DGS-3024 Layer 2 Switch Command Line Interface Reference Manual Fourth Edition (August 2006) 6DGS3024C.
Table of Contents Introduction ...................................................................................................................................................................................... 1 Using the Console CLI..................................................................................................................................................................... 3 Command Syntax ............................................................................................
DGS-3024 Layer 2 Switch CLI Reference Manual 1 I NTRODUCTION The DGS-3024 Switch can be managed through the Switch’s serial port, Telnet, or the Web-based management agent. The Command Line Interface (CLI) can be used to configure and manage the Switch via the serial port or Telnet interfaces. This manual provides a reference for all of the commands contained in the CLI. Configuration and management of the Switch, via the Web-based management agent, is discussed in the User’s Guide.
DGS-3024 Layer 2 Switch CLI Reference Manual Figure 1-2. Boot Screen The Switch’s MAC address can also be found in the Web management program on the Switch Information (Basic Settings) window, which is on the Configuration menu. The IP address for the Switch must be set before it can be managed with the Web-based manager. The Switch IP address can be automatically set using BOOTP or DHCP protocols, in which case the actual address assigned to the Switch must be known.
DGS-3024 Layer 2 Switch CLI Reference Manual 2 U SING THE C ONSOLE CLI The DGS-3024 supports a console management interface that allows the user to connect to the Switch’s management agent via a serial port and a terminal, or a computer running a terminal emulation program. The console can also be used over the network using the TCP/IP Telnet protocol. The console program can be used to configure the Switch to use an SNMP-based network management software over the network.
DGS-3024 Layer 2 Switch CLI Reference Manual Commands are entered at the command prompt, DGS-3024:4#. There are a number of helpful features included in the CLI. Entering the ? command will display a list of all of the top-level commands. Figure 2-2. The ? Command The dir command has the same function as the ? command. When you enter a command without its required parameters, the CLI will prompt you with a Next possible completions: message. Figure 2-3.
DGS-3024 Layer 2 Switch CLI Reference Manual Figure 2-4. Using the Up Arrow to Re-enter a Command In the above example, the command config account was entered without the required parameter , the CLI returned the Next possible completions: prompt. The up arrow cursor control key was pressed to re-enter the previous command (config account) at the command prompt. Now the appropriate user name can be entered and the config account command re-executed.
DGS-3024 Layer 2 Switch CLI Reference Manual Figure 2-6. Next possible completions: show command In the above example, all of the possible next parameters for the show command are displayed. At the next command prompt, the up arrow was used to re-enter the show command, followed by the account parameter. The CLI then displays the user accounts configured on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual 3 C OMMAND S YNTAX The following symbols are used to describe how command entries are made, and values and arguments are specified in this manual. The online help contained in the CLI, and available through the console interface, uses the same syntax. Note: All commands are case-sensitive. Be sure to disable Caps Lock or any other unwanted function that changes text case. Purpose Encloses a variable or value that must be specified.
DGS-3024 Layer 2 Switch CLI Reference Manual {braces} Purpose Encloses an optional value or set of optional arguments. Syntax reset {[config | system]} Description In the above syntax example, users have the option to specify config or system. It is not necessary to specify either optional value, however the effect of the system reset is dependent on which, if any, value is specified. Therefore, with this example there are three possible outcomes of performing a system reset.
DGS-3024 Layer 2 Switch CLI Reference Manual 4 B ASIC S WITCH C OMMANDS The basic Switch commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual create account Purpose Used to create user accounts. Syntax create [admin | user] Description The create account command is used to create user accounts that consist of a username of 1 to 15 characters, and a password of 0 to 15 characters. Up to 8 user accounts can be created. Parameters admin user Restrictions Only Administrator-level users can issue this command. Usernames can be between 1 and 15 characters.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config account dlink Command: config account dlink Enter a old password:**** Enter a case-sensitive new password:**** Enter the new password again for confirmation:**** Success. DGS-3024:4# show account Purpose Used to display user accounts. Syntax show account Description Displays all user accounts created on the Switch. Up to 8 user accounts can exist on the Switch at one time. Parameters None. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#delete account System Command: delete account System Are you sure to delete the last administrator account?(y/n) Success. DGS-3024:4# show session Purpose Used to display a list of currently logged-in users. Syntax show session Description This command displays a list of all the users that are logged-in at the time the command is issued. Parameters None. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show switch Command: show switch Device Type : DGS-3024 Gigabit-Ethernet Switch MAC Address : DA-10-21-00-00-01 IP Address : 10.41.44.22 (Manual) VLAN Name : default Subnet Mask : 255.0.0.0 Default Gateway : 0.0.0.0 Boot PROM Version : Build 1.00.003 Firmware Version : Build 4.
DGS-3024 Layer 2 Switch CLI Reference Manual config serial_port Purpose Used to configure the serial port. Syntax config serial_port {baud_rate [9600 | 19200 | 38400 | 115200] | auto_logout [never | 2_minutes | 5_minutes | 10_minutes | 15_minutes]} Description This command is used to configure the serial port’s baud rate and auto logout settings. Parameters baud rate [9600 | 19200 | 38400 | 115200] − The serial bit rate that will be used to communicate with the management host.
DGS-3024 Layer 2 Switch CLI Reference Manual enable clipaging Purpose Used to pause the scrolling of the console screen when a command displays more than one page. Syntax enable clipaging Description This command is used when issuing a command, which causes the console screen to rapidly scroll through several pages. This command will cause the console to pause at the end of each page. The default setting is enabled. Parameters None.
DGS-3024 Layer 2 Switch CLI Reference Manual enable telnet Purpose Used to enable communication with and management of the Switch using the Telnet protocol. Syntax enable telnet Description This command is used to enable the Telnet protocol on the Switch. The user can specify the TCP or UDP port number the Switch will use to listen for Telnet requests. Parameters − The TCP port number. TCP ports are numbered between 1 and 65535.
DGS-3024 Layer 2 Switch CLI Reference Manual enable web Purpose Used to enable the HTTP-based management software on the Switch. Syntax enable web Description This command is used to enable the Web-based management software on the Switch. The user can specify the TCP port number that the Switch will use to listen for Telnet requests. Parameters − The TCP port number. TCP ports are numbered between 1 and 65535.
DGS-3024 Layer 2 Switch CLI Reference Manual save Purpose Used to save changes in the Switch’s configuration to non-volatile RAM. Syntax save Description This command is used to enter the current Switch configuration into non-volatile RAM. The saved Switch configuration will be loaded into the Switch’s memory each time the Switch is restarted. Parameters None. Restrictions Only administrator-level users can issue this command.
DGS-3024 Layer 2 Switch CLI Reference Manual reset Purpose Used to reset the Switch to the factory default settings. Syntax reset {[config | system]} Description This command is used to restore the Switch’s configuration to the default settings assigned from the factory. Parameters config − If the keyword ‘config’ is specified, all of the factory default settings are restored on the Switch; including the IP address, user accounts, and the Switch history log. The Switch will not save or reboot.
DGS-3024 Layer 2 Switch CLI Reference Manual logout Purpose Used to log out a user from the Switch’s console. Syntax logout Description This command terminates the current user’s session on the Switch’s console. Parameters None. Restrictions None. Example usage: To terminate the current user’s console session: DGS-3024:4#logout ping Purpose Used to test the connectivity between network devices.
