Management Software ® AT-S39 ◆ Command Line User’s Guide AT-8012M, AT-8016F/xx (SC or MT), AT-8024, AT-8024GB, AT-8024M, AT-8026FC, AT-8088/xx (SC or MT) FAST ETHERNET SWITCHES VERSION 3.1.
Copyright 2003 Allied Telesyn, Inc. 960 Stewart Drive Suite B, Sunnyvale, CA 94085 USA All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn, Inc. Microsoft is a registered trademark of Microsoft Corporation, Netscape Navigator is a registered trademark of Netscape Communications Corporation.
Table of Contents Preface ...................................................................................................................................................................................................................... 7 Document Conventions ...................................................................................................................................................................................... 8 Where to Find Web-based Guides ...............................
Table of Contents RESTART REBOOT ................................................................................................................................................................................................ 39 SHOW CONFIG ...................................................................................................................................................................................................... 40 PING ...............................................................
Chapter 10 Port Mirroring Commands ............................................................................................................................................................................83 CREATE SWITCH MIRROR ...................................................................................................................................................................................84 ADD SWITCH MIRROR .................................................................................
Table of Contents Chapter 17 TACACS+ and RADIUS Commands .........................................................................................................................................................142 DISABLE AUTHENTICATION ...........................................................................................................................................................................143 ENABLE AUTHENTICATION .............................................................................
Preface This guide contains instructions on how configure an AT-8000 Series Fast Ethernet Switch using the AT-S39 command line interface.
Section II: Local and Telnet Management Document Conventions This document uses the following conventions: Note Notes provide additional information. Warning Warnings inform you that performing or omitting a specific action may result in bodily injury. Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data.
AT-S39 User’s Guide Where to Find Web-based Guides The installation and user guides for all Allied Telesyn products are available in Portable Document Format (PDF) from on our web site at www.alliedtelesyn.com. You can view the documents on-line or download them onto a local workstation or server.
Section II: Local and Telnet Management Contacting Allied Telesyn To contact Technical Support by phone, find your country or region in the table below.
AT-S39 User’s Guide Management Software Updates New releases of management software for our managed products can be downloaded from our web site at www.alliedtelesyn.com or our FTP server at ftp.alliedtelesyn.com. To use the FTP server, enter ‘anonymous’ for the user name when you log in and your e-mail address for the password.
Chapter 1 Starting a Command Line Management Session This chapter contains the following sections: ❑ Starting a Management Session on page 13 ❑ Key Features on page 14 ❑ Command Formatting on page 15 12
AT-S39 Command Line User’s Guide Starting a Management Session In order to manage an AT-8000 Series switch using the command line commands, you must first start a local, Telnet, or web management session. All of the instructions for starting a management session are described in the AT-S39 User’s Guide. Refer there for directions. Once you have started a local or Telnet management session, you will see the AT-S39 Main Menu.
Chapter 1: Starting a Command Line Management Session Key Features The following features are supported in the command line interface: ❑ Command history using the up and down arrow keys. ❑ Context-specific help - Press the question mark key at any time to see a list of legal next parameters. ❑ Keyword completion - Type a partial keyword and press the Tab key. The rest of the keyword will be entered automatically.
AT-S39 Command Line User’s Guide Command Formatting The following formatting conventions are used in this manual: ❑ screen text font - This font is used to illustrate the format of a command and command examples. ❑ screen text font - Italicized screen text indicates a variable that you must enter. ❑ [ ] - Brackets indicate optional parameters. ❑ | - This symbol is used between different parameter options from which you must choose.
Chapter 2 Basic Command Line Commands ❑ SAVE CONFIGURATION on page 17 ❑ SET PROMPT on page 18 ❑ CLEAR SCREEN on page 19 ❑ MENU on page 20 ❑ SET SWITCH CONSOLEMODE on page 21 ❑ LOGOFF and QUIT on page 22 Note Remember to save your changes with the SAVE CONFIGURATION command.
AT-S39 Command Line Interface User’s Guide SAVE CONFIGURATION Syntax save configuration Parameters None. Description This command saves your changes to the switch’s flash memory for permanent storage. Whenever you make a change one of the operating parameters of the switch, such as enter an IP address or create a new VLAN, the change is stored in temporary memory. It will be lost the next time you reset the switch or power cycle the unit. To save your changes, you must use this command.
Chapter 2: Basic Command Line Commands SET PROMPT Syntax set prompt=prompt Parameter Prompt Specifies the command line prompt. The prompt can be from one to seven alphanumeric characters. Spaces and special characters are allowed. The default command prompt is a dollar sign ($). Description This command changes the command prompt.
AT-S39 Command Line Interface User’s Guide CLEAR SCREEN Syntax clear screen Parameters None. Description This command clears the screen.
Chapter 2: Basic Command Line Commands MENU Syntax menu Parameters None. Description Entering this command at the command prompt displays the AT-S39 Main Menu. For instructions on how to use the management menus, refer to the AT-S39 User’s Guide.
AT-S39 Command Line Interface User’s Guide SET SWITCH CONSOLEMODE Syntax set switch consolemode=cli|menu Parameter consolemode Specifies the mode you want management sessions to start in. Options are: cli A management session starts with the command line prompt. menu A management session starts with the AT-S39 Main Menu. Description You use this command to specify whether you want your management sessions to display the command line interface or the AT-S39 Main Menu when a session is started.
Chapter 2: Basic Command Line Commands LOGOFF and QUIT Syntax logoff quit Parameters None. Description Both commands perform the same function. They end a management session. If you are managing a slave switch, the commands return you to the master switch on which you started the management session.
Chapter 3 Basic Switch Commands ❑ SHOW DHCPBOOTP on page 24 ❑ ENABLE DHCPBOOTP on page 25 ❑ DISABLE DHCPBOOTP on page 26 ❑ SHOW IP on page 27 ❑ SET IP on page 28 ❑ SHOW IP ROUTE on page 30 ❑ SET IP ROUTE on page 31 ❑ RESET IP on page 32 ❑ PURGE IP on page 33 ❑ SHOW SYSTEM on page 34 ❑ SET SYSTEM on page 35 ❑ RESET SYSTEM on page 36 ❑ SHOW SWITCH on page 37 ❑ RESTART SWITCH on page 38 ❑ RESTART REBOOT on page 39 ❑ SHOW CONFIG on page 40 ❑ PING on page 41 Note Remember to save your changes with the SAVE CON
Chapter 3: Basic Switch Commands SHOW DHCPBOOTP Syntax show dhcpbootp Parameters None. Description This command displays the status of DHCP and BOOTP on the switch. The status will be either “enabled” or “disabled.
AT-S39 Command Line Interface User’s Guide ENABLE DHCPBOOTP Syntax enable dhcpbootp Parameters None. Description This command activates DHCP and BOOTP on the switch. When activated, these protocols instruct the switch to obtain its IP configuration from a DHCP or BOOTP server on your network, whenever the unit is power cycled or reset. The protocols make continuous requests for the IP configuration until a DHCP or BOOTP server responds.
Chapter 3: Basic Switch Commands DISABLE DHCPBOOTP Syntax disable dhcpbootp Parameters None. Description This command deactivates DHCP and BOOTP on the switch.
AT-S39 Command Line Interface User’s Guide SHOW IP Syntax show ip interface=1 Parameters interface Specifies the interface number. This value is always “1”. Description This command displays the current values for the following switch parameters: ❑ IP address ❑ Subnet mask ❑ Default gateway Note To set these parameters, refer to the SET IP and the SET IP ROUTE commands.
Chapter 3: Basic Switch Commands SET IP Syntax set ip interface=1 ipaddress=IPaddress|DHCP netmask=subnetmask Parameters interface Specifies the interface number. This value is always “1”. ipaddress Specifies an IP address for the switch or activates DHCP and BOOTP. For background information on when to assign a switch an IP address, refer to the AT-S39 User’s Guide. netmask Specifies the subnet mask for the switch. You must specify a subnet mask if you manually assigned the switch an IP address.
AT-S39 Command Line Interface User’s Guide Examples The following command sets a switch’s IP address to 140.35.22.22 and the subnet mask to 255.255.255.0: set ip interface=1 ipaddress=140.35.22.22 netmask=255.255.255.0 The following command sets just the subnet mask: set ip interface=1 netmask=255.255.255.210 The following command activates DHCP and BOOTP: set ip interface=1 ipaddress=dhcp To deactivate DHCP and BOOTP, use the DISABLE DHCPBOOTP command.
Chapter 3: Basic Switch Commands SHOW IP ROUTE Syntax show ip route Parameters None. Description This command displays the switch’s default gateway address.
