Yamaha L2, Command Reference Manual

Page 1: ...Yamaha L2 Switch Intelligent L2 PoE SWR2311P 10G Command Reference Rev 2 02 09 ...

Page 2: ... a different input mode 19 2 5 Keyboard operations when using the console 20 2 5 1 Basic operations for console input 20 2 5 2 Command help 20 2 5 3 Input command completion and keyword candidate list display 21 2 5 4 Entering command abbreviations 21 2 5 5 Command history 21 2 6 Commands that start with the word show 21 2 6 1 Modifiers 21 Chapter 3 Configuration 23 3 1 Manage setting values 23 3 ...

Page 3: ...gs 42 4 7 Terminal settings 43 4 7 1 Move to line mode console terminal 43 4 7 2 Set VTY port and move to line mode VTY port 43 4 7 3 Set terminal login timeout 44 4 7 4 Change the number of lines displayed per page for the terminal in use 44 4 7 5 Set the number of lines displayed per page on the terminal 45 4 8 Management 45 4 8 1 Set management VLAN 45 4 9 SYSLOG 46 4 9 1 Set log notification d...

Page 4: ... server and change listening port number 69 4 14 2 Show TFTP server settings 69 4 14 3 Set hosts that can access the TFTP server 69 4 15 HTTP server 70 4 15 1 Start HTTP server and change listening port number 70 4 15 2 Start secure HTTP server and change listening port number 70 4 15 3 Show HTTP server settings 71 4 15 4 Set hosts that can access the HTTP server 71 4 15 5 Restrict access to the H...

Page 5: ...Set L2MS function 94 4 20 3 Set role of L2MS function 94 4 20 4 Set L2MS slave watch interval 95 4 20 5 Set number of times that is interpreted as L2MS slave down 95 4 20 6 Set terminal management function 96 4 20 7 Set the device information acquisition time interval 96 4 20 8 Set L2MS control frame transmit receive 97 4 20 9 Reset slave management 98 4 20 10 Show L2MS information 98 4 20 11 Set ...

Page 6: ...s 124 5 2 3 Set LACP logical interface 125 5 2 4 Show LACP logical interface status 126 5 2 5 Set LACP system priority order 127 5 2 6 Show LACP system priority 128 5 2 7 Set LACP timeout 128 5 2 8 Clear LACP frame counters 129 5 2 9 Show LACP frame counter 129 5 2 10 Set load balance function rules 130 5 2 11 Show protocol status of LACP logical interface 130 5 2 12 Set LACP port priority order 1...

Page 7: ...e the file for customizing the Web authentication screen 150 5 4 Port security 150 5 4 1 Set port security function 150 5 4 2 Register permitted MAC addresses 151 5 4 3 Set operations used for security violations 151 5 4 4 Show port security information 151 5 5 Error detection function 152 5 5 1 Set automatic recovery from errdisable state 152 5 5 2 Show error detection function information 153 5 ...

Page 8: ...3 16 Generate MST instance 181 6 3 17 Set VLAN for MST instance 181 6 3 18 Set priority of MST instance 182 6 3 19 Set MST region name 182 6 3 20 Set revision number of MST region 182 6 3 21 Set MST instance for interface 183 6 3 22 Set interface priority for MST instance 183 6 3 23 Set interface path cost for MST instance 184 6 3 24 Show MST region information 185 6 3 25 Show MSTP information 185...

Page 9: ...2 Check IPv6 route 205 7 9 Set DNS lookup function 205 7 10 Set DNS server list 206 7 11 Set default domain name 206 7 12 Set search domain list 207 7 13 Show DNS client information 207 Chapter 8 IP multicast control 209 8 1 IP multicast basic settings 209 8 1 1 Set processing method for unknown multicast frames 209 8 2 IGMP snooping 209 8 2 1 Set enable disable IGMP snooping 209 8 2 2 Set IGMP sn...

Page 10: ...affic category conditions 233 9 2 12 Associate class map 234 9 2 13 Set traffic classification conditions access list 235 9 2 14 Set traffic classification conditions CoS 235 9 2 15 Set traffic classification conditions TOS precedence 236 9 2 16 Set traffic classification conditions DSCP 236 9 2 17 Set traffic classification conditions Ethernet Type 237 9 2 18 13 2 22 Set traffic classification co...

Page 11: ...ual port 256 9 2 43 Set traffic shaping queue units 257 9 3 Flow control 258 9 3 1 Set flow control IEEE 802 3x PAUSE send receive system 258 9 3 2 Set flow control IEEE 802 3x PAUSE send receive interface 258 9 3 3 Show flow control operating status 259 9 4 Storm control 260 9 4 1 Set storm control 260 9 4 2 Show storm control reception upper limit 260 Command Reference TOC 11 ...

Page 12: ...ty is limited to this physical product itself Please be aware of these points The information contained in this document has been carefully checked and is believed to be reliable However if you find some of the contents to be missing or have questions regarding the contents please contact us Ethernet is a registered trademark of Fuji Xerox Corporation Microsoft and Windows are registered trademark...

Page 13: ...ters Explains the type and significance of parameters that can be specified for the command Default setting Indicates the factory set state of the command Input mode Indicates the modes in which the command can be executed Description Explains the command Notes Explains points that you should be aware of when using the command Examples Provides specific examples of the command 1 3 Interface names ...

Page 14: ...ve a form in which the command input syntax starts with the word no If you use a syntax that with begins with the word no the settings of that command are deleted and returned to the default value unless explained otherwise 14 Command Reference How to read the command reference ...

Page 15: ... 9600bps Data 8 bit Parity none Stop bit 1 bit Flow control Xon Xoff For settings related to the console terminal use the line con command to move to line mode 2 1 2 Access from a TELNET client You can use a TELNET client on a computer to connect to the TELNET server of the SWR2311P and control it In order to make settings using TELNET you must first set up a connection environment IP network and ...

Page 16: ...e maximum number of simultaneous SSH client connections depends on the number of VTY ports of the SWR2311P The VTY ports of the SWR2311P are as follows With the default VTY port settings eight VTY ports ID 0 7 can be used To check the number of VTY ports use the show running config include line vty command To change the number of VTY ports use the line vty command maximum 8 ID 0 7 To make VTY port...

Page 17: ... command The TFTP server settings of the SWR2311P are as follows With the default settings of the TFTP server function it is running on the default port UDP port 69 and does not allow access from anywhere The reception port number cannot be changed Access to the TFTP server can be controlled in VLAN units and can be specified by the tftp server interface command Specify the VLAN ID for which acces...

Page 18: ...s not configured omit the user name by pressing the Enter key and enter the login password instead to log in as an unknown user When authentication is successful the command prompt appears Since no user password is specified with the default settings you will be able to log in without a password Login screen Username Password Console screen following login SWR2311P Rev 2 02 06 Tue Mar 13 08 41 39 ...

Page 19: ...map command SWR2311P config pmap policy map class mode class command SWR2311P config pmap c L2MS mode l2ms configuration command SWR2311P config l2ms LLDP agent mode lldp agent command SWR2311P lldp agent 2 4 3 Command prompt prefix he command prompt prefix indicates the host name In the default state the host name is the model name SWR2311P This indication can be changed by using the hostname com...

Page 20: ...K Delete from the cursor position until the end of the line Ctrl U Delete all characters that are being entered Other Keyboard operation Description and notes Ctrl T Exchange the character at the cursor position with the preceding character If the cursor is at the end of the line exchange the preceding character with the character that precedes it Ctrl C In unprivileged EXEC mode and priviledged E...

Page 21: ... Command history is shown as a history that is common to all modes Operation is shown below Keyboard operation Description and notes Move backward through command history Ctrl P Move forward through command history Ctrl N 2 6 Commands that start with the word show 2 6 1 Modifiers Modifiers send the information produced by the show command through a filter restricting the content that is shown in t...

Page 22: ... Id 0x838c Role Disabled State Forwarding port1 6 Port Number 910 Ifindex 5006 Port Id 0x838e Role Disabled State Forwarding port1 7 Port Number 911 Ifindex 5007 Port Id 0x838f Role Disabled State Forwarding port1 8 Port Number 912 Ifindex 5008 Port Id 0x8390 Role Disabled State Forwarding port1 9 Port Number 913 Ifindex 5009 Port Id 0x8391 Role Disabled State Forwarding port1 10 Port Number 914 I...

Page 23: ... exists the data in question is deployed to RAM as a running configuration If the startup configuration file that was selected according to the setting values in the startup config select command does not exist in ROM the default configuration is deployed to RAM If commands etc are used to modify the settings while the SWR2311P is running the modified settings are immediately reflected in the runn...

Page 24: ...interface VLAN 1 L2 switching Automatic MAC address learning enabled Automatic MAC address learning aging time 300 sec Spanning tree enabled Proprietary loop detection disabled DNS cliant Behavior enabled Interface control PoE power supply enabled Traffic control QoS disabled Flow control IEEE 802 3x disabled Web GUI Language setting English Default settings per LAN SFP port Category Setting item ...

Page 25: ...control disabled PoE power supply Power supply operation enabled Power supply priority low LLDP agent Transmit Receive mode transmit and receive Settings for the default VLAN vlan1 IPv4 Address DHCP cliant IGMP Snooping Enable Querier Disable Fast Leave Disable Check TTL Enable Command Reference Configuration 25 ...

Page 26: ...word was encrypted by the password encryption command it is shown in the configuration in the form password 8 password The user cannot enter the password in this form when making configuration settings from the command line Example Specify user1234 as the unnamed user password SWR2311P config password user1234 Delete the unnamed user password SWR2311P config no password 4 1 2 Set administrator pas...

Page 27: ...lobal configuration mode Description Enables password encryption If this is enabled the password entered by the password command the enable paassword command and the username command are saved in the configuration in an encrypted form If this command is executed with the no syntax password encryption is disabled and the password entered by the password command the enable paassword command and the ...

Page 28: ...th special password SWR2311P config force password enable Disable login with special password SWR2311P config no force password 4 2 User account maintenance 4 2 1 Set user password Syntax username username privilege privilege password password no username username Keyword privilege Specifies the user s privileges password Specifies the user s password Parameter username User name Single byte alpha...

Page 29: ...nfiguration settings from the command line Example Set the user user1234 SWR2311P config username user1234 Grant privileges to user user1234 and specify a password SWR2311P config username user1234 privilege on password user_pass 4 2 2 Show login user information Syntax show users Input mode unprivileged EXEC mode priviledged EXEC mode global configuration mode Description Shows information on the...

Page 30: ...tion Sets the banner that is displayed when logging in to the console Example Set the banner display to Hello World Username Password SWR2311P Rev 2 02 06 Tue Mar 13 08 41 39 2018 Copyright c 2018 Yamaha Corporation All Rights Reserved SWR2311P enable SWR2311P configure terminal Enter configuration commands one per line End with CNTL Z SWR2311P config banner motd Hello World SWR2311P config exit S...

Page 31: ...the running configuration SWR2311P copy running config startup config Succeeded to write configuration SWR2311P 4 3 2 Save running configuration Syntax write config_num Parameter config_num Configuration number Setting value Description 0 4 Startup configuration 0 4 sd Startup config in SD card Input mode priviledged EXEC mode individual configuration mode Description Saves the current operating s...

Page 32: ...ee STP related ssh server SSH server related switch Switch setting related telnet sever TELNET server related Input mode priviledged EXEC mode individual configuration mode Description Shows the currently operating settings running configuration If section is not specified all settings are shown Example Show the running configuration SWR2311P show running config interface port1 1 switchport line c...

Page 33: ...nterface vlan1 no switchport ip address 192 168 100 240 24 no shutdown clock timezone JST http server enable http proxy enable telnet server enable line con 0 line vty 0 7 end SWR2311P 4 3 5 Erase startup configuration Syntax erase startup config config_num Parameter config_num Configuration number Setting value Description 0 4 Startup configuration 0 4 sd Startup config in SD card Input mode priv...

