High-Density Layer 3 Stackable Gigabit Ethernet Switch AT-9724TS Command Line Interface Reference Manual PN D617/10032CLI Rev B Copyright. 2003 Allied Telesyn, Inc. 960 Stewart Drive Suite B, Sunnyvale, CA 94085 USA All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn, Inc. All product names, company names, logos or other designations mentioned herein are trademarks or registered trademarks of their respective owners.Allied Telesyn, Inc.
Electrical Safety and Emission Statement Standards:This product meets the following standards. CE Marking Warning: This is a Class A product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures. Important: Appendix B contains translated safety statements for installing this equipment.When you see the go to Appendix A for the translated safety statement in your language.
Table of Contents Electrical Safety and Emission Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Preface Purpose of This Guide This guide is intended for network administrators who are responsible for installing and maintaining the AT-9724TS Gigabit Switch.
Document Conventions This guide uses several conventions that you should become familiar with before you begin to install the product: Note A note provides additional information. c Warning A warning indicates that performing or omitting a specific action may result in bodily injury. m Caution A caution indicates that performing or omitting a specific action may result in equipment damage or loss of data. [] In a command line, square brackets indicate an optional entry.
Where to Find Related Guides The Allied Telesyn web site at www.alliedtelesyn.com under the support section contains the most recent documentation for all of our products.All webbased documents relating to this product and other Allied Telesyn products can be downloaded from the web site. Contacting Allied Telesyn Technical Support You can contact Allied Telesyn technical support through the company’s web site www.alliedtelesyn.com under the support section or by telephone or fax.
Returning Products Products for return or repair must first be assigned a Return Materials Authorization (RMA) number. RMA policy varies from country to country. Please check the applicable RMA policy at www.alliedtelesyn.com. For Europe, you can also contact our European Customer Service centre by e-mail at rma_europe@alliedtelesyn.com. FTP Server If you need management software for an Allied Telesyn managed device, you can download the software by connecting directly to our FTP server at ftp.
Tell Us What You Think If you have any comments or suggestions on how we might improve this or other Allied Telesyn documents, please contact us at www.alliedtelesyn.com.
Chapter 1 - Introduction The Switch can be managed through the Switch’s serial port,Telnet, or the Web-based management agent.The Command Line Interface (CLI) can be used to configure and manage the Switch via the serial port or Telnet interfaces. This manual provides a reference for all of the commands contained in the CLI. Configuration and management of the Switch via the Web-based management agent is discussed in the User’s Guide.
Figure 1-2. Boot Screen The Switch’s MAC address can also be found in the Web management program on the Switch Information (Basic Settings) window on the Configuration menu. The IP address for the Switch must be set before it can be managed with the Web-based manager.The Switch IP address can be automatically set using BOOTP or DHCP protocols, in which case the actual address assigned to the Switch must be known.
Chapter 2 - Using The Console CLI The AT-9724TS supports a console management interface that allows the user to connect to the Switch’s management agent via a serial port and a terminal or a computer running a terminal emulation program.The console can also be used over the network using the TCP/IP Telnet protocol.The console program can be used to configure the Switch to use an SNMP-based network management software over the network.
Commands are entered at the command prompt,AT-9724TS:4#. There are a number of helpful features included in the CLI. Entering the ? command will display a list of all of the top-level commands. Figure 2-2. The ? Command When you enter a command without its required parameters, the CLI will prompt you with a Next possible completions: message. AT-9724TS AT-9724TS Figure 2-3. Example Command Parameter Help In this case, the command config account was entered with the parameter .
AT-9724TS AT-9724TS AT-9724TS Figure 2-4. Using the Up Arrow to Re-enter a Command In the above example, the command config account was entered without the required parameter , the CLI returned the Next possible completions: prompt.The up arrow cursor control key was pressed to re-enter the previous command (config account) at the command prompt. Now the appropriate User name can be entered and the config account command re-executed. All commands in the CLI function in this way.
AT-9724TS AT-9724TS Figure 2-6. Next possible completions: Show Command In the above example, all of the possible next parameters for the show command are displayed.At the next command prompt, the up arrow was used to re-enter the show command, followed by the account parameter.The CLI then displays the user accounts configured on the Switch.
Chapter 3 - Command Syntax The following symbols are used to describe how command entries are made and values and arguments are specified in this manual.The online help contained in the CLI and available through the console interface uses the same syntax. Note: All commands are case-sensitive. Be sure to disable Caps Lock or any other unwanted function that changes text case. Purpose Encloses a variable or value that must be specified.
Multiple Page Display Control Keys Space Displays the next page. CTRL+c Stops the display of remaining pages when multiple pages are to be displayed. ESC Stops the display of remaining pages when multiple pages are to be displayed. n Displays the next page. p Displays the previous page. q Stops the display of remaining pages when multiple pages are to be displayed. r Refreshes the pages currently displayed. a Displays the remaining pages without pausing between pages.
Chapter 4 - Basic Switch Commands The basic switch commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
config account Purpose Used to configure user accounts Syntax config account Description The config account command configures a user account that has been created using the create account command. Parameters Restrictions Only Administrator-level users can issue this command. Usernames can be between 1 and 15 characters. Passwords can be between 0 15 characters.
delete account Purpose Used to delete an existing user account Syntax delete account Description The delete account command deletes a user account that has been created using the create account command. Parameters Restrictions Only Administrator-level users can issue this command. Example usage: To delete the user account “System”: AT-9724TS:4# delete account System Command:delete account System Success.
show session Purpose Used to display a list of currently logged-in users. Syntax show session Description This command displays a list of all the users that are logged-in at the time the command is issued. Parameters None. Restrictions None.
Clipaging MAC Notification Port Mirror SNTP Bootp Relay DNSR Status VRRP HOL Prevention State Syslog Global State Single IP Management Dual Image : : : : : : : : : : : Enabled Disabled Disabled Disabled Disabled Disabled Disabled Enabled Disabled Disabled Supported AT-9724TS:4# show switch_mode Purpose Used to display the current switch mode. Syntax show switch_mode Description This command displays the current mode of operation of the switch. Parameters None. Restrictions None.
show serial_port Purpose Used to display the current serial port settings. Syntax show serial_port Description This command displays the current serial port settings. Parameters None. Restrictions None. Example usage: To display the serial port setting: AT-9724TS:4# show serial_port Command:show serial_port Baud Rate : 115200 Data Bits : 8 Parity Bits : None Stop Bits : 1 Auto-Logout : 10 mins AT-9724TS:4# config serial_port Purpose Used to configure the serial port.
enable clipaging Purpose Used to pause the scrolling of the console screen when the show command displays more than one page. Syntax enable clipaging Description This command is used when issuing the show command which causes the console screen to rapidly scroll through several pages.This command will cause the console to pause at the end of each page.The default setting is enabled. Parameters None. Restrictions Only administrator-level users can issue this command.
enable telnet Purpose Used to enable communication with and management of the Switch using the Telnet protocol. Syntax enable telnet Description This command is used to enable the Telnet protocol on the Switch.The user can specify the TCP or UDP port number the Switch will use to listen for Telnet requests. Parameters – The TCP port number.TCP ports are numbered between 1 and 65535.The “well-known” TCP port for the Telnet protocol is 23.
enable web Purpose Used to enable the HTTP-based management software on the Switch. Syntax enable web – The TCP port number.TCP ports are numbered between 1 and 65535.The “well-known” port for the Web-based management software is 80.
save Purpose Used to save changes in the Switch’s configuration to non-volatile RAM. Syntax save [log | all] Description This command is used to enter the current switch configuration into non-volatile RAM.The saved switch configuration will be loaded into the Switch’s memory each time the Switch is restarted. Parameters Entering just the save command will save only the Switch configuration to NV-RAM. log – Entering the log parameter will save only the log file to NV-RAM.
reset Purpose Used to reset the Switch to the factory default settings. Syntax reset {[config | system]} Description This command is used to restore the Switch’s configuration to the default settings assigned from the factory. Parameters config – If the keyword ‘config’ is specified, all of the factory default settings are restored on the Switch including the IP address, user accounts, and the Switch history log.The Switch will not save or reboot.
logout Purpose Used to log out a user from the Switch’s console. Syntax logout Description This command terminates the current user’s session on the Switch’s console. Parameters None. Restrictions None.
Chapter 5 - Switch Port Commands The switch port commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
show ports Purpose Used to display the current configuration of a range of ports. Syntax show ports {description} Description This command is used to display the current configuration of a range of ports Parameters portlist> – Specifies a range of ports to be displayed.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
Chapter 6 - Port Security Commands The port security commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
show port_security Purpose Used to display the current port security configuration. Syntax show port_security {ports } Description This command is used to display port security information of the Switch ports.The information displayed includes port security admin state, maximum number of learning address and lock mode. Parameters ports – Specifies a port or range of ports to be viewed.
delete port_security_entry_vlan_name Purpose Used to delete an entry from the Switch’s port security settings. Syntax delete port_security_entry_vlan_name port mac_address Description This command is used to remove an entry from the port security entries learned by the Switch and entered into the forwarding database. Parameters - Enter the corresponding VLAN of the entry the user wishes to delete.
Chapter 7 - Network Management (SNMP) Commands The network management commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. The AT-9724TS supports the Simple Network Management Protocol (SNMP) versions 1, 2c, and 3.You can specify which version of the SNMP you want to use to monitor and control the Switch.The three versions of SNMP vary in the level of security provided between the management station and the network device.
Each command is listed, in detail, in the following sections. create snmp user Purpose Used to create a new SNMP user and adds the user to an SNMP group that is also created by this command.
Example usage: To create an SNMP user on the Switch: AT-9724TS:4# create snmp user Allied Telesyn default encrypted by_password auth md5 auth_password priv none Command: create snmp user Allied Telesyn default encrypted by_password auth md5 auth_password priv none Success. AT-9724TS:4# delete snmp user Purpose Used to remove an SNMP user from an SNMP group and also to delete the associated SNMP group.
create snmp view Purpose Used to assign views to community strings to limit which MIB objects and SNMP manager can access. . Syntax create snmp view view_type [included | excluded] Description The create snmp view command assigns views to community strings to limit which MIB objects an SNMP manager can access. Parameters – An alphanumeric string of up to 32 characters that identifies the SNMP view that will be created.
show snmp view Purpose Used to display an SNMP view previously created on the Switch. Syntax show snmp view {} Description The show snmp view command displays an SNMP view previously created on the Switch. Parameters – An alphanumeric string of up to 32 characters that identifies the SNMP view that will be displayed. Restrictions None.
create snmp community Purpose Used to create an SNMP community string to define the relationship between the SNMP manager and an agent.The community string acts like a password to permit access to the agent on the Switch. One or more of the following characteristics can be associated with the community string: An Access List of IP addresses of SNMP managers that are permitted to use the community string to gain access to the Switch’s SNMP agent.
show snmp community Purpose Used to display SNMP community strings configured on the Switch. Syntax show snmp community {} Description The show snmp community command is used to display SNMP community strings that are configured on the Switch. Parameters – An alphanumeric string of up to 32 characters that is used to identify members of an SNMP community.
show snmp engineID Purpose Used to display the identification of the SNMP engine on the Switch. Syntax show snmp engineID Description The show snmp engineID command displays the identification of the SNMP engine on the Switch. Parameters None. Restrictions None.
