Owner's manual

ManualsBrandsAllied Telesis ManualsComputer HardwareAT-S95 CLI (AT-8000GS Series)

613-001982 Rev. A

Management

Software

AT-S95

CLI User’s Guide

AT-8000GS Series Stackable Gigabit Ethernet Switches

Version 2.0.0.27

Summary of content (397 pages)

PAGE 1
Management Software AT-S95 CLI User’s Guide AT-8000GS Series Stackable Gigabit Ethernet Switches Version 2.0.0.27 613-001982 Rev.
PAGE 2
Copyright © 2014 Allied Telesis, Inc. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesis, Inc. Allied Telesis is a trademark of Allied Telesis, Inc. Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation. Netscape Navigator is a registered trademark of Netscape Communications Corporation.
PAGE 3
Table of Contents Preface ................................................................................................................................. 14 Intended Audience......................................................................................................................... 15 Document Conventions ................................................................................................................. 15 Contacting Allied Telesis ...............................................
PAGE 4
Allied Telesis AT-8000GS Command Line Interface User’s Guide login authentication.............................................................................................................................. 41 enable authentication .......................................................................................................................... 42 ip http authentication ...........................................................................................................................
PAGE 5
sntp anycast client enable....................................................................................................................78 sntp client enable (Interface)................................................................................................................79 sntp unicast client enable.....................................................................................................................79 sntp unicast client poll ...................................................
PAGE 6
Allied Telesis AT-8000GS Command Line Interface User’s Guide show interfaces configuration ............................................................................................................ 112 show interfaces status ....................................................................................................................... 113 show interfaces description ...............................................................................................................
PAGE 7
ip name-server ...................................................................................................................................145 ip host.................................................................................................................................................145 clear host............................................................................................................................................146 clear host dhcp.....................................
PAGE 8
Allied Telesis AT-8000GS Command Line Interface User’s Guide lldp tx-delay ....................................................................................................................................... 177 lldp optional-tlv................................................................................................................................... 177 lldp management-address .................................................................................................................
PAGE 9
show power inline...............................................................................................................................209 show power inline power-consumption ..............................................................................................211 show power inline version ..................................................................................................................211 Chapter 23.QoS Commands .............................................................
PAGE 10
Allied Telesis AT-8000GS Command Line Interface User’s Guide snmp-server filter............................................................................................................................... 247 snmp-server host............................................................................................................................... 248 snmp-server v3-host..........................................................................................................................
PAGE 11
crypto key generate dsa.....................................................................................................................289 crypto key generate rsa......................................................................................................................289 ip ssh pubkey-auth .............................................................................................................................290 crypto key pubkey-chain ssh................................................
PAGE 12
Allied Telesis AT-8000GS Command Line Interface User’s Guide resume............................................................................................................................................... 323 hostname........................................................................................................................................... 323 stack master ...................................................................................................................................
PAGE 13
show vlan ...........................................................................................................................................357 show vlan internal usage....................................................................................................................357 show interfaces switchport .................................................................................................................358 Chapter 35.Web Server Commands .......................................
PAGE 14
Allied Telesis AT-8000GS Command Line Interface User’s Guide Preface This guide describes how to configure an AT-S95 v1.0.0 Series switch using the command line interface. The commands are grouped by topic into the following chapters: • • • • • • • • • • • • • • • • • • • • • • • • Chapter 1. "Using the CLI" — Describe the CLI basic structure and command usage. Chapter 2. "ACL Commands" — Define MAC and IP based ACLs and ACL bindings. Chapter 3.
PAGE 15
Preface Intended Audience • • • • • • • • • • • • Chapter 25. "RMON Commands" — Display the Remote Network Monitoring (RMON) Ethernet history statistics, alarms table and configuration. Chapter 26. "SNMP Commands" — Configure the community access string to permit access to the Simple Network Management Protocol (SNMP) server, create or update SNMP server entries, and specify SNMP engineID. Chapter 27. "Spanning-Tree Commands" — Configure the spanning-tree functionality. Chapter 28.
PAGE 16
Allied Telesis AT-8000GS Command Line Interface User’s Guide Contacting Allied Telesis This section provides Allied Telesis contact information for technical support as well as sales or corporate information. . Online Support You can request technical support online by accessing the Allied Telesis Knowledge Base from the following web site: www.alliedtelesis.com/support. You can use the Knowledge Base to submit questions to our technical support staff and review answers to previously asked questions..
PAGE 17
Using the CLI CLI Command Modes Chapter 1. Using the CLI Overview This chapter describes how to start using the CLI and the CLI command editing features. CLI Command Modes Introduction To assist in configuring the device, the Command Line Interface (CLI) is divided into different command modes. Each command mode has its own set of specific commands. Entering a question mark "?" at the system prompt (console prompt) displays a list of commands available for that particular command mode.
PAGE 18
Allied Telesis AT-8000GS Command Line Interface User’s Guide 2. Enter the password and press . The password is displayed as *. The Privileged EXEC mode prompt is displayed. The Privileged EXEC mode prompt consists of the device host name followed by #. Console# To return from the Privileged EXEC mode to the User EXEC mode, use the disable command.
PAGE 19
Using the CLI CLI Command Modes Interface Configuration and Specific Configuration Modes Interface Configuration mode commands modify specific interface operations. The following are the Interface Configuration modes: • • • • • • • • • Line Interface — Contains commands to configure the management connections. These include commands such as line timeout settings, etc. The line Global Configuration mode command is used to enter the Line Configuration command mode.
PAGE 20
Allied Telesis AT-8000GS Command Line Interface User’s Guide Starting the CLI The device can be managed over a direct connection to the device console RS-232 port or via a Telnet connection. The device is managed by entering command keywords and parameters at the prompt. Using the device Command Line Interface (CLI) is very similar to entering commands on a UNIX system.
PAGE 21
Using the CLI Editing Features To enter commands that require parameters, enter the required parameters after the command keyword. For example, to set a password for the administrator, enter: Console(config)# username admin password alansmith When working with the CLI, the command options are not displayed. The command is not selected from a menu, but is manually entered.
PAGE 22
Allied Telesis AT-8000GS Command Line Interface User’s Guide command is entered. If the characters already entered are not enough for the system to identify a single matching command, press ? to display the available commands matching the characters already entered.
PAGE 23
Using the CLI Editing Features Ctrl+F4 Any combination keys pressed simultaneously on the keyboard. Screen Display Indicates system messages and prompts appearing on the console. all When a parameter is required to define a range of ports or parameters and all is an option, the default for the command is all when no parameters are defined. For example, the command interface range port-channel has the option of either entering a range of channels, or selecting all.
PAGE 24
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 2. ACL Commands ip access-list The ip access-list Global Configuration mode command defines an IPv4 Access List and places the device in IPv4 Access List Configuration mode. Use the no form of this command to remove the Access List. Syntax ip access-list access-list-name no ip access-list access-list-name Parameters access-list-name — Name of the IPv4 Access List.
PAGE 25
ACL Commands permit-udp {any | { source source-wildcard}} {any | source-port} {any | {destination destination-wildcard}} {any | destination-port} [dscp number | ip-precedence number] Parameters source — Source IP address of the packet. • • source-wildcard — Wildcard bits to be applied to the source IP address. Use 1s in the bit position to be • • • • • • • • • • • • ignored. destination — Destination IP address of the packet.
PAGE 26
Allied Telesis AT-8000GS Command Line Interface User’s Guide • • • IP P r o t oco l A bb r ev ia t ed N am e P r o to co l N u m be r Internet Control Message Protocol icmp 1 Internet Group Management Protocol igmp 2 IP in IP (encapsulation) Protocol ipinip 4 Transmission Control Protocol tcp 6 Exterior Gateway Protocol egp 8 Interior Gateway Protocol igp 9 User Datagram Protocol udp 17 Host Monitoring Protocol hmp 20 Reliable Data Protocol rdp 27 Inter-Domain Policy Routing
PAGE 27
ACL Commands • • • • • am-here, mobile-registration-request, mobile-registration-reply, domain-name-request, domain-namereply, skip and photuris. (Range: 0 - 255) icmp-code — Specifies an ICMP message code for filtering ICMP packets. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code. (Range: 0 - 255) igmp-type — IGMP packets can be filtered by IGMP message type. Enter a number or one of the following values: dvmrp, host-query, host-report, pim or trace.
PAGE 28
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters disable-port — The Ethernet interface is disabled if the condition is matched. • • source — Source IP address of the packet. • source-wildcard — Wildcard bits to be applied to the source IP address. Use 1s in the bit position to be • • • • • • • • • • • ignored. destination — Packet’s destination IP address. destination-wildcard — Wildcard bits to be applied to the destination IP address. Use 1s in the bit position to be ignored.
PAGE 29
ACL Commands IP P r o t oco l A bb r ev ia t ed N am e P r o to co l N u m be r General Routing Encapsulation gre 47 Encapsulating Security Payload (50) esp 50 Authentication Header ah 51 ICMP for IPv6 ipv6-icmp 58 EIGRP routing protocol eigrp 88 Open Shortest Path Protocol ospf 89 Protocol Independent Multicast pim 103 Layer Two Tunneling Protocol l2tp 115 ISIS over IPv4 isis 124 (any IP protocol) any 25504 Default Configuration No IPv4 Access List is defined.
PAGE 30
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration No IPv6 access list is defined. Command Mode Global configuration User Guidelines An IPv6 ACL has a unique name. An IPv6 ACL, IPv4 ACL and MAC ACL cannot share the same name. • • Every IPv6 ACL has implicit permit icmp any any nd-ns any, permit icmp any any nd-na any and deny • ipv6 any any statements as its last match conditions (The former two match conditions allow for ICMPv6 neighbor discovery).
PAGE 31
ACL Commands Parameters destination-port — Specifies the UDP/TCP destination port. (Range: 0- 65535) • • destination-prefix/length — The destination IPv6 network or class of networks about which to set permit • • • • • • • • • conditions. This argument must be in the form documented in RFC 3513, where the address is specified in hexadecimal using 16-bit values between colons.
PAGE 32
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines IPv6 Syntax — The 128-bit IPv6 address format is divided into eight groups of four hexadecimal digits. • • • • • Abbreviation of this format is done by replacing a group of zeros with double colons. The IPv6 address representation can be further simplified by suppressing the leading zeros.
PAGE 33
ACL Commands Parameters destination-port — Specifies the UDP/TCP destination port. (Range: 0 - 65535) • • destination-prefix/length — The destination IPv6 network or class of networks about which to set permit • • • • • • • • • • conditions. This argument must be in the form documented in RFC 3513, where the address is specified in hexadecimal using 16-bit values between colons. disable-port — The Ethernet interface would be disabled if the condition is matched.
PAGE 34
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines IPv6 Syntax — The 128-bit IPv6 address format is divided into eight groups of four hexadecimal digits. • • • • • Abbreviation of this format is done by replacing a group of zeros with double colons. The IPv6 address representation can be further simplified by suppressing the leading zeros.
PAGE 35
ACL Commands Example The following example creates a MAC ACL. console(config)# mac access-list macl-acl1 console(config-mac-al)# permit (MAC) The permit MAC-Access List Configuration mode command sets permit conditions for a MAC-Access List. Syntax permit {any |sequence } Parameters sequence - specific MAC source address and mask. For example: to set 00:00:00:00:10:XX use mac • 00:00:00:00:10:00 with mask 00:00:00:00:00:FF Default Configuration No MAC ACL is defined.
PAGE 36
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters disable-port — Indicates the Ethernet interface is disabled if the condition is matched. • • source — Specifies source MAC address of the packet. • source-wildcard — Specifies wildcard bits to be applied to the source MAC address. Use 1s in the bit position • • • • • • to be ignored. destination — Specifies the MAC address of the host to which the packet is being sent.
PAGE 37
ACL Commands Parameters input — Applies the specified ACL to the input interface. • Default Configuration This command has no default configuration. Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines In advanced mode, when an ACL is bound to an interface, the port trust mode is set to trust 12-13 and not to 12. Example The following example, binds (services) an ACL to Ethernet interface g2.
PAGE 38
Allied Telesis AT-8000GS Command Line Interface User’s Guide show interfaces access-lists The show interfaces access-lists Privileged EXEC mode command displays access lists applied on interfaces. Syntax show interfaces access-lists [ ethernet interface | vlan vlan-id | port-channel port-channel-number ] Parameters vlan-id— Specifies the ID of the VLAN. • • interface — The full syntax is: unit/port. • port-channel-number — Valid port-channel Index.
PAGE 39
AAA Commands Chapter 3. AAA Commands aaa authentication login The aaa authentication login Global Configuration mode command defines login authentication. Use the no form of this command to return to the default configuration. Syntax aaa authentication login {default | list-name} method1 [method2...] no aaa authentication login {default | list-name} Parameters default — Uses the listed authentication methods that follow this argument as the default list of methods • • • when a user logs in.
PAGE 40
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines The default and optional list names created with the aaa authentication login command are used with the • • • login authentication command. Create a list by entering the aaa authentication login list-name method command for a particular protocol, where list-name is any character string used to name this list. The method argument identifies the list of methods that the authentication algorithm tries, in the given sequence.
PAGE 41
AAA Commands Command Mode Global Configuration mode User Guidelines The default and optional list names created with the aaa authentication enable command are used with the • • • enable authentication command. The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.
PAGE 42
Allied Telesis AT-8000GS Command Line Interface User’s Guide enable authentication The enable authentication Line Configuration mode command specifies the authentication method list when accessing a higher privilege level from a remote telnet or console. Use the no form of this command to return to the default configuration specified by the aaa authentication enable command.
PAGE 43
AAA Commands radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication. Default Configuration The local user database is checked. This has the same effect as the command ip http authentication local. Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error, not if it fails.
PAGE 44
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line. Example The following example configures HTTPS authentication.
PAGE 45
AAA Commands Line Login Method List Enable Method List -------------- ----------------- ------------------ Console Console_Login Console_Enable Telnet Default Default SSH Default Default http: Radius, Local https: Radius, Local dot1x: Radius password The password Line Configuration mode command specifies a password on a line. Use the no form of this command to remove the password.
PAGE 46
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax username name [password password] [level level] [encrypted] no username name Parameters name — The name of the user (Range: 1- 20 characters). • • password — The authentication password for the user (Range: 1 - 159 characters). • level — The user level (Range: 1 - 15). • encrypted — Encrypted password entered, copied from another device configuration. Default Configuration No user is defined.
PAGE 47
AAA Commands Command Mode Global Configuration mode. User Guidelines This command enables the recording of device management sessions (Telnet, serial and Web, but not • • • • • SNMP). It records only users that were identified with a username (for example, a user logged in with a line password is not recorded). If accounting is activated, the device sends a Start/Stop messages to a RADIUS server when a user logs in/logs out, respectively.
PAGE 48
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters radius — Accounting is performed by a RADIUS server. • Default Configuration Disabled. Command Mode Global Configuration. User Guidelines This command enables the recording of 802.1x sessions. • • If accounting is activated, the device sends a Start/Stop message to a RADIUS server when a user • • • • • logs in/logs out to the network, respectively. The software sends Start/Stop messages for each authenticated supplicant.
PAGE 49
AAA Commands show users accounts The show users accounts Privileged EXEC mode command displays information about the local user database. Syntax show users accounts Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the local users configured with access to the system.
PAGE 50
Allied Telesis AT-8000GS Command Line Interface User’s Guide enable password The enable password Global Configuration mode command sets a local password to control access to user and privilege levels. Use the no form of this command to remove the password requirement. Syntax enable password [level level] password [encrypted] no enable password [level level] Parameters • password — Password for this level. (Range: 1 - 159 characters) • level — Level for which the password applies.
PAGE 51
AAA Commands User Guidelines There are no user guidelines for this command. Example Console# show accounting Login: Radius 802.
PAGE 52
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 4. Address Table Commands bridge address The bridge address Interface Configuration (VLAN) mode command adds a MAC-layer station source address to the bridge table. Use the no form of this command to delete the MAC address.