Page 34: ...xample Copy startup config 0 to startup config 1 SWR2311P copy startup config 0 1 Succeeded to copy configuration SWR2311P 4 3 7 Set description for startup config Syntax startup config description config_num line no startup config description config_num Parameter config_num 0 4 Configuration number line Single byte alphanumeric characters and single byte symbols 63 characters or less Description ...

Page 35: ...all show boot list Keyword all Shows up to five entries of the boot information history list Shows a simplified version of up to five entries of the boot information history Parameter num 0 4 Shows the boot history entry of the specified number Input mode unprivileged EXEC mode priviledged EXEC mode Description Show the boot information Note This history is cleared when you execute the cold start ...

Page 36: ...ble or disable the SD card boot function of the firmware After this command is executed the system will restart Since this setting is common to the system it cannot be specified individually for each startup configuration startup config 0 strtup config 4 By default SD card boot is enabled If this command is executed with the no syntax the setting returns to the default Note The SD card boot functi...

Page 37: ...ription NAME Name DESCR Description Vendor Vendor name PID Product ID VID Version ID 0 if invalid SN Serial number Example Show inventory information SWR2311P show inventory NAME L2 PoE switch DESCR SWR2311P 10G Vendor Yamaha PID SWR2311P 10G VID 0000 SN S00000000 SWR2311P 4 5 2 Show operating information Syntax show environment Input mode unprivileged EXEC mode priviledged EXEC mode Description S...

Page 38: ...time 2018 01 01 11 13 44 09 00 Current time 2018 01 02 16 19 43 09 00 Elapsed time from boot 1days 05 06 04 Temperature status Normal Temperature 28 degree C SWR2311P 4 5 3 Show currently executing processes Syntax show process Input mode priviledged EXEC mode Description Shows all currently executing processes Example Show currently executing processes SWR2311P show process 4 5 4 Show technical s...

Page 39: ...mp snooping interface Example Show technical support information SWR2311P show tech support Information for Yamaha Technical Support show running config dns client enable End of Information for Yamaha Technical Support SWR2311P 4 5 5 Save technical support information Syntax copy tech support sd Input mode priviledged EXEC mode Description Saves technical support information to the SD card This is...

Page 40: ...ime to 0 hours 0 minutes 0 seconds on January 1 2015 SWR2311P clock set 00 00 00 Jan 1 2015 4 6 2 Set time zone Syntax clock timezone zone clock timezone offset no clock timezone Parameter zone UTC JST Name of the time zone shown when standard time is in effect offset 12 00 11 00 1 00 1 00 13 00 Enter the difference from UTC Initial value clock timezone JST Input mode global configuration mode Des...

Page 41: ...P server ipv6_addr IPv6 address of the NTP server If you specify an IPv6 link local address you must also specify the output interface fe80 X vlanN format fqdn Host name of the NTP server Initial value none Input mode global configuration mode Description Registers the address or host name of the NTP server Up to two instances of this command can be set If this command is executed with the no synt...

Page 42: ...r interval time 0 24 Interval hours for time synchronization If this is set to 0 hours periodic synchronization will not occur Initial value ntpdate interval 1 Input mode global configuration mode Description Specifies the interval in one hour units at which time information is periodically obtained from the registered NTP server If this command is executed with the no syntax the setting returns t...

Page 43: ...Move to line mode console terminal Syntax line con port Parameter port 0 Serial console port number Initial value line con 0 Input mode global configuration mode Description Moves to line mode in order to make console terminal settings Note To return from line mode to global configuration mode use the exit command To return to priviledged EXEC mode use the end command Example Move to line mode in ...

Page 44: ...ntax exec timeout min sec no exec timeout Parameter min 0 35791 Timeout time minutes sec 0 2147483 Timeout time seconds Initial value exec timeout 10 Input mode line mode Description Sets the time after which automatic logout occurs if there has been no key input from the console terminal or VTY If sec is omitted 0 is specified If min and sec are both set to 0 automatic logout does not occur If th...

Page 45: ...ength Parameter line 0 512 Number of lines displayed per page on the terminal Initial value no service terminal length Input mode global configuration mode Description Sets the number of lines displayed per page on the terminal If line is set to 0 the display is not paused per page If this command is executed with the no syntax the number of lines is set to 24 in the case of a serial console or to...

Page 46: ... X X X X IPv6 address of the SYSLOG server If you specify an IPv6 link local address you must also specify the output interface fe80 X vlanN format Initial value no logging host Input mode global configuration mode Description Specifies the IP address of the SYSLOG server to which log notifications are sent Up to 2 entries can be specified If this command is executed with the no syntax the setting...

Page 47: ...ogging trap informational Input mode global configuration mode Description Outputs the informational level log to SYSLOG If this command is executed with the no syntax the log is not output Note This can be output to the console by executing the logging stdout info command Example Output the informational level log to SYSLOG SWR2311P config logging trap informational 4 9 4 Set log output level err...

Page 48: ...vents If this command is executed with the no syntax the log is not output Example Enable log output for LAN map SWR2311P config logging event lan map 4 9 7 Back up log Syntax save logging Input mode unprivileged EXEC mode priviledged EXEC mode Description Saves all logs accumulated in RAM to flash ROM Logs are accumulated in RAM and are periodically backed up automatically to flash ROM but you ca...

Page 49: ...he SD card with the following file name swr2311p log YYYYMMDD_syslog txt YYYYMMDD Year month day that the save logging command was executed Example Enable log backup to SD card SWR2311P config logging backup sd enable 4 9 9 Clear log Syntax clear logging Input mode priviledged EXEC mode Description Clears the log Example Clear the log SWR2311P clear logging 4 9 10 Show log Syntax show logging reve...

Page 50: ...ss type version version seclevel user no snmp server host host_address no snmp server host host_address type version version community no snmp server host host_address type version version seclevel user Parameter host_address Destination IPv4 address or IPv6 address for notifications If you specify an IPv6 link local address you must also specify the output interface fe80 X vlanN format type Notif...

Page 51: ...nmptrapname as the trap community name SWR2311P config snmp server host 192 168 100 11 traps version 1 snmptrapname Using SNMPv2c set 192 168 100 12 as the destination for notifications Specify the notification type as informs and the notification screen community name as snmpinformsname SWR2311P config snmp server host 192 168 100 12 informs version 2c snmpinformsname Using SNMPv3 set 192 168 10 ...

Page 52: ...ter contact Name maximum 255 characters to register as the system contact Initial value no snmp server contact Input mode global configuration mode Description Sets the MIB variable sysContact sysContact is a variable that is typically used to enter the name of the administrator or contact If this command is executed with the no syntax the setting is deleted Example Set the system contact to swr23...

Page 53: ...mum 32 characters ro_rw Access restriction Setting value Description ro Read only rw Write allowed Initial value none Input mode global configuration mode Description Sets the SNMP community Up to 16 communities can be registered If this is executed with the no syntax the specified community is deleted Example Set the read only community name to public SWR2311P config snmp server community public ...

Page 54: ...pecify the most view which shows the internet node 1 3 6 1 and below SWR2311P config snmp server view most 1 3 6 1 include Specify the standard view which shows the mib 2 node 1 3 6 1 2 1 and below SWR2311P config snmp server view standard 1 3 6 1 2 1 include 4 10 7 Set SNMP group Syntax snmp server group group seclevel read read_view write write_view snmp server group group seclevel write write_v...

Page 55: ...p read access rights to the standard view SWR2311P config snmp server group users auth read standard 4 10 8 Set SNMP user Syntax snmp server user user group auth auth auth_path priv priv priv_path no snmp server user user Keyword auth Set the authentication algorithm priv Set the encryption algorithm Parameter user User name maximum 32 characters group Group name maximum 32 characters auth Authent...

Page 56: ...ver user admin1 admins auth sha passwd1234 priv aes passwd1234 Create user1 as a user According to the specified group and the security level prescribed for that group specify the protocol SHA and password passwd5678 used for authentication and encryption SWR2311P config snmp server user user1 users auth sha passwd5678 4 10 9 Show SNMP community information Syntax show snmp community Input mode un...

Page 57: ...p Name users Security Level auth Read View standard Write View standard 4 10 12 Show SNMP user settings Syntax show snmp user Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows the contents of the SNMP user settings Shows the engine ID user name affiliated group name authentication method and encryption method Example Show the contents of the SNMP user settings SWR2311P show...

Page 58: ...MON function SWR2311P config rmon disable 4 11 2 Set RMON Ethernet statistical information group Syntax rmon statistics index owner owner no rmon statistics index Parameter index 1 65535 Index of the Ethernet statistical information group etherStatsIndex owner Name of the Ethernet statistical information group owner etherStatsOwner Maximum 127 characters if omitted RMON_SNMP Initial value none Inp...

Page 59: ...ry group owner historyControlOwner Maximum 127 characters if omitted RMON_SNMP Initial value none Input mode interface mode Description Enables RMON history group settings for the applicable interface If this command is set it will be possible to acquire the RMON MIB s historyControlTable After setting this command history information is collected at the specified interval and the RMON MIB s ether...

Page 60: ...s command If this command is executed with the no syntax the setting value is deleted Note To enable the event group setting of the RMON function it is necessary to enable the system wide RMON function in addition to this command In order for RMON to send an SNMP trap you must have made SNMP trap transmission settings Example After making SNMP trap settings enable the RMON event group setting Set ...

Page 61: ..._threshold 1 2147483647 Upper threshold value alarmRisingThreshold rising_event_index 1 65535 Event index alarmRisingEventIndex falling_threshold 1 2147483647 Lower threshold value alarmFallingThreshold falling_event_inde x 1 65535 Event index alarmFallingEventIndex startup 1 3 Threshold value used for first alarm decision alarmStartupAlarm Setting value Description 1 Use only upper threshold valu...

Page 62: ...object specified in variable is a MIB object of the Ethernet statistical information group If an Ethernet statistical information group possessing the applicable index has not been created this command returns an error The Ethernet statistical information group can be created by the rmon statistics command If the Ethernet statistical information group being used by this command is deleted this com...

Page 63: ...P event event Index 1 Description RMON_SNMP Event type Log Event community name RMON_SNMP Last Time Sent 00 00 58 Owner RMON_SNMP alarm alarm Index 1 alarm status VALID alarm Interval 15 alarm Type is Absolute alarm Value 0 alarm Rising Threshold 10 alarm Rising Event 1 alarm Falling Threshold 7 alarm Falling Event 1 alarm Startup Alarm 3 alarm Owner is RMON_SNMP 4 11 7 Show RMON Ethernet statisti...

Page 64: ...tory index 1 data source ifindex 5001 buckets requested 50 buckets granted 50 Interval 1800 Owner RMON_SNMP 4 11 9 Show RMON event group status Syntax show rmon event Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows the settings and status of the RMON event group The following items are shown Index Description of event Type of event Community name when sending trap Time of...

Page 65: ...ent 1 alarm Startup Alarm 3 alarm Owner is RMON_SNMP 4 11 11 Clear counters of the RMON Ethernet statistical information group Syntax rmon clear counters Input mode interface mode Description Clears the counters of the RMON Ethernet statistical information group for the applicable interface Example Clear the counters of the RMON Ethernet statistical information group for port1 1 SWR2311P config in...

Page 66: ...d to access the TELNET server Filter that controls access to the TELNET server Example Show the settings of the Telnet server SWR2311P show telnet server Service Enable Port 23 Management interface vlan 1 Interface vlan 1 2 3 Access deny 192 168 100 5 permit 192 168 100 0 24 4 12 3 Set host that can access the Telnet server Syntax telnet server interface interface no telnet server interface interf...

Page 67: ...nd IPv6 addresses Initial value none Input mode global configuration mode Description Restrict access to the TELNET server according to the client terminal s IPv4 IPv6 address Up to eight instances of this command can be set and those that are specified earlier take priority for application If this command is set all access that does not satisfy the registered conditions is denied However if this ...

