key MSB and the privacy key LSB If authentication is only required 16 bytes should be entered if authentication and privacy are required 32 bytes should be entered Each byte in the hexadecimal character string is two hexadecimal digits Each byte can be separated by a period or colon 16 or 32 bytes auth sha key sha ...

Page 221: ...SNMP Commands Page 220 Examples The following example configures an SNMPv3 user John in group user group Console config snmp server user John user group ...

Page 222: ... is erased SNMPv3 cannot be used By default SNMPv1 v2 are enabled on the device SNMPv3 is enabled only by defining the Local Engine ID If you want to specify your own ID you do not have to specify the entire 32 character engine ID if it contains trail ing zeros Specify only the portion of the engine ID up to the point where just zeros remain in the value For exam ple to configure an engine ID of 1...

Page 223: ...SNMP Commands Page 222 Examples The following example enables SNMPv3 on the device and sets the local engine ID of the device to the default value Console config snmp server engineID local default ...

Page 224: ...send SNMP traps To disable SNMP traps use the no form of the command Syntax snmp server enable traps no snmp server enable traps Default Configuration SNMP traps are enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example enables SNMP traps Console config snmp server enable traps ...

Page 225: ...bers such as 1 3 6 2 4 or a word such as system Replace a single subidentifier with the asterisk wildcard to specify a subtree family for example 1 3 4 included Indicates that the filter type is included excluded Indicates that the filter type is excluded Default Configuration No filter entry exists Command Mode Global Configuration mode User Guidelines This command can be entered multiple times f...

Page 226: ...SNMPv2 traps will be used port Specifies the UDP port of the host to use If unspecified the default UDP port number is 162 Range 1 65535 filtername Specifies a string that defines the filter for this host If unspecified nothing is filtered Range 1 30 characters seconds Specifies the number of seconds to wait for an acknowledgment before resending informs If unspecified the default timeout period i...

Page 227: ...acket without encrypting it priv Indicates authentication of a packet with encryption port Specifies the UDP port of the host to use If unspecified the default UDP port number is 162 Range 1 65535 filtername Specifies a string that defines the filter for this host If unspecified nothing is filtered Range 1 30 characters seconds Specifies the number of seconds to wait for an acknowledgment before r...

Page 228: ...le SNMP failed authentication traps use the no form of this command Syntax snmp server trap authentication no snmp server trap authentication Default Configuration SNMP failed authentication traps are enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example enables SNMP failed authentication traps Console config snm...

Page 229: ...erver contact Parameters text Specifies the string that describes system contact information Range 1 160 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Do not include spaces in the text string or place text that includes spaces inside quotation marks Examples The following example configures the system contact as ad...

Page 230: ...text no snmp server location Parameters text Specifies a string that describes system location information Range 1 160 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Do not include spaces in the text string or place text that includes spaces inside quotation marks Example The following example defines the device loc...

Page 231: ... value followed by one or more fields Range 1 160 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Although the CLI can set any required configuration there might be a situation where a SNMP user sets a MIB variable that does not have an equivalent command In order to generate configuration files that support those si...

Page 232: ...lowing example displays the SNMP communications status Console show snmp Community String Community Access View name IP address public read only user view All private read write Default 172 16 1 1 private su DefaultSuper 172 17 1 1 Community string Group name IP address Type public user group all Traps are enabled Authentication trap is enabled Version 1 2 notifications Target Address Type Communi...

Page 233: ... Priv 162 15 3 System Contact Robert System Location Marketing Field Description Community string Community access string to permit access to the SNMP protocol Community access Type of access read only read write super access IP Address Management station IP Address Trap Rec Address Targeted Recipient Trap Rec Community Statistics sent with the notification operation Version SNMP version for the s...

Page 234: ...le Network Man agement Protocol SNMP engine Syntax show snmp engineID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the SNMP engine ID Console show snmp engineID Local SNMP engineID 08009009020C0B099C075878 ...

Page 235: ...f the view Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration of views Console show snmp views Name OID Tree Type user view 1 3 6 1 2 1 1 Included user view 1 3 6 1 2 1 1 7 Excluded user view 1 3 6 1 2 1 2 2 1 1 Included ...

Page 236: ...le displays the configuration of views The following table describes significant fields shown above Console show snmp groups Name Security Views Model Level Read Write Notify user group V3 priv Default managers group V3 priv Default Default managers group V3 priv Default Field Description Name Name of the group Security Model SNMP model in use v1 v2 or v3 Security Level Authentication of a packet ...

Page 237: ...SNMP Commands Page 236 Write Name of the view that enables entering data and managing the contents of the agent Notify Name of the view that enables specifying an inform or a trap ...

Page 238: ...fies the name of the filter Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration of filters Console show snmp filters Name OID Tree Type user filter 1 3 6 1 2 1 1 Included user filter 1 3 6 1 2 1 1 7 Excluded user filter 1 3 ...

