FortiSwitch-548B Version 5.2.0.
FortiSwitch-548B User Guide Version 5.2.0.2 Revision 2 15 December 2010 © Copyright 2010 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet, Inc.
Table of Contents 1. Introduction..................................................................................................................6 1.1 Scope ...................................................................................................................6 1.2 Documentation .....................................................................................................6 1.3 Customer Service and Technical Support ............................................................6 1.
7.2 Device Configuration Commands.......................................................................42 7.3 Management Commands .................................................................................153 7.4 Spanning Tree Commands ...............................................................................202 7.5 System Log Management Commands .............................................................222 7.6 Script Management Commands ..............................................
9.4 Multicast Commands ........................................................................................513 9.5 Protocol Independent Multicast – Dense Mode (PIM-DM) Commands............519 9.6 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands ...........523 9.7 IGMP Proxy Commands...................................................................................532 9.8 MLD Proxy Commands ....................................................................................537 10.
1. Introduction 1.1 Scope This document describes: how to install the FortiSwitch-548B switch (the Switch) how to use the CLI console to manage the Switch how to use the web-based management interface to configure the Switch 1.2 Documentation The Fortinet Technical Documentation web site, http://docs.fortinet.com, provides the most up-to-date versions of Fortinet publications, as well as additional technical documentation such as technical notes. 1.2.
To learn about the training services that Fortinet provides, visit the Fortinet Training Services web site at http://campus.training.fortinet.com, or email them at training@fortinet.com.
2. Product Overview 2.1 Switch Description FortiSwitch-548B is a SFP+ 10-Gigabit Ethernet backbone switch designed for adaptability and scalability. The Switch provides a management platform and uplink to backbone. Alternatively, the Switch can utilize up to 48 10-Gigabit Ethernet ports to function as a central distribution hub for other switches, switch groups, or routers. The built-in 1000/100/10 Ethernet port is for out of service. The FortiSwitch-548B power system provides two power supplies.
• VLAN routing support • IP Multicast support • IGMP v1, v2, and v3 support • DVMRP support • Protocol Independent Multicast - Dense Mode (PIM-DM) support for IPv4 and IPv6 • Protocol Independent Multicast - Sparse Mode (PIM-SM) support for IPv4 and IPv6 • IPV6 function Supports DHCPv6 protocol, OSPFv3 protocol, Tunneling, loopback Provides to configure IPv6 rotuing interface, routing preference • DHCP Client and Relay support • DNS Client and Relay support • Per-port bandwidth control •
2.3 Front-Panel Components The front panel of the Switch consists of 48 10-Gigabit interfaces, 2 LED indicators, 1 built-in 1000/100/10 RJ-45 Ethernet service ports, an RS-232 communication port, and 48 port LEDs. The upper LED indicators display power status. The lower LED indicators displays the status of the switch. An RS-232 DCE console port is for setting up and managing the Switch via a connection to a console terminal or PC using a terminal emulation program.
2.6 Management Options The system may be managed by using one Service Ports through a Web Browswer,Telent, SNMP function and using the console port on the front panel through CLI command. 2.7 Web-based Management Interface After you have successfully installed the Switch, you can configure the Switch, monitor the LED panel, and display statistics graphically using a Web browser, such as Mozilla FireFox (version 3.6 or higher) or Microsoft® Internet Explorer (version 5.0 or above). ! 2.
• RFC 3289 - DIFFSERV-DSCP-TC • RFC 3289 - DIFFSERV-MIB • QOS-DIFFSERV-EXTENSIONS-MIB • QOS-DIFFSERV-PRIVATE-MIB • RFC 2674 802.
- 13 -
3. Installation and Quick Startup 3.
3.2 Switch Installation Installing the Switch Without the Rack 1. Install the Switch on a level surface that can safely support the weight of the Switch and its attached cables. The Switch must have adequate space for ventilation and for accessing cable connectors. 2. Set the Switch on a flat surface and check for proper ventilation. Allow at least 5 cm (2 inches) on each side of the Switch and 15 cm (6 inches) at the back for the power cable. 3.
3.3 Installing the Switch in a Rack You can install the Switch in most standard 19-inch (48.3-cm) racks. Refer to the illustrations below. 1. Use the supplied screws to attach a mounting bracket to each side of the Switch. 2. Align the holes in the mounting bracket with the holes in the rack. 3. Insert and tighten two screws through each of the mounting brackets.
3.4 Quick Starting the Switch 1. Read the device Installation Guide for the connectivity procedure. In-band connectivity allows access to the FortiSwitch-548B Series Switch locally. From a remote workstation,the device must be configured with IP information (IP address, subnet mask, and default gateway). 2. Turn the Power ON. 3. Allow the device to load the software until the login prompt appears. The device initial state is called the default mode. 4.
3.5 System Information Setup 3.5.1 Quick Start up Software Version Information Table 2-1. Quick Start up Software Version Information Command show hardware Details Allows the user to see the HW & SW version the device contains System Description - switch's model name show version Allows the user to see Serial Number, Part Number, and Model name See SW loader, bootrom and operation version See HW version 3.5.2 Quick Start up Physical Port Data Table 2-2.
show loginsession (Read/Write) or is only able to view (Read Only). As a factory default, admin has Read/Write access and guest has Read Only access. There can only be one Read/Write user and up to 5 Read Only users. Displays all login session information username {passwd | nopasswd} Allows the user to set passwords or change passwords needed to login A prompt will appear after the command is entered requesting the old password. In the absence of an old password leave the area blank.
ip address 3.5.5 Management VLAN Id - Specifies VLAN id Web Mode - Indicates whether HTTP/Web is enabled. Java Mode - Indicates whether java mode is enabled. (Config)#interface vlan 1 (if-vlan 1)#ip address (if-vlan 1)#exit (Config)#ip default-gateway IP Address range from 0.0.0.0 to 255.255.255.255 Subnet Mask range from 0.0.0.0 to 255.255.255.255 Gateway Address range from 0.0.0.0 to 255.255.255.
copy startup-config Sets the download datatype to be an image or config file. The URL must be specified as: tftp://ipAddr/filepath/fileName. The startup-config option downloads the config file using tftp and image option downloads the code file. 3.5.8 Quick Start up Factory Defaults Table 2-8 Quick Start up Factory Defaults Command clear config Details Enter yes when the prompt pops up to clear all the configurations made to the switch.
4. Console and Telnet Administration Interface This chapter discusses many of the features used to manage the Switch, and explains many concepts and important points regarding these features. Configuring the Switch to implement these concepts is discussed in detail in chapter 6. 4.1 Local Console Management Local console management involves the administration of the Switch via a direct connection to the RS-232 DCE console port.
• The console port is set for the following configuration: • Baud rate: 11,520 • Data width: 8 bits • Parity: none • Stop bits: 1 • Flow Control: none A typical console connection is illustrated below: Figure 3-1: Console Setting Environment - 23 -
4.3 Set Up your Switch Using Telnet Access Once you have set an IP address for your Switch, you can use a Telnet program (in a VT-100 compatible terminal mode) to access and control the Switch. Most of the screens are identical, whether accessed from the console port or from a Telnet interface.
5. Web-Based Management Interface 5.1 Overview The Fortinet FortiSwitch-548B Series Layer III plus QoS Managed Switch provides a built-in browser interface that lets you configure and manage it remotely using a standard Web browser such as Microsoft Internet Explorer 5.0 or later or Netscape Navigator 6.0 or later. This interface also allows for system monitoring and management of the switch. The ‘help’ page covers many of the basic functions and features of the switch and its Web interface.
5.2 How to log in The Fortinet FortiSwitch-548B Series Layer III plus QoS Managed Switch can be configured remotely from Microsoft Internet Explorer (version 5.0 or above), or Mozilla FireFox (version 3.6 or above). 1. Determine the IP address of your managed switch. 2. Open your Web browser. 3. Log in to the managed switch using the IP address the unit is currently configured with. 4. Type the default user name of admin and default of no password, or whatever password you have set up.
5.3 Web-Based Management Menu Menus The Web-based interface enables navigation through several menus. The main navigation menu is on the left of every page and contains the screens that let you access all the commands and statistics the switch provides.
Secondary Menus The Secondary Menus under the Main Menu contain a host of options that you can use to configure your switch. The online help contains a detailed description of the features on each screen. You can click the ‘help’ or the question mark at the top right of each screen to view the help menu topics. The Secondary Menus are detailed below, with cross-references to the sections in this manual that contain the corresponding command descriptions.
• MAC-based VLAN — see “MAC-based Commands” • MAC-based Vocie VLAN — see “MAC-based Vocie VLAN Commands” • Voice VLAN — see “Voice VLAN Commands” • Filters — see “MAC Filters Commands” • GARP — see “GVRP and Bridge Extension Commands” • Dynamic Arp Inspection — see “DAI Commands” • IGMP Snooping — see “IGMP Snooping Commands” • IGMP Snooping Querier — see “IGMP Snooping Querier Commands” • MLD Snooping — see “MLD Snooping Commands” • MLD Snooping Querier — see “MLD Snooping Querier Comman
• Secure HTTP — see “HTTP Commands” • Secure Shell — see “Secure Shell (SSH) Commands” IPv6 • OSPFv3 — see “OSPFv3 Configuration Commands” • IPv6 Routes — see “IPv6 Routes Configuration Commands” • RIPv6 — see “RIPv6 Configuration Commands” QoS • ACL — see “ACL Commands” • Diffserv — see “Differentiated Services Commands” • Class of Service see "Class of Service Commands" IPv4 Multicast • DVMRP — see “DVMRP Commands” • IGMP — see “IGMP Commands” • PIM-DM — see “PIM-DM Commands” • PIM-
6. Command Line Interface Structure and Mode-based CLI The Command Line Interface (CLI) syntax, conventions, and terminology are described in this section. Each CLI command is illustrated using the structure outlined below. 6.1 CLI Command Format Commands are followed by values, parameters, or both. Example 1 ip address [] • ip address is the command name. • are the required values for the command. • [] is the optional value for the command.
6.2 CLI Mode-based Topology Parameters Parameters are order dependent. The text in bold italics should be replaced with a name or number. To use spaces as part of a name parameter, enclose it in double quotes like this: "System Name with Spaces". Parameters may be mandatory values, optional values, choices, or a combination. − . The <> angle brackets indicate that a mandatory parameter must be entered in place of the brackets and text inside them. − [parameter].
Conventions Network addresses are used to define a link to a remote host, workstation, or network. Network addresses are shown using the following syntax: Table 5-1. Network Address Syntax Address Type IPAddr MacAddr Format A.B.C.D Range YY:YY:YY:YY:YY:YY 0.0.0.0 to 255.255.255.255 hexidecimal digit pairs Double quotation marks such as "System Name with Spaces" set off user defined strings.
7. Switching Commands 7.1 System Information and Statistics commands 7.1.1 show arp le This command displays connectivity between the switch and other devices. The Address Resolution Protocol (ARP) cache identifies the MAC addresses of the IP stations communicating with the switch. Syntax show arp Default Setting None Command Mode Privileged Exec Display Message MAC Address: A unicast MAC address for which the switch has forwarding and/or filtering information.
7.1.3 show process cpu This command provides the percentage utilization of the CPU by different tasks. Syntax show process cpu i It is not necessarily the traffic to the CPU, but different tasks that keep the CPU busy Default Setting None Command Mode Privileged Exec Display Message The following shows example CLI display output for the command.
7.1.4 show eventlog This command displays the event log, which contains error messages from the system, in the Primary Management System or in the specified unit. The event log is not cleared on a system reset. Syntax show eventlog [unit] unit - The unit number of the remote system. The range is 1 to 8. Default Setting None Command Mode Privileged Exec Display Message File: The file in which the event originated. Line: The line number of the event. Task Id: The task ID of the event.
Default Setting None Command Mode Privileged Exec 7.1.6 show sysinfo This command displays switch brief information and MIBs supported. Syntax show sysinfo Default Setting None Command Mode Privileged Exec Display Message System Description: The text used to identify this switch. System Name: The name used to identify the switch. System Location: The text used to identify the location of the switch. May be up to 31 alpha-numeric characters. The factory default is blank.
Display Message System Description: Text used to identify this switch. System Object ID: The manufacturing ID System Information System Up Time: The time in days, hours and minutes since the last switch reboot. System Name: Name used to identify the switch. System Location: Text used to identify the location of the switch. May be up to 31 alpha-numeric characters. The factory default is blank. System Contact: Text used to identify a contact person for this switch. May be up to 31 alphanumeric characters.
Default Setting None Command Mode Privileged Exec Display Message System Description: Text used to identify the product name of this switch. Machine Type: Specifies the machine model as defined by the Vital Product Data. Machine Model: Specifies the machine model as defined by the Vital Product Data. Serial Number: The unique box serial number for this switch. Label Revision Number: The label revision serial number of this switch is used for manufacturing purposes. Part Number: Manufacturing part number.
Name: Name provided by Power Supply vendor. Model: Model Number provided by Power Supply vendor. Revision Number: Revision Number provided by Power Supply vendor. Manufacturer Location: Location provided by Power Supply vendor. Date of Manufacturing: Date of Manufacturing provided by Power Supply vendor. Serial Numbe: Serial Number provided by Power Supply vendor. Temperature 1:.
Serial Number: The unique box serial number for this switch. Hardware Version: The hardware version of this switch. It is divided into four parts. The first byte is the major version and the second byte represents the minor version. Number of ports:Total number of port for this swirch system. Label Revision Number: The label revision serial number of this switch is used for manufacturing purposes. Part Number: Manufacturing part number.
7.1.12 show command filter This command displays the information that begin/include/exclude the regular expression. Syntax show command [| begin/include/exclude ] Default Setting None Command Mode Privileged Exec Display Message command: Any show command of the CLI begin: Begin with the line that matches include: Include lines that match exclude: Exclude lines that match : Regular Expression 7.2 Device Configuration Commands 7.2.1 Interface 7.2.1.
Source: This port is a monitoring port. PC Mbr: This port is a member of a port-channel (LAG). Dest: This port is a probe port. Admin Mode: Selects the Port control administration state. The port must be enabled in order for it to be allowed into the network. It may be enabled or disabled. The factory default is enabled. Physical Mode: Selects the desired port speed and duplex mode. If auto-negotiation support is selected, then the duplex mode and speed will be set from the auto-negotiation process.
Broadcast Packets Received: The total number of packets received that were directed to the broadcast address. Note that this does not include multicast packets. Packets Transmitted Without Error: The total number of packets transmitted out of the interface. Transmit Packets Errors: The number of outbound packets that could not be transmitted because of errors. Collisions Frames: The best estimate of the total number of collisions on this Ethernet segment.
Total Packets Received (Octets): The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets). This object can be used as a reasonable estimate of Ethernet utilization. If greater precision is desired, the etherStatsPkts and etherStatsOctets objects should be sampled before and after a common interval.
Packets RX and TX 4096-9216 Octets: The total number of packets (including bad packets) received that were between 4096 and 9216 octets in length inclusive (excluding framing bits but including FCS octets). Total Packets Received Without Errors Unicast Packets Received: The number of subnetwork-unicast packets delivered to a higher-layer protocol. Multicast Packets Received: The total number of good packets received that were directed to a multicast address.
Packets Transmitted 1024-1518 Octets: The total number of packets (including bad packets) received that were between 1024 and 1518 octets in length inclusive (excluding framing bits but including FCS octets). Packets Transmitted 1519-1522 Octets: The total number of packets (including bad packets) received that were between 1519 and 1522 octets in length inclusive (excluding framing bits but including FCS octets).
RSTP BPDUs Received: Rapid Spanning Tree Protocol Bridge Protocol Data Units received. MSTP BPDUs Transmitted: Multiple Spanning Tree Protocol Bridge Protocol Data Units sent. MSTP BPDUs Received: Multiple Spanning Tree Protocol Bridge Protocol Data Units received. EAPOL Frames Received: The number of valid EAPOL frames of any type that have been received by this authenticator. EAPOL Frames Transmitted: The number of EAPOL frames of any type that have been transmitted by this authenticator.
Most VLAN Entries Ever Used: The largest number of VLANs that have been active on this switch since the last reboot. Static VLAN Entries: The number of presently active VLAN entries on this switch that have been created statically. Dynamic VLAN Entries: The number of presently active VLAN entries on this switch that have been created by GVRP registration. VLAN Deletes: The number of VLANs on this switch that have been created and then deleted since the last reboot.
Syntax interface - is the desired interface number. Default Setting None Command Mode Global Config 7.2.1.5 speed-duplex This command is used to set the speed and duplex mode for the interface. The 10-Giga interfaces will not provide the following command. Instead, it provides a command to set the speed of 10-Giga port to 1Gbps. Use ‘speed-duplex 1000’ to change the speed of 10-Giga port to 1G speed.
Default Setting None Command Mode Global Config 7.2.1.6 negotiate This command enables automatic negotiation on a port. The default value is enabled. i The 10-Giga interfaces will not provide the following command. Syntax negotiate no negotiate no - This command disables automatic negotiation on a port. Default Setting Enable Command Mode Interface Config This command enables automatic negotiation on all interfaces. The default value is enabled.
7.2.1.7 capabilities This command is used to set the capabilities on specific interface. The 10-Giga interfaces will not provide the following command. i Syntax capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex } no capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex } 10 - 10BASE-T 100 - 100BASE-T 1000 - 1000BASE-T full-duplex - Full duplex half-duplex - Half duplex no - This command removes the advertised capability with using parameter.
Command Mode Global Config 7.2.1.8 storm-control flowcontrol This command enables 802.3x flow control for the switch. i 802.3x flow control only applies to full-duplex mode ports. Syntax storm-control flowcontrol no storm-control flowcontrol no - This command disables 802.3x flow control for the switch. Default Setting Disabled Command Mode Global Config This command enables 802.3x flow control for the specific interface. 802.3x flow control only applies to full-duplex mode ports.
7.2.1.9 storm-control flowcontrol pfc The PFC function is disabled by default. Only after enabling it, the PFC process also starts. Once the feature is enabled, the original basic IEEE 802.3x PAUSE control cannot be enabled. It means these two features cannot be enabled at the same time. 802.3x flow control only applies to full-duplex mode ports. i Syntax storm-control flowcontrol pfc no storm-control flowcontrol pfc no - This command disables Priority Flow Control for the specific interface.
no - This command enables all ports. Default Setting Enabled Command Mode Global Config 7.2.1.11 description This command is used to create an alpha-numeric description of the port. Syntax description no description no - This command removes the description of the port. Default Setting None Command Mode Interface Config 7.2.1.12 mdi The 10-Giga interface will not provide the following command. i This command is used to configure the physical port MDI/MDIX state.
Interface Config 7.2.2 L2 MAC Address and Multicast Forwarding Database Tables 7.2.2.1 show mac-addr-table This command displays the forwarding database entries. If the command is entered with no parameter, the entire table is displayed. This is the same as entering the optional all parameter. Alternatively, the administrator can enter a MAC Address to display the table entry for the requested MAC address and all entries following the requested MAC address.
7.2.2.2 show mac-addr-table count This command displays the total forwarding database entries, the number of static and learnning mac address, and the max address available on the switch. Syntax show mac-addr-table count Default Setting None Command Mode Privileged Exec Display Message Dynamic Address count: The total learning mac addresses on the L2 MAC address Table. Static Address (User-defined) count: The total user-defined addresses on the L2 MAC address Table.
Static: The value of the corresponding instance was added by the system or a user when a static MAC filter was defined. It cannot be relearned. Learned: The value of the corresponding instance was learned by observing the source MAC addresses of incoming traffic, and is currently in use. Management: The value of the corresponding instance (system MAC address) is also the value of an existing instance of dot1dStaticAddress.
GMRP Learned: The value of the corresponding instance was learned via GMRP and applies to Multicast. Other: The value of the corresponding instance does not fall into one of the other categories. 7.2.2.5 show mac-address-table gmrp This command displays the GARP Multicast Registration Protocol (GMRP) entries in the Multicast Forwarding Database (MFDB) table.
Type: This displays the type of the entry. Static entries are those that are configured by the end user. Dynamic entries are added to the table as a result of a learning process or protocol. Description: The text description of this multicast table entry. Interfaces: The list of interfaces that are designated for forwarding (Fwd:) and filtering (Flt:). 7.2.2.7 show mac-address-table multicast This command displays the MFDB information.
Syntax show mac-address-table stats Default Setting None Command Mode Privileged Exec Display Message Max MFDB Table Entries: This displays the total number of entries that can possibly be in the MFDB. Most MFDB Entries Since Last Reset: This displays the largest number of entries that have been present in the Multicast Forwarding Database table. This value is also known as the MFDB high-water mark. Current Entries: This displays the current number of entries in the Multicast Forwarding Database table. 7.
300 Command Mode Global Config 7.2.3 VLAN Management 7.2.3.1 show vlan This command displays brief information on a list of all configured VLANs. Syntax show vlan Default Setting None Command Mode Privileged Exec Display Message VLAN ID: There is a VLAN Identifier (vlanid) associated with each VLAN. The range of the VLAN ID is 1 to 3965. VLAN Name: A string associated with this VLAN as a convenience. It can be up to 16 alphanumeric characters, including blanks. The default is blank.
Display Message VLAN ID: There is a VLAN Identifier (VID) associated with each VLAN. The range of the VLAN ID is 1 to 3965. VLAN Name: A string associated with this VLAN as a convenience. It can be up to 16 alphanumeric characters, including blanks. The default is blank. VLAN ID 1 is always named `Default`. This field is optional.
Privileged Exec Display Message MAC Address: A unicast MAC address for which the switch has forwarding and/or filtering information. The format is 6 or 8 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB. In an IVL system the MAC address will be displayed as 8 bytes. In an SVL system, the MAC address will be displayed as 6 bytes. Note: This software version only supports IVL systems. VLAN ID: There is a VLAN Identifier (VID) associated with each VLAN.
Default Setting None Command Mode Privileged Exec Display Message Group Name: This field displays the group name of an entry in the Protocol-based VLAN table. Group ID: This field displays the group identifier of the protocol group. Protocol(s): This field indicates the type of protocol(s) for this group. VLAN: This field indicates the VLAN associated with this Protocol Group. Interface(s): This field lists the slot/port interface(s) that are associated with this Protocol Group. 7.2.3.
7.2.3.7 vlan database This command is used to enter VLAN Interface configuration mode Syntax vlan database Default Setting None Command Mode Global Config 7.2.3.8 vlan This command creates a new VLAN and assigns it an ID. The ID is a valid VLAN identification number (ID 1 is reserved for the default VLAN). VLAN range is 2-3965.
no - This command sets the name of a VLAN to a blank string. The VLAN ID is a valid VLAN identification number. ID range is 1-3965. Default Setting The name for VLAN ID 1 is always Default. The name for other VLANs is defaulted to a blank string. Command Mode VLAN database 7.2.3.10 vlan association mac This command associates a MAC address to a VLAN.
7.2.3.12 vlan makestatic This command changes a dynamically created VLAN (one that is created by GVRP registration) to a static VLAN (one that is permanently configured and defined). The ID is a valid VLAN identification number. VLAN range is 2-3965. Syntax vlan makestatic - VLAN ID (Range: 2 –3965). Default Setting None Command Mode VLAN database 7.2.3.13 protocol group This command attaches a to the protocol-based VLAN identified by .
frames received on this interface are accepted and assigned the value of the interface VLAN ID for this port. With either option, VLAN tagged frames are forwarded in accordance with the IEEE 802.1Q VLAN Specification. Syntax switchport acceptable-frame-type {tagged | all} no switchport acceptable-frame-type {tagged | all} tagged - VLAN only mode. all - Admit all mode. no - This command sets the frame acceptance mode per interface to Admit All.
7.2.3.15 switchport ingress-filtering This command enables ingress filtering. If ingress filtering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN. Syntax switchport ingress-filtering no switchport ingress-filtering no - This command disables ingress filtering.
7.2.3.16 switchport native vlan This command changes the VLAN ID per interface. Syntax switchport native vlan no switchport native vlan - VLAN ID (Range: 1 –3965). no - This command sets the VLAN ID per interface to 1. Default Setting 1 Command Mode Interface Config This command changes the VLAN ID for all interfaces. Syntax switchport native vlan all - VLAN ID (Range: 1 –3965). all - All interfaces.
- VLAN ID (Range: 1 –3965) – separate non-consecutive IDs with ',' and no spaces and no zeros in between the range; Use '-' for range. add - The interface is always a member of this VLAN. This is equivalent to registration fixed. tagged - All frames transmitted for this VLAN will be tagged. untagged - All frames transmitted for this VLAN will be untagged. remove - The interface is removed from the member of this VLAN. This is equivalent to registration forbidden.
Syntax switchport tagging no switchport tagging - VLAN ID (Range: 1 –3965) – separate non-consecutive IDs with ',' and no spaces and no zeros in between the range; Use '-' for range. no - This command configures the tagging behavior for a specific interface in a VLAN to disabled. If tagging is disabled, traffic is transmitted as untagged frames. The ID is a valid VLAN identification number.
switchport forbidden vlan {add | remove} no switchport forbidden - VLAN ID (Range: 1 –3965) – separate non-consecutive IDs with ',' and no spaces and no zeros in between the range; Use '-' for range. add - VLAND ID to add. remove - VLAND ID to remove. no - Remove the list of forbidden VLANs. Default Setting None Command Mode Interface Config 7.2.3.20 switchport priority This command configures the default 802.1p port priority assigned for untagged packets for a specific interface.
Default Setting 0 Command Mode Global Config 7.2.3.21 switchport protocol group This command adds the physical interface to the protocol-based VLAN identified by . A group may have more than one interface associated with it. Each interface and protocol combination can only be associated with one group. If adding an interface to a group causes any conflicts with protocols currently associated with the group, this command will fail, and the interface(s) will not be added to the group.
Global Config This command adds all physical interfaces to the protocol-based VLAN identified by . A group may have more than one interface associated with it. Each interface and protocol combination can only be associated with one group. If adding an interface to a group causes any conflicts with protocols currently associated with the group, this command will fail, and the interface(s) will not be added to the group.
None Command Mode Global Config 7.2.4 Double VLAN commands 7.2.4.1 show dvlan-tunnel/ dot1q-tunnel This command is used without the optional parameters to display all interfaces enabled for Double VLAN Tunneling. Use the optional parameters to display detailed information about Double VLAN Tunneling for the specified interface or all interfaces.
Default Setting Vman Command Mode Interface Config 7.2.4.3 switchport dvlan-tunnel/ dot1q-tunnel This command is used to enable Double VLAN Tunneling on the specified interface. Syntax switchport {dvlan-tunnel|dot1q-tunnel} no switchport {dvlan-tunnel|dot1q-tunnel} Default Setting Disable Command Mode Interface Config 7.2.5 GVRP and Bridge Extension 7.2.5.1 show bridge-ext This command displays Generic Attributes Registration Protocol (GARP) information.
GVRP Admin Mode: This displays the administrative mode of GARP VLAN Registration Protocol (GVRP) for the system. 7.2.5.2 show gvrp configuration This command displays Generic Attributes Registration Protocol (GARP) information for one or all interfaces. Syntax show gvrp configuration { | all} - An interface number. all - All interfaces.
7.2.5.3 show gmrp configuration This command displays Generic Attributes Registration Protocol (GARP) information for one or All interfaces. Syntax show gmrp configuration { | all} - An interface number. all - All interfaces. Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: This displays the slot/port of the interface that this row in the table describes.
Syntax show garp configuration { | all} - An interface number. all - All interfaces. Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: This displays the slot/port of the interface that this row in the table describes. GVRP Mode: Indicates the GVRP administrative mode for the port. It may be enabled or disabled. If this parameter is disabled, Join Time, Leave Time, and Leave All Time have no effect. The factory default is disabled.
7.2.5.6 bridge-ext gmrp This command enables GARP Multicast Registration Protocol (GMRP) on the system. The default value is disabled. Syntax bridge-ext gmrp no bridge-ext gmrp no - This command disables GARP Multicast Registration Protocol (GMRP) on the system. Default Setting Disabled Command Mode Global Config 7.2.5.7 switchport gvrp This command enables GVRP (GARP VLAN Registration Protocol) for a specific port.
all - All interfaces. no - This command disables GVRP (GARP VLAN Registration Protocol) for all ports. If GVRP is disabled, Join Time, Leave Time, and Leave All Time have no effect. Default Setting Disabled Command Mode Global Config 7.2.5.8 switchport gmrp This command enables GMRP Multicast Registration Protocol on a selected interface.
all - All interfaces. no - This command disables GMRP Multicast Registration Protocol on a selected interface. Default Setting Disabled Command Mode Global Config 7.2.5.9 garp timer This command sets the GVRP join time per port and per GARP. Join time is the interval between the transmission of GARP Protocol Data Units (PDUs) registering (or re-registering) membership for a VLAN or multicast group. This command has an effect only when GVRP and GMRP are enabled.
garp timer join all < 10-100 > no garp timer join all <10-100> - join time (Range: 10 – 100) in centiseconds. all - All interfaces. no - This command sets the GVRP join time for all ports and per GARP to 20 centiseconds (0.2 seconds). This command has an effect only when GVRP and GMRP are enabled. Default Setting 20 centiseconds (0.
This command sets the GVRP leave time per port. Leave time is the time to wait after receiving an unregister request for a VLAN or a multicast group before deleting the VLAN entry. This can be considered a buffer time for another station to assert registration for the same attribute in order to maintain uninterrupted service. The time is from 20 to 600 (centiseconds). This command has an effect only when GVRP and GMRP are enabled.
Global Config This command sets how frequently Leave All PDUs are generated per port. A Leave All PDU indicates that all registrations will be unregistered. Participants would need to rejoin in order to maintain registration. The value applies per port and per GARP participation. The time may range from 200 to 6000 (centiseconds). This command has an effect only when GVRP and GMRP are enabled.
Default Setting 1000 centiseconds (10 seconds) Command Mode Global Config 7.2.6 IGMP Snooping 7.2.6.1 ip igmp snooping The user can go to the CLI Global Configuration Mode to set IGMP Snooping on the system, use the ip igmp snooping global configuration command. Use the no ip igmp snooping to disable IGMP Snooping on the system. Syntax ip igmp snooping no ip igmp snooping Default Setting Disabled Command Mode Global Config 7.2.6.
7.2.6.3 ip igmp snooping fast-leave The user can go to the CLI Global/Interface Configuration Mode to set IGMP Snooping fast-leave admin mode on a selected interface or all interfaces, use the ip igmpsnooping fast-leave global/interface configuration command. Use the no ip igmp snooping fast-leave disable IGMP Snooping fast-leave admin mode. Syntax ip igmp snooping fast-leave no ip igmp snooping fast-leave Default Setting Disabled Command Mode Global Config Interface Config 7.2.6.
7.2.6.5 ip igmp snooping max-response-time The user can go to the CLI Interface Global/Interface Configuration Mode to set the IGMP Maximum Response time for the system, on a particular interface, use the ip igmp snooping max-response-time <1-25> global/interface configuration command.
7.2.6.7 ip igmp snooping mrouter interface The user can go to the CLI Interface Configuration Mode to configure the interface as a multicast router-attached interface or configure the VLAN ID for the VLAN that has the multicast router attached mode enabled, use the ip igmp snooping mrouter interface| interface configuration command. Use the no ip igmp snooping mrouter interface| disable multicast router attached mode for the interface or a VLAN.
Syntax set igmp fast-leave no set igmp fast-leave - VLAN ID (Range: 1 – 3965). Default Setting Disabled Command Mode VLAN Mode 7.2.6.10 set igmp groupmembership-interval The user can go to the CLI VLAN Configuration Mode to set the IGMP Group Membership Interval time on a particular VLAN, use the set igmpgroupmembership-interval <2-3600> vlan configuration command. Use the no set igmp groupmembership-interval return to default value 260.
< vlanid > - VLAN ID (Range: 1 – 3965). <1-25> -- This value must be less than the IGMP Query Interval time value. The range is 1 to 25 seconds. Default Setting 10 Command Mode VLAN Mode 7.2.6.12 set igmp mcrtrexpiretime The user can go to the CLI Interface VLAN Configuration Mode to set the Multicast Router Present Expiration time on a particular VLAN, use the set igmp mcrtrexpiretime <0-3600> vlan configuration command. Use the no set igmp mcrtrexpiretime to return to default value 0.
- Interface number. Default Setting None Command Mode Global Config 7.2.6.14 show ip igmp snooping The user can go to the CLI Privilege Exec to get all of igmp snooping information, use the show ip igmp snooping Privilege command. Syntax show ip igmp snooping Default Setting None Command Mode Privilege Exec Display Message When the optional arguments or are not used, the command displays the following information.
When you specify a value for , the following information appears. VLAN ID: VLAN Id IGMP Snooping Admin Mode: Indicates whether IGMP Snooping is active on the VLAN. Fast Leave Mode: Indicates whether IGMP Snooping Fast Leave is active on the VLAN. Group Membership Interval: Shows the amount of time in seconds that a switch will wait for a report from a particular group on a particular interface, which is participating in the VLAN, before deleting the interface from the entry.
- Interface number. Default Setting None Command Mode Privilege Exec Display Message VLAN ID: Displays the list of VLANs of which the interface is a member. Slot/Port: Shows the interface on which multicast router information is being displayed. 7.2.6.17 show ip igmp snooping static The user can go to the Privilege Exec to display IGMP snooping static information, use the show ip igmp snooping static Privilege command.
Default Setting None Command Mode Privilege Exec Display Message MAC Address: A multicast MAC address for which the switch has forwarding or filtering information. The format is twodigit hexadecimal numbers that are separated by colons, for example 01:00:5e:67:89:AB. Type: The type of entry, which is either static (added by the user) or dynamic (added to the table as a result of a learning process or protocol.) Description: The text description of this multicast table entry.
Default Setting 0.0.0.0 Command Mode Global Config 7.2.7.3 ip igmp snooping querier query-interval The user can go to the CLI Global Configuration Mode to set IGMP snooping querier query interval, use the ip igmp snooping querier query-interval <1-1800> global configuration command. Use the no ip igmp snooping querier query-interval return to default value zero.
7.2.7.5 ip igmp snooping querier version The user can go to the CLI Global Configuration Mode to set IGMP snooping querier version, use the ip igmp snooping querier version <1-2> global configuration command. Use the no ip igmp snooping querier version return to default value zero. Syntax ip igmp snooping querier version <1-2> no ip igmp snooping querier version <1-2> - set IGMP version of the querier Default Setting 1 Command Mode Global Config 7.2.7.
7.2.7.7 ip igmp snooping querier vlan address The user can go to the CLI Global Configuration Mode to set IGMP snooping querier vlan address, use the ip igmp snooping querier vlan <1-3965> address global configuration command. Use the no ip igmp snooping querier vlan <1-3965> address return to default value zero. Syntax ip igmp snooping querier vlan <1-3965> address no ip igmp snooping querier vlan <1-3965> address - VLAN ID (Range: 1 - 3965).
Syntax show ip igmp snooping querier Command Mode Privilege Exec Display Information IGMP Snooping Querier Mode: Administrative mode for IGMP Snooping. The default is disable. Querier Address: Specify the Snooping Querier Address to be used as source address in periodic IGMP queries. This address is used when no address is configured on the VLAN on which query is being sent. IGMP Version: Specify the IGMP protocol version used in periodic IGMP queries.
Operational Version: Displays the operational IGMP protocol version of the querier. 7.2.7.11 show ip igmp snooping querier detail This command display all of IGMP snooping querier information on the system. Syntax show ip igmp snooping querier detail Command Mode Privilege Exec Display Information IGMP Snooping Querier Mode: Administrative mode for IGMP Snooping. The default is disable. Querier Address: Specify the Snooping Querier Address to be used as source address in periodic IGMP queries.
User Exec Display Message When the optional arguments or are not used, the command displays the following information. Admin Mode: Indicates whether or not MLD Snooping is active on the switch. Interfaces Enabled for MLD Snooping: Interfaces on which MLD Snooping is enabled. Multicast Control Frame Count: Displays the number of MLD Control frames that are processed by the CPU. VLANs Enabled for MLD Snooping: VLANs on which MLD Snooping is enabled.
show ipv6 mld snooping mrouter interface Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: Shows the interface on which multicast router information is being displayed. Multicast Router Attached: Indicates whether multicast router is statically enabled on the interface. VLAN ID: Displays the list of VLANs of which the interface is a member. 7.2.8.
Syntax show ipv6 mld snooping static Default Setting None Command Mode Privilege Exec User Exec Display Message VLAN: The VLAN ID used with the MAC address to fully identify packets you want L2Mcast Group. MAC Address: The MAC address of the L2Mcast Group in the format 33:33:xx:xx:xx:xx. Port: List the ports you want included into L2Mcast Group. State: The active interface number belongs to this Multicast Group. 7.2.8.
7.2.8.6 ipv6 mld snooping The user can go to the CLI Global Configuration Mode to set MLD Snooping on the system , use the ipv6 mld snooping global configuration command. Use the no ipv6 mld snooping to disable MLD Snooping on the system. Syntax Ipv6 mld snooping no ipv6 mld snooping Default Setting Disabled Command Mode Global Config 7.2.8.
Disabled Command Mode Global Config Interface Config 7.2.8.9 ipv6 mld snooping fast-leave The user can go to the CLI Global/Interface Configuration Mode to set MLD Snooping fast-leave admin mode on a selected interface or all interfaces, use the ipv6 mld snooping fast-leave global/interface configuration command. Use the no ipv6 mld snooping fast-leave disable MLD Snooping fast-leave admin mode.
7.2.8.11 ipv6 mld snooping max-response-time The user can go to the CLI Interface Global/Interface Configuration Mode to set the MLD Maximum Response time for the system, on a particular interface, use the ipv6 mld snooping max-response-time <1-65> global/interface configuration command. Use the no ipv6 mld snooping max-response-time return to default value 10.
Syntax Ipv6 mld snooping mrouter interface interface| no ipv6 mld snooping mrouter interface| Default Setting None Command Mode Interface Config 7.2.8.14 ipv6 mld snooping static The user can go to the Global Mode and add a port to ipv6 multicast group, use the ipv6 mld snooping static Global command.
7.2.8.16 set mld fast-leave The user can go to the CLI VLAN Configuration Mode to set MLD Snooping fast-leave admin mode on a particular VLAN, use the set mld fast-leave vlan configuration command. Use the no set mld fast-leave disable MLD Snooping fast-leave admin mode. Syntax set mld fast-leave no set mld fast-leave Default Setting Disabled Command Mode VLAN Mode 7.2.8.
10 Command Mode VLAN Mode 7.2.8.19 set ipv6 mld mcrtrexpiretime The user can go to the CLI Interface VLAN Configuration Mode to set the Multicast Router Present Expiration time on a particular VLAN, use the set mld mcrtrexpiretime <0-3600> vlan configuration command. Use the no set mld mcrtrexpiretime to return to default value 0. Syntax set mld mcrtrexpiretime <0-3600> no set mld mcrtrexpiretime Default Setting 0 Command Mode VLAN Mode 7.2.9 MLD Snooping Querier 7.
MLD Version: Specify the MLD protocol version used in periodic MLD queries. Querier Query Interval: Specify the time interval in seconds between periodic queries sent by the snooping querier. The Query Interval must be a value in the range of 1 and 1800. The default value is 60. Querier Expiry Interval: Specify the time interval in seconds after which the last querier information is removed. The Querier Expiry Interval must be a value in the range of 60 and 300. The default value is 60. 7.2.9.
Syntax show ipv6 mld snooping querier detail Default Setting None Command Mode Privileged Exec User Exec Display Message MLD Snooping Querier Mode: Administrative mode for MLD Snooping. The default is disable Querier Address: Specify the Snooping Querier Address to be used as source address in periodic MLD queries. This address is used when no address is configured on the VLAN on which query is being sent. MLD Version: Specify the MLD protocol version used in periodic IGMP queries.
7.2.9.5 ipv6 mld snooping querier address The user can go to the CLI Global Configuration Mode to set MLD snooping querier address, use the ipv6 mld snooping querier address global configuration command. Use the ipv6 mld snooping querier address return to default value zero. Syntax ipv6 mld snooping querier address no ipv6 mld snooping querier address Default Setting 0 Command Mode Global Config 7.2.9.
Command Mode Global Config 7.2.9.8 ipv6 mld snooping querier vlan The user can go to the CLI Global Configuration Mode to set MLD snooping querier vlan admin mode, use the ipv6 mld snooping querier vlan <1-3965> global configuration command. Use the no ipv6 mld snooping querier vlan <1-3965> return to disable. Syntax ipv6 mld snooping querier vlan <1-3965> no ipv6 mld snooping querier vlan <1-3965> Default Setting Disabled Command Mode Global Config 7.2.9.
Syntax ipv6 mld snooping querier vlan election participate <1-3965> no ipv6 mld snooping querier vlan election participate <1-3965> Default Setting Disabled Command Mode Global Config 7.2.10 Port Channel 7.2.10.1 show port-channel This command displays the static capability of all port-channels (LAGs) on the device as well as a summary of individual port-channels.
Syntax show port-channel - The port-channel interface number. Default Setting None Command Mode Privileged Exec Display Message Log. Intf: The logical slot and the logical port. Channel Name: The name of this port-channel (LAG). You may enter any string of up to 15 alphanumeric characters. Link State: Indicates whether the Link is up or down. Admin Mode: May be enabled or disabled. The factory default is enabled.
Channel Name: The name of this port-channel (LAG). You may enter any string of up to 15 alphanumeric characters. Link: Indicates whether the Link is up or down. Admin Mode: May be enabled or disabled. The factory default is enabled. Type: This field displays the status designating whether a particular port-channel (LAG) is statically or dynamically maintained.
7.2.10.3 port-channel adminmode all This command sets every configured port-channel with the same administrative mode setting. Syntax port-channel adminmode all no port-channel adminmode all no - This command disables a port-channel (LAG). The option all sets every configured port-channel with the same administrative mode setting. Default Setting Enabled Command Mode Global Config 7.2.10.
- The port-channel interface number. all - all port-channel interfaces. no - This command disables link trap notifications for the port-channel (LAG). The interface is a logical slot and port for a configured port-channel. The option all sets every configured port-channel with the same administrative mode setting. Default Setting Enabled Command Mode Global Config 7.2.10.6 port-channel load-balance This command for CLI will configured the mode of load balance on the all Port Channels.
Syntax load-balance { src-mac| dst-mac | dst-src-mac | src-ip | dst-ip| dst-src-ip } no load-balance src-mac - Sets the mode on the source MAC address. dst-mac - Sets the mode on the destination MAC address. dst-src-mac - Sets the mode on the source and destination MAC addresses. src-ip - Sets the mode on the source IP address. dst-ip - Sets the mode on the destination IP address. dst-src-ip - Sets the mode on the source and destination IP addresses. no - Restore the mode to be default value.
7.2.10.8 port-channel system priority This command defines a system priority for the port-channel (LAG). Syntax port-channel system priority - valid value 0-65535. Default Setting 32768 Command Mode Global Config 7.2.10.9 adminmode This command enables a port-channel (LAG) members. The interface is a logical slot and port for a configured port-channel. Syntax adminmode no adminmode no - This command disables a configured port-channel (LAG).
no - This command disables Link Aggregation Control Protocol (LACP) on a port. Default Setting Enabled Command Mode Interface Config This command enables Link Aggregation Control Protocol (LACP) on all ports. Syntax lacp all no lacp all all - All interfaces. no - This command disables Link Aggregation Control Protocol (LACP) on all ports. Default Setting Enabled Command Mode Global Config 7.2.10.
This command set admin state value of Link Aggregation Control Protocol (LACP) on a port. Syntax lacp admin state no lacp admin state individual - Set lacp admin state to individual. Use no form to set to aggregation. longtimeout - Set lacp admin state longtimeout. Use no form to set to shorttimeout. passive - Set lacp admin state passive. Use no form to set to active.
Syntax lacp system priority no lacp system priority – range 0-65535. no - This command restores system priority value of Link Aggregation Control Protocol (LACP). Default Setting 32768 Command Mode Interface Config This command set collector max-delay time of Link Aggregation Control Protocol (LACP) on a port-channel.
Syntax channel-group - Port-Channel Interface number. Default Setting None Command Mode Interface Config Command Usage The maximum number of members for each Port-Channel is 8. 7.2.10.13 delete-channel-group This command deletes the port from the port-channel (LAG). The interface is a logical slot and port number of a configured port-channel. Syntax delete-channel-group - Port-Channel Interface number.
