AT8901/2/3 CLI Reference Manual AdvancedTCA M5301_TECH_2 2.
AT8901/2/3 Preface Revision History Publication Title: ID Number: AT8901/2/3 CLI Reference Manual M5301_TECH_2 Rev. Index Brief Description of Changes Date of Issue 1.0 Preliminary Initial Issue 2005-07-15 1.1 Change Chapter 9 2005-08-16 1.2 Change structure, include LVL7 4.3.7 doc upgrade, add commands chapter 16 2006-01-12 1.3 Change structure, add LVL7 4.4 commands, review 2006-04-10 2.0 Add commands in Chapter 6 2006-06-14 2.
AT8901/2/3 Preface About This Book This document describes configuration commands for FASTPATH® software. The commands can be accessed from the CLI. Why the Document was Created This document was created primarily for system administrators configuring and operating a system using FASTPATH software. It is intended to provide an understanding of the configuration options of FASTPATH software.
Preface AT8901/2/3 Environmental Protection Statement This product has been manufactured to satisfy environmental protection requirements where possible. Many of the components used (structural parts, printed circuit boards, connectors, batteries, etc.) are capable of being recycled. Final disposition of this product after its service life must be accomplished in accordance with applicable country, state, or local laws or regulations.
AT8901/2/3 Preface For Your Safety Your new Kontron product was developed and tested carefully to provide all features necessary to ensure its compliance with electrical safety requirements. It was also designed for a long fault-free life. However, the life expectancy of your product can be drastically reduced by improper treatment during unpacking and installation.
Preface AT8901/2/3 This device should only be installed in or connected to systems that fulfill all necessary technical and specific environmental requirements. This applies also to the operational temperature range of the specific board version, which must not be exceeded. If batteries are present their temperature restrictions must be taken into account. In performing all necessary installation and application operations, please follow only the instructions supplied by the present manual.
AT8901/2/3 Table of Contents Revision History .........................................................................................................ii Imprint ........................................................................................................................ii Disclaimer ..................................................................................................................ii About This Book ..................................................................................
AT8901/2/3 2.1 Port Configuration Commands ................................................................2 - 2 2.1.1 interface ..........................................................................................2 - 2 2.1.2 auto-negotiate .................................................................................2 - 2 2.1.3 auto-negotiate all .............................................................................2 - 3 2.1.4 description ....................................................
AT8901/2/3 2.3.9 vlan participation all ...................................................................... 2 - 20 2.3.10 vlan port acceptframe all ............................................................... 2 - 20 2.3.11 vlan port ingressfilter all ................................................................ 2 - 20 2.3.12 vlan port pvid all ............................................................................ 2 - 21 2.3.13 vlan port tagging all ...........................................
AT8901/2/3 2.9.1 set gmrp adminmode ....................................................................2 - 35 2.9.2 set gmrp interfacemode ................................................................2 - 36 2.9.3 show gmrp configuration ...............................................................2 - 36 2.9.4 show mac-address-table gmrp ......................................................2 - 37 2.10 Port-Based Network Access Control Commands ..................................2 - 37 2.10.
AT8901/2/3 2.12.4 deleteport (Global Config) ............................................................. 2 - 53 2.12.5 port-channel static ........................................................................ 2 - 53 2.12.6 port lacpmode ............................................................................... 2 - 53 2.12.7 port lacpmode all .......................................................................... 2 - 54 2.12.8 port-channel adminmode .............................................
AT8901/2/3 2.17.3 lldp timers ......................................................................................2 - 68 2.17.4 lldp transmit-tlv ..............................................................................2 - 68 2.17.5 lldp transmit-mgmt .........................................................................2 - 69 2.17.6 lldp notification ...............................................................................2 - 69 2.17.7 lldp notification-interval ...........................
AT8901/2/3 3.1.12 show arp switch .............................................................................. 3 - 6 3.2 IP Routing Commands ............................................................................ 3 - 6 3.2.1 routing ............................................................................................. 3 - 7 3.2.2 ip routing ......................................................................................... 3 - 7 3.2.3 ip address .........................................
AT8901/2/3 3.6.3 bootpdhcprelay maxhopcount .......................................................3 - 23 3.6.4 bootpdhcprelay minwaittime ..........................................................3 - 23 3.6.5 bootpdhcprelay serverip ................................................................3 - 23 3.6.6 show bootpdhcprelay ....................................................................3 - 24 3.7 Open Shortest Path First (OSPF) Commands .......................................3 - 24 3.7.
AT8901/2/3 3.7.42 show ip ospf area .......................................................................... 3 - 38 3.7.43 show ip ospf border-routers .......................................................... 3 - 39 3.7.44 show ip ospf database .................................................................. 3 - 39 3.7.45 show ip ospf database database-summary .................................. 3 - 40 3.7.46 show ip ospf interface ...................................................................
AT8901/2/3 4.1.9 show classofservice ip-precedence-mapping .................................4 - 5 4.1.10 show classofservice ip-dscp-mapping .............................................4 - 6 4.1.11 show classofservice trust ................................................................4 - 6 4.1.12 show interfaces cos-queue .............................................................4 - 6 4.2 Differentiated Services (DiffServ) Commands .........................................4 - 7 4.2.1 diffserv ......
AT8901/2/3 4.6.4 show diffserv service .................................................................... 4 - 22 4.6.5 show diffserv service brief ............................................................ 4 - 22 4.6.6 show policy-map interface ............................................................ 4 - 23 4.6.7 show service-policy ....................................................................... 4 - 23 4.7 MAC Access Control List (ACL) Commands .........................................
AT8901/2/3 5.4.1 show arp switch ...............................................................................5 - 6 5.4.2 show eventlog .................................................................................5 - 7 5.4.3 show hardware ................................................................................5 - 7 5.4.4 show version ...................................................................................5 - 7 5.4.5 show interface ...................................................
AT8901/2/3 5.6.9 clear board event-log .................................................................... 5 - 25 5.6.10 enable passwd .............................................................................. 5 - 25 5.6.11 logout ............................................................................................ 5 - 25 5.6.12 set bootstopkey ............................................................................. 5 - 26 5.6.13 ping .......................................................
AT8901/2/3 5.9.22 clear ip dhcp server statistics ........................................................5 - 40 5.9.23 clear ip dhcp conflict ......................................................................5 - 40 5.9.24 show ip dhcp binding .....................................................................5 - 40 5.9.25 show ip dhcp global configuration .................................................5 - 41 5.9.26 show ip dhcp pool configuration ...................................................
AT8901/2/3 6.4 Secure Shell (SSH) Command ............................................................. 6 - 10 6.4.1 ip ssh ............................................................................................ 6 - 11 6.4.2 ip ssh protocol ............................................................................... 6 - 11 6.4.3 ip ssh server enable ...................................................................... 6 - 11 6.4.4 sshcon maxsessions ................................................
AT8901/2/3 6.8.3 radius server key ...........................................................................6 - 26 6.8.4 radius server msgauth ...................................................................6 - 26 6.8.5 radius server primary ....................................................................6 - 26 6.8.6 radius server retransmit ................................................................6 - 27 6.8.7 radius server timeout ...........................................................
AT8901/2/3 Appendix A. A Table of Contents .........................................................................................
AT8901/2/3 AT8901/2/3 CLI Reference Manual Page xxiv
AT8901/2/3 Chapter 1 Using the Command-Line Interface Page 1 - 1 AT8901/2/3 CLI Reference Manual
Using the Command-Line Interface 1. AT8901/2/3 Using the Command-Line Interface The command-line interface (CLI) is a text-based way to manage and monitor the system. You can access the CLI by using a direct serial connection or by using a remote logical connection with telnet or SSH. This chapter describes the CLI syntax, conventions, and modes. It contains the following sections: • • • • • • • 1.1 1.1 “Command Syntax” on page 1 - 2 1.2 “Command Conventions” on page 1 - 2 1.
AT8901/2/3 Using the Command-Line Interface The parameters for a command might include mandatory values, optional values, or keyword choices. Table 1 describes the conventions this document uses to distinguish between value types. Table 1. Parameter Conventions Symbol 1.2.1 Example Description <> angle brackets Indicates that you must enter a value in place of the brackets and text inside them.
Using the Command-Line Interface AT8901/2/3 Table 2. Parameter Descriptions Parameter 1.3 Description Interface or unit/slot/port Valid slot and port number separated by forward slashes. For example, 0/1 represents slot number 0 and port number 1. Logical Interface Represents a Logical slot and port number.. This is applicable in the case of a port-channel (LAG). You can use the logical unit/slot/port to configure the port-channel.
AT8901/2/3 1.4 Using the Command-Line Interface Using the “No” Form of a Command The no keyword is a specific form of an existing command and does not represent a new or distinct command. Almost every configuration command has a no form. In general, use the no form to reverse the action of a command or reset a value back to the default. For example, the no shutdown configuration command reverses the shutdown of an interface.
Using the Command-Line Interface AT8901/2/3 Table 5. CLI Command Modes Command Mode Prompt Mode Description Line Config Switch (line)# Allows you to configure various telnet settings and the console interface. Policy Map Config Switch (Config-policy-map)# Allows you to access the QoS Policy-Map configuration mode to configure the QoS Policy-Map. Policy Class Config Switch (Config-policy-class-map)# Consists of class creation, deletion, and matching commands.
AT8901/2/3 Using the Command-Line Interface Table 6. CLI Mode Access and Exit Command Mode Global Config Exit or Access Previous Mode Access Method From the Privileged EXEC mode, enter configure. VLAN Config Interface Config From the Privileged EXEC mode, enter vlan database. To exit to the Privileged EXEC mode, enter exit, or press Ctrl-Z. From the Global Config mode, enter To exit to the Global Config mode, enter exit. To return to the Privileged EXEC mode, enter Ctrl-Z.
Using the Command-Line Interface 1.5.1 AT8901/2/3 Command Completion and Abbreviation Command completion finishes spelling the command when you type enough letters of a command to uniquely identify the command keyword. Once you have entered enough letters, press the SPACEBAR or TAB key to complete the word. Command abbreviation allows you to execute a command when you have entered there are enough letters to uniquely identify the command.
AT8901/2/3 Using the Command-Line Interface Table 8. CLI Editing Conventions Key Sequence 1.6 Description Ctrl-Y Prints last deleted character Ctrl-Q Enables serial flow Ctrl-S Disables serial flow Ctrl-Z Return to root command prompt Tab, Command-line completion Exit Go to next lower command prompt ? List available commands, keywords, or parameters Using CLI Help Enter a question mark (?) at the command prompt to display the commands available in the current mode.
Using the Command-Line Interface 1.7 AT8901/2/3 Accessing the CLI You can access the CLI by using a direct console connection or by using a telnet or SSH connection from a remote management host. For the initial connection, you must use a direct connection to the console port. You cannot access the system remotely until the system has an IP address, subnet mask, and default gateway.
AT8901/2/3 Chapter 21 Switching Commands Page 2 - 1 AT8901/2/3 CLI Reference Manual
AT8901/2/3 2. Switching Commands This chapter describes the switching commands available in the CLI. The Switching Commands chapter includes the following sections: • • • • • • • • • • • • • • • • • • 2.1 “Port Configuration Commands” on page 2 - 2 2.2 “Spanning Tree Protocol (STP) Commands” on page 2 - 6 2.3 “VLAN Commands” on page 2 - 17 2.4 “Double VLAN Commands” on page 2 - 27 2.5 “Provisioning (IEEE 802.1p) Commands” on page 2 - 29 2.6 “Protected Ports Commands” on page 2 - 30 2.
AT8901/2/3 Mode 2.1.2.1 Interface Config no auto-negotiate This command disables automatic negotiation on a port. NOTE: Automatic sensing is disabled when automatic negotiation is disabled. 2.1.3 Format no auto-negotiate Mode Interface Config auto-negotiate all This command enables automatic negotiation on all ports. 2.1.3.1 Default enabled Format auto-negotiate all Mode Global Config no auto-negotiate all This command disables automatic negotiation on all ports. 2.1.
AT8901/2/3 2.1.6 Format no mtu Mode Interface Config shutdown This command disables a port. NOTE: You can use the shutdown command on physical and port-channel (LAG) interfaces, but not on VLAN routing interfaces. 2.1.6.1 Default enabled Format shutdown Mode Interface Config no shutdown This command enables a port. 2.1.7 Format no shutdown Mode Interface Config shutdown all This command disables all ports.
AT8901/2/3 2.1.9 speed all This command sets the speed and duplex setting for all interfaces. Format speed all {<100 | 10> } Mode Global Config Acceptable values are: 2.1.10 100h 100BASE-T half-duplex 100f 100BASE-T full duplex 10h 10BASE-T half duplex 10f 10BASE-T full duplex show port This command displays port information. Format show port { | all} Mode Privileged EXEC Interface Valid slot and port number separated by forward slashes.
AT8901/2/3 Mode Privileged EXEC Group Name Displays the group name of an entry in the Protocol-based VLAN table. 2.2 Group ID Displays the group identifier of the protocol group. Protocol(s) Indicates the type of protocol(s) for this group. VLAN Indicates the VLAN associated with this Protocol Group. Interface(s) Lists the slot/port interface(s) that are associated with this Protocol Group.
AT8901/2/3 2.2.3 spanning-tree configuration name This command sets the Configuration Identifier Name for use in identifying the configuration that this switch is currently using. The is a string of up to 32 characters. 2.2.3.1 Default base MAC address in hexadecimal notation Format spanning-tree configuration name Mode Global Config no spanning-tree configuration name This command resets the Configuration Identifier Name to its default. 2.2.
