D-Link xStack DES-3800 Series, Cli Manual

Page 1: ...Copyright 2005 All rights reserved CLI Manual Product Model DES 3800 Series Layer 3 Stackable Fast Ethernet Managed Switch Release 1...

Page 2: ...August 2005 651ES3828015G RECYCLABLE...

Page 3: ...NMP COMMANDS 29 SWITCH UTILITY COMMANDS 52 NETWORK MONITORING COMMANDS 61 MULTIPLE SPANNING TREE PROTOCOL MSTP COMMANDS 74 FORWARDING DATABASE COMMANDS 87 BROADCAST STORM CONTROL COMMANDS 96 QOS COMMA...

Page 4: ...MANDS 193 VRRP COMMANDS 197 ROUTING TABLE COMMANDS 204 ROUTE REDISTRIBUTION COMMANDS 208 DNS COMMANDS 214 RIP COMMANDS 218 DVMRP COMMANDS 221 PIM COMMANDS 226 IP MULTICASTING COMMANDS 230 MD5 COMMANDS...

Page 5: ...D LINK SINGLE IP MANAGEMENT COMMANDS 298 COMMAND HISTORY LIST 309 POE 312 MODIFY BANNER AND PROMPT COMMANDS 317 TECHNICAL SPECIFICATIONS 320...

Page 6: ...Command Line Interface CLI can be used to configure and manage the Switch via the serial port or Telnet interfaces This manual provides a reference for all of the commands contained in the CLI Config...

Page 7: ...sic Settings window on the Configuration menu The IP address for the Switch must be set before it can be managed with the Web based manager The Switch IP address can be automatically set using BOOTP o...

Page 8: ...he Switch was assigned an IP address of 10 41 44 254 with a subnet mask of 255 0 0 0 The system message Success indicates that the command was executed successfully The Switch can now be configured an...

Page 9: ...rrent configuration will then be retained in the Switch s NV RAM and reloaded when the Switch is rebooted If the Switch is rebooted without using the save command the last configuration saved to NV RA...

Page 10: ...nitial Console Screen after logging in Commands are entered at the command prompt DES 3800 4 There are a number of helpful features included in the CLI Entering the command will display a list of all...

Page 11: ...everal layers of parameter prompting In addition after typing any given command plus one space you can see all of the next possible sub commands in sequential order by repeatedly pressing the Tab key...

Page 12: ...acter string braces indicate optional parameters or a choice of parameters and brackets indicate required parameters If a command is entered that is unrecognized by the CLI the top level commands will...

Page 13: ...ssible completions Show Command In the above example all of the possible next parameters for the show command are displayed At the next command prompt the up arrow was used to re enter the show comman...

Page 14: ...nterface name in the ipif_name space a VLAN name in the vlan_name 32 space and the network address in the network_address space Do not type the angle brackets Example Command create ipif Engineering v...

Page 15: ...rl R Toggle on and off When toggled on inserts text and shifts previous text to the right Left Arrow Moves the cursor to the left Right Arrow Moves the cursor to the right Up Arrow Repeats the previou...

Page 16: ...es Layer 3 Stackable Fast Ethernet Managed Switch CLI Manual 11 displayed r Refreshes the pages currently displayed a Displays the remaining pages without pausing between pages Enter Displays the next...

Page 17: ...nutes 15_minutes enable clipaging disable clipaging enable telnet tcp_port_number 1 65535 disable telnet enable web tcp_port_number 1 65535 disable web save reboot reset config system login logout Eac...

Page 18: ...counts Syntax config account username Description The config account command configures a user account that has been created using the create account command Parameters username Restrictions Only Admi...

Page 19: ...otal Entries 1 DES 3800 4 delete account Purpose Used to delete an existing user account Syntax delete account username Description The delete account command deletes a user account that has been crea...

Page 20: ...on This command displays information about the Switch Parameters None Restrictions Only Administrator level users can issue this command Example usage To display the Switch s information DES 3800 4 sh...

Page 21: ...ins DES 3800 4 config serial_port Purpose Used to configure the serial port Syntax config serial_port baud_rate 9600 19200 38400 115200 auto_logout never 2_minutes 5_minutes 10_minutes 15_minutes Desc...

Page 22: ...ed when issuing the show command which causes the console screen to rapidly scroll through several pages This command will cause the console to pause at the end of each page The default setting is ena...

Page 23: ...n This command is used to enable the Telnet protocol on the Switch The user can specify the TCP or UDP port number the Switch will use to listen for Telnet requests Parameters tcp_port_number 1 65535...

Page 24: ...en for Telnet requests Parameters tcp_port_number 1 65535 The TCP port number TCP ports are numbered between 1 and 65535 The well known port for the Web based management software is 80 Restrictions On...

Page 25: ...each time the Switch is restarted Parameters None Restrictions Only administrator level users can issue this command Example usage To save the Switch s current configuration to non volatile RAM DES 38...

Page 26: ...s are changed to default Rebooting will clear all entries in the Forwarding Data Base If no parameter is specified the Switch s current IP address user accounts and the switch history log are not chan...

Page 27: ...22 logout Purpose Used to log out a user from the Switch s console Syntax logout Description This command terminates the current user s session on the Switch s console Parameters None Restrictions Non...

Page 28: ...ge of ports to be configured speed Allows the user to adjust the speed for a port or range of ports The user has a choice of the following auto Enables auto negotiation for the specified range of port...

Page 29: ...eed Duplex FlowCtrl Learning 1 Enabled Auto Enabled Link Down Enabled 2 Enabled Auto Enabled Link Down Enabled 3 Enabled Auto Enabled Link Down Enabled 4 Enabled Auto Enabled Link Down Enabled 5 Enabl...

Page 30: ...Enabled Description dads1 2 Enabled Auto Disabled Link Down Enabled Description 3 Enabled Auto Disabled Link Down Enabled Description 4 Enabled Auto Disabled Link Down Enabled Description 5 Enabled A...

Page 31: ...ock_no 0 16 lock_address_mode Permanent DeleteOnTimeout DeleteOnReset Description This command allows for the configuration of the port security feature Only the ports listed in the portlist are affec...

Page 32: ...orresponding MAC address previously learned by the port which the user wishes to delete port port Enter the port number which has learned the previously enterd MAC address Restrictions Only administra...

Page 33: ...formation of the Switch s ports The information displayed includes port security admin state maximum number of learning address and lock mode Parameters portlist Specifies a port or range of ports to...

Page 34: ...vary in the level of security provided between the management station and the network device The following table lists the security features of the three SNMP versions SNMP Version Authentication Meth...

Page 35: ...community community_string 32 show snmp community community_string 32 config snmp engineID snmp_engineID show snmp engineID create snmp group groupname 32 v1 v2c v3 noauth_nopriv auth_nopriv auth_pri...

Page 36: ...acters that will identify the SNMP group the new SNMP user will be associated with encrypted Allows the user to choose a type of authorization for authentication using SNMP The user may choose by_pass...

Page 37: ...ly 32 characters in hex form that will be used to encrypt the contents of messages the host sends to the agent none Adding this parameter will add no encryption Restrictions Only administrator level u...

Page 38: ...4 show snmp user Command show snmp user Username Group Name SNMP Version Auth Protocol PrivProtocol initial initial V3 None None Total Entries 1 DES 3800 4 create snmp view Purpose Used to assign view...

Page 39: ...usly created on the Switch Syntax delete snmp view view_name 32 all oid Description The delete snmp view command is used to remove an SNMP view previously created on the Switch Parameters view_name 32...

Page 40: ...1 1 Included CommunityView 1 Included CommunityView 1 3 6 1 6 3 Excluded CommunityView 1 3 6 1 6 3 1 Included Total Entries 11 DES 3800 4 create snmp community Purpose Used to create an SNMP communit...

Page 41: ...f the MIBs on the Switch Restrictions Only administrator level users can issue this command Example usage To create the SNMP community string dlink DES 3800 4 create snmp community dlink view ReadView...

