Go to page of
Similar user manuals
-
Switch
Enterasys Networks V2H124-24P
68 pages 1.53 mb -
Switch
Enterasys Networks B3G124-24P
80 pages 2.16 mb -
Switch
Enterasys Networks A2H124-48P
82 pages 2.73 mb -
Switch
Enterasys Networks 6H302-48
58 pages 0.64 mb -
Switch
Enterasys Networks 9033989-06
90 pages 2.01 mb -
Switch
Enterasys Networks 2H252-25R
64 pages 1.2 mb -
Switch
Enterasys Networks 700
182 pages 1.68 mb -
Switch
Enterasys Networks G3G170-24
70 pages 3.42 mb
A good user manual
The rules should oblige the seller to give the purchaser an operating instrucion of Enterasys Networks D2G124-12P, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.
What is an instruction?
The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Enterasys Networks D2G124-12P one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.
Unfortunately, only a few customers devote their time to read an instruction of Enterasys Networks D2G124-12P. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.
What should a perfect user manual contain?
First and foremost, an user manual of Enterasys Networks D2G124-12P should contain:
- informations concerning technical data of Enterasys Networks D2G124-12P
- name of the manufacturer and a year of construction of the Enterasys Networks D2G124-12P item
- rules of operation, control and maintenance of the Enterasys Networks D2G124-12P item
- safety signs and mark certificates which confirm compatibility with appropriate standards
Why don't we read the manuals?
Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Enterasys Networks D2G124-12P alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Enterasys Networks D2G124-12P, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Enterasys Networks service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Enterasys Networks D2G124-12P.
Why one should read the manuals?
It is mostly in the manuals where we will find the details concerning construction and possibility of the Enterasys Networks D2G124-12P item, and its use of respective accessory, as well as information concerning all the functions and facilities.
After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.
Table of contents for the manual
-
Page 1
Enterasys ® D-Series Ether net Switches CLI Reference Firmware V ersion 1.0.xx P/N 903439 4[...]
-
Page 2
[...]
-
Page 3
Notice Enterasys Networks reserves the right to make changes in spec ifications and other information contained in this document and its web si te without prior notice. The reader should in all cases consult Enterasys Netw[...]
-
Page 4
ENTERASYS NETWORKS, INC. FIRMWARE LICENSE AGREEMENT BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY READ THIS LICENSE AGREEMENT. This document is an agreement (“ Agreement”) betwee n the end user (“Y ou”) and Enterasys Networks, Inc., on behalf of itself [...]
-
Page 5
If the Program is exported from the United Stat es pursuant to the License Ex ception TSR und er the U.S. Export Administration Regulations, in addition to the restriction on transfer set forth in Section 1 or 2 ?[...]
-
Page 6
10. ENFORCEMENT. You ac knowledge and agree that any breach of Sections 2, 4, or 9 of this Ag reement by You may cause Enterasys irreparable damage for which recovery of money damages would be inadequate, and that [...]
-
Page 7
i Contents About This Guide Using This Guide ................ ............. ................ ............. ................ ............. ................ ....... ............... ............. ... xxi Structure of This Guide .......... ............. ................ ............. ................ ............. ................ ...... ..............[...]
-
Page 8
ii set banner motd ...... ................ ............. ................ ................ ............. ................ ............. ... ................ 2-21 clear banner motd ... ................ ............. ................ ................ ............. ................ ............. .... ............... 2-21 show version .................[...]
-
Page 9
iii set tftp timeout ........ ............. ................ ............. ................ ............. ................ ................ ...... ............. 2-47 clear tftp timeout ........... ............. ................ ............. ................ ................ ............. ........... .................. 2-47 set tftp retry .........[...]
-
Page 10
iv Disabling / Enabling and Naming Ports ........ ................... ................ ................... ................. .......... ...... ........... 4-7 Purpose ........... ............. ................ ............. ................ ............. ................ ............. ........ .............. ............... 4-7 Commands ...........[...]