AT8901/2/3 2.2.6 spanning-tree forceversion This command sets the Force Protocol Version parameter to a new value. Use 802.1d to specify that the switch transmits ST BPDUs rather than MST BPDUs (IEEE 802.1d functionality supported). Use 802.1w to specify that the switch transmits RST BPDUs rather than MST BPDUs (IEEE 802.1w functionality supported). Use 802.1s to specify that the switch transmits MST BPDUs (IEEE 802.1s functionality supported). 2.2.6.1 Default 802.
AT8901/2/3 2.2.9 Format no spanning-tree hello-time Mode Interface Config spanning-tree max-age This command sets the Bridge Max Age parameter to a new value for the common and internal spanning tree. The max-age value is in seconds within a range of 6 to 40, with the value being less than or equal to 2 x (Bridge Forward Delay - 1). 2.2.9.
AT8901/2/3 If you specify the external-cost option, this command sets the external-path cost for MST instance ‘0’ i.e. CIST instance. You can set the external cost as a number in the range of 1 to 200000000 or auto. If you specify auto, the external path cost value is set based on Link Speed.
AT8901/2/3 Mode 2.2.12.1 Global Config no spanning-tree mst instance This command removes a multiple spanning tree instance from the switch and reallocates all VLANs allocated to the deleted instance to the common and internal spanning tree. The parameter is a number that corresponds to the desired existing multiple spanning tree instance to be removed. 2.2.
AT8901/2/3 2.2.14.1 no spanning-tree mst vlan This command removes an association between a multiple spanning tree instance and a VLAN so that the VLAN is again be associated with the common and internal spanning tree. The parameter is a number that corresponds to the desired existing multiple spanning tree instance. The corresponds to an existing VLAN ID. 2.2.
AT8901/2/3 Bridge Identifier The bridge identifier for the CST. It is made up using the bridge priority and the base MAC address of the bridge. Time Since Topology Change Time in seconds. Topology Change Count Number of times changed. Topology Change Boolean value of the Topology Change parameter for the switch indicating if a topology change is in progress on any port assigned to the common and internal spanning tree. Designated Root The bridge identifier of the root bridge.
AT8901/2/3 2.2.19 show spanning-tree interface This command displays the settings and parameters for a specific switch port within the common and internal spanning tree. The is the desired switch port. The following details are displayed on execution of the command. Format show spanning-tree interface Modes Privileged EXEC User EXEC Hello Time Admin hello time for this port. Port mode Enabled or disabled.
AT8901/2/3 Auto-Calculate Port Path Cost This indicates whether auto calculation for port path cost is enabled. Port Path Cost Configured value of the Internal Port Path Cost parameter. Auto-Calculate External Port Path Cost This indicates whether auto calculation for external port path cost is enabled. External Port Path Cost Configured value of the external Port Path Cost parameter. Designated Root The Identifier of the designated root for this port.
AT8901/2/3 2.2.21 show spanning-tree mst port summary This command displays the settings of one or all ports within the specified multiple spanning tree instance. The parameter indicates a particular MST instance. The parameter { | all} indicates the desired switch port or all ports. If you specify 0 (defined as the default CIST ID) as the , the status summary displays for one or all ports within the common and internal spanning tree.
AT8901/2/3 Configuration Name Identifier used to identify the configuration currently being used. Configuration Revision Level Identifier used to identify the configuration currently being used. Configuration Digest Key Identifier used to identify the configuration currently being used. MST Instances List of all multiple spanning tree instances configured on the switch 2.2.24 show spanning-tree vlan This command displays the association between a VLAN and a multiple spanning tree instance.
AT8901/2/3 2.3.3 vlan This command creates a new VLAN and assigns it an ID. The ID is a valid VLAN identification number (ID 1 is reserved for the default VLAN). VLAN range is 2-4094. 2.3.3.1 Format vlan <2-4094> Mode VLAN Config no vlan This command deletes an existing VLAN. The ID is a valid VLAN identification number (ID 1 is reserved for the default VLAN). The VLAN range is 2-4094. 2.3.
AT8901/2/3 2.3.5.1 no vlan ingressfilter This command disables ingress filtering. If ingress filtering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN. 2.3.
AT8901/2/3 auto 2.3.9 The interface is dynamically registered in this VLAN by GVRP. The interface will not participate in this VLAN unless a join request is received on this interface. This is equivalent to registration normal. vlan participation all This command configures the degree of participation for all interfaces in a VLAN. The ID is a valid VLAN identification number. You can use the following participation options: • • • 2.3.10 include—The interface is always a member of this VLAN.
AT8901/2/3 receiving interface are admitted and forwarded to ports that are members of that VLAN. 2.3.11.1 Default disabled Format vlan port ingressfilter all Mode Global Config no vlan port ingressfilter all This command disables ingress filtering for all ports. If ingress filtering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN. 2.3.
AT8901/2/3 2.3.14 vlan protocol group This command adds protocol-based VLAN groups to the system. The is a character string of 1 to 16 characters. When it is created, the protocol group will be assigned a unique number that will be used to identify the group in subsequent commands. 2.3.15 Format vlan protocol group Mode Global Config vlan protocol group add protocol This command adds the to the protocol-based VLAN identified by .
AT8901/2/3 2.3.17.1 no protocol group This command removes the from this protocol-based VLAN group that is identified by this . 2.3.18 Format no protocol group Mode VLAN Config protocol vlan group This command adds the physical interface to the protocol-based VLAN identified by . You can associate multiple interfaces with a group, but you can only associate each interface and protocol combination with one group.
AT8901/2/3 2.3.20 vlan pvid This command changes the VLAN ID per interface. 2.3.20.1 Default 1 Format vlan pvid <1-4094> Mode Interface Config no vlan pvid This command sets the VLAN ID per interface to 1. 2.3.21 Format no vlan pvid Mode Interface Config vlan tagging This command configures the tagging behavior for a specific interface in a VLAN to enabled. If tagging is enabled, traffic is transmitted as tagged frames. If tagging is disabled, traffic is transmitted as untagged frames.
AT8901/2/3 Mode 2.3.23.1 VLAN database no vlan association mac This command removes the association of a MAC address to a VLAN. 2.3.24 Format no vlan association mac Mode VLAN database show vlan This command displays detailed information, including interface information, for a specific VLAN. The ID is a valid VLAN identification number. Format show vlan Modes Privileged EXEC User EXEC VLAN ID There is a VLAN Identifier (VID) associated with each VLAN.
AT8901/2/3 unless a join request is received on this port. This is equivalent to registration normal in the IEEE 802.1Q standard. Tagging 2.3.25 Select the tagging behavior for this port in this VLAN. Tagged - specifies to transmit traffic for this VLAN as tagged frames. Untagged - specifies to transmit traffic for this VLAN as untagged frames. show vlan brief This command displays a list of all configured VLANs.
AT8901/2/3 in the tag. In an untagged frame, the VLAN is the Port VLAN ID specified for the port that received this frame. When disabled, all frames are forwarded in accordance with the 802.1Q VLAN bridge specification. The factory default is disabled. GVRP May be enabled or disabled. Default Priority The 802.1p priority assigned to tagged packets arriving on the port. 2.3.27 show vlan association subnet This command displays the VLAN associated with a specific configured IP-Address and net mask.
AT8901/2/3 2.4.1.1 Default vman Format dvlan-tunnel ethertype {802.1Q | vman | custom} [0-65535] Mode Global Config no dvlan-tunnel etherType This command configures the ether-type for all interfaces to the default value. 2.4.2 Format no dvlan-tunnel ethertype Mode Global Config mode dot1q-tunnel This command is used to enable Double VLAN Tunneling on the specified interface. 2.4.2.
AT8901/2/3 2.4.5 Format show dot1q-tunnel [interface { | all}] Modes Privileged EXEC User EXEC Interface Valid slot and port number separated by forward slashes. Mode This field specifies the administrative mode through which Double VLAN Tunneling can be enabled or disabled. The default value for this field is disabled. EtherType This field represents a 2-byte hex EtherType to be used as the first 16 bits of the DVLAN tunnel. There are three different EtherType tags. The first is 802.
AT8901/2/3 Mode 2.5.2 Global Config vlan priority This command configures the default 802.1p port priority assigned for untagged packets for a specific interface. The range for the priority is 0-7 2.6 Default 0 Format vlan priority Mode Interface Config Protected Ports Commands This section describes commands you use to configure and view protected ports on a switch. Protected ports do not forward traffic to each other, even if they are on the same VLAN.
AT8901/2/3 2.6.2 switchport protected (Interface Config) Use this command to add an interface to a protected port group. The parameter identifies the set of protected ports to which this interface is assigned. You can only configure an interface as protected in one group. NOTE: Port protection occurs within a single switch. Protected port configuration does not affect traffic between ports on two different switches. No traffic forwarding is possible between two protected ports. 2.6.2.
AT8901/2/3 Protected 2.7 Indicates whether the interface is protected or not. It shows TRUE or FALSE. If the group is a multiple groups then it shows TRUE in Group GARP Commands This section describes the commands you use to configure Generic Attribute Registration Protocol (GARP) and view GARP status. The commands in this section affect both GARP VLAN Registration Protocol (GVRP) and Garp Multicast Registration Protocol (GMRP).
AT8901/2/3 2.7.2.1 no set garp timer leave This command sets the GVRP leave time on all ports or a single port to the default and only has an effect when GVRP is enabled. 2.7.3 Format no set garp timer leave Modes Interface Config Global Config set garp timer leaveall This command sets how frequently Leave All PDUs are generated. A Leave All PDU indicates that all registrations will be unregistered. Participants would need to rejoin in order to maintain registration.
AT8901/2/3 NOTE: If GVRP is disabled, the system does not forward GVRP messages. 2.8.1 set gvrp adminmode This command enables GVRP on the system. 2.8.1.1 Default disabled Format set gvrp adminmode Mode Privileged EXEC no set gvrp adminmode This command disables GVRP. 2.8.2 Format no set gvrp adminmode Mode Privileged EXEC set gvrp interfacemode This command enables GVRP on a single port (Interface Config mode) or all ports (Global Config mode). 2.8.2.
AT8901/2/3 20 centiseconds (0.2 seconds). The finest granularity of specification is one centisecond (0.01 seconds). Leave Timer Specifies the period of time to wait after receiving an unregister request for an attribute before deleting the attribute. Current attributes are a VLAN or multicast group. This may be considered a buffer time for another station to assert registration for the same attribute in order to maintain uninterrupted service.
AT8901/2/3 2.9.2 set gmrp interfacemode This command enables GARP Multicast Registration Protocol on a single interface (Interface Config mode) or all interfaces (Global Config mode). If an interface which has GARP enabled is enabled for routing or is enlisted as a member of a port-channel (LAG), GARP functionality is disabled on that interface. GARP functionality is subsequently re-enabled if routing is disabled and port-channel (LAG) membership is removed from an interface that has GARP enabled. 2.9.2.
AT8901/2/3 600 centiseconds (0.2 to 6.0 seconds). The factory default is 60 centiseconds (0.6 seconds). LeaveAll Timer This Leave All Time controls how frequently LeaveAll PDUs are generated. A LeaveAll PDU indicates that all registrations will shortly be deregistered. Participants will need to rejoin in order to maintain registration. There is an instance of this timer on a per-Port, per-GARP participant basis. The Leave All Period Timer is set to a random value in the range of LeaveAllTime to 1.
AT8901/2/3 of authentication login methods is three. The possible method values are local, and reject. radius The value of local indicates that the user’s locally stored ID and password are used for authentication. The value of radius indicates that the user’s ID and password will be authenticated using the RADIUS server. The value of reject indicates the user is never authenticated. To authenticate a user, the first authentication method in the user’s login (authentication login list) is attempted.
AT8901/2/3 assigned to a specific user if the user is configured locally. If this value is not configured, users will be authenticated using local authentication only. 2.10.5 Format dot1x defaultlogin Mode Global Config dot1x initialize This command begins the initialization sequence on the specified port. This command is only valid if the control mode for the specified port is 'auto'. If the control mode is not 'auto' an error will be returned. 2.10.
AT8901/2/3 2.10.8.1 Default auto Format dot1x port-control {force-unauthorized | force-authorized | auto} Mode Interface Config no dot1x port-control This command sets the authentication mode on the specified port to the default value. 2.10.9 Format no dot1x port-control Mode Interface Config dot1x port-control all This command sets the authentication mode to use on all ports.
AT8901/2/3 2.10.11.1 no dot1x re-authentication This command disables re-authentication of the supplicant for the specified port. 2.10.12 Format no dot1x re-authentication Mode Interface Config dot1x system-auth-control Use this command to enable the dot1x authentication support on the switch. While disabled, the dot1x configuration is retained and can be changed, but is not activated. 2.10.12.
AT8901/2/3 2.10.13.1 Format dot1x timeout {{reauth-period } | {quiet-period } | {tx-period } | {supp-timeout } | {server-timeout }} Mode Interface Config no dot1x timeout This command sets the value, in seconds, of the timer used by the authenticator state machine on this port to the default values. Depending on the token used, the corresponding default values are set. 2.10.
AT8901/2/3 2.10.17 Format users login Mode Global Config show authentication This command displays the ordered authentication methods for all authentication login lists. Format show authentication Mode Privileged EXEC Authentication Login List This displays the authentication login listname. 2.10.18 Method 1 This displays the first method in the specified authentication login list, if any.
AT8901/2/3 Port The interface whose configuration is displayed. Control Mode The configured control mode for this port. Possible values are forceunauthorized | force-authorized | auto. Operating Control Mode The control mode under which this port is operating. Possible values are authorized | unauthorized. Reauthentication Enabled Indicates whether re-authentication is enabled on this port. Key Transmission Enabled Indicates if the key is transmitted to the supplicant for the specified port.