Page 42: ...rictions None Example usage To display the currently entered SNMP community strings DES 3800 4 show snmp community Command show snmp community SNMP Community Table Community Name View Name Access Righ...

Page 43: ...ews Syntax create snmp group groupname 32 v1 v2c v3 noauth_nopriv auth_nopriv auth_priv read_view view_name 32 write_view view_name 32 notify_view view_name 32 Description The create snmp group comman...

Page 44: ...itch and a remote SNMP manager auth_priv Specifies that authorization will be required and that packets sent between the Switch and a remote SNMP manger will be encrypted read_view Specifies that the...

Page 45: ...sg1 Command delete snmp group sg1 Success DES 3800 4 show snmp groups Purpose Used to display the group names of SNMP groups currently configured on the Switch The security model level and status of e...

Page 46: ...ify View Name NotifyView Security Model SNMPv3 Security Level authPriv Group Name Group7 ReadView Name ReadView WriteView Name WriteView Notify View Name NotifyView Security Model SNMPv3 Security Leve...

Page 47: ...ame CommunityView WriteView Name CommunityView Notify View Name CommunityView Security Model SNMPv1 Security Level NoAuthNoPriv Group Name WriteGroup ReadView Name CommunityView WriteView Name Communi...

Page 48: ...rk SNMP v3 adds Message integrity ensures that packets have not been tampered with during transit Authentication determines if an SNMP message is from a valid source Encryption scrambles the contents...

Page 49: ...SNMP traps generated by the Switch s SNMP agent Syntax show snmp host ipaddr Description The show snmp host command is used to display the IP addresses and configuration information of remote SNMP man...

Page 50: ...Parameters ipaddr The IP address of the trusted host to be created Restrictions Only administrator level users can issue this command Example usage To create the trusted host DES 3800 4 create trusted...

Page 51: ...e Usage To delete a trusted host with an IP address 10 48 74 121 DES 3800 4 delete trusted_host 10 48 74 121 Command delete trusted_host 10 48 74 121 Success DES 3800 4 enable snmp traps Purpose Used...

Page 52: ...d to show SNMP trap support on the Switch Syntax show snmp traps Description This command is used to view the SNMP trap support status currently configured on the Switch Parameters None Restrictions O...

Page 53: ...able snmp authenticate traps Command disable snmp authenticate traps Success DES 3800 4 config snmp system_contact Purpose Used to enter the name of a contact person who is responsible for the Switch...

Page 54: ...level users can issue this command Example usage To configure the Switch location for HQ 5F DES 3800 4 config snmp system_location HQ 5F Command config snmp system_location HQ 5F Success DES 3800 4 c...

Page 55: ...n Command enable rmon Success DES 3800 4 disable rmon Purpose Used to disable RMON on the Switch Syntax disable rmon Description This command is used in conjunction with the enable rmon command above...

Page 56: ...le snmp Command enable snmp Success DES 3800 4 disable SNMP Purpose Used to disable RMON on the Switch Syntax disable snmp Description This command is used in conjunction with the enable snmp command...

Page 57: ...th_filename 64 image_id int 1 2 configuration ipaddr path_filename 64 increment Description This command is used to download a new firmware or a Switch configuration file from a TFTP server Parameters...

Page 58: ...orporation All rights reserved DES 3800 4 DES 3800 4 DES 3800 4 DES 3800 4 BASIC DES 3800 4 DES 3800 4 config serial_port baud_rate 9600 auto_logout 10_minutes Command config serial_port baud_rate 960...

Page 59: ...cified firmware section boot_up Entering this parameter will specify the firmware image ID as a boot up section Restrictions Only administrator level users can issue this command Example usage To conf...

Page 60: ...The configuration settings are listed by category in the following order Description 1 Basic serial port Telnet and web management status 2 storm control 3 IP group management 4 syslog 5 QoS 6 port mi...

Page 61: ...figuration log ipaddr path_filename 64 Description This command is used to upload either the Switch s current settings or the Switch s history log to a TFTP server Parameters configuration Specifies t...

Page 62: ...eply packet The TFTP server must be running and have the requested configuration file in its base directory when the request is received from the Switch Consult the DHCP server and TFTP server softwar...

Page 63: ...hernet Switch Command Line Interface Firmware Build 3 01 B21 Copyright C 2000 2004 D Link Corporation All rights reserved DES 3800 4 DES 3800 4 DES 3800 4 download configuration 10 41 44 44 c cfg sett...

Page 64: ...3800 4 disable autoconfig Command disable autoconfig Success DES 3800 4 show autoconfig Purpose Used to display the current autoconfig status of the Switch Syntax show autoconfig Description This will...

Page 65: ...is 255 The default is 0 timeout sec 1 99 Defines the time out period while waiting for a response from the remote device A value of 1 to 99 seconds can be specified The default is 1 second Restriction...

Page 66: ...state enable disable config syslog host all index 1 4 severity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr sta...

Page 67: ...display the error statistics for a range of ports Syntax show error ports portlist Description This command will display all of the packet error statistics collected and logged by the Switch for a gi...

Page 68: ...rt utilization of the Switch portlist Specifies a port or range of ports to be displayed Restrictions None Example usage To display the port utilization statistics DES 3800 4 show utilization ports Co...

Page 69: ...Parameters portlist Specifies a port or range of ports to be displayed Restrictions Only administrator level users can issue this command Example usage To clear the counters DES 3800 4 clear counters...

Page 70: ...5 Command show log index 5 Index Time Log Text 5 00000 days 00 01 09 Successful login through Console Username Anonymous 4 00000 days 00 00 14 System started up 3 00000 days 00 00 06 Port 1 link up 10...

Page 71: ...Purpose Used to display the syslog protocol status as enabled or disabled Syntax show syslog Description The show syslog command displays the syslog status as enabled or disabled Parameters None Restr...

Page 72: ...sent to the remote host This corresponds to number 6 from the list above warning Specifies that warning messages will be sent to the remote host This corresponds to number 4 from the list above all S...

Page 73: ...will be sent to the remote host This corresponds to number 20 from the list above local5 Specifies that local use 5 messages will be sent to the remote host This corresponds to number 21 from the list...

Page 74: ...ncy system is unusable 1 Alert action must be taken immediately 2 Critical critical conditions 3 Error error conditions 4 Warning warning conditions 5 Notice normal but significant condition 6 Informa...

Page 75: ...Specifies that local use 2 messages will be sent to the remote host This corresponds to number 18 from the list above local3 Specifies that local use 3 messages will be sent to the remote host This c...

Page 76: ...acility local0 Success DES 3800 4 delete syslog host Purpose Used to remove a syslog host that has been previously configured from the Switch Syntax delete syslog host index 1 4 all Description The de...

Page 77: ...information Description This command is used to configure the system severity levels on the Switch When an event occurs on the Switch a message will be sent to the SNMP agent trap the Switch s log or...

Page 78: ...the Switch to send only critical events to the Switch s log or SNMP agent warning Entering this parameter along with the proper destination stated above will instruct the Switch to send critical and w...

Page 79: ...ferent data routes within administratively established regions on the network continuing to allow simple and full processing of frames regardless of administrative errors in defining VLANs and their r...

Page 80: ...g id Each command is listed in detail in the following sections enable stp Purpose Used to globally enable STP on the Switch Syntax enable stp Description This command allows the Spanning Tree Protoco...

Page 81: ...To set the Switch globally for the Multiple Spanning Tree Protocol MSTP DES 3800 4 config stp version mstp Command config stp version mstp Success DES 3800 4 config stp Purpose Used to setup STP RSTP...

Page 82: ...10 seconds may be chosen with a default setting of 2 seconds In MSTP the spanning tree is configured by port and therefore the hellotime must be set using the configure stp ports command for switches...

