Management Software AT-S95 CLI User’s Guide AT-8000GS Series Stackable Gigabit Ethernet Switches Version 1.0.1 613-001020 Rev.
Copyright © 2008 Allied Telesis, Inc. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesis, Inc. Allied Telesis is a trademark of Allied Telesis, Inc. Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation. Netscape Navigator is a registered trademark of Netscape Communications Corporation.
Table of Contents Preface ................................................................................................................................... 1 Intended Audience........................................................................................................................... 2 Document Conventions ................................................................................................................... 3 Contacting Allied Telesis ............................................
Allied Telesis Command Line Interface User’s Guide ip https authentication.......................................................................................................................... 28 show authentication methods .............................................................................................................. 29 password ............................................................................................................................................. 30 username.......
Chapter 6.Configuration and Image File Commands ...................................................... 65 copy......................................................................................................................................................65 dir .........................................................................................................................................................67 delete ..................................................................................
Allied Telesis Command Line Interface User’s Guide show interfaces counters..................................................................................................................... 95 show system flowcontrol...................................................................................................................... 99 port storm-control include-multicast (IC)..............................................................................................
clear host............................................................................................................................................128 clear host dhcp...................................................................................................................................129 show hosts .........................................................................................................................................129 Chapter 13.Line Commands ..............................
Allied Telesis Command Line Interface User’s Guide power inline powered-device ............................................................................................................. 157 power inline priority............................................................................................................................ 158 power inline usage-threshold............................................................................................................. 159 power inline traps enable.
snmp-server enable traps ..................................................................................................................197 snmp-server filter ...............................................................................................................................197 snmp-server host ...............................................................................................................................198 snmp-server v3-host ...................................................
Allied Telesis Command Line Interface User’s Guide ip ssh server ...................................................................................................................................... 236 crypto key generate dsa .................................................................................................................... 237 crypto key generate rsa .....................................................................................................................
show version ......................................................................................................................................273 set system ..........................................................................................................................................275 Chapter 29.User Interface Commands ............................................................................ 276 enable ....................................................................................
Allied Telesis Command Line Interface User’s Guide ip https server .................................................................................................................................... 304 ip https port........................................................................................................................................ 305 ip https exec-timeout .........................................................................................................................
Preface Preface This guide describes how to configure an AT-S95 v1.0.04 v1.1.0 Series switch using the command line interface. The commands are grouped by topic into the following chapters: • • • • • • • • • • • • • Chapter 1. "Using the CLI" — Describe the CLI basic structure and command usage. Chapter 2. "ACL Commands" — Define MAC and IP based ACLs and ACL bindings. Chapter 3. "AAA Commands" — Define the authentication method lists for servers. Chapter 4.
Allied Telesis Command Line Interface User’s Guide • • • • • • • • • • • • • • • • • • administrative LACP timeouts, display LACP information for Ethernet ports, and display LACP information for a port-channel. Chapter 15. "Management ACL Commands" — Define a permit or deny a rule, or configure a management access control list. Chapter 16. "PHY Diagnostics Commands" — Display the optical transceiver diagnostics. Chapter 17.
Preface Document Conventions Document Conventions This document uses the following conventions: Note Provides related information or information of special importance. Caution Indicates potential damage to hardware or software, or loss of data. Warning Indicates a risk of personal injury.
Allied Telesis Command Line Interface User’s Guide Contacting Allied Telesis This section provides Allied Telesis contact information for technical support as well as sales or corporate information. . Online Support You can request technical support online by accessing the Allied Telesis Knowledge Base from the following web site: www.alliedtelesis.com/support. You can use the Knowledge Base to submit questions to our technical support staff and review answers to previously asked questions..
Using the CLI CLI Command Modes Chapter 1. Using the CLI Overview This chapter describes how to start using the CLI and the CLI command editing features. CLI Command Modes Introduction To assist in configuring the device, the Command Line Interface (CLI) is divided into different command modes. Each command mode has its own set of specific commands. Entering a question mark "?" at the system prompt (console prompt) displays a list of commands available for that particular command mode.
Allied Telesis Command Line Interface User’s Guide 2. Enter the password and press . The password is displayed as *. The Privileged EXEC mode prompt is displayed. The Privileged EXEC mode prompt consists of the device host name followed by #. Console# To return from the Privileged EXEC mode to the User EXEC mode, use the disable command.
Using the CLI CLI Command Modes Interface Configuration and Specific Configuration Modes Interface Configuration mode commands modify specific interface operations. The following are the Interface Configuration modes: • • • • • • • • Line Interface — Contains commands to configure the management connections. These include commands such as line timeout settings, etc. The line Global Configuration mode command is used to enter the Line Configuration command mode.
Allied Telesis Command Line Interface User’s Guide Starting the CLI The device can be managed over a direct connection to the device console RS-232 port or via a Telnet connection. The device is managed by entering command keywords and parameters at the prompt. Using the device Command Line Interface (CLI) is very similar to entering commands on a UNIX system.
Using the CLI Editing Features Editing Features Entering Commands A CLI command is a series of keywords and arguments. Keywords identify a command, and arguments specify configuration parameters. For example, in the command show interfaces status ethernet 1/g11, show, interfaces and status are keywords, ethernet is an argument that specifies the interface type, and 1/g11 specifies the port. To enter commands that require parameters, enter the required parameters after the command keyword.
Allied Telesis Command Line Interface User’s Guide Negating the Effect of Commands For many configuration commands, the prefix keyword no can be entered to cancel the effect of a command or reset the configuration to the default value. This guide describes the negation effect for all applicable commands. Command Completion If the command entered is incomplete, invalid or has missing or invalid parameters, then the appropriate error message is displayed. This assists in entering the correct command.
CLI Command Conventions When entering commands there are certain command entry standards that apply to all commands. The following table describes the command conventions. Con ve nti on Desc ri pti on [] In a command line, square brackets indicates an optional entry. {} In a command line, curly brackets indicate a selection of compulsory parameters separated by the | character. One option must be selected.
Allied Telesis Command Line Interface User’s Guide Page 12 Not approved by Document Control. For review only.
ACL Commands Chapter 2. ACL Commands ip access-list The ip access-list Global Configuration mode command defines an IPv4 Access List and places the device in IPv4 Access List Configuration mode. Use the no form of this command to remove the Access List. Syntax ip access-list access-list-name no ip access-list access-list-name Parameters access-list-name — Name of the IPv4 Access List.
Allied Telesis Command Line Interface User’s Guide permit-udp {any | { source source-wildcard}} {any | source-port} {any | {destination destination-wildcard}} {any | destination-port} [dscp number | ip-precedence number] Parameters source — Source IP address of the packet. • • source-wildcard — Wildcard bits to be applied to the source IP address. Use 1s in the bit position to be • • • • • • • • • • • • ignored. destination — Destination IP address of the packet.
ACL Commands • • • IP P r o t oco l A bb r ev ia t ed N am e P r o to co l N u m be r Internet Control Message Protocol icmp 1 Internet Group Management Protocol igmp 2 IP in IP (encapsulation) Protocol ipinip 4 Transmission Control Protocol tcp 6 Exterior Gateway Protocol egp 8 Interior Gateway Protocol igp 9 User Datagram Protocol udp 17 Host Monitoring Protocol hmp 20 Reliable Data Protocol rdp 27 Inter-Domain Policy Routing Protocol idpr 35 Ipv6 protocol ipv6 41 Rou
Allied Telesis Command Line Interface User’s Guide • • • • • mobile-registration-request, mobile-registration-reply, domain-name-request, domain-name-reply, skip and photuris. (Range: 0-255) icmp-code — Specifies an ICMP message code for filtering ICMP packets. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code. (Range: 0-255) igmp-type — IGMP packets can be filtered by IGMP message type.
ACL Commands flags] deny-udp [disable-port] {any|{ source source-wildcard}} {any| source-port} {any|{destination destination-wildcard}} {any|destination-port} [dscp number | ip-precedence number] Parameters • disable-port — The Ethernet interface is disabled if the condition is matched. (Range: 0 - 65535) • source — Source IP address of the packet. • source-wildcard — Wildcard bits to be applied to the source IP address. Use 1s in the bit position to be • • • • • • • • • • • ignored.
Allied Telesis Command Line Interface User’s Guide IP P r o t oco l A bb r ev ia t ed N am e P r o to co l N u m be r Ipv6 protocol ipv6 41 Routing Header for IPv6 ipv6-route 43 Fragment Header for IPv6 ipv6-frag 44 Inter-Domain Routing Protocol idrp 45 Reservation Protocol rsvp 46 General Routing Encapsulation gre 47 Encapsulating Security Payload (50) esp 50 Authentication Header ah 51 ICMP for IPv6 ipv6-icmp 58 EIGRP routing protocol eigrp 88 Open Shortest Path Protocol
ACL Commands Syntax mac access-list access-list-name no mac access-list access-list-name Parameters access-list-name — Name of the MAC-Access List. • Default Configuration No MAC-Access List is defined. Command Mode Global Configuration mode User Guidelines MAC ACLs are defined by a unique name. An IPv4 ACL, IPv6 ACL and MAC ACL cannot share the same name. Example The following example shows how to create a MAC ACL.
Allied Telesis Command Line Interface User’s Guide Command Mode MAC-Access List Configuration mode User Guidelines Enter IP-Access List configuration mode by using the MAC access-list Global Configuration mode command. • • After an access control entry (ACE) is added to an access control list, an implied deny-any-any condition exists at the end of the list. That is, if there are no matches, the packets are denied. However, before the first ACE is added, the list permits all packets.
ACL Commands User Guidelines MAC BPDU packets cannot be denied. • • This command defines an Access Control Element (ACE). An ACE can only be removed by deleting the ACL, • using the no mac access-list Global Configuration mode command. Alternatively, the Web-based interface can be used to delete ACEs from an ACL. The following user guidelines are relevant to GE devices only: Before an Access Control Element (ACE) is added to an ACL, all packets are permitted.
Allied Telesis Command Line Interface User’s Guide show access-lists The show access-lists Privileged EXEC mode command displays Access Control Lists (ACLs) configured on the switch. Syntax show access-lists [name] Parameters • name — Name of the ACL. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays access lists.
ACL Commands User Guidelines There are no user guidelines for this command.
Allied Telesis Command Line Interface User’s Guide Chapter 3. AAA Commands aaa authentication login The aaa authentication login Global Configuration mode command defines login authentication. Use the no form of this command to return to the default configuration. Syntax aaa authentication login {default | list-name} method1 [method2...
AAA Commands User Guidelines The default and optional list names created with the aaa authentication login command are used with the • • • login authentication command. Create a list by entering the aaa authentication login list-name method command for a particular protocol, where list-name is any character string used to name this list. The method argument identifies the list of methods that the authentication algorithm tries, in the given sequence.
Allied Telesis Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines The default and optional list names created with the aaa authentication enable command are used with the • • • enable authentication command. The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.
AAA Commands enable authentication The enable authentication Line Configuration mode command specifies the authentication method list when accessing a higher privilege level from a remote telnet or console. Use the no form of this command to return to the default configuration specified by the aaa authentication enable command. Syntax enable authentication {default | list-name} no enable authentication Parameters • default — Uses the default list created with the aaa authentication enable command.
Allied Telesis Command Line Interface User’s Guide radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication. Default Configuration The local user database is checked. This has the same effect as the command ip http authentication local. Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error, not if it fails.
AAA Commands User Guidelines The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line. Example The following example configures HTTPS authentication.
Allied Telesis Command Line Interface User’s Guide Line Login Method List Enable Method List -------------- ----------------- ------------------ Console Console_Login Console_Enable Telnet Default Default SSH Default Default http: Radius, Local https: Radius, Local dot1x: Radius password The password Line Configuration mode command specifies a password on a line. Use the no form of this command to remove the password.
AAA Commands Syntax username name [password password] [level level] [encrypted] no username name Parameters name — The name of the user (Range: 1- 20 characters). • • password — The authentication password for the user (Range: 1-159 characters). • level — The user level (Range: 1-15). • encrypted — Encrypted password entered, copied from another device configuration. Default Configuration No user is defined.
Allied Telesis Command Line Interface User’s Guide Example The following example displays the local users configured with access to the system. Console# show users accounts Username Privilege Password Aging Password Expiry date Lockout -------- --------- -------- ----------- ------- Bob 1 120 Jan 21 2005 - Admin 15 120 Jan 21 2005 - Manager 15 120 Jan 21 2005 - The following table describes significant fields shown above. F i el d Description Username Name of the user.
AAA Commands User Guidelines There are no user guidelines for this command. Example The following example sets a local level 15 password called ‘secret’ to control access to user and privilege levels. .
Allied Telesis Command Line Interface User’s Guide Chapter 4. Address Table Commands bridge address The bridge address Interface Configuration (VLAN) mode command adds a MAC-layer station source address to the bridge table. Use the no form of this command to delete the MAC address.
Address Table Commands Syntax bridge multicast filtering no bridge multicast filtering Parameters This command has no keywords or arguments. Default Configuration Filtering Multicast addresses is disabled. All Multicast addresses are flooded to all ports. Command Mode Global Configuration mode User Guidelines If routers exist on the VLAN, do not change the unregistered Multicast addresses state to drop on the routers • • ports.
Allied Telesis Command Line Interface User’s Guide Command Mode Interface configuration (VLAN) mode User Guidelines If the command is executed without add or remove, the command only registers the group in the bridge • • database. Static Multicast addresses can only be defined on static VLANs.
Address Table Commands User Guidelines Before defining forbidden ports, the Multicast group should be registered. Example In this example, MAC address 0100.5e02.0203 is forbidden on port 2/g9 within VLAN 8. Console(config)# interface vlan 8 Console(config-if)# bridge multicast address 0100.5e02.0203 Console(config-if)# bridge multicast forbidden address 0100.5e02.