AT8901/2/3 The value is expressed in seconds and will be in the range of 1 and 65535. Reauthentication Enabled Indicates if reauthentication is enabled on this port. Possible values are ‘True” or “False”. Key Transmission Enabled Indicates if the key is transmitted to the supplicant for the specified port. Possible values are True or False. Control Direction Indicates the control direction for the specified port or ports. Possible values are both or in.
AT8901/2/3 2.10.21 Format show dot1x users Mode Privileged EXEC User Users configured locally to have access to the specified port. show users authentication This command displays all user and all authentication login information. It also displays the authentication login list assigned to the default user. Format show users authentication Mode Privileged EXEC User Lists every user that has an authentication login list assigned.
AT8901/2/3 ingressing on an interface increases beyond the configured threshold, the traffic is dropped. Therefore, the rate of broadcast traffic is limited to the configured threshold. 2.11.2.1 Default 5 Format storm-control broadcast level <0-100> Mode Interface Config no storm-control broadcast level This command sets the broadcast storm recovery threshold to the default value for an interface and disables broadcast storm recovery. 2.11.
AT8901/2/3 2.11.5 Format no storm-control broadcast all level Mode Global Config storm-control multicast This command enables multicast storm recovery mode for an interface. If the mode is enabled, multicast storm recovery is active, and if the rate of L2 multicast traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped. Therefore, the rate of multicast traffic will be limited to the configured threshold. 2.11.5.
AT8901/2/3 2.11.7.1 Format storm-control multicast all Mode Global Config no storm-control multicast all This command disables multicast storm recovery mode for all interfaces. 2.11.8 Format no storm-control multicast all Mode Global Config storm-control multicast all level This command configures the multicast storm recovery threshold for all interfaces and enables multicast storm recovery mode.
AT8901/2/3 2.11.10 storm-control unicast level This command configures the unicast storm recovery threshold for an interface and enables unicast storm recovery. If the mode is enabled, unicast storm recovery is active, and if the rate of unknown L2 unicast (destination lookup failure) traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped. Therefore, the rate of unknown unicast traffic will be limited to the configured threshold.
AT8901/2/3 Mode 2.11.12.1 Global Config no storm-control unicast all level This command returns the unicast storm recovery threshold to the default value and disables unicast storm recovery for all interfaces. 2.11.13 Format no storm-control unicast all level Mode Global Config storm-control flowcontrol This command enables 802.3x flow control for the switch and only applies to fullduplex mode ports. NOTE: 802.
AT8901/2/3 Ucast Level 2.12 Shows the Unknown Unicast or DLF (Destination Lookup Failure) storm control level Port-Channel/LAG (802.3ad) Commands This section describes the commands you use to configure port-channels, which are also known as link aggregation groups (LAGs). Link aggregation allows you to combine multiple full-duplex Ethernet links into a single logical link. Network devices treat the aggregation as if it were a single link, which increases fault tolerance and provides load sharing.
AT8901/2/3 Mode 2.12.3 Interface Config deleteport (Interface Config) This command deletes the port from the port-channel (LAG). The interface is a Logical slot and port number. of a configured port-channel. 2.12.4 Format deleteport Mode Interface Config deleteport (Global Config) This command deletes all configured ports from the port-channel (LAG). The interface is a Logical slot and port number. of a configured port-channel. To clear the port channels, see 5.6.
AT8901/2/3 2.12.7 Format no port lacpmode Mode Interface Config port lacpmode all This command enables Link Aggregation Control Protocol (LACP) on all ports. 2.12.7.1 Format port lacpmode all Mode Global Config no port lacpmode all This command disables Link Aggregation Control Protocol (LACP) on all ports. 2.12.8 Format no port lacpmode all Mode Global Config port-channel adminmode This command enables a port-channel (LAG).
AT8901/2/3 2.12.10 port-channel name This command defines a name for the port-channel (LAG). The interface is a logical slot/port for a configured port-channel, and is an alphanumeric string up to 15 characters. 2.12.11 Format port-channel name { | all | } Mode Global Config show port-channel brief This command displays a summary of individual port-channel (LAG) interfaces.
AT8901/2/3 2.13 Mbr Ports A listing of the ports that are members of this port-channel (LAG), in slot/port notation. There can be a maximum of eight ports assigned to a given port-channel (LAG). Port Speed Speed of the port-channel port. Type This field displays the status designating whether a particular portchannel (LAG) is statically or dynamically maintained. Static - The port-channel is statically maintained. Dynamic - The port-channel is dynamically maintained.
AT8901/2/3 2.13.2 no monitor This command removes all the source ports and a destination port for the and restores the default value for mirroring session mode for all the configured sessions. NOTE: This is a stand-alone “no” command. This command does not have a “normal” form. 2.13.3 Default enabled Format no monitor Mode Global Config show monitor session This command displays the Port monitoring information for a particular mirroring session.
AT8901/2/3 2.14.1.1 Format macfilter Mode Global Config no macfilter This command removes all filtering restrictions and the static MAC filter entry for the MAC address on the VLAN . The parameter must be specified as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6. The parameter must identify a valid VLAN. 2.14.
AT8901/2/3 Mode 2.14.4 Global Config show mac-address-table static This command displays the Static MAC Filtering information for all Static MAC Filters. If you select , all the Static MAC Filters in the system are displayed. If you supply a value for , you must also enter a value for , and the system displays Static MAC Filter information only for that MAC address and VLAN.
AT8901/2/3 If an interface has IGMP Snooping enabled and you enable this interface for routing or enlist it as a member of a port-channel (LAG), IGMP Snooping functionality is disabled on that interface. IGMP Snooping functionality is re-enabled if you disable routing or remove port-channel (LAG) membership from an interface that has IGMP Snooping enabled. The IGMP application supports the following activities: • • • 2.15.1.
AT8901/2/3 remove the layer 2 LAN interface from its forwarding table entry upon receiving an IGMP leave message for that multicast group without first sending out MAC-based general queries to the interface. You should enable fast-leave admin mode only on VLANs where only one host is connected to each layer 2 LAN port. This prevents the inadvertent dropping of the other hosts that were connected to the same layer 2 LAN port but were still interested in receiving multicast traffic directed to that group.
AT8901/2/3 report for a particular group in that interface. This value must be less than the IGMP Query Interval time value. The range is 1 to 3599 seconds. 2.15.5.1 Default 10 seconds Format set igmp maxresponse <1-3599> Modes Global Config Interface Config VLAN Mode no set igmp maxresponse This command sets the max response time (on the interface or VLAN) to the default value. 2.15.
AT8901/2/3 2.15.8 Format no set igmp mrouter Mode Interface Config set igmp mrouter interface This command configures the interface as a multicast router interface. When configured as a multicast router interface, the interface is treated as a multicast router interface in all VLANs. 2.15.8.
AT8901/2/3 Max Response Time Displays the amount of time the switch waits after it sends a query on an interface, participating in the VLAN, because it did not receive a report for a particular group on that interface. This value may be configured. Multicast Router Present Expiration Time Displays the amount of time to wait before removing an interface that is participating in the VLAN from the list of interfaces with multicast routers attached. The interface is removed if a query is not received.
AT8901/2/3 2.16 Description The text description of this multicast table entry. Interfaces The list of interfaces that are designated for forwarding (Fwd:) and filtering (Flt:). Port Security Commands This section describes the command you use to configure Port Security on the switch. Port security, which is also known as port MAC locking, allows you to secure the network by locking allowable MAC addresses on a given port.
AT8901/2/3 2.16.3 port-security max-static This command sets the maximum number of statically locked MAC addresses allowed on a specific port. 2.16.3.1 Default 20 Format port-security max-static Mode Interface Config no port-security max-static This command resets the maximum of statically locked MAC addresses allowed on a specific port to its default value. 2.16.
AT8901/2/3 Admin Mode Port Locking mode for the Interface. Dynamic Limit Maximum dynamically allocated MAC Addresses. Static Limit Maximum statically allocated MAC Addresses. Violation Trap Mode Whether violation traps are enabled. 2.16.7 show port-security dynamic This command displays the dynamically locked MAC addresses for the port. Format show port-security dynamic Mode Privileged EXEC MAC Address MAC Address of dynamically locked MAC. 2.16.
AT8901/2/3 2.17.2 Format no lldp transmit Mode Interface Config lldp receive Use this command to enable the LLDP receive capability. 2.17.2.1 Default disabled Format lldp receive Mode Interface Configuration no lldp receive Use this command to return the reception of LLDPDUs to the default value. 2.17.3 Format lldp receive Mode Interface Configuration lldp timers Use this command to set the timing parameters for local data transmission on ports enabled for LLDP.
AT8901/2/3 2.17.4.1 Format lldp transmit-tlv [sys-desc] [sys-name] [sys-cap] [portdesc] Mode Interface Config no lldp transmit-tlv Use this command to remove an optional TLV from the LLDPDUs. Use the command without parameters to remove all optional TLVs from the LLDPDU. 2.17.5 Format. no lldp transmit-tlv [sys-desc] [sys-name] [sys-cap] [port-desc] Mode Interface Config lldp transmit-mgmt Use this command to include transmission of the local system management address information in the LLDPDUs.
AT8901/2/3 2.17.7.1 Format lldp notification-interval Mode Global Config no lldp notification-interval Use this command to return the notification interval to the default value. 2.17.8 Format no lldp notification-interval Mode Global Config clear lldp statistics Use this command to reset all LLDP statistics. 2.17.9 Format clear lldp statistics Mode Global Config clear lldp remote-data Use this command to delete all information from the LLDP remote data table. 2.17.
AT8901/2/3 2.17.12 Notify Shows whether the interface sends remote data change notifications. TLVs Shows whether the interface sends optional TLVs in the LLDPDUs. The TLV codes can be 0 (Port Description), 1 (System Name), 2 (System Description), or 3 (System Capability). Mgmt Shows whether the interface transmits system management address information in the LLDPDUs.
AT8901/2/3 Chassis ID Shows the ID of the remote device. Port ID Shows the port number that transmitted the LLDPDU. System Name Shows the system name of the remote device. 2.17.14 show lldp remote-device detail Use this command to display detailed information about remote devices that transmit current LLDP data to an interface on the system.
AT8901/2/3 2.17.16 show lldp local-device detail Use this command to display detailed information about the LLDP data a specific interface transmits. Format show lldp local-device detail Mode Privileged EXEC Interface Identifies the interface that sends the LLDPDU. Chassis ID Subtype Shows the type of identification used in the Chassis ID field. Chassis ID Identifies the chassis of the local device. Port ID Subtype Identifies the type of port on the local device.
AT8901/2/3 2.18.1.1 Format dos-control sipdip Mode Global Config no dos-control sipdip This command disables Source IP Address = Destination IP Address (SIP=DIP) Denial of Service prevention. 2.18.2 Format no dos-control sipdip Mode Global Config dos-control firstfrag This command enables Minimum TCP Header Size Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack.
AT8901/2/3 2.18.4 dos-control tcpflag This command enables TCP Flag Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attacks. If packets ingress having TCP Flag SYN set and a source port less than 1024 or having TCP Control Flags set to 0 and TCP Sequence Number set to 0 or having TCP Flags FIN, URG, and PSH set and TCP Sequence Number set to 0 or having TCP Flags SYN and FIN both set, the packets will be dropped if the mode is enabled. 2.18.
AT8901/2/3 Mode 2.18.6.1 Global Config no dos-control icmp This command disables Maximum ICMP Packet Size Denial of Service protections. 2.18.7 Format no dos-control icmp Mode Global Config show dos-control This command displays Denial of Service configuration information. Format show dos-control Mod Privileged EXEC SIPDIP Mode May be enabled or disabled. The factory default is disabled. First Fragment Mode May be enabled or disabled. The factory default is disabled.
AT8901/2/3 Default all Format show forwardingdb agetime [fdbid | all] Mode Privileged EXEC Forwarding DB ID Fdbid (Forwarding database ID) indicates the forwarding database whose aging timeout is to be shown. The all option is used to display the aging timeouts associated with all forwarding databases. This field displays the forwarding database ID in an IVL system. Agetime 2.19.3 In an IVL system, this parameter displays the address aging timeout for the associated forwarding database.
AT8901/2/3 Most MFDB Entries Ever Used Displays the largest number of entries that have been present in the Multicast Forwarding Database table. This value is also known as the MFDB high-water mark. Current Entries Displays the current number of entries in the MFDB.
AT8901/2/3 Chapter 31 Routing Commands Page 3 - 1 AT8901/2/3 CLI Reference Manual
AT8901/2/3 3. Routing Commands This chapter describes the routing commands available in the CLI. The Routing Commands chapter contains the following sections: • • • • • • • • 3.1 “Address Resolution Protocol (ARP) Commands” on page 3 - 2 3.2 “IP Routing Commands” on page 3 - 6 3.3 “Router Discovery Protocol Commands” on page 3 - 14 3.4 “Virtual LAN Routing Commands” on page 3 - 16 3.5 “Virtual Router Redundancy Protocol Commands” on page 3 - 17 3.6 “DHCP and BOOTP Relay Commands” on page 3 - 22 3.
AT8901/2/3 3.1.2 ip proxy-arp This command enables proxy ARP on a router interface. Without proxy ARP, a device only responds to an ARP request if the target IP address is an address configured on the interface where the ARP request arrived. With proxy ARP, the device may also respond if the target IP address is reachable. The device only responds if all next hops in its route to the destination are through interfaces other than the interface that received the ARP request. 3.1.2.
AT8901/2/3 3.1.5 arp purge This command causes the specified IP address to be removed from the ARP cache. Only entries of type dynamic or gateway are affected by this command. 3.1.6 Format arp purge Mode Privileged EXEC arp resptime This command configures the ARP request response timeout. The value for is a valid positive integer, which represents the IP ARP entry response timeout time in seconds. The range for is between 1-10 seconds. 3.1.6.