AT-S39 Command Line Interface User’s Guide SET IP ROUTE Syntax set ip route ipaddress=ipaddress Parameter ipaddress Specifies the IP address of the default gateway for the switch. Description This command specifies the IP address of the default gateway for the switch. This is required if a remote management station is separated from the switch by a router. The default value is 0.0.0.0. Example The following command sets the default gateway to 140.35.22.12: set ip route ipaddress=140.35.22.
Chapter 3: Basic Switch Commands RESET IP Syntax reset ip interface=1 Parameter interface Specifies the interface number. This value is always “1”. Description This command returns a switch’s IP address, subnet mask, and gateway address to the default values. To return just one of these parameters to its default value, refer to the PURGE IP command.
AT-S39 Command Line Interface User’s Guide PURGE IP Syntax purge ip [ipaddress] [netmask] [route] Parameters ipaddress Returns the switch’s IP address to the default setting 0.0.0.0. netmask Returns the subnet mask to the default setting 255.255.0.0. route Returns the gateway address to the default setting 0.0.0.0. Description This command returns the switch’s IP address, subnet mask, and default gateway address to the default settings. This command is similar in function to the RESET IP command.
Chapter 3: Basic Switch Commands SHOW SYSTEM Syntax show system Parameters None. Description This command displays the following information: ❑ Application software version and build date ❑ Bootloader version and build date ❑ Serial number ❑ Model name ❑ Switch’s name ❑ Name of the network administrator responsible for managing the unit ❑ Location of the unit. Note For instructions on how to set this information, see the SET SYSTEM command.
AT-S39 Command Line Interface User’s Guide SET SYSTEM Syntax set system [name=”name”] [contact=”contact”] [location=”location”] Parameters The parameters are defined below: name Specifies the name of the switch. The name can be from 1 to 15 alphanumeric characters in length and must be enclosed in quotes (“ “). contact Specifies the name of the network administrator responsible for managing the switch.
Chapter 3: Basic Switch Commands RESET SYSTEM Syntax reset system [name] [contact] [location] Parameters name Deletes the name of the switch. contact Deletes the name of the network administrator responsible for managing the unit. location Deletes the location of the switch. Description This command deletes the information listed above in Parameters. Note For instructions on how to set the name, contact and location of a switch, refer to the SET SYSTEM command.
AT-S39 Command Line Interface User’s Guide SHOW SWITCH Syntax show switch Parameters None.
Chapter 3: Basic Switch Commands RESTART SWITCH Syntax restart switch Parameter None. Description This command resets the switch. The system reset will take only a few seconds. The unit will not forward traffic during the few seconds required to reload the operating software and run its internal diagnostics. Caution Be sure to use the SAVE CONFIGURATION command to save your changes before resetting the switch. Any changes not saved will be discarded.
AT-S39 Command Line Interface User’s Guide RESTART REBOOT Syntax restart reboot Parameters None. Description This command returns the switch’s operating parameters to the default settings.
Chapter 3: Basic Switch Commands SHOW CONFIG Syntax show config Parameters None. Description This command displays overall information on the switch and the ports.
AT-S39 Command Line Interface User’s Guide PING Syntax ping ipaddress Parameter ipaddress Specifies the IP address of an end node you want the switch to ping. Description This command instructs the switch to ping an end node. You can use this command to determine whether a valid link exists between the switch and another device. Example The following command pings an end node with the IP address 149.245.22.22 ping 149.245.22.
Chapter 4 Enhanced Stacking Commands ❑ SET SWITCH STACKMODE on page 43 ❑ SHOW REMOTELIST on page 44 ❑ ACCESS SWITCH on page 45 ❑ EXIT on page 47 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Refer to the AT-S39 User’s Guide for background information on enhanced stacking.
AT-S39 Command Line Interface User’s Guide SET SWITCH STACKMODE Syntax set switch stackmode=master|slave|unavailable Parameter stackmode Specifies the enhanced stacking mode of the switch. Possible settings are: master Specifies the switch’s stacking mode as master. A master switch must be assigned an IP address and subnet mask. slave Specifies the switch’s stacking mode as slave. A slave does not need an IP address. This is the default setting for a switch.
Chapter 4: Enhanced Stacking Commands SHOW REMOTELIST Syntax show remotelist [sorted by=macaddress|name] Parameters sorted by Sorts the list either by MAC address or by name. The default is by MAC address. Description This command displays a lists of the switches in an enhanced stack. This command can only be performed from a management session on a master switch. The list does not include the master switch on which you started the management session.
AT-S39 Command Line Interface User’s Guide ACCESS SWITCH Syntax access switch number=number|macaddress=macaddress Parameters number Specifies the number of the switch in an enhanced stack that you want to manage. You can view this number using the SHOW REMOTELIST command. macaddress Specifies the MAC address of the switch you want to manage. This can also be displayed using the SHOW REMOTELIST command.
Chapter 4: Enhanced Stacking Commands The following command starts a management session on switch with the MAC address 00:30:84:52:02:11 access switch macaddress=003084520211 46
AT-S39 Command Line Interface User’s Guide EXIT Syntax exit Parameters None. Description Ends a management session. The menu or screen that is displayed as a result of this command depends on whether your switch is a master or slave as well as the configuration of the console mode on your switch. If you have configured your switch with the command line as the console mode, entering the EXIT command ends the management session. For a master switch, this command actually disconnects the session.
Chapter 5 SNMP Community Strings and Trap Commands ❑ SHOW SNMP on page 49 ❑ DESTROY SNMP COMMUNITY on page 50 ❑ CREATE SNMP COMMUNITY on page 51 ❑ SET SNMP COMMUNITY on page 52 ❑ RESET SNMP on page 53 ❑ ADD SNMP COMMUNITY TRAPHOST on page 54 ❑ DELETE SNMP COMMUNITY TRAPHOST on page 55 Note Remember to save your changes with the SAVE CONFIGURATION command.
AT-S39 Command Line Interface User’s Guide SHOW SNMP Syntax show snmp Parameters None. Description This command displays the community strings for SNMP Read and Write access on the switch. The default community string for Read access is Public and the default string for Write access is Private. This command also displays the IP addresses of management workstations that are to receive traps from the switch.
Chapter 5: SNMP Community Strings and Trap Commands DESTROY SNMP COMMUNITY Syntax destroy snmp community=community Parameter community Specifies the community string you want to delete from the switch. Description This command deletes the Read or Write community string from the switch. You must delete a community string prior to assigning a new string.
AT-S39 Command Line Interface User’s Guide CREATE SNMP COMMUNITY Syntax create snmp community=community access=read|write Parameter community Specifies the new community string. access Specifies which community string you are changing. Options are Read and Write. Description This command creates a new Read or Write community string on the switch. You cannot assign a new Read or Write community string until after you have deleted the current community string using the DESTROY SNMP command.
Chapter 5: SNMP Community Strings and Trap Commands SET SNMP COMMUNITY Syntax set snmp community=community access=read|write Parameter community Specifies the new community string you created with the CREATE SNMP COMMUNITY command. access Specifies which community string you changed. Options are Read and Write. Description This command activates a new Read or Write community string on the switch. You perform this command after creating the new string using the CREATE SNMP COMMUNITY command.
AT-S39 Command Line Interface User’s Guide RESET SNMP Syntax reset snmp Parameters None. Description This command performs the following functions: ❑ Returns the SNMP community strings to the default values, which are “public” for Read access and “private” for Write access. ❑ Disables SNMP access so that the switch cannot be managed using an SNMP application. ❑ Deletes IP addresses of management workstations to receive traps from the switch.
Chapter 5: SNMP Community Strings and Trap Commands ADD SNMP COMMUNITY TRAPHOST Syntax add snmp community=community traphost=ipaddress Parameters community Specifies the switch’s SNMP Read or Write community string. traphost Specifies the IP address of a management workstation you want to receive management traps from the switch. Description You can use this command to specify the IP addresses of up to four management workstations you want to receive management traps from the switch.
AT-S39 Command Line Interface User’s Guide DELETE SNMP COMMUNITY TRAPHOST Syntax delete snmp community=community traphost=ipaddress Parameters community Specifies the switch’s SNMP Read or Write community string. traphost Specifies the IP address of a management workstation you want to delete from the switch. Description You can use this command to delete the IP address of a management workstation that you no longer want to receive trap from the switch.
Chapter 6 Management Security Commands ❑ SET PASSWORD MANAGER on page 57 ❑ SET PASSWORD OPERATOR on page 58 ❑ SHOW HTTP SERVER on page 59 ❑ ENABLE HTTP SERVER on page 60 ❑ DISABLE HTTP SERVER on page 61 ❑ ENABLE SNMP on page 62 ❑ DISABLE SNMP on page 63 ❑ SET SWITCH CONSOLETIMER on page 64 Note Remember to use the SAVE CONFIGURATION command to save your changes.
