Chapter 8 Switching Introduction ................................................................................................... 8-4 Switch Ports ................................................................................................... 8-5 Enabling and Disabling Switch Ports ........................................................ 8-5 Speed and Duplex Mode ......................................................................... 8-7 Switch Instances on 48-Port Switches ......................
8-2 AlliedWare OS Software Reference Configuration Examples ............................................................................... One Switch to Extend a Local LAN ......................................................... VLAN with Untagged Ports .................................................................... VLAN with Tagged Ports ........................................................................ Meshed Network with VLAN Tagged Ports .............................................
Switching 8-3 reset lacp port counter .......................................................................... 8-93 reset switch ........................................................................................... 8-93 reset switch port ................................................................................... 8-94 set lacp port .......................................................................................... 8-95 set lacp priority ...............................................
8-4 AlliedWare OS Software Reference Introduction This chapter gives an overview of Layer 1 (the physical layer), 2 (the data link layer), and 3 (the network layer) switching, and describes the support for switching and how to configure and operate the switching functions. The switch, also referred to as a MAC (media access control) bridge, a data link relay, or a Layer 2 switch, can connect multiple Local Area Network (LAN) segments together to form an extended LAN.
Switching 8-5 By using Virtual LANs (VLANs), a single physical LAN can be separated into multiple Virtual LANs. VLANs can be used to: ■ Further improve LAN performance, as broadcast traffic is limited to LAN segments serving members of the VLAN to which the sender belongs. ■ Provide security, as frames are forwarded to those stations belonging to the sender’s VLAN, and not to stations in other VLANs on the same physical LAN.
8-6 AlliedWare OS Software Reference Resetting ports Resetting Ethernet ports at the hardware level discards all frames queued for reception or transmission on the port, restarts autonegotiation of port speed and duplex mode, and resets port counters.
Switching 8-7 Figure 8-1: Output of the show switch port command when the port is enabled Switch Port Information ------------------------------------------------------Port .......................... 13 Description ................. Status ...................... ENABLED Link State .................. Up . . . Figure 8-2: Output of the show switch port command when the port is disabled at the software level Switch Port Information ------------------------------------------------------Port .................
-8 AlliedWare OS Software Reference Speed options The switch supports ports with the following speed options: ■ RJ-45 base ports on Rapier 24i and Rapier 48i switches: 10 or 100Mbps ■ fibre base ports on Rapier 16fi switches: 100Mbps ■ AT-A35 fibre uplink modules: 1000Mbps ■ AT-A39 RJ-45 copper uplink modules: 10, 100 or 1000Mbps ■ AT-A40 and AT-A41 fibre uplink modules: 100Mbps ■ AT-A42 GBIC uplink modules: 1000Mbps You can set a port to use one of these speed options, or allow it to autone
Switching 8-9 autonegotiating end selects 100Mbps half-duplex operation. Using 100Mfauto at the “fixed” end of the link would allow the autonegotiating end to autonegotiate 100Mbps full-duplex mode. This gains the benefits of autonegotiation while forcing operation at the desired speed. Also, if you override a port’s autonegotiation by setting it to a fixed speed and duplex mode, automatic MDI/MDI-X detection is also overridden. The port defaults to MDI-X.
8-10 AlliedWare OS Software Reference Port Trunking Port trunking, also known as port bundling or link aggregation, allows a number of ports to be configured to join together to make a single logical connection of higher bandwidth. This can be used where a higher performance link is required, and makes links even more reliable. Port trunking must be configured on both ends of the link, or network loops may result. The switch supports static 802.
Switching 8-11 Link Aggregation Control Protocol (LACP) The implementation of the Link Aggregation Control Protocol (LACP) follows the IEEE Standard 802.3-2002, CSMA/CD access method and physical layer specifications. LACP operates where systems are connected over multiple communications links. Once LACP has been initially configured and enabled, it automatically creates trunk groups and assigns appropriate links to their membership.
8-12 AlliedWare OS Software Reference Packet Storm Protection The packet storm protection feature allows the user to set limits on the reception rate of broadcast, multicast and destination lookup failure packets. The software allows separate limits to be set for each port, beyond which each of the different packet types are discarded. The software also allows separate limits to be set for each of the packet types. Which of these options can be implemented depends on the model of switch hardware.
Switching 8-13 By default, when mirroring is disabled, no mirror port is set and no source ports are set to be mirrored. Mirroring functions when a switch mirror port is set to a valid port. When mirroring is enabled and the switch mirror port is set to none, then mirroring can be disabled by using the commands: enable switch mirror disable switch mirror The show switch port and show switch commands display the switch and port mirroring settings.
8-14 AlliedWare OS Software Reference Virtual Local Area Networks (VLANs) A Virtual LAN (VLAN) is a logical, software-defined subnetwork. It allows similar devices on the network to be grouped together into one broadcast domain, regardless of their physical location in the network. Multiple VLANs can be used to group workstations, servers, stacks, and other network equipment connected to the switch, according to similar data and security requirements.
Switching 8-15 VLAN assignment is enabled or disabled using the vlanassignment parameter of a number of port authentication commands. For more information, see Chapter 44, Port Authentication. The Configured and Actual fields of the show vlan command show which ports are configured for the VLAN and which have been dynamically assigned to the VLAN.
8-16 AlliedWare OS Software Reference If the multi-supplicant mode is enabled on a port authentication port, the behaviour of the first authenticated supplicant is the same as that of a supplicant in single-supplicant mode. For all further supplicants, the securevlan parameter specifies the action that is taken when authenticating any supplicants after the first supplicant has authenticated.
Switching 8-17 Table 8-1: Fields in the Ethernet frame for QoS and VLAN switching (cont.) Field Length Meaning and use CFI 1 bit The Canonical Format Indicator (CFI flag) indicates whether all MAC address information that may be present in the MAC data carried by the frame is in canonical format. VID 12 bits The VLAN Identifier (VID) field uniquely identifies the VLAN to which the frame belongs.
8-18 AlliedWare OS Software Reference do not support VLAN tagging. The switch can be configured to send VLAN tagged or untagged frames on each port, depending on whether the devices connected to the port are VLAN-aware. By assigning a port to two different VLANs, to one as an untagged port and to another as a tagged port, it is possible for the port to transmit both VLAN-tagged and untagged frames. A port must belong to a VLAN at all times unless the port has been set as the mirror port for the switch.
Switching 8-19 Figure 8-5: VLANs with tagged ports Training VLAN VID=3 Port 3 Port 22 Port 21 Port 26 Switch A Switch B Port 25 Port 1 Port 4 Port 2 Port 23 Admin VLAN VID=2 Marketing VLAN VID=4 VLAN-aware server 411 SWITCH3 Table 8-3: VLAN membership of example of a network using tagged ports VLAN Member ports Training 3, 26 on Switch A 21, 22, 25 on Switch B Marketing 2, 4, 26 on Switch A 23, 25 on Switch B Admin 1, 2 on Switch A VLAN Membership of Untagged Packets A VLAN that does
8-20 AlliedWare OS Software Reference If the network includes VLANs that do not need to share network resources or span several switches, VLAN membership can usefully be based on untagged ports. Otherwise, VLAN membership should be determined by tagging (see “VLAN Tagging” on page 8-16). Figure 8-6 on page 8-20 shows two port-based VLANs with untagged ports. Ports 1-3 belong to the marketing VLAN, and ports 14-16 belong to the training VLAN.