PAGE 53
Address Table Commands Syntax bridge multicast filtering no bridge multicast filtering Parameters This command has no keywords or arguments. Default Configuration Bridge Multicast filtering is disabled. All Multicast addresses are flooded to all ports. Command Mode Global Configuration mode User Guidelines If routers exist on the VLAN, do not change the unregistered Multicast addresses state to drop on the routers • • ports.
PAGE 54
Allied Telesis AT-8000GS Command Line Interface User’s Guide Command Mode Interface configuration (VLAN) mode User Guidelines If the command is executed without add or remove, the command only registers the group in the bridge • • database. Static Multicast addresses can only be defined on static VLANs.
PAGE 55
Address Table Commands User Guidelines Before defining forbidden ports, the Multicast group should be registered. Example The following example configures MAC address 0100.5e02.0203 to be forbidden on port 2/g9 within VLAN 8. console(config)# interface vlan 8 console(config-if)# bridge multicast address 0100.5e02.0203 console(config-if)# bridge multicast forbidden address 0100.5e02.
PAGE 56
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax bridge multicast forward-all {add | remove} {ethernet interface-list | port-channel port-channel-number-list} no bridge multicast forward-all Parameters add — Force forwarding all Multicast packets. • • remove — Do not force forwarding all Multicast packets. • interface-list — Separate nonconsecutive Ethernet ports with a comma and no spaces; a hyphen is used to • designate a range of ports.
PAGE 57
Address Table Commands Default Configuration This setting is disabled. Command Mode Interface Configuration (VLAN) mode User Guidelines IGMP snooping dynamically discovers Multicast router ports. When a Multicast router port is discovered, all • • the Multicast packets are forwarded to it unconditionally. This command prevents a port from becoming a Multicast router port. Example The following example forbids forwarding all Multicast packets to 1/g1 with VLAN 2.
PAGE 58
Allied Telesis AT-8000GS Command Line Interface User’s Guide clear bridge The clear bridge Privileged EXEC mode command removes any learned entries from the forwarding database. Syntax clear bridge Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example clears the bridge tables.
PAGE 59
Address Table Commands User Guidelines There are no user guidelines for this command. Example The following example forwards all packets from port 1/g1 without learning addresses of packets from unknown sources and sends traps every 100 seconds if a packet with an unknown source address is received. console(config)# interface ethernet 1/g1 console(config-if)# port security forward trap 100 port security mode The port security mode Interface Configuration mode command configures the port security mode.
PAGE 60
Allied Telesis AT-8000GS Command Line Interface User’s Guide no port security max Parameters max-addr— Maximum number of addresses that can be learned by the port. • (Range: 1 - 128) Default Configuration The default setting is 1 address. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command is only relevant in dynamic learning modes.
PAGE 61
Address Table Commands Example The following example adds the MAC-layer address 66:66:66:66:66:66 to port 1/g1. console(config)# interface ethernet 1/g1 console(config-if)# port security routed secure-address 66:66:66:66:66:66 show bridge address-table The show bridge address-table Privileged EXEC mode command displays all entries in the bridge-forwarding database.
PAGE 62
Allied Telesis AT-8000GS Command Line Interface User’s Guide show bridge address-table static The show bridge address-table static Privileged EXEC mode command displays statically created entries in the bridge-forwarding database. Syntax show bridge address-table static [vlan vlan] [ethernet interface | port-channel port-channel-number] Parameters vlan — Specifies a valid VLAN, such as VLAN 1. • • interface — A valid Ethernet port. • port-channel-number — A valid port-channel number.
PAGE 63
Address Table Commands Parameters vlan — Specifies a valid VLAN, such as VLAN 1. • • interface — A valid Ethernet port. • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the number of addresses present in all VLANs. console# show bridge address-table count This may take some time.
PAGE 64
Allied Telesis AT-8000GS Command Line Interface User’s Guide show bridge multicast address-table The show bridge multicast address-table Privileged EXEC mode command displays the bridge Multicast Address Table information. Syntax show bridge multicast address-table [vlan vlan-id] [address mac-multicast-address | ip-multicast-address] [format ip | format mac] [source ip-address] Parameters vlan-id — A valid VLAN ID value. • • mac-multicast-address — A valid MAC Multicast address.
PAGE 65
Address Table Commands Examples The following examples display Multicast MAC address and IP Address Table information. console# show bridge multicast address-table Multicast address table for VLANs in MAC-GROUP bridging mode: Vlan MAC Address Type Ports ---- -------------- ------- ---------- 1 0100.5e23.
PAGE 66
Allied Telesis AT-8000GS Command Line Interface User’s Guide Note A Multicast MAC address maps to multiple IP addresses as shown above. show bridge multicast address-table static The show bridge multicast address-table static Privileged EXEC mode command displays statically configured Multicast addresses. Syntax show bridge multicast address-table static [vlan vlan-id] [address mac-multicast-address | Parameters vlan-id — A valid VLAN ID value. • • mac-multicast-address — A valid MAC Multicast address.
PAGE 67
Address Table Commands Syntax show bridge multicast filtering vlan-id Parameters vlan-id — VLAN ID value. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the Multicast configuration for VLAN 1.
PAGE 68
Allied Telesis AT-8000GS Command Line Interface User’s Guide Console# show bridge multicast filtering 1 Filtering: Enabled VLAN: 1 Port Forward-Unregistered Forward-All Static Status Static Status ---- --------- --------- --------- ---------- 1/g1 Forbidden Filter Forbidden Filter 1/g2 Forward Forward(s) Forward Forward(s) 1/g3 - Forward(d) - Forward(d) show bridge multicast unregistered Use The show bridge multicast unregistered User EXEC mode command displays the unregistered
PAGE 69
Address Table Commands 1/g11 Filter 1/g12 Filter show ports security The show ports security Privileged EXEC mode command displays the port-lock status. Syntax show ports security [ethernet interface | port-channel port-channel-number] Parameters interface — A valid Ethernet port. • • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
PAGE 70
Allied Telesis AT-8000GS Command Line Interface User’s Guide Maximum Maximum addresses that can be associated on this port in Static Learning mode or in Dynamic Learning mode Trap Indicates if traps are sent in case of a violation Frequency Minimum time between consecutive traps show ports security addresses The show ports security addresses Privileged EXEC mode command displays the current dynamic addresses in locked ports.
PAGE 71
Address Table Commands The following example displays dynamic addresses in currently locked port 1/g1.
PAGE 72
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 5. Clock Commands clock set The clock set Privileged EXEC mode command manually sets the system clock. To avoid an SNTP conflict, this command should only be used if there is no clock source set. Syntax clock set hh:mm:ss day month year or clock set hh:mm:ss month day year Parameters hh:mm:ss — Current time in hours (military format), minutes, and seconds (hh: 0 - 23, mm: 0 - 59, ss: 0 - 59).
PAGE 73
Clock Commands Default Configuration No external clock source Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures an external time source for the system clock. Console(config)# clock source sntp clock timezone The clock timezone Global Configuration mode command sets the time zone for display purposes. Use the no form of this command to set the time to the Coordinated Universal Time (UTC).
PAGE 74
Allied Telesis AT-8000GS Command Line Interface User’s Guide clock summer-time The clock summer-time Global Configuration mode command configures the system to automatically switch to summer time (daylight saving time). Use the no form of this command to configure the software not to automatically switch to summer time.
PAGE 75
Clock Commands User Guidelines In both the date and recurring forms of the command, the first part of the command specifies when summer time begins, and the second part specifies when it ends. All times are relative to the local time zone. The start time is relative to standard time. The end time is relative to summer time. If the starting month is chronologically after the ending month, the system assumes that the device is in the southern hemisphere.
PAGE 76
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example defines the authentication key for SNTP. Console(config)# sntp authentication-key 8 md5 ClkKey sntp authenticate The sntp authenticate Global Configuration mode command grants authentication for received Simple Network Time Protocol (SNTP) traffic from servers. Use the no form of this command to disable the feature. Syntax sntp authenticate no sntp authenticate Parameters This command has no arguments or keywords.
PAGE 77
Clock Commands Default Configuration No keys are trusted. Command Mode Global Configuration mode User Guidelines The command is relevant for both received Unicast and Broadcast. If there is at least 1 trusted key, then unauthenticated messages will be ignored. Example The following example authenticates key 8.
PAGE 78
Allied Telesis AT-8000GS Command Line Interface User’s Guide sntp broadcast client enable The sntp broadcast client enable Global Configuration mode command enables Simple Network Time Protocol (SNTP) Broadcast clients. Use the no form of this command to disable SNTP Broadcast clients. Syntax sntp broadcast client enable no sntp broadcast client enable Parameters This command has no arguments or keywords. Default Configuration The SNTP Broadcast client is disabled.
PAGE 79
Clock Commands User Guidelines The sntp client poll timer Global Configuration mode command determines polling time. Use the sntp client enable (Interface) Interface Configuration mode command to enable the SNTP client on a specific interface. Example The following example enables SNTP Anycast clients.
PAGE 80
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax sntp unicast client enable no sntp unicast client enable Parameters This command has no arguments or keywords. Default Configuration The SNTP Unicast client is disabled. Command Mode Global Configuration mode User Guidelines Use the sntp server Global Configuration mode command to define SNTP servers.
PAGE 81
Clock Commands Example The following example enables polling for Simple Network Time Protocol (SNTP) predefined Unicast clients. Console(config)# sntp unicast client poll sntp server The sntp server Global Configuration mode command configures the device to use the Simple Network Time Protocol (SNTP) to request and accept SNTP traffic from a specified server. Use the no form of this command to remove a server from the list of SNTP servers.
PAGE 82
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example configures the device to accept SNTP traffic from the server on 192.1.1.1. Console(config)# sntp server 192.1.1.1 show clock The show clock User EXEC mode command displays the time and date from the system clock. Syntax show clock [detail] Parameters detail — Shows timezone and summertime configuration. • Default Configuration This command has no default configuration.
PAGE 83
Clock Commands Time zone: Acronym is PST Offset is UTC-8 Summertime: Acronym is PDT Recurring every year. Begins at first Sunday of April at 2:00. Ends at last Sunday of October at 2:00. Offset is 60 minutes. show sntp configuration The show sntp configuration Privileged EXEC mode command shows the configuration of the Simple Network Time Protocol (SNTP). Syntax show sntp configuration Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration.
PAGE 84
Allied Telesis AT-8000GS Command Line Interface User’s Guide Server Polling Encryption Key ----------- ------- -------------- 176.1.1.8 Enabled 9 176.1.8.179 Disabled Disabled Broadcast Clients: Enabled Anycast Clients: Enabled Broadcast and Anycast Interfaces: 1/g1, 1/g3 show sntp status The show sntp status Privileged EXEC mode command shows the status of the Simple Network Time Protocol (SNTP). Syntax show sntp status Parameters This command has no arguments or keywords.
PAGE 85
Clock Commands 176.1.8.179 Unknown 12:17.17.987 PDT Feb 19 2009 8.98 189.19 Interface Status Offset Delay [mSec] [mSec] Anycast server: Server Last response --------- ------- ----- ----------------------------- ------ ----- 176.1.11.8 VLAN 118 Up 9:53:21.789 PDT Feb 19 2009 7.19 119.89 Broadcast: Interface Interface Last response --------- --------- ---------------------------- 176.9.1.1 VLAN 119 19:17:59.
PAGE 86
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 6. Configuration and Image File Commands copy The copy Privileged EXEC mode command copies files from a source to a destination. Syntax copy source-url destination-url Parameters source-url — The source file location URL or reserved keyword of the source file to be copied. • (Range: 1 - 160 characters) destination-url — The destination file URL or reserved keyword of the destination file.
PAGE 87
Configuration and Image File Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines Up to five backup configuration files are supported on the device. • • The location of a file system dictates the format of the source or destination URL. • The entire copying process may take several minutes and differs from protocol to protocol and from network to network. *.prv and *.sys files cannot be copied.
PAGE 88
Allied Telesis AT-8000GS Command Line Interface User’s Guide Copying a Configuration File from a Server to the Startup Configuration To copy a configuration file from a network server to the startup configuration file of the device, enter copy sourceurl startup-config. The startup configuration file is replaced by the copied configuration file.
PAGE 89
Configuration and Image File Commands User Guidelines There are no user guidelines for this command. Example The following example displays the list of files on a flash file system. console# dir Directory of flash: File Name Permission FlashSize DataSize Modified ---------- ---------- ---------- ---------- ---------- image-1 rw 5242880 4325376 01-Jan-2000 01:07:13 image-2 rw 5242880 4325376 01-Jan-2000 09:09:19 dhcpsn.prv -- 131072 --- 01-Jan-2000 01:02:15 sshkeys.
PAGE 90
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines *.sys, *.prv, image-1 and image-2 files cannot be deleted. Example The following example deletes file test from flash memory. console# delete flash:test Delete flash:test? [confirm] boot system The boot system Privileged EXEC mode command specifies the system image that the device loads at startup.
PAGE 91
Configuration and Image File Commands Syntax show running-config Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the contents of the running configuration file. console# show running-config software version 1.1 hostname device interface ethernet 1/g11/g1 ip address 176.242.100.100 255.255.255.
PAGE 92
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the contents of the running configuration file. console# show startup-config software version 1.1 hostname device interface ethernet 1/g1 ip address 176.242.100.100 255.255.255.0 duplex full speed 1000 interface ethernet 1/g2 ip address 176.
PAGE 93
Configuration and Image File Commands User Guidelines There are no user guidelines for this command. Example The following example displays the active system image file that is loaded by the device at startup.
PAGE 94
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 7. DHCP Snooping Commands ip dhcp snooping The ip dhcp snooping Global Configuration mode command globally enables DHCP snooping. Use the no form of this command to return to the default setting.
PAGE 95
DHCP Snooping Commands Command Mode Global Configuration mode User Guidelines DHCP snooping must be first globally enabled before enabling DHCP snooping on a VLAN. Example The following example configures DHCP snooping on a VLAN. console(config)# ip dhcp snooping vlan 1 ip dhcp snooping trust The ip dhcp snooping trust Interface Configuration mode command configures a port as trusted for DHCP snooping purposes. Use the no form of this command to return to the default setting.
PAGE 96
Allied Telesis AT-8000GS Command Line Interface User’s Guide ip dhcp snooping information option allowed-untrusted The ip dhcp snooping information option allowed-untrusted Global Configuration mode command configures a switch to accept DHCP packets with option-82 information from an untrusted port. Use the no form of this command to configure the switch to drop these packets from an untrusted port.
PAGE 97
DHCP Snooping Commands User Guidelines There are no user guidelines for this command. Example The following example configures the switch to verify on an untrusted port that the source MAC address in a DHCP packet matches the client hardware address console(config) #ip dhcp snooping verify ip dhcp snooping database The ip dhcp snooping database Global Configuration mode command configures the DHCP snooping binding file. Use the no form of this command to delete the binding file.
PAGE 98
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters seconds — Specify, in seconds, the update frequency (Range: 600 - 86400 ). • Default Configuration 1200 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures the update frequency of the DHCP snooping binding file.
PAGE 99
DHCP Snooping Commands The entry is displayed in the show commands as a ‘DHCP Snooping entry’. Example The following example configures the DHCP snooping binding database and adds binding entries to the database. console# ip dhcp snooping binding 0060.704c.73ff 3 10.1.8.1 ethernet 1/g21 clear ip dhcp snooping database The clear ip dhcp snooping database Privileged EXEC mode command clears the DHCP binding database.
PAGE 100
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example displays the DHCP snooping configuration. Console# show ip dhcp snooping DHCP snooping is enabled DHCP snooping is configured on following VLANs: 2, 7-18 DHCP snooping database: enabled Option 82 on untrusted port is allowed Relay agent information option 82 is enabled.
PAGE 101
DHCP Snooping Commands Example console# show ip dhcp snooping binding Total number of binding: 2 MAC Adreess IP Address Lease (sec) ------------------ --------------- -----------00:60:70:4c:73:ff 10.1.8.1 4294967295 00:60:70:4c:7f:c1 10.1.8.