-
Page 11
v Purpose ........... ............. ................ ............. ................ ............. ................ ............. ........ .............. ............. 4-31 Commands ............... ............. ................. ............ ................. ............. ................ ............... ................. ...... 4-31 show port mir[...]
-
Page 12
vi clear snmp community ......................... ............. ................ ............. ................ ............. ........... ........... 5-14 Configuring SNMP Access Rights ...... ............. ................ ............. ................ ............. ................ ... ................ 5-15 Purpose ........... ............. ....[...]
-
Page 13
vii set spantree version ............... ................ ............. ................ ............. ................ ............. ..... ................ 6-8 clear spantree version ............... ................ ............. ................ ............. ................ ............. ... ............... 6-8 show spantree bpdu-forwarding ...[...]
-
Page 14
viii set spantree adminpathcost ...................... .................... ................ ................... ................ ........ ..... ... 6-36 clear spantree adminpathcos t ................... ................ ................. ............ ................. ............ ...... ....... 6-36 show spantree adminedge ........ .......... ...[...]
-
Page 15
ix Configuring the VLAN Egress List ... ................ ............. ............. ................ ............. ................ .... .................. 7-12 Purpose ........... ............. ................ ............. ................ ............. ................ ............. ........ .............. ............. 7-12 Commands .........[...]
-
Page 16
x show diffserv service stats ................... ................ ............. ................ ................ ............. ....... ............ 8-15 set diffserv service ........ ............. ................ ............. ................ ............. ................ ............ ................. 8-16 DiffServ Configuration Examples ....[...]
-
Page 17
xi Configuring Priority to Transmit Queue Mapping ......................... ............. ................ ................ .......... ......... 10-4 Purpose ........... ............. ................ ............. ................ ............. ................ ............. ........ .............. ............. 10-4 Commands ............... .....[...]
-
Page 18
xii ping .. ............. ................ ................ ............. ................ ............. ................ ............. ..... ...................... 12-13 show users ................ ................ ............. ................ ................ ............. ................ ........... ............... . 12-13 disconnect .... ...[...]
-
Page 19
xiii clear rmon history ............ ............. ................ ............. ................. ............ ................. ......... ................ 13-7 Alarm Group Commands ................. ............. ................ ............. ................ ............. ................ .. .............. ...... 13-7 Purpose ........... .....[...]
-
Page 20
xiv set dhcp pool network ... ............. ................ ................ ............. ................ ............. ................ .......... . 14-13 clear dhcp pool network ... ................. ............ ................. ............. ................ ................ .......... .......... 14-13 set dhcp pool hardware-address .. ....[...]
-
Page 21
xv show macauthentication ...................... ............. ................ ............. ................ ............. ............ ........ 15-20 show macauthentication sess ion ............ ................ ............. ................ ............. ................ ........... ... 15-21 set macauthentication ... .......... ... ..........[...]
-
Page 22
xvi set maclock firstarrival .. .................... ............ ............. ................. ............ ................. .......... ............ . 15-53 clear maclock first arrival ............ ................ ............. ................ ............. ................ ............. .. ............ 1 5-54 set maclock agefirstarrival ....[...]
-
Page 23
xvii 2-6 show system Output Details ...... ................... .......... ................ ................ ............. ................ .. ........... 2-12 2-7 show version Output Details ............. ............ ................. ............. ................ ............. ............. ............ 2-22 3-8 show cdp Output Details .. .... .[...]
-
Page 24
xviii[...]
-
Page 25
D-Series CLI Reference xxi About This Guide We l c o m e to the Enterasys Network s D ‐ Series CLI Reference . This manual explains how to access the device ’ s Command Li ne Inte rface (CLI) and how to us e it to configure D ‐ Series ?[...]
-
Page 26
Related Documents xxii About This Guide Chapter 6 , Spanning Tr e e Configur ation , describes how to review and set Spanning Tr e e bridge parameters for the device, including bridge priority , hello time, maximum aging time and forw ard del[...]