Page 83: ...MSTP the port is capable of migrating from 802 1d STP to 802 1s MSTP RSTP and MSTP can coexist with standard STP however the benefits of RSTP and MSTP are not realized on a port where an 802 1d netwo...

Page 84: ...trictions Only administrator level users can issue this command Example usage To create a spanning tree instance 2 DES 3800 4 create stp instance_id 2 Command create stp instance_id 2 Success DES 3800...

Page 85: ...ample usage To configure instance id 2 to add VID 10 DES 3800 4 config stp instance_id 2 add_vlan 10 Command config stp instance_id 2 add_vlan 10 Success DES 3800 4 Example usage To remove VID 10 from...

Page 86: ...previously configured instance id of which the user wishes to set the priority value An instance id of 0 denotes the default instance_id CIST internally set on the Switch Restrictions Only administra...

Page 87: ...ng state Set a higher priority value for interfaces to be selected for forwarding first In instances where the priority value is identical the MSTP function will implement the lowest port number into...

Page 88: ...t_ports 1 2 instance_id 0 internalCost auto priority 0 Command config stp mst_ports 1 2 instance_id 0 internalCost auto priority 0 Success DES 3800 4 show stp instance_id Purpose Used to display the S...

Page 89: ...This command displays the STP Instance Settings and STP Instance Operational Status currently implemented on the Switch Parameters portlist Specifies a range of ports to be configured The beginning an...

Page 90: ...tion for instance 0 the internal CIST on the Switch DES 3800 4 show stp instance 0 Command show stp instance 0 STP Instance Settings Instance Type CIST Instance Status Enabled Instance Priority 32768...

Page 91: ...ample usage To show the MSTP configuration identification currently set on the Switch DES 3800 4 show stp mst_config_id Command show stp mst_config_id Current MST Configuration Identification Configur...

Page 92: ...if_name 12 port port config multicast port_filtering_mode portlist all forward_all_groups forward_unregistered_groups filter_unregistered_groups show multicast port_filtering_mode portlist Each comman...

Page 93: ...users can issue this command Example usage To create multicast MAC forwarding DES 3800 4 create multicast_fdb default 01 00 00 00 00 01 Command create multicast_fdb default 01 00 00 00 00 01 Success...

Page 94: ...ng table entries that are out of date or no longer exist This may cause incorrect packet forwarding decisions by the Switch If the aging time is too short however many entries may be aged out too soon...

Page 95: ...lete fdb default 01 00 00 00 01 02 Command delete fdb default 01 00 00 00 01 02 Success DES 3800 4 clear fdb Purpose Used to clear the Switch s forwarding database of all dynamically learned MAC addre...

Page 96: ...atabase Parameters vlan_name 32 The name of the VLAN on which the MAC address resides macaddr The MAC address that is present in the forwarding database table Restrictions None Example usage To displa...

Page 97: ...dr interface ipif_name 12 port port DES 3800 4 show fdb Command show fdb Unicast MAC Address Aging Time 300 VID VLAN Name MAC Address Port Type 1 default 00 00 39 34 66 9A 10 Dynamic 1 default 00 00 5...

Page 98: ...ress table DES 3800 4 show ipfdb Command show ipfdb Interface IP Address Port Learned System 10 0 25 1 9 Dynamic System 10 0 51 1 9 Dynamic System 10 0 58 4 9 Dynamic System 10 1 1 101 9 Dynamic Syste...

Page 99: ...ple usage To configure the multicast filtering mode to forward all groups on ports 1 through 4 DES 3800 4 config multicast port_filtering_mode 1 4 forward_all_groups Command config multicast port_filt...

Page 100: ...gistered_groups 10 forward_unregistered_groups 11 forward_unregistered_groups 12 forward_unregistered_groups 13 forward_unregistered_groups 14 forward_unregistered_groups 15 forward_unregistered_group...

Page 101: ...This command is used to configure broadcast storm control Parameters storm_grouplist Used to specify a broadcast storm control group This is specified by entering the syntax unit_id all Specifies all...

Page 102: ...ings Syntax show traffic control group_list storm_grouplist Description This command displays the current storm traffic control configuration on the Switch Parameters group_list storm_grouplist Used t...

Page 103: ...abled 1 10 10 128 Disabled Disabled Disabled 1 11 11 128 Disabled Disabled Disabled 1 12 12 128 Disabled Disabled Disabled 1 13 13 128 Disabled Disabled Disabled 1 14 14 128 Disabled Disabled Disabled...

Page 104: ...empty the four hardware priority queues in order beginning with the highest priority queue 7 to the lowest priority queue 0 Each hardware queue will transmit all of the packets in its buffer before p...

Page 105: ...or value 1 1000 will be applied to the rate at which the above specified ports will be allowed to transmit packets no_limit Specifies that there will be no limit on the rate of packets received by th...

Page 106: ...er priority queue to transmit its packets When the lowest hardware priority queue has finished transmitting all of its packets the highest hardware priority queue can again transmit any packets it may...

Page 107: ...ion The show scheduling command will display the current traffic scheduling mechanisms in use on the Switch Parameters None Restrictions None Example usage To display the current scheduling configurat...

Page 108: ...This mapping scheme is based upon recommendations contained in IEEE 802 1D You can change this mapping by specifying the 802 1p user priority you want to go to the class_id 0 3 the number of the hard...

Page 109: ...5 Priority 6 Class 6 Priority 7 Class 7 DES 3800 4 config 802 1p default_priority Purpose Used to configure the 802 1p default priority settings on the Switch If an untagged packet is received by the...

Page 110: ...destination Syntax show 802 1p default_priority portlist Description The show 802 1p default_priority command displays the currently configured 802 1p priority value that will be assigned to an incom...

Page 111: ...transmit its packets Lower classes of service will be pre empted from emptying its queue if a packet is received on a higher class of service The packet that was received on the higher class of servi...

Page 112: ...Parameters None Restrictions None Example Usage To show the scheduling mechanism DES 3800 4 show scheduling_mechanism Command show scheduling_mechanism QOS scheduling_mechanism CLASS ID Mechanism Clas...

Page 113: ...can specify that only traffic received by or sent by one or both is mirrored to the Target port Parameters port This specifies the Target port the port where mirrored packets will be received The targ...

Page 114: ...elete source 2 4 Success DES 3800 4 enable mirror Purpose Used to enable a previously entered port mirroring configuration Syntax enable mirror Description This command combined with the disable mirro...

Page 115: ...onfiguration Parameters None Restrictions Only administrator level users can issue this command Example usage To disable mirroring configurations DES 3800 4 disable mirror Command disable mirror Succe...

Page 116: ...vlan Purpose Used to create a VLAN on the Switch Syntax create vlan vlan_name 32 tag vlanid 1 4094 advertisement Description This command allows you to create a VLAN on the Switch Parameters vlan_name...

Page 117: ...dd tagged untagged forbidden delete portlist advertisement enable disable Description This command allows you to add ports to the port list of a previously configured VLAN You can specify the addition...

Page 118: ...ters portlist A port or range of ports for which you want to enable GVRP for all Specifies all of the ports on the Switch state enable disable Enables or disables GVRP for the ports specified in the p...

Page 119: ...rator level users can issue this command Example usage To enable the generic VLAN Registration Protocol GVRP DES 3800 4 enable gvrp Command enable gvrp Success DES 3800 4 disable gvrp Purpose Used to...

Page 120: ...y the Switch s current VLAN settings DES 3800 4 show vlan Command show vlan VID 1 VLAN Name default VLAN TYPE static Advertisement Enabled Member ports 1 5 26 Static ports 1 5 26 Current Untagged port...

Page 121: ...rames 8 1 Disabled Enabled All Frames 9 1 Disabled Enabled All Frames 10 1 Disabled Enabled All Frames 11 1 Disabled Enabled All Frames 12 1 Disabled Enabled All Frames 13 1 Disabled Enabled All Frame...

Page 122: ...32 type lacp static Description This command will create a link aggregation group with a unique identifier Parameters value Specifies the group ID The Switch allows up to 32 link aggregation groups t...