DGS-3024 Layer 2 Switch CLI Reference Manual 5 S WITCH P ORT C OMMANDS The Switch port commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual config ports specified ports. learning [enable | disable] − Enables or disables the MAC address learning on the specified range of ports. state [enable | disable] − Enables or disables the specified range of ports. description - Enter an alphanumeric string of no more than 32 characters to describe a selected port interface. clear_description - Enter this command to clear the port description of the selected port(s).
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To display the configuration of ports 1-5 on the Switch, with description: DGS-3024:4#show ports description Command: show ports description Port Port Settings State Speed/Duplex/FlowCtrl ------ ---------------------------1 Enabled Auto/Disabled Description: dads1 2 Enabled Auto/Disabled Description: 3 Enabled Auto/Disabled Description: 4 Enabled Auto/Disabled Description: 5 Enabled Auto/Disabled Description: Connection Speed/Duplex/FlowCtrl -----
DGS-3024 Layer 2 Switch CLI Reference Manual 6 N ETWORK M ANAGEMENT (SNMP) C OMMANDS The network management commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. The DGS-3024 supports the Simple Network Management Protocol (SNMP) versions 1, 2c, and 3. The user may specify which version of the SNMP to use to monitor and control the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual Command Parameters create snmp host [v1 | v2c | v3 [noauth_nopriv | auth_nopriv | auth_priv]] delete snmp host show snmp host {} enable rmon disable rmon create trusted_host delete trusted_host show trusted_host enable snmp traps disable snmp traps enable snmp authenticate traps disable snmp authenticate traps show snmp traps config snmp system_contact config snmp
DGS-3024 Layer 2 Switch CLI Reference Manual create snmp user key for authentication and privacy. The key is defined by specifying the key in hex form below. This method is not recommended. auth - The user may also choose the type of authentication algorithms used to authenticate the snmp user. The choices are: • md5 − Specifies that the HMAC-MD5-96 authentication level will be used.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#create snmp user dlink default encrypted by_password auth md5 auth_password priv none Command: create snmp user dlink default encrypted by_password auth md5 auth_password priv none Success. DGS-3024:4# delete snmp user Purpose Used to remove an SNMP user from an SNMP group, and also to delete the associated SNMP group.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show snmp user Command: show snmp user Username Group Name SNMP Version Auth-Protocol PrivProtocol --------------- ------------------------------------------------initial initial V3 None None Total Entries: 1 DGS-3024:4# create snmp view Purpose Used to assign views to community strings, to limit which MIB objects and SNMP manager has access.
DGS-3024 Layer 2 Switch CLI Reference Manual delete snmp view Purpose Used to remove an SNMP view entry previously created on the Switch. Syntax delete snmp view [all | ] Description The delete snmp view command is used to remove an SNMP view previously created on the Switch. Parameters − An alphanumeric string of up to 32 characters that identifies the SNMP view to be deleted. all − Specifies that all of the SNMP views on the Switch will be deleted.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show snmp view Command: show snmp view Vacm View Table Settings View Name Subtree -------------------------------------------ReadView 1 WriteView 1 NotifyView 1.3.6 restricted 1.3.6.1.2.1.1 restricted 1.3.6.1.2.1.11 restricted 1.3.6.1.6.3.10.2.1 restricted 1.3.6.1.6.3.11.2.1 restricted 1.3.6.1.6.3.15.1.1 CommunityView 1 CommunityView 1.3.6.1.6.3 CommunityView 1.3.6.1.6.3.
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To create the SNMP community string “dlink:” DGS-3024:4#create snmp community dlink view ReadView read_write Command: create snmp community dlink view ReadView read_write Success. DGS-3024:4# delete snmp community Purpose Used to remove a specific SNMP community string from the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show snmp community Command: show snmp community SNMP Community Table Community Name -------------------------------dlink private public View Name -------------------------ReadView CommunityView CommunityView Access Right -----------read_write read_write read_only Total Entries: 3 DGS-3024:4# config snmp engineID Purpose Used to configure a name for the SNMP engine on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show snmp engineID Command: show snmp engineID SNMP Engine ID : 0035636666 DGS-3024:4# create snmp group Purpose Used to create a new SNMP group, or a table that maps SNMP users to SNMP views.
DGS-3024 Layer 2 Switch CLI Reference Manual create snmp group request SNMP messages. − An alphanumeric string of up to 32 characters that is used to identify the group of MIB objects, which a remote SNMP manager is allowed to access on the Switch. write_view – Specifies that the SNMP group being created has write privileges.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#delete snmp group sg1 Command: delete snmp group sg1 Success. DGS-3024:4# show snmp groups Purpose Used to display the group-names of SNMP groups currently configured on the Switch. The security model, level, and status of each group are also displayed. Syntax show snmp groups Description The show snmp groups command displays the group-names of SNMP groups currently configured on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual Notify View Name : NotifyView Security Model : SNMPv3 Security Level : authPriv Group Name ReadView Name WriteView Name Notify View Name Security Model Security Level : initial : restricted : : restricted : SNMPv3 : NoAuthNoPriv Group Name : ReadGroup ReadView Name : CommunityView WriteView Name : Notify View Name : CommunityView Security Model : SNMPv1 Security Level : NoAuthNoPriv Group Name ReadView Name WriteView Name Notify View Name Security Model Securit
DGS-3024 Layer 2 Switch CLI Reference Manual create snmp host Purpose Used to create a recipient of SNMP traps generated by the Switch’s SNMP agent. Syntax create snmp host [v1 | v2c | v3 [noauth_nopriv | auth_nopriv | auth_priv] ] Description The create snmp host command creates a recipient of SNMP traps generated by the Switch’s SNMP agent. Parameters − The IP address of the remote management station, which will serve as the SNMP host for the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#create snmp host 10.48.74.100 v3 auth_priv public Command: create snmp host 10.48.74.100 v3 auth_priv public Success. DGS-3024:4# delete snmp host Purpose Used to remove a recipient of SNMP traps generated by the Switch’s SNMP agent. Syntax delete snmp host Description The delete snmp host command deletes a recipient of SNMP traps generated by the Switch’s SNMP agent.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show snmp host Command: show snmp host SNMP Host Table Host IP Address SNMP Version ----------------------------------10.48.76.23 V2c 10.48.74.100 V3 Community Name / SNMPv3 User Name -----------------------------private public Total Entries: 2 DGS-3024:4# enable rmon Purpose Used to enable RMON on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#disable rmon Command: disable rmon Success. DGS-3024:4# create trusted_host Purpose Used to create the trusted host. Syntax create trusted_host Description The create trusted_host command creates the trusted host. The Switch allows users to specify up to four IP addresses that are allowed to manage the Switch via in-band SNMP or TELNET based management software. These IP addresses must be members of the Management VLAN.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show trusted_host Command: show trusted_host Management Stations IP Address ----------------------10.53.13.94 Total Entries: 1 DGS-3024:4# delete trusted_host Purpose Used to delete a trusted host entry made using the create trusted_host command above. Syntax delete trusted _host Description This command is used to delete a trusted host entry made using the create trusted_host command above.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#enable snmp traps Command: enable snmp traps Success. DGS-3024:4# disable snmp traps Purpose Used to disable SNMP trap support on the Switch. Syntax disable snmp traps Description This command is used to disable SNMP trap support on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command.
DGS-3024 Layer 2 Switch CLI Reference Manual disable snmp authenticate trap Purpose Used to disable SNMP authentication trap support. Syntax disable snmp authenticate trap Description This command is used to disable SNMP authentication support on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command. Example Usage: To disable the SNMP authentication trap support: DGS-3024:4#disable snmp authenticate trap Command: disable snmp authenticate trap Success.