Default Setting None Command Mode Global Config 7.2.11 Storm Control 7.2.11.1 show storm-control This command is used to display broadcast storm control information. Syntax show storm-control broadcast Default Setting None Command Mode Privileged Exec Display Message Intf: Displays interface number. Mode: Displays status of storm control broadcast. Level: Displays level for storm control broadcast. Rate: Displays rate for storm control broadcast.
Intf: Displays interface number. Mode: Displays status of storm control multicast. Level: Displays level for storm control multicast Rate: Displays rate for storm control multicast. This command is used to display unicast storm control information Syntax show storm-control unicast Default Setting None Command Mode Privileged Exec Display Message Intf: Displays interface number. Mode: Displays status of storm control unicast.
Default Setting Disabled Command Mode Interface Config This command enables broadcast storm recovery mode on all interfaces. Syntax storm-control broadcast no storm-control broadcast no - This command disables broadcast storm recovery mode on all interfaces. Default Setting Disabled Command Mode GlobaI Config 7.2.11.3 storm-control multicast This command enables multicast storm recovery mode on the selected interface.
storm-control multicast no storm-control multicast no - This command disables multicast storm recovery mode on all interfaces. Default Setting None Command Mode Global Config 7.2.11.4 storm-control unicast This command enables unicast storm recovery mode on the selected interface. Syntax storm-control unicast no storm-control unicast no - This command disables unicast storm recovery mode on the selected interface.
Global Config 7.2.11.5 switchport broadcast packet-rate This command will protect your network from broadcast storms by setting a threshold level for broadcast traffic on each port. Syntax switchport broadcast packet-rate {1 | 2 | 3 | 4} 1 - Threshold level represents 64 pps for 1G Port or 1042 pps for 10G port. 2 - Threshold level represents 128 pps for 1G Port or 2084 pps for 10G port. 3 - Threshold level represents 256 pps for 1G Port or 3124 pps for 10G port.
Command Mode Global Config 7.2.11.6 switchport multicast packet-rate This command will protect your network from multicast storms by setting a threshold level for multicast traffic on each port. Syntax switchport multicast packet-rate {1 | 2 | 3 | 4} 1 - Threshold level represents 64 pps for 1G Port or 1042 pps for 10G port. 2 - Threshold level represents 128 pps for 1G Port or 2084 pps for 10G port. 3 - Threshold level represents 256 pps for 1G Port or 3124 pps for 10G port.
Level 4 Command Mode Global Config 7.2.11.7 switchport unicast packet-rate This command will protect your network from unicast storms by setting a threshold level for unicast traffic on each port. Syntax switchport unicast packet-rate {1 | 2 | 3 | 4} 1 - Threshold level represents 64 pps for 1G Port or 1042 pps for 10G port. 2 - Threshold level represents 128 pps for 1G Port or 2084 pps for 10G port. 3 - Threshold level represents 256 pps for 1G Port or 3124 pps for 10G port.
Default Setting Level 4 Command Mode Global Config 7.2.12 L2 Priority 7.2.12.1 show queue cos-map This command displays the class of service priority map on specific interface. Syntax show queue cos-map [] - Interface number. Default Setting None Command Mode Privileged Exec Display Message User Priority: Displays the 802.1p priority to be mapped. Traffic Class: Displays internal traffic class to map the corresponding 802.1p priority. 7.2.12.
priority queue 0 1 1 0 2 0 3 1 4 2 5 2 6 3 7 3 Command Mode Interface Config 7.2.13 Port Mirror 7.2.13.1 show port-monitor session This command displays the Port monitoring information for the specified session. Syntax show port-monitor session - session number. Default Setting None Command Mode Privileged Exec Display Message Session ID: indicates the session ID. Admin Mode: indicates whether the Port Monitoring feature is enabled or disabled.
7.2.13.2 port-monitor session This command configures a probe port and a monitored port for monitor session (port monitoring). Use the source interface parameter to specify the interface to monitor. Use rx to monitor only ingress packets, or use tx to monitor only egress packets. If you do not specify an {rx | tx} option, the destination port monitors both ingress and egress packets. Use the destination interface to specify the interface to receive the monitored traffic.
port-monitor session mode no port-monitor session mode - Session ID. no - This command disables port-monitoring function for a monitor session. Default Setting None Command Mode Global Config 7.2.14 Link State 7.2.14.1 show link state Show link state information. Syntax show link state Command Mode Global Config Display Message Admin Mode: the link state admin mode. Group ID: The group ID for each displayed row. Mode: This group was set which mode.
Syntax link state [group | [enable <1-6>]] no link state [group <1-6> | [enable <1-6>]] no - This command disables link state function. Command Mode Global Config 7.2.14.3 link state group Set upstream port or downstream port for a link state group. Use ‘link state group upstream’ to set the port to be monitored. Syntax link state group <1-6> {downstream | upstream} no link state group <1-6> {downstream | upstream} no - This command disables link state group function.
Mode: Indicates whether or not the group is active. MAC Update: Indicates whether or not mac-move-update is enable on the group. Active Port: Display the active port number. Backup Port: Display the active port number. Current Active Port: Display the current active port number. 7.2.15.2 port-backup Enable/Disable the port backup admin mode. Use ‘port-backup’ to enable the admin mode of function, and use no command to disable the function. Create/Destroy the port backup group.
7.2.16 FIP Snooping 7.2.16.1 show fip-snooping This command displays fip-snooping whether enable or disable. Syntax show fip-snooping Default Setting None Command Mode Privileged Exec Display Message FIP Snooping: fip-snooping function status. 7.2.16.2 show fip-snooping enode This command displays the ENode connections for the entire system.
7.2.16.3 show fip-snooping session This command displays all FIP snooping sessions for the entire system. Syntax show fip-snooping session Default Setting None Command Mode Privileged Exec Display Message FCF MAC: MAC address of the FCF.. ENode MAC: MAC address of the ENode. FCoE MAC: FCoE MAC address that is used to send the FCoE packets FCF Interface: The interface to which the FCF is connected ENode Interface: The interface to which the ENode is connected 7.2.16.
7.2.16.5 show fip-snooping vlan This command displays FIP snooping whether enable or disable on specific VLAN. Syntax show fip-snooping vlan {< 1-3965> | all} <1 - 3965> - VLAN ID. all - This command represents all interfaces. Default Setting None Command Mode Privileged Exec Display Message Vlan ID: fip-snooping function status on the specific VLAN. 7.2.16.6 fip-snooping The FIP snooping function is disabled by default.
7.2.16.7 fip-snooping vlan This command enables FIP snooping on a VLAN. VLAN must be configured before it can be used. Once VLAN is enabled, the FIP packets will be snooped only on the configured VLANs. FIP snooping is disabled on VLANs by default. Syntax fip-snooping vlan no fip-snooping vlan <1 - 3965> - VLAN ID. no - This command disable snooping on a specific VLAN. Default Setting Disabled Command Mode Global Config 7.2.17 Enhanced Transmission Selection (ETS) 7.2.17.
7.2.17.2 show queue ets scheduler-type This command displays ETS function on specific interface for the entire system. Syntax show queue ets scheduler-type - Interface number. Default Setting None Command Mode Privileged Exec Display Message Interface: Name of the interface to which the ETS is enabled. Scheduler-type: ETS scheduler type. 7.2.17.3 show queue ets weight This command displays ETS function on specific interface for the entire system.
show queue ets pg-mapping Default Setting None Command Mode Privileged Exec Display Message Interface: Name of the interface to which the ETS is enabled. pg-mapping: ETS priority to priority group mapping list. 7.2.17.5 queue ets The ETS function is disabled by default. Only after enabling it, the ETS process also starts. Syntax queue ets no queue ets no - This command disables ETS function. Default Setting Disabled Command Mode Interface Config 7.2.17.
WERR - Set ETS scheduler type to WERR no - This command restores the scheduler type to WERR. Default Setting werr Command Mode Interface Config 7.2.17.7 queue ets weight This command configures the weight ratio of the two priority groups (LAN and SAN) for an interface. The sum of these two weight values should meet 100 in percentage. The default weights are 50 to 50. Syntax queue ets weight <1-99> <1-99> no queue ets weight <1 - 99> - weight values.
<0 - 7> - Priority Id from 0 to 7. lan - Sets ETS Priority Id to LAN priority group san - Sets ETS Priority Id to SAN priority group ipc - Sets ETS Priority Id to IPC priority group no - This command restores the priority to priority group mapping list to default value. Default Setting Priority id 0 to 2 in LAN, 3 to 6 in SAN and 7 in IPC Command Mode Interface Config 7.2.18 Congestion Notification 7.2.18.1 show congestion-notify This command displays CN function global parameter on system.
outer CFI: Displays Outer Packet CFI for Congestion Notification Message inner CFI: Displays Inner Packet CFI for Congestion Notification Message inner Dot1p: Displays Inner Packet Priority for Congestion Notification Message no-generate: Generate CNM or not. 7.2.18.2 show congestion-notify interface This command displays CN function global parameter on system. Syntax show congestion-notify interface { | all} - Interface number. all - This command represents all interfaces.
Disabled Command Mode Interface Config 7.2.18.4 congestion-notify tag The user can go to the CLI Global Configuration Mode to configure the CNTAG Ether Type is recognized by parsing stages. Use the ‘congestion-notify tag ethertype recognize’ global configuration command. Use the ‘no congestion-notify tag ethertype recognize’ to configure CNTAG Ether Type is unrecognized.
7.2.18.5 congestion-notify enable The user can go to the CLI Global Configuration Mode to enable handling congestion notification message. Use the ‘congestion-notify enable’ global configuration command. Use the ‘no congestion-notify enable’ to disable handling congestion notification message. Syntax congestion-notify enable no congestion-notify enable no - This command disables handling congestion notification message. Default Setting Disabled Command Mode Global Config 7.2.18.
Syntax congestion-notify CPID devid < 0-16777215 > no congestion-notify CPID devid <0-16777215> - This command sets the Device ID of CPID no - This command configure device identifier to default value. Default Setting 0 Command Mode Global Config The user can go to the CLI Global Configuration Mode to configure the LSB field of CPID of CNM payload. Use the ‘congestion-notify CPID LSB Q_No’ global configuration command to set the CPID mode to use queue number of sampled packet.
no congestion-notify outer { CFI | Dot1p | TPID| vlan} <-1-1> - This command sets value of CNM's outer VLAN tag's CFI bits. <-1-7> - This command sets value of CNM's outer VLAN tag's 802.1p bits. <0-65535> - This command sets value of CNM's outer VLAN tag's TPID. <0-4095> - This command sets the CNM's outer VLAN ID. no - This command restored default value. Default Setting Command Mode Global Config 7.2.18.
Syntax congestion-notify no-generate no congestion-notify no-generate no - This command uses to keep generate CNM. Default Setting keep generate CNM. Command Mode Global Config 7.3 Management Commands 7.3.1 Network Commands 7.3.1.1 show ip interface This command displays configuration settings associated with the switch's network interface. The network interface is the logical interface used for in-band connectivity with the switch via any of the switch's front panel ports.
Network Configuration Protocol Current: Indicates which network protocol is being used. The options are bootp | dhcp | none. DHCP Client Identifier TEXT: DCHP client identifier in TEXT mode for this switch. DHCP Client Identifier HEX: DHCP client identifier in HEX address for this switch. Management VLAN ID: Specifies the management VLAN ID. Web Mode: Specifies whether the switch may be accessed from a Web browser. The factory default is enabled. Web Port: This field is used to set the HTTP Port Number.
no - This command sets the default maximum transmission unit (MTU) size (in bytes) for the interface. Default Setting 1518 Command Mode Interface Config 7.3.1.4 interface vlan This command is used to enter Interface-vlan configuration mode. Syntax interface vlan - VLAN ID (Range: 1 - 3965). Default Setting None Command Mode Global Config 7.3.1.5 ip address This command sets the IP Address, and subnet mask. The IP Address and the gateway must be on the same subnet.
Command Mode Interface-Vlan Config Command Usage Once the IP address is set, the VLAN ID’s value will be assigned to management VLAN. 7.3.1.6 ip default-gateway This command sets the IP Address of the default gateway. Syntax ip default-gateway no ip default-gateway < gateway > - IP address of the default gateway no - Restore the default IP address of the default gateway Default Setting IP address: 0.0.0.0 Command Mode Global Config 7.3.1.
7.3.1.8 ip filter This command is used to enable the IP filter function. Syntax ip filter no ip filter no – Disable ip filter. Default Setting Disabled Command Mode Global Config This command is used to set an IP address to be a filter. Syntax ip filter no ip filter - Configure a IP address to the filter. no - Remove this IP address from filter. Default Setting None Command Mode Global Config 7.3.2 Serial Interface Commands 7.3.2.
Syntax show line console Default Setting None Command Mode Privileged Exec Display Message Serial Port Login Timeout (minutes): Specifies the time, in minutes, of inactivity on a Serial port connection, after which the Switch will close the connection. Any numeric value between 0 and 160 is allowed, the factory default is 5. A value of 0 disables the timeout. Baud Rate: The default baud rate at which the serial port will try to connect.
7.3.2.3 baudrate This command specifies the communication rate of the terminal interface. The supported rates are 1200, 2400, 4800, 9600, 19200, 38400, 57600, 115200. Syntax baudrate {1200 | 2400 | 4800 | 9600 | 19200 | 38400 | 57600 | 115200} no baudrate no - This command sets the communication rate of the terminal interface to 115200. Default Setting 115200 Command Mode Line Config 7.3.2.4 exec-timeout This command specifies the maximum connect time (in minutes) without console activity.
Syntax password-threshold <0-120> no password-threshold - max threshold (Range: 0 - 120). no - This command sets the maximum value to the default. Default Setting 3 Command Mode Line Config 7.3.2.6 silent-time This command uses to set the amount of time the management console is inaccessible after the number of unsuccessful logon tries exceeds the threshold value. Syntax silent-time <0-65535> <0-65535> - silent time (Range: 0 - 65535) in seconds.
Default Setting 24 Command Mode Line Config 7.3.3 Telnet Session Commands 7.3.3.1 telnet This command establishes a new outbound telnet connection to a remote host. Syntax telnet [port] [debug] [line] [echo] - A hostname or a valid IP address. [port] - A valid decimal integer in the range of 0 to 65535, where the default value is 23. [debug] - Display current enabled telnet options.
Command Mode Privileged Exec Display Message Remote Connection Login Timeout (minutes): This object indicates the number of minutes a remote connection session is allowed to remain inactive before being logged off. A zero means there will be no timeout. May be specified as a number from 0 to 160. The factory default is 5. Maximum Number of Remote Connection Sessions: This object indicates the number of simultaneous remote connection sessions allowed. The factory default is 5.
Syntax exec-timeout <1-160> no exec-timeout - max connect time (Range: 1 -160). no - This command sets the remote connection session timeout value, in minutes, to the default. Default Setting 5 Command Mode Line Vty 7.3.3.5 password-threshold This command is used to set the password instruction threshold limited for the number of failed login attempts. Syntax password-threshold <0-120> no password-threshold - max threshold (Range: 0 - 120).
no - This command sets the value to the default. Default Setting 24 Command Mode Line Vty 7.3.3.7 maxsessions This command specifies the maximum number of remote connection sessions that can be established. A value of 0 indicates that no remote connection can be established. The range is 0 to 5. Syntax maxsessions <0-5> no maxsessions <0-5> - max sessions (Range: 0 - 5). no - This command sets the maximum value to be 5. Default Setting 5 Command Mode Line Vty 7.3.3.
7.3.3.9 sessions This command regulates new telnet sessions. If sessions are enabled, new telnet sessions can be established until there are no more sessions available. If sessions are disabled, no new telnet sessions are established. An established session remains active until the session is ended or an abnormal network error ends it. Syntax sessions no sessions no - This command disables telnet sessions. If sessions are disabled, no new telnet sessions are established.
7.3.3.11 telnet maxsessions This command specifies the maximum number of simultaneous outbound telnet sessions. A value of 0 indicates that no outbound telnet session can be established. Syntax telnet maxsessions <0-5> no maxsessions <0-5> - max sessions (Range: 0 - 5). no - This command sets the maximum value to be 5. Default Setting 5 Command Mode Global Config 7.3.3.12 telnet exec-timeout This command sets the outbound telnet session timeout value in minute.
Syntax show telnet Default Setting None Command Mode Privileged Exec User Exec Display Message Outbound Telnet Login Timeout (in minutes) Indicates the number of minutes an outbound telnet session is allowed to remain inactive before being logged off. A value of 0, which is the default, results in no timeout. Maximum Number of Outbound Telnet Sessions Indicates the number of simultaneous outbound telnet connections allowed.
7.3.4.2 sshc sessions This command regulates new outbound ssh connections. If enabled, new outbound ssh sessions can be established until it reaches the maximum number of simultaneous outbound ssh sessions allowed. If disabled, no new outbound ssh session can be established. An established session remains active until the session is ended or an abnormal network error ends it. Syntax sshc sessions no sshc sessions no - This command disables new outbound ssh connections.
Changing the timeout value for active sessions does not become effective until the session is reaccessed. Any keystroke will also activate the new timeout duration. i Syntax sshc exec-timeout <1-160> no sshc exec-timeout <1-160> - max connect time (Range: 1 -160). no - This command sets the remote connection session timeout value, in minutes, to the default. Default Setting 5 Command Mode Global Config 7.3.4.5 show sshc This command displays the current outbound sshc settings.
7.3.5 SNMP Server Commands 7.3.5.1 show snmp This command displays SNMP community information. Six communities are supported. You can add, change, or delete communities. The switch does not have to be reset for changes to take effect. The SNMP agent of the switch complies with SNMP versions 1, 2c, and 3 (for more about the SNMP specification, see the SNMP RFCs).
Syntax show trapflags Default Setting None Command Mode Privileged Exec Display Message Authentication Flag: May be enabled or disabled. The factory default is enabled. Indicates whether authentication failure traps will be sent. Link Up/Down Flag: May be enabled or disabled. The factory default is enabled. Indicates whether link status traps will be sent. Multiple Users Flag: May be enabled or disabled. The factory default is enabled.
Global Config 7.3.5.4 snmp-server location This command sets the physical location of the switch. The range for name is from 1 to 31 alphanumeric characters. Syntax snmp-server location - range is from 1 to 31 alphanumeric characters. Default Setting None Command Mode Global Config 7.3.5.5 snmp-server contact This command sets the organization responsible for the network. The range for contact is from 1 to 31 alphanumeric characters.
Community names in the SNMP community table must be unique. If you make multiple entries using the same community name, the first entry is kept and processed and all duplicate entries are ignored. i Syntax snmp-server community no snmp-server community - community name (up to 16 case-sensitive characters). no - This command removes this community name from the table. The name is the community name to be deleted. Default Setting Two default community names: public and private.
This command sets a client IP mask for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP address value to denote a range of IP addresses from which SNMP clients may use that community to access the device. A value of 255.255.255.255 will allow access from only one station, and will use that machine's IP address for the client IP Address. A value of 0.0.0.0 will allow access from any IP address.
range of IP addresses from which SNMP clients may use that community to access the device. A value of 0.0.0.0 allows access from any IP address. Otherwise, this value is ANDed with the mask to determine the range of allowed client IP addresses. The name is the applicable community name. Syntax snmp-server community ipaddr no snmp-server community ipaddr - community name. - a client IP address. no - This command sets a client IP address for an SNMP community to 0.0.0.
no - This command disables the Authentication trap. Default Setting Enabled Command Mode Global Config This command enables the DVMRP trap. Syntax snmp-server enable traps dvmrp no snmp-server enable traps dvmrp no - This command disables the DVMRP trap. Default Setting Enabled Command Mode Global Config This command enables Link Up/Down traps for the entire switch.
This command enables Multiple User traps. When the traps are enabled, a Multiple User Trap is sent when a user logs in to the terminal interface (EIA 232 or telnet) and there is an existing terminal interface session. Syntax snmp-server enable traps multiusers no snmp-server enable traps multiusers no - This command disables Multiple User trap. Default Setting Enabled Command Mode Global Config This command enables OSPF traps.
virtauthentication-failure | virt-bad-packet | virt-config-error} | if-rx {all | if-rx-packet} | lsa {all | lsa-maxage | lsa-originate} | overflow {all | lsdb-overflow | lsdb-approaching-overflow} | retransmit {all | packets | virt-packets} | rtb {all, rtb-entry-info} | state-change {all | if-state-change | neighbor-state-change | virtif-statechange | virtneighbor-state-change}} no snmp-server enable traps ospfv3 {all | errors {all | authentication-failure | bad-packet | config-error | virtauthentication-fa
Enabled Command Mode Global Config 7.3.6 SNMP Trap Commands 7.3.6.1 show snmptrap This command displays SNMP trap receivers. Trap messages are sent across a network to an SNMP Network Manager. These messages alert the manager to events occurring within the switch or on the network. Six trap receivers are simultaneously supported. Syntax show snmptrap Default Setting None Command Mode Privileged Exec Display Message SNMP Trap Name: The community string of the SNMP trap packet sent to the trap manager.
Syntax snmptrap snmpversion Default Setting Snmpv2 Command Mode Global Config 7.3.6.3 snmp trap link-status This command enables link status traps by interface. This command is valid only when the Link Up/Down Flag is enabled. See ‘snmpserver i enable traps linkmode’ command. Syntax snmp trap link-status no snmp trap link-status no - This command disables link status traps by interface.
Default Setting Disabled Command Mode Global Config 7.3.6.4 snmptrap ipaddr This command adds an SNMP trap name. The maximum length of the name is 16 case-sensitive alphanumeric characters. Syntax snmptrap ipaddr no snmptrap - SNMP trap name (Range: up to 16 case-sensitive alphanumeric characters). - an IP address of the trap receiver. - SNMP trap version.
- an original IP address. - a new IP address. Default Setting None Command Mode Global Config 7.3.6.6 snmptrap mode This command activates or deactivates an SNMP trap. Enabled trap receivers are active (able to receive traps). Disabled trap receivers are inactive (not able to receive traps). Syntax snmptrap mode no snmptrap mode - SNMP trap name. - an IP address. no - This command deactivates an SNMP trap.
Command Mode Privileged Exec Display Message HTTP Mode (Unsecure): This field indicates whether the HTTP mode is enabled or disabled. HTTP Port: This field specifies the port configured for HTTP. HTTP Mode (Secure): This field indicates whether the administrative mode of secure HTTP is enabled or disabled. Secure Port: This field specifies the port configured for SSLT. Secure Protocol Level(s): The protocol level may have the values of SSL3, TSL1, or both SSL3 and TSL1.
Syntax ip http port <1-65535> no ip http port <1-65535> - HTTP Port value. no - This command is used to reset the http port to the default value. Default Setting 80 Command Mode Global Config 7.3.7.4 ip http server This command enables access to the switch through the Web interface. When access is enabled, the user can login to the switch from the Web interface. When access is disabled, the user cannot login to the switch's Web server. Disabling the Web interface takes effect immediately.
no ip http secure-port - SSLT Port value. no - This command is used to reset the SSLT port to the default value. Default Setting 443 Command Mode Global Config 7.3.7.6 ip http secure-server This command is used to enable the secure socket layer for secure HTTP. Syntax ip http secure-server no ip http secure-server no - This command is used to disable the secure socket layer for secure HTTP. Default Setting Disabled Command Mode Global Config 7.3.7.
Default Setting SSL3 and TLS1 Command Mode Global Config 7.3.8 Secure Shell (SSH) Commands 7.3.8.1 show ip ssh This command displays the SSH settings. Syntax show ip ssh Default Setting None Command Mode Privileged Exec Display Message Administrative Mode: This field indicates whether the administrative mode of SSH is enabled or disabled. Protocol Levels: The protocol level may have the values of version 1, version 2, or both versions.
no - This command is used to disable SSH. Default Setting Disabled Command Mode Global Config 7.3.8.3 ip ssh protocol This command is used to set or remove protocol levels (or versions) for SSH. Either SSH1 (1), SSH2 (2), or both SSH 1 and SSH 2 (1 and 2) can be set. Syntax ip ssh protocol [protocollevel2] - The protocol level can be set to SSH1, SSH2 or to both SSH 1 and SSH 2. Default Setting SSH1 and SSH2 Command Mode Global Config 7.3.8.
7.3.8.5 ip ssh timeout This command sets the SSH connection session timeout value, in minutes. A session is active as long as the session has been idle for the value set. A value of 0 indicates that a session remains active indefinitely. The time is a decimal value from 0 to 160. Changing the timeout value for active sessions does not become effective until the session is reaccessed. Any keystroke will also activate the new timeout duration.
7.3.9.2 crypto key generate This command is used to generate an RSA or DSA key pair for SSH. Syntax crypto key generate {RSA | DSA} no crypto key generate {RSA | DSA} no- This command is used to delete the RSA or DSA key from the device. Default Setting None Command Mode Global Config 7.3.10 DHCP Client Commands 7.3.10.1 ip dhcp restart This command is used to initiate a BOOTP or DCHP client request. Syntax ip dhcp restart Default Setting None Command Mode Global Config 7.3.10.
ip dhcp client-identifier {text | hex } no ip dhcp client-identifier - A text string. (Range: 1-32 characters). - The hexadecimal value (00:00:00:00:00:00). no - This command is used to restore to default value. Default Setting System Burned In MAC Address Command Mode Global Config 7.3.11 DHCPv6 Client Commands 7.3.11.1 ipv6 address protocol This command specifies the network of IPv6 configuration protocol to be used .
Default Setting None Command Mode Global Config 7.3.11.3 serviceport protocol This command specifies the oob configuration protocol to be used. If you modify this value, the change is effective immediately. Syntax serviceport protocol {bootp | dhcp | dhcp6 | none [dhcp6]} - Obtains IP address from BOOTP. - Obtains IP address from DHCP. - Obtains IPv6 address from DHCPv6. - Obtains IP address by setting configuration.
7.3.12 DHCP Relay Commands 7.3.12.1 show bootpdhcprelay This command is used to display the DHCP relay agent configuration information on the system. Syntax show bootpdhcprelay Default Setting None Command Mode Privileged Exec Display Message Maximum Hop Count - The maximum number of Hops a client request can go without being discarded. Minimum Wait Time (Seconds) - The Minimum time in seconds.
no - This command is used to reset to the default value. Default Setting 4 Command Mode Global Config 7.3.13 sFlow Commands 7.3.13.1 show sflow agent The user can go to the CLI Privilege Exec to get the sFlow agent information, use the show sflow agent Privilege command. Syntax show sflow agent Default Setting None Command Mode Privilege Exec Display Message sFlow Version: Uniquely identifies the version and implementation of this MIB. IP Address: The IP address associated with this agent. 7.3.13.
Display Message Poller Data Source: The sFlowDataSource (slot/port) for this sFlow sampler. This agent will support Physical ports only. Receiver Index: The sFlowReceiver associated with this sFlow counter poller. Poller Interval: The number of seconds between successive samples of the counters associated with this data source. 7.3.13.
Command Mode Privilege Exec Display Message Sampler Data Source: The sFlowDataSource (slot/port) for this sFlow sampler. This agent will support Physical ports only. Receiver Index: The sFlowReceiver configured for this sFlow sampler. Packet Sampling Rate: The statistical sampling rate for packet sampling from this source. Max Header Size: The maximum number of bytes that should be copied from a sampled packet to form a flow sample. 7.3.13.
7.3.13.7 set sflow maximum datagram size The user can go to the CLI Global Configuration Mode to set maximum datagram size, use the sflow receiver maxdatagram <200-9116> global configuration command. Use the no sflow receiver maxdatagram return to default value 1400. Syntax sflow receiver maxdatagram <200-9116> no sflow receiver maxdatagram Default Setting 1400 Command Mode Global Config 7.3.13.
Default Setting 6343 Command Mode Global Config 7.3.13.10 set sflow interval The user can go to the CLI Interface Configuration Mode to set polling interval, use the sflow poller interval <0-86400> interface configuration command. Use the no sflow poller interval return to default value zero. Syntax sflow poller interval <0-86400> no sflow poller interval Default Setting 0 Command Mode Interface Config 7.3.13.
7.3.13.12 set sflow poller index The user can go to the CLI Interface Configuration Mode to configure a new sFlow poller instance, use the sflow poller interface configuration command. Use the no sflow poller return to default setting. Syntax sflow poller no sflow poller Default Setting None Command Mode Interface Config 7.3.14 Service Port Commands 7.3.14.1 show serviceport This command displays service port configuration information.
7.3.14.2 show serviceport ndp This command displays IPv6 Neighbor entries. Syntax show serviceport ndp Default Setting None Command Mode Privileged Exec Display Message IPv6 Address: Specifies the IPv6 address of neighbor or interface. MAC Address: Specifies MAC address associated with an interface. isRr:. Specifies router flag. Neighbor State: Incmp - Address resolution is being performed on the entry.
Syntax serviceport ip - The user manually configures IP address for this switch. - The user manually configures Subnet Mask for this switch. Default Setting None Command Mode Global Config 7.3.14.4 serviceport protocol This command specifies the network management port configuration protocol. If you modify this value, the change is effective immediately.
Syntax serviceport ipv6 enable no serviceport ipv6 enable no - This command is disable IPv6 operation on the service port. Default Setting None Command Mode Global Config 7.3.14.6 serviceport ipv6 address Use this command to configure IPv6 global addressing (i.e. Default routers) information for the service port.
Syntax serviceport ipv6 gateway no serviceport ipv6 gateway : Gateway address in IPv6 global or link-local address format. no - This command remove IPv6 gateways on the service port interface. Only a single IPv6 gateway address can be configured for the service port. There may be a combination of IPv6 prefixes and gateways that are explicitly configured and those that are set through auto-address configuration with a connected IPv6 router on their service port interface.
Privileged Exec Display Message Bridge Priority: Configured value. Bridge Identifier: The MAC Address for the Bridge from which the Bridge Identifiers used by the Spanning Tree Algorithm and Protocol. Time Since Topology Change: In seconds. Topology Change Count: Number of times changed. Topology Change in progress: Boolean value of the Topology Change parameter for the switch indicating if a topology change is in progress on any port assigned to the common and internal spanning tree.
Command Mode Privileged Exec Display Message Hello Time: The hello time value. Not Configured means using default value. Port Mode: The administration mode of spanning tree. BPDU Guard: Enabled or disabled. ROOT Guard: Enabled or disabled. LOOP Guard: Enabled or disabled. TCN Guard: Enabled or disabled. BPDU Filter Mode: Enabled or disabled. BPDU Flood Mode: Enabled or disabled. Auto Edge: True or false.
Associated Instance: Identifier for the associated multiple spanning tree instance or "CST" if associated with the common and internal spanning tree. 7.4.1.4 show spanning-tree mst This command displays settings and parameters for the specified multiple spanning tree instance. The instance <0-4094> is a number that corresponds to the desired existing multiple spanning tree instance ID. The following details are displayed.
Default Setting None Command Mode Privileged Exec Display Message MST Instance ID List: List of multiple spanning trees IDs currently configured. For each MSTID: The multiple spanning tree instance ID. Associated FIDs: List of forwarding database identifiers associated with this instance. Associated VLANs: List of VLAN IDs associated with this instance. This command displays the detailed settings and parameters for a specific switch port within a particular multiple spanning tree instance.
If 0 (defined as the default CIST ID) is passed as the <0-4094>, then this command displays the settings and parameters for a specific switch port within the common and internal spanning tree. The is the desired switch port. In this case, the following are displayed. Port Identifier: The port identifier for this port within the CST. Port Priority: The priority of the port within the CST. Port Forwarding State: The forwarding state of the port within the CST.
<0-4094> - multiple spanning tree instance ID. - is the desired interface number. all - All interfaces. Default Setting None Command Mode Privileged Exec Display Message MST Instance ID: The MST instance associated with this port. Interface: The interface being displayed. STP Mode: Indicate STP mode. Type: Currently not used. STP State: The forwarding state of the port in the specified spanning tree instance. Port Role: The role of the specified port within the spanning tree.
Configuration Name: TConfigured name. Configuration Revision Level: Configured value. Configuration Digest Key: Calculated value. Configuration Format Selector: Configured value. MST Instances: List of all multiple spanning tree instances configured on the switch. 7.4.1.6 show spanning-tree brief This command displays spanning tree settings for the bridge. In this case, the following details are displayed.
no - This command sets the spanning-tree operational mode to be disabled. While disabled, the spanning-tree configuration is retained and can be changed, but is not activated. Default Setting Disabled Command Mode Global Config 7.4.2.2 spanning-tree protocol-migration This command enables BPDU migration check on a given interface. The all option enables BPDU migration check on all interfaces.
Default Setting The base MAC address displayed using hexadecimal notation as specified in IEEE 802 standard. Command Mode Global Config This command sets the Configuration Identifier Revision Level for use in identifying the configuration that this switch is currently using. The Configuration Identifier Revision Level is a number in the range of 0 to 65535.
Global Config 7.4.2.5 spanning-tree forward-time This command sets the Bridge Forward Delay parameter to a new value for the common and internal spanning tree. The forward-time value is in seconds within a range of 4 to 30, with the value being greater than or equal to "(Bridge Max Age / 2) + 1". Syntax spanning-tree forward-time <4-30> no spanning-tree forward-time <4-30> - forward time value (Range: 4 – 30).
7.4.2.7 spanning-tree max-age This command sets the Bridge Max Age parameter to a new value for the common and internal spanning tree. The max-age value is in seconds within a range of 6 to 40, with the value being less than or equal to "2 times (Bridge Forward Delay - 1)" and greater than or equal to “2 times (Bridge Hello Time + 1)”. Syntax spanning-tree max-age <6-40> no spanning-tree max-age <6-40> - the Bridge Max Age value (Range: 6 – 40).
7.4.2.9 spanning-tree hold-count This command sets the Bridge Tx Hold Count parameter to a new value for the common and internal spanning tree. The Tx Hold Count value is in a range of 1 to 110. Syntax spanning-tree hold-count <1-10> no spanning-tree hold-count <1-10> - the Maximum hold-count value (Range: 1-110). no - This command sets the Bridge Tx Hold Count parameter for the common and internal spanning tree to the default value. Default Setting 6 Command Mode Global Config 7.4.2.
This command sets the bridge priority for a specific multiple spanning tree instance. The instance is a number that corresponds to the desired existing multiple spanning tree instance. The priority value is a number within a range of 0 to 61440 in increments of 4096. If 0 (defined as the default CIST ID) is passed as the , then this command sets the Bridge Priority parameter to a new value for the common and internal spanning tree.
Default Setting None Command Mode Global Config This command sets the Path Cost or Port Priority for this port within the multiple spanning tree instance or in the common and internal spanning tree. If the <1-4094> parameter corresponds to an existing multiple spanning tree instance, then the configurations are done for that multiple spanning tree instance.
If the ‘port-priority’ token is specified, this command sets the priority for this port within a specific multiple spanning tree instance or the common and internal spanning tree instance, depending on the <1-4094> parameter. The port-priority value is a number in the range of 0 to 240 in increments of 16. Syntax spanning-tree mst <1-4094> port-priority <0-240> no spanning-tree mst <1-4094> port-priority <1-4094> - multiple spanning tree instance ID.
This command sets the Administrative Switch Port State for all ports to enabled. Syntax spanning-tree port mode all no spanning-tree port mode all all - All interfaces. no - This command sets the Administrative Switch Port State for all ports to disabled. Default Setting Disabled Command Mode Global Config 7.4.2.12 spanning-tree auto-edge This command sets the auto-edge for this port to enabled.
no - This command sets the Edgeport function to the default value, that is Enabled. Default Setting Enabled Command Mode Global Config This command specifies that this port is an Edge Port within the common and internal spanning tree. This will allow this port to transition to Forwarding State without delay. Syntax spanning-tree edgeport no spanning-tree edgeport no - This command specifies that this port is not an Edge Port within the common and internal spanning tree.
This command sets the Edgeport BPDU Guard enable/disable parameter for accepting BPDUs on this switch. This command only works on dot1d mode. Syntax spanning-tree edgeport bpduguard no spanning-tree edgeport bpduguard no - This command sets the Edgeport BPDU Guard to the default value, that is, Disabled. Default Setting Disabled Command Mode Global Config This command sets the Edgeport BPDU Filter enable/disable parameter for sending/receiving BPDUs on this interface.
Default Setting Disabled Command Mode Interface Config 7.4.2.14 spanning-tree uplinkfast This command sets the Uplink Fast parameter to a new value on this switch. This command only works on dot1d mode. Syntax spanning-tree uplinkfast no spanning-tree uplinkfast no - This command sets the Uplink Fast parameter to the default value, that is Disabled. Default Setting Disabled Command Mode Global Config 7.4.2.
7.4.2.16 spanning-tree tcnguard This command sets the TCN Guard parameter to prevent a port from propagating topology change notifications. Syntax spanning-tree tcnguard no spanning-tree tcnguard no - This command sets the tcnguard parameter to the default value, that is Disabled. Default Setting Disabled Command Mode Interface Config 7.5 System Log Management Commands 7.5.1 Show Commands 7.5.1.1 show logging This command displays logging.
Console Logging Severity Filter The minimum severity to log to the console log. Messages with an equal or lower numerical severity are logged. Buffered Logging The mode for buffered logging. Syslog Logging The mode for logging to configured syslog hosts. If set to disable logging stops to all syslog hosts. Terminal Monitor The mode for terminal logging. Terminal Logging Severity Filter The minimum severity to log to the terminal log. Messages with an equal or lower numerical severity are logged.
Default Setting None Command Mode Privileged Exec Display Message Number of Traps since last reset: The number of traps that have occurred since the last reset of this device. Trap Log Capacity: The maximum number of traps that could be stored in the switch. Log: The sequence number of this trap. System Up Time: The relative time since the last reboot of the switch at which this trap occurred. Trap: The relevant information of this trap. Trap log information is not retained across a switch reset. i 7.5.
7.5.2 Configuration Commands 7.5.2.1 logging buffered This command enables logging to in-memory log where up to 128 logs are kept. Syntax logging buffered no logging buffered no - This command disables logging to in-memory log. Default Setting None Command Mode Global Config This command enables wrapping of in-memory logging when full capacity reached. Otherwise when full capacity is reached, logging stops.
[ | <0-7>] - The value is specified as either an integer from 0 to 7 or symbolically through one of the following keywords: emergency (0), alert (1), critical (2), error (3), warning (4), notice (5), informational (6), debug (7). no - This command disables logging to the console. Default Setting None Command Mode Global Config 7.5.2.3 logging monitor This command enables logging to the terminal monitor.
None Command Mode Privileged Exec 7.5.2.5 logging host This command enables logging to a host where up to eight hosts can be configured. Syntax logging host [ ] [[ | <0-7>]] - IP address of the log server. - Port number.
Syntax logging host reconfigure - Index of the log server. - New IP address of the log server. Default Setting None Command Mode Globla Config 7.5.2.6 logging syslog This command enables syslog logging. Syntax logging syslog no logging syslog no - Disables syslog logging. Default Setting None Command Mode Globla Config This command sets the local port number of the LOG client for logging messages.
Command Mode Globla Config 7.5.2.7 clear logging buffered This command clears all in-memory log. Syntax clear logging buffered Default Setting None Command Mode Privileged Exec 7.6 Script Management Commands 7.6.1 script apply This command applies the commands in the configuration script to the switch. The apply command backs up the running configuration and then starts applying the commands in the script file. Application of the commands stops at the first failure of a command.
7.6.2 script delete This command deletes a specified script or all the scripts presented in the switch. Syntax script delete { | all} - The name of the script to be deleted. all - Delete all scripts presented in the switch. Default Setting None Command Mode Privileged Exec 7.6.2.1 script list This command lists all scripts present on the switch as well as the total number of files present.
- Name of the script file. Default Setting None Command Mode Privileged Exec 7.6.4 script validate This command displays the content of a script file. Syntax script validate - Name of the script file. Default Setting None Command Mode Privileged Exec 7.7 User Account Management Commands 7.7.1 Show Commands 7.7.1.1 show users This command displays the configured user names and their settings.
Default Setting None Command Mode Privileged Exec Display Message User Name: The name the user will use to login using the serial port, Telnet or Web. A new user may be added to the switch by entering a name in a blank entry. The user name may be up to eight characters, and is not case sensitive. Two users are included as the factory default, admin, and guest. User Access Mode: Shows whether the operator is able to change parameters on the switch (Read/Write) or is only able to view them (Read Only).
7.7.1.3 show passwords configuration Use this command to display the configured password management settings. Syntax show passwords configuration Default Setting None Command Mode Privileged Exec Display Message Minimum Password Length: Minimum number of characters required when changing passwords. Password History: Number of passwords to store for reuse prevention. Password Aging: Length in days that a password is valid. Lockout Attempts: Number of failed password login attempts before lockout. 7.7.
i The admin user account cannot be deleted. Default Setting No password Command Mode Global Config 7.7.2.2 Unlock a locked user account The user can go to the CLI Global Configuration Mode to unlock a locked user account, use the username unlock global configuration command. Syntax username unlock - is a user name (Range: up to 8 characters). Default Setting None Command Mode Global Config 7.7.2.
none - no use authentication method. no - This command sets the authentication protocol to be used for the specified login user to none. The is the login user name for which the specified authentication protocol will be used. Default Setting No authentication Command Mode Global Config 7.7.2.4 username snmpv3 encryption This command specifies the encryption protocol and key to be used for the specified login user. The valid encryption protocols are none or des.
passwords aging <1-365> no passwords aging <1-365> - Number of days until password expires. Default Setting 0 Command Mode Global Config 7.7.2.6 Set the password history The user can go to the CLI Global Configuration Mode to set the password history, use the passwords history <0-10> Global configuration command. Use the no passwords history return to default value 0.
Default Setting 0 Command Mode Global Config 7.7.2.8 Set the minimum password length The user can go to the CLI Global Configuration Mode to set the minimum password length, use the passwords min-length <8-64> Global configuration command. Use the no passwords min-length return to default value 8. Syntax passwords min-length <8-64> no passwords min-length Default Setting 8 Command Mode Global Config 7.8 Security Commands 7.8.1 Show Commands 7.8.1.
Display Message User: This field lists every user that has an authentication login list assigned. System Login: This field displays the authentication login list assigned to the user for system login. 802.1x: This field displays the authentication login list assigned to the user for 802.1x port security. 7.8.1.2 show authentication This command displays the ordered authentication methods for all authentication login lists.
User Name: This field displays the user assigned to the specified authentication login list. Component: This field displays the component (User or 802.1x) for which the authentication login list is assigned. 7.8.1.4 show dot1x This command is used to show the status of the dot1x Administrative mode. Syntax show dot1x Default Setting None Command Mode Privileged Exec Display Message Administrative mode: Indicates whether authentication control on the switch is enabled or disabled.
Protocol Version: The protocol version associated with this port. The only possible value is 1, corresponding to the first version of the dot1x specification. PAE Capabilities: The port access entity (PAE) functionality of this port. Possible values are Authenticator or Supplicant. Control Mode - The configured control mode for this port. Possible values are force-unauthorized, force-authorized, auto and mac-based. Authenticator PAE State: Current state of the authenticator PAE state machine.
terminated the port goes into unauthorized state. If the value is Radius-Request, then a reauthentication of the client authenticated on the port is performed. 7.8.1.6 show dot1x statistics This command is used to show a summary of the global dot1x configuration and the dot1x statistics for a specified port. Syntax show dot1x statistics - is the desired interface number.
EAP Length Error Frames Received: The number of EAPOL frames that have been received by this authenticator in which the frame type is not recognized. 7.8.1.7 show dot1x summary This command is used to show a summary of the global dot1x configuration and summary information of the dot1x configuration for a specified port or all ports. Syntax show dot1x summary { | all} - is the desired interface number. all - All interfaces.
Privileged Exec Display Message User: Users configured locally to have access to the specified port. 7.8.1.9 show dot1x client This command displays 802.1x client information. Syntax show dot1x clients { | all} - is the desired interface number. all - All interfaces. Default Setting None Command Mode Privileged Exec Display Message Logical Interface: The logical port number associated with a client. Interface: The physical port to which the supplicant is associated.