Example usage: To create an SNMP group named “sg1”: AT-9724TS:4# create snmp group sg1 v3 noauth_nopriv read_view v1 write_view v1 notify_view v1 Command: create snmp group sg1 v3 noauth_nopriv read_view v1 write_view v1 notify_view v1 Success. AT-9724TS:4# delete snmp group Purpose Used to remove an SNMP group from the Switch. Syntax delete snmp group Description The delete snmp group command is used to remove an SNMP group from the Switch.
Notify View Name Security Model Security Level : NotifyView : SNMPv3 : authNoPriv Group Name ReadView Name WriteView Name Notify View Name Security Model Security Level : : : : : : Group5 ReadView WriteView NotifyView SNMPv3 authNoPriv Group Name ReadView Name WriteView Name Notify View Name Security Model Security Level : : : : : : Group6 ReadView WriteView NotifyView SNMPv3 authPriv Group Name ReadView Name WriteView Name Notify View Name Security Model Security Level : : : : : : Group7 ReadView
create snmp host Purpose Used to create a recipient of SNMP traps generated by the Switch’s SNMP agent. Syntax create snmp host [v1 | v2c | v3 [noauth_nopriv | auth_nopriv | auth_priv] ] Description The create snmp host command creates a recipient of SNMP traps generated by the Switch’s SNMP agent. Parameters – The IP address of the remote management station that will serve as the SNMP host for the Switch. v1 – Specifies that SNMP version 1 will be used.
show snmp host Purpose Used to display the recipient of SNMP traps generated by the Switch’s SNMP agent. Syntax show snmp host {} Description The show snmp host command is used to display the IP addresses and configuration information of remote SNMP managers that are designated as recipients of SNMP traps that are generated by the Switch’s SNMP agent Parameters – The IP address of a remote SNMP manager that will receive SNMP traps generated by the Switch’s SNMP agent.
show trusted_host Purpose Used to display a list of trusted hosts entered on the Switch using the create trusted_host command above. Syntax show trusted_host Description This command is used to display a list of trusted hosts entered on the Switch using the create trusted_host command above. Parameters None. Restrictions None. Example usage: To display the list of trusted hosts: AT-9724TS:4# show trusted_host Command: show trusted_host Management Stations IP Address ---------10.53.13.
enable snmp traps Purpose Used to enable SNMP trap support. Syntax enable snmp traps Description The enable snmp traps command is used to enable SNMP trap support on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To enable SNMP trap support on the Switch: AT-9724TS:4# enable snmp traps Command: enable snmp traps Success. AT-9724TS:4# enable snmp authenticate_traps Purpose Used to enable SNMP authentication trap support.
disable snmp traps Purpose Used to disable SNMP trap support on the Switch. Syntax disable snmp traps Description This command is used to disable SNMP trap support on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To prevent SNMP traps from being sent from the Switch: AT-9724TS:4# disable snmp traps Command: disable snmp traps Success.
config snmp system_location Purpose Used to enter a description of the location of the Switch. Syntax config snmp system_location {} Description The config snmp system_location command is used to enter a description of the location of the Switch. A maximum of 255 characters can be used. Parameters – A maximum of 255 characters is allowed.A NULL string is accepted if there is no location desired. Restrictions Only administrator-level users can issue this command.
enable rmon Purpose Used to enable RMON on the Switch. Syntax enable rmon Description This command is used, in conjunction with the disable rmon command below, to enable and disable remote monitoring (RMON) on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To enable RMON: AT-9724TS:4# enable rmon Command: enable rmon Success. AT-9724TS:4# disable rmon Purpose Used to disable RMON on the Switch.
Chapter 8 - Switch Utility Commands The switch utility commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters download [firmware_fromTFTP image_id {unit [all | ]} | cfg_fromTFTP {increment}] upload [cfg_toTFTP | log_toTFTP ] show firmware_information To view the HOL prevention status.
upload Purpose Used to upload the current switch settings or the switch history log to a TFTP server or a CompactFlash memory card. Syntax upload [cfg_toTFTP | log_toTFTP ] Description This command is used to upload either the Switch’s current settings, the Switch’s history log or firmware to a TFTP. Parameters cfg_toTFTP – Specifies that the Switch’s current settings will be uploaded to the TFTP server.
config firmware Purpose To configure firmware currently in the Switch’s NV-RAM. Syntax config firmware image_id {delete | boot_up] Description This command allows the user to configure the dual image firmware on the Switch.This Switch allows the user to hold two firmware versions in its memory, labeled as image_id 1 and 2. Using this command, the user may delete a firmware or set it as the boot up firmware for the Switch.
ping Purpose Used to test the connectivity between network devices. Syntax ping {times } {timeout } Description The ping command sends Internet Control Message Protocol (ICMP) echo messages to a remote IP address. The remote IP address will then “echo” or return the message.This is used to confirm connectivity between the Switch and the remote device. Parameters – Specifies the IP address of the host.
traceroute Purpose Used to trace the routed path between the Switch and a destination endstation. Syntax traceroute {ttl | port | timeout | probe Description The traceroute command allows you to trace a route between the Switch and a give host on the network. Parameters – Specifies the IP address of the host. ttl – The time to live value of the trace route request.
Chapter 9 - Network Monitoring Commands The network monitoring commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
show packet ports Purpose Used to display statistics about the packets sent and received by the Switch. Syntax show packet ports Description This command is used to display statistics about packets sent and received by ports specified in the port list. Parameters – Specifies a range of ports to be displayed.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
show error ports Purpose Used to display the error statistics for a range of ports. Syntax show error ports Description This command will display all of the packet error statistics collected and logged by the Switch for a given port list. Parameters – Specifies a range of ports to be displayed.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
show utilization Purpose Used to display real-time port and cpu utilization statistics. Syntax show utilization [ports | cpu] Description This command will display the real-time port and cpu utilization statistics for the Switch. Parameters cpu – Entering this parameter will display the current cpu utilization of the Switch, as a percentage. ports – Entering this parameter will display the current utilization of all ports on the Switch. Restrictions None.
To display the current cpu utilization: AT-9724TS:4# show utilization cpu Command: show utilization cpu CPU utilization : ------------------------------------------------------Five seconds - 15% One minute - 25% Five minutes - 14% CTRL+C ESC q Quit SPACE n Next Page p Previous Page r Refresh AT-9724TS:4# clear counters Purpose Used to clear the Switch’s statistics counters.
show log Purpose Used to display the Switch’s history log. Syntax show log {index } Description This command will display the contents of the Switch’s history log. Parameters index – Enter a value that corresponds to an entry made in the log. Multiple entries may be made in the form of x-x where x is the number of an entry in the log.The smallest number (and therefore the earlier entry) will be first. Restrictions None.
disable syslog Purpose Used to disable the system log function on the Switch. Syntax disable syslog Description The disable syslog command disables the system log function on the Switch.After disabling, Syslog entries will no longer be sent to a remote host. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To disable the syslog function on the Switch: AT-9724TS:4# disable syslog Command: disable syslog Success.
4 Warning: warning conditions 5 Notice: normal but significant condition 6 Informational: informational messages 7 Debug: debug-level messages informational – Specifies that informational messages will be sent to the remote host.This corresponds to number 6 from the list above. warning – Specifies that warning messages will be sent to the remote host.This corresponds to number 4 from the list above.
remote host. ipaddress – Specifies the IP address of the remote host where syslog messages will be sent. state [enable | disable] – Allows the sending of syslog messages to the remote host, specified above, to be enabled and disabled. Restrictions Only administrator-level users can issue this command. Example usage: To create syslog host: AT-9724TS:4# create syslog host 1 severity all facility local0 ipaddress 10.53.13.
6 line printer subsystem 7 network news subsystem 8 UUCP subsystem 9 clock daemon 10 security/authorization messages 11 FTP daemon 12 NTP subsystem 13 log audit 14 log alert 15 clock daemon 16 local use 0 (local0) 17 local use 1 (local1) 18 local use 2 (local2) 19 local use 3 (local3) 20 local use 4 (local4) 21 local use 5 (local5) 22 local use 6 (local6) 23 local use 7 (local7) local0 – Specifies that local use 0 messages will be sent to the remote host.
config syslog host all Purpose Used to configure the syslog protocol to send system log data to a remote host. Syntax show config syslog host all [severity [informational | warning | all] | facility [local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7] | udp_port | state [enable | disable]] Description The config syslog host all command is used to configure the syslog protocol to send system log information to a remote host.
local0 – Specifies that local use 0 messages will be sent to the remote host.This corresponds to number 16 from the list above. local1 – Specifies that local use 1 messages will be sent to the remote host.This corresponds to number 17 from the list above. local2 – Specifies that local use 2 messages will be sent to the remote host.This corresponds to number 18 from the list above. local3 – Specifies that local use 3 messages will be sent to the remote host.This corresponds to number 19 from the list above.
show syslog host Purpose Used to display the syslog hosts currently configured on the Switch. Syntax show syslog host {} Description The show syslog host command is used to display the syslog hosts that are currently configured on the Switch. Parameters – Specifies that the command will be applied to an index of hosts.There are four available indexes, numbered 1 through 4. Restrictions None.
Chapter 10 - Multiple Spanning Tree Protocol (MSTP) Commands This switch supports three versions of the Spanning Tree Protocol; 802.1d STP, 802.1w Rapid STP and 802.1s MSTP. Multiple Spanning Tree Protocol, or MSTP, is a standard defined by the IEEE community that allows multiple VLANs to be mapped to a single spanning tree instance, which will provide multiple pathways across the network.
enable stp Purpose Used to globally enable STP on the Switch. Syntax enable stp Description This command allows the Spanning Tree Protocol to be globally enabled on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To enable STP, globally, on the Switch: AT-9724TS:4# enable stp Command: enable stp Success. AT-9724TS:4# disable stp Purpose Used to globally disable STP on the Switch.
config stp version Purpose Used to globally set the version of STP on the Switch. Syntax config stp version [mstp | rstp | stp] Description This command allows the user to choose the version of the spanning tree to be implemented on the Switch. Parameters mstp – Selecting this parameter will set the Multiple Spanning Tree Protocol (MSTP) globally on the Switch. rstp - Selecting this parameter will set the Rapid Spanning Tree Protocol (RSTP) globally on the Switch.
config stp ports Purpose Used to setup STP on the port level. Syntax config stp ports {externalCost [auto | ] | hellotime | migrate [yes | no] edge [true | false] | p2p [true | false | auto ] | state [enable | disable] Description This command is used to create and configure STP for a group of ports. Parameters – Specifies a range of ports to be configured.
create stp instance_id Purpose Used to create a STP instance ID for MSTP. Syntax create stp instance_id Description This command allows the user to create a STP instance ID for the Multiple Spanning Tree Protocol.There are 16 STP instances on the Switch (one internal CIST, unchangeable) and the user may create up to 15 instance IDs for the Switch. Parameters – Enter a value between 1 and 15 to identify the Spanning Tree instance on the Switch.
delete stp instance_id Purpose Used to delete a STP instance ID from the Switch. Syntax delete stp instance_id Description This command allows the user to delete a previously configured STP instance ID from the Switch. Parameters – Enter a value between 1 and 15 to identify the Spanning Tree instance on the Switch. Restrictions Only administrator-level users can issue this command.
config stp mst_ports Purpose Used to update the port configuration for a MSTP instance. Syntax config stp mst_ports instance_id {internalCost [auto | ] `priority } Description This command will update the port configuration for a STP instance_id. If a loop occurs, the MSTP function will use the port priority to select an interface to put into the forwarding state. Set a higher priority value for interfaces to be selected for forwarding first.
show stp Purpose Used to display the Switch’s current STP configuration. Syntax show stp Description This command displays the Switch’s current STP configuration. Parameters None. Restrictions None.