AT8901/2/3 Mode 3.1.8.1 Global Config no arp timeout This command configures the default ARP entry ageout time. 3.1.9 Format no arp timeout Mode Global Config clear arp-cache This command causes all ARP entries of type dynamic to be removed from the ARP cache. If the gateway keyword is specified, the dynamic entries of type gateway are purged as well. 3.1.10 Format clear arp-cache [gateway] Mode Privileged EXEC show arp This command displays the Address Resolution Protocol (ARP) cache.
AT8901/2/3 3.1.11 Type Is the type that was configured into the unit. The possible values are Local, Gateway, Dynamic and Static. Age This field displays the current age of the ARP entry since last refresh (in hh:mm:ss format show arp brief This command displays the brief Address Resolution Protocol (ARP) table information. Format show arp brief Mode Privileged EXEC Age Time (seconds) Is the time it takes for an ARP entry to age out. This value was configured into the unit.
AT8901/2/3 3.2.1 routing This command enables IPv4 and IPv6 routing for an interface. You can view the current value for this function with the show ip brief command. The value is labeled as “Routing Mode.” 3.2.1.1 Default disabled Format routing Mode Interface Config no routing This command disables routing for an interface. You can view the current value for this function with the show ip brief command. The value is labeled as “Routing Mode.” 3.2.
AT8901/2/3 Mode 3.2.4 Interface Config ip route This command configures a static route. The parameter is a valid IP address, and is a valid subnet mask. The parameter is a valid IP address of the next hop router. The optional parameter is an integer (value from 1 to 255) that allows you to specify the preference value (sometimes called “administrative distance”) of an individual static route.
AT8901/2/3 3.2.6 Format no ip route default [{ | }] Mode Global Config ip route distance This command sets the default distance (preference) for static routes. Lower route distance values are preferred when determining the best route. The ip route and ip route default commands allow you to optionally set the distance (preference) of an individual static route. The default distance is used when no distance is specified in these commands.
AT8901/2/3 3.2.8.1 no ip netdirbcast This command disables the forwarding of network-directed broadcasts. When disabled, network directed broadcasts are dropped. 3.2.9 Format no ip netdirbcast Mode Interface Config ip mtu This command sets the IP Maximum Transmission Unit (MTU) on a routing interface. The IP MTU is the size of the largest IP packet that can be transmitted on the interface without fragmentation. FASTPATH software currently does not fragment IP packets.
AT8901/2/3 NOTE: Routed frames are always ethernet encapsulated when a frame is routed to a VLAN. 3.2.11 show ip brief This command displays all the summary information of the IP. Format show ip brief Modes Privileged EXEC User EXEC Default Time to Live The computed TTL (Time to Live) of forwarding a packet from the local router to the final destination. Routing Mode Shows whether the routing mode is enabled or disabled. IP Forwarding Mode Shows whether forwarding of IP frames is enabled or disabled.
AT8901/2/3 Encapsulation Type Is the encapsulation type for the specified interface. The types are: Ethernet or SNAP. IP MTU 3.2.13 Displays the maximum transmission unit (MTU) size of a frame, in bytes. show ip interface brief This command displays summary information about IP configuration settings for all ports in the router. Format show ip interface brief Modes Privileged EXEC User EXEC Interface Valid slot and port number separated by forward slashes.
AT8901/2/3 IP-Address/Mask The IP-Address and mask of the destination network corresponding to this route. Preference The administrative distance associated with this route. Routes with low values are preferred over routes with higher values. Metric The cost associated with this route. via Next-Hop The outgoing router IP address to use when forwarding traffic to the next router (if any) in the path toward the destination Interface 3.2.
AT8901/2/3 NOTE: The configuration of NSSA preferences is not supported in this release. 3.2.17 show ip stats This command displays IP statistical information. Refer to RFC 1213 for more information about the fields that are displayed. 3.3 Format show ip stats Modes Privileged EXEC User EXEC Router Discovery Protocol Commands This section describes the commands you use to view and configure Router Discovery Protocol settings on the switch.
AT8901/2/3 3.3.3 ip irdp holdtime This command configures the value, in seconds, of the holdtime field of the router advertisement sent from this interface. The holdtime range is the value of to 9000 seconds. 3.3.3.1 Default 3 * maxinterval Format ip irdp holdtime Mode Interface Config no ip irdp holdtime This command configures the default value, in seconds, of the holdtime field of the router advertisement sent from this interface. 3.3.
AT8901/2/3 3.3.6 ip irdp preference This command configures the preferability of the address as a default router address, relative to other router addresses on the same subnet. 3.3.6.1 Default 0 Format ip irdp preference <-2147483648 to 2147483647> Mode Interface Config no ip irdp preference This command configures the default preferability of the address as a default router address, relative to other router addresses on the same subnet. 3.3.
AT8901/2/3 3.4.1 vlan routing This command creates routing on a VLAN. The value has a range from 1 to 4094. 3.4.1.1 Format vlan routing Mode VLAN Config no vlan routing This command deletes routing on a VLAN. The value has a range from 1 to 4094. 3.4.2 Format no vlan routing Mode VLAN Config show ip vlan This command displays the VLAN routing information for all VLANs with routing enabled.
AT8901/2/3 Mode 3.5.1.1 Global Config Interface Config no ip vrrp In Global Config mode, this command disables the default administrative mode of VRRP in the router. In Interface Config mode, this command disables the VRRP protocol on an interface. This command also removes a virtual router IP address as a secondary IP address on an interface. The virtual Router ID, , is an integer value that ranges from 1 to 255. 3.5.
AT8901/2/3 parameter is the virtual router ID which has an integer value ranges from 1 to 255. 3.5.4.1 Default no authorization Format ip vrrp authentication {none | simple } Mode Interface Config no ip vrrp authentication This command sets the default authorization details value for the virtual router configured on a specified interface. 3.5.
AT8901/2/3 3.5.7 ip vrrp timers advertise This command sets the frequency, in seconds, that an interface on the specified virtual router sends a virtual router advertisement. 3.5.7.1 Default 1 Format ip vrrp timers advertise <1-255> Mode Interface Config no ip vrrp timers advertise This command sets the default virtual router advertisement value for an interface. 3.5.
AT8901/2/3 Invalid Authentication Type Represents the total number of VRRP packets received with unknown authentication type. Authentication Type Mismatch Represents the total number of VRRP advertisements received for which 'auth type' not equal to locally configured one for this virtual router. Packet Length Errors Represents the total number of VRRP packets received with packet length less than length of VRRP header. 3.5.
AT8901/2/3 3.5.11 show ip vrrp interface brief This command displays information about each virtual router configured on the FASTPATH switch. This command takes no options. It displays information about each virtual router. 3.6 Format show ip vrrp interface brief Modes Privileged EXEC User EXEC Interface Valid slot and port number separated by forward slashes. VRID Represents the router ID of the virtual router. IP Address The virtual router IP address.
AT8901/2/3 3.6.2.1 no bootpdhcprelay enable This command disables the forwarding of relay requests for BootP/DHCP Relay on the system. 3.6.3 Format no bootpdhcprelay enable Mode Global Config bootpdhcprelay maxhopcount This command configures the maximum allowable relay agent hops for BootP/DHCP Relay on the system. The parameter has a range of 1 to 16. 3.6.3.
AT8901/2/3 Mode 3.6.5.1 Global Config no bootpdhcprelay serverip This command configures the default server IP Address for BootP/DHCP Relay on the system. 3.6.6 Format no bootpdhcprelay serverip Mode Global Config show bootpdhcprelay This command displays the BootP/DHCP Relay information. Format show bootpdhcprelay Modes Privileged EXEC User EXEC Maximum Hop Count Is the maximum allowable relay agent hops. Minimum Wait Time (Seconds) Is the minimum wait time.
AT8901/2/3 3.7.2.1 no enable (OSPF) This command sets the administrative mode of OSPF in the router to inactive. 3.7.3 Format no enable Mode Router OSPF Config ip ospf This command enables OSPF on a router interface. 3.7.3.1 Default disabled Format ip ospf Mode Interface Config no ip ospf This command disables OSPF on a router interface. 3.7.4 Format no ip ospf Mode Interface Config 1583compatibility This command enables OSPF 1583 compatibility.
AT8901/2/3 Mode 3.7.6.1 Router OSPF Config no area nssa This command disables nssa from the specified area id. 3.7.7 Format no area nssa Mode Router OSPF Config area nssa default-info-originate (OSPF) This command configures the metric value and type for the default route advertised into the NSSA. The optional metric parameter specifies the metric of the default route and is to be in a range of 1-16777214. If no metric is specified, the default value is ****.
AT8901/2/3 3.7.12 Format area nssa translator-stab-intv Mode Router OSPF Config area range (OSPF) This command creates a specified area range for a specified NSSA. The is a valid IP address. The is a valid subnet mask. The LSDB type must be specified by either summarylink or nssaexternallink, and the advertising of the area range can be allowed or suppressed. 3.7.12.
AT8901/2/3 3.7.14.1 no area stub no-summary This command configures the default Summary LSA mode for the stub area identified by . 3.7.15 Format no area stub no-summary Mode Router OSPF Config area virtual-link (OSPF) This command creates the OSPF virtual interface for the specified and . The parameter is the Router ID of the neighbor. 3.7.15.
AT8901/2/3 3.7.17 area virtual-link dead-interval (OSPF) This command configures the dead interval for the OSPF virtual interface on the virtual interface identified by and . The parameter is the Router ID of the neighbor. The range for seconds is 1 to 65535. 3.7.17.
AT8901/2/3 3.7.19.1 no area virtual-link retransmit-interval This command configures the default retransmit interval for the OSPF virtual interface on the virtual interface identified by and . The parameter is the Router ID of the neighbor. 3.7.
AT8901/2/3 3.7.22.1 no default-metric (OSPF) This command is used to set a default for the metric of distributed routes. 3.7.23 Format no default-metric Mode Router OSPF Config distance ospf (OSPF) This command sets the route preference value of OSPF in the router. Lower route preference values are preferred when determining the best route. The type of OSPF can be intra, inter, type-1, or type-2.
AT8901/2/3 external-LSAs. When set to 0, the router will not leave Overflow State until restarted. The range for seconds is 0 to 2147483647 seconds. 3.7.25.1 Default 0 Format exit-overflow-interval Mode Router OSPF Config no exit-overflow-interval This command configures the default exit overflow interval for OSPF. 3.7.26 Format no exit-overflow-interval Mode Router OSPF Config external-lsdb-limit (OSPF) This command configures the external LSDB limit for OSPF.
AT8901/2/3 the type is encrypt, the key may be up to 256 bytes. If the type is encrypt a in the range of 0 and 255 must be specified. Unauthenticated interfaces do not need an authentication key or authentication key ID. 3.7.28.1 Default none Format ip ospf authentication {none | {simple } | {encrypt }} Mode Interface Config no ip ospf authentication This command sets the default OSPF Authentication Type for the specified interface. 3.7.
AT8901/2/3 3.7.31 ip ospf hello-interval This command sets the OSPF hello interval for the specified interface. The value for seconds is a valid positive integer, which represents the length of time in seconds. The value for the length of time must be the same for all routers attached to a network. Valid values range from 1 to 65535. 3.7.31.
AT8901/2/3 Mode 3.7.34 Interface Config ip ospf transmit-delay This command sets the OSPF Transit Delay for the specified interface. The transmit delay is specified in seconds. In addition, it sets the estimated number of seconds it takes to transmit a link state update packet over this interface. Valid values for range from 1 to 3600 (1 hour). 3.7.34.
AT8901/2/3 3.7.37.1 Default metric—unspecified type—2 tag—0 Format redistribute {rip | static | connected} [metric <016777214>] [metric-type {1 | 2}] [tag <0-4294967295>] [subnets] Mode Router OSPF Config no redistribute This command configures OSPF protocol to prohibit redistribution of routes from the specified source protocol/routers. 3.7.
AT8901/2/3 3.7.40.1 no trapflags This command disables OSPF traps. 3.7.41 Format no trapflags Mode Router OSPF Config show ip ospf This command displays information relevant to the OSPF router. Format show ip ospf Mode Privileged EXEC NOTE: Some of the information below displays only if you enable OSPF and configure certain features. Router ID A 32-bit integer in dotted decimal format identifying the router, about which information is displayed. This is a configured value.
AT8901/2/3 Metric Shows the metric for the advertised default routes. If the metric is not configured, this field is blank. Metric Type Shows whether the routes are External Type 1 or External Type 2. Maximum Paths Shows the maximum number of paths that OSPF can report for a given destination. Redistributing This field is a heading and appears only if you configure the system to take routes learned from a non-OSPF source and advertise them to its peers.
AT8901/2/3 Redistribute into NSSA Shows whether to redistribute information into the NSSA. Default Information Originate Shows whether to advertise a default route into the NSSA Default Metric Shows the metric value for the default route advertised into the NSSA. Default Metric Type Shows the metric type for the default route advertised into the NSSA. Translator Role Shows the NSSA translator role of the ABR, which is always or candidate.
AT8901/2/3 Use network to display the network LSAs. Use nssa-external to display NSSA external LSAs. Use router to display router LSAs. Use summary to show the LSA database summary information. Use to specify the link state ID (LSID). The value of can be an IP address or an integer in the range of 0-4294967295. Use adv-router to show the LSAs that are restricted by the advertising router. Use selforiginate to display the LSAs in that are self originated.
AT8901/2/3 3.7.46 Subtotal Number of entries for the identified area. Total Number of entries for all areas. show ip ospf interface This command displays the information for the IFO object or virtual interface tables. Format show ip ospf interface { | loopback } Modes Privileged EXEC User EXEC IP Address Represents the IP address for the specified interface. Subnet Mask A mask of the network and host portion of the IP address for the OSPF interface.