Page 123: ...lete link_aggregation group_id 6 Success DES 3800 4 config link_aggregation Purpose Used to configure a previously created link aggregation group Syntax config link_aggregation group_id value 1 32 mas...

Page 124: ...t Description This command configures the part of the packet examined by the Switch when selecting the egress port for transmitting load sharing data This feature is only available using the address b...

Page 125: ...4 show link_aggregation Command show link_aggregation Link Aggregation Algorithm MAC source dest Group ID 1 Master Port 1 Member Port 5 10 Active Port Status Disabled Flooding Port 5 DES 3800 4 confi...

Page 126: ...usage To configure LACP port mode settings DES 3800 4 config lacp_port 1 12 mode active Command config lacp_port 1 12 mode active Success DES 3800 4 show lacp_port Purpose Used to display current LAC...

Page 127: ...xStack DES 3800 Series Layer 3 Stackable Fast Ethernet Managed Switch CLI Manual 122 9 Active 10 Active DES 3800 4...

Page 128: ...ip mac ipaddress ipaddr mac_address macaddr all blocked all vlan_name vlan_name mac_address macaddr Each command is listed in detail in the following sections create address_binding ip_mac ipaddress...

Page 129: ...mac_address 00 00 00 00 00 05 Command config address_binding ip_mac ipaddress 10 1 1 3 mac_address 00 00 00 00 00 05 Success DES 3800 4 config address_binding ip_mac ports Purpose Used to configure a...

Page 130: ...of the device Ports The number of enabled ports on a device Parameters all For IP_MAC binding all specifies all the IP MAC binding entries for Blocked Address Binding entries all specifies all the bl...

Page 131: ...ame and the physical address of the device To delete all the Blocked Address Binding entries toggle all Parameters ipaddr The IP address of the device where the IP MAC binding is made macaddr The MAC...

Page 132: ...Switch Parameters ipif_name 12 Enter an alphanumeric string of up to 12 characters to identify this IP interface ipaddress network_address IP address and netmask of the IP interface to be created You...

Page 133: ...ettings DES 3800 4 show ipif System Command show ipif System IP Interface Settings Interface Name System IP Address 10 48 74 122 MANUAL Subnet Mask 255 0 0 0 VLAN Name default Admin State Disabled Lin...

Page 134: ...ata field of the DHCP reply packet The TFTP server must be running and have the requested configuration file in its base directory when the request is received from the Switch Consult the DHCP server...

Page 135: ...Description This command allows you to configure IGMP on the Switch Parameters ipif_name 12 The name of the IP interface for which you want to configure IGMP all Specifies all the IP interfaces on th...

Page 136: ...IGMP configuration for the Switch of for a specified IP interface Syntax show igmp ipif ipif_name 12 Description This command will display the IGMP configuration for the Switch if no IP interface nam...

Page 137: ...show igmp group group group ipif ipif_name 12 Description This command will display the IGMP group configuration Parameters group group The ID of the multicast group to be displayed ipif_name 12 The...

Page 138: ...uter_ports vlan vlan_name 32 static dynamic show igmp_snooping forwarding vlan vlan_name 32 show igmp_snooping group vlan vlan_name 32 Each command is listed in detail in the following sections config...

Page 139: ...e this command Example usage To configure IGMP snooping DES 3800 4 config igmp_snooping default host_timeout 250 state enable Command config igmp_snooping default host_timeout 250 state enable Success...

Page 140: ...querier This interval is calculated as follows robustness variable x query interval 0 5 x query response interval Last member query count Number of group specific queries sent before the router assum...

Page 141: ...static router ports DES 3800 4 config router_ports default add 1 10 Command config router_ports default add 1 10 Success DES 3800 4 enable igmp_snooping Purpose Used to enable IGMP snooping on the Sw...

Page 142: ...mand without the parameter will disable igmp snooping on the Switch Restrictions Only administrator level users can issue this command Example usage To disable IGMP snooping on the Switch DES 3800 4 d...

Page 143: ...t Timeout 260 Route Timeout 260 Leave Timer 2 Querier State Disabled Querier Router Behavior Non Querier State Disabled Total Entries 2 DES 3800 4 show igmp_snooping group Purpose Used to display the...

Page 144: ...55 255 250 MAC address 01 00 5E 7F FF FA Reports 2 Port Member 9 19 VLAN Name default Multicast group 239 255 255 254 MAC address 01 00 5E 7F FF FE Reports 1 Port Member 13 17 Total Entries 6 DES 3800...

Page 145: ...the Switch Syntax show igmp_snooping forwarding vlan vlan_name 32 Description This command will display the current IGMP snooping forwarding table entries currently configured on the Switch Parameters...

Page 146: ...3800 4 show igmp_snooping group Command show igmp_snooping group VLAN Name default Multicast group 224 0 0 2 MAC address 01 00 5E 00 00 02 Reports 1 Port Member 2 4 VLAN Name default Multicast group...

Page 147: ...xStack DES 3800 Series Layer 3 Stackable Fast Ethernet Managed Switch CLI Manual 142 DES 3800 4...

Page 148: ...p show dhcp_relay ipif ipif_name 12 enable dhcp_relay disable dhcp_relay Each command is listed in detail in the following sections config dhcp_relay Purpose Used to configure the DHCP BOOTP relay fea...

Page 149: ...S 3800 4 config dhcp_relay add ipif System 10 58 44 6 Command config dhcp_relay add ipif System 10 58 44 6 Success DES 3800 4 config dhcp_relay delete ipif Purpose Used to delete one or all IP destina...

Page 150: ...acket if the server is capable of option 82 it can implement policies like restricting the number of IP addresses that can be assigned to a single remote ID or circuit ID Then the DHCP server echoes t...

Page 151: ...field Restrictions Only administrator level users can issue this command Example usage To configure DHCP relay option 82 check DES 3800 4 config dhcp_relay option_82 check enable Command config dhcp_r...

Page 152: ...the IP interface for which to display the current DHCP relay configuration Restrictions None Example usage To show the DHCP relay configuration DES 3800 4 show dhcp_relay Command show dhcp_relay DHCP...

Page 153: ...users can issue this command Example usage To enable DHCP relay DES 3800 4 enable dhcp_relay Command enable dhcp_relay Success DES 3800 4 disable dhcp_relay Purpose Used to disable the DHCP BOOTP rel...

Page 154: ...upp_timeout sec 1 65535 server_timeout sec 1 65535 max_req value 1 10 reauth_period sec 1 65535 enable_reauth enable disable config 802 1x init port_based ports portlist all mac_based ports portlist a...

Page 155: ...mple usage To disable 802 1x on the Switch DES 3800 4 disable 802 1x Command disable 802 1x Success DES 3800 4 show 802 1x auth_configuration Purpose Used to display the current configuration of the 8...

Page 156: ...come Unauthorized QuietPeriod Shows the time interval between authentication failure and the start of a new authentication attempt TxPeriod Shows the time to wait for a response from a supplicant user...

Page 157: ...eld ForceAuth ForceUnauth Shows the current state of the Authenticator PAE Backend State Request Response Fail Idle Initalize Success Timeout Shows the current state of the Backend Authenticator Port...

Page 158: ...All Example usage To display the 802 1x auth state for MAC based 802 1x DES 3800 4 show 802 1x auth_state Command show 802 1x auth_state Port number 1 1 Index MAC Address Auth PAE State Backend State...

Page 159: ...port Authenticator Supplicant Authenticator and Supplicant and None Parameters portlist Specifies a port or range of ports to be configured all Specifies all of the ports on the Switch authenticator...

Page 160: ...s the port s status to reflect the outcome of the authentication process force_unauth Forces the Authenticator for the port to become unauthorized Network access will be blocked quiet_period sec 0 655...

Page 161: ...rictions Only administrator level users can issue this command Example usage To initialize the authentication state machine of all ports DES 3800 4 config 802 1x init port_based ports all Command conf...