Page 68: ...lnet 192 168 100 1 12345 Connect via Telnet to port number 12345 of the host at IPv6 address fe80 2a0 deff fe11 2233 SWR2311P telnet fe80 2a0 deff fe11 2233 vlan1 12345 4 13 2 Enable Telnet client Syntax telnet client switch no telnet client Parameter switch Whether to enable TELNET client Setting value Description enable Enable disable Disable Initial value telnet client disable Input mode global...

Page 69: ...as the listening port number SWR2311P config tftp server enable 12345 4 14 2 Show TFTP server settings Syntax show tftp server Input mode priviledged EXEC mode Description Shows the settings of the TFTP server The following items are shown TFTP server function enabled disabled status Listening port number VLAN interface that is permitted to access the TFTP server Example Show the settings of the T...

Page 70: ...enable port http server disable no http server Keyword enable HTTP server is enabled disable HTTP server is disabled Parameter port 1 65535 Listening port number of the HTTP server if omitted 80 Initial value http server disable Input mode global configuration mode Description Enables the HTTP server You can also specify the listening TCP port number If this command is executed with the no syntax ...

Page 71: ...P server settings Syntax show http server Input mode priviledged EXEC mode Description Shows the settings of the HTTP server The following items are shown HTTP server function enabled disabled status HTTP server s listening port number VLAN interface that is permitted to access the HTTP server Filter that controls access to the HTTP server Secure HTTP server function enabled disabled status Log in...

Page 72: ...es an IPv6 address X X X X X X X X M Specifies an IPv6 address X X X X with subnet mask length Mbit any Applies to all IPv4 addresses and IPv6 addresses Initial value none Input mode global configuration mode Description Restrict access to the HTTP server according to the client terminal s IPv4 IPv6 address Up to eight instances of this command can be set and those that are specified earlier take ...

Page 73: ...nfig http server language english 4 15 7 Set log in timeout time for HTTP server Syntax http server login timeout min sec no http server login timeout Parameter min 0 35791 Timeout time minutes sec 0 2147483 Timeout time seconds Initial value http server login timeout 5 Input mode global configuration mode Description Specify the time until automatic logout when there has been no access to the HTT...

Page 74: ...P config http proxy enable 4 16 2 Set HTTP Proxy function timeout Syntax http proxy timeout time no http proxy timeout time Parameter time 1 180 Time seconds until timeout occurs Initial value http proxy timeout 60 Input mode global configuration mode Description Specifies the timeout time when acquiring the web GUI of an L2MS slave If this command is executed with the no syntax the setting will b...

Page 75: ...u can also specify the listening TCP port number In order to enable the SSH server the host key must be created in advance ssh server host key generate If this command is executed with the no syntax disable the SSH server Note In order to log in from the SSH client the user name and password must be registered in advance username Example Start the SSH server with 12345 as the listening port number...

Page 76: ...ed interface Up to eight instances of this command can be set and those that are specified earlier take priority for application If this command is not set access is permitted only from the maintenance VLAN Example Allow access to the SSH server from the hosts connected to VLAN 1 and VLAN 2 SWR2311P config ssh server interface vlan1 SWR2311P config ssh server interface vlan2 4 17 4 Set client that...

Page 77: ...his command does not function Example Permit access to the SSH server only from 192 168 1 1 and the 192 168 10 0 24 segment SWR2311P config ssh server access permit 192 168 1 1 SWR2311P config ssh server access permit 192 168 10 0 24 Deny only access to the SSH server from the segment 192 168 10 0 24 SWR2311P config ssh server access deny 192 168 10 0 24 SWR2311P config ssh server access permit an...

Page 78: ...server host key ssh dss XXXXXXXXXX1kc3MAAAEBAPTB9YYdgvE 4bbhF4mtoIJri ujdAIfgr4hL 0w7Jlvc50eXg sXJoCqlPlsLRGHOOzxVYbOouPCUV jPFCatgOIii8eJNzUqSB1e6MOFtGjmESrdYiafyIUhps YWqd TlIo0AFnVUKMqAbYODA3Cy7kNVptYRK8rcKWk1ChbatWnT Z7RcmEVEou0qlOyp79b3DcpFM7ofa4d 9ySb6mj06Y Ok8lL5qFhCHmGOGtqJTKZsqb5VnPz8FYC8t1s6 tpyrUa5aG2af yTEa5U5BDYAuc88 wNIUG9alGo 8WIHiBJAm432o7UPqTHWO 5nYEQu44gmEPQrPGJ65GT8AAAAVAOpjE0Jy...

Page 79: ...uEbkJggPD68UoR gobWPhgu7qqXzE8iUXXXX RSA 2048 o o S S B o o SHA256 4 17 8 Set SSH client alive checking Syntax ssh server client alive enable interval count ssh server client alive disable no ssh server client alive Parameter interval 1 2147483647 Client alive checking interval seconds if omitted 100 count 1 2147483647 Maximum count for client alive checking if omitted 3 Initial value ssh server c...

Page 80: ...SSH server using the currently logged in user name If user is omitted when logged in as an unnamed user root is used Note The escape character is the tilde The escape character is recognized only if it is input at the beginning of the line If the escape character is input twice in succession at the beginning of the line the escape character is used as input to the server If the escape character fo...

Page 81: ...erver that is connected as an SSH client Example Clear the SSH host information SWR2311P clear ssh host 192 168 100 1 4 19 LLDP 4 19 1 Enable LLDP function Syntax lldp run no lldp run Initial value none Input mode global configuration mode Description Enable the LLDP function for the entire system If this command is executed with the no syntax disable the LLDP function for the entire system Note I...

Page 82: ...his command is executed with the no syntax the setting returns to the default By default this is model name firmware revision Example Set the system description to SWITCH1_POINT_A SWR2311P config lldp system description SWITCH1_POINT_A 4 19 3 Set system name Syntax lldp system name name no lldp system name Parameter name System name text string 255 characters or less Initial value no lldp system n...

Page 83: ...ing function by LLDP Setting value Description enable Enable automatic setting function by LLDP disable Disable automatic setting function by LLDP Initial value lldp auto setting disable Input mode global configuration mode Description Enables the function by which LLDP frames transmitted by specific Yamaha devices can automatically modify the settings of a switch The functions that can be set are...

Page 84: ...eive only SWR2311P config lldp run SWR2311P config interface port1 1 SWR2311P config if lldp agent SWR2311P config lldp set lldp enable rxonly 4 19 7 Set type of management address Syntax set management address tlv type no set management address tlv Parameter type Type of management address Setting value Description ip address Set IP address as the management address mac address Set MAC address as...

Page 85: ...sic management TLVs to the LLDP frames that are transmitted on LAN port 1 SWR2311P config lldp run SWR2311P config interface port1 1 SWR2311P config if lldp agent SWR2311P config lldp tlv select basic mgmt 4 19 9 Set IEEE 802 1 TLV Syntax tlv select ieee 8021 org specific no tlv select ieee 8021 org specific Initial value none Input mode LLDP agent mode Description Adds IEEE 802 1 TLVs to transmit...

Page 86: ...11P config if lldp agent SWR2311P config lldp tlv select ieee 8023 org specific 4 19 11 Set LLDP MED TLV Syntax tlv select med no tlv select med Initial value none Input mode LLDP agent mode Description If this command is executed with the no syntax exclude LLDP MED TLVs from transmitted frames This command adds the following TLVs to LLDP frames LLDP MED TLV 1 Media Capabilities Type of LLDP MED T...

Page 87: ...sion interval during the high speed transmission period If this command is executed with the no syntax the setting returns to the default The high speed transmission period is the period immediately after a port s connected device was newly found and LLDP frames are transmitted according to the following commands for making high speed transmission period settings set timerx msg fast tx fast_tx Set...

Page 88: ...lue set msg tx hold 4 Input mode LLDP agent mode Description Sets the multiplier for calculating the time to live TTL of device information If this command is executed with the no syntax the setting returns to the default This setting is multiplied with the LLDP frame transmission interval msg tx interval and then increased by 1 to become the TTL value seconds The TTL value is set in Time To Live ...

Page 89: ...evices that can be managed by a port If this command is executed with the no syntax the setting returns to the default If the maximum number of connected device for a port is exceeded LLDP frames sent from new devices are ignored Note When this command is set the remote device management table is cleared once when the first LLDP frame is received on the applicable port Example Set 10 as the maximu...

Page 90: ...P frames received Total frames received in error Number of LLDP frame reception errors Total frames discarded Number of LLDP frames discarded Total discarded TLVs Number of TLV discarded Total unrecognised TLVs Number of TLVs that could not be recognized For show lldp interface ifname neighbor Basic management information Interface Name Received interface name System Name System name System Descri...

Page 91: ...ED TLV information shown if LLDP MED TLV is received MED Capabilities LLDP MED TLV type list MED Capabilities Dev Type LLDP MED media device type MED Application Type Application type MED Vlan id ID of VLAN MED Tag Untag VLAN tagged or untagged MED L2 Priority L2 priority order MED DSCP Val DSCP value priority order MED Location Data Format Format of location data Latitude Res Resolution of latitu...

Page 92: ...R2311P 4 19 19 Show information for connected devices of all interfaces Syntax show lldp neighbors Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows information for connected devices of all interfaces For the display format refer to the show lldp interface ifname neighbor command Example Show information for connected devices SWR2311P show lldp neighbors Interface Name port...

Page 93: ... Dev Type End Point Class 3 MED Application Type Reserved MED Vlan id 0 MED Tag Untag Untagged MED L2 Priority 0 MED DSCP Val 0 MED Location Data Format ECS ELIN Latitude Res 0 Latitude 0 Longitude Res 0 Longitude 0 AT 0 Altitude Res 0 Altitude 0 Datum 0 LCI length 0 What 0 Country Code 0 CA type 0 MED Inventory SWR2311P 4 19 20 Clear LLDP frame counters Syntax clear lldp counters Input mode privi...

Page 94: ...on If this command is executed with the no syntax the setting returns to the default Note In order for a change to be applied the system must be restarted Example Use the L2MS function SWR2311P config l2ms configuration SWR2311P config l2ms l2ms enable 4 20 3 Set role of L2MS function Syntax l2ms role role no l2ms role Parameter role Role of L2MS function Setting value Description master Operate a...

Page 95: ...iption Specifies the time interval at which to transmit an L2MS slave query frame If this command is executed with the no syntax the setting returns to the default If you set time to a high value the query frame is transmitted less often but it will take longer from when the L2MS slave is connected until the L2MS master recognizes it If you set time to a low value the opposite will be the case the...

Page 96: ...s l2ms enable SWR2311P config l2ms l2ms role master SWR2311P config l2ms slave watch down count 8 4 20 6 Set terminal management function Syntax terminal watch enable terminal watch disable no terminal watch Keyword enable Enable terminal management function disable Disable terminal management function Initial value terminal watch disable Input mode L2MS mode Description Enables the terminal manag...

Page 97: ... or received disable L2MS control frames can be transmitted or received Initial value l2ms filter disable Input mode interface mode Description Prevents L2MS control frames from being transmitted or received If this command is executed with the no syntax L2MS control frames can be transmitted and received Note This command cannot be specified for the following interfaces VLAN interface A physical ...

Page 98: ... 10 Show L2MS information Syntax show l2ms detail Keyword detail Also show detailed information Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows the following information according to the L2MS operating state If L2MS is operating as master Number of L2MS slaves being managed Information for the L2MS slaves being managed MAC address Model name Device name Route Uplink port ...

Page 99: ...ow l2ms detail Role Master Master Number of Terminals 0 Slave Number of Slaves 2 ac44 f230 00a5 Model name SWR2311P 10G Device name SWR2311P 10G_Z5301050WX Route port2 1 LinkUp 1 3 9 Uplink 1 Downlink 3 Config None Appear time Tue Mar 13 18 43 18 2018 Number of Terminals 1 bcae c5a4 7fb3 Port 9 Appear time Wed Mar 14 14 01 18 2018 00a0 deae b8bf Model name SWR2311P 10G Device name SWR2311P 10G_S4L...