DGS-3024 Layer 2 Switch CLI Reference Manual config snmp system_contact Purpose Used to enter the name of a contact person who is responsible for the Switch. Syntax config snmp system_contact {} Description The config snmp system_contact command is used to enter the name and/or other information to identify a contact person who is responsible for the Switch. A maximum of 255 character can be used. Parameters - A maximum of 255 characters is allowed.
DGS-3024 Layer 2 Switch CLI Reference Manual config snmp system_name Purpose Used to configure the name for the Switch. Syntax config snmp system_name {} Description The config snmp system_name command configures the name of the Switch. Parameters - A maximum of 255 characters are allowed. A NULL string is accepted if no name is desired. Restrictions Only administrator-level users can issue this command.
DGS-3024 Layer 2 Switch CLI Reference Manual 7 MAC N OTIFICATION C OMMANDS The MAC notification commands in the Command Line Interface (CLI) are listed in the following table, along with their appropriate parameters.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#disable mac_notification Command: disable mac_notification Success. DGS-3024:4# config mac_notification Purpose Used to configure MAC address notification. Syntax config mac_notification {interval | historysize Description MAC address notification is used to monitor MAC addresses learned and entered into the FDB. Parameters interval - The time in seconds between notifications.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config mac_notification ports 7 enable Command: config mac_notification ports 7 enable Success. DGS-3024:4# show mac_notification Purpose Used to display the Switch’s MAC address table notification global settings. Syntax show mac_notification Description This command is used to display the Switch’s MAC address table notification global settings. Parameters None. Restrictions Only administrator-level users can issue this command.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show mac_notification ports Command: show mac_notification ports Port # MAC Address Table Notification State ------ -----------------------------------1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 9 Disabled 10 Disabled 11 Disabled 12 Disabled 13 Disabled 14 Disabled 15 Disabled 16 Disabled 17 Disabled 18 Disabled 19 Disabled 20 Disabled CTRL+C ESC q Quit SPACE n Next Page p Previous Page r Refresh 49
DGS-3024 Layer 2 Switch CLI Reference Manual 8 D OWNLOAD /U PLOAD C OMMANDS The download/upload commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters download [firmware | configuration {increment}] upload [configuration | log] Each command is listed, in detail, in the following sections.
DGS-3024 Layer 2 Switch CLI Reference Manual To download a configuration file: DGS-3024:4#download configuration 10.48.74.121 c:\cfg\setting.txt Command: download configuration 10.48.74.121 c:\cfg\setting.txt Connecting to server................... Done. Download configuration............. Done. DGS-3024:4# upload Purpose Used to upload the current Switch settings, or the Switch history log, to a TFTP server.
DGS-3024 Layer 2 Switch CLI Reference Manual 9 N ETWORK M ONITORING C OMMANDS The network monitoring commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show packet ports 7 Command: show packet ports 7 Port number : 7 A Frame Size Frame Counts Frames/sec Frame Type ----------------------------------------64 3275 10 RX Bytes 65-127 755 10 RX Frames 128-255 316 1 256-511 145 0 TX Bytes 512-1023 15 0 TX Frames 1024-1518 0 0 C Unicast RX 152 1 Multicast RX 557 2 Broadcast RX 3686 16 B Total Total/sec --------------408973 1657 4395 19 7918 111 178 2 CTRL+C ESC q Quit SPACE n Next Page p Previous Page r R
DGS-3024 Layer 2 Switch CLI Reference Manual show utilization Purpose Used to display real-time port utilization statistics. Syntax show utilization Description This command will display the real-time port utilization statistics for the Switch. Parameters None. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#clear counters Command: clear counters Success. DGS-3024:4# clear log Purpose Used to clear the Switch’s history log. Syntax clear log Description This command will clear the Switch’s history log. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To clear the log information: DGS-3024:4#clear log Command: clear log Success.
DGS-3024 Layer 2 Switch CLI Reference Manual enable syslog Purpose Used to enable the system log to be sent to a remote host. Syntax enable syslog Description The enable syslog command enables the system log to be sent to a remote host. Parameters None. Restrictions Only administrator-level users can issue this command. Example usage: To the syslog function on the Switch: DGS-3024:4#enable syslog Command: enable syslog Success.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show syslog Command: show syslog Syslog Global State: Enabled DGS-3024:4# create syslog host Purpose Used to create a new syslog host. Syntax create syslog host ipaddress {severity [informational | warning | all | facility [local0 | local1| local2 | local3 | local4 | local5 | local6 | local7] | udp_port state [enable | disable] Description The create syslog host command is used to create a new syslog host.
DGS-3024 Layer 2 Switch CLI Reference Manual create syslog host 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 kernel messages user-level messages mail system system daemons security/authorization messages messages generated internally by syslog line printer subsystem network news subsystem UUCP subsystem clock daemon security/authorization messages FTP daemon NTP subsystem log audit log alert clock daemon local use 0 (local0) local use 1 (local1) local use 2 (local2) local use 3 (local3) l
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#create syslog host 1 ipaddress 10.53.13.94 severity all facility local0 Command: create syslog host 1 ipaddress 10.53.13.94 severity all facility local0 Success. DGS-3024:4# config syslog host Purpose Used to configure the syslog protocol to send system log data to a remote host.
DGS-3024 Layer 2 Switch CLI Reference Manual config syslog host Code 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 kernel messages user-level messages mail system system daemons security/authorization messages messages generated internally by syslog line printer subsystem network news subsystem UUCP subsystem clock daemon security/authorization messages FTP daemon NTP subsystem log audit log alert clock daemon local use 0 (local0) local use 1 (local1) local use 2 (local2) local use 3 (loca
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config syslog host all severity all facility local0 Command: config syslog host all severity all facility local0 Success. DGS-3024:4# delete syslog host Purpose Used to remove a syslog host, that has been previously configured, from the Switch. Syntax delete syslog host [ | all] Description The delete syslog host command is used to remove a syslog host that has been previously configured from the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show syslog host Command: show syslog host Syslog Global State: Disabled Host Id ------1 2 3 Host IP Address --------------10.1.1.2 10.40.2.3 10.21.13.
DGS-3024 Layer 2 Switch CLI Reference Manual 10 M ULTIPLE S PANNING T REE P ROTOCOL (MSTP) C OMMANDS This Switch supports three versions of the Spanning Tree Protocol; 802.1d STP, 802.1w Rapid STP and 802.1s MSTP. Multiple Spanning Tree Protocol, or MSTP, is a standard defined by the IEEE community that allows multiple VLANs to be mapped to a single spanning tree instance, which will provide multiple pathways across the network.
DGS-3024 Layer 2 Switch CLI Reference Manual Command Parameters config stp mst_config_id {revision_level | name } config stp mst_ports instance_id {internalCost [auto | value 1200000000] | priority } show stp show stp ports {} show stp instance_id {} show stp mst_config id Each command is listed, in detail, in the following sections. enable stp Purpose Used to globally enable STP on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#disable stp Command: disable stp Success. DGS-3024:4# config stp version Purpose Used to globally set the version of STP on the Switch. Syntax config stp version [mstp | rstp | stp] Description This command allows the user to choose the version of the spanning tree to be implemented on the Switch. Parameters mstp – Selecting this parameter will set the Multiple Spanning Tree Protocol (MSTP) globally on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual config stp 40 seconds. The default value is 20. maxhops - The number of hops between devices in a spanning tree region before the BPDU (bridge protocol data unit) packet sent by the Switch will be discarded. Each Switch on the hop count will reduce the hop count by one until the value reaches zero. The Switch will then discard the BPDU packet and the information held for the port will age out. The user may set a hop count from 1 to 20.