Status 3: STP enabled for MSTP: AT-9724TS:4# show stp Command: show stp STP Status : Enabled STP Version : MSTP Max Age : 20 Forward Delay : 15 Max Age : 20 TX Hold Count : 3 Forwarding BPDU : Enabled AT-9724TS:4# show stp ports Purpose Used to display the Switch’s current instance_id configuration. Syntax show stp ports Description This command displays the STP Instance Settings and STP Instance Operational Status currently implemented on the Switch.
show stp instance_id Purpose Used to display the Switch’s STP instance configuration. Syntax show stp instance_id Description This command displays the Switch’s current STP Instance Settings and the STP Instance Operational Status. Parameters – Enter a value defining the previously configured instance_id on the Switch.An entry of 0 will display the STP configuration for the CIST internally set on the Switch. Restrictions None.
show stp mst_config_id Purpose Used to display the MSTP configuration identification. Syntax show stp mst_config_id Description This command displays the Switch’s current MSTP configuration identification. Parameters None. Restrictions None.
Chapter 11 - Forwarding Database Commands The forwarding database commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
create multicast_fdb Purpose Used to create a static entry to the multicast MAC address forwarding table (database). Syntax create multicast_fdb Description This command will make an entry into the Switch’s multicast MAC address forwarding database. Parameters – The name of the VLAN on which the MAC address resides. – The MAC address that will be added to the forwarding table. Restrictions Only administrator-level users can issue this command.
config fdb aging_time Purpose Used to set the aging time of the forwarding database. Syntax config fdb aging_time Description The aging time affects the learning process of the Switch. Dynamic forwarding table entries, which are made up of the source MAC addresses and their associated port numbers, are deleted from the table if they are not accessed within the aging time.The aging time can be from 10 to 1000000 seconds with a default value of 300 seconds.
clear fdb Purpose Used to clear the Switch’s forwarding database of all dynamically learned MAC addresses. Syntax clear fdb [vlan | port | all] Description This command is used to clear dynamically learned entries to the Switch’s forwarding database. Parameters vlan – The name of the VLAN on which the MAC address resides. port – The port number corresponding to the MAC destination address.
show fdb Purpose Used to display the current unicast MAC address forwarding database. Syntax show fdb {port | vlan | mac_address | static | aging_time} Description This command will display the current contents of the Switch’s forwarding database. Parameters port – The port number corresponding to the MAC destination address.The Switch will always forward traffic to the specified device through this port.
show ipfdb Purpose Used to display the current IP address forwarding database table. Syntax show ipfdb Description This command will display the current contents of the Switch’s IP forwarding database. Parameters – The user may enter an IP address to view the table by. Restrictions None. Example usage: To view the IP forwarding database table: AT-9724TS:4#show ipfdb Command: show ipfdb Interface --------- IP Address ---------- Port ---- Learned ------- System 10.0.0.
config fdb destination_hit ports Purpose To set specified ports as destination hit ports for the forwarding database table. Syntax config fdb destination_hit ports [ | all] [enable | disable] Description This command will allow the user to define certain ports on the Switch as destination hit ports.These destination hit ports will keep FDB entries learned in the forwarding database table from aging out.
show fdb destination_hit ports Purpose To view the destination hit port status of ports on the Switch. Syntax show fdb destination_hit ports {} Description This command will allow users to view the destination hit port status of ports listed in the portlist. Parameters portlist> - Specify a port or ports to be displayed.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
config fdb destination_hit ports Purpose To set specified ports as destination hit ports for the forwarding database table. Syntax config fdb destination_hit ports [ | all] [enable | disable] Description This command will allow the user to define certain ports on the Switch as destination hit ports.These destination hit ports will keep FDB entries learned in the forwarding database table from aging out.
Chapter 12 - Broadcast Storm Control Commands The broadcast storm control commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
show traffic control Purpose Used to display current traffic control settings. Syntax show traffic control {group_list } Description This command displays the current storm traffic control configuration on the Switch. Parameters group_list – Used to specify a broadcast storm control group.This is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
Chapter 13 - QoS Commands The AT-9724TS switch supports 802.1p priority queuing.The Switch has eight classes of service for each port on the Switch, one of which is internal and unconfigurable to the user.These hardware classes of service are numbered from 6 (Class 6) – the highest hardware class of service – to 0 (Class 0) – the lowest hardware class of service.The eight priority tags specified in IEEE 802.
Each command is listed, in detail, in the following sections. config bandwidth_control Purpose Used to configure bandwidth control on a by-port basis. Syntax config bandwidth_control [ | all] {rx_rate [no_limit | ] | tx_rate [no_limit | ]} Description The config bandwidth_control command is used to configure bandwidth on a by-port basis. Parameters – Specifies a range of ports to be configured.
show bandwidth_control Purpose Used to display the bandwidth control configuration on the Switch. Syntax show bandwidth_control {} Description The show bandwidth_control command displays the current bandwidth control configuration on the Switch, on a port-by-port basis. Parameters – Specifies a range of ports to be configured.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
Entering a 0 into the field of the max_packet parameter allows for the creation of a Combination Queue for the forwarding of packets.This Combination Queue allows for a combination of strict and weight-fair (weighted round-robin “WRR”) scheduling. Priority classes that have a 0 in the max_packet field will forward packets with strict priority scheduling.
show scheduling Purpose Used to display the currently configured traffic scheduling on the Switch. Syntax show scheduling Description The show scheduling command displays the current configuration for the maximum number of packets (max_packets) assigned to the seven hardware priority classes on the Switch.At this value, it will empty the seven hardware priority classes in order, from the highest priority (queue 6) to the lowest priority (queue 0). Parameters None. Restrictions None.
config 802.1p user_priority Purpose Used to map the 802.1p user priority tags of an incoming packet to one of the seven hardware priority classes of service available on the Switch. Syntax config 802.1p user_priority Description The config 802.1p user_priority command is used to configure the way the Switch will map an incoming packet, based on its 802.1p user priority tag, to one of the seven hardware classes of service queues available on the Switch.
show 802.1p user_priority Purpose Used to display the current 802.1p user priority tags to hardware priority class of service mapping in use by the Switch. Syntax show 802.1p user_priority Description The show 802.1p user_priority command will display the current 802.1p user priority tags to hardware priority classes of service mapping in use by the Switch. Parameters None. Restrictions None. Example usage: To show 802.1p user priority: AT-9724TS:4# show 802.1p user_priority Command: show 802.
show 802.1p default_priority Purpose Used to display the currently configured 802.1p priority tags that will be assigned to incoming, untagged packets before being forwarded to its destination. Syntax show 802.1p default_priority {} Description The show 802.1p default_priority command displays the currently configured 802.1p priority tag that will be assigned to an incoming, untagged packet before being forwarded to its destination.
config scheduling_mechanism Purpose Used to configure the scheduling mechanism for the QoS function Syntax config scheduling mechanism [strict | weight_fair] Description The config scheduling_mechanism command allows the user to select between a Weight Fair (WRR) and a Strict mechanism for emptying the priority classes of service of the QoS function.The Switch contains 7 hardware priority classes of service. Incoming packets must be mapped to one of these seven hardware priority classes of service.
enable hol_prevention Purpose Used to enable HOL prevention. Syntax enable hol_prevention Description The enable hol_prevention command enables Head of Line prevention. Parameters None. Restrictions You must have administrator privileges. Example usage: To enable HOL prevention: AT-9724TS:4# enable hol_prevention Command: enable hol_prevention Success. AT-9724TS:4# disable hol_prevention Purpose Used to disable HOL prevention.
Chapter 14 - Port Mirroring commands The port mirroring commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Commands Parameters config mirror port [add] | delete] source ports [rx | tx | both] enable mirror disable mirror show mirror Each command is listed, in detail, in the following sections. config mirror port Purpose Used to configure a mirror port – source port pair on the Switch.
config mirror delete Purpose Used to delete a port mirroring configuration. Syntax config mirror port delete source port [rx | tx | both] Description This command is used to delete a previously entered port mirroring configuration. Parameters port – This specifies the Target port (the port where mirrored packets will be sent).The port is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
disable mirror Purpose Used to disable a previously entered port mirroring configuration. Syntax disable mirror Description This command, combined with the enable mirror command above, allows you to enter a port mirroring configuration into the Switch, and then turn the port mirroring on and off without having to modify the port mirroring configuration Parameters None. Restrictions Only administrator-level users can issue this command.
Chapter 15 - VLAN Commands The AT-9724TS incorporates the idea of protocol-based VLANs.This standard, defined by the IEEE 802.1v standard maps packets to protocol-defined VLANs by examining the type octet within the packet header to discover the type of protocol associated with it.After assessing the protocol, the Switch will forward the packets to all ports within the protocol-assigned VLAN.This feature will benefit the administrator by better balancing load sharing and enhancing traffic classification.
protocol-ipx802dot2 – Using this parameter will instruct the Switch to forward packets to this VLAN if the tag in the packet header is concurrent with this protocol.This packet header information is defined by Novell NetWare 802.2 (IPX - Internet Packet Exchange). protocol-ipxSnap – Using this parameter will instruct the Switch to forward packets to this VLAN if the tag in the packet header is concurrent with this protocol.