PAGE 102
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 8. Ethernet Configuration Commands interface ethernet The interface ethernet Global Configuration mode command enters the interface configuration mode to configure an Ethernet type interface. Syntax interface ethernet interface Parameters interface — Valid Ethernet port. (Full syntax: unit/port) • Default Configuration This command has no default configuration.
PAGE 103
Ethernet Configuration Commands Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each active interface in the range. If the command returns an error on one of the active interfaces, it does not stop executing commands on other active interfaces. Example The following example shows how ports 5/g18 to 5/g20 and 3/g1 to 3/24 are grouped to receive the same command.
PAGE 104
Allied Telesis AT-8000GS Command Line Interface User’s Guide description The description Interface Configuration (Ethernet, port-channel) mode command adds a description to an interface. Use the no form of this command to remove the description. Syntax description string no description Parameters string — Comment or a description of the port to enable the user to remember what is attached to the port. • (Range: 1 - 64 characters) Default Configuration The interface does not have a description.
PAGE 105
Ethernet Configuration Commands Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines The no speed command in a port-channel context returns each port in the port-channel to its maximum capability. Example The following example configures the speed operation of Ethernet port 1/g5 to 100 Mbps operation.
PAGE 106
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example configures the duplex operation of Ethernet port 1/g5 to full duplex operation. console(config)# interface ethernet 1/g5 console(config-if)# duplex full negotiation The negotiation Interface Configuration (Ethernet, port-channel) mode command enables auto-negotiation operation for the speed and duplex parameters of a given interface. Use the no form of this command to disable auto-negotiation.
PAGE 107
Ethernet Configuration Commands Parameters on — Force flow control as enabled. • • off — Force flow control as disabled. • auto — Enable AUTO flow control configuration. Default Configuration Flow control is off. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines Negotiation should be enabled for flow control auto. Example In the following example, flow control is enabled on port 1/g5.
PAGE 108
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example In the following example, automatic crossover is enabled on port 1/g5. console(config)# interface ethernet 1/g5 console(config-if)# mdix auto back-pressure The back-pressure Interface Configuration (Ethernet, port-channel) mode command enables back pressure on a given interface. Use the no form of this command to disable back pressure. Syntax back-pressure no back-pressure Parameters This command has no arguments or keywords.
PAGE 109
Ethernet Configuration Commands Command Mode Global Configuration mode. User Guidelines The command is effective only after reset. Example The following example enables jumbo frames for the device. Console(config)# port jumbo-frame system flowcontrol Use system flowcontrol Global Configuration mode to enable flow control on cascade ports. Use the no form of this command to disable it. Syntax system flowcontrol no system flowcontrol Parameters This command has no arguments or keywords.
PAGE 110
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters ethernet — Valid Ethernet port. (Full syntax: unit/port) • • port-channel-number — Valid port-channel number. Default Configuration This command has no default configuration. Command Mode User EXEC mode or Privileged EXEC Mode User Guidelines There are no user guidelines for this command. Example In the following example, the counters for interface 1/g1 are cleared.
PAGE 111
Ethernet Configuration Commands show interfaces advertise The show interfaces advertise Privileged EXEC mode command displays autonegotiation data. Syntax show interfaces advertise [ethernet interface | port-channel port-channel-number ] Parameters interface — Valid Ethernet port. (Full syntax: unit/port) • • port-channel-number — Valid port-channel number. Default Configuration This command has no default configuration.
PAGE 112
Allied Telesis AT-8000GS Command Line Interface User’s Guide g16 100M-Copper Enabled -- g17 100M-Copper Enabled -- g18 100M-Copper Enabled -- g19 100M-Copper Enabled -- g20 100M-Copper Enabled -- show interfaces configuration The show interfaces configuration Privileged EXEC mode command displays the configuration for all configured interfaces. Syntax show interfaces configuration [ethernet interface | port-channel port-channel-number] Parameters interface — Valid Ethernet port.
PAGE 113
Ethernet Configuration Commands g9 100M-Copper Full 100 Enabled Off Up Disabled Auto g10 100M-Copper Full 100 Enabled Off Up Disabled Auto g11 100M-Copper Full 100 Enabled Off Up Disabled Auto g12 100M-Copper Full 100 Enabled Off Up Disabled Auto g13 100M-Copper Full 100 Enabled Off Up Disabled Auto g14 100M-Copper Full 100 Enabled Off Up Disabled Auto g15 100M-Copper Full 100 Enabled Off Up Disabled Auto g16 100M-Copper Full 100 Enabled O
PAGE 114
Allied Telesis AT-8000GS Command Line Interface User’s Guide g3 100M-Copper -- -- -- -- Down -- -- g4 100M-Copper -- -- -- -- Down -- -- g5 100M-Copper Full 100 Enabled Off Up Disabled Auto g6 100M-Copper -- -- -- -- Down -- -- g7 100M-Copper -- -- -- -- Down -- -- g8 100M-Copper -- -- -- -- Down -- -- g9 100M-Copper -- -- -- -- Down -- -- g10 100M-Copper -- -- -- -- Down -- -- g11 100M-Copper -- -- -- -- Down -- -- g12 100M-
PAGE 115
Ethernet Configuration Commands Example The following example displays descriptions of configured interfaces. console# show interfaces description Port Description ---- ----------- 1/g1 lab 1/g2 1/g3 1/g4 1/g5 1/g6 ch1 ch2 show ports jumbo-frame The show port jumbo-frame Privileged EXEC mode command displays the configuration of jumbo frames. Syntax show port jumbo-frame Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration.
PAGE 116
Allied Telesis AT-8000GS Command Line Interface User’s Guide show interfaces counters The show interfaces counters User EXEC mode command displays traffic seen by the physical interface. Syntax show interfaces counters [ethernet interface | port-channel port-channel-number] Parameters interface — A valid Ethernet port. (Full syntax: unit/port) • • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration.
PAGE 117
Ethernet Configuration Commands Ch OutOctets OutUcastPkts OutMcastPkts OutBcastPkts --- --------- ------------ ------------ ------------ 1 23739 0 0 0 The following table describes the fields shown in the display: Field Des criptio n InOctets Counted received octets. InUcastPkts Counted received Unicast packets. InMcastPkts Counted received Multicast packets. InBcastPkts Counted received Broadcast packets. OutOctets Counted transmitted octets.
PAGE 118
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example Console# show system flowcontrol port storm-control include-multicast (IC) The port storm-control include-multicast Interface Configuration (Ethernet) mode command counts Multicast packets in Broadcast storm control. Use the no form of this command to disable counting Multicast packets.
PAGE 119
Ethernet Configuration Commands Parameters This command has no arguments or keywords. Default Configuration Broadcast storm control is disabled. Command Modes Interface Configuration (Ethernet) mode User Guidelines Use the port storm-control broadcast rate Interface Configuration (Ethernet) mode command, to set the maximum allowable Broadcast rate. Use the port storm-control include-multicast Global Configuration mode command to enable counting Multicast packets in the storm control calculation.
PAGE 120
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example configures the maximum storm control Broadcast rate at 900 Kbits/Sec. console(config)# interface ethernet 1/g5 console(config-if)# port storm-control broadcast rate 900 show ports storm-control The show ports storm-control User/Privileged EXEC mode command displays the storm control configuration. show ports storm-control [interface] Parameters interface — A valid Ethernet port.
PAGE 121
GVRP Commands Chapter 9. GVRP Commands gvrp enable (Global) GARP VLAN Registration Protocol (GVRP) is an industry-standard protocol designed to propagate VLAN information from device to device. With GVRP, a single device is manually configured with all desired VLANs for the network, and all other devices on the network learn these VLANs dynamically. The gvrp enable Global Configuration mode command enables GVRP globally. Use the no form of this command to disable GVRP on the device.
PAGE 122
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration GVRP is disabled on all interfaces. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines An access port does not dynamically join a VLAN because it is always a member in only one VLAN. Membership in an untagged VLAN is propagated in the same way as in a tagged VLAN. That is, the PVID is manually defined as the untagged VLAN VID.
PAGE 123
GVRP Commands Set the same GARP timer values on all Layer 2-connected devices. If the GARP timers are set differently on Layer 2-connected devices, the GARP application will not operate successfully. Example The following example sets the leave timer for Ethernet port 1/g6 to 900 milliseconds.
PAGE 124
Allied Telesis AT-8000GS Command Line Interface User’s Guide no gvrp registration-forbid Default Configuration Dynamic registration of VLANs on the port is allowed. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example forbids dynamic registration of VLANs on Ethernet port 1/g6.
PAGE 125
GVRP Commands Syntax show gvrp configuration [ethernet interface | port-channel port-channel-number] Parameters interface — A valid Ethernet port. (Full syntax: unit/port) • • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
PAGE 126
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax show gvrp statistics [ethernet interface | port-channel port-channel-number] Parameters interface — A valid Ethernet port. (Full syntax: unit/port) • • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
PAGE 127
GVRP Commands Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays GVRP statistical information.
PAGE 128
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 10.IGMP Snooping Commands Note In order to enable IGMP snooping, the user must enable bridge Multicast filtering ip igmp snooping (Global) The ip igmp snooping Global Configuration mode command enables Internet Group Management Protocol (IGMP) snooping. Use the no form of this command to disable IGMP snooping. Syntax ip igmp snooping no ip igmp snooping Parameters This command has no arguments or keywords.
PAGE 129
IGMP Snooping Commands Parameters This command has no arguments or keywords. Default Configuration IGMP snooping is disabled . Command Mode Interface Configuration (VLAN) mode User Guidelines IGMP snooping can only be enabled on static VLANs. Example The following example enables IGMP snooping on VLAN 2.
PAGE 130
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example enables automatic learning of Multicast device ports on VLAN 2. console(config) # interface vlan 2 console(config-if)# ip igmp snooping mrouter learn-pim-dvmrp ip igmp snooping host-time-out The ip igmp snooping host-time-out Interface Configuration (VLAN) mode command configures the host-timeout.
PAGE 131
IGMP Snooping Commands Parameters This command has no arguments or keywords Default Configuration Disabled. Command Mode Interface Configuration (VLAN) mode User Guidelines IGMP snooping querier can be enabled on a VLAN only if IGMP snooping is enabled for that VLAN. No more then one switch can be configured as an IGMP Querier for a VLAN. When IGMP Snooping Querier is enabled, it starts after host-time-out/2 with no IGMP traffic detected from a Multicast router.
PAGE 132
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines If an IP address is not configured by this command, and no IP address is configured for the IGMP querier VLAN interface, the querier is disabled. Example .The following example configures the source IP address that the IGMP Snooping querier uses. console(config)# interface vlan 2 console(config-if)# ip igmp snooping querier address 192.168.1.
PAGE 133
IGMP Snooping Commands used for setting the aging-out time after Multicast device ports are automatically learned. Use the no form of this command to return to the default configuration. Syntax ip igmp snooping mrouter-time-out time-out no ip igmp snooping mrouter-time-out Parameters time-out — Multicast device timeout in seconds (Range: 1 - 2147483647) • Default Configuration The default value is 300 seconds.
PAGE 134
Allied Telesis AT-8000GS Command Line Interface User’s Guide Command Mode Interface Configuration (VLAN) mode User Guidelines The leave timeout should be set greater than the maximum time that a host is allowed to respond to an IGMP query. Use immediate leave only where there is just one host connected to a port. Example The following example configures the host leave-time-out to 60 seconds.
PAGE 135
IGMP Snooping Commands VLAN Ports ---- ----- 1000 1/g19 show ip igmp snooping interface The show ip igmp snooping interface EXEC mode command shows IGMP snooping configuration. Syntax show ip igmp snooping interface vlan-id Parameters vlan-id — VLAN number. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
PAGE 136
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example console# show ip igmp snooping interface 1000 IGMP Snooping is globally enabled IGMP Snooping admin: Enabled Hosts and routers IGMP version: 2 IGMP snooping oper mode: Enabled IGMP snooping querier admin: Enabled IGMP snooping querier oper: Enabled IGMP snooping querier address admin: IGMP snooping querier address oper: 172.16.1.
PAGE 137
IGMP Snooping Commands show ip igmp snooping groups The show ip igmp snooping groups command displays the Multicast groups that was learned by the IGMP snooping Syntax show ip igmp snooping groups [vlan vlan-id] [ip-multicast-address ip-multicast-address] [ip-address ipaddress] Parameters vlan-id — VLAN ID value • • ip-multicast-address — A valid IP Multicast address • ip-address — Source IP address Default Configuration This command has no default configuration.
PAGE 138
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 11.IP Addressing Commands ip address The ip address Interface Configuration (Ethernet, VLAN, port-channel) mode command sets an IP address. Use the no form of this command to remove an IP address. Syntax ip address ip-address {mask | prefix-length} no ip address [ip-address] Parameters ip-address —Valid IP address • • mask — Valid network mask of the IP address.
PAGE 139
IP Addressing Commands Parameters host-name — Specifies the name of the host to be placed in the DHCP option 12 field. This name does not • have to be the same as the host name specified in the hostname Global Configuration mode command. (Range: 1 - 20 characters) Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines The ip address dhcp command allows any interface to dynamically learn its IP address by using the DHCP protocol.
PAGE 140
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration No default gateway is defined. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example defines default gateway 192.168.1.1. console(config)# ip default-gateway 192.168.1.1 show ip interface The show ip interface Privileged EXEC mode command displays the usability status of configured IP interfaces.
PAGE 141
IP Addressing Commands IP Address I/F Type ------------- --------- ------- 192.168.1.200/24 VLAN 1 Static console# arp The arp Global Configuration mode command adds a permanent entry in the Address Resolution Protocol (ARP) cache. Use the no form of this command to remove an entry from the ARP cache.
PAGE 142
Allied Telesis AT-8000GS Command Line Interface User’s Guide no arp timeout Parameters • seconds — Time (in seconds) that an entry remains in the ARP cache. (Range: 1-40000000) Default Configuration The default timeout is 60000 seconds. Command Mode Global Configuration mode User Guidelines It is recommended not to set the timeout value to less than 3600. Example The following example configures the ARP timeout to 12000 seconds.
PAGE 143
IP Addressing Commands show arp The show arp Privileged EXEC mode command displays entries in the ARP table. Syntax show arp [ip-address ip-address] [mac-address mac-address] [ethernet interface | port-channel port-channelnumber] Parameters • ip-address — Displays the ARP entry of a specific IP address. • mac-address — Displays the ARP entry of a specific MAC address. • interface — Displays the ARP entry of a specific Ethernet port interface.
PAGE 144
Allied Telesis AT-8000GS Command Line Interface User’s Guide no ip domain-lookup Parameters This command has no arguments or keywords. Default Configuration The default configuration is set to enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables IP Domain Naming System (DNS)-based host name-to-address translation.
PAGE 145
IP Addressing Commands Example The following example defines default domain name www.website.com. Console(config)# ip domain-name www.website.com ip name-server The ip name-server Global Configuration mode command defines the available name servers. Use the no form of this command to remove a name server. Syntax ip name-server server-address [server-address2 … server-address8] no ip name-server [server-address1 … server-address8] Parameters • server-address — Specifies IP addresses of the name server.
PAGE 146
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration No host is defined. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example The following example defines a static host name-to-address mapping in the host cache. console(config)# ip host accounting.website.com 176.10.23.1 clear host The clear host Privileged EXEC mode command deletes entries from the host name-to-address cache.
PAGE 147
IP Addressing Commands Parameters • name — Specifies the host entry to be removed. (Range: 1 - 158 characters) • * — Removes all entries. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command deletes the host name-to-address mapping temporarily until the next renew of the IP address. Example The following example deletes all entries from the host name-to-address mapping.
PAGE 148
Allied Telesis AT-8000GS Command Line Interface User’s Guide Name/address lookup is enabled Name servers (Preference order): 176.16.1.18 176.16.1.19 Configured host name-to-address mapping: Host Addresses ---- --------- accounting.gm.com 176.16.8.8 176.16.8.9 (DHCP) Cache: TTL(Hours) Host Total Elapsed Type Addresses ---- ----- ------- ------ --------- www.stanford.edu 72 3 IP 171.64.14.