DGS-3024 Layer 2 Switch CLI Reference Manual config stp ports Purpose Used to setup STP on the port level. Syntax config stp ports {externalCost [auto | ] | hellotime | migrate [yes | no] edge [true | false] | p2p [true | false | auto] | state [enable | disable] | lbd [enable | disable] | fbpdu [enable | disable]} Description This command is used to create and configure STP for a group of ports.
DGS-3024 Layer 2 Switch CLI Reference Manual config stp ports ports specified in the port list. The default is enable. lbd [enable | disable] - Used to enable or disable the loop-back detection function on the switch for the ports configured above in the config stp command. fbpdu [enable | disable] − When enabled, this allows the forwarding of STP BPDU packets from other network devices when STP is disabled in the specified ports.
DGS-3024 Layer 2 Switch CLI Reference Manual config stp instance_id Purpose Used to add or delete an STP instance ID. Syntax config stp instance_id [add_vlan | remove_vlan] Description This command is used to map VIDs (VLAN IDs) to previously configured STP instances on the Switch by creating an instance_id. An STP instance may have multiple members with the same MSTP configuration.
DGS-3024 Layer 2 Switch CLI Reference Manual delete stp instance_id Purpose Used to delete a STP instance ID from the Switch. Syntax delete stp instance_id Description This command allows the user to delete a previously configured STP instance ID from the Switch. Parameters - Enter a value between 1 and 15 to identify the Spanning Tree instance on the Switch. Restrictions Only administrator-level users can issue this command.
DGS-3024 Layer 2 Switch CLI Reference Manual config stp mst_config_id Purpose Used to update the MSTP configuration identification. Syntax config stp mst_config_id {revision_level | name Description This command will uniquely identify the MSTP configuration currently configured on the Switch. Information entered here will be attached to BDPU packets as an identifier for the MSTP region to which it belongs.
DGS-3024 Layer 2 Switch CLI Reference Manual config stp mst_ports range of 1-2000000 will set the quickest route when a loop occurs. A lower internalCost represents a quicker transmission. priority - Enter a value between 0 and 240 to set the priority for the port interface. A higher priority will designate the interface to forward packets first. A lower number denotes a higher priority. Restrictions Only administrator-level users can issue this command.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show stp Command: show stp STP Status STP Version Max Age Hello Time Forward Delay Max Age TX Hold Count Forwarding BPDU Loopback Protection LBD Recover Time : Enabled : RSTP : 20 :2 : 15 : 20 :3 : Enabled : Enabled : 60 DGS-3024:4# Status 3 : STP enabled for MSTP DGS-3024:4#show stp Command: show stp STP Status STP Version Max Age Forward Delay Max Age TX Hold Count Forwarding BPDU Loopback Protection LBD Recover Time : Enabled : MSTP : 20 : 15 : 2
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show stp ports 1-9 Command: show stp ports 1-9 MSTP Port Information ---------------------Port Index :1, Hello Time: 2 /2 , Port STP enabled LBD: No External PathCost : Auto/200000 , Edge Port : No /No , P2P : Auto /Yes Port Forward BPDU : enabled Msti ----0 1 Designated Bridge Internal PathCost Prio Status Role ------------------------------------- ------------------8000/0050BA7120D6 200000 128 Forwarding Root 8001/0053131A3324 200000 128 Forwarding
DGS-3024 Layer 2 Switch CLI Reference Manual show stp mst_config_id Purpose Used to display the MSTP configuration identification. Syntax show stp mst_config_id Description This command displays the Switch’s current MSTP configuration identification. Parameters None. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual 11 F ORWARDING AND F ILTERING C OMMANDS The layer 2 forwarding and filtering commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#create fdb default 00-00-00-00-01-02 port 2 Command: create fdb default 00-00-00-00-01-02 port 2 Success. DGS-3024:4# create multicast_fdb Purpose Used to create a static entry to the multicast MAC address forwarding table (database). Syntax create multicast_fdb Description This command will make an entry into the Switch’s multicast MAC address forwarding database.
DGS-3024 Layer 2 Switch CLI Reference Manual To add multicast MAC forwarding: DGS-3024:4#config multicast_fdb default 01-00-5E-00-00-00 add 1 Command: config multicast_fdb default 01-00-5E-00-00-00 add 1 Success. DGS-3024:4# config fdb aging_time Purpose Used to set the aging time of the forwarding database. Syntax config fdb aging_time minutes Description The aging time affects the learning process of the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show fdb aging_time Command: show fdb aging_time Unicast MAC Address Aging Time =5 DGS-3024:4# delete fdb Purpose Used to delete an entry to the Switch’s forwarding database. Syntax delete fdb Description This command is used to delete a previous entry to the Switch’s MAC address forwarding database. Parameters − The name of the VLAN on which the MAC address resides.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#clear fdb all Command: clear fdb all Success. DGS-3024:4# show multicast_fdb Purpose Used to display the contents of the Switch’s multicast forwarding database. Syntax show mulitcast_fdb {vlan | mac_address } Description This command is used to display the current contents of the Switch’s multicast MAC address forwarding database. Parameters vlan − The name of the VLAN on which the MAC address resides.
DGS-3024 Layer 2 Switch CLI Reference Manual show fdb static − Displays the static MAC address entries. aging_time − Displays the aging time for the MAC address forwarding database. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To filter all multicast packets received for unregistered multicast groups: DGS-3024:4#config multicast port_filtering_mode filter_unregistered_groups Command: config multicast port_filtering_mode filter_unregistered_groups Success. DGS-3024:4# show multicast port_filtering_mode Purpose This command is used to display the Switch’s current multicast port filtering mode setting.
DGS-3024 Layer 2 Switch CLI Reference Manual 12 B ROADCAST S TORM C ONTROL C OMMANDS The broadcast storm control commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config traffic control ports all state enable Command: config traffic control ports all state enable Success. DGS-3024:4#config traffic control storm_type broadcast threshold 15000 Command: config traffic control storm_type broadcast threshold 15000 Success. DGS-3024:4#config traffic control threshold 15000 Command: config traffic control threshold 15000 Success.
DGS-3024 Layer 2 Switch CLI Reference Manual 13 Q O S C OMMANDS The DGS-3024 Switch supports 802.1p priority queuing. The Switch has 4 priority classes of service. These priority classes of service are numbered from 3 (Class 3) — the highest priority class of service — to 0 (Class 0) — the lowest priority class of service. The eight priority queues specified in IEEE 802.1p (p0 to p7) are mapped to the Switch’s priority classes of service is as follows: • Priority 0 is assigned to the Switch’s Q1 class.
DGS-3024 Layer 2 Switch CLI Reference Manual Command Parameters config scheduling_mechanism [strict | round_robin] show scheduling_mechanism config bandwidth_control rx_rate [no_limit | 64K | 128K | 256K | 512K | 1M | 2M | 4M | 8M | 16M | 32M | 64M | 128M | 256M | 512M] show bandwidth_control {} Each command is listed, in detail, in the following sections. config scheduling Purpose Used to configure traffic scheduling for each of the Switch’s QoS queues.