Page 239: ...es the name of the user Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration of users Console show snmp users Name Group name Auth Method Remote John user group md5 John user group md5 08009009020C0B099C075879 ...

Page 240: ...tree functionality To disable span ning tree functionality use the no form of this command Syntax spanning tree no spanning tree Default Configuration Spanning tree is enabled Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables spanning tree functionality Console config spanning tree ...

Page 241: ...s enabled rstp Indicates that the Rapid Spanning Tree Protocol RSTP is enabled mstp Indicates that the Multiple Spanning Tree Protocol RSTP is enabled Default Configuration RSTP is enabled Command Modes Global Configuration mode User Guidelines In RSTP mode the device uses STP when the neighbor device uses STP In MSTP mode the device uses RSTP when the neighbor device uses RSTP and uses STP when t...

Page 242: ...use the no form of this command Syntax spanning tree forward time seconds no spanning tree forward time Parameters seconds Time in seconds Range 4 30 Default Configuration The default forwarding time for the IEEE Spanning Tree Protocol STP is 15 seconds Command Modes Global Configuration mode User Guidelines When configuring the forwarding time the following relationship should be kept 2 Forward T...

Page 243: ...this command Syntax spanning tree hello time seconds no spanning tree hello time Parameters seconds Time in seconds Range 1 10 Default Configuration The default hello time for IEEE Spanning Tree Protocol STP is 2 seconds Command Modes Global Configuration mode User Guidelines When configuring the hello time the following relationship should be kept Max Age 2 Hello Time 1 Example The following exam...

Page 244: ...econds no spanning tree max age Parameters seconds Time in seconds Range 6 40 Default Configuration The default maximum age for IEEE Spanning Tree Protocol STP is 20 seconds Command Modes Global Configuration mode User Guidelines When configuring the maximum age the following relationships should be kept 2 Forward Time 1 Max Age Max Age 2 Hello Time 1 Example The following example configures the s...

Page 245: ...e no form of this command Syntax spanning tree priority priority no spanning tree priority Parameters priority Priority of the bridge Range 0 61440 in steps of 4096 Default Configuration The default bridge priority for IEEE Spanning Tree Protocol STP is 32768 Command Modes Global Configuration mode User Guidelines The bridge with the lowest priority is elected as the root bridge Example The follow...

Page 246: ...e the no form of this command Syntax spanning tree disable no spanning tree disable Default Configuration Spanning tree is enabled on all ports Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example disables spanning tree on Ethernet port 5 Console config interface ethernet 5 Console config if spa...

Page 247: ... is determined by port speed and path cost method long or short as shown below Command Modes Interface Configuration Ethernet port channel mode User Guidelines The path cost method is configured using the spanning tree pathcost method Global Configuration mode com mand Example The following example configures the spanning tree cost on Ethernet port 5 to 35000 Interface Long Short Port channel 20 0...

Page 248: ...s priority The priority of the port Range 0 240 in multiples of 16 Allowed values are 0 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 Default Configuration The default port priority for IEEE Spanning TreeProtocol STP is 128 Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures ...

Page 249: ...this command Syntax spanning tree portfast no spanning tree portfast Default Configuration PortFast mode is disabled Command Modes Interface Configuration Ethernet port channel mode User Guidelines This feature should be used only with interfaces connected to end stations Otherwise an accidental topology loop could cause a data packet loop and disrupt device and network operations Example The foll...

Page 250: ...nning tree spanning tree link type Parameters point to point Indicates that the port link type is point to point shared Indicates that the port link type is shared Default Configuration The device derives the port link type from the duplex mode A full duplex port is considered a point to point link and a half duplex port is considered a shared link Command Modes Interface Configuration Ethernet po...

Page 251: ...ng tree pathcost method Parameters long Specifies port path costs with a range of 1 200 000 000 short Specifies port path costs with a range of 0 65 535 Default Configuration Short path cost method Command Mode Global Configuration mode User Guidelines This command applies to all spanning tree instances on the device The cost is set using the spanning tree cost command Example The following exampl...

Page 252: ...tree bpdu filtering flooding Parameters filtering Filter BPDU packets when the spanning tree is disabled on an interface flooding Flood BPDU packets when the spanning tree is disabled on an interface Default Configuration The default setting is flooding Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines BPDU p...

Page 253: ...g tree detected protocols ethernet interface port channel port channel number Parameters interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines This feature should be used only when working in RSTP or MSTP mode Example The following example restarts the protoc...

Page 254: ...tree guard root no spanning tree guard root Default Configuration Root guard is disabled Command Modes Interface configuration Ethernet port channel User Guidelines Root guard can be enabled when the switch work in STP RSTP and MSTP When root guard is enabled if spanning tree calculations cause a port to be selected as the root port the port transitions to the alternate state Example The following...

Page 255: ...ce id priority Parameters instance id ID of the spanning tree instance Range 1 16 priority Device priority for the specified spanning tree instance Range 0 61440 in multiples of 4096 Default Configuration The default bridge priority for IEEE Spanning Tree Protocol STP is 32768 Command Mode Global Configuration mode User Guidelines The device with the lowest priority is selected as the root of the ...