Example usage: To create a VLAN v1, tag 2: AT-9724TS:4# create vlan v1 tag 2 Command: create vlan v1 tag 2 Success. AT-9724TS:4# delete vlan Purpose Used to delete a previously configured VLAN on the Switch. Syntax delete vlan Description This command will delete a previously configured VLAN on the Switch. Parameters – The VLAN name of the VLAN you want to delete. Restrictions Only administrator-level users can issue this command.
config vlan add Purpose Used to add additional ports to a previously configured VLAN. Syntax config vlan { [ add [ tagged | untagged | forbidden ] | advertisement [ enable | disable]} Description This command allows you to add ports to the port list of a previously configured VLAN.You can specify the additional ports as tagging, untagging, or forbidden.The default is to assign the ports as untagging.
config gvrp Purpose Used to configure GVRP on the Switch. Syntax config gvrp [ | all] {state [enable | disable] | ingress_checking [enable | disable] | acceptable_frame [tagged_only | admit_all] | pvid } Description This command is used to configure the Group VLAN Registration Protocol on the Switch.You can configure ingress checking, the sending and receiving of GVRP information, and the Port VLAN ID (PVID). Parameters – A range of ports to configure GVRP for.
disable gvrp Purpose Used to disable GVRP on the Switch. Syntax disable gvrp Description This command, along with enable gvrp above, is used to enable and disable GVRP globally on the Switch, without changing the GVRP configuration on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To disable the generic VLAN Registration Protocol (GVRP): AT-9724TS:4# disable gvrp Command: disable gvrp Success.
show vlan Purpose Used to display the current VLAN configuration on the Switch. Syntax show vlan {} Description This command displays summary information about each VLAN including the VLAN ID,VLAN name, the Tagging/Untagging status, and the Member/Non-member/Forbidden status of each port that is a member of the VLAN. Parameters – The VLAN name of the VLAN for which you want to display a summary of settings. Restrictions None.
show gvrp Purpose Used to display the GVRP status for a port list on the Switch. Syntax show gvrp {} Description This command displays the GVRP status for a port list on the Switch. Parameters – Specifies a range of ports for which the GVRP status is to be displayed.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
Chapter 16 - Link Aggregation Commands The link aggregation commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
delete link_aggregation group_id Purpose Used to delete a previously configured link aggregation group. Syntax delete link_aggregation group_id Description This command is used to delete a previously configured link aggregation group. Parameters – Specifies the group ID.The Switch allows up to 32 link aggregation groups to be configured.The group number identifies each of the groups. Restrictions Only administrator-level users can issue this command.
config link_aggregation algorithm Purpose Used to configure the link aggregation algorithm. Syntax config link_aggregation algorithm [mac_source | mac_destination | mac_source_dest | ip_source | ip_destination | ip_source_dest] Description This command configures to part of the packet examined by the Switch when selecting the egress port for transmitting load-sharing data.This feature is only available using the address-based load-sharing algorithm.
config lacp_port Purpose Used to configure settings for LACP compliant ports. Syntax config lacp_port mode [active | passive] Description This command is used to configure ports that have been previously designated as LACP ports (see create link_aggregation). Parameters – Specifies a range of ports to be configured.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
show lacp_port Purpose Used to display current LACP port mode settings. Syntax show lacp_port {} Description This command will display the LACP mode settings as they are currently configured. Parameters – Specifies a range of ports that will be viewed.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
Chapter 17 - IP Commands (including IP Multinetting) IP Multinetting is a function that allows multiple IP interfaces to be assigned to the same VLAN.This is beneficial to the administrator when the number of IPs on the original interface is insufficient and the network administrator wishes not to resize the interface. IP Multinetting is capable of assigning another IP interface on the same VLAN without affecting the original stations or settings of the original interface.
create ipif Purpose Used to create an IP interface on the Switch. Syntax create ipif {secondary | {state [enable | disable]} Description This command will create an IP interface. Parameters – The name for the IP interface to be created.The user may enter an alphanumeric string of up to 12 characters to define the IP interface. – IP address and netmask of the IP interface to be created.
config ipif Purpose Used to configure the System IP interface. Syntax config ipif [ ipaddress | vlan | state [enable | disable] | bootp | dhcp}] Description This command is used to configure the System IP interface on the Switch. Parameters - Enter the previously created IP interface name desired to be configured. ipaddress – IP address and netmask of the IP interface to be configured.
disable ipif Purpose Used to disable the configuration of an IP interface on the Switch. Syntax disable ipif | all Description This command will disable an IP interface on the Switch, without altering its configuration values. Parameters – The name previously created to define the IP interface. all – Entering this parameter will enable all the IP interfaces currently configured on the Switch. Restrictions None.
show ipif Purpose Used to display the configuration of an IP interface on the Switch. Syntax show ipif Description This command will display the configuration of an IP interface on the Switch. Parameters – The name created for the IP interface to be viewed. Restrictions None. Example usage: To display the IP interface settings: AT-9724TS:4# show ipif System Command: show ipif System IP Interface Settings Interface Name : System Secondary : FALSE IP Address : 10.
Chapter 18 - IGMP Commands The IGMP commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
show igmp Purpose Used to display the IGMP configuration for the Switch of for a specified IP interface. Syntax show igmp {ipif } Description This command will display the IGMP configuration for the Switch if no IP interface name is specified. If an IP interface name is specified, the command will display the IGMP configuration for that IP interface. Parameters – The name of the IP interface for which the IGMP configuration will be displayed. Restrictions None.
Chapter 19 - IGMP Snooping Commands The IGMP snooping commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
config igmp_snooping querier Purpose Used command configures IGMP snooping querier.
enable igmp_snooping Purpose Used to enable IGMP snooping on the Switch. Syntax enable igmp_snooping {forward_mcrouter_only} Description This command allows you to enable IGMP snooping on the Switch. If forward_mcrouter_only is specified, the Switch will only forward all multicast traffic to the multicast router, only. Otherwise, the Switch forwards all multicast traffic to any IP router.
config router_ports Purpose Used to configure ports as router ports. Syntax config router_ports [add | delete] Description This command allows you to designate a range of ports as being connected to multicast-enabled routers.This will ensure that all packets with such a router as its destination will reach the multicast-enabled router – regardless of protocol, etc. Parameters [add | delete] – Specify if you wish to add or delete the following ports as router ports.
show router_ports Purpose Used to display the currently configured router ports on the Switch. Syntax show router_ports {vlan } {static | dynamic | forbidden} Description This command will display the router ports currently configured on the Switch. Parameters – The name of the VLAN on which the router port resides. static – Displays router ports that have been statically configured. dynamic – Displays router ports that have been dynamically configured.
show igmp_snooping Purpose Used to show the current status of IGMP snooping on the Switch. Syntax show igmp_snooping {vlan } Description This command will display the current IGMP snooping configuration on the Switch. Parameters – The name of the VLAN for which you want to view the IGMP snooping configuration. Restrictions None.
show igmp_snooping group Purpose Used to display the current IGMP snooping group configuration on the Switch. Syntax show igmp_snooping group {vlan } Description This command will display the current IGMP snooping group configuration on the Switch. Parameters vlan – The name of the VLAN for which you want to view IGMP snooping group configuration information. Restrictions None.
show igmp_snooping forwarding Purpose Used to display the IGMP snooping forwarding table entries on the Switch. Syntax show igmp_snooping forwarding {vlan } Description This command will display the current IGMP snooping forwarding table entries currently configured on the Switch. Parameters – The name of the VLAN for which you want to view IGMP snooping forwarding table information. Restrictions None.
Chapter 20 - MAC Notification Commands The MAC notification commands in the Command Line Interface (CLI) are listed, in the following table, along with their appropriate parameters. Command Parameters enable mac_notification disable mac_notification config mac_notification {interval | historysize } [ | all] [enable | disable] show mac_notification show mac_notification ports Each command is listed, in detail, in the following sections.
config mac_notification Purpose Used to configure MAC address notification. Syntax config mac_notification {interval | historysize Description MAC address notification is used to monitor MAC addresses learned and entered into the FDB. Parameters interval – The time in seconds between notifications.The user may choose an interval between 1 and 2,147,483,647 seconds.
show mac_notification Purpose Used to display the Switch’s MAC address table notification global settings. Syntax show mac_notification Description This command is used to display the Switch’s MAC address table notification global settings. Parameters None. Restrictions Only administrator-level users can issue this command.
Example usage: To display all port’s MAC address table notification status settings: AT-9724TS:4#show mac_notification ports Command: show mac_notification ports Port # -----1:1 MAC Address Table Notification State -----------------------------------Disabled 1:2 Disabled 1:4 Disabled 1:5 Disabled 1:6 Disabled 1:7 Disabled 1:8 Disabled 1:9 Disabled 1:10 Disabled 1:11 Disabled 1:12 Disabled 1:13 Disabled 1:14 Disabled 1:15 Disabled 1:16 Disabled 1:17 Disabled 1:18 Disabled 1
Chapter 21 - Access Authentication Control Commands The Access Authentication Control commands let you secure access to the Switch using the TACACS / XTACACS / TACACS+ and RADIUS protocols.When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password. If TACACS / XTACACS / TACACS+ / RADIUS authentication is enabled on the Switch, it will contact a TACACS / XTACACS / TACACS+ / RADIUS server to verify the user.
Command Parameters enable authen_policy disable authen_policy show authen_policy create authen_login method_list_name config authen_login [default | method_list_name ] method {tacacs | xtacacs | tacacs+ | radius | server_group | local | none} delete authen_login method_list_name show authen_login {default | method_list_name | all} create authen_enable method_list_name config authen_enable [default | method_list_name
enable authen_policy Purpose Used to enable system access authentication policy. Syntax enable authen_policy Description This command will enable an administrator-defined authentication policy for users trying to access the Switch. When enabled, the device will check the method list and choose a technique for user authentication upon login. Parameters None. Restrictions Only administrator-level users can issue this command.
show authen_policy Purpose Used to display the system access authentication policy status on the Switch. Syntax show authen_policy Description This command will disable the administrator-defined authentication policy for users trying to access the Switch. When disabled, the Switch will access the local user account database for username and password verification.
config authen_login Purpose Used to configure a user-defined or default method list of authentication methods for user login. Syntax config authen_login [default | method_list_name ] method {tacacs | xtacacs | tacacs+ | radius | server_group | local | none} Description This command will configure a user-defined or default method list of authentication methods for users logging on to the Switch.
Example usage: To configure the default method list with authentication methods XTACACS,TACACS+ and local, in that order: AT-9724TS:4# config authen_login default method xtacacs tacacs+ local Command: config authen_login default method xtacacs tacacs+ local Success. AT-9724TS:4# delete authen_login method_list_name Purpose Used to delete a previously configured user defined method list of authentication methods for users logging on to the Switch.
show authen_login Purpose Used to display a previously configured user defined method list of authentication methods for users logging on to the Switch. Syntax show authen_login [default | method_list_name | all] Description This command is used to show a list of authentication methods for user login.The window will display the following parameters: Method List Name – The name of a previously configured method list name.
create authen_enable method_list_name Purpose Used to create a user-defined method list of authentication methods for promoting normal user level privileges to Administrator level privileges on the Switch. Syntax create authen_enable method_list_name Description This command is used to promote users with normal level privileges to Administrator level privileges using authentication methods on the Switch.
config authen_enable Purpose Used to configure a user-defined method list of authentication methods for promoting normal user level privileges to Administrator level privileges on the Switch.
Example usage: To configure the default method list with authentication methods XTACACS,TACACS+ and local, in that order: AT-9724TS:4# config authen_enable default method xtacacs tacacs+ local Command: config authen_enable default method xtacacs tacacs+ local Success. AT-9724TS:4# delete authen_enable method_list_name Purpose Used to delete a user-defined method list of authentication methods for promoting normal user level privileges to Administrator level privileges on the Switch.
Example usage: To display all method lists for promoting user level privileges to administrator level privileges: AT-9724TS:4# show authen_enable all Command: show authen_enable all Method List Name ---------------- Priority -------- Method Name ----------- Comment ------- Permit 1 tacacs+ Built-in Group 2 tacacs Built-in Group 3 Darren User-defined Group 4 local Keyword 1 tacacs+ Built-in Group 2 local Keyword default Total Entries: 2 AT-9724TS:4# config authen application Purpo
show authen application Purpose Used to display authentication methods for the various applications on the Switch. Syntax show authen application Description This command will display all of the authentication method lists (login, enable administrator privileges) for switch configuration applications (console, telnet, SSH, web) currently configured on the Switch. Parameters None. Restrictions None.
