D-Link xStack DGS-3612G series, Cli Manual

Page 1: ...CLI Manual Product Model xStack DGS 3600 Series Layer 3 Gigabit Ethernet Managed Switch Release 2 5 Copyright 2009 All rights reserved...

Page 2: ...ING COMMANDS 126 VLAN COMMANDS 130 PROTOCOL VLAN GROUP COMMANDS 141 LINK AGGREGATION COMMANDS 146 IP MAC PORT BINDING IMPB 151 IP COMMANDS INCLUDING IP MULTINETTING 165 IPV6 NEIGHBOR DETECTION COMMAND...

Page 3: ...OMMANDS 375 MAC NOTIFICATION COMMANDS 378 WEB BASED ACCESS CONTROL WAC COMMANDS 382 ACCESS AUTHENTICATION CONTROL COMMANDS 388 SSH COMMANDS 409 SSL COMMANDS 416 JUMBO FRAME COMMANDS 421 LLDP COMMANDS...

Page 4: ...ccessing the Switch via the Serial Port The Switch s serial port s default settings are as follows 115200 baud no parity 8 data bits 1 stop bit A computer running a terminal emulation program capable...

Page 5: ...s represent the IP address to be assigned to the IP interface named System and the y s represent the corresponding subnet mask 2 Alternatively you can enter config ipif System ipaddress xxx xxx xxx xx...

Page 6: ...nsole interface is used by connecting the Switch to a VT100 compatible terminal or a computer running an ordinary terminal emulator program e g the HyperTerminal program included with the Windows oper...

Page 7: ...C ESC q Quit SPACE n Next Page Enter Next Entry a All Figure 2 2 The Command When users enter a command without its required parameters the CLI will prompt a Next possible completions message DGS 3627...

Page 8: ...addition the syntax of the help prompts are the same as presented in this manual angle brackets indicate a numerical value or character string braces indicate optional parameters or a choice of parame...

Page 9: ...oup double_vlan fdb igmp_snooping ipif ipmroute iproute ipv6 ipv6route link_aggregation mac_based_access_control mac_based_access_control_local mac_based_vlan md5 multicast_fdb multicast_range ospf pi...

Page 10: ...LAN name in the vlan_name 32 space and the network address including the netmask in the network_address ip_addr netmask space Do not type the angle brackets Example Command create ipif Engineering 10...

Page 11: ...he right Left Arrow Moves the cursor to the left Right Arrow Moves the cursor to the right Up Arrow Repeats the previously entered command Each time the up arrow is pressed the command previous to tha...

Page 12: ...sion show switch show serial_port config serial_port baud_rate 9600 19200 38400 115200 auto_logout never 2_minutes 5_minutes 10_minutes 15_minutes enable clipaging disable clipaging enable telnet tcp_...

Page 13: ...d 15 alphanumeric characters to define the user account created here Restrictions Only Administrator level users can issue this command Example usage To create an administrator level user account with...

Page 14: ...Example usage To configure the user password of dlink account DGS 3627 5 config account dlink Command config account dlink Enter a old password Enter a case sensitive new password Enter the new passw...

Page 15: ...ple usage To delete the user account System DGS 3627 5 delete account System Command delete account System Are you sure to delete the last administrator account y n y Success DGS 3627 5 show session P...

Page 16: ...efault Subnet Mask 255 0 0 0 Default Gateway 0 0 0 0 Boot PROM Version Build 1 10 B09 Firmware Version Build 2 50 B15 Hardware Version A1 Serial Number P4F7191000001 System Name System Location System...

Page 17: ...sed to communicate with the management host There are four options 9600 19200 38400 and 115200 never No time limit on the length of time the console can be open with no user input 2_minutes The consol...

Page 18: ...creen display when the show command output reaches the end of the page DGS 3627 5 enable clipaging Command enable clipaging Success DGS 3627 5 disable clipaging Purpose Used to disable the pausing of...

Page 19: ...red between 1 and 65535 The well known TCP port for the Telnet protocol is 23 Restrictions Only Administrator and Operator level users can issue this command Example usage To enable Telnet and configu...

Page 20: ...telnet on the Switch DGS 3627 5 telnet 10 0 0 8 Command telnet 10 0 0 8 Success DGS 3627 5 enable web Purpose Used to enable the HTTP based management software on the Switch Syntax enable web tcp_port...

Page 21: ...used to enter the current switch configuration or log file into non volatile RAM The saved switch configuration will be loaded into the Switch s memory each time the Switch is restarted Parameters co...

Page 22: ...config is specified all of the factory default settings are restored on the Switch including the IP address user accounts and the switch history log The Switch will not save or reboot system If the ke...

Page 23: ...the current user s session on the Switch s console Parameters None Restrictions None Example usage To terminate the current user s console session DGS 3627 5 logout show device_status Purpose Used to...

Page 24: ...current command prompt consists of product name user level product name ex DGS 3627 5 The user may replace all parts of the command prompt except the by entering a string of 16 alphanumerical charact...

Page 25: ...e the current configured banner to the DRAM only To save it into the FLASH memory the user must enter the save command Only Administrator and Operator level users can issue this command Example usage...

Page 26: ...anual 23 To view the currently configured greeting message DGS 3627 5 show greeting_message Command show greeting_message DGS 3627 Gigabit Ethernet Switch Command Line Interface Firmware Build 2 50 B1...

Page 27: ...cifies a port or range of ports to be configured The beginning and end of the port list range are separated by a dash medium_type fiber copper This applies only to the Combo ports If configuring the C...

Page 28: ...DGS 3627 5 config ports 1 1 1 3 speed 10_full learning enable state enable flow_control enable Command config ports 1 1 1 3 speed 10_full learning enable state enable flow_control enable Success DGS...

Page 29: ...ommand is used to display the current configuration of a range of ports Parameters portlist Specifies a port or range of ports to be displayed The beginning and end of the port list range are separate...

Page 30: ...k Down Enabled 1 12 Enabled Auto Disabled Link Down Enabled 1 13 Enabled Auto Disabled Link Down Enabled 1 14 Enabled Auto Disabled Link Down Enabled 1 15 Enabled Auto Disabled Link Down Enabled 1 16...

Page 31: ...d Port Port Connection status Reason State 1 2 Enabled Err disabled Storm control Desc Port 2 1 8 Enabled Err disabled Storm control Desc Port 8 DGS 3627 5 To display the Error Disabled ports DGS 3627...

Page 32: ...Manual 29 Port 1 2 Auto Negotiation Enabled Capability Bits 1000M_Full Capbility Advertised Bits 1000M_Full Capbility Received Bits Port 1 3 Auto Negotiation Enabled Capability Bits 1000M_Full Capbil...

Page 33: ...security ports portlist all admin_state enable disable max_learning_addr max_lock_no 0 16 lock_address_mode Permanent DeleteOnTimeout DeleteOnReset Description This command allows for the configuratio...

Page 34: ...on This command is used to delete a single previously learned port security entry by port VLAN name and MAC address Parameters vlan name vlan_name 32 Enter the corresponding vlan name of the port to d...

Page 35: ...port_security_entry port 6 Command clear port_security_entry port 6 Success DGS 3627 5 show port_security Purpose Used to display the current port security configuration Syntax show port_security por...

Page 36: ...and is listed in detail in the following sections config box_priority Purpose Used to configure box priority which determines which box becomes the priority master Lower numbers denote a higher priori...

Page 37: ...s 1 12 new_box_id The new ID being assigned to the Switch box Range is 1 12 auto Allows the box ID to be assigned automatically Restrictions Only Administrator and Operator level users can issue this...

Page 38: ...Not_Exist No 6 Not_Exist No 7 Not_Exist No 8 Not_Exist No 9 Not_Exist No 10 Not_Exist No 11 Not_Exist No CTRL C ESC q Quit SPACE n Next Page Enter Next Entry a All show stack_device Purpose Used to d...

Page 39: ...ion question regarding the reboot of the switch Entering n will disable the question and the switch will automatically restart once the command has been entered Restrictions Only Administrator level u...

Page 40: ...2c Community String Community String is used for authentication NoAuthNoPriv v3 Username Username is used for authentication NoAuthNoPriv v3 MD5 or SHA Authentication is based on the HMAC MD5 or HMAC...

Page 41: ...e 32 notify_view view_name 32 delete snmp group groupname 32 show snmp groups create snmp host host ipaddr v6host ipv6addr v1 v2c v3 noauth_nopriv auth _nopriv auth_priv auth_string 32 delete snmp hos...

Page 42: ...SNMP on the Switch Syntax disable snmp Description This command is used in conjunction with the enable snmp command above to enable and disable SNMP on the Switch Parameters None Restrictions Only Ad...

Page 43: ...ange traps DGS 3627 5 disable snmp linkchange_traps Command disable snmp linkchange_traps Success DGS 3627 5 config snmp linkchange_traps Purpose Used to configure SNMP linkchange traps on the Switch...

Page 44: ...tication using SNMP The user may choose by_password Requires the SNMP user to enter a password for authentication and privacy The password is defined by specifying the auth_password below This method...

Page 45: ...create an SNMP user on the Switch DGS 3627 5 create snmp user dlink default encrypted by_password auth md5 canadian priv none Command create snmp user dlink default encrypted by_password auth md5 can...

Page 46: ...pose Used to assign views to community strings to limit which MIB objects and SNMP manager can access Syntax create snmp view view_name 32 oid view_type included excluded Description The create snmp v...

Page 47: ...witch will be deleted oid The object ID that identifies an object tree MIB tree that will be deleted from the Switch Restrictions Only Administrator level users can issue this command Example usage To...

Page 48: ...t will be accessible to the SNMP community read_write or read_only level permission for the MIB objects accessible to the SNMP community Syntax create snmp community community_string 32 view view_name...

Page 49: ...managers access to MIB objects in the Switch s SNMP agent Restrictions Only Administrator level users can issue this command Example usage To delete the SNMP community string dlink DGS 3627 5 delete...

Page 50: ...nmp_engineID An alphanumeric string that will be used to identify the SNMP engine on the Switch Restrictions Only Administrator level users can issue this command Example usage To give the SNMP agent...

Page 51: ...MP v3 provides secure access to devices through a combination of authentication and encrypting packets over the network SNMP v3 adds Message integrity Ensures that packets have not been tampered with...

Page 52: ...he new SNMP user will be associated Restrictions Only Administrator level users can issue this command Example usage To delete the SNMP group named sg1 DGS 3627 5 delete snmp group sg1 Command delete...

Page 53: ...Settings Group Name public ReadView Name CommunityView WriteView Name Notify View Name CommunityView Securiy Model SNMPv1 Securiy Level NoAuthNoPriv Group Name public ReadView Name CommunityView Write...

Page 54: ...ures v3 Specifies that the SNMP version 3 will be used SNMP v3 provides secure access to devices through a combination of authentication and encrypting packets over the network SNMP v3 adds Message in...

Page 55: ...level users can issue this command Example usage To delete an SNMP host entry DGS 3627 5 delete snmp host 10 48 74 100 Command delete snmp host 10 48 74 100 Success DGS 3627 5 show snmp host Purpose...

Page 56: ...mand is used to display the IPv6 addresses and configuration information of remote SNMP managers that are designated as recipients of SNMP traps that are generated by the Switch s SNMP agent Parameter...

Page 57: ...mation can be specified using the traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 Restrictions Only Administrator and Operator level users can issue this command Example...

Page 58: ...sk of the trusted host to be deleted The address and mask information can be specified using the traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 all Enter this parameter...

Page 59: ...rs can issue this command Example Usage To turn on SNMP authentication trap support DGS 3627 5 enable snmp authenticate_traps Command enable snmp authenticate_traps Success DGS 3627 5 show snmp traps...

Page 60: ...his command is used to disable SNMP authentication support on the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example Usage To disable the SN...