Allied Telesis Command Line Interface User’s Guide bridge multicast forbidden forward-all The bridge multicast forbidden forward-all Interface Configuration mode command forbids a port to be a Forward-all-Multicast port. Use the no form of this command to return to default. Syntax bridge multicast forbidden forward-all {add | remove} {ethernet interface-list | port-channel port-channelnumber-list} no bridge multicast forbidden forward-all Parameters • add — Forbid forwarding all Multicast packets.
Address Table Commands Default Configuration The default setting is 300 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example In this example the bridge aging time is set to 250. Console(config)# bridge aging-time 250 clear bridge The clear bridge Privileged EXEC mode command removes any learned entries from the forwarding database. Syntax clear bridge Default Configuration This command has no default configuration.
Allied Telesis Command Line Interface User’s Guide Parameters forward — Forwards frames with unlearned source addresses, but does not learn the address. • • discard — Discards frames with unlearned source addresses. This is the default if no option is indicated. • discard-shutdown — Discards frames with unlearned source addresses. The port is also shut down. • trap seconds — Send SNMP traps, and specifies the minimum time between consecutive traps. Default Configuration This setting is disabled.
Address Table Commands Example In this example, port security mode is set to dynamic for Ethernet interface 1/g7. Console(config)# interface ethernet 1/g7 port security max The port security max Interface Configuration (Ethernet, port-channel) mode command configures the maximum number of addresses that can be learned on the port while the port is in port security mode. Use the no form of this command to return to the default configuration.
Allied Telesis Command Line Interface User’s Guide Default Configuration No addresses are defined. Command Mode Interface Configuration (Ethernet, port-channel) mode. Cannot be configured for a range of interfaces (range context). User Guidelines • The command enables adding secure MAC addresses to a routed port in port security mode. • The command is available when the port is a routed port and in port security mode. • The address is deleted if the port exits the security mode or is not a routed port.
Address Table Commands Example In this example, all classes of entries in the bridge-forwarding database are displayed.
Allied Telesis Command Line Interface User’s Guide ---- ----------------- ---- ----------------- 1 00:60:70:4C:73:FF 1/g8 Permanent 1 00:60.70.8C.73:FF 1/g8 delete-on-timeout 200 00:10:0D:48:37:FF 1/g9 delete-on-reset show bridge address-table count The show bridge address-table count Privileged EXEC mode command displays the number of addresses present in the Forwarding Database.
Address Table Commands show bridge multicast address-table The show bridge multicast address-table Privileged EXEC mode command displays the bridge Multicast Address Table information. Syntax show bridge multicast address-table [vlan vlan-id] [address mac-multicast-address | ip-multicast-address] [format ip | format mac] [source ip-address] Parameters vlan-id — A valid VLAN ID value. • • mac-multicast-address — A valid MAC Multicast address. • ip-multicast-address — A valid IP Multicast address.
Allied Telesis Command Line Interface User’s Guide Examples In these examples, Multicast MAC address and IP Address Table information is displayed. Console# show bridge multicast address-table Multicast address table for VLANs in MAC-GROUP bridging mode: Vlan MAC Address Type Ports ---- -------------- ------- ---------- 1 0100.5e23.
Address Table Commands Note A Multicast MAC address maps to multiple IP addresses as shown above. show bridge multicast address-table static The show bridge multicast address-table static Privileged EXEC mode command displays statically configured Multicast addresses. Syntax show bridge multicast address-table static [vlan vlan-id] [address mac-multicast-address | Parameters vlan-id — A valid VLAN ID value. • • mac-multicast-address — A valid MAC Multicast address.
Allied Telesis Command Line Interface User’s Guide Syntax show bridge multicast filtering vlan-id Parameters vlan-id — VLAN ID value. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example In this example, the Multicast configuration for VLAN 1 is displayed.
Address Table Commands Console# show bridge multicast filtering 1 Filtering: Enabled VLAN: 1 Port Forward-Unregistered Forward-All Static Status Static Status ---- --------- --------- --------- ---------- 1/g1 Forbidden Filter Forbidden Filter 1/g2 Forward Forward(s) Forward Forward(s) 1/g3 - Forward(d) - Forward(d) show ports security The show ports security Privileged EXEC mode command displays the port-lock status.
Allied Telesis Command Line Interface User’s Guide 1/g2 Unlocked Dynamic - 28 - - 1/g3 Locked Disabled Discard, Shutdown 8 Disable - The following table describes the fields shown above.
Address Table Commands ---- -------- -------- ------- ------- 1/g1 Disabled Lock - 1 1/g2 Disabled Lock - 1 1/g3 Enabled Max-addresses 0 1 1/g4 Port is a member in port-channel ch1 1/g5 Disabled Lock - 1 1/g6 Enabled Max-addresses 0 10 ch1 Enabled Max-addresses 0 50 ch2 Enabled Max-addresses 0 128 In this example, dynamic addresses in currently locked port 1/g1 are displayed.
Allied Telesis Command Line Interface User’s Guide Chapter 5. Clock Commands clock set The clock set Privileged EXEC mode command manually sets the system clock. To avoid an SNTP conflict, this command should only be used if there is no clock source set. Syntax clock set hh:mm:ss day month year or clock set hh:mm:ss month day year Parameters hh:mm:ss — Current time in hours (military format), minutes, and seconds (hh: 0 - 23, mm: 0 - 59, ss: 0 - 59). • • day — Current day (by date) in the month (1 - 31).
Clock Commands Default Configuration No external clock source Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures an external time source for the system clock. Console(config)# clock source sntp clock timezone The clock timezone Global Configuration mode command sets the time zone for display purposes. Use the no form of this command to set the time to the Coordinated Universal Time (UTC).
Allied Telesis Command Line Interface User’s Guide clock summer-time The clock summer-time Global Configuration mode command configures the system to automatically switch to summer time (daylight saving time). Use the no form of this command to configure the software not to automatically switch to summer time.
Clock Commands User Guidelines In both the date and recurring forms of the command, the first part of the command specifies when summer time begins, and the second part specifies when it ends. All times are relative to the local time zone. The start time is relative to standard time. The end time is relative to summer time. If the starting month is chronologically after the ending month, the system assumes that the device is in the southern hemisphere.
Allied Telesis Command Line Interface User’s Guide Example The following example defines the authentication key for SNTP. Console(config)# sntp authentication-key 8 md5 ClkKey sntp authenticate The sntp authenticate Global Configuration mode command grants authentication for received Simple Network Time Protocol (SNTP) traffic from servers. Use the no form of this command to disable the feature.
Clock Commands Command Mode Global Configuration mode User Guidelines The command is relevant for both received Unicast and Broadcast. If there is at least 1 trusted key, then unauthenticated messages will be ignored. Example The following example authenticates key 8.
Allied Telesis Command Line Interface User’s Guide Syntax sntp broadcast client enable no sntp broadcast client enable Default Configuration The SNTP Broadcast client is disabled. Command Mode Global Configuration mode User Guidelines Use the sntp client enable (Interface) Interface Configuration mode command to enable the SNTP client on a specific interface. Example The following example enables the SNTP Broadcast clients.
Clock Commands sntp client enable (Interface) The sntp client enable Interface Configuration (Ethernet, port-channel, VLAN) mode command enables the Simple Network Time Protocol (SNTP) client on an interface. This applies to both receive Broadcast and Anycast updates. Use the no form of this command to disable the SNTP client. Syntax sntp client enable no sntp client enable Default Configuration The SNTP client is disabled on an interface.
Allied Telesis Command Line Interface User’s Guide Example The following example enables the device to use the Simple Network Time Protocol (SNTP) to request and accept SNTP traffic from servers. Console(config)# sntp unicast client enable sntp unicast client poll The sntp unicast client poll Global Configuration mode command enables polling for the Simple Network Time Protocol (SNTP) predefined Unicast servers. Use the no form of this command to disable the polling for SNTP client.
Clock Commands Default Configuration No servers are defined. Command Mode Global Configuration mode User Guidelines Up to 8 SNTP servers can be defined. To enable predefined Unicast clients globally use the sntp unicast client enable Global Configuration mode command. To enabling global polling use the sntp unicast client poll Global Configuration mode command. The sntp client poll timer Global Configuration mode command determines polling time.
Allied Telesis Command Line Interface User’s Guide Example The following example displays the time and date from the system clock. Console> show clock 15:29:03 PDT(UTC-7) Jun 17 2002 Time source is SNTP Console> show clock detail 15:29:03 PDT(UTC-7) Jun 17 2002 Time source is SNTP Time zone: Acronym is PST Offset is UTC-8 Summertime: Acronym is PDT Recurring every year. Begins at first Sunday of April at 2:00. Ends at last Sunday of October at 2:00. Offset is 60 minutes.
Clock Commands Authentication is required for synchronization. Trusted Keys: 8, 9 Unicast Clients: Enabled Unicast Clients Polling: Enabled Server Polling Encryption Key ----------- ------- -------------- 176.1.1.8 Enabled 9 176.1.8.179 Disabled Disabled Broadcast Clients: Enabled Anycast Clients: Enabled Broadcast and Anycast Interfaces: 1/g1, 1/g3 show sntp status The show sntp status Privileged EXEC mode command shows the status of the Simple Network Time Protocol (SNTP).
Allied Telesis Command Line Interface User’s Guide ----------- ------- ---------------------------- ------ ------ 176.1.1.8 Up 19:58:22.289 PDT Feb 19 2002 7.33 117.79 176.1.8.179 Unknown 12:17.17.987 PDT Feb 19 2002 8.98 189.19 Server Interface Status Last response Offset Delay [mSec] [mSec] --------- ------- ----- ----------------------------- ------ ----- 176.1.11.8 VLAN 118 Up 9:53:21.789 PDT Feb 19 2002 7.19 119.
Configuration and Image File Commands Chapter 6. Configuration and Image File Commands copy The copy Privileged EXEC mode command copies files from a source to a destination. Syntax copy source-url destination-url Parameters source-url — The source file location URL or reserved keyword of the source file to be copied. • (Range: 1-160 characters) destination-url — The destination file URL or reserved keyword of the destination file.
Allied Telesis Command Line Interface User’s Guide User Guidelines Up to five backup configuration files are supported on the device. The location of a file system dictates the format of the source or destination URL. The entire copying process may take several minutes and differs from protocol to protocol and from network to network. *.prv and *.sys files cannot be copied. Understanding Invalid Combinations of Source and Destination Some invalid combinations of source and destination exist.
Configuration and Image File Commands To copy the running configuration file to a backup configuration file, enter the copy running-config file command. To copy the startup configuration file to a backup configuration file, enter the copy startup-config file command. Before copying from the backup configuration file to the running configuration file, make sure that the backup configuration file has not been corrupted. Example The following example copies system image file1 from the TFTP server 172.16.101.
Allied Telesis Command Line Interface User’s Guide syslog1.sys r 262144 -- 01-Jan-2000 01:03:21 syslog2.sys r 262144 -- 01-Jan-2000 01:03:21 directry.prv -- 262144 -- 01-Jan-2000 01:02:15 startup-config rw 524288 4 01-Jan-2000 01:06:34 Total size of flash: 15728640 bytes Free size of flash: 3538944 bytes console# delete The delete Privileged EXEC mode command deletes a file from a flash memory device.
Configuration and Image File Commands boot system The boot system Privileged EXEC mode command specifies the system image that the device loads at startup. Syntax boot system [unit unit] {image-1 | image-2} Parameters unit — Specifies the unit number. • • image-1 — Specifies image 1 as the system startup image. • image-2 — Specifies image 2 as the system startup image. Default Configuration If the unit number is unspecified, the default setting is the master unit number.
Allied Telesis Command Line Interface User’s Guide Example The following example displays the contents of the running configuration file. Console# show running-config software version 1.1 hostname device interface ethernet 1/g1 ip address 176.242.100.100 255.255.255.0 duplex full speed 1000 interface ethernet 1/g2 ip address 176.243.100.100 255.255.255.0 duplex full speed 1000 show startup-config The show startup-config Privileged EXEC mode command displays the contents of the startup configuration file.
Configuration and Image File Commands interface ethernet 1/g1 ip address 176.242.100.100 255.255.255.0 duplex full speed 1000 interface ethernet 1/g2 ip address 176.243.100.100 255.255.255.0 duplex full speed 1000 show bootvar The show bootvar Privileged EXEC mode command displays the active system image file that is loaded by the device at startup. Syntax show bootvar [unit unit] Parameters • unit — Specifies the unit number. Default Configuration This command has no default configuration.
Allied Telesis Command Line Interface User’s Guide Chapter 7. DHCP Option 82 Commands ip dhcp information option The ip dhcp information option Global Configuration mode command enables Dynamic Host Configuration Protocol (DHCP) option-82 data insertion. Use the no form of this command to disable DHCP option-82 data insertion. Syntax ip dhcp information option no ip dhcp information option Parameters This command has no arguments or keywords.
DHCP Option 82 Commands Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command. Example The following example displays the DHCP option 82 configuration. Console(config)# show ip dhcp information option ip dhcp relay enable The ip dhcp relay enable Global Configuration mode command enables DHCP relay features on your router. Use the no form of this command to disable the relay agent features.
Allied Telesis Command Line Interface User’s Guide Chapter 8. DHCP Snooping Commands ip dhcp snooping The ip dhcp snooping Global Configuration mode command globally enables DHCP snooping. Use the no form of this command to return to the default setting.