7.8.1.10 show radius servers This command is used to display items of the configured RADIUS servers. Syntax show radius servers [] Default Setting None Command Mode Privileged Exec Display Message : The IP address or host name of the authenticating server. Current: The ‘*’ symbol preceeding the server host address specifies that the server is currently active. Host Address: The IP address of the host.
Number of Named Accounting Server Groups: The number of configured named RADIUS server groups. Number of Retransmits: The configured value of the maximum number of times a request packet is retransmitted. Time Duration: The configured timeout value, in seconds, for request re-transmissions. RADIUS Accounting Mode: A global parameter to indicate whether the accounting mode for all the servers is enabled or not.
Round Trip Time: The time interval in centiseconds, between the most recent AccountingResponse and the Accounting-Request that matched it from the RADIUS accounting server. Requests: The number of RADIUS Accounting-Request packets sent to this accounting server. This number does not include retransmissions. Retransmission: The number of RADIUS Accounting-Request packets retransmitted to this RADIUS accounting server. Responses: The number of RADIUS packets received on the accounting port from this server.
Round Trip Time - The time interval, in hundredths of a second, between the most recent Access-Reply, Access - Challenge and the Access-Request that matched it from the RADIUS authentication server. Access Requests - The number of RADIUS Access-Request packets sent to this server. This number does not include retransmissions. Access Retransmission - The number of RADIUS Access-Request packets retransmitted to this RADIUS authentication server.
Port: Shows the configured TACACS+ server port number. TimeOut: Shows the timeout in seconds for establishing a TCP connection. Priority: Shows the preference order in which TACACS+ servers are contacted. If a server connection fails, the next highest priority server is contacted. 7.8.1.15 show port-security This command shows the port-security settings for the entire system.
This command shows the dynamically locked MAC addresses for port. Syntax show port-security dynamic Default Setting None Command Mode Privileged Exec Display Message MAC address Dynamically locked MAC address. This command shows the statically locked MAC addresses for port. Syntax show port-security static Default Setting None Command Mode Privileged Exec Display Message MAC address Statically locked MAC address.
MAC address MAC address of discarded packet on locked ports. 7.8.2 Configuration Commands 7.8.2.1 authentication login This command creates an authentication login list. The is up to 15 alphanumeric characters and is not case sensitive. Up to 10 authentication login lists can be configured on the switch. When a list is created, the authentication method “local” is set as the first method.
None Command Mode Global Config 7.8.2.2 username defaultlogin This command assigns the authentication login list to use for non-configured users when attempting to log in to the system. This setting is overridden by the authentication login list assigned to a specific user if the user is configured locally. If this value is not configured, users will be authenticated using local authentication only. Syntax username defaultlogin - an authentication login list.
Default Setting None Command Mode Global Config 7.8.3 Dot1x Configuration Commands 7.8.3.1 dot1x initialize This command begins the initialization sequence on the specified port. This command is only valid if the control mode for the specified port is 'auto'. If the control mode is not 'auto' an error will be returned. Syntax dot1x initialize - is the desired interface number. Default Setting None Command Mode Privileged Exec 7.8.3.
Global Config 7.8.3.3 dot1x login This command assigns the specified authentication login list to the specified user for 802.1x port security. The parameter must be a configured user and the parameter must be a configured authentication login list. Syntax dot1x login - is the login user name. - an authentication login list. Default Setting None Command Mode Global Config 7.8.3.
7.8.3.5 dot1x user This command adds the specified user to the list of users with access to the specified port or all ports. The parameter must be a configured user. Syntax dot1x user { | all} no dot1x user { | all} - Is the login user name. - Is the desired interface number. all - All interfaces. no - This command removes the user from the list of users with access to the specified port or all ports.
Command Mode Global Config This command sets the authentication mode to be used on the specified port. The control mode may be one of the following. force-unauthorized: The authenticator PAE unconditionally sets the controlled port to unauthorized. force-authorized: The authenticator PAE unconditionally sets the controlled port to authorized.
Default Setting 2 Command Mode Interface Config 7.8.3.8 dot1x max-user This command configures the maximum users to a specified port, The system’s default maximum users of an interface has no limitation. If ‘no dot1x max-users’ command is executed, the system will reset the maximum users to infinity. If the maximum users is specified or modified, the system should use the new one. Syntax dot1x max-user no dot1x max-user - maximum users (Range: 1 – 16).
7.8.3.10 dot1x re-reauthenticate This command begins the re-authentication sequence on the specified port. This command is only valid if the control mode for the specified port is 'auto'. If the control mode is not 'auto' an error will be returned. Syntax dot1x re-authenticate - is the desired interface number. Default Setting None Command Mode Privileged Exec 7.8.3.
server-timeout: Sets the value, in seconds, of the timer used by the authenticator state machine on this port to timeout the authentication server. The supp-timeout must be a value in the range 1 - 65535. Syntax dot1x timeout {guest-vlan-period | quiet-period | reauth-period | server-timeout | supp-timeout | tx-period} no dot1x timeout { guest-vlan-period | quiet-period | reauth-period | server-timeout | supp-timeout | tx-period} - Value in the range 0 – 65535.
7.8.4 Radius Configuration Commands 7.8.4.1 radius accounting mode This command is used to enable the RADIUS accounting function. Syntax radius accounting mode no radius accounting mode no - This command is used to set the RADIUS accounting function to the default value - that is, the RADIUS accounting function is disabled. Default Setting Disabled Command Mode Global Config 7.8.4.2 authorization network radius Use this command to enable the switch to accept VLAN assignment by the radius server.
7.8.4.3 radius server attribute 4 This command to set the NAS-IP address for the radius server. Syntax radius-server attribute 4 [ipaddr] no radius-server attribute 4 no – use this command to reset the NAS-IP address for the radius server. Default Setting None Command Mode Global Config 7.8.4.4 radius-server dead-time This command cnfiguresradius server dead time. Syntax radius-server dead-time no radius-server dead-time Value - Set radius server dead time (sec). Range 1 – 255.
number, the IP address must match that of a previously configured RADIUS authentication server. The port number must lie between 1 - 65535, with 1812 being the default value. If the 'acct' token is used, the command configures the IP address to use for the RADIUS accounting server. Only a single accounting server can be configured. If an accounting server is currently configured, it must be removed from the configuration using the no form of the command before this command succeeds.
Default Setting None Command Mode Global Config 7.8.4.7 radius-server retransmit This command sets the maximum number of times a request packet is re-transmitted when no response is received from the RADIUS server. The retries value is an integer in the range of 1 to 15. Syntax radius-server retransmit no radius-server retransmit - the maximum number of times (Range: 1 - 15).
Command Mode Global Config 7.8.4.9 radius-server msgauth This command enables the message authenticator attribute for a specified server. Syntax radius-server msgauth - is a IP address or hostname. Default Setting None Command Mode Global Config 7.8.4.10 radius-server primary This command is used to configure the primary RADIUS authentication server for this RADIUS client. The primary server is the one that is used by default for handling RADIUS requests.
7.8.5 TACACS+ Configuration Commands 7.8.5.1 tacacs host This command is used to enable /disable TACACS+ function and to configure the TACACS+ server IP address. The system has not any TACACS+ server configured for its initialization and support 5 TACACS+ servers. Syntax tacacs host no tacacs host - The IP address or hostname of the TACACS+ server. no - This command is used to remove all of configuration.
This command is used to configure the TACACS+ authentication and encryption key. Syntax key [ | encrypted ] Note that the length of the secret key is up to 128 characters. < key-string > - The valid value of the key. encrypted - the key string is encrypted. Default Setting None Command Mode TACACS Host Config This command is used to configure the TACACS+ authentication host port. Syntax port [] - The valid port number.
Default Setting 0 Command Mode TACACS Host Config 7.8.5.3 tacacs timeout This command is used to configure the TACACS+ connection timeout value. Syntax tacacs timeout [] no tacacs timeout - The connection timeout value. Max timeout (Range: 1 to 30). no - This command is used to reset the timeout value to the default value. Default Setting 5 Command Mode Global Config This command is used to configure the TACACS+ connection timeout value.
7.8.6 Port Security Configuration Commands 7.8.6.1 port-security This command enables port locking at the system level (Global Config) or port level (Interface Config). Syntax port-security no port-security Default Setting None Command Mode Global Config Interface Config 7.8.6.2 port-security max-dynamic This command sets the maximum of dynamically locked MAC addresses allowed on a specific port.
no - This command resets the maximum number of statically locked MAC addresses allowed on a specific port to its default value. Default Setting 20 Command Mode Interface Config 7.8.6.4 port-security mac-address This command adds a MAC address to the list of statically locked MAC addresses. Syntax port-security mac-address <1-3965> no port-security mac-address <1-3965> <1-3965> - VLAN ID - The statically locked MAC address.
7.8.6.6 port-security violation shutdown This command configures the port violation shutdown mode. Once the violation happens, the interface will be shutdown. Syntax port-security violation shutdown no port-security violation no - This command restore violation mode to be default. Default Setting None Command Mode Interface Config 7.9 CDP (Cisco Discovery Protocol) Commands 7.9.1 Show Commands 7.9.1.1 show cdp This command displays the CDP configuration information.
CDP Holdtime (sec): The length of time a receiving device should hold the L2 Network Switch CDP information before discarding it CDP Transmit Interval (sec): A period of the L2 Network Switch to send CDP packet Ports: Port number vs CDP status CDP: CDP enable or disable 7.9.1.2 show cdp neighbors This command displays the CDP neighbor information.
Privileged Exec Display Message Device Id: Identifies the device name in the form of a character string. Entry Address(es): The L3 addresses of the interface that has sent the update. Platform: Describes the hardware platform name of the device, for example, Fortinet the L2 Network Switch. Capability: Describes the device's functional capability in the form of a device type, for example, a switch. Local Interface: The CDP neighbor information receiving port.
Syntax cdp no cdp no - This command is used to disable CDP Admin Mode. Default Setting Enabled Command Mode Global Config 7.9.2.2 cdp run This command is used to enable CDP on a specified interface. Syntax cdp run no cdp run no - This command is used to disable CDP on a specified interface. Default Setting Enabled Command Mode Interface Config This command is used to enable CDP for all interfaces. Syntax cdp run all no cdp run all all - All interfaces.
Command Mode Global Config 7.9.2.3 cdp timer This command is used to configure an interval time (seconds) of the sending CDP packet. Syntax cdp timer <5-254> no cdp timer <5-254> - interval time (Range: 5 – 254). no - This command is used to reset the interval time to the default value. Default Setting 60 Command Mode Global Config 7.9.2.4 cdp holdtime This command is used to configure the hold time (seconds) of CDP. Syntax cdp holdtime <10-255> <10-255> - interval time (Range: 10 – 255).
7.10 SNTP (Simple Network Time Protocol) Commands 7.10.1 Show Commands 7.10.1.1 show sntp This command displays the current time and configuration settings for the SNTP client, and indicates whether the local time has been properly updated. Syntax show sntp Default Setting None Command Mode Privileged Exec Display Message Last Update Time Time of last clock update. Last Unicast Attempt Time Time of last transmit query (in unicast mode).
Client Mode: Configured SNTP Client Mode. Unicast Poll Interval Poll interval value for SNTP clients in seconds as a power of two. Poll Timeout (Seconds) Poll timeout value in seconds for SNTP clients. Poll Retry Poll retry value for SNTP clients. This command displays configured SNTP servers and SNTP server settings. Syntax show sntp server Default Setting None Command Mode Privileged Exec Display Message Server IP Address IP Address of configured SNTP Server Server Type Address Type of Server.
7.10.2 Configuration Commands 7.10.2.1 sntp broadcast client poll-interval This command will set the poll interval for SNTP broadcast clients in seconds as a power of two where can be a value from 6 to 10. Syntax sntp broadcast client poll-interval <6-10> no sntp broadcast client poll-interval <6-10> - The range is 6 to 10. no - This command will reset the poll interval for SNTP broadcast client back to its default value. Default Setting 6 Command Mode Global Config 7.10.2.
7.10.2.3 sntp client port This command will set the SNTP client port id and polling interval in seconds. Syntax sntp client port no sntp client port - SNTP client port id. no - Resets the SNTP client port id. Default Setting The default portid is 123. Command Mode Global Config 7.10.2.4 sntp unicast client poll-interval This command will set the poll interval for SNTP unicast clients in seconds.
Syntax sntp unicast client poll-timeout no sntp unicast client poll-timeout < poll-timeout > - Polling timeout in seconds. The range is 1 to 30. no - This command will reset the poll timeout for SNTP unicast clients to its default value. Default Setting The default value is 5. Command Mode Global Config 7.10.2.6 sntp unicast client poll-retry This command will set the poll retry for SNTP unicast clients in seconds.
- IPv4 or IPv6 address or domain name of the SNTP server. - The address type is ipv4 or ipv6 or dns or dnsv6. <1-3> - The range is 1 to 3. - The range is 1 to 4. - The range is 1 to 65535. no - This command deletes an server from the configured SNTP servers. Default Setting None Command Mode Global Config 7.10.2.8 sntp clock timezone This command sets the time zone for the switch’s internal clock.
sntp multicast client poll-interval no sntp multicast client poll-interval - Polling interval. It’s 2^(value) seconds where the range of value is 6 to 10. no – This command will reset the poll interval for SNTP multicast client to its default value. Default Setting The default value is 6. Command Mode Global Config 7.11 MAC-Based Voice VLAN Commands 7.11.1 Show Commands 7.11.1.
Mask: The mac-mask is the last eight digit of the mask code of the MAC address, the valid values are: 0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80 and 0x0. Priority: The priority-id is the priority of the voice traffic; the valid range is 0 to 7. 7.11.1.2 show voice vlan Use this command to display the configuration status of the Voice VLAN on the switch, When the interface parameter is not specified, only the global mode of the Voice VLAN is displayed.
Default Setting Disabled Command Mode Global Config 7.11.2.2 voice-vlan vlan This command configures the specified VLAN to Voice VLAN. Syntax voice-vlan vlan Default Setting None Command Mode Global Config 7.11.2.3 voice-vlan mac This command is used to add a voice device to a Voice VLAN.
7.11.2.4 voice vlan This command is used to enable/disable Voice VLAN Admin Mode. Syntax voice vlan no voice vlan no - This command disables the Voice VLAN capability on this switch. Default Setting Disabled Command Mode Global Config This command configures the Voice VLAN capability on the interface. Syntax voice vlan { | dot1p | none | untagged } no voice vlan - Configure the IP phone to forward all voice traffic through the specified VLAN.
Syntax voice vlan data priority untrust | trust Default Setting trust Command Mode Interface Config 7.12 LLDP (Link Layer Discovery Protocol) Commands 7.12.1 Show Commands 7.12.1.1 show lldp This command uses to display a summary of the current LLDP configuration. Syntax show lldp Default Setting None Command Mode Privileged Exec Display Message Transmit Interval: Shows how frequently the system transmits local data LLDPDUs, in seconds.
Syntax show lldp interface { | all} - Configs a specific interface. Default Setting None Command Mode Privileged Exec Display Message Interface: Shows the interface in a slot/port format. Link: Shows whether the link is up or down. Transmit: Shows whether the interface transmits LLDPDUs. Receive: Shows whether the interface receives LLDPDUs. Notify: Shows whether the interface sends remote data change notifications.
Total Deletes: Total number of deletes from the remote data table. Total Drops: Total number of times the complete remote data received was not inserted due to insufficient resources. Total Ageouts: Total number of times a complete remote data entry was deleted because the Time to Live interval expired. The table contains the following column headings: Interface: Shows the interface in slot/port format. Transmit Total: Total number of LLDP packets transmitted on the port.
7.12.1.5 show lldp remote-device detail This command uses to display detailed information about remote devices that transmit current LLDP data to an interface on the system. Syntax show lldp remote-device detail - Displays a specific interface. Default Setting None Command Mode Privileged Exec Display Message Local Interface: Identifies the interface that received the LLDPDU from the remote device.
Syntax show lldp local-device { | all} - Displays a specific interface. Default Setting None Command Mode Privileged Exec Display Message Interface: Identifies the interface in a slot/port format. Port ID: Shows the port ID associated with this interface. Port Description: Shows the port description associated with the interface. 7.12.1.7 show lldp local-device detail This command uses to display detailed information about the LLDP data a specific interface transmits.
Port Description: Describes the port in an alpha-numeric format. System Capabilities Supported: Indicates the primary function(s) of the device. System Capabilities Enabled: Shows which of the supported system capabilities are enabled. Management Address: Lists the type of address and the specific address the local LLDP agent uses to send and receive information. 7.12.1.
Command Mode Privileged Exec Display Message Interface: Specifies all the ports on which LLDP-MED can be configured. Link: Specifies the link status of the ports whether it is Up/Down. ConfigMED: Specifies the LLDP-MED mode is enabled or disabled on this interface. OperMED: Specifies the LLDP-MED TLVs are transmitted or not on this interface ConfigNotify: Specifies the LLDP-MED topology notification mode of the interface. TLVsTx: Specifies the LLDP-MED transmit TLV(s) that are included 7.12.1.
Firmware Rev: Specifies Firmware version. Software Rev: Specifies Software version. Serial Num: Specifies serial number. Mfg Name: Specifies manufacturers name. Model Name: Specifies model name. Asset ID: Specifies asset id. Location Specifies if location TLV is present in LLDP frames. Subtype: Specifies type of location information. Info: Specifies the location information as a string for given type of location id. Extended POE Specifies if local device is a PoE device.
Display Message Interface: Specifies the list of all the ports on which LLDP-MED is enabled. Remote ID: An internal identifier to the switch to mark each remote device to the system. Device Class: Specifies local device's MED Classification. There are four different kinds of devices, three of them represent the actual end points (classified as Class I Generic [IP Communication Controller etc.], Class II Media [Conference Bridge etc.], Class III Communication [IP Telephone etc.]).
DSCP: Specifies the DSCP associated with a particular policy type. Unknown: Specifies the unknown bit associated with a particular policy type. Tagged: Specifies the tagged bit associated with a particular policy type. Inventory Specifies if inventory TLV is received in LLDP frames on this port. Hardware Rev: Specifies hardware version of the remote device. Firmware Rev: Specifies Firmware version of the remote device. Software Rev: Specifies Software version of the remote device.
no lldp notification no - This command is used to disable notifications. Default Setting Disbaled Command Mode Interface Config 7.12.2.2 lldp notification-interval This command is used to configure how frequently the system sends remote data change notifications. The parameter is the number of seconds to wait between sending notifications. The valid interval range is 5-3600 seconds.
Default Setting Disabled Command Mode Interface Config 7.12.2.4 lldp transmit This command uses to enable the LLDP advertise capability. Syntax lldp transmit no lldp transmit no - This command is used to return the local data transmission capability to the default. Default Setting Disabled Command Mode Interface Config 7.12.2.5 lldp transmit-mgmt This command uses to include transmission of the local system management address information in the LLDPDUs.
7.12.2.6 lldp transmit-tlv This command is used to specify which optional type length values (TLVs) in the 802.1AB basic management set are transmitted in the LLDPDUs. Use sys-name to transmit the system name TLV. To configure the system name, please refer to “snmp-server” command. Use sys-descto transmit the system description TLV. Use sys-cap to transmit the system capabilities TLV. Use port-desc to transmit the port description TLV.
Default Setting Interval-seconds 30 Hold-value 4 Reinit-seconds 2 Command Mode Global Config 7.12.2.8 lldp tx-delay This command is used to set the timing parameters for data transmission delay on ports enabled for LLDP. The determines the number of seconds to wait between transmitting local data LLDPDUs. The range is 1-8192 seconds. Syntax lldp tx-delay no lldp tx-delay no - This command is used to return return the transmit delay to the default value.
7.12.2.10 lldp med confignotification The user can go to the CLI Interface Configuration Mode to set all the ports to send the topology change notification, use the lldp med confignotification Interface configuration command. Use the no lldp med confignotification to disable notifications. Syntax lldp med confignotification no lldp med confignotification Default Setting Disabled Command Mode Interface Config 7.12.2.
Interface Config 7.12.2.12 lldp med all The user can go to the CLI Global Configuration Mode to set LLDP-MED on all the ports, use the lldp med all Global configuration command. Use the no lldp med all to disable LLDP-MED on all the ports. Syntax lldp med all no lldp med all Default Setting Disabled Command Mode Global config 7.12.2.
Syntax lldp med faststartrepeatcount <1-10> no lldp med faststartrepeatcount Default Setting 3 Command Mode Global Config 7.12.2.15 lldp med transmit-tlv all The user can go to the CLI Global Configuration Mode to set Type Length Values (TLVs) in the LLDP-MED, use the lldp med transmit-tlv all [capabilities] [ex-pd] [ex-pse] [inventory][location] [network-policy]Global configuration command.
7.13 Denial Of Service Commands 7.13.1 Show Commands 7.13.1.1 show dos-control This command displays the Denial of Service configurations for the entire system. Syntax show dos-control Default Setting None Command Mode Privileged Exec Display Message TCP Fragment Mode: May be enabled or disabled. The factory default is disabled. Min TCP Hdr Size: The range is 0-255. The factory default is 20. ICMP Size Mode: May be enabled or disabled. The factory default is disabled.
7.13.2 Configuration Commands 7.13.2.1 dos-control sipdip This command enables Source IP Address = Destination IP Address (SIP=DIP) Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress with SIP=DIP, the packets will be dropped if the mode is enabled. Syntax dos-control sipdip no dos-control sipdip no - This command disables Source IP Address = Destination IP Address (SIP=DIP) Denial of Service prevention.
7.13.2.3 dos-control firstfrag This command enables IP First Fragment Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having IP First Fragment Offset equal to one (1), the packets will be dropped if the mode is enabled. Syntax dos-control firstfrag no dos-control firstfrag no - This command disabled IP First Fragment Denial of Service protection. Default Setting Disabled Command Mode Global Config 7.13.2.
7.13.2.5 dos-control l4port This command enables L4 Port Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having Source TCP/UDP Port Number equal to Destination TCP/UDP Port Number, the packets will be dropped if the mode is enabled. ! Some applications mirror source and destination L4 ports - RIP for example uses 520 for both.
7.13.2.7 dos-control udpport This command enables the UDP L4 source = destination port number (Source UDP Port = Destination UDP Port) Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress with Source UDP Port =Destination UDP Port, the packets will be dropped if the mode is enabled.
7.13.2.9 dos-control icmpv4 This command enables Maximum ICMPv4 Packet Size Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attack. If ICMPv4 Echo Request (PING) packets ingress having a size greater than the configured value, the packets will be dropped if the mode is enabled. Syntax dos-control icmpv4 [<0-16384>] no dos-control icmpv4 <0-16384> - This command sets maximum ICMPv4 packet size.
7.13.2.11 dos-control icmpfrag This command enables the ICMP Fragment Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress has fragmented ICMP packets, the packets will be dropped if the mode is enabled. Syntax dos-control icmpfrag no dos-control icmpfrag no - This command disables the ICMP Fragment Denial of Service protection. Default Setting Disabled Command Mode Global Config 7.13.2.
ingress having TCP FIN, URG, and PSH all set and TCP Sequence Number set to 0, the packets will be dropped if the mode is enabled. Syntax dos-control tcpfinurgpsh no dos-control tcpfinurgpsh no - This command disables the TCP FIN and URG and PSH and SEQ=0 checking Denial of Service protections. Default Setting Disabled Command Mode Global Config 7.13.2.14 dos-control tcpsyn This command enables the TCP SYN and L4 source = 0-1023 Denial of Service protection.
Syntax dos-control tcpsynfin no dos-control tcpsynfin no - This command disables the TCP SYN & FIN Denial of Service protection. Default Setting Disabled Command Mode Global Config 7.13.2.16 dos-control tcpoffset This command enables the TCP Fragment Offset Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having TCP Header Offset equal to one (1), the packets will be dropped if the mode is enabled.
Default Setting Disabled Command Mode Global Config 7.14 VTP (VLAN Trunking Protocol) Commands 7.14.1 Show Commands 7.14.1.1 show vtp counters This command displays the VTP packet statistics. Syntax show vtp counters Default Setting None Command Mode Privileged Exec Display Message Summary advertisements received: Number of summary advertisements received by this switch on its trunk ports. Subset advertisements received: Number of subset advertisements received by this switch on its trunk ports.
7.14.1.2 show vtp password This command displays the VTP domain password. Syntax show vtp password Default Setting None Command Mode Privileged Exec Display Message VTP Password: Displays the VTP domain password. 7.14.1.3 show vtp status This command displays the VTP domain status. Syntax show vtp status Default Setting None Command Mode Privileged Exec Display Message VTP Status: Indicates whether VTP is enabled or disabled. VTP Version: Displays the VTP version operating on the switch.
Configuration last modified: Displays the time stamp of the last configuration modification and the IP address of the switch that caused the configuration change to the database. Local updater ID: Displays the Local updater ID for the VTP domain status. 7.14.1.4 show vtp trunkport This command displays the VTP trunkport status. Syntax show vtp trunkport Default Setting None Command Mode Privileged Exec Display Message Port: Displays the interface number.
7.14.2.2 vtp domain This command uses to set VTP administrative domain name. Syntax vtp domain no vtp domain - Configures the string for domain name. (maximum length 32 bytes) no - This command resets the domain name to NULL. The system disables the VTP for its initialization. The maximum length of administrative domain name is 32 bytes. The system’s default administrative domain name is NULL. Default Setting None Command Mode Global Config 7.14.2.
Global Config 7.14.2.4 vtp version Use the no vtp version to reset the VTP version number to default value.. Syntax vtp version <1-2> no vtp version no - This command resets the VTP version to default value. Default Setting 1 Command Mode Global Config 7.14.2.5 vtp password This command uses to configure the VTP administrative domain password. Syntax vtp password no vtp password - Configures VTP administrative domain password.(Max.
7.14.2.6 vtp pruning This command uses to configure the adminstrative domain to permit pruning Syntax vtp pruning no vtp pruning no - This command resets the pruning mode to default value. Default Setting Disabled Command Mode Global Config 7.14.2.7 vtp trunkport This command uses to configure the adminstrative domain trunk port for all of interfaces. Syntax vtp trunkport all no vtp trunkport all no - This command resets the adminstrative domain trunk port to default value.
Default Setting Disabled Command Mode Interface Config 7.15 Protected Ports Commands 7.15.1 Show Commands 7.15.1.1 show switchport protected This command displays the status of all the interfaces, including protected and unprotected interfaces. Syntax show switchport protected {all|<0-2>} Default Setting None Command Mode Privileged Exec Display Message Name: An name of the protected port group. Member Ports: List of ports, which are configured as protected for the group identified with .
None Command Mode Privileged Exec Display Message Name: An name of the protected port group. Protected: Indicates whether the interface is protected or not. It shows TRUE or FALSE. If the group is a multiple groups then it shows TRUE in Group . 7.15.2 Configuration Commands 7.15.2.1 switchport protected This command used to modify a protected port group name. The parameter identifies the set of protected ports. Use the name pair to assign a name to the protected port group.
switchport protected <0-2> no switchport protected <0-2> no - This command uses to configure a port as unprotected. Default Setting None Command Mode Interface Config 7.16 Static MAC Filtering Commands 7.16.1 Show Commands 7.16.1.1 show mac-address-table static This command displays the Static MAC Filtering information for all Static MAC Filters. If you select , all the Static MAC Filters in the system are displayed.
7.16.2 Configuration Commands 7.16.2.1 macfilter This command adds a static MAC filter entry for the MAC address on the VLAN . The value of the parameter is a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6. The restricted MAC Addresses are: 00:00:00:00:00:00, 01:80:C2:00:00:00 to 01:80:C2:00:00:0F, 01:80:C2:00:00:20 to 01:80:C2:00:00:21, and FF:FF:FF:FF:FF:FF. The parameter must identify a valid VLAN. You can create up to 100 static MAC filters.
Interface Config 7.16.2.3 macfilter addsrc all This command adds all interfaces to the source filter set for the MAC filter with the MAC address of and . You must specify the parameter as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6. The parameter must identify a valid VLAN. Syntax macfilter addsrc all <1-3965> no macfilter addsrc all <1-3965> - Specified a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6.
7.17.1.2 clear traplog This command clears the trap log. Syntax clear traplog Default Setting None Command Mode Privileged Exec 7.17.1.3 clear eventlog This command is used to clear the event log, which contains error messages from the system. Syntax clear eventlog Default Setting None Command Mode Privileged Exec 7.17.1.4 clear logging buffered This command is used to clear the message log maintained by the switch. The message log contains system trace information.
Default Setting None Command Mode Privileged Exec 7.17.1.5 clear config This command resets the configuration to the factory defaults without powering off the switch. The switch is automatically reset when this command is processed. You are prompted to confirm that the reset should proceed. Syntax clear config Default Setting None Command Mode Privileged Exec 7.17.1.6 clear pass This command resets all user passwords to the factory defaults without powering off the switch.
7.17.1.7 clear counters This command clears the stats for a specified or for all the ports or for the entire switch based upon the argument. Syntax clear counters [ | all] - is the desired interface number. all - All interfaces. Default Setting None Command Mode Privileged Exec 7.17.1.8 clear dns This command sets the DNS configuration to default value.
Syntax clear cdp [traffic] traffic - this command is used to clear the CDP packet counters. Default Setting None Command Mode Privileged Exec 7.17.1.10 clear vlan This command resets VLAN configuration parameters to the factory defaults.
7.17.1.11 clear igmpsnooping This command clears the tables managed by the IGMP Snooping function and will attempt to delete these entries from the Multicast Forwarding Database. Syntax clear igmpsnooping Default Setting None Command Mode Privileged Exec 7.17.1.12 clear port-channel This command clears all port-channels (LAGs). Syntax clear port-channel Default Setting None Command Mode Privileged Exec 7.17.1.13 clear ip filter This command is used to clear all ip filter entries.
None Command Mode Privileged Exec 7.17.1.14 clear dot1x statistics This command resets the 802.1x statistics for the specified port or for all ports. Syntax clear dot1x statistics {all | } - is the desired interface number. all - All interfaces. Default Setting None Command Mode Privileged Exec 7.17.1.15 clear radius statistics This command is used to clear all RADIUS statistics.
7.17.1.16 clear domain-list This command is used to clear all entries domain names for incomplete host names. Syntax clear domain-list Default Setting None Command Mode Privileged Exec 7.17.1.17 clear hosts This command is used to clear all static host name-to-address mapping. Syntax clear hosts Default Setting None Command Mode Privileged Exec 7.17.1.
Default Setting None Command Mode Privileged Exec 7.17.1.19 clear ip arp-cache This command causes all ARP entries of type dynamic to be removed from the ARP cache. If the gateway keyword is specified, the dynamic entries of type gateway are purged as well. If interface keyword is specified, he dymanic entries of that interface on the ARP cache Table are purged. Syntax clear ip arp-cache [gateway | interface ] - Interface number.
7.17.1.21 clear lldp remote-data This command will use to delete all information from the LLDP remote data table. Syntax clear lldp remote-data Default Setting None Command Mode Privileged Exec 7.17.1.22 enable passwd This command changes Privileged EXEC password. Syntax enable passwd Default Setting None Command Mode Global Config. 7.17.1.23 enable passwd encrypted This command allows the administrator to transfer the enable password between devices without having to know the password.
Global Config. 7.17.1.24 clear ipv6 neighbors This command will use to clear all entries IPv6 neighbor table or an entry on a specific interface. Use the parameter to specify the interface. Syntax clear ipv6 neighbors [] - Specify the interface. Default Setting None Command Mode Privileged Exec 7.17.1.25 clear ipv6 statistics This command will use to clear IPv6 statistics for all interfaces or for a specific interface, including loopback and tunnel interfaces.
7.17.1.26 clear ipv6 dhcp This command will use to clear DHCPv6 statistics for all interfaces or for a specific interface. Use the parameter to specify the interface. Syntax clear ipv6 dhcp {statistics | interface statistics} - Specify the interface. Default Setting None Command Mode Privileged Exec 7.17.2 copy This command uploads and downloads to/from the switch. Local URLs can be specified using tftp or xmodem.
- xmodem, tftp://ipaddr/path/file or ftp://user:pass@ipaddr/path/file. errorlog - event Log file. log - message Log file. traplog - trap Log file. - Operation code file name.
Write running configuration file into flash Syntax copy running-config startup-config [filename] - name of the configuration file. Default Setting None Command Mode Privileged Exec This command upload or download the pre-login banner file Syntax copy clibanner copy clibanner no clibanner - xmodem, tftp://ipaddr/path/file or ftp://user:pass/ipaddr/path/file. no - Delete CLI banner. Default Setting None Command Mode Privileged Exec 7.17.
- name of the configuration or image file. Default Setting None Command Mode Privileged Exec 7.17.4 dir This command is used to display a list of files in Flash memory. Syntax dir [boot-rom | config | opcode [] ] - name of the configuration or image file. boot-rom - bootrom. config - configuration file. opcode - run time operation code. Default Setting None Command Mode Privileged Exec Display Message Column Heading date file name file type startup size 7.17.
Syntax whichboot Default Setting None Command Mode Privileged Exec 7.17.6 boot-system This command is used to specify the file or image used to start up the system. Syntax boot-system {boot-rom | config | opcode} - name of the configuration or image file. boot-rom - bootrom. config - configuration file. opcode - run time operation code. Default Setting None Command Mode Privileged Exec 7.17.7 ping 7.17.7.
Syntax ping count <0-20000000> [size <32-512>] ping size <32-512> [count <0-20000000>] < ipaddress|hostname> - a host name or an IP address. <0-20000000> - number of pings (Range: 0 - 20000000). Note that 0 means infinite. - packet size (Range: 32 - 512). Default Setting Count = 5 Size = 32 Command Mode Privileged Exec 7.17.7.2 ping ipv6 This command use to determine whether another computer is on the network.
7.17.7.3 ping ipv6 interface This command use to determine whether another computer is on the network. To use the command, configure the switch for network (in-band) connection. The source and target devices must have the ping utility enabled and running on top of TCP/IP. The switch can be pinged from any IP workstation with which the switch is connected through the default VLAN (VLAN 1), as long as there is a physical path between the switch and the workstation.
- Use maxTtle to specify the maximum TTL. Range is 1 to 255. - Use interval to specify the time between probes, in seconds. Range is 1 to 60 seconds. - Use the optional count parameter to specify the number of probes to send for each TTL value. Range is 1 to 10 probes. Default Setting None Command Mode Previledge Mode 7.17.8.
Syntax logging cli-command Default Setting None Command Mode Global Config 7.17.10 calendar set This command is used to set the system clock. Syntax calendar set <1-31> <1-12> <2000-2099> - hh in 24-hour format (Range: 0 - 23), mm (Range: 0 - 59), ss (Range: 0 - 59) <1-31> - Day of month. (Range: 1 - 31). <1-12> - Month. (Range: 1 - 12). <2000-2099> - Year (4-digit). (Range: 2000 - 2099). Default Setting None Command Mode Privileged Exec 7.17.
Default Setting None Command Mode Privileged Exec 7.17.12 configure This command is used to activate global configuration mode. Syntax configure Default Setting None Command Mode Privileged Exec 7.17.13 disconnect This command is used to close a telnet session. Syntax disconnect {<0-58> | all} <0-11> - telnet session ID. all - all telnet sessions.
7.17.14 hostname This command is used to set the prompt string. Syntax hostname - Prompt string. Default Setting Fortinet Command Mode Global Config 7.17.15 quit This command is used to exit a CLI session. Syntax quit Default Setting None Command Mode Privileged Exec 7.17.16 cablestatus This command returns the status of the specified port. Syntax cablestatus - Interface Number.
Default Setting None Command Mode Privileged Exec Display Message Cable Status: One of the following statuses is returned: Normal: The cable is working correctly. Open: The cable is disconnected or there is a faulty connector. Short: There is an electrical short in the cable. Cable Test Failed: The cable status could not be determined. The cable may in fact be working.
The hardware identifies all incoming DHCP packets on ports where DHCP snooping is enabled. DHCP snooping is enabled on a port if (a) DHCP snooping is enabled globally, and (b) the port is a member of a VLAN where DHCP snooping is enabled. On untrusted ports, the hardware traps all incoming DHCP packets to the CPU. On trusted ports, the hardware forwards client messages and copies server messages to the CPU so that DHCP snooping can learn the binding. 7.18.1 Show Commands 7.18.1.
Default Setting None Command Mode Privileged Exec Display Message MAC Address: Displays the MAC address for the binding that was added. The MAC address is the key to the binding database. IP Address: Displays the valid IP address for the binding rule. VLAN: The VLAN for the binding rule. Interface: The interface to add a binding into the DHCP snooping interface. Type: Binding type; statically configured from the CLI or dynamically learned. Lease (Secs): he remaining lease time for the entry. 7.18.1.
Default Setting None Command Mode Privileged Exec Display Message Interface: The IP address of the interface in slot/port format. MAC Verify Failures: Represents the number of DHCP messages that were filtered on an untrusted interface because of source MAC address and client HW address mismatch. Client Ifc Mismatch: Represents the number of DHCP release and Deny messages received on the different ports than learned previously.
no - This command disables the DHCP Snooping on VLANs. Default Setting Disabled Command Mode Global Config 7.18.2.3 ip dhcp snooping verify mac-address This command enables the verification of the source MAC address with the client hardware address in the received DCHP message. Syntax ip dhcp snooping verify mac-address no ip dhcp snooping verify mac-address no - This command disables the verification of the source MAC address with the client hardware address.
7.18.2.5 ip dhcp snooping database write-delay This command configures the interval in seconds at which the DHCP Snooping database will be persisted. The interval value ranges from 15 to 86400 seconds. Syntax ip dhcp snooping database write-delay no ip dhcp snooping database write-delay no - This command sets the write delay value to the default value. Default Setting 300 seconds Command Mode Global Config 7.18.2.
no - This command removes the DHCP static entry from the DHCP Snooping database. Default Setting None Command Mode Global Config 7.18.2.8 ip dhcp snooping limit This command controls the rate at which the DHCP Snooping messages come. The default rate is 15 pps with a range from 0 to 300 pps. The default burst level is 1 second with a range of 1 to 15 seconds.
Interface Config 7.18.2.10 ip dhcp snooping trust This command configures the port as trusted. Syntax ip dhcp snooping trust no ip dhcp snooping trust no - This command configures the port as untrusted. Default Setting Disabled Command Mode Interface Config 7.18.2.11 ip dhcp snooping information option This command ip dhcp snooping information option enables the DHCP L2 option mode on the system.
Syntax ip dhcp snooping information option allow-untrusted no ip dhcp snooping information option allow-untrusted no - This command disallows DHCP packet received form untrusted port with option 82 data. Default Setting Disabled Command Mode Global Config 7.19 IP Source Guard (IPSG) Commands IP Source Guard (IPSG) is a security feature that filters IP packets based on source ID. The source ID may be either the source IP address or a {source IP address, source MAC address} pair.
show ip verify [interface ] Default Setting None Command Mode Privileged Exec Display Message Interface: Interface address in slot/port format. Filter Type: Is one of two values: • ip-mac: User has configured MAC address filtering on this interface. • ip: Only IP address filtering on this interface. 7.19.1.2 show ip verify source This command displays the IPSG interface and binding configurations on all ports.
Syntax show ip source binding [{static/dhcp-snooping}] [interface ] [vlan id] Default Setting None Command Mode Privileged Exec Display Message MAC Address: The MAC address for the entry that is added. IP Address: The IP address of the entry that is added. Type: Entry type; statically configured from CLI or dynamically learned from DHCP Snooping. VLAN: VLAN for the entry. Interface: IP address of the interface in slot/port format. 7.19.2 Configuration Commands 7.19.2.
Syntax ip verify binding vlan interface no ip verify binding vlan interface no - This command removes the IPSG static entry from the IPSG database. Default Setting None Command Mode Global Config 7.20 Dynamic ARP Inspection (DAI) Command Dynamic ARP Inspection (DAI) is a security feature that rejects invalid and malicious ARP packets.
the single vlan argument and the command displays the statistics on that VLAN. If no argument is included, the command lists a summary of the forwarded and dropped ARP packets. Syntax show ip arp inspection statistics [vlan ] Default Setting None Command Mode Privileged Exec Display Message VLAN: The VLAN ID for each displayed row. Forwarded: The total number of valid ARP packets forwarded in this VLAN. Dropped: The total number of not valid ARP packets dropped in this VLAN.
Source MAC Validation: Displays whether Source MAC Validation of ARP frame is enabled or disabled. Destination MAC Validation: Displays whether Destination MAC Validation is enabled or disabled. IP Address Validation: Displays whether IP Address Validation is enabled or disabled. VLAN: The VLAN ID for each displayed row. Configuration: Displays whether DAI is enabled or disabled on the VLAN. Log Invalid: Displays whether logging of invalid ARP packets is enabled on the VLAN.
show arp access-list [acl-name] Default Setting None Command Mode Privileged Exec 7.20.2 Configuration Commands 7.20.2.1 ip arp inspection validate This command enables additional validation checks like source-mac validation, destination-mac validation, and ip address validation on the received ARP packets.
Command Mode Global Config 7.20.2.3 ip arp inspection vlan logging This command enables logging of invalid ARP packets on a list of comma-separated VLAN ranges. Syntax ip arp inspection vlan logging no ip arp inspection vlan logging no - This command disables logging of invalid ARP packets on a list of comma-separated VLAN ranges. Default Setting Disabled Command Mode Global Config 7.20.2.
7.20.2.5 ip arp inspection trust This command configures an interface as trusted for Dynamic ARP Inspection. Syntax ip arp inspection trust no ip arp inspection trust no - This command configures an interface as untrusted for Dynamic ARP Inspection. Default Setting Disabled Command Mode Interface Config 7.20.2.6 ip arp inspection limit This command configures the rate limit and burst interval values for an interface.
no - This command deletes a configured ARP ACL. Default Setting None Command Mode Global Config 7.20.2.8 permit ip host mac host This command configures a rule for a valid IP address and MAC address combination used in ARP packet validation. Syntax permit ip host mac host no permit ip host mac host no - This command deletes a rule for a valid IP and MAC combination. Default Setting None Command Mode ARP Access-list Config 7.20.2.
7.21 Differentiated Service Command This Switching Command function can only be used on the QoS software version. ! This chapter contains the CLI commands used for the QOS Differentiated Services (DiffServ) package. The user configures DiffServ in several stages by specifying: 1. Class − creating and deleting classes − defining match criteria for a class The only way to remove an individual match criterion from an existing class definition is to delete the class and re-create it. ! 2.
− 'all' within 'all' − no nested 'not' conditions − no nested 'acl' class types − each class contains at most one referenced class • hierarchical service policies not supported in a class definition • access list matched by reference only, and must be sole criterion in a class − that is, ACL rules copied as class match criteria at time of class creation, with class type 'any' − implicit ACL 'deny all' rule also copied − no nesting of class type 'acl' Regarding nested classes, referred to he
Syntax no diffserv Command Mode Global Config 7.21.2 Class Commands The 'class' command set is used in DiffServ to define: Traffic Classification specifies Behavior Aggregate (BA) based on DSCP, and Multi- Field (MF) classes of traffic (name, match criteria) Service Levels specifies the BA forwarding classes / service levels. Conceptually, DiffServ is a two-level hierarchy of classes: 1. Service/PHB, 2.
The CLI mode is changed to Class-Map Config or Ipv6-Class-Map Config when this command is successfully executed depending on the [{ipv4 | ipv6}] keyword specified. Command Mode Global Config 7.21.2.2 no class-map This command eliminates an existing DiffServ class. Syntax no class-map is the name of an existing DiffServ class. ! The class name 'default' is reserved and is not allowed here.
! The class name ‘default’ is reserved and must not be used here. Default Setting None Command Mode Global Config 7.21.2.4 match any This command adds to the specified class definition a match condition whereby all packets are considered to belong to the class. Syntax match any Default Setting None Command Mode Class-Map Config / Ipv6-Class-Map Config 7.21.2.5 match class-map This command adds to the specified class definition the set of match conditions defined for another class.
Restrictions The class types of both and must be identical (that is, any vs. any, or all vs. all). A class type of acl is not supported by this command. Cannot specify the same as (that is, self-referencing of class name not allowed). At most one other class may be referenced by a class. Any attempt to delete the class while still referenced by any shall fail.