Page 61: ...aximum of 255 characters is allowed Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the Switch location for HQ 5F DGS 3627 5 config snmp syst...

Page 62: ...Operator level users can issue this command Example Usage To enable RMON DGS 3627 5 enable rmon Command enable rmon Success DGS 3627 5 disable rmon Purpose Used to disable RMON on the Switch Syntax d...

Page 63: ...1 12 drive_id pathname 64 filename 64 dir unit unitid 1 12 all drive_id copy drive_id pathname 64 unit unit_id 1 12 drive_id pathname 64 show boot_file unit unitid 1 12 all show storage_media_info un...

Page 64: ...om a TFTP server ipaddr The IP address of the TFTP server ipv6addr The IPv6 address of the TFTP server path_filename 64 The DOS path and filename of the switch configuration file on the TFTP server Fo...

Page 65: ...unit unit_id 1 12 Description This command is used to upload a configuration file or log file to a TFTP server The user now has the option of saving the log or configuration file on the flash memory...

Page 66: ...P server such as a spoofing attack ipaddr Enter the IPv4 address of the TFTP server to which to upload the attack log ipv6addr Enter the IPv6 address of the TFTP server to which to upload the attack l...

Page 67: ...h memory which will be used as the boot up firmware upon next reboot of the Switch boot_up Entering this parameter will specify the firmware file as a boot up section Restrictions Only Administrator l...

Page 68: ...Entering this parameter will display configurations entered without being saved to NVRAM boot_up Entering this parameter will display configurations that are to be used upon the next reboot of the Swi...

Page 69: ...se to use it as a boot up or active section Parameters drive_id Enter the drive ID number where the configuration file is located on the flash drive that is to be configured pathname 64 Specifies the...

Page 70: ...vel users can issue this command Example usage To delete file c startup cfg from the Switch s flash memory DGS 3627 5 erase c startup cfg Command erase c startup cfg Please wait do not power off Proce...

Page 71: ...ts of the flash memory Parameters unit unitid 1 12 Select the switch in the switch stack where the files are that will be displayed denoted by unit ID number all Use this parameter to select all switc...

Page 72: ...where the file is to be copied to pathname 64 Enter the path and name of the file to be renamed Restrictions Only Administrator and Operator level users can issue this command Example usage To copy a...

Page 73: ...ia_Type Description of the type of storage media accessory currently in use Size Description of the size of memory space available on the storage media accessory Label Description assigned to this sto...

Page 74: ...file system version this command will have no effect string This string is used to set the confirmation question that will follow the entry of this command Entering y will execute the command without...

Page 75: ...4 121 time 10ms Reply from 10 48 74 121 time 10ms Reply from 10 48 74 121 time 10ms Reply from 10 48 74 121 time 10ms Ping statistics for 10 48 74 121 Packets Sent 4 Received 4 Lost 0 DGS 3627 5 ping6...

Page 76: ...command will trace a route between the Switch and a give host on the network Parameters ipaddr Specifies the IP address of the host ttl value 1 60 The time to live value of the trace route request Thi...

Page 77: ...y Administrator and Operator level users can issue this command Example usage To enable autoconfiguration on the Switch DGS 3627 5 enable autoconfig Command enable autoconfig Success DGS 3627 5 When a...

Page 78: ...3627 5 DGS 3627 5 DGS 3627 5 End of configuration file for DGS 3627 DGS 3627 5 Logout disable autoconfig Purpose Use this to deactivate autoconfiguration from DHCP Syntax disable autoconfig Descripti...

Page 79: ...display the current autoconfig status of the Switch Syntax show autoconfig Description This will list the current status of the autoconfiguration function Parameters None Restrictions Only Administra...

Page 80: ...able config syslog host all index 1 4 severity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable...

Page 81: ...X Bytes 0 0 RX Frames 0 0 TX Bytes 0 0 TX Frames 0 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh show error ports Purpose Used to display the error statistics information for a range...

Page 82: ...0 Multicast Drop 0 VLAN Ingress Drop 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh show utilization Purpose Used to display real time port and cpu utilization statistics Syntax show...

Page 83: ...0 1 1 3 0 0 0 1 24 0 0 0 1 4 0 0 0 1 25 0 0 0 1 5 0 0 0 1 6 0 0 0 1 7 0 0 0 1 8 0 0 0 1 9 0 0 0 1 10 0 0 0 1 11 0 0 0 1 12 0 0 0 1 13 0 0 0 1 14 0 0 0 1 15 0 0 0 1 16 0 0 0 1 17 0 0 0 1 18 0 0 0 1 19...

Page 84: ...orts 2 9 Command clear counters ports 2 9 Success DGS 3627 5 clear log Purpose Used to clear the Switch s history log Syntax clear log Description This command will clear the Switch s history log Para...

Page 85: ...tax show attack_log unit unit_id 1 12 index value_list Description This command will display the contents of the attack log of the Switch This log displays the time and date of a possible attack on th...

Page 86: ...g DGS 3627 5 clear attack_log Command clear attack_log Success DGS 3627 5 enable syslog Purpose Used to enable the system log to be sent to a remote host Syntax enable syslog Description The enable sy...

Page 87: ...ning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable Description The create syslog host command is used to create a...

Page 88: ...daemon 12 NTP subsystem 13 log audit 14 log alert 15 clock daemon 16 local use 0 local0 17 local use 1 local1 18 local use 2 local2 19 local use 3 local3 20 local use 4 local4 21 local use 5 local5 2...

Page 89: ...facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable Description The config syslog host command is used to configure the sys...

Page 90: ...have not been explicitly assigned a Facility may use any of the local use facilities or they may use the user level Facility Those Facilities that have been designated are shown in the following Bold...

Page 91: ...21 from the list above local6 Specifies that local use 6 messages will be sent to the remote host This corresponds to number 22 from the list above local7 Specifies that local use 7 messages will be s...

Page 92: ...vailable indexes numbered 1 through 4 all Specifies that the command will be applied to all hosts Restrictions Only Administrator and Operator level users can issue this command Example usage To delet...

Page 93: ...on such as unsuccessful downloads or uploads and failed logins Critical Events classified as critical are fatal exceptions occurring on the Switch such as hardware failures or spoofing attacks Paramet...

Page 94: ...fig log_save_timing Purpose Used to configure the method of saving log files to the switch s flash memory Syntax config log_save_timing time_interval min 1 65535 on_demand log_trigger Description The...

Page 95: ...ured for saving log files to the switch s flash memory Syntax show log_save_timing Description The show log_save_timing command allows the user to view the time method configured for saving log files...

Page 96: ...g trees Each switch utilizing the MSTP on a network will have a single MSTP configuration that will have the following three attributes a A configuration name defined by an alphanumeric string of up t...

Page 97: ...d on the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To enable STP globally on the Switch DGS 3627 5 enable stp Command enable...

Page 98: ...for the STP version that is currently set on the Switch Parameters maxage value 6 40 This value may be set to ensure that old information does not endlessly circulate through redundant paths in the ne...

Page 99: ...d_recover_timer value 0 value 60 1000000 This field will set the time the STP port will wait before recovering the STP state set 0 will denote that the LBD will never time out or restart until the adm...

Page 100: ...cket is received it automatically loses edge port status false indicates that the port does not have edge port status p2p true false auto true indicates a point to point P2P shared link P2P ports are...

Page 101: ...figured STP instances on the Switch by creating an instance_id A STP instance may have multiple members with the same MSTP configuration There is no limit to the number of STP regions in a network but...

Page 102: ...elete stp instance_id 2 Command delete stp instance_id 2 Success DGS 3627 5 config stp priority Purpose Used to update the STP instance configuration Syntax config stp priority value 0 61440 instance_...

Page 103: ...he MSTP region configured on the Switch The default setting is 0 name string Enter an alphanumeric string of up to 32 characters to uniquely identify the MSTP region on the Switch This name along with...

Page 104: ...imally for an interface The default value is derived from the media speed of the interface value 1 200000000 Selecting this parameter with a value in the range of 1 200000000 will set the quickest rou...

Page 105: ...s 2 STP enabled for RSTP DGS 3627 5 show stp Command show stp STP Bridge Global Settings STP Status Enabled STP Version RSTP Max Age 20 Hello Time 2 Forward Delay 15 Max Hops 20 TX Hold Count 3 Forwar...

Page 106: ...s External PathCost Auto 200000 Edge Port No No P2P Auto Yes Port Forward BPDU disabled MSTI Designated Bridge Internal PathCost Prio Status Role 0 8000 0050BA7120D6 200000 128 Forwarding Root 1 8001...

Page 107: ...Root Port 1 Max Age 20 Forward Delay 15 Last Topology Change 856 Topology Changes Count 2987 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh show stp mst_config_id Purpose Used to displa...

Page 108: ...dr config multicast filtering_mode vlan_name 32 all forward_all_groups forward_unregistered_groups filter_unregistered_groups show multicast filtering_mode vlan vlan_name 32 Each command is listed in...

Page 109: ...ast MAC forwarding DGS 3627 5 create multicast_fdb default 01 00 00 00 00 01 Command create multicast_fdb default 01 00 00 00 00 01 Success DGS 3627 5 config multicast_fdb Purpose Used to configure th...

Page 110: ...is too short however many entries may be aged out too soon This will result in a high percentage of received packets whose source addresses cannot be found in the forwarding table in which case the Sw...

Page 111: ...cally learned MAC addresses Syntax clear fdb vlan vlan_name 32 port port all Description This command is used to clear dynamically learned entries to the Switch s forwarding database Parameters vlan_n...

Page 112: ...icast_fdb vlan default VLAN Name default MAC Address 01 00 00 00 00 01 Egress Ports 1 1 1 5 Mode Static Total Entries 1 DGS 3627 5 show fdb Purpose Used to display the current unicast MAC address forw...

Page 113: ...ynamic 1 default 00 01 80 62 F6 EE 1 21 Dynamic 1 default 00 02 3F 76 BA EE 1 21 Dynamic 1 default 00 03 09 18 10 01 1 21 Dynamic 1 default 00 03 1B 22 FF 00 1 21 Dynamic 1 default 00 03 6D 1E 76 79 1...

Page 114: ...ample usage To configure the multicast filtering mode to filter unregistered groups on all VLANs DGS 3627 5 config multicast filtering_mode all filter_unregistered_groups Command config multicast filt...

Page 115: ...eturning it to an Enabled status To utilize this method of Storm Control choose the Shutdown option of the Action field in the window below The broadcast storm control commands in the Command Line Int...

Page 116: ...l function These packet counts are the determining factor in deciding when incoming packets exceed the Threshold value sec 5 30 The Interval may be set between 5 and 30 seconds with the default settin...

Page 117: ...fic control recover DGS 3627 5 config traffic control_recover 1 1 1 6 Command config traffic control_recover 1 1 1 6 Success DGS 3627 5 config traffic trap Purpose Used to configure traps for traffic...

Page 118: ...Storm Storm down Interval Forever 1 1 131072 Enabled Disabled Disabled drop 0 5 1 2 131072 Enabled Disabled Disabled drop 0 5 1 3 131072 Disabled Disabled Disabled drop 0 5 1 4 131072 Disabled Disabl...

Page 119: ...e next lower priority to transmit its packets When the lowest hardware priority queue has finished transmitting all of its packets the highest hardware priority queue will begin transmitting any packe...

Page 120: ...l be allowed to receive tx_rate Specifies that one of the parameters below no_limit or value 64 10000000 will be applied to the rate at which the above specified ports will be allowed to transmit pack...

Page 121: ...allowing the next lower priority queue to transmit its packets When the lowest hardware priority queue has finished transmitting all of its packets the highest hardware priority queue can again transm...

Page 122: ...iority queue will be allowed to transmit before allowing the next lowest priority queue to transmit its packets A value between 0 and 15 can be specified Restrictions Only Administrator and Operator l...