Switching 8-21 To add tagged ports to a VLAN, use the command: add vlan={vlan-name|1..4094} port={port-list|all} frame=tagged A port can be tagged for any number of VLANs. To add untagged ports to a VLAN, use the command: add vlan={vlan-name|1..4094} port={port-list|all} [frame=untagged] A port can be untagged for zero or one VLAN. A port can be added only to the default VLAN as an untagged port when it is not untagged for another VLAN.
8-22 AlliedWare OS Software Reference Summary of VLAN Tagging Rules When designing a VLAN and adding ports to VLANs, consider the following rules: • Except for the mirror port, each port must belong to at least one static VLAN. By default, a port is an untagged member of the default VLAN. • A port can be untagged for zero or one VLAN. A port that is untagged for a VLAN transmits frames destined for that VLAN without a VLAN tag in the Ethernet frame. • A port can be tagged for zero or more VLANs.
Switching 8-23 Protected VLANs Layer 2 traffic is blocked between ports that are members of a protected VLAN. However, traffic can be Layer 3 switched to another VLAN. This feature prevents members of a protected VLAN from communicating with each other but lets members access another network. Layer 3 routing between ports in a protected VLAN can be prevented by adding a Layer 3 filter. The protected VLAN feature also allows all of the members of the protected VLAN to be in the same subnet.
8-24 AlliedWare OS Software Reference Figure 8-7: Example network configuration using private VLANs ISP 1 ISP 2 VLANs 2 and 3 VLANs 11 and 12 Uplink (trunk group) Uplink 17 18 19 20 21 22 23 24 1 2 3 4 5 6 7 8 private port private port private group (may be a trunk group) Customer 1 VLAN 12 ISP 2 25 Customer 3 Customer 2 VLANs 2 and 3 ISP 1 VLANs 2, 3 and 11 ISPs 1 and 2 Membership rules for private VLANs private-vlan Each private VLAN: • Must contain one uplink port or u
Switching Private VLANs on 48-port switches Configuring private VLANs 8-25 Private VLANs on a 48-port switch can consist of only ports from one switch instance. Both the private ports and the uplink port must be in the same instance. See “Switch Instances on 48-Port Switches” on page 8-9 for more details about switch instances. To create a private VLAN and add ports to it 1. Create the VLAN. To create a private VLAN, use the command: create vlan=vlan-name vid=2..4094 private 2.
8-26 AlliedWare OS Software Reference Other protocols can be specified by entering their protocol identification numbers. Protocols that the switch routes cannot be VLAN relayed. These include IP, IPX, AppleTalk, STP, and GARP.
Switching 8-27 3. The VLAN relay entity sends the packet to the appropriate destination VLAN. Destination addresses are determined from the switch’s learned address tables. If the destination address cannot be found, the packet is sent to all ports on all VLANs that are part of the VLAN relay entity.
8-28 AlliedWare OS Software Reference VLAN relay debugging can be disabled by using the command: disable vlanrelay debug Debugging is disabled by default. It can be enabled for one specified VLAN relay entity, and can be disabled for all entities or for a specified entity.
Switching 8-29 The default settings for the Ingress Rules are to Admit All Frames, and for Ingress Filtering to be off. This means that if no VLAN configuration has been done, all incoming frames pass to the learning process, regardless of whether not they are VLAN tagged.
8-30 AlliedWare OS Software Reference To display the contents of the forwarding database, use the command: show switch fdb [address=macadd] [discard={source| destination}] [hit={yes|no}] [l3={yes|no}] [port={portlist|all}] [status={static|dynamic}] [vlan={vlan-name|1..
Switching 8-31 Quality of Service The switch hardware has a number of Quality of Service (QoS) egress queues that can be used to give priority to the transmission of some frames over other frames on the basis of their user priority tagging. The user priority field in an incoming frame (with value 0 to 7) determines which of the eight priority levels the frame is allocated.
8-32 AlliedWare OS Software Reference address and VLAN Identifier that match those of a static filter entry, the frame can be either forwarded to the port specified in the static filter entry, or discarded. When a port is part of a trunk group, any static switch filters defined to forward traffic out that port are modified if the port goes link-down. By changing the egress port for the filter to a port within the trunk group which is link-up, the switch ensures that traffic flow is not interrupted.
Switching 8-33 Default behaviour Securing only the VLAN (vlansecure enabled) (vlansecure disabled) port 15 port 16 port 15 vlan2 vlan2 vlan1 vlan1 port 16 swi-filter Configuring vlansecure To turn off the default behaviour, so that the filter prevents access to only the current VLAN when you move the host, use the command: disable switch filter vlansecure To return to the standard filter behaviour, use the command: enable switch filter vlansecure To display which mode the filtering behaviou
8-34 AlliedWare OS Software Reference “Classifier-Based Packet Filters” on page 8-34 and “Layer 3 Based Packet Filters” on page 8-38 for details about using the filter types. Classifiers and hardware packet filters can be configured to provide Access Control List functionality. See the section “Access Control Lists (ACLs)” on page 8-39 for further details. When Internet Group Management Protocol (IGMP) snooping is enabled, it uses a hardware filter, which reduces the number of available filters.
Switching 8-35 • Forward the packet to a specified egress port, for unicast packets • Send the packet to a Class of Service queue • Replace the packet’s 802.1p priority The filter can also perform the following Quality of Service actions: • Replace the packet’s IP TOS value and/or the IP DSCP value. • Direct non-unicast packets that were scheduled to be dropped or sent to the CPU to a specified port. • Forward packets that were marked to be dropped.
8-36 AlliedWare OS Software Reference Configuring Filters How to create classifier-based filters To create a hardware-based packet filter: 1. Create the classifier by using the command: create classifier=1..9999 [classifier-options...] 2. Create the filter by using the command: add switch hwfilter classifier=1..9999 [action={setpriority|sendcos|settos|deny|sendeport| sendmirror|movepriototos|movetostoprio|setipdscp| sendnonunicasttoport|nodrop|forward}[,...]] [newipdscp=0..63] [newtos=0..
Switching 8-37 The switch defaults to port-specific filters first. You can change the filtering mode on the switch by using the command: set switch hwfilter mode={psf|npsf} When to Use Port-Specific Mode Use the port-specific psf mode when you want non port-specific filters to override the port-specific filters for certain circumstances.
8-38 AlliedWare OS Software Reference Layer 3 Based Packet Filters Layer 3 Filter Matches As an alternative to classifier-based filters, Layer 3 filter matches can be configured to determine which fields in each packet are matched, whether ingress or egress ports are to be matched, and the source and destination class of IP masks to apply to the packets. An entry added to a filter specifies the values to be matched for each field and the action to be taken on packets matching the filter entry.
Switching 8-39 To change the parameters for a filter entry, use the set switch l3filter entry command on page 8-102. To delete a Layer 3 filter entry, use the delete switch l3filter entry command on page 8-70. Access Control Lists (ACLs) Classifiers and hardware packet filters can be configured to provide Access Control List functionality. For example, to allow WWW servers in the 192.168.10.0 subnet to be accessed only from the 192.168.20.0 subnet: 1.