Page 100: ...watch enable event watch disable no event watch Keyword enable Enable the event monitoring function disable Disable the event monitoring function Initial value event watch enable Input mode L2MS mode Description Sets whether to disable or enable the event monitoring function If enabled event information for the L2MS slaves existing on the network is acquired at regular intervals If this command is...

Page 101: ... the L2MS function disable Don t use the L2MS function Initial value config auto set enable Input mode L2MS mode Description Sets whether to use the L2MS slave device s zero config function If the zero config function is enabled and the L2MS slave s Yamaha switch or wireless AP settings config are saved the saved settings config are automatically applied when the L2MS slave in its factory set stat...

Page 102: ...eless access point are excluded from the snapshot comparison If this command is executed with the no syntax terminal information is excluded from the snapshot comparison Note This command is valid only when operating as the master and the terminal watch enable command and snapshot enable command have also been set Example Include terminal information in the snapshot comparison SWR2311P config snap...

Page 103: ...aracters or less URL at which the firmware is located Initial value firmware update url http www rtpro yamaha co jp firmware revision up swr2311p bin Input mode global configuration mode Description Specify the download source URL used when updating the firmware from a firmware file located on a web server The input syntax is http server IP address or hostname pathname If the server s port number ...

Page 104: ...N y Updating Finish SWR2311P 4 22 3 Set firmware download timeout duration Syntax firmware update timeout time no firmware update timeout Parameter time 100 86400 Timeout time seconds Initial value firmware update timeout 300 Input mode global configuration mode Description Specifies the timeout duration when downloading firmware from a web server If this command is executed with the no syntax the...

Page 105: ...ot specified and rewritable firmware exists on the SD card you will be asked whether to update and maintain the mounted state of the SD card If you want to update the firmware enter Y if you don t want to update enter N If you want to maintain the mounted state of the SD card enter Y if you want to unmount enter N If you specify no confirm the mounted state of the SD card is maintained and the fir...

Page 106: ...ted Example Specify AM 1 30 as the restart time for updating the firmware SWR2311P config firmware update reload time 1 30 SWR2311P config 4 23 General maintenance and operation functions 4 23 1 Set host name Syntax hostname hostname no hostname hostname Parameter hostname Single byte alphanumeric characters and single byte symbols 63characters or less Host name Initial value hostname SWR2311P Inp...

Page 107: ...ged EXEC mode Description Reboots with the factory settings SYSLOG is also initialized Note You must enter the administrator password when executing this command Example Initialize the settings SWR2311P cold start Password 4 23 4 Mount SD card Syntax mount sd Input mode unprivileged EXEC mode priviledged EXEC mode Description Mounts the SD card When you insert an SD card this command is executed a...

Page 108: ...e poe PoE mode vlan VLAN mode status STATUS mode off OFF mode Initial value led mode default link act Input mode global configuration mode Description Set the default LED mode When you execute this command the LEDs are lit in the specified mode The LEDs are lit in the specified mode even when a loop is detected in STATUS mode and the loop status has been resolved If this command is executed with t...

Page 109: ...upply stopped because of PoE system limit poe error PD error Power supply stopped because PD error detected Example Show the port error status SWR2311P show error port led ID error port1 3 poe error PD error port1 10 loop detected blocking 4 23 9 Backup system information Syntax backup system Input mode priviledged EXEC mode Description Copy the following settings from the unit to the SD card Star...

Page 110: ...ed using that file After restore restart will occur This can be executed only if the SD card is mounted Example Restore system information into the unit SWR2311P restore system restore and reboot system y n y Update the firmware Current Revision Rev 2 02 09 New Revision Rev 2 02 09 Update to this firmware Y N Y Unmounted the SD card Pull out the SD card Updating Finish Succeeded to restore system ...

Page 111: ... router 5 1 2 Shutdown Syntax shutdown no shutdown Initial value no shutdown Input mode interface mode Description Shut down the applicable interface so that it is not used An interface for which this command is specified will not link up even if it is connected If this command is executed with the no syntax the applicable interface can be used Note This command can be specified only for LAN SFP p...

Page 112: ... only for LAN SFP port type10000 full cannot be set for the LAN port The only type that can be specified for combo port is auto or 1000 full Example Set the speed and duplex mode for LAN port 1 to 100Mbps Full SWR2311P config interface port1 1 SWR2311P config if speed duplex 100 full 5 1 4 Set MRU Syntax mru mru no mru Parameter mru 64 10240 Maximum frame size that can be received the specified va...

Page 113: ...ely If this is executed with the no syntax automatic detection is disabled and MDI is used Note This command can be specified only for LAN port When this command is used to change the settings link down temporarily occurs for the corresponding interface Example Disable cross straight automatic detection for LAN port 1 SWR2311P config interface port1 1 SWR2311P config if mdix auto disable 5 1 6 Set...

Page 114: ...the other unit supports EEE Note If another unit is not connected the display indicates that EEE is not supported Example Show EEE capabilities for LAN port 1 If the other unit supports EEE SWR2311P show eee capabilities interface port1 1 interface port1 1 EEE efficient ethernet yes 1000 T 100 TX Link Partner yes 1000 T 100 TX If the other unit does not support EEE SWR2311P show eee capabilities i...

Page 115: ...g to low power mode SWR2311P show eee status interface port1 1 interface port1 1 EEE efficient ethernet Operational Rx LPI Status Interrupted Tx LPI Status Interrupted Wake Error Count 0 If EEE is enabled and has transitioned to low power mode SWR2311P show eee status interface port1 1 interface port1 1 EEE efficient ethernet Operational Rx LPI Status Low Power Tx LPI Status Low Power Wake Error C...

Page 116: ...t mirroring status Syntax show mirror interface ifname Keyword interface Specify the monitor port to show Parameter ifname Interface name of the LAN SFP port Monitor port to show Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows the port mirroring setting If interface is omitted the settings for all monitor ports are shown The following items are shown for each monitor port...

Page 117: ...atus of all interfaces The following items are shown Item Description Interface Interface name Link is Link status 2 if shutdown shows the cause If shutdown is specified by shutdown If port error is detected by err disable Hardware is Interface type e g Ethernet VLAN HW addr Physical MAC address 1 Description Description of interface ifIndex Interface index number MRU Maximum Receive Unit 4 ARP ag...

Page 118: ...t packets Number of transmitted packets 2 bytes Number of transmitted bytes 2 multicast packets Number of transmitted multicast packets 2 broadcast packets Number of transmitted broadcast packets 2 drop packets Number of tail dropped packets transmitted 2 5 1 Shown only for physical interface 2 Shown only for physical interface and logical interface 3 Shown only for VLAN interface 4 In the case of...

Page 119: ...12 Show brief interface status Syntax show interface brief Input mode unprivileged EXEC mode priviledged EXEC mode individual configuration mode Description Shows brief interface status The following items are shown Item Description Interface Interface name Type Interface type 2 PVID VLAN ID that handles untagged frames 2 Mode Mode of the switchport 2 access untagged trunk tagged Status Link statu...

Page 120: ...port1 9 ETH 1 access up none 1g port1 10 ETH 1 access up none 1g Interface Status Reason vlan1 up vlan2 down PD Port channel Type PVID Mode Status Reason Speed Interface sa1 AGG 1 access up none 1g 5 1 13 Show frame counter Syntax show frame counter ifname Parameter ifname Interface name of the LAN SFP port Interface to show Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows...

Page 121: ...ed 128 255octet packets Number of packets with 128 255 octet length transmitted received 256 511octet packets Number of packets with 256 511 octet length transmitted received 512 1023octet packets Number of packets with 512 1023 octet length transmitted received 1024 MAXoctet packets Number of packets with 1024 maximum octet length 1 transmitted received 1 Varies depending on the MRU of each inter...

Page 122: ...mode unprivileged EXEC mode priviledged EXEC mode Description Shows the status of the SFP module For each item shows the current value upper threshold value and lower threshold value for each SFP port Item Description Temperature Internal temperature of the module C Voltage Voltage value V Current Current value mA TX Power Strength of light produced dBm RX Power Strength of light received dBm Exam...

Page 123: ... Threshold port1 25 7 5696 2 5527 0 0000 16 9897 40 0000 port1 26 port1 27 8 7614 1 0002 1 0017 18 0134 20 0000 port1 28 Unsupported Unsupported Unsupported Unsupported Unsupported 5 1 16 Set SFP module optical reception level monitoring Syntax sfp monitor rx power action no sfp monitor rx power Parameter action Operations for SFP module optical reception level monitoring Setting value Description...

Page 124: ...default settings of the static logical interface If a LAN SFP port is associated with a static logical interface the MSTP settings return to the default values The MSTP settings also return to the default values if the LAN SFP port is removed from the static logical interface It is not possible to associate a single LAN SFP port with multiple logical interface units You must use the no syntax to f...

Page 125: ...the LACP logical interface the LACP logical interface is deleted Up to twenty LAN SFP port units can be associated with one LACP logical interface If up to eight associated LAN SFP ports are combined into an LACP logical interface they are immediately combined into the LACP logical interface ports in excess of eight are standby ports used in case of a malfunction If a LAN SFP port is to be associa...

Page 126: ...ems are shown Item Description Etherchannel portN N LAN SFP port name Physical admin key Key that identifies physical characteristics created from bandwidth duplex mru and VLAN structure Receive machine state Status of the LACP protocol Receive machine transition variable Invalid Initialize Port disabled LACP disabled Expired Defaulted Current Periodic Transmission machine state Status of the LACP...

Page 127: ...port1 23 Shows the status of the LAN SFP ports that make up the LACP logical interface SWR2311P show etherchannel port1 17 Etherchannel port1 17 Physical admin key 3 Receive machine state Current Periodic Transmission machine state Slow periodic Mux machine state Collecting Distributing Selection Selected Information Actor Partner LAG 0x8000 00 a0 de e0 e0 e0 0x8000 00 a0 de 11 11 11 Admin Key 000...

Page 128: ... 0x LACP system ID Note The LACP system priority can be set by the lacp system priority command The LACP system ID is generated from the MAC address Example Show the LACP system priority SWR2311P show lacp sys id System 0x8000 00 a0 de e0 e0 e0 5 2 7 Set LACP timeout Syntax lacp timeout duration Parameter duration Specify the timeout duration Description short Sets the timeout to 3 seconds long Se...

Page 129: ...LACP frame counters If link id is omitted the frame counter of every existing LACP logical interface is cleared Example Clear the frame counter for every LACP logical interface SWR2311P clear lacp counters 5 2 9 Show LACP frame counter Syntax show lacp counter link id Parameter link id 1 127 LACP logical interface number Input mode unprivileged EXEC mode priviledged EXEC mode Description Show the ...

Page 130: ... rules to specify the forwarding destination interface of the load balance function If this command is executed with the no syntax the setting returns to the default Note This command is a system wide setting In the case of a frame that is not an IPv4 IPv6 packet the forwarding destination interface is determined according to the forwarding source and destination MAC addresses regardless of the ru...

Page 131: ...umber of ports able to convey data Link List of the constituent LAN SFP port see table below for details Link shows the following items Usage status Description Unselected Currently communicating with LACP control protocol Selected Selected as a LAN SFP port with LACP enabled Standby Specified as a standby LAN SFP port with LACP enabled Synchronization flag Description no Synchronization flag is n...

Page 132: ...Selected Synchronized yes Aggregator po2 ID 4602 Status Ready Actor LAG 0x8000 00 a0 de e0 e0 e0 Admin Key 0002 Partner LAG 0x8000 00 a0 de 11 11 11 Partner Key 0001 Link count 0 1 Link port1 23 Selected Synchronized no port1 24 Unselected Synchronized no Aggregator po127 ID 4727 Status Ready Actor LAG 0x8000 00 a0 de e0 e0 e0 Admin Key 0127 Partner LAG 0x8000 00 a0 de 11 11 11 Partner Key 0001 Li...