DHCP Snooping Commands Command Mode Global Configuration mode User Guidelines DHCP snooping must be first globally enabled before enabling DHCP snooping on a VLAN. Example The following example configures DHCP snooping on a VLAN. Console(config)# ip dhcp snooping vlan 1 ip dhcp snooping trust The ip dhcp snooping trust Interface Configuration mode command configures a port as trusted for DHCP snooping purposes. Use the no form of this command to return to the default setting.
Allied Telesis Command Line Interface User’s Guide ip dhcp snooping information option allowed-untrusted The ip dhcp snooping information option allowed-untrusted Global Configuration mode command configures a switch to accept DHCP packets with option-82 information from an untrusted port. Use the no form of this command to configure the switch to drop these packets from an untrusted port.
DHCP Snooping Commands User Guidelines There are no user guidelines for this command. Example The following example configures the switch to verify on an untrusted port that the source MAC address in a DHCP packet matches the client hardware address Console(config) #ip dhcp snooping verify ip dhcp snooping database The ip dhcp snooping database Global Configuration mode command configures the DHCP snooping binding file. Use the no form of this command to delete the binding file.
Allied Telesis Command Line Interface User’s Guide no ip dhcp snooping database update-freq Parameters • seconds — Specify, in seconds, the update frequency (Range: 600 - 86400 ). Default Configuration 1200 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures the update frequency of the DHCP snooping binding file.
DHCP Snooping Commands User Guidelines After entering this command an entry is added to the DHCP snooping database. If DHCP snooping binding file exists, the entry is added to that file also. The entry is displayed in the show commands as a ‘DHCP Snooping entry’. Example The following example configures the DHCP snooping binding database and adds binding entries to the database. Console# ip dhcp snooping binding 0060.704c.73ff 3 10.1.8.
Allied Telesis Command Line Interface User’s Guide Command Mode EXEC mode. User Guidelines There are no user guidelines for this command. Example The following example displays the DHCP snooping configuration. Console# show ip dhcp snooping DHCP snooping is enabled DHCP snooping is configured on following VLANs: 2, 7-18 DHCP snooping database: enabled Option 82 on untrusted port is allowed Relay agent information option 82 is enabled.
DHCP Snooping Commands User Guidelines There are no user guidelines for this command. Example Console# show ip dhcp snooping binding Total number of binding: 2 MAC Adreess IP Address Lease (sec) ------------------ --------------- -----------00:60:70:4c:73:ff 10.1.8.1 4294967295 00:60:70:4c:7f:c1 10.1.8.
Allied Telesis Command Line Interface User’s Guide Chapter 9. Ethernet Configuration Commands interface ethernet The interface ethernet Global Configuration mode command enters the interface configuration mode to configure an Ethernet type interface. Syntax interface ethernet interface Parameters • interface — Valid Ethernet port. (Full syntax: unit/port) Default Configuration This command has no default configuration.
Ethernet Configuration Commands Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each active interface in the range. If the command returns an error on one of the active interfaces, it does not stop executing commands on other active interfaces. Example The following example shows how ports 5/g18 to 5/g20 and 3/g1 to 3/24 are grouped to receive the same command.
Allied Telesis Command Line Interface User’s Guide description The description Interface Configuration (Ethernet, port-channel) mode command adds a description to an interface. Use the no form of this command to remove the description. Syntax description string no description Parameters string — Comment or a description of the port to enable the user to remember what is attached to the port. • (Range: 1-64 characters) Default Configuration The interface does not have a description.
Ethernet Configuration Commands Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines The no speed command in a port-channel context returns each port in the port-channel to its maximum capability. Example The following example configures the speed operation of Ethernet port 1/g5 to 100 Mbps operation.
Allied Telesis Command Line Interface User’s Guide Example The following example configures the duplex operation of Ethernet port 1/g5 to full duplex operation. Console(config)# interface ethernet 1/g5 Console(config-if)# duplex full negotiation The negotiation Interface Configuration (Ethernet, port-channel) mode command enables auto-negotiation operation for the speed and duplex parameters of a given interface. Use the no form of this command to disable auto-negotiation.
Ethernet Configuration Commands Parameters on — Force flow control as enabled. • • off — Force flow control as disabled. • auto — Enable AUTO flow control configuration. Default Configuration Flow control is off. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines Negotiation should be enabled for flow control auto. Example In the following example, flow control is enabled on port 1/g5.
Allied Telesis Command Line Interface User’s Guide Example In the following example, automatic crossover is enabled on port 1/g5. Console(config)# interface ethernet 1/g5 Console(config-if)# mdix auto back-pressure The back-pressure Interface Configuration (Ethernet, port-channel) mode command enables back pressure on a given interface. Use the no form of this command to disable back pressure. Syntax back-pressure no back-pressure Default Configuration Back pressure is enabled.
Ethernet Configuration Commands User Guidelines The command is effective only after reset. Example The following example enables jumbo frames for the device. Console(config)# port jumbo-frame system flowcontrol Use system flowcontrol Global Configuration mode to enable flow control on cascade ports. Use the no form of this command to disable it. Syntax system flowcontrol no system flowcontrol Default Configuration This command has no default configuration.
Allied Telesis Command Line Interface User’s Guide Example In the following example, the counters for interface 1/g1 are cleared. Console> clear counters ethernet 1/g1 set interface active The set interface active Privileged EXEC mode command reactivates an interface that was shutdown. Syntax set interface active {ethernet interface | port-channel port-channel-number} Parameters interface — Valid Ethernet port. (Full syntax: unit/port) • • port-channel-number — Valid port-channel number.
Ethernet Configuration Commands Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following examples display autonegotiation information.
Allied Telesis Command Line Interface User’s Guide Parameters interface — Valid Ethernet port. (Full syntax: unit/port) • • port-channel-number — Valid port-channel number. Default Configuration This command has no default configuration. Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Ethernet Configuration Commands show interfaces status The show interfaces status Privileged EXEC mode command displays the status of all configured interfaces. Syntax show interfaces status [ethernet interface| port-channel port-channel-number] Parameters interface — A valid Ethernet port. (Full syntax: unit/port) • • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration.
Allied Telesis Command Line Interface User’s Guide 1/g15 1G-Copper -- -- -- -- Down -- -- 1/g16 1G-Copper -- -- -- -- Down -- -- 1/g17 1G-Copper -- -- -- -- Down -- -- 1/g18 1G-Copper -- -- -- -- Down -- -- 1/g19 1G-Copper -- -- -- -- Down -- -- show interfaces description The show interfaces description Privileged EXEC mode command displays the description for all configured interfaces.
Ethernet Configuration Commands show ports jumbo-frame The show port jumbo-frame Privileged EXEC mode command displays the configuration of jumbo frames. Syntax show port jumbo-frame Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example enables the display of the configuration of jumbo frames.
Allied Telesis Command Line Interface User’s Guide Example The following example displays traffic seen by the physical interface: Console# show interfaces counters Port InOctets InUcastPkts InMcastPkts InBcastPkts ---- -------- ----------- ----------- ----------- 1/g1 183892 0 0 0 2/g1 0 0 0 0 3/g1 123899 0 0 0 Port OutOctets OutUcastPkts OutMcastPkts OutBcastPkts ----- ---------- ------------ ------------ ------------ 1/g1 9188 0 0 0 2/g1 0 0 0 0 3/g1 8789 0
Ethernet Configuration Commands ch1 0 0 0 0 ch2 0 0 0 0 ch3 0 0 0 0 ch4 0 0 0 0 ch5 0 0 0 0 ch6 0 0 0 0 ch7 0 0 0 0 ch8 0 0 0 0 OutUcastPkts OutMcastPkts OutBcastPkts OutOctets -------- ------------ ------------ ------------------ --------------- ch1 0 0 0 0 ch2 0 0 0 0 ch3 0 0 0 0 ch4 0 0 0 0 ch5 0 0 0 0 ch6 0 0 0 0 ch7 0 0 0 0 ch8 0 0 0 0 console# Console# show interfaces counters ethernet 1/g1 Port InUcastPkts InM
Allied Telesis Command Line Interface User’s Guide Transmitted Pause Frames: 0 Console# Console# show interfaces counters ethernet 1/g1 Port InOctets InUcastPkts InMcastPkts InBcastPkts ------ ----------- -------------- ----------- ----------- 1/g1 183892 0 0 0 Port OutOctets OutUcastPkts OutMcastPkts OutBcastPkts ------ ----------- -------------- ------------ ------------ 1/g1 9188 0 0 0 FCS Errors: 8 Single Collision Frames: 0 Late Collisions: 0 Oversize Packets: 0 Internal
Ethernet Configuration Commands Oversize Packets Counted frames received that exceed the maximum permitted frame size. Internal MAC Rx Errors Counted frames for which reception fails due to an internal MAC sublayer receive error. Received Pause Frames Counted MAC Control frames received with an opcode indicating the PAUSE operation. Transmitted Pause Frames Counted MAC Control frames transmitted on this interface with an opcode indicating the PAUSE operation.
Allied Telesis Command Line Interface User’s Guide Command Modes Interface Configuration (Ethernet) mode User Guidelines This command is relevant to FE devices only. To control Multicasts storms, use the port storm-control broadcast enable and port storm-control broadcast rate commands. Example The following example enables counting Broadcast and Multicast packets on Ethernet port 2/g3.
Ethernet Configuration Commands The following example enables Broadcast storm control on port 1/g5 for aGE devices. Console(config)# interface ethernet 1/g5 Console(config)# port storm-control broadcast enable The following example enables Broadcast storm control on port 1/g5.
Allied Telesis Command Line Interface User’s Guide Example The following example configures the maximum storm control Broadcast rate at 900 Kbits/Sec on Ethernet port 1/ g5 of a FE port. Console(config)# interface ethernet 1/g5 Console(config-if)# port storm-control broadcast rate 900 show ports storm-control The show ports storm-control User/Privileged EXEC mode command displays the storm control configuration. show ports storm-control [interface] Parameters • interface — A valid Ethernet port.
GVRP Commands Chapter 10.GVRP Commands gvrp enable (Global) GARP VLAN Registration Protocol (GVRP) is an industry-standard protocol designed to propagate VLAN information from device to device. With GVRP, a single device is manually configured with all desired VLANs for the network, and all other devices on the network learn these VLANs dynamically. The gvrp enable Global Configuration mode command enables GVRP globally. Use the no form of this command to disable GVRP on the device.
Allied Telesis Command Line Interface User’s Guide User Guidelines An access port does not dynamically join a VLAN because it is always a member in only one VLAN. Membership in an untagged VLAN is propagated in the same way as in a tagged VLAN. That is, the PVID is manually defined as the untagged VLAN VID. Example The following example enables GVRP on Ethernet port 1/g6.
GVRP Commands Example The following example sets the leave timer for Ethernet port 1/g6 to 900 milliseconds. Console(config)# interface ethernet 1/g6 Console(config-if)# garp timer leave 900 gvrp vlan-creation-forbid The gvrp vlan-creation-forbid Interface Configuration (Ethernet, port-channel) mode command disables dynamic VLAN creation or modification. Use the no form of this command to enable dynamic VLAN creation or modification.
Allied Telesis Command Line Interface User’s Guide Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example forbids dynamic registration of VLANs on Ethernet port 1/g6. Console(config)# interface ethernet 1/g6 Console(config-if)# gvrp registration-forbid clear gvrp statistics The clear gvrp statistics Privileged EXEC mode command clears all GVRP statistical information.
GVRP Commands Parameters interface — A valid Ethernet port. (Full syntax: unit/port) • • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays GVRP configuration information: Console> show gvrp configuration GVRP Feature is currently enabled on the device.
Allied Telesis Command Line Interface User’s Guide Parameters interface — A valid Ethernet port. (Full syntax: unit/port) • • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
GVRP Commands Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays GVRP statistical information.
Allied Telesis Command Line Interface User’s Guide Chapter 11.IGMP Snooping Commands Note In order to enable IGMP snooping, the user must enable bridge Multicast filtering ip igmp snooping (Global) The ip igmp snooping Global Configuration mode command enables Internet Group Management Protocol (IGMP) snooping. Use the no form of this command to disable IGMP snooping. Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled.
IGMP Snooping Commands Command Mode Interface Configuration (VLAN) mode User Guidelines IGMP snooping can only be enabled on static VLANs. Example The following example enables IGMP snooping on VLAN 2. Console(config)# interface vlan 2 Console(config-if)# ip igmp snooping ip igmp snooping mrouter learn-pim-dvmrp The ip igmp snooping mrouter learn-pim-dvmrp Interface Configuration (VLAN) mode command enables automatic learning of Multicast device ports in the context of a specific VLAN.
Allied Telesis Command Line Interface User’s Guide ip igmp snooping host-time-out The ip igmp snooping host-time-out Interface Configuration (VLAN) mode command configures the host-timeout. If an IGMP report for a Multicast group was not received for a host-time-out period from a specific port, this port is deleted from the member list of that Multicast group. Use the no form of this command to return to the default configuration.
IGMP Snooping Commands Command Mode Interface Configuration (VLAN) mode User Guidelines IGMP snooping querier can be enabled on a VLAN only if IGMP snooping is enabled for that VLAN. No more then one switch can be configured as an IGMP Querier for a VLAN. When IGMP Snooping Querier is enabled, it starts after host-time-out/2 with no IGMP traffic detected from a Multicast router. The IGMP Snooping Querier disables itself if it detects IGMP traffic from a Multicast router.
Allied Telesis Command Line Interface User’s Guide Example .The following example configures the source IP address that the IGMP Snooping querier uses. Console(config)# interface vlan 2 Console(config-if)# ip igmp snooping querier address 192.168.1.220 ip igmp snooping querier version The ip igmp snooping querier version Interface Configuration mode command configures the IGMP version of an IGMP querier on a specific VLAN. Use the no form of this command to return to default.