AT-S39 Command Line Interface User’s Guide SET PASSWORD MANAGER Syntax set password manager Parameters None. Description This command sets the manager’s password. The default password is “admin”. The password can be from 10 to 20 alphanumeric characters. The password can contain spaces and special characters, such as asterisks or exclamation points, but it is not recommended since some web browsers reject special characters in passwords. The password is case sensitive.
Chapter 6: Management Security Commands SET PASSWORD OPERATOR Syntax set password operator Parameters None. Description This command sets the operator’s password. The default password is “friend”. The password can be from 10 to 20 alphanumeric characters. The password can contain spaces or special characters, such as asterisks or exclamation points, but it is not recommended since some web browsers reject special characters in passwords. The password is case sensitive.
AT-S39 Command Line Interface User’s Guide SHOW HTTP SERVER Syntax show http server Parameters None. Description This command displays the status of the HTTP server on the switch. If the status is ENABLED, the device can be managed from a web browser. If the status is DISABLED, the device cannot be managed from a web browser.
Chapter 6: Management Security Commands ENABLE HTTP SERVER Syntax enable http server Parameters None. Description This command activates the HTTP server on the switch so that the device can be managed from a web browser.
AT-S39 Command Line Interface User’s Guide DISABLE HTTP SERVER Syntax disable http server Parameters None. Description This command disables the HTTP server on the switch so that the device cannot be managed from a web browser.
Chapter 6: Management Security Commands ENABLE SNMP Syntax enable snmp Parameters None. Description This command enables SNMP on the switch so that the device can be managed from a SNMP application program.
AT-S39 Command Line Interface User’s Guide DISABLE SNMP Syntax disable snmp Parameters None. Description This command disables SNMP on the switch so that the device cannot be managed from a SNMP application program.
Chapter 6: Management Security Commands SET SWITCH CONSOLETIMER Syntax set switch consoletimer=value Parameter consoletimer Specifies the console timer in minutes. The range is 1 to 60 minutes. The default is 10 minutes. Description This command sets the console timer. The management software automatically ends a management session if it does not detect any activity from the local or remote management station after the specified period of time set by the console timer.
Chapter 7 Port Parameter Commands ❑ SHOW SWITCH PORT on page 66 ❑ SET SWITCH PORT on page 67 ❑ RESET SWITCH PORT on page 71 Note Remember to save your changes with the SAVE CONFIGURATION command.
Chapter 7: Port Parameter Commands SHOW SWITCH PORT Syntax show switch port=port Parameters port Specifies the port whose parameter settings you want to view. You can specify more than one port at a time. You can specify the ports individually (e.g., 2,3,5), as a range (e.g., 7-9), or both (e.g., 2,5,7-9). To view all ports, do not specify a port. Description This command displays a port’s operating parameters, such as speed and duplex mode.
AT-S39 Command Line Interface User’s Guide SET SWITCH PORT Syntax set switch port=port|all [status=forwarding|disabled] [flowcontrol=none|transmit|recieve|both] [bclimit=broadcastlimit] [mdimode=mdi|mdix|auto] [mirror=yes|no|all|none] [renegotiation=auto] [softreset=yes|no] [speed=autonegotiate|10mhalf|10mfull|10mhauto| 10mfauto|100mhalf|100mfull|100mhauto|100mfauto| 1000mfull|1000mfauto] [PVID=pvid] [priority=priority] [overridepriority=yes|no] Parameters port Specifies the port you want to configure.
Chapter 7: Port Parameter Commands information on broadcast frame control, refer to the AT-S39 User’s Guide. To set the broadcast timer interval, refer to the SET SWITCH BROADCAST command. mdimode mirror This parameter sets the wiring configuration of the port. Possible values are: mdi Sets the port’s configuration to MDI. mdix Sets the port’s configuration to MDI-X. auto Sets the port’s wiring configuration to either MDI or MDI-X, depending on the end node connected to the port.
AT-S39 Command Line Interface User’s Guide 100mfauto 100 Mbps and full-duplex mode with autonegotiation. 1000mfull 1000 Mbps and full-duplex mode. 1000mfauto 1000 Mbps and full-duplex mode with autonegotiation. Note The selections 10mfauto, 100mhauto, 100mfauto, and 1000mfauto will Auto-Negotiate to a lower speed and/or to half duplex mode if required by the end node. pvid Sets the PVID.
Chapter 7: Port Parameter Commands Examples The following command configures Port 11 to operate at 10 Mbps, half duplex: set switch port=11 speed=10mhalf The following command sets the wiring configuration for Ports 12 to 16 to MDI-X: set switch port=12-16 mdimode=mdix The following command resets Ports 2: set switch port=2 softreset=yes The following command disables Ports 12 to 16: set switch port=12-16 status=disabled 70
AT-S39 Command Line Interface User’s Guide RESET SWITCH PORT Syntax reset switch port=port Parameter port Specifies the port to be reset. You can specify more than one port at a time. You can specify the ports individually (e.g., 2,3,5), as a range (e.g., 7-9), or both (e.g., 2,5,7-9). Description This command resets a port. None of the operating parameters of a port are changed by this command. The reset takes less that a second to complete.
Chapter 8 Port Security Commands ❑ SET SWITCH SECURITYMODE on page 73 ❑ SET SWITCH THRESHOLD on page 75 ❑ SHOW SWITCH THRESHOLD on page 76 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Refer to the AT-S39 User’s Guide for background information on port security.
AT-S39 Command Line Interface User’s Guide SET SWITCH SECURITYMODE Syntax set switch securitymode=automatic|limited|secure|locked Parameter securitymode Specifies the switch’s security mode. Options are: automatic Disables port security on the switch. A switch operating in Automatic mode does not restrict the number of MAC addresses learned by the ports. The switch continues to learn addresses so long as there is available space in the MAC address table. This is the default setting.
Chapter 8: Port Security Commands Description This command sets a switch’s port security mode. Only one mode can be active on a switch at a time. Note To view the current security mode settings, use the SHOW CONFIGURATION command.
AT-S39 Command Line Interface User’s Guide SET SWITCH THRESHOLD Syntax set switch threshold=threshold port=port|all Parameters threshold Specifies the maximum number of dynamic MAC addresses a port on the switch can learn. The range is 1 to 150 addresses. The default is 100. port Specifies the port whose threshold you want to change. You can specify more than one port at a time. You can specify the ports individually (e.g., 2,3,5), as a range (e.g., 7-9), or both (e.g., 2,5,7-9).
Chapter 8: Port Security Commands SHOW SWITCH THRESHOLD Syntax show switch threshold Parameters None. Description This command displays the threshold limit for all the ports. The threshold limit applies when the switch is operating in the Limited Security Mode and specifies the maximum number of dynamic MAC address each port will learn. A port that has learned its maximum number of MAC addresses will discard frames from end nodes with MAC addresses it has not already learned.
Chapter 9 Port Trunking Commands ❑ SHOW SWITCH TRUNK on page 78 ❑ CREATE SWITCH TRUNK on page 79 ❑ ADD SWITCH TRUNK on page 80 ❑ DELETE SWITCH TRUNK on page 81 ❑ DESTROY SWITCH TRUNK on page 82 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Refer to the AT-S39 User’s Guide for background information on port trunking and load distribution methods.
Chapter 9: Port Trunking Commands SHOW SWITCH TRUNK Syntax show switch trunk Parameters None. Description This command displays the ports of a port trunk and the load distribution method.
AT-S39 Command Line Interface User’s Guide CREATE SWITCH TRUNK Syntax create switch trunk=name port=ports [select=macsrc|macboth] Parameters trunk Specifies the name of the trunk. The name can be up to 10 alphanumeric characters. No spaces or special characters are allowed. port Specifies the ports of the trunk. A trunk can have up to 4 ports. The ports can be specified individually (e.g., 1,2,5,8), as a range (e.g., 2-5), or both (e.g., 1113,18). select Specifies the load distribution method.
Chapter 9: Port Trunking Commands ADD SWITCH TRUNK Syntax add switch trunk=name port=ports Parameters trunk Specifies the name of the trunk to be modified. (You can enter any alphanumeric character for the name and this command will still work. This is extremely useful if you forgot the name you assigned the trunk.) port Specifies the ports to be added to the existing port trunk. The ports can be specified individually (e.g., 1,2,) or as a range (e.g.,1- 2).
AT-S39 Command Line Interface User’s Guide DELETE SWITCH TRUNK Syntax delete switch trunk=name port=ports Parameters trunk Specifies the name of the trunk to be modified. (You can enter any alphanumeric character for the name and this command will still work. This is extremely useful if you forgot the name you assigned the trunk.) port Specifies the ports to be removed from the existing port trunk. The ports can be specified individually (e.g., 1,4) or as a range (e.g.,1-2).