AT8901/2/3 3.7.47 show ip ospf interface brief This command displays brief information for the IFO object or virtual interface tables. Format show ip ospf interface brief Modes Privileged EXEC User EXEC Interface Valid slot and port number separated by forward slashes. OSPF Admin Mode States whether OSPF is enabled or disabled on a router interface. OSPF Area ID Represents the OSPF Area Id for the specified interface.
AT8901/2/3 Neighbor Events The number of times this neighbor relationship has changed state, or an error has occurred. External LSA Count The number of external (LS type 5) link-state advertisements in the link-state database. 3.7.49 show ip ospf neighbor This command displays information about OSPF neighbors. If you do not specify a neighbor IP address, the output displays summary information in a table. If you specify an interface or tunnel, only the information for that interface or tunnel displays.
AT8901/2/3 Full - the neighboring routers are fully adjacent and they will now appear in router-LSAs and network-LSAs. Dead Time Shows the amount of time, in seconds, to wait before the router assumes the neighbor is unreachable. If you specify an IP address for the neighbor router, the following fields display: Interface Valid slot and port number separated by forward slashes. Neighbor IP Address Shows the IP address of the neighbor router.
AT8901/2/3 3.7.51 show ip ospf statistics This command displays information about recent Shortest Path First (SPF) calculations. The SPF is the OSPF routing table calculation. The output lists the number of times the SPF has run for each OSPF area. A table follows this information. For each of the 15 most recent SPF runs, the table lists how long ago the SPF ran, how long the SPF took, and the reasons why the SPF was scheduled.
AT8901/2/3 Hello Interval The configured hello interval for the OSPF virtual interface. Dead Interval The configured dead interval for the OSPF virtual interface. Iftransit Delay Interval The configured transit delay for the OSPF virtual interface. Retransmit Interval The configured retransmit interval for the OSPF virtual interface. Authentication Type The configured authentication type of the OSPF virtual interface.
AT8901/2/3 Mode 3.8.2.1 Router RIP Config no enable (RIP) This command sets the administrative mode of RIP in the router to inactive. 3.8.3 Format no enable Mode Router RIP Config ip rip This command enables RIP on a router interface. 3.8.3.1 Default disabled Format ip rip Mode Interface Config no ip rip This command disables RIP on a router interface. 3.8.4 Format. no ip rip Mode Interface Config auto-summary This command enables the RIP auto-summarization mode. 3.8.4.
AT8901/2/3 3.8.6 default-metric (RIP) This command is used to set a default for the metric of distributed routes. 3.8.6.1 Format default-metric <0-15> Mode Router RIP Config no default-metric (RIP) This command is used to reset the default metric of distributed routes to its default value. 3.8.7 Format no default-metric Mode Router RIP Config distance rip This command sets the route preference value of RIP in the router.
AT8901/2/3 authentication key [key] must be 16 bytes or less. The [key] is composed of standard displayable, non-control keystrokes from a Standard 101/102-key keyboard. If the value of is encrypt, a keyid in the range of 0 and 255 must be specified. Unauthenticated interfaces do not need an authentication key or authentication key ID. 3.8.9.
AT8901/2/3 3.8.11.1 no ip rip send version This command configures the interface to allow RIP control packets of the default version to be sent. 3.8.12 Format no ip rip send version Mode Interface Config hostroutesaccept This command enables the RIP hostroutesaccept mode. 3.8.12.1 Default enabled Format hostroutesaccept Mode Router RIP Config no hostroutesaccept This command disables the RIP hostroutesaccept mode. 3.8.
AT8901/2/3 Format for OSPF as source protocol redistribute ospf [metric <0-15>] [match [internal] [external 1] [external 2] [nssa-external 1] [nssa-external-2]] Format for other source protocol redistribute {static | connected} [metric <0-15>] Mode 3.8.14.1 Router RIP Config no redistribute This command de-configures RIP protocol to redistribute routes from the specified source protocol/routers. 3.8.
AT8901/2/3 Interface Valid slot and port number separated by forward slashes. IP Address The IP source address used by the specified RIP interface. Send Version The RIP version(s) used when sending updates on the specified interface. The types are none, RIP-1, RIP-1c, RIP-2. Receive Version The RIP version(s) allowed when receiving updates from the specified interface. The types are none, RIP-1, RIP-2, Both 3.8.
AT8901/2/3 Chapter 41 Quality of Service Commands Page 4 - 1 AT8901/2/3 CLI Reference Manual
AT8901/2/3 4. Quality of Service (QoS) Commands This chapter describes the Quality of Service (QoS) commands available in the CLI. The QoS Commands chapter contains the following sections: • • • • • • • • 4.1 “Class of Service (CoS) Commands” on page 4 - 2 4.2 “Differentiated Services (DiffServ) Commands” on page 4 - 7 4.3 “DiffServ Class Commands” on page 4 - 8 4.4 “DiffServ Policy Commands” on page 4 - 14 4.5 “DiffServ Service Commands” on page 4 - 18 4.6 “DiffServ Show Commands” on page 4 - 19 4.
AT8901/2/3 4.1.2 classofservice ip-precedence-mapping This command maps an IP precedence value to an internal traffic class. The values can range from 0-7. The values can range from 0-6, although the actual number of available traffic classes depends on the platform. 4.1.2.
AT8901/2/3 4.1.4.1 Default dot1p Format classofservice trust {dot1p | ip-dscp | ip-precedence | untrusted} Mode Global Config Interface Config no classofservice trust This command sets the interface mode to the default value. 4.1.5 Format no classofservice trust Modes Global Config Interface Config cos-queue min-bandwidth This command specifies the minimum transmission bandwidth guarantee for each interface queue. The total number of queues supported per interface is platform specific.
AT8901/2/3 4.1.7 traffic-shape This command specifies the maximum transmission bandwidth limit for the interface as a whole. Also known as rate shaping, traffic shaping has the effect of smoothing temporary traffic bursts over time so that the transmitted traffic rate is bounded. 4.1.7.1 Format traffic-shape Modes Global Config Interface Config no traffic-shape This command restores the interface shaping rate to the default value. 4.1.
AT8901/2/3 4.1.10 show classofservice ip-dscp-mapping This command displays the current IP DSCP mapping to internal traffic classes for the global configuration settings. Format show classofservice ip-dscp-mapping Mode Privileged EXEC The following information is repeated for each user priority. 4.1.11 IP DSCP The IP DSCP value. Traffic Class The traffic class internal queue identifier to which the IP DSCP value is mapped.
AT8901/2/3 If you specify the interface, the command also displays the following information. Interface This displays the slot/port of the interface. If displaying the global configuration, this output line is replaced with a Global Config indication. Interface Shaping Rate The maximum transmission bandwidth limit for the interface as a whole. It is independent of any per-queue maximum bandwidth value(s) in effect for the interface. This is a configured value. 4.
AT8901/2/3 updates the 802.1p user priority field contained in the VLAN tag of the layer 2 packet header. NOTE: Traffic to be processed by the DiffServ feature requires an IP header. 4.2.1 diffserv This command sets the DiffServ operational mode to active. While disabled, the DiffServ configuration is retained and can be changed, but it is not activated. When enabled, Diffserv services are activated. 4.2.1.
AT8901/2/3 4.3.1.1 Format class-map match-all Mode Global Config no class-map This command eliminates an existing DiffServ class. The is the name of an existing DiffServ class ( The class name 'default' is reserved and is not allowed here). This command may be issued at any time; if the class is currently referenced by one or more policies or by any other class, the delete action fails. 4.3.
AT8901/2/3 Format match class-map Mode Class-Map Config NOTE: • • • • • • 4.3.5.1 The parameters and can not be the same. Only one other class may be referenced by a class. Any attempts to delete the class while the class is still referenced by any fails. The combined match criteria of and must be an allowed combination based on the class type.
AT8901/2/3 4.3.8 match destination-address mac This command adds to the specified class definition a match condition based on the destination MAC address of a packet. The parameter is any layer 2 MAC address formatted as six, two-digit hexadecimal numbers separated by colons (e.g., 00:11:22:dd:ee:ff). The parameter is a layer 2 MAC address bit mask, which need not be contiguous, and is formatted as six, two-digit hexadecimal numbers separated by colons (e.g., ff:07:23:ff:fe:dc).
AT8901/2/3 4.3.12 Default none Format match ip dscp Mode Class-Map Config match ip precedence This command adds to the specified class definition a match condition based on the value of the IP Precedence field in a packet, which is defined as the high-order three bits of the Service Type octet in the IP header (the low-order five bits are not checked). The precedence value is an integer from 0 to 7.
AT8901/2/3 To specify the match condition using a numeric value notation, the protocol number is a standard value assigned by IANA and is interpreted as an integer from 0 to 255. NOTE: This command does not validate the protocol number value against the current list defined by IANA. 4.3.
AT8901/2/3 4.3.18 match vlan This command adds to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field (the only tag in a single tagged packet or the first or outer tag of a double VLAN tagged packet). The VLAN ID is an integer from 1 to 4095. NOTE: This command is not available on the Broadcom 5630x platform. 4.3.
AT8901/2/3 4.4.1 assign-queue This command modifies the queue id to which the associated traffic stream is assigned. The queueid is an integer from 0 to n-1, where n is the number of egress queues supported by the device. Format assign-queue Mode Policy-Class-Map Config Incompatibilities Drop 4.4.2 drop This command specifies that all packets for the associated traffic stream are to be dropped at ingress.
AT8901/2/3 Mode 4.4.6 Policy-Class-Map Config class This command creates an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic class through subsequent policy attribute statements. The is the name of an existing DiffServ class. NOTE: This command causes the specified policy to create a reference to the class definition. NOTE: The CLI mode is changed to Policy-Class-Map Config when this command is successfully executed. 4.4.6.
AT8901/2/3 4.4.9 mark ip-precedence This command marks all packets for the associated traffic stream with the specified IP Precedence value. The IP Precedence value is an integer from 0 to 7. Format mark ip-precedence <0-7> Mode Policy-Class-Map Config Policy Type In Incompatibilities Drop, Mark CoS, Mark IP DSCP, Police 4.4.10 police-simple This command is used to establish the traffic policing style for the specified class.
AT8901/2/3 4.4.11.1 no policy-map This command eliminates an existing DiffServ policy. The parameter is the name of an existing DiffServ policy. This command may be issued at any time. If the policy is currently referenced by one or more interface service attachments, this delete attempt fails. 4.4.12 Format no policy-map Mode Global Config policy-map rename This command changes the name of a DiffServ policy. The is the name of an existing DiffServ class.
AT8901/2/3 NOTE: Each interface can have one policy attached. 4.5.1.1 no service-policy This command detaches a policy from an interface in the inbound direction. The parameter is the name of an existing DiffServ policy. NOTE: This command causes a service to remove its reference to the policy. This command effectively disables DiffServ on an interface in the inbound direction. There is no separate interface administrative 'mode' command for DiffServ. 4.
AT8901/2/3 Class Name The name of this class. (Note that the order in which classes are displayed is not necessarily the same order in which they were created.) Class Type A class type of ‘all’ means every match criterion defined for the class is evaluated simultaneously and must all be true to indicate a class match. Ref Class Name The name of an existing DiffServ class whose match conditions are being referenced by the specified class definition. 4.6.
AT8901/2/3 Policy Name The name of this policy. Type The policy type (Only inbound policy definitions are supported for this platform.) The following information is repeated for each class associated with this policy (only those policy attributes actually configured are displayed): Assign Queue Directs traffic stream to the specified QoS queue. This allows a traffic classifier to specify which one of the supported hardware queues are used for handling packets belonging to the class.
AT8901/2/3 Non-Conform DSCP Value This field displays the DSCP mark value if the non-conform action is set-dscp-transmit. Non-Conform IP Precedence Value This field displays the IP Precedence mark value if the non-conform action is set-prec-transmit. Policing Style This field denotes the style of policing, if any, used (simple). Redirect Forces a classified traffic stream to a specified egress port (physical port or LAG). This can occur in addition to any marking or policing action.
AT8901/2/3 The following information is repeated for interface and direction (only those interfaces configured with an attached policy are shown): 4.6.6 Interface Valid slot and port number separated by forward slashes. Direction The traffic direction of this interface service. OperStatus The current operational status of this DiffServ service interface. Policy Name The name of the policy attached to the interface in the indicated direction.
AT8901/2/3 4.7 MAC Access Control List (ACL) Commands This section describes the commands you use to configure MAC ACL settings. MAC ACLs ensure that only authorized users have access to specific resources and block any unwarranted attempts to reach network resources. The following rules apply+-to MAC ACLs: • • • • 4.7.1 The maximum number of ACLs you create is 100, regardless of type. The system supports only Ethernet II frame types. The maximum number of rules per MAC ACL is hardware dependent.
AT8901/2/3 NOTE: The 'no' form of this command is not supported, since the rules within a MAC ACL cannot be deleted individually. Rather, the entire MAC ACL must be deleted and re-specified. NOTE: An implicit 'deny all' MAC rule always terminates the access list. NOTE: For BCM5630x and BCM5650x based systems, assign-queue, redirect, and mirror attributes are configurable for a deny rule, but they have no operational effect.
AT8901/2/3 NOTE: The mirror and redirect parameters are not available on the Broadcom 5630x platform. NOTE: The special command form {deny | permit} any any is used to match all Ethernet layer 2 packets, and is the equivalent of the IP access list “match every” rule. 4.7.