IGMP Snooping Commands no ip igmp snooping mrouter-time-out Parameters • time-out — Multicast device timeout in seconds (Range: 1 - 2147483647) Default Configuration The default value is 300 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example The following example configures the Multicast device timeout to 200 seconds.
Allied Telesis Command Line Interface User’s Guide Use immediate leave only where there is just one host connected to a port. Example The following example configures the host leave-time-out to 60 seconds. Console(config)# interface vlan 2 Console(config-if)# ip igmp snooping leave-time-out 60 show ip igmp snooping mrouter The show ip igmp snooping mrouter User EXEC mode command displays information on dynamically learned Multicast device interfaces.
IGMP Snooping Commands show ip igmp snooping interface The show ip igmp snooping interface EXEC mode command shows IGMP snooping configuration. Syntax show ip igmp snooping interface vlan-id Parameters vlan-id — VLAN number. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
Allied Telesis Command Line Interface User’s Guide show ip igmp snooping groups The show ip igmp snooping groups command displays the Multicast groups that was learned by the IGMP snooping Syntax show ip igmp snooping groups [vlan vlan-id] [ip-multicast-address ip-multicast-address] [ip-address ipaddress] Parameters vlan-id — VLAN ID value • • ip-multicast-address — A valid IP Multicast address • ip-address — Source IP address Default Configuration This command has no default configuration.
IP Addressing Commands Chapter 12.IP Addressing Commands ip address The ip address Interface Configuration (Ethernet, VLAN, port-channel) mode command sets an IP address. Use the no form of this command to remove an IP address. Syntax ip address ip-address {mask | prefix-length} no ip address [ip-address] Parameters ip-address —Valid IP address • • mask — Valid network mask of the IP address. • prefix-length — Specifies the number of bits that comprise the IP address prefix.
Allied Telesis Command Line Interface User’s Guide Parameters host-name — Specifies the name of the host to be placed in the DHCP option 12 field. This name does not • have to be the same as the host name specified in the hostname Global Configuration mode command. (Range: 1-20 characters) Default Configuration This command has no default configuration.
IP Addressing Commands Default Configuration No default gateway is defined. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example defines default gateway 192.168.1.1. Console(config)# ip default-gateway 192.168.1.1 show ip interface The show ip interface Privileged EXEC mode command displays the usability status of configured IP interfaces.
Allied Telesis Command Line Interface User’s Guide IP Address I/F Type ------------- --------- ------- 192.168.1.200/24 VLAN 1 Static console# arp The arp Global Configuration mode command adds a permanent entry in the Address Resolution Protocol (ARP) cache. Use the no form of this command to remove an entry from the ARP cache.
IP Addressing Commands Syntax arp timeout seconds no arp timeout Parameters • seconds — Time (in seconds) that an entry remains in the ARP cache. (Range: 1-40000000) Default Configuration The default timeout is 60000 seconds. Command Mode Global Configuration mode User Guidelines It is recommended not to set the timeout value to less than 3600. Example The following example configures the ARP timeout to 12000 seconds.
Allied Telesis Command Line Interface User’s Guide show arp The show arp Privileged EXEC mode command displays entries in the ARP table. Syntax show arp [ip-address ip-address] [mac-address mac-address] [ethernet interface | port-channel port-channelnumber] Parameters • ip-address — Displays the ARP entry of a specific IP address. • mac-address — Displays the ARP entry of a specific MAC address. • interface — Displays the ARP entry of a specific Ethernet port interface.
IP Addressing Commands Syntax ip domain-lookup no ip domain-lookup Default Configuration The default configuration is set to enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables IP Domain Naming System (DNS)-based host name-to-address translation.
Allied Telesis Command Line Interface User’s Guide ip name-server The ip name-server Global Configuration mode command defines the available name servers. Use the no form of this command to remove a name server. Syntax ip name-server server-address [server-address2 … server-address8] no ip name-server [server-address1 … server-address8] Parameters • server-address — Specifies IP addresses of the name server. Default Configuration No name server addresses are specified.
IP Addressing Commands Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example defines default domain name www.website.com. Console(config)# ip domain-name www.website.com ip name-server The ip name-server Global Configuration mode command defines the available name servers. Use the no form of this command to remove a name server.
Allied Telesis Command Line Interface User’s Guide Syntax ip host name address no ip host name Parameters • name — Specifies the name of the host. (Range: 1-158 characters) • address — Specifies the associated IP address. Default Configuration No host is defined. Command Mode Interface Configuration (VLAN) mode User Guidelines To define an out-of-band address, use the out-of-band IP address format: oob/ip-address.
IP Addressing Commands Example The following example deletes all entries from the host name-to-address cache. Console# clear host * clear host dhcp The clear host dhcp Privileged EXEC mode command deletes entries from the host name-to-address mapping received from Dynamic Host Configuration Protocol (DHCP). Syntax clear host dhcp {name | *} Parameters • name — Specifies the host entry to be removed. (Range: 1-158 characters) • * — Removes all entries.
Allied Telesis Command Line Interface User’s Guide Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays host information. Console# show hosts System name: Device Default domain is gm.com, sales.gm.com, usa.sales.gm.com(DHCP) Name/address lookup is enabled Name servers (Preference order): 176.16.1.18 176.16.1.19 Configured host name-to-address mapping: Host Addresses ---- --------- accounting.gm.com 176.16.8.8 176.16.
Line Commands Chapter 13.Line Commands line The line Global Configuration mode command identifies a specific line for configuration and enters the Line Configuration command mode. Syntax line {console | telnet | ssh} Parameters • console — Console terminal line. • telnet — Virtual terminal for remote console access (Telnet). • ssh — Virtual terminal for secured remote console access (SSH). Default Configuration This command has no default configuration.
Allied Telesis Command Line Interface User’s Guide Default Configuration The default speed is 9600 bps. Command Mode Line Configuration (console) mode User Guidelines This command is available only on the line console. The configured speed is applied when Autobaud is disabled. This configuration applies only to the current session. Example The following example configures the line baud rate to 115200.
Line Commands exec-timeout The exec-timeout Line Configuration mode command sets the interval that the system waits until user input is detected. Use the no form of this command to return to the default configuration. Syntax exec-timeout minutes [seconds] no exec-timeout Parameters minutes — Specifies the number of minutes. (Range: 0 - 65535) • • seconds — Specifies additional time intervals in seconds. (Range: 0 - 59) Default Configuration The default configuration is 10 minutes.
Allied Telesis Command Line Interface User’s Guide Example The following example enables the command history function for telnet. Console(config)# line telnet Console(config-line)# history history size The history size Line Configuration mode command configures the command history buffer size for a particular line. Use the no form of this command to reset the command history buffer size to the default configuration.
Line Commands Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example disables the command history function for the current terminal session. Console# terminal no history terminal history size The terminal history size user EXEC command configures the command history buffer size for the current terminal session. Use the no form of this command to reset the command history buffer size to the default setting.
Allied Telesis Command Line Interface User’s Guide Syntax show line [console | telnet | ssh] Parameters console — Console terminal line. • • telnet — Virtual terminal for remote console access (Telnet). • ssh — Virtual terminal for secured remote console access (SSH). Default Configuration If the line is not specified, the default value is console. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the line configuration.
Line Commands Page 137
Allied Telesis Command Line Interface User’s Guide Section 14. LACP Commands lacp system-priority The lacp system-priority Global Configuration mode command configures the system priority. Use the no form of this command to return to the default configuration. Syntax lacp system-priority value no lacp system-priority Parameters value — Specifies system priority value. (Range: 1 - 65535) • Default Configuration The default system priority is 1.
LACP Commands lacp port-priority The lacp port-priority Interface Configuration (Ethernet) mode command configures physical port priority. Use the no form of this command to return to the default configuration, use the no form of this command. Syntax lacp port-priority value no lacp port-priority Parameters value — Specifies port priority. (Range: 1 - 65535) • Default Configuration The default port priority is 1.
Allied Telesis Command Line Interface User’s Guide lacp timeout The lacp timeout Interface Configuration (Ethernet) mode command assigns an administrative LACP timeout. Use the no form of this command to return to the default configuration. Syntax lacp timeout {long | short} no lacp timeout Parameters long — Specifies the long timeout value. • • short — Specifies the short timeout value. Default Configuration The default port timeout value is long.
LACP Commands show lacp ethernet The show lacp ethernet Privileged EXEC mode command displays LACP information for Ethernet ports. Syntax show lacp ethernet interface [parameters | statistics | protocol-state] Parameters interface — Valid Ethernet port. (Full syntax: unit/port) • • parameters — Link aggregation parameter information. • statistics — Link aggregation statistics information. • protocol-state — Link aggregation protocol-state information.
Allied Telesis Command Line Interface User’s Guide distributing: FALSE expired: FALSE system priority: 0 system mac addr: 00:00:00:00:00:00 port Admin key: 0 port Oper key: 0 Partner port Oper number: 0 port Admin priority: 0 port Oper priority: 0 port Oper timeout: LONG LACP Activity: PASSIVE Aggregation: AGGREGATABLE synchronization: FALSE collecting: FALSE distributing: FALSE expired: FALSE Port 1/g1 LACP Statistics: LACP PDUs sent: 2 LACP PDUs received: 2 Port 1/g1
LACP Commands show lacp port-channel The show lacp port-channel Privileged EXEC mode command displays LACP information for a port-channel. Syntax show lacp port-channel [port_channel_number] Parameters port_channel_number — Valid port-channel number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays LACP information about port-channel 1.
Allied Telesis Command Line Interface User’s Guide Chapter 15.Management ACL Commands management access-list The management access-list Global Configuration mode command configures a management Access List and enters the Management Access-list Configuration command mode. Use the no form of this command to delete an Access List. Syntax management access-list name no management access-list name Parameters • name — Access list name.
Management ACL Commands The following example creates a management Access List called mlist, configures all interfaces to be management interfaces except Ethernet interfaces 1/g1 and 2/g9 and makes the new Access List the active list.
Allied Telesis Command Line Interface User’s Guide deny (Management) The deny Management Access-List Configuration mode command defines a deny rule. Syntax deny [ethernet interface-number | vlan vlan-id | port-channel port-channel-number] [service service] deny ip-source ip-address [mask mask | prefix-length] [ethernet interface-number | vlan vlan-id | port-channel port-channel-number] [service service] Parameters interface-number — A valid Ethernet port number. • • vlan-id — A valid VLAN number.
Management ACL Commands Parameters console-only — Indicates that the device can be managed only from the console. • • name — Specifies the name of the Access List to be used. (Range: 1-32 characters) Default Configuration If no Access List is specified, an empty Access List is used. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures an Access List called mlist as the management Access List.
Allied Telesis Command Line Interface User’s Guide permit ethernet 2/g2 ! (Note: all other access implicitly denied) show management access-class The show management access-class Privileged EXEC mode command displays the active management Access List. Syntax show management access-class Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
PHY Diagnostics Commands Chapter 16.PHY Diagnostics Commands test copper-port tdr The test copper-port tdr Privileged EXEC mode command uses Time Domain Reflectometry (TDR) technology to diagnose the quality and characteristics of a copper cable attached to a port. Syntax test copper-port tdr interface Parameters • interface — A valid Ethernet port. (Full syntax: unit/port) Default Configuration This command has no default configuration.
Allied Telesis Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines The maximum length of the cable for the TDR test is 120 meter. Example The following example displays information on the last TDR test performed on all copper ports.
PHY Diagnostics Commands Example The following example displays the estimated copper cable length attached to all ports.
Allied Telesis Command Line Interface User’s Guide Chapter 17.Port Channel Commands interface port-channel The interface port-channel Global Configuration mode command enters the interface configuration mode to configure a specific port-channel. Syntax interface port-channel port-channel-number Parameters • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration.
Port Channel Commands Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each interface in the range. Example The following example groups port-channels 1, 2 and 6 to receive the same command. Console(config)# interface range port-channel 1-2,6 channel-group The channel-group Interface Configuration (Ethernet) mode command associates a port with a port-channel.
Allied Telesis Command Line Interface User’s Guide Parameters port-channel-number — Valid port-channel number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays information on all port-channels.
Port Monitor Commands Chapter 18.Port Monitor Commands port monitor The port monitor Interface Configuration mode command starts a port monitoring session. Use the no form of this command to stop a port monitoring session. Syntax port monitor src-interface [rx | tx] no port monitor src-interface Parameters src-interface—Valid Ethernet port. (Full syntax: unit/port) • • rx—Monitors received packets only. • tx—Monitors transmitted packets only.
Allied Telesis Command Line Interface User’s Guide show ports monitor The show ports monitor User EXEC mode command displays the port monitoring status. Syntax show ports monitor Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example shows how the port monitoring status is displayed.
Power over Ethernet Commands Chapter 19.Power over Ethernet Commands Note The PoE commands are operational in the AT-S94/24, AT-S94/24POE, AT-S94/48 and AT-S94/48POE devices. power inline The port inline Interface Configuration (Ethernet) mode command configures the administrative mode of inline power on an interface. Syntax power inline {auto | never} Parameters • auto—Enables the device discovery protocol and, if found, supplies power to the device.
Allied Telesis Command Line Interface User’s Guide no power inline powered-device Parameters • pd-type—Specifies the type of powered device attached to the interface. (Range: 1-24 characters) Default Configuration This command has no default configuration. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example configures a description to an IP-phone to a powered device connected to Ethernet interface 1/g1.
Power over Ethernet Commands Example The following example configures the device connected to Ethernet interface 1/g1 as a high-priority powered device. Console(config)# interface ethernet 1/g1 Console(config-if)# power inline priority high power inline usage-threshold The power inline usage-threshold Global Configuration mode command configures the threshold for initiating inline power usage alarms. Use the no form of this command to return to the default configuration.