PAGE 149
IPv6 Addressing Commands Chapter 12.IPv6 Addressing Commands ipv6 enable The ipv6 enable Interface Configuration mode command enables IPv6 processing on an interface. Use the no form of this command to disable IPv6 processing on an interface. Syntax ipv6 enable [no-autoconfig] no ipv6 enable Parameters no-autoconfig — Enables IPv6 processing on an interface without the stateless address autoconfiguration • procedure. Default Configuration IPv6 is disabled.
PAGE 150
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters ipv6-address — The IPv6 network assigned to the interface. The address is specified in hexadecimal using • • • • 16-bit values between colons. prefix-length — The length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal. (Range: 3-128. 64 when the eui-64 parameter is used.
PAGE 151
IPv6 Addressing Commands User Guidelines Using the no ipv6 address link-local command removes the manually configured link-local IPv6 address from an interface. When the no ipv6 address link-local command is used, the interface is reconfigured with the standard link-local address (the same IPv6 link-local address that is set automatically when the enable ipv6 command is used). The system automatically generates a link-local address for an interface when IPv6 processing is enabled on the interface.
PAGE 152
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example defines an IPv6 default gateway. console(config)# ipv6 default-gateway fe80::11 show ipv6 interface The show ipv6 interface Privileged EXEC mode command displays the usability status of configured IPv6 interfaces. Syntax show ipv6 interface [vlan vlan-id ] Parameters vlan vlan-id — Valid VLAN numbers (VLAN 1 only). • Default Configuration Displays all IPv6 interfaces. Command Mode Privileged EXEC mode.
PAGE 153
IPv6 Addressing Commands --------------- ---------- ---------- FE80::4 Link Local Duplicated 2031:0:130F:0:0:9C0:876A:130D/64 Static Active console# show ipv6 interface Vlan 17 Ipv6 is enabled Number of ND DAD attempts: 20 IP addresses Type DAD State --------------- ---------- ---------- FE80::9C0:876A:130D Link Local Active 2031:0:130F:0:0:9C0:876A:130D/64 Static Active show ipv6 route The show ipv6 route command displays the current state of the ipv6 routing table.
PAGE 154
Allied Telesis AT-8000GS Command Line Interface User’s Guide Unicast IPv6 addresses of the interface. Use the no form of this command to return the number of messages to the default value. Syntax ipv6 nd dad attempts attempts-number no ipv6 nd dad attempts Parameters attempts-number — The number of neighbor solicitation messages. Configuring a value of 0 disables • duplicate address detection processing on the specified interface.
PAGE 155
IPv6 Addressing Commands ipv6 host The ipv6 host Global Configuration mode command defines a static host name-to-address mapping in the host name cache. Use the no form of this command to remove the host name-to-address mapping. Syntax ipv6 host name ipv6-address1 [ipv6-address2…ipv6-address4] no ipv6 host name Parameters name — Name of the host. (Range: 1 - 158 characters) • • ipv6-address1 — Associated IPv6 address. The address is specified in hexadecimal using 16-bit values • between colons.
PAGE 156
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters ipv6_addr — Valid IPv6 address to map to the specified MAC address. • • hw_addr — Valid MAC address to map to the specified IPv6 address. • ethernet interface-number — Valid port number. • vlan vlan-id — Valid VLAN number. • port-channel number — Valid port channel number. Default Configuration This command has no default setting. Command Mode Global Configuration mode.
PAGE 157
IPv6 Addressing Commands Default Configuration This command has no default setting. Command Mode Privileged EXEC mode. User Guidelines The associated interface of a MAC address can be aged out from the FDB table, so that the Interface field • • • can be empty. When an ARP entry is associated with an IP interface that is defined on a port or port-channel, the VLAN field is empty. The possible neighbor cache states are: – INCMP (Incomplete) — Address resolution is being performed on the entry.
PAGE 158
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters This command has no keywords or arguments. Default Configuration This command has no default setting. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command.
PAGE 159
Line Commands Chapter 13.Line Commands line The line Global Configuration mode command identifies a specific line for configuration and enters the Line Configuration command mode. Syntax line {console | telnet | ssh} Parameters console — Console terminal line. • • telnet — Virtual terminal for remote console access (Telnet). • ssh — Virtual terminal for secured remote console access (SSH). Default Configuration This command has no default configuration.
PAGE 160
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration The default speed is 115200 bps. Command Mode Line Configuration (console) mode User Guidelines This command is available only on the line console. The configured speed is applied when Autobaud is disabled. This configuration applies only to the current session. Example The following example configures the line baud rate to 9600.
PAGE 161
Line Commands exec-timeout The exec-timeout Line Configuration mode command sets the interval that the system waits until user input is detected. Use the no form of this command to return to the default configuration. Syntax exec-timeout minutes [seconds] no exec-timeout Parameters minutes — Specifies the number of minutes. (Range: 0 - 65535) • • seconds — Specifies additional time intervals in seconds. (Range: 0 - 59) Default Configuration The default configuration is 10 minutes.
PAGE 162
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines This command enables the command history function for a specified line. To enable or disable the command history function for the current terminal session, use the terminal history user EXEC mode command. Example The following example enables the command history function for telnet.
PAGE 163
Line Commands Parameters This command has no arguments or keywords. Default Configuration The default configuration for all terminal sessions is defined by the history line configuration command. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example disables the command history function for the current terminal session.
PAGE 164
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example configures the command history buffer size to 20 commands for the current terminal session. console# terminal history size 20 show line The show line User EXEC mode command displays line parameters. Syntax show line [console | telnet | ssh] Parameters console — Console terminal line. • • telnet — Virtual terminal for remote console access (Telnet). • ssh — Virtual terminal for secured remote console access (SSH).
PAGE 165
Line Commands SSH configuration: Interactive timeout: 10 minutes 10 seconds History: 10 Page 165
PAGE 166
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 14.DHCP Option 82 Commands ip dhcp information option The ip dhcp information option Global Configuration mode command enables Dynamic Host Configuration Protocol (DHCP) option-82 data insertion. Use the no form of this command to disable DHCP option-82 data insertion. Syntax ip dhcp information option no ip dhcp information option Parameters This command has no arguments or keywords.
PAGE 167
DHCP Option 82 Commands Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command. Example The following example displays the DHCP option 82 configuration.
PAGE 168
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 15.LACP Commands lacp system-priority The lacp system-priority Global Configuration mode command configures the system priority. Use the no form of this command to return to the default configuration. Syntax lacp system-priority value no lacp system-priority Parameters value — Specifies system priority value. (Range: 1 - 65535) • Default Configuration The default system priority is 1.
PAGE 169
LACP Commands lacp port-priority The lacp port-priority Interface Configuration (Ethernet) mode command configures physical port priority. Use the no form of this command to return to the default configuration, use the no form of this command. Syntax lacp port-priority value no lacp port-priority Parameters value — Specifies port priority. (Range: 1 - 65535) • Default Configuration The default port priority is 1.
PAGE 170
Allied Telesis AT-8000GS Command Line Interface User’s Guide lacp timeout The lacp timeout Interface Configuration (Ethernet) mode command assigns an administrative LACP timeout. Use the no form of this command to return to the default configuration. Syntax lacp timeout {long | short} no lacp timeout Parameters long — Specifies the long timeout value. • • short — Specifies the short timeout value. Default Configuration The default port timeout value is long.
PAGE 171
LACP Commands show lacp ethernet The show lacp ethernet Privileged EXEC mode command displays LACP information for Ethernet ports. Syntax show lacp ethernet interface [parameters | statistics | protocol-state] Parameters interface — Valid Ethernet port. (Full syntax: unit/port) • • parameters — Link aggregation parameter information. • statistics — Link aggregation statistics information. • protocol-state — Link aggregation protocol-state information.
PAGE 172
Allied Telesis AT-8000GS Command Line Interface User’s Guide distributing: FALSE expired: FALSE system priority: 0 system mac addr: 00:00:00:00:00:00 port Admin key: 0 port Oper key: 0 port Oper number: 0 port Admin priority: 0 port Oper priority: 0 port Oper timeout: LONG LACP Activity: PASSIVE Aggregation: AGGREGATABLE synchronization: FALSE collecting: FALSE distributing: FALSE expired: FALSE Partner Port 1/g1 LACP Statistics: LACP PDUs sent: 2 LACP PDUs received: 2
PAGE 173
LACP Commands show lacp port-channel The show lacp port-channel Privileged EXEC mode command displays LACP information for a port-channel. Syntax show lacp port-channel [port_channel_number] Parameters port_channel_number — Valid port-channel number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays LACP information about port-channel 1.
PAGE 174
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 16.LLDP Commands lldp enable (global) The lldp enable Global Configuration mode command enables theLink Layer Discovery Protocol (LLDP). Use the no form of this command to disable LLDP. Syntax lldp enable no lldp enable Parameters This command has no parameter settings. Default Configuration LLDP is enabled. Command Mode Global Configuration mode. User Guidlines There are no guidelines for this command.
PAGE 175
LLDP Commands Default Configuration Enabled in both modes. Command Modes Interface Configuration (Ethernet) mode. User Guidelines LLDP manages LAG ports individually. LLDP sends separate advertisements on each port in a LAG. LLDP • • data received through LAG ports is stored individually per port. An LLDP operation on a port is not dependent on the STP state of a port. This means that LLDP frames are sent and received on blocked ports. If a port is controlled by 802.
PAGE 176
Allied Telesis AT-8000GS Command Line Interface User’s Guide lldp hold-multiplier The lldp hold-multiplier Global Configuration mode command specifies the amount of time the receiving device should hold an LLDP packet before discarding it. Use the no form of this command to revert to the default setting. Syntax lldp hold-multiplier number no lldp hold-multiplier Parameters number — Specifies the hold time to be sent in the LLDP update packets as a multiple of the timer value.
PAGE 177
LLDP Commands Command Mode Global Configuration mode. User Guidelines There are no user guidelines for this command. Example The following example pecifies the minimum time an LLDP port waits before reinitializing LLDP transmissions to five seconds. console(config) # lldp reinit-delay 5 lldp tx-delay The lldp tx-delay Global Configuration mode command specifies the delay between successive LLDP frame transmissions initiated by value/status changes in the LLDP local systems MIB.
PAGE 178
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax lldp optional-tlv tlv1 [tlv2 … tlv5] no lldp optional-tlv Parameters tlv — Specifies the TLV that should be included. Available optional TLVs are: port-desc, sys-name, • sys-desc, sys-cap and 802.3-mac-phy. Default Configuration No optional TLV is transmitted. Command Mode Interface Configuration (Ethernet) mode. User Guidelines There are no user guidelines for this command.
PAGE 179
LLDP Commands Example The following example specifies that the management address will be advertised from an interface as 192.168.0.1. console(config)# interface ethernet g5 console(config-if)# lldp management-address 192.168.0.1 lldp med enable The lldp med enable Interface Configuration mode command enables LLDP Media Endpoint Discovery (MED) on an interface. Use the no form of this command to disable LLDP MED on an interface.
PAGE 180
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters number — Network policy sequential number. • • application — The name or the number of the primary function of the application defined for this network • • • • policy. Available application names are: voice, voice-signaling, guest-voice, guest-voice-signaling, softphone-voice, video-conferencing, streaming-video and video-signaling. vlan id — VLAN identifier for the application.
PAGE 181
LLDP Commands User Guidelines For each port, only one network policy per application ( voice, voice-signaling, guest-voice, • guest-voice-signaling, softphone-voice, video-conferencing, streaming-video and video-signaling) can be defined. Example The following example attaches an LLDP MED network policy to a port.
PAGE 182
Allied Telesis AT-8000GS Command Line Interface User’s Guide clear lldp rx The clear lldp rx Privileged EXEC mode command restarts the LLDP RX state machine and clears the neighbors table. Syntax clear lldp rx [ethernet ethernet] Parameters ethernet — Ethernet interface. • Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example The folowing example restarts the LLDP RX state machine and clears the neighbors table.
PAGE 183
LLDP Commands Example The following example displays the Link Layer Discovery Protocol (LLDP) configuration: console# show lldp configuration State: Enabled Timer: 30 Seconds Hold multiplier: 4 Reinit delay: 2 Seconds Tx delay: 2 Seconds Port State Optional TLVs Address ---- ----- ------------- ------- 1/g1 RX, TX PD, SN, SD, SC 172.16.1.1 1/g2 TX PD, SN 172.16.1.
PAGE 184
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters interface — Ethernet interface. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines There are no guidelines for this command. Example The following example displays the Link Layer Discovery Protocol (LLDP) Media Endpoint Discovery (MED) configuration.
PAGE 185
LLDP Commands show lldp local The show lldp local Privileged EXEC mode command displays the LLDP information advertised from a specific port. Syntax show lldp local ethernet interface Parameters interface — Ethernet interface. • Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example The following example displays the Link Layer Discovery Protocol (LLDP) information that is advertised from the Ethernet interface.
PAGE 186
Allied Telesis AT-8000GS Command Line Interface User’s Guide Device Type: Power Sourcing Entity Power source: Primary Power Source Power priority: High Power value: 9.6 Watts LLDP-MED Location Coordinates: 54:53:c1:f7:51:57:50:ba:5b:97:27:80:00:00:67:01 console# show lldp local ethernet 1/g2 LLDP is disabled. show lldp neighbors The show lldp neighbors Privileged EXEC mode command displays information about neighboring devices discovered using LLDP.
PAGE 187
LLDP Commands Example The following example displays information about neighboring devices discovered using Link Layer Discovery Protocol (LLDP). console# show lldp neighbors Port Device ID Port ID System Name Capabilities --------- ---------------- -------- ---------- ------------- 1/g1 0060.704C.73FE 1 ts-7800-2 B 1/g2 0060.704C.73FD 1 ts-7800-2 B 1/g4 0060.704C.73FC 9 ts-7900-1 B, R 1/g5 0060.704C.
PAGE 188
Allied Telesis AT-8000GS Command Line Interface User’s Guide DSCP: 0 LLDP-MED Power over Ethernet Device Type: Power Device Power source: Primary power Power priority: High Power value: 9.6 Watts LLDP-MED Inventory Hardware revision: 2.1 Firmware revision: 2.3 Software revision: 2.7.1 Serial number: LM759846587 Manufacturer name: VP Model name: TR12 Asset ID: 9 The following table describes significant LLDP fields: Field Desc ription Port The port number.
PAGE 189
LLDP Commands Field Desc ription Auto-negotiation Advertised Capabilities The speed/duplex/flow-control capabilities of the port that are advertised by the auto-negotiation. Operational MAU type Indicates the MAU type of the port. LLDP MED Capabilities Defines the sender's LLDP-MED capabilities. Device type Contains a value that indicates whether the sender is a Network Connectivity Device or Endpoint Device, and if an Endpoint, the Endpoint Class t which it belongs.
PAGE 190
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 17.Login Banner Commands login banner The login banner Privileged EXEC mode command configures the login banner, which is a security message that is displayed above the Telnet login prompt prior to login. Syntax login_banner banner Parameters banner — Security text message. (Range: 1 - 158 characters) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
PAGE 191
Login Banner Commands Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command.
PAGE 192
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 18.Management ACL Commands management access-list The management access-list Global Configuration mode command configures a management Access List and enters the Management Access-list Configuration command mode. Use the no form of this command to delete an Access List. Syntax management access-list name no management access-list name Parameters name — Access list name.
PAGE 193
Management ACL Commands Example The following example creates a management Access List called mlist, configures management Ethernet interfaces 1/g1 and 2/g9 and makes the new Access List the active list.
PAGE 194
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines Rules with Ethernet, VLAN and port-channel parameters are valid only if an IP address is defined on the appropriate interface. The system supports up to 128 management access rules. Example The following example permits all ports in the mlist Access List. console(config)# management access-list mlist console(config-macl)# permit deny (Management) The deny Management Access-List Configuration mode command defines a deny rule.