Chapter 9: Port Trunking Commands DESTROY SWITCH TRUNK Syntax destroy switch trunk=name Parameter trunk Specifies the name of the trunk to be deleted. (You can enter any alphanumeric character for the name and this command will still work. This is extremely useful if you forgot the name you assigned the trunk.) Description This command deletes a port trunk from a switch. Once a port trunk has been deleted, the ports that made up the trunk can be connected to different end nodes.
Chapter 10 Port Mirroring Commands ❑ CREATE SWITCH MIRROR on page 84 ❑ ADD SWITCH MIRROR on page 85 ❑ DELETE SWITCH MIRROR on page 86 ❑ SET SWITCH MIRROR on page 87 ❑ DESTROY SWITCH MIRROR on page 88 Note Remember to save your changes with the SAVE CONFIGURATION command. Note For background information on port mirroring, refer to the AT-S39 User’s Guide.
Chapter 10: Port Mirroring Commands CREATE SWITCH MIRROR Syntax create switch mirror destport=destinationport srcport=sourceport Parameters destport Specifies the destination port where the data will be copied to and where the network analyzer will be connected. You can specify only one port. srcport Specifies the port whose traffic is to be mirrored. You can specify more that one port. The ports can be specified individually (e.g., 1,4,6), as a range (e.g., 1114), or both (1,4,7-9).
AT-S39 Command Line Interface User’s Guide ADD SWITCH MIRROR Syntax add switch mirror srcport=port Parameter srcports Specifies the port(s) whose data are to the copied to the destination port. You can specify more than one port. The ports can be specified individually (e.g., 1,2), as a range (e.g., 2-3), or both (1,4,7-9). Description This command adds source ports to an existing port mirror.
Chapter 10: Port Mirroring Commands DELETE SWITCH MIRROR Syntax delete switch mirror srcport=port Parameters srcports Specifies the port(s) to be removed from an existing port mirror. The ports can be specified individually (e.g., 1,2), a range (e.g., 2-3), or both (1,4,7-9). Description This command removes a source port(s) from a port mirror.
AT-S39 Command Line Interface User’s Guide SET SWITCH MIRROR Syntax set switch mirror=port Parameter mirror Specifies the new destination port for the mirrored traffic. You can specify only one port. Description This command specifies a new destination port of an existing port mirror. Example The following command makes Port 11 the new destination port of the port mirror.
Chapter 10: Port Mirroring Commands DESTROY SWITCH MIRROR Syntax destroy switch mirror Parameters None. Description This command deletes a port mirror. Once a port mirror has been deleted, the port that was functioning as the destination (mirror) port can be disconnected from the network analyzer and connected to an end node for normal network operations.
Chapter 11 STP Commands ❑ SHOW STP on page 90 ❑ ACTIVATE STP on page 91 ❑ ENABLE STP on page 92 ❑ DISABLE STP on page 93 ❑ SET STP on page 94 ❑ SET STP PORT on page 96 ❑ RESET STP on page 98 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Refer to the AT-S39 User’s Guide for background information on the Spanning Tree Protocol (STP).
Chapter 11: Spanning Tree Protocol Commands SHOW STP Syntax show stp [port=port] Parameters port Specifies the port whose STP parameters you want to view. You can specify more than one port at a time. The ports can be specified individually (e.g., 1,2,5,8), as a range (e.g., 2-5), or both (e.g., 11-13,18). Description You can use this command to display the parameter settings for STP.
AT-S39 Command Line Interface User’s Guide ACTIVATE STP Syntax activate stp Parameters None Description Use this command to designate STP as the active spanning tree on the switch. Once you have selected STP, you can enable or disable it using the ENABLE STP and DISABLE STP commands. A spanning tree protocol is active on a switch only if you designate it as the active spanning tree and enable it. Note A change to the active spanning tree protocol with this command will reboot the switch.
Chapter 11: Spanning Tree Protocol Commands ENABLE STP Syntax enable stp Parameters None. Description This command activates the Spanning Tree Protocol on the switch. The default setting for STP is disabled.
AT-S39 Command Line Interface User’s Guide DISABLE STP Syntax disable stp Parameters None. Description This command deactivates the Spanning Tree Protocol on the switch. The default setting for STP is disabled.
Chapter 11: Spanning Tree Protocol Commands SET STP Syntax set stp [default] [priority=priority] [hellotime=hellotime] [forwarddelay=forwarddelay] [maxage=maxage] Parameters default Disables STP and returns all bridge and port STP settings to the default values. (This option performs the same function as the RESET STP command.) priority Specifies the priority number for the bridge. This number is used in determining the root bridge for STP.
AT-S39 Command Line Interface User’s Guide Note The value for the maxage parameter must be less than (2 x (hellotime +1)) and less than (2 x (forwarddelay -1)). Description This command is used to activate and deactivate STP on the switch.
Chapter 11: Spanning Tree Protocol Commands SET STP PORT Syntax set stp port=port|all [default] [portcost=portcost] [portpriority=portpriority] [fastmode=enabled|disabled][participate=yes|no] Parameters port Specifies the port you want to configure. You can specify more than one port at a time. The ports can be specified individually (e.g., 1,2,5,8), as a range (e.g., 25), or both (e.g., 11-13,18). To configure all ports, specify ALL. default Returns the port’s STP settings to their default values.
AT-S39 Command Line Interface User’s Guide Note A port that is not participating in spanning tree is immediately placed in the forwarding state. It cannot be placed in the blocking state by STP should there be a loop in the network topology. Consequently, it is incumbent on the network administrator to insure that no loop will develop should STP be disabled on a port. Note A change to the port priority parameter takes effect immediately. A change to the port cost value requires you to reset the switch.
Chapter 11: Spanning Tree Protocol Commands RESET STP Syntax reset stp Parameters None. Description This command disables STP and returns all bridge and port STP parameters to the default settings.
Chapter 12 RSTP Commands ❑ SHOW RSTP on page 100 ❑ ACTIVATE RSTP on page 101 ❑ DISABLE RSTP on page 102 ❑ ENABLE RSTP on page 103 ❑ RESET RSTP on page 104 ❑ SET RSTP on page 105 ❑ SET RSTP PORT on page 108 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Refer to the AT-S39 User’s Guide for background information on the Rapid Spanning Tree Protocol (RSTP).
Chapter 12: Rapid Spanning Tree Protocol Commands SHOW RSTP Syntax show rstp [portconfig=ports|portstate=port] Parameters portconfig Displays the RSTP port settings. You can specify more than one port at a time. portstate Displays the RSTP port status. You can specify more than one port at a time. Description You can use this command to display the parameter settings for RSTP.
AT-S39 Command Line Interface User’s Guide ACTIVATE RSTP Syntax activate rstp Parameters None Description Use this command to designate RSTP as the active spanning tree on the switch. Once you have selected RSTP, you can enable or disable it using the ENABLE RSTP and DISABLE RSTP commands. A spanning tree protocol is active on a switch only if you designate it as the active spanning tree and enable it. Note A change to the active spanning tree protocol with this command will reboot the switch.
Chapter 12: Rapid Spanning Tree Protocol Commands DISABLE RSTP Syntax disable rstp Parameters None Description This command disables the Rapid Spanning Tree Protocol on the switch. The default setting for RSTP is disabled.
AT-S39 Command Line Interface User’s Guide ENABLE RSTP Syntax enable rstp Parameters None Description This command enables the Rapid Spanning Tree Protocol on the switch. The default setting for RSTP is disabled.
Chapter 12: Rapid Spanning Tree Protocol Commands RESET RSTP Syntax reset rstp Parameters None. Description This command returns all bridge and port RSTP parameters to the default settings.
AT-S39 Command Line Interface User’s Guide SET RSTP Syntax set rstp [default] [priority=priority] [hellotime=hellotime] [forwarddelay=forwarddelay] [maxage=maxage] [forceversion=forcestpcompatible|normalrstp] Parameters default Disables RSTP and returns all bridge and port RSTP settings to the default values. (This option performs the same function as the RESET RSTP command.) priority Specifies the priority number for the bridge. This number is used in determining the root bridge for RSTP.
Chapter 12: Rapid Spanning Tree Protocol Commands hellotime Specifies the time interval between generating and sending configuration messages by the bridge. This parameter can be from 1 to 10 seconds. The default is 2 seconds. forwarddelay Specifies the waiting period before a bridge changes to a new state, for example, becomes the new root bridge after the topology changes. If the bridge transitions too soon, not all links may have yet adapted to the change, resulting in network loops.