Page 256: ... this command Syntax spanning tree mst max hops hop count no spanning tree mst max hops Parameters hop count Number of hops in an MST region before the BDPU is discarded Range 1 40 Default Configuration The default number of hops is 20 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the maximum number of ...

Page 257: ...instance id port priority Parameters instance ID ID of the spanning tree instance Range 1 16 priority The port priority Range 0 240 in multiples of 16 Default Configuration The default port priority for IEEE Multiple Spanning Tree Protocol MSTP is 128 Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following...

Page 258: ...st Parameters instance ID ID of the spanning tree instance Range 1 15 cost The port path cost Range 1 200 000 000 Default Configuration Default path cost is determined by port speed and path cost method long or short as shown below Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures ...

Page 259: ... configuration Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines All devices in an MST region must have the same VLAN mapping configuration revision number and name Example The following example configures an MST region Console config spanning tree mst configuration Console config mst instance 1 add vlan 10 20 Console config mst ...

Page 260: ...t Configuration VLANs are mapped to the common and internal spanning tree CIST instance instance 0 Command Modes MST Configuration mode User Guidelines All VLANs that are not explicitly mapped to an MST instance are mapped to the common and internal spanning tree CIST instance instance 0 and cannot be unmapped from the CIST For two or more devices to be in the same MST region they must have the sa...

Page 261: ... string Parameters string MST configuration name Case sensitive Range 1 32 characters Default Configuration The default name is a bridge ID Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines the configuration name as region1 Console config spanning tree mst configuration Console config mst name region 1 ...

Page 262: ...command Syntax revision value no revision Parameters value Configuration revision number Range 0 65535 Default Configuration The default configuration revision number is 0 Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the configuration revision to 1 Console config spanning tree mst configuration Console config m...

Page 263: ...ng region configuration Default Configuration This command has no default configuration Command Mode MST Configuration mode User Guidelines The pending MST region configuration takes effect only after exiting the MST configuration mode Example The following example displays a pending MST region configuration Console config mst show pending Pending MST configuration Name Region1 Revision 1 Instance...

Page 264: ...ll configuration changes Syntax exit Default Configuration This command has no default configuration Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example exits the MST configuration mode and saves changes Console config spanning tree mst configuration Console config mst exit ...

Page 265: ...a tion changes Syntax abort Default Configuration This command has no default configuration Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example exits the MST configuration mode without saving changes Console config spanning tree mst configuration Console config mst abort ...

Page 266: ...guration Parameters interface number A valid Ethernet port port channel number A valid port channel number detail Indicates detailed information active Indicates active ports only blockedports Indicates blocked ports only mst configuration Indicates the MST configuration identifier instance id Specifies ID of the spanning tree instance Default Configuration This command has no default configuratio...

Page 267: ...d 128 2 19 DSBL Desg No P2p STP 3 enabled 128 3 19 DSBL Desg No P2p STP 4 enabled 128 4 19 DSBL Desg No P2p STP 5 enabled 128 5 100 DSBL Desg No P2p STP 6 enabled 128 6 100 DSBL Desg No P2p STP 7 enabled 128 7 100 DSBL Desg No P2p STP 8 enabled 128 8 19 DSBL Desg No P2p STP 9 enabled 128 9 4 DSBL Desg No P2p STP 10 enabled 128 10 100 DSBL Desg No P2p STP ch1 enabled 128 1000 4 DSBL Desg No P2p STP...

Page 268: ...logging on Default Configuration Logging is enabled Command Mode Global Configuration mode User Guidelines The logging process controls the distribution of logging messages at various destinations such as the logging buffer logging file or syslog server Logging on and off at these destinations can be individually configured using the logging buffered logging file and logging Global Configuration m...

Page 269: ...d messages sent to the syslog servers Possible values emer gencies alerts critical errors warnings notifications informational and debugging facility Specifies the facility that is indicated in the message Possible values local0 local1 local2 local3 local4 local5 local 6 local7 text Syslog server description Range 1 64 characters Default Configuration The default port number is 514 The default log...

Page 270: ...arameters level Specifies the severity level of logged messages displayed on the console Possible values emergen cies alerts critical errors warnings notifications informational debugging Default Configuration The default severity level is informational Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example limits logging ...

Page 271: ...of messages logged in the buffer Possible values emergencies alerts critical errors warnings notifications informational debugging Default Configuration The default severity level is informational Command Mode Global Configuration mode User Guidelines All the syslog messages are logged to the internal buffer This command limits the messages displayed to the user Example The following example limit...

Page 272: ...mmand Syntax logging buffered size number no logging buffered size Parameters number Specifies the maximum number of messages stored in the history table Range 20 400 Default Configuration The default number of messages is 200 Command Mode Global Configuration mode User Guidelines This command takes effect only after Reset Example The following example changes the number of syslog messages stored ...