Page 123: ...802 1p user priority to go to the class_id 0 6 the number of the hardware queue priority 0 7 The 802 1p user priority to associate with the class_id 0 6 the number of the hardware queue class_id 0 6...

Page 124: ...priority 0 7 Description This command allows users to specify default priority handling of untagged packets received by the Switch The priority value entered with this command will be used to determi...

Page 125: ...agged packet before being forwarded to its destination Parameters portlist Specifies a port or range of ports for which to display the default priority The beginning and end of the port list range are...

Page 126: ...e empted from emptying its queue if a packet is received on a higher class of service The packet that was received on the higher class of service will transmit its packet before allowing the lower cla...

Page 127: ...Success DGS 3627 5 disable hol_prevention Purpose Used to disable HOL prevention Syntax disable hol_prevention Description The disable hol_prevention command disables Head of Line prevention Paramete...

Page 128: ...HOL prevention Syntax show hol_prevention Description The show hol_prevention command displays the Head of Line prevention state Parameters None Restrictions None Example usage To view the HOL preven...

Page 129: ...t pair on the Switch Traffic from any source port to a target port can be mirrored for real time analysis A logic analyzer or an RMON probe can then be attached to study the traffic crossing the sourc...

Page 130: ...ig mirror port 1 1 add source ports 1 2 1 7 both Command config mirror port 1 1 add source ports 1 2 1 7 both Success DGS 3627 5 Example usage To delete the mirroring ports DGS 3627 5 config mirror po...

Page 131: ...guration into the Switch and then turn the port mirroring on and off without having to modify the port mirroring configuration Parameters None Restrictions Only Administrator and Operator level users...

Page 132: ...600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual 129 DGS 3627 5 show mirror Command show mirror Current Settings Mirror Status Disabled Target Port 1 1 Mirrored Port RX 1 2 1 7 TX 1 2 1 7...

Page 133: ...nd therefore checks the VLAN tagged packet to see if a provider VLAN tag has been added If so the packet is then routed through this provider VLAN which contains smaller VLANs with similar configurati...

Page 134: ...ormal 802 1Q VLAN on the Switch advertisement Specifies that the VLAN is able to join GVRP Restrictions Each VLAN name can be up to 32 characters Only Administrator and Operator level users can issue...

Page 135: ...ng and end of the port list range are separated by a dash advertisement enable disable Enables or disables GVRP on the specified VLAN Restrictions Only Administrator and Operator level users can issue...

Page 136: ...is function tagged_only implies that only VLAN tagged frames will be accepted while admit_all implies tagged and untagged frames will be accepted by the Switch pvid Specifies the default VLAN ID assoc...

Page 137: ...Registration Protocol GVRP DGS 3627 5 disable gvrp Command disable gvrp Success DGS 3627 5 show vlan Purpose Used to display the current VLAN configuration on the Switch Syntax show vlan vlan_name 32...

Page 138: ...d Member Ports 1 4 1 8 Static Ports 1 4 1 8 Current Tagged Ports 1 4 1 8 Current Untagged Ports Static Tagged Ports 1 4 1 8 Static Untagged Ports Forbidden Ports Total Entries 2 DGS 3627 5 show gvrp P...

Page 139: ...1 Disabled Enabled All Frames CTRL C ESC q Quit SPACE n Next Page Enter Next Entry a All enable double_vlan Purpose Used to enable the Double VLAN feature on the Switch Syntax enable double_vlan Descr...

Page 140: ...le_vlan Current Double VLAN mode Enabled Disable Double VLAN need to reset system config Are you sure y n y Success DGS 3627 5 create double_vlan Purpose Used to create a Double VLAN on the Switch Syn...

Page 141: ...ccess Add this parameter to configure these ports as access ports Access ports are for connecting Switch VLANs to customer VLANs portlist Enter a list of ports to be added to this VLAN The beginning a...

Page 142: ...vlan RG Global Double VLAN Enabled SPVID 2 VLAN Name RG TPID 0x9100 Uplink Ports Access Ports 1 4 1 8 Unknow Ports Total Entries 1 DGS 3627 5 enable pvid auto_assign Purpose Used to enable auto assign...

Page 143: ...The default setting is enabled Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the auto assign PVID DGS 3627 5 disable pvid aut...

Page 144: ...he Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameter create dot1v_protocol_group group_id id config dot1v_protocol_group group_id id...

Page 145: ...eter if you wish this protocol group to employ the Ethernet2 frame type This frame type is identified by the 16 bit 2 octet IEEE802 3 type field in the packet header which is to be stated using the fo...

Page 146: ...otocol_group group_id 1 Success DGS 3627 5 show dot1v_protocol_group Purpose Used to display the configurations for a protocol VLAN group Syntax show dot1v_protocol_group group_id id Description This...

Page 147: ...ers vlan_name 32 Identify the VLAN name for which to add a tag to ingress untagged packets delete protocol_group Use this parameter to remove this protocol VLAN group s association with the ports stat...

Page 148: ...nfigure the ports for a protocol VLAN group DGS 3627 5 show port dot1v ports 1 6 1 8 Command show port dot1v ports 1 6 1 8 Port 1 6 Protocol Group ID VLAN Name 1 building1 Port 1 7 Protocol Group ID V...

Page 149: ...ortlist Each command is listed in detail in the following sections create link_aggregation Purpose Used to create a link aggregation group on the Switch Syntax create link_aggregation group_id value 1...

Page 150: ...er_port port ports portlist state enable disable Description This command allows users to configure a link aggregation group that was created with the create link_aggregation command above Parameters...

Page 151: ...e address based load sharing algorithm Parameters mac_source Indicates that the Switch should examine the source MAC address mac_destination Indicates that the Switch should examine the destination MA...

Page 152: ...ortlist mode active passive Description This command is used to configure ports that have been previously designated as LACP ports see create link_aggregation Parameters portlist Specifies a port or r...

Page 153: ...tings as they are currently configured Parameters portlist Specifies a port or range of ports to be configured The beginning and end of the port list range are separated by a dash Non contiguous portl...

Page 154: ...the ACL mode the user must first set up IP MAC Port binding using the create address_binding ip_mac ipaddress command to create an entry Then the user must enable the mode by entering the config addr...

Page 155: ...rd_dhcppkt enable disable mode arp acl Description Use this command to configure per port state of IP MAC binding on the switch If a port has been configured as a group member of an aggregagted link t...

Page 156: ...C will be set to dynamic The packet isn t found by the entry the MAC will be set to block Other packets will be dropped The default mode is strict if not specified loose This mode provides a more loos...

Page 157: ...e will consume the resources in the switch controller An ACL mode entry may not be effective The status of the entry will display this information When an entry in not effective the check for IP packe...

Page 158: ...packets will be bypassed allow_zeroip Specify whether to allow ARP packet with SIP address 0 0 0 0 Supposed that 0 0 0 0 is not configured in the binding list when it is set to enabled the ARP packet...

Page 159: ...ddress of the device where the IP MAC binding is made ports Specifies a port or range of ports to be configured for address binding all Specifies that all ports on the switch will be configured for ad...

Page 160: ...and the physical address of the device To delete all the Blocked Address Binding entries toggle all Parameters ipaddr The IP address of the device where the IP MAC Port binding is made macaddr The MAC...

Page 161: ...st range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 all Specifies that all ports on the switch will be configured for address binding Restrictions Only...

Page 162: ...device ports The number of enabled ports on a device Parameters all For IP_MAC binding all specifies all the IP MAC Port binding entries for Blocked Address Binding entries all specifies all the bloc...

Page 163: ...that a binding entry learned by DHCP snooping is conflict with the statically configured entry The conflict case means that the binding relation is conflict For example if IP A is binded with MAC X b...

Page 164: ...dhcp_snoop Success DGS 3627 5 clear address_binding dhcp_snoop binding_entry ports Purpose To clear the address binding entries learned for the specified ports Syntax clear address_binding dhcp_snoop...

Page 165: ...ys the address binding entries learned for the specified port Restrictions None Example usage To display address binding DHCP state on the Switch DGS 3627 5 show address_binding dhcp_snoop Command sho...

Page 166: ...address_binding dhcp_snoop max_entry ports portlist all limit value 1 50 no_limit Description By default per port max entry is no limit This command specifies the max number of entries which can be le...

Page 167: ...ding trap log messages on the Switch DGS 3627 5 enable address_binding trap_log Command enable address_binding trap_log Success DGS 3627 5 disable address_binding trap_log Purpose Used to disable the...

Page 168: ...ring a multitude of IP addresses but configuring the Switch for IP multinetting may cause troubleshooting and bandwidth problems and should not be used as a long term solution Problems may include The...

Page 169: ...IP interface RG on VLAN vlan_1 DGS 3627 5 create ipif RG 10 1 1 1 8 vlan_1 proxy_arp enable Command create ipif RG 10 1 1 1 8 vlan_1 proxy_arp enable Success DGS 3627 5 config ipif Purpose Used to con...

Page 170: ...dress to this interface This address should define a host address and a network prefix length Multiple IPv6 addresses can be configured for a single IP interface Ex 3ffe 501 ffff 100 1 64 The 64 repre...

Page 171: ...se Used to delete the configuration of an IP interface on the Switch Syntax delete ipif ipif_name 12 ipv6address ipv6networkaddr all Description This command will delete the configuration of an IP int...

Page 172: ...ield will have two displays FALSE denotes that the IP interface is a primary IP interface while TRUE denotes a secondary IP interface enable ipif_ipv6_link_local_auto Purpose Used to enable the autoco...

Page 173: ...nterfaces currently configured on the switch Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the IP interface IPv6 link local settings DGS 3627...

Page 174: ...erval value 4 1800 config ipv6 nd ra prefix_option ipif ipif_name 12 ipv6networkaddr preferred_life_time uint 0 4294967295 valid_life_time uint 0 4294967295 on_link_flag enable disable autonomus_flag...

Page 175: ...P interface previously entered dynamic Enter this command to remove all dynamically configured neighbor devices from being an IPv6 neighbor of the IP interface previously entered all Enter this parame...

Page 176: ...e_time value 0 9000 reachable_time value 0 3600000 retrans_time uint 0 4294967295 hop_limit value 0 255 managed_flag enable disable other_config_flag enable disable min_rtr_adv_interval value 3 1350 m...

Page 177: ...ernate configuration flag When enabled this will trigger the router to use a stateful autoconfiguration process to get configuration information that is not address information yet is important to the...

Page 178: ...states the time that this prefix is advertised as being preferred on the link local network when using stateless address configuration The user may configure a time between 0 and 4294967295 milliseco...

Page 179: ...me between 0 and 4294967295 milliseconds Very fast intervals represented by a low number are not recommended for this field Restrictions Only Administrator and Operator level users can issue this comm...

Page 180: ...DGS 3627 5 show ipv6 nd Command show ipv6 nd Interface Name System Hop Limit 64 NS Retransmit Time 0 ms Router Advertisement Disabled RA Max Router AdvInterval 600 s RA Min Router AdvInterval 198 s R...

Page 181: ...t or deny traffic from these specific sources In IGMPv2 Membership reports could contain only one multicast group whereas in v3 these reports can contain multiple multicast groups Leaving a multicast...

Page 182: ...configure the IGMPv2 for all IP interfaces DGS 3627 5 config igmp all version 2 Command config igmp all version 2 Success DGS 3627 5 show igmp Purpose Used to display the IGMP configuration for the S...

Page 183: ...be displayed ipif_name 12 The name of the IP interface of which the IGMP group is a member Restrictions None Example usage To display IGMP group table DGS 3627 5 show igmp group Command show igmp gro...

Page 184: ...n_name 32 add delete portlist config router_ports_forbidden vlan_name 32 add delete portlist enable igmp_snooping forward_mcrouter_only show igmp_snooping vlan vlan_name 32 disable igmp_snooping forwa...