Allied Telesis Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables inline power traps to be sent when a power usage threshold is exceeded. Console(config)# power inline traps enable show power inline The show power inline User EXEC mode command displays the information about inline power.
Power over Ethernet Commands Port Powered Device State Priority Status Classification [w] ---- ---------------- ----- -------- ------ ----------------- 1/g1 IP Phone Model A Auto High On 0.44 - 12.95 2/g1 Wireless AP Model Auto Low On 0.44 - 3.
Allied Telesis Command Line Interface User’s Guide 4/g6 Auto On low class2 4/g7 Auto On low class4 4/g8 Auto On low class3 4/g9 Auto Searching low class0 4/g10 Auto Searching low class0 .
Power over Ethernet Commands Overload Counter: 0 Short Counter: 0 Denied Counter: 0 Absent Counter: 1 Invalid Signature Counter: 0 The following table describes the significant fields shown in the example: Field Desc ription Power The operational status of the inline power sourcing equipment. Nominal Power The nominal power of the inline power sourcing equipment in Watts. Consumed Power Measured usage power in Watts.
Allied Telesis Command Line Interface User’s Guide Chapter 20.QoS Commands qos The qos Global Configuration mode command enables quality of service (QoS) on the device. Use the no form of this command to disable QoS on the device. Syntax qos no qos Default Configuration QoS is disabled on the device. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables QoS on the device.
QoS Commands Example The following example displays QoS attributes when QoS is disabled on the device. Console show qos Qos: disable Trust: dscp priority-queue out num-of-queues The priority-queue out num-of-queues Global Configuration mode command configures the number of expedite queues. Use the no form of this command to return to the default configuration.
Allied Telesis Command Line Interface User’s Guide Default Configuration 1000 Kbits/Sec Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines The command can be enabled on a specific port only if port storm-control Broadcast enable interface configuration command is not enabled on that port. Example The following example limits the rate of the incoming traffic to 62.
QoS Commands Syntax show qos interface [ethernet interface-number | vlan vlan-id | port-channel number] [queuing] Parameters interface-number — Valid Ethernet port number. • • vlan-id— Valid VLAN ID. • number — Valid port-channel number. • queuing — Indicates the queue strategy (WRR or EF), the weight for WRR queues, the CoS to queue map and the EF priority. Default Configuration There is no default configuration for this command.
Allied Telesis Command Line Interface User’s Guide Syntax wrr-queue cos-map queue-id cos1...cos8 no wrr-queue cos-map [queue-id] Parameters queue-id — Specifies the queue number to which the CoS values are mapped. • • cos1...cos8 — Specifies CoS values to be mapped to a specific queue. (Range: 0-7) Default Configuration. Value (VPT) Queue 0 2 1 1 2 1 3 2 4 3 5 3 6 4 7 4 Command Mode Global Configuration mode User Guidelines Queue 4 is reserved for stacking.
QoS Commands Parameters dscp-list — Specify up to 8 DSCP values, with each value separated by space. • • dp — Enter the Drop Precedence value to which the DSCP values corresponds. Possible values are 0 - 2 (Where 2 is the highest Drop Precedence). Parameters Range dscp-list — 0 - 63 • • dp — 0 - 2 Default Configuration All the DSCPs are mapped to Drop Precedence 0. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
Allied Telesis Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example maps DSCP values 33, 40 and 41 to queue 1. Console(config)# qos map dscp-queue 33 40 41 to 1 qos cos The qos cos Interface Configuration (Ethernet, port-channel) mode command defines the default CoS value of a port. Use the no form of this command to return to the default configuration.
QoS Commands Parameters dscp-queue — Indicates the DSCP to queue map. • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the DSCP port-queue map.
Allied Telesis Command Line Interface User’s Guide Chapter 21.Radius Commands radius-server host The radius-server host Global Configuration mode command specifies a RADIUS server host. Use the no form of this command to delete the specified RADIUS host.
Radius Commands Example The following example specifies a RADIUS server host with IP address 192.168.10.1, authentication request port number 20 and a 20-second timeout period. Console(config)# radius-server host 192.168.10.1 auth-port 20 timeout 20 radius-server key The radius-server key Global Configuration mode command sets the authentication and encryption key for all RADIUS communications between the device and the RADIUS daemon. Use the no form of this command to return to the default configuration.
Allied Telesis Command Line Interface User’s Guide Parameters retries — Specifies the retransmit value. (Range: 1 - 10) • Default Configuration The software searches the list of RADIUS server hosts 3 times. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures the number of times the software searches the list of RADIUS server hosts to 5 times.
Radius Commands radius-server timeout The radius-server timeout Global Configuration mode command sets the interval during which the device waits for a server host to reply. Use the no form of this command to return to the default configuration. Syntax radius-server timeout timeout no radius-server timeout Parameters timeout — Specifies the timeout value in seconds. (Range: 1 - 30) • Default Configuration The timeout value is 3 seconds.
Allied Telesis Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example sets the deadtime to 10 minutes. Console(config)# radius-server deadtime 10 show radius-servers The show radius-servers Privileged EXEC mode command displays the RADIUS server settings. Syntax show radius-servers Default Configuration This command has no default configuration.
Radius Commands Console# show radius-servers IP address Port Auth Port Acc Timeout Retrans --------- ---- ------- ----- 192.168.1.10 1 1812 1813 Global Global Global values ------------TimeOut: 3 Retransmit: 3 Deadtime: 0 Source IP: 0.0.0.
Allied Telesis Command Line Interface User’s Guide Chapter 22.RMON Commands show rmon statistics The show rmon statistics User EXEC mode command displays RMON Ethernet statistics. Syntax show rmon statistics {ethernet interface number | port-channel port-channel-number} Parameters interface number — Valid Ethernet port. • • port-channel-number — Valid port-channel number. Default Configuration This command has no default configuration.
RMON Commands The following table describes significant fields shown above: Field De scrip tio n Octets The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets). Packets The total number of packets (including bad packets, Broadcast packets, and Multicast packets) received. Broadcast The total number of good packets received and directed to the Broadcast address. This does not include Multicast packets.
Allied Telesis Command Line Interface User’s Guide rmon collection history The rmon collection history Interface Configuration (Ethernet, port-channel) mode command enables a Remote Monitoring (RMON) MIB history statistics group on an interface. Use the no form of this command to remove a specified RMON history statistics group.
RMON Commands Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays all RMON history group statistics.
Allied Telesis Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Examples The following examples displays RMON Ethernet history statistics for index 1.
RMON Commands Console> show rmon history 1 other Sample Set: 1 Owner: Me Interface: 1/g1 Interval: 1800 Requested samples: 50 Granted samples: 50 Maximum table size: 500 Time Dropped Collisions -------------------- -------- ---------- Jan 18 2002 21:57:00 3 0 Jan 18 2002 21:57:30 3 0 The following table describes significant fields shown above: Field D escr ip tio n Time Date and Time the entry is recorded.
Allied Telesis Command Line Interface User’s Guide Dropped The total number of events in which packets were dropped by the probe due to lack of resources during this sampling interval. This number is not necessarily the number of packets dropped, it is just the number of times this condition has been detected. Collisions The best estimate of the total number of collisions on this Ethernet segment during this sampling interval.
RMON Commands Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
Allied Telesis Command Line Interface User’s Guide The following table describes significant fields shown above: Field Desc ription Index An index that uniquely identifies the entry. OID Monitored variable OID. Owner The entity that configured this entry. show rmon alarm The show rmon alarm User EXEC mode command displays alarm configuration. Syntax show rmon alarm number Parameters number — Specifies the alarm index.
RMON Commands The following table describes the significant fields shown in the display: Field Desc rip t io n Alarm Alarm index. OID Monitored variable OID. Last Sample Value The statistic value during the last sampling period. For example, if the sample type is delta, this value is the difference between the samples at the beginning and end of the period. If the sample type is absolute, this value is the sampled value at the end of the period.
Allied Telesis Command Line Interface User’s Guide Parameters index — Specifies the event index. (Range: 1 - 65535) • • type — Specifies the type of notification generated by the device about this event. Possible values: none, • • • log, trap, log-trap. community text — If the specified notification type is trap, an SNMP trap is sent to the SNMP community specified by this octet string. (Range: 0-127 characters) description text — Specifies a comment describing this event.
RMON Commands Example The following example displays the RMON event table. Console> show rmon events Index Description Type Community Owner Last time sent ----- -------------- -------- --------- ------- -------------------- 1 Errors Log CLI Jan 18 2002 23:58:17 2 High Broadcast Log-Trap Manager Jan 18 2002 23:59:48 device The following table describes significant fields shown above: Field De scr ip tio n Index An index that uniquely identifies the event.
Allied Telesis Command Line Interface User’s Guide Example The following example displays the RMON log table.
RMON Commands Command Mode Global Configuration mode User Guidelines The configured table size takes effect after the device is rebooted. Example The following example configures the maximum RMON history table sizes to 100 entries.
Allied Telesis Command Line Interface User’s Guide Chapter 23.SNMP Commands snmp-server community The snmp-server community Global Configuration mode command configures the community access string to permit access to the SNMP protocol. Use the no form of this command to remove the specified community string.
SNMP Commands Example The following example defines community access string public to permit administrative access to SNMP protocol at an administrative station with IP address 192.168.1.20. Console(config)# snmp-server community public su 192.168.1.20 snmp-server view The snmp-server view Global Configuration mode command creates or updates a Simple Network Management Protocol (SNMP) server view entry. Use the no form of this command to remove a specified SNMP server view entry.
Allied Telesis Command Line Interface User’s Guide snmp-server group The snmp-server group Global Configuration mode command configures a new Simple Management Protocol (SNMP) group or a table that maps SNMP users to SNMP views. Use the no form of this command to remove a specified SNMP group.
SNMP Commands Syntax snmp-server user username groupname [remote engineid-string] [ auth-md5 password | auth-sha password | auth-md5-key md5-des-keys | auth-sha-key sha-des-keys ] no snmp-server user username [remote engineid-string] Parameters username—Specifies the name of the user on the host that connects to the agent. (Range: 1-30 characters) • • groupname—Specifies the name of the group to which the user belongs.
Allied Telesis Command Line Interface User’s Guide snmp-server engineID local The snmp-server engineID local Global Configuration mode command specifies the Simple Network Management Protocol (SNMP) engineID on the local device. Use the no form of this command to remove the configured engine ID. Syntax snmp-server engineID local {engineid-string | default} no snmp-server engineID local Parameters • engineid-string—Specifies a character string that identifies the engine ID.
SNMP Commands The show running-config Privileged EXEC mode command does not display the SNMP engine ID configuration. To see the SNMP engine ID configuration, enter the snmp-server engineID local Global Configuration mode command. Example The following example enables SNMPv3 on the device and sets the local engine ID of the device to the default value.
Allied Telesis Command Line Interface User’s Guide Parameters filter-name—Specifies the label for the filter record that is being updated or created. The name is used to • • • • reference the record. (Range: 1-30 characters) oid-tree—Specifies the object identifier of the ASN.1 subtree to be included or excluded from the view. To identify the subtree, specify a text string consisting of numbers, such as 1.3.6.2.4, or a word, such as system.
SNMP Commands Parameters ip-address—Specifies the IP address of the host (targeted recipient). • • hostname—Specifies the name of the host. (Range:1-158 characters) • community-string—Specifies a password-like community string sent with the notification operation. • • • • • • • • (Range: 1-20) traps—Indicates that SNMP traps are sent to this host. If unspecified, SNMPv2 traps are sent to the host. informs—Indicates that SNMP informs are sent to this host. Not applicable to SNMPv1.
Allied Telesis Command Line Interface User’s Guide Parameters ip-address—Specifies the IP address of the host (targeted recipient). • • hostname—Specifies the name of the host. (Range:1-158 characters) • username—Specifies the name of the user to use to generate the notification. (Range: 1-24) • traps—Indicates that SNMP traps are sent to this host. • informs—Indicates that SNMP informs are sent to this host. • noauth—Indicates no authentication of a packet.
SNMP Commands Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables SNMP failed authentication traps. Console(config)# snmp-server trap authentication snmp-server contact The snmp-server contact Global Configuration mode command configures the system contact (sysContact) string. Use the no form of this command to remove system contact information.
Allied Telesis Command Line Interface User’s Guide Parameters text — Specifies a string that describes system location information. (Range: 0-160 characters) • Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines Do not include spaces in the text string or place text that includes spaces inside quotation marks. Example The following example defines the device location as New_York.
SNMP Commands show snmp The show snmp Privileged EXEC mode command displays the SNMP status. Syntax show snmp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the SNMP communications status.
Allied Telesis Command Line Interface User’s Guide Version 3 notifications Target Address Type Username Security Level UDP Port Filter Name TO Sec Retries -------------- ----- --------- ------- ---- ------ --- ------- 192.122.173.42 Inform Bob Priv 162 15 3 System Contact: Robert System Location: Marketing The following table describes significant fields shown above. Field Description Community-string Community access string to permit access to the SNMP protocol.
SNMP Commands show snmp views The show snmp views Privileged EXEC mode command displays the configuration of views. Syntax show snmp views [viewname] Parameters viewname — Specifies the name of the view. (Range: 1-30) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the configuration of views.
Allied Telesis Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example displays the configuration of views.
SNMP Commands User Guidelines There are no user guidelines for this command. Example The following example displays the configuration of filters. Console# show snmp filters Name OID Tree Type ----------- ----------------------- --------- user-filter 1.3.6.1.2.1.1 Included user-filter 1.3.6.1.2.1.1.7 Excluded user-filter 1.3.6.1.2.1.2.2.1.*.1 Included show snmp users The show snmp users Privileged EXEC mode command displays the configuration of users.