PAGE 195
Management ACL Commands Example The following example denies all ports in the Access List called mlist. console(config)# management access-list mlist console(config-macl)# deny management access-class The management access-class Global Configuration mode command restricts management connections by defining the active management Access List. Use the no form of this command to disable this restriction.
PAGE 196
Allied Telesis AT-8000GS Command Line Interface User’s Guide Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the mlist management Access List. console# show management access-list mlist mlist ----permit ethernet 1/g1 permit ethernet 2/g2 ! (Note: all other access implicitly denied) show management access-class The show management access-class Privileged EXEC mode command displays the active management Access List.
PAGE 197
PHY Diagnostics Commands Chapter 19.PHY Diagnostics Commands test copper-port tdr The test copper-port tdr Privileged EXEC mode command uses Time Domain Reflectometry (TDR) technology to diagnose the quality and characteristics of a copper cable attached to a port. Syntax test copper-port tdr interface Parameters interface — A valid Ethernet port. (Full syntax: unit/port) • Default Configuration This command has no default configuration.
PAGE 198
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines The maximum length of the cable for the TDR test is 120 meter. Example The following example displays information on the last TDR test performed on all copper ports.
PAGE 199
PHY Diagnostics Commands Example The following example displays the estimated copper cable length attached to all ports. console> show copper-ports cable-length Port Length [meters] ---- --------------------- 1/g1 < 50 1/g2 Copper not active 1/g3 110-140 1/g4 Fiber show fiber-ports optical-transceiver Use The show fiber-ports optical-transceiver User EXEC mode command displays the optical transceiver diagnostics.
PAGE 200
Allied Telesis AT-8000GS Command Line Interface User’s Guide 7/g3 Copper Temp – Internally measured transceiver temperature. Voltage - Internally measured supply voltage. Current – Measured TX bias current. Output Power – Measured TX output power. Input Power – Measured RX received power.
PAGE 201
Port Channel Commands Chapter 20.Port Channel Commands interface port-channel The interface port-channel Global Configuration mode command enters the interface configuration mode to configure a specific port-channel. Syntax interface port-channel port-channel-number Parameters port-channel-number — A valid port-channel number. • Default Configuration This command has no default configuration.
PAGE 202
Allied Telesis AT-8000GS Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each interface in the range. Example The following example groups port-channels 1, 2 and 6 to receive the same command. console(config)# interface range port-channel 1-2,6 channel-group The channel-group Interface Configuration (Ethernet) mode command associates a port with a port-channel.
PAGE 203
Port Channel Commands Parameters port-channel-number — Valid port-channel number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays information on all port-channels.
PAGE 204
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 21.Port Monitor Commands port monitor The port monitor Interface Configuration mode command starts a port monitoring session. Use the no form of this command to stop a port monitoring session. Syntax port monitor src-interface [rx | tx] no port monitor src-interface Parameters src-interface—Valid Ethernet port. (Full syntax: unit/port) • • rx — Monitors received packets only. • tx — Monitors transmitted packets only.
PAGE 205
Port Monitor Commands show ports monitor The show ports monitor User EXEC mode command displays the port monitoring status. Syntax show ports monitor Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example shows how the port monitoring status is displayed.
PAGE 206
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 22.Power over Ethernet Commands power inline The port inline Interface Configuration (Ethernet) mode command configures the administrative mode of inline power on an interface. Syntax power inline {auto | never} Parameters auto — Enables the device discovery protocol and, if found, supplies power to the device. • • never — Disables the device discovery protocol and stops supplying power to the device.
PAGE 207
Power over Ethernet Commands Default Configuration This command has no default configuration. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example configures a description to an IP-phone to a powered device connected to Ethernet interface 1/g16.
PAGE 208
Allied Telesis AT-8000GS Command Line Interface User’s Guide power inline usage-threshold The power inline usage-threshold Global Configuration mode command configures the threshold for initiating inline power usage alarms. Use the no form of this command to return to the default configuration. Syntax power inline usage-threshold percentage [unit-number] no power inline usage-threshold Parameters percentage — Specifies the threshold as a percentage to compare measured power.
PAGE 209
Power over Ethernet Commands User Guidelines There are no user guidelines for this command. Example The following example enables inline power traps to be sent when a power usage threshold is exceeded. console(config)# power inline traps enable show power inline The show power inline User EXEC mode command displays the information about inline power. Syntax show power inline [ethernet interface] Parameters interface — Valid Ethernet port.
PAGE 210
Allied Telesis AT-8000GS Command Line Interface User’s Guide console# show power inline ethernet 4/g1 Port Powered Device ---- ------- 4/g1 State Status Priority Class ----------- ------------- ------------ -------- Auto On low class1 Overload Counter: 0 Short Counter: 0 Denied Counter: 0 Absent Counter: 1 Invalid Signature Counter: 0 The following table describes the significant fields shown in the example: Field Desc ription Power The operational status of the inline power sou
PAGE 211
Power over Ethernet Commands show power inline power-consumption The show power inline power-consumption User EXEC mode command displays information about the inline power consumption. Syntax show power inline power-consumption [ethernet interface ] Parameters interface — Valid Ethernet port. (Full syntax: unit/port) • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
PAGE 212
Allied Telesis AT-8000GS Command Line Interface User’s Guide Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays information about inline power. console# show power inline version Unit Software version -------- ------------ 1 1.12 2 1.
PAGE 213
QoS Commands Chapter 23.QoS Commands qos The qos Global Configuration mode command enables quality of service (QoS) on the device. Use the no form of this command to disable QoS on the device. Syntax qos no qos Parameters This command has no arguments or keywords. Default Configuration QoS is disabled on the device. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables QoS on the device.
PAGE 214
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example displays QoS attributes when QoS is disabled on the device. console> show qos Qos: disable Trust: dscp priority-queue out num-of-queues The priority-queue out num-of-queues Global Configuration mode command configures the number of expedite queues. Use the no form of this command to return to the default configuration.
PAGE 215
QoS Commands Parameters rate — Maximum kilobits per second of ingress traffic on a port. (Range: 3500 - 1000000). • Default Configuration 1000 Kbits/Sec Command Mode Interface Configuration (Ethernet) mode User Guidelines The command can be enabled on a specific port only if port storm-control Broadcast enable interface configuration command is not enabled on that port. Example The following example limits the rate of the incoming traffic to 62.
PAGE 216
Allied Telesis AT-8000GS Command Line Interface User’s Guide show qos interface The show qos interface User EXEC mode command displays interface QoS information.
PAGE 217
QoS Commands 2 1 3 2 4 3 5 3 6 4 7 4 wrr-queue cos-map The wrr-queue cos-map Global Configuration mode command maps Class of Service (CoS) values to a specific egress queue. Use the no form of this command to return to the default configuration. Syntax wrr-queue cos-map queue-id cos1...cos8 no wrr-queue cos-map [queue-id] Parameters queue-id — Specifies the queue number to which the CoS values are mapped. • • cos1...cos8 — Specifies CoS values to be mapped to a specific queue.
PAGE 218
Allied Telesis AT-8000GS Command Line Interface User’s Guide qos trust (Global) The qos trust Global Configuration mode command configures the system to basic mode and the trust state. Use the no form to return untrusted state. Syntax qos trust {cos | dscp} no qos trust Parameters cos — Classifies ingress packets with the packet CoS values. For untagged packets, the port default CoS is • • used. dscp — Classifies ingress packets with the packet DSCP values.
PAGE 219
QoS Commands Parameters dscp-list — Specifies up to 8 DSCP values separated by a space. (Range: 0 - 63) • • queue-id — Specifies the queue number to which the DSCP values are mapped. (Range: 1 - 4 Default Configuration The following table describes the default map. DSCP value Qu eue -ID 00-15 1 16-31 2 32-47 3 48-63 4 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example maps DSCP values 33, 40 and 41 to queue 1.
PAGE 220
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines If the port is trusted, the default CoS value of the port is used to assign a CoS value to all untagged packets entering the port. Example The following example configures port 1/g16 default CoS value to 3. console(config)# interface ethernet 1/g16 console(config-if) qos cos 3 show qos map The show qos map User EXEC mode command displays all QoS maps.
PAGE 221
QoS Commands The following table describes the significant fields shown above.
PAGE 222
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 24.Radius Commands radius-server host The radius-server host Global Configuration mode command specifies a RADIUS server host. Use the no form of this command to delete the specified RADIUS host.
PAGE 223
Radius Commands User Guidelines To specify multiple hosts, multiple radius-server host commands can be used. If no host-specific timeout, retries, deadtime or key-string values are specified, global values apply to each RADIUS server host. The address type of the source parameter must be the same as the ip-address parameter. Example The following example specifies a RADIUS server host with IP address 192.168.10.1, authentication request port number 20 and a 20-second timeout period.
PAGE 224
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax radius-server retransmit retries no radius-server retransmit Parameters retries — Specifies the retransmit value. (Range: 1 - 10) • Default Configuration The software searches the list of RADIUS server hosts 3 times. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
PAGE 225
Radius Commands Example The following example configures the source IP address used for communication with RADIUS servers to 10.1.1.1. console(config)# radius-server source-ip 10.1.1.1 radius-server source-ipv6 The radius-server source-ipv6 Global Configuration mode command specifies the source IP address used for IPv6 communication with the RADIUS servers. Use the no form of this command to return to the default configuration.
PAGE 226
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration The timeout value is 3 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures the timeout interval to 5 seconds. console(config)# radius-server timeout 5 radius-server deadtime The radius-server deadtime Global Configuration mode command improves RADIUS response time when servers are unavailable.
PAGE 227
Radius Commands Syntax show radius-servers Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays RADIUS server settings.
PAGE 228
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 25.RMON Commands show rmon statistics The show rmon statistics User EXEC mode command displays RMON Ethernet statistics. Syntax show rmon statistics {ethernet interface number | port-channel port-channel-number} Parameters interface number — Valid Ethernet port. • • port-channel-number — Valid port-channel number. Default Configuration This command has no default configuration.
PAGE 229
RMON Commands The following table describes significant fields shown above: Field De scrip tio n Octets The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets). Packets The total number of packets (including bad packets, Broadcast packets, and Multicast packets) received. Broadcast The total number of good packets received and directed to the Broadcast address. This does not include Multicast packets.
PAGE 230
Allied Telesis AT-8000GS Command Line Interface User’s Guide rmon collection history The rmon collection history Interface Configuration (Ethernet, port-channel) mode command enables a Remote Monitoring (RMON) MIB history statistics group on an interface. Use the no form of this command to remove a specified RMON history statistics group.
PAGE 231
RMON Commands Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays all RMON history group statistics.
PAGE 232
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Examples The following examples displays RMON Ethernet history statistics for index 1.
PAGE 233
RMON Commands console> show rmon history 1 other Sample Set: 1 Owner: Me Interface: 1/g16 Interval: 1800 Requested samples: 50 Granted samples: 50 Maximum table size: 500 Time Dropped Collisions -------------------- -------- ---------- Jan 18 2009 21:57:00 3 0 Jan 18 2009 21:57:30 3 0 The following table describes significant fields shown above: Field D escr ip tio n Time Date and Time the entry is recorded.
PAGE 234
Allied Telesis AT-8000GS Command Line Interface User’s Guide Dropped The total number of events in which packets were dropped by the probe due to lack of resources during this sampling interval. This number is not necessarily the number of packets dropped, it is just the number of times this condition has been detected. Collisions The best estimate of the total number of collisions on this Ethernet segment during this sampling interval.
PAGE 235
RMON Commands Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
PAGE 236
Allied Telesis AT-8000GS Command Line Interface User’s Guide 1 1.3.6.1.2.1.2.2.1.10.1 CLI 2 1.3.6.1.2.1.2.2.1.10.1 Manager 3 1.3.6.1.2.1.2.2.1.10.9 CLI The following table describes significant fields shown above: Field Desc ription Index An index that uniquely identifies the entry. OID Monitored variable OID. Owner The entity that configured this entry. show rmon alarm The show rmon alarm User EXEC mode command displays alarm configuration.
PAGE 237
RMON Commands Example The following example displays RMON 1 alarms. console> show rmon alarm 1 Alarm 1 ------OID: 1.3.6.1.2.1.2.2.1.10.1 Last sample Value: 878128 Interval: 30 Sample Type: delta Startup Alarm: rising Rising Threshold: 8700000 Falling Threshold: 78 Rising Event: 1 Falling Event: 1 Owner: CLI The following table describes the significant fields shown in the display: Field Desc rip tio n Alarm Alarm index. OID Monitored variable OID.
PAGE 238
Allied Telesis AT-8000GS Command Line Interface User’s Guide Falling Event The event index used when a falling threshold is crossed. Owner The entity that configured this entry. rmon event The rmon event Global Configuration mode command configures an event. Use the no form of this command to remove an event. Syntax rmon event index type [community text] [description text] [owner name] no rmon event index Parameters index — Specifies the event index.
PAGE 239
RMON Commands Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the RMON event table.
PAGE 240
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters event — Specifies the event index. (Range: 0 - 65535) • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the RMON log table.
PAGE 241
RMON Commands Syntax rmon table-size {history entries | log entries} no rmon table-size {history | log} Parameters history entries — Maximum number of history table entries. (Range: 20 - 270) • • log entries — Maximum number of log table entries. (Range: 20 -100) Default Configuration History table size is 270. Log table size is 200. Command Mode Global Configuration mode User Guidelines The configured table size takes effect after the device is rebooted.
PAGE 242
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 26.SNMP Commands snmp-server community The snmp-server community Global Configuration mode command configures the community access string to permit access to the SNMP protocol. Use the no form of this command to remove the specified community string.
PAGE 243
SNMP Commands The internal security name for SNMPv1 and SNMPv2 security models is mapped to the group name. Example The following example defines community access string public to permit administrative access to SNMP protocol at an administrative station with IP address 192.168.1.20. console(config)# snmp-server community public su 192.168.1.20 snmp-server view The snmp-server view Global Configuration mode command creates or updates a Simple Network Management Protocol (SNMP) server view entry.
PAGE 244
Allied Telesis AT-8000GS Command Line Interface User’s Guide snmp-server group The snmp-server group Global Configuration mode command configures a new Simple Management Protocol (SNMP) group or a table that maps SNMP users to SNMP views. Use the no form of this command to remove a specified SNMP group.
PAGE 245
SNMP Commands snmp-server user The snmp-server user Global Configuration mode command configures a new SNMP Version 3 user. Use the no form of this command to remove a user. Syntax snmp-server user username groupname [remote engineid-string] [ auth-md5 password | auth-sha password | auth-md5-key md5-des-keys | auth-sha-key sha-des-keys] no snmp-server user username [remote engineid-string] Parameters username — Specifies the name of the user on the host that connects to the agent.
PAGE 246
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example configures an SNMPv3 user John in group user-group. console(config)# snmp-server user John user-group snmp-server engineID local The snmp-server engineID local Global Configuration mode command specifies the Simple Network Management Protocol (SNMP) engineID on the local device. Use the no form of this command to remove the configured engine ID.
PAGE 247
SNMP Commands local engine ID. The user’s command line password is then destroyed, as required by RFC 2274. As a result, the security digests of SNMPv3 users become invalid if the local value of the engine ID change, and the users will have to be reconfigured. You cannot specify an engine ID that consists of all 0x0, all 0xF or 0x000000001. The show running-config Privileged EXEC mode command does not display the SNMP engine ID configuration.
PAGE 248
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax snmp-server filter filter-name oid-tree {included | excluded} no snmp-server filter filter-name [oid-tree] Parameters filter-name — Specifies the label for the filter record that is being updated or created. The name is used to • • • • reference the record. (Range: 1 - 30 characters) oid-tree — Specifies the object identifier of the ASN.1 subtree to be included or excluded from the view.
PAGE 249
SNMP Commands Parameters ipv4-address — IPv4 address of the host (the targeted recipient). An out-of-band IP address can be specified • • • • • • • • • • • • as described in the usage guidelines. ipv6-address — IPv6 address of the host (the targeted recipient). When the IPv6 address is a Link Local address (IPv6Z address), the outgoing interface name must be specified. Refer to the usage guidelines for the interface name syntax. hostname — Specifies the name of the host.