Page 162: ...server settings Up to 3 groups of RADIUS server settings can be entered on the Switch server_ip The IP address of the RADIUS server key Specifies that a password and encryption key will be used betwee...

Page 163: ...address server_ip key passwd 32 auth_port udp_port_number 1 65535 acct_port udp_port_number 1 65535 Description The config radius command is used to configure the Switch s Radius settings Parameters s...

Page 164: ...The show radius command is used to display the current RADIUS configurations on the Switch Parameters None Restrictions None Example usage To display RADIUS settings on the Switch DES 3800 4 show rad...

Page 165: ...destination_mac macaddr 802 1p value 0 7 ethernet_type hex 0x0 0xffff port port permit priority value 0 7 replace_priority deny ip vlan vlan_name 32 source_ip ipaddr destination_ip ipaddr dscp value...

Page 166: ...hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_48 63 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_64 79 hex 0x0 0xffffffff hex 0x0 0xffffffff he...

Page 167: ...ith the source_ip_mask 255 255 255 0 to give the IP address 10 42 73 0 for any source IP address between 10 42 73 0 to 10 42 73 255 Due to a chipset limitation the Switch supports a maximum of 9 acces...

Page 168: ...rce_mac macaddr destination_mac macaddr 802 1p value 0 7 ethernet_type hex 0x0 0xffff port port permit priority value 0 7 replace_priority deny delete value 1 100 create access_profile ip vlan source_...

Page 169: ...ules pertaining to the Ethernet part of the packet header may be defined by configuring the config access_profile command for Ethernet as stated below Parameters ethernet Specifies that the Switch wil...

Page 170: ...The value specifies the relative priority of the additional rule Up to 100 different rules may be configured for the Ethernet access profile ethernet Specifies that the Switch will look only into the...

Page 171: ...elete access_id value 1 100 Use this command to delete a specific rule from the Ethernet profile Up to 100 rules may be specified for the Ethernet access profile Restrictions Only administrator level...

Page 172: ...ies that the Switch will examine each frames Transport Control Protocol TCP field src_port_mask hex 0x0 0xffff Specifies a TCP port mask for the source port dst_port_mask hex 0x0 0xffff Specifies a TC...

Page 173: ...escription This command is used to define the rules used by the Switch to either filter or forward packets based on the IP part of each packet header Parameters profile_id value 1 8 Enter an integer b...

Page 174: ...edgement psh TCP control flag push rst TCP control flag reset syn TCP control flag synchronize fin TCP control flag finish udp Specifies that the Switch will examine the Universal Datagram Protocol UD...

Page 175: ...le Up to 100 rules may be specified for the IP access profile Restrictions Only administrator level users can issue this command Example usage To configure a rule for the IP access profile DES 3800 4...

Page 176: ...being created with this command Restrictions Only administrator level users can issue this command Example usage To create an Access profile by packet content mask DES 3800 4 create access_profile pa...

Page 177: ...beginning of the packet to the 15th byte offset_16 31 Enter a value in hex form to mask the packet from byte 16 to byte 31 offset_32 47 Enter a value in hex form to mask the packet from byte 32 to by...

Page 178: ...1111 offset_16 31 0x11111111 0x11111111 0x11111111 0x11111111 port 1 1 deny Command config access_profile profile_id 3 add access_id 1 packet_content offset_0 15 0x11111111 0x11111111 0x11111111 0x111...

Page 179: ..._id parameter will command the Switch to display all access profile entries Restrictions Only administrator level users can issue this command Example usage To display all of the currently configured...

Page 180: ...47 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset 48 63 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset 64 79 hex 0x0 0xffffffff...

Page 181: ...hem as the forwarding criterion These numbers have flag bits associated with them which are parts of a packet that determine what to do with the packet The user may deny packets by denying certain fla...

Page 182: ...dscp icmp type code permit profile_id 1 Command create access_profile ip vlan source_ip_mask 20 0 0 0 destination_ip_mask 10 0 0 0 dscp icmp type code permit profile_id 1 Success DES 3800 4 delete cp...

Page 183: ...4 79 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff permit deny delete access id value 1 100 Description The config cpu access_profile command is used to configure a cpu a...

Page 184: ...TCP header dst_port value 0 65535 Specifies that the access profile will apply only to packets that have this TCP destination port in their TCP header protocol_id value 0 255 Specifies that the switc...

Page 185: ...2 3 destination_ip 10 1 1 252 dscp 3 icmp type 11 code 32 port 1 deny Command config cpu access_profile profile_id 10 add access_id 1 ip vlan default source_ip 20 2 2 3 destination_ip 10 1 1 252 dscp...

Page 186: ...CPU filtering mechanism on the Switch Syntax show cpu_interface_filtering Description The config cpu_interface_filtering state command is used view the current running state of the CPU interface filt...

Page 187: ...h this command This value is assigned to the access profile when it is created with the create cpu access_profile command Restrictions Only administrator level users can issue this command Example usa...

Page 188: ...mand is listed in detail in the following sections config arp_storm Purpose To config arp storm control for system Syntax config arp_storm state enable disable threshold int 8 1024 Description User us...

Page 189: ...ES 3800 Series Layer 3 Stackable Fast Ethernet Managed Switch CLI Manual 184 DES 3800 4 show arp_storm Command show arp_storm ARP Storm Control State Enable ARP Storm Control Threshold 8 kbytes sec DE...

Page 190: ...configure traffic segmentation on the Switch Parameters portlist Specifies a port or range of ports that will be configured for traffic segmentation forward_list Specifies a range of ports that will...

Page 191: ...traffic segmentation configuration on the Switch will be displayed Restrictions The port lists for segmentation and the forward list must be on the same Switch Example usage To display the current tra...

Page 192: ...rt_time hh mm e_date end_date 1 31 e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 show time Each command is listed in detail in the following sections config sntp Purpose Used to setup S...

Page 193: ...one Example usage To display SNTP configuration information DES 3800 4 show sntp Command show sntp Current Time Source System Clock SNTP Disabled SNTP Primary Server 10 1 1 1 SNTP Secondary Server 10...

Page 194: ...s Syntax config time date ddmmmyyyy time hh mm ss Description This will configure the system time and date settings These will be overridden if SNTP is configured and enabled Parameters date Express t...

Page 195: ...l users can issue this command Example usage To configure time zone settings DES 3800 4 config time_zone operator hour 2 min 30 Command config time_zone operator hour 2 min 30 Success DES 3800 4 confi...

Page 196: ...y Configure the day of the week in which DST begins start_day sun sat The day of the week in which DST begins expressed using a three character abbreviation sun mon tue wed thu fri sat e_day Configure...

Page 197: ...play the current time settings and status Syntax show time Description This will display system time and date configuration as well as display current system time Parameters None Restrictions None Exa...

Page 198: ...and is used to enter an IP address and the corresponding MAC address into the Switch s ARP table Parameters ipaddr The IP address of the end node or station macaddr The MAC address corresponding to th...

Page 199: ...arpentry Purpose Used to delete a static entry into the ARP table Syntax delete arpentry ipaddr all Description This command is used to delete a static ARP entry made using the create arpentry comman...

Page 200: ...ption This command is used to display the current contents of the Switch s ARP table Parameters ipif ipif_name 12 The name of the IP interface the end node or station for which the ARP table entry was...

Page 201: ...stem 10 50 8 7 00 E0 18 45 C7 28 Dynamic System 10 90 90 90 00 01 02 03 04 00 Local System 10 255 255 255 FF FF FF FF FF FF Local Broadcast Total Entries 20 DES 3800 4 clear arptable Purpose Used to r...

Page 202: ...virtual routers on the Switch an IP interface must be present on the system and it must be a part of a VLAN VRRP IP interfaces may be assigned to every VLAN and therefore IP interface on the Switch VR...