-
Page 27
Conventions Used in This Guide D-Series CLI Reference xxiii Conventions Used in This Guide The following conventions are used in the text of this document: The following icons are used in this guide: Getting Help For additional support related to this switch[...]
-
Page 28
Getting Help xxiv About This Guide Before calling Enterasys Networks, have the following information ready: •Y o u r Enterasys Networks service contract number •A description of the failure •A description of any action(s) already take n to [...]
-
Page 29
D-Series CLI Reference 1-1 1 Introduction This chapter provides an ov erview of the D ‐ Series’ uniqu e features and functionality , an over view of the tasks that may be accomplished using the CLI interface, an ov erview of way s [...]
-
Page 30
Factory Default Settings 1-2 Introduction • Remotely using We b V i e w ™ , Enterasys Netw orks’ embedded web server application. The Installation Gui de for your D ‐ Series device provides setup instructions for connecting a terminal or modem to[...]
-
Page 31
Factory Default Settings D-Series CLI Reference 1-3 Link aggregation flow regeneration Disabled. Link aggregation system priority Set to 32768 for all ports. Link aggregation outport algorithm Set to DIP-SIP . Lockout Set to disable Read-Write and Read -Onl y users, and to lockout the default admin (Super User) account for 15 minutes, after 3 faile[...]
-
Page 32
Factory Default Settings 1-4 Introduction S panning Tree edge port administrative status Edge port administrative status begins with the value set to fals e initially after the device is powered up. If a S panning T ree BDPU is not rece ived on the port within a few seconds, the status setting changes to true . S panning Tree edge port delay Enable[...]
-
Page 33
Using the Command Line Interface D-Series CLI Reference 1-5 Using the Command Line Interface S t arting a CLI Session Connecting Using th e Console Port Connect a terminal to the local console port as described in your D ‐ Series Installation Guide . The startup screen, Figur[...]
-
Page 34
Using the Command Line Interface 1-6 Introduction Refer to the instructions included with the Te l n e t application for information about establishing a Te l n e t session. Logging In By default, the D ‐ Series switch is configured with three user [...]
-
Page 35
Using the Command Line Interface D-Series CLI Reference 1-7 Figure 1-2 Samp le CLI Default s Description CLI Command Modes Each command description in this guide includes a section entitled “Mode” which states whether the command is executable in Admin (Super Us[...]
-
Page 36
Using the Command Line Interface 1-8 Introduction Displaying Scrolling Screens If the CLI screen length has be en set using the set length command as described on page 2 ‐ 25 , CLI output requiring more than one screen will disp lay --More-[...]
-
Page 37
Using the Command Line Interface D-Series CLI Reference 1-9 Basic Line Editing Commands The CLI supports EMACs ‐ like line editing commands. Ta b l e 1 ‐ 2 lists some commonly used commands. T able 1-2 Basic Line Editing Commands Key Sequence Command Ctrl+A Move cursor to beginning of line. Ct[...]
-
Page 38
Using the Command Line Interface 1-10 Introduction[...]
-
Page 39
D-Series CLI Reference 2-1 2 Basic Configuration At startup, the D ‐ Series switch is configured wi th many defaul ts and standard features. This chapter describes how to customize basic system settings to adapt to you r wo rk envir onment.[...]
-
Page 40
Setting User Accounts and Passwords 2-2 Basic Configuration Setting User Account s and Passwords Purpose To change the switch’ s default user login and passw ord setti ngs, and to add new user accounts and passwords. Commands The commands used to configure use[...]
-
Page 41
show system login D-Series CLI Reference 2-3 show system login Use this command to display user login account information. Synt ax show system login Parameters None. Default s None. Mode Switch command, super user . Example This example shows how to display login account in[...]
-
Page 42
set system login 2-4 Basic Configuration set system login Use this command to create a new user login account, or to disable or enable an ex isting account. The D ‐ Series switch supports up to 16 user accounts, incl uding the admin[...]