Syntax match cos <0-7> Default Setting None Command Mode Class-Map Config 7.21.2.8 match destination-address mac This command adds to the specified class definition a match condition based on the destination MAC address of a packet. The
parameter is any layer 2 MAC address formatted as six, two-digit hexadecimal numbers separated by colons (e.g., 00:11:22:dd:ee:ff). specifies an IP address. specifies an IP address bit mask; note that although similar to a standard subnet mask, this bit mask need not be contiguous. Default Setting None Command Mode Class-Map Config 7.21.2.10 match dstl4port This command adds to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or numeric notation or a numeric range notation.
7.21.2.11 match ethertype This command adds to the specified class definition a match condition based on the value of the ethertype. The value is specified as one of the following keywords: appletalk, arp, ibmsna, ipv4, ipv6, ipx, mplsmcast, mplsucast, netbios, novell, pppoe, rarp or as a custom ethertype value in the range of 0x0600-0xFFFF. This command is not available on the Broadcom 5630x platform.
None Command Mode Class-Map Config / Ipv6-Class-Map Config 7.21.2.13 match ip precedence This command adds to the specified class definition a match condition based on the value of the IP Precedence field in a packet, which is defined as the high-order three bits of the Service Type octet in the IP header (the low-order five bits are not checked). The precedence value is an integer from 0 to 7.
The ip dscp, ip precedence, and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header, but with a slightly different user notation. i In essence, this the “free form” version of the IP DSCP/Precedence/TOS match specification in that the user has complete control of specifying which bits of the IP Service Type field are checked. Default Setting None Command Mode Class-Map Config 7.21.2.
i This command is not available on the Broadcom 5630x platform. Syntax match source-address mac
- Specifies any layer 2 MAC address. - Specifies a layer 2 MAC address bit mask. Default Setting None Command Mode Class-Map Config 7.21.2.17 match srcip This command adds to the specified class definition a match condition based on the source IP address of a packet. Syntax match srcip - specifies an IP address.Syntax match srcl4port { | <0-65535>} is one of the supported port name keywords (listed below). The currently supported values are: domain, echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, www. Each of these translates into its equivalent port number, which is used as both the start and end of a port range. To specify the match condition as a numeric value, one layer 4 port number is required. The port number is an integer from 0 to 65535.
7.21.2.20 match dstip6 This command adds to the specified class definition a match condition based on the destination IPv6 address of a packet. Syntax match dstip6 Default Setting None Command Mode IPv6-Class-Map Config 7.21.2.21 match srcip6 This command adds to the specified class definition a match condition based on the source IP address of a packet.
7.21.3 Policy Commands The 'policy' command set is used in DiffServ to define: Traffic Conditioning Specify traffic conditioning actions (policing, marking, shaping) to apply to traffic classes Service Provisioning Specify bandwidth and queue depth management requirements of service levels (EF, AF, etc.) The policy commands are used to associate a traffic class, which was defined by the class command set, with one or more QoS policy attributes.
7.21.3.1 assign-queue This command modifies the queue id to which the associated traffic stream is assigned. The queueid is an integer from 0 to n-1, where n is the number of egress queues supported by the device. Syntax assign-queue <0-7> <0-7> - Queue ID. Command Mode Policy-Class-Map Config Incompatibilities Drop 7.21.3.2 drop This command specifies that all packets for the associated traffic stream are to be dropped at ingress.
mirror - Interface Number. Default Setting None Command Mode Policy-Class-Map Config Incompatibilities Drop, Redirect 7.21.3.4 redirect This command specifies that all incoming packets for the associated traffic stream are redirected to a specific egress interface (physical port or port-channel). Syntax redirect Command Mode Policy-Class-Map Config Incompatibilities Drop, Mirror 7.21.3.
Command Mode Policy-Class-Map Config Incompatibilities Drop, Mirror 7.21.3.6 mark cos This command marks all packets for the associated traffic stream with the specified class of service value in the priority field of the 802.1p header. If the packet does not already contain this header, one is inserted. The CoS value is an integer from 0 to 7. Syntax mark cos <0-7> <0-7> - The range of COS value is 0 to 7.
7.21.3.8 no class This command deletes the instance of a particular class and its defined treatment from the specified policy. Syntax no class is the name of an existing DiffServ class. Note that this command removes the reference to the class definition for the specified policy. Command Mode Policy-Class-Map Config 7.21.3.9 mark ip-dscp This command marks all packets for the associated traffic stream with the specified IP DSCP value.
Syntax mark ip-precedence <0-7> Command Mode Policy-Class-Map Config Policy Type In Incompatibilities Drop, Mark (all forms) 7.21.3.11 police-simple This command is used to establish the traffic policing style for the specified class. The simple form of the police command uses a single data rate and burst size, resulting in two outcomes: conform and violate. The conforming data rate is specified in kilobits-per-second (Kbps) and is an integer from 1 to 4294967295.
- an priority value is required and is specified as an integer from 0-7. - is required and is specified as either an integer from 0 to 63, or symbolically through one of the following keywords: af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, be, cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, ef. - an IP Precedence value is required and is specified as an integer from 0-7.
Global Config Policy Type In 7.21.4 Service Commands The 'service' command set is used in DiffServ to define: Traffic Conditioning Assign a DiffServ traffic conditioning policy (as specified by the policy commands) to an interface in the incoming direction. Service Provisioning Assign a DiffServ service provisioning policy (as specified by the policy commands) to an interface in the outgoing direction The service commands attach a defined policy to a directional interface.
Command Mode Global Config (for all system interfaces) Interface Config (for a specific interface) Restrictions Only a single policy may be attached to a particular interface in a particular direction at any one time. 7.21.4.2 no service-policy This command detaches a policy from an interface in a particular direction. Syntax no service-policy in The command can be used in the Interface Config mode to detach a policy from a specific interface.
This information can be displayed in either summary or detailed formats. The status information is only shown when the DiffServ administrative mode is enabled; it is suppressed otherwise. There is also a 'show' command for general DiffServ information that is available at any time. 7.21.5.1 show class-map This command displays all configuration information for the specified class. Syntax show class-map [] is the name of an existing DiffServ class.
7.21.5.2 show diffserv This command displays the DiffServ General Status Group information, which includes the current administrative mode setting as well as the current and maximum number of rows in each of the main DiffServ private MIB tables. Syntax show diffserv Default Setting None Command Mode Privileged Exec User Exec Display Message DiffServ Admin mode: The current value of the DiffServ administrative mode.
Default Setting None Command Mode Privileged Exec Display Message DiffServ Admin Mode: The current setting of the DiffServ administrative mode. An attached policy is only in effect on an interface while DiffServ is in an enabled mode. Interface: The slot number and port number of the interface (slot/port). Direction: The traffic direction of this interface service. Operational Status: The current operational status of this DiffServ service interface.
7.21.5.5 show policy-map This command displays all configuration information for the specified policy. Syntax show policy-map [] - is the name of an existing DiffServ policy. Default Setting None Command Mode Privileged Exec Display Message Policy Name: The name of this policy. Policy Type: The policy type, namely whether it is an inbound or outbound policy definition.
Non-Conform Action: The current setting for the action taken on a packet considered to not conform to the policing parameters. This is not displayed if policing not in use for the class under this policy. Non-Conform DSCP Value: This field displays the DSCP mark value if this action is markdscp. Non-Conform IP Precedence Value: This field displays the IP Precedence mark value if this action is markprec. Assign Queue: Directs traffic stream to the specified QoS queue.
The following information is repeated for each class instance within this policy: Class Name: The name of this class instance. In Offered Packets: A count of the packets offered to this class instance before the defined DiffServ treatment is applied. Only displayed for the 'in' direction. In Discarded Packets: A count of the packets discarded for this class instance for any reason due to DiffServ treatment of the traffic class. Only displayed for the 'in' direction.
7.22 ACL Command 7.22.1 Show Commands 7.22.1.1 show mac access-lists name This command displays a MAC access list and all of the rules that are defined for the ACL. The parameter is used to identify a specific MAC ACL to display. Syntax show mac access-lists - ACL name which uniquely identifies the MAC ACL to display. Default Setting None Command Mode Privileged Exec Display Message MAC ACL Name: The name of the MAC ACL rule.
show mac access-lists Default Setting None Command Mode Privileged Exec Display Message Current number of all ACLs: The number of user-configured rules defined for this ACL. Maximum number of all ACLs: The maximum number of ACL rules. MAC ACL Name: The name of the MAC ACL rule. Rules: The number of rule in this ACL. Direction: Denotes the direction in which this MAC ACL is attached to the set of interfaces listed. The value is Inbound.
Rule: This displays the number identifier for each rule that is defined for the ACL. Action: This displays the action associated with each rule. The possible values are Permit or Deny. Match ALL: Match all packets or not. Protocol: This displays the protocol to filter for this rule. Source IP Address: This displays the source IP address for this rule. Source IP Mask: This field displays the source IP Mask for this rule. Source L4 Port Keyword: This field displays the source port for this rule.
Sequence Number: An optional sequence number may be specified to indicate the order of this access list relative to other access lists already assigned to this interface and direction. A lower number indicates higher precedence order. If a sequence number is already in use for this interface and direction, the specified access list replaces the currently attached access list using that sequence number.
Default Setting None Command Mode Global Config 7.22.2.3 mac access-group in This command attaches a specific MAC Access Control List (ACL) identified by to an interface, or associates it with a VLAN ID, in a given direction. The parameter must be the name of an exsiting MAC ACL. An optional sequence number may be specified to indicate the order of this access list relative to other access lists already assigned to this interface and direction.
A rule may either deny or permit traffic according to the specified classification fields. At a minimum, the source and destination MAC value and mask pairs must be specified, each of which may be substituted using the keyword any to indicate a match on any value in that field. The bpdu keyword may be specified for the destination MAC value/mask pair indicating a well-known BPDU MAC value of 01-80-c2-xx-xx-xx (hex), where 'xx' indicates a don't care. The remaining command parameters are all optional.
permit or deny - The ACL rule is created with two options. The protocol to filter for an ACL rule is specified by giving the protocol to be used like icmp ,igmp ,ip ,tcp, udp. The command specifies a source ip address and source mask for match condition of the ACL rule specified by the srcip and srcmask parameters. The source layer 4 port match condition for the ACL rule is specified by the port key parameter.
This command specified in 'Interface Config' mode only affects a single interface, whereas the 'Global Config' mode setting is applied to all interfaces. The VLAN keyword is only valid in the 'Global Config' mode. Syntax ip access-group {<1- 199> | } [vlan ] in [<1-4294967295>] no ip access-group {<1-199> | } [vlan ] in <1- 199> The identifier of this ACL. The name of this ACL. The associated VLAN ID of this ACL.
None Command Mode Global Config 7.22.2.9 ip access-list rename Use this command to change the name of an IP Access Control List (ACL). The parameter is the names of an existing IP ACL. The parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IP access list. Syntax ip access-list rename Default Setting None Command Mode Global Config 7.23 IPv6 ACL Command 7.23.1 Show Commands 7.23.1.
User EXEC Display Message Rule Number: The ordered rule number identifier defined within the IPv6 ACL. Action: The action associated with each rule. The possible values are Permit or Deny. Match All: Indicates whether this access list applies to every packet. Possible values are True or False. Protocol: The protocol to filter for this rule. Source IP Address: The source IP address for this rule. Source L4 Port Keyword: The source port for this rule.
Default Setting None Command Mode Global Config 7.23.2.2 ipv6 access-list rename This command changes the name of an IPv6 ACL. The parameter is the name of an existing IPv6 ACL. The parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access list. This command fails is an IPv6 ACL by the name already exists. Syntax ipv6 access-list rename - current Access Control List name.
The assign-queue parameter allows specification of a particular hardware queue for handling traffic that matches this rule. The allowed value is 0-(n-1), where n is the number of user configurable queues available for the hardware platform. The assign-queue parameter is valid only for a permit rule.
Command Mode Global Config Interface Config 7.24 CoS (Class of Service) Command 7.24.1 Show Commands 7.24.1.1 show queue cos-map This command displays the current Dot1p (802.1p) priority mapping to internal traffic classes for a specific interface. The slot/port parameter is optional and is only valid on platforms that support independent per-port class of service mappings. If specified, the 802.1p mapping table of the interface is displayed.
7.24.1.2 show queue ip-dscp-mapping This command maps an IP DSCP value to an internal traffic class. The value is specified as either an integer from 0 to 63, or symbolically through one of the following keywords: af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, be, cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, ef. The values can range from 0-6, although the actual number of available traffic classes depends on the platform.
Non-IP Traffic Class: The traffic class used for non-IP traffic. This is only displayed when the COS trust mode is set to either 'trust ip-dscp' or 'trust ip-precedence'. Untrusted Traffic Class: The traffic class used for all untrusted traffic. This is only displayed when the COS trust mode is set to 'untrusted'. 7.24.1.4 show queue cos-queue This command displays the class-of-service queue configuration for the specified interface.
7.24.2 Configuration Commands 7.24.2.1 queue cos-map This command maps an 802.1p priority to an internal traffic class on a "per-port" basis. Syntax queue cos-map <0-7> <0-7> no queue cos-map < 0-7 > - The range of queue priority is 0 to 7. < 0-7 > - The range of mapped traffic class is 0 to 7. no - Reset to the default mapping of the queue priority and the mapped traffic class. Default Setting None Command Mode Interface Config. This command maps an 802.
Syntax queue trust {dot1p | ip-dscp | untrusted } all no queue trust all no - This command sets the class of service trust mode to untrusted for all interfaces. Default Setting None Command Mode Global Config. 7.24.2.3 queue cos-queue min-bandwidth This command specifies the minimum transmission bandwidth guarantee for each interface queue.
… - Each Valid range is (0 to 100) in increments of 5 and the total sum is less than or equal to 100. no - This command restores the default for each queue's minimum bandwidth value in the device. Default Setting None Command Mode Global Config. 7.24.2.4 queue cos-queue strict This command activates the strict priority scheduler mode for each specified queue on a "per-port" basis.
7.24.2.5 queue cos-queue traffic-shape This command specifies the maximum transmission bandwidth limit for the interface as a whole. Also known as rate shaping, this has the effect of smoothing temporary traffic bursts over time so that the transmitted traffic rate is bounded. Syntax queue cos-queue traffic-shape no queue cos-queue traffic-shape - Valid range is (0 to 100) in increments 5. no - This command restores the default shaping rate value.
7.25 Domain Name Server Relay Commands 7.25.1 Show Commands 7.25.1.1 show hosts This command displays the static host name-to-address mapping table. Syntax show hosts Default Setting None Command Mode Privileged Exec Display Message Domain Name List: Domain Name. IP Address: IPv4 or IPv6 address of the Host. 7.25.1.2 show dns This command displays the configuration of the DNS server.
Response: Number of the DNS response packets been received. 7.25.1.3 show dns cache This command displays all entries in the DNS cache table. Syntax show dns cache Default Setting None Command Mode Privileged Exec Display Message Domain Name List: Domain Name IP Address: IP address of the corresponding domain name, including IPv4 and IPv6. TTL: Time in seconds that this entry will remain in the DNS cache table Flag: Indicates if this entry is reliable. A value of 8 is not as reliable as a value of 10.
None Command Mode Global Config 7.25.2.2 clear hosts This command clears the entire static host name-to-address mapping table. Syntax clear hosts Default Setting None Command Mode Privileged Exec 7.25.2.3 ip domain-name This command defines the default domain name to be appended to incomplete host names (i.e., host names passed from a client are not formatted with dotted notation).
7.25.2.4 ip domain-list This command defines the domain name that can be appended to incomplete host names (i.e., host names passed from a client are not formatted with dotted notation). The domain name table can contain maximum 6 entries. Syntax ip domain-list no ip domain-list - Default domain name used to complete unqualified host names. Do not include the initial period that separates an unqualified name from the domain name.
Global Config 7.25.2.6 ip domain-lookup This command enables the IP Domain Naming System (DNS)-based host name-to-address translation. Syntax ip domain-lookup no ip domain-lookup - This command disables the IP Domain Naming System (DNS)-based host name-to-address translation. Default Setting None Command Mode Global Config 7.25.2.7 clear domain-list This command clears all entries in the domain name list table. Syntax clear domain-list Default Setting None Command Mode Privileged Exec 7.25.2.
Default Setting None Command Mode Privileged Exec 7.25.2.9 clear dns cache This command clears all entries in the DNS cache table. Syntax clear dns cache Default Setting None Command Mode Privileged Exec 7.25.2.10 clear dns counter This command clears the statistics of all entries in the DNS cache table.
8. Routing Commands 8.1 Address Resolution Protocol (ARP) Commands 8.1.1 Show Commands 8.1.1.1 show ip arp le This command displays the Address Resolution Protocol (ARP) cache. Syntax show ip arp Default Setting None Command Mode Privileged Exec Display Message Age Time: Is the time it takes for an ARP entry to age out. This value was configured into the unit. Age time is measured in seconds. Response Time: Is the time it takes for an ARP request timeout. This value was configured into the unit.
Type: Is the type that was configured into the unit. The possible values are Local, Gateway, Dynamic and Static. Age: This field displays the current age of the ARP entry since last refresh (in hh:mm:ss format). 8.1.1.2 show ip arp brief This command displays the brief Address Resolution Protocol (ARP) table information. Syntax show ip arp brief Default Setting None Command Mode Privileged Exec Display Message Age Time: Is the time it takes for an ARP entry to age out.
None Command Mode Privileged Exec Display Message IP address: Is the IP address of a device on a subnet attached to an existing routing interface. MAC address: Is the MAC address for that device. 8.1.2 Configuration Commands 8.1.2.1 arp This command creates an ARP entry. The value for is the IP address of a device on a subnet attached to an existing routing interface. The value for is a unicast MAC address for that device.
no - This command disables proxy ARP on a router interface. Default Setting Enabled Command Mode Interface Config 8.1.2.3 ip local-proxy-arp This command enables or disables Local Proxy ARP on an interface. Syntax ip local-proxy-arp no ip local-proxy-arp no - This command disables Local Proxy ARP on a router interface. Default Setting Disabled Command Mode Interface Config 8.1.2.4 arp cachesize This command configures the maximum number of entries in the ARP cache.
8.1.2.5 arp dynamicrenew This command enables ARP component to automatically renew ARP entries of type dynamic when they age out. Syntax arp dynamicrenew no arp dynamicrenew no - This command disables ARP component from automatically renewing ARP entries of type dynamic when they age out. Default Setting Disabled Command Mode Global Config 8.1.2.6 arp purge This command causes the specified IP address to be removed from the ARP table.
arp resptime <1-10> no arp resptime <1-10> - The range of default response time is 1 to 10 seconds. no - This command configures the default response timeout time. Default Setting The default response time is 1. Command Mode Global Config 8.1.2.8 arp retries This command configures the ARP count of maximum request for retries. Syntax arp retries <0-10> no arp retries <0-10> - The range of maximum request for retries is 0 to 10.
Default Setting The default value is 1200. Command Mode Global Config 8.1.2.10 clear ip arp-cache This command causes all ARP entries of type dynamic to be removed form the ARP cache. If the [gateway] parameter is specified, the dynamic entries of type gateway are purged as well. Syntax clear ip arp-cache [gateway | interface ] Default Setting None Command Mode Privileged Exec 8.2 IP Routing Commands 8.2.1 Show Commands 8.2.1.
Default Time to Live: The computed TTL (Time to Live) of forwarding a packet from the local router to the final destination. Routing Mode: Show whether the routing mode is enabled or disabled. IP Forwarding Mode: Disable or enable the forwarding of IP frames. Maximum Next Hops: The maximum number of hops supported by this switch. 8.2.1.2 show ip interface port This command displays all pertinent information about the IP interfaces.
8.2.1.3 show ip interface brief This command displays summary information about IP configuration settings for all ports in the router. Syntax show ip interface brief Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: Valid slot, and port number separated by forward slashes. IP Address: The IP address of the routing interface. IP Mask: The IP mask of the routing interface. Netdir Bcast: Indicates if IP forwards net-directed broadcasts on this interface.
None Command Mode Privileged Exec Display Message Route Codes: Displays the key for the routing protocol codes that might appear in the routing table output. The command displays the routing tables in the following format: Code IP-Address/Mask [Preference/Metric] via Next-Hop, Interface Code: The codes for the routing protocols that created the routes. IP-Address/Mask: The IP-Address and mask of the destination network corresponding to this route.
Next Hop IP Address: The outgoing router IP address to use when forwarding traffic to the next router (if any) in the path toward the destination. 8.2.1.6 show ip route entry This command displays the router route entry information. Syntax show ip route entry - Is a valid network address identifying the network on the specified interface.
None Command Mode Privileged Exec Display Message Route Codes: Displays the key for the routing protocol codes that might appear in the routing table output. The command displays the routing tables in the following format: Code IP-Address/Mask [Preference/Metric] via Next-Hop, Interface Code: The codes for the routing protocols that created the routes. IP-Address/Mask: The IP-Address and mask of the destination network corresponding to this route.
IP-Address/Mask: The IP-Address and mask of the destination network corresponding to this route. Preference: The administrative distance associated with this route. Routes with low values are preferred over routes with higher values. Metric: The cost associated with this route. via Next-Hop: The outgoing router IP address to use when forwarding traffic to the next router (if any) in the path toward the destination.
Syntax show ip route static [all] Default Setting None Command Mode Privileged Exec Display Message Route Codes: Displays the key for the routing protocol codes that might appear in the routing table output. The command displays the routing tables in the following format: Code IP-Address/Mask [Preference/Metric] via Next-Hop, Interface Code: The codes for the routing protocols that created the routes. IP-Address/Mask: The IP-Address and mask of the destination network corresponding to this route.
Connected Routes: The total number of connected routes in the routing table. Static Routes: Total number of static routes in the routing table. RIP Routes: Total number of routes installed by RIP protocol. OSPF Routes: Total number of routes installed by OSPF protocol. Total Routes: Total number of routes in the routing table. 8.2.1.12 show ip route precedence This command displays detailed information about the route preferences. Route preferences are used in determining the best route.
no routing no - Disable routing for an interface. Default Setting Disabled Command Mode Interface Config 8.2.2.2 ip routing This command enables the IP Router Admin Mode for the master switch. Syntax ip routing no ip routing no - Disable the IP Router Admin Mode for the master switch. Default Setting Disabled Command Mode Global Config 8.2.2.3 ip address This command configures an IP address on an interface. The IP address may be a secondary IP address.
Default Setting None Command Mode Interface Config 8.2.2.4 ip route This command configures a static route. Syntax ip route [ [<1-255 >] ] no ip route [ { | <1-255 > } ] - A valid IP address . - A valid subnet mask. - IP address of the next hop router. <1-255> - The precedence value of this route. The range is 1 to 255. no - delete all next hops to a destination static route.
None Command Mode Global Config 8.2.2.6 ip route precedence This command sets the default precedence for static routes. Lower route preference values are preferred when determining the best route. The "ip route" and "ip default-next-hop" commands allow you to optionally set the precedence of an individual static route. The default precedence is used when no precedence is specified in these commands.
Interface Config 8.2.2.8 encapsulation This command configures the link layer encapsulation type for the packet. Syntax encapsulation {ethernet | snap} ethernet - The link layer encapsulation type is ethernet. snap - The link layer encapsulation type is SNAP. Default Setting The default value is ethernet. Command Mode Interface Config Restrictions Routed frames are always Ethernet encapsulated when a frame is routed to a VLAN. 8.3 Open Shortest Path First (OSPF) Commands 8.3.1 Show Commands 8.3.
! Some of the information below displays only if you enable OSPF and configure certain features. Router ID : A 32-bit integer in dotted decimal format identifying the router, about which information is displayed. This is a configured value. OSPF Admin Mode : Shows whether the administrative mode of OSPF in the router is enabled or disabled. This is a configured value. ASBR Mode : Indicates whether the ASBR mode is enabled or disabled. Enable implies that the router is an autonomous system border router.
AS_OPAQUE LSA Checksum: Shows the sum of the LS Checksums of AS Opaque LSAs contained in the link-state database. New LSAs Originated: The number of new link-state advertisements that have been originated. LSAs Received: The number of link-state advertisements received determined to be new instantiations. LSA Count: The total number of link state advertisements currently in the link state database. Maximum Number of LSAs: The maximum number of LSAs that OSPF can store.
Syntax show ip ospf abr Default Setting None Command Mode Privileged Eexc User Exec Display Messages Type: The type of the route to the destination. It can be either: • intra — Intra-area route • inter — Inter-area route Router ID: Router ID of the destination. Cost: Cost of using this route. Area ID: The area ID of the area from which this route is learned. Next Hop: Next hop toward the destination. Next Hop Intf: The outgoing router interface to use when forwarding traffic to the next hop. 8.3.1.
Area Border Router Count: The total number of area border routers reachable within this area. Area LSA Count: Total number of link-state advertisements in this area's link-state database, excluding AS External LSA’s. Area LSA Checksum: A number representing the Area LSA Checksum for the specified AreaID excluding the external (LS type 5) link-state advertisements. Import Summary LSAs: Shows whether to import summary LSAs. OSPF Stub Metric Value: The metric value of the stub area.
8.3.1.4 show ip ospf asbr This command displays the internal OSPF routing table entries to Autonomous System Boundary Routers (ASBR). This command takes no options. Syntax show ip ospf asbr Default Setting None Command Mode Privileged Exec User Exec Display Messages Type: The type of the route to the destination. It can be one of the following values: • intra — Intra-area route • inter — Inter-area route Router ID: Router ID of the destination. Cost: Cost of using this route.
nssa-external - Use nssa-external to display NSSA external LSAs. opaque-area - Use opaque-area to display area opaque LSAs. opaque-as - Use opaque-as to display AS opaque LSAs. opaque-link - Use opaque-link to display link opaque LSAs. router - Use router to display router LSAs. summary - Use summary to show the LSA database summary information. Lsid - Use to specify the link state ID (LSID). The value of can be an IP address or an integer in the range of 0-4294967295.
None Command Mode Privileged Exec User Exec Display Messages Router: Total number of router LSAs in the OSPF link state database. Network: Total number of network LSAs in the OSPF link state database. Summary Net: Total number of summary network LSAs in the database. Summary ASBR: Number of summary ASBR LSAs in the database. Type-7 Ext: Total number of Type-7 external LSAs in the database. Self-Originated Type-7: Total number of self originated AS external LSAs in the OSPFv3 link state database.
Retransmit Interval: A number representing the OSPF Retransmit Interval for the specified interface. Hello Interval: A number representing the OSPF Hello Interval for the specified interface. Dead Interval: A number representing the OSPF Dead Interval for the specified interface. LSA Ack Interval: A number representing the OSPF LSA Acknowledgment Interval for the specified interface. Transit Delay Interval: A number representing the OSPF Transit Delay for the specified interface.
Interface: Valid slot and port number separated by a forward slash. OSPF Admin Mode: States whether OSPF is enabled or disabled on a router interface. OSPF Area ID: The OSPF Area Id for the specified interface. Router Priority: A number representing the OSPF Priority for the specified interface. Hello Interval: A number representing the OSPF Hello Interval for the specified interface. Dead Interval: A number representing the OSPF Dead Interval for the specified interface.
Neighbor Events: The number of times this neighbor relationship has changed state, or an error has occurred. External LSA Count: The number of external (LS type 5) link-state advertisements in the link-state database. Sent Packets: The number of OSPF packets transmitted on the interface. Received Packets: The number of valid OSPF packets received on the interface. Discards: Discards The number of received OSPF packets discarded because of an error in the packet or an error in processing the packet.
show ip ospf neighbor [interface ] [] Default Setting None Command Mode Privileged Exec User Exec Display Messages If you do not specify an IP address, a table with the following columns displays for all neighbors or the neighbor associated with the interface that you specify: Router ID: The 4-digit dotted-decimal number of the neighbor router. Priority: The OSPF priority for the specified interface. The priority of an interface is a priority integer from 0 to 255.
Options: An integer value that indicates the optional OSPF capabilities supported by the neighbor. The neighbor's optional OSPF capabilities are also listed in its Hello packets. This enables received Hello Packets to be rejected (i.e., neighbor relationships will not even start to form) if there is a mismatch in certain crucial OSPF capabilities. Router Priority: The OSPF priority for the specified interface. The priority of an interface is a priority integer from 0 to 255.
8.3.1.12 show ip ospf statistics This command displays information about recent Shortest Path First (SPF) calculations. The SPF is the OSPF routing table calculation. The output lists the number of times the SPF has run for each OSPF area. A table follows this information. For each of the 15 most recent SPF runs, the table lists how long ago the SPF ran, how long the SPF took, and the reasons why the SPF was scheduled.
Display Messages Area ID: A 32-bit identifier for the created stub area. Type of Service: The type of service associated with the stub metric. only supports Normal TOS. Metric Val: The metric value is applied based on the TOS. It defaults to the least metric of the type of service among the interfaces to other areas. The OSPF cost for a route is a function of the metric value. Import Summary LSA: Controls the import of summary LSAs into stub areas. 8.3.1.
Syntax show ip ospf virtual-link brief Default Setting None Command Mode Privileged Exec User Exec Display Messages Area ID: The area id of the requested OSPF area. Neighbor: The neighbor interface of the OSPF virtual interface. Hello Interval: The configured hello interval for the OSPF virtual interface. Dead Interval: The configured dead interval for the OSPF virtual interface. Retransmit Interval: The configured retransmit interval for the OSPF virtual interface.
Syntax enable no enable Default Setting Enabled Command Mode Router OSPF Config Mode 8.3.2.3 network area Use network area command to enable OSPFv2 on an interface and set its area ID if the IP address of an interface is covered by this network command.
Interface Config 8.3.2.5 1583compatibility 1583 compatibility mode is enabled by default. If all OSPF routers in the routing domain are capable of operating according to RFC 2328, OSPF 1583 compatibility mode should be disabled. 1583compatibility command enables OSPF 1583 compatibility. no 1583compatibility command disables OSPF 1583 compatibility Syntax 1583compatibility no 1583compatibility Default Setting Enabled Command Mode Router OSPF Config Mode 8.3.2.
area nssa no area nssa Default Setting None Command Mode Router OSPF Config Mode 8.3.2.8 area nssa default-info-originate area nssa default-info-originate command configures the metric value and type for the default route advertised into the NSSA. The optional metric parameter specifies the metric of the default route and is to be in a range of 1-16777214. If no metric is specified, the default value is ****.
8.3.2.10 area nssa no-summary area nssa no-summary command configures the NSSA so that summary LSAs are not advertised into the NSSA. no area nssa no-summary command disables nssa from the summary LSAs Syntax area nssa no-summary no area nssa no-summary Default Setting None Command Mode Router OSPF Config Mode 8.3.2.11 area nssa translator-role area nssa translator-role command configures the translator role of the NSSA.
Syntax area nssa translator-stab-intv no area nssa translator-stab-intv Default Setting None Command Mode Router OSPF Config Mode 8.3.2.13 area range area range command creates a specified area range for a specified NSSA. The is a valid IP address. The is a valid subnet mask. The LSDB type must be specified by either summarylink or nssaexternallink, and the advertising of the area range can be allowed or suppressed.
Command Mode Router OSPF Config Mode 8.3.2.15 area stub no-summary area stub no-summary command configures the Summary LSA mode for the stub area identified by . Use this command to prevent LSA Summaries from being sent. no area stub no-summary command configures the default Summary LSA mode for the stub area identified by . Syntax area stub no-summary no area stub no-summary Default Setting Disabled Command Mode Router OSPF Config Mode 8.3.2.
be 8 bytes or less if the authentication type is simple. If the type is encrypt, the key may be up to 16 bytes. Unauthenticated interfaces do not need an authentication key. If the type is encrypt, a key id in the range of 0 and 255 must be specified.The default value for authentication type is none. Neither the default password key nor the default key id are configured.
Syntax area virtual-link hello-interval <1-65535> no area virtual-link hello-interval Default Setting 10 Command Mode Router OSPF Config Mode 8.3.2.20 area virtual-link retransmit-interval area virtual-link retransmit-interval command configures the retransmit interval for the OSPF virtual interface on the virtual interface identified by and . The parameter is the Router ID of the neighbor. The range for seconds is 0 to 3600..
Router OSPF Config Mode 8.3.2.22 auto-cost By default, OSPF computes the link cost of each interface from the interface bandwidth. Faster links have lower metrics,making them more attractive in route selection. The configuration parameters in the auto-cost reference bandwidth and bandwidth commands give you control over the default link cost. You can configure for OSPF an interface bandwidth that is independent of the actual link speed.
Interface Config 8.3.2.24 capability opaque Use capability opaque command to enable Opaque Capability on the Router. The information contained in Opaque LSAs may be used directly by OSPF or indirectly by an application wishing to distribute information throughout the OSPF domain. Supports the storing and flooding of Opaque LSAs of different scopes.
Default Setting None Command Mode Privileged Exec 8.3.2.27 clear ip ospf counters Use this command to reset global and interface statistics Syntax clear ip ospf counters Default Setting None Command Mode Privileged Exec 8.3.2.28 clear ip ospf neighbor Use this command to drop the adjacency with all OSPF neighbors. On each neighbor’s interface, send a one-way hello.Adjacencies may then be re-established.
Syntax clear ip ospf neighbor interface [slot/port] [neighbor-id] Default Setting None Command Mode Privileged Exec 8.3.2.30 clear ip ospf redistribution Use this command to flush all self-originated external LSAs. Reapply the redistribution configuration and re-originate prefixes as necessary. Syntax clear ip ospf redistribution Default Setting None Command Mode Privileged Exec 8.3.2.
8.3.2.32 default-metric default-metric command is used to set a default for the metric of distributed routes. no default-metric command is used to set a default for the metric of distributed routes. Syntax default-metric <1-16777214> no default-metric Default Setting None Command Mode Router OSPF Config Mode 8.3.2.33 distance ospf distance ospf command sets the route preference value of OSPF in the router. Lower route preference values are preferred when determining the best route.
Syntax distribute-list <1-199> out {rip | bgp | static | connected} no distribute-list <1-199> out {rip | bgp | static | connected} Default Setting None Command Mode Router OSPF Config Mode 8.3.2.35 exit-overflow-interval exit-overflow-interval command configures the exit overflow interval for OSPF. It describes the number of seconds after entering overflow state that a router will wait before attempting to leave the overflow state. This allows the router to again originate non-default AS-external-LSAs.
Default Setting -1 Command Mode Router OSPF Config Mode 8.3.2.37 ip ospf authentication ip ospf authentication command sets the OSPF Authentication Type and Key for the specified interface. The value of is either none, simple or encrypt. The is composed of standard displayable, non-control keystrokes from a Standard 101/102-key keyboard. The authentication key must be 8 bytes or less if the authentication type is simple. If the type is encrypt, the key may be up to 16 bytes.
8.3.2.39 ip ospf dead-interval ip ospf dead-interval command sets the OSPF dead interval for the specified interface. The value for is a valid positive integer, which represents the length of time in seconds that a router's Hello packets have not been seen before its neighbor routers declare that the router is down. The value for the length of time must be the same for all routers attached to a common network. This value should be some multiple of the Hello Interval (i.e. 4).
point-to-point network. For point-to-point networks, OSPF does not elect a designated router or generate a network link state advertisement (LSA). Both endpoints of the link must be configured to operate in point-to-point mode.. no ip ospf network command to return the OSPF network type to the default. Syntax ip ospf network {broadcast|point-to-point} no ip ospf network Default Setting Broadcast Command Mode Interface Config 8.3.2.
ip ospf retransmit-interval <0-3600> no ip ospf retransmit-interval Default Setting 5 Command Mode Interface Config 8.3.2.44 ip ospf transmit-delay ip ospf transmit-delay command sets the OSPF Transit Delay for the specified interface. The transmit delay is specified in seconds. In addition, it sets the estimated number of seconds it takes to transmit a link state update packet over this interface. Valid values for range from 1 to 3600 (1 hour).
Interface Config 8.3.2.46 router-id router-id command sets a 4-digit dotted-decimal number uniquely identifying the router ospf id. The is a configured value. Syntax router-id Default Setting None Command Mode Router OSPF Config Mode 8.3.2.47 redistribute redistribute command configures OSPF protocol to allow redistribution of routes from the specified source protocol/routers.
8.3.2.48 maximum-paths maximum-paths command sets the number of paths that OSPF can report for a given destination where maxpaths is platform dependent. no maximum-paths command resets the number of paths that OSPF can report for a given destination back to its default value. Syntax maximum-paths no maximum-paths Default Setting 4 Command Mode Router OSPF Config Mode 8.3.2.
Default Setting Disabled Command Mode Router OSPF Config Mode 8.3.2.51 timers spf Use this command to configure the SPF delay time and hold time. The valid range for both parameters is 0-65535 seconds.. Syntax timers spf Default Setting delay-time—5 hold-time—10 Command Mode Router OSPF Config Mode 8.4 BOOTP/DHCP Relay Commands 8.4.1 Show Commands 8.4.1.1 show bootpdhcprelay This command displays the BootP/DHCP Relay information.
User Exec Display Message Maximum Hop Count: Is the maximum allowable relay agent hops. Minimum Wait Time (Seconds) Is the minimum wait time. Admin Mode Represents whether relaying of requests is enabled or disabled. Server IP Address Is the IP Address for the BootP/DHCP Relay server. Circuit Id Option Mode Is the DHCP circuit Id option which may be enabled or disabled. Requests Received Is the number of requests received. Requests Relayed Is the number of requests relayed.
Command Mode Global Config 8.4.2.3 bootpdhcprelay maxhopcount This command configures the maximum allowable relay agent hops for BootP/DHCP Relay on the system. Syntax bootpdhcprelay maxhopcount <1-16> no bootpdhcprelay maxhopcount - The range of maximum hop count is 1 to 16. no - Set the maximum hop count to 4. Default Setting The default value is 4. Command Mode Global Config 8.4.2.
8.4.2.5 bootpdhcprelay serverip This command configures the server IP Address for BootP/DHCP Relay on the system. Syntax bootpdhcprelay serverip no bootpdhcprelay serverip - The IP address of the BootP/DHCP server. no - Clear the IP address of the BootP/DHCP server. Default Setting None Command Mode Global Config 8.5 Routing Information Protocol (RIP) Commands 8.5.1 Show Commands 8.5.1.1 show ip rip This command displays information relevant to the RIP router.
- a route will be included in updates sent to the router from which it was learned, but the metric will be set to infinity. The default is simple Auto Summary Mode: Select enable or disable from the pulldown menu. If you select enable groups of adjacent routes will be summarized into single entries, in order to reduce the total number of entries. The default is enabled. Host Routes Accept Mode: Select enable or disable from the pulldown menu. If you select enable the router will be accept host routes.
Authentication Key: 16 alpha-numeric characters for authentication key when uses simple or encrypt authentication. Authentication Key ID: It is a Key ID when uses MD5 encryption for RIP authentication. Default Metric: A number which represents the metric used for default routes in RIP updates originated on the specified interface. This is a configured value. The following information will be invalid if the link state is down.
Syntax enable no enable no - This command sets the administrative mode of RIP in the router to inactive. Default Setting Enabled Command Mode Router RIP Config 8.5.2.2 ip rip This command enables RIP on a router interface. Syntax ip rip no ip rip no - This command disables RIP on a router interface. Default Setting Disabled Command Mode Interface Config 8.5.2.3 auto-summary This command enables the RIP auto-summarization mode.
Disabled Command Mode Router RIP Config 8.5.2.4 default-information originate This command is used to set the advertisement of default routes. Syntax default-information originate no default-information originate no - This command is used to cancel the advertisement of default routes. Default Setting Not configured Command Mode Router RIP Config 8.5.2.5 default-metric This command is used to set a default for the metric of distributed routes.
8.5.2.6 distance rip This command sets the route preference value of RIP in the router. Lower route preference values are preferred when determining the best route. Syntax distance rip <1-255> no distance rip <1 - 255> - the value for distance. no - This command sets the default route preference value of RIP in the router. Default Setting 15 Command Mode Router RIP Config 8.5.2.7 hostrouteaccept This command enables the RIP hostroutesaccept mode.
split-horizon {none | simple | poison} no split-horizon none - This command sets without using RIP split horizon mode. simple - This command sets to use simple split horizon mode. poison - This command sets to use poison reverse mode. no - This command cancel to set the RIP split horizon mode and sets none mode. Default Setting Simple Command Mode Router RIP Config 8.5.2.9 distribute-list This command is used to specify the access list to filter routes received from the source protocol.
Syntax Format for OSPF as source protocol: redistribute ospf [metric <1-15>] [match [internal] [external 1] [external 2] [nssa-external 1] [nssa-external 2]] Format for other source protocols: redistribute {static | connected} [metric <1-15>] no redistribute {ospf | static | connected} [metric] [match [internal] [external 1] [external 2] [nssa-external 1] [nssa-external 2]] <1 - 15> - a value for metric.
Command Mode Interface Config 8.5.2.12 ip rip receive version This command configures the interface to allow RIP control packets of the specified version(s) to be received.
rip2 Command Mode Interface Config 8.6 Router Discovery Protocol Commands 8.6.1 Show Commands 8.6.1.1 show ip irdp This commands displays the router discovery information for all interfaces, or a specified interface. Syntax show ip irdp { | all} - Show router discovery information for the specified interface. - Show router discovery information for all interfaces.
8.6.2 Configuration Commands 8.6.2.1 ip irdp This command enables Router Discovery on an interface. Syntax ip irdp no ip irdp - Disable Router Discovery on an interface. Default Setting Disabled Command Mode Interface Config 8.6.2.2 ip irdp broadcast This command configures the address to be used to advertise the router for the interface. Syntax ip irdp broadcast no ip irdp broadcast broadcast - The address used is 255.255.255.255. no - The address used is 224.0.0.1.
ip irdp holdtime < maxadvertinterval-9000 > no ip irdp holdtime < maxadvertinterval-9000 > The range is the maxadvertinterval to 9000 seconds. no - This command configures the default value, in seconds, of the holdtime field of the router advertisement sent from this interface. Default Setting The default value is 3* maxadvertinterval (600) =1800. Command Mode Global Config 8.6.2.
no - This command sets the minimum time to 450. Default Setting The default value is 450. Command Mode Global Config 8.6.2.6 ip irdp preference This command configures the preferability of the address as a default router address, relative to other router addresses on the same subnet. Syntax ip irdp preference < -2147483648-2147483647> no ip irdp preference < -2147483648-2147483647> - The range is -2147483648 to 2147483647. no - This command sets the preference to 0.
Command Mode Privileged Exec User Exec Display Message MAC Address used by Routing VLANs: Is the MAC Address associated with the internal bridgerouter interface (IBRI). The same MAC Address is used by all VLAN routing interfaces. It will be displayed above the per-VLAN information. VLAN ID: Is the identifier of the VLAN. Logical Interface: Indicates the logical slot/port associated with the VLAN routing interface. IP Address: Displays the IP Address associated with this VLAN.
Syntax show ip vrrp Default Setting None Command Mode Privileged Exec User Exec Display Message Admin Mode: Displays the administrative mode for VRRP functionality on the switch. Router Checksum Errors: Represents the total number of VRRP packets received with an invalid VRRP checksum value. Router Version Errors: Represents the total number of VRRP packets received with Unknown or unsupported version number.
8.8.1.3 show ip vrrp interface This command displays all configuration information of a virtual router configured on a specific interface. Note that the information will be displayed only when the IP address of the specific interface is configured. Syntax show ip vrrp interface [ ] - Valid slot and port number separated by forward slashes. - Virtual router ID.
None Command Mode Privileged Exec User Exec Display Message VRID: Represents the router ID of the virtual router. Uptime: Is the time that the virtual router has been up, in days, hours, minutes and seconds. Protocol: Represents the protocol configured on the interface. State Transitioned to Master: Represents the total number of times virtual router state has changed to MASTER. Advertisement Received: Represents the total number of VRRP advertisements received by this virtual router.
ip vrrp no ip vrrp Default Setting Disabled Command Mode Global Config This command sets the virtual router ID on an interface for Virtual Router configuration in the router. Syntax ip vrrp <1-255> no ip vrrp <1-255> <1-255> - The range of virtual router ID is 1 to 255. - This command removes all VRRP configuration details of the virtual router configured on a specific interface. Default Setting None Command Mode Interface Config 8.8.2.
None Command Mode Interface Config 8.8.2.3 ip vrrp mode This command enables the virtual router configured on the specified interface. Enabling the status field starts a virtual router. Syntax ip vrrp <1-255> mode no ip vrrp <1-255> mode <1-255> - The range of virtual router ID is 1 to 255. - Disable the virtual router configured on the specified interface. Disabling the status field stops a virtual router. Default Setting Disabled Command Mode Interface Config 8.8.2.