Allied Telesis Command Line Interface User’s Guide Chapter 24.Spanning-Tree Commands spanning-tree The spanning-tree Global Configuration mode command enables spanning-tree functionality. Use the no form of this command to disable spanning-tree functionality. Syntax spanning-tree no spanning-tree Default Configuration Spanning-tree is enabled. Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command.
Spanning-Tree Commands Command Modes Global Configuration mode User Guidelines In RSTP mode, the device uses STP when the neighbor device uses STP. In MSTP mode, the device uses RSTP when the neighbor device uses RSTP and uses STP when the neighbor device uses STP. Example The following example configures the spanning-tree protocol to RSTP.
Allied Telesis Command Line Interface User’s Guide Syntax spanning-tree hello-time seconds no spanning-tree hello-time Parameters seconds — Time in seconds. (Range: 1 - 10) • Default Configuration The default hello time for IEEE Spanning Tree Protocol (STP) is 2 seconds.
Spanning-Tree Commands Example The following example configures the spanning tree bridge maximum-age to 10 seconds. Console(config)# spanning-tree max-age 10 spanning-tree priority The spanning-tree priority Global Configuration mode command configures the spanning tree priority of the device. The priority value is used to determine which bridge is elected as the root bridge. Use the no form of this command to return to the default configuration.
Allied Telesis Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example disables spanning-tree on Ethernet port 1/g5. Console(config)# interface ethernet 1/g5 Console(config-if)# spanning-tree disable spanning-tree cost The spanning-tree cost Interface Configuration mode command configures the spanning tree path cost for a port. Use the no form of this command to return to the default configuration.
Spanning-Tree Commands spanning-tree port-priority The spanning-tree port-priority Interface Configuration mode command configures port priority. Use the no form of this command to return to the default configuration. Syntax spanning-tree port-priority priority no spanning-tree port-priority Parameters priority — The priority of the port. (Range: 0 - 240 in multiples of 16) • Default Configuration The default port priority for IEEE Spanning TreeProtocol (STP) is 128.
Allied Telesis Command Line Interface User’s Guide Example The following example enables PortFast on Ethernet port 1/g15. Console(config)# interface ethernet 1/g15 Console(config-if)# spanning-tree portfast spanning-tree link-type The spanning-tree link-type Interface Configuration mode command overrides the default link-type setting determined by the duplex mode of the port and enables Rapid Spanning Tree Protocol (RSTP) transitions to the forwarding state.
Spanning-Tree Commands Parameters long — Specifies port path costs with a range of 1-200,000,000 . • • short — Specifies port path costs with a range of 0-65,535. Default Configuration Short path cost method. Command Mode Global Configuration mode User Guidelines This command applies to all spanning tree instances on the device. The cost is set using the spanning-tree cost command. Example The following example sets the default path cost method to long.
Allied Telesis Command Line Interface User’s Guide spanning-tree guard root The spanning-tree guard root Interface Configuration (Ethernet, port-channel) mode command enables root guard on all spanning tree instances on the interface. Root guard prevents the interface from becoming the root port of the device. Use the no form of this command to disable root guard on the interface. Syntax spanning-tree guard root no spanning-tree guard root Default Configuration Root guard is disabled.
Spanning-Tree Commands Example The following example shutsdown an interface when it receives a BPDU. Console(config)# interface ethernet 1/g1 Console(config-if)# spanning-tree bpduguard clear spanning-tree detected-protocols The clear spanning-tree detected-protocols Privileged EXEC mode command restarts the protocol migration process (forces renegotiation with neighboring devices) on all interfaces or on a specified interface.
Allied Telesis Command Line Interface User’s Guide Default Configuration The default bridge priority for IEEE Spanning Tree Protocol (STP) is 32768. Command Mode Global Configuration mode User Guidelines The device with the lowest priority is selected as the root of the spanning tree. Example The following example configures the spanning tree priority of instance 1 to 4096.
Spanning-Tree Commands Syntax spanning-tree mst instance-id port-priority priority no spanning-tree mst instance-id port-priority Parameters instance-ID—ID of the spanning tree instance. (Range: 1- 715) • • priority—The port priority. (Range: 0 - 240 in multiples of 16) Default Configuration The default port priority for IEEE Multiple Spanning Tree Protocol (MSTP) is 128. Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command.
Allied Telesis Command Line Interface User’s Guide Fast Ethernet (100 Mbps) 200,000 19 Ethernet (10 Mbps) 2,000,000 100 Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example configures the MSTP instance 1 path cost for Ethernet port 1/g9 to 4.
Spanning-Tree Commands Syntax instance instance-id {add | remove} vlan vlan-range Parameters instance-ID—ID of the MST instance (Range: 1-15). • • vlan-range—VLANs to be added to or removed from the specified MST instance. To specify a range of VLANs, use a hyphen. To specify a series of VLANs, use a comma. (Range: 1-4094). Default Configuration VLANs are mapped to the common and internal spanning tree (CIST) instance (instance 0).
Allied Telesis Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example defines the configuration name as region1. Console(config) # spanning-tree mst configuration Console(config-mst) # name region 1 revision (mst) The revision MST configuration command defines the configuration revision number. Use the no form of this command to return to the default configuration.
Spanning-Tree Commands Default Configuration This command has no default configuration. Command Mode MST Configuration mode User Guidelines The pending MST region configuration takes effect only after entering the MST configuration mode. Example The following example displays a pending MST region configuration.
Allied Telesis Command Line Interface User’s Guide abort (mst) The abort MST Configuration mode command exits the MST configuration mode without applying the configuration changes. Syntax abort Default Configuration This command has no default configuration. Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command. Example The following example exits the MST configuration mode without saving changes.
Spanning-Tree Commands Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command. Examples The following examples displays spanning-tree information.
Allied Telesis Command Line Interface User’s Guide Console# show spanning-tree Spanning tree enabled mode RSTP Default port cost method: long Root ID Priority 36864 Address 00:02:4b:29:7a:00 This switch is the root. Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Name State Prio.Nbr Cost Sts Role PortFast Type ---- ------- -------- ----- --- ---- -------- ---------- 1/1 Enabled 128.1 20000 FWD Desg No P2p (RSTP) 1/2 Enabled 128.
Spanning-Tree Commands 1/2 Enabled 128.2 20000 - - - - 1/3 Disabled 128.3 20000 - - - - 1/4 Enabled 128.4 20000 - - - - 1/5 Enabled 128.
Allied Telesis Command Line Interface User’s Guide Bridge ID Priority 36864 Address 00:02:4b:29:7a:00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Name State Prio.Nbr Cost Sts Role PortFast Type ---- ------- -------- ----- --- ---- -------- ---------- 1/4 Enabled 128.
Spanning-Tree Commands Port 2 (1/2) enabled State: Forwarding Role: Designated Port id: 128.2 Port cost: 20000 Type: Shared (configured: auto) STP Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:7a:00 Designated port id: 128.2 Designated path cost: 20000 Number of transitions to forwarding state: 1 BPDU: sent 2, received 170638 Port 3 (1/3) disabled State: N/A Role: N/A Port id: 128.
Allied Telesis Command Line Interface User’s Guide Console# show spanning-tree ethernet 1/g1 Port 1 (1/g1) enabled State: Forwarding Role: Root Port id: 128.1 Port cost: 20000 Type: P2p (configured: auto) RSTP Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:01:42:97:e0:00 Designated port id: 128.
Spanning-Tree Commands Name State Prio.Nbr Cost Sts Role PortFast Type ---- ------- -------- ----- --- ---- -------- ---------- 1/1 Enabled 128.1 20000 FWD Root No P2p Bound (RSTP) 1/2 Enabled 128.2 20000 FWD Desg No Shared Bound (STP) 1/3 Enabled 128.3 20000 FWD Desg No P2p 1/4 Enabled 128.
Allied Telesis Command Line Interface User’s Guide Hello Time 2 sec IST Master ID Max Age 20 sec Priority 32768 Address 00:02:4b:29:7a:00 Forward Delay 15 sec This switch is the IST master. Hello Time 2 sec Max hops Max Age 20 sec Forward Delay 15 sec 20 Number of topology changes 2 last change occurred 2d18h ago Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Port 1 (1/g1) enabled State: Forwarding Role: Root Port id: 128.
Spanning-Tree Commands Port 4 (1/4) enabled State: Forwarding Role: Designated Port id: 128.4 Port cost: 20000 Type: Shared (configured: auto) Internal Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:7a:00 Designated port id: 128.
Allied Telesis Command Line Interface User’s Guide Designated port id: 128.2 Designated cost: 20000 Guard Root: Disabled BPDU Guard: Disabled Number of transitions to forwarding state: 1 BPDU: sent 2, received 170638 Port 3 (1/3) disabled State: Blocking Role: Alternate Port id: 128.3 Port cost: 20000 Type: Shared (configured: auto) Internal Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:1a:19 Designated port id: 128.
Spanning-Tree Commands Bridge ID Address 00:02:4b:19:7a:00 Path Cost 10000 Rem hops 19 Priority 32768 Address 00:02:4b:29:7a:00 Hello Time 2 sec Max hops Max Age 20 sec Forward Delay 15 sec 20 Console# show spanning-tree Spanning tree enabled mode MSTP Default port cost method: long ###### MST 0 Vlans Mapped: 1-9 CST Root ID Priority 32768 Address 00:01:42:97:e0:00 This switch is root for CST and IST master.
Allied Telesis Command Line Interface User’s Guide Chapter 25.SSH Commands ip ssh port The ip ssh port Global Configuration mode command specifies the port to be used by the SSH server. Use the no form of this command to return to the default configuration. Syntax ip ssh port port-number no ip ssh port Parameters port-number — Port number for use by the SSH server (Range: 1 - 65535). • Default Configuration The default port number is 22.
SSH Commands User Guidelines If encryption keys are not generated, the SSH server is in standby until the keys are generated. To generate SSH server keys, use the crypto key generate dsa, and crypto key generate rsa Global Configuration mode commands. Example The following example enables configuring the device from a SSH server. Console(config)# ip ssh server crypto key generate dsa The crypto key generate dsa Global Configuration mode command generates DSA key pairs.
Allied Telesis Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines RSA keys are generated in pairs: one public RSA key and one private RSA key. If the device already has RSA keys, a warning and prompt to replace the existing keys with new keys are displayed. This command is not saved in the device configuration; however, the keys generated by this command are saved in the private configuration which is never displayed to the user or backed up on another device.
SSH Commands Syntax crypto key pubkey-chain ssh Default Configuration No keys are specified. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enters the SSH Public Key-chain Configuration mode and manually configures the RSA key pair for SSH public key-chain bob.
Allied Telesis Command Line Interface User’s Guide Parameters username — Specifies the username of the remote SSH client. (Range: 1-48 characters) • • rsa — Indicates the RSA key pair. • dsa — Indicates the DSA key pair. Default Configuration No SSH public keys exist. Command Mode SSH Public Key-string Configuration mode User Guidelines Follow this command with the key-string SSH Public Key-String Configuration mode command to specify the key.
SSH Commands Use the key-string row SSH Public Key-string Configuration mode command to specify the SSH public key row by row. Each row must begin with a key-string row command. This command is useful for configuration files. Example The following example enters public key strings for SSH public key client bob.
Allied Telesis Command Line Interface User’s Guide Example The following example displays the SSH server configuration. Console# show ip ssh SSH server enabled. Port: 22 RSA key was generated. DSA (DSS) key was generated. SSH Public Key Authentication is enabled. Active incoming sessions: IP address SSH username Version Cipher Auth Code ---------- ------------ --------- ------- ---------- 172.16.0.1 John Brown 2.
SSH Commands Example The following example displays the SSH public RSA keys on the device.
Allied Telesis Command Line Interface User’s Guide Key: 005C300D 06092A86 4886F70D 01010105 00034B00 30480241 00C5E23B 55D6AB22 04AEF1BA A54028A6 9ACC01C5 129D99E4 Fingerprint: 9A:CC:01:C5:78:39:27:86:79:CC:23:C5:98:59:F1:86 Page 244 Not approved by Document Control. For review only.
Syslog Commands Chapter 26.Syslog Commands logging on The logging on Global Configuration mode command controls error message logging. This command sends debug or error messages to a logging process, which logs messages to designated locations asynchronously to the process that generated the messages. Use the no form of this command to disable the logging process. Syntax logging on no logging on Default Configuration Logging is enabled.
Allied Telesis Command Line Interface User’s Guide Parameters ip-address — IP address of the host to be used as a syslog server. • • hostname — Specifies the host name of the syslog server. (Range: 1-158 characters) • port — Specifies the port number for syslog messages. (Range: 1 - 65535) • level — Specifies the severity level of logged messages sent to the syslog servers. Possible values: • • emergencies, alerts, critical, errors, warnings, notifications, informational and debugging.
Syslog Commands Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example limits logging messages displayed on the console to severity level errors. Console(config)# logging console errors logging buffered The logging buffered Global Configuration mode command limits syslog messages displayed from an internal buffer based on severity. Use the no form of this command to cancel using the buffer.
Allied Telesis Command Line Interface User’s Guide Syntax logging buffered size number no logging buffered size Parameters number — Specifies the maximum number of messages stored in the history table. (Range: 20 - 400) • Default Configuration The default number of messages is 200. Command Mode Global Configuration mode User Guidelines This command takes effect only after Reset. Example The following example changes the number of syslog messages stored in the internal buffer to 300.
Syslog Commands logging file The logging file Global Configuration mode command limits syslog messages sent to the logging file based on severity. Use the no form of this command to cancel using the buffer. Syntax logging file level no logging file Parameters level — Specifies the severity level of syslog messages sent to the logging file. Possible values: • emergencies, alerts, critical, errors, warnings, notifications, informational and debugging.