8-40 AlliedWare OS Software Reference Triggers The Trigger facility can be used to automatically run specified command scripts when particular triggers are activated. When a trigger is activated by an event, global parameters and parameters specific to the event are passed to the script that runs. For a full description of the Trigger facility, see Chapter 59, Trigger Facility. The switch can generate triggers to activate scripts when a switch port goes up or down.
Switching 8-41 Configuration Examples This section shows the following examples of how to configure Layer 2 switch functions on the switch: ■ One Switch to Extend a Local LAN ■ VLAN with Untagged Ports ■ VLAN with Tagged Ports ■ Meshed Network with VLAN Tagged Ports All examples assume that the switch configuration begins from factory default settings. Note that routing, required for communication between the VLANs, is not shown in these examples.
8-42 AlliedWare OS Software Reference Figure 8-9: VLANs with untagged ports Port 1 Port 2 Port 3 Marketing VLAN Switch Training VLAN Port 14 Port 15 Port 16 411 SWITCH2 Table 8-6 shows the parameters used to configure this example. Since there is only one switch and no loops in this topology, the Spanning Tree Protocol (STP) is not needed. This example assumes that the switch has factory default settings.
Switching 8-43 3. Check the switch. Check that the switch is switching across the ports. Traffic on the switch can be monitored using the command: show switch port=1-3,14-16 counter VLAN with Tagged Ports Figure 8-10 shows a network that must be configured with VLAN tagging, since the VLAN aware server on port 2 on Switch A belongs to both the admin VLAN and the marketing VLAN.
8-44 AlliedWare OS Software Reference Configure Switch A 1. Create VLANs. Create the three VLANs using the following commands on the switch: create vlan=admin vid=2 create vlan=training vid=3 create vlan=marketing vid=4 2. Add ports to VLANs.
Switching 8-45 The other devices shown are VLAN-unaware end stations, connected to untagged ports. Because both uplink ports on all three switches belong to the marketing VLAN, the Spanning Tree Protocol eliminates the loop in this VLAN, and provides redundancy in case links fail. Because the VLAN-aware shared server on Switch B, and the uplink ports belong to all three VLANs, these VLANs must all belong to the same STP.
8-46 AlliedWare OS Software Reference spanning trees to be configured. See Chapter 9, Multiple Spanning Tree Protocol (MSTP).
Switching 8-47 2. Add ports to VLANs. Add the ports to these VLANs on the switch by using the following commands: add vlan=admin port=6,25-26 frame=tagged add vlan=training port=6,25-26 frame=tagged add vlan=training port=7 add vlan=marketing port=6,25-26 frame=tagged Check the VLAN configuration by using the command: show vlan 3. Enable STP. All VLANs belong to the default STP, which must be enabled to eliminate loops in the network. Use the command: enable stp=default Configure Switch C 1.
8-48 activate switch port AlliedWare OS Software Reference Command Reference This section describes the commands available to configure and manage the switching functions on the switch. The shortest valid command is denoted by capital letters in the Syntax section. See “Conventions” on page lxiv of About this Software Reference in the front of this manual for details of the conventions used to describe command syntax. See Appendix A, Messages for a complete list of messages and their meanings.
Switching add lacp port 8-49 add lacp port Syntax ADD LACP POrt=[{port-list|ALL}] [ADMinkey=key] [PRIOrity=priority] [MODe={ACTIve|PASsive}] [PERiodic={FASt|SLOw}] where: Description ■ port-list is a port number, range (specified as n-m), or comma-separated list of port numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered port, including uplink ports.
8-50 add lacp port AlliedWare OS Software Reference The periodic parameter specifies the requested rate that the LACP port receives LACPDU update messages from its partner port. A port in fast mode receives one LACPDU every second; in slow mode, a port receives one every thirty seconds. Examples To add ports 3 and 5 to LACP, use the command: add lacp po=3,5 Related Commands delete lacp port disable lacp enable lacp set lacp port show lacp port Software Version 2.8.
Switching add switch filter 8-51 add switch filter Syntax ADD SWItch FILter ACtion={FORward|DIScard} DESTaddress=macadd PORT=port [ENTry=entry] [LEARn] [VLAN={vlan-name|1..4094}] where: Description ■ entry is a filter entry number, from 0 to n+1 where n is the highest filter entry currently defined in the permanent forwarding database. The permanent forwarding database has a maximum of 320 entries, ranging from 0 to 319. Each port has its own permanent forwarding database.
8-52 add switch filter AlliedWare OS Software Reference The vlan parameter specifies the VLAN Identifier to which the filter entry is associated. The vlan parameter is required when the port parameter specifies tagged ports. When the port parameter specifies untagged ports, the vlan parameter is not required, and defaults to the VLAN Identifier of the VLAN for which the ports are untagged. Therefore, when the vlan parameter is not specified, the ports are treated as untagged ports.
Switching add switch hwfilter classifier 8-53 add switch hwfilter classifier Syntax ADD SWItch HWFilter CLASSifier=classifier-list [ACtion={SETPRIORITY|SENDCOS|SETTOS|DENY|SENDEPORT| SENDMIRROR|MOVEPRIOTOTOS|MOVETOSTOPRIO|SETIPDSCP| SENDNONUNICASTTOPORT|NODROP|FORWARD}[,...]] [NEWIPDscp=0..63] [NEWTos=0..7] [NOMATCHAction={SETPRIORITY|SENDCOS|SETTOS|DENY| SENDEPORT|SENDMIRROR|MOVEPRIOTOTOS|MOVETOSTOPRIO| SETIPDSCP|SENDNONUNICASTTOPORT|FORWARD}[,...]] [NOMATCHDscp=0..
8-54 add switch hwfilter classifier AlliedWare OS Software Reference The newtos parameter specifies the new type of service value, assigning a new value to the TOS precedence field in the IP Header. When this parameter is used, only when the action parameter is set to settos.
Switching add switch l3filter entry 8-55 add switch l3filter entry Syntax ADD SWItch L3Filter=filter-id ENTry [ACTION={DENY|FORWARD| SENDCOS|SENDEPORT|SENDMIRROR|SETPRIORITY|SETTOS| MOVEPRIOTOTOS|MOVETOSTOPRIO|NODROP| SENDNONUNICASTTOPORT|SETIPDSCP}[,...]] [DIPaddress=ipadd] [EPORT=port-number] [IPDSCP=0..63] [IPOrt=port-number] [NEWIPDSCP=0..63] [NEWTOS=0..7] [PORT=port-number] [PRIORITY=0..
8-56 add switch l3filter entry AlliedWare OS Software Reference port is set to the value of the port parameter. If sendnonunicasttoport is specified, matching frames that are broadcast or DLF, multicast, marked for dropping or to be sent to the CPU are sent to the egress port specified by the port parameter. If setipdscp is specified and the frame is an IPv4 frame, the Diffserv Codepoint field in the frame is set to the value specified by the newipdscp parameter.
Switching add switch l3filter entry 8-57 The tcpfin parameter specifies the FIN flag in the TCP header to match, if the protocol is TCP. This parameter is required if tcpfin is specified in the ADD or set switch l3filter match parameter, otherwise it is invalid. The tcpsport parameter specifies the source TCP port to match, if the protocol is TCP. The tcpsyn parameter specifies the SYN flag in the TCP header to match, if the protocol is TCP.