DGS-3024 Layer 2 Switch CLI Reference Manual config scheduling Restrictions Only administrator-level users can issue this command. Example usage: To configure traffic scheduling: DGS-3024:4# config scheduling 3 max_packet 15 Command: config scheduling 3 max_packet 15 Success. DGS-3024:4# show scheduling Purpose Used to display the currently configured traffic scheduling on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual config 802.1p user_priority Purpose Used to map the 802.1p user priority of an incoming packet, to one of the four hardware classes of service available on the Switch. Syntax config 802.1p user_priority Description The config 802.1p user_priority command is used to configure the way the Switch will map an incoming packet, based on its 802.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4# show 802.1p user_priority Command: show 802.1p user_priority QOS Class of Traffic Priority-0 Priority-1 Priority-2 Priority-3 Priority-4 Priority-5 Priority-6 Priority-7 -> -> -> -> -> -> -> -> DGS-3024:4# config 802.1p default_priority Purpose Used to assign an 802.1p priority tag to an incoming untagged packet that has no 802.1p priority tag. Syntax config 802.
DGS-3024 Layer 2 Switch CLI Reference Manual show 802.1 default_priority Purpose Used to display the currently configured 802.1p priority value that will be assigned to an incoming, untagged packet before being forwarded to its destination. Syntax show 802.1p default_priority {} Description The show 802.1p default_priority command displays the currently configured 802.1p priority value that will be assigned to an incoming, untagged packet before being forwarded to its destination.
DGS-3024 Layer 2 Switch CLI Reference Manual config scheduling_mechanism Purpose Used to configure the scheduling mechanism for the QoS function Syntax config scheduling mechanism [strict | round_robin] Description The config scheduling_mechanism command allows the user to select between a round robin (WRR) and a Strict mechanism for emptying the priority classes of service of the QoS function. The Switch contains seven hardware priority classes of service.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show scheduling_mechanism Command: show scheduling_mechanism QOS scheduling_mechanism CLASS ID Mechanism --------------------Class-0 strict Class-1 strict Class-2 strict Class-3 strict DGS-3024:4# config bandwidth_control Purpose Used to configure bandwidth control on a by-port basis.
DGS-3024 Layer 2 Switch CLI Reference Manual show bandwidth_control Purpose Used to display the current bandwidth control settings per port. Syntax show bandwidth_control {} Description This command will display the current bandwidth control settings per port. Parameters - Specifies a port or range of ports to display for bandwidth control. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual 14 P ORT M IRRORING C OMMANDS The port mirroring commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config mirror {source port | ingress_target [disable | port ] | egress_target [disable | port ]} enable mirror disable mirror show mirror Each command is listed, in detail, in the following sections.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4# config mirror source port 1 ingress_target port 2 egress_target port 3 Command: config mirror source port 1 ingress_target port 2 egress_target port 3 Success. DGS-3024:4# enable mirror Purpose Used to enable a previously entered port mirroring configuration.
DGS-3024 Layer 2 Switch CLI Reference Manual show mirror Purpose Used to show the current port mirroring configuration on the Switch. Syntax show mirror Description This command displays the current port mirroring configuration on the Switch. Parameters None. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual 15 VLAN C OMMANDS The VLAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual delete vlan Purpose Used to delete a previously configured VLAN on the Switch. Syntax delete vlan Description This command will delete a previously configured VLAN on the Switch. Parameters − The VLAN name of the VLAN to delete. Restrictions Only administrator-level users can issue this command. Example usage: To remove the VLAN v1: DGS-3024:4#delete vlan v1 Command: delete vlan v1 Success.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config vlan v1 add tagged 4-8 Command: config vlan v1 add tagged 4-8 Success. DGS-3024:4# config gvrp Purpose Used to configure GVRP on the Switch. Syntax config gvrp [ | all] {state [enable | disable] | ingress_checking [enable | disable] acceptable_frame [tagged_only | admit_all] | pvid } Description This command is used to configure the Group VLAN Registration Protocol on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To enable the generic VLAN Registration Protocol (GVRP): DGS-3024:4#enable gvrp Command: enable gvrp Success. DGS-3024:4# disable gvrp Purpose Used to disable GVRP on the Switch. Syntax disable gvrp Description This command, along with enable gvrp above, is used to enable and disable GVRP on the Switch, without changing the GVRP configuration on the Switch. Parameters None.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show vlan Command: show vlan VID :1 VLAN TYPE : static Member ports : 1-24 Static ports : 1-24 Untagged ports : 1-24 Forbidden ports : VLAN Name : default Advertisement : Enabled Total Entries : 1 DGS-3024:4# show gvrp Purpose Used to display the GVRP status for a port list on the Switch. Syntax show gvrp {} Description This command displays the GVRP status for a port list on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual 16 L INK A GGREGATION C OMMANDS The link aggregation commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#create link_aggregation group_id 1 Command: create link_aggregation group_id 1 Success. DGS-3024:4# delete link_aggregation group_id Purpose Used to delete a previously configured link aggregation group. Syntax delete link_aggregation group_id Description This command is used to delete a previously configured link aggregation group. Parameters − Specifies the group ID.
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To define a load-sharing group of ports, group ID 1, master port 5 of module 1 with group members ports 5-7 plus port 9: DGS-3024:4#config link_aggregation group_id 1 master_port 5 ports 5-7, 9 Command: config link_aggregation group_id 1 master_port 5 ports 5-7, 9 Success. DGS-3024:4# config link_aggregation algorithm Purpose Used to configure the link aggregation algorithm.
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To display the current link aggregation configuration: DGS-3024:4#show link_aggregation Command: show link_aggregation Link Aggregation Algorithm = MAC-source-dest Group ID Master Port Member Port Active Port: Status :1 : 17 : 5-10, 17 : Disabled DGS-3024:4# config lacp_port Purpose Used to configure settings for LACP compliant ports.
DGS-3024 Layer 2 Switch CLI Reference Manual show lacp_port Purpose Used to display current LACP port mode settings. Syntax show lacp_port {} Description This command will display the LACP mode settings as they are currently configured. Parameters ports − Specifies a range of ports that will belong to the link aggregation group. The port list is specified by listing the beginning port number, then the highest port number of the range (separated by a dash) are specified.
DGS-3024 Layer 2 Switch CLI Reference Manual 17 B ASIC IP C OMMANDS The IP interface commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config ipif [{ipaddress | vlan | state [enable | disable]} | bootp | dhcp] show ipif {} Each command is listed, in detail, in the following sections.
DGS-3024 Layer 2 Switch CLI Reference Manual show ipif Purpose Used to display the configuration of an IP interface on the Switch. Syntax show ipif {} Description This command will display the configuration of an IP interface on the Switch. Parameters - Enter the name of the IP interface for which to view the settings. (System) Restrictions None. Example usage: To display IP interface settings.
DGS-3024 Layer 2 Switch CLI Reference Manual 18 IGMP S NOOPING C OMMANDS The IGMP Snooping commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To configure IGMP snooping: DGS-3024:4#config igmp_snooping default host_timeout 250 state enable Command: config igmp_snooping default host_timeout 250 state enable Success. DGS-3024:4# config igmp_snooping querier Purpose Used to configure the time in seconds between general query transmissions, the maximum time in seconds to wait for reports from members, and the permitted packet loss that guarantees IGMP snooping.