Allied Telesis Command Line Interface User’s Guide Example The following example clears messages from the logging file. Console# clear logging file Clear Logging File [confirm] aaa logging The aaa logging Global Configuration mode command enables logging AAA login events. Use the no form of this command to disable logging AAA login events.
Syslog Commands Parameters copy — Indicates logging messages related to file copy operations. • • delete-rename — Indicates logging messages related to file deletion and renaming operations. Default Configuration Logging file system events is enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables logging messages related to file copy operations.
Allied Telesis Command Line Interface User’s Guide show logging The show logging Privileged EXEC mode command displays the state of logging and the syslog messages stored in the internal buffer. Syntax show logging Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the state of logging and the syslog messages stored in the internal buffer.
Syslog Commands 11-Aug-2004 15:41:43: %LINK-3-UPDOWN: Interface Ethernet1/2, changed state to up 11-Aug-2004 15:41:43: %LINK-3-UPDOWN: Interface Ethernet1/3, changed state to up 11-Aug-2004 15:41:43: %SYS-5-CONFIG_I: Configured from memory by console 11-Aug-2004 15:41:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up 11-Aug-2004 15:41:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet1/0, changed state to down 11-Aug-2004 15:41:39: %LINEPROTO-5-UPDOWN: Line
Allied Telesis Command Line Interface User’s Guide 29-Nov-2007 17:46:02 :%LINK-I-Up: 2/g16 29-Nov-2007 17:46:02 :%LINK-I-Up: Vlan 1 29-Nov-2007 17:45:59 :%LINK-W-Down: 3/g14 29-Nov-2007 17:45:59 :%LINK-W-Down: Vlan 1 29-Nov-2007 17:36:58 :%AAA-I-CONNECT: New http connection for user Admin, source 192.168.1.96 destination 192.168.1.25 ACCEPTED 29-Nov-2007 17:36:36 :%AAA-W-REJECT: New http connection for user manager, sourc e 192.168.1.96 destination 192.168.1.
Syslog Commands Example The following example displays the logging state and the syslog messages stored in the logging file. Console# show logging file Logging is enabled. Console logging: level debugging. Console Messages: 0 Dropped (severity). Buffer logging: level debugging. Buffer Messages: 11 Logged, 200 Max. File logging: level notifications. File Messages: 0 Dropped (severity). Syslog server 192.180.2.27 logging: errors. Messages: 6 Dropped (severity). Syslog server 192.180.2.28 logging: errors.
Allied Telesis Command Line Interface User’s Guide Console# show logging file Logging is enabled. Console Logging: Level info. Console Messages: 226 Dropped. Buffer Logging: Level info. Buffer Messages: 20 Logged, 6 Displayed, 20 Max. File Logging: Level error. File Messages: 27 Logged, 1092 Dropped. SysLog server 192.168.1.101 Port: 514. Logging: info. Messages: 219 Dropped.
Syslog Commands IP address Port Severity Facility Description ------------ ---- ------------- -------- ----------- 192.180.2.27 514 Informational local7 192.180.2.
Allied Telesis Command Line Interface User’s Guide Chapter 27.TACACS+ Commands tacacs-server host The tacacs-server host Global Configuration mode command specifies a TACACS+ host. Use the no form of this command to delete the specified name or address.
TACACS+ Commands Example The following example specifies a TACACS+ host. Console(config)# tacacs-server host 172.16.1.1 tacacs-server key The tacacs-server key Global Configuration mode command sets the authentication encryption key used for all TACACS+ communications between the device and the TACACS+ daemon. Use the no form of this command to disable the key.
Allied Telesis Command Line Interface User’s Guide Default Configuration 5 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets the timeout value to 30. Console(config)# tacacs-server timeout 30 tacacs-server source-ip The tacacs-server source-ip Global Configuration mode command configures the source IP address to be used for communication with TACACS+ servers.
TACACS+ Commands Syntax show tacacs [ip-address] Parameters ip-address — Name or IP address of the TACACS+ server. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays configuration and statistical information about a TACACS+ server.
Allied Telesis Command Line Interface User’s Guide Chapter 28.System Management Commands ping The ping User EXEC mode command sends ICMP echo request packets to another node on the network. Syntax ping {ip-address | hostname } [size packet_size] [count packet_count] [timeout time_out] Parameters ip-address — IP address to ping. • • hostname — Host name to ping. (Range: 1-158 characters) • packet_size — Number of bytes in a packet.
System Management Commands Example The following example displays pinging results: Console> ping 10.1.1.1 Pinging 10.1.1.1 with 64 bytes of data: 64 64 64 64 bytes bytes bytes bytes from from from from 10.1.1.1: 10.1.1.1: 10.1.1.1: 10.1.1.1: icmp_seq=0. icmp_seq=1. icmp_seq=2. icmp_seq=3. time=11 ms time=8 ms time=8 ms time=7 ms ----10.1.1.1 PING Statistics---4 packets transmitted, 4 packets received, 0% packet loss round-trip (ms) min/avg/max = 7/8/11 Console> ping yahoo.com. Pinging yahoo.com 66.
Allied Telesis Command Line Interface User’s Guide reload The reload Privileged EXEC mode command reloads the operating system. Syntax reload Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines Caution should be exercised when resetting the device, to ensure that no other activity is being performed. In particular, the user should verify that no configuration files are being downloaded at the time of reset.
System Management Commands hostname The hostname Global Configuration mode command specifies or modifies the device host name. Use the no form of this command to remove the existing host name. Syntax hostname name no hostname Parameters name — The host name. of the device. (Range: 1-158 characters) • Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
Allied Telesis Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines This command is not relevant to standalone devices. The following algorithm is used to select a unit as the master: • • If only one master-enabled unit is in the stack (1 or 2), it becomes the master. If a unit configured as a forced master, it becomes the master.
System Management Commands Example The following example reloads Unit 2 of the stack. Console(config)# stack reload unit 2 stack change unit-id Note This command is operational in the AT-S94/24, AT-S94/24POE, AT-S94/48 and AT-S94/48POE devices. The stack change unit-id Global Configuration mode command is used to change the Unit ID of a specific unit. Syntax stack change unit-id unit-number to new-unit-number Parameters • unit-number— Specifies the current number of the unit.
Allied Telesis Command Line Interface User’s Guide Syntax show stack [unit unit] Parameters unit— Specifies the number of the unit. (Range: 1-6) • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command is not relevant to standalone devices. Example The following example displays stack status..
System Management Commands Topology is Ring Unit Num After Reset: 1 Console> show stack Unit MAC Address Software Master Uplink Downlink Status ---- ----------------- -------- -------- ------ -------- ------ 1 10:20:30:40:50:60 v1.1.0.29 Forced 6 2 master 2 00:00:00:00:48:05 v1.1.0.29 Enabled 1 3 backup 3 00:00:f4:48:01:00 v1.1.0.29 Disabled 2 4 slave 4 00:15:77:37:33:e0 v1.1.0.29 Disabled 3 5 slave 5 00:30:00:00:30:00 v1.1.0.
Allied Telesis Command Line Interface User’s Guide Syntax show users Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays information about the active users. Console show users Username Protocol Location ---------- ----------- ------------ Bob Serial John SSH Robert HTTP 172.16.0.8 Betty Telnet 172.16.1.7 172.16.0.
System Management Commands Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example lists open Telnet sessions. Console> show sessions Connection Host Address Port Byte ---------- ------------- ---------- ----- ---- 1 Remote device 172.16.1.1 23 89 2 172.16.1.2 172.16.1.2 23 8 The following table describes significant fields shown above. Field D escr ip tio n Connection Connection number.
Allied Telesis Command Line Interface User’s Guide Example The following example displays the system information. Console# show system unit 1 System Description: 24-port 10/100/1000 Ethernet Switch with PoE System Up Time (days, hour:min:sec): 00.02:28:29 System Contact: System Name: Stack System Location: System MAC Address: 00:31:c7:19:13:00 System Object ID: 1.3.6.1.4.1.207.1.4.
System Management Commands Syntax show system id [unit unit] Parameters unit unit — Unit number. • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the system information.
Allied Telesis Command Line Interface User’s Guide Syntax show version [unit unit] Parameters unit— Specifies the number of the unit. (Range: 1-6) • Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays system version information (only for demonstration purposes).
System Management Commands set system The set system Priviledged EXEC mode command activates/deactivates features. Syntax set system qos {active | inactive} policy-based-vlans {active | inactive} Parameters qos active — Activate QoS. • • qos inactive — Deactivate QoS. • policy-based-vlans active — Activate Policy based VLANs. • policy-based-vlans inactive — Deactivate Policy based VLANs. Default Configuration This command has no default configuration.
Allied Telesis Command Line Interface User’s Guide Chapter 29.User Interface Commands enable The enable User EXEC mode command enters the Privileged EXEC mode. Syntax enable [privilege-level] Parameters privilege-level — Privilege level to enter the system. (Range: 1 - 15) • Default Configuration The default privilege level is 15. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
User Interface Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example returns to Users EXEC mode. Console# disable Console> login The login User EXEC mode command changes a login username. Syntax login Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
Allied Telesis Command Line Interface User’s Guide Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example enters Global Configuration mode. Console# configure Console(config)# exit (Configuration) The exit command exits any configuration mode to the next highest mode in the CLI mode hierarchy. Syntax exit Default Configuration This command has no default configuration.
User Interface Commands Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command. Example The following example closes an active terminal session. Console> exit end The end command ends the current configuration session and returns to the Privileged EXEC mode. Syntax end Default Configuration This command has no default configuration. Command Mode All configuration modes. User Guidelines There are no user guidelines for this command.
Allied Telesis Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example describes the help system. Console# help Help may be requested at any point in a command by entering a question mark '?'. If nothing matches the currently entered incomplete command, the help list is empty. This indicates that for a query at this point, there is no command matching the current input.
User Interface Commands show history The show history User EXEC mode command lists the commands entered in the current session. Syntax show history Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines The buffer includes executed and unexecuted commands. Commands are listed from the first to the most recent command. The buffer remains unchanged when entering into and returning from configuration modes.
Allied Telesis Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example displays the current privilege level for the Privileged EXEC mode. Console# show privilege Current privilege level is 15 Page 282 Not approved by Document Control. For review only.
VLAN Commands Chapter 30.VLAN Commands vlan database The vlan database Global Configuration mode command enters the VLAN Configuration mode. Syntax vlan database Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enters the VLAN database mode. Console(config)# vlan database Console(config-vlan)# vlan The vlan VLAN Configuration mode command creates a VLAN.
Allied Telesis Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example VLAN number 1972 is created. console(config)# vlan database console(config-vlan)# vlan 1972 console(config-vlan)# default-vlan disable The default-vlan disable VLAN Configuration mode command disables the default VLAN functionality. Use the no form of this command to enable the default VLAN functionality.
VLAN Commands Default Configuration 1 Command Mode VLAN Configuration mode User Guidelines There are no user guidelines for this command. Note After running the command, the device must be reset. Example console(config-vlan)# default-vlan vlan 1 console(config-vlan)# interface vlan The interface vlan Global Configuration mode command enters the Interface Configuration (VLAN) mode. Syntax interface vlan vlan-id Parameters • vlan-id — Specifies an existing VLAN ID.
Allied Telesis Command Line Interface User’s Guide Example In the following example, for VLAN 1, the address is 131.108.1.27 and the subnet mask is 255.255.255.0: console(config)# interface vlan 1 console(config-if)# ip address 131.108.1.27 255.255.255.0 interface range vlan The interface range vlan Global Configuration mode command enables simultaneously configuring multiple VLANs. Syntax interface range vlan {vlan-range | all} Parameters vlan-range — Specifies a list of VLAN IDs to be added.
VLAN Commands Parameters string — Unique name to be associated with this VLAN. (Range: 1-32 characters) • Default Configuration No name is defined. Command Mode Interface Configuration (VLAN) mode. Cannot be configured for a range of interfaces (range context). User Guidelines There are no user guidelines for this command. Example The following example gives VLAN number 19 the name Marketing.
Allied Telesis Command Line Interface User’s Guide Example This example configures ethernet port 1/g8 as a protected port, so that all traffic is sent to its uplink (ethernet port 1/g9).
VLAN Commands switchport access vlan The switchport access vlan Interface Configuration mode command configures the VLAN ID when the interface is in access mode. Use the no form of this command to return to the default configuration. Syntax switchport access vlan {vlan-id } no switchport access vlan Parameters vlan-id — Specifies the ID of the VLAN to which the port is configured. • Default Configuration All ports belong to VLAN 1.
Allied Telesis Command Line Interface User’s Guide Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example adds VLANs 1, 2, 5 to 6 to the allowed list of Ethernet port 1/g16.
VLAN Commands Syntax switchport general allowed vlan add vlan-list [tagged | untagged] switchport general allowed vlan remove vlan-list Parameters add vlan-list — Specifies the list of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma • • • • and no spaces. A hyphen designates a range of IDs. remove vlan-list — Specifies the list of VLAN IDs to be removed. Separate nonconsecutive VLAN IDs with a comma and no spaces. A hyphen designates a range of IDs.
Allied Telesis Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example configures the PVID for Ethernet port 1/g16, when the interface is in general mode. Console(config)# interface ethernet 1/g16 Console(config-if)# switchport general pvid 234 switchport general ingress-filtering disable The switchport general ingress-filtering disable Interface Configuration mode command disables the ingress filtering of a port.
VLAN Commands Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example configures Ethernet port 1/g16 to discard untagged frames at ingress.
Allied Telesis Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines MAC based VLAN rules cannot contain overlapping ranges on the same interface. The priority between VLAN classification rules is: • • MAC based VLAN (Best match between the rules) PVID The interface must be in General Mode to configure a MAC-based classification rule.