Page 273: ...gging buffer Syntax clear logging Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example clears messages from the internal logging buffer Console clear logging Clear logging buffer confirm ...

Page 274: ...eters level Specifies the severity level of syslog messages sent to the logging file Possible values emergen cies alerts critical errors warnings notifications informational and debugging Default Configuration The default severity level is errors Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example limits syslog messages...

Page 275: ...he logging file Syntax clear logging file Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example clears messages from the logging file Console clear logging file Clear Logging File y n ...

Page 276: ...no aaa logging login Parameters login Indicates logging messages related to successful login events unsuccessful login events and other login related events Default Configuration Logging AAA login events is enabled Command Mode Global Configuration mode User Guidelines Other types of AAA events are not subject to this command Example The following example enables logging messages related to AAA lo...

Page 277: ... file system logging copy no file system logging copy Parameters copy Indicates logging messages related to file copy operations Default Configuration Logging file system events is enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables logging messages related to file copy operations Console config file sys...

Page 278: ...x management logging deny no management logging deny Parameters deny Indicates logging messages related to deny actions of management ACLs Default Configuration Logging management ACL events is enabled Command Mode Global Configuration mode User Guidelines Other types of management ACL events are not subject to this command Example The following example enables logging messages related to deny act...

Page 279: ...ole Messages 0 Dropped severity Buffer logging level debugging Buffer Messages 11 Logged 200 Max File logging level notifications File Messages 0 Dropped severity Syslog server 192 180 2 27 logging errors Messages 6 Dropped severity Syslog server 192 180 2 28 logging errors Messages 6 Dropped severity 2 messages were not logged resources Application filtering control Application Event Status AAA L...

Page 280: ... 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface FastEthernet0 changed state to up 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet2 changed state to down 11 Aug 2004 1...

Page 281: ...g Console Messages 0 Dropped severity Buffer logging level debugging Buffer Messages 11 Logged 200 Max File logging level notifications File Messages 0 Dropped severity Syslog server 192 180 2 27 logging errors Messages 6 Dropped severity Syslog server 192 180 2 28 logging errors Messages 6 Dropped severity 2 messages were not logged resources Application filtering control Application Event Status...

Page 282: ... 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface FastEthernet0 changed state to up 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet11 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet2 changed state to down 11 Aug 2004 ...

Page 283: ...uration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the settings of the syslog servers Console show syslog servers Device Configuration IP address Port Severity Facility Description 192 180 2 27 514 Informational local7 192 180 2 28 514 Warning local7 ...

Page 284: ...ode Syntax enable privilege level Parameters privilege level Privilege level to enter the system Range 1 15 Default Configuration The default privilege level is 15 Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example enters Privileged EXEC mode Console enable enter password Console ...

Page 285: ...privilege level Parameters privilege level Privilege level to enter the system Range 1 15 Default Configuration The default privilege level is 1 Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example return to Users EXEC mode Console disable Console ...

Page 286: ...sername Syntax login Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example enters Privileged EXEC mode and logs in with username admin Console login User Name admin Password Console ...

Page 287: ...al Configuration mode Syntax configure Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example enters Global Configuration mode Console configure Console config ...

Page 288: ...de hierarchy Syntax exit Default Configuration This command has no default configuration Command Mode All configuration modes User Guidelines There are no user guidelines for this command Example The following example changes the configuration mode from Interface Configuration mode to Privileged EXEC mode Console config if exit Console config exit Console ...

Page 289: ...nal session by logging off the device Syntax exit Default Configuration This command has no default configuration Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command Example The following example closes an active terminal session Console exit ...

Page 290: ...s to the Privileged EXEC mode Syntax end Default Configuration This command has no default configuration Command Mode All configuration modes User Guidelines There are no user guidelines for this command Example The following example changes from Global Configuration mode to Privileged EXEC mode Console config end Console ...

Page 291: ...nothing matches the currently entered incomplete command the help list is empty This indicates that for a query at this point there is no command matching the current input If the request is within a command enter backspace and erase the entered characters to a point where the request results in a display Help is provided when 1 There is a valid command and a help request is made for entering a pa...

Page 292: ...disabled Command Mode User or Privileged EXEC mode User Guidelines By default a More prompt is displayed when the output contains more lines than can be displayed on the screen Pressing the Enter key displays the next line pressing the Spacebar displays the next screen of output The data dump command enables dumping all output immediately after entering the show command This command is relevant on...

Page 293: ...des executed and unexecuted commands Commands are listed from the first to the most recent command The buffer remains unchanged when entering into and returning from configuration modes Example The following example displays all the commands entered while in the current Privileged EXEC mode Console show version SW version 3 131 date 23 Jul 2004 time 17 34 19 HW version 1 0 0 Console show clock 15 ...

Page 294: ...ege level Syntax show privilege Default Configuration This command has no default configuration Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command Example The following example displays the current privilege level for the Privileged EXEC mode Console show privilege Current privilege level is 15 ...