AT8901/2/3 Action Displays the action associated with each rule. The possible values are Permit or Deny. Source MAC Address Displays the source MAC address for this rule. Destination MAC Address Displays the destination MAC address for this rule. Ethertype Displays the Ethertype keyword or custom value for this rule. VLAN ID Displays the VLAN identifier value or range for this rule. COS Displays the COS (802.1p) value for this rule. Log Displays when you enable logging for the rule.
AT8901/2/3 IP Extended ACL: Format access-list <100-199> {deny | permit} {every | {{icmp | igmp | ip | tcp | udp | } [{eq { | <0-65535>} [{eq {| <0-65535>}] [precedence | tos | dscp ] [log] [assign-queue ] [{mirror | redirect} ] Mode Global Config Table 2. ACL Command Parameters Parameter Description <1-99> or <100-199> Range 1 to 99 is the access list number for an IP standard ACL.
AT8901/2/3 4.8.1.1 no access-list This command deletes an IP ACL that is identified by the parameter from the system. The range for 1-99 for standard access lists and 100-199 for extended access lists. 4.8.2 Format no access-list Mode Global Config ip access-group This command attaches a specified IP ACL to one interface or to all interfaces.
AT8901/2/3 4.8.4 show ip access-lists This command displays an IP ACL is the number used to identify the IP ACL. Format show ip access-lists Mode Privileged EXEC NOTE: Only the access list fields that you configure are displayed. Rule Number This displays the number identifier for each rule that is defined for the IP ACL. Action This displays the action associated with each rule. The possible values are Permit or Deny.
AT8901/2/3 Sequence Number An optional sequence number may be specified to indicate the order of this access list relative to other access lists already assigned to this interface and direction. A lower number indicates higher precedence order. If a sequence number is already in use for this interface and direction, the specified access list replaces the currently attached access list using that sequence number.
AT8901/2/3 AT8901/2/3 CLI Reference Manual Page 4 - 32
AT8901/2/3 Chapter 51 Utility Commands Page 5 - 1 AT8901/2/3 CLI Reference Manual
AT8901/2/3 5. Utility Commands This chapter describes the utility commands available in the CLI. The Utility Commands chapter includes the following sections: • • • • • • • • • • 5.1 “Commands for accessing base/extension fabric” on page 5 - 2 5.2 “Commands for download and startup Configuration” on page 5 - 2 5.3 “ATCA commands” on page 5 - 4 5.4 “System Information and Statistics Commands” on page 5 - 6 5.5 “Logging Commands” on page 5 - 20 5.6 “System Utility and Clear Commands” on page 5 - 24 5.
AT8901/2/3 5.2.1 download application This command copies an application tgz from into the flash. The command checks that the is unique and between 1 and 9 5.2.2 Format download application Mode Privileged EXEC download ipmifw This command copies an IPMI firmware image from URL and flashes the IPMC with the new image. If the flash process is interrupted or fails, the IPMC will automatically recover and use the previously installed image 5.2.
AT8901/2/3 5.2.7 Format download bootloader Mode Privileged EXECEXEC show startupconfig This command shows the slots for kernel/initrd/application/config or all possible configured combinations of the above 5.2.8 Format show startupconfig {application | kernel | initrd | startup | config | all} Mode Privileged EXEC startupslot config This command configures the startup slot with the supplied values from the other slots.
AT8901/2/3 5.3.2 set board ipmi-controller debug This command enables temporary IPMI controller serial debug output on the management serial console. . Format set board ipmi-controller debug {on | off} Mode Privileged EXEC NOTE: Use this command with care as it may render the console useless until a full board reset is executed 5.3.3 set board fcap This command enables or disables some firmware capabilities. If the handle capability is enabled, the hardware handle is ignored. 5.3.
AT8901/2/3 Table 5.1. Interface mapping I/F extension Description extension fabric interface PCIE/ASI Channel 1-15 Port 0 NOTE: Only one extension interface can exist on a AT8901 5.3.5.1 no atca port override With the “no”-form the user specified marking is removed and the port is set to the ekeying state (the “enable/disable” specification is not used, but must be specified) Format no atca port override {enable | disable} Mode Global Config For I/F mapping see Table 5.1.
AT8901/2/3 Interface 5.4.2 For a service port the output is Management. For a network port, the output is the slot/port of the physical interface. show eventlog This command displays the event log, which contains error messages from the system. The event log is not cleared on a system reset. Format show eventlog Mode Privileged EXEC File The file in which the event originated. Line The line number of the event Task Id The task ID of the event. Code The event code.
AT8901/2/3 Burned in MAC Address Universally assigned network address. Software Version The release.version.revision number of the code currently running on the switch. Operating System The operating system currently running on the switch. Network Processing Device The type of the processor microcode. Additional Packages This displays the additional packages incorporated into this system. 5.4.
AT8901/2/3 Transmit Packet Errors The number of outbound packets that could not be transmitted because of errors. Address Entries Currently In Use The total number of Forwarding Database Address Table entries now active on the switch, including learned and static entries. VLAN Entries Currently In Use The number of VLAN entries presently occupying the VLAN table. Time Since Counters Last Cleared The elapsed time, in days, hours, minutes, and seconds since the statistics for this switch were last cleared.
AT8901/2/3 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received > 1522 Octets - The total number of packets received that were longer than 1522 octets (excluding framing bits, but including FCS octets) and were otherwise well formed. Packets RX and TX 64 Octets - The total number of packets (including bad packets) received and transmitted that were 64 octets in length (excluding framing bits but including FCS octets).
AT8901/2/3 Total Packets Received Without Error - The total number of packets received that were without errors. Unicast Packets Received - The number of subnetwork-unicast packets delivered to a higher-layer protocol. Multicast Packets Received - The total number of good packets received that were directed to a multicast address. Note that this number does not include packets directed to the broadcast address.
AT8901/2/3 Unacceptable Frame Type - The number of frames discarded from this port due to being an unacceptable frame type. Multicast Tree Viable Discards - The number of frames discarded when a lookup in the multicast tree for a VLAN occurs while that tree is being modified. Reserved Address Discards - The number of frames discarded that are destined to an IEEE 802.1 reserved address and are not supported by the system.
AT8901/2/3 Total - The number of frames that have been transmitted by this port to its segment. Unicast Packets Transmitted - The total number of packets that higher-level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent. Multicast Packets Transmitted - The total number of packets that higher-level protocols requested be transmitted to a Multicast address, including those that were discarded or not sent.
AT8901/2/3 GVRP Failed Registrations - The number of times attempted GVRP registrations could not be completed. GMRP PDUs Received - The count of GMRP PDU's received in the GARP layer. GMRP PDUs Transmitted - The count of GMRP PDU's transmitted from the GARP layer. GMRP Failed Registrations - The number of times attempted GMRP registrations could not be completed.
AT8901/2/3 being deliverable to a higher-layer protocol. A possible reason for discarding a packet could be to free up buffer space. Octets Transmitted The total number of octets transmitted out of the interface, including framing characters. Packets Transmitted without Errors The total number of packets transmitted out of the interface.
AT8901/2/3 Format show mac-addr-table [ | all] Mode Privileged EXEC Mac Address A unicast MAC address for which the switch has forwarding and or filtering information. The format is 6 or 8 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB. In an IVL system the MAC address will be displayed as 8 bytes. Interface The port which this address was learned.
AT8901/2/3 5.4.9 show sysinfo This command displays switch information. Format show sysinfo Mode Privileged EXEC Switch Description Text used to identify this switch. System Name Name used to identify the switch.The factory default is blank. To configure the system name, see 6.6.1 “snmp-server” on page 6 - 16. System Location Text used to identify the location of the switch. The factory default is blank. To configure the system location, see 6.6.1 “snmp-server” on page 6 - 16.
AT8901/2/3 Mode Privileged EXEC NOTE: It might take a while to get an output of the “show boardinfo sensors brief” command 5.4.13 show boardinfo event-log This command displays the event log of the board management controller. It can either display a summary (“info”) or a list of all existing event-log records, a list with most recent records or a single record. The (of SEL) is displayed in the list of records.
AT8901/2/3 5.4.16 show boardinfo address This command displays the global address info of the board. 5.4.17 Format show boardinfo address Mode Privileged EXEC show boardinfo fru This command displays various FRU (field replaceable unit) related information. 5.4.18 Format show boardinfo fru {product-info | board-info | multirecord | custom-area | all} Mode Privileged EXEC show boardinfo ipmidev This command displays the IPMI device information.
AT8901/2/3 Mode 5.4.23 Privileged EXEC show boardinfo routing This commands shows which interface is configured with Layer 3 functionality. It shows the currently active setting and the setting which becomes effective after the next reboot. 5.4.24 Format show boardinfo routing Mode Privileged EXEC show boardinfo xfp This command displays information for a specified or all existing XFP’s. The information are control/status information (via CPLD register) and/or the eeprom data. 5.
AT8901/2/3 5.5.2.1 no logging buffered wrap This command disables wrapping of in-memory logging and configures logging to stop when the log file capacity is full. 5.5.3 Format no logging buffered wrap Mode Privileged EXEC logging console This command enables logging to the console.
AT8901/2/3 5.5.6.1 Format logging port Mode Global Config no logging port This command resets the local logging port to the default. 5.5.7 Format no logging port Mode Global Config logging syslog This command enables syslog logging. The parameter is an integer with a range of 1-65535. 5.5.7.1 Default disabled Format logging syslog [port ] Mode Global Config no logging syslog This command disables syslog logging. 5.5.
AT8901/2/3 5.5.9 show logging buffered This command displays buffered logging (system startup and system operation logs). Format show logging buffered Mode Privileged EXEC Buffered (In-Memory) Logging Shows whether the In-Memory log is enabled or disabled. Buffered Logging Wrapping Behavior The behavior of the In Memory log when faced with a log full situation. Buffered Log Count The count of valid entries in the buffered log. 5.5.
AT8901/2/3 5.5.12 show logging backtrace This command displays the backtrace file last created. A backtrace file is created when the application stops unexpectedly. 5.6 Format show logging backtrace Mode Privileged EXEC System Utility and Clear Commands This section describes the commands you use to help troubleshoot connectivity issues and to restore various configurations to their factory defaults. 5.6.
AT8901/2/3 5.6.5 clear pass This command resets all user passwords to the factory defaults without powering off the switch. You are prompted to confirm that the password reset should proceed. 5.6.6 Format clear pass Mode Privileged EXEC clear port-channel This command clears all port-channels (LAGs). 5.6.7 Format clear port-channel Mode Privileged EXEC clear traplog This command clears the trap log. 5.6.
AT8901/2/3 5.6.12 set bootstopkey This command sets the bootstop key. With this key the booting process can be stopped. The key name is “stop”. This is the default setting. 5.6.12.1 Format set bootstopkey Mode Privileged EXEC no set bootstopkey This command resets the bootstop key. The boot process can not be interrupted. 5.6.13 Format no set bootstopkey Mode Privileged EXEC ping This command checks if another computer is on the network and listens for connections.
AT8901/2/3 5.6.16 copy The copy command uploads and downloads files to and from the switch. You can also use the copy command to manage the dual images (image1 and image2) on the file system. Upload and download files from a server by using TFTP or Xmodem. Format copy Mode Privileged EXEC Replace the and parameters with the options in Table 5.2.
AT8901/2/3 Table 5.2. Copy Parameters Source 5.7 Destination Description nvram:sslpemdhstrong Downloads an HTTP secure-server certificate. nvram:sslpemroot Downloads an HTTP secure-server certificate. nvram:sslpemserver Downloads an HTTP secure-server certificate. nvram:startupconfig Downloads the startup configuration file to the system. nvram:systemimage Downloads a code image to the system.
AT8901/2/3 5.7.2 show key-features This command displays the enabled or disabled status for all keyable features. 5.8 Format show key-features Modes Privileged EXEC User EXEC Function This is the name of the keyable component or feature. Status Enabled or disabled. Simple Network Time Protocol (SNTP) Commands This section describes the commands you use to automatically configure the system time and date by using SNTP. 5.8.
AT8901/2/3 5.8.3.1 Default 123 Format sntp client port Mode Global Config no sntp client port This command resets the SNTP client port back to its default value. 5.8.4 Format. no sntp client port Mode Global Config sntp unicast client poll-interval This command sets the poll interval for SNTP unicast clients in seconds as a power of two where can be a value from 6 to 16. 5.8.4.
AT8901/2/3 5.8.6.1 no sntp unicast client poll-retry This command will reset the poll retry for SNTP unicast clients to its default value. 5.8.7 Format no sntp unicast client poll-retry Mode Global Config sntp multicast client poll-interval This command will set the poll interval for SNTP multicast clients in seconds as a power of two where can be a value from 6 to 16. 5.8.7.
AT8901/2/3 Multicast Count Current number of unsolicited multicast messages that have been received and processed by the SNTP client since last reboot 5.8.10 show sntp client This command is used to display SNTP client settings. Format show sntp client Mode Privileged EXEC Client Supported Modes Supported SNTP Modes (Broadcast, Unicast, or Multicast). SNTP Version The highest SNTP version the client supports 5.8.
AT8901/2/3 Failed Unicast Requests Number of failed requests from server. 5.9 DHCP Server Commands This section describes the commands you to configure the DHCP server settings for the switch. DHCP uses UDP as its transport protocol and supports a number of features that facilitate in administration address allocations. 5.9.1 ip dhcp pool This command configures a DHCP address pool name on a DHCP server and enters DHCP pool configuration mode. 5.9.1.
AT8901/2/3 5.9.3.1 Default none Format client-name Mode DHCP Pool Config no client-name This command removes the client name. 5.9.4 Format no client-name Mode DHCP Pool Config default-router This command specifies the default router list for a DHCP client. {address1, are valid IP addresses, each made up of four decimal bytes ranging from 0 to 255. IP address 0.0.0.0 is invalid. address2… address8} 5.9.4.1 Default none Format default-router [....