Page 203: ...virtual IP address to be pinged DES 3800 4 enable vrrp ping Command enable vrrp ping Success DES 3800 4 disable vrrp Purpose To disable the VRRP function on the Switch Syntax disable vrrp ping Descrip...

Page 204: ...te enable disable Used to enable and disable the VRRP router on the Switch priority int 1 254 Enter a value between 1 and 254 to indicate the router priority The VRRP Priority value may determine if a...

Page 205: ...rid 1 ipif Darren ipaddress 11 1 1 1 state enable priority 200 advertisement_interval 1 preempt true critical_ip 10 53 13 224 critical_ip_state enable Command create vrrp vrid 1 ipif Darren ipaddress...

Page 206: ...priority backup router will preempt a lower priority Master router A true entry along with having the backup router s priority set higher than the masters priority will set the backup router as the Ma...

Page 207: ...ed by a router If the two passwords are not exactly the same the packet will be dropped ip authdata string 16 This parameter will require the user to set an alphanumeric authentication string of no mo...

Page 208: ...ement Interval 1 secs Preempt Mode True Virtual Router Up Time 2754089 centi secs Total Entries 1 DES 3800 4 delete vrrp Purpose Used to delete a vrrp entry from the switch Syntax delete vrrp vrid vri...

Page 209: ...outing table Parameters network_address IP address and netmask of the IP interface that is the destination of the route The address and mask information can be specified using the traditional format f...

Page 210: ...Purpose Used to delete an IP route entry from the Switch s IP routing table Syntax delete iproute network_address ipaddr primary backup Description This command will delete an existing entry from the...

Page 211: ...0 4 delete iproute default 10 53 13 254 Command delete iproute default 10 53 13 254 Success DES 3800 4 show iproute Purpose Used to display the Switch s current IP routing table Syntax show iproute ne...

Page 212: ...3 Stackable Fast Ethernet Managed Switch CLI Manual 207 DES 3800 4 show iproute Command show iproute Routing Table IP Address Netmask Gateway Interface Hops Protocol 10 0 0 0 8 0 0 0 0 System 1 Local...

Page 213: ...SPF routes on the Switch Syntax create route redistribute dst ospf src static rip local mettype 1 2 metric value 0 16777214 Description This command will redistribute routing information between the O...

Page 214: ...l routers on the network that are running OSPF or RIP Routing information entered into the Static Routing Table on the local xStack switch is also redistributed Parameters src all internal external ty...

Page 215: ...ss DES 3800 4 config route redistribute dst ospf src Purpose Used configure route redistribution settings for the exchange of RIP routes to OSPF routes on the Switch Syntax config route redistribute d...

Page 216: ...1 mettype 2 Allowed Metric Type combinations are mettype 1 or mettype 2 The metric value 0 above will be redistributed in OSPF as the metric 20 Example Usage To configure route redistributions DES 38...

Page 217: ...inter e2 Specifies the internal protocol AND type 2 of the external protocol metric value 0 16 Allows the entry of an OSPF interface cost This is analogous to a Hop Count in the RIP routing protocol...

Page 218: ...al ospf Description Displays the current route redistribution settings on the Switch Parameters src rip static local ospf Allows the selection of the routing protocol on the source device The user may...

Page 219: ...in_name 32 ipaddr Description This command is used to configure the DNS relay function on the Switch Parameters primary Indicates that the IP address below is the address of the primary DNS server sec...

Page 220: ...Syntax enable dnsr cache static Description This command is used in combination with the disable dnsr command below to enable and disable DNS Relay on the Switch Parameters cache This parameter will...

Page 221: ...witch Parameters cache This parameter will allow the user to disable the cache lookup for the DNS rely on the Switch static This parameter will allow the user to disable the static table lookup for th...

Page 222: ...of only the static entries into the DNS relay table If this parameter is omitted the entire DNS relay table will be displayed Restrictions None Example Usage To display DNS relay status DES 3800 4 sh...

Page 223: ...itch Parameters ipif_name 12 The name of the IP interface all To configure all RIP receiving mode for all IP interfaces authentication enable disable Enables or disables authentication for RIP on the...

Page 224: ...led on the Switch Restrictions Only administrator level users can issue this command Example Usage To change the RIP receive mode for the IP interface System DES 3800 4 config rip ipif System rx_mode...

Page 225: ...x show rip ipif ipif_name 12 Description This command will display the RIP configuration and statistics for a given IP interface or for all IP interfaces Parameters ipif ipif_name 12 The name of the I...

Page 226: ...ipif_name 12 The name of the IP interface for which DVMRP is to be configured all Specifies that DVMRP is to be configured for all IP interfaces on the Switch metric value 1 31 Allows the assignment...

Page 227: ...DVMRP Syntax enable dvmrp Description This command in combination with the disable dvmrp command below to enable and disable DVMRP on the Switch Parameters None Restrictions Only administrator level u...

Page 228: ...0 4 show dvmrp routing_table Command show dvmrp routing_table DVMRP Routing Table Source Address Netmask Upstream Neighbor Metric Learned Interface Expire 10 0 0 0 8 10 90 90 90 2 Local System 20 0 0...

Page 229: ...will display the DVMRP routing next hop table Parameters ipif_name 12 The name of the IP interface for which to display the current DVMRP routing next hop table ipaddress network_address The IP addre...

Page 230: ...he current DVMRP routing table Parameters ipif_name 12 This parameter will allow the user to display DVMRP settings for a specific IP interface Restrictions None Example Usage To show DVMRP configurat...

Page 231: ...specific IP interface being configured for PIM settings all Used to configure PIM settings for all IP interfaces hello sec 1 18724 The time in seconds between issuing hello packets to find neighborin...

Page 232: ...command Parameters None Restrictions Only administrator level users can use this command Usage Example To enable PIM as previously configured on the Switch DES 3800 4 enable pim Command enable pim Suc...

Page 233: ...t or the CIDR format For example 10 1 2 3 255 255 0 0 or 10 2 3 4 16 If no parameters are specified all PIM neighbor router tables are displayed Restrictions None Example usage To display PIM settings...

Page 234: ...ble Fast Ethernet Managed Switch CLI Manual 229 Command show pim PIM Global State Disabled PIM DM Interface Table Hello Join Prune Interface IP Address Interval Interval State System 10 90 90 90 8 35...

Page 235: ...the current IP multicast forwarding cache Parameters group group The multicast group IP address ipaddress network_address The IP address and netmask of the source The address and mask information can...

Page 236: ...st interface table For example if DVMRP is specified the table will display only those entries that are related to the DVMRP protocol dvmrp Specifying this parameter will display only those entries th...

Page 237: ...n entry for the MD5 key table Parameters key_id 1 255 The MD5 key ID The user may enter a key ranging from 1 to 255 password An MD5 password of up to 16 bytes Restrictions Only administrator level use...

Page 238: ...ameters key_id 1 255 The MD5 key ID to delete Restrictions Only administrator level users can issue this command Usage Example The delete an entry in the MD5 key table DES 3800 4 delete md5 key 1 Comm...

Page 239: ...xStack DES 3800 Series Layer 3 Stackable Fast Ethernet Managed Switch CLI Manual 234 2 develop 3 fireball 4 intelligent Total Entries 4 DES 3800 4...

Page 240: ...alue 1 65535 show ospf host_route ipaddr create ospf aggregation area_id network_address lsdb_type summary advertise enabled disabled delete ospf aggregation area_id network_address lsdb_type summary...

Page 241: ...ion This command is used to configure the OSPF router ID Parameters ipaddr The IP address of the OSPF router Restrictions Only administrator level users can issue this command Usage Example To configu...

Page 242: ...ble ospf Command disable ospf Success DES 3800 4 show ospf Purpose Used to display the current OSPF state on the Switch Syntax show ospf Description This command will display the current state of OSPF...

Page 243: ...Link Area ID Neighbor Router Interval Interval Status 10 0 0 0 20 0 0 0 10 60 None DOWN 10 1 1 1 20 1 1 1 10 60 None DOWN Total Entries 2 OSPF Area Aggregation Settings Area ID Aggregated LSDB Adverti...