Interface Config 8.8.2.5 ip vrrp preempt This command sets the preemption mode value for the virtual router configured on a specified interface. Syntax ip vrrp <1-255> preempt no ip vrrp <1-255> preempt <1-255> - The range of virtual router ID is 1 to 255. - This command sets the default preemption mode value for the virtual router configured on a specified interface. Default Setting Enabled Command Mode Interface Config 8.8.2.
The default priority value is 100 unless the router is the address owner, in which case its priority is automatically set to 255. Command Mode Interface Config 8.8.2.7 ip vrrp timers advertise This command sets the advertisement value for a virtual router in seconds. Syntax ip vrrp <1-255> timers advertise <1-255> ip vrrp <1-255> timers advertise <1-255> - The range of virtual router ID is 1 to 255. < 1-255 > - The range of advertisement interval is 1 to 255.
<1-255> - The range of virtual router ID is 1 to 255. < 1-254 > - The range of decrement is 1 to 254. - This command removes the interface from the tracked list or to restore the priority decrement to its default. Default Setting Decrement: 10 Command Mode Interface Config 8.8.2.9 ip vrrp track ip route This command tracks the route reachability. When the tracked route is deleted, the priority of the VRRP router will be decremented by the value specified in the decrement argument.
9. IP Multicast Commands 9.1 Distance Vector Multicast Routing Protocol (DVMRP) Commands This section provides a detailed explanation of the DVMRP commands. The commands are divided into the following different groups: Show commands are used to display device settings, statistics and other information. Configuration commands are used to configure features and options of the switch. For every configuration command there is a show command that will display the configuration setting. 9.1.
9.1.1.2 show ip dvmrp interface This command displays the interface information for DVMRP on the specified interface. Syntax show ip dvmrp interface - Valid slot and port number separated by forward slashes. Default Setting None Command Mode Privileged Exec User EXEC Display Message Interface Mode: This field indicates whether DVMRP is enabled or disabled on the specified interface. This is a configured value. Interface Metric: This field indicates the metric of this interface.
User EXEC Display Message IfIndex: This field displays the value of the interface used to reach the neighbor. Nbr IP Addr: This field indicates the IP Address of the DVMRP neighbor for which this entry contains information. State: This field displays the state of the neighboring router. The possible value for this field are ACTIVE or DOWN. Up Time: This field indicates the time since this neighboring router was learned. Expiry Time: This field indicates the time remaining for the neighbor to age out.
9.1.1.5 show ip dvmrp prune This command displays the table listing the router’s upstream prune information. Syntax show ip dvmrp prune Default Setting None Command Mode Privileged Exec User Exec Display Message Group IP: This field identifies the multicast Address that is pruned. Source IP: This field displays the IP Address of the source that has pruned. Source Mask: This field displays the network Mask for the prune source. It should be all 1s or both the prune source and prune mask must match.
Upstream Neighbor: This field indicates the IP Address of the neighbor which is the source for the packets for a specified multicast address. Interface: This field displays the interface used to receive the packets sent by the sources. Metric: This field displays the distance in hops to the source subnet. This field has a different meaning than the Interface Metric field. Expiry Time(secs): This field indicates the expiry time in seconds. This is the time remaining for this route to age out.
Command Mode Interface Config 9.1.2.2 ip dvmrp metric This command configures the metric for an interface. This value is used in the DVMRP messages as the cost to reach this network. Syntax ip dvmrp metric no ip dvmrp metric - This field has a range of 1 to 31. no - This command resets the metric for an interface to the default value. This value is used in the DVMRP messages as the cost to reach this network. Default Setting 1 Command Mode Interface Config 9.
Default Setting None Command Mode Privileged Exec User EXEC Display Message IGMP Admin Mode: This field displays the administrative status of IGMP. This is a configured value. Interface: Valid slot and port number separated by forward slashes. Interface Mode: This field indicates whether IGMP is enabled or disabled on the interface. This is a configured value. Protocol State: This field indicates the current state of IGMP on this interface. Possible values are Operational or Non-Operational. 9.2.1.
If detail is specified, the following fields are displayed: Multicast IP Address: This displays the IP Address of the registered multicast group on this interface. Last Reporter: This displays the IP Address of the source of the last membership report received for the specified multicast group address on this interface. Up Time: This displays the time elapsed since the entry was created for the specified multicast group address on this interface.
Robustness: This field displays the tuning for the expected packet loss on a subnet. If a subnet is expected to be have a lot of loss, the Robustness variable may be increased for that interface. This is a configured value. Startup Query Interval (secs): This value indicates the interval between General Queries sent by a Querier on startup. This is a configured value. Startup Query Count: This value is the number of Queries sent out on startup, separated by the Startup Query Interval.
Source Filter Mode: The source filter mode (Include/Exclude) for the specified group on this interface. This is “-----” for IGMPv1 and IGMPv2 Membership Reports. Source Hosts: This displays the list of unicast source IP Addresses in the group record of the IGMPv3 Membership Report with the specified multicast group IP Address. This is “-----” for IGMPv1 and IGMPv2 Membership Reports. Expiry Time: This displays the amount of time remaining to remove this entry before it is aged out.
9.2.2 Configuration Commands 9.2.2.1 ip igmp This command sets the administrative mode of IGMP in the router to active. Syntax ip igmp no ip igmp no - This command sets the administrative mode of IGMP in the router to inactive. Default Setting Disabled Command Mode Global Config This command sets the administrative mode of IGMP on an interface to active. Syntax ip igmp no ip igmp no - This command sets the administrative mode of IGMP on an interface to inactive.
no - This command resets the version of IGMP for this interface. The version is reset to the default value. Default Setting 3 Command Mode Interface Config 9.2.2.3 ip igmp last-member-query-count This command sets the number of Group-Specific Queries sent before the router assumes that there are no local members on the interface. Syntax ip igmp last-member-query-count <1-20> no ip igmp last-member-query-count <1-20> - The range for <1-20> is 1 to 20.
10 tenths of a second Command Mode Interface Config 9.2.2.5 ip igmp query-interval This command configures the query interval for the specified interface. This is the frequency at which IGMP Host-Query packets are transmitted on this interface. Syntax ip igmp query-interval <1-3600> no ip igmp query-interval <1-3600> - The range for <1-3600> is 1 to 3600 seconds. no - This command resets the query interval for the specified interface to the default value.
Interface Config 9.2.2.7 ip igmp robustness This command configures the robustness that allows tuning of the interface. The robustness is the tuning for the expected packet loss on a subnet. If a subnet is expected to have a lot of loss, the Robustness variable may be increased for the interface. Syntax ip igmp robustness <1-255> no ip igmp robustness <1-255> - The range for <1-255> is 1 to 255. no - This command sets the robustness value to default. Default Setting 2 Command Mode Interface Config 9.
9.2.2.9 ip igmp startup-query-interval This command sets the interval between General Queries sent by a Querier on startup on the interface. The time interval value is in seconds. Syntax ip igmp startup-query-interval <1-300> no ip igmp startup-query-interval <1-300> - The range for <1-300> is 1 to 300 seconds. no - This command resets the interval between General Queries sent by a Querier on startup on the interface to the default value. Default Setting 31 Command Mode Interface Config 9.
Command Mode Privileged Exec Display Message The following fields are displayed as a table when is specified. Group Address: The address of the multicast group. Interface: Interface through which the multicast group is reachable. Up Time: Time elapsed in hours, minutes, and seconds since the multicast group has been known. Expiry Time: Time left in hours, minutes, and seconds before the entry is removed from the MLD membership table.
MLD Version: Indicates the version of MLD configured on the interface. Query Interval: Indicates the configured query interval for the interface. Query Max Response Time: Indicates the configured maximum query response time (in seconds) advertised in MLD queries on this interface. Robustness: Displays the configured value for the tuning for the expected packet loss on a subnet attached to the interface.
Queries Received: The number of valid MLD queries received by the router. Queries Sent: The number of valid MLD queries sent by the router. Reports Received: The number of valid MLD reports received by the router. Reports Sent: The number of valid MLD reports sent by the router. Leaves Received: The number of valid MLD leaves received by the router. Leaves Sent: The number of valid MLD leaves sent by the router. Bad Checksum MLD Packets: The number of bad checksum MLD packets received by the router.
Default Setting 1000 milliseconds Command Mode Interface Config 9.3.2.3 ipv6 mld last-member-query-interval Use this command to set the last member query interval for the MLD interface, which is the value of the maximum response time parameter in the group specific queries sent out of this interface. The range for is 0 to 65535 milliseconds.
Interface Config 9.3.2.5 ipv6 mld router Use this command, in the administrative mode of the router, to enable MLD in the router. Syntax ipv6 mld router no ipv6 mld router Default Setting Disabled Command Mode Global Config Interface Config 9.3.2.6 clear ipv6 mld counters The user can go to the CLI Privilege Configuration Mode to clear MLD counters on the system, use the clear ipv6 mld counters [] priviledge configuration command.
Default Setting None Command Mode Privilege Exec 9.3.2.8 ipv6 mld version This command configures the version of MLD for an interface. Syntax ipv6 mld version {1 | 2} no ipv6 mld version <1- 2> - The mld version number. no - This command resets the version of MLD for this interface. The version is reset to the default value. Default Setting 2 Command Mode Interface Config 9.4 Multicast Commands 9.4.1 Show Commands 9.4.1.
Command Mode Privileged Exec User Exec Display Message Admin Mode: This field displays the administrative status of multicast. This is a configured value. Protocol State: This field indicates the current state of the multicast protocol. Possible values are Operational or Non-Operational. Table Max Size: This field displays the maximum number of entries allowed in the multicast table. Protocol: This field displays the multicast protocol running on the router. Possible values are PIMDM, PIMSM, or DVMRP.
Syntax show ip mcast interface - Interface number. Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: Valid slot and port number separated by forward slashes. TTL: This field displays the time-to-live value for this interface. 9.4.1.4 show ip mcast mroute This command displays a summary or all the details of the multicast table. Syntax show ip mcast mroute {detail | summary} detail - displays the multicast routing table details.
Flags: This field displays the flags associated with this entry. If the “summary” parameter is specified, the following fields are displayed: Source IP: This field displays the IP address of the multicast data source. Group IP: This field displays the IP address of the destination of the multicast packet. Protocol: This field displays the multicast routing protocol by which this entry was created. Incoming Interface: This field displays the interface on which the packet for this source/group arrives.
Group IP: This field displays the IP address of the destination of the multicast packet. Protocol This field displays the multicast routing protocol by which this entry was created. Incoming Interface: This field displays the interface on which the packet for this group arrives. Outgoing Interface List: This field displays the list of outgoing interfaces on which this packet is forwarded.
9.4.2 Configuration Commands 9.4.2.1 ip multicast This command sets the administrative mode of the IP multicast forwarder in the router to active. For multicast routing to become operational, IGMP must be currently enabled. An error message will be displayed on the CLI if multicast routing is enabled while IGMP is disabled. However, the IP multicast mode configuration is stored in the multicast configuration file and is automatically enabled once IGMP is enabled.
no - This command deletes an administrative scope multicast boundary specified by and for which this multicast administrative boundary is applicable. is a group IP address and is a group IP mask. Default Setting None Command Mode Interface Config 9.4.2.3 ip multicast ttl-threshold This command applies the given to a routing interface.
Syntax show ip pimdm Default Setting None Command Mode Privileged Exec User Exec Display Message Admin Mode: This field indicates whether PIM-DM is enabled or disabled. This is a configured value. Interface: Valid slot and port number separated by forward slashes. Interface Mode: This field indicates whether PIM-DM is enabled or disabled on this interface. This is a configured value. Operational State: This field indicates the current state of PIM-DM on this interface.
9.5.1.3 show ip pimdm interface stats This command displays the statistical information for PIM-DM on the specified interface. Syntax show ip pimdm interface stats { | all} - Interface number. all - this command represents all interfaces. Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: Valid slot and port number separated by forward slashes. IP Address: This field indicates the IP Address that represents the PIM-DM interface.
Display Message Neighbor Addr: This field displays the IP Address of the neighbor on an interface. Interface: Valid slot and port number separated by forward slashes. Up Time: This field indicates the time since this neighbor has become active on this interface. Expiry Time: This field indicates the expiry time of the neighbor on this interface. 9.5.2 Configuration Commands 9.5.2.1 ip pimdm This command enables the administrative mode of PIM-DM in the router.
Interface Config 9.5.2.3 ip pimdm hello-interval This command configures the transmission frequency of hello messages between PIM enabled neighbors. This field has a range of 10 to 3600 seconds. Syntax ip pimdm hello-interval <10 - 3600> no ip pimdm hello-interval <10 - 3600> - This is time interval in seconds. no - This command resets the transmission frequency of hello messages between PIM enabled neighbors to the default value. Default Setting 30 Command Mode Interface Config 9.
Admin Mode: This field indicates whether PIM-SM is enabled or disabled. This is a configured value. Data Threshold Rate (Kbps): This field shows the data threshold rate for the PIM-SM router. This is a configured value. Register Threshold Rate (Kbps): This field indicates the threshold rate for the RP router to switch to the shortest path. This is a configured value. Interface: Valid slot and port number separated by forward slashes.
Syntax show ip pimsm interface - Interface number. Default Setting None Command Mode Privileged Exec User Exec Display Message Slot/Port: Valid slot and port number separated by forward slashes. IP Address: This field indicates the IP address of the specified interface. Subnet Mask: This field indicates the Subnet Mask for the IP address of the PIM interface. Hello Interval: This field indicates the frequency at which PIM hello messages are transmitted on this interface.
Privileged Exec User Exec Display Message Interface: Valid slot and port number separated by forward slashes. IP Address: This field displays the IP Address of the neighbor on an interface. Up Time: This field indicates the time since this neighbor has become active on this interface. Expiry Time: This field indicates the expiry time of the neighbor on this interface. 9.6.1.5 show ip pimsm rphash This command displays which rendezvous point (RP) is being used for a specified group.
Command Mode Privileged Exec User Exec 9.6.2 Configuration Commands 9.6.2.1 ip pimsm This command sets administrative mode of PIM-SM multicast routing across the router to enabled. IGMP must be enabled before PIM-SM can be enabled. Syntax ip pimsm no ip pimsm no - This command sets administrative mode of PIM-SM multicast routing across the router to disabled. IGMP must be enabled before PIM-SM can be enabled. Default Setting Disbaled Command Mode Global Config 9.6.2.
9.6.2.3 ip pimsm register-threshold This command is used to configure the Threshold rate for the RP router to switch to the shortest path. The rate is specified in Kilobits per second. The possible values are 0 to 2000. Syntax ip pimsm register-threshold <0 - 2000> no ip pimsm register-threshold <0 - 2000> - This is kilobits per seconds. no - This command is used to reset the Threshold rate for the RP router to switch to the shortest path to the default value.
9.6.2.5 ip pimsm rp-address This command is used to create RP IP address for the PIM-SM router. The parameter is the IP address of the RP. The parameter is the group address supported by the RP. The parameter is the group mask for the group address. The optional keyword override indicates that if there is a conflict, the RP configured with this command prevails over the RP learned by BSR.
9.6.2.7 ip pimsm hello-interval This command configures the transmission frequency of hello messages in seconds between PIM enabled neighbors. This field has a range of 0 to 18000 seconds. Syntax ip pimsm query-interval <0 - 18000> no ip pimsm query-interval <0 - 18000> - This is time interval in seconds. no - This command resets the transmission frequency of hello messages between PIM enabled neighbors to the default value. Default Setting 30 Command Mode Interface Config 9.6.2.
ip pimsm dr-priority <0-2147483647> no ip pimsm dr-priority no - This command is used to reset the priority to default value. Default Setting 1 Command Mode Interface Config 9.6.2.10 ip pimsm bsr-candidate This command is used to configure the router to announce its candidacy as a bootstrap router (BSR).
ip pimsm rp-candidate interface no ip pimsm rp-candidate interface no - This command is used to disable the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR). Default Setting None Command Mode Global Config 9.6.2.12 ip pimsm ssm default Use this command to define the Source Specific Multicast (SSM) range of IP multicast addresses.
Syntax show ip igmp-proxy Default Setting None Command Mode Privileged Exec User Exec Display Message Interface index: The interface number of the IGMP Proxy. Admin Mode: States whether the IGMP Proxy is enabled or not. This is a configured value. Operational Mode: States whether the IGMP Proxy is operationally enabled or not. This is a status parameter. Version: The present IGMP host version that is operational on the proxy interface.
Interface: The interface number of the IGMP Proxy. Group Address: The IP address of the multicast group. Last Reporter: The IP address of host that last sent a membership report. Up Time (in secs): The time elapsed since last created. Member State: The status of the entry. Possible values are IDLE_MEMBER or DELAY_MEMBER. • IDLE_MEMBER - interface has responded to the latest group membership query for this group.
9.7.1.4 show ip igmp-proxy interface This command displays a detailed list of the host interface status parameters. It displays the following parameters only when you enable IGMP Proxy. Syntax show ip igmp-proxy interface Default Setting None Command Mode Privileged Exec User Exec Display Message Interface Index: Shows the slot/port of the IGMP proxy. The column headings of the table associated with the interface are as follows: Ver: Shows the IGMP version. Query Rcvd: Number of IGMP queries received.
Default Setting Disabled Command Mode Interface Config 9.7.2.2 ip igmp-proxy reset-status This command resets the host interface status parameters of the IGMP Proxy router. This command is valid only when you enable IGMP Proxy on the interface. Syntax ip igmp-proxy reset-status Default Setting None Command Mode Interface Config 9.7.2.3 ip igmp-proxy unsolicit-rprt-interval This command sets the unsolicited report interval for the IGMP Proxy router.
9.8 MLD Proxy Commands MLD-Proxy is the IPv6 equivalent of IGMP-Proxy. MLD-Proxy commands allow you to configure the network device as well as to view device settings and statistics using either serial interface or telnet session. The operation of MLD-Proxy commands is the same as for IGMP-Proxy: MLD is for IPv6 and IGMP is for IPv4.MGMD is a term used to refer to both IGMP and MLD. 9.8.1 Show Commands 9.8.1.
Syntax show ipv6 mld-proxy groups Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: The interface number of the MLD-Proxy. Group Address: The IP address of the multicast group. Last Reporter: The IP address of the host that last sent a membership report for the current group, on the network attached to the MLD-Proxy interface (upstream interface). Up Time (in secs): The time elapsed since last created.
group, on the network attached to the MLD-Proxy interface (upstream interface). Up Time (in secs): The time elapsed since last created. Member State: Possible values are: • Idle_Member - interface has responded to the latest group membership query for this group. • Delay_Member - interface is going to send a group membership report to respond to a group membership query for this group. Filter Mode: Possible values are include or exclude. Sources: The number of sources attached to the multicast group.
9.8.2 Configuration Commands 9.8.2.1 ipv6 mld-proxy This command enables MLD-Proxy on the router. To enable MLD-Proxy on the router, you must enable multicast forwarding. Also, make sure that there are no other multicast routing protocols enabled n the router. Syntax ipv6 mld-proxy no ipv6 mld-proxy no - This command disables the MLD-Proxy on the router. Default Setting Disabled Command Mode Interface Config 9.8.2.
no ipv6 mld-proxy unsolicit-rprt-interval no - This command resets the unsolicited report interval of the MLD-Proxy router to the default value.
10. IPv6 Commands 10.1 Tunnel Interface Commands The commands in this section describe how to create, delete, and manage tunnel interfaces.Several different types of tunnels provide functionality to facilitate the transition of IPv4 networks to IPv6 networks. These tunnels are divided into two classes: configured and automatic. The distinction is that configured tunnels are explicitly configured with a destination or endpoint of the tunnel.
address and prefix display. 10.1.2 Configuration Commands 10.1.2.1 interface tunnel This command uses to enter the Interface Config mode for a tunnel interface. The range is 0 to 7. Syntax interface tunnel <0-7> no interface tunnel <0-7> no - This command removes the tunnel interface and associated configuration parameters for the specified tunnel interface. Default Setting None Command Mode Global Config 10.1.2.
10.1.2.3 tunnel destination This command specifies the destination transport address of the tunnel. Syntax tunnel destination {} - A valid IP Address. Default Setting None Command Mode Interfacel Tunnel Mode 10.1.2.4 tunnel mode ipv6ip This command specifies the mode of the tunnel. With the optional 6to4 argument, the tunnel mode is set to 6to4 automatic. Without the optional 6to4 argument, the tunnel mode is configured.
10.2.1 Show Commands 10.2.1.1 show interface loopback This command displays information about configured loopback interfaces. Syntax show interface loopback [<0-7>] Default Setting None Command Mode Privileged Exec Display Message If you do not specify a loopback ID, the following information appears for each loopback interface on the system: Loopback ID: Shows the loopback ID associated with the rest of the information in the row. Interface: Shows the interface name.
interface loopback <0-7> no interface loopback <0-7> no - This command removes the loopback interface and associated configuration parameters for the specified loopback interface. Default Setting Disabled Command Mode Global Config 10.3 IPv6 Routing Commands This section describes the IPv6 commands you use to configure IPv6 on the system and on the interfaces. This section also describes IPv6 management commands and show commands. 10.3.1 Show Commands 10.3.1.
ICMPv6 Rate Limit Burst Size Shows the number of ICMPv6 error messages that can be sent during one burst-interval. For more information, see “ipv6 icmp error-interval” Maximum Routes Shows the maximum IPv6 route table size. 10.3.1.2 show ipv6 interface port This command displays the usability status of IPv6 interfaces. Syntax show ipv6 interface [{ brief | port [prefix]}] - Valid slot and port number separated by forward slashes.
Router Advertisement Reachable Time: Shows the amount of time, in milliseconds, to consider a neighbor reachable after neighbor discovery confirmation. Router Advertisement Interval: Shows the frequency, in seconds, that router advertisements are sent. Router Advertisement Managed Config Flag: Shows whether the managed configuration flag is set (enabled) for router advertisements on this interface.
Neighbor State: State of neighbor cache entry. Possible values are Incomplete, Reachable, Stale, Delay, Probe, and Unknown. Age(Seconds): Shows the system uptime when the information for the neighbor was last updated. 10.3.1.4 show ipv6 interface neighbors static This command display static neighbor cache table on the system each interface port.
MAC Address: The MAC Address used. isRtr: Specifies the router flag. Neighbor State: The state of the neighbor cache entry. Possible values are: Reachable, Delay. Age Updated: The time in seconds that has elapsed since an entry was added to the cache. 10.3.1.6 show ipv6 route This command displays the IPv6 routing table The specifies a specific IPv6 address for which the best-matching route would be displayed.
Next-Hop: The outgoing router IPv6 address to use when forwarding traffic to the next router (if any) in the path toward the destination Route-Timestamp: The last updated time for dynamic routes. The format of Route-Timestamp will be • Days:Hours:Minutes if days > = 1 • Hours:Minutes:Seconds if days < 1 Interface: The outgoing router interface to use when forwarding traffic to the next destnation.
Syntax show ipv6 route summary [all] Default Setting None Command Mode Privileged Exec Display Message Connected Routes: Total number of connected routes in the routing table. Static Routes: Shows whether the IPv6 unicast routing mode is enabled. OSPF Routes: Total number of routes installed by OSPFv3 protocol. Reject Routes : Total number of reject routes installed by all protocols. Number of Prefixes: Summarizes the number of routes with prefixes of different lengths.
10.3.1.10 show ipv6 traffic This command displays traffic and statistics for IPv6 and ICMPv6. Specify a logical, loopback, or tunnel interface to view information about traffic on a specific interface. If you do not specify an interface, the command displays information about traffic on all interfaces.
Datagrams Successfully Reassembled: Number of IPv6 datagrams successfully reassembled. Note that this counter increments at the interface to which these datagrams were addressed, which might not be necessarily the input interface for some of the fragments. Datagrams Failed To Reassemble: Number of failures detected by the IPv6 reassembly algorithm (for whatever reason: timed out, errors, etc.).
ICMPv6 Router Solicit Messages Received: Number of ICMP Router Solicit messages received by the interface. ICMPv6 Router Advertisement Messages Received: Number of ICMP Router Advertisement messages received by the interface. ICMPv6 Neighbor Solicit Messages Received: Number of ICMP Neighbor Solicit messages received by the interface. ICMPv6 Neighbor Advertisement Messages Received: Number of ICMP Neighbor Advertisement messages received by the interface.
ICMPv6 Duplicate Address Detects: Number of duplicate addresses detected by interface. 10.3.2 Configuration Commands 10.3.2.1 ipv6 forwarding This command enables IPv6 forwarding on the switch. Syntax Ipv6 forwarding no ipv6 forwarding no - This command disables IPv6 forwarding on the switch. Default Setting Enabled Command Mode Global Config 10.3.2.2 ipv6 hop-limit This command defines the unicast hop count used in ipv6 packets originated by the node.
10.3.2.3 ipv6 unicast-routing Use this command to enable the forwarding of IPv6 unicast packets. Syntax ipv6 unicast-routing no ipv6 unicast-routing no – Use this command to disable the forwarding of IPv6 unicast packets. Default Setting Disabled Command Mode Global Config 10.3.2.4 ipv6 enable Use this command to enable IPv6 routing on an interface, including a tunnel and loopback interface that has not been configured with an explicit IPv6 address.
this command since one is automatically created. The field consists of the bits of the address to be configured. The designates how many of the high-order contiguous bits of the address make up the prefix. You can express IPv6 addresses in eight blocks. Also of note is that instead of a period, a colon now separates each block. For simplification, leading zeros of each 16 bit block can be omitted.
- Gateway address in IPv6 global or link-local address format. no – Use this command remove IPv6 gateways on the network port interface. Command Mode Interface vlan 10.3.2.7 ipv6 route Use this command to configure an IPv6 static route. The is the IPv6 network that is the destination of the static route.
Changing the default distance does not update the distance of existing static routes, even if they were assigned the original default distance. The new default distance will only be applied to static routes created after invoking the ipv6 route distance command. Syntax ipv6 route distance <1-255> no ipv6 route distance no – This command resets the default static route preference value in the router to the original default preference.
no ipv6 nd dad attempts no – This command resets to number of duplicate address detection value to default value. Default Setting 1 Command Mode Interface Config 10.3.2.11 ipv6 nd managed-config-flag This command sets the “managed address configuration” flag in router advertisements. When the value is true, end nodes use DHCPv6. When the value is false, end nodes automatically configure addresses.
Default Setting 0 Command Mode Interface Config 10.3.2.13 ipv6 nd other-config-flag This command sets the “other stateful configuration” flag in router advertisements sent from the interface. Syntax ipv6 nd other-config-flag no ipv6 nd other-config-flag no – This command resets the “other stateful configuration” flag back to its default value in router advertisements sent from the interface. Default Setting False Command Mode Interface Config 10.3.2.
10.3.2.15 ipv6 nd ra-lifetime This command sets the value, in seconds, that is placed in the Router Lifetime field of the router advertisements sent from the interface. The value must be zero, or it must be an integer between the value of the router advertisement transmission interval and 9000. A value of zero means this router is not to be used as the default router. Syntax ipv6 nd ra-lifetime no ipv6 nd ra-lifetime no – This command resets router lifetime to the default value.
ipv6 nd suppress-ra no ipv6 nd suppress-ra no –This command enables router transmission on an interface. Default Setting Disabled Command Mode Interface Config 10.3.2.18 ipv6 nd prefix This command sets the IPv6 prefixes to include in the router advertisement. The first optional parameter is the valid lifetime of the router, in seconds. You can specify a value or indicate that the lifetime value is infinite. The second optional parameter is the preferred lifetime of the router.
10.3.2.19 ipv6 unreachables Use this command to enable the generation of ICMPv6 Destination Unreachable messages. By default, the generation of ICMPv6 Destination Unreachable messages is enabled. Syntax ipv6 unreachables no ipv6 unreachables no – This command prevent the generation of ICMPv6 Destination Unreachable messages. Default Setting Enabled Command Mode Interface Config 10.3.2.20 ipv6 icmp error-interval Use this command to limit the rate at which ICMPv6 error messages are sent.
10.3.2.21 ipv6 neighbors static The user can add/delete a static neighbor into neighbor cache table. Syntax ipv6 neighbors static no ipv6 neighbors static - Enter the IPv6 Address. - Enter the MAC Address. no – This command sets IPv6 neighbor configuration to default values. Default Setting None Command Mode Global Config 10.
Router ID: Is a 32 bit integer in dotted decimal format identifying the router, about which information is displayed. This is a configured value. OSPF Admin Mode: Shows whether the administrative mode of OSPF in the router is enabled or disabled. This is a configured value. ASBR Mode: Reflects whether the ASBR mode is enabled or disabled. Enable implies that the router is an autonomous system border router.
10.4.1.2 show ip ospf abr This command displays the internal OSPFv3 routes to reach Area Border Routers (ABR).This command takes no options. Syntax show ipv6 ospf abr Default Setting None Command Mode Privileged Exec User Exec Display Messages Type: The type of the route to the destination. It can be either: • intra — Intra-area route • inter — Inter-area route Router ID: Router ID of the destination Cost: Cost of using this route Area ID: The area ID of the area from which this route is learned.
External Routing: Is a number representing the external routing capabilities for this area. Spf Runs: Is the number of times that the intra-area route table has been calculated using this area's link-state database. Area Border Router Count: The total number of area border routers reachable within this area. Area LSA Count: Total number of link-state advertisements in this area's link-state database, excluding AS External LSAs.
Type: The type of the route to the destination. It can be either: • intra — Intra-area route • inter — Inter-area route Router ID: Router ID of the destination Cost: Cost of using this route Area ID: The area ID of the area from which this route is learned. Next Hop: Next hop toward the destination Next Hop Intf: The outgoing router interface to use when forwarding traffic to the next hop. 10.4.1.
Sequence: Is a number that represents which LSA is more recent. Checksum: Is the total number LSA checksum. Options: This is an integer. It indicates that the LSA receives special handling during routing calculations. Rtr Opt: Router Options are valid for router links only. 10.4.1.6 show ipv6 ospf database database-summary This command displays the number of each type of LSA in the database and the total number of LSAs in the database.
10.4.1.7 show ipv6 ospf interface This command displays the information for the IFO object or virtual interface tables. Syntax show ipv6 ospf interface { | loopback <0-7> | tunnel <0-7>} - Interface number. <0-7> - Loopback/Tunnel Interface ID. Default Setting None Command Mode Privileged Exec User Exec Display Messages IP Address: Shows the IPv6 address of the interface. ifIndex: Shows the interface index number associated with the interface.
broadcast. The OSPF Interface Type will be 'broadcast'. State: The OSPF Interface States are: down, loopback, waiting, point-to-point, designated router, and backup designated router. Designated Router: The router ID representing the designated router. Backup Designated Router: The router ID representing the backup designated router. Number of Link Events: The number of link events. Metric Cost: The cost of the OSPF interface. 10.4.1.
10.4.1.9 show ipv6 ospf interface stats This command displays the statistics for a specific interface. The command only displays information if OSPF is enabled Syntax show ipv6 ospf interface stats - Interface number. Default Setting None Command Mode Privileged Exec User Exec Display Messages OSPFv3 Area ID: The area id of this OSPF interface. IP Address: The IP address associated with this OSPF interface.
No Neighbor at Source Address: The number of OSPF packets dropped because the sender is not an existing neighbor or the sender’s IP address does not match the previously recorded IP address for that neighbor. NOTE: Does not apply to Hellos. Invalid OSPF Packet Type The number of OSPF packets discarded because the packet type field in the OSPF header is not a known type. 10.4.1.10 show ipv6 ospf neighbor This command displays information about OSPF neighbors.
• Exchange start - the first step in creating an adjacency between the two neighboring routers, the goal is to decide which router is the master and to decide upon the initial DD sequence number. • Exchange - the router is describing its entire link state database by sending Database Description packets to the neighbor. • Loading - Link State Request packets are sent to the neighbor asking for the more recent LSAs that have been discovered (but not yet received) in the Exchange state.
User Exec Display Messages Area ID: The area id of the requested OSPF area. IP Address: An IP Address which represents this area range. Subnet Mask: A valid subnet mask for this area range. Lsdb Type: The type of link advertisement associated with this area range. Advertisement: The status of the advertisement. Advertisement has two possible settings: enabled or disabled. 10.4.1.12 show ipv6 ospf stub table This command displays the OSPF stub table.
- Area ID. - Neighbor's router ID. Default Setting None Command Mode Privileged Exec User Exec Display Messages Area ID: The area id of the requested OSPF area. Neighbor Router ID: The input neighbor Router ID. Hello Interval: The configured hello interval for the OSPF virtual interface. Dead Interval: The configured dead interval for the OSPF virtual interface. Iftransit Delay Interval: The configured transit delay for the OSPF virtual interface.
Retransmit Interval: Is the configured retransmit interval for the OSPFv3 virtual interface. Transit Delay: Is the configured transit delay for the OSPFv3 virtual interface. 10.4.2 Configuration Commands 10.4.2.1 ipv6 ospf This command enables OSPF on a router interface or loopback interface. Syntax ipv6 ospf no ipv6 ospf - This command disables OSPF on a router interface or loopback interface. Default Setting Disabled Command Mode Interface Config 10.4.2.
10.4.2.3 ipv6 ospf cost This command configures the cost on an OSPF interface. The parameter has a range of 1 to 65535. Syntax ipv6 ospf cost <1-65535> no ipv6 ospf cost - This command configures the default cost on an OSPF interface. Default Setting None Command Mode Interface Config 10.4.2.4 ipv6 ospf dead-interval This command sets the OSPF dead interval for the specified interface.
10.4.2.5 ipv6 ospf hello-interval This command sets the OSPF hello interval for the specified interface. The value for is a valid positive integer, which represents the length of time in seconds. The value for the length of time must be the same for all routers attached to a network. Valid values for range from 1 to 65535. Syntax ipv6 ospf hello-interval no ipv6 ospf hello-interval - This command sets the default OSPF hello interval for the specified interface.
bandwidth IP network between two routers, the network type can be point-to-point since there are only two routers. Using point-to-point as the network type eliminates the overhead of the OSPF designated router election. It is normally not useful to set a tunnel to OSPF network type broadcast. Syntax ipv6 ospf network {broadcast | point-to-point} no ipv6 ospf network {broadcast | point-to-point} - This command sets the interface type to the default value.
Syntax ipv6 ospf retransmit-interval no ipv6 ospf retransmit-interval - This command sets the default OSPF retransmit Interval for the specified interface. Default Setting 5 Command Mode Interface Config 10.4.2.10 ipv6 ospf transmit-delay This command sets the OSPF Transit Delay for the specified interface. The transmit delay is specified in seconds. In addition, it sets the estimated number of seconds it takes to transmit a link state update packet over this interface.
Command Mode Global Config 10.4.2.12 area default-cost This command configures the monetary default cost for the stub area. The operator must specify the area id and an integer value between 1-16777215. Syntax area default-cost <1-16777215> - Area ID. Default Setting None Command Mode Router OSPFv3 Config 10.4.2.13 area nssa This command configures the specified areaid to function as an NSSA. Syntax area nssa no area nssa - Area ID.
10.4.2.14 area nssa default-info-originate This command configures the metric value and type for the default route advertised into the NSSA. The optional metric parameter specifies the metric of the default route and is to be in a range of 1-16777214. If no metric is specified, the default value is 10. The metric type can be comparable (nssa-external 1) or non-comparable (nssa-external 2).
10.4.2.16 area nssa no-summary This command configures the NSSA so that summary LSAs are not advertised into the NSSA Syntax area nssa no-summary no area nssa no-summary - Area ID. no - This command disables nssa from the summary LSAs. Default Setting None Command Mode Router OSPFv3 Config 10.4.2.17 area nssa translator-role This command configures the translator role of the NSSA.
10.4.2.18 area nssa translator-stab-intv This command configures the translator stability interval of the NSSA. The is the period of time that an elected translator continues to perform its duties after it determines that its translator status has been deposed by another router. Syntax area nssa translator-stab-intv <0-3600> no area nssa translator-stab-intv - Area ID. <0-3600> - The range is 0 to 3600.
Command Mode Router OSPFv3 Config 10.4.2.20 area stub This command creates a stub area for the specified area ID. A stub area is characterized by the fact that AS External LSAs are not propagated into the area. Removing AS External LSAs and Summary LSAs can significantly reduce the link state database of routers within the stub area. Syntax area stub no area stub - Area ID. - This command deletes a stub area for the specified area ID.
10.4.2.22 area virtual-link This command creates the OSPF virtual interface for the specified and . The parameter is the Router ID of the neighbor. Syntax area virtual-link no area virtual-link - Area ID. - Router ID of the neighbor. no - This command deletes the OSPF virtual interface from the given interface, identified by and .
10.4.2.24 area virtual-link hello-interval This command configures the hello interval for the OSPF virtual interface on the interface identified by and . Syntax area virtual-link hello-interval <1-65535> no area virtual-link hello-interval - Area ID. - Router ID of the neighbor. <1-65535> - The range of the hello interval is 1 to 65535.
10.4.2.26 area virtual-link transmit-delay This command configures the transmit delay for the OSPF virtual interface on the virtual interface identified by and . Syntax area virtual-link transmit-delay <0-3600> no area virtual-link transmit-delay - Area ID. - Router ID of the neighbor. <0-3600> - The range of the transmit delay is 0 to 3600.
10.4.2.28 default-information originate This command is used to control the advertisement of default routes. Syntax default-information originate [always] [metric <1-16777215>] [metric-type {1 | 2}] no default-information originate [metric] [metric-type] [always] - Sets the router advertise 0.0.0.0/0.0.0.0. metric - The range of the metric is 1 to 16777215. metric type - The value of metric type is type 1 or type 2. no - This command configures the default advertisement of default routes.
10.4.2.30 distance ospf This command sets the route preference value of OSPF in the router. Lower route preference values are preferred when determining the best route. The type of OSPF can be intra, inter, type-1, or type-2. The OSPF specification (RFC 2328) requires that preferences must be given to the routes learned via OSPF in the following order: intra < inter < type-1 < type-2. The range is 1 to 255. A route with a preference of 255 cannot be used to forward traffic.
10.4.2.32 exit-overflow-interval This command configures the exit overflow interval for OSPF. It describes the number of seconds after entering Overflow state that a router will wait before attempting to leave the Overflow State. This allows the router to again originate non-default AS-external-LSAs. When set to 0, the router will not leave Overflow State until restarted.
10.4.2.34 maximum-paths This command sets the number of paths that OSPF can report for a given destination where is platform dependent. Syntax maximum-paths <1-2> no maximum-paths <1-2> - The maximum number of paths that OSPF can report for a given destination. The range of the value is 1 to 2. no - This command resets the number of paths that OSPF can report for a given destination back to its default value. Default Setting 1 Command Mode Router OSPFv3 Config. 10.4.2.
passive-interface { | tunnel } no passive-interface { | tunnel } Default Setting Disabled Command Mode Router OSPFv3 Config. 10.4.2.37 redistribute This command configures the OSPFv3 protocol to allow redistribution of routes from the specified source protocol/routers.
None Command Mode Router OSPFv3 Config 10.5 RIPng Commands RIPng is intended to allow routers to exchange information for computing routes through an IPv6-based network. RIPng is a distance vector protocol. RIPng should be implemented only in routers. Any router that uses RIPng is assumed to have interfaces to one or more networks, otherwise it isn’t really a router. These are referred to as its directly-connected networks.
Distance: Configured value. Update Time: Configured value. Garbage Time: Configured value. Info Time: Configured value. Enable Ripng of interfaces: List all interfaces enabled RIPng. Enable passive mode of interfaces: List all interfaces enabled RIPng passive. 10.5.2 Configuration Commands 10.5.2.1 enable This command resets the default administrative mode of RIPng in the router (active). Syntax enable no enable no - This command sets the administrative mode of RIPng in the router to inactive.
Interface Config 10.5.2.3 ipv6 router rip Use this command to enter Router RIPng mode. Syntax ipv6 router rip Default Setting Disabled Command Mode Global Config 10.5.2.4 default-information originate This command is used to set the advertisement of default routes. Syntax default-information originate no default-information originate no - This command is used to cancel the advertisement of default routes. Default Setting Disabled Command Mode IPv6 Router RIP Config 10.5.2.
<1-15> - a value for default-metric. no - This command is used to reset the default metric of distributed routes to its default value. Default Setting Not configured Command Mode IPv6 Router RIP Config 10.5.2.6 distance rip This command sets the route preference value of RIPng in the router. Lower route preference values are preferred when determining the best route. Syntax distance rip <1-255> no distance rip <1-255> - the value for distance.
no - This command cancel to set the RIPngplit horizon mode and sets none mode. Default Setting Simple Command Mode IPv6 Router RIP Config 10.5.2.8 redistribute This command configures RIPng protocol to redistribute routes from the specified source protocol/routers. Source protocols have OSPF, Static, and Connetced.
garbage - This command sets to the RIPng garbage time. info - This command sets to the RIPng info time. no - This command sets the RIPng timer to default value. Default Setting update - the default value is 30 (seconds) garbage - the default value is 120 (seconds) info - the default value is 180 (seconds) Command Mode Global Config 10.5.2.
show ipv6 pimdm Default Setting None Command Mode Privileged Exec User Exec Display Message PIM-DM Admin Mode: Indicates whether PIM-DM is enabled or disabled. Interface: Valid unit, slot, and port number separated by forward slashes. Interface Mode: Indicates whether PIM-DM is enabled or disabled on this interface. Operational State: The current state of PIM-DM on this interface. Possible values are Operational or Non-Operational. 10.6.1.
Syntax show ipv6 pimdm neighbor [|all] Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: Valid unit, slot, and port number separated by forward slashes. Neighbor Address: The IP address of the neighbor on an interface. Up Time: The time since this neighbor has become active on this interface. Expiry Time: The expiry time of the neighbor on this interface. 10.6.2 Configuration Commands 10.6.2.
10.6.2.2 ipv6 pimdm hello-interval Use this command to configure the PIM-DM hello interval for the specified router interface. The hello-interval is specified in seconds and is in the range 30–3600. Syntax ipv6 pimdm hello-interval <30-3600> no ipv6 pimdm hello-interval no - Use this command to set the PIM-DM hello interval to the default value. Default Setting Disabled Command Mode Interface Config 10.7 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands 10.7.1 Show Commands 10.7.1.
Interface: Valid unit, slot, and port number separated by forward slashes. Interface Mode: Indicates whether PIM-SM is enabled or disabled on the interface. Operational State: The current state of the PIM-SM protocol on the interface. Possible values are Operational or Non- Operational. 10.7.1.2 show ipv6 pimsm bsr This command displays the bootstrap router (BSR) information.
None Command Mode Privileged Exec User Exec Display Message Slot Port: Valid unit, slot, and port number separated by forward slashes. IP Address: The IP address of the specified interface. Subnet Mask: The Subnet Mask for the IP address of the PIM interface. Hello Interval (secs): The frequency at which PIM hello messages are transmitted on this interface. By default, the value is 30 seconds. Join Prune Interval (secs): The join/prune interval for the PIM-SM router. The interval is in seconds.
Syntax show ipv6 pimsm rphash - the IP multicast group address. Default Setting None Command Mode Privileged Exec User Exec Display Message RP: The IP address of the RP for the group specified. Origin: Indicates the mechanism (BSR or static) by which the RP was selected. 10.7.1.6 show ipv6 pimsm rp mapping Use this command to display all group-to-RP mappings of which the router is a aware (either configured or learned from the bootstrap router (BSR)).
10.7.2 Configuration Commands 10.7.2.1 ipv6 pimsm This command sets administrative mode of PIM-SM multicast routing across the router to enabled. MLD must be enabled before PIM-SM can be enabled. Syntax ipv6 pimsm no ipv6 pimsm no - This command sets administrative mode of PIM-SM multicast routing across the router to disabled. MLD must be enabled before PIM-SM can be enabled. Default Setting Disbaled Command Mode Global Config Interface Config 10.7.2.
10.7.2.3 ipv6 pimsm register-threshold This command configures the Register Threshold rate for the Rendezvous Point router to switch to a source-specific shortest path. The valid values are from (0 to 2000 kilobits/sec). Syntax ipv6 pimsm register-threshold <0-2000> no ipv6 pimsm register-threshold no - This command resets the register threshold rate for the Rendezvous Pointer router to the default value. Default Setting 0 Command Mode Global Config 10.7.2.