PAGE 250
Allied Telesis AT-8000GS Command Line Interface User’s Guide snmp-server v3-host The snmp-server v3-host Global Configuration mode command specifies the recipient of Simple Network Management Protocol Version 3 notifications. Use the no form of this command to remove the specified host.
PAGE 251
SNMP Commands Example The following example configures an SNMPv3 host. console(config)# snmp-server v3-host 192.168.0.20 john noauth snmp-server trap authentication The snmp-server trap authentication Global Configuration mode command enables the device to send SNMP traps when authentication fails. Use the no form of this command to disable SNMP failed authentication traps. Syntax snmp-server trap authentication no snmp-server trap authentication Parameters This command has no arguments or keywords.
PAGE 252
Allied Telesis AT-8000GS Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines Do not include spaces in the text string or place text that includes spaces inside quotation marks. Example The following example configures the system contact point called ATI_Technical_Support. console(config)# snmp-server contact ATI_Technical_Support snmp-server location The snmp-server location Global Configuration mode command configures the system location string.
PAGE 253
SNMP Commands Parameters variable-name — MIB variable name. • • name value — List of name and value pairs. In the case of scalar MIBs, only a single pair of name values. In the case of an entry in a table, at least one pair of name and value followed by one or more fields. Default Configuration This command has no default configuration.
PAGE 254
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example displays the SNMP communications status. console# show snmp CommunityString CommunityAccess View name IP address ---------- ---------- --------- -------- public read only user-view All private read write Default 172.16.1.1 private su DefaultSuper 172.17.1.1 Group name IP address Community-string ---------------- ---------- ---------- public user-group all Traps are enabled.
PAGE 255
SNMP Commands IP Address Management station IP Address. Trap-Rec-Address Targeted Recipient Trap-Rec-Community Statistics sent with the notification operation. Version SNMP version for the sent trap 1 or 2. show snmp engineid The show snmp engineID Privileged EXEC mode command displays the ID of the local Simple Network Management Protocol (SNMP) engine. Syntax show snmp engineID Parameters This command has no arguments or keywords.
PAGE 256
Allied Telesis AT-8000GS Command Line Interface User’s Guide Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the configuration of views. console# show snmp views Name OID Tree Type ----------- ----------------------- --------- user-view 1.3.6.1.2.1.1 Included user-view 1.3.6.1.2.1.1.7 Excluded user-view 1.3.6.1.2.1.2.2.1.*.
PAGE 257
SNMP Commands user-group V3 priv Default "" "" managers-group V3 priv Default Default "" managers-group V3 priv Default "" "" The following table describes significant fields shown above. Field Description Name Name of the group. Security Model SNMP model in use (v1, v2 or v3). Security Level Authentication of a packet with encryption. Applicable only to the SNMP v3 security model. Views Read Name of the view that enables only viewing the contents of the agent.
PAGE 258
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example displays the configuration of filters. console# show snmp filters Name OID Tree Type ----------- ----------------------- --------- user-filter 1.3.6.1.2.1.1 Included user-filter 1.3.6.1.2.1.1.7 Excluded user-filter 1.3.6.1.2.1.2.2.1.*.1 Included show snmp users The show snmp users Privileged EXEC mode command displays the configuration of users.
PAGE 259
Spanning-Tree Commands Chapter 27.Spanning-Tree Commands spanning-tree The spanning-tree Global Configuration mode command enables spanning-tree functionality. Use the no form of this command to disable spanning-tree functionality. Syntax spanning-tree no spanning-tree Parameters This command has no arguments or keywords. Default Configuration Spanning-tree is enabled. Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command.
PAGE 260
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration STP is enabled. Command Modes Global Configuration mode User Guidelines In RSTP mode, the device uses STP when the neighbor device uses STP. In MSTP mode, the device uses RSTP when the neighbor device uses RSTP and uses STP when the neighbor device uses STP. Example The following example configures the spanning-tree protocol to RSTP.
PAGE 261
Spanning-Tree Commands spanning-tree hello-time The spanning-tree hello-time Global Configuration mode command configures the spanning tree bridge hello time, which is how often the device Broadcasts hello messages to other devices. Use the no form of this command to return to the default configuration. Syntax spanning-tree hello-time seconds no spanning-tree hello-time Parameters seconds — Time in seconds.
PAGE 262
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines When configuring the maximum age, the following relationships should be kept: 2*(Forward-Time - 1) >= Max-Age Max-Age >= 2*(Hello-Time + 1) Example The following example configures the spanning tree bridge maximum-age to 10 seconds. console(config)# spanning-tree max-age 10 spanning-tree priority The spanning-tree priority Global Configuration mode command configures the spanning tree priority of the device.
PAGE 263
Spanning-Tree Commands Parameters This command has no arguments or keywords. Default Configuration Spanning tree is enabled on all ports. Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example disables spanning-tree on Ethernet port 1/g16.
PAGE 264
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines The path cost method is configured using the spanning-tree pathcost method Global Configuration mode command. Example The following example configures the spanning-tree cost on Ethernet port 1/g16 to 35000. console(config)# interface ethernet 1/g16 console(config-if)# spanning-tree cost 35000 spanning-tree port-priority The spanning-tree port-priority Interface Configuration mode command configures port priority.
PAGE 265
Spanning-Tree Commands Parameters This command has no arguments or keywords. Default Configuration PortFast mode is disabled. Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines This feature should be used only with interfaces connected to end stations. Otherwise, an accidental topology loop could cause a data packet loop and disrupt device and network operations. Example The following example enables PortFast on Ethernet port 1/g16.
PAGE 266
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example enables shared spanning-tree on Ethernet port 1/g16. console(config)# interface ethernet 1/g16 console(config-if)# spanning-tree link-type shared spanning-tree pathcost method The spanning-tree pathcost method Global Configuration mode command sets the default path cost method. Use the no form of this command to return to the default configuration.
PAGE 267
Spanning-Tree Commands Default Configuration The default setting is flooding. Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example defines BPDU packet flooding when the spanning-tree is disabled on an interface.
PAGE 268
Allied Telesis AT-8000GS Command Line Interface User’s Guide spanning-tree bpduguard The spanning-tree bpduguard Interface Configuration (Ethernet, port-channel) mode command shutsdown an interface when it receives a bridge protocol data unit (BPDU). Use the no form of this command to restore the default configuration. Syntax spanning-tree bpduguard no spanning-tree bpduguard Parameters This command has no arguments or keywords. Default Configuration The default configuration is set to disabled.
PAGE 269
Spanning-Tree Commands User Guidelines This feature should be used only when working in RSTP or MSTP mode. Example The following example restarts the protocol migration process on Ethernet port 1/g16. console# clear spanning-tree detected-protocols ethernet 1/g16 spanning-tree mst priority The spanning-tree mst priority Global Configuration mode command configures the device priority for the specified spanning-tree instance. Use the no form of this command to return to the default configuration.
PAGE 270
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters hop-count—Number of hops in an MST region before the BDPU is discarded .(Range: 1-40) • Default Configuration The default number of hops is 20. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures the maximum number of hops that a packet travels in an MST region before it is discarded to 10.
PAGE 271
Spanning-Tree Commands spanning-tree mst cost The spanning-tree mst cost Interface Configuration mode command configures the path cost for multiple spanning tree (MST) calculations. If a loop occurs, the spanning tree considers path cost when selecting an interface to put in the forwarding state. Use the no form of this command to return to the default configuration.
PAGE 272
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines All devices in an MST region must have the same VLAN mapping, configuration revision number and name. Example The following example configures an MST region.
PAGE 273
Spanning-Tree Commands Example The following example maps VLANs 10 - 20 to MST instance 1. console(config)# spanning-tree mst configuration console(config-mst)# instance 1 add vlan 10-20 name (mst) The name MST Configuration mode command defines the configuration name. Use the no form of this command to return to the default setting. Syntax name string no name Parameters string—MST configuration name. Case-sensitive (Range: 1 - 32 characters). • Default Configuration The default name is a bridge ID.
PAGE 274
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration The default configuration revision number is 0. Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets the configuration revision to 1. console(config) # spanning-tree mst configuration console(config-mst) # revision 1 show (mst) The show MST Configuration mode command displays the current or pending MST region configuration.
PAGE 275
Spanning-Tree Commands Instance Vlans Mapped State -------- ------------ ------- 0 1-9,21-4094 Enabled 1 10-20 Enabled exit (mst) The exit MST Configuration mode command exits the MST configuration mode and applies all configuration changes. Syntax exit Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command.
PAGE 276
Allied Telesis AT-8000GS Command Line Interface User’s Guide Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command. Example The following example exits the MST configuration mode without saving changes. console(config) # spanning-tree mst configuration console(config-mst) # abort show spanning-tree The show spanning-tree Privileged EXEC mode command shows spanning tree configuration.
PAGE 277
Spanning-Tree Commands Examples The following examples displays spanning-tree information. console# show spanning-tree Spanning tree enabled mode RSTP Default port cost method: long Root ID Priority 32768 Address 00:01:42:97:e0:00 Path Cost 20000 Root Port 1 (1/g1) Hello Time 2 sec Max Age 20 sec Priority 36864 Address 00:02:4b:29:7a:00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Name State Prio.
PAGE 278
Allied Telesis AT-8000GS Command Line Interface User’s Guide ---- ------- -------- ----- --- ---- -------- ---------- 1/g1 Enabled 128.1 20000 FWD Desg No P2p (RSTP) 1/g2 Enabled 128.2 20000 FWD Desg No Shared (STP) 1/g3 Disabled 128.3 20000 - - - - 1/g4 Enabled 128.4 20000 FWD Desg No Shared (STP) 1/g5 Enabled 128.
PAGE 279
Spanning-Tree Commands console# show spanning-tree active Spanning tree enabled mode RSTP Default port cost method: long Root ID Priority 32768 Address 00:01:42:97:e0:00 Path Cost 20000 Root Port 1 (1/g1 Hello Time 2 sec Max Age 20 sec Priority 36864 Address 00:02:4b:29:7a:00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Name State Prio.Nbr Cost Sts Role PortFast Type ---- ------- -------- ----- --- ---- -------- ---------- 1/g1 Enabled 128.
PAGE 280
Allied Telesis AT-8000GS Command Line Interface User’s Guide Name State Prio.Nbr Cost Sts Role PortFast Type ---- ------- -------- ----- --- ---- -------- ---------- 1/g4 Enabled 128.
PAGE 281
Spanning-Tree Commands Number of transitions to forwarding state: 1 BPDU: sent 2, received 170638 Port 3 (1/g3) disabled State: N/A Role: N/A Port id: 128.3 Port cost: 20000 Type: N/A (configured: auto) Port Fast: N/A (configured:no) Designated bridge Priority: N/A Address: N/A Designated port id: N/A Designated path cost: N/A Number of transitions to forwarding state: N/A BPDU: sent N/A, received N/A Port 4 (1/g4) enabled State: Blocking Role: Alternate Port id: 128.
PAGE 282
Allied Telesis AT-8000GS Command Line Interface User’s Guide console# show spanning-tree ethernet 1/g1 Port 1 (1/g1) enabled State: Forwarding Role: Root Port id: 128.1 Port cost: 20000 Type: P2p (configured: auto) RSTP Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:01:42:97:e0:00 Designated port id: 128.
PAGE 283
Spanning-Tree Commands Name State Prio.Nbr Cost Sts Role PortFast Type ---- ------- -------- ----- --- ---- -------- ---------- 1/g1 Enabled 128.1 20000 FWD Root No P2p Bound (RSTP) 1/g2 Enabled 128.2 20000 FWD Desg No Shared Bound (STP) 1/g3 Enabled 128.3 20000 FWD Desg No P2p 1/g4 Enabled 128.
PAGE 284
Allied Telesis AT-8000GS Command Line Interface User’s Guide Hello Time 2 sec IST Master ID Max Age 20 sec Priority 32768 Address 00:02:4b:29:7a:00 Forward Delay 15 sec This switch is the IST master. Hello Time 2 sec Max hops Max Age 20 sec Forward Delay 15 sec 20 Number of topology changes 2 last change occurred 2d18h ago Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Port 1 (1/g1) enabled State: Forwarding Role: Root Port id: 128.
PAGE 285
Spanning-Tree Commands Port 4 (1/g4) enabled State: Forwarding Role: Designated Port id: 128.4 Port cost: 20000 Type: Shared (configured: auto) Internal Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:7a:00 Designated port id: 128.
PAGE 286
Allied Telesis AT-8000GS Command Line Interface User’s Guide Designated port id: 128.2 Designated cost: 20000 Guard Root: Disabled BPDU Guard: Disabled Number of transitions to forwarding state: 1 BPDU: sent 2, received 170638 Port 3 (1/g3) disabled State: Blocking Role: Alternate Port id: 128.3 Port cost: 20000 Type: Shared (configured: auto) Internal Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:1a:19 Designated port id: 128.
PAGE 287
Spanning-Tree Commands Bridge ID Address 00:02:4b:19:7a:00 Path Cost 10000 Rem hops 19 Priority 32768 Address 00:02:4b:29:7a:00 Hello Time 2 sec Max hops Max Age 20 sec Forward Delay 15 sec 20 console# show spanning-tree Spanning tree enabled mode MSTP Default port cost method: long ###### MST 0 Vlans Mapped: 1-9 CST Root ID Priority 32768 Address 00:01:42:97:e0:00 This switch is root for CST and IST master.
PAGE 288
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 28.SSH Commands ip ssh port The ip ssh port Global Configuration mode command specifies the port to be used by the SSH server. Use the no form of this command to return to the default configuration. Syntax ip ssh port port-number no ip ssh port Parameters port-number — Port number for use by the SSH server (Range: 1 - 65535). • Default Configuration The default port number is 22.
PAGE 289
SSH Commands Command Mode Global Configuration mode User Guidelines If encryption keys are not generated, the SSH server is in standby until the keys are generated. To generate SSH server keys, use the crypto key generate dsa, and crypto key generate rsa Global Configuration mode commands. Example The following example enables configuring the device from a SSH server.
PAGE 290
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax crypto key generate rsa Parameters This command has no arguments or keywords. Default Configuration RSA key pairs do not exist. Command Mode Global Configuration mode User Guidelines RSA keys are generated in pairs: one public RSA key and one private RSA key. If the device already has RSA keys, a warning and prompt to replace the existing keys with new keys are displayed.
PAGE 291
SSH Commands Example The following example enables public key authentication for incoming SSH sessions. console(config)# ip ssh pubkey-auth crypto key pubkey-chain ssh The crypto key pubkey-chain ssh Global Configuration mode command enters the SSH Public Key-chain Configuration mode. The mode is used to manually specify other device public keys such as SSH client public keys. Syntax crypto key pubkey-chain ssh Parameters This command has no arguments or keywords.
PAGE 292
Allied Telesis AT-8000GS Command Line Interface User’s Guide user-key The user-key SSH Public Key-string Configuration mode command specifies which SSH public key is manually configured. Use the no form of this command to remove an SSH public key. Syntax user-key username {rsa | dsa} no user-key username Parameters username — Specifies the username of the remote SSH client. (Range: 1-48 characters) • • rsa — Indicates the RSA key pair. • dsa — Indicates the DSA key pair.
PAGE 293
SSH Commands Default Configuration No keys exist. Command Mode SSH Public Key-string Configuration mode User Guidelines Use the key-string SSH Public Key-string Configuration mode command to specify which SSH public key is to be interactively configured next. To complete the command, you must enter a row with no characters. Use the key-string row SSH Public Key-string Configuration mode command to specify the SSH public key row by row. Each row must begin with a key-string row command.
PAGE 294
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the SSH server configuration. console# show ip ssh SSH server enabled. Port: 22 RSA key was generated. DSA (DSS) key was generated. SSH Public Key Authentication is enabled.
PAGE 295
SSH Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the SSH public RSA keys on the device.
PAGE 296
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example displays SSH public keys stored on the device.