AT-S39 Command Line Interface User’s Guide ❑ Maximum age time ❑ Port priority ❑ Force version of STP or normal RSTP Examples The following command returns all RSTP parameter settings to their default values: set rstp default The following command sets the bridge priority to 20480 (increment 5), the hello time to 5 seconds, and the forwarding delay to 20 seconds: set rstp priority=5 hellotime=5 forwarddelay=20 set rstp default The following command uses the FORCEVERSION parameter to configure the bridge to
Chapter 12: Rapid Spanning Tree Protocol Commands SET RSTP PORT Syntax set rstp port=port|all [default] [portcost=portcost] [portpriority=portpriority][edgeport=yes|no] [pointtopoint=yes|no|autoupdate] [migrationcheck=yes|no] Parameters port Specifies the port you want to configure. You can specify more than one port at a time. The ports can be specified individually (e.g., 1,2,5,8), as a range (e.g., 25), or both (e.g., 11-13,18). To configure all ports, specify ALL.
AT-S39 Command Line Interface User’s Guide portpriority Specifies the port’s priority. This parameter is used as a tie breaker when two or more ports are determined to have equal costs to the root bridge. The range is 0 to 240 in increments of 16. There are sixteen increments. You specify the increment of the desired value. The default is 128 (increment 8).
Chapter 12: Rapid Spanning Tree Protocol Commands bridges connected to the port. If the port receives STP BPDU packets in response, the port changes to STP compatible mode. If the port receives RSTP BPDU packets, it operates in RSTP. Note All changes to a port’s RSTP settings, with the exception of port cost, are activated immediately. A change to the port cost value requires you to reset the switch. A new port cost value is not implemented until the unit is reset.
Chapter 13 VLAN Commands ❑ SET SWITCH VLANMODE on page 113 ❑ SET SWITCH VLANSTATUS on page 127 ❑ SHOW VLAN on page 114 ❑ CREATE VLAN on page 115 ❑ ADD VLAN on page 119 ❑ DELETE VLAN on page 122 ❑ DESTROY VLAN on page 125 ❑ RESET VLAN on page 126 ❑ SET SWITCH SWITCHMODE on page 112 ❑ SET SWITCH VLANMODE on page 113 ❑ SET SWITCH VLANSTATUS on page 127 ❑ SET SWITCH INFILTERING on page 128 Note Remember to use the SAVE CONFIGURATION command to save your changes on the switch.
Chapter 13: VLAN Commands SET SWITCH SWITCHMODE Syntax set switch switchmode=tagged|basic Parameters vlanmode Specifies the switch’s mode. Specifying tagged means the switch will support user-configured (port-based and tagged) and multiple (801.Q compliant and non801.Q compliant) VLANs. Specifying basic means the switch will support the Basic switch mode. The default is basic. Only one mode can be active on a switch at a time.
AT-S39 Command Line Interface User’s Guide SET SWITCH VLANMODE Syntax set switch vlanmode=userconfig|multiple| dotqmultiple Parameters vlanmode Specifies the switch’s VLAN mode. Specifying USERCONFIG means the switch will support portbased and tagged VLANs. Specifying MULTIPLE means the switch will support the non-801.Q compliant multiple VLANs mode. Specifying DOTQMULTIPLE means the switch will support the 801.Q compliant multiple VLANs mode. The default is USERCONFIG.
Chapter 13: VLAN Commands SHOW VLAN Syntax show vlan=name|vid Parameters vlan Specifies the name or VID of the VLAN. Description This command displays all the port-based and tagged VLANs on a switch. The information includes the names of the VLANs, the VIDs, and the port members.
AT-S39 Command Line Interface User’s Guide CREATE VLAN Note This command is only allowed in user-configured VLANs mode.
Chapter 13: VLAN Commands VLAN on the switch. If this VLAN will be unique in your network, then its VID must also be unique. If this VLAN will be part of a larger VLAN that spans multiple switches, then the VID value for the VLAN should be the same on each switch. For example, if you are creating a VLAN called Sales that will span three switches, you should assign the Sales VLAN on each switch the same VID value.
AT-S39 Command Line Interface User’s Guide As shown at the start of this section, this command features two syntaxes. You can use either syntax when creating a port-based or tagged VLAN. The difference between the two is how you go about specifying which ports will be members of the VLAN and whether the ports will be tagged or untagged. Syntax 1 is limited in that it allows you to specify either tagged or untagged ports, but not both at the same time.
Chapter 13: VLAN Commands create vlan name=Sales vid=22 taggedports=3,6 Now let’s try creating an tagged VLAN that contains both untagged and tagged ports. Suppose you wanted to create a VLAN called Service with a VID of 16 and untagged ports 1, 4, 5-7 and tagged ports 11 and 14. You could not create this VLAN using Syntax 1 with just one command. It would actually take two commands. You would first create the VLAN, specifying either the untagged or tagged ports.
AT-S39 Command Line Interface User’s Guide ADD VLAN Note This command is only allowed in user-configured VLANs mode.
Chapter 13: VLAN Commands mirrorport Specifies a port on the switch where all traffic on the VLAN will be mirrored. This function is useful in troubleshooting a VLAN. It allows you to mirror the VLAN traffic on another port where you can connect a network analyzer. In most situations you will probably not use this parameter. Description This command adds tagged and untagged ports to an existing VLAN. You can also use this command to have the traffic on the VLAN mirrored to another port on the switch.
AT-S39 Command Line Interface User’s Guide add vlan name=production port=3 frame=tagged The following command does the same thing using Syntax 2: add vlan name=production untaggedports=3 To add both tagged and untagged ports to a VLAN using Syntax 1 takes two commands.
Chapter 13: VLAN Commands DELETE VLAN Note This command is only allowed in user-configured VLANs mode.
AT-S39 Command Line Interface User’s Guide Description This command removes tagged and untagged ports from a VLAN. You can also use this command to cancel a port functioning as a VLAN mirror. This command has two syntaxes, just like the CREATE VLAN command. You can use either command to delete ports from a VLAN. The difference between the two is that Syntax 1 can remove only one type of port, tagged or untagged, at a time from a VLAN, while Syntax 2 can remove both in the same command.
Chapter 13: VLAN Commands The following command does the same thing using Syntax 2: delete vlan name=production untaggedports=3 To delete both tagged and untagged ports from a VLAN using Syntax 1 takes two commands.
AT-S39 Command Line Interface User’s Guide DESTROY VLAN Note This command is only allowed in user-configured VLANs mode. If you use this command when in multiple VLAN mode, you will receive the following message: Operation NOT allowed in Multiple VLANs mode Syntax destroy vlan=name|vid Parameter vlan Specifies the name or VID of the VLAN to be deleted. Description This command deletes a VLAN from a switch. All untagged ports in a deleted VLAN are automatically returned to the Default_VLAN.
Chapter 13: VLAN Commands RESET VLAN Note This command is only allowed in user-configured VLANs mode. If you use this command when in multiple VLAN mode, you will receive the following message: Operation NOT allowed in Multiple VLANs mode Syntax reset vlan Parameters none Description This command deletes all port-based and tagged VLANs on a switch, except for the Default_VLAN. All ports are returned to the Default_VLAN as untagged ports.
AT-S39 Command Line Interface User’s Guide SET SWITCH VLANSTATUS Syntax set switch vlanstatus=enabled|disabled Parameters vlanstatus Specifies the switch’s mode. Specifying ENABLED means the switch will support user-configured (portbased and tagged) and multiple (801.Q compliant and non-801.Q compliant) VLANs. Specifying DISABLED means the switch will support the Basic switch mode. The default is tagged and untagged VLANs. Only one mode can be active on a switch at a time.
Chapter 13: VLAN Commands SET SWITCH INFILTERING Syntax set switch infiltering=on|off Parameter infiltering Specifies the status of ingress filtering. Options are: on Ingress filtering is activated. off Ingress filtering is deactivated. Description This command controls the status of ingress filtering. When ingress filtering is activated, which is the default, tagged frames are filtered when they are received on a port.
Chapter 14 MAC Address Table Commands ❑ SHOW SWITCH FDB on page 130 ❑ ADD SWITCH FDB on page 132 ❑ DELETE SWITCH FDB on page 133 ❑ SET SWITCH AGINGTIMER on page 134 Note Remember to save your changes with the SAVE CONFIGURATION command.
Chapter 14: MAC Address Commands SHOW SWITCH FDB Syntax show switch fdb [address=macaddress] [port=port] [status=static|dynamic|multicast] [vlan=name|VID] Parameters address Specifies a MAC address. Use this parameter to determine the port on the switch on which a particular MAC address was learned (dynamic) or assigned (static). The address can be entered in either of the following formats: xxxxxxxxxxxx or xx:xx:xx:xx:xx:xx port Specifies a port on the switch.