Page 295: ...the VLAN Configuration mode Syntax vlan database Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enters the VLAN database mode Console config vlan database Console config vlan ...

Page 296: ...nge Specifies a list of VLAN IDs to be added Separate nonconsecutive VLAN IDs with a comma and no spaces a hyphen designates a range of IDs Range 2 4094 Default Configuration This command has no default configuration Command Mode VLAN Database mode User Guidelines There are no user guidelines for this command Example The following example VLAN number 1972 is created Console config vlan database Co...

Page 297: ...arameters vlan id Specifies an existing VLAN ID Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures VLAN 1 with IP address 131 108 1 27 and subnet mask 255 255 255 0 Console config interface vlan 1 Console config if ...

Page 298: ...ge of IDs Range 2 4094 all All existing static VLANs Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each interface in the range If the command returns an error on one of the interfaces an error message is displayed and execution of the command continues o...

Page 299: ...name to be associated with this VLAN Range 1 32 characters Default Configuration No name is defined Command Mode Interface Configuration VLAN mode Cannot be configured for a range of interfaces range context User Guidelines There are no user guidelines for this command Example The following example gives VLAN number 19 the name Marketing Console config interface vlan 19 Console config if name Mark...

Page 300: ...VLANs are configured Command Mode Interface Configuration VLAN mode User Guidelines An IP interface cannot be defined on a primary VLAN A primary VLAN cannot be defined if an IP interface has been configured on it The command is not supported under the command interface range vlan Example This example configures VLAN 200 as the primary private VLAN Console config Console config vlan database Conso...

Page 301: ...nd creates an isolated VLAN and associates it with the primary VLAN The command is executed in the context of the primary VLAN An isolated VLAN can only be associated with one primary VLAN A VLAN that has been configured as an isolated VLAN cannot be configured as a primary or community VLAN The command is not supported under the command interface range vlan Example This example configures VLAN 20...

Page 302: ...d no spaces a hyphen designates a range of IDs Default Configuration No association is configured Command Mode Interface Configuration VLAN mode User Guidelines This command creates a community VLAN and associates it with the primary VLAN The command is executed in the context of the primary VLAN A community VLAN can only be associated with one primary VLAN A VLAN that has been configured as a com...

Page 303: ...ed VLAN port promiscuous Indicates a promiscuous private vlan port community Indicates a community private vlan port isolated Indicates an isolated private vlan port Default Configuration All ports are in access mode and belong to the default VLAN whose VID 1 Command Mode Interface Configuration Ethernet port channel mode User Guidelines A port cannot be defined as promiscuous or isolated if it is...

Page 304: ...he ID of the VLAN to which the port is configured dynamic Indicates that the port is assigned to a VLAN based on the source MAC address of the host con nected to the port Default Configuration All ports belong to VLAN 1 Command Mode Interface configuration Ethernet port channel mode User Guidelines The command automatically removes the port from the previous VLAN and adds it to the new VLAN Exampl...

Page 305: ...ult Configuration The port is not a member of a PVLAN Command Mode Interface Configuration Ethernet port channel mode User Guidelines The community VLAN should be associated with the primary VLAN by using the switchport access vlan Interface Configuration mode command Example This example configures private VLAN 200 as the primary private VLAN and associates it with promiscouous pri vate VLAN Ethe...

Page 306: ...figuration This command has no default configuration Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command Example The following example displays information about specific private VLANs Console show vlan private vlan Primary Isolated Community 100 101 102 103 200 201 202 203 Console show vlan private vlan primary 100 Primary VLAN 100 Isolated VLAN 101 Communit...

Page 307: ...aces A hyphen designates a range of IDs remove vlan list List of VLAN IDs to be removed Separate nonconsecutive VLAN IDs with a comma and no spaces A hyphen designates a range of IDs Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following examp...

Page 308: ...uration Ethernet port channel mode User Guidelines The command adds the port as a member of the VLAN If the port is already a member of a VLAN Native or oth erwise the last VLAN that the port was added to will automatically become it s native VLAN The command adds the port as a member in native VLAN 2 if the port is already as a native VLAN 3 it will change automatically the lest entry VLAN 2 only...

Page 309: ...secutive VLAN IDs with a comma and no spaces A hyphen designates a range of IDs tagged Indicates that the port transmits tagged packets for the VLANs untagged Indicates that the port transmits untagged packets for the VLANs Default Configuration If the port is added to a VLAN without specifying tagged or untagged the default setting is tagged Command Mode Interface Configuration Ethernet port chan...

Page 310: ... switchport general pvid Parameters vlan id Specifies the PVID Port VLAN ID Default Configuration If the default VLAN is enabled PVID 1 Otherwise PVID 4095 Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures the PVID for Ethernet port 6 when the interface is in general mode Console co...

Page 311: ...neral ingress filtering disable no switchport general ingress filtering disable Default Configuration Ingress filtering is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example disables port ingress filtering on Ethernet port 6 Console config interface ethernet 6 Console config if switchpo...