Page 185: ...can configure it but it will not take effect state enable disable Allows you to enable or disable IGMP snooping for the specified VLAN fast_leave enable disable This parameter allows the user to enabl...

Page 186: ...ows robustness variable x query interval 1 x query response interval Other querier present interval Amount of time that must pass before a multicast router decides that there is no longer another mult...

Page 187: ...an issue this command Example usage To set up static router ports DGS 3627 5 config router_ports default add 1 10 Command config router_ports default add 1 10 Success DGS 3627 5 config router_ports_fo...

Page 188: ...ions Only Administrator and Operator level users can issue this command Example usage To enable IGMP snooping on the Switch DGS 3627 5 enable igmp_snooping Command enable igmp_snooping Success DGS 362...

Page 189: ..._snooping vlan vlan_name 32 Description This command will display the current IGMP snooping configuration on the Switch Parameters vlan_name 32 The name of the VLAN for which to view the IGMP snooping...

Page 190: ...ID default 1 Member Ports 1 1 1 2 Filter Mode INCLUDE Source Group 10 0 0 2 225 0 0 2 VLAN Name VID default 1 Member Ports 1 3 Filter Mode EXCLUDE Source Group NULL 225 0 0 5 VLAN Name VID default 1 M...

Page 191: ...nooping forwarding table information Restrictions None Example usage To view the IGMP snooping forwarding table for VLAN Marcello DGS 3627 5 show igmp_snooping forwarding vlan Marcello Command show ig...

Page 192: ...which IGMP snooping is to be configured This name may be up to 32 characters in length member_port portlist Enter a port or list of ports to be added to the multicast VLAN Member ports will become the...

Page 193: ...unting DGS 3627 5 delete igmp_snooping multicast_vlan accounting Command delete igmp_snooping multicast_vlan accounting Success DGS 3627 5 show igmp_snooping multicast_vlan Purpose Used to display the...

Page 194: ...his parameter to delete a multicast address or list of multicast addresses to this multicast VLAN as defined by a range This range was created using the limited multicast address commands all Enter th...

Page 195: ...Ethernet Managed Switch CLI Manual 192 DGS 3627 5 show igmp_snooping multicast_vlan_group accounting Command snow igmp_snooping multicast_vlan_group accounting Multicast VLAN accounting No Name From...

Page 196: ...s are distinguished by a multicast destination address located in the IPv6 header and a multicast address in the Multicast Listener Query Message MLDv2 has three types of messages General Query Multic...

Page 197: ...all multicast traffic to any IP router Restrictions Only Administrator and Operator level users can issue this command Example usage To enable MLD snooping globally on the Switch DGS 3627 5 enable ml...

Page 198: ...listener report The user may specify a time between 1 and 16711450 with a default setting of 260 seconds Note This parameter is only used to display router timeout information Users can configure it b...

Page 199: ...default add 1 10 Command config mld_snooping mrouter_ports default add 1 10 Success DGS 3627 5 config mld_snooping mrouter_ports_forbidden Purpose Used to configure ports on the Switch as forbidden r...

Page 200: ...amount of time to be set between group specific query messages This interval may be reduced to lower the amount of time it takes a router to detect the loss of a last listener group The user may set...

Page 201: ...s specified the Switch will display all current MLD snooping configurations Restrictions None Example usage To display the MLD snooping settings DGS 3627 5 show mld_snooping Command show mld_snooping...

Page 202: ...up configurations If no parameter is specified the Switch will display all current MLD snooping group configurations Restrictions None Example usage To display the MLD snooping group DGS 3627 5 show m...

Page 203: ...forbidden If no parameter is specified the Switch will display all currently configured router ports on the Switch Restrictions None Example usage To display the MLD snooping multicast router port set...

Page 204: ...le usage To view the MLD snooping forwarding table for VLAN accounting DGS 3627 5 show mld_snooping forwarding vlan accounting Command show mld_snooping forwarding vlan accounting VLAN Name accounting...

Page 205: ...p_relay ipif ipif_name 12 enable dhcp_relay disable dhcp_relay Each command is listed in detail in the following sections config dhcp_relay Purpose Used to configure the DHCP BOOTP relay feature of th...

Page 206: ...3627 5 config dhcp_relay add ipif System 10 58 44 6 Command config dhcp_relay add ipif System 10 58 44 6 Success DGS 3627 5 config dhcp_relay delete ipif Purpose Used to delete one or all IP destinat...

Page 207: ...ected to the DHCP client that sent the DHCP request Parameters enable Choose this parameter to enable the addition of option 82 information to a packet disable Choose disable the relay agent from inse...

Page 208: ...e option 82 field already exists in the packet received from the DHCP client keep The option 82 field will be retained if the option 82 field already exists in the packet received from the DHCP client...

Page 209: ...ipif System Command show dhcp_relay ipif System DHCP Bootp Relay Status Disabled DHCP Bootp Hops Count Limit 4 DHCP Bootp Relay Time Threshold 0 DHCP Relay Agent Information Option 82 State Disabled...

Page 210: ...unction on the Switch Syntax disable dhcp_relay Description This command is used to disable the DHCP BOOTP relay function on the Switch Parameters None Restrictions Only Administrator and Operator lev...

Page 211: ...er or the IP address of the default route to another device on the network Users also have the ability to bind IP addresses within the DHCP pool to specific MAC addresses in order to keep consistent t...

Page 212: ...racters to identify the pool to be created with this command Restrictions Only Administrator and Operator level users can issue this command Example usage To create the DHCP pool Floor2 DGS 3627 5 cre...

Page 213: ...set Ethernet will denote that the manually bound device is connected directly to the Switch while the IEEE802 denotes that the manually bound device is outside the local network of the Switch Restric...

Page 214: ...strictions None Example usage To display the manual binding entries of the DHCP pool accounting DGS 3627 5 show dhcp pool manual_binding accounting Command show dhcp pool manual_binding accounting Poo...

Page 215: ...ng information on the Switch DGS 3627 5 clear dhcp_binding Command clear dhcp_binding Success DGS 3627 5 config dhcp ping_packets Purpose Used to set the number of ping packets that will be sent out t...

Page 216: ...rs can issue this command Example usage To configure the Ping timeout DGS 3627 5 config dhcp ping_timeout 500 Command config dhcp ping_timeout 500 Success DGS 3627 5 config dhcp pool boot_file Purpose...

Page 217: ...hcp pool default_router accounting 10 245 32 1 Command config dhcp pool default_router accounting 10 245 32 1 Success DGS 3627 5 config dhcp pool dns_server_address Purpose Used to configure the IP ad...

Page 218: ...d_link com Success DGS 3627 5 config dhcp pool lease Purpose Used to configure the lease time of DCHP clients within a DHCP pool Syntax config dhcp pool lease pool_name 12 day 0 365 hour 0 23 minute...

Page 219: ...command Example usage To configure the Net BIOS name server for the DHCP pool DGS 3627 5 config dhcp pool netbios_name_server accounting 10 98 254 2 Command config dhcp pool netbios_name_server accoun...

Page 220: ...ess IP address and netmask that is the address of this DHCP pool The address and mask information can be specified using the traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2...

Page 221: ...erver will enable and disable the DHCP server function without affecting configurations Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To...

Page 222: ...p excluded_address begin_address Purpose Used to configure IP addresses that will be excluded from the DHCP Server pool of addresses Syntax create dhcp excluded_address begin_address ipaddr end_addres...

Page 223: ...ddresses to be deleted from the excluded IP address list from the DHCP pool end_address ipaddr Enter the ending IP address of the range of IP addresses to be deleted from the excluded IP address list...

Page 224: ...he DHCP pool information Entering the command without the pool name will display all DHCP pool information on the switch Parameters pool_name 12 Enter the name of the DHCP pool for which to view DHCP...

Page 225: ...packets will be filtered from a specific port except those that meet the Server IP Address and Client MAC Address binding Command Parameters config filter dhcp_server add permit server_ip ipaddr clien...

Page 226: ...onfig filter dhcp_server add permit server_ip 10 1 1 1 client_mac 00 00 00 00 00 01 ports 1 1 1 3 Success DGS 3627 5 To configure the filter DHCP server state DGS 3627 5 config filter dhcp_server port...

Page 227: ...lter dhcp_server trap_log disable Command config filter dhcp_server trap_log disable Success DGS 3627 5 config filter dhcp_server illegal_server_log_suppress_duration Purpose This function is used to...

Page 228: ...r 3 Gigabit Ethernet Managed Switch CLI Manual 225 DGS 3627 5 config filter dhcp_server illegal_server_log_suppress_duration 30min Command config filter dhcp_server illegal_server_log_suppress_duratio...

Page 229: ...ing sections config limited multicast address Purpose Used to configure limited IP multicast address range Syntax config limited multicast address portlist from multicast_ipaddr to multicast_ipaddr ac...

Page 230: ...rts The beginning and end of the port list range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 Restrictions Only Administrator and Operator level users ca...

Page 231: ...ddresses that will be specified under a given name Once created this range name can be added to the config limited_multicast_addr command therefore setting a list of multicast addresses that will be p...

Page 232: ...S 3627 5 delete multicast_range accounting Command create multicast_range accounting Success DGS 3627 5 show multicast_range Purpose Used to display a range of multicast IP addresses that are specifie...

Page 233: ...e range_name 32 Enter a name of up to 32 alphanumeric characters that will be used to identify this multicast range to be configured delete Use this parameter to delete ports from the multicast range...

Page 234: ...address range on a per port basis Parameters ports portlist Enter a port or list of ports to be displayed The beginning and end of the port list range are separated by a dash Non contiguous portlist...

Page 235: ...meout sec 1 65535 max_req value 1 10 reauth_period sec 1 65535 enable_reauth enable disable config 802 1x init port_based ports portlist all mac_based ports portlist all mac_address macaddr config 802...

Page 236: ...Description The disable 802 1x command is used to disable the 802 1X Network Access control server application on the Switch To select between port based or MAC based use the config 802 1x auth_mode...

Page 237: ...at can be set on the Switch Authenticator and None AdminCtlDir Both In Shows whether a controlled Port that is unauthorized will exert control over communication in both receiving and transmitting dir...

Page 238: ...AC based Network Access Control server application on the Switch Parameters ports portlist Specifies a port or range of ports to be viewed The beginning and end of the port list range are separated by...

Page 239: ...horized 1 12 ForceAuth Success Authorized 1 13 ForceAuth Success Authorized 1 14 ForceAuth Success Authorized 1 15 ForceAuth Success Authorized 1 16 ForceAuth Success Authorized 1 17 ForceAuth Success...

Page 240: ...rts Purpose Used to configure the 802 1X capability of a range of ports on the Switch Syntax config 802 1x capability ports portlist all authenticator none Description The config 802 1x command has tw...

Page 241: ...direction port_control Configures the administrative control over the authentication process for the range of ports The user has the following authentication options force_auth Forces the Authenticato...

Page 242: ...tch to initialize 802 1X functions based only on the port number Ports approved for initialization can then be specified mac_based This instructs the Switch to initialize 802 1X functions based only o...

Page 243: ...level users can issue this command Example usage To configure 802 1X reauthentication for ports 1 to 11 DGS 3627 5 config 802 1x reauth port_based ports 1 11 Command config 802 1x reauth port_based po...

Page 244: ...y Administrator level users can issue this command Example usage To delete previously configured RADIUS server communication settings DGS 3627 5 config radius delete 1 Command config radius delete 1 S...

Page 245: ...Syntax show radius Description The show radius command is used to display the current RADIUS configurations on the Switch Parameters None Restrictions None Example usage To display RADIUS settings on...

Page 246: ...sAccClientTimeouts 0 radiusAccClientUnknownTypes 0 radiusAccClientPacketsDropped 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh show auth_client Purpose Used to display the current RA...