AT-S39 Command Line Interface User’s Guide The following command displays the port number on which the MAC address 00:A0:D2:18:1A:11 was learned (dynamic) or added (static): show switch fdb address=00A0D2181A11 The following command displays the MAC addresses learned on Port 11: show switch fdb port=11 The following command displays the MAC addresses learned on the ports in the Sales VLAN: show switch fdb vlan=sales 131
Chapter 14: MAC Address Commands ADD SWITCH FDB Syntax add switch fdb macaddress=macaddress port=port Parameters macaddress Specifies the static or multicast address to the added to the switch’s MAC address table. The address can be entered in either of the following formats: xxxxxxxxxxxx or xx:xx:xx:xx:xx:xx port Specifies the port to which the MAC address is to be assigned. You can specify only one port.
AT-S39 Command Line Interface User’s Guide DELETE SWITCH FDB Syntax delete switch fdb macaddress=macaddress [vlan=name|VID] Parameters address Specifies the dynamic, static, or multicast MAC address to delete from the MAC address table. The address can be entered in either of the following formats: xxxxxxxxxxxx or xx:xx:xx:xx:xx:xx vlan Specifies the VLAN containing the port where the address was learned or assigned. The VLAN can be specified by name or VID. This parameter is optional.
Chapter 14: MAC Address Commands SET SWITCH AGINGTIMER Syntax set switch agingtimer=value Parameter agingtimer Specifies the aging timer for the MAC address table. The value is in seconds. The range is 1 to 1048575. The default is 300 seconds (5 minutes). Description The switch uses the aging time to delete inactive dynamic MAC addresses from the MAC address table.
Chapter 15 IGMP Snooping Commands ❑ SET IP IGMP on page 136 ❑ SHOW IP IGMP on page 138 Note For background information on IGMP snooping, refer to the AT-S39 User’s Guide. Note Remember to use the SAVE CONFIGURATION command to save your changes on the switch.
Chapter 15: IGMP Snooping Commands SET IP IGMP Syntax set ip igmp [snoopingstatus=enabled|disabled] [hoststatus=singlehost|multihost] [timeout=timeout] [numbermulticastgroups=number] [routerport=portnumber|auto] Parameters snoopingstatus hoststatus Activates and deactivates IGMP snooping on the switch. Possible settings are: enabled Activates IGMP snooping. disabled Deactivates IGMP snooping. This is the default setting Specifies the IGMP host node topology.
AT-S39 Command Line Interface User’s Guide from filling up with multicast addresses, leaving no room for dynamic or static MAC addresses. The range is 1 to 2048 addresses. The default is 256 addresses. routerport Specifies the port(s) on the switch connected to a multicast router. Specifying AUTO activates auto-detect, where the switch automatically determines the ports with multicast routers. Auto-detect is the default setting. Description This command configures the IGMP snooping parameters.
Chapter 15: IGMP Snooping Commands SHOW IP IGMP Syntax show ip igmp [hostlist|routerlist] Parameters hostlist Displays a list of the multicast groups learned by the switch, as well as the ports on the switch that are connected to host nodes. routerlist Displays the ports on the switch that are connected to multicast routers. Description Displays the IGMP parameter settings. This command can also display a list of host nodes as well as a list of switch ports connected to multicast routers.
Chapter 16 Broadcast Frame Control Command ❑ SET SWITCH BROADCAST on page 140 Note Remember to save your changes with the SAVE CONFIGURATION command. Note For background information on broadcast frame control, refer to the AT-S39 User’s Guide.
Chapter 16: Broadcast Frame Control Commands SET SWITCH BROADCAST Syntax set switch broadcast timer10_100mbps=integer timer1000mbps=integer Parameters timer10_100mbps Specifies the broadcast timer interval for ports operating at 10 Mbps and 100 Mbps. The range is 10 to 120 milliseconds with a default of 10 milliseconds. timer1000mbps Specifies the length of time, in microseconds, for ports operating at 1000 Mbps. The range is 100 to 12,000 microseconds with a default of 100 microseconds.
AT-S39 Command Line Interface User’s Guide Examples The following command sets a broadcast timer of 500 milliseconds for ports operating at 10 Mbps and 100 Mbps: set switch broadcast timer10_100mbps=500 The following command sets a broadcast timer of 200 microseconds for ports operating at 1000 Mbps: set switch broadcast timer1000mbps=200 141
Chapter 17 TACACS+ and RADIUS Commands ❑ DISABLE AUTHENTICATION on page 143 ❑ ENABLE AUTHENTICATION on page 144 ❑ RESET AUTHENTICATION on page 145 ❑ SET AUTHENTICATION on page 146 ❑ SHOW AUTHENTICATION on page 148 ❑ ADD TACACSSERVER on page 149 ❑ DELETE TACACSSERVER on page 150 ❑ ADD RADIUSSERVER on page 151 ❑ DELETE RADIUSSERVER on page 152 Note Remember to save your changes with the SAVE CONFIGURATION command.
AT-S39 Command Line Interface User’s Guide DISABLE AUTHENTICATION Syntax disable authentication Parameters None. Description Use this command to disable TACACS+ and RADIUS authentication on your switch. When you disable authentication you retain your current authentication parameter settings.
Chapter 17: TACACS+ and RADIUS Commands ENABLE AUTHENTICATION Syntax enable authentication Parameters None. Description Use this parameter to enable TACACS+ and RADIUS authentication on your switch.
AT-S39 Command Line Interface User’s Guide RESET AUTHENTICATION Syntax reset authentication Parameter None. Description This command disables authentication. When you reset authentication, you retain your current command settings, including server IP addresses and encryption keys (both local and global). This command performs the same function as the DISABLE AUTHENTICATION command.
Chapter 17: TACACS+ and RADIUS Commands SET AUTHENTICATION Syntax set authentication method=[tacacs|radius] [secret=string] [timeout=integer] Parameter method Specify either the TACACS+ or RADIUS protocol to run on your switch. secret Specify the global encryption key that is used for all of your TACACS+ or RADIUS servers. If the servers use different encryption keys, you can leave this parameter blank and set individual encryption keys with the ADD TACACSSERVER or ADD RADIUSSERVER commands.
AT-S39 Command Line Interface User’s Guide The following command selects TACACS+ as the authentication protocol with a global encryption key of tiger54: set authentication method=tacacs secret=tiger54 The following command selects RADIUS as the authentication protocol with a global encryption key of leopard09 and a timeout of 15 seconds: set authentication method=radius secret=leopard09 timeout=15 147
Chapter 17: TACACS+ and RADIUS Commands SHOW AUTHENTICATION Syntax show authentication Parameters None. Description Use this command to display the following information about the authenticated protocols on the switch: ❑ The status of your authenticated protocol: enabled or disabled. ❑ The authentication protocol activated on your switch. Either TACACS+ or RADIUS protocols may be active. The TACACS+ protocol is the default. ❑ The IP addresses of up to 3 authentication servers.
AT-S39 Command Line Interface User’s Guide ADD TACACSSERVER Syntax add tacacsserver ipaddress=ipaddress order=integer [secret=string] Parameters ipaddress Specifies an IP address of a TACACS+ server. order Specifies the order that your TACACS+ server is queried by the switch. You can assign order to up to 3 servers with 1 being the first server queried. secret Specifies the optional encryption key used on this server.
Chapter 17: TACACS+ and RADIUS Commands DELETE TACACSSERVER Syntax delete tacacsserver ipaddress=ipaddress Parameters ipaddress Specifies the IP address of the TACACS+ server that you want to delete. Description Use this command to delete the IP address of a TACACS+ server from your switch. Example The following command deletes the TACACS+ server with the IP address of 149.245.22.20: delete tacacsserver ipaddress=149.245.22.
AT-S39 Command Line Interface User’s Guide ADD RADIUSSERVER Syntax add radiusserver ipaddress=ipaddress order=integer [secret=string] [port=integer] Parameters ipaddress Specifies an IP address of a RADIUS server. order Specifies the order that your RADIUS server is queried by the switch. You can assign order to up to 3 servers with 1 being the first server queried. secret Specifies the encryption key used for this server. port Specifies the UDP (User Datagram Protocol) port of the RADIUS server.
Chapter 17: TACACS+ and RADIUS Commands DELETE RADIUSSERVER Syntax delete radiusserver ipaddress=ipaddress Parameters ipaddress Specifies the IP address of your RADIUS server to be deleted. Description Use this command to delete a RADIUS server with the specified IP address from your switch. Example The following command deletes the RADIUS server with the IP address 149.245.22.22: delete radiusserver ipaddress=149.245.22.
Chapter 18 802.1x Port-Based Access Control Commands ❑ ENABLE PORTACCESS on page 154 ❑ DISABLE PORTACCESS on page 155 ❑ SHOW PORTACCESS STATUS on page 156 ❑ SET PORTACCESS on page 157 Note Remember to save your changes with the SAVE CONFIGURATION command.