Example usage: To create a TACACS+ authentication server host, with port number 1234, a timeout value of 10 seconds and a retransmit count of 5: AT-9724TS:4# create authen server_host 10.1.1.121 protocol tacacs+ port 1234 timeout 10 retransmit 5 Command: create authen server_host 10.1.1.121 protocol tacacs+ port 1234 timeout 10 retransmit 5 Success. AT-9724TS:4# config authen server_host Purpose Used to configure a user-defined authentication server host.
delete authen server_host Purpose Used to delete a user-defined authentication server host. Syntax delete authen server_host protocol [tacacs | xtacacs | tacacs+ | radius] Description This command is used to delete a user-defined authentication server host previously created on the Switch. Parameters server_host - The IP address of the remote server host the user wishes to delete. protocol – The protocol used by the server host the user wishes to delete.
create authen server_group Purpose Used to create a user-defined authentication server group. Syntax create authen server_group Description This command will create an authentication server group.A server group is a technique used to group TACACS/XTACACS/TACACS+ and RADIUS server hosts into user defined categories for authentication using method lists.The user may add up to eight (8) authentication server hosts to this group using the config authen server_group command.
Example usage: To add an authentication host to server group “group_1”: AT-9724TS:4# config authen server_group group_1 add server_host 10.1.1.121 protocol tacacs+ Command: config authen server_group group_1 add server_host 10.1.1.121 protocol tacacs+ Success. AT-9724TS:4# delete authen server_group Purpose Used to delete a user-defined authentication server group. Syntax delete authen server_group Description This command will delete an authentication server group.
show authen server_group Purpose Used to view authentication server groups on the Switch. Syntax show authen server_group Description This command will display authentication server groups currently configured on the Switch. This command will display the following fields: Group Name:– The name of the server group currently configured on the Switch, including built in groups and user defined groups. IP Address – The IP address of the server host.
Example usage: To configure the response timeout to never time out: AT-9724TS:4# config authen parameter response_timeout 0 Command: config authen parameter response_timeout 0 Success. AT-9724TS:4# config authen parameter attempt Purpose Used to configure the maximum number of times the Switch will accept authentication attempts. Syntax config authen parameter attempt Description This command will configure the maximum number of times the Switch will accept authentication attempts.
enable admin Purpose Used to promote user level privileges to administrator level privileges. Syntax enable admin Description This command is for users who have logged on to the Switch on the normal user level, to become promoted to the administrator level.After logging on to the Switch users, will have only user level privileges.To gain access to administrator level privileges, the user will enter this command and will have to enter an authentication password.
Chapter 22 - SSH Commands The steps required to use the SSH protocol for secure communication between a remote PC (the SSH Client) and the Switch (the SSH Server), are as follows: Create a user account with admin-level access using the create account admin command.This is identical to creating any other admin-lever User account on the Switch, including specifying a password.
disable shh Purpose Used to enable SSH. Syntax disable ssh Description This command allows you to disable SSH on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To disable SSH: AT-9724TS:4# disable ssh Command: disable ssh Success. AT-9724TS:4# config shh authmode Purpose Used to configure the SSH authentication mode setting.
show shh authmode Purpose Used to display the SSH authentication mode setting. Syntax show ssh authmode Description This command will allow you to display the current SSH authentication set on the Switch. Parameters None. Restrictions None.
show shh server Purpose Used to display the SSH server setting. Syntax show ssh server Description This command allows you to display the current SSH server setting. Parameters None. Restrictions None.
config shh user Purpose Used to configure the SSH user. Syntax config ssh user | authmode {hostbased [hostname | hostname_ip | password | publickey | none} Description This command allows you to configure the SSH user authentication method. Parameters – Enter a username of no more than 15 characters to identify the SSH user. authmode – Specifies the authentication mode of the SSH user wishing to log on to the Switch.
config ssh algorithm Purpose Used to configure the SSH algorithm. Syntax config ssh algorithm [3DES | AES128 | AES192 | AES256 | arcfour | blowfish | cast128 | twofish128 | twofish192 | twofish256 | MD5 | SHA1 | DSA | RSA] [enable | disable] Description This command allows you to configure the desired type of SSH algorithm used for authentication encryption. Parameters 3DES – This parameter will enable or disable the Triple_Data Encryption Standard encryption algorithm.
show shh algorithm Purpose Used to display the SSH algorithm setting. Syntax show ssh algorithm Description This command will display the current SSH algorithm setting status. Parameters None. Restrictions None.
Chapter 23 - SSL Commands Secure Sockets Layer or SSL is a security feature that will provide a secure communication path between a host and client through the use of authentication, digital signatures and encryption.These security functions are implemented through the use of a ciphersuite, which is a security string that determines the exact cryptographic parameters, specific encryption algorithms and key sizes to be used for an authentication session and consists of three levels: 1.
enable ssl Purpose To enable the SSL function on the Switch. Syntax enable ssl {ciphersuite {RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA | DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5}} Description This command will enable SSL on the Switch by implementing any one or combination of listed ciphersuites on the Switch. Entering this command without a parameter will enable the SSL status on the Switch. Enabling SSL will disable the web-manager on the Switch.
disable ssl Purpose To disable the SSL function on the Switch. Syntax disable ssl {ciphersuite {RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA | DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5}} Description This command will disable SSL on the Switch and can be used to disable any one or combination of listed ciphersuites on the Switch.
config ssl cachetimeout timeout Purpose Used to configure the SSL cache timeout. Syntax config ssl cachetimeout timeout Description This command will set the time between a new key exchange between a client and a host using the SSL function.A new SSL session is established every time the client and host go through a key exchange.
show ssl Purpose Used to view the SSL status and the certificate file status on the Switch. Syntax show ssl {certificate} Description This command is used to view the SSL status on the Switch.Adding the certificate parameter will allow the user to view the certificate file information currently set on the Switch. Parameters {certificate} – Adding this parameter will allow the user to view certificate file information currently implemented on the Switch. Restrictions None.
download certificate_fromTFTP Purpose Used to download a certificate file for the SSL function on the Switch. Syntax download certificate_fromTFTP certfilename keyfilename Description This command is used to download a certificate file for the SSL function on the Switch from a TFTP server.The certificate file is a data record used for authenticating devices on the network.
Chapter 24 - 802.1X Commands The AT-9724TS implements the server-side of the IEEE 802.1x Port-based and MAC-based Network Access Control.This mechanism is intended to allow only authorized users, or other network devices, access to network resources by establishing criteria for each port on the Switch that a user or network device must meet before allowing that port to forward or receive frames. Command Parameters enable 802.1x disable 802.1x create 802.1x user show 802.
disable 802.1x Purpose Used to disable the 802.1x server on the Switch. Syntax disable 802.1x Description The disable 802.1x command is used to disable the 802.1x Network Access control server application on the Switch.To select between port-based or MAC-based, use the config 802.1x auth_mode command. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To disable 802.1x on the switch: AT-9724TS:4# disable 802.1x Command: disable 802.1x Success.
show 802.1x user Purpose Used to display the 802.1x user accounts on the Switch. Syntax show 802.1x user Description The show 802.1x user command is used to display the 802.1x Port-based or MAC-based Network Access control local users currently configured on the Switch. Parameters None. Restrictions None. Example usage: To view 802.1X users currently configured on the Switch: AT-9724TS:4# show 802.1x user Command: show 802.
show 802.1x auth_configuration Purpose Used to display the current configuration of the 802.1x server on the Switch. Syntax show 802.1x auth_configuration {ports [ | all]} Description The show 802.1x command is used to display the current configuration of the 802.1x Port-based and MACbased Network Access Control server application on the Switch.
Example usage: To display the 802.1x rustication states (stacking disabled): AT-9724TS:4# show 802.1x auth_configuration ports 1:1 Command: show 802.1x auth_configuration ports 1:1 802.
show 802.1x auth_state Purpose Used to display the current authentication state of the 802.1x server on the Switch. Syntax show 802.1x auth_state {ports []} Description The show 802.1x auth_state command is used to display the current authentication state of the 802.1x Portbased or MAC-based Network Access Control server application on the Switch. The following details what is displayed: Port number – Shows the physical port number on the Switch.
Example usage: To display the 802.1x auth state for MAC-based 802.1x:: AT-9724TS:4#show 802.1x auth_state Command: show 802.1x auth_state Port number Index ----- : 1:1 MAC Address ----------- 1 00-08-02-4E-DA-FA Auth PAE State -------------- Backend State ------------- Port Status ----------- Authenticated Idle Authorized 2 3 4 6 7 9 10 12 13 14 15 16 CTRL+C ESC q Quit SPACE n Next Page Enter Next Entry a All config 802.1x auth_mode Purpose Used to configure the 802.
config 802.1x capability ports Purpose Used to configure the 802.1x capability of a range of ports on the Switch. Syntax config 802.1x capability ports [ | all] [authenticator | none] Description The config 802.1x command has two capabilities that can be set for each port, authenticator and none. Parameters – Specifies a range of ports.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
max_req – Configures the number of times to retry sending packets to a supplicant (user). reauth_period – Configures the time interval between successive re-authentications. enable_reauth [enable | disable] – Determines whether or not the Switch will re-authenticate. Enabled causes reauthentication of users at the time interval specified in the Re-authentication Period field, above. Restrictions Only administrator-level users can issue this command.
config 802.1x init Purpose Used to initialize the 802.1x function on a range of ports. Syntax config 802.1x init [port_based ports [] | mac_based [ports] [ | all] {mac_address
config 802.1x reauth ports Purpose Used to configure the 802.1x re-authentication feature of the Switch. Syntax config 802.1x reauth [port_based ports [] | mac_based [ports] [ | all] {mac_address
config radius add Purpose Used to add a new RADIUS server. Syntax config radius add key [default | {auth_port | acct_port }] Description The config radius add command is used to add RADIUS servers to the Switch. Parameters – Assigns a number to the current set of RADIUS server settings. Up to 3 groups of RADIUS server settings can be entered on the Switch.
config radius Purpose Used to configure the Switch’s RADIUS settings. Syntax config radius {ipaddress | key | auth_port | acct_port } Description The config radius command is used to configure the Switch’s RADIUS server settings. Parameters – Assigns a number to the current set of RADIUS server settings. Up to 3 groups of RADIUS server settings can be entered on the Switch.
show acct client Purpose Used to display the current RADIUS accounting client. Syntax show acct_client Description The show acct_client command is used to display the current RADIUS accounting client currently configured on the Switch. Parameters None. Restrictions None.
show auth client Purpose Used to display the current RADIUS authentication client. Syntax show auth_client Description The show auth_client command is used to display the current RADIUS authentication client currently configured on the Switch. Parameters None. Restrictions None.
show auth_diagnostics Purpose Used to display the current authentication diagnostics. Syntax show auth_diagnostics {ports [ | all]} Description The show auth_diagnostics command is used to display the current authentication diagnostics of the Switch on a per port basis. Parameters ports – Specifies a range of ports.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
show auth_session_statistics Purpose Used to display the current authentication session statistics. Syntax show auth_session_statistics {ports [ | all]} Description The show auth_session statistics command is used to display the current authentication session statistics of the Switch on a per port basis. Parameters ports – Specifies a range of ports.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
show auth_statistics Purpose Used to display the current authentication statistics. Syntax show auth_statistics {ports [} Description The show auth_statistics command is used to display the current authentication statistics of the Switch on a per port basis. Parameters ports – Specifies a range of ports.The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon.