10.7.2.5 ipv6 pimsm rp-candidate This command is used to configure the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR). Syntax ipv6 pimsm rp-candidate interface no ipv6 pimsm rp-candidate interface no - This command is used to disable the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR).
default - Defines the SSM range access list to 232/8. no - This command is used to disable the Source Specific Multicast (SSM) range. Default Setting Disbaled Command Mode Global Config 10.7.2.8 ipv6 pimsm bsr-border Use this command to prevent bootstrap router (BSR) messages from being sent or received through an interface. Syntax ipv6 pimsm bsr-border no ipv6 pimsm bsr-border no - Use this command to disable the interface from being the BSR border.
Interface Config 10.7.2.10 ipv6 pimsm join-prune-interval This command is used to configure the interface join/prune interval for the PIM-SM router. The join/prune interval is specified in seconds. This parameter can be configured to a value from 0 to 18000. Syntax ipv6 pimsm join-prune-interval <10-3600> no ipv6 pimsm join-prune-interval no - Use this command to set the join/prune interval to the default value. Default Setting 60 Command Mode Interface Config 10.7.2.
11. Web-Based Management Interface 11.1 Overview The Layer 3 Network Switch provides a built-in browser software interface that lets you configure and manage it remotely using a standard Web browser such as Microsoft Internet Explorer or Netscape Navigator. This software interface also allows for system monitoring and management of the Network Switch. When you configure this Network Switch for the first time from the console, you have to assign an IP address and subnet mask to the Network Switch.
7. IPv4 Multicast Menu: This section provides users to configure IGMP, DVMRP, Multicast, PIM-DM, PIM-SM. It also provides information for a multicast distribution tree. 8. IPv6 Multicast Menu: This section provides users to configure MLD, PIM-DM, PIM-SM. It also provides information for a multicast distribution tree. 11.2 System Menu 11.2.1 View ARP Cache The Address Resolution Protocol (ARP) dynamically maps physical (MAC) addresses to Internet (IP) addresses.
Non-Configurable Data System Description - The product name of this switch. Machine Type - The machine type of this switch. Machine Model - The model within the machine type. Serial Number - The unique box serial number for this switch. Part Number - The manufacturing part number. Base MAC Address - The burned-in universally administered MAC address of this switch. Hardware Version - The hardware version of this switch. It is divided into four parts.
Boot Rom Version - The release-version number of the boot rom code currently running on the switch. For example, if the release was 1, and the version was 2, the format would be '1.2'. Label Revision Number - The label revision serial number of this switch is used for manufacturing purpose. Runtime Version - The release-version number of the code currently running on the switch. For example, if the release was 1, and the version was 2, the format would be '1.2..
Interface = y...................... SFP+(The yth 10-Giga information of switch 1). 10 Gigabit Ethernet Compliance Codes: Transceiver’s compliance codes. Vendor Name: The SFP transceiver vendor name shall be the full name of the corporation, a commonly accepted abbreviation of the name of the corporation, the SCSI company code for the corporation, or the stock exchange code for the corporation. Vendor Part Number: Part number provided by SFP transceiver vendor.
Configurable Data System Name - Enter the name you want to use to identify this switch. You may use up to 31 alpha-numeric characters. The factory default is blank. System Location - Enter the location of this switch. You may use up to 31 alpha-numeric characters. The factory default is blank. System Contact - Enter the contact person for this switch. You may use up to 31 alpha-numeric characters. The factory default is blank.
System Up time - The time in days, hours and minutes since the last switch reboot. Current SNTP Syncronized Time - Displays currently synchronized SNTP time in UTC. If time is not syncronised, it displays "Not Syncronized." MIBs Supported - The list of MIBs supported by the management agent running on this switch. Command Buttons Submit - Update the switch with the values on the screen. If you want the switch to retain the new values across a power cycle you must perform a save. 11.2.3.
Non-Configurable Data Burned-in MAC Address - The burned-in MAC address used for in-band connectivity. Default Routers - The IPv6 default routers. Command Buttons Submit - Update the switch with the values on the screen. If you want the switch to retain the new values across a power cycle you must perform a save. Delete - Delete a IPv6 prefix. 11.2.3.3 Configuring ServicePort NDP Summary This screen displays IPv6 Service Port Neighbor entries.
11.2.3.4 Configuring Network Connectivity Page The network interface is the logical interface used for in-band connectivity with the switch via any of the switch's front panel ports. The configuration parameters associated with the switch's network interface do not affect the configuration of the front panel ports through which traffic is switched or routed. To access the switch over a network you must first configure it with IP information (IP address, subnet mask, and default gateway).
Subnet Mask - The IP subnet mask for the interface. The factory default value is 0.0.0.0 Default Gateway - The default gateway for the IP interface. The factory default value is 0.0.0.0 Management VLAN ID - Specifies the management VLAN ID of the switch. It may be configured to any value in the range of 1 - 3965. The management VLAN is used for management of the switch. This field is configurable for administrative users and read-only for other users.
Command Buttons Refresh - Refresh the data on the screen with the present state of the data in the router. 11.2.3.6 HTTP Configuration Configurable Data HTTP Session Soft Timeout - This field is used to set the inactivity timeout for HTTP sessions. The value must be in the range of (0 to 60) minutes. A value of zero corresponds to an infinite timeout. The default value is 5 minutes. The currently configured value is shown when the web page is displayed.
Selection Criteria Maximum Number of Telnet Sessions - Use the pulldown menu to select how many simultaneous telnet sessions will be allowed. The maximum is 5, which is also the factory default. Allow New Telnet Sessions - If you set this to no, new telnet sessions will not be allowed. The factory default is yes. Telnet Server Admin Mode - Administrative mode for inbound telnet sessions. Setting this value to disable shuts down the telnet port.
Selection Criteria Admin Mode - Specifies if the Outbound Telnet service is Enabled or Disabled. Default value is Enabled. Maximum Sessions - Specifies the maximum number of Outbound Telnet Sessions allowed. Default value is 5. Valid Range is (0 to 5). Configurable Data Session Timeout - Specifies the Outbound Telnet login inactivity timeout. Default value is 5. Valid Range is (1 to 160). Command Buttons Submit - Sends the updated configuration to the switch. Configuration changes take effect immediately.
11.2.3.10 Configuring Serial Port Page Selection Criteria Baud Rate (bps) - Select the default baud rate for the serial port connection from the pull-down menu. You may choose from 1200, 2400, 4800, 9600, 19200, 38400, 57600, and 115200 baud. The factory default is 9600 baud. Configurable Data Serial Port Login Timeout (minutes) - Specify how many minutes of inactivity should occur on a serial port connection before the switch closes the connection.
By default, two user accounts exist: − admin, with 'Read/Write' privileges − guest, with 'Read Only' privileges By default, both of these accounts have blank passwords. The names are not case sensitive. If you logon with a user account with 'Read/Write' privileges (that is, as admin) you can use the User Accounts screen to assign passwords and set security parameters for the default accounts, and to add and delete accounts (other than admin) up to the maximum of six.
Password - Enter the optional new or changed password for the account. It will not display as it is typed, only asterisks (*) will show. Passwords are up to eight alpha numeric characters in length, and are case sensitive. Confirm Password - Enter the password again, to confirm that you entered it correctly. This field will not display, but will show asterisks (*). Encryption Key - If you selected DES in the Encryption Protocol field enter the SNMPv3 Encryption Key here. Otherwise this field is ignored.
Selection Criteria Authentication List - Select the authentication login list you want to configure. Select 'create' to define a new login list. When you create a new login list, 'local' is set as the initial authentication method. Method 1 - Use the dropdown menu to select the method that should appear first in the selected authentication login list.
Non-Configurable Data ID - Identifies the ID of this row. User Name - Shows the user name of user who made the session. Connection From - Shows the IP from which machine the user is connected. Idle Time - Shows the idle session time. Session Time - Shows the total session time. Session Type – Shows the type of session: telnet, serial or SSH. Command Buttons Refresh - Update the information on the page. 11.2.3.
11.2.3.15 Defining User Login Page Each configured user is assigned to a login list that specifies how the user should be authenticated when attempting to access the switch or a port on the switch. After creating a new user account on the User Account screen, you should assign that user to a login list for the switch using this screen and, if necessary, to a login list for the ports using the Port Access Control User Login Configuration screen.
Configurable Data Password Minimum Length - All new local user passwords must be at least this many characters in length. Password Aging (days) - The maximum time that user passwords are valid, in days, from the time the password is set. Once a password expires, the user will be required to enter a new password following the first login after password expiration. A value of 0 indicates that passwords never expire. Password History - The number of previous passwords to store for prevention of password reuse.
Selection Criteria TCP Fragment - Enable or disable this option by selecting the corresponding line on the pulldown entry field. Enabling TCP Fragment DoS prevention causes the switch to drop packets that have a TCP header smaller then the configured Min TCP Hdr Size. The factory default is disabled. ICMP - Enable or disable this option by selecting the corresponding line on the pulldown entry field.
packets that have TCP Flags FIN, URG, and PSH set and TCP Sequence Number=0. The factory default is disabled. TCP Flag&Sequence - Enable or disable this option by selecting the corresponding line on the pulldown entry field. Enabling TCP Flag DoS prevention causes the switch to drop packets that have TCP control flags set to 0 and TCP sequence number set to 0. The factory default is disabled. TCP SYN - Enable or disable this option by selecting the corresponding line on the pulldown entry field.
Configurable Data Aging Interval(secs) - The forwarding database contains static entries, which are never aged out, and dynamically learned entries, which are removed if they are not updated within a given time. You specify that time by entering a value for the Address Ageing Timeout. You may enter any number of seconds between 10 and 1000000. IEEE 802.1D recommends a default of 300 seconds, which is the factory default. Command Buttons Submit - Update the switch with the values on the screen.
ifIndex - The ifIndex of the MIB interface table entry associated with the source port. Status - The status of this entry. The possible values are: Static: the entry was added when a static MAC filter was defined. Learned: the entry was learned by observing the source MAC addresses of incoming traffic, and is currently in use. Management: the system MAC address, which is identified with interface 0.1. Self: the MAC address of one of the switch's physical interfaces.
11.2.5.2 Viewing Buffered Log Page This help message applies to the format of all logged messages which are displayed for the buffered log, persistent log, or console log. Format of the messages <15>Aug 24 05:34:05 STK0 MSTP[2110]: mspt_api.
Selection Criteria Admin Mode - Enable/Disable the operation of the CLI Command logging by selecting the corresponding pulldown field and clicking Submit. Command Buttons Submit - Update the switch with the values you entered. 11.2.5.4 Configuring Console Log Page This allows logging to any serial device attached to the host. Selection Criteria Admin Status -A log that is "Disabled" shall not log messages. A log that is "Enabled" shall log messages.
− Info (6): informational messages − Debug(7): debug-level messages Command Buttons Submit - Update the switch with the values you entered. 11.2.5.5 Viewing Event Log Page Use this panel to display the event log, which is used to hold error messages for catastrophic events. After the event is logged and the updated log is saved in FLASH memory, the switch will be reset.
Clear Log - Remove all log information. 11.2.5.6 Configuring Hosts configuration Page Selection Criteria Host - This is a list of the hosts that have been configured for syslog. Select a host for changing the configuration or choose to add a new hosts from the drop down list. Severity Filter -A log records messages equal to or above a configured severity threshold. Select the severity option by selecting the corresponding line on the pulldown entry field.
11.2.5.7 Configuring Terminal Log Configuration Page This allows logging to any terminal client connected to the switch via telnet or SSH. To receive the log messages, terminals have to enable "terminal monitor" via CLI command. Selection Criteria Admin Status -A log that is "Disabled" shall not log messages to connected terminals. A log that is "Enabled" shall log messages to connected terminals. Enable or Disable logging by selecting the corresponding line on the pulldown entry field.
− Informational(6): informational messages − Debug(7): debug-level messages Command Buttons Submit - Update the switch with the values you entered. 11.2.5.8 Configuring syslog configuration Page Selection Criteria Admin Status -For Enabling and Disabling logging to configured syslog hosts. Setting this to disable stops logging to all syslog hosts. Disable means no messages will be sent to any collector/relay.
11.2.6 Managing Switch Interface 11.2.6.1 Configuring Switch Interface Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Admin Mode - Use the pulldown menu to select the Port control administration state. You must select enable if you want the port to participate in the network. The factory default is enabled. LACP Mode - Selects the Link Aggregation Control Protocol administration state.
The actual packet rate for switch will convert from the input level and the speed of that interface. (see table 1 and table 2) Table 1. For 10/100Mbps/1Gbps Table 2. For 10Gbps Level Packet Rate (pps) Level Packet Rate (pps) 1 64 1 1042 2 128 2 2048 3 256 3 3124 4 512 4 4167 Multicast Storm Control - Used to enable or disable the multicast storm feature on the selected interface. Multicast storm control value could be set Level 1, Level 2, Level 3, and Level 4.
Selection Criteria MST ID - Select the Multiple Spanning Tree instance ID from the list of all currently configured MST ID's to determine the values displayed for the Spanning Tree parameters. Changing the selected MST ID will generate a screen refresh. If Spanning Tree is disabled this will be a static value, CST, instead of a selector. Non-Configurable Port Status Data Slot/Port - Identifies the port Port Type - For normal ports this field will be blank.
Port Role - Each MST Bridge Port that is enabled is assigned a Port Role for each spanning tree. The port role will be one of the following values: Root Port, Designated Port, Alternate Port, Backup Port, Master Port, or Disabled Port. Admin Mode - The Port control administration state. The port must be enabled in order for it to be allowed into the network. The factory default is enabled. LACP Mode - Indicates the Link Aggregation Control Protocol administration state.
Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Configurable Data Port Description Enter the Description string to be attached to a port. It can be up to 64 characters in length. Non-Configurable Data Slot/Port - Identifies the port Physical Address - Displays the physical address of the specified interface. PortList Bit Offset - Displays the bit offset value which corresponds to the port when the MIB object type PortList is used to manage in SNMP.
Selection Criteria Slot/Port - This field indicates the interface to which the cable to be tested is connected. Non-Configurable Data Interface - Displays the interface tested in the Slot/Port notation. This field is displayed after the "Test Cable" button has been clicked and results are available. This field is not visible when the page is initially displayed. Cable Status - This displays the cable status as Normal, Open or Short. Normal: the cable is working correctly.
Selection Criteria Session - Select a port mirroring session from the list. The number of sessions allowed is platform specific. By default the First Session is selected. Up to 1 sessions are supported. Mode - Specifies the Session Mode for a selected session ID. The default Session Mode is disabled. Destination Port - Acts as a probe port and will receive all the traffic from configured mirrored port(s). Default value is blank.
Selection Criteria Slot/Port - Select the physical interface for which you want to display or configure data. Configurable Data Interface Mode - This specifies the administrative mode via which Double VLAN Tagging can be enabled or disabled. The default value for this is Disabled. Interface EtherType - The two-byte hex EtherType to be used as the first 16 bits of the DVlan tag. • 802.
Non-Configurable Data Slot/Port - The physical interface for which data is being displayed. Interface Mode - This specifies the administrative mode via which Double VLAN Tagging can be enabled or disabled. The default value for this is Disabled. Interface EtherType - The two-byte hex EtherType to be used as the first 16 bits of the DVlan tag. • 802.
Configurable Data Version - Uniquely identifies the version and implementation of this MIB. The version string must have the following structure: MIB Version;Organization;Software Revision where: • MIB Version: '1.3', the version of this MIB. • Organization: Broadcom Corp. • Revision: 1.0. Agent Address - The IP address associated with this agent. Traffic Rate Summary Interval - The maximum number of seconds between successive summary of the counters associated with all interface.
sFlow Receiver Timeout - The time (in seconds) remaining before the sampler is released and stops sampling. A management entity wanting to maintain control of the sampler is responsible for setting a new value before the old one expires. Allowed range is (0 to 4294967295 secs) A value of zero sets the selected receiver configuration to its default values. sFlow Receiver Maximum Datagram Size - The maximum number of data bytes that can be sent in a single sample datagram.
Configurable Data Receiver Index - The sFlowReceiver associated with this counter poller. Allowed range is (1 to 8 ) Poller Interval - The maximum number of seconds between successive samples of the counters associated with this data source. A sampling interval of 0 disables counter sampling. Allowed range is (0 to 86400 secs) Non-Configurable Data Slot/Port - The interface for which data is being displayed. Receiver Index - The sFlowReceiver for this sFlow Counter Poller.
Slot/Port - The interface for which data is being displayed. Receiver Index - The sFlowReceiver for this sFlow sampler. Sampling Rate - The statistical sampling rate for packet sampling from this source. Maximum Header Size - The maximum number of bytes that should be copied from a sampled packet. Command Buttons Submit - Send the updated data to the switch and cause the changes to take effect on the switch. Refresh - Refresh the data on the screen with present state of data in the switch. 11.2.7.
Broadcast Packets Received Rate - The total number of packets received rates that were directed to the broadcast address. Note that this does not include multicast packets. Discarded Packets Received Rate - The number of inbound packets which were chosen to be discarded rates even though no errors had been detected to prevent their being deliverable to a higher-layer protocol. A possible reason for discarding a packet could be to free up buffer space.
Selection Criteria Community - You can use this screen to reconfigure an existing community, or to create a new one. Use this pulldown menu to select one of the existing community names, or select 'Create' to add a new one. Access Mode - Specify the access level for this community by selecting Read/Write or Read Only from the pull down menu. Status - Specify the status of this community by selecting Enable or Disable from the pull down menu.
11.2.8.2 Configuring SNMP Trap Receiver Configuration Page This menu will display an entry for every active Trap Receiver. Selection Criteria Community - You can use this screen to reconfigure an existing community, or to create a new one. Use this pulldown menu to select one of the existing community names, or select 'Create' to add a new one. SNMP Version - Select the trap version to be used by the receiver from the pull down menu: SNMP v1 - Uses SNMP v1 to send traps to the receiver.
11.2.8.3 Viewing SNMP supported MIBs Page This is a list of all the MIBs supported by the switch. Non-configurable Data Name - The RFC number if applicable and the name of the MIB. Description - The RFC title or MIB description. Command Buttons Refresh - Update the data. 11.2.9 Viewing Statistics 11.2.9.
Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with the Processor of this switch. Octets Received - The total number of octets of data received by the processor (excluding framing bits but including FCS octets). Unicast Packets Received - The number of subnetwork-unicast packets delivered to a higher-layer protocol. Multicast Packets Received - The total number of packets received that were directed to a multicast address.
Most Address Entries Ever Used - The highest number of Forwarding Database Address Table entries that have been learned by this switch since the most recent reboot. Address Entries in Use - The number of Learned and static entries in the Forwarding Database Address Table for this switch. Maximum VLAN Entries - The maximum number of Virtual LANs (VLANs) allowed on this switch. Most VLAN Entries Ever Used - The largest number of VLANs that have been active on this switch since the last reboot.
Packets Transmitted Without Errors - The total number of packets transmitted out of the interface. Broadcast Packets Transmitted - The total number of packets that higher-level protocols requested to be transmitted to the Broadcast address, including those that were discarded or not sent. Transmit Packet Errors - The number of outbound packets that could not be transmitted because of errors.
ifIndex - This object indicates the ifIndex of the interface table entry associated with this port on an adapter. Packets RX and TX 64 Octets - The total number of packets (including bad packets) received or transmitted that were 64 octets in length (excluding framing bits but including FCS octets).
Packets Received > 1522 Octets - The total number of packets received that were longer than 1522 octets (excluding framing bits, but including FCS octets) and were otherwise well formed. Total Packets Received Without Errors - The total number of packets received that were without errors. Unicast Packets Received - The number of subnetwork-unicast packets delivered to a higher-layer protocol. Multicast Packets Received - The total number of good packets received that were directed to a multicast address.
Packets Transmitted 1024-1518 Octets - The total number of packets (including bad packets) received that were between 1024 and 1518 octets in length inclusive (excluding framing bits but including FCS octets). Maximum Frame Size - The maximum ethernet frame size the interface supports or is configured, including ethernet header, CRC, and payload. (1518 to 9216). The default maximum frame size is 1518 .
Time Since Counters Last Cleared - The elapsed time, in days, hours, minutes, and seconds since the statistics for this port were last cleared. Command Buttons Clear Counters - Clear all the counters, resetting all statistics for this port to default values. Clear All Counters - Clear all the counters for all ports, resetting all statistics for all ports to default values. Refresh - Refresh the data on the screen with the present state of the data in the switch.
11.2.9.4 Viewing Each Port Summary Statistics Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with this port on an adapter. Total Packets Received without Errors - The total number of packets received that were without errors.
11.2.10 Managing System Utilities 11.2.10.1 Saving All Configuration Changed Page Command Buttons Save - Click this button to have configuration changes you have made saved across a system reboot. All changes submitted since the previous save or system reboot will be retained by the switch. 11.2.10.2 Resetting the Switch Page Command Buttons Reset - Select this button to reboot the switch. Any configuration changes you have made since the last time you issued a save will be lost.
Command Buttons Reset - Clicking the Reset button will reset all of the system login passwords to their default values. If you want the switch to retain the new values across a power cycle, you must perform a save. 11.2.10.4 Resetting the Passwords to Default Values Page Command Buttons Reset - Select this button to have all passwords reset to their factory default values. 11.2.10.5 Downloading Specific Files to Switch Flash Page Use this menu to download a file to the switch.
Selection Criteria File Type - Specify what type of file you want to download: Script - specify configuration script when you want to update the switch's script file. CLI Banner - Specify the banner that you want to display before user login to the switch. Code – Specify code when you want to upgrade the operational flash. Configuration - Specify configuration when you want to update the switch's configuration. If the file has errors the update will be stopped.
FTP/TFTP File Name (Target) - Enter the name on the switch of the file you want to save. You may enter up to 30 characters. The factory default is blank. Start File Transfer - To initiate the download you need to check this box and then select the submit button. Non-Configurable Data The last row of the table is used to display information about the progress of the file transfer. The screen will refresh automatically until the file transfer completes.
Start File Transfer - To initiate the upload you need to check this box and then select the submit button. Non-Configurable Data The last row of the table is used to display information about the progress of the file transfer. The screen will refresh automatically until the file transfer completes. Command Buttons Submit - Send the updated screen to the switch and perform the file upload. 11.2.10.7 Defining Configuration and Runtime Startup File Page Specify the file used to start up the system.
Configurable Data Configuration File - Configuration files. Runtime File - Run-time operation codes. Script File - Configuration script files. Command Buttons Remove File - Send the updated screen to the switch and perform the file remove. 11.2.10.9 Copying Running Configuration to Flash Page Use this menu to copy a start-up configuration file from the running configuration file on switch. Configurable Data File Name - Enter the name you want to give the file being copied.
11.2.10.10 Defining Ping Function Page Use this screen to tell the switch to send a Ping request to a specified IP address. You can use this to check whether the switch can communicate with a particular IP station. Once you click the Submit button, the switch will send three pings and the results will be displayed below the configurable data. If a reply to the ping is not received, you will see No Reply Received from IP xxx.xxx.xxx.xxx, otherwise you will see Reply received from IP xxx.xxx.xxx.
Selection Criteria Ping - Select either global IPv6 Address or Link Local Address to ping. Interface - Select a IPv6 interface. Configurable Data IPv6 Address - Enter the IPv6 address of the station you want the switch to ping. The initial value is blank. The IPv6 Address you enter is not retained across a power cycle. Host name - Enter the host name of the station you want the switch to ping. Link Local Address - Enter the link local address of the station you want the switch to ping.
Selection Criteria IPv4 Address - Select the way "IPv4 Address" to trace. Host Name - Select the way "host name" to trace. Host Name V6 - Select the way "Host Name V6" to trace. IPv6 Address - Select the way "IPv6 Address" to trace. Configurable Data IP Address - Enter the IP address of the station you want the switch to discover path. The initial value is blank. The IP Address you enter is not retained across a power cycle. Probes Per Hop - Enter the number of probes per hop. The initial value is default.
11.2.11 Managing CDP Function 11.2.11.1 Defining CDP Configuration Page Use this menu to configure the parameters for CDP, which is used to discover a CISCO device on the LAN. Selection Criteria Admin Mode - CDP administration mode which are Enable and Disable. Slot/Port - Specifies the list of ports. Configurable Data Hold Time - the legal time period of a received CDP packet. Transmit Interval - the CDP packet sending interval. Command Buttons Submit - Send the updated screen to the switch.
Non-Configurable Data Device ID - Identifies the device name in the form of a character string. Intf - The CDP neighbor information receiving port. Time - The length of time a receiving device should hold CDP information before discarding it. Capability - Describes the device's functional capability in the form of a device type, for example, a switch. Platform - Describes the hardware platform name of the device, for example, FSC the L2 Network Switch.
Outgoing Packet Number - Transmitted CDP packets number from this device. Error Packet Number - Received illegal CDP packets number from neighbors. Command Buttons Clear Counters - Clear all the counters, resetting all switch summary and detailed statistics to default values. The discarded packets count cannot be cleared. Refresh - Refresh the data on the screen with the present state of the data in the switch. 11.2.12 Defining Trap Manager 11.2.12.
DVMRP Traps - Enabled or disable activation of DVMRP traps by selecting the corresponding line on the pulldown entry field. The factory default is disabled. OSPF Traps - Enabled or disable activation of OSPF traps by selecting the corresponding line on the pulldown entry field. The factory default is disabled. This field can be configured only if the OSPF admin mode is enabled. PIM Traps - Enabled or disable activation of PIM traps by selecting the corresponding line on the pulldown entry field.
Command Buttons Clear Log - Clear all entries in the log. Subsequent displays of the log will only show new log entries. 11.2.13 Configuring SNTP 11.2.13.1 Configuring SNTP Global Configuration Page Selection Criteria Client Mode - Specifies the mode of operation of SNTP Client. An SNTP client may operate in one of the following modes. • Disable - SNTP is not operational. No SNTP requests are sent from the client nor are any received SNTP messages processed.
Multicast Poll Interval - Specifies the number of seconds between multicast poll requests expressed as a power of two when configured in multicast mode. Multicasts received prior to the expiry of this interval are discarded. Allowed range is (6 to 10). Default value is 6. Unicast Poll Timeout - Specifies the number of seconds to wait for an SNTP response when configured in unicast mode. Allowed range is (1 to 30). Default value is 5.
• Success - The SNTP operation was successful and the system time was updated. • Request Timed Out - A directed SNTP request timed out without receiving a response from the SNTP server. • Bad Date Encoded - The time provided by the SNTP server is not valid. • Version Not Supported - TheSNTP version supported by the server is not compatible with the version supported by the client. • Server Unsychronized - The SNTP server is not synchronized with its peers.
Selection Criteria Server - Specifies all the existing Server Addresses along with an additional option "Create". When the user selects "Create" another text box "Address" appears where the user may enter Address for Server to be configured. Address Type - Specifies the address type of the configured SNTP Server address. Allowed types are : • IPv4 Address • IPv6 Address • Host Name • Host Name V6 Configurable Data Address - Specifies the address of the SNTP server.
Non-Configurable Data Address - Specifies all the existing Server Addresses. If no Server configuration exists, a message saying "No SNTP server exists" flashes on the screen. Last Update Time - Specifies the local date and time (UTC) that the response from this server was used to update the system clock. Last Attempt Time - Specifies the local date and time (UTC) that this SNTP server was last queried. Last Attempt Status - Specifies the status of the last SNTP request to this server.
Configurable Data Year - Year (4-digit). (Range: 2000 - 2099). Month - Month. (Range: 1 - 12). Day - Day of month. (Range: 1 - 31). Hour - Hour in 24-hour format. (Range: 0 - 23). Minute - Minute. (Range: 0 - 59). Second - Second. (Range: 0 - 59). Command Buttons Submit - Send the updated screen to the switch. Changes take effect on the switch but these changes will not be retained across a power cycle unless a save is performed. 11.2.13.
Direction • before-utc - Sets the local time zone before (east) of UTC • after-utc - Sets the local time zone after (west) of UTC Configurable Data Time Zone Name - The name of time zone, usually an acronym. (Range: 1-15 characters). Time Zone Hours - The number of hours before/after UTC. (Range: 0-12 hours). Time Zone Minutes - The number of minutes before/after UTC. (Range: 0-59 minutes).
Command Buttons Reset - Send the updated screen to the switch perform the restart DHCP6 client. 11.2.14.2 Configuring DHCP Client-identifier Page Specify the DCHP client identifier for the switch. The DCHP client identifier is used to include a client identifier in all communications with the DHCP server. The identifier type depends on the requirements of your DHCP server. Selection Criteria DHCP Identifier - Specifies the type of DHCP Identifier.
11.2.15 Defining DNS Relay Function 11.2.15.1 Configuring DNS Relay Configuration Page The DNS protocol controls the Domain Name System (DNS), a distributed database with which you can map host names to IP addresses. When you configure DNS on your switch, you can substitute the host name for the IP address with all IP commands, such as ping, telnet, traceroute, and related Telnet support operations.
Selection Criteria Domain - Specifies all the existing domain names along with an additional option "Create". When the user selects "Create" another text box "Domain Name" appears where the user may enter domain name to be configured. Configurable Data Domain Name - Specifies the domain name. Do not include the initial period that separates an unqualified name from the domain name. This is a text string of up to 63 characters. Command Buttons Submit - Sends the updated configuration to the switch.
Protocol - Select IPv4 or IPv6 to configure the corresponding attributes. Name Server - Specifies all the existing domain name servers along with an additional option "Create". When the user selects "Create" another text box "IP Address" appears where the user may enter domain name server to be configured. Configurable Data IP Address - Specifies the address of the domain name server. Non-Configurable Data Request - Specifies the number of DNS requests since last agent reboots.
11.2.15.5 Configuring Hosts Configuration Page You can use this screen to change the configuration parameters for the static entry in the DNS table. You can also use this screen to display the contents of the table. Selection Criteria Protocol - Select IPv4 or IPv6 to configure the corresponding attributes. Domain - Specifies all the existing hosts along with an additional option "Create". When the user selects "Create" another text box "Domain Name" appears where the user may enter host to be configured.
11.3 Switching Menu 11.3.1 Managing DHCP Snooping 11.3.1.1 Configuring DHCP Snooping Configuration Page Configurable Data DHCP Snooping Mode - Enables or disables the DHCP Snooping feature. The factory default is disabled. MAC Address Validation - Enables or disables the validation of sender MAC Address for DHCP Snooping. The factory default is enabled. Command Buttons Submit - Applies the new configuration and causes the changes to take effect.
Command Buttons Submit - Applies the new configuration and causes the changes to take effect. These changes will not be retained across a power cycle unless a save configuration is performed. 11.3.1.3 Configuring DHCP Snooping Interface Configuration Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Configurable Data Trust State - If it is Enabled DHCP snooping application considers as port trusted. The factory default is disabled.
Configurable Data Slot/Port - Selects the interface to add a binding into the DHCP snooping database. MAC Address - Specify the MAC address for the binding to be added. This is the Key to the binding database. VLAN ID - Selects the VLAN from the list for the binding rule. The range of the VLAN ID is (1 to 3965). IP Address - Specify valid IP Address for the binding rule. Non-configurable data Static Binding List - Lists all the DHCP snooping static binding entries page by page.
• Lease Time - This is the remaining Lease time for the Dynamic entries • Page - Lists the Number of Pages the dynamic binding entries occupied. Select the Page Number from this list to display the particular Page entries. Command Buttons Add - Adds DHCP snooping binding entry into the database. Submit - Deletes selected static entries from the database. ClearAll - Deletes all DHCP Snooping binding entries. Refresh - Refresh the data on the screen with the present state of the data in the switch. 11.3.
11.3.1.6 DHCP Snooping Interface Statistics Page Selection Criteria Slot/Port - Select the un trusted and snooping enabled interface for which statistics to be displayed. Non-Configurable Data MAC Verify Failures - Number of packets that were dropped by DHCP Snooping as there is no matching DHCP Snooping binding entry found. Client Ifc Mismatch - The number of DHCP messages that are dropped based on source MAC address and client HW address verification.
Configurable Data IPSG - Enables or disables validation of Sender IP Address on this interface. If IPSG is Enabled Packets will not be forwarded if Sender IP Address is not in DHCP Snooping Binding database. The factory default is disabled. IPSG Port Security - Enables or disables the IPSG Port Security on the selected interface. If IPSG Port Security is enabled then the packets will not be forwarded if the sender MAC Address is not in FDB table and it is not in DHCP snooping binding database.
Configurable Data Slot/Port - Selects the interface to add a binding into the IPSG database. MAC Address - Specify the MAC address for the binding. VLAN ID - Selects the VLAN from the list for the binding rule. IP Address - Specify valid IP Address for the binding rule. Non-configurable Data IPSG Static Binding List - Lists all the IPSG static binding entries page by page. Ex: Page 1 displays first 15 static entries. Page 2 displays Next 15 static entries.
• Page - Lists the Number of Pages the IPSG dynamic binding entries occupied. Select the Page Number from this list to display the particular Page entries. Command Buttons Add - Adds DHCP snooping binding entry into the database. Submit - Deletes selected static entries from the database. Refresh - Refresh the data on the screen with the present state of the data in the switch. 11.3.3 Managing Dynamic ARP Inspection (DAI) 11.3.3.
11.3.3.2 Configuring DAI VLAN Configuration Page Selection Criteria VLAN List - Select the DAI Capable VLANs for which information has to be displayed or configured. Configurable Data Dynamic ARP Inspection - Indicates whether the Dynamic ARP Inspection is enabled on this VLAN. If this object is set to 'Enable' Dynamic ARP Inspection is enabled. If this object is set to 'Disable', Dynamic ARP Inspection is disabled.
Selection Criteria Slot/Port - Select the physical interface for which data is to be displayed or configured. Configurable Data Trusted State - Indicates whether the interface is trusted for Dynamic ARP Inspection purpose. If this object is set to 'Enable', the interface is trusted. ARP packets coming to this interface will be forwarded without checking. If this object is set to 'Disable', the interface is not trusted. ARP packets coming to this interface will be subjected to ARP inspection.
Configurable Data ARP ACL Name - This is used to create New ARP ACL for DAI. Remove - This is used to select the particular ACLs which you want to delete. Non-Configurable Data ARP ACL Name - This will list all the configured ARP ACL List. Command Buttons Add - This is used to create New ARP ACL. Delete - This is used to delete the entries selected using checkbox under Remove field. Refresh - Refresh the data on the screen with the present state of the data in the switch. 11.3.3.
Submit - This is used to delete the entries selected using checkbox under Remove field. Refresh - Refresh the data on the screen with the present state of the data in the switch. 11.3.3.6 Configuring DAI Statistics Page Selection Criteria VLAN ID - Select the DAI enabled VLAN ID for which statistics to be displayed. Non-Configurable Data DHCP Drops - Number of ARP packets that were dropped by DAI as there is no matching DHCP Snooping binding entry found.
Command Buttons Refresh - Refresh the data on the screen with the present state of the data in the switch. 11.3.4 Managing Filters 11.3.4.1 Configuring MAC filter Configuration Page Selection Criteria MAC Filter - This is the list of MAC address and VLAN ID pairings for all configured filters. To change the port mask(s) for an existing filter, select the entry you want to change. To add a new filter, select "Create Filter" from the top of the list.
11.3.4.2 MAC filter Summary Page Non-Configurable Data MAC Address - The MAC address of the filter in the format 00:01:1A:B2:53:4D. VLAN ID - The VLAN ID associated with the filter. Source Port Members - A list of ports to be used for filtering inbound packets. 11.3.5 Managing Port-based VLAN 11.3.5.1 Configuring Port-based VLAN Configuration Page Selection Criteria VLAN ID and Name - You can use this screen to reconfigure an existing VLAN, or to create a new one.
Participation - Use this field to specify whether a port will participate in this VLAN. The factory default is 'Autodetect'. The possible values are: • Include - This port is always a member of this VLAN. This is equivalent to registration fixed in the IEEE 802.1Q standard. • Exclude - This port is never a member of this VLAN. This is equivalent to registration forbidden in the IEEE 802.1Q standard. • Autodetect - Specifies that port may be dynamically registered in this VLAN via GVRP.
VLAN ID - The VLAN Identifier (VID) of the VLAN. The range of the VLAN ID is (1 to 3965). VLAN Name - The name of the VLAN. VLAN ID 1 is always named `Default`. VLAN Type - The VLAN type: Default ( VLAN ID = 1) -- always present Static -- a VLAN you have configured Dynamic -- a VLAN created by GVRP registration that you have not converted to static, and that GVRP may therefore remove. 11.3.5.
11.3.5.4 Viewing VLAN Port Summary Page Non-Configurable Data Slot/Port - The interface. Port VLAN ID - The VLAN ID that this port will assign to untagged frames or priority tagged frames received on this port. Acceptable Frame Types - Specifies the types of frames that may be received on this port. The options are 'VLAN only' and 'Admit All'. When set to 'VLAN only', untagged frames or priority tagged frames received on this port are discarded.
11.3.5.5 Resetting VLAN Configuration Page Command Buttons Reset - If you select this button and confirm your selection on the next screen, all VLAN configuration parameters will be reset to their factory default values. Also, all VLANs, except for the default VLAN, will be deleted. The factory default values are: 11.3.6 • All ports are assigned to the default VLAN of 1. • All ports are configured with a PVID of 1. • All ports are configured to an Acceptable Frame Types value of Admit All Frames.
Selection Criteria Group ID - The protected ports can be combined into a logical group. Traffic can flow between protected ports belonging to different groups, but not within the same group. The selection box lists all the possible protected port Group IDs supported for the current platform. The valid range of the Group ID is (0 to 2) . Configurable Data Group Name - It is a name associated with the protected ports group used for identification purposes.
Group ID - The protected ports can be combined into a logical group. Traffic can flow between protected ports belonging to different groups, but not within the same group. The valid range of the Group ID is (0 to 2) . Group Name - Displays the alphanumeric string associated with a Group ID. Protected Ports - The display list consists of all the protected ports.
Group ID - You can use this screen to reconfigure or delete an existing protocol-based VLAN, or create a new one. Use this pull down menu to select one of the existing PBVLANs, or select 'Create' to add a new one. A Group ID number will be assigned automatically when you create a new group. You can create up to 128 groups. Configurable Data Group Name - Use this field to assign a name to a new group. You may enter up to 16 characters.
Group ID - The number used to identify the group. It was automatically assigned when you created the group. Protocol(s) - The protocol(s) that belongs to the group. There are three configurable protocols: IP, IPX, and ARP. IP - IP is a network layer protocol that provides a connectionless service for the delivery of data. ARP - Address Resolution Protocol (ARP) is a low-level protocol that dynamically maps network layer addresses to physical medium access control (MAC) addresses.
VLAN ID - VLAN ID can be any number in the range of (1 to 3965). Command Buttons Submit - Update the switch with the values on this screen. If you want the switch to retain the new values across a power cycle, you must perform a save. Delete - Delete an entry of IP Subnet to VLAN mapping. 11.3.8.2 Viewing IP Subnet-based VLAN Information Page Non-Configurable Data IP Address - The IP Address of the subnet that is being bound to a VLAN ID. Subnet Mask - Subnet mask of the IP Address bound to VLAN ID.
ingress processing on the packet continues, otherwise the packet is dropped. This implies that the user is allowed to configure a MAC address mapping to a VLAN that has not been created on the system. Configurable Data MAC Address - Valid MAC Address which is to be bound to a VLAN ID. This field is configurable only when a MAC-based VLAN is created. VLAN ID - VLAN ID can be any number in the range of (1 to 3965). Command Buttons Submit - Update the switch with the values on this screen.
11.3.10 Managing MAC-based Voice VLAN 11.3.10.1 Voice VLAN Administration Page Configurable Data VLAN ID - Sets the VLAN as a Voice VLAN. Admin Mode - Enables or disables the Voice VLAN function. Command Buttons Submit - Applies the new configuration and causes the changes to take effect. These changes will not be retained across a power cycle unless a save configuration is performed. 11.3.10.2 Voice VLAN Configuration Page Selection Criteria MAC Address - You can use this screen to create a new one.
01:80:C2:00:00:20 to 01:80:C2:00:00:21 01:00:5E:00:00:00 to 01:00:5E:FF:FF:FF 33:33:00:00:00:00 to 33:33:FF:FF:FF:FF FF:FF:FF:FF:FF:FF Configurable Data MAC Address - Specify the MAC Address for the new Voice VLAN. (You can only enter data in this field when you are creating a new Voice VLAN.). MAC Address Mask - Use this optional field to specify a mask for the Voice VLAN.
11.3.11 Managing Voice VLAN 11.3.11.1 Voice VLAN Configuration Page Use this menu to configure the parameters for Voice VLAN Configuration. Note that only a user with Read/Write access privileges may change the data on this screen. Selection Criteria Voice VLAN Admin Mode - Select the administrative mode for Voice VLAN for the switch from the pulldown menu. The default is disable. Unit/Slot/Port - Select the physical interface for which you want to configure data.
11.3.12 Defining GARP 11.3.12.1 Viewing GARP Information Page This screen shows the GARP Status for the switch and for the individual ports. Note that the timers are only relevant when the status for a port shows as enabled. Non-Configurable Data Switch GVRP - Indicates whether the GARP VLAN Registration Protocol administrative mode for this switch is enabled or disabled. The factory default is disabled.
will need to rejoin in order to maintain registration. An instance of this timer exists for each GARP participant for each port. The Leave All Period Timer is set to a random value in the range of LeaveAllTime to 1.5*LeaveAllTime. Permissible values are 200 to 6000 centiseconds (2 to 60 seconds). The factory default is 1000 centiseconds (10 seconds). 11.3.12.2 Configuring the whole Switch GARP Configuration Page ! It can take up to 10 seconds for GARP configuration changes to take effect.
! It can take up to 10 seconds for GARP configuration changes to take effect. Selection Criteria Slot/Port - Select the physical interface for which data is to be displayed or configured. It is possible to set the parameters for all ports by selecting 'All'. Port GVRP Mode - Choose the GARP VLAN Registration Protocol administrative mode for the port by selecting enable or disable from the pull down menu.
11.3.13 Managing IGMP Snooping 11.3.13.1 Configuring IGMP Snooping Global Configuration Page Use this menu to configure the parameters for IGMP Snooping, which is used to build forwarding lists for multicast traffic. Note that only a user with Read/Write access privileges may change the data on this screen. Selection Criteria Admin Mode - Select the administrative mode for IGMP Snooping for the switch from the pulldown menu. The default is disable.
11.3.13.2 Defining IGMP Snooping Interface Configuration Page Selection Criteria Slot/Port - The single select box lists all physical ,VLAN and LAG interfaces. Select the interface you want to configure. Admin Mode - Select the interface mode for the selected interface for IGMP Snooping for the switch from the pulldown menu. The default is disable. Fast Leave Admin mode - Select the Fast Leave mode for the a particular interface from the pulldown menu. The default is disable.
Selection Criteria VLAN ID - Specifies list of VLAN IDs for which IGMP Snooping is enabled. Fast Leave Admin Mode - Enable or disable the Igmp Snooping Fast Leave Mode for the specified VLAN ID. Configurable Data VLAN ID - Appears when "New Entry" is selected in VLAN ID combo box. Specifies VLAN ID for which pre-configurable Snooping parameters are to be set. Admin Mode - Enable or disable the Igmp Snooping for the specified VLAN ID.
Non-Configurable Data VLAN ID - All Vlan Ids for which the IGMP Snooping mode is Enabled. Admin Mode - Igmp Snooping Mode for Vlan ID. Fast Leave Admin Mode - Fast Leave Mode for Vlan ID. Group Membership Interval - Group Membership Interval of IGMP Snooping for the specified VLAN ID. Valid range is 2 to 3600. Maximum Response Time - Maximum Response Time of IGMP Snooping for the specified VLAN ID. Valid range is 1 to 3599.Its value should be greater than group membership interval value.
Selection Criteria Slot/Port - The single select box lists all physical and LAG interfaces. Select the interface for which you want to display the statistics. Non-Configurable Data Multicast Router - Specifies for the selected interface whether multicast router is enable or disabled. Command Buttons Refresh - Refetch the database and display it again starting with the first entry in the table. 11.3.13.