Page 312: ...eneral acceptable frame type tagged only no switchport general acceptable frame type tagged only Default Configuration All frame types are accepted at ingress Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures Ethernet port 6 to discard untagged frames at ingress Console config inter...

Page 313: ... VLAN IDs with a comma and no spaces A hyphen designates a range of IDs remove vlan list Specifies the list of VLAN IDs to be removed Separate nonconsecutive VLAN IDs with a comma and no spaces A hyphen designates a range of IDs Default Configuration All VLANs are allowed Command Mode Interface Configuration Ethernet port channel mode User Guidelines This command can be used to prevent GVRP from a...

Page 314: ...is required when an IP interface is configured on an Ethernet port or port channel This command enables the user to configure the internal usage VLAN of a port If an internal usage VLAN is not configured and the user wants to configure an IP interface an unused VLAN is selected by the software If the software selected a VLAN for internal use and the user wants to use that VLAN as a static or dynam...

Page 315: ...lt configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays all VLAN information Console show vlan VLAN Name Ports Type Authorization 1 default 1 2 1 4 other Required 10 VLAN0010 3 4 dynamic Required 11 VLAN0011 1 2 static Required 20 VLAN0020 3 4 static Required 21 VLAN0021 static Required 30 VLAN0030 stat...

Page 316: ...ernally by the device Syntax show vlan internal usage Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays VLANs used internally by the device Console show vlan internal usage VLAN Usage IP address Reserved 50 5 Inactive yes ...

Page 317: ...guration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the switchport configuration for Ethernet port 1 Console show interfaces switchport ethernet 5 Port 5 Port Mode private vlan Promiscous Gvrp Status disabled Ingress Filtering true Acceptable Frame Type admitAll Ing...

Page 318: ...D Link DES 3010FA GA PA CLI Reference Guide Page 317 ...

Page 319: ...o dis able this function use the no form of this command Syntax ip http server no ip http server Default Configuration HTTP server is enabled Command Mode Global Configuration mode User Guidelines Only a user with access level 15 can use the Web server Example The following example enables configuring the device from a browser Console config ip http server ...

Page 320: ...ction use the no form of this command Syntax ip https server no ip https server Default Configuration HTTPS server is enabled Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate Example The following example enables configuring the device from a browser Console config ip https server ...

Page 321: ... of this command Syntax ip http exec timeout minutes seconds no ip http exec timeout Parameters minutes Integer that specifies the number of minutes Range 1 65535 seconds Additional time intervals in seconds Range 0 59 Default Configuration The default interval is 10 minutes Command Mode Global Configuration mode User Guidelines This command also configures the exec timeout for HTTPS in case the t...

Page 322: ...r HTTPS To disable this function use the no form of this command Syntax ip https certificate number no ip https certificate Parameters Number Specifies the certificate number Range 1 Product specific Default Configuration Certificate number 1 Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate command in order to generate HTTPS certificate ...

Page 323: ...of using the show ip https command Console show ip https HTTPS server enabled Port 443 Interactive timeout Follows the HTTP interactive timeout 10 minutes Certificate 1 is active Issued by www verisign com Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by self signed Valid from 8 9 200...

Page 324: ...device when the certificate is generated Range 1 64 ou organization unit Specifies the organization unit or department name Range 1 64 or organization Specifies the organization name Range 1 64 loc location Specifies the location or the city name Range 1 64 st state Specifies the state or province name cu country Specifies the country name Range 2 duration days Specifies number of days a certifica...

Page 325: ...ser Guidelines Use this command to enter an external certificate signed by Certification Authority to the device To end the ses sion use a blank line The imported certificate must be based on a certificate request created by the crypto certificate request privileged EXEC command If the public key found in the certificate does not match the device s SSL RSA key the command will fail This command is...

Page 326: ...SWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYeBABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4MT9BRD47 ZvKBAEL9Ggp 6MIIBNgYDVR0fBIIBLTCCASkwgdKggc ggcyGgclsZGFwOi8v L0VByb3h5JTIwU29mdHdhcmUlMjBSb290JTIwQ2VydGlmaWVyLENOPXNlcnZl END CERTIFICATE Certificate imported successfully Issued to router gm com Issued by www verisign com Valid from 8 9 2003 to 8 9 2004 Subject CN rout...

Page 327: ...or using the show crypto certificate mycertificate command Console show crypto certificate mycertificate 1 BEGIN CERTIFICATE dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAp4HS nnH xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0kmfhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYeBABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4MT9BRD47 ZvKBAEL9Ggp 6MIIBNgYDVR0fBI...

Page 328: ... number no ip http port Parameters port number Port number for use by the HTTP server Range 1 65535 Default Configuration The default port number is 80 Command Mode Global Configuration mode Example The following example configures the http port number to 100 Console config ip http port 100 ...