Chapter 25 - Access Control List (ACL) Commands The AT-9724TS implements Access Control Lists that enable the Switch to deny network access to specific devices or device groups based on IP settings or MAC address. Command Parameters create access_profile [ethernet {vlan | source_mac | destination_mac | 802.
create access_profile Purpose Used to create an access profile on the Switch and to define which parts of each incoming frame’s header the Switch will examine. Masks can be entered that will be combined with the values the Switch finds in the specified frame header fields. Specific values for the rules are entered using the config access_profile command, below. Syntax [ethernet {vlan | source_mac | destination_mac | 802.
the packet to the 15th byte. offset_16-31 – Enter a value in hex form to mask the packet from byte 16 to byte 31. offset_32-47 – Enter a value in hex form to mask the packet from byte 32 to byte 47. offset_48-63 – Enter a value in hex form to mask the packet from byte 48 to byte 63. offset_64-79 – Enter a value in hex form to mask the packet from byte 64 to byte 79. port – Specifies a port or range of ports to be configured.
config access_profile Purpose Used to configure an access profile on the Switch and to define specific values that will be used to by the Switch to determine if a given packet should be forwarded or filtered. Masks entered using the create access_profile command will be combined, using a logical AND operation, with the values the Switch finds in the specified frame header fields. Specific values for the rules are entered using the config access_profile command, below.
ack:TCP control flag (acknowledgement) psh:TCP control flag (push) rst:TCP control flag (reset) syn:TCP control flag (synchronize) fin:TCP control flag (finish) udp – Specifies that the Switch will examine the Universal Datagram Protocol (UDP) field in each packet. src_port – Specifies that the access profile will apply only to packets that have this UDP source port in their header.
show access_profile Purpose Used to display the currently configured access profiles on the Switch. Syntax show access_profile Description The show access_profile command is used to display the currently configured access profiles. Parameters None. Restrictions Only administrator-level users can issue this command.
Chapter 26 - Traffic Segmentation Commands Traffic segmentation allows you to further sub-divide VLANs into smaller groups of ports that will help to reduce traffic on the VLAN.The VLAN rules take precedence, and then the traffic segmentation rules are applied.The traffic segmentation commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
show traffic_segmentation Purpose Used to display the current traffic segmentation configuration on the Switch. Syntax show traffic_segmentation Description The show traffic_segmentation command is used to display the current traffic segmentation configuration on the Switch. Parameters – Specifies a range of ports that will be configured for traffic segmentation.
Chapter 27 - Stacking Commands The stacking configuration commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
config box_id Purpose Used to configure box ID. Users can use this command to reassign box Ids. Syntax config box_id {current_box_id new_box_id [AUTO | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12]} Description This command will assign box IDs to switches in a stack. Parameters current_box_id – Identifies the Switch being configured. Range is 1-12. new_box_id – The new ID being assigned to the Switch (box). Range is 1-12. auto – Allows the box ID to be assigned automatically.
config all_boxes_id Purpose Used to configure box IDs for switches in a stack. Syntax config all_boxes_id [static_mode | auto_mode] Description This command will determine the mode of assigning box IDs. Parameters static_mode– Box IDs assigned by the user. auto_mode – Box IDs are assigned automatically. Restrictions Only administrator-level users can issue this command. Example usage: To configure box type: AT-9724TS:4# config all_boxes_id auto_mode Command: config all_boxes_id auto_mode Success.
Chapter 28 - Allied Telesyn Single IP Management Commands Simply put,Allied Telesyn Single IP Management is a concept that will stack switches together over Ethernet instead of using stacking ports or modules. Switches using Single IP Management (labeled here as SIM) must conform to the following rules: • SIM is an optional feature on the Switch and can easily be enabled or disabled. SIM grouping has no effect on the normal operation of the Switch in the user’s network.
Commands Parameters enable sim disable sim show sim {[candidates {} | members { } | group {commander_mac } | neighbor]} reconfig {member_id | exit} config sim_group [add {} | delete ] config sim [{[commander { group_name | candidate] | dp_interval | hold_time } download sim_ms [firmware | configuration] [members |
show sim Purpose Used to view the current information regarding the SIM group on the Switch. Syntax show sim {[candidates {} | members {} | group {commander_mac } neighbor]} Description This command will display the current information regarding the SIM group on the Switch, including the following: SIM Version – Displays the current Single IP Management version on the Switch. Firmware Version – Displays the current Firmware version on the Switch.
Example usage: To show the candidate information in summary, if the candidate id is specified: AT-9724TS:4# show sim candidates Command: show sim candidates ID MAC Address Platform/ Capability Hold Time Firmware Version Device Name -- ----------- ---------- ----- -------- ------ 1 00-01-02-03-04-00 AT-9724TS L3 Switch 40 3.00-B16 The Man 2 00-55-55-00-55-00 AT-9724TS L3 Switch 140 3.
Example usage: To view SIM neighbors: AT-9724TS:4# show sim neighbor Command: show sim neighbor Neighbor Info Table Port ---- MAC Address ----------- Role ---- 23 00-35-26-00-11-99 Commander 23 00-35-26-00-11-91 Member 24 00-35-26-00-11-90 Candidate Total Entries: 3 AT-9724TS:4# reconfig Purpose Used to connect to a member switch, through the commander switch using telnet.
config sim_group Purpose Used to add candidates and delete members from the SIM group. Syntax config sim_group [add {} | delete ] Description This command is used to add candidates and delete members from the SIM group by ID number. Parameters add – Use this parameter to change a candidate switch (CaS) to a member switch (MS) of a SIM group.The CaS may be defined by its ID number and a password (if necessary).
Example usage: To change the time interval of the discovery protocol: AT-9724TS:4# config sim commander dp_interval 30 Command: config sim commander dp_interval 30 Success. AT-9724TS:4# Example usage: To change the hold time of the discovery protocol: AT-9724TS:4# config sim commander hold_time 120 Command: config sim commander hold_time 120 Success. AT-9724TS:4# Example usage: To transfer the commander switch to be a candidate: AT-9724TS:4# config sim candidate Command: config sim candidate Success.
download sim_ms Purpose Used to download firmware or configuration file to an indicated device. Syntax download sim_ms [ firmware | configuration] {members | all} Description This command will download a firmware file or configuration file to a specified device from a TFTP server. Parameters firmware – Specify this parameter if the user wishes to download firmware to members of a SIM group.
upload sim_ms configuration Purpose User to upload a configuration file to a TFTP server from a specified member of a SIM group. Syntax upload sim_ms configuration Description This command will upload a configuration file to a TFTP server from a specified member of a SIM group. Parameters – Enter the IP address of the TFTP server to upload a configuration file to.
Chapter 29 - Time and SNTP Commands The Simple Network Time Protocol (SNTP) {an adaptation of the Network Time Protocol (NPT)} commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
show sntp Purpose Used to display the SNTP information. Syntax show sntp Description This command will display SNTP settings information including the source IP address, time and poll interval. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To display SNTP configuration information: AT-9724TS:4# show sntp Command: show sntp Current Time Source : System Clock SNTP : Disabled SNTP Primary Server : 10.1.1.1 SNTP Secondary Server : 10.1.1.
disable sntp Purpose Disables SNTP server support. Syntax disable sntp Description This will disable SNTP support. SNTP service must be separately configured (see config sntp). Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To enable the SNTP function: AT-9724TS:4# disable sntp Command: disable sntp Success. AT-9724TS:4# config time Purpose Used to manually configure system time and date settings.
config time zone Purpose Used to determine the time zone used in order to adjust the system clock. Syntax config time_zone {operator [+ | -] | hour | min } Description This will adjust system clock settings according to the time zone. Time zone settings will adjust SNTP information accordingly. Parameters operator – Choose to add (+) or subtract (-) time to adjust for time zone relative to GMT. hour – Select the number hours different from GMT.
– Time is expressed using a 24-hour clock, in hours and minutes. s_date – Configure the specific date (day of the month) to begin DST. – Time is expressed using a 24-hour clock, in hours and minutes. e_date – Configure the specific date (day of the month) to begin DST. – The start date is expressed numerically. offset [30 | 60 | 90 | 120] – Indicates number of minutes to add or to subtract during the summertime.
Chapter 30 - ARP Commands The ARP commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create arpentry delete arpentry [ | all] show arpentry {ipif | ipaddress | static} config arp_aging time clear arptable Each command is listed, in detail, in the following sections. create arpentry Purpose Used to make a static entry into the ARP table.
config arp_aging Purpose Used to configure the age-out timer for ARP table entries on the Switch. Syntax config arp_aging time Description This command sets the maximum amount of time, in minutes, that an ARP entry can remain in the Switch’s ARP table, without being accessed, before it is dropped from the table. Parameters time – The ARP age-out time, in minutes.The value may be set in the range of 0-65535 minutes with a default setting of 20 minutes.
show arpentry Purpose Used to display the ARP table. Syntax show arpentry {ipif | ipaddress | static} Description This command is used to display the current contents of the Switch’s ARP table. Parameters – The name of the IP interface the end node or station for which the ARP table entry was made, resides on. – The network address corresponding to the IP interface name above. static – Displays the static entries to the ARP table. Restrictions None.
clear arptable Purpose Used to remove all dynamic ARP table entries. Syntax clear arptable Description This command is used to remove dynamic ARP table entries from the Switch’s ARP table. Static ARP table entries are not affected. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To remove dynamic entries in the ARP table: AT-9724TS:4# clear arptable Command: clear arptable Success.
Chapter 31 - VRRP Commands VRRP or Virtual Routing Redundancy Protocol is a function on the Switch that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN.The VRRP router that controls the IP address associated with a virtual router is called the Master, and will forward packets sent to this IP address.This will allow any Virtual Router IP address on the LAN to be used as the default first hop router by end hosts.
Example usage: To enable the virtual IP address to be pinged: AT-9724TS:4# enable vrrp Command: enable vrrp ping Success. AT-9724TS:4# disable vrrp Purpose To disable a VRRP interface configuration. Syntax disable vrrp {ping} Description This command will disable the VRRP interface configuration on the Switch. Parameters {ping} – Adding this parameter to the command will allow the virtual IP address to be pinged from other host end nodes to verify connectivity.
create vrrp vrid Purpose To create a VRRP router on the Switch. Syntax vrid ipaddress {state [enable | disable] | priority | advertisement_interval | preempt [true | false] | critical_ip | critical_ip_state [enable | disable]} Description This command is used to create a VRRP interface on the Switch. Parameters vrid – Enter a value between 1 and 255 to uniquely identify this VRRP group on the Switch.
config vrrp vrid Purpose To configure a VRRP router set on the Switch. Syntax vrid {state [enable | disable] | priority | ipaddress | advertisement_interval | preempt [true | false] | critical_ip | critical_ip_state [enable | disable]} Description This command is used to configure a previously configured VRRP interface on the Switch.
config vrrp ipif Purpose To configure the authentication type for the VRRP routers of an IP interface. Syntax config vrrp ipif [authtype [none | simple authdata | ip authdata ] Description This command is used to set the authentication type for the VRRP routers of an IP interface. Parameters ipif – Enter the name of a previously configured IP interface to configure the VRRP entry for. This IP interface must be assigned to a VLAN on the Switch.