Page 244: ...122 type normal Command create ospf area 10 48 74 122 type normal Success DES 3800 4 delete ospf area Purpose Used to delete an OSPF area Syntax delete ospf area area_id Description This command is us...

Page 245: ...ge Example To configure an OSPF area s settings DES 3800 4 config ospf area 10 48 74 122 type stub stub_summary enable metric 1 Command config ospf area 10 48 74 122 type stub stub_summary enable metr...

Page 246: ...ministrator level users can issue this command Usage Example To configure the OSPF host route settings DES 3800 4 create ospf host_route 10 48 74 122 area 10 1 1 1 metric 2 Command create ospf host_ro...

Page 247: ...users can issue this command Usage Example To configure an OSPF host route DES 3800 4 config ospf host_route 10 48 74 122 area 10 1 1 1 metric 2 Command config ospf host_route 10 48 74 122 area 10 1...

Page 248: ...To create an OSPF area aggregation DES 3800 4 create ospf aggregation 10 1 1 1 10 48 76 122 16 lsdb_type summary advertise enable Command create ospf aggregation 10 1 1 1 10 48 76 122 16 lsdb_type su...

Page 249: ...s the network that corresponds to the OSPF Area lsdb_type summary Specifies the type of address aggregation advertise enable disable Allows for the advertisement trigger to be enabled or disabled Rest...

Page 250: ...se LSDB Parameters area_id area_id A 32 bit number in the form of an IP address xxx xxx xxx xxx that uniquely identifies the OSPF area in the OSPF domain advertise_router ipaddr The router ID of the a...

Page 251: ...f neighbor Command show ospf neighbor IP Address of Router ID of Neighbor Neighbor Neighbor Neighbor Priority State 10 48 74 122 10 2 2 2 1 Initial Total Entries 1 DES 3800 4 show ospf virtual_neighbo...

Page 252: ...erval between the transmission of OSPF Hello packets in seconds Between 1 and 65535 seconds can be specified The Hello Interval Dead Interval Authorization Type and Authorization Key should be the sam...

Page 253: ...to display the current OSPF interface settings for the specified interface name Syntax show ospf ipif ipif_name 12 Description This command will display the current OSPF interface settings for the sp...

Page 254: ...smit Delay 1 Retransmit Time 5 Authentication None Interface Name ipif2 IP Address 123 234 12 34 24 Link Up Network Medium Type BROADCAST Metric 1 Area ID 1 0 0 0 Administrative State Enabled Priority...

Page 255: ...tion simple password 8 Choosing this parameter will set a simple authentication which includes a case sensitive password of no more than 8 characters md5 key_id 1 255 Choosing this parameter will set...

Page 256: ...will set a simple authentication which includes a case sensitive password of no more than 8 characters md5 key_id 1 255 Choosing this parameter will set authentication based on md5 encryption A previo...

Page 257: ...rameters area_id A 32 bit number in the form of an IP address xxx xxx xxx xxx that uniquely identifies the OSPF area in the OSPF domain neighbor_id The OSPF router ID for the remote area This is a 32...

Page 258: ...he following sections enable mac_notification Purpose Used to enable global MAC address table notification on the Switch Syntax enable mac_notification Description This command is used to enable MAC a...

Page 259: ...Parameters interval sec 1 2147483647 The time in seconds between notifications The user may choose an interval between 1 and 2 147 483 647 seconds historysize 1 500 The maximum number of entries liste...

Page 260: ...ification ports 7 enable Command config mac_notification ports 7 enable Success DES 3800 4 show mac_notification Purpose Used to display the Switch s MAC address table notification global settings Syn...

Page 261: ...rameter will display the MAC notification table for all ports Restrictions None Example usage To display all port s MAC address table notification status settings DES 3800 4 show mac_notification port...

Page 262: ...col for authentication using the Access Authentication Control commands RADIUS or Remote Authentication Dial In User Server also uses a remote server for authentication and can be responsible for rece...

Page 263: ...nable admin command and then enter a password which was previously configured by the administrator of the Switch The Access Authentication Control commands in the Command Line Interface CLI are listed...

Page 264: ...t ipaddr protocol tacacs xtacacs tacacs radius show authen server_host config authen parameter response_timeout int 0 255 config authen parameter attempt int 1 255 show authen parameter enable admin c...

Page 265: ...g to access administrator level privileges Parameters None Restrictions Only administrator level users can issue this command Example usage To disable the system access authentication policy DES 3800...

Page 266: ...mand will affect the authentication result For example if a user enters a sequence of methods like tacacs xtacacs local the Switch will send an authentication request to the first tacacs host in the s...

Page 267: ...enticated using the TACACS protocol from a remote TACACS server xtacacs Adding this parameter will require the user to be authenticated using the XTACACS protocol from a remote XTACACS server tacacs A...

Page 268: ...ons Only administrator level users can issue this command Example usage To delete the method list name Trinity DES 3800 4 delete authen_login method_list_name Trinity Command delete authen_login metho...

Page 269: ...en_login method_list_name Trinity Command show authen_login method_list_name Trinity Method List Name Priority Method Name Comment Trinity 1 tacacs Built in Group 2 tacacs Built in Group 3 Darren User...

Page 270: ...e Switch will send an authentication request to the second TACACS host in the server group and so on until the list is exhausted At that point the Switch will restart the same sequence with the follow...

Page 271: ...ing this parameter will require the user to be authenticated using a user defined server group previously configured on the Switch local_enable Adding this parameter will require the user to be authen...

Page 272: ...authen_enable default method_list_name string 15 all Description This command is used to delete a user defined method list of authentication methods for promoting user level privileges to Adminstrato...

Page 273: ...o access any function on the Switch Restrictions None Example usage To display all method lists for promoting user level privileges to administrator level privileges DES 3800 4 show authen_enable all...

Page 274: ...ure Shell login method http Choose this parameter to configure the web interface login method all Choose this parameter to configure all applications console telnet ssh web login method login Use this...

Page 275: ...on method lists login enable administrator privileges for Switch configuration applications console telnet ssh web currently configured on the Switch Parameters None Restrictions None Example usage To...

Page 276: ...ter if the server host utilizes the XTACACS protocol tacacs Enter this parameter if the server host utilizes the TACACS protocol radius Enter this parameter if the server host utilizes the RADIUS prot...

Page 277: ...arameter if the server host utilizes the XTACACS protocol tacacs Enter this parameter if the server host utilizes the TACACS protocol radius Enter this parameter if the server host utilizes the RADIUS...

Page 278: ...sed by the server host the user wishes to delete The user may choose one of the following tacacs Enter this parameter if the server host utilizes the TACACS protocol xtacacs Enter this parameter if th...

Page 279: ...virtual port number on the server host The default value is 49 Timeout The time in seconds the Switch will wait for the server host to reply to an authentication request Retransmit The value in the re...

Page 280: ...TACACS RADIUS server hosts into user defined categories for authentication using method lists The user may add up to eight 8 authentication server hosts to this group using the config authen server_gr...

Page 281: ...Switch Only server hosts utilizing the XTACACS protocol may be added to this group tacacs Use this parameter to utilize the built in TACACS server protocol on the Switch Only server hosts utilizing th...

Page 282: ...delete authen server_group Purpose Used to delete a user defined authentication server group Syntax delete authen server_group string 15 Description This command will delete an authentication server g...

Page 283: ...s IP Address The IP address of the server host Protocol The authentication protocol used by the server host Parameters string 15 Enter an alphanumeric string of up to 15 characters to define the previ...

Page 284: ...60 Command config authen parameter response_timeout 60 Success DES 3800 4 config authen parameter attempt Purpose Used to configure the maximum number of times the Switch will accept authentication at...