Page 133: ... system Syntax aaa authentication dot1x no aaa authentication dot1x Initial value no aaa authentication dot1x Input mode global configuration mode Description Enables IEEE 802 1X authentication for the entire system If this command is executed with the no syntax disables IEEE 802 1X authentication for the entire system Use a RADIUS server for authentication on which the radius server host command ...

Page 134: ... on the applicable interface as well auth web enable command Example Enable Web authentication for the entire system SWR2311P config aaa authentication auth web 5 3 4 Set operation mode for the IEEE 802 1X authentication function Syntax dot1x port control mode no dot1x port control Parameter mode Operation mode for IEEE 802 1X authentication Operation mode Description auto Operates as an authentic...

Page 135: ...ch the supplicant is connected from other ports are also discarded When in is specified only packets received from the supplicant are discarded and the broadcast multicast packets to the interface to which the supplicant is connected from other ports are forwarded Note This command can be specified only for LAN SFP port When the guest VLAN is configured using the applicable interface the settings ...

Page 136: ...bles MAC authentication for the applicable interface When this command is executed with the no syntax or when disable is specified MAC authentication is disabled Note This command can be specified only for LAN SFP port In order to actually use MAC authentication you need to enable MAC authentication for the entire system as well aaa authentication auth mac command Example Enable the LAN port 1 MAC...

Page 137: ...ue auth web disable Input mode interface mode Description Enables Web authentication for the applicable interface When this command is executed with the no syntax or when disable is specified Web authentication is disabled Note This command can be specified only for LAN SFP port In order to actually use Web authentication you need to enable Web authentication for the entire system as well aaa auth...

Page 138: ...multi host mode SWR2311P config interface port1 1 SWR2311P config if auth host mode multi host 5 3 11 Set re authentication Syntax auth reauthentication no auth reauthentication Initial value no auth reauthentication Input mode interface mode Description Enables reauthentication of supplicants for the applicable interface If this is executed with the no syntax the re authentication is disabled Whe...

Page 139: ...command cannot be set when Web authentication is enabled Example Enable dynamic VLAN on LAN port 1 SWR2311P config interface port1 1 SWR2311P config if auth dynamic vlan creation 5 3 13 Set the guest VLAN Syntax auth guest vlan vlan id no auth guest vlan Parameter vlan id 1 4094 VLAN ID for guest VLAN Initial value no auth guest vlan Input mode interface mode Description If the supplicant connecte...

Page 140: ...tion function for the applicable interface dot1x port control command auth mac enable command auth web enable command Example Set the suppression period for LAN port 1 to 300 SWR2311P config interface port1 1 SWR2311P config if auth timeout quiet period 300 5 3 15 Set reauthentication interval Syntax auth timeout reauth period time no auth timeout reauth period Parameter time 300 86400 Supplicatio...

Page 141: ... control command auth mac enable command auth web enable command Example This sets the reply wait time to the RADIUS server overall to 180 seconds for authentication requests from LAN port 1 SWR2311P config interface port1 1 SWR2311P config if auth timeout server timeout 180 5 3 17 Set supplicant reply wait time Syntax auth timeout supp timeout time no auth timeout supp timeout Parameter time 1 65...

Page 142: ...t default are used if this is omitted secret Single byte alphanumeric characters and single byte symbols other than the characters and spaces 64 characters or less Shared password the settings for the radius server key command are used if this is omitted Initial value none Input mode global configuration mode Description Adds a server to the authentication server list The maximum number of entries...

Page 143: ...3 20 Set number of times to resend requests to RADIUS server Syntax radius server retransmit count no radius server retransmit Parameter count 0 100 Number of times to resend request Initial value radius server retransmit 3 Input mode global configuration mode Description Sets the number of times to resend requests to a RADIUS server If this command is executed with the no syntax the setting retur...

Page 144: ... server deadtime 0 Input mode global configuration mode Description Sets the time during which the usage of the relevant server is prevented when a request to the RADIUS server has timed out If this command is executed with the no syntax the setting returns to the default Example This sets the usage prevention for the RADIUS server to 1 minute SWR2311P config radius server deadtime 1 5 3 23 Show p...

Page 145: ... 802 1X Authentication Force Authorized configured MAC Authentication Disabled configured disable WEB Authentication Enabled configured enable Host mode Multi supplicant Dynamic VLAN creation Disabled Guest VLAN Disabled Reauthentication Disabled Reauthentication period 3600 sec MAX request 2 times Supplicant timeout 30 sec Server timeout 30 sec Quiet period 60 sec Controlled directions In configu...

Page 146: ...rface port1 1 EAPOL frames Received frames 11 EAPOL Start 1 EAPOL Logoff 0 EAP Response ID 1 EAP Response 9 Invalid EAPOL 0 EAP Length error 0 Last EAPOL version 1 Last EAPOL source 0011 2233 4455 Transmitted frames 11 EAP Request ID 1 EAP Request 9 EAP Success 1 EAP Fail 0 RADIUS packets Received packets 10 Access Request 0 Access Challenge 9 Access Accept 1 Access Reject 0 Transmitted packets 10...

Page 147: ... Secret Key abcde Timeout 10 sec Retransmit Count 5 Deadtime 0 min Server Host 192 168 100 102 Authentication Port 1645 Secret Key fghij Timeout 5 sec Retransmit Count 3 Deadtime 0 min 5 3 28 Settings for redirect destination URL following successful Web authentication Syntax auth web redirect url url no auth web redirect url Parameter url Single byte alphanumeric characters and single byte symbol...

Page 148: ...cation state is cleared Initial value no auth clear state time Input mode global configuration mode Description Sets the time at which the authentication state for the supplicant is cleared for the entire system If this command is executed with the no syntax deletes the time setting for clearing the authentication state Note If a time has been set to clear the interface authentication state this w...

Page 149: ...nfig_num dst_config_num copy auth web custom file filename src_config_num dst_config_num Keyword all Copies the file for customizing all Web authentication screens Parameter filename Single byte alphanumeric characters and single byte symbols Filename of the file for customizing the Web authentication screen src_config_num Copy source configuration number Setting value Description 0 4 Number of th...

Page 150: ... Deletes logo png from startup configuration 0 SWR2311P erase auth web startup config logo png 0 5 4 Port security 5 4 1 Set port security function Syntax port security enable port security disable no port security Keyword enable Enables port security function disable Disables port security function Initial value port security disable Input mode interface mode Description Enables the port security...

Page 151: ...on Parameter action Operation used for port security violations Operation mode Description discard Discards packets shutdown Shuts down the port Initial value port security violation discard Input mode interface mode Description Sets the action to be taken during a port security violation for the applicable interface If this command is executed with the no syntax the setting returns to the default...

Page 152: ...rval 10 1000000 Time seconds until auto recovery Initial value no errdisable auto recovery bpduguard BPDU guard function errdisable auto recovery loop detect 300 Loop detection function Input mode global configuration mode Description Enables the function that automatically recovers after the error detection function causes the errdisable state and specifies the time until automatic recovery If in...

Page 153: ...etect 5 6 PoE 5 6 1 Set PoE power supply function system Syntax power inline switch no power inline Parameter switch System wide PoE power supply function settings Setting value Description enable Enables the system wide PoE power supply function disable Disables the system wide PoE power supply function Initial value power inline enable Input mode global configuration mode Description Set the sys...

Page 154: ...e setting returns to the default Note This will result in a command execution error on all other ports besides PoE port Even if the power supply function is enabled with interface mode power will not be supplied in the following circumstances When the system wide PoE power supply function is disabled When the applicable interface mode is in shutdown state Example Enable the PoE power supply functi...

Page 155: ...er supply priority for PoE port If the amount of power used by the PoE power supply has exceeded the maximum power supply will stop for the port with the lowest priority If this command is executed with the no syntax the setting returns to the default Note Power supply priority is shown using the show power inline command Example Set the power supply priority for port1 5 to high SWR2311P config in...

Page 156: ... Example Show PoE power supply information SWR2311P show power inline Show power supply information for port1 1 SWR2311P show power inline interface port1 1 156 Command Reference Interface control ...

Page 157: ...y is not registered in the MAC address table even if a frame is received Example Enable the MAC address acquisition function SWR2311P config mac address table learning enable 6 1 2 Set dynamic entry ageing time Syntax mac address table ageing time time no mac address table ageing time Parameter time 10 600 Ageing time seconds Initial value mac address table ageing time 300 Input mode global config...

Page 158: ...licable MST instance ID Input mode priviledged EXEC mode Description Deletes a dynamic entry from the MAC address table If a keyword is specified only the entries that match the applicable conditions are deleted If no keyword is specified all dynamic entries are deleted Example Delete the dynamic entry whose MAC address is 00a0 de11 2233 SWR2311P clear mac address table dynamic address 00a0 de11 2...

Page 159: ...ecified as discard a multicast MAC address cannot be specified as mac addr The following MAC addresses cannot be specified as mac addr 0180 c200 0000 0180 c200 000f 0180 c200 0020 0180 c200 002f Example Specify that frames addressed to 00a0 de11 2233 are forwarded to LAN port 2 SWR2311P config mac address table static 00a0 de11 2233 forward port1 2 6 1 5 Show MAC address table Syntax show mac addr...

Page 160: ...ingle byte alphanumeric characters and single byte symbols 32characters or less Name of the VLAN state Whether frame forwarding is enabled or disabled Setting value Description enable Frames are forwarded disable Frames are not forwarded Initial value none Input mode VLAN mode Description Sets the VLAN interface If this command is executed with the no syntax the VLAN interface is deleted If name i...

Page 161: ...e with the promiscuous port of the primary VLAN and with another interface that is associated with the same community VLAN but cannot communicate with a different community VLAN or with an interface that is associated with an isolated VLAN If this is set as an isolated VLAN it can communicate with the promiscuous port of the primary VLAN but cannot communicate with the community VLAN or with anoth...

Page 162: ...ation of or in the 2nd vlan ids the command setting will fail if you revert to an older version Rev 2 00 08 or earlier As a result normal communication might become impossible Example setting private vlan 100 association add 101 103 105 Example After specifying the following private VLAN associate the secondary VLANs to the primary VLAN VLAN 100 Primary VLAN VLAN 101 Secondary VLAN community VLAN ...

Page 163: ...switchport access vlan 1 Input mode interface mode Description Sets the VLAN ID that is associated as an access port with the applicable interface If this command is executed with the no syntax the setting returns to the default Note This command can be set only for a LAN SFP port or logical interface for which the switchport mode access command is set If this command is applied to a logical inter...

Page 164: ...t 1 as a trunk port SWR2311P config interface port1 1 SWR2311P config if switchport mode trunk 6 2 8 Set associated VLAN for trunk port tagged port Syntax switchport trunk allowed vlan all switchport trunk allowed vlan none switchport trunk allowed vlan add vlan ids switchport trunk allowed vlan except vlan ids switchport trunk allowed vlan remove vlan ids no switchport trunk Keyword all vlanAssoc...

Page 165: ...is set If you specify the switchport trunk allowed vlan add command with a combination of or in the vlan ids the command setting will fail if you revert to an older version Rev 2 00 08 or earlier As a result normal communication might become impossible Example setting switchport trunk allowed vlan add 101 103 105 Example Set LAN port 1 as the trunk port and associate it to VLAN 2 SWR2311P config i...

Page 166: ...private VLAN port type for the applicable interface If this is executed with the no syntax the setting of the private VLAN specified for the applicable interface is deleted Note This command can be set only for a LAN SFP port for which the switchport mode access command is set In addition promiscuous can be specified for the following interfaces Interface that is operating as a trunk port logical ...

Page 167: ...AN 102 LAN port 3 Primary VLAN 100 Secondary VLAN 103 SWR2311P config interface port1 1 SWR2311P config if switchport mode private vlan host SWR2311P config if switchport private vlan host association 100 add 101 SWR2311P config if interface port1 2 SWR2311P config if switchport mode private vlan host SWR2311P config if switchport private vlan host association 100 add 102 SWR2311P config if interf...