DGS-3024 Layer 2 Switch CLI Reference Manual To configure the IGMP snooping querier: DGS-3024:4#config igmp_snooping querier default query_interval 125 state enable Command: config igmp_snooping querier default query_interval 125 state enable Success. DGS-3024:4# config router_ports Purpose Used to configure ports as router ports.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#enable igmp_snooping Command: enable igmp_snooping Success. DGS-3024:4# disable igmp_snooping Purpose Used to disable IGMP snooping on the Switch. Syntax disable igmp_snooping Description This command disables IGMP snooping on the Switch. IGMP snooping can be disabled only if IP multicast routing is not being used. Disabling IGMP snooping allows all IGMP and IP multicast traffic to flood within a given IP interface. Parameters None.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show igmp_snooping Command: show igmp_snooping IGMP Snooping Global State Multicast router Only : Disabled : Disabled VLAN Name Query Interval Max Response Time Robustness Value Last Member Query Interval Host Timeout Route Timeout Leave Timer Querier State Querier Router Behavior State : default : 125 : 10 :2 :1 : 260 : 260 :2 : Disabled : Non-Querier : Disabled Total Entries: 1 DGS-3024:4# show igmp_snooping group Purpose Used to display the cu
DGS-3024 Layer 2 Switch CLI Reference Manual show igmp_snooping forwarding Purpose Used to display the IGMP snooping forwarding table entries on the Switch. Syntax show igmp_snooping forwarding {vlan } Description This command will display the current IGMP snooping forwarding table entries currently configured on the Switch. Parameters − The name of the VLAN for which to view IGMP snooping forwarding table information. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual 19 802.1X C OMMANDS The DGS-3024 implements the server-side of the IEEE 802.1x Port-based Network Access Control. This mechanism is intended to allow only authorized users, or other network devices, access to network resources by establishing criteria for each port on the Switch that a user or network device must meet before allowing that port to forward or receive frames. Command Parameters enable 802.1x disable 802.1x show 802.
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To enable 802.1x Switch wide: DGS-3024:4#enable 802.1x Command: enable 802.1x Success. DGS-3024:4# disable 802.1x Purpose Used to disable the 802.1x server on the Switch. Syntax disable 802.1x Description The disable 802.1x command is used to disable the 802.1x Port-based Network Access control server application on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command.
DGS-3024 Layer 2 Switch CLI Reference Manual show 802.1x auth_state Purpose Used to display the current authentication state of the 802.1x server on the Switch. Syntax show 802.1x auth_state {ports } Description The show 802.1x command is used to display the current 802.1x authentication state of the specified ports of the Port-based Network Access Control server application on the Switch. The following details what is displayed: Port number − Shows the physical port number on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual show 802.1x auth_configuration Port number − Shows the physical port number on the Switch. Capability: Authenticator/None − Shows the capability of 802.1x functions on the port number displayed above. There are four 802.1x capabilities that can be set on the Switch: Authenticator, Supplicant, Authenticator and Supplicant, and None. Port Status: Authorized/Unauthorized − Shows the result of the authentication process.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show 802.1x auth_configuration ports 1 Command: show 802.1x auth_configuration ports 1 802.
DGS-3024 Layer 2 Switch CLI Reference Manual config 802.1x auth_parameter ports {direction [both | in] | port_control [force_unauth | auto | force_auth] | quiet_period | tx_period | supp_timeout | server_timeout | max_req | reauth_period | enable_reauth [enable | disable]}] Description The config 802.1x auth_parameter command is used to configure the 802.1x Authentication parameters on a range of ports.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config 802.1x auth_parameter ports 1 – 20 direction both Command: config 802.1x auth_parameter ports 1 – 20 direction both Success. DGS-3024:4# config 802.1x init Purpose Used to initialize the 802.1x function on a range of ports. Syntax config 802.1x init [port_based ports [ | all] Description The config 802.1x init command is used to immediately initialize the 802.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config 802.1x reauth port_based ports 1-18 Command: config 802.1x reauth port_based ports 1-18 Success. DGS-3024:4# config radius add Purpose Used to configure the settings the Switch will use to communicate with a RADIUS server.
DGS-3024 Layer 2 Switch CLI Reference Manual config radius delete Purpose Used to delete a previously entered RADIUS server configuration. Syntax config radius delete Description The config radius delete command is used to delete a previously entered RADIUS server configuration. Parameters − Assigns a number to the current set of RADIUS server settings. Up to three groups of RADIUS server settings can be entered on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config radius 1 10.48.74.121 key dlink default Command: config radius 1 10.48.74.121 key dlink default Success. DGS-3024:4# show radius Purpose Used to display the current RADIUS configurations on the Switch. Syntax show radius Description The show radius command is used to display the current RADIUS configurations on the Switch. Parameters None. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#create 802.1x user dtremblett Command: create 802.1x user dtremblett Enter a case-sensitive new password:****** Enter the new password again for confirmation:****** Success. DGS-3024:4# show 802.1x user Purpose Used to display the 802.1x user accounts on the Switch. Syntax show 802.1x user Description The show 802.1x user command is used to display the 802.1x Portbased Network Access control local users currently configured on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#delete 802.1x user dtremblett Command: delete 802.1x user dtremblett Success.
DGS-3024 Layer 2 Switch CLI Reference Manual 20 A CCESS A UTHENTICATION C ONTROL C OMMANDS The Access Authentication Control commands allow users secure access to the Switch using the TACACS / XTACACS / TACACS+ and RADIUS protocols. When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password.
DGS-3024 Layer 2 Switch CLI Reference Manual The Access Authentication Control commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual enable authen_policy Purpose Used to enable system access authentication policy. Syntax enable authen_policy Description This command will enable an administrator-defined authentication policy for users trying to access the Switch. When enabled, the device will check the method list and choose a technique for user authentication upon login. Parameters None. Restrictions Only administrator-level users can issue this command.
DGS-3024 Layer 2 Switch CLI Reference Manual show authen_policy Purpose Used to display the system access authentication policy status on the Switch. Syntax show authen_policy Description This command will show the current status of the access authentication policy on the Switch. Parameters None. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual config authen_login Purpose Used to configure a user-defined or default method list of authentication methods for user login. Syntax config authen_login [default | method_list_name ] method {tacacs | xtacacs | tacacs+ | radius | server_group | local | none} Description This command will configure a user-defined or default method list of authentication methods for users logging on to the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual config authen_login authenticated using the TACACS protocol from a remote TACACS server. xtacacs – Adding this parameter will require the user to be authenticated using the XTACACS protocol from a remote XTACACS server. tacacs+ – Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server.
DGS-3024 Layer 2 Switch CLI Reference Manual delete authen_login method_list_name user login. Parameters - Enter an alphanumeric string of up to 15 characters to define the given method list to delete. Restrictions Only administrator-level users can issue this command. Example usage: To delete the method list name “Trinity”: DGS-3024:4#delete authen_login method_list_name Trinity Command: delete authen_login method_list_name Trinity Success.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show authen_login method_list_name all Command: show authen_login method_list_name all Method List Name Priority ----------------------Darren 1 default 1 GoHabs! 1 Trinity 1 Method Name --------------tacacs+ radius Newfie local Comment --------Built-in Group Built-in Group User-defined Group Keyword DGS-3024:4# create authen_enable method_list_name Purpose Used to create a user-defined method list of authentication methods for promoting normal use
DGS-3024 Layer 2 Switch CLI Reference Manual config authen_enable The sequence of methods implemented in this command will affect the authentication result. For example, if a user enters a sequence of methods like tacacs – xtacacs – local_enable, the Switch will send an authentication request to the first tacacs host in the server group. If no verification is found, the Switch will send an authentication request to the second tacacs host in the server group and so on, until the list is exhausted.