Page 285: ...3800 4 show authen parameter Command show authen parameter Response timeout 60 seconds User attempts 5 DES 3800 4 enable admin Purpose Used to promote user level privileges to administrator level priv...

Page 286: ...e user level privileges to administrator privileges he or she will be prompted to enter the password configured here that is set locally on the Switch Parameters password 15 After entering this comman...

Page 287: ...ed Configure the encryption algrothim that SSH will use to encrypt and decrypt messages sent between the SSH Client and the SSH Server Finally enable SSH on the Switch using the enable ssh command Aft...

Page 288: ...Purpose Used to disable SSH Syntax disable ssh Description This command allows you to disable SSH on the Switch Parameters None Restrictions Only administrator level users can issue this command Usage...

Page 289: ...nux operating system with a SSH program previously installed enable disable This allows you to enable or disable SSH authentication on the Switch Restrictions Only administrator level users can issue...

Page 290: ...mber of attempts that a user may try to logon utilizing SSH authentication After the maximum number of attempts is exceeded the Switch will be disconnected and the user must reconnect to the Switch to...

Page 291: ...a remote SSH server for authentication purposes Choosing this parameter requires the user to input the following information to identify the SSH user hostname domain_name Enter an alphanumeric string...

Page 292: ...st create a user account on the Switch For information concerning configuring a user account please see the section of this manual entitled Basic Switch Commands and then the command create user accou...

Page 293: ...rameter will enable or disable the MD5 Message Digest encryption algorithm SHA1 This parameter will enable or disable the Secure Hash Algorithm encryption RSA This parameter will enable or disable the...

Page 294: ...h algorithm Encryption Algorithm 3DES Enabled AES128 Enabled AES192 Enabled AES256 Enabled ARC4 Enabled Blowfish Enabled Cast128 Enabled Twofish128 Enabled Twofish192 Enabled Twofish256 Enabled Data I...

Page 295: ...rypted block of encrypted text is used in the encryption of the current block The Switch supports the 3DES_EDE encryption code defined by the Data Encryption Standard DES to create the encrypted text...

Page 296: ...ic parameters specific encryption algorithms and key sizes to be used for an authentication session The user may choose any combination of the following RSA_with_RC4_128_MD5 This ciphersuite combines...

Page 297: ...witch and can be used to disable any one or combination of listed ciphersuites on the Switch Parameters ciphersuite A security string that determines the exact cryptographic parameters specific encryp...

Page 298: ...pecifying a longer timeout will allow the SSL session to reuse the master key on future connections with that particular host therefore speeding up the negotiation process Parameters timeout value 60...

Page 299: ...mand is used to view the SSL status on the Switch Parameters None Restrictions None Example usage To view the SSL status on the Switch DES 3800 4 show ssl Command show ssl SSL status Disabled RSA_WITH...

Page 300: ...the owner keys for authentication and digital signatures Both the server and the client must have consistent certificate files for optimal use of the SSL function The Switch only supports certificate...

Page 301: ...me disable jumbo_frame show jumbo_frame Each command is listed in detail in the following sections enable jumbo_frame Purpose Used to enable the jumbo frame function on the Switch Syntax enable jumbo_...

Page 302: ...e Success DES 3800 4 show jumbo_frame Purpose Used to show the status of the jumbo frame function on the Switch Syntax show jumbo_frame Description This command will show the status of the jumbo frame...

Page 303: ...e same IP subnet broadcast domain however a single switch can only belong to one group If multiple VLANs are configured the SIM group will only utilize the default VLAN on any switch SIM allows interm...

Page 304: ...the applications in the CS will redirect the packet instead of executing the packets The applications will decode the packet from the administrator modify some data then send it to the MS After execut...

Page 305: ...enable sim Success DES 3800 4 disable sim Purpose Used to disable Single IP Management SIM on the Switch Syntax disable sim Description This command will disable SIM globally on the Switch Parameters...

Page 306: ...ters candidates candidate_id 1 100 Entering this parameter will display information concerning candidates of the SIM group To view a specific candidate include that candidate s ID number listed from 1...

Page 307: ...828 L3 Switch 40 1 00 B16 The Man 2 00 55 55 00 55 00 DES 3828 L3 Switch 140 1 00 B16 default master Total Entries 2 DES 3800 4 To show the member information in summary if the member id is specified...

Page 308: ...ss Role 23 00 35 26 00 11 99 Commander 23 00 35 26 00 11 91 Member 24 00 35 26 00 11 90 Candidate Total Entries 3 DES 3800 4 reconfig Purpose Used to connect to a member switch through the commander s...

Page 309: ...h MS of a SIM group The CaS may be defined by its ID number and a password if necessary delete member_id 1 32 Use this parameter to delete a member switch of a SIM group The member switch should be de...

Page 310: ...n seconds the CS will hold information sent to it from other switches utilizing the discovery interval protocol The user may set the hold time from 100 to 255 seconds candidate Used to change the role...

Page 311: ..._filename members mslist 1 32 all Description This command will download a firmware file or configuration file to a specified device from a TFTP server Parameters firmware_from_tftp Specify this param...

Page 312: ...all This device is updating firmware Please wait Download Status ID MAC Address Result 1 00 01 02 03 04 00 Success 2 00 07 06 05 04 03 Success 3 00 07 06 05 04 03 Success DES 3800 4 To download config...

Page 313: ...e to path_filename Enter a user defined path and file name on the TFTP server the user wishes to upload configuration files to members Enter this parameter to specify the members the user prefers to u...

Page 314: ...ay all commands in the Command Line Interface CLI Syntax Description This command will display all of the commands available through the Command Line Interface CLI Parameters None Restrictions None Ex...

Page 315: ...e Interface CLI Parameters None Restrictions None Example usage To display all commands DES 3800 4 dir clear clear arptable clear counters clear fdb clear log clear port_security_entry port config 802...

Page 316: ...r Up to 40 of the latest executed commands may be viewed Restrictions None Example usage To configure the command history DES 3800 4 config command_history 20 Command config command_history 20 Success...

Page 317: ...s power to it The auto disable feature will occur under two conditions first if the total power consumption exceeds the system power limit and second if the per port power consumption exceeds the per...

Page 318: ...ing on the power supplier s capability Default setting is 370 W power_disconnect_method This parameter is used to configure the power management disconnection method When the total consumed power exce...

Page 319: ...n order When the power limit has been exceeded the ports will shut down according to their priority if the power disconnect method is set to deny_ low_priority_port power_limit Allows the user to conf...

Page 320: ...l values of the whole PoE system and PoE ports Parameters portlist Specifies a range of ports to be viewed Restrictions None DES 3800 4 show poe ports Command show poe ports Port State Priority Power...

Page 321: ...xStack DES 3800 Series Layer 3 Stackable Fast Ethernet Managed Switch CLI Manual 316 OFF Interim state during line detection DES 3800 4 show poe ports portlist Command show poe ports...

Page 322: ...hen the banner will be reset to the original factory banner To open the Banner Editor click enter after typing the config greeting_message command Type the information to be displayed on the banner by...

Page 323: ...Description Administrator level users can use this command to change the command prompt Parameters string 16 The command prompt can be changed by entering a new name of no more that 16 characters user...

Page 324: ...xStack DES 3800 Series Layer 3 Stackable Fast Ethernet Managed Switch CLI Manual 319 DES 3800 4 config command_prompt Geeksrule Command config command_prompt Geeksrule Success Geeksrule 4...

Page 325: ...ull duplex Flow Control IEEE 802 3 Nway auto negotiation IEEE 802 3af Power over Ethernet Protocols CSMA CD Data Transfer Rates Ethernet Fast Ethernet Gigabit Ethernet Fiber Optic Half duplex Full dup...

Page 326: ...28P one additional 270mm blower Operating Temperature 0 40 C Storage Temperature 40 70 C Humidity 5 95 non condensing Dimensions DES 3828 DES3828DC 441 mm x 310 mm x 44 mm DES 3828P 441mm x 369mm x 44...