Page 168: ...romiscuous port only one promiscuous port can be associated with one isolated VLAN If you specify the switchport private vlan mapping add command with a combination of or in the 2nd vlan ids the command setting will fail if you revert to an older version Rev 2 00 08 or earlier As a result normal communication might become impossible Example setting switchport private vlan mapping 100 add 101 103 1...

Page 169: ...sible for the corresponding port Example Set the CoS value to 6 for using LAN port 1 as voice VLAN SWR2311P config interface port1 1 SWR2311P config if switchport voice cos 6 6 2 15 Set DSCP value for voice VLAN Syntax switchport voice dscp value no switchport voice dscp Parameter value 0 63 DSCP value to specify for connected device Initial value switchport voice dscp 0 Input mode interface mode ...

Page 170: ...rts Interfaces associated with the VLAN ID u Access port untagged port t Trunk port tagged port Example Show all VLAN information SWR2311P show vlan brief u Untagged t Tagged VLAN ID Name State Member ports 1 default ACTIVE port1 1 u port1 2 u port1 3 u port1 4 u port1 5 u port1 6 u port1 7 u port1 8 u port1 9 u port1 10 u 6 2 17 Show private VLAN information Syntax show vlan private vlan Input mo...

Page 171: ...for the entire system Note In order to enable spanning tree spanning tree must be enabled on the interface in addition to this command Example Disable spanning tree for the entire system SWR2311P config spanning tree shutdown 6 3 2 Set forward delay time Syntax spanning tree forward time time no spanning tree forward time Parameter time 4 30 Forward delay time seconds Initial value spanning tree f...

Page 172: ... of this command must satisfy the following conditions 2 x hello time 1 maximum aging time 2 x forward delay time 1 The forward delay time can be set by the spanning tree forward time command The hello time is always 2 seconds and cannot be changed Example Set the maximum aging time to 25 seconds SWR2311P config spanning tree max age 25 6 3 4 Set bridge priority Syntax spanning tree priority prior...

Page 173: ...N port 1 SWR2311P config interface port1 1 SWR2311P config if spanning tree disable 6 3 6 Set spanning tree link type Syntax spanning tree link type type no spanning tree link type Parameter type Link type Setting value Description point to point Point to point link shared Shared link Initial value spanning tree link type point to point Input mode interface mode Description Sets the link type for ...

Page 174: ...cified only for LAN SFP port and logical interface It is not possible to specify this command for a LAN SFP port that is associated to a logical interface If a LAN SFP port is associated with a logical interface the setting of this command for the corresponding LAN SFP port returns to the default Example Enable BPDU filtering for LAN port 1 SWR2311P config interface port1 1 SWR2311P config if span...

Page 175: ...th cost 1 200000000 Path cost value Initial value Use the following values according to the link speed of the interface Link speed Path cost value 1000Mbps 20000 100Mbps 200000 10Mbps 2000000 For a logical interface the path cost value is calculated based on totaling the link speed of each associated LAN SFP port Input mode interface mode Description Sets the path cost of the applicable interface ...

Page 176: ...1 priority to 64 SWR2311P config interface port1 1 SWR2311P config if spanning tree priority 64 6 3 11 Set edge port for interface Syntax spanning tree edgeport no spanning tree edgeport Initial value no spanning tree edgeport Input mode interface mode Description Sets the edge port of the applicable interface If this command is executed with the no syntax the setting returns to the default Note T...

Page 177: ...ge identifier This consists of the bridge priority the first four hexadecimal digits and MAC address topology change s Number of times that a topology change has occurred to be precise this indicates the number of BPDU that have the TC flag last topology change Date and time at which the last topology change occurred Ifindex Interface index number Port Id Interface s port ID Role Role of the inter...

Page 178: ...ault Bridge up Spanning Tree Enabled topology change detected Default CIST Root Path Cost 0 CIST Root Port 0 CIST Bridge Priority 32768 Default Forward Delay 15 Hello Time 2 Max Age 20 Transmit Hold Count 6 Max hops 20 Default CIST Root Id 8000ac44f2300110 Default CIST Reg Root Id 8000ac44f2300110 Default CIST Bridge Id 8000ac44f2300110 Default 6 topology change s last topology change Tue Feb 27 1...

Page 179: ...l Current Port State Forwarding Port ID 8389 Port Number 389 Path Cost 20000 Message Age 0 Designated Root ac 44 f2 30 01 10 Designated Cost 0 Designated Bridge ac 44 f2 30 01 10 Designated Port Id 0x8389 Top Change Ack FALSE Config Pending FALSE PORT Based Information Statistics Config Bpdu s xmitted 3 Config Bpdu s received 0 TCN Bpdu s xmitted 2 TCN Bpdu s received 3 Forward Trans Count 1 STATU...

Page 180: ...e to normal mode If interface is omitted the status of all interfaces is cleared Note If a STP BPDU is received the interface that received it will operate in STP compatibility mode However even if STP BPDU is no longer received subsequently the corresponding interface continues to operate in STP compatibility mode In such cases you can execute this command to make the interface return from STP co...

Page 181: ...tance id vlan vlan id Parameter instance id 1 15 Instance ID vlan id 2 4094 VLAN ID set by the vlan command Initial value none Input mode MST mode Description Associates a VLAN with an MST instance If this command is executed with the no syntax the VLAN association for the MST instance is deleted If as a result of this deletion not even one VLAN is associated with the MST instance the MST instance...

Page 182: ...ance 2 to a priority of 4096 SWR2311P config spanning tree mst configuration SWR2311P config mst instance 2 SWR2311P config mst instance 2 priority 4096 6 3 19 Set MST region name Syntax region region name no region Parameter region name Single byte alphanumeric characters and single byte symbols 32characters or less Region name Initial value region Default Input mode MST mode Description Sets the...

Page 183: ...nstance setting is deleted Note This command can be specified only for LAN SFP port and logical interface It is not possible to specify this command for a LAN SFP port that is associated to a logical interface If a LAN SFP port is associated with a logical interface the setting of this command for the corresponding LAN SFP port returns to the default Example Set MST instance 2 for LAN port 1 SWR23...

Page 184: ... specified for the applicable interface path cost 1 200000000 Path cost value Initial value Use the following values according to the link speed of the interface Link speed Path cost value 1000Mbps 20000 100Mbps 200000 10Mbps 2000000 For a logical interface the path cost value is calculated based on totaling the link speed of each associated LAN SFP port Input mode interface mode Description Sets ...

Page 185: ...ption Shows MSTP information Normally this shows association information for the MST instance and VLAN and interface If detail is specified this shows detailed information for the interface and MST instance If interface is omitted information for all interfaces is shown Note A LAN SFP port that is associated with a logical interface cannot be specified as ifname Example Show MSTP information SWR23...

Page 186: ...er disabled Current bpdu filter off port1 19 no root guard configured Current root guard off port1 19 Configured Link Type point to point Current point to point port1 19 No auto edge configured Current port Auto Edge off Instance 1 Vlans 100 Default MSTI Root Path Cost 0 MSTI Root Port 0 MSTI Bridge Priority 32768 Default MSTI Root Id 8001ac44f2300110 Default MSTI Bridge Id 8001ac44f2300110 port1 ...

Page 187: ...ide loop detection function disable Disables system wide loop detection function Initial value loop detect disable Input mode global configuration mode Description Enables or disables the system wide loop detection function If this command is executed with the no syntax the setting returns to the default Note The spanning tree function and the loop detection function can be used together on the en...

Page 188: ...ces LAN SFP port on which the spanning tree function is operating However because a Forwarding port transmits and receives LDF the loop detection will operate if misconnection or another issue causes a loop to occur LAN SFP port that is operating as a trunk port for which native VLAN is not specified LAN SFP port that is inside a logical interface The following table shows which function is enable...

Page 189: ...blocking enable Do not block if a loop is detected on LAN port 1 SWR2311P config interface port1 1 SWR2311P config if loop detect blocking disable 6 4 4 Reset loop detection status Syntax loop detect reset Input mode priviledged EXEC mode Description Resets the loop detection status of all interfaces Note This command can be executed only if the system wide loop detection function is enabled Examp...

Page 190: ...on status SWR2311P show loop detect loop detect Enable port loop detect port blocking status port1 1 enable enable Detected port1 2 enable enable Blocking port1 3 enable enable Normal port1 4 enable enable Normal port1 5 enable disable Normal port1 6 enable enable Normal port1 7 enable enable Shutdown port1 8 disable enable port1 9 enable enable Normal Indicates that the feature is enabled 190 Com...

Page 191: ...e IPv4 addresses can be assigned to a maximum of 8 VLAN interfaces An IPv4 address can be specified for only one VLAN interface If this command is executed with the no syntax the specified IPv4 address is deleted If a label is specified it is shown in the IPv4 address field by the show interface command Note It is not possible to assign an IPv4 address of the same subnet to multiple interfaces Exa...

Page 192: ...me of DHCP server Parameter hostname Host name or IPv4 address A B C D Initial value none Input mode interface mode Description Using the DHCP client assigns the IPv4 address granted by the DHCP server to the VLAN interface If the DHCP server is specified the HostName option option code 12 can be added to the Discover Request message If an IPv4 address has been obtained you can execute the no ip a...

Page 193: ...in name Note Example Show the current DHCP client status SWR2311P show dhcp lease Interface vlan1 IP Address 192 168 100 2 Expires 2018 01 01 00 00 00 Renew 2018 01 01 00 00 00 Rebind 2018 01 01 00 00 00 Server Options subnet mask 255 255 255 0 default gateway 192 168 100 1 dhcp lease time 259200 domain name servers 192 168 100 1 dhcp server identifier 192 168 100 1 domain name example com 7 1 5 S...

Page 194: ...4 route control 7 2 1 Set static IPv4 route Syntax ip route ip_address mask gateway number ip route ip_address mask null number ip route ip_address netmask gateway number ip route ip_address netmask null number no ip route ip_address mask gateway number no ip route ip_address mask null number no ip route ip_address netmask gateway number no ip route ip_address netmask null number Keyword null Disc...

Page 195: ... the routing entry that matches the destination is shown Example Show the entire IPv4 forwarding information base SWR2311P show ip route Codes C connected S static candidate default Gateway of last resort is 192 168 100 1 to network 0 0 0 0 S 0 0 0 0 0 1 0 via 192 168 100 1 vlan1 S 172 16 0 0 16 1 0 via 192 168 200 240 vlan100 S 192 168 1 1 32 1 0 is directly connected vlan100 C 192 168 100 0 24 i...

Page 196: ... a summary of the route entries that are registered in the IPv4 Routing Information Base SWR2311P show ip route summary IP routing table name is Default IP Routing Table 0 IP routing table maximum paths is 1 Route Source Networks connected 2 static 3 Total 5 7 3 ARP 7 3 1 Show ARP table Syntax show arp Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows the ARP cache The ARP ...

Page 197: ... 0000 port1 1 7 3 4 Set ARP timeout Syntax arp ageing timeout time no arp ageing timeout time Parameter time 1 3000 ARP entry ageing timeout seconds Initial value arp ageing timeout 1200 Input mode interface mode Description Changes the length of time that ARP entries are maintained in the applicable VLAN interface ARP entries that are not received within this length of time are deleted If this co...

Page 198: ... If there is a reply show it Show statistical information when the command ends Example Ping the IP address 192 168 100 254 three times with a data size of 120 bytes SWR2311P ping 192 168 100 254 repeat 3 size 120 PING 192 168 100 254 192 168 100 254 120 data bytes 128 bytes from 192 168 100 254 seq 0 ttl 255 time 8 368 ms 128 bytes from 192 168 100 254 seq 1 ttl 255 time 9 946 ms 128 bytes from 1...

Page 199: ...e assigned to a maximum of 8 VLAN interfaces If IPv6 is disabled related settings are also simultaneously deleted If this command is executed with the no syntax the setting returns to the default Note The automatically specified link local address can be viewed by using the show ipv6 interface brief command Example Enable IPv6 for VLAN 1 SWR2311P config interface vlan1 SWR2311P config if ipv6 enab...