8-58 add switch l3filter match AlliedWare OS Software Reference add switch l3filter match Syntax ADD SWItch L3Filter MAtch={DIPaddr|IPDScp|PROTocol| SIPaddr|TCPAck|TCPFin|TCPDport|TCPSport|TCPSYn|TOS|TTL| TYPE|UDPDport|UDPSport|NONE}[,...] [DClass={A|B|C|Host| 1..32}] [EMPort={YES|NO|ON|OFf|True|False}] [IMPort={YES|NO|ON|OFf|True|False}] [NOMATCHAction={SETPRIORITY|SENDCOS|SETTOS|DENY| SENDEPORT|SENDMIRROR|MOVEPRIOTOTOS|MOVETOSTOPRIO| SETIPDSCP|SENDNONUNICASTTOPORT|FORWARD}[,...]] [NOMATCHDscp=1..
Switching add switch l3filter match 8-59 specified by the iport parameter in the add or set switch l3filter entry command. The default is false, meaning the filter is applied to all ingress ports. The nomatchaction parameter specifies a comma-separated list of actions to take when a frame matches both the iport and eport values (if they are specified in the match) on an associated entry but there is no match for the frame contents. If setpriority is specified, the packet’s 802.
8-60 add switch trunk Example AlliedWare OS Software Reference To add a filter to block Telnet sessions, use the commands: add swi l3f ma=tcpdport,prot add swi l3f=1 ent ac=deny prot=tcp tcpd=23 Related Commands add switch l3filter entry delete switch l3filter set switch l3filter match show switch l3filter add switch trunk Syntax ADD SWItch TRunk=trunk POrt=port-list where: Description ■ trunk is a character string 1 to 15 characters long.
Switching add vlan bridge 8-61 add vlan bridge Syntax ADD VLAN={vlan-name|1..4094} BRIDge where vlan-name is a unique name for the VLAN 1 to 32 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. The vlan-name cannot be a number or all. Description Examples This command enables bridging between switch ports that are members of the specified VLAN, and a single virtual port configured on the bridge.
8-62 add vlan port AlliedWare OS Software Reference add vlan port Syntax ADD VLAN={vlan-name|1..4094} POrt={port-list|ALL} [FRAme={TAGged|UNTAGged}] For private VLANs: ADD VLAN={vlan-name|1..4094} POrt={port-list|ALL} [FRAme={TAGged|UNTAGged}] [UPLINk] [GROUP] where: Description ■ vlan-name is a unique name from 1 to 32 characters. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. The vlan-name cannot be a number or all.
Switching add vlan port 8-63 tag. The port is then called an untagged port for this VLAN. A port can be untagged for one and only one of the VLANs to which it belongs, or for none of the VLANs to which it belongs. A port can have the frame parameter set to tagged for zero or more VLANs to which it belongs. It is not possible to add an untagged port to a VLAN when the port is already present in another portbased VLAN, except the default VLAN.
8-64 add vlanrelay AlliedWare OS Software Reference add vlanrelay Syntax ADD VLANRelay=name [PROTocol=protocoltype] [VLAN={vlan-name|1..4094}] where: Description ■ name is a unique name for the VLAN relay entity 1 to 32 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. ■ protocoltype is either a valid protocol number in hexadecimal notation, or a recognised protocol name.
Switching create switch trunk 8-65 create switch trunk Syntax CREate SWItch TRunk=trunk [POrt=port-list] [SELect={MACSrc|MACDest|MACBoth|IPSrc|IPDest|IPBoth}] [SPeed={10M|100M|1000M}] where: Description ■ trunk is a character string 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. ■ port-list is a port number, range (specified as n-m), or comma-separated list of numbers and/or ranges.
8-66 create vlan AlliedWare OS Software Reference create vlan Syntax CREate VLAN=vlan-name VID=2..4094 [PROtected] CREate VLAN=vlan-name VID=2..4094 [PRIvate] where vlan-name is a unique name from 1 to 32 characters. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. The vlan-name cannot be a number or all. Description This command creates a VLAN with a unique name and VLAN identifier (VID), and assigns it to the default STP. You can have a maximum of 254 VLANs.
Switching create vlanrelay 8-67 To create a protected VLAN named protvlan with a VLAN Identifier of 3, use the command: cre vlan=protvlan vid=3 pro Related Commands add vlan port destroy vlan show vlan create vlanrelay Syntax CREate VLANRelay=name where name is a unique name for the VLAN relay entity 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen.
8-68 delete lacp port AlliedWare OS Software Reference delete lacp port Syntax DELete LACP POrt={port-list} where port-list is a port number, range (specified as n-m), or comma-separated list of port numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered switch port, including uplink ports. Description This command removes ports from LACP’s control and LACP frames are no longer transmitted across the link.
Switching delete switch hwfilter classifier 8-69 delete switch filter Syntax DELete SWItch FILter POrt=port ENTry=entry-list where: Description Example ■ port is the number of one of the switch ports or an uplink port. ■ entry-list is an entry number, range (specified as n-m), or comma-separated list of numbers and/or ranges. Entry numbers start at 0 and end at m, where m is the highest filter entry currently defined in the permanent forwarding database.
8-70 delete switch l3filter AlliedWare OS Software Reference delete switch l3filter Syntax DELete SWItch L3Filter=filter-id where filter-id is a decimal number in the range 1 to the number of filters defined Description Example This command deletes the specified filter match criteria. A filter match criteria cannot be deleted if it contains a filter entry. Delete the filter entries and then delete the filter.
Switching delete vlan bridge 8-71 delete switch trunk Syntax DELete SWItch TRunk=trunk POrt={port-list|ALL} where: Description ■ trunk is a character string 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. ■ port-list is a port number, range (specified as n-m), or comma-separated list of numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered switch Ethernet port, including uplink ports.
8-72 delete vlan port AlliedWare OS Software Reference delete vlan port Syntax DELete VLAN={vlan-name|1..4094} POrt={port-list|ALL} where: Description ■ vlan-name is a unique name from 1 to 32 characters. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. The vlan-name cannot be a number or all. ■ port-list is a port number, range (specified as n-m), or comma-separated list of numbers and/or ranges.
Switching delete vlanrelay Example 8-73 To delete port 3 from the marketing VLAN, use the command: del vlan=marketing po=3 Related Commands add vlan port show vlan delete vlanrelay Syntax DELete VLANRelay=name [PROTocol=protocoltype] [VLAN={vlan-name|1..4094}] where: Description ■ name is a unique name for the VLAN relay entity 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen.
8-74 destroy switch trunk AlliedWare OS Software Reference destroy switch trunk Syntax DESTroy SWItch TRunk=trunk where trunk is a character string 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. Description This command destroys a trunk group on the switch. The trunk group must be empty—it must not contain any ports. The trunk parameter specifies the name of the trunk group. The name is not case sensitive.
Switching disable lacp 8-75 destroy vlanrelay Syntax DESTroy VLANRelay=name where name is a unique name for the VLAN relay entity 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. Description This command destroys a VLAN relay entity. Packet relaying as configured in this VLAN relay entity immediately stops. The vlanrelay parameter specifies the unique identifier for the VLAN relay entity.