AT8901/2/3 5.9.6.1 Default ethernet Format hardware-address Mode DHCP Pool Config no hardware-address This command removes the hardware address of the DHCP client. 5.9.7 Format no hardware-address Mode DHCP Pool Config host This command specifies the IP address and network mask for a manual binding to a DHCP client. Address and Mask are valid IP addresses; each made up of four decimal bytes ranging from 0 to 255. IP address 0.0.0.0 is invalid.
AT8901/2/3 ranging from 0 to 255. IP address 0.0.0.0 is invalid. Mask is the IP subnet mask for the specified address pool. The prefix-length is an integer from 0 to 32. 5.9.9.1 Default none Format network [{ | }] Mode DHCP Pool Config no network This command removes the subnet number and mask. 5.9.10 Format no network Mode DHCP Pool Config bootfile The command specifies the name of the default boot image for a DHCP client.
AT8901/2/3 One IP address is required, although one can specify up to eight addresses in one command line. Servers are listed in order of preference (address1 is the most preferred server, address2 is the next most preferred server, and so on). 5.9.12.1 Default none Format netbios-name-server
[...] Mode DHCP Pool Config no netbios-name-server This command removes the NetBIOS name server list. 5.9.AT8901/2/3 Mode 5.9.15 DHCP Pool Config option The option command configures DHCP Server options. The parameter specifies the DHCP option code and ranges from 1-254. The parameter specifies an NVT ASCII character string. ASCII character strings that contain white space must be delimited by quotation marks. The hex parameter specifies hexadecimal data. In hexadecimal, character strings are two hexadecimal digits. You can separate each byte by a period (for example, a3.4f.
AT8901/2/3 5.9.17.1 Format ip dhcp ping packets <0,2-10> Mode Global Config no ip dhcp ping packets This command prevents the server from pinging pool addresses and sets the number of packets to 0. 5.9.18 Default 0 Format no ip dhcp ping packets Mode Global Config service dhcp This command enables the DHCP server. 5.9.18.1 Default disabled Format service dhcp Mode Global Config no service dhcp This command disables the DHCP server. 5.9.
AT8901/2/3 5.9.20.1 no ip dhcp conflict logging This command disables conflict logging on DHCP server. 5.9.21 Format no ip dhcp conflict logging Mode Global Config clear ip dhcp binding This command deletes an automatic address binding from the DHCP server database. If “*” is specified, the bindings corresponding to all the addresses are deleted.
is a valid IP address made up of four decimal bytes ranging from 0 to 255. IP address 0.0.0.0 is invalid. 5.9.AT8901/2/3 5.9.25 show ip dhcp global configuration This command displays address bindings for the specific IP address on the DHCP server. If no IP address is specified, the bindings corresponding to all the addresses are displayed. Format show ip dhcp global configuration Modes Privileged EXEC User EXEC Service DHCP The field to display the status of dhcp protocol. Number of Ping Packets The maximum number of Ping Packets that will be sent to verify that an ip address id not already assigned.
AT8901/2/3 Automatic Bindings The number of IP addresses that have been automatically mapped to the MAC addresses of hosts that are found in the DHCP database. Expired Bindings The number of expired leases. Malformed Bindings The number of truncated or corrupted messages that were received by the DHCP server. Message Received: DHCP DISCOVER The number of DHCPDISCOVER messages the server has received. DHCP REQUEST The number of DHCPREQUEST messages the server has received.
AT8901/2/3 You can configure DHCP filtering on physical ports and LAGs. DHCP filtering is not operable on VLAN interfaces. 5.10.1 ip dhcp filtering This command enables DHCP filtering globally. 5.10.1.1 Default disabled Format ip dhcp filtering Mode Global Config no ip dhcp filtering This command disables DHCP filtering. 5.10.2 Format no ip dhcp filtering Mode Global Config ip dhcp filtering trust This command configures an interface as trusted. 5.10.2.
AT8901/2/3 AT8901/2/3 CLI Reference Manual Page 5 - 44
AT8901/2/3 Chapter 61 Management Commands Page 6 - 1 AT8901/2/3 CLI Reference Manual
Management Commands 6. AT8901/2/3 Management Commands This chapter describes the management commands available in the CLI. The Management Commands chapter contains the following sections: • • • • • • • • • • • • • • 6.1 “Network Interface Commands” on page 6 - 2 6.2 “Console Port Access Commands” on page 6 - 5 6.3 “Telnet Commands” on page 6 - 7 6.4 “Secure Shell (SSH) Command” on page 6 - 10 6.5 “User Account Commands” on page 6 - 12 6.6 “SNMP Commands” on page 6 - 16 6.
AT8901/2/3 6.1.3 Management Commands serviceport protocol This command specifies the network management port configuration protocol. If you modify this value, the change is effective immediately. If you use the bootp parameter, the switch periodically sends requests to a BootP server until a response is received. If you use the dhcp parameter, the switch periodically sends requests to a DHCP server until a response is received.
Management Commands 6.1.7.1 AT8901/2/3 Default burnedin Format network mac-type {local | burnedin} Mode Privileged EXEC no network mac-type This command resets the value of MAC address to its default. 6.1.8 Format no network mac-type Mode Privileged EXE show network This command displays configuration settings associated with the switch's network interface. The network interface is the logical interface used for in-band connectivity with the switch via any of the switch's front panel ports.
AT8901/2/3 6.1.9 Management Commands show serviceport This command displays service port configuration information. Format show serviceport Mode Privileged EXEC IP Address The IP address of the interface. The factory default value is 0.0.0.0 Subnet Mask The IP subnet mask for this interface. The factory default value is 0.0.0.0 Default Gateway The default gateway for this IP interface. The factory default value is 0.0.0.
Management Commands 6.2.3.1 AT8901/2/3 no serial baudrate This command sets the communication rate of the terminal interface. 6.2.4 Format no serial baudrate Mode Line Config serial timeout This command specifies the maximum connect time (in minutes) without console activity. A value of 0 indicates that a console can be connected indefinitely. The time range is 0 to 160. 6.2.4.
AT8901/2/3 6.3 Management Commands Telnet Commands This section describes the commands you use to configure and view Telnet settings. You can use Telnet to manage the device from a remote management host. 6.3.1 ip telnet server enable Use this command to enable Telnet connections to the system and to enable the Telnet Server Admin Mode. This command opens the Telnet listening port. 6.3.1.
Management Commands 6.3.3.1 AT8901/2/3 no transport input telnet Use this command to prevent new Telnet sessions from being established. 6.3.4 Format no transport input telnet Mode Line Config transport output telnet This command regulates new outbound Telnet connections. If enabled, new outbound Telnet sessions can be established until the system reaches the maximum number of simultaneous outbound Telnet sessions allowed.
AT8901/2/3 6.3.6.1 Management Commands no session-timeout This command sets the Telnet session timeout value to the default. The timeout value unit of time is minutes. 6.3.7 Format no session-timeout Mode Line Config telnetcon maxsessions This command specifies the maximum number of Telnet connection sessions that can be established. A value of 0 indicates that no Telnet connection can be established. The range is 0-5. 6.3.7.
Management Commands 6.3.9 AT8901/2/3 disconnect Use the disconnect command to close Telnet or SSH sessions. Use all to close all Telnet and SSH sessions, or use to specify the session ID to close. To view the possible values for , use the show loginsession command. 6.3.10 Format disconnect { | all} Mode Privileged EXEC show telnet This command displays the current outbound Telnet settings.
AT8901/2/3 6.4.1 Management Commands ip ssh Use this command to enable SSH access to the system. 6.4.1.1 Default disabled Format ip ssh Mode Privileged EXEC no ip ssh Use this command to disable SSH access to the system. 6.4.2 Format no ip ssh Mode Privileged EXEC ip ssh protocol This command is used to set or remove protocol levels (or versions) for SSH. Either SSH1 (1), SSH2 (2), or both SSH 1 and SSH 2 (1 and 2) can be set. 6.4.
Management Commands 6.4.4.1 AT8901/2/3 no sshcon maxsessions This command sets the maximum number of allowed SSH connection sessions to the default value. 6.4.5 Format no sshcon maxsessions Mode Privileged EXEC sshcon timeout This command sets the SSH connection session timeout value, in minutes. A session is active as long as the session has been idle for the value set. The time is a decimal value from 1 to 160.
AT8901/2/3 Management Commands NOTE: You cannot delete the admin user, and there is only one user allowed with read/write privileges. You can configure up to five read-only users on the system. 6.5.1 users name This command adds a new user account, if space permits. The account can be up to eight characters in length. You can use alphanumeric characters as well as the dash (‘-’) and underscore (‘_’). You can define up to six user names.
Management Commands 6.5.3 AT8901/2/3 users snmpv3 accessmode This command specifies the snmpv3 access privileges for the specified login user. The valid accessmode values are readonly or readwrite. The is the login user name for which the specified access mode applies. The default is readwrite for the “admin” user and readonly for all other users. You must enter the in the same case you used when you added the user. To see the case of the , enter the show users command.
AT8901/2/3 Management Commands If you select des, you can specify the required key on the command line. The encryption key must be 8 to 64 characters long. If you select the des protocol but do not provide a key, the user is prompted for the key. When you use the des protocol, the login password is also used as the snmpv3 encryption password, so it must be a minimum of eight characters. If you select none, you do not need to provide a key.
Management Commands AT8901/2/3 SNMPv3 Access Mode This field displays the SNMPv3 Access Mode. If the value is set to ReadWrite, the SNMPv3 user is able to set and retrieve parameters on the system. If the value is set to ReadOnly, the SNMPv3 user is only able to retrieve parameter information. The SNMPv3 access mode may be different than the CLI and Web access mode. SNMPv3 Authentication This field displays the authentication protocol to be used for the specified login user.
AT8901/2/3 Management Commands NOTE: Community names in the SNMP Community Table must be unique. When making multiple entries using the same community name, the first entry is kept and processed and all duplicate entries are ignored. 6.6.3.1 Default public and private, which you can rename default values for the remaining four community names are blank Format snmp-server community Mode Global Config no snmp-server community This command removes this community name from the table.
Management Commands 6.6.5.1 AT8901/2/3 no snmp-server community ipmask This command sets a client IP mask for an SNMP community to 0.0.0.0. The name is the applicable community name. The community name may be up to 16 alphanumeric characters. 6.6.6 Format no snmp-server community ipmask Mode Global Config snmp-server community mode This command activates an SNMP community.
AT8901/2/3 Management Commands NOTE: For other port security commands, see 2.6 “Protected Ports Commands” on page 2 - 30. 6.6.9.1 Default disabled Format snmp-server enable traps violation Mode Interface Config no snmp-server enable traps violation This command disables the sending of new violation traps. 6.6.10 Format no snmp-server enable traps violation Mode Interface Config snmp-server enable traps This command enables the Authentication Flag. 6.6.10.
Management Commands 6.6.12 AT8901/2/3 snmp-server enable traps linkmode This command enables Link Up/Down traps for the entire switch. When enabled, link traps are sent only if the Link Trap flag setting associated with the port is enabled. “snmp trap link-status” on page 6 - 22. 6.6.12.1 Default enabled Format snmp-server enable traps linkmode Mode Global Config no snmp-server enable traps linkmode This command disables Link Up/Down traps for the entire switch. 6.6.
AT8901/2/3 6.6.15 Management Commands snmptrap This command adds an SNMP trap receiver. The maximum length of is 16 case-sensitive alphanumeric characters. The is the version of SNMP. The version parameter options are snmpv1 or snmpv2. NOTE: The parameter does not need to be unique, however; the and pair must be unique. Multiple entries can exist with the same , as long as they are associated with a different .
Management Commands 6.6.18.1 AT8901/2/3 Format snmptrap mode Mode Global Config no snmptrap mode This command deactivates an SNMP trap. Disabled trap receivers are inactive (not able to receive traps). 6.6.19 Format no snmptrap mode Mode Global Config snmp trap link-status This command enables link status traps by interface. NOTE: This command is valid only when the Link Up/Down Flag is enabled. “snmp-server enable traps linkmode” on page 6 - 20. 6.6.19.
AT8901/2/3 6.6.22 Management Commands Format show snmpbind Mode Priviliged EXEC show snmpcommunity This command displays SNMP community information. Six communities are supported. You can add, change, or delete communities. The switch does not have to be reset for changes to take effect. The SNMP agent of the switch complies with SNMP Versions 1, 2 or 3. For more information about the SNMP specification, see the SNMP RFCs.
Management Commands 6.6.24 AT8901/2/3 show trapflags This command displays trap conditions. Configure which traps the switch should generate by enabling or disabling the trap condition. If a trap condition is enabled and the condition is detected, the SNMP agent on the switch sends the trap to all enabled trap receivers. You do not have to reset the switch to implement the changes. Cold and warm start traps are always generated and cannot be disabled.
AT8901/2/3 6.8 Management Commands Format no logging cli-command Mode Global Config RADIUS Commands This section describes the commands you use to configure the switch to use a Remote Authentication Dial-In User Service (RADIUS) server on your network for authentication and accounting. 6.8.1 radius accounting mode This command is used to enable the RADIUS accounting function. 6.8.1.
Management Commands 6.8.2.1 AT8901/2/3 Format radius server host {auth | acct} [] Mode Global Config no radius server host This command is used to remove the configured RADIUS authentication server or the RADIUS accounting server. If the 'auth' token is used, the previously configured RADIUS authentication server is removed from the configuration. Similarly, if the 'acct' token is used, the previously configured RADIUS accounting server is removed from the configuration.
AT8901/2/3 Management Commands command will become the new primary server. The IP address must match that of a previously configured RADIUS authentication server. 6.8.6 Format radius server primary Mode Global Config radius server retransmit This command sets the maximum number of times a request packet is re-transmitted when no response is received from the RADIUS server. The retries value is an integer in the range of 1 to 15. 6.8.6.