Page 247: ...stics of the Switch on a per port basis Parameters ports portlist Specifies a port or range of ports to be displayed The beginning and end of the port list range are separated by a dash Non contiguous...

Page 248: ...authentication session statistics for port 1 DGS 3627 5 show auth_session_statistics ports 1 Command show auth_session_statistics ports 1 Port number 1 1 SessionOctetsRx 0 SessionOctetsTx 0 SessionFra...

Page 249: ...reate 802 1x user username 15 Description The create 802 1x user command is used to create new 802 1X users Parameters username 15 A username of up to 15 alphanumeric characters in length Restrictions...

Page 250: ...user ctsnow Success DGS 3627 5 create 802 1x guest_vlan Purpose Used to configure a pre existing VLAN as a 802 1X Guest VLAN Syntax create 802 1x guest_vlan vlan_name 32 Description The create 802 1x...

Page 251: ...re as enabled or disabled for the 802 1X Guest VLAN Restrictions Only Administrator level users can issue this command This VLAN is only supported for port based and MAC based and must have already be...

Page 252: ...X software yet would still like limited access rights on the Switch Parameters None Restrictions Only Administrator level users can issue this command This VLAN is only supported for port based and MA...

Page 253: ...1 For each rule entered into the access profile you can assign an access_id that both identifies the rule and establishes a priority within the list of rules A lower access_id gives the rule a higher...

Page 254: ...fffffff packet_content_mask offset 0 15 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset 16 31 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffff...

Page 255: ...FFFFFFFFF destination_mac macmask Specifies a MAC address mask for the destination MAC address in the following format 000000000000 FFFFFFFFFFFF 802 1p Specifies that the Switch will examine the 802 1...

Page 256: ...ge are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 permit Specifies that packets that match the access profile are permitted to be forwarded by the Switch p...

Page 257: ...stination_ip_mask netmask dscp icmp type code igmp type tcp src_port_mask hex 0x0 0xffff dst_port_mask hex 0x0 0xffff flag_mask all urg ack psh rst syn fin udp src_port_mask hex 0x0 0xffff dst_port_ma...

Page 258: ...l identify the protocol to be discovered in the packet header user_define hex 0x0 0xffffffff Enter a hexidecimal value that will identify the user defined protocol to be discovered in the packet heade...

Page 259: ...n each packet igmp Specifies that the access profile will apply to packets that have this IGMP type tcp Specifies that the Switch will examine each frames Transport Control Protocol TCP field src_port...

Page 260: ...erefore will not count packets This command is optional and the default setting is disabled mirror Selecting mirror specifies that packets that match the access profile are mirrored to a port defined...

Page 261: ...l users can issue this command Example usage To create an Access profile by packet content mask DGS 3627 5 create access_profile packet_content_mask offset_chunk_1 1 0xFFFFFFFF profile_id 3 Command cr...

Page 262: ...ority previously set in the Switch which is used to determine the CoS queue to which packets are forwarded to Once this field is specified packets accepted by the Switch that match this priority are f...

Page 263: ...ax create access_profile profile_id value 1 14 ipv6 class flowlabel source_ipv6_mask ipv6mask destination_ipv6_mask ipv6mask Description This command is used to identify various parts of IPv6 packets...

Page 264: ...port portlist all permit priority value 0 7 replace_priority rx_rate no_limit value 1 156249 counter enable disable mirror deny time_range range_name 32 delete access_id value 1 128 Description This...

Page 265: ...ter this parameter to re write the 802 1p default priority of a packet to the value entered in the Priority field which meets the criteria specified previously in this command before forwarding it on...

Page 266: ...delete all created access profiles on the Switch Restrictions Only Administrator and Operator level users can issue this command Example usage To delete the access profile with a profile ID of 1 DGS...

Page 267: ...fffff packet_content_mask offset 0 15 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset 16 31 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffff...

Page 268: ...e source port dst_port_mask hex 0x0 0xffff Specifies a UDP port mask for the destination port protocol_id_mask hex 0x0 0xff Specifies that the Switch will examine each frame s Protocol ID field using...

Page 269: ...xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_64 79 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff ipv6 class value 0 255 flowlabel hex 0x0 0xf...

Page 270: ...dp Specifies that the Switch will examine the User Datagram Protocol UDP field within each packet src_port value 0 65535 Specifies that the access profile will apply only to packets that have this UDP...

Page 271: ...times when this access rule will be enabled or disabled on the Switch delete access_id value 1 100 Use this to remove a previously created access rule in a profile ID Restrictions Only Administrator a...

Page 272: ...meters profile_id value 1 5 Enter an integer between 1 and 5 that is used to identify the CPU access profile to be deleted with this command This value is assigned to the access profile when it is cre...

Page 273: ...rule to determine a period of time when an access profile and an associated rule are to be enabled on the Switch Remember this time range can only be applied to one period of time and also it is based...

Page 274: ...cess DGS 3627 5 show time_range Purpose To view the current configurations of the time range set on the Switch Syntax show time_range Description This command is used to display the currently configur...

Page 275: ...he configured CBS and EBS A packet flow that does not reach the CBS is marked green if it exceeds the CBS but not the EBS its marked yellow and if it exceeds the EBS its marked red CBS Committed Burst...

Page 276: ...employ the Two Rate Three Color Mode and set the following parameters to determine the color rate of the IP packet flow cir value 1 156249 The Committed Information Rate can be set between 1 and 1562...

Page 277: ...in the yellow flow replace_dscp value 0 63 Packets that are in the yellow flow may have their DSCP field rewritten using this parameter and entering the DSCP value to replace drop Enter this parameter...

Page 278: ...r the profile ID of the ACL entry to be viewed for flow metering access_id value 1 128 Enter the access ID corresponding to the ACL entry to be viewed Restrictions None Example usage To enable the sFl...

Page 279: ...n the Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameters enable sflow disable sflow create sflow analyzer_server value 1 4 owner name...

Page 280: ...tch Syntax disable sflow Description This command along with the enable sflow command is used to disable the sFlow function on the switch without altering configurations Parameters None Restrictions O...

Page 281: ...low datagrams will be sent The default setting for this field is 6343 Only one Analyzer Server address can be set for one UDP Collector Port maxdatagramsize value 300 1400 This field will specify the...

Page 282: ...is field is 6343 Only one Analyzer Server address can be set for one UDP Collector Port maxdatagramsize value 300 1400 This field will specify the maximum number of data bytes that can be packaged int...

Page 283: ...w sflow analyzer_server Description This command will display the settings for a previously created sFlow analyzer server Parameters None Restrictions Only Administrator and Operator level users can i...

Page 284: ...ers every time this interval reaches 0 and this information will be included in the sFlow datagrams that will be sent to the sFlow Analyzer for examination Choosing the disabled parameter will disable...

Page 285: ...3627 5 config sflow counter_poller ports 1 interval 50 Command create sflow counter_poller ports 1 interval 50 Success DGS 3627 5 delete sflow counter_poller ports Purpose Used to delete the counter...

Page 286: ...der to be extracted Parameters portlist Use this parameter to set the ports that will be mined for sFlow information all Use this parameter to set all ports to be mined for sFlow information analyzer_...

Page 287: ...value 0 65535 Users can set the rate of packet sampling here The value entered here is to be multiplied by 256 to get the percentage of packets sampled For example if the user enters a figure of 20 in...

Page 288: ...can issue this command Example usage To delete the sFlow flow sampler settings DGS 3627 5 delete sflow flow sampler ports all Command delete sflow flow sampler ports all Success DGS 3627 5 show sflow...

Page 289: ...Syntax show sflow Description This command will allow the user to display the Switch s sFlow settings Parameters None Restrictions Only Administrator and Operator level users can issue this command Ex...

Page 290: ..._date 1 31 e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 show time Each command is listed in detail in the following sections config sntp Purpose Used to setup SNTP service Syntax confi...

Page 291: ...play SNTP configuration information DGS 3627 5 show sntp Command show sntp Current Time Source System Clock SNTP Disabled SNTP Primary Server 10 1 1 1 SNTP Secondary Server 10 1 1 2 SNTP Poll Interval...

Page 292: ...yntax config time date ddmthyyyy time hh mm ss Description This will configure the system time and date settings These will be overridden if SNTP is configured and enabled Parameters date Express the...

Page 293: ...evel users can issue this command Example usage To configure time zone settings DGS 3627 5 config time_zone operator hour 2 min 30 Command config time_zone operator hour 2 min 30 Success DGS 3627 5 co...

Page 294: ...the day of the week in which DST begins start_day sun sat The day of the week in which DST begins expressed using a three character abbreviation sun mon tue wed thu fri sat e_day Configure the day of...

Page 295: ...current time settings and status Syntax show time Description This will display system time and date configuration as well as display current system time Parameters None Restrictions None Example usa...

Page 296: ...deploy the policy route the administrator must enable this function here as well state enable disable Once completed the Switch will identify the device to be given a policy route using the access pro...

Page 297: ...be associated with this policy route access_id value 1 128 Enter the previously created access ID that has been created in conjunction with the access profile ID mentioned previously that is to be as...

Page 298: ...policy_route Purpose Used to display policy route settings Syntax show policy_route Description This command is used to display policy route settings Parameters None Restrictions None Example usage To...

Page 299: ...s chosen the Switch will minimize the IP packet bandwidth received by the Switch by adjusting the bandwidth for all IP packets by setting a acceptable bandwidth for both unicast and broadcast IP packe...

Page 300: ...as been activated by a high CPU utilization rate mode Used to select the type of Safeguard Engine to be activated by the Switch when the CPU utilization reaches a high rate The user may select strict...

Page 301: ...Switch CLI Manual 298 DGS 3627 5 show safeguard_engine Command show safeguard_engine Safeguard engine state Disabled Safeguard engine current status normal mode CPU utilization information Rising 30 F...

Page 302: ...ts that will be configured for traffic segmentation The beginning and end of the port list range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 forward_lis...

Page 303: ...d end of the port list range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 Restrictions The port lists for segmentation and the forward list must be on th...

Page 304: ...ap log config gratuitous_arp send periodically ipif ipif_name 12 interval value 0 65535 show gratuitous_arp ipif ipif_name 12 Each command is listed in detail in the following sections create arpentry...

Page 305: ...121 125 from the ARP table DGS 3627 5 delete arpentry 10 48 74 121 Command delete arpentry 10 48 74 121 Success DGS 3627 5 config arp_aging time Purpose Used to configure the age out timer for ARP ta...

Page 306: ...627 5 show arpentry Command show arpentry ARP Aging Time 20 Interface IP Address MAC Address Type System 10 0 0 0 FF FF FF FF FF FF Local Broadcast System 10 44 8 253 00 44 08 FD 09 09 Dynamic System...

Page 307: ...config arpentry 10 48 74 12 00 50 BA 00 07 36 Success DGS 3627 5 config gratuitous_arp send ipif_status_up Purpose Used to enable disable the sending of gratuitous ARP requests while the IP interface...

Page 308: ...disable Disable sending of gratuitous ARP when a duplicate IP is detected Restrictions Only Administrator and Operator level users can issue this command Example Usage To enable send a gratuitous ARP...

Page 309: ...e this command Example usage To enable system interface s gratuitous ARP log and trap DGS 3627 5 enable gratuitous_arp System trap log Command enable gratuitous_arp System trap log Success DGS 3627 5...

Page 310: ...this command Example usage To configure gratuitous ARP interval to 5 for IPIF System DGS 3627 5 config gratuitous_arp send periodically ipif System interval 5 Command config gratuitous_arp send period...

Page 311: ...re IP interface on the Switch VRRP routers within the same VRRP group must be consistent in configuration settings for this protocol to function optimally The VRRP commands in the Command Line Interfa...

Page 312: ...ch Parameters ping Adding this parameter to the command will stop the virtual IP address from being pinged from other host end nodes to verify connectivity This will only disable the ping connectivity...