8-76 disable lacp debug AlliedWare OS Software Reference disable lacp debug Syntax Description DISable LACP DEBug={MSG|PACKet|STATe|TRAce|DEV|PERSistent| ALL} This command disables the LACP debugging process, which is disabled by default. The msg option displays the decoded form of incoming and outgoing LACP packets. The packet option displays incoming and outgoing LACP packets in hex. The state option displays internal state machine changes. The trace option displays the function call tree.
Switching disable switch debug 8-77 disable switch debug Syntax DISable SWItch DEBug={ARL|CMIC|DMA|QOS|S5600|PHY|ALL} Description This command disables the specified switch debug mode or all switch debugging. The debug parameter specifies the switch debug mode to be disabled (Table 8-9). Table 8-9: Switch debugging options Example Debug Options Description ARL Operations related to the forwarding database.
8-78 disable switch filter vlansecure AlliedWare OS Software Reference disable switch filter vlansecure Syntax Description DISable SWItch FILter VLANSecure This command modifies Layer 2 switch filtering by disabling vlansecure mode. The vlansecure mode is enabled by default. When vlansecure mode is disabled and a filter exists for a given host and port, moving the host to a different port in the same VLAN only stops the host from accessing that VLAN, not other VLANs.
Switching disable switch learning 8-79 disable switch l3filter Syntax Description DISable SWItch L3Filter This command disables hardware-based Layer 3 packet filtering. Hardware filtering is automatically disabled when the last filter match is removed; however, this command may be used to manually disable filtering. Some other modules and processes (such as IGMP snooping) require filtering to be enabled at all times.
8-80 disable switch mirror AlliedWare OS Software Reference disable switch mirror Syntax Description Example DISable SWItch MIRRor This command disables traffic mirroring on the switch. Mirrored traffic is stopped from being sent on the switch’s mirror port. The mirror port and mirror settings for the sources of mirror traffic remain configured. The default state of switch mirroring is disabled.
Switching disable vlan debug 8-81 longer asserts the jamming signal. You can only specify jamming when port=all. The pause flow control is enabled by default. The link parameter specifies whether switch ports are enabled or disabled at the hardware level. This parameter is valid for ports on the base switch— uplink module ports can only be disabled at the software level. If disable is specified, this is the equivalent of disconnecting the cable.
8-82 disable vlanrelay AlliedWare OS Software Reference disable vlanrelay Syntax DISable VLANRelay=name where name is a unique name for the VLAN relay entity 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. Description Example This command disables packet relaying by the VLAN relay entity. The entity must exist and must be currently enabled. VLAN relay entities are enabled by default upon creation.
Switching enable lacp debug 8-83 enable lacp Syntax Description Related Commands ENAble LACP This command enables LACP on the switch. A notification message and a log message file are generated when this command is executed. LACP is disabled by default. disable lacp show lacp enable lacp debug Syntax ENAble LACP DEBug={MSG|PACKet|STAte|TRAce|DEV|PERsistent| ALL}} Description This command enables the LACP debugging facility, which is disabled by default.
8-84 enable switch ageingtimer AlliedWare OS Software Reference enable switch ageingtimer Syntax Description ENAble SWItch AGEingtimer This command enables the ageing timer to age out dynamically learned entries in the forwarding database. The default setting for the ageing timer is enabled. If the ageing timer ages out all dynamically learned filter entries, and switch learning is disabled, only statically entered MAC source addresses are used to decide which packets to forward or discard.
Switching enable switch bist 8-85 enable switch bist Syntax ENAble SWItch BIST=bist ENAble SWItch BIST=bist INSTance=instance where: Description ■ bist is a single integer number. ■ instance is 0 or 1 and specifies a switch instance on 48 port switches. This command runs a set of built-in self tests on the external packet buffer memory and internal memories of a switch chip (or instance). The instance parameter must be specified only for switches with 48 ports. For example output, see Figure 8-12.
8-86 enable switch debug AlliedWare OS Software Reference enable switch debug Syntax Description ENAble SWItch DEBug={ARL|CMIC|DMA|QOS|S5600|PHY|ALL} [OUTput=CONsole] [TIMEOut={1..4000000000|NONE}] This command enables the specified switch debug mode or all switch debugging. Be aware that enabling debug may flood the receiving Telnet session or asynchronous port with raw data. The debug parameter specifies the switch debug mode to be enabled (Table 8-9 on page 8-77).
Switching enable switch hwfilter 8-87 enable switch filter vlansecure Syntax Description ENAble SWItch FILter VLANSecure This command returns Layer 2 switch filtering to its default behaviour by enabling vlansecure mode. The vlansecure mode is enabled by default. When vlansecure mode is enabled and a filter exists for a given host and port, moving the host to a different port blocks the host completely.
8-88 enable switch l3filter AlliedWare OS Software Reference enable switch l3filter Syntax Description ENAble SWItch L3Filter This command enables hardware-based Layer 3 packet filtering. Hardware filtering is automatically enabled when the first filter match is added. However this command may be used to re-enable filtering if it has been temporarily disabled by the disable switch l3filter command, or to enable the filtering mechanism prior to the addition of the first filter match.
Switching enable switch port 8-89 enable switch port Syntax ENAble SWItch POrt={port-list|ALL} [FLOw={JAMming|PAUse}] [,...] where port-list is a port number, range (specified as n-m), or comma-separated list of numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered switch Ethernet port, including uplink ports. Description This command enables a port or group of ports on the switch, or enables the flow control mechanism.
8-90 enable vlan debug AlliedWare OS Software Reference enable vlan debug Syntax ENAble VLAN={vlan-name|1..4094|ALL} DEBug={PKT|ALL} [OUTput=CONsole] [TIMEOut={1..4000000000|NONE}] where vlan-name is a unique name from 1 to 32 characters. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. The vlan-name cannot be a number or all. Description This command enables debugging options for the specified VLAN or all VLANs.
Switching enable vlanrelay 8-91 enable vlanrelay Syntax ENAble VLANRelay=name where name is a unique name for the VLAN relay entity 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. Description Example This command enables the relaying of packets by the VLAN relay entity. The relay entity must already exist and must be currently disabled. VLAN relay entities are enabled by default upon creation.
8-92 enable vlanrelay debug AlliedWare OS Software Reference enable vlanrelay debug Syntax ENAble VLANRelay=name DEBug where name is a unique name for the VLAN relay entity 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. Description This command enables the output of debugging information about packets relayed by the VLAN relay entity. The relay entity must already exist, and VLAN relay debugging must be currently disabled.
Switching reset switch 8-93 reset lacp port counter Syntax RESET LACP POrt[={port-list|ALL}] COUnter where port-list is a port number, range (specified as n-m), or comma-separated list of port numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered Ethernet switch port, including uplink ports. Description This command resets all LACP counters for the specified switch ports. The port parameter specifies the ports.
8-94 reset switch port AlliedWare OS Software Reference reset switch port Syntax RESET SWItch POrt={port-list|ALL} [COUNTER] where port-list is a port number, range (specified as n-m), or comma-separated list of numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered Ethernet switch port, including uplink ports. Description This command resets a port or group of ports on the switch.