Configurable Data VLAN ID - VLAN ID for which the Multicast Router Mode is to be Enabled or Disabled. Command Buttons Submit - Update the switch with the values you entered. 11.3.13.8 Viewing Multicast Router VLAN Statistics Page Selection Criteria Slot/Port - The select box lists all Slot/Ports. Select the interface for which you want to display the statistics. Non-Configurable Data VLAN ID - All Vlan Ids for which the Multicast Router Mode is Enabled Multicast Router - Multicast Router Mode for Vlan ID.
MAC Filter - This is the list of MAC address and VLAN ID pairings for all configured L2Mcast Groups. To change the port mask(s) for an existing L2Mcast Group, select the entry you want to change. To add a new L2Mcast Group, select "Create Filter" from the top of the list. VLAN ID - The VLAN ID used with the MAC address to fully identify packets you want L2Mcast Group. You can only change this field when you have selected the "Create Filter" option.
11.3.14 Managing IGMP Snooping Querier 11.3.14.1 Configuring IGMP Snooping Querier Configuration Page Use this menu to configure the parameters for IGMP Snooping Querier, Note that only a user with Read/Write access privileges may change the data on this screen. Selection Criteria Snooping Querier Admin Mode - Select the administrative mode for IGMP Snooping for the switch from the pulldown menu. The default is disable.
Selection Criteria VLAN ID - Selects the VLAN ID on which IGMP Snooping Querier is enabled. Querier Election Participate Mode - Enable or disable the Igmp Snooping Querier participate in election mode. When this mode is disabled, up on seeing other querier of same version in the vlan, the snooping querier move to non querier state.
VLAN ID Search- Enter VLAN ID, then click on the search button. If the record exists, that entry will be displayed. An exact match is required. Non-Configurable Data Admin Mode - Display the administrative mode for IGMP Snooping for the switch. VLAN ID Search- Enter VLAN ID, then click on the search button. If the record exists, that entry will be displayed. An exact match is required. Querier Election Participate Mode - Displays the querier election participate mode on the VLAN.
Last Querier Version - Displays the IGMP protocol version of the last querier from which a query was snooped on the VLAN. Operational Max Response Time - Displays maximum response time to be used in the queries that are sent by the Snooping Querier. Command Buttons Refresh - Reload the information on the page. 11.3.15 Managing MLD Snooping 11.3.15.
Selection Criteria Admin Mode - Select the administrative mode for MLD Snooping for the switch from the pulldown menu. The default is disable. Non-Configurable Data Multicast Control Frame Count - The number of multicast control frames that are processed by the CPU. Interfaces Enabled for MLD Snooping - A list of all the interfaces currently enabled for MLD Snooping. Data Frames Forwarded by the CPU - The number of data frames forwarded by the CPU.
Multicast Router Present Expiration Time - Specify the amount of time you want the switch to wait to receive a query on an interface before removing it from the list of interfaces with multicast routers attached. Enter a value between 0 and 3600 seconds. The default is 0 seconds. A value of zero indicates an infinite timeout, i.e. no expiration. Command Buttons Submit - Update the switch with the values you entered.
11.3.15.3 Configuring MLD Snooping VLAN Configuration Page Selection Criteria VLAN ID - Specifies list of VLAN IDs for which MLD Snooping is enabled. Fast Leave Admin Mode - Enable or disable the MLD Snooping Fast Leave Mode for the specified VLAN ID. Configurable Data VLAN ID - Appears when "New Entry" is selected in VLAN ID combo box. Specifies VLAN ID for which pre-configurable Snooping parameters are to be set.
Non-Configurable Data VLAN ID - All Vlan Ids for which the MLD Snooping mode is Enabled. Admin Mode - MLD Snooping Mode for Vlan ID. Fast Leave Admin Mode - Fast Leave Mode for Vlan ID. Group Membership Interval - Group Membership Interval of MLD Snooping for the specified VLAN ID. Valid range is 2 to 3600. Maximum Response Time - Maximum Response Time of MLD Snooping for the specified VLAN ID. Valid range is 1 to 65. Its value should be greater than group membership interval value.
Selection Criteria Slot/Port - The single select box lists all physical and LAG interfaces. Select the interface for which you want to display the status. Non-Configurable Data Multicast Router - Specifies for the selected interface whether multicast router is enable or disabled. Command Buttons Refresh - Re-fetch the database and display it again starting with the first entry in the table. 11.3.15.
11.3.15.8 Configuring Multicast Router VLAN Status Page Selection Criteria Slot/Port - The select box lists all Slot/Ports.Select the interface for which you want to display the status. Non-Configurable Data VLAN ID - All Vlan Ids for which the Multicast Router Mode is Enabled. Multicast Router - Multicast Router Mode for Vlan ID. Command Buttons Refresh - Re-fetch the database and display it again starting with the first entry in the table. 11.3.15.
00:00:00:00:00:00 33:33:00:00:00:01 to 33:33:00:00:00:FF FF:FF:FF:FF:FF:FF Solt/Port(s) - List the ports you want included into L2Mcast Group. Command Buttons Submit - Update the switch with the values on the screen. If you want the switch to retain the new values across a power cycle you must perform a save. Delete - Remove the currently selected L2Mcast Group. 11.3.15.10 Viewing L2 Multicast Group Status Page Use this panel to display information about entries in the L2Mcast Static/Dynamic Groups.
11.3.16 Managing MLD Snooping Querier 11.3.16.1 Configuring MLD Snooping Querier Configuration Page Use this menu to configure the parameters for MLD Snooping Querier, Note that only a user with Read/Write access privileges may change the data on this screen. Selection Criteria Snooping Querier Admin Mode - Select the administrative mode for MLD Snooping for the switch from the pulldown menu. The default is disable.
Selection Criteria VLAN ID - Selects the VLAN ID on which MLD Snooping Querier is enabled. Querier Election Participate Mode - Enable or disable the Igmp Snooping Querier participate in election mode. When this mode is disabled, up on seeing other querier of same version in the vlan, the snooping querier move to non querier state.
Non-Configurable Data VLAN ID - Specifies the VLAN ID on which MLD Snooping Querier is administratively enabled. Admin Mode - Display the administrative mode for MLD Snooping for the switch. Querier Election Participate Mode - Displays the querier election participate mode on the VLAN. When this mode is disabled, up on seeing a query of the same version in the vlan, the snooping querier move to non querier state.
Operational Max Response Time - Displays maximum response time to be used in the queries that are sent by the Snooping Querier. 11.3.17 Managing Port-Channel 11.3.17.1 Configuring Port-Channel Configuration Page Selection Criteria Port Channel Name – You can use this screen to reconfigure an existing Port Channel, or to create a new one. Use this pull down menu to select one of the existing Port Channels, or select 'Create' to add a new one. There can be a maximum of 6 Port Channels.
• Source and destination MAC address - Sets the mode on the source and destination MAC addresses. • Source IP address - Sets the mode on the source IP address. • Destination IP address - Sets the mode on the destination IP address. • Source and destination IP address - Sets the mode on the source and destination IP addresses. Participation - For each port specify whether it is to be included as a member of this Port Channel or not. The default is excluded.
Port Channel Type - The type of this Port Channel. Admin Mode - The Administrative Mode of the Port Channel, enable or disable. Link Status - Indicates whether the Link is up or down. STP Mode - The Spanning Tree Protocol Administrative Mode associated with the Port Channel. The possible values are: Disable - spanning tree is disabled for this Port Channel. Enable - spanning tree is enabled for this Port Channel. Static Mode – Indicates whether port channel is static or dynamic.
Configurable Data MAC Address - Enter the VLAN ID - MAC Address pair whose MFDB table entry you want displayed. Enter eight two-digit hexadecimal numbers separated by colons, for example 00:01:23:43:45:67:89:AB. The first two two-digit hexadecimal numbers are the VLAN ID and the remaining numbers are the MAC address. Then click on the "Search" button. If the address exists, that entry will be displayed. An exact match is required.
Non-Configurable Data MAC Address - A VLAN ID - multicast MAC address pair for which the switch has forwarding and/or filtering information. The format is 8 two-digit hexadecimal numbers that are separated by colons, for example 00:01:23:45:67:89:AB:CD. Type - This displays the type of the entry. Static entries are those that are configured by the user. Dynamic entries are added to the table as a result of a learning process or protocol. Description - The text description of this multicast table entry.
11.3.18.4 Viewing MLD Snooping MFDB Table Page Non-Configurable Data MAC Address - A VLAN ID - multicast MAC address pair for which the switch has forwarding and or filtering information. The format is 8 two-digit hexadecimal numbers that are separated by colons, for example 00:01:23:45:67:89:AB:CD. Type - This displays the type of the entry. Static entries are those that are configured by the user. Dynamic entries are added to the table as a result of a learning process or protocol.
Refresh - Refresh the data on the screen with the present state of the data in the switch. 11.3.19 Managing Spanning Tree 11.3.19.1 Configuring Switch Spanning Tree Configuration Page Selection Criteria Spanning Tree Mode - Specifies whether spanning tree operation is enabled on the switch. Value is enabled or disabled Spanning Tree Forward BPDU - Specifies whether spanning tree for BPDU is enabled on the switch. Value is enabled or disabled.
Command Buttons Submit - Applies the new configuration and causes the changes to take effect. These changes will not be retained across a power cycle unless a save configuration is performed. Refresh - Refreshes the screen with most recent data. 11.3.19.2 Configuring Spanning Tree CST Configuration Page Selection Criteria BPDU Guard - Specifies whether BPDU Guard is enabled for the Common and Internal Spanning tree (CST).
Bridge Hello Time - Specifies the bridge hello time for the Common and Internal Spanning tree (CST), with the value being less than or equal to "(Bridge Max Age / 2) - 1". The default hello time value is 2. Bridge Forward Delay- Specifies the time spent in "Listening and Learning" mode before forwarding packets. Bridge Forward Delay must be greater or equal to "(Bridge Max Age / 2) + 1". The time range is from 4 seconds to 30 seconds. The default value is 15.
Selection Criteria MST ID - Create a new MST which you wish to configure or configure already existing MSTs. Configurable Data MST ID - This is only visible when the select option of the MST ID select box is selected. The ID of the MST being created. Valid values for this are between 1 and 4054. Priority - The bridge priority for the MST instance selected. The bridge priority is set in multiples of 4096. For example if you attempt to set the priority to any value between 0 and 4095, it will be set to 0.
Delete - Deletes the selected MST instance. All VLANs associated with the instance are associated with the CST Refresh - Refreshes the screen with most recent data. 11.3.19.4 Configuring each Port CST Configuration Page Selection Criteria Slot/Port - Selects one of the physical or LAG interfaces associated with VLANs associated with the CST.
Admin Edge Port - Specifies if the specified port is an Edge Port within the CIST. It takes a value of Enable or Disable, where the default value is Disable. BPDU Guard - Specifies whether BPDU Guard is enabled for the Common and Internal Spanning tree (CST). Value is enabled or disabled BPDU Filter - Specifies whether BPDU Filter is enabled for the Common and Internal Spanning tree (CST).
Designated Bridge - Bridge Identifier of the bridge with the Designated Port. It is made up using the bridge priority and the base MAC address of the bridge. Designated Port - Port Identifier on the Designated Bridge that offers the lowest cost to the LAN. It is made up from the port priority and the interface number of the port. Topology Change Acknowledge - Identifies whether the next BPDU to be transmitted for this port would have the topology change acknowledgement flag set.
Selection Criteria MST ID - Selects one MST instance from existing MST instances. Slot/Port - Selects one of the physical or LAG interfaces associated with VLANs associated with the selected MST instance. Configurable Data Port Priority - The priority for a particular port within the selected MST instance. The port priority is set in multiples of 16. For example, if you set the priority to any value between 0 and 15, it will be set to 0.
Designated Cost - Path Cost offered to the LAN by the Designated Port. Designated Bridge - Bridge Identifier of the bridge with the Designated Port. It is made up using the bridge priority and the base MAC address of the bridge. Designated Port - Port Identifier on the Designated Bridge that offers the lowest cost to the LAN. It is made up from the port priority and the interface number of the port. Loop Inconsistent State - This parameter identifies whether the port is in loop inconsistent state.
Command Buttons Refresh - Refreshes the screen with most recent data. 11.3.20 Defining 802.1p priority 11.3.20.1 Defining 802.1p Priority Mapping Page Selection Criteria Slot/Port - Select the physical interface for which you want to display or configure data. Select 'All' to set the parameters for all ports to the same values. Configurable Data Traffic Class - Specify which internal traffic class to map the corresponding 802.1p priority. Non-Configurable Data 802.1p Priority - Displays the 802.
11.3.21 Managing Port Security 11.3.21.1 Configuring Port Security Administration Mode Page Selection Criteria Port Security Mode - Enables or disables the Port Security feature. Command Buttons Submit - Applies the new configuration and causes the changes to take effect. These changes will not be retained across a power cycle unless a save configuration is performed. 11.3.21.2 Configuring Port Security Interface Page Selection Criteria Slot/Port - Selects the interface to be configured.
Enable violation traps- Enables or disables the sending of new violation traps designating when a packet with a disallowed MAC address is received on a locked port. Enable violation Shutdown- Enables or disables the Port Security Violation Shutdown mode for the selected interface. Configurable Data Maximum Number of Dynamically Learned MAC Addresses Allowed - Sets the maximum number of dynamically learned MAC addresses on the selected interface.
11.3.21.4 Viewing Port Security Dynamically Learnt MAC Address Page Selection Criteria Slot/Port - Select the physical interface for which you want to display data. Non-configurable data MAC Address - Displays the MAC addresses learned on a specific port. VLAN ID - Displays the VLAN ID corresponding to the MAC address. Number of Dynamic MAC addresses learned - Displays the number of dynamically learned MAC addresses on a specific port. 11.3.21.
11.3.21.6 Clearing Port Security Dynamically Learned MAC Addresses Page Use this menu to clear a Dynamic MAC addresses of port security on switch. Configurable Data Dynamically MAC Address - Accepts user input for the MAC address to be deleted. The factory default is blank Command Buttons Delete - Send the updated screen to the switch perform the MAC clear 11.3.22 Managing LLDP 11.3.22.
Hold Multiplier - Specifies the multiplier on Transmit Interval to assign TTL. The range is from (2 to 10). Default value is 4. Re-Initialization Delay - Specifies the delay before re-initialization. The range is from (1 to 10) . Default value is 2 seconds. Notification Interval - Specifies the interval in seconds for transmission of notifications. The range is from (5 to 3600) . Default value is 5 seconds.
• System Description - To include system description TLV in LLDP frames. • System Capabilities - To include system capability TLV in LLDP frames. • Port Description - To include port description TLV in LLDP frames. • Organization Specific - To include organization specific TLV in LLDP frames. Command Buttons Submit - Send the updated screen to the switch and cause the changes to take effect on the switch but these changes will not be retained across a power cycle unless a save is performed. 11.3.
11.3.22.4 Viewing LLDP Statistics Page Non-Configurable Data Last Update - Specifies the time when an entry was created, modified or deleted in the tables associated with the remote system. Total Inserts - Specifies the number of times the complete set of information advertised by a particular MAC Service Access Point (MSAP) has been inserted into tables associated with the remote systems.
TLV Discards - Specifies the number of LLDP TLVs discarded for any reason by the LLDP agent on the corresponding port. TLV Unknowns - Specifies the number of LLDP TLVs received on the local ports which were not recognized by the LLDP agent on the corresponding port. TLV MED - Specifies the total number of LLDP-MED TLVs received on the local ports. TLV 802.1 - Specifies the total number of LLDP TLVs received on the local ports which are of type 802.1. TLV 802.
Chassis ID - Specifies the string value used to identify the chassis component associated with the local system. Port ID Subtype - Specifies the string describes the source of the port identifier. Port ID - Specifies the string that describes the source of the port identifier. System Name - Specifies the system name of the local system. System Description - Specifies the description of the selected port associated with the local system.
Non-Configurable Data Interface - Specifies the ports on which LLDP - 802.1AB frames can be transmitted. Port ID - Specifies the string describes the source of the port identifier. Port Description - Specifies the description of the port associated with the local system. Command Buttons Refresh - Updates the information on the page. 11.3.22.
Selection Criteria Local Interface - Specifies all the local ports which can receive LLDP frames. Non-Configurable Data Remote ID - Specifies the remote client identifier assigned to the remote system. Chassis ID Subtype - Specifies the source of the chassis identifier. Chassis ID - Specifies the chassis component associated with the remote system. Port ID Subtype - Specifies the source of port identifier. Port ID - Specifies the port component associated with the remote system.
Management Address • Management Address - Specifies the advertised management address of the remote system. • Type - Specifies the type of the management address. MAC/PHY Configuration/Status • Auto-Negotiation - Specifies whether the auto-negotiation is supported and whether the auto-negotiation is enabled. • PMD Auto-Negoration Advertised Capabilities - Specifies the auto-negotiation and speed capabilities of the PMD.
Local Interface - Specifies the local port which can receive LLDP frames advertised by a remote system. Chassis ID - Specifies the chassis component associated with the remote system. Port ID - Specifies the port component associated with the remote system. System Name - Specifies the system name of the remote system. Remote Comparison - Display the result of comparison between LLDP local and remote devices information. Command Buttons Refresh - Updates the information on the page.
11.3.23.2 Configuring LLDP-MED Interface Configuration Page Selection Criteria Interface - Specifies the list of ports on which LLDP-MED - 802.1AB can be configured. 'All' option is provided to configure all interfaces on the DUT and to be consistent with CLI. To view the summary of all interfaces refer to 'Interface Summary' webpage. Interface configuration page will not be able to display summary of 'All' interfaces, summary of individual interfaces is visible from 'Interface Configuration' webpage.
Non-Configurable Data Interface - Specifies all the ports on which LLDP-MED can be configured. Link Status - Specifies the link status of the ports whether it is Up/Down. MED Status - Specifies the LLDP-MED mode is enabled or disabled on this interface. Operational Status - Specifies the LLDP-MED TLVs are transmitted or not on this interface. Notification Status - Specifies the LLDP-MED topology notification mode of the interface. Transmit TLV(s) - Specifies the LLDP-MED transmit TLV(s) that are included.
Selection Criteria Interface - Specifies the list of all the ports on which LLDP-MED frames can be transmitted. Non-Configurable Data Network Policy Information - Specifies if network policy TLV is present in the LLDP frames. Media Application Type - Specifies the application type. Types of application types are unknown, voicesignaling, guestvoice, guestvoicesignalling, softphonevoice, videoconferencing, streammingvideo, vidoesignalling.
11.3.23.5 Configuring LLDP-MED Remote Device Information Page Selection Criteria Local Interface - Specifies the list of all the ports on which LLDP-MED is enabled. Non-Configurable Data Capability Information - Specifies the supported and enabled capabilities that was received in MED TLV on this port. Supported Capabilities - Specifies supported capabilities that was received in MED TLV on this port. Enabled Capabilities - Specifies enabled capabilities that was received in MED TLV on this port.
VLAN Id - Specifies the VLAN id associated with a particular policy type. Priority - Specifies the priority associated with a particular policy type. DSCP - Specifies the DSCP associated with a particular policy type. Unknown Bit Status - Specifies the unknown bit associated with a particular policy type. Tagged Bit Status - Specifies the tagged bit associated with a particular policy type. Inventory Information - Specifies if location TLV is received in LLDP frames on this port.
Selection Criteria Admin Mode - Enable or disable the VTP feature. Device Mode - Use the pulldown menu to select the VTP device mode(client, server and transparent). The default operational mode of VTP device is "server". Pruning Mode - Enable or disable the VTP pruning mode. V2 Mode - Enable or disable the VTP version 2 mode. Trunkport - Enable or disable the VTP trunkport for specified interface. Configurable Data Domain Name - Set the name of the VTP administrative domain.
Non-configurable data VTP Status - Displays the VTP Status. VTP Version - Displays the VTP version operating on the switch. Configuration Revision - Displays the current configuration revision number on this switch. Maximum VTP supported VLANs - Maximum number of VLANs supported locally. Support VLAN number - Number of existing VLANs. Operating mode - Displays VTP operating mode. Domain Name - Displays the name that identifies the administrative domain for the switch.
11.3.25 Managing Link State 11.3.25.1 Configuring Link State Configuration Page Selection Criteria Admin Mode - Choose the link state administrative mode for the switch by selecting enable or disable from the pull-down menu. The factory default is disabled. Group ID – You can use this screen to reconfigure an existing group or to create a new one. Use this pull-down menu to select one of the existing groups or select 'Create' to add a new one.
Selection Criteria Admin Mode - The administrative mode of the link state function. Group ID - The group identify of the link state. The range of the group ID is 1 ~ 6. Mode - The administrative mode of the group. Upstream port - The monitored uplink port, and the link state of this uplink port. Downstream ports - The downlink ports for link state. Command Buttons Refresh - Refresh the data on the screen with the present state of the data in the switch. 11.3.26 Managing Port-Backup 11.3.26.
Group Mode - Choose the group administrative mode for the switch by selecting enable or disable from the pull-down menu. The factory default is disabled. You could enable this group as active port and backup port are configured. Active port - Configure the active port for a group. 6 port pair for six 1Gbps are configurable for active port. Backup port - Choose the backup port for a group. 6 port pair for six 1Gbps are configurable for backup port.
11.3.27 Managing FIP-Snooping 11.3.27.1 Configuring FIP-Snooping Configuration Selection Criteria Admin Mode - Enable/Disable FIP Snooping function. • Enable - Enable FIP Snooping and start the FIP Snooping process. • Disable - Disable ETS and stop the ETS process. The system's default FIP Snooping admin mode is disabled. Vlan ID - Configure Vlans the FIP packets will be snooped. Command Buttons Submit - Send the updated configuration to the switch. Configuration changes take effect immediately.
• FC ID - ID number of the virtual port that was created by the FCF when the ENode logged into the network. FIP Snooping FCFs • Interface - Name of the interface to which the FCoE Forwarder (FCF) is connected. • VLAN - ID number of the VLAN to which the FCF belongs. • FCMAP - May FC-Map value used by the FCF. The default value is 0xEFC00. • FCF MAC - MAC address of the FCF. • Name ID - Name ID. • Fabric Name - Name of the FCF.
Command Buttons Submit - Update the switch with the values on this screen. If you want the switch to retain the new values across a power cycle, you must perform a save. Delete - Allows the user to remove specified static entry from the ARP Table. Delete All - Allows the user to remove all static entries from the ARP Table. 11.4.1.2 Configuring ARP Table You can use this panel to change the configuration parameters for the Address Resolution Protocol Table.
Dynamic Renew - This controls whether the ARP component automatically attempts to renew ARP Entries of type Dynamic when they age out. The default setting is Enable. Remove from Table - Allows the user to remove certain entries from the ARP Table. The choices listed specify the type of ARP Entry to be deleted: • All Dynamic Entries • All Dynamic and Gateway Entries • Specific Dynamic/Gateway Entry - Selecting this allows the user to specify the required IP Address.
11.4.2 Managing IP Interfaces 11.4.2.1 Configuring IP Use this menu to configure routing parameters for the switch as opposed to an interface. Selection Criteria Routing Mode - Select enable or disable from the pulldown menu. You must enable routing for the switch before you can route through any of the interfaces. The default value is disable. IP Forwarding Mode - Select enable or disable from the pulldown menu. This enables or disables the forwarding of IP frames. The default value is enable.
Non-Configurable Data IpInReceives - The total number of input datagrams received from interfaces, including those received in error. IpInHdrErrors - The number of input datagrams discarded due to errors in their IP headers, including bad checksums, version number mismatch, other format errors, time-to-live exceeded, errors discovered in processing their IP options, etc.
IpForwDatagrams - The number of input datagrams for which this entity was not their final IP destination, as a result of which an attempt was made to find a route to forward them to that final destination. In entities which do not act as IP Gateways, this counter will include only those packets which were Source-Routed via this entity, and the Source-Route option processing was successful.
IcmpInRedirects - The number of ICMP Redirect messages received. IcmpInEchos - The number of ICMP Echo (request) messages received. IcmpInEchoReps - The number of ICMP Echo Reply messages received. IcmpInTimestamps - The number of ICMP Timestamp (request) messages received. IcmpInTimestampReps - The number of ICMP Timestamp Reply messages received. IcmpInAddrMasks - The number of ICMP Address Mask Request messages received. IcmpInAddrMaskReps - The number of ICMP Address Mask Reply messages received.
Selection Criteria Slot/Port - Select the interface for which data is to be displayed or configured. Routing Mode - Setting this enables or disables routing for an interface. The default value is enable. Administrative Mode - The Administrative Mode of the interface. The default value is enable. Forward Net Directed Broadcasts - Select how network directed broadcast packets should be handled. If you select enable from the pulldown menu network directed broadcasts will be forwarded.
MAC Address - The burned-in physical address of the specified interface. The format is six two-digit hexadecimal numbers separated by colons, for example 00:06:29:32:81:40. Link Speed Data Rate - An integer representing the physical link data rate of the specified interface. This data is valid only for physical interfaces and is measured in Megabits per second (Mbps). Command Buttons Submit - Update the switch with the values on this screen.
Configurable Data Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the router within the autonomous system (AS). If you want to change the Router ID you must first disable OSPF. After you set the new Router ID, you must re-enable OSPF to have the change take effect. The default value is 0.0.0.0, although this is not a valid Router ID. OSPF Admin Mode* - Select enable or disable from the pulldown menu. If you select enable OSPF will be activated for the switch.
! Once OSPF is initialized on the router, it will remain initialized until the router is reset. RFC 1583 Compatibility - Select enable or disable from the pulldown menu to specify the preference rules that will be used when choosing among multiple AS-external-LSAs advertising the same destination. If you select enable, the preference rules will be those defined by RFC 1583. If you select disable, the preference rules will be those defined in Section 16.4.
LSAs Received - The number of LSAs (link state advertisements) received that were determined to be new instantiations. This number does not include newer instantiations of self-originated LSAs. Command Buttons Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 11.4.3.
SPF DelayTime(secs) - Delay time is the number of seconds from when OSPF receives a topology change to the start of the next SPF calculation. Delay Time is an integer from 0 to 65535 seconds. The default time is 5 seconds. A value of 0 means that there is no delay; that is, the SPF calculation is started upon a topology change. SPF HoldTime(secs) - Hold Time is the minimum time in seconds between two consecutive SPF calculations. The range is 0 to 65,535 seconds. The default time is 10 seconds.
AS_OPAQUE LSA Checksum - The sum of the LS checksums of the opaque LSAs with domain wide flooding scope. This sum can be used to determine if there has been a change in a router's link state database, and to compare the link-state databases of two routers. This value is in hexadecimal. New LSAs Originated - The number of LSAs originated by this router. LSAs Received - The number of LSAs received. LSA Count - The total number of link state advertisements currently in the link state database.
11.4.3.4 Configuring Area Range Selection Criteria Area ID - Selects the area for which data is to be configured. Configurable Data IP address - Enter the IP Address for the address range for the selected area. Subnet Mask - Enter the Subnet Mask for the address range for the selected area. LSDB Type - Select the type of Link Advertisement associated with the specified area and address range. The default type is 'Network Summary'. Advertisement - Select enable or disable from the pulldown menu.
Selection Criteria Slot/Port - Select the interface for which data is to be displayed. Non-Configurable Data OSPF Area ID - The OSPF area to which the selected router interface belongs. An OSPF Area ID is a 32 bit integer in dotted decimal format that uniquely identifies the area to which the interface connects. Area Border Router Count - The total number of area border routers reachable within this area. This is initially zero, and is calculated in each SPF Pass.
AS Border Router Count - The total number of Autonomous System border routers reachable within this area. This is initially zero, and is calculated in each SPF Pass. Area LSA Count - The total number of link-state advertisements in this area's link-state database, excluding AS External LSAs. IP Address - The IP address of the interface. Interface Events - The number of times the specified OSPF interface has changed its state, or an error has occurred.
DD Packets Received - The number of Database Description packets received on this interface by this router. LS Requests Sent - The number of LS Requests sent on this interface by this router. LS Requests Received - The number of LS Requests received on this interface by this router. LS Updates Sent - The number of LS updates sent on this interface by this router. LS Updates Received - The number of LS updates received on this interface by this router.
Slot/Port - Select the interface for which data is to be displayed or configured. Configurable Data OSPF Area ID - Enter the 32 bit integer in dotted decimal format that uniquely identifies the OSPF area to which the selected router interface connects. If you assign an Area ID which does not exist, the area will be created with default values. Leave blank to disable. Router Priority - Enter the OSPF priority for the selected interface. The priority of an interface is specified as an integer from 0 to 255.
Authentication Key ID - Enter the ID to be used for authentication. You will only be prompted to enter an ID when you select 'Encrypt' as the authentication type. The ID is a number between 0 ad 255, inclusive. Metric Cost - Enter the value on this interface for the cost TOS (type of service). The range for the metric cost is between 1 and 65,535. Metric Cost is only configurable/displayed if OSPF is initialized on the interface. Non-Configurable Data OSPF Admin Mode - The default value is 'disable.
Designated Router - The identity of the Designated Router for this network, in the view of the advertising router. The Designated Router is identified here by its router ID. The value 0.0.0.0 means that there is no Designated Router. This field is only displayed if the OSPF admin mode is enabled. Backup Designated Router - The identity of the Backup Designated Router for this network, in the view of the advertising router. The Backup Designated Router is identified here by its router ID. Set to 0.0.0.
11.4.3.8 Configuring OSPF Neighbor This panel displays the OSPF neighbor configuration for a selected neighbor ID. When a particular neighbor ID is specified, detailed information about a neighbor is given. The information below will only be displayed if OSPF is enabled and the interface has a neighbor. The IP address is the IP address of the neighbor. Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Slot 0 is the base unit.
• Init - In this state, a Hello packet has recently been seen from the neighbor. However, bidirectional communication has not yet been established with the neighbor (i.e., the router itself did not appear in the neighbor's Hello packet). All neighbors in this state (or greater) are listed in the Hello packets sent from the associated interface. • 2-Way - In this state, communication between the two routers is bidirectional. This has been assured by the operation of the Hello Protocol.
the Router ID you must first disable OSPF. After you set the new Router ID, you must re-enable OSPF to have the change take effect. The default value is 0.0.0.0, although this is not a valid Router ID. Area ID - The ID of an OSPF area to which one of the router interfaces is connected. An Area ID is a 32 bit integer in dotted decimal format that uniquely identifies the area to which an interface is connected. LSA Type - The format and function of the link state advertisement.
Selection Criteria Create New Virtual Link - Select this option from the dropdown menu to define a new virtual link. The area portion of the virtual link identification is fixed: you will be prompted to enter the Neighbor Router ID on a new screen. Area ID and Neighbor Router ID - Select the virtual link for which you want to display or configure data. It consists of the Area ID and Neighbor Router ID. Configurable Data Neighbor Router ID - Enter the neighbor portion of a Virtual Link specification.
Authentication Key - Enter the OSPF Authentication Key for the specified interface. If you do not choose to use authentication you will not be prompted to enter a key. If you choose 'simple' authentication you cannot use a key of more than 8 octets. If you choose 'encrypt' the key may be up to 16 octets long. The key value will only be displayed if you are logged on with Read/Write privileges, otherwise it will be displayed as asterisks. Authentication ID - Enter the ID to be used for authentication.
Non-Configurable Data Area ID - The Area ID portion of the virtual link identification for which data is to be displayed. The Area ID and Neighbor Router ID together define a virtual link. Neighbor Router ID - The neighbor portion of the virtual link identification. Virtual links may be configured between any pair of area border routers having interfaces to a common (non-backbone) area. Hello Interval - The OSPF hello interval for the virtual link in units of seconds.
Configurable Data Configured Source - This select box is a dynamic selector and would be populated by only those Source Routes that have already been configured for redistribute by OSPF. However, the topmost option in the select box would be "Create", and this allows the user to configure another, among the Available Source Routes. The valid values are 'Static', 'Connected', 'RIP' and 'Create'.
Delete - Delete the entry of the Source Route selected as Configured Source from the list of Sources configured for OSPF Route Redistribution. 11.4.3.13 Viewing OSPF Route Redistribution Summary Information This screen displays the OSPF Route Redistribution Configurations. Non-Configurable Data Source - The Source Route to be Redistributed by OSPF. Metric- The Metric of redistributed routes for the given Source Route. Display "Unconfigured" when not configured.
11.4.4 Managing BOOTP/DHCP Relay Agent 11.4.4.1 Configuring BOOTP/DHCP Relay Agent Configurable Data Maximum Hop Count - Enter the maximum number of hops a client request can take before being discarded. Admin Mode - Select enable or disable from the pulldown menu. When you select 'enable' BOOTP/DHCP requests will be forwarded to the IP address you entered in the 'Server IP address' field. Minimum Wait Time (secs)- Enter a time in seconds.
Maximum Hop Count - The maximum number of Hops a client request can go without being discarded. Admin Mode - Administrative mode of the relay. When you select 'enable' BOOTP/DHCP requests will be forwarded to the IP address you entered in the 'Server IP address' field. Minimum Wait Time (secs) - The Minimum time in seconds. This value will be compared to the time stamp in the client's request packets, which should represent the time since the client was powered up.
None - no special processing for this case. Simple - a route will not be included in updates sent to the router from which it was learned. Poisoned reverse - a route will be included in updates sent to the router from which it was learned, but the metric will be set to infinity. The default is simple. Auto Summary Mode - Select enable or disable from the pulldown menu. If you select enable groups of adjacent routes will be summarized into single entries, in order to reduce the total number of entries.
None - RIP control packets will not be transmitted. The default is RIP-2. Receive Version - Which RIP version control packets will be accepted by the interface. The value is one of the following: RIP-1 - only RIP version 1 formatted packets will be received. RIP-2 - only RIP version 2 formatted packets will be received. Both - packets will be received in either format. None - no RIP control packets will be received. The default is Both. RIP Admin Mode - Whether RIP is enabled or disabled on the interface.
RIP-2 - send RIP version 2 packets using multicast. None - no RIP control packets will be sent. The default is RIP-2. Receive Version - Select what RIP control packets the interface will accept from the pulldown menu. The value is one of the following: RIP-1 - accept only RIP version 1 formatted packets. RIP-2 - accept only RIP version 2 formatted packets. Both - accept packets in either format. None - no RIP control packets will be accepted. The default is Both.
11.4.5.4 Configuring Route Redistribution Configuration This screen can be used to configure the RIP Route Redistribution parameters. The allowable values for each field are displayed next to the field. If any invalid values are entered, an alert message will be displayed with the list of all the valid values. Configurable Data Configured Source - This select box is a dynamic selector and would be populated by only those Source Routes that have already been configured for redistribute by RIP.
External 1 - Sets External Type 1 OSPF Routes to be redistributed External 2 - Sets External Type 2 OSPF Routes to be redistributed NSSA-External 1 - Sets NSSA External Type 1 OSPF Routes to be redistributed NSSA-External 2 - Sets NSSA External Type 2 OSPF Routes to be redistributed The default is Internal. Distribute List - Distribute List - Sets the Access List that filters the routes to be redistributed by the destination protocol. Only permitted routes are redistributed.
Source - The Source Route to be Redistributed by RIP. Metric- The Metric of redistributed routes for the given Source Route. Displays "Unconfigured" when not configured. Match - List of Routes redistributed when "OSPF" is selected as Source. The list may include one or more of: Internal External 1 External 2 NSSA-External 1 NSSA-External 2 Distribute List - The Access List that filters the routes to be redistributed by the Destination Protocol. Displays 0 when not configured.
Maximum Advertise Interval (secs) - Enter the maximum time (in seconds) allowed between router advertisements sent from the interface. Minimum Advertise Interval (secs) - Enter the minimum time (in seconds) allowed between router advertisements sent from the interface. Advertise Lifetime (secs) - Enter the value (in seconds) to be used as the lifetime field in router advertisements sent from the interface.
Maximum Advertise Interval (secs) - The maximum time (in seconds) allowed between router advertisements sent from the interface. Minimum Advertise Interval (secs) - The minimum time (in seconds) allowed between router advertisements sent from the interface. Advertise Lifetime (secs) - The value (in seconds) used as the lifetime field in router advertisements sent from the interface. This is the maximum length of time that the advertised addresses are to be considered as valid router addresses by hosts.
Next Hop IP Address - The outgoing router IP address to use when forwarding traffic to the next router (if any) in the path towards the destination. The next router will always be one of the adjacent neighbors or the IP address of the local interface for a directly attached network. Total Number of Routes - The total number of routes in the route table. Command Buttons Refresh - Refresh the data on the screen with the present state of the data in the switch. 11.4.7.
11.4.7.3 Configuring Router Static Route Entry Selection Criteria Network Address - Specifies the IP route prefix for the destination. In order to create a route a valid routing interface must exist and the next hop IP Address must be on the same network as the routing interface. Routing interfaces are created on the IP Interface Configuration page. Valid next hop IP Addresses can be viewed on the 'Route Table' screen.
11.4.7.4 Configuring (Static) Routes Entry Selection Criteria Route Type - This field can be either default or static or static reject. If creating a default route, all that needs to be specified is the next hop IP address, otherwise each field needs to be specified. Configurable Data Network Address - The IP route prefix for the destination. Subnet Mask - Also referred to as the subnet/network mask, this indicates the portion of the IP interface address that identifies the attached network.
11.4.7.5 Configuring Router Route Preference Use the Route Preferences Configuration page to configure the default preference for each protocol. These values arearbitrary values that range from 1 to 255, and are independent of route metrics. Most routing protocols use a route metric todetermine the shortest path known to the protocol, independent of any other protocol. Routes with a preference of 255 arenot used for forwarding.
Local - This field displays the local route preference value. Command Buttons Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 11.4.8 Managing VLAN Routing 11.4.8.1 Configuring VLAN Routing Selection Criteria VLAN ID - Enter the ID of a VLAN you want to configure for VLAN Routing. Initially, the field will display the ID of the first VLAN.
• Change back to the VLAN Routing Summary page. The new VLAN should appear in the table with the correct IP address and subnet mask assigned. 11.4.8.2 Viewing VLAN Routing Summary Information Non-Configurable Data VLAN ID - The ID of the VLAN whose data is displayed in the current table row Slot/Port - The Slot/Port assigned to the VLAN Routing Interface MAC Address - The MAC Address assigned to the VLAN Routing Interface IP Address - The configured IP Address of the VLAN Routing Interface.
11.4.9.2 Configuring Virtual Router Selection Criteria VRID and Slot/Port - Select 'Create' from the pulldown menu to configure a new Virtual Router, or select one of the existing Virtual Routers, listed by interface number and VRID. Configurable Data VRID - This field is only configurable if you are creating new Virtual Router, in which case enter the VRID in the range 1 to 255 .
Authentication Type - Select the type of Authentication for the Virtual Router from the pulldown menu. The default is None. The choices are: 0-None - No authentication will be performed. 1-Key - Authentication will be performed using a text password. Authentication Data - If you selected simple authentication, enter the password. Status - Select active or inactive from the pulldown menu to start or stop the operation of the Virtual Router. The default is inactive.
IP Address - Enter the IP address for the interface. This address must be a member of one of the subnets currently configured on the interface. This value is readonly once configured. Non-Configurable Data Slot/Port - The interface for which data is to be displayed or configured. Virtual Router ID - The Virtual Router ID for which data is to be displayed or configured. Primary IP Address - The Primary IP Address of the Virtual Router.
Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. Refresh - Refresh the data on the screen with the present state of the data in the switch. Cancel - Return to the Virtual Router Configuration screen. 11.4.9.
Configurable Data Priority Decrement - Enter the priority decrement for the tracked Route. The valid range is 1 -254. default value is 10. Remove - Removes the selected Tracking Routes from the VRRP tracked list. Non-Configurable Data Slot/Port - The VRRP interface for which Tracking data is to be displayed. Virtual Router ID - he Virtual Router ID for which Tracking data is to be displayed. S.No - The serial number for this row. Tracking Route Pfx - The Prefix of the tracked route.
Configurable Data Track Route Pfx - The Prefix of the route. Track Route PfxLen - The prefix length of the route. Priority Decrement - The priority decrement for the Route. The valid range is 1 -254. Default value is 10. Non-Configurable Data Slot/Port - The interface for which data is to be displayed. Virtual Router ID - The Virtual Router ID for which data is to be displayed. Command Buttons Submit - Send the updated configuration to the router. Configuration changes take effect immediately.
Priority - The priority value used by the VRRP router in the election for the master virtual router. Pre-empt Mode • Enable - if the Virtual Router is a backup router it will preempt the master router if it has a priority greater than the master virtual router's priority provided the master is not the owner of the virtual router IP address. • Disable - if the Virtual Router is a backup router it will not preempt the master router even if its priority is greater.
Selection Criteria VRID and Slot/Port - Select the existing Virtual Router, listed by interface number and VRID, for which you want to display statistical information. Non-Configurable Data Router Checksum Errors - The total number of VRRP packets received with an invalid VRRP checksum value. Router Version Errors - The total number of VRRP packets received with an unknown or unsupported version number.
Zero Priority Packets Received - The total number of VRRP packets received by the virtual router with a priority of '0'. Zero Priority Packets Sent - The total number of VRRP packets sent by the virtual router with a priority of '0'. Invalid Type Packets Received - The number of VRRP packets received by the virtual router with an invalid value in the 'type' field.
Mode - Selector for the Tunnel mode. The supported modes are 6-in-4-configured and 6-to-4. IPv6 Implicit Mode - Enable IPv6 on this interface using the IPv6 address. This option is only configurable prior to specifying an explicit IPv6 address. IPv6 Address - Select list of configured IPv6 addresses for the selected Loopback interface. Add is also a valid choice if the maximum number of addresses has not been configured.
Refresh - Refresh the page with the latest Tunnel entries. 11.4.11 Managing Loopbacks 11.4.11.1 Configuring Loopbacks Configuration Page Loopback interfaces can be created, configured and removed on this page. Configurable Data Loopback - Select list of currently configured loopback interfaces. Create is also a valid choice if the maximum number of loopback interfaces has not been created.
Submit - Update the system with the values on this screen. Delete Loopback - Remove the selected loopback interface. Delete Primary - Remove the configured Primary IPv4 Address. Add Secondary - Add the user specified Secondary IPv4 Address. Delete Selected Secondary - Remove the selected Secondary IPv4 Address. Delete Selected Address - Remove the selected IPv6 Address. 11.4.11.2 Viewing Loopbacks Summary Page This page displays a summary of the configured Loopback interfaces.
Configurable Data Administrative Mode - This selector lists the two options for administrative mode: enable and disable. The default value is disabled. Guest Vlan Supplicant Mode - This selector lists the two options for Guest VLAN Supplicant mode: enable and disable. The default value is disabled. Command Buttons Submit - Sends the updated screen to the switch and causes the changes to take effect on the switch but these changes will not be retained across a power cycle unless a save is performed.
Selection Criteria Port - Selects the port to be configured. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid. Control Mode - This selector lists the options for control mode. The control mode is only set if the link status of the port is link up.
Maximum Requests - This input field allows the user to enter the maximum requests for the selected port. The maximum requests value is the maximum number of times the authenticator state machine on this port will retransmit an EAPOL EAP Request/Identity before timing out the supplicant. The maximum requests value must be in the range of 1 to 10. The default value is 2. Changing the value will not change the configuration until the Submit button is pressed.
Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid. Non-Configurable Data Control Mode - Displays the configured control mode for the specified port.
Transmit Period(secs) - This field displays the configured transmit period for the selected port. The transmit period is the value, in seconds, of the timer used by the authenticator state machine on the specified port to determine when to send an EAPOL EAP Request/Identity frame to the supplicant. The transmit period is a number in the range of 1 to 65535. Guest VLAN ID(secs) - This field displays the configured guest Vlan ID for the selected port. The guest Vlan ID is a value of 0 to 3965.
Backend State - This field displays the current state of the backend authentication state machine. Possible values are: "Request" "Response" "Success" "Fail" "Timeout" "Initialize" "Idle" VLAN Assigned - Displays the VLAN ID assigned to the selected interface by the Authenticator. Note: This field is displayed only when the port control mode of the selected interface is not MAC-based. VLAN Assigned Reason - Displays the reason for the VLAN ID assigned by the authenticator to the selected interface.