DGS-3024 Layer 2 Switch CLI Reference Manual config authen_enable server_group – Adding this parameter will require the user to be authenticated using a user-defined server group previously configured on the Switch. local_enable – Adding this parameter will require the user to be authenticated using the local user account database on the Switch. The local enable password of the device can be configured using the “config admin local_password” command.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#delete authen_enable method_list_name Permit Command: delete authen_enable method_list_name Permit Success. DGS-3024:4# show authen_enable Purpose Used to display the method list of authentication methods for promoting normal user level privileges to Administrator level privileges on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show authen_enable all Command: show authen_enable all Method List Name Priority Method Name ------------------------------------Permit 1 tacacs+ 2 tacacs 3 Darren 4 local Comment -----------------Built-in Group Built-in Group User-defined Group Keyword default Built-in Group Keyword 1 2 tacacs+ local Total Entries : 2 DGS-3024:4# config authen application Purpose Used to configure various applications on the Switch for authentication using a p
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To configure the default method list for the web interface: DGS-3024:4#config authen application http login default Command: config authen application http login default Success. DGS-3024:4# show authen application Purpose Used to display authentication methods for the various applications on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual create authen server_host but, remember that TACACS/XTACACS/TACACS+ and RADIUS are separate entities and are not compatible with each other. The maximum supported number of server hosts is 16. Parameters server_host - The IP address of the remote server host to add. protocol – The protocol used by the server host. The user may choose one of the following: tacacs – Enter this parameter if the server host utilizes the TACACS protocol.
DGS-3024 Layer 2 Switch CLI Reference Manual config authen server_host Purpose Used to configure a user-defined authentication server host. Syntax config authen server_host protocol [tacacs | xtacacs | tacacs+ | radius] {port | key [ | none] | timeout | retransmit < 1-255>} Description This command will configure a user-defined authentication server host for the TACACS/XTACACS/TACACS+ and RADIUS security protocols on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config authen server_host 10.1.1.121 protocol tacacs port 4321 timeout 12 retransmit 4 Command: config authen server_host 10.1.1.121 protocol tacacs port 4321 timeout 12 retransmit 4 Success. DGS-3024:4# delete authen server_host Purpose Used to delete a user-defined authentication server host.
DGS-3024 Layer 2 Switch CLI Reference Manual show authen server_host include tacacs, xtacacs, tacacs+ and radius. Port – The virtual port number on the server host. The default value is 49. Timeout - The time in seconds the Switch will wait for the server host to reply to an authentication request. Retransmit - The value in the retransmit field denotes how many times the device will resend an authentication request when the TACACS server does not respond. This field is inoperable for the tacacs+ protocol.
DGS-3024 Layer 2 Switch CLI Reference Manual config authen server_group Purpose Used to create a user-defined authentication server group. Syntax config authen server_group [tacacs | xtacacs | tacacs+ | radius | ] [add | delete] server_host protocol [tacacs | xtacacs | tacacs+ | radius] Description This command will configure an authentication server group.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config authen server_group group_1 add server_host 10.1.1.121 protocol tacacs+ Command: config authen server_group group_1 add server_host 10.1.1.121 protocol tacacs+ Success. DGS-3024:4# delete authen server_group Purpose Used to delete a user-defined authentication server group. Syntax delete authen server_group Description This command will delete an authentication server group.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show authen server_group Command: show authen server_group Group Name IP Address Protocol -----------------------------------radius ---------------------------------------Darren 10.53.13.2 TACACS tacacs 10.53.13.
DGS-3024 Layer 2 Switch CLI Reference Manual config authen parameter attempt Purpose Used to configure the maximum number of times the Switch will accept authentication attempts. Syntax config authen parameter attempt Description This command will configure the maximum number of times the Switch will accept authentication attempts.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#show authen parameter Command: show authen parameter Response timeout: 60 seconds User attempts :5 DGS-3024:4# enable admin Purpose Used to promote user level privileges to administrator level privileges Syntax enable admin Description This command is for users who have logged on to the Switch on the normal user level, to become promoted to the administrator level. After logging on to the Switch, users will have only user level privileges.
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To configure the password for the “local_enable” authentication method. DGS-3024:4#config admin local_enable Command: config admin local_enable Enter the old password: ****** Enter the case-sensitive new password:****** Enter the new password again for confirmation:****** Success.
DGS-3024 Layer 2 Switch CLI Reference Manual 21 SSH C OMMANDS The steps required to use the SSH protocol for secure communication between a remote PC (the SSH Client) and the Switch (the SSH Server), are as follows: Create a user account with admin-level access using the create account admin command. This is identical to creating any other admin-lever User account on the Switch, including specifying a password.
DGS-3024 Layer 2 Switch CLI Reference Manual Usage example: To enable SSH: DGS-3024:4#enable ssh Command: enable ssh Success. DGS-3024:4# disable ssh Purpose Used to disable SSH. Syntax disable ssh Description This command allows users to disable SSH on the Switch. Parameters None. Restrictions Only administrator-level users can issue this command. Usage example: To disable SSH: DGS-3024:4# disable ssh Command: disable ssh Success.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config ssh authmode password enable Command: config ssh authmode password enable Success. DGS-3024:4# show ssh authmode Purpose Used to display the SSH authentication mode setting. Syntax show ssh authmode Description This command will allow users to display the current SSH authentication set on the Switch. Parameters None. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual config ssh server known” port for the SSH management software is 22. Restrictions Only administrator-level users can issue this command. Usage Example: To configure the SSH server: DGS-3024:4# config ssh server maxsession 2 timeout 300 authfail 2 Command: config ssh server maxsession 2 timeout 300 authfail 2 Success. DGS-3024:4# show ssh server Purpose Used to display the SSH server setting.
DGS-3024 Layer 2 Switch CLI Reference Manual config ssh user hostbased – This parameter should be chosen if the user wishes to use a remote SSH server for authentication purposes. Choosing this parameter requires the user to input the following information to identify the SSH user. hostname - Enter an alphanumeric string of up to 31 characters identifying the remote SSH user. hostname_IP - Enter the hostname and the corresponding IP address of the SSH user.
DGS-3024 Layer 2 Switch CLI Reference Manual config ssh algorithm Purpose Used to configure the SSH algorithm. Syntax config ssh algorithm [3DES | AES128 | AES192 | AES256 | arcfour | blowfish | cast128 | twofish128 | twofish192 | twofish256 | MD5 | SHA1 | DSA | RSA] [enable | disable] Description This command allows users to configure the desired type of SSH algorithm used for authentication encryption.
DGS-3024 Layer 2 Switch CLI Reference Manual show ssh algorithm Purpose Used to display the SSH algorithm setting. Syntax show ssh algorithm Description This command will display the current SSH algorithm setting status. Parameters None. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual 22 SSL C OMMANDS Secure Sockets Layer or SSL is a security feature that will provide a secure communication path between a host and client through the use of authentication, digital signatures and encryption.
DGS-3024 Layer 2 Switch CLI Reference Manual enable ssl Purpose To enable the SSL function on the Switch. Syntax enable ssl {ciphersuite {RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA | DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5}} Description This command will enable SSL on the Switch by implementing any one or combination of listed ciphersuites on the Switch. Entering this command without a parameter will enable the SSL status on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual disable ssl Purpose To disable the SSL function on the Switch. Syntax disable ssl {ciphersuite {RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA | DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5}} Description This command will disable SSL on the Switch and can be used to disable any one or combination of listed ciphersuites on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To view the SSL status on the Switch: DGS-3024:4#show ssl Command: show ssl SSL status RSA_WITH_RC4_128_MD5 RSA_WITH_3DES_EDE_CBC_SHA DHE_DSS_WITH_3DES_EDE_CBC_SHA RSA_EXPORT_WITH_RC4_40_MD5 0x0004 0x000A 0x0013 0x0003 Disabled Enabled Enabled Enabled Enabled DGS-3024:4# download certificate_fromTFTP Purpose Used to download a certificate file for the SSL function on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual show certificate Purpose Used to view the certificate files for the SSL function on the switch. Syntax show certificate Description This command is used to view the SSL certificate currently in use on the switch. Parameters None. Restrictions None.