Switching set lacp port 8-95 set lacp port Syntax SET LACP POrt=[{port-list|ALL}] [ADMinkey=key-number] [PRIOrity=priority] [MODe={ACTIve|PASsive}] [PERiodic={FASt|SLOw}] where: Description ■ port-list is a port number, range (specified as n-m), or comma-separated list of port numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered Ethernet switch port, including uplink ports.
8-96 set lacp priority AlliedWare OS Software Reference set lacp priority Syntax SET LACP PRIOrity=priority where priority is an integer from 0 to 65535 Description This command modifies the relative priority of LACP enabled partners. The priority parameter specifies a numeric value that is used as part of the system priority calculation.
Switching set switch hwfilter classifier 8-97 set switch hwfilter classifier Syntax SET SWItch HWFilter CLASSifier=1.9999 [ACtion={SETPRIORITY|SENDCOS|SETTOS|DENY|SENDEPORT| SENDMIRROR|MOVEPRIOTOTOS|MOVETOSTOPRIO|SETIPDSCP| SENDNONUNICASTTOPORT|NODROP|FORWARD}[,...]] [NEWIPDscp=0..63] [NEWTos=0..7] [NOMATCHAction={SETPRIORITY|SENDCOS|SETTOS|DENY| SENDEPORT|SENDMIRROR|MOVEPRIOTOTOS|MOVETOSTOPRIO| SETIPDSCP|SENDNONUNICASTTOPORT|FORWARD}[,...
8-98 set switch hwfilter classifier AlliedWare OS Software Reference The newipdscp parameter indicates the value to set in an IPv4 packet Diffserv CodePoint field when the action parameter is set to setipdscp. The range of values for this parameter is from 0 to 63. The newtos parameter specifies the new type of service value, assigning a new value to the TOS precedence field in the IP Header. This parameter is used only when the action parameter is set to settos.
Switching set switch hwfilter classifier 8-99 To set the transmit priority on all packets matching Classifier 100 to 3, and set the transmit priority on packets that partially match this classifier to 0, use the command: set swi hwf class=100 ac=sendcos nomatcha=sendcos prio=3 nomatchpr=0 Related Commands Software Version 2.8.
8-100 set switch hwfilter mode AlliedWare OS Software Reference set switch hwfilter mode Syntax Description SET SWItch HWFilter MODe={PSF|NPSF} This command changes the switch’s classifier-based packet filter mode, and is only valid for models with 48 ports (two switch instances). Use this command to ensure that packets are filtered as expected on 48-port switches. You can change the hardware filter mode after filters have been entered.
Switching set switch l3ageingtimer 8-101 set switch l3ageingtimer Syntax Description SET SWItch L3Ageingtimer=[30..43200] This command sets the threshold value of the ageing timer for dynamic entries in the Layer 3 forwarding database. After a cycle of this timer, entries not used during the cycle remain in the table but their hit bits are reset to zero. After the next cycle, entries with hit bit still set to zero are deleted.
8-102 set switch l3filter entry AlliedWare OS Software Reference set switch l3filter entry Syntax SET SWItch L3Filter=filter-id ENTry=entry-id [ACtion={SETPRIORITY|SENDCOS|SETTOS|DENY|SENDEPORT| SENDMIRROR|MOVEPRIOTOTOS|MOVETOSTOPRIO|SETIPDSCP| SENDNONUNICASTTOPORT|FORWARD}[,...]] [DIPaddr=ipadd] [EPOrt=port-number] [IPOrt=port-number] [NEWIPDscp=0..63] [NEWTos=0..7] [POrt=port-number] [PRIOrity=0..
Switching set switch l3filter entry 8-103 port is set to the value of the port parameter. If sendnonunicasttoport is specified, matching frames that are broadcast or DLF, multicast, marked for dropping or to be sent to the CPU are sent to the egress port specified by the port parameter. If setipdscp is specified and the frame is an IPv4 frame, the Diffserv Codepoint field in the frame is set to the value specified by the newipdscp parameter.
8-104 set switch l3filter entry AlliedWare OS Software Reference The tos parameter specifies the type of service to match. The ttl parameter specifies the Time to Live to match. The type parameter specifies a protocol-type number to match. The number is entered in hexadecimal, e.g. 0800 for an Ethernet type II IP packet. This parameter may not be used with any other packet field matching criteria, nor may it be used with the settos action.
Switching set switch l3filter match 8-105 set switch l3filter match Syntax SET SWItch L3Filter=filter-id MAtch={DIPaddr|IPDscp| PROTocol|SIPaddr|TCPAck|TCPFin|TCPDport|TCPSport| TCPSYn|TOS|TTL|TYPE|UDPDport|UDPSport|NONE}[,...] [DClass={A|B|C|Host|1..32}] [EMPort={Yes|No|ON|OFF| True|False}] [IMPort={Yes|No|ON|OFF|True|False}] [NOMATCHAction={SETPRIORITY|SENDCOS|SETTOS|DENY| SENDEPORT|SENDMIRROR|MOVEPRIOTOTOS|MOVETOSTOPRIO| SETIPDSCP|SENDNONUNICASTTOPORT|FORWARD}[,...]] [NOMATCHDscp=0..
8-106 set switch l3filter match AlliedWare OS Software Reference frame contents. If setpriority is specified, the packet’s 802.1p priority is set to the value specified by the priority parameter. If sendcos is specified, the packet is sent to the priority queue specified by the priority parameter. If settos is specified, the packet’s TOS (Type of Service) field is set to the value specified by the newtos parameter. If deny is specified, the packet is discarded.
Switching set switch mirror 8-107 set switch mirror Syntax SET SWItch MIRRor={NONE|port} where port is a single switch port number. Port numbers start at 1 and end at m, where m is the highest numbered Ethernet switch port. Description This command sets the mirror port for the switch, and removes it from the default VLAN. If another port was previously set as the mirror port, this command returns it to the default VLAN as an untagged port. The mirror port is the one where mirrored traffic is sent.
8-108 set switch port AlliedWare OS Software Reference set switch port Syntax SET SWItch POrt={port-list|ALL} [ACCeptable={ALL|VLAN}] [BCLimit={NONE|limit}] [DESCription=[description]] [DLFLimit={NONE|limit}] [EGResslimit={NONE|DEFault|0| 1000..127000|8..1016}] [IGMPACtion={DENY|REPlace}] [IGMPFIlter={NONE|filter-id}] [IGMPMAxgroup={NONE| 1..65535}] [INFILTering={OFF|ON}] [INGresslimit={NONE| DEFAULT|0|64..127000|8..1016}] [LEARn={NONE|0|1..
Switching set switch port 8-109 The bclimit parameter specifies a limit on the rate of reception of broadcast packets for the port(s). The value of this parameter represents a per second rate of packet reception above which packets are discarded for broadcast packets. If the value none or 0 is specified, then packet rate limiting for broadcast packets is turned off. If another value is specified, the reception of broadcast packets is limited to this number.
8-110 set switch port AlliedWare OS Software Reference then additional membership entries will replace existing membership entries. The default is deny. The igmpfilter parameter specifies the number of an IGMP filter to apply to the port. An IGMP filter controls the multicast groups that the port can be a member of by filtering IGMP Membership Reports from hosts attached to the port. If you specify a filter number, an IGMP filter with the specified number must already exist.