Non-Configurable Data Port - Specifies the port whose settings are displayed in the current table row. Control Mode - This field indicates the configured control mode for the port. Possible values are: • Force Unauthorized: The authenticator port access entity (PAE) unconditionally sets the controlled port to unauthorized. • Force Authorized: The authenticator PAE unconditionally sets the controlled port to authorized.
Refresh - Update the information on the page. 11.5.1.5 Viewing each Port Access Control Statistics Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid. Non-Configurable Data EAPOL Frames Received - This displays the number of valid EAPOL frames of any type that have been received by this authenticator.
EAP Request/Id Frames Transmitted - This displays the number of EAP request/identity frames that have been transmitted by this authenticator. EAP Request Frames Transmitted - This displays the number of EAP request frames (other than request/identity frames) that have been transmitted by this authenticator. Invalid EAPOL Frames Transmitted - This displays the number of EAPOL frames that have been received by this authenticator in which the frame type is not recognized.
11.5.1.7 Defining Port Access Client Summary Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid. Non-Configurable Data User Name - Displays the user name representing the supplicant device. Supp Mac Address - Displays the supplicant device’s MAC address. Session Time - Displays the time since the supplicant logged in.
Configurable Data Login - Selects the login to apply to the specified user. All configured logins are displayed. Command Buttons Submit - Sends the updated screen to the switch and causes the changes to take effect on the switch but these changes will not be retained across a power cycle unless a save is performed. Refresh - Update the information on the page. 11.5.1.9 Defining each Port Access Privileges Page Selection Criteria Port - Selects the port to configure.
Non-Configurable Data Port - Displays the port in Slot/Port format. Users - Displays the users that have access to the port. Command Buttons Refresh - Update the information on the page. 11.5.2 Managing RADIUS 11.5.2.
Selection Criteria Accounting Mode - Selects if the RADIUS accounting mode is enabled or disabled. Configurable Data Max Number of Retransmits - The value of the maximum number of times a request packet is retransmitted. The valid range is 1 - 15. Consideration to maximum delay time should be given when configuring RADIUS maxretransmit and RADIUS timeout. If multiple RADIUS servers are configured, the max retransmit value on each will be exhausted before the next server is attempted.
11.5.2.2 Configuring RADIUS Server Configuration Page Selection Criteria RADIUS Server IP Address - Selects the RADIUS server to be configured. Select add to add a server. Primary Server - Sets the selected server to thePrimary or Secondary server. Message Authenticator - Enable or disable the message authenticator attribute for the selected server. Configurable Data IP Address - The IP address of the server being added. You cannot define these IP addresses: 0.0.0.0 255.255.255.255 224.xxx.xxx.xxx 127.0.0.
Secret Configured - Indicates if the shared secret for this server has been configured. Command Buttons Submit - Sends the updated screen to the switch and causes the changes to take effect on the switch but these changes will not be retained across a power cycle unless a save is performed. Remove - Remove the selected server from the configuration. This button is only available to READWRITE users. These changes will not be retained across a power cycle unless a save is performed.
Access Rejects - The number of RADIUS Access-Reject packets, including both valid and invalid packets that were received from this server. Access Challenges - The number of RADIUS Access-Challenge packets, including both valid and invalid packets that were received from this server. Malformed Access Responses - The number of malformed RADIUS Access-Response packets received from this server. Malformed packets include packets with an invalid length.
224.xxx.xxx.xxx 127.0.0.1 Host name - Enter the host name of the station. Port - Specifies the UDP Port to be used by the accounting server. The valid range is 0 - 65535. If the user has READONLY access, the value is displayed but cannot be changed. Secret - Specifies the shared secret to use with the specified accounting server. This field is only displayed if the user has READWRITE access. Apply - The Secret will only be applied if this box is checked.
Accounting Server IP Address - Identifies the accounting server associated with the statistics. Round Trip Time (secs) - Displays the time interval, in hundredths of a second, between the most recent Accounting-Response and the Accounting-Request that matched it from this RADIUS accounting server. Accounting Requests - Displays the number of RADIUS Accounting-Request packets sent not including retransmissions.
11.5.3 Defining TACACS+ Configuration 11.5.3.1 Configuring TACACS Configuration Page Configurable Data Key String - Specifies the authentication and encryption key for TACACS+ communications between the device and the TACACS+ server. The valid range is 0-128 characters. The key must match the key configured on the TACACS+ server. Connection Timeout - The maximum number of seconds allowed to establish a TCP connection between the device and the TACACS+ server.
Selection Criteria TACACS+ Server Selects the TACACS+ server for which data is to be displayed or configured. If the add item is selected, a new TACACS server can be configured. Configurable Data IP Address - Specifies the TACACS+ Server IP address. You cannot define these IP addresses: 0.0.0.0 255.255.255.255 224.xxx.xxx.xxx 127.0.0.1 Host name - The host name of the server being added. Priority - Specifies the order in which the TACACS+ servers are used. It should be within the range 0-65535.
designated management stations, only the chosen stations, as defined by IP address, will be allowed management privilege through the web manager, Telnet session, Secure Shell (SSH) or Secure Socket Layer (SSL) for secure HTTP. Selection Criteria Admin Mode - Selects the IP Filter admin mode for enable or disable. Configurable Data Filter Address 1~5 - Stations that are allowed to make configuration changes to the Switch. Command Buttons Submit - Send the updated screen to the switch.
Selection Criteria HTTPS Admin Mode - This field is used to enable or disable the Administrative Mode of Secure HTTP. The currently configured value is shown when the web page is displayed. The default value is disabled. TLS Version 1 - This field is used to enable or disable Transport Layer Security Version 1.0. The currently configured value is shown when the web page is displayed. The default value is enabled. SSL Version 3 - This field is used to enable or disable Secure Sockets Layer Version 3.0.
Delete - Used to delete the corresponding certificate, if it is present. 11.5.6 Defining Secure Shell Configuration 11.5.6.1 Configuring Secure Shell Configuration Page Selection Criteria Admin Mode - This select field is used to Enable or Disable the administrative mode of SSH. The currently configured value is shown when the web page is displayed. The default value is Disable. SSH Version 1 - This select field is used to Enable or Disable Protocol Level 1 for SSH.
Generate RSA Host Keys - Begin generating the RSA host keys. Note that to generate SSH key files SSH must be administratively disabled and there can be no active SSH sessions. Generate DSA Host Key - Begin generating the DSA host keys. Note that to generate SSH key files SSH must be administratively disabled and there can be no active SSH sessions. Delete - Use to delete the corresponding key file (RSA or DSA), if it is present. 11.6 IPv6 Menu 11.6.
11.6.2 Configuring IPv6 Interface Configuration Page Selection Criteria Interface - Selects the interface to be configured. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid. IPv6 Prefix - Specifies IPv6 prefix with prefix length for an interface.
IPv6 Implicit Mode - When ipv6 implicit mode is enabled, interface is capable of ipv6 operation without a global address. In this case, an eui-64 based link-local address is used. This selector lists the two options for ipv6 mode: enable and disable. Default value is disable. IPv6 Routing Operational Mode - Specifies operational state of an interface. Default value is disable. Interface Maximum Transmit Unit - Specifies maximum trasmit unit on an interface.
Non-Configurable Data Interface - Specifies the interface whose settings are displayed in the current table row. Routing Mode - Specifies routing mode of an interface. Admin Mode - Specifies administrative mode of an interface. Implicit Mode - When ipv6 implicit mode is enabled, interface is capable of ipv6 operation without a global address. In this case, an eui-64 based link-local address is used. This selector lists the two options for ipv6 mode: enable and disable. Default value is disable.
- 869 -
Selection Criteria Interface - Selects the interface to be configured. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. Non-Configurable Data IPv6 Statistics Total Datagrams Received - The total number of input datagrams received by the interface, including those received in error. Received Datagrams Locally Delivered - The total number of datagrams successfully delivered to IPv6 user-protocols (including ICMP).
which these fragments were addressed which might not be necessarily the input interface for some of the fragments. Datagrams Successfully Reassembled - The number of IPv6 datagrams successfully reassembled. Note that this counter is incremented at the interface to which these datagrams were addressed which might not be necessarily the input interface for some of the fragments.
ICMPv6 Echo Reply Messages Received - The number of ICMP Echo Reply messages received by the interface. ICMPv6 Router Solicit Messages Received - The number of ICMP Router Solicit messages received by the interface. ICMPv6 Router Advertisement Messages Received - The number of ICMP Router Advertisement messages received by the interface. ICMPv6 Neighbor Solicit Messages Received - The number of ICMP Neighbor Solicit messages received by the interface.
ICMPv6 Redirect Messages Transmitted - The number of Redirect messages sent. ICMPv6 Group Membership Query Messages Transmitted - The number of ICMPv6 Group Membership Query messages sent. ICMPv6 Group Membership Response Messages Transmitted - The number of ICMPv6 Group Membership Response messages sent. ICMPv6 Group Membership Reduction Messages Transmitted - The number of ICMPv6 Group Membership Reduction messages sent.
• Stale - More than ReachableTime milliseconds have elapsed since the last positive confirmation was received that the forward path was functioning properly. While in STALE state, the device takes no action until a packet is sent. • Delay - More than ReachableTime milliseconds have elapsed since the last positive confirmation was received that the forward path was functioning properly. A packet was sent within the last DELAY_FIRST_PROBE_TIME seconds.
11.6.7 Managing OSPFv3 Protocol 11.6.7.1 Configuring OSPFv3 Configuration Page Configurable Data Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the router within the autonomous system (AS). If you want to change the Router ID you must first disable OSPFv3. After you set the new Router ID, you must re-enable OSPFv3 to have the change take effect. The default value is 0.0.0.0, although this is not a valid Router ID.
*NOTE: once OSPFv3 is initialized on the router, it will remain initialized until the router is reset. Exit Overflow Interval - Enter the number of seconds that, after entering overflow state, the router should wait before attempting to leave overflow state. This allows the router to again originate non-default AS-external-LSAs. If you enter 0, the router will not leave Overflow State until restarted. The range is 0 to 2147483647 seconds.
been a change in a router's link state database, and to compare the link-state databases of two routers. AS_OPAQUE LSA Count - The number of opaque LSAs with domain wide flooding scope. AS_OPAQUE LSA Checksum - The sum of the LS checksums of the opaque LSAs with domain wide flooding scope. This sum can be used to determine if there has been a change in a router's link state database, and to compare the link-state databases of two routers. This value is in hexadecimal.
Import Summary LSAs - Select enable or disable from the pulldown menu. If you select enable summary LSAs will be imported into areas. Defaults to Enable. Stub Area Specific Parameters. Metric Value - Enter the metric value you want applied for the default route advertised into the stub area. Valid values range from 1 to 16,777,215. This value is applicable only to Stub areas. NSSA Specific Parameters. Default Information Originate - The default Route Information.
Translator State - Translator State 'Enabled' means that the NSSA router OSPFv3 Area NssA Translator Role has been set to always. Translator State of 'Elected' means a candidate NSSA Border router is translating type-7 LSAs into type-5.' Disabled' implies tha a candidate NSSA Border router is NOT translating type-7 LSAs into type-5. Command Buttons Create Stub Area - Configure the area as a stub area. Delete Stub Area - Delete the stub area designation. The area will be returned to normal state.
Selection Criteria Area ID - Selects the area for which data is to be configured. Configurable Data IPv6 Prefix - Enter the IPv6 Prefix/Prefix Length for the address range for the selected area. LSDB Type - Select the type of Link Advertisement associated with the specified area and address range. The default type is 'Network Summary'. Advertisement - Select enable or disable from the pulldown menu. If you selected enable the address range will be advertised outside the area via a Network Summary LSA.
Selection Criteria Slot/Port - Select the interface for which data is to be displayed or configured. Configurable Data OSPFv3 Admin Mode* - You may select enable or disable from the pulldown menu. The default value is 'disable.' You can configure OSPFv3 parameters without enabling OSPFv3 Admin Mode, but they will have no effect until you enable Admin Mode.
Hello Interval - Enter the OSPFv3 hello interval for the specified interface in seconds. This parameter must be the same for all routers attached to a network. Valid values range from 1 to 65,535. The default is 10 seconds. Dead Interval - Enter the OSPFv3 dead interval for the specified interface in seconds. This specifies how long a router will wait to see a neighbor router's Hello packets before declaring that the router is down. This parameter must be the same for all routers attached to a network.
• Other Designated Router - The interface is connected to a broadcast or NBMA network on which other routers have been selected to be the Designated Router and Backup Designated Router either. The router attempts to form adjacencies to both the Designated Router and the Backup Designated Router. The State is only displayed if the OSPFv3 admin mode is enabled. Designated Router - The identity of the Designated Router for this network, in the view of the advertising router.
Selection Criteria Slot/Port - Select the interface for which data is to be displayed. Non-Configurable Data OSPFv3 Area ID - The OSPFv3 area to which the selected router interface belongs. An OSPFv3 Area ID is a 32 bit integer in dotted decimal format that uniquely identifies the area to which the interface connects. Area Border Router Count - The total number of area border routers reachable within this area. This is initially zero, and is calculated in each SPF Pass.
Virtual Events - The number of state changes or errors that have occurred on this virtual link. Neighbor Events - The number of times this neighbor relationship has changed state or an error has occurred. External LSA Count - The number of external (LS type 5) link-state advertisements in the link-state database. Sent packets - The number of OSPFv3 packets transmitted on the interface. Received packets - The number of valid OSPFv3 packets received on the interface.
11.6.7.7 Viewing OSPFv3 Neighbor Information Page This screen shows the OSPFv3 Neighbor information for a selected neighbor Router ID on the selected interface. When a particular Neighbor Router ID is selected, it shows detailed information about the neighbor. This information is displayed only is OSPFv3 is enabled and there is at least one OSPFv3 enabled interface with a valid neighbor present. Selection Criteria Slot/Port - Select the Interface for which the data needs to be displayed.
11.6.7.8 Viewing OSPFv3 Neighbor Table Information Page This screen shows the OSPFv3 Neighbor Table, either for all interfaces on which valid OSPFv3 Neighbors are present or the neighbors specific to a given interface on which OSPFv3 Neighbors exist. This information is displayed only if OSPFv3 is enabled and there exists at least on OSPFv3 enabled interface having a valid neighbor. Selection Criteria Slot/Port - Select the Interface for which the data needs to be displayed.
Non-Configurable Data Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the router within the autonomous system (AS). The Router ID is set on the OSPFv3 Interface Configuration page. If you want to change the Router ID you must first disable OSPFv3. After you set the new Router ID, you must re-enable OSPFv3 to have the change take effect. The default value is 0.0.0.0, although this is not a valid Router ID.
11.6.7.10 Configuring OSPFv3 Virtual Link Configuration Page Selection Criteria Create New Virtual Link - Select this option from the dropdown menu to define a new virtual link. The area portion of the virtual link identification is fixed: you will be prompted to enter the Neighbor Router ID on a new screen. Area ID and Neighbor Router ID - Select the virtual link for which you want to display or configure data. It consists of the Area ID and Neighbor Router ID.
• Waiting - The router is trying to determine the identity of the (Backup) Designated Router by monitoring received Hello Packets. The router is not allowed to elect a Backup Designated Router or a Designated Router until it transitions out of Waiting state. This prevents unnecessary changes of (Backup) Designated Router. • Point-to-Point - The interface is operational, and is connected either to the virtual link.
Neighbor Router ID - The neighbor portion of the virtual link identification. Virtual links may be configured between any pair of area border routers having interfaces to a common (non-backbone) area. Hello Interval - The OSPFv3 hello interval for the virtual link in units of seconds. Dead Interval - The OSPFv3 dead interval for the virtual link in units of seconds. This determiness how long a router will wait to see a neighbor router's Hello packets before declaring that the router is down.
Metric Type - Sets the OSPFv3 metric type of redistributed routes. Tag - Sets the tag field in routes redistributed. This field displays the tag if the source was pre-configured, else a default tag value of 0 is displayed. The valid values are (0 to 4294967295) Command Buttons Submit - Send the updated configuration to the router. Configuration changes take effect immediately.
Selection Criteria Global or Link-local Next-hop - Specify if the Next Hop IPv6 Address is a Global IPv6 Address or a Link-local IPv6 Address. Slot/Port - Enter the unit, slot and port number for the Link-local IPv6 Next Hop Address. This field is displayed only if the Global or Link-local Next-hop Selector is selected as Link-local. Configurable Data IPv6 Network Prefix/PrefixLength - Enter an IPv6 Network Address with Prefix Length. Next Hop IPv6 Address - Enter an IPv6 Next Hop Address.
• All Routes - Shows all active IPv6 routes Non-Configurable Data Number of Routes/Best Routes - Displays the total number of active routes/best routes in the route table. IPv6 Prefix/Prefix Length - Displays the Network Prefix and Prefix Length for the Active Route. Protocol - Displays the Type of Protocol for the Active Route. Next Hop Slot/Port - Displays the Interface over which the Route is Active. Next Hop IP - Displays the Next Hop IPv6 Address for the Active Route.
Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 11.6.8.
Configurable Data RIPv6 Admin Mode - Select enable or disable from the pulldown menu. If you select enable RIPv6 will be enabled for the switch. The default is disable. Split Horizon Mode - Select none, simple or poison reverse from the pulldown menu. Split horizon is a technique for avoiding problems caused by including routes in updates sent to the router from which the route was originally learned. The options are: None - no special processing for this case.
Selection Criteria Slot/Port - Select the interface for which data is to be configured. Configurable Data Interface Mode - Select enable or disable from the pulldown menu. Before you enable RIPv6 version 1 or version 1c on an interface, you must first enable network directed broadcast mode on the corresponding interface. The default value is disabled. Passive Interface - Select enable or disable from the pulldown menu. The default value is disabled.
Available Source - This select box is a dynamic selector and would be populated by only those Source Routes that have not previously been configured for redistribution by RIPv6. This select box would appear only if the user selects "Create" option as Configured Source. The valid values are Static Connected OSPF Metric - Sets the metric value to be used as the metric of redistributed routes. This field displays the metric if the source was pre-configured and can be modified. The valid values are 1 to 15.
11.7 QOS Menu 11.7.1 Managing Access Control Lists 11.7.1.1.1 Configuring IP Access Control List Configuration Page An IP ACL consists of a set of rules which are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional rules are not checked for a match. On this menu the interfaces to which an IP ACL applies must be specified, as well as whether it applies to inbound traffic.
Non-Configurable Data IP ACL ID - The IP ACL identifier. Rules - The number of rules currently configured for the IP ACL. Direction - The direction of packet traffic affected by the IP ACL. Direction can only be: • Inbound Slot/Port(s) - The interfaces to which the IP ACL applies. VLAN(s) - VLAN(s) to which the IP ACL applies. Command Buttons Refresh - Refresh the data on the screen to the latest state. 11.7.1.
Selection Criteria IP ACL ID - Use the pulldown menu to select the IP ACL for which to create or update a rule. Rule - Select an existing rule from the pulldown menu, or select 'Create New Rule.' ACL as well as an option to add a new Rule. New rules cannot be created if the maximum number of rules has been reached. For each rule, a packet must match all the specified criteria in order to be true against that rule and for the specified rule action (Permit/Deny) to take place.
Protocol Number - Specify that a packet's IP protocol is a match condition for the selected IP ACL rule and identify the protocol by number. The protocol number is a standard value assigned by IANA and is interpreted as an integer from 1 to 255. Either the 'Protocol Number' field or the 'Protocol Keyword' field can be used to specify an IP protocol value as a match criterion.
11.7.1.4 Configuring IPv6 Access Control List Configuration Page An IPv6 ACL consists of a set of rules which are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional rules are not checked for a match. On this menu the interfaces to which an IPv6 ACL applies must be specified, as well as whether it applies to inbound or outbound traffic.
Non-Configurable Data IPv6 ACL Name - Exiting IPv6 ACL identifier. Rules - The number of rules currently configured for the IPv6 ACL. Direction - The direction of packet traffic affected by the IPv6 ACL. Direction can only be one of the following: Inbound Slot/Port(s) - The interfaces to which the IPv6 ACL applies. VLAN(s) - VLAN(s) to which the IPv6 ACL applies. Command Buttons Refresh - Refresh the data on the screen to the latest state. 11.7.1.
the specified criteria in order to be true against that rule and for the specified rule action (Permit/Deny) to take place. Configurable Data Rule ID - Enter a whole number in the range of (1 to 10) that will be used to identify the rule. Action - Specify what action should be taken if a packet matches the rule's criteria. The choices are permit or deny. Logging - When set to 'True', logging is enabled for this ACL rule (subject to resource availability in the device).
Flow Label - Flow label is 20-bit number that is unique to an IPv6 packet, used by end stations to signify quality-of-service handling in routers. Flow label can specified within the range (0 to 1048575). IPv6 DSCP Service - Specify the IP DiffServ Code Point (DSCP) field.The DSCP is defined as the high-order six bits of the Service Type octet in the IPv6 header. This is an optional configuration. Enter an integer from 0 to 63.
Delete - Removes the currently selected MAC ACL from the switch configuration. 11.7.1.8 Viewing MAC Access Control List Summary Page Non-Configurable Data MAC ACL Name - MAC ACL identifier. Rules - The number of rules currently configured for the MAC ACL. Direction - The direction of packet traffic affected by the MAC ACL. Valid Directions • Inbound Slot/Port(s) - The interfaces to which the MAC ACL applies. VLAN(s) - VLAN(s) to which the MAC ACL applies.
Selection Criteria MAC ACL - Select the MAC ACL for which to create or update a rule. Rule - Select an existing rule or select 'Create New Rule' to add a new Rule. New rules cannot be created if the maximum number of rules has been reached. For each rule, a packet must match all the specified criteria in order to be true against that rule and for the specified rule action (Permit/Deny) to take place.
Assign Queue ID - Specifies the hardware egress queue identifier used to handle all packets matching this ACL rule. Valid range of Queue Ids is (0 to 6). Mirror Interface - Specifies the specific egress interface where the matching traffic stream is copied in addition to being forwarded normally by the device. This field cannot be set if a Redirect Interface is already configured for the ACL rule. This field is visible for a 'Permit' Action.
Configure - Configure the corresponding match criteria for the selected rule. Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. Delete - Remove the currently selected Rule from the selected ACL. These changes will not be retained across a power cycle unless a save configuration is performed. 11.7.1.
and direction, the specified access list replaces the currently attached access list using that sequence number. If the sequence number is not specified by the user, a sequence number that is one greater than the highest sequence number currently in use for this interface and direction will be used. Valid range is (1 to 4294967295). Non-Configurable Data Slot/Port - Displays selected interface. Direction - Displays selected packet filtering direction for ACL.
IP ACL - Specifies list of all IP ACLs. This field is visible only if the user has selected "IP ACL" as "ACL Type". IPv6 ACL - Specifies list of all IPv6 ACLs. This field is visible only if the user has selected "IPv6 ACL" as "ACL Type". MAC ACL - Specifies list of all MAC ACLs. This field is visible only if the user has selected "MAC ACL" as "ACL Type".
VLAN(s) - VLAN(s) to which the IP ACL applies. Direction - The direction of packet traffic affected by the IP ACL. Direction can only be one of the following: • Inbound ACL Type - Displays the type of ACL assigned to selected VLAN and direction. ACL Identifier - Displays the ACL Number(in case of IP ACL) or ACL Name(in case of IPv6 ACL and MAC ACL) identifying the ACL assigned to selected VLAN and direction.
Selection Criteria DiffServ Admin Mode - This lists the options for the mode, from which one can be selected. The default value is 'enable'. While disabled, the DiffServ configuration is retained when saved and can be changed, but it is not activated. When enabled, Diffserv services are activated. Non-Configurable Data Class table - Displays the number of configured DiffServ classes out of the total allowed on the switch.
Only when a new class is created, this field is a selector field. After class creation this becomes a non-configurable field displaying the configured class type. Class Layer 3 Protocol - Indicates how to interpret the any layer 3. This lists types of packets supported by Diffserv. Layer 3 Protocol option is available only when user selects class type as 'All' . Options: • IPv4 • IPv6 Only when a new class is created, this field is a selector field.
11.7.2.3 Viewing DiffServ Class Summary Page Non-Configurable Data Class Name - Displays names of the configured DiffServ classes. Class Type - Displays types of the configured classes as 'all', 'any', or 'acl'. Class types are platform dependent. Reference Class - Displays name of the configured class of type • All referenced by the specified class of the same type. Command Buttons Refresh - Refresh the currently selected filter. 11.7.2.
Selection Criteria Policy Selector - Along with an option to create a new policy, this lists all the existing DiffServ policy names, from which one can be selected. The content of this screen varies based on the selection of this field. If an existing policy is selected then the screen will display Member Classes for that DiffServ policy. If 'create' is selected, another screen appears to facilitate creation of a new policy. The default is 'create'.
Remove Selected Class - Removes a policy class instance by detaching the policy from the specified class. 11.7.2.5 Viewing DiffServ Policy Summary Page Non-Configurable Data Policy Name - Displays name of the DiffServ policy. Policy Type - Displays type of the policy as 'In'. Member Classes - Displays name of each class instance within the policy. Command Buttons Refresh – Refresh the currently selected filter. 11.7.2.
Policy Attribute Selector - This lists all attributes supported for this type of policy, from which one can be selected. Non-Configurable Data Policy Type - Displays type of the configured policy as 'In'. 11.7.2.7 Viewing DiffServ Policy Attribute Summary Page Non-Configurable Data Policy Name - Displays name of the specified DiffServ policy. Policy Type - Displays type of the specified policy as 'In’. Class Name - Displays name of the DiffServ class to which this policy is attached.
Slot/Port - Select the Slot/Port that uniquely specifies an interface. This is a list of all valid slot number and port number combinations in the system. For Read/Write users where 'All' appears in the list, select it to specify all interfaces. Direction - Select the traffic direction of this service interface. This selection is only available to Read/Write users when Slot/Port is specified as 'All'. Policy In - This lists all the policy names of type 'In' from which one can be selected.
11.7.2.10 Viewing DiffServ Service Statistics Page This screen displays service-level statistical information in tabular form for all interfaces in the system to which a DiffServ policy has been attached in the inbound and/or outbound traffic directions. Use the 'Counter Mode Selector' to specify the counter display mode as either octets or packets (the default). Non-Configurable Data Slot/Port - Shows the Slot/Port that uniquely specifies an interface.
Direction - List of the traffic direction of interface. Only shows the direction(s) for which a DiffServ policy is currently attached. Member Classes - List of all DiffServ classes currently defined as members of the selected Policy Name. Choose one member class name at a time to display its statistics. If no class is associated with the chosen policy then nothing will be populated in the list.
Each port selected will be added to the policy created. Selection Criteria Traffic Type - Traffic type is used to define the DiffServ Class. Traffic type options: VOIP, HTTP, FTP, Telnet, and Any. Policing - Enabling policing will add policing to the DiffServ Policy and the policing rate will be applied.
Selection Criteria Slot/Port - Specifies all CoS configurable interfaces. The option "Global" represents the most recent global configuration settings. These may be overridden on a per-interface basis. Interface Trust Mode - Specifies whether or not to trust a particular packet marking at ingress. Interface Trust Mode can only be one of the following: • untrusted • trust dot1p • trust ip-dscp Default value is trust dot1p. Non-Configurable Data Untrusted Traffic Class - Displays traffic class (i.e.
Selection Criteria Slot/Port - Specifies all CoS configurable interfaces. The option "Global" represents the most recent global configuration settings. Configurable Data IP DSCP Value Traffic Class - Specify which internal traffic class to map the corresponding IP DSCP value. Valid Range is (0 to 7) . Non-Configurable Data IP DSCP Value - Specify the IP DiffServ Code Point (DSCP) Value. Command Buttons Submit - Send the updated configuration to the switch. Configuration changes take effect immediately.
Selection Criteria Slot/Port - Specifies all CoS configurable interfaces. The option "Global" represents the most recent global configuration settings. These may be overridden on a per-interface basis. Configurable Data Interface Shaping Rate - Specifies the maximum bandwidth allowed, typically used to shape the outbound transmission rate. This value is controlled independently of any per-queue maximum bandwidth configuration. It is effectively a second-level shaping mechanism. Default value is 0.
Scheduler Type - Specifies the type of scheduling used for this queue. Scheduler Type can only be one of the following: • strict • weighted Default value is weighted. Queue Management Type - Queue depth management technique used for queues on this interface. This is only used if device supports independent settings per-queue. Queue Management Type can only be: • taildrop Default value is taildrop.
Minimum Bandwidth - Specifies the minimum guaranteed bandwidth allotted to this queue. The value 0 means no guaranteed minimum. Sum of individual Minimum Bandwidth values for all queues in the selected interface cannot exceed defined maximum (100). Scheduler Type - Specifies the type of scheduling used for this queue. Scheduler Type can only be one of the following: • strict • weighted Queue Management Type - Queue depth management technique used for queues on this interface.
• Disable - Disable ETS and stop the ETS process. Other configuration will not be change if you disable ETS. The system's default ETS admin mode is disabled Scheduler Type - Configures the scheduler type for an interface. • WERR - Set scheduler type to WERR. • WRR - Set the scheduler type to WRR. When the ETS is enabled, the default scheduler type is WERR. ETS PG-Mapping - This command configures the mapping list of priority to priority groups.
Queue in SAN Priority Group - List of queues in SAN priority group. Queue in IPC Priority Group - List of queues in IPC priority group. 11.7.4.8 Configuring Congestion Notification (CN)) Global configuration Selection Criteria CNM Admin Mode - Enable/Disable congestion notification message(CNM) handling. • Enable - to enable handling congestion notification message. • Disable - to disable handling congestion notification message. The system's default CNM handling is Enabled.
Configurable Data Ether Type for CN-TAG - Set Ether Type for CN-TAG. The system's default Ether Type of CN-TAG is 8937. The valid Ether Type range is 0 to 65535. Ether Type for CNM - Set Ether Type for Congestion Notification Message (CNM). The system¡¦s default Ether Type of CNM is 8935. The valid Ether Type range is 0 to 65535. Device ID for CPID - Set Device Identifier for Congestion Point Identifier (CPID). The system¡¦s default device identifier of CPID is 0.
Status - Enable or Disable specific priority queue. The CN function is disabled by default on all priorities for each port. Non-Configurable Data Queue ID - Specifies the queue ID. Command Buttons Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 11.7.4.
11.8 IPv4 Multicast Menu 11.8.1 Managing DVMRP Protocol 11.8.1.1 Configuring DVMRP Global Configuration Page Configurable Data Admin Mode - Select enable or disable from the dropdown menu. This sets the administrative status of DVMRP to active or inactive. The default is disable. Non-Configurable Data Version - The current value of the DVMRP version string. Total Number of Routes - The number of routes in the DVMRP routing table.
Selection Criteria Slot/Port - Select the interface for which data is to be configured. You must configure at least one router interface before you configure a DVMRP interface. Otherwise you will see a message telling you that no router interfaces are available, and the configuration screen will not be displayed. Configurable Data Interface Mode - Select enable or disable from the pull-down menu to set the administrative mode of the selected DVMRP routing interface.
Selection Criteria Slot/Port - Select the interface for which data is to be displayed. You must configure at least one router interface before you can display data for a DVMRP interface. Otherwise you will see a message telling you that no router interfaces are available, and the configuration summary screen will not be displayed. Non-Configurable Data Interface Mode - The administrative mode of the selected DVMRP routing interface, either enable or disable.
11.8.1.4 Viewing DVMRP Next Hop Configuration Summary Non-Configurable Data Source IP - The IP address used with the source mask to identify the source network for this table entry. Source Mask - The network mask used with the source IP address. Next Hop Interface - The outgoing interface for this next hop. Type - The next hop type. 'Leaf' means that no downstream dependent neighbors exist on the outgoing interface. Otherwise, the type is 'branch'.
Refresh - Refresh the screen with the new data 11.8.1.6 Viewing DVMRP Route Summary Non-Configurable Data Source Address - The network address that is combined with the source mask to identify the sources for this entry. Source Mask - The subnet mask to be combined with the source address to identify the sources for this entry. Upstream Neighbor - The address of the upstream neighbor (e.g., RPF neighbor) from which IP datagrams from these sources are received.
Configurable Data Admin Mode - Select enable or disable from the pulldown menu to set the administrative status of IGMP in the router to active or inactive. The default is disable. Command Buttons Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 11.8.2.
Version - Enter the version of IGMP you want to configure on the selected interface. Valid values are 1 to 3 and the default value is 3. This field is configurable only when IGMP interface mode is enabled. Robustness - Enter the robustness value. This variable allows tuning for the expected packet loss on a subnet. If you expect the subnet to be lossy, you should enter a higher number for this parameter. IGMP is robust to (robustness variable-1) packet losses. Valid values are from 1 to 255.
Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Non-Configurable Data Interface Mode - The administrative status of IGMP on the selected interface. IP Address - The IP address of the selected interface. Subnet Mask - The subnet mask for the IP address of the selected interface. Protocol State - The operational state of IGMP on the selected interface. Version - The version of IGMP configured on the selected interface.
Last Member Query Interval - The last member query interval. The last member query interval is the maximum response time inserted into group-specific queries sent in response to leave group messages, and is also the amount of time between group-specific query messages. This value may be tuned to modify the leave latency of the network. A reduced value results in reduced time to detect the loss of the last member of a group. This value is not used for IGMP version 1.
Last Reporter - The IP address of the source of the last membership report received for the IP Multicast group address on the selected interface. Up Time - The time elapsed since this entry was created. Expiry Time - The minimum amount of time remaining before this entry will be aged out. Version 1 Host Timer - The time remaining until the local router will assume that there are no longer any IGMP version 1 members on the IP subnet attached to this interface.
Source Filter Mode - The source filter mode (Include/Exclude/NA) for the specified group on this interface. Source Hosts - This parameter shows source addresses which are members of this multicast address. Expiry Time - This parameter shows expiry time interval against each source address which are members of this multicast group. This is the amount of time after which the specified source entry is aged out.
11.8.2.7 Viewing IGMP Proxy Configration Summary Page Non-Configurable Data Slot/Port - Displays the interface on which IGMP proxy is enabled. IP Address - The IP address of the IGMP Proxy interface. Subnet Mask - The subnet mask for the IP address of the IGMP Proxy interface. Admin Mode - The administrative status of IGMP Proxy on the selected interface. Operational Mode - The operational state of IGMP Proxy interface.
Selection Criteria Multicast Group IP - Select the IP multicast group address for which data is to be displayed. If no group membership reports have been received on the selected interface you will not be able to make this selection, and none of the non-configurable data will be displayed. Non-Configurable Data Slot/Port - Displays the interface on which IGMP proxy is enabled.
Up Time - Displays the up time since the entry was created in cache table. State - The state of the host entry. A Host can be in one of the state. Non-member state - does not belong to the group on the interface. Delaying member state - host belongs to the group on the interface and report timer running. The report timer is used to send out the reports. Idle member state - host belongs to the group on the interface and no report timer running.
11.8.3.2 Configuring Interface’s Multicast Configuration Page Selection Criteria Slot/Port - Select the routing interface you want to configure from the dropdown menu. Configurable Data TTL Threshold - Enter the TTL threshold below which a multicast data packet will not be forwarded from the selected interface. You should enter a number between 0 and 255. If you enter 0 all multicast packets for the selected interface will be forwarded.
Outgoing Interface(s) - The list of outgoing interfaces on which multicast packets for this source/group are forwarded. Up Time (secs)- The time in seconds since the entry was created. Expiry Time (secs)- The time in seconds before this entry will age out and be removed from the table. RPF Neighbor - The IP address of the Reverse Path Forwarding neighbor. Protocol - The multicast routing protocol which created this entry.
Slot/Port - Select the interface number from the dropdown menu. This is the interface that connects to the neighbor router for the given source IP address. Command Buttons Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. Delete - Delete the static entry with the selected Source IP address from the MRoute table. 11.8.3.
Slot/Port - Select the router interface for which the administratively scoped boundary is to be configured. Configurable Data Group IP - Enter the multicast group address for the start of the range of addresses to be excluded. The address must be in the range of 239.0.0.0 through 239.255.255.255. Group Mask - Enter the mask to be applied to the multicast group address. The combination of the mask and the Group IP gives the range of administratively scoped addresses for the selected interface.
Admin Mode - Select enable or disable from the pulldown menu to set the administrative status of PIM-DM in the router. The default is disabled. Command Buttons Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 11.8.4.2 Configuring Interface’s PIM-DM Configuration Page Selection Criteria Slot/Port - Select the Slot and port for which data is to be displayed or configured.
Selection Criteria Slot/Port - Select the physical interface for which data is to be displayed. There must be configured at least one router interface before displaying data for a PIM-DM interface, otherwise a message will be displayed. Non-Configurable Data Interface Mode - Displays the administrative status of PIM-DM for the selected interface. The default is disabled. Protocol State - The operational state of the PIM-DM protocol on this interface.
Configurable Data Admin Mode - Select enable or disable from the pulldown menu to set the administrative status of PIM-SM in the router. The default is disable. Data Threshold Rate - Enter the rate in K bits/second above which the last-hop router will switch to a source-specific shortest path tree. The valid values are from (0 to 2000) The default value is 0. Register Threshold Rate - Enter rate in K bits/second above which the Rendezvous Point router will switch to a source-specific shortest path tree.
Command Buttons Refresh - Refresh the data on the screen with the present state of the data in the router. 11.8.5.3 Configuring PIM-SM SSM Range Configuration Page Configurable Data SSM Group Address - Enter the source-specific multicast group ip-address. SSM Group Mask - Enter the source-specific multicast group ip-address mask. Command Buttons Submit - Send the updated configuration to the router. Configuration changes take effect immediately.
Configurable Data Mode - Select enable or disable from the pulldown menu to set the administrative status of PIM-SM in the router. The default is disable. Hello Interval (secs)- Enter the time in seconds between the transmission of which PIM Hello messages on this interface. The valid values are from (0 to 18000 secs) . The default value is 30. Join/Prune Interval - Enter the frequency at which PIM Join/Prune messages are transmitted on this PIM interface. The valid values are from (0 to 18000) .
Net Mask - The network mask for the IP address of the selected PIM interface. Hello Interval (secs) - The frequency at which PIM Hello messages are transmitted on the selected interface. Join/Prune Interval - The frequency at which PIM Join/Prune messages are transmitted on this PIM interface. DR Priority - Indicates the DR priority on the PIM interface. BSR Border - Specifies the BSR border mode on the PIM interface.
Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Configurable Data Hash Mask Length - Enter the C-BSR hash mask length to be advertised in bootstrap messages. This hash mask length will be used in the hash algorithm for selecting the RP for a particular group. The valid values are from (0 to 32). Default value is 30. Priority - Enter the priority of C-BSR.
11.8.5.9 Configuring PIM-SM Static RP Configuration Page Configurable Data IP Address - IP Address of the RP to be created or deleted. Group - Group Address of the RP to be created or deleted. Group Mask - Group Mask of the RP to be created or deleted. Command Buttons Submit - Attempts to create the specified static RP IP Address for the PIM-SM router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed.
Command Buttons Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 11.9.1.2 Configuring MLD Interface Configuration Page Selection Criteria Admin Mode - Select the slot and port for which data is to be displayed or configured from the pulldown menu. Slot 0 is the base unit.
MLD is robust to (robustness variable-1) packet losses. Valid values are from (1 to 255) . The default value is 2 Startup Query Interval - Enter the number of seconds between the transmission of startup queries on the selected interface. The valid values are from (1 to 300) . The default value is 31. Startup Query Count - Enter the number of queries to be sent on startup. The valid values are from (1 to 20) . The default value is 2. Command Buttons Submit - Send the updated configuration to the switch.
Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Non-Configurable Data MLD Global Admin Mode - The administrative status of MLD on the selected interface. MLD Operational Mode- The operational status of MLD on the Interface. Routing - The Routing mode for an interface. MLD Version - The version of MLD configured on the selected interface. Query Interval - This field indicates the configured query interval (in seconds) for the interface.
Querier Status - This value indicates whether the interface is a MLD querier or non-querier on the subnet it is associated with. Querier Address - The address of the MLD querier on the IP subnet to which the selected interface is attached. Querier Up Time - The time in seconds since the MLD interface querier was last changed. Querier Expiry Time - The time in seconds remaining before the other querier present timer expires. If the local system is the querier, this will be zero.
Refresh - Refresh the data on the screen with the present state of the data in the router. Clear Traffic - Clears all the parameters for the selected interface. 11.9.1.6 Configuring MLD Proxy Interface Congiuration Page Selection Criteria Slot/Port - Select the port for which data is to be displayed or configured from the pulldown menu. You must have configured at least one router interface before configuring or displaying data for an MLD Proxy interface and it should not be a MLD routing interface.
Non-Configurable Data Slot/Port - Displays the interface on which MLD proxy is enabled. IPv6 Address - The IPv6 address of the MLD Proxy interface. Subnet Mask - The subnet mask for the IPv6 address of the MLD Proxy interface. Admin Mode - The administrative status of MLD Proxy on the selected interface. Operational Mode - The operational state of MLD Proxy interface. Number of Groups - The current number of multicast group entries for the MLD Proxy interface in the cache table.
Selection Criteria Multicast Group IPv6 - Select the IPv6 multicast group address for which data is to be displayed. If no group membership reports have been received on the selected interface you will not be able to make this selection, and none of the non-configurable data will be displayed. Non-Configurable Data Slot/Port - Displays the interface on which MLD proxy is enabled.
Multicast Group IPv6 - Select the IPv6 multicast group address for which data is to be displayed. If no group membership reports have been received on the MLD Proxy interface you will not be able to make this selection, and none of the non-configurable data will be displayed. Non-Configurable Data Slot/Port - Displays the interface on which MLD proxy is enabled. Source IPv6 - This parameter shows source addresses which are members of this multicast address.
Selection Criteria Slot/Port - Select the Slot and port for which data is to be displayed or configured. Slot 0 is the base unit. You must have configured at least one router interface before configuring or displaying data for a PIM-DM interface, otherwise an error message will be displayed. Interface Mode - Select enable or disable from the pulldown menu to set the administrative status of PIM-DM for the selected interface. The default is disable.
Selection Criteria Slot/Port - Select the physical interface for which data is to be displayed. There must be configured at least one router interface before displaying data for a PIM-DM interface, otherwise a message will be displayed. Non-Configurable Data Interface Mode - Displays the administrative status of PIM-DM for the selected interface. The default is disable. Protocol State - The operational state of the PIM-DM protocol on this interface.
Command Buttons Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 11.9.3.2 Viewing PIM-SM Global Status Page Non-Configurable Data PIMSM Admin Mode - The administrative status of PIM-SM in the router: either enable or disable.
Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. Refresh - Refresh the data on the screen with the present state of the data in the router. 11.9.3.4 Configuring Interface’s PIM-SM Configuration Page Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed or configured. Slot 0 is the base unit.
Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Non-Configurable Data Admin Mode - The administrative status of PIM-SM in the router: either enable or disable. Protocol State - The operational state of the PIM-SM protocol on this interface. IP Address - The IP address of the selected PIM interface. Net Mask - The network mask for the IP address of the selected PIM interface.
11.9.3.6 Configuring PIM-SM Candidate RP Configuration Page Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Non-Configurable Data Group Address - The group address transmitted in Candidate-RP-Advertisements. Configurable Data Interface - Display the interface. Group Address - Display the group address transmitted in Candidate – RP – Advertisements. Delete - Attempts to remove the specified Candidate RP Address for the PIM-SM router.
Hash Mask Length - Enter the C-BSR hash mask length to be advertised in bootstrap messages. This hash mask length will be used in the hash algorithm for selecting the RP for a particular group. The valid values are from (0 to 128). Default value is 30. Priority - Enter the priority of C-BSR. Command Buttons Submit - Attempts to create the specified static RP IP Address for the PIM-SM router. Configuration changes take effect immediately.
Configurable Data RP Address - IP Address of the RP. Group Address/Prefix Length - Enter the source-specific multicast group ip-address / Prefix Length. Overide - To override the entry you need to check this box and then select the submit button. Delete - Attempts to remove the specified Static RP Address for the PIM-SM router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed.
Source IP - Enter the IP address of the multicast packet source to be combined with the Group IP to fully identify a single route whose Mroute table entry you want to display or clear. You may leave this field blank. Group IP - Enter the destination group IP address whose multicast route(s) you want to display or clear. Non-Configurable Data Incoming Interface - The incoming interface on which multicast packets for this source/group arrive.
www.fortinet.