Example usage: To view the global VRRP settings currently implemented on the Switch (VRRP Enabled): AT-9724TS:4# show vrrp Command: show vrrp Global VRRP :Enabled Non-owner response PING : Disabled Interface Name : System Authentication type : No Authentication VRID : 2 Virtual IP Address : 10.53.13.3 Virtual MAC Address : 00-00-5E-00-01-02 Virtual Router State : Master State : Enabled Priority : 255 Master IP Address : 10.53.13.
Chapter 32 - Routing Table Commands The routing table commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
create iproute default Purpose Used to create IP route entries to the Switch’s IP routing table. Syntax create iproute default {} Description This command is used to remove a VRRP router running on a local device. Parameters – Allows the entry of a routing protocol metric entry representing the number of routers between the Switch and the IP address above.The default setting is 1. Restrictions Only administrator-level users can issue this command.
delete iproute default Purpose Used to delete a default IP route entry from the Switch’s IP routing table. Syntax delete iproute default Description This command will delete an existing default entry from the Switch’s IP routing table. Parameters – The gateway IP address for the next hop router. Restrictions Only administrator-level users can issue this command. Example usage: To delete the default IP route 10.53.13.254: AT-9724TS:4# delete iproute 10.48.74.121/8 10.1.1.
Chapter 33 - Route Redistribution Commands The route redistribution commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Routing information source — RIP, the Static Route table, and the Local interface routing information. Routing information will be redistributed to OSPF. Route Source Metric Metric Type RIP 0 to 16777214 mettype 1 mettype 2 Static 0 to 16777214 mettype 1 mettype 2 Local 0 to 16777214 mettype 1 mettype 2 Allowed Metric Type combinations are mettype 1 or mettype 2.The metric value 0 above will be redistributed in OSPF as the metric 20.
create route redistribute dst rip src Purpose Used to add route redistribution settings for the exchange of OSPF routes to RIP routes on the Switch. Syntax create route redistribute dst rip src {all | internal | external | type_1 | type_2 | inter+e1 | inter+e2}] {metric } Description This command will redistribute routing information between the OSPF and RIP routing protocols to all routers on the network that are running OSPF or RIP.
Example usage: To add route redistribution settings: AT-9724TS:4# create route redistribute dst rip src ospf all metric 2 Command: create route redistribute dst rip src ospf all metric 2 Success. AT-9724TS:4# config route redistribute dst ospf src Purpose Used configure route redistribution settings for the exchange of RIP routes to OSPF routes on the Switch.
Route Source Metric Metric Type RIP 0 to 16777214 mettype 1 mettype 2 Static 0 to 16777214 mettype 1 mettype 2 Local 0 to 16777214 mettype 1 mettype 2 Allowed Metric Type combinations are mettype 1 or mettype 2.The metric value 0 above will be redistributed in OSPF as the metric 20. Example usage: To configure route redistributions: AT-9724TS:4# config route redistribute dst ospf src all metric 2 Command: config route redistribute dst ospf src all metric 2 Success.
Example usage: To configure route redistributions: AT-9724TS:4# config route redistribute dst ospf src rip mettype type_1 metric 2 Command: config route redistribute dst ospf src rip mettype type_1 metric 2 Success. AT-9724TS:4# delete route redistribute Purpose Used configure route redistribution settings for the exchange of RIP routes to OSPF routes on the Switch.
Chapter 34 - BOOTP Relay Commands The BOOTP relay commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
config bootp_relay delete Purpose Used to delete an IP destination address from the Switch’s BOOTP relay table. Syntax config bootp_relay delete ipif Description This command is used to delete an IP destination addresses in the Switch’s BOOTP relay table. Parameters – The name of the IP interface that contains the IP address below. – The BOOTP server IP address. Restrictions Only administrator-level users can issue this command.
disable bootp_relay Purpose Used to disable the BOOTP relay function on the Switch. Syntax disable bootp_relay Description This command, in combination with the enable bootp_relay command above, is used to enable and disable the BOOTP relay function on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To disable the bootp relay function: AT-9724TS:4# disable bootp_relay Command: disable bootp_relay Success.
Chapter 35 - DNS Relay Commands The DNS relay commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config dnsr {[primary | secondary] nameserver | [add | delete] static } enable dnsr {cache | static} disable dnsr {cache | static} show dnsr {static} Each command is listed, in detail, in the following sections. config dnsr Purpose Used to configure the DNS relay function.
enable dnsr Purpose Used to enable the DNS relay. Syntax enable dnsr {cache | static} Description This command is used, in combination with the disable dnsr command below, to enable and disable DNS Relay on the Switch. Parameters cache – This parameter will allow the user to enable the cache lookup for the DNS rely on the Switch. static – This parameter will allow the user to enable the static table lookup for the DNS rely on the Switch.
disable dnsr Purpose Used to disable DNS relay on the Switch. Syntax disable dnsr {cache | static} Description This command is used, in combination with the enable dnsr command above, to enable and disable DNS Relay on the Switch. Parameters cache – This parameter will allow the user to enable the cache lookup for the DNS rely on the Switch. static – This parameter will allow the user to enable the static table lookup for the DNS rely on the Switch.
show dnsr Purpose Used to display the current DNS relay status. Syntax show dnsr {static} Description This command is used to display the current DNS relay status. Parameters static – Allows the display of only the static entries into the DNS relay table. If this parameter is omitted, the entire DNS relay table will be displayed. Restrictions None. Example usage: To display DNS relay status. AT-9724TS:4# show dnsr Command: show dnsr DNSR Status : Disabled Primary Name Server : 0.0.0.
Chapter 36 - RIP Commands The RIP commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
enable rip Purpose Used to enable RIP. Syntax enable rip Description This command is used to enable RIP on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To enable RIP: AT-9724TS:4# config rip ipif System rx_mode v1_only Command: config rip ipif System rx_mode v1_only Success. AT-9724TS:4# disable rip Purpose Used to disable RIP. Syntax disable rip Description This command is used to disable RIP on the Switch.
show rip Purpose Used to display the RIP configuration and statistics for the Switch. Syntax show rip {ipif_name 12>} Description This command will display the RIP configuration and statistics for a given IP interface or for all IP interfaces. Parameters ipif – The name of the IP interface for which you want to display the RIP configuration and settings. If this parameter is not specified, the show rip command will display the global RIP configuration for the Switch.
Chapter 37 - DVMRP Commands The DVMRP commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
enable dvmrp Purpose Used to enable DVMRP. Syntax enable dvmrp Description This command, in combination with the disable dvmrp below, to enable and disable DVMRP on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To enable DVMRP: AT-9724TS:4# enable dvmrp Command: enable dvmrp Success. AT-9724TS:4# disable dvmrp Purpose Used to disable DVMRP.
show dvmrp routing_table Purpose Used to display the current DVMRP routing table. Syntax show dvmrp routing table [ipaddress ] Description The command is used to display the current DVMRP routing table. Parameters ipaddress – The IP address and netmask of the destination.The address and mask information can be specified using the traditional format (for example, 10.1.2.3/255.0.0.0 or in CIDR format, 10.1.2.3/8). Restrictions None.
show dvmrp nexthop Purpose Used to display the current DVMRP routing next hop table. Syntax show dvmrp nexthop {ipaddress | ipif } Description This command will display the DVMRP routing next hop table. Parameters ipaddress – The IP address and netmask of the destination.The address and mask information can be specified using the traditional format (for example, 10.1.2.3/255.0.0.0 or in CIDR format, 10.1.2.3/8).
Chapter 38 - PIM Commands Command Parameters config pim [ipif | all ] { hello | jp_interval | state [ enable | disable ]} enable pim disable pim show pim neighbor {ipif | ipaddress } show pim {ipif } Each command is listed, in detail, in the following sections: config pim Purpose Used to configure PIM settings for the Switch or for specified IP interfaces.
enable pim Purpose Used to enable PIM function on the Switch. Syntax enable pim Description This command will enable PIM for the Switch. PIM settings must first be configured for specific IP interfaces using the config pim command. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To enable PIM as previously configured on the Switch: AT-9724TS:4# enable pim Command: enable pim Success.
show pim neighbor Purpose Used to display PIM neighbor router table entries. Syntax show pim neighbor {ipif | ipaddress } Description This command will list current entries in the PIM neighbor table for a specified IP interface or destination router IP address. Parameters ipif – The name of an IP interface for which you want to view the PIM neighbor router table.
Chapter 39 - IP Multicasting Commands The IP multicasting commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters show ipmc cache {group } {ipaddress } show ipmc {ipif | protocol [inactive | dvmrp | pim} Each command is listed, in detail, in the following sections: show ipmc cache Purpose Used to display the current IP multicast forwarding cache.
show ipmc Purpose Used to display the IP multicast interface table. Syntax show ipmc {ipif | protocol [inactive | dvmrp | pim} Description This command will display the current IP multicast interface table. Parameters – The name of the IP interface for which you want to display the IP multicast interface table for. protocol – Allows the user to specify whether or not to use one of the available protocols to display the IP multicast interface table.
Chapter 40 - MD5 Configuration Commands The MD5 configuration commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create md5 key config md5 key delete md5 key show md5 key Each command is listed, in detail, in the following sections: create md5 key Purpose Used to create a new entry in the MD5 key table.
show md5 Purpose Used to display an MD5 key table. Syntax show md5 {key } Description This command will display the current MD5 key table. Parameters – The MD5 key ID to be displayed. Restrictions None.
Chapter 41 - OSPF Configuration Commands The OSPF configuration commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
config ospf router_id Purpose Used to configure the OSPF router ID. Syntax config ospf router_id Description This command is used to configure the OSPF router ID. Parameters – The IP address of the OSPF router. Restrictions Only administrator-level users can issue this command. Example usage: To configure the OSPF router ID: AT-9724TS:4# config ospf router_id 10.48.74.122 Command: config ospf router_id 10.48.74.122 Success.
show ospf Purpose Used to display the current OSPF state on the Switch. Syntax show ospf Description This command will display the current state of OSPF on the Switch, divided into the following categories: General OSPF settings OSPF Interface settingså OSPF Area settings OSPF Virtual Interface settings OSPF Area Aggregation settings OSPF Host Route settings Parameters None. Restrictions None. Example usage: To show OSPF state: AT-9724TS:4# show ospf Command: show ospf OSPF Router ID : 10.1.1.