Page 313: ...he highest physical IP address as the Master router The default value is 100 The value of 255 is reserved for the router that owns the IP address associated with the virtual router and is therefore se...

Page 314: ...IP interface must be assigned to a VLAN on the Switch state enable disable Used to enable and disable the VRRP router on the Switch priority int 1 254 Enter a value between 1 and 254 to indicate the...

Page 315: ...al IP address entered above The default is disable Restrictions Only Administrator and Operator level users can issue this command Example usage To configure a VRRP entry DGS 3627 5 config vrrp vrid 1...

Page 316: ...try DGS 3627 5 config vrrp ipif Zira authtype simple authdata tomato Command config vrrp ipif Zira authtype simple authdata tomato Success DGS 3627 5 show vrrp Purpose To view the VRRP settings set on...

Page 317: ...Up Time 2754089 centi secs Total Entries 1 DGS 3627 5 delete vrrp Purpose Used to delete a VRRP entry from the switch Syntax delete vrrp vrid vrid 1 255 ipif ipif_name 12 Description This command is u...

Page 318: ...mary secondly backup or multipath If there has been a primary or backup route set to one destination users can not create a multipath route to the same destination Similiarly if there has been a multi...

Page 319: ...this parameter to delete a default static IP route entry from the Switch s IP routing table network_address IP address and netmask of the IP interface that is the destination of the route The address...

Page 320: ...not be active rip Displays the current rip IP routing table The entry in the table may or may not be active ospf Displyas the current ospf IP routing table The entry in the table may or may not be act...

Page 321: ...c Default Route fails the Backup Route will support the entry Please take note that the Primary and Backup entries cannot have the same Gateway Restrictions Only Administrator and Operator level users...

Page 322: ...and will display the Switch s current static IPv6 routing table or a specific IPv6 entry Parameters ipv6networkaddr IPV6 address and netmask of the IP interface that is the destination of the route Sp...

Page 323: ...e dst ospf src static rip local mettype 1 2 metric value 0 16777214 Description This command will redistribute routing information between the OSPF and RIP routing protocols to all routers on the netw...

Page 324: ...device the user may set the following parameters for that source device from the following options all Specifies both internal an external internal Specifies the internal protocol of the source device...

Page 325: ...bute routing information between the OSPF and RIP routing protocols to all routers on the network that are running OSPF or RIP Routing information entered into the Static Routing Table on the local sw...

Page 326: ...mation entered into the Static Routing Table on the local switch is also redistributed Parameters src Allows the selection of the protocol of the source device as being either local static or OSPF Aft...

Page 327: ...oute redistribution settings DGS 3627 5 delete route redistribute dst rip src ospf Command delete route redistribute dst rip src ospf Success DGS 3627 5 show route redistribute Purpose Used to display...

Page 328: ...NS relay function on the Switch Parameters primary Indicates that the IP address below is the address of the primary DNS server secondary Indicates that the IP address below is the address of the seco...

Page 329: ...Relay on the Switch Parameters cache This parameter will allow the user to enable the cache lookup for the DNS rely on the Switch static This parameter will allow the user to enable the static table...

Page 330: ...can issue this command Example usage To disable status of DNS relay DGS 3627 5 disable dnsr Command disable dnsr Success DGS 3627 5 Example usage To disable cache lookup for DNS relay DGS 3627 5 disab...

Page 331: ...GS 3627 5 show dnsr Command show dnsr DNSR Status Disabled Primary Name Server 0 0 0 0 Secondary Name Server 0 0 0 0 DNSR Cache Status Disabled DNSR Static Table Status Disabled DNS Relay Static Table...

Page 332: ...on the Switch password 16 Allows the specification of a case sensitive password tx_mode Determines how received RIP packets will be interpreted as RIP version V1 only V2 Only or V1 Compatible V1 and...

Page 333: ...nd is used to enable RIP on the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example Usage To enable RIP DGS 3627 5 enable rip Command enable...

Page 334: ...ommand will display the global RIP configuration for the Switch Restrictions None Example usage To display RIP configuration DGS 3627 5 show rip Command show rip RIP Global State Disabled RIP Interfac...

Page 335: ...ipif ipif_name 12 Each command is listed in detail in the following sections config dvmrp Purpose Used to configure DVMRP on the Switch Syntax config dvmrp ipif ipif_name 12 all metric value 1 31 pro...

Page 336: ...le dvmrp Description This command in combination with the disable dvmrp command below is used to enable and disable DVMRP on the Switch Parameters None Restrictions Only Administrator and Operator lev...

Page 337: ...routing_table DVMRP Routing Table Source Address Netmask Upstream Neighbor Metric Learned Interface Expire 10 0 0 0 8 10 90 90 90 1 Local System 20 0 0 0 8 20 1 1 1 2 Dynamic ip2 117 30 0 0 0 8 30 1 1...

Page 338: ...table Parameters ipif_name 12 The name of the IP interface for which to display the current DVMRP routing next hop table ipaddress network_address The IP address and netmask of the destination The ad...

Page 339: ...current DVMRP configurations Parameters ipif_name 12 This parameter will allow the user to display DVMRP settings for a specific IP interface Restrictions None Example usage To show DVMRP configuratio...

Page 340: ...ters these routers can only join or be pruned from a multicast group through the use of Join Prune Messages exchanged between the DR and RP Join Prune Messages are packets relayed between routers that...

Page 341: ...that there are no multicast members on their respective branches PIM DM then removes these branches prunes them from the multicast delivery tree Because a member of a pruned branch of a multicast del...

Page 342: ...rator and Operator level users can issue this command Example usage To enable PIM as previously configured on the Switch DGS 3627 5 enable pim Command enable pim Success DGS 3627 5 disable pim Purpose...

Page 343: ...in Prune packets stating which multicast groups are to join the PIM enabled network and which are to be removed or pruned from that group The user may state an interval time between 1 and 18724 second...

Page 344: ...is group Restrictions Only Administrator and Operator level users can issue this command Example usage To create an IP interface to become a Candidate RP on the Switch DGS 3627 5 create pim crp group...

Page 345: ...y yet if there is a tie for the highest priority the router having the higher IP address will become the RP The user may set a priority between 0 and 255 with a default setting of 192 wildcard_prefix_...

Page 346: ...M SM configurations only Parameters group network_address Enter the multicast group IP address used in identifying the Rendezvous Point RP This address must be a class D address Restrictions Only Admi...

Page 347: ...e shortest path tree This command is for PIM SM configurations only Parameters never Using this command will configure the router to always receive multicast data from the shared tree immediately Usin...

Page 348: ...usage To view the CRP settings DGS 3627 5 show pim crp Command show pim crp PIM Candidate RP Table C RP Holdtime 150 C RP Priority 2 C RP Wildcard Prefix Count 0 Group Interface 224 0 0 0 4 Zira Tota...

Page 349: ...pif settings of this command See the examples below for a better understanding bootstrap_period value 1 255 Enter a time period between 1 and 255 to determine the interval the Switch will send out Boo...

Page 350: ...SRs Restrictions None Example usage To view the CBSR settings DGS 3627 5 show pim cbsr Command show pim cbsr PIM Candidate BSR Table C BSR Hash Mask Len 30 C BSR Bootstrap Period 2 Interface IP Addres...

Page 351: ...how pim neighbor ipif ipif_name12 ipaddress network_address Description This command will display the PIM neighbor table for the Switch Parameters ipif_name 12 Enter the name of the IP interface for w...

Page 352: ...8 45 192 32 0 0 0 0 SPT S G 229 55 150 208 10 50 93 100 32 0 0 0 0 SPT S G 229 55 150 208 10 51 16 1 32 0 0 0 0 SPT S G 229 55 150 208 10 59 23 10 32 0 0 0 0 SPT S G 229 55 150 208 31 43 51 81 32 0 0...

Page 353: ...th the data in Registered packets Restrictions Only Administrator and Operator level users can issue this command Example usage To delete RPs that the Switch will send Register packets to and create c...

Page 354: ...t Ethernet Managed Switch CLI Manual 351 DGS 3627 5 show pim register_checksum_include_data_rp_list Command show pim register_checksum_include_data_rp_list PIM Register Checksum Include Data RP Addres...

Page 355: ...received the source IP address of the packet is used to do the RPF check When an RPF network is configured for network and the source IP address of the received IP multicast packet matches this networ...

Page 356: ...ic route entry DGS 3627 5 delete ipmroute 10 0 0 9 8 Command delete ipmroute 10 0 0 9 8 Success DGS 3627 5 show ipmroute Purpose Used to display an IP multicast static route configuration entry Syntax...

Page 357: ...traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 Restrictions None Example usage To display the current IP multicast forwarding cache DGS 3627 5 show ipmc cache Command...

Page 358: ...only those entries that are related to the DVMRP protocol pim Specifying this parameter will display only those entries that are related to the PIM protocol Restrictions None Usage example To display...

Page 359: ...ameters key_id 1 255 The MD5 key ID The user may enter a key ranging from 1 to 255 password An MD5 password of up to 16 bytes Restrictions Only Administrator and Operator level users can issue this co...

Page 360: ...Only Administrator and Operator level users can issue this command Usage example The delete an entry in the MD5 key table DGS 3627 5 delete md5 key 1 Command delete md5 key 1 Success DGS 3627 5 show...

Page 361: ...dvertise enable disable delete ospf aggregation area_id network_address lsdb_type summary nssa_ext config ospf aggregation area_id network_address lsdb_type summary advertise enable disable nssa_ext a...

Page 362: ...ble ospf Purpose Used to enable OSPF on the Switch Syntax enable ospf Description This command in combination with the disable ospf command below is used to enable and disable OSPF on the Switch Param...

Page 363: ...Area settings OSPF Virtual Interface settings OSPF Area Aggregation settings OSPF Host Route settings Parameters None Restrictions None Example usage To show OSPF state DGS 3627 5 show ospf Command s...

Page 364: ...as an NSSA Not So Stubby Area area translate enable disable Enable this parameter to translate Type 7 LSAs into Type 5 LSAs so that they can be distributed outside of the NSSA The default is Disabled...

Page 365: ...area ID The user may enter a 32 bit number in the form of an IP address xxx xxx xxx xxx that uniquely identifies the OSPF area in the OSPF domain type The OSPF area mode of operation the user has thre...

Page 366: ...a Area ID Type Stub Import Summary LSA Stub Default Cost Translate 0 0 0 0 Normal None None None Total Entries 1 DGS 3627 5 create ospf host_route Purpose Used to configure OSPF host route settings Sy...

Page 367: ...mmand is used to configure an OSPF host route settings Parameters ipaddr The IP address of the host area_id A 32 bit number in the form of an IP address xxx xxx xxx xxx that uniquely identifies the OS...

Page 368: ...orm of an IP address that uniquely identifies the network that corresponds to the OSPF Area lsdb_type The type of address aggregation The user has two choices for the LSDB type summary Choosing this L...

Page 369: ...ccess DGS 3627 5 config ospf aggregation Purpose Used to configure the OSPF area aggregation settings Syntax config ospf aggregation area_id network_address lsdb_type summary advertise enable disable...

Page 370: ...ion settings DGS 3627 5 show ospf aggregation Command show ospf aggregation OSPF Area Aggregation Settings Area ID Aggregated LSDB Advertise Network Address Type 10 1 1 1 10 0 0 0 8 Summary Enabled 24...

Page 371: ...01 1 0 0 0 RTRLink 50 48 75 73 50 48 75 73 0x80000001 1 0 0 0 Summary 50 48 75 73 40 0 0 0 8 1 0x80000001 1 0 0 0 Summary 50 48 75 73 50 0 0 0 8 1 0x80000001 ASExtLink 50 48 75 73 1 2 0 0 16 20 0x8000...