Page 200: ...xecuting this command the setting of the ipv6 address ipv6_address prefix_len command is automatically deleted If this command is executed with the no syntax the RA setting is deleted Note Example Use RA to set the IPv6 address for VLAN 1 SWR2311P config interface vlan1 SWR2311P config if ipv6 address autoconfig 7 5 4 Show IPv6 address Syntax show ipv6 interface interface brief Parameter interface...

Page 201: ... default gateway gateway X X X X IPv6 address of gateway If you specify an IPv6 link local address you must also specify the output interface fe80 X vlanN format number 1 255 Management route priority order when selecting route if omitted 1 Lower numbers have higher priority Input mode global configuration mode Description Adds a static route for IPv6 If this command is executed with the no syntax...

Page 202: ... Show the route used for sending packets that are addressed to 2001 db8 1 2 SWR2311P show ipv6 route 2001 db8 1 2 Routing entry for 2001 db8 1 64 Known via connected distance 0 metric 0 best Last update 00 18 27 ago directly connected vlan1 7 6 3 Show IPv6 Routing Information Base Syntax show ipv6 route database Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows the IPv6 Rou...

Page 203: ...or ipv6_address interface Parameter ipv6_address X X X X IPv6 address interface vlanN VLAN interface name mac_address HHHH HHHH HHHH MAC address interface portN M Physical interface name Input mode global configuration mode Description Adds a static entry to the neighbor cache If this command is executed with the no syntax the specified static entry is deleted Note Example Set the MAC address of I...

Page 204: ...yword repeat Specifies the number of times to execute size Specifies the length of the ICMPv6 payload byte units timeout Specifies the time to wait for a reply after transmitting the specified number of Echo requests Parameter host Host name or target IPv6 address X X X X Target to which ICMPv6 Echo is sent If you specify an IPv6 link local address you must also specify the output interface fe80 X...

Page 205: ...7 554 10 210 ms 7 8 2 Check IPv6 route Syntax traceroute6 host Parameter host Destination for which to check the route Host name or target IPv6 address X X X X Input mode priviledged EXEC mode Description Shows information for the route to the specified host Note Example Check the route to 2001 db8 1 2 SWR2311P traceroute6 2001 db8 1 2 traceroute to 2001 db8 1 2 2001 db8 1 2 30 hops max 1 2001 db8...

Page 206: ...with the no syntax the specified server is deleted from the DNS server list Note If the ip address dhcp command was used to obtain the DNS server list from the DHCP server the setting of this command takes priority However if fewer than three items were registered to the DNS server list by this command up to a total of three items of the DNS server list obtained from the DHCP server are added to t...

Page 207: ... mode global configuration mode Description Adds a domain name to the list of domain names used for DNS queries Up to six domains can be registered in the search domain list If this command is executed with the no syntax the specified domain name is deleted from the search domain list Note If a search domain list is specified by this command the default domain name specified by the dns client doma...

Page 208: ...list IP address Example Show the DNS client information SWR2311P show dns client DNS client is enabled Default domain example com Domain list example1 com example2 com Name Servers 192 168 100 1 2001 db8 1234 fe80 2a0 deff fe11 2233 vlan1 Values assigned by DHCP Client 208 Command Reference Layer 3 functions ...

Page 209: ...MAC address table Example Discard unknown multicast SWR2311P config l2 unknown mcast discard 8 2 IGMP snooping 8 2 1 Set enable disable IGMP snooping Syntax ip igmp snooping switch no ip igmp snooping Parameter switch IGMP snooping operations Setting value Description enable Enable IGMP snooping disable Disable IGMP snooping Initial value ip igmp snooping enable Input mode interface mode Descripti...

Page 210: ...hich multiple hosts are connected to the LAN SFP port Example Enable IGMP snooping fast leave for VLAN 2 SWR2311P configure terminal SWR2311P config interface vlan2 SWR2311P config if ip igmp snooping fast leave Disable IGMP snooping fast leave for VLAN 2 SWR2311P configure terminal SWR2311P config interface vlan2 SWR2311P config if no ip igmp snooping fast leave 8 2 3 Set multicast router connect...

Page 211: ...disabled Note This command can be specified only for VLAN interface Also this can be specified only if IGMP snooping is enabled Note that if you change the IP address while leaving this command enabled queries will no longer be sent with the correct IP address following the change Example Enable the transmission function for VLAN 2 SWR2311P configure terminal SWR2311P config interface vlan2 SWR231...

Page 212: ...scription Sets the TTL value verification function for IGMP packets If this command is executed with the no syntax the setting returns to the default When this is enabled IGMP packets with illegal TTL values in the IP header besides 1 will be discarded When disabled the relevant packet will be discarded and the TTL value will be corrected to 1 and forwarded Note This command can be specified only ...

Page 213: ...WR2311P config if ip igmp snooping version 2 On VLAN 2 return the IGMP version to the default setting SWR2311P configure terminal SWR2311P config interface vlan2 SWR2311P config if no ip igmp snooping version 8 2 8 Show multicast router connection port information Syntax show ip igmp snooping mrouter ifname Parameter ifname VLAN interface name Interface to show Input mode unprivileged EXEC mode pr...

Page 214: ...07 10 Group mode Exclude Expires 00 04 13 Last reporter 192 168 100 11 Source list is empty 8 2 10 Show an interface s IGMP related information Syntax show ip igmp snooping interface ifname Parameter ifname VLAN interface name Interface to show Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows IGMP related information for a VLAN interface Example Show IGMP related informati...

Page 215: ...Specifies the multicast group address to be cleared interface Specifies the VLAN interface to be cleared Parameter A B C D Multicast group address indicates all entries ifname VLAN interface name Interface to clear Input mode priviledged EXEC mode Description Clears IGMP group membership entries Example Clear IGMP group membership entries for VLAN 1 SWR2311P clear ip igmp snooping interface vlan1 ...

Page 216: ...ied as the protocol the URG flag of the TCP header is specified as a condition Parameter ipv4 acl id 1 2000 ID of IPv4 access list seq_num 1 65535 Sequence number Specifies the position of the entry within the applicable access list If the sequence number is omitted the entry is added to the end of the list At this time the new entry is automatically given a number that is 10 greater than the last...

Page 217: ... Specify port number X range X Y Specify port numbers X through Y Initial value none Input mode global configuration mode Description Generates an IPv4 access list Multiple conditions maximum 39 can be specified for the generated access list To apply the generated access list use the access group command of interface mode If the no syntax is used to specify action and following the IPv4 access lis...

Page 218: ...tes the previous one Example Create access list 1 that denies communication from source segment 192 168 1 0 24 to destination 172 16 1 1 and add the comment Test SWR2311P config access list 1 deny any 192 168 1 0 0 0 0 255 host 172 16 1 1 SWR2311P config access list 1 description Test 9 1 3 Apply IPv4 access list Syntax access group ipv4 acl id direction no access group ipv4 acl id direction Param...

Page 219: ...es the position of the entry within the applicable access list If the sequence number is omitted the entry is added to the end of the list At this time the new entry is automatically given a number that is 10 greater than the last existing entry If an entry is initially added without a sequence number its entry number will be 10 action Specifies the action for the access condition Setting value De...

Page 220: ...on mode Description Adds a comment remark to the already generated IPv6 access list If this is executed with the no syntax the comment is deleted from the IPv6 access list Note You can use this command to add a comment even after the access list has been applied to the LAN SFP port The last written comment overwrites the previous one Example Create IPv6 access list 3002 which denies frames from 3f...

Page 221: ...access list Syntax access list mac acl id seq_num action src info dst info no access list mac acl id seq_num action src info dst info Parameter mac acl id 2001 3000 ID of MAC access list seq_num 1 65535 Sequence number Specifies the position of the entry within the applicable access list If the sequence number is omitted the entry is added to the end of the list At this time the new entry is autom...

Page 222: ...ancel the application and then delete the access list W and H represent a single character from the range 0 9 a f and A F Example Create MAC access list 2001 which denies frames from MAC address 00 A0 DE 12 34 56 SWR2311P config access list 2001 deny mac 00A0 DE12 3456 0000 0000 0000 any Delete MAC access list 2001 SWR2311P config no access list 2001 9 1 8 Add comment to MAC access list Syntax acc...

Page 223: ...action permit deny for the corresponding frame If this is executed with the no syntax the applied access list is deleted from the LAN SFP port Note The restrictions of the access list apply only to frames that are subject to being relayed Frames that are transmitted autonomously are excluded from these restrictions It is not possible to register multiple access lists for a single interface Access ...

Page 224: ...are shown by the show access list command Example Clear counters SWR2311P clear access list counters 9 1 12 Show access list applied to interface Syntax show access group Input mode unprivileged EXEC mode priviledged EXEC mode Description For each interface shows the ID of all access lists that are applied Example Show a list SWR2311P show access group Interface port1 7 IPv4 access group 1 in Inte...

Page 225: ...LAN access map mode Description Sets the access list that is applied to the corresponding VLAN access map If this command is executed with the no syntax the specified access list is deleted from the corresponding VLAN access map Note Only one access list can be specified for one VLAN access map You can use the show vlan access map command to view the setting Example Create a VLAN access map named ...

Page 226: ...config vlan access map exit SWR2311P config vlan filter VAM001 1000 9 1 16 Show VLAN access map Syntax show vlan access map Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows the registered VLAN access map The following items are shown Name of the VLAN access map Access list applied to VLAN access map Example Show VLAN access map information SWR2311P show vlan access map Vla...

Page 227: ...enabled Example Enable QoS SWR2311P config qos enable Disable QoS SWR2311P config qos disable 9 2 2 Set default CoS Syntax qos cos value no qos cos Parameter value 0 7 Default CoS value Initial value qos cos 0 Input mode interface mode Description Sets the default CoS If this is executed with the no syntax the default value CoS 0 is specified The default CoS is used if untagged frames are received...

Page 228: ... associated with the receiving port can be changed by using the following commands Trust mode Setting value used for egress queue determination Corresponding command CoS CoS egress queue ID conversion table qos cos queue DSCP DSCP egress queue ID conversion table qos dscp queue Port Priority Priority specified for each receiving port qos port priority queue Within the various QoS processes there a...

Page 229: ...nt is shown Item Description Port Trust Mode Trust mode of LAN SFP port CoS DSCP Port Priority Input Policy Map Name Name of policy map already applied to the LAN SFP port class map information note 1 Port Default CoS Priority Default CoS value note 2 Port Priority Queue Port priority order note 3 Egress Traffic Shaping Traffic shaping individual port Egress Traffic Queue Shaping Traffic shaping i...

Page 230: ...t Trust Mode DSCP Egress Traffic Shaping Not Configured Queue Scheduling Queue0 SP Queue1 SP Queue2 SP Queue3 SP Queue4 SP Queue5 SP Queue6 SP Queue7 SP DSCP Queue 0 2 1 2 2 2 3 2 4 2 5 2 6 2 7 2 8 0 9 0 10 0 11 0 12 0 13 0 14 0 15 0 16 1 17 1 18 1 19 1 20 1 21 1 22 1 23 1 24 3 25 3 26 3 27 3 28 3 29 3 30 3 31 3 32 4 33 4 34 4 35 4 36 4 37 4 38 4 39 4 40 5 41 5 42 5 43 5 44 5 45 5 46 5 47 5 48 6 4...

Page 231: ...cos queue cos value queue id no qos cos queue Parameter cos value 0 7 CoS value of conversion source queue id 0 7 Egress queue ID corresponding to CoS value Initial value See Note Input mode global configuration mode Description Specifies the values of the CoS egress queue ID conversion table that is used to determine the egress queue If this is executed with the no syntax the egress queue ID for ...

Page 232: ...e the egress queue If this is executed with the no syntax the egress queue ID for the specified DSCP value is returned to the default setting The DSCP egress queue ID conversion table is used when the trust mode is set to DSCP Note In order to execute this command QoS must be enabled The following table shows the default settings of the DSCP egress queue ID conversion table DSCP value Egress queue...