OSPF Area Aggregation Settings Area ID Aggregated LSDB Advertise ------- Network Address --------------- Type ---- --------- Total Entries : 0 OSPF Host Route Settings Host Address --------------- Metric ------ Area ID --------------- 10.3.3.3 1 10.1.1.1 Total Entries : 1 AT-9724TS:4# create ospf area Purpose Used to configure OSPF area settings.
configure ospf area Purpose Used to configure OSPF’s area settings. Syntax config ospf area type [normal | stub {stub_summary [enable | disable] | metric }] Description This command is used to configure an OSPF area’s settings. Parameters – The OSPF area ID.The user may enter a 32-bit number in the form of an IP address (xxx.xxx.xxx.xxx) that uniquely identifies the OSPF area in the OSPF domain.
create ospf host_route Purpose Used to configure OSPF host route settings. Syntax create ospf host_route {area | metric } Description This command is used to configure the OSPF host route settings. Parameters – The host’s IP address. – A 32-bit number in the form of an IP address (xxx.xxx.xxx.xxx) that uniquely identifies the OSPF area in the OSPF domain. metric – A metric between 1 and 65535, which will be advertised.
config ospf host_route Purpose Used to configure OSPF host route settings. Syntax config ospf host_route {area | metric } Description This command is used to delete OSPF host route settings. Parameters – The address of the OSPF host. – A metric between 1 and 65535 that will be advertised for the route. Restrictions Only administrator-level users can issue this command.
create ospf aggregation Purpose Used to configure OSPF area aggregation settings. Syntax create ospf aggregation lsdb_type summary {advertise [enable | disable]} Description This command is used to create an OSPF area aggregation. Parameters – A 32-bit number in the form of an IP address (xxx.xxx.xxx.xxx) that uniquely identifies the OSPF area in the OSPF domain.
config ospf aggregation Purpose Used to configure the OSPF area aggregation settings. Syntax config ospf aggregation lsdb_type summary {advertise [enable | disable]} Description This command is used to configure the OSPF area aggregation settings. Parameters – A 32-bit number in the form of an IP address (xxx.xxx.xxx.xxx) that uniquely identifies the OSPF area in the OSPF domain.
show ospf lsdb Purpose Used to display the OSPF Link State Database (LSDB). Syntax show ospf lsdb {area_id | advertise_router | type [rtrlink | netlink | summary | assummary | asextlink]} Description This command will display the current OSPF Link State Database (LSDB). Parameters area_id – A 32-bit number in the form of an IP address (xxx.xxx.xxx.xxx) that uniquely identifies the OSPF area in the OSPF domain.
show ospf neighbor Purpose Used to display the current OSPF neighbor router table. Syntax show ospf neighbor {} Description This command will display the current OSPF neighbor router table. Parameters – The IP address of the neighbor router. Restrictions None.
config ospf ipif Purpose Used to configure the OSPF interface settings. Syntax config ospf ipif {area | priority | hello_interval | dead_interval | authentication [none | simple | md5 ] | metric | state [enable | disable]} Description This command is used to configure the OSPF interface settings. Parameters – The name of the IP interface.
config ospf all Purpose Used to configure all of the OSPF interfaces on the Switch at one time. Syntax config ospf all {area | priority | hello_interval | dead_interval | authentication [none | simple | md5 ] | metric | state [enable | disable]} Description This command is used to configure all of the OSPF interfaces on the Switch, using a single group of parameters, at one time.
show ospf ipif Purpose Used to display the current OSPF interface settings for the specified interface name. Syntax show ospf ipif {} Description This command will display the current OSPF interface settings for the specified interface name. Parameters – The IP interface name for which you want to display the current OSPF interface settings. Restrictions None.
show ospf all Purpose Used to display the current OSPF settings of all the OSPF interfaces on the Switch. Syntax show ospf all Description This command will display the current OSPF interface settings for all OSPF interfaces on the Switch interfaces on the Switch. Parameters None. Restrictions None. Example usage: To display the current OSPF interface settings, for all OSPF interfaces on the Switch: AT-9724TS:4# show ospf all Command: show ospf all Interface Name: System IP Address: 10.42.73.
create ospf virtual_link Purpose Used to create an OSPF virtual interface. Syntax create ospf virtual_link {hello_interval | dead_interval | authentication [none | simple | md5 ]} Description This command is used to create an OSPF virtual interface. Parameters – A 32-bit number in the form of an IP address (xxx.xxx.xxx.xxx) that uniquely identifies the OSPF area in the OSPF domain.
config ospf virtual_link Purpose Used to configure the OSPF virtual interface settings. Syntax config ospf virtual_link {hello_interval | dead_interval | authentication [none | simple | md5 ]} Description This command is used to configure the OSPF virtual interface settings. Parameters – A 32-bit number in the form of an IP address (xxx.xxx.xxx.xxx) that uniquely identifies the OSPF area in the OSPF domain.
show ospf virtual_link Purpose Used to display the current OSPF virtual interface configuration. Syntax show ospf virtual_link Description This command will display the current OSPF virtual interface configuration. Parameters – A 32-bit number in the form of an IP address (xxx.xxx.xxx.xxx) that uniquely identifies the OSPF area in the OSPF domain. – The OSPF router ID for the remote area.This is a 32-bit number in the form of an IP address (xxx.xxx.xxx.
Chapter 42 - Route Preference Commands Route Preference is a way for routers to select the best path when there are two or more different routes to the same destination from two different routing protocols.The majority of routing protocols are not compatible when used in conjunction with each other.This Switch supports and may be configured for many routing protocols, as a stand alone switch or more importantly, in utilizing the stacking function and Single IP Management of the Switch.
config route preference Purpose Used to configure the route preference of each route type. Syntax config route preference [static | rip | ospfIntra | ospfInter | ospfExt1 | ospfExt2] Description This command is used to set the route preference value for each routing protocol listed.A lower value will denote a better chance that the specified protocol is the best path for routing packets.
show route preference Purpose Used to display the route preference of each route type. Syntax show route preference {[local | static | rip | ospfIntra | ospfInter | ospfExt1 | ospfExt2]} Description This command will display the Route Preference Settings table.The user may view all route preference settings by entering the command without any parameters or choose a specific type by adding the route parameter to the command.
Chapter 43 - Jumbo Frame Commands Certain switches can support jumbo frames (frames larger than the standard Ethernet frame size of 1518 bytes).To transmit frames of up to 9K (and 9004 bytes tagged), the user can increase the maximum transmission unit (MTU) size from the default of 1522 by enabling the Jumbo Frame command. The jumbo frame commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
show jumbo_frame Purpose Used to show the status of the jumbo frame function on the Switch. Syntax show jumbo_frame Description This command will show the status of the jumbo frame function on the Switch. Parameters None. Restrictions None. Example usage: To show the jumbo frame status currently configured on the Switch: AT-9724TS:4# show jumbo_frame Command: show jumbo_frame Off.
Chapter 44 - Command History List The command history list commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters ? show command_history config command_history Each command is listed, in detail, in the following sections. ? Purpose Used to display all commands in the Command Line Interface (CLI).
show command_history Purpose Used to display the command history. Syntax show command_history Description This command will display the command history. Parameters None. Restrictions None.
Appendix A Technical Specifications General Standard IEEE 802.3u 100TX Fast Ethernet IEEE 802.3ab 1000T Gigabit Ethernet IEEE 802.1 P/Q VLAN IEEE 802.3x Full-duplex Flow Control IEEE 802.3 Nway auto-negotiation Protocols CSMA/CD Data Transfer Rates: Half-duplex Full-duplex Ethernet 10Mbps 20Mbps Fast Ethernet 100Mbps 200Mbps Gigabit Ethernet n/a 2000Mbps Fibre Optic SFP (mini GBIC) Support IEEE 802.3z 1000LX (AT-MG8LX10 transceiver) IEEE 802.3z 1000SX (AT-MG8SX transceiver) IEEE 802.
Performance Transmission Method: Store-and-forward RAM Buffer: 2MB per device Filtering Address Table: 16K MAC address per device Packet Filtering/ Forwarding Rate: Full-wire speed for all connections. 148,810 pps per port (for 100Mbps) 1,488,100 pps per port (for 1000Mbps) MAC Address Learning: Automatic update. Forwarding Table Age Time: Max age: 10 – 1000000 seconds. Default = 300.
Appendix B - Translated Electrical Safety and Emission Information Important:This appendix contains multiple-language translations for the safety statements in this guide. Wichtig: Dieser Anhang enthält Übersetzungen der in diesem Handbuch enthaltenen Sicherheitshinweise in mehreren Sprachen. Vigtigt: Dette tillæg indeholder oversættelser i flere sprog af sikkerhedsadvarslerne i denne håndbog. Belangrijk: Deze appendix bevat vertalingen in meerdere talen van de veiligheidsopmerkingen in deze gids.
6 m 7 m BETRIEBSTEMPERATUR: Dieses Produkt wurde für den Betrieb in einer Umgebungstemperatur von nicht mehr als 40° C entworfen. ALLE LÄNDER: Installation muß örtlichen und nationalen elektrischen Vorschriften entsprechen. Standarder: Dette produkt tilfredsstiller de følgende standarder. 1 c FARE UNDER UVEJR FARE: UNDLAD at arbejde på udstyr eller KABLER i perioder med LYNAKTIVITET. 2 c ADVARSEL: DEN STRØMFØRENDE LEDNING BRUGES TIL AT AFBRYDE STRØMMEN.
3 c 4 m 5 m 6 m 7 m ÉQUIPEMENT DE CLASSE 1 ÉLECTRIQUE CE MATÉRIEL DOIT ÊTRE MIS A LA TERRE. La prise de courant doit être branchée dans une prise femelle correctement mise à la terre car des tensions dangereuses risqueraient d’atteindre les pièces métalliques accessibles à l’utilisateur. EQUIPEMENT POUR BRANCHEMENT ELECTRIQUE, la prise de sortie doit être placée près de l’équipement et facilement accessible".
Sikkerhetsnormer: Dette produktet tilfredsstiller følgende sikkerhetsnormer. 1 c FARE FOR LYNNEDSLAG FARE: ARBEID IKKE på utstyr eller KABLER i TORDENVÆR. 2 c 3 c 4 m UTSTYR FOR STIKKONTAKT. Stikkontakten skal monteres i nærheten av utstyret og skal være lett tilgjengelig." 5 m FORSIKTIG: Lufteventilene må ikke blokkeres, og må ha fri tilgang til luft med romtemperatur for avkjøling. 6 m DRIFTSTEMPERATUR: Dette produktet er konstruert for bruk i maksimum romtemperatur på 40 grader celsius.
4 m 5 m 6 m 7 m EQUIPO CONECTABLE, el tomacorriente se debe instalar cerca del equipo, en un lugar con acceso fácil". ATENCION: Las aberturas para ventilación no deberán bloquearse y deberán tener acceso libre al aire ambiental de la sala para su enfriamiento. TEMPERATURA REQUERIDA PARA LA OPERACIÓN: Este producto está diseñado para una temperatura ambiental máxima de 40 grados C. PARA TODOS LOS PAÍSES: Monte el producto de acuerdo con los Códigos Eléctricos locales y nacionales.