PAGE 297
Syslog Commands Chapter 29.Syslog Commands logging on The logging on Global Configuration mode command controls error message logging. This command sends debug or error messages to a logging process, which logs messages to designated locations asynchronously to the process that generated the messages. Use the no form of this command to disable the logging process. Syntax logging on no logging on Parameters This command has no arguments or keywords. Default Configuration Logging is enabled.
PAGE 298
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters ipv4-address — Specifies the IPv4 address of the host to be used as a syslog server. • • Ipv6-address — Specifies the IPv6 address of the host to be used as a syslog server. • hostname — Specifies the host name of the syslog server. (Range: 1 - 158 characters) • port — Specifies the port number for syslog messages. (Range: 1 - 65535) • level — Specifies the severity level of logged messages sent to the syslog servers.
PAGE 299
Syslog Commands Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example limits logging messages displayed on the console to severity level errors. console(config)# logging console errors logging buffered The logging buffered Global Configuration mode command limits syslog messages displayed from an internal buffer based on severity. Use the no form of this command to cancel using the buffer.
PAGE 300
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax logging buffered size number no logging buffered size Parameters number — Specifies the maximum number of messages stored in the history table. (Range: 20 - 400) • Default Configuration The default number of messages is 200. Command Mode Global Configuration mode User Guidelines This command takes effect only after Reset. Example The following example changes the number of syslog messages stored in the internal buffer to 300.
PAGE 301
Syslog Commands logging file The logging file Global Configuration mode command limits syslog messages sent to the logging file based on severity. Use the no form of this command to cancel using the logging file. Syntax logging file level no logging file Parameters level — Specifies the severity level of syslog messages sent to the logging file. Possible values: • emergencies, alerts, critical, errors, warnings, notices, informational and debugging.
PAGE 302
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example clears messages from the logging file. console# clear logging file Clear Logging File [y/n] aaa logging The aaa logging Global Configuration mode command enables logging AAA login events. Use the no form of this command to disable logging AAA login events.
PAGE 303
Syslog Commands Parameters copy — Indicates logging messages related to file copy operations. • • delete-rename — Indicates logging messages related to file deletion and renaming operations. Default Configuration Logging file system events is enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables logging messages related to file copy operations.
PAGE 304
Allied Telesis AT-8000GS Command Line Interface User’s Guide show logging The show logging Privileged EXEC mode command displays the state of logging and the syslog messages stored in the internal buffer. Syntax show logging Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
PAGE 305
Syslog Commands Buffer log: 11-Aug-2009 15:41:43: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up 11-Aug-2009 15:41:43: %LINK-3-UPDOWN: Interface Ethernet1/0, changed state to up 11-Aug-2009 15:41:43: %LINK-3-UPDOWN: Interface Ethernet1/1, changed state to up 11-Aug-2009 15:41:43: %LINK-3-UPDOWN: Interface Ethernet1/2, changed state to up 11-Aug-2009 15:41:43: %LINK-3-UPDOWN: Interface Ethernet1/3, changed state to up 11-Aug-2009 15:41:43: %SYS-5-CONFIG_I: Configured from memory by console 1
PAGE 306
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example displays the logging state and the syslog messages stored in the logging file. Console# show logging file Logging is enabled. Console logging: level debugging. Console Messages: 0 Dropped (severity). Buffer logging: level debugging. Buffer Messages: 11 Logged, 200 Max. File logging: level notifications. File Messages: 0 Dropped (severity). Syslog server 192.180.2.27 logging: errors. Messages: 6 Dropped (severity).
PAGE 307
Syslog Commands Syntax show syslog-servers Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the settings of the syslog servers. console# show syslog-servers Device Configuration IP address Port Severity Facility Description ------------ ---- ------------- -------- ----------- 192.180.2.
PAGE 308
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 30.TACACS+ Commands tacacs-server host The tacacs-server host Global Configuration mode command specifies a TACACS+ host. Use the no form of this command to delete the specified name or address.
PAGE 309
TACACS+ Commands Example The following example specifies a TACACS+ host. console(config)# tacacs-server host 172.16.1.1 tacacs-server key The tacacs-server key Global Configuration mode command sets the authentication encryption key used for all TACACS+ communications between the device and the TACACS+ daemon. Use the no form of this command to disable the key.
PAGE 310
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration 5 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets the timeout value to 30. console(config)# tacacs-server timeout 30 tacacs-server source-ip The tacacs-server source-ip Global Configuration mode command configures the source IP address to be used for communication with TACACS+ servers.
PAGE 311
TACACS+ Commands Syntax show tacacs [ip-address] Parameters ip-address — Name or IP address of the TACACS+ server. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays configuration and statistical information about a TACACS+ server.
PAGE 312
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 31.Tunnel Commands interface tunnel The interface tunnel Global Configuration mode command enters tunnel interface configuration mode. Syntax interface tunnel number Parameters number — Tunnel index. • Default Configuration This command has no default configuration. Command Mode Global Configuration mode. User Guidelines There are no user guidelines for this command.
PAGE 313
Tunnel Commands Command Mode Interface Tunnel Configuration mode. User Guidelines The system can be enabled to an ISATAP tunnel. When enabled, an automatic tunnel interface is created on • each interface that is assigned with an IPv4 address. Note On a specific interface (that is port/ VLAN), both native IPv6 and transition mechanisms can coexist. The host implementation chooses the egress interface according to the scope of the destination IP address (for example ISATAP/ Native IPv6).
PAGE 314
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example configures a global string ATI_Tunnel_Router to represent a specific automatic tunnel router domain name: console(config)# interface tunnel 1 console(config-tunnel)# tunnel isatap router ATI_Tunnel_Router tunnel source The tunnel source Interface Tunnel Configuration mode command sets the local (source) tunnel interface IPv4 address. Use the no form to delete the tunnel local address.
PAGE 315
Tunnel Commands no tunnel isatap query-interval Parameters seconds — Specifies the number of seconds between DNS Queries. (Range: 10 - 3600) • Default Configuration 10 seconds. Command Mode Global Configuration mode. User Guidelines This command determines the interval of DNS queries before the IP address of the ISATAP router is known. • When the IP address is known, the robustness level that is set by the tunnel isatap robustness global configuration command determines the refresh rate.
PAGE 316
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example configures the interval between ISATAP router solicitations messages to 60 seconds. console(config)# tunnel isatap solicitation-interval 60 tunnel isatap robustness The tunnel isatap robustness Global Configuration mode command configures the number of DNS Query/Router Solicitation refresh messages that the device sends. Use the no form of this command to return to default.
PAGE 317
Tunnel Commands Default Configuration This command has no default setting. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example The following example displays information on the ISATAP tunnel: console> show ipv6 tunnel Router DNS name: ISATAP Router IPv4 address: 172.16.1.
PAGE 318
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 32.System Management Commands ping The ping User EXEC mode command sends ICMP echo request packets to another node on the network. Syntax ping {ipv4-address | hostname } [size packet_size] [count packet_count] [timeout time_out] ping ipv6 {ipv6-address | hostname } [size packet_size] [count packet_count] [timeout time_out] Parameters ipv6 — Uses IPv6 to check the network connectivity. • • ipv4-address — IPv4 address to ping.
PAGE 319
System Management Commands – • physical-port-name = Product specific. When using the ping ipv6 command to check network connectivity of a directly attached host using its link local address, the egress interface must be specified as defined in RFC 4007. Example The following example displays pinging results: console> ping 10.1.1.1 Pinging 10.1.1.1 with 64 bytes of data: 64 64 64 64 bytes bytes bytes bytes from from from from 10.1.1.1: 10.1.1.1: 10.1.1.1: 10.1.1.1: icmp_seq=0. icmp_seq=1.
PAGE 320
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters ip-address — IP address of the destination host. An out-of-band IP address can be specified as described in • the usage guidelines (Nust be a valid IP address). hostname — Host name of the destination host (Range 1 - 158 characters - Max. label size:63). port — A decimal TCP port number, or one of the keywords from the ports table in the usage guidelines. The default is the Telnet port (decimal 22) on the host.
PAGE 321
System Management Commands Several concurrent Telnet sessions can be opened and switched. To open a subsequent session, the current connection has to be suspended by pressing the escape sequence keys (Ctrl-shift-6) and x to return to the system command prompt. Then open a new connection with the Telnet User EXEC mode command. Table 2: Keywords Table Op tio n Des cri pti on /echo Enables local echo /quiet Prevents onscreen display of all messages from the software.
PAGE 322
Allied Telesis AT-8000GS Command Line Interface User’s Guide Table 3: Ports Table Key wo rd Des cription Por t n um ber pop3 Post Office Protocol v3 110 smtp Simple Mail Transport Protocol 25 sunpc Sun Remote Procedure Call 111 syslog Syslog 514 tacacs TAC Access Control System 49 talk Talk 517 telnet Telnet 23 time Time 37 UUCP Unix-to-Unix Copy Program 540 whois Nicname 43 www World Wide Web 80 reload The reload Privileged EXEC mode command reloads the operating syst
PAGE 323
System Management Commands resume Syntax resume [connection] Default Configuration The default connection number is that of the most recent connection. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following command switches to open Telnet session number 1. console> resume 1 hostname The hostname Global Configuration mode command specifies or modifies the device host name. Use the no form of this command to remove the existing host name.
PAGE 324
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example specifies the device host name. console(config)# hostname stack stack(config)# no hostname console(config)# stack master The stack master Global Configuration mode command enables forcing the selection of a stack master. Use the no form of this command to return to the default configuration.
PAGE 325
System Management Commands Syntax stack reload [unit unit] Parameters unit — Number of the unit to be reloaded (Range: 1 - 6) • Default Configuration All units are reloaded. Command Modes Privileged EXEC mode User Guidelines This command is not relevant to standalone devices. If no unit is specified, all units are reloaded. Example The following example reloads Unit 2 of the stack.
PAGE 326
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example This example changes Unit Number 6 to Unit Number 5. The command takes effect only after resetting the device. console# config console(config)# stack change unit-id 6 to 5 show stack The show stack User EXEC mode command displays information about the status of a stack. Syntax show stack [unit unit] Parameters unit — Specifies the number of the unit. (Range: 1 - 6) • Default Configuration This command has no default configuration.
PAGE 327
System Management Commands console# show stack 1 Unit: 1 MAC address: 00:15:77:74:64:40 Master: Enabled. Product: AT -S95/48. Software: v1.1.0.23 Uplink unit: 2 Downlink unit: 3. Status: Master Active image: image-2. Selected for next boot: image-2. Topology is Ring Unit Num After Reset: 1 show users The show users User EXEC mode command displays information about the active users. Syntax show users Parameters This command has no arguments or keywords.
PAGE 328
Allied Telesis AT-8000GS Command Line Interface User’s Guide show sessions The show sessions User EXEC mode command lists open Telnet sessions. Syntax show sessions Parameters This command has no arguments or keywords. Default Configuration There is no default configuration for this command. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example lists open Telnet sessions.
PAGE 329
System Management Commands Parameters unit— Specifies the number of the unit. (Range: 1 - 6) • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
PAGE 330
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example displays the system information.
PAGE 331
System Management Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the system information. Console> show system id Unit Serial number -------------------- -------------------- 1 8936589782 2 3216523877 show version The show version User EXEC mode command displays system version information.
PAGE 332
Allied Telesis AT-8000GS Command Line Interface User’s Guide Unit SW version Boot version HW version ---- ---------- ------------ ---------- 1 v1.1.0.29 1.0.1.06 01.00.00 2 v1.1.0.29 1.0.1.06 01.00.00 3 v1.1.0.29 1.0.1.06 01.00.00 4 v1.1.0.29 1.0.1.06 01.00.00 5 v1.1.0.29 1.0.1.06 01.00.00 6 v1.1.0.29 1.0.1.06 01.00.00 console# show system defaults The show system defaults User EXEC mode command displays specified system defaults.
PAGE 333
System Management Commands Example The following example displays the system defaults. console# show system defaults System Mode: Switch # Management defaults Telnet: Enabled SSH: Enabled HTTP: Enabled, port 80 HTTPS: Enabled, port 443 SNMP: Enabled.
PAGE 334
Allied Telesis AT-8000GS Command Line Interface User’s Guide 20 GE regular 4 GE combo Duplex: Full Negotiation: Enabled Flow control: Off Mdix mode: auto Storm control: Disabled Storm control mode: broadcast, multicast Port security: Disabled LLDP: Enabled LLDPDU Handeling: Filtering Port-Channel Load Balancing: Layer 2 # Bridging defaults Maximum 8K entries Aging time: 5 minutes # Multicast defaults Multicast filtering: Disabled IGMP snooping: Disabled IGMP Querier: Disabled # Port monitoring defaults Por
PAGE 335
System Management Commands GVRP: Disabled Port mode: Access VLAN membership: 1 PVE: not defined # Network security defaults DHCP snooping: Disabled # DOS attacks # IP addressing defaults No IP interface is defined # QOS and ACLs defaults QoS is Disabled QoS Trust Mode: CoS Queue default mapping: cos qid: 0 2 1 1 2 1 3 2 4 3 5 3 6 4 7 4 console# Page 335
PAGE 336
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 33.User Interface Commands do The do command executes an EXEC-level command from Global Configuration mode or any configuration submode. Syntax do command Parameters • command — Specifies the EXEC-level command to execute. Default Configuration This command has no default configuration. Command Mode All Configuration modes User Guidelines There are no user guidelines for this command.
PAGE 337
User Interface Commands enable The enable User EXEC mode command enters the Privileged EXEC mode. Syntax enable [privilege-level] Parameters privilege-level — Privilege level to enter the system. (Range: 1 - 15) • Default Configuration The default privilege level is 15. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
PAGE 338
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example returns to Users EXEC mode. console# disable console> login The login User EXEC mode command changes a login username. Syntax login Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
PAGE 339
User Interface Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example enters Global Configuration mode. console# configure console(config)# exit (Configuration) The exit command exits any configuration mode to the next highest mode in the CLI mode hierarchy. Syntax exit Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration.
PAGE 340
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command. Example The following example closes an active terminal session. console> exit end The end command ends the current configuration session and returns to the Privileged EXEC mode.
PAGE 341
User Interface Commands Syntax help Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode All command modes User Guidelines There are no user guidelines for this command. Example The following example describes the help system. console# help Help may be requested at any point in a command by entering a question mark '?'. If nothing matches the currently entered incomplete command, the help list is empty.
PAGE 342
Allied Telesis AT-8000GS Command Line Interface User’s Guide Command Mode User EXEC mode User Guidelines By default, a More prompt is displayed when the output contains more lines than can be displayed on the screen. Pressing the Enter key displays the next line; pressing the Spacebar displays the next screen of output. The datadump command enables dumping all output immediately after entering the show command. This command is relevant only for the current session.
PAGE 343
User Interface Commands console# show history show version show clock show history 3 commands were logged (buffer size is 10) show privilege The show privilege Privileged/User EXEC mode command displays the current privilege level. Syntax show privilege Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command.
PAGE 344
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 34.VLAN Commands vlan database The vlan database Global Configuration mode command enters the VLAN Configuration mode. Syntax vlan database Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enters the VLAN database mode.
PAGE 345
VLAN Commands Command Mode VLAN Configuration mode User Guidelines There are no user guidelines for this command. Example The following example VLAN number 1972 is created. console(config)# vlan database console(config-vlan)# vlan 1972 interface vlan The interface vlan Global Configuration mode command enters the Interface Configuration (VLAN) mode. Syntax interface vlan vlan-id Parameters vlan-id — Specifies an existing VLAN ID. • Default Configuration This command has no default configuration.
PAGE 346
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax interface range vlan {vlan-range | all} Parameters vlan-range — Specifies a list of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma • • and no spaces; a hyphen designates a range of IDs. all — All existing static VLANs. Default Configuration This command has no default configuration.