Switching set switch port 8-111 Learned addresses on locked ports can be saved as part of the switch configuration and become part of the configuration after a power cycle by using the create config command on page 5-22 of Chapter 5, Managing Configuration Files and Software Versions. If the configuration is not saved when there is a locked list for a port, the learning process begins again after the router is restarted.
8-112 set switch port AlliedWare OS Software Reference removed from the trunk group, the previously configured speed and duplex mode are restored. The default is autonegotiate, except for 100Mbps fibre ports whose default is 100Mfull. The following table describes switch port speeds.
Switching set switch qos 8-113 set switch qos Syntax SET SWItch QOS=P0,P1,P2,P3,P4,P5,P6,P7 where P0-P7 are each numbers from 0-n where n+1 is the number of Quality of Service egress queues supported Description This command maps user priority levels to Quality of Service egress queues.
8-114 set switch qos Example AlliedWare OS Software Reference This example sets the mapping shown in the following table. Priority level Queue 0 0 1 0 2 0 3 1 4 1 5 2 6 2 7 3 To set the above mapping, use the command: set swi qos=0,0,0,1,1,2,2,3 Related Commands show switch qos Software Version 2.8.
Switching set switch trunk 8-115 set switch trunk Syntax SET SWItch TRunk=trunk [SELect={MACSrc|MACDest|MACBoth| IPSrc|IPDest|IPBoth}] [SPeed={10M|100M|1000M}] where trunk is a character string 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. Description This command sets parameters for the specified trunk group on the switch. The trunk parameter specifies the name of the trunk group. The name is not case sensitive.
8-116 set vlan port AlliedWare OS Software Reference set vlan port Syntax SET VLAN={vlan-name|1..4094} POrt={port-list|ALL} FRAme={UNTAGged|TAGged} where: Description ■ vlan-name is a unique name from 1 to 32 characters. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. The vlan-name cannot be a number or all. ■ port-list is a port number, range (specified as n-m), or comma-separated list of numbers and/or ranges.
Switching show lacp 8-117 show lacp Syntax Description SHow LACP This command displays the state of LACP on the switch (Figure 8-13, Table 8-11). Figure 8-13: Example output from the show lacp command LACP Information -----------------------------------------------------------Status .......................... Enabled Actor System Priority ........... 80-00 Actor System .................... 00-3e-0a-12-00-01 LACP Ports ...................... 1-3,5,7,9-12 Active ........................ 1-3,5 Passive ....
8-118 show lacp port AlliedWare OS Software Reference show lacp port Syntax SHow LACP POrt[={port-list|ALL}] where port-list is a port number, range (specified as n-m), or comma-separated list of port numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered Ethernet switch port, including uplink ports. Description This command displays LACP information about a specific switch port or all of them (Figure 8-14, Table 8-12).
Switching show lacp port 8-119 Table 8-12: Parameters in output of the show lacp port command (cont.) Examples Parameter Meaning Synchronised If yes, the port is considered to be in a synchronised state—the port has been correctly associated with an aggregator. Collecting Whether this port has been enabled to receive packets. Distributing Whether this port has been enabled to transmit packets. Defaulted Whether this system is using defaults for the partner information.
8-120 show lacp port counter AlliedWare OS Software Reference show lacp port counter Syntax SHow LACP POrt[={port-list|ALL}] COUnter where port-list is a port number, range (specified as n-m), or comma-separated list of port numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered Ethernet switch port, including uplink ports. Description This command displays LACP counters for the specified switch ports, or all switch ports (Figure 8-15, Table 8-13).
Switching show lacp trunk 8-121 show lacp trunk Syntax Description SHow LACP TRunk This command displays the currently dynamically configured trunks for the LACP module (Figure 8-16). Figure 8-16: Example output from the show lacp trunk command LACP Dynamic Trunk Group Information ---------------------------------------------------------------------------------Trunk group name .......... lacp53: Speed ................... 100 Mbps Ports in Trunk ..........
8-122 show switch AlliedWare OS Software Reference show switch Syntax Description SHow SWItch This command displays configuration information for the switch functions (Figure 8-17, Table 8-14). Figure 8-17: Example output from the show switch command Switch Configuration ----------------------------------------------------------Switch Address ............. 00-00-cd-04-e0-75 Learning ................... ON Ageing Timer ............... ON Number of Fixed Ports ...... 24 Number of Uplink Ports .....
Switching show switch 8-123 Table 8-14: Parameters in output of the show switch command (cont.) Example Parameter Meaning L3 Ageingtime Length in seconds after which a dynamic entry is removed from the Layer 3 forwarding database. Uptime Time in hours:minutes:seconds since the switch was last powered up, rebooted, or restarted. This is the same value as the MIB object sysUpTime. STP Forwarding Whether STP forwarding is enabled.
8-124 show switch counter AlliedWare OS Software Reference show switch counter Syntax Description SHow SWItch COUnter This command displays information about the forwarding counters associated with the switch (Figure 8-18, Table 8-15). To display reception and transmission packet counters for the switch, see the show switch port counter command.
Switching show switch counter 8-125 Table 8-15: Parameters in output of the show switch counter command (cont.) Parameters Meaning Discards The number of packets waiting for transmission that were discarded when the DMA process was reset due to an error. Aborts The number of times transmission of a packet was aborted due to it taking an excessive length of time for the transmission to complete, perhaps due to a port being in a blocked state or due to a busy PCI bus.
8-126 show switch debug AlliedWare OS Software Reference show switch debug Syntax Description SHow SWItch DEBug This command displays debugging information for the switch (Figure 8-19, Table 8-16).
Switching show switch fdb 8-127 show switch fdb Syntax SHow SWItch FDB[={SW|HW}] [Address=macadd] [DIScard={SOurce|DEStination}] [HIT={Yes|No}] [L3={Yes| No}] [POrt={port-list|ALL}] [STAtus={STAtic|DYnamic}] [VLAN={vlan-name|1..4094}] where: Description ■ macadd is an Ethernet six-octet MAC address, expressed as six pairs of hexadecimal digits delimited by hyphens. ■ port-list is a port number, range (specified as n-m), or comma-separated list of numbers and/or ranges.
8-128 show switch fdb AlliedWare OS Software Reference Figure 8-20: Example output from the show switch fdb command Switch Forwarding Database (software) --------------------------------------------------------------------------VLAN MAC Address Port Status Discard L3 Hit QOS QSD --------------------------------------------------------------------------1 00-00-cd-00-45-c7 CPU static y y 0:0 dest 42 00-00-c0-1d-2c-f8 1 dynamic n y 0:0 dest 42 00-00-c0-71-e0-e4 1 dynamic n y 0:0 dest 42 00-00-cd-00-a4-d6 1
Switching show switch filter 8-129 show switch filter Syntax SHow SWItch FILter [POrt={port-list|ALL}] [ACtion={FORward|DIScard}] [DESTaddress=macadd] [ENTry=entry-list] [VLAN={vlan-name|1..4094}] where: Description ■ port-list is a port number, range (specified as n-m), or comma-separated list of numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered Ethernet switch port, including uplink ports.