Chapter 18: TACACS+ and RADIUS Commands ENABLE PORTACCESS Syntax enable portaccess Parameters None. Description Use this command to enable port access control on your switch. Note Enabling or disabling Port Access Control can only be performed in a local management session. Note You must activate and configure the RADIUS protocol on the switch before you can activate port access control. Refer to the command SET AUTHENTICATION on page 146.
AT-S39 Command Line Interface User’s Guide DISABLE PORTACCESS Syntax disable portaccess Parameters None. Description Use this command to disable port access control on your switch. Note Enabling or disabling Port Access Control can only be performed in a local management session.
Chapter 18: TACACS+ and RADIUS Commands SHOW PORTACCESS STATUS Syntax show portaccess status Parameters None. Description Use this command to display the port access control status on your switch. Note This command is only allowed if port access control is enabled.
AT-S39 Command Line Interface User’s Guide SET PORTACCESS Syntax set portaccess port=port|all [role=none|authenticator] [control=auto|forceauthenticate|forceunauthenticate] [quietperiod=integer] [txperiod=integer] [reauthperiod=integer] [supptimeout=integer] [servtimeout=integer] [maxreq=integer] Parameters role This parameter specifies the current authentication status of the port . If Authenticator is selected, the port performs the role of authenticating the supplicants that are connected to the port.
Chapter 18: TACACS+ and RADIUS Commands quietperiod Sets the number of seconds that the switch remains in the quiet state following a failed authentication exchange with the client. The default value is 60 seconds. The range is 0 to 65,535 seconds. txperiod Sets the number of seconds that the switch waits for a response to an EAP-request/identity frame from the client before retransmitting the request. The default value is 30 seconds. The range is 1 to 65,535 seconds.
AT-S39 Command Line Interface User’s Guide set portaccess ports=all role=authenticator Typing the following command, sets all ports with the role of Authenticator and sets the servertimeout parameter to 200 seconds: set portaccess ports=all role=authenticator servtimeout=200 159
Chapter 19 Statistics Commands ❑ SHOW SWITCH COUNTER on page 161 ❑ SHOW SWITCH PORT COUNTER on page 162 ❑ RESET SWITCH COUNTER on page 163 ❑ RESET SWITCH PORT COUNTER on page 164 Note Remember to save your changes with the SAVE CONFIGURATION command.
AT-S39 Command Line Interface User’s Guide SHOW SWITCH COUNTER Syntax show switch counter Parameters None. Description This command displays switch operating statistics, such as the number of packets received and transmitted, and the number of CRC errors. For definitions of the statistics, refer to the AT-S39 User’s Guide.
Chapter 19: Statistics Commands SHOW SWITCH PORT COUNTER Syntax show switch port=port counter Parameters port Specifies the port whose statistics you want to view. You can view more than one port at a time. The ports can be specified individually (e.g., 1,2,5,8), as a range (e.g., 2-5), or both (e.g., 11-13,18). To view all ports, do not specify a port. Description This command displays the operating statistics for a port on the switch.
AT-S39 Command Line Interface User’s Guide RESET SWITCH COUNTER Syntax reset switch counter Parameters None. Description This command returns all statistic counters on the switch to zero (0).
Chapter 19: Statistics Commands RESET SWITCH PORT COUNTER Syntax reset switch port=port|all counter Parameters port Specifies the port whose statistics counter you want to return to zero. You can specify more than one port at a time. The ports can be specified individually (e.g., 1,2,5,8), as a range (e.g., 2-5), or both (e.g., 11-13,18). To specify all ports, use ALL. Description This command returns the statistics counter for a port to zero.
Chapter 20 Download and Upload Commands ❑ LOAD on page 166 ❑ UPLOAD on page 170 ❑ ENABLE TFTPSERVER on page 172 ❑ DISABLE TFTPSERVER on page 173 ❑ SHOW TFTPSERVER on page 174 Note Remember to save your changes with the SAVE CONFIGURATION command. Note For background information on downloading and uploading software images and configuration files, refer to the AT-S39 User’s Guide.
Chapter 20: Download and Upload Commands LOAD Syntax load method=tftp|xmodem|remoteswitch type=image|config|bootloader switchnumber=switches Parameters method Specifies the method of the download. Options are: tftp Indicates that the download will be performed using TFTP. To use this option, you must have TFTP server software on a network node. The file to download onto the switch must be stored on the TFTP server.
AT-S39 Command Line Interface User’s Guide type Specifies the file to be downloaded. Options are: image Downloads both the AT-S39 software image and bootloader. config Downloads a configuration file. bootloader Downloads just the bootloader. You can specify only one file type at a time. switchnumber Specifies the switch in an enhanced stack to which you want to download a new version of AT-S39 software or a configuration file.
Chapter 20: Download and Upload Commands ❑ A switch running AT-S39 Version 1.4 or earlier must first be ungraded to Version 1.4.1 or 1.4.2 before you can install a new AT-S39 image.
AT-S39 Command Line Interface User’s Guide The following command downloads a new AT-S39 configuration from the management workstation to the switch: load method=xmodem type=config After entering this command, you must specify the location of the AT-S39 configuration file stored on your workstation using your terminal emulation program. The following command downloads the AT-S39 image file on the master switch to switches 1 and 4 in an enhanced stack.
Chapter 20: Download and Upload Commands UPLOAD Syntax upload method=tftp|xmodem type=image|config method type Specifies the method of the upload. Only one option is available: tftp Indicates that the upload will be performed using TFTP. To use this option, you must have TFTP server software on a network node. xmodem Indicates that the upload will be from the switch to the management workstation. Specifies the file to be uploaded.
AT-S39 Command Line Interface User’s Guide Examples The following command uploads the switch’s configuration file to the management workstation: upload method=xmodem type=config After entering the command, use your terminal emulator program to indicate where you want to store the file on your workstation and the filename.
Chapter 20: Download and Upload Commands ENABLE TFTPSERVER Syntax enable tftpserver Parameters None. Description This command activates the TFTP server software on the switch. When TFTP is enabled, you can upload and download files switch-to-switch. The default setting is enabled.
AT-S39 Command Line Interface User’s Guide DISABLE TFTPSERVER Syntax disable tftpserver Parameters None. Description This command disables the TFTP server software on the switch. When TFTP is disabled, you cannot upload or download files switch-to-switch. The default setting is enabled.
Chapter 20: Download and Upload Commands SHOW TFTPSERVER Syntax show tftpserver Parameters None. Description This command displays the status of the TFTP server software on the switch. The status will be enabled or disabled.
Chapter 21 Command Reference ❑ Basic Command Line Commands on page 176 ❑ Basic Switch Commands on page 177 ❑ Enhanced Stacking Commands on page 179 ❑ SNMP Community Strings and Trap Commands on page 180 ❑ Management Security Commands on page 181 ❑ Port Parameter Commands on page 182 ❑ Port Security Commands on page 183 ❑ Port Trunking Commands on page 183 ❑ Port Mirroring Commands on page 184 ❑ Spanning Tree Protocol Commands on page 185 ❑ Rapid Reconfiguration Spanning Tree Commands on page 186 ❑ VLAN Co
Chapter 21: Command Reference Basic Command Line Commands SAVE CONFIGURATION save configuration Saves your changes to the switch’s flash memory for permanent storage. SET PROMPT set prompt=prompt Changes the command line prompt. CLEAR SCREEN clear screen Clears the screen. MENU menu Displays the AT-S39 Main Menu. SET SWITCH CONSOLEMODE set switch consolemode=cli|menu Specifies whether management sessions are to start with the command line interface or with the AT-S39 Main Menu.
AT-S39 Command Line Interface User’s Guide Basic Switch Commands SHOW IP show ip interface=1 Displays the IP address, subnet mask, and default gateway. SET IP set ip interface=1 ipaddress=IPaddress|DHCP netmask=subnetmask Configures the IP address and subnet mask, and activates and deactivates DHCP and BOOTP. SHOW IP ROUTE show ip route Displays the switch’s default gateway address. SET IP ROUTE set ip route ipaddress=ipaddress Specifies the IP address of the default gateway for the switch.
Chapter 21: Command Reference SET SYSTEM set system [name=”name”] [contact=”contact”] [location=”location”] Sets a switch’s name, the name of the network administrator responsible for managing the unit, and the location of the unit. RESET SYSTEM reset system [name] [contact] [location] Deletes a switch’s name, the name of the network administrator responsible for managing the unit, and the location of the unit. SHOW DHCPBOOTP show dhcpbootp Displays the status of DHCP and BOOTP on the switch.
AT-S39 Command Line Interface User’s Guide SHOW CONFIG show config Displays overall information on the switch and the ports. PING ping ipaddress Instructs the switch to ping an end node. Enhanced Stacking Commands SET SWITCH STACKMODE set switch stackmode=master|slave|unavailable Sets a switch’s stacking status. SHOW REMOTELIST show remotelist [sorted by=macaddress|name] Displays a lists of all the switches of an enhanced stack.