Page 233: ...t from cpu Parameter queue id 0 7 Egress queue ID Initial value qos queue sent from cpu 7 Input mode global configuration mode Description Specifies the egress queue for the storage destination of frames sent to each LAN SFP port from the switch itself CPU If this is executed with the no syntax the default value 7 is specified Note In order to execute this command QoS must be enabled If the priori...

Page 234: ...2 12 Associate class map Syntax class name no class name Parameter name Class map name Input mode policy map mode Description Associates a class map to a policy map When the class map association succeeds move to policy map class mode In policy map class mode you can make the following settings for each traffic class Pre marking or specifying the egress queue Metering Policing Remarking If this co...

Page 235: ...1 2000 IPv4 access list ID 2001 3000 MAC access list ID 3001 4000 IPv6 access list ID name Access list name Input mode class map mode Description Uses the access list as the conditions to classify the traffic class If the received frame matches the conditions in the access list the action in the access list will be the action permit deny for the traffic class If this is executed with the no syntax...

Page 236: ...s executed with the no syntax the classification conditions using TOS precedence are deleted The setting can be repeated up to the maximum number eight of registrations Note In order to execute this command QoS must be enabled Example Specify TOS precedence values 3 and 4 as the classification conditions for class map class1 SWR2311P config class map class1 SWR2311P config cmap match ip precedence...

Page 237: ...bled Example Set Ethernet frame type value 0x0800 as the classification condition for class map class1 SWR2311P config class map class1 SWR2311P config cmap match ethertype 0x0800 9 2 18 13 2 22 Set traffic classification conditions VLAN ID Syntax match vlan id no match vlan Parameter id 1 4094 VLAN ID used as classification condition Input mode class map mode Description Uses the VLAN ID as the c...

Page 238: ...config class map class1 SWR2311P config cmap match vlan range 20 to 30 9 2 20 Show class map information Syntax show class map name Parameter name Class map name If this is omitted all class map information is shown Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows information for the specified class map The following information is shown for each class map Section Item Des...

Page 239: ...the specified policy map has already been generated the change is applied to the previous settings However if the policy map is already applied to a LAN SFP port it cannot be edited or deleted Example Make the following settings for received frames to LAN port 1 Permit traffic from the 10 1 0 0 network Categorize bandwidth classes as CIR 48kbps CBS 12kbyte and EBS 12kbyte Green forward Yellow rewr...

Page 240: ...or which remarking is enabled refers to when the yellow action or red action of the police command is set to remark and the remark map of the corresponding color is specified Example Apply policy map policy1 to LAN port 1 SWR2311P config interface port1 1 SWR2311P config if service policy input policy1 Remove policy map policy1 from LAN port 1 SWR2311P config interface port1 1 SWR2311P config if n...

Page 241: ...ed TOS value In addition reassign the egress queue according to the egress queue ID table that corresponds to the trust mode If this is executed with the no syntax pre marking processing of the TOS precedence corresponding to the traffic class is removed Note In order to execute this command QoS must be enabled Pre marking cannot be used in conjunction with the set egress queue function Example Ma...

Page 242: ... 40 48 56 2474 Assured Forwarding 10 12 14 18 20 22 26 28 30 34 36 38 2597 Expedited Forwarding EF 46 2598 Example Make the following settings for received frames of LAN port 1 Permit traffic from the 10 1 0 0 network Change the classified traffic class to the DSCP value 10 Traffic class definition SWR2311P config access list 1 permit any 10 1 0 0 0 0 255 255 any SWR2311P config class map class1 S...

Page 243: ...ault settings Yellow forward Red discard are applied If this is executed with the no syntax metering policing remarking processing is deleted This cannot be used in conjunction with the aggregate policer police aggregate command Note In order to execute this command QoS must be enabled Example Make the following settings for received frames of LAN port 1 Permit traffic from the 10 1 0 0 network Ca...

Page 244: ...d remarking settings are made using the remark map command policy map class mode Regardless of whether action is set to remark remarking is disabled if there are no detailed remarking settings for that bandwidth class In this case the default settings Yellow forward Red discard are applied If this is executed with the no syntax metering policing remarking processing is deleted This cannot be used ...

Page 245: ...ividual policers In addition reassign the egress queue according to the egress queue ID table that corresponds to the trust mode For remarking you can select either CoS value TOS precedence or DSCP value If this is executed with the no syntax the remarking setting is deleted In order to perform remarking you must specify this command and additionally use the police command policy map class mode to...

Page 246: ...nd lowercase are distinguished Input mode global configuration mode Description Generates an aggregate policer If the policer has already been generated this command edits its content When the command succeeds you transition to aggregate policer mode where you can edit the content of the aggregate policer If this command is executed with the no syntax the aggregate policer is deleted In the follow...

Page 247: ...llow or Red not both Detailed remarking settings are made using the remark map command aggregate policer mode Regardless of whether action is set to remark remarking is disabled if there are no detailed remarking settings for that bandwidth class In this case the default settings Yellow forward Red discard are applied Note In order to execute this command QoS must be enabled Example Create an aggr...

Page 248: ...ither Yellow or Red not both Detailed remarking settings are made using the remark map command aggregate policer mode Regardless of whether action is set to remark remarking is disabled if there are no detailed remarking settings for that bandwidth class In this case the default settings Yellow forward Red discard are applied Note In order to execute this command QoS must be enabled Example Create...

Page 249: ...ponding bandwidth class Note In order to execute this command QoS must be enabled Remarking can be used in conjunction with pre marking and specifying the egress queue Up to four user defined values may be used for pre marking remarking to a DSCP value not recommended in the RFC The following table shows the DSCP values that are recommended in the RFC PHB DSCP value RFC default 0 2474 Class Select...

Page 250: ...s executed with the no syntax the aggregate policer settings for the traffic class are removed This cannot be used in conjunction with an individual policer the police single rate and police twin rate commands of policy map class mode Note In order to execute this command QoS must be enabled Example Apply aggregate policer AGP 01 to the two traffic classes class1 and class2 of policy map policy1 E...

Page 251: ...as bandwidth class Red The count starts when the policy map is applied to the LAN SFP port Note In order to execute this command QoS must be enabled Example Show the metering totals for LAN port 1 SWR2311P show qos metering counters port1 1 Interface port1 1 policy1 Individual Class map class1 Green Bytes 178345 Yellow Bytes 0 Red Bytes 0 Aggregate Aggregate policer AGP 01 Class map class2 class3 ...

Page 252: ...s map that includes this command that policy map cannot be applied to a port that uses DSCP trust mode Example Make the following settings for received frames of LAN port 1 Permit traffic from the 10 1 0 0 network Change the classified traffic class to egress queue 3 CoS 3 Traffic class definition SWR2311P config access list 1 permit any 10 1 0 0 0 0 255 255 any SWR2311P config class map class1 SW...

Page 253: ... Policy settings SWR2311P config policy map policy1 SWR2311P config pmap class class1 SWR2311P config pmap c set ip dscp queue 24 SWR2311P config pmap c exit SWR2311P config pmap exit SWR2311P config interface port1 1 SWR2311P config if service policy input policy1 9 2 39 Show policy map information Syntax show policy map name Parameter name Policy map name If this is omitted all policy map inform...

Page 254: ... size of conformant token bucket kBytes peak burst size Burst size of peak token bucket kBytes yellow action Action for bandwidth class Yellow transmit drop remark red action Action for bandwidth class Red drop remark Of the various items in the Match and the Set only the single item that has been specified is shown The Match the Set and the Police are not shown if the corresponding command match ...

Page 255: ...itation Whether attachment is possible for each trust mode class map Item Display information policy map asociation List of policy maps to which the class map is associated edit erase Whether class map no class map can be executed attach limitation Whether attachment is possible for each trust mode Use the show policy map and show class map commands to check the settings of the policy map or class...

Page 256: ...method Note In order to execute this command QoS must be enabled Example Set egress queues 7 and 6 to the SP method 7 has priority and set 5 4 3 2 1 and 0 to the WRR method 5 5 5 2 1 1 SWR2311P config no qos wrr weight 7 SWR2311P config no qos wrr weight 6 SWR2311P config qos wrr weight 5 5 SWR2311P config qos wrr weight 4 5 SWR2311P config qos wrr weight 3 5 SWR2311P config qos wrr weight 2 2 SWR...

Page 257: ...R burst BC no traffic shape queue queue id rate Parameter queue id 0 7 Egress queue ID CIR 18 1000000 Traffic rate kbps Since rounding occurs the value actually applied to the input value might be less see Note BC 4 16000 Burst size kbyte Specified in 4 kbyte units Initial value no traffic shpe queue 0 rate no traffic shpe queue 1 rate no traffic shpe queue 2 rate no traffic shpe queue 3 rate no t...

Page 258: ...re system IEEE 802 3x PAUSE frames send receive If this is executed with the no syntax flow control is disabled Note If the QoS function is enabled it is not possible to enable flow control for the system If flow control is enabled the tail drop function is automatically disabled Flow control for each interface operates only if the flow control settings of the system and of the interface are each ...

Page 259: ...1 SWR2311P config if no flowcontrol 9 3 3 Show flow control operating status Syntax show flowcontrol inteface ifname Keyword interface Specifies the interface to show Parameter ifname Name of LAN SFP port If this is omitted the command applies to all interfaces Interface to show Input mode unprivileged EXEC mode priviledged EXEC mode Description Shows information related to flow control enabled di...

Page 260: ...N SFP port enabling broadcast storm control multicast storm control and control of unicast frames with unknown address Incoming frames that exceed the threshold value are discarded However no reception restrictions are applied if the threshold value is 100 The threshold value is common to all frames and cannot be specified individually Example Enable broadcast storm control and multicast storm con...

Page 261: ...Level McastLevel UcastLevel port1 1 30 00 30 00 100 00 port1 2 20 00 20 00 20 00 port1 3 100 00 100 00 100 00 port1 4 100 00 100 00 100 00 port1 5 50 00 50 00 100 00 port1 6 100 00 100 00 100 00 port1 7 100 00 100 00 30 00 port1 8 100 00 100 00 30 00 port1 9 100 00 100 00 100 00 port1 10 100 00 100 00 100 00 Command Reference Traffic control 261 ...

Page 262: ...ring counters 251 clear spanning tree detected protocols 180 clear ssh host 81 clear ssh server host key 78 clock set 40 clock timezone 40 cold start 107 config auto set enable 101 copy auth web custom file 149 copy running config startup config 31 copy startup config 34 copy tech support sd 39 D description 111 dns client 205 dns client domain list 207 dns client domain name 206 dns client name s...

Page 263: ...rval 42 ntpdate oneshot 42 ntpdate server 41 P password 26 password encryption 27 ping 197 ping6 204 police single rate aggregate policer mode 246 police single rate policy map class mode 242 police twin rate aggregate policer mode 247 police twin rate policy map class mode 243 police aggregate 250 policy map 239 port channel load balance 130 port security enable 150 port security mac address 151 ...

Page 264: ...interface 229 show qos map status 254 show qos metering counters 251 show qos queue counters 230 show radius server 147 show rmon 62 show rmon alarm 64 show rmon event 64 show rmon history 64 show rmon statistics 63 show running config 32 show snmp community 56 show snmp group 57 show snmp user 57 show snmp view 56 show spanning tree 176 show spanning tree mst 185 show spanning tree mst config 185...

Page 265: ...hport voice cos 169 switchport voice dscp 169 switchport voice vlan 168 T telnet 68 telnet client 68 telnet server 65 telnet server access 67 telnet server interface 66 terminal length 44 terminal watch enable 96 terminal watch interval 96 tftp server 69 tftp server interface 69 tlv select basic mgmt 85 tlv select ieee 8021 org specific 85 tlv select ieee 8023 org specific 86 tlv select med 86 tra...

Page 266: ...266 Command Reference Index ...