Page 372: ...ion none simple password 8 md5 key_id 1 255 metric value 1 65535 state enable disable passive enable disable Description This command is used to configure the OSPF interface settings Parameters ipif_n...

Page 373: ...will not advertise to any other routers than those within its OSPF intranet When this field is disabled it denotes an active interface The default setting is disable active Restrictions Only Administr...

Page 374: ...se Used to display the current OSPF settings of all the OSPF interfaces on the Switch Syntax show ospf all Description This command will display the current OSPF settings for all OSPF interfaces on th...

Page 375: ...ter before the selected area declares that router down An interval between 1 and 65535 seconds can be specified The Dead Interval must be evenly divisible by the Hello Interval authentication Enter th...

Page 376: ...parameter will set a simple authentication which includes a case sensitive password of no more than 8 characters md5 key_id 1 255 Choosing this parameter will set authentication based on md5 encryptio...

Page 377: ...he form of an IP address xxx xxx xxx xxx that uniquely identifies the OSPF area in the OSPF domain neighbor_id The OSPF router ID for the remote area This is a 32 bit number in the form of an IP addre...

Page 378: ...always be the first choice for routing purposes and the next most reliable path is Static due to the fact that its has the next lowest value To set a higher reliability for a route change its value to...

Page 379: ...e preference value for the OSPF AS External route type 1 route ospfExtT2 Choose this parameter to configure the preference value for the AS External route type 2 route value 1 999 Enter a value betwee...

Page 380: ...fExtT2 Enter this parameter to view the route preference settings for the OSPF AS External route type 2 Entering this command with no parameters will display the route preference for all routes Restri...

Page 381: ...ble notification on the Switch Syntax enable mac_notification Description This command is used to enable MAC address notification without changing configuration Parameters None Restrictions Only Admin...

Page 382: ...he Switch s MAC address table notification global settings DGS 3627 5 config mac_notification interval 1 historysize 500 Command config mac_notification interval 1 historysize 500 Success DGS 3627 5 c...

Page 383: ...on Command show mac_notification Global Mac Notification Settings State Enabled Interval 1 History Size 1 DGS 3627 5 show mac_notification ports Purpose Used to display the Switch s MAC address table...

Page 384: ...on ports Port MAC Address Table Notification State 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 9 Disabled 10 Disabled 11 Disabled 12 Disabled 13 Disabled 14...

Page 385: ...password again Please note that if you choose to use Web based Access Control SSL will not be available as the two are mutually exclusive The Web based Access Control WAC commands in the Command Line...

Page 386: ...which users will be placed when authenticated by the Switch or a RADIUS server This VLAN should be pre configured to have limited access rights to web based authenticated users However it cannot be gu...

Page 387: ...s DGS 3627 5 Example usage To configure the WAC ports DGS 3627 5 config wac ports 1 7 state enable Command config wac ports 1 7 state enable Success DGS 3627 5 Example usage To configure the Web based...

Page 388: ...command Example usage To create a WAC user on the Switch DGS 3627 5 create wac user ctsnow vlan Tiberius Command create wac user ctsnow vlan Tiberius Enter a case sensitive new password Enter the new...

Page 389: ...e VLAN this user will be placed in once authenticated if a change in VLANs is desired Restrictions Only Administrator level users can issue this command Example usage To configure a WAC user on the Sw...

Page 390: ...and Web based Access Control VLAN currently set on the Switch Restrictions Only Administrator and Operator level users can issue this command Example usage To display the WAC parameters DGS 3627 5 sh...

Page 391: ...tion When the user is prompted by the Switch to enter usernames and passwords for authentication the Switch contacts the TACACS XTACACS TACACS RADIUS server to verify and the server will respond with...

Page 392: ...enable default method_list_name string 15 all config authen application console telnet ssh http all login enable default method_list_name string 15 show authen application create authen server_group s...

Page 393: ...en_policy Description This command will disable the administrator defined authentication policy for users trying to access the Switch When disabled the Switch will access the local user account databa...

Page 394: ...figure a user defined or default method list of authentication methods for user login Syntax config authen_login default method_list_name string 15 method tacacs xtacacs tacacs radius server_group str...

Page 395: ...igured on the Switch local Adding this parameter will require the user to be authenticated using the local user account database on the Switch none Adding this parameter will require no authentication...

Page 396: ...s local Command config authen_login default method xtacacs tacacs local Success DGS 3627 5 delete authen_login method_list_name Purpose Used to delete a previously configured user defined method list...

Page 397: ...e method list protocols will be queried for authentication when a user attempts to log on to the Switch Priority ranges from 1 highest to 4 lowest Method Name Defines which security protocols are impl...

Page 398: ...l privileges on the Switch Syntax config authen_enable default method_list_name string 15 method tacacs xtacacs tacacs radius server_group string 15 local_enable none Description This command is used...

Page 399: ...ethod list name defined by the user create authen_enable The user may add one or a combination of up to four of the following authentication methods to this method list tacacs Adding this parameter wi...

Page 400: ...or promoting user level privileges to Administrator level privileges Parameters string 15 Enter an alphanumeric string of up to 15 characters to define the given enable method list to delete Restricti...

Page 401: ...ss any function on the Switch Restrictions Only Administrator level users can issue this command Example usage To display all method lists for promoting user level privileges to administrator level pr...

Page 402: ...od list Restrictions Only Administrator level users can issue this command Example usage To configure the default method list for the web interface DGS 3627 5 config authen application http login defa...

Page 403: ...e TACACS protocol xtacacs Enter this parameter if the server host utilizes the XTACACS protocol tacacs Enter this parameter if the server host utilizes the TACACS protocol radius Enter this parameter...

Page 404: ...S protocol xtacacs Enter this parameter if the server host utilizes the XTACACS protocol tacacs Enter this parameter if the server host utilizes the TACACS protocol radius Enter this parameter if the...

Page 405: ...TACACS authentication server host DGS 3627 5 delete authen server_host 10 1 1 121 protocol tacacs Command delete authen server_host 10 1 1 121 protocol tacacs Success DGS 3627 5 show authen server_hos...

Page 406: ...sers can issue this command Example usage To create the server group group_1 DGS 3627 5 create authen server_group group_1 Command create authen server_group group_1 Success DGS 3627 5 config authen s...

Page 407: ...st There are three options tacacs Use this parameter to define the protocol if the server host is using the TACACS authentication protocol xtacacs Use this parameter to define the protocol if the serv...

Page 408: ...ll display all authentication server groups on the Switch Restrictions Only Administrator level users can issue this command Example usage To view authentication server groups currently set on the Swi...

Page 409: ...ttempts the user may try to become authenticated by the Switch before being locked out Restrictions Only Administrator level users can issue this command Example usage To set the maximum number of aut...

Page 410: ...te a special account on the server host which has the username enable and a password configured by the administrator that will support the enable function This function becomes inoperable when the aut...

Page 411: ...xample usage To configure the password for the local_enable authentication method DGS 3627 5 config admin local_enable Command config admin local_enable Enter the old password Enter the case sensitive...

Page 412: ...and the SSH Server 4 Finally enable SSH on the Switch using the enable ssh command After following the above steps you can configure an SSH Client on the remote PC and manage the Switch using secure...

Page 413: ...users to configure the SSH authentication mode for users attempting to access the Switch Parameters password This parameter may be chosen if the administrator wishes to use a locally configured passw...

Page 414: ...timeout sec 120 600 authfail int 2 20 rekey 10min 30min 60min never Description This command allows you to configure the SSH server Parameters maxsession int 1 8 Allows the user to set the number of u...

Page 415: ...ser Purpose Used to configure the SSH user Syntax config ssh user username authmode hostbased hostname domain_name hostname_IP domain_name ipaddr password publickey Description This command allows con...

Page 416: ...config ssh user Tiberius authmode Password Enter a case sensitive new password Enter the new password again for conformation Success DGS 3627 5 show ssh user authmode Purpose Used to display the SSH u...

Page 417: ...encryption algorithm blowfish This parameter will enable or disable the Blowfish encryption algorithm cast128 This parameter will enable or disable the Cast128 encryption algorithm twofish128 This par...

Page 418: ...estrictions None Example usage To display SSH algorithms currently set on the Switch DGS 3627 5 show ssh algorithm Command show ssh algorithm Encryption Algorithm 3DES Enabled AES128 Enabled AES192 En...

Page 419: ...e 3DES_EDE encryption code defined by the Data Encryption Standard DES to create the encrypted text 3 Hash Algorithm This part of the ciphersuite allows the user to choose a message digest function wh...

Page 420: ...exchange CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm DHE_DSS_with_3DES_EDE_CBC_SHA This ciphersuite combines the DSA Diffie Hellman key exchange CBC Block Cipher 3DES_EDE encryptio...

Page 421: ...SHA This ciphersuite combines the DSA Diffie Hellman key exchange CBC Block Cipher 3DES_EDE encryption and SHA Hash Algorithm RSA_EXPORT_with_RC4_40_MD5 This ciphersuite combines the RSA Export key ex...

Page 422: ...3627 5 show ssl cachetimeout Purpose Used to show the SSL cache timeout Syntax show ssl cachetimeout Description Entering this command will allow the user to view the SSL cache timeout currently impl...

Page 423: ...he certificate file is a data record used for authenticating devices on the network It contains information on the owner keys for authentication and digital signatures Both the server and the client m...

Page 424: ...o_frame Purpose Used to enable the jumbo frame function on the Switch Syntax enable jumbo_frame Description This command will allow ethernet frames larger than 1536 bytes to be processed by the Switch...

Page 425: ...status of the jumbo frame function on the Switch Syntax show jumbo_frame Description This command will show the status of the jumbo frame function on the Switch Parameters None Restrictions None Exam...

Page 426: ...nit_delay sec 1 10 config lldp notification_interval sec 5 3600 config lldp ports portlist all notification enable disable config lldp ports portlist all admin_status tx_only rx_only tx_and_rx disable...

Page 427: ...rough ports For the receiving of LLDP packets the switch will learn the information from the LLDP packets advertised from the neighbor in the Neighbor s table The default state for LLDP is disabled Pa...

Page 428: ...dp message_tx_interval 30 Success DGS 3627 5 config lldp message_tx_hold_multiplier Purpose Used to configure the message hold multiplier Syntax config lldp message_tx_hold_multiplier int 2 10 Descrip...

Page 429: ...ess than or equal to 0 25 msgTxInterval Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the delay interval DGS 3627 5 config lldp tx_delay 8...

Page 430: ...configured SNMP trap receiver s Syntax config lldp ports portlist all notification enable disable Description Enable or disable each port for sending changes notification to configured SNMP trap rece...

Page 431: ...nly Administrator and Operator level users can issue this command Example usage To configure ports 1 to 5 to transmit and receive DGS 3627 5 config lldp ports 1 1 1 5 admin_status tx_and_rx Command co...

Page 432: ...e port_description system_name system_description and system_capability Parameters portlist Use this parameter to define ports to be configured all Use this parameter to set all ports in the system po...

Page 433: ...ports all dot1_tlv_pvid enable Command config lldp ports all dot1_tlv_pvid enable Success DGS 3627 5 config lldp dot1_tlv_protocol_vid Purpose Used to configure an individual port or group of ports to...

Page 434: ...tance will be transmitted on the port If a port is associated with multiple VLANs those enabled VLAN IDs will be advertised Parameters portlist Use this parameter to define ports to be configured all...

Page 435: ...he Protocol Identity TLV provides a way for stations to advertise protocols that are important to the operation of the network such as Spanning Tree Protocol the Link Aggregation Control Protocol and...

Page 436: ...BASE T allow power to be supplied over the link for connected non powered systems The Power Via MDI TLV allows network management to advertise and discover the MDI power support capabilities of the se...

Page 437: ...S 3627 5 show lldp Command show lldp LLDP System Information Chassis ID Subtype MAC Address Chassis ID 00 19 5B F5 26 C0 System Name System Description Gigabit Ethernet Switch System Capabilities Repe...