Chapter 21: Command Reference SNMP Community Strings and Trap Commands SHOW SNMP show snmp Displays the community strings for SNMP Read and Write access on the switch. DESTROY SNMP COMMUNITY destroy snmp community=community Deletes the Read or Write community string from the switch. CREATE SNMP COMMUNITY create snmp community=community access=read|write Creates a new Read or Write community string on the switch.
AT-S39 Command Line Interface User’s Guide Management Security Commands SET PASSWORD MANAGER set password manager Sets the manager’s password. SET PASSWORD OPERATOR set password operator Sets the operator’s password. SHOW HTTP SERVER show http server Displays the status of the HTTP server on the switch. ENABLE HTTP SERVER enable http server Enables the HTTP server on the switch so that the device can be managed from a web browser.
Chapter 21: Command Reference SET SWITCH CONSOLETIMER set switch consoletimer=value Sets the console timer. Port Parameter Commands SHOW SWITCH PORT show switch port=port Displays a port’s operating parameters, such as speed and duplex mode.
AT-S39 Command Line Interface User’s Guide Port Security Commands SET SWITCH SECURITYMODE set switch securitymode=automatic|limited|secure|locked Sets the port security mode. SET SWITCH THRESHOLD set switch threshold=threshold port=ports|all Sets the maximum number of dynamic MAC addresses a port can learn when the switch is operating in the Limited security mode.
Chapter 21: Command Reference DESTROY SWITCH TRUNK destroy switch trunk=name Deletes a port trunk from a switch. Port Mirroring Commands CREATE SWITCH MIRROR create switch mirror destport=destinationport srcport=sourceport Creates a port mirror. ADD SWITCH MIRROR add switch mirror srcport=port Adds a source port(s) to an existing port mirror. DELETE SWITCH MIRROR delete switch mirror srcport=port Removes a source port(s) from a port mirror.
AT-S39 Command Line Interface User’s Guide Spanning Tree Protocol Commands SHOW STP show stp [port=port] Displays the STP parameter settings. ACTIVATE STP activate stp [port=port] Designates STP as the active spanning tree. ENABLE STP enable stp Activates STP on the switch. DISABLE STP disable stp Deactivates STP on the switch.
Chapter 21: Command Reference Rapid Reconfiguration Spanning Tree Commands SHOW RSTP show rstp [portconfig=ports|portstate=port] Displays the RSTP parameter settings. ACTIVATE RSTP activate rstp Designates RSTP as the active spanning tree on the switch. DISABLE RSTP disable rstp Deactivates RSTP on the switch. ENABLE RSTP enable rstp Enables RSTP on the switch. RESET RSTP reset rstp Returns all bridge and port RSTP parameters to the default settings.
AT-S39 Command Line Interface User’s Guide VLAN Commands SET SWITCH VLANMODE SET SWITCH VLANSTATUS SHOW VLAN show vlan Displays all the VLANs on a switch. CREATE VLAN Syntax 1 create vlan=name vid=vid ports=ports|ALL frame=untagged|tagged [mirrorport=mirrorport] Syntax 2 create vlan=name vid=vid taggedports=taggedports|ALL untaggedports=untaggedports|ALL [mirrorport=mirrorport] Creates a port-based or tagged VLAN.
Chapter 21: Command Reference Syntax 2 delete vlan=name [vid=vid] taggedports=taggedports untaggedports=untaggedports [mirrorport=mirrorport] Removes tagged and untagged ports from a VLAN. DESTROY VLAN destroy vlan=name [vid=vid] Deletes a VLAN from a switch. RESET VLAN reset vlan Deletes all port-based and tagged VLANs on a switch, except for the Default_VLAN. SET SWITCHMODE set switch switchmode=tagged|basic Configures a switch to support either port-based and tagged or basic mode.
AT-S39 Command Line Interface User’s Guide SET SWITCH INFILTERING set switch infiltering=on|off Activates and deactivates ingress filtering. MAC Address Table Commands SHOW SWITCH FDB show switch fdb [address=macaddress] [port=port] [status=static|dynamic|multicast] [vlan=name|VID] Displays the dynamic, static, and multicast MAC addresses stored in a switch’s MAC address table.
Chapter 21: Command Reference SHOW IP IGMP show ip igmp [hostlist|routerlist] Displays the IGMP parameter settings, host nodes, and multicast router ports. Broadcast Frame Control Command SET SWITCH BROADCAST set switch broadcast limit=limit porttype=10Mbps|100Mbps|1000Mbps Specifies the broadcast interval timer. TACACS+ and RADIUS Commands DISABLE AUTHENTICATON disable authentication Disables TACACS+ and RADIUS authentication on your switch.
AT-S39 Command Line Interface User’s Guide ADD TACACSSERVER add tacacsserver ipaddress=ipaddress order=integer [secret=string] Adds the IP address of a TACACS+ server to your switch. DELETE TACACSSERVER delete tacacsserver ipaddress=ipaddress Deletes the IP address of a TACACS+ server from your switch. ADD RADIUSSERVER add radiusserver ipaddress=ipaddress order=integer [secret=string] [port=integer] Adds the IP address of a RADIUS server to your switch.
Chapter 21: Command Reference SET PORTACCESS set portaccess port=port|all [role=none|authenticator] [control=auto|forceauthenticate|forceunauthenticate] [quietperiod=integer] [txperiod=integer] [reauthperiod=integer] [supptimeout=integer] [servtimeout=integer] [maxreq=integer] This command allows you to set port access control parameters.
AT-S39 Command Line Interface User’s Guide Download a new version of the AT-S39 software image or a configuration file onto an AT-8000 Series switch. UPLOAD upload method=xmodem type=image|config Uploads the AT-S39 software image or configuration file from a switch to a management workstation. ENABLE TFTPSERVER enable tftpserver Activates the TFTP server software on the switch. DISABLE TFTPSERVER disable tftpserver Disables the TFTP server software on the switch.
Index Numerics 802.1x port-based access DISABLE PORTACCESS, 155 ENABLE PORTACCESS, 154 SET PORTACCESS, 157 SHOW PORTACCESS STATUS, 156 802.
AT-S39 Command Line Interface User’s Guide commands ACCESS SWITCH, 45 ACTIVATE RSTP, 101 ACTIVATE STP, 91 ADD RADIUSSERVER, 151 ADD SNMP COMMUNITY TRAPHOST, 54 ADD SWITCH FDB, 132 ADD SWITCH MIRROR, 85 ADD SWITCH TRUNK, 80 ADD TACACSSERVER, 149 ADD VLAN, 119 CLEAR SCREEN, 19 CREATE SNMP COMMUNITY, 51 CREATE SWITCH MIRROR, 84 CREATE SWITCH TRUNK, 79 CREATE VLAN, 115 DELETE RADIUSSERVER, 152 DELETE SNMP COMMUNITY TRAPHOST, 55 DELETE SWITCH FDB, 133 DELETE SWITCH MIRROR, 86 DELETE SWITCH TRUNK, 81 DELETE TACA
Index SHOW IP ROUTE, 30 SHOW IP, 27 SHOW PORTACCESS STATUS, 156 SHOW REMOTELIST, 44 SHOW RSTP, 100 SHOW SNMP, 49 SHOW STP, 90 SHOW SWITCH COUNTER, 161 SHOW SWITCH FDB, 130 SHOW SWITCH PORT COUNTER, 162 SHOW SWITCH PORT, 66 SHOW SWITCH THRESHOLD, 76 SHOW SWITCH TRUNK, 78 SHOW SWITCH, 37 SHOW SYSTEM, 34 SHOW TFTPSERVER, 174 SHOW VLAN, 114 UPLOAD, 170 contact information, 10 D document conventions, 8 documentation 8 documentation, 9 E enhanced stacking commands ACCESS SWITCH, 45 EXIT, 47 SET SWITCH STACKMODE,
AT-S39 Command Line Interface User’s Guide R RSTP commands ACTIVATE RSTP, 101 DISABLE RSTP, 102 ENABLE RSTP, 103 RESET RSTP, 104 SET RSTP PORT, 108 SET RSTP, 105 SHOW RSTP, 100 V VLAN commands ADD VLAN, 119 CREATE VLAN, 115 SET SWITCH SWITCHMODE, 112 SET SWITCH VLANMODE, 113 SHOW VLAN, 114 S security port access control, 153, 191 SNMP community string commands ADD SNMP COMMUNITY TRAPHOST, 54 CREATE SNMP COMMUNITY, 51 DELETE SNMP COMMUNITY TRAPHOST, 55 DESTROY SNMP COMMUNITY, 50 RESET SNMP, 53 SET SNMP CO