PAGE 347
VLAN Commands Example The following example gives VLAN number 19 the name Marketing. console(config)# interface vlan 19 console(config-if)# name Marketing switchport protected The switchport protected Interface Configuration mode command enables Private VLAN Edge, by overriding the FDB decision, and sends all Unicast, Multicast and Broadcast traffic to an uplink port. Use the no form of this command to disable overriding the FDB decisiond.
PAGE 348
Allied Telesis AT-8000GS Command Line Interface User’s Guide switchport mode The switchport mode Interface Configuration mode command configures the VLAN membership mode of a port. Use the no form of this command to return to the default configuration. Syntax switchport mode {access | trunk | general} no switchport mode Parameters access — Indicates an untagged layer 2 VLAN port. • • trunk — Indicates a trunking layer 2 VLAN port. • general — Indicates a full 802-1q supported VLAN port.
PAGE 349
VLAN Commands switchport access vlan The switchport access vlan Interface Configuration mode command configures the VLAN ID when the interface is in access mode. Use the no form of this command to return to the default configuration. Syntax switchport access vlan {vlan-id } no switchport access vlan Parameters vlan-id — Specifies the ID of the VLAN to which the port is configured. • Default Configuration All ports belong to VLAN 1.
PAGE 350
Allied Telesis AT-8000GS Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example adds VLANs 1, 2, 5 to 6 to the allowed list of Ethernet port 1/g16. console(config)# interface ethernet 1/g16 console(config-if)# switchport trunk allowed vlan add 1-2,5-6 switchport trunk native vlan The switchport trunk native vlan Interface Configuration mode command defines the native VLAN when the interface is in trunk mode.
PAGE 351
VLAN Commands Parameters add vlan-list — Specifies the list of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma • • • • and no spaces. A hyphen designates a range of IDs. remove vlan-list — Specifies the list of VLAN IDs to be removed. Separate nonconsecutive VLAN IDs with a comma and no spaces. A hyphen designates a range of IDs. tagged — Indicates that the port transmits tagged packets for the VLANs. untagged — Indicates that the port transmits untagged packets for the VLANs.
PAGE 352
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example configures the PVID for Ethernet port 1/g16, when the interface is in general mode. console(config)# interface ethernet 1/g16 console(config-if)# switchport general pvid 234 switchport general ingress-filtering disable The switchport general ingress-filtering disable Interface Configuration mode command disables the ingress filtering of a port.
PAGE 353
VLAN Commands Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example configures Ethernet port 1/g16 to discard untagged frames at ingress.
PAGE 354
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example sets a mac-based classification rule.
PAGE 355
VLAN Commands Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays macs-groups information console# show vlan macs-groups MAC Address Mask --------------------------0060.704C.73FF FFFF.FFFF.0000 0060.704D.73FF FFFF.FFFF.
PAGE 356
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example forbids adding VLAN IDs 234 to 256 to Ethernet port 1/g16. console(config)# interface ethernet 1/g16 console(config-if)# switchport forbidden vlan add 234-256 ip internal-usage-vlan The ip internal-usage-vlan Interface Configuration mode command reserves a VLAN as the internal usage VLAN of an interface. Use the no form of this command to return to the default configuration.
PAGE 357
VLAN Commands show vlan The show vlan Privileged EXEC mode command displays VLAN information. Syntax show vlan [tag vlan-id | name vlan-name ] Parameters vlan-id — specifies a VLAN ID • • vlan-name — Specifies a VLAN name string. (Range: 1 - 32 characters) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays all VLAN information.
PAGE 358
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays VLANs used internally by the device.
PAGE 359
VLAN Commands Example The following example displays the switchport configuration for Ethernet port 1/g1.
PAGE 360
Allied Telesis AT-8000GS Command Line Interface User’s Guide 73 out console# show interface switchport ethernet 1/g2 Port 1/g2: VLAN Membership mode: General Operating parameters: PVID: 4095 (discard vlan) Ingress Filtering: Enabled Acceptable Frame Type: All Port 1/g1 is member in: Vlan Name Egress rule Type ---- ------------ ----------- ------ 91 IP Telephony tagged Static Static configuration: PVID: 8 Ingress Filtering: Disabled Acceptable Frame Type: All Port 1/g2 is statically configu
PAGE 361
VLAN Commands Acceptable Frame Type: Untagged GVRP status: Disabled Page 361
PAGE 362
Allied Telesis AT-8000GS Command Line Interface User’s Guide Chapter 35.Web Server Commands ip http server The ip http server Global Configuration mode command enables configuring the device from a browser. Use the no form of this command to disable this function. Syntax ip http server no ip http server Parameters This command has no arguments or keywords. Default Configuration HTTP server is enabled.
PAGE 363
Web Server Commands Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate. Specifying 0 as the port number effectively disables HTTP access to the device. Example The following example configures the http port number to 100.
PAGE 364
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax ip https server no ip https server Parameters This command has no arguments or keywords. Default Configuration Disabled. Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate. Example The following example enables configuring the device from a secured browser.
PAGE 365
Web Server Commands Example The following example configures the https port number to 100. console(config)# ip https port 100 ip https exec-timeout iThe ip https exec-timeout Global Configuration mode command sets the interval for the system wait for user input in https sessions, before automatic logoff. Use the no form of this command to restore the default configuration.
PAGE 366
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters number — Specifies the certificate number. (Range: 1 - 2) • • key-generate — Regenerate the SSL RSA key. • length — Specifies the SSL RSA key length. (Range: 512 - 2048) • string — Passphrase used for exporting the certificate in PKCS12 file format. If unspecified the certificate is • • • • • • • not exportable. common- name — Specifies the fully qualified URL or IP address of the device. (Range: 1 - 64).
PAGE 367
Web Server Commands Syntax crypto certificate number request [cn common- name ] [ou organization-unit] [or organization] [loc location] [st state] [cu country] Parameters number — Specifies the certificate number. (Range: 1 - 2) • • common- name — Specifies the fully qualified URL or IP address of the device. • • • • • (Range: 1- 64) organization-unit — Specifies the organization-unit or department name. (Range: 1- 64) organization — Specifies the organization name.
PAGE 368
Allied Telesis AT-8000GS Command Line Interface User’s Guide Example The following example generates and displays a certificate request for HTTPS.
PAGE 369
Web Server Commands Example The following example imports a certificate signed by Certification Authority for HTTPS.
PAGE 370
Allied Telesis AT-8000GS Command Line Interface User’s Guide show crypto certificate mycertificate The show crypto certificate mycertificate Privileged EXEC mode command displays the SSH certificates of the device. Syntax show crypto certificate mycertificate [number] Parameters number — Specifies the certificate number. (Range: 1- 2) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
PAGE 371
Web Server Commands Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the HTTP server configuration. console# show ip http HTTP server enabled. Port: 80 show ip https The show ip https Privileged EXEC mode command displays the HTTPS server configuration.
PAGE 372
Allied Telesis AT-8000GS Command Line Interface User’s Guide Certificate 1 is active Issued by: www.verisign.com Valid from: 8/9/2008 to 8/9/2009 Subject: CN= router.gm.com, 0= General Motors, C= US Finger print: DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by: self-signed Valid from: 8/9/2008 to 8/9/2009 Subject: CN= router.gm.
PAGE 373
802.1x Commands Chapter 36. 802.1x Commands aaa authentication dot1x The aaa authentication dot1x Global Configuration mode command specifies one or more authentication, authorization, and accounting (AAA) methods for use on interfaces running IEEE 802.1X. Use the no form of this command to return to the default configuration. Syntax aaa authentication dot1x default method1 [method2...] no aaa authentication dot1x default Parameters method1 [method2...
PAGE 374
Allied Telesis AT-8000GS Command Line Interface User’s Guide no dot1x system-auth-control Parameters This command has no arguments or keywords. Default Configuration 802.1x is disabled globally. Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables 802.1x globally.
PAGE 375
802.1x Commands User Guidelines It is recommended to disable spanning tree or to enable spanning-tree PortFast mode on 802.1x edge ports (ports in auto state that are connected to end stations), in order to get immediately to the forwarding state after successful authentication. Example The following example enables 802.1X authentication on Ethernet port 1/g16.
PAGE 376
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters seconds — Number of seconds between re-authentication attempts. (Range: 300 - 4294967295) • Default Configuration Re-authentication period is 3600 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example sets the number of seconds between re-authentication attempts, to 300.
PAGE 377
802.1x Commands dot1x timeout quiet-period The dot1x timeout quiet-period Interface Configuration mode command sets the number of seconds that the device remains in the quiet state following a failed authentication exchange (for example, the client provided an invalid password). Use the no form of this command to return to the default configuration.
PAGE 378
Allied Telesis AT-8000GS Command Line Interface User’s Guide Default Configuration Timeout period is 30 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines The default value of this command should be changed only to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients.
PAGE 379
802.1x Commands Example The following example sets the number of times that the device sends an EAP-request/identity frame to 6 . console(config)# interface ethernet 1/g16 console(config-if)# dot1x max-req 6 dot1x timeout supp-timeout The dot1x timeout supp-timeout Interface Configuration mode command sets the time for the retransmission of an Extensible Authentication Protocol (EAP)-request frame to the client. Use the no form of this command to return to the default configuration.
PAGE 380
Allied Telesis AT-8000GS Command Line Interface User’s Guide Parameters seconds — Time in seconds that the device waits for a response from the authentication server. • (Range: 1 - 65535 seconds) Default Configuration The timeout period is 30 seconds.
PAGE 381
802.1x Commands 802.1x is enabled Port Admin Mode Oper Mode Reauth Control Reauth Period Username ---- ---------- --------- ------- ------ -------- 1/g1 Auto Authorized Ena 3600 Bob 1/g2 Auto Authorized Ena 3600 John 1/g3 Auto Unauthorized Ena 3600 Clark 1/g4 Force-auth Authorized Dis 3600 n/a 1/g5 Force-auth Unauthorized* Dis 3600 n/a * Port is down or not present. Console# show dot1x ethernet 1/g3 802.1x is enabled.
PAGE 382
Allied Telesis AT-8000GS Command Line Interface User’s Guide Authentication success: 9 Authentication fails: 1 The following table describes significant fields shown above: Field Description Port The port number. Admin mode The port admin mode. Possible values: Force-auth, Force-unauth, Auto. Oper mode The port oper mode. Possible values: Authorized, Unauthorized or Down. Reauth Control Reauthentication control. Reauth Period Reauthentication period.
PAGE 383
802.1x Commands Syntax show dot1x users [username username] Parameters username — Supplicant username (Range: 1 - 160 characters) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays 802.1X users.
PAGE 384
Allied Telesis AT-8000GS Command Line Interface User’s Guide show dot1x statistics The show dot1x statistics Privileged EXEC mode command displays 802.1X statistics for the specified interface. Syntax show dot1x statistics ethernet interface Parameters interface — Valid Ethernet port. (Full syntax: unit/port) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
PAGE 385
802.1x Commands The following table describes the significant fields shown in the display: Field Description EapolFramesRx The number of valid EAPOL frames of any type that have been received by this Authenticator. EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator. EapolStartFramesRx The number of EAPOL Start frames that have been received by this Authenticator.
PAGE 386
Allied Telesis AT-8000GS Command Line Interface User’s Guide Command Mode Interface Configuration (VLAN) mode User Guidelines An access port cannot be a member in an unauthenticated VLAN. The native VLAN of a trunk port cannot be an unauthenticated VLAN. For a general port, the PVID can be an unauthenticated VLAN (although only tagged packets would be accepted in the unauthorized state.) Example The following example enables access to the VLAN to unauthorized devices.
PAGE 387
802.1x Commands Example The following example defines VLAN 2 as a guest VLAN. console# console# configure console(config)# vlan database console(config-vlan)# vlan 2 console(config-vlan)# exit console(config)# interface vlan 2 console(config-if)# dot1x guest-vlan dot1x mac-authentication The mac-authentication Interface Configuration mode command enables authentication based on the station's MAC address. Use the no form of this command to disable MAC authentication.
PAGE 388
Allied Telesis AT-8000GS Command Line Interface User’s Guide show dot1x advanced The show dot1x advanced privileged EXEC mode command displays 802.1X advanced features for the switch or for the specified interface. Syntax show dot1x advanced interface Parameters interface — Ethernet interface. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command. Example The following example displays 802.
PAGE 389
802.1x Commands 1/2 Enabled Disabled Disabled Single host parameters Violation action: Discard Trap: Enabled Trap frequency: 100 Status: Single-host locked Violations since last trap: 9 dot1x guest-vlan enable The dot1x guest-vlan enable Interface Configuration mode command enables unauthorized users on the interface access to the Guest VLAN. Use the no form of this command to disable access.
PAGE 390
Allied Telesis AT-8000GS Command Line Interface User’s Guide Syntax dot1x guest-vlan timeout sec no dot1x guest-vlan timeout Parameters sec — Specify the timeout in seconds. (Range: 30 – 180) • Default Configuration The guest VLAN is applied immediately. Command Mode Global Configuration mode. User Guidelines This command is relevant if the guest VLAN is enabled on the port. Configuring the timeout adds delay from enabling 802.
PAGE 391
802.1x Commands Command Mode Interface Configuration (Ethernet) mode User Guidelines The command is relevant when multiple hosts is disabled and the user has been successfully authenticated. Example The following example forwards frames with source addresses that are not the supplicant address and sends consecutive traps at intervals of 100 seconds.
PAGE 392
Allied Telesis AT-8000GS Command Line Interface User’s Guide Examples The following example enables user-based VLAN assignment.
PAGE 393
Index Index A aaa accounting dot1x 47 aaa accounting login 46 aaa authentication dot1x 373 aaa authentication dot1x default 373 aaa authentication enable 40 aaa authentication login 39 aaa logging 302 abort (mst) 275 autobaud 160 B back-pressure 108 boot system 90, 95 bridge address 52 bridge aging-time 57 bridge multicast address 53 bridge multicast filtering 52 bridge multicast forbidden address 54 bridge multicast forbidden forward-all 56 bridge multicast forward-all 55 bridge multicast unregistered 55
PAGE 394
Allied Telesis AT-8000GS Command Line Interface User’s Guide exit (Configuration) 339 exit (mst) 275 F file-system logging 302 flowcontrol 106 G garp timer 122 Global Configuration Mode 18 gvrp enable (Global) 121 gvrp enable (Interface) 121 gvrp registration-forbid 123 gvrp vlan-creation-forbid 123 H help 340 history 161 history size 162 hostname 323 how bootvar 92 I instance (mst) 272 Intended Audience 15 Interface Configuration Mode 19 interface ethernet 102 interface port-channel 201 interface range et
PAGE 395
Index logging on 297 login 338 login authentication 41 login banner 190 M management access-class 195 management access-list 192 management logging 303 map mac macs-group 354 mdix 107 N name 346 name (mst) 273 negotiation 106 P password 45 Permit 30 permit (Management) 193 ping 318 port monitor 204 port security 58 port security max 59 port security mode 59 port security routed secure-address 60 port storm-control broadcast enable 118 port storm-control broadcast rate 119 port storm-control include-multica
PAGE 396
Allied Telesis AT-8000GS Command Line Interface User’s Guide show interfaces advertise 111 show interfaces counters 116 show interfaces description 114 show interfaces port-channel 202 show interfaces status 113 show interfaces switchport 358 show ip dhcp snooping 99 show ip http 370 show ip https 371 show ip igmp snooping groups 137 show ip igmp snooping interface 135 show ip igmp snooping mrouter 134 show ip interface 140, 152 show ip ssh 293 show ipv6 interface 152 show ipv6 neighbors 156 show ipv6 rout
PAGE 397
Index sntp client enable (Interface) 79 sntp client poll timer 77 sntp server 81 sntp trusted-key 76 sntp unicast client enable 79 sntp unicast client poll 80 spanning-tree 259 spanning-tree bpdu 266 spanning-tree cost 263, 264 spanning-tree disable 262 spanning-tree forward-time 260 spanning-tree hello-time 261 spanning-tree link-type 265 spanning-tree max-age 261 spanning-tree mode 259 spanning-tree mst configuration 271 spanning-tree mst cost 271 spanning-tree mst max-hops 269 spanning-tree mst port-pri