Page 329: ... https port port number no ip https port Parameters port number Port number for use by the HTTPS server Range 1 65535 Default Configuration The default port number is 443 Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate Global configuration mode command to generate an HTTPS certificate Example The following example configures the HTTPS port number to 100 C...

Page 330: ...e HTTP server configuration Syntax show ip http Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the HTTP server configuration Console show ip http HTTP server enabled Port 80 ...

Page 331: ...iguration No authentication method is defined Command Mode Global Configuration mode User Guidelines Additional methods of authentication are used only if the previous method returns an error and not if the request for authentication is denied To ensure that authentication succeeds even if all methods return an error specify none as the final method in the command line The RADIUS server must suppo...

Page 332: ...urn to the default configuration use the no form of this command Syntax dot1x system auth control no dot1x system auth control Default Configuration 802 1x is disabled globally Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example enables 802 1x globally Console config dot1x system auth control ...

Page 333: ...hange required The port resends and receives normal traffic without 802 1X based authentication of the client force unauthorized Denies all access through this interface by forcing the port to transition to the unau thorized state and ignoring all attempts by the client to authenticate The device cannot provide authentication services to the client through the interface Default Configuration Port ...

Page 334: ...uration use the no form of this command Syntax dot1x re authentication no dot1x re authentication Default Configuration Periodic re authentication is disabled Command Mode Interface Configuration Ethernet User Guidelines There are no user guidelines for this command Examples The following example enables periodic re authentication of the client Console config interface ethernet 6 Console config if...

Page 335: ...econds no dot1x timeout re authperiod Parameters seconds Number of seconds between re authentication attempts Range 300 4294967295 Default Configuration Re authentication period is 3600 seconds Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Examples The following example sets the number of seconds between re authentication attempts ...

Page 336: ...enabled port Syntax dot1x re authenticate ethernet interface Parameters interface Valid Ethernet port Full syntax port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following command manually initiates a re authentication of 802 1X enabled Ethernet port 6 Console dot1x re ...

Page 337: ... client Range 0 65535 seconds Default Configuration Quiet period is 60 seconds Command Mode Interface Configuration Ethernet mode User Guidelines During the quiet period the device does not accept or initiate authentication requests The default value of this command should only be changed to adjust for unusual circumstances such as unreli able links or specific behavioral problems with certain cli...

Page 338: ...e in seconds that the device waits for a response to an EAP request identity frame from the client before resending the request Range 1 65535 seconds Default Configuration Timeout period is 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines The default value of this command should be changed only to adjust for unusual circumstances such as unreli able links or specific b...

Page 339: ...s count Number of times that the device sends an EAP request identity frame before restarting the authenti cation process Range 1 10 Default Configuration The default number of times is 2 Command Mode Interface Configuration Ethernet mode User Guidelines The default value of this command should be changed only to adjust for unusual circumstances such as unreli able links or specific behavioral pro...

Page 340: ...e waits for a response to an EAP request frame from the client before resending the request Range 1 65535 seconds Default Configuration Default timeout period is 30 seconds Command Mode Interface configuration Ethernet mode User Guidelines The default value of this command should be changed only to adjust for unusual circumstances such as unreli able links or specific behavioral problems with cert...

Page 341: ...se from the authentication server Range 1 65535 seconds Default Configuration The timeout period is 30 seconds Command Mode Interface configuration Ethernet mode User Guidelines The actual timeout can be determined by comparing the dot1x timeout server timeout value and the result of multiplying the radius server retransmit value with the radius server timeout value and selecting the lower of the ...

Page 342: ...n Command Mode Privileged or User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the status of 802 1X enabled Ethernet ports Console show dot1x 802 1x is enabled Port Admin Mode Oper Mode Reauth Control Reauth Period Username 1 Auto Authorized Ena 3600 Bob 2 Auto Authorized Ena 3600 John 3 Auto Unauthorized Ena 3600 Clark 4 Force auth...

Page 343: ...es Force auth Force unauth Auto Oper mode The port oper mode Possible values Authorized Unauthorized or Down Reauth Control Reauthentication control Reauth Period Reauthentication period Username The username representing the identity of the Supplicant This field shows the username in case the port control is auto If the port is Authorized it shows the username of the current user If the port is u...

Page 344: ...h waits for a response from the authentication server before resending the request Session Time The amount of time the user is logged in MAC address The supplicant MAC address Authentication Method The authentication method used to establish the session Termination Cause The reason for the session termination State The current value of the Authenticator PAE state machine and of the Backend state m...

Page 345: ...is command has no default configuration Command Mode Privileged or User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays 802 1X users Console show dot1x users Port Username Session Time Auth Method MAC Address 1 Bob 1d 03 08 58 Remote 0008 3b79 8787 2 John 08 19 17 None 0008 3b89 3127 Console show dot1x users username Bob Username Bob P...

Page 346: ...ove Field Description Port The port number Username The username representing the identity of the Supplicant Session Time The period of time the Supplicant is connected to the system Authentication Method Authentication method used by the Supplicant to open the session MAC Address MAC address of the Supplicant ...