VLAN Commands Example The following example maps a MAC address or a range of MAC addresses to a group of MAC addresses. console(config)# vlan database console(config-vlan)# map mac 00:08:78:32:98:78 9 macs-group 1 interface ethernet g17 show vlan macs-group The show vlan macs-group privileged EXEC command displays MAC group information. Syntax show vlan macs-group Default Configuration This command has no default configuration.
Allied Telesis Command Line Interface User’s Guide Default Configuration All VLANs are allowed. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command can be used to prevent GVRP from automatically making the specified VLANs active on the selected ports. Example The following example forbids adding VLAN IDs 234 to 256 to Ethernet port 1/g16.
VLAN Commands Example The following example reserves an unused VLAN as the internal usage VLAN of ethernet port 1/g8.
Allied Telesis Command Line Interface User’s Guide show vlan The show vlan Privileged EXEC mode command displays VLAN information. Syntax show vlan [tag vlan-id | name vlan-name ] Parameters vlan-id — specifies a VLAN ID • • vlan-name — Specifies a VLAN name string. (Range: 1 - 32 characters) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
VLAN Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays VLANs used internally by the device.
Allied Telesis Command Line Interface User’s Guide Example The following example displays the switchport configuration for Ethernet port 1/g1. Console# show interface switchport ethernet 1/g1 Port 1/g1: VLAN Membership mode: General Operating parameters: PVID: 1 (default) Ingress Filtering: Enabled Acceptable Frame Type: All GVRP status: Enabled Protected: Enabled, Uplink is 1/g9.
VLAN Commands 73 out Console show interface switchport ethernet 1/g2 Port 1/g2: VLAN Membership mode: General Operating parameters: PVID: 4095 (discard vlan) Ingress Filtering: Enabled Acceptable Frame Type: All Port 1/g1 is member in: Vlan Name Egress rule Type ---- ------------ ----------- ------ 91 IP Telephony tagged Static Static configuration: PVID: 8 Ingress Filtering: Disabled Acceptable Frame Type: All Port 1/g2 is statically configured to: Vlan Name Egress rule ---- ------------
Allied Telesis Command Line Interface User’s Guide Acceptable Frame Type: Untagged GVRP status: Disabled Page 302 Not approved by Document Control. For review only.
Web Server Commands Chapter 31.Web Server Commands ip http server The ip http server Global Configuration mode command enables configuring the device from a browser. Use the no form of this command to disable this function. Syntax ip http server no ip http server Default Configuration HTTP server is enabled. Command Mode Global Configuration mode User Guidelines Only a user with access level 15 can use the Web server. Example The following example enables configuring the device from a browser.
Allied Telesis Command Line Interface User’s Guide User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate. Specifying 0 as the port number effectively disables HTTP access to the device. Example The following example configures the http port number to 100. Console(config)# ip http port 100 ip http exec-timeout The ip http port Global Configuration mode command specifies the TCP port to be used by the Web browser interface.
Web Server Commands Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate. Example The following example enables configuring the device from a secured browser. Console(config)# ip https server ip https port The ip https port Global Configuration mode command specifies the TCP port used by the server to configure the device through the Web browser.
Allied Telesis Command Line Interface User’s Guide Parameters • minutes — Integer that specifies the number of minutes. (Range: 1 - 65535) • seconds — Additional time intervals in seconds. (Range: 0-59) Default Configuration The default configuration is the exec-timeout set by the ip http exec-timeout command. Command Mode Global Configuration mode User Guidelines To specify no timeout, enter the ip https exec-timeout 0 0 command.
Web Server Commands If no URL or IP address is specified, the default common name is the lowest IP address of the device at the time that the certificate is generated. If the number of days is not specified, the default period of time that the certification is valid is 365 days.
Allied Telesis Command Line Interface User’s Guide User Guidelines Use this command to export a certificate request to a Certification Authority. The certificate request is generated in Base64-encoded X.509 format. Before generating a certificate request you must first generate a self-signed certificate using the crypto certificate generate Global Configuration mode command. Be aware that you have to reenter the certificate fields.
Web Server Commands User Guidelines Use this command to enter an external certificate (signed by Certification Authority) to the device. To end the session, enter an empty line. The imported certificate must be based on a certificate request created by the crypto certificate request Privileged EXEC mode command. If the public key found in the certificate does not match the device's SSL RSA key, the command fails.
Allied Telesis Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines The crypto certificate generate command should be used to generate HTTPS certificates. Example The following example configures the active certificate for HTTPS. Console(config)# ip https certificate 1 show crypto certificate mycertificate The show crypto certificate mycertificate Privileged EXEC mode command displays the SSH certificates of the device.
Web Server Commands Issued by: www.verisign.com Valid from: 8/9/2003 to 8/9/2004 Subject: CN= router.gm.com, 0= General Motors, C= US Finger print: DC789788 DC88A988 127897BC BB789788 show ip http The show ip http Privileged EXEC mode command displays the HTTP server configuration. Syntax show ip http Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Allied Telesis Command Line Interface User’s Guide Example The following example displays the HTTP server configuration. Console# show ip https HTTPS server enabled. Port: 443 Certificate 1 is active Issued by: www.verisign.com Valid from: 8/9/2004 to 8/9/2005 Subject: CN= router.gm.com, 0= General Motors, C= US Finger print: DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by: self-signed Valid from: 8/9/2004 to 8/9/2005 Subject: CN= router.gm.
802.1x Commands Chapter 32.802.1x Commands aaa authentication dot1x The aaa authentication dot1x Global Configuration mode command specifies one or more authentication, authorization, and accounting (AAA) methods for use on interfaces running IEEE 802.1X. Use the no form of this command to return to the default configuration. Syntax aaa authentication dot1x default method1 [method2...] no aaa authentication dot1x default Parameters • method1 [method2...
Allied Telesis Command Line Interface User’s Guide no dot1x system-auth-control Default Configuration 802.1x is disabled globally. Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables 802.1x globally. Console(config)# dot1x system-auth-control dot1x port-control The dot1x port-control Interface Configuration mode command enables manually controlling the authorization state of the port.
802.1x Commands Example The following example enables 802.1X authentication on Ethernet port 1/g16. Console(config)# interface ethernet 1/g16 Console(config-if)# dot1x port-control auto dot1x re-authentication The dot1x re-authentication Interface Configuration mode command enables periodic re-authentication of the client. Use the no form of this command to return to the default configuration.
Allied Telesis Command Line Interface User’s Guide Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example sets the number of seconds between re-authentication attempts, to 300. Console(config)# interface ethernet 1/g16 Console(config-if)# dot1x timeout re-authperiod 300 dot1x re-authenticate The dot1x re-authenticate Privileged EXEC mode command manually initiates a re-authentication of all 802.
802.1x Commands Parameters seconds — Specifies the time in seconds that the device remains in the quiet state following a failed • authentication exchange with the client. (Range: 0 - 65535 seconds) Default Configuration Quiet period is 60 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines During the quiet period, the device does not accept or initiate authentication requests.
Allied Telesis Command Line Interface User’s Guide User Guidelines The default value of this command should be changed only to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients. and authentication servers Example The following command sets the number of seconds that the device waits for a response to an EAP-request/ identity frame, to 3600 seconds.
802.1x Commands Syntax dot1x timeout supp-timeout seconds no dot1x timeout supp-timeout Parameters seconds — Time in seconds that the device waits for a response to an EAP-request frame from the client • before resending the request. (Range: 1- 65535 seconds) Default Configuration Default timeout period is 30 seconds.
Allied Telesis Command Line Interface User’s Guide User Guidelines The actual timeout can be determined by comparing the dot1x timeout server-timeout value and the result of multiplying the radius-server retransmit value with the radius-server timeout value and selecting the lower of the two values. Example The following example sets the time for the retransmission of packets to the authentication server to 3600 seconds.
802.1x Commands 1/g5 Force-auth Unauthorized* Disabled 3600 n/a * Port is down or not present. console# Console# show dot1x ethernet 1/g1 802.1x is enabled.
Allied Telesis Command Line Interface User’s Guide Port Admin Mode Oper Mode Reauth Control Reauth Period Username ---- ---------- --------- ------- ------ -------- 1/g1 Auto Authorized Ena 3600 Bob 1/g2 Auto Authorized Ena 3600 John 1/g3 Auto Unauthorized Ena 3600 Clark 1/g4 Force-auth Authorized Dis 3600 n/a 1/g5 Force-auth Unauthorized* Dis 3600 n/a * Port is down or not present. Console# show dot1x ethernet 1/g3 802.1x is enabled.
802.1x Commands The following table describes significant fields shown above: Field Description Port The port number. Admin mode The port admin mode. Possible values: Force-auth, Force-unauth, Auto. Oper mode The port oper mode. Possible values: Authorized, Unauthorized or Down. Reauth Control Reauthentication control. Reauth Period Reauthentication period. Username The username representing the identity of the Supplicant. This field shows the username in case the port control is auto.
Allied Telesis Command Line Interface User’s Guide Parameters username — Supplicant username (Range: 1-160 characters) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays 802.1X users. Console# show dot1x users Port Username Session Time Auth Method MAC Address ----- -------- ------------ ----------- -------------- 1/g1 Bob 1d:03:08.
802.1x Commands Syntax show dot1x statistics ethernet interface Parameters interface — Valid Ethernet port. (Full syntax: unit/port) • Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays 802.1X statistics for the specified interface.
Allied Telesis Command Line Interface User’s Guide The following table describes the significant fields shown in the display: Field Description EapolFramesRx The number of valid EAPOL frames of any type that have been received by this Authenticator. EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator. EapolStartFramesRx The number of EAPOL Start frames that have been received by this Authenticator.
802.1x Commands User Guidelines An access port cannot be a member in an unauthenticated VLAN. The native VLAN of a trunk port cannot be an unauthenticated VLAN. For a general port, the PVID can be an unauthenticated VLAN (although only tagged packets would be accepted in the unauthorized state.) Example The following example enables access to the VLAN to unauthorized devices.
Allied Telesis Command Line Interface User’s Guide dot1x single-host-violation The dot1x single-host-violation Interface Configuration (Ethernet) mode command configures the action to be taken, when a station whose MAC address is not the supplicant MAC address, attempts to access the interface. Use the no form of this command to restore defaults.
802.1x Commands Parameters mac-only — Enable authentication based on the station's MAC address only. 802.1X frames are ignored. • • mac-and-802.1x — Enable 802.1X authentication and MAC address authentication on the interface. Default Configuration Disabled. Command Mode Interface configuration (Ethernet) User Guidelines Guest VLAN must be enabled when MAC authentication is enabled. Static MAC addresses can't be authorized. Do not change authenticated MAC address to static address.
Allied Telesis Command Line Interface User’s Guide The following example displays 802.1X advanced features for the switch. Console# show dot1x advanced Guest VLAN: 3978 Unauthenticated VLANs: 91,92 Interface Multiple Hosts Guest VLAN MAC Authentication --------- -------------- ---------- ---------- 1/1 Disabled Enabled MAC-and-802.
802.1x Commands Default Configuration Disabled. Command Mode Interface Configuration (Ethernet) mode User Guidelines A device can have only one global guest VLAN. The guest VLAN is defined using the dot1x guest-vlan Interface Configuration mode command. Example The following example enables unauthorized users on Ethernet port 1/g1 to access the guest VLAN.
Allied Telesis Command Line Interface User’s Guide Index A aaa authentication dot1x 313 aaa authentication dot1x default 313 aaa authentication enable 25 aaa authentication login 24 aaa logging 250 abort (mst) 224 autobaud 132 B back-pressure 88 boot system 69, 75 bridge address 34 bridge aging-time 38 bridge multicast address 35 bridge multicast filtering 34 bridge multicast forbidden address 36 bridge multicast forbidden forward-all 38 bridge multicast forward-all 37 C channel-group 153 clear bridge 39 c
Index gvrp enable (Interface) 103 gvrp registration-forbid 105 gvrp vlan-creation-forbid 105 H help 279 history 133 history size 134 hostname 265 how bootvar 71 I instance (mst) 220 Intended Audience 2 Interface Configuration Mode 7 interface ethernet 82 interface port-channel 152 interface range ethernet 82 interface range port-channel 152 interface range vlan 286 interface vlan 284, 285 ip address 119 ip address-dhcp 119 ip default-gateway 120 ip http authentication 27 ip http port 303 ip http server 303
Allied Telesis Command Line Interface User’s Guide Preface 1 priority-queue out num-of-queues 165 Privileged EXEC Mode 5 Q qos 164 qos cos 170 qos map dscp-queue 169 qos trust (Global) 170 R radius-server deadtime 175 radius-server host 172 radius-server key 173 radius-server retransmit 173 radius-server source-ip 174 radius-server timeout 175 rate-limit 165 reload 264 revision (mst) 222 rmon alarm 184 rmon collection history 180 rmon event 187 rmon table-size 190 S set interface active 90 show (mst) 222 s
Index show snmp engineID 204 show snmp filters 206 show snmp groups 205 show snmp users 207 show snmp views 205 show sntp configuration 62 show sntp status 63 show spanning-tree 224 show stack 267 show startup-config 70, 76 show syslog-servers 256 show system 271 show tacacs 260 show users 269 show version 273 show vlan 298 show vlan internal usage 298 show vlan macs-group 295 shutdown 83 snmp-server community 192 snmp-server contact 201 snmp-server enable traps 197 snmp-server engineID local 196 snmp-serv
Allied Telesis Command Line Interface User’s Guide terminal history 134 terminal history size 135 test copper-port tdr 149 traffic-shape 166 U User EXEC Mode 5 user-key 239 username 30 V vlan 283 vlan database 283 W wrr-queue cos-map 167 Page 336