8-130 show switch filter AlliedWare OS Software Reference Table 8-18: Parameters in output of the show switch filter command Examples Parameter Meaning VlanSecure Whether vlansecure mode is enabled. For more information, see “Securing a Single VLAN through Switch Filters” on page 8-32. Entry Number identifying the filter entry. Destination Address Destination MAC address for the entry. VLAN VLAN name and identifier for the entry.
Switching show switch hwfilter 8-131 show switch hwfilter Syntax Description SHow SWItch HWFilter [CLASSifier=classifier-list] This command displays hardware-based filtering entries created when using the add switch hwfilter classifier command (Figure 8-22, Figure 8-23, Table 8-19 on page 8-131). If classifier is not specified, the command displays a summary of all currently-defined filters. If classifier is specified, the command displays the details of filters that use the specified classifier.
8-132 show switch hwfilter AlliedWare OS Software Reference Table 8-19: Parameters in output of the show switch hwfilter classifier command Example Parameter Meaning Mode Whether the switch expects hardware filters to be ordered with port-specific filters first (“PSF”), or non port-specific filters first (“NPSF”). This only displays for models with 48 ports (two switch instances). Filter Filter number. Classifier Number of the classifier this filter entry is based on.
Switching show switch l3filter 8-133 show switch l3filter Syntax SHow SWItch L3Filter[=filter-id [ENTry=entry-id]] where: Description ■ filter-id is a decimal number in the range 1 to the number of filters defined. ■ entry-id is a decimal number in the range 1 to the number of entries defined. This command displays hardware-based Layer 3 filtering match criteria and their filter entries (Figure 8-24, Table 8-20). Figure 8-24: Example output from the show switch l3filter command Filter ...........
8-134 show switch l3filter AlliedWare OS Software Reference Table 8-20: Parameters in output of the show switch l3filter command (cont.) Example Parameter Meaning No Match Action Action to take when a packet matches the specified ingress/ egress ports for this entry; one or more of “sp” (SETPRIORITY), “sc” (FORWARD or SENDCOS), “st” (SETTOS), “dn” (DENY), “se” (SENDEPORT), “sm” (SENDMIRROR), “mpt” (MOVEPRIOTOTOS), “mtp” (MOVETOSTOPRIO), “sds” (SETIPDSCP), “sn” (SENDNONUNICASTTOPORT). Ent.
Switching show switch port 8-135 show switch port Syntax SHow SWItch POrt[={port-list|All}] where port-list is a port number, range (specified as n-m), or comma-separated list of numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered Ethernet switch port, including uplink ports. Description This command displays general information about the specified switch ports or all switch ports (Figure 8-25, Table 8-21).
8-136 show switch port AlliedWare OS Software Reference Table 8-21: Parameters in output of the show switch port command (cont.) Parameter Meaning Uptime Hours:minutes:seconds of the elapsed time since the port was last reset or initialised. Port Media Type MAC entity type as defined in the MIB object ifType. Configured speed/duplex Port speed and duplex mode configured for this port.
Switching show switch port 8-137 Table 8-21: Parameters in output of the show switch port command (cont.) Example Parameter Meaning Mirroring The traffic mirroring mode for traffic transmitted and received by this port; one of “None”, “Rx” (for traffic received by this port), “Tx” (for traffic sent on this port), or “Both”. If mirroring is enabled, the port where mirrored frames are sent, or “no Mirror Port set” if a mirror port has not been set, is also displayed.
8-138 show switch port counter AlliedWare OS Software Reference show switch port counter Syntax SHow SWItch POrt[={port-list|All}] COUnter where port-list is a port number, range (specified as n-m), or comma-separated list of numbers and/or ranges. Port numbers start at 1 and end at m, where m is the highest numbered Ethernet switch port, including uplink ports.
Switching show switch port counter Figure 8-26: Example output from the show switch port counter command Port 1.
8-140 show switch port counter AlliedWare OS Software Reference Table 8-22: Parameters in output from show switch port counter command Parameter Description Ethernet MAC counters Combined receive/transmit packets by size (octets) counters Number of packets in each size range received and transmitted. 64 Number of 64 octet packets received and transmitted. 65 - 127 Number of 65 - 127 octet packets received and transmitted. 128 - 255 Number of 128 - 255 octet packets received and transmitted.
Switching show switch port counter 8-141 Table 8-22: Parameters in output from show switch port counter command (cont.) Parameter Description PauseMACCtlFrms Number of valid PAUSE MAC Control frames. OversizePkts Number of oversize packets. Fragments Number of fragments. Jabbers Number of jabber frames. PauseCtrlFrms Number of Pause control frames. FrameWDeferrdTx Number of frames deferred once before successful transmission. FrmWExcesDefer Number of frame aborted after too many deferrals.
8-142 show switch port intrusion AlliedWare OS Software Reference Table 8-22: Parameters in output from show switch port counter command (cont.) Example Parameter Description Transmit Drops Number of IP multicasting packets dropped by this port on egress.
Switching show switch qos 8-143 show switch qos Syntax Description SHow SWItch QOS This command displays the current mapping of user priority level to QOS egress queue for the switch (Figure 8-28, Table 8-23). Packets that originate on the switch or are routed by the switch’s software have been assigned a Quality of Service priority of 7. To ensure that these packets are transmitted promptly, you should not assign priority 7 to a low-numbered egress queue.
8-144 show switch trunk AlliedWare OS Software Reference show switch trunk Syntax SHow SWItch TRunk[=trunk] where trunk is a character string 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. Description This command displays information about the specified trunk group, or all trunk groups on the switch (Figure 8-29, Table 8-24). The trunk parameter specifies the name of the trunk group. The name is not case sensitive.
Switching show vlan 8-145 show vlan Syntax SHow VLAN[={vlan-name|1..4094|ALL}] where vlan-name is a unique name from 1 to 32 characters. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. The vlan-name cannot be a number or all. Description This command displays information about the specified VLAN. If no VLAN or all is specified, then all VLANs are displayed (Figure 8-30, Table 8-25 on page 8-146).
8-146 show vlan AlliedWare OS Software Reference Table 8-25: Parameters in output of the show vlan command Parameter Meaning Name Name of the VLAN. Identifier Numerical VLAN identifier of the VLAN. Status Status of the VLAN, either dynamic or static. Protected Whether the VLAN is a protected VLAN. Private Whether the VLAN is a private VLAN. A private VLAN contains ports or groups of ports that are isolated from the other ports in the VLAN.
Switching show vlan debug 8-147 show vlan debug Syntax Description SHow VLAN DEBug This command displays debug information for all VLANs (Figure 8-31, Table 8-26).
8-148 show vlanrelay AlliedWare OS Software Reference show vlanrelay Syntax SHow VLANRelay[=name] where name is a unique name for the VLAN relay entity 1 to 15 characters long. Valid characters are uppercase and lowercase letters, digits, the underscore, and hyphen. Description This command displays information about one or all of the currentlyconfigured VLAN relay entities (Figure 8-32, Table 8-27). The vlanrelay parameter specifies the name of the VLAN relay entity for which to show information.
Switching show vlanrelay Example To show the configuration and counters for the VLAN relay entity SNARelay, use the command: sh vlanr=snarelay Related Commands Software Version 2.8.