Management Commands AT8901/2/3 Number of configured servers The configured IP address of the authentication server. Max number of retransmits The configured value of the maximum number of times a request packet is retransmitted. Timeout Duration The configured timeout value, in seconds, for request re-transmissions. Accounting Mode Yes or No. If you use the [servers] keyword, the following information displays: IP Address IP Address of the configured RADIUS server. Port The port in use by this server.
AT8901/2/3 Responses Management Commands The number of RADIUS packets received on the accounting port from this server. Malformed Responses The number of malformed RADIUS AccountingResponse packets received from this server. Malformed packets include packets with an invalid length. Bad authenticators and unknown types are not included as malformed accounting responses.
Management Commands AT8901/2/3 Malformed Access Responses The number of malformed RADIUS AccessResponse packets received from this server. Malformed packets include packets with an invalid length. Bad authenticators or signature attributes or unknown types are not included as malformed access responses. Bad Authenticators The number of RADIUS Access-Response packets containing invalid authenticators or signature attributes received from this server.
AT8901/2/3 Management Commands authentication and encryption key for all TACACS communications between the switch and the TACACS+ server. This key must match the key used on the TACACS+ daemon. 6.9.2.1 Format tacacs-server key Mode Global Config no tacacs-server key Use the no tacacs-server key command to disable the authentication and encryption key for all TACACS+ communications between the switch and the TACACS+ daemon.
Management Commands 6.9.6 AT8901/2/3 Format port Mode TACACS Config priority Use the priority command in TACACS Configuration mode to specify the order in which servers are used, where 0 (zero) is the highest priority. The parameter specifies the priority for servers. The highest priority is 0 (zero), and the range is 0 - 65535. 6.9.
AT8901/2/3 Management Commands You should use scripts on systems with default configuration; however, you are not prevented from applying scripts on systems with non-default configurations. Scripts must conform to the following rules: • • • • The file extension must be “.scr”. A maximum of ten scripts are allowed on the switch. The combined size of all script files on the switch shall not exceed 2048 KB. The maximum number of configuration file command lines is 2000.
Management Commands 6.10.3 AT8901/2/3 script delete This command deletes a specified script where the parameter is the name of the script to delete. The option deletes all the scripts present on the switch. 6.10.4 Format script delete { | all} Mode Privileged EXEC script list This command lists all scripts present on the switch as well as the remaining available space. Format script list Mode Global Config Configuration Script Name of the script. Size 6.10.
AT8901/2/3 Management Commands Format copy //> nvram:clibanner copy nvram:clibanner //> Mode 6.11.2 Privileged EXEC set prompt This command changes the name of the prompt. The length of name may be up to 64 alphanumeric characters. Format set prompt Mode Privileged EXEC 6.12 Bootcycle commands 6.12.
Management Commands 6.13.1 AT8901/2/3 show watchdog This command displays the watchdog settings. It displays the values (or string “disabled”) of different watchdog (during BIST, during loading of kernel and INITRD, during startup of switching application and during normal execution of switching application) and the heartbeat of the fpmux application. 6.13.2 Format show watchdog Mode Privileged EXEC set watchdog This command configures the watchdog.
AT8901/2/3 6.14.3 Management Commands download asi srom This command downloads an ASI image from URL and flashes the SROM with the new image.
Management Commands AT8901/2/3 CLI Reference Manual AT8901/2/3 Page 6 - 38
AT8901/2/3 Getting Help Appendix A Getting Help Page A - 1 AT8901/2/3 CLI Reference Manual
Getting Help A. AT8901/2/3 Getting Help If at any time you encounter difficulties with your application or with any of our products, or if you simply need guidance on system setups and capabilities, contact our Technical Support at: North America EMEA Tel.: (450) 437-5682 Tel.: +49 (0) 8341 803 xxx Fax: (450) 437-8053 Fax: +49 (0) 8341 803 xxx If you have any questions about Kontron, our products, or services, visit our Web site at: www.kontron.
AT8901/2/3 Getting Help RETURNING DEFECTIVE MERCHANDISE Before returning any merchandise please do one of the following if your product malfunctions: • Call 1. Call our Technical Support department in North America at (450) 437-5682 and in EMEA at +49 (0) 8341 803 xxx. Make sure you have the following on hand: our Invoice #, your Purchase Order #, and the Serial Number of the defective unit. 2.
Getting Help AT8901/2/3 WHEN RETURNING A UNIT • In the box, you have to include the name and telephone number of a person whom we can contact for further explanations if necessary when returning goods. Where applicable, always include all duty papers and invoice(s) associated with the item(s) in question. • Ensure that the unit is properly packed. Pack it in a rigid cardboard box. • Clearly write or mark the RMA number on the outside of the package you are returning. • Ship prepaid.
Return to Manufacturer Authorization Request Contact Name: __________________________________________________________ Company Name: __________________________________________________________ Street Address: __________________________________________________________ City: ________________________ Province/State: Country: ________________________ Postal/Zip Code: _______________________ Phone Number: ________________________ Extension: _______________________ Fax Number: ______________________
Getting Help AT8901/2/3 CLI Reference Manual AT8901/2/3 Page A - 6
AT8901/2/3 Appendix B List of Commands AT8901/2/3 CLI Reference Manual
AT8901/2/3 A.
AT8901/2/3 class-map class-map rename classofservice dot1p-mapping classofservice ip-dscp-mapping classofservice ip-precedence-mapping classofservice trust clear arp-cache clear board event-log clear config clear counters clear dot1x statistics clear igmpsnooping clear ip dhcp binding clear ip dhcp conflict clear ip dhcp server statistics clear lldp remote-data clear lldp statistics clear pass clear port-channel clear radius statistics clear traplog clear vlan CLI Error Messages CLI Line-Editing Convention
AT8901/2/3 distribute-list out (OSPF) distribute-list out (RIP) dns-server domain-name dos-control firstfrag dos-control icmp dos-control l4port dos-control sipdip dos-control tcpflag dos-control tcpfrag dot1x defaultlogin dot1x initialize dot1x login dot1x max-req dot1x port-control dot1x port-control all dot1x re-authenticate dot1x re-authentication dot1x system-auth-control dot1x timeout dot1x user download {kernel | initrd} download application download asi srom download bootloader download frudata dow
AT8901/2/3 ip dhcp excluded-address ip dhcp filtering ip dhcp filtering trust ip dhcp ping packets ip dhcp pool ip forwarding ip irdp ip irdp address ip irdp holdtime ip irdp maxadvertinterval ip irdp minadvertinterval ip irdp preference ip mtu ip netdirbcast ip ospf ip ospf areaid ip ospf authentication ip ospf cost ip ospf dead-interval ip ospf hello-interval ip ospf mtu-ignore ip ospf priority ip ospf retransmit-interval ip ospf transmit-delay ip proxy-arp ip rip ip rip authentication ip rip receive ver
AT8901/2/3 license advanced lineconfig lldp notification lldp notification-interval lldp receive lldp timers lldp transmit lldp transmit-mgmt lldp transmit-tlv logging buffered logging buffered wrap logging cli-command logging console logging host logging host remove logging port logging syslog logout mac access-group mac access-list extended mac access-list extended rename macfilter macfilter addsrc macfilter addsrc all mark cos mark ip-dscp mark ip-precedence match any match class-map match cos match des
AT8901/2/3 mode dot1q-tunnel mode dvlan-tunnel monitor session mtu netbios-name-server netbios-node-type network (DHCP Pool Config) network mac-address network mac-type network mgmt_vlan network parms network protocol next-server no 1583compatibility no access-list no acl-trapflags no area nssa no area range no area stub no area stub no-summary no area virtual-link no area virtual-link authentication no area virtual-link dead-interval no area virtual-link hello-interval no area virtual-link retransmit-inte
AT8901/2/3 no classofservice dot1p-mapping no classofservice ip-dscp-mapping no classofservice ip-precedence-mapping no classofservice trust no client-identifier no client-name no cos-queue min-bandwidth no cos-queue strict no default-information originate (OSPF) no default-information originate (RIP) no default-metric (OSPF) no default-metric (RIP) no default-router no diffserv no distance ospf no distance rip no distribute-list out no distribute-list out no dns-server no domain-name no dos-control firstf
AT8901/2/3 no ip dhcp filtering no ip dhcp filtering trust no ip dhcp ping packets no ip dhcp pool no ip forwarding no ip irdp no ip irdp address no ip irdp holdtime no ip irdp maxadvertinterval no ip irdp minadvertinterval no ip irdp preference no ip mtu no ip netdirbcast no ip ospf no ip ospf authentication no ip ospf cost no ip ospf dead-interval no ip ospf hello-interval no ip ospf mtu-ignore no ip ospf priority no ip ospf retransmit-interval no ip ospf transmit-delay no ip proxy-arp no ip rip no ip ri
AT8901/2/3 no lldp transmit no lldp transmit-mgmt no lldp transmit-tlv no logging buffered no logging buffered wrap no logging cli-command no logging console no logging port no logging syslog no mac access-group no mac access-list extended no macfilter no macfilter addsrc no macfilter addsrc all no match class-map no maximum-paths no mode dot1q-tunnel no mode dvlan-tunnel no monitor no monitor session no mtu no netbios-name-server no netbios-node-type no network no network mac-type no network mgmt_vlan no
AT8901/2/3 no radius server timeout no redistribute no redistribute no routing no serial baudrate no serial timeout no service dhcp no service-policy no session-limit no session-timeout no set bootstopkey no set garp timer join no set garp timer leave no set garp timer leaveall no set gmrp adminmode no set gmrp interfacemode no set gvrp adminmode no set gvrp interfacemode no set igmp no set igmp fast-leave no set igmp groupmembership-interval no set igmp interfacemode no set igmp maxresponse no set igmp mc
AT8901/2/3 no sntp server no sntp unicast client poll-interval no sntp unicast client poll-retry no sntp unicast client poll-timeout no spanning-tree no spanning-tree configuration name no spanning-tree configuration revision no spanning-tree edgeport no spanning-tree forceversion no spanning-tree forward-time no spanning-tree hello-time no spanning-tree max-age no spanning-tree max-hops no spanning-tree mst no spanning-tree mst instance no spanning-tree mst priority no spanning-tree mst vlan no spanning-t
AT8901/2/3 no users name no users passwd no users snmpv3 accessmode no users snmpv3 authentication no users snmpv3 encryption no vlan no vlan acceptframe no vlan association mac no vlan association subnet no vlan ingressfilter no vlan name no vlan port acceptframe all no vlan port ingressfilter all no vlan port pvid all no vlan port tagging all no vlan protocol group add protocol no vlan pvid no vlan routing no vlan tagging option ping police-simple policy-map policy-map rename port port lacpmode port lacp
AT8901/2/3 radius server primary radius server retransmit radius server timeout redirect redistribute (OSPF) redistribute (RIP) reload router ospf router rip router-id (OSPF) routing script apply script apply nointerl.
AT8901/2/3 set prompt set watchdog show access-lists show arp show arp brief show arp switch show arp switch show asi register show atca ekeying show authentication show authentication users show boardinfo address show boardinfo amc connection show boardinfo amc fru show boardinfo bootcycle show boardinfo event-log show boardinfo fcap show boardinfo fru show boardinfo ipmidev show boardinfo led show boardinfo post-status show boardinfo routing show boardinfo sensors show boardinfo update-status show boardi
AT8901/2/3 show igmpsnooping show igmpsnooping mrouter interface show igmpsnooping mrouter vlan show interface show interface ethernet show interfaces cos-queue show interfaces switchport show ip access-lists show ip brief show ip dhcp binding show ip dhcp conflict show ip dhcp filtering show ip dhcp global configuration show ip dhcp pool configuration show ip dhcp server statistics show ip interface show ip interface brief show ip irdp show ip ospf show ip ospf area show ip ospf border-routers show ip osp
AT8901/2/3 show lldp show lldp interface show lldp local-device show lldp local-device detail show lldp remote-device show lldp remote-device detail show lldp statistics show logging show logging backtrace show logging buffered show logging hosts show logging traplogs show loginsession show mac access-lists show mac-address-table gmrp show mac-address-table igmpsnooping show mac-address-table multicast show mac-address-table static show mac-address-table staticfiltering show mac-address-table stats show ma
AT8901/2/3 show spanning-tree show spanning-tree brief show spanning-tree interface show spanning-tree mst port detailed show spanning-tree mst port summary show spanning-tree mst summary show spanning-tree summary show spanning-tree vlan show startupconfig show storm-control show switchport protected show sysinfo show tacacs show tech-support show telnet show telnetcon show trapflags show users show users authentication show version show vlan show vlan association mac show vlan association subnet show vla
AT8901/2/3 snmptrap mode snmptrap snmpversion sntp broadcast client poll-interval sntp client mode sntp client port sntp multicast client poll-interval sntp server sntp unicast client poll-interval sntp unicast client poll-retry sntp unicast client poll-timeout spanning-tree spanning-tree bpdumigrationcheck spanning-tree configuration name spanning-tree configuration revision spanning-tree edgeport spanning-tree forceversion spanning-tree forward-time spanning-tree hello-time spanning-tree max-age spanning
AT8901/2/3 switchport protected (Global Config) switchport protected (Interface Config) tacacs-server host tacacs-server key tacacs-server timeout telnet telnetcon maxsessions telnetcon timeout timeout timers spf traceroute traffic-shape transport input telnet transport output telnet trapflags (OSPF) users defaultlogin users login users name users passwd users snmpv3 accessmode users snmpv3 authentication users snmpv3 encryption vlan vlan acceptframe vlan association mac vlan association subnet vlan databa