Page 438: ...mmand displays the LLDP per port configuration for advertisement options Parameters portlist Use this parameter to define ports to be configured Restrictions None Example usage To display the LLDP per...

Page 439: ...cal_ports 1 Port ID 1 1 Port ID Subtype Local Port ID 1 1 Port Description Port PVID 1 Management Address Count 1 PPVID Entries Count 0 VLAN Name Entries Count 1 Protocol Identity Entries Count 0 MAC...

Page 440: ...LDP statistics displays an overview of neighbor detection activity on the switch Parameters None Restrictions None Example usage To display global statistics information DGS 3627 5 show lldp statistic...

Page 441: ...stics ports 1 Command show lldp statistics ports 1 Port ID 1 1 LLDPStatsTxPortFramesTotal 0 LLDPStatsRxPortFramesDiscardedTotal 0 LLDPStatsRxPortFramesErrors 0 LLDPStatsRxPortFramesTotal 0 LLDPStatsRx...

Page 442: ...s may take on three different roles Commander Switch CS This is a switch that has been manually configured as the controlling device for a group and takes on the following characteristics It has an IP...

Page 443: ...when a MS has been rediscovered it will add the MS back into the SIM tree automatically No configuration will be necessary to rediscover these switches There are some instances where pre saved MS swi...

Page 444: ...le sim Description This command will disable SIM globally on the Switch Parameters None Restrictions Only Administrator level users can issue this command Example usage To disable SIM on the Switch DG...

Page 445: ...arameter will display information concerning members of the SIM group To view a specific member include that member s id number listed from 1 to 32 group commander_mac macaddr Entering this parameter...

Page 446: ...w sim member 1 Command show sim member 1 ID MAC Address Platform Hold Firmware Device Name Capability Time Version 1 00 01 02 03 04 00 DGS 3627 L3 Switch 40 2 40 B19 The Man Total Entries 2 DGS 3627 5...

Page 447: ...rictions Only Administrator level users can issue this command Example usage To connect to the MS with member ID 2 through the CS using the command line interface DGS 3627 5 reconfig member_id 2 Comma...

Page 448: ...e Switch will send out discovery packets Returning information to the CS will include information about other switches connected to it Ex MS CaS The user may set the dp_interval from 30 to 90 seconds...

Page 449: ...old_time 120 Command config sim hold_time 120 Success DGS 3627 5 To transfer the CS commander to be a CaS candidate DGS 3627 5 config sim candidate Command config sim candidate Success DGS 3627 5 To t...

Page 450: ...switch on the TFTP server members Enter this parameter to specify the members the user prefers to download firmware or switch configuration files to The user may specify a member or members by adding...

Page 451: ...iguration to members of a SIM group log_to_tftp Specify this parameter to download a switch log to members of a SIM group ipaddr Enter the IP address of the TFTP server to upload a configuration file...

Page 452: ...n vlan_name 32 Each command is listed in detail in the following sections create mac_based_vlan Purpose Used to create a static mac based vlan entry Syntax create mac_based_vlan mac_address macaddr vl...

Page 453: ...can issue this command Example usage To delete a static mac based vlan entry DGS 3627 5 delete mac_based_vlan mac_address 00 00 00 00 00 01 vlan default Command delete mac_based_vlan mac mac_address 0...

Page 454: ...5 show mac_based_vlan Command show mac_based_vlan MAC Address VLAN ID Status Type 00 80 e0 14 a7 57 200 Active Static 00 80 c2 33 c3 45 200 Inactive Static 00 80 c2 33 c3 45 300 Active MAC AC 00 80 c...

Page 455: ...ight Parameters ip_source If set the ecmp algorithm will include the lower 5 bits of source IP This attribution is mutually exclusive with crc_low and crc_high If it is set crc_low and crc_high will b...

Page 456: ...ecmp Command show ecmp ECMP for OSPF Enabled ECMP Load Balance Algorithm Destination Ip used Source IP not used CRC_Low not used CRC_High used TCP_UDP_Port not used DGS 3627 5 enable ecmp ospf Purpose...

Page 457: ...OSPF ECMP function Syntax disable ecmp ospf Description This command is used to disable the OSPF ECMP function Parameters None Restrictions Only Administrator and Operator level users can issue this c...

Page 458: ...s_control config mac based access control password password 16 config mac_based_access_control ports portlist all state enable disable mode port_based host_based aging_time infinite min 1 1440 hold_ti...

Page 459: ...ss_control Description The disable mac_based_access_control command will disable the MAC based Access Control function Parameters None Restrictions Only Administrator and Operator level users can issu...

Page 460: ...After the authentication if a valid VLAN is assigned by the RADIUS server then this port will be removed from the guest VLAN and become the member port of the assigned VLAN For guest VLAN mode if the...

Page 461: ...thenticating method DGS 3627 5 config mac_based_access_control method local Command config mac_based_access_control method local Success DGS 3627 5 config mac_based_access_control guest_vlan ports Pur...

Page 462: ...VLAN However it cannot be WAC authentication VLAN Parameters guest_vlan If the MAC address is authorized failure the port will be assigned to this vlan guest_vlanid The VLAN ID to which the port will...

Page 463: ...based_access_control_guest_vlan default Success DGS 3627 5 clear mac_based_access_control_auth mac Purpose Used to reset the current state of a user The re authentication will be started after the use...

Page 464: ...ommand create mac_based_access_control_local mac 00 00 00 00 00 01 vlan default Success DGS 3627 5 config mac_based_access_control_local mac Purpose Used to config the local database entry Syntax conf...

Page 465: ...entry by this MAC address vlan Delete the database entry by this VLAN name vlanid Delete the database entry by this VLAN ID Restrictions Only Administrator and Operator level users can issue this com...

Page 466: ...access_control Command show mac_based_access_control MAC Based Access Control State Enabled Method Local Password default Guest VLAN RG Guest VLAN VID 409 Guest VLAN Member Ports 1 1 1 8 DGS 3627 5 To...

Page 467: ...trictions None Example usage To show MAC based access control local DGS 3627 5 show mac_based_access_control_local Command show mac_based_access_control_local MAC Address VLAN Name VID 00 00 00 00 00...

Page 468: ...mac_based_access_control auth_mac command is used to display MAC based access control authentication status Parameters ports Display authentication status by port Restrictions None Example usage To s...

Page 469: ...Syntax enable rspan Description This command controls the RSPAN function The purpose of the RSPAN function is to mirror the packets to the remote switch The packet travels from the source switch thro...

Page 470: ...GS 3627 5 create rspan vlan Purpose Used to create an RSPAN vlan Syntax create rspan vlan vlan_name vlan_name vlan_id value 1 4094 Description This command is used to create the RSPAN VLAN Up to 16 RS...

Page 471: ...This command is used to delete the RSPAN VLAN Parameters vlan_name Deletes the RSPAN VLAN by VLAN name vlan_id Deletes the RSPAN VLAN by VLAN ID Restrictions Only Administrator and Operator level user...

Page 472: ...an be configured with source settings Parameters vlan_name Specifies the RSPAN VLAN by VLAN name vlan_id Specifies the RSPAN VLAN by VLAN ID source When ports are not specified by this command the sou...

Page 473: ...irect command the VLAN setting must be correctly configured to make the RSPAN VLAN work correctly That is for the intermediate switch the redirect port must be a tagged member port of the RSPAN VLAN F...

Page 474: ...name Specifies the RSPAN VLAN by VLAN name vlan_id Specifies the RSPAN VLAN by VLAN ID Restrictions None Example usage To display RSPAN DGS 3627 5 show rspan Command show rspan RSPAN Enabled RSPAN VLA...

Page 475: ...nk none show bpdu_tunnel enable bpdu_tunnel disable bpdu_tunnel Each command is listed in detail in the following sections config bpdu_tunnel ports Purpose Used to configure BPDU Tunnelling type ports...

Page 476: ...ess and ports state Parameters None Restrictions None Example usage To display the BPDU tunnelling state of all ports DGS 3627 5 show bpdu_tunnel Command show bpdu_tunnel BPDU Tunnel Disabled STP Tunn...

Page 477: ...cess DGS 3627 5 disable bpdu_tunnel Purpose Used to disable the BPDU Tunnelling function Syntax disable bpdu_tunnel Description Disable the BPDU Tunneling function Parameters None Restrictions Only Ad...

Page 478: ...e vlan_translation ports portlist all cvid vidlist add replace svid vlanid 1 4094 priority value 0 7 delete vlan_translation ports portlist all cvid vidlist show vlan_translation ports portlist Each c...

Page 479: ...P will be disabled manually If you need to run GVRP on the switch you must first enable GVRP manually All existing SP VLANs will run as static 1Q VLANs The default setting of QinQ is disabled Paramete...

Page 480: ...LAN based on SP VLAN assignment enable the packet will be dropped if the VLAN translation look up is missed disable the packet will not be dropped if the VLAN translation loop up is missed If the VLAN...

Page 481: ...to the port Parameters portlist Specifies a range of ports to be displayed If no parameter is specified the system will display all port information Restrictions None Example usage To display QinQ mo...

Page 482: ...kets C VLAN matched cvid svid The SP VLAN ID used to add or replace the ingress packets priority The 1p priority of the s tag If the priority is specified it will be used for the CVID matched packets...

Page 483: ...t rules Syntax show vlan_translation ports portlist Description This command is used to show the C VLAN based SP VLAN assignment rules Parameters ports A range of ports which the rule will display Res...

Page 484: ...ription Used to configure loop back detection on the switch Parameters recover_timer The time interval in seconds used by the Auto Recovery mechanism to decide how long to check if the loop status is...

Page 485: ...onfig loopdetect ports 1 1 1 5 state enabled Command config loopdetect ports 1 1 1 5 state enabled Success DGS 3627 5 enable loopdetect Purpose Used to globally enable loop back detection on the switc...

Page 486: ...ge To show loopdetect DGS 3627 5 show loopdetect Command show loopdetect LBD Global Settings LBD Status Enabled LBD Mode Port Based LBD Interval 10 LBD Recover Time 60 LBD Trap Status None DGS 3627 5...

Page 487: ...itch Syntax config loopdetect trap none loop_detected loop_cleared both Description A trap will be sent when the loop condition is detected A trap will also be sent when the loop condition is cleared...

Page 488: ...in the following sections Purpose Used to display all commands in the Command Line Interface CLI Syntax command Description This command will display all of the commands available through the Command...

Page 489: ...onfig 802 1x capability ports config 802 1x guest_vlan ports config 802 1x init config 802 1x reauth CTRL C ESC q Quit SPACE n Next Page Enter Next Entry a All To display the parameters for a specific...

Page 490: ...to 40 of the latest executed commands may be viewed Restrictions None Example usage To configure the command history DGS 3627 5 config command_history 20 Command config command_history 20 Success DGS...

Page 491: ...000BASE SX DEM 311GT transceiver IEEE 802 3z 1000BASE SX DEM 312GT2 transceiver IEEE 802 3z 1000BASE LH DEM 314GT transceiver IEEE 802 3z 1000BASE ZX DEM 315GT transceiver IEEE 802 3z WDM Transceiver...

Page 492: ...3650 131 3W DGS 3612G 60W DGS 3612 38W DC Fans DGS 3627 Four 40mm x 40mm x 20mm one 50mm x 50mm x 20mm one 44mm x 44mm x 11mm DGS 3627G Four 40mm x 40mm x 20mm one 50mm x 50mm x 20mm fans DGS 3650 Tw...

Page 493: ...e and forward Packet Buffer 2 MB per device Packet Filtering Forwarding Rate 14 881 pps 10M port 148 810 pps 100M port 1 488 100 pps 1Gbps port MAC Address Learning Automatic update Supports 16K MAC a...