Page 347: ...ult configuration Command Mode Privileged or User EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays 802 1X statistics for the specified interface Console show dot1x statistics ethernet 1 EapolFramesRx 11 EapolFramesTx 12 EapolStartFramesRx 12 EapolLogoffFramesRx 1 EapolRespIdFramesRx 3 EapolRespFramesRx 6 EapolReqIdFramesTx 3 EapolReqFr...

Page 348: ...henticator EapolRespFramesRx The number of valid EAP Response frames other than Resp Id frames that have been received by this Authenticator EapolReqIdFramesTx The number of EAP Req Id frames that have been transmitted by this Authenticator EapolReqFramesTx The number of EAP Request frames other than Rq Id frames that have been transmitted by this Authenticator InvalidEapolFramesRx The number of E...

Page 349: ...guration Access is enabled Command Mode Interface Configuration VLAN mode User Guidelines An access port cannot be a member in an unauthenticated VLAN The native VLAN of a trunk port cannot be an unauthenticated VLAN For a general port the PVID can be an unauthenticated VLAN although only tagged packets would be accepted in the unauthorized state Examples The following example enables access to th...

Page 350: ...Interface Configuration Ethernet mode User Guidelines This command enables the attachment of multiple clients to a single 802 1X enabled port In this mode only one of the attached hosts must be successfully authorized for all hosts to be granted network access If the port becomes unauthorized all attached clients are denied access to the network For unauthenticated VLANs multiple hosts are always ...

Page 351: ...upplicant address discard shutdown Discards frames with source addresses that are not the supplicant address The port is also shut down trap Indicates that SNMP traps are sent seconds Specifies the minimum amount of time in seconds between consecutive traps Range 1 1000000 Default Configuration Frames with source addresses that are not the supplicant address are discarded No traps are sent Command...

Page 352: ...n enable Interface Configuration mode command to enable unauthorized users on an interface to access the guest VLAN If the guest VLAN is defined and enabled the port automatically joins the guest VLAN when the port is unautho rized and leaves it when the port becomes authorized To be able to join or leave the guest VLAN the port should not be a static member of the guest VLAN Example The following...

Page 353: ... enable no dot1x guest vlan enable Default Configuration Disabled Command Mode Interface Configuration Ethernet mode User Guidelines A device can have only one global guest VLAN The guest VLAN is defined using the dot1x guest vlan Interface Configuration mode command Example The following example enables unauthorized users on Ethernet port 1 to access the guest VLAN Console configure Console confi...

Page 354: ...tion This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays 802 1X advanced features for the device Console show dot1x advanced Guest VLAN 2 Unauthenticated VLANs 91 92 Interface Multiple Hosts Guest VLAN 1 Disabled Enabled 2 Enabled Disabled Console show dot1x advanced ethern...

Page 355: ...802 1x Commands Page 354 Trap frequency 100 Status Single host locked Violations since last trap 9 ...

Page 356: ...udes how the problem is detected and what are the possible causes of the problem With the problem known the effect of the problem is recorded with all known results from the problem Once the problem is quantified the solution is applied Solutions are found either in this chapter or through customer support If no solution is found in this chapter contact Cus tomer Support Troubleshooting Solutions ...

Page 357: ...Software settings Replace the serial cable Replace serial cable for a pin to pin straight flat cable Reconfigure the emulation software con nection settings Response from the terminal emulations software is not readable Faulty serial cable Software settings Replace the serial cable Reconfigure the emulation software con nection settings Self test exceeds 15 seconds The device may not be cor rectly...

Page 358: ...t twisting of pairs Fiber optical cable connec tion is reversed Bad cable Wrong cable type Check pinout and replace if necessary Change if necessary Check Rx and Tx on fiber optic cable Replace with a tested cable Verify that all 10 Mbps connections use a Cat 5 cable Check the port LED or zoom screen in the NMS application and change setting if necessary Problems Possible Cause Solution ...

Page 359: ...econds press RETURN or Esc to abort and enter prom is displayed press Enter The Startup Menu is displayed 1 Download software 2 Erase flash file 3 Erase flash sectors 4 Password Recovery Procedure 5 Enter Diagnostic Mode 6 Back 3 Enter 4 within 15 seconds after the bootup process from the StartUp menu If the selection is not made in the allotted time the current accessi bility requirements are era...

Page 360: ...a 1 Giffnock Avenue North Ryde NSW 2113 Australia TEL 61 2 8899 1800 FAX 61 2 8899 1868 URL www dlink com au India D Link House Kurla Bandra Complex Road Off CST Road Santacruz East Mumbai 400098 India TEL 91 022 26526696 56902210 FAX 91 022 26528914 URL www dlink co in Middle East Dubai P O Box 500376 Office No 103 Building 3 Dubai Internet City Dubai United Arab Emirates Tel 971 4 3916480 Fax 97...

Page 361: ...International Offices Page 360 ...