DGS-3024 Layer 2 Switch CLI Reference Manual 23 T IME AND SNTP C OMMANDS The Simple Network Time Protocol (SNTP) (an adaptation of the Network Time Protocol (NTP)) commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config sntp primary 10.1.1.1 secondary 10.1.1.2 poll-interval 30 Command: config sntp primary 10.1.1.1 secondary 10.1.1.2 poll-interval 30 Success. DGS-3024:4# show sntp Purpose Used to display the SNTP information. Syntax show sntp Description This command will display SNTP settings information including the source IP address, time and poll interval. Parameters None. Restrictions Only administrator-level users can issue this command.
DGS-3024 Layer 2 Switch CLI Reference Manual disable sntp Purpose Disables SNTP server support. Syntax disable sntp Description This will disable SNTP support. SNTP service must be separately configured (see config sntp). Parameters None. Restrictions Only administrator-level users can issue this command. Example: To stop SNTP support: DGS-3024:4#disable sntp Command: disable sntp Success. DGS-3024:4# config time Purpose Used to manually configure system time and date settings.
DGS-3024 Layer 2 Switch CLI Reference Manual config time_zone Purpose Used to determine the time zone used in order to adjust the system clock. Syntax config time_zone {operator [+ | -] | hour | min } Description This will adjust system clock settings according to the time zone. Time zone settings will adjust SNTP information accordingly. Parameters operator – Choose to add (+) or subtract (-) time to adjust for time zone relative to GMT.
DGS-3024 Layer 2 Switch CLI Reference Manual config dst in which DST begins where 1 is the first week, 2 is the second week and so on, last is the last week of the month. e_week - Configure the week of the month in which DST ends. • - The number of the week during the month in which DST ends where 1 is the first week, 2 is the second week and so on, last is the last week of the month. s_day – Configure the day of the week in which DST begins.
DGS-3024 Layer 2 Switch CLI Reference Manual show time Purpose Used to display the current time settings and status. Syntax show time Description This will display system time and date configuration as well as display current system time. Parameters None. Restrictions Only administrator-level users can issue this command.
DGS-3024 Layer 2 Switch CLI Reference Manual 24 R OUTING TABLE C OMMANDS The routing table commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create iproute [default] {} delete iproute [default] show iproute Each command is listed, in detail, in the following sections. create iproute Purpose Used to create IP route entries to the Switch’s IP routing table.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#delete iproute default 10.53.13.254 Command: delete iproute default 10.53.13.254 Success. DGS-3024:4# show iproute Purpose Used to display the Switch’s current IP routing table. Syntax show iproute {} {static} Description This command will display the Switch’s current IP routing table. Parameters network address – IP address and netmask of the IP interface that is the destination of the route.
DGS-3024 Layer 2 Switch CLI Reference Manual 25 ARP C OMMANDS The ARP commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To configure a static ARP entry for the IP address 10.48.74.12 and MAC address 00:50:BA:00:07:36: DGS-3024:4#config arpentry 10.48.74.12 00-50-BA-00-07-36 Command: config arpentry 10.48.74.12 00-50-BA-00-07-36 Success. DGS-3024:4# delete arpentry Purpose Used to delete a static entry into the ARP table.
DGS-3024 Layer 2 Switch CLI Reference Manual show arpentry Purpose Used to display the ARP table. Syntax show arpentry {ipif | ipaddress | [static | local]} Description This command is used to display the current contents of the Switch’s ARP table. Parameters − The name of the IP interface, the end node, or station for which the ARP table entry was made and resides on. − The network address corresponding to the IP interface name above.
DGS-3024 Layer 2 Switch CLI Reference Manual clear arptable Purpose Used to remove all dynamic ARP table entries. Syntax clear arptable Description This command is used to remove dynamic ARP table entries from the Switch’s ARP table. Static ARP table entries are not affected. Parameters None. Restrictions Only administrator-level users can issue this command. Example Usage: To remove dynamic entries in the ARP table: DGS-3024:4#clear arptable Command: clear arptable Success.
DGS-3024 Layer 2 Switch CLI Reference Manual 26 C OMMAND H ISTORY L IST The command history list commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters ? show command_history dir config command_history Each command is listed, in detail, in the following sections. ? Purpose Used to display all commands in the Command Line Interface (CLI).
DGS-3024 Layer 2 Switch CLI Reference Manual Example usage: To display the parameters for a specific command: DGS-3024:4#? config igmp_snooping Command: config igmp_snooping Command: config igmp_snooping Usage: [ | all] {host_timeout | router_timeout | leave_timer | state [enable | disable]} Description: Used to configure IGMP snooping on the Switch.
DGS-3024 Layer 2 Switch CLI Reference Manual dir Purpose Used to display all commands. Syntax dir Description This command will display all commands. Parameters None. Restrictions None. Example usage To display all of the commands: DGS-3024:4#dir Command: dir .. ? clear clear arptable clear counters clear fdb clear log config 802.1p default_priority config 802.1p user_priority config 802.1x auth_parameter ports config 802.1x auth_protocol config 802.1x capability ports config 802.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config command_history 20 Command: config command_history 20 Success.
DGS-3024 Layer 2 Switch CLI Reference Manual 27 M ODIFY B ANNER AND P ROMPT C OMMANDS Administrator level users can modify the login banner (greeting message) and command prompt by using the commands described below. Command Parameters config greeting_message {default} config command_ prompt [ | username | default] show greeting_message The Modify Banner and Prompt commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
DGS-3024 Layer 2 Switch CLI Reference Manual DGS-3024:4#config greeting_message Command: config greeting_message Greeting Messages Editor ================================================================================ DGS-3024 Gigabit Ethernet Switch Command Line Interface Firmware: Build 4.00-B04 Copyright(C) 2004-2007 D-Link Corporation. All rights reserved.
DGS-3024 Layer 2 Switch CLI Reference Manual config command prompt Purpose Used to configure the command prompt. Syntax config command_prompt [ | username | default] Description Administrator level users can use this command to change the command prompt. Parameters string 16 - The command prompt can be changed by entering a new name of no more that 16 characters. username - The command prompt will be changed to the login username.
DGS-3024 Layer 2 Switch CLI Reference Manual A T ECHNICAL S PECIFICATIONS Performance Transmission Method Store-and-forward RAM Buffer 512Kbytes per device Packet Filtering/ Forwarding Rate Full-wire speed for all connections. MAC Address Learning Automatic update. Supports 8K MAC address. Priority Queues 4 Priority Queues per port. Forwarding Table Age Time Max age: 10–1000000 seconds. 1,488,095 pps per port (for 1000Mbps) Default = 300.
DGS-3024 Layer 2 Switch CLI Reference Manual General Standards: IEEE 802.3 10BASE-T Ethernet IEEE 802.3u 100BASE-TX Fast Ethernet IEEE 802.3z 1000BASE-SX Gigabit Ethernet IEEE 802.3ab 1000BASE-T Gigabit Ethernet IEEE 802.1D Spanning Tree IEEE 802.1P Tagged Packets IEEE 802.1Q Tagged VLAN IEEE 802.3x Full-duplex Flow Control ANSI/IEEE 802.