-
Page 43
set password D-Series CLI Reference 2-5 Example This example shows how to remove the “netops” user account: D2(su)->clear system login n etops set p assword Use this command to change system default passwords or to set a new login passw ord on [...]
-
Page 44
set system password length 2-6 Basic Configuration set system p assword length Use this command to set the minimum user login password length. Synt ax set system password length characters Parameters Default s None. Mode Switch command, super user . Example This example shows how t[...]
-
Page 45
set system password history D-Series CLI Reference 2-7 set system p assword history Use this command to set the number of previously used user login passwords that will be checked for password duplication. This prev ents duplicate passwords from bein[...]
-
Page 46
Setting Basic Switch Properties 2-8 Basic Configuration Setting Basic Switch Properties Purpose To display and set the syste m IP address and other basic system (switch) properties. Commands The commands used to set basic sys tem information are listed below[...]
-
Page 47
show ip address D-Series CLI Reference 2-9 show ip address Use this command to display the system IP address and subnet mask. Synt ax show ip address Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows how to display the syst[...]
-
Page 48
clear ip address 2-10 Basic Configuration Parameters Default s If not s pecified, ip ‐ mask will be set to the natural mask of the ip ‐ address and ip ‐ gateway will be set to the ip ‐ address . Mode Switch command, read ‐ write. Usage Pa r a m te [...]
-
Page 49
show ip protocol D-Series CLI Reference 2-11 show ip protocol Use this command to display the method used to acquire a netw ork IP address for swi tch management. Synt ax show ip protocol Parameters None. Default s None. Mode Switch command, read ‐ only . Example This exa[...]
-
Page 50
show system 2-12 Basic Configuration show system Use this command to display system information, including contact information, pow er and fan tray status and uptime. Synt ax show system Parameters None. Default s None. Mode Switch command, read ‐ only . Example This exam[...]
-
Page 51
show system hardware D-Series CLI Reference 2-13 show system hardware Use this command to display the system’ s hardware c onfiguration. Synt ax show system hardware Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows how to display the ?[...]
-
Page 52
show system utilization 2-14 Basic Configuration Parameters Default s None. Mode Switch command, read ‐ only . Examples This example shows how to display the system’ s CPU utilization: D2(ro)->show system utilizat ion cpu Total CPU Utilization: Switch CPU 5 sec 1 min 5 min -------------------------[...]
-
Page 53
show system enhancedbuffermode D-Series CLI Reference 2-15 show system enhancedbuffermode Use this command to display the status of enhanced buffer mode, which optimizes buffer distribution for si ngle CoS queue operation. Synt ax show system enhancedbuffermo de Parameters [...]
-
Page 54
show time 2-16 Basic Configuration show time Use this command to display the current time of day in the sy stem clock. Synt ax show time Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows how to display the current ?[...]
-
Page 55
show summertime D-Series CLI Reference 2-17 show summertime Use this command to display daylight savings time settings. Synt ax show summertime Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows how to display daylight savings time [...]
-
Page 56
set summertime date 2-18 Basic Configuration set summertime date Use this command to configure specific dates to start and stop daylight sa vings time. These settings will be non ‐ recurring and will hav e to be reset annually . Synt ax set summert[...]
-
Page 57
clear summertime D-Series CLI Reference 2-19 Default s If an offset is not spe cified, none will be applied. Mode Switch command, read ‐ write. Example This example shows how set daylight savings time to recur starting on the fi rst Sunday of ?[...]
-
Page 58
set prompt 2-20 Basic Configuration set prompt Use this command to modify the command prompt. Synt ax set prompt prompt_string Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to set the command prompt to Switch 1: D2(su)-&g[...]
-
Page 59
set banner motd D-Series CLI Reference 2-21 set banner mot d Use this command to set the banner message of the day display ed at session login. Synt ax set banner motd message Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how [...]
-
Page 60
show version 2-22 Basic Configuration Example This example shows how to clear the message of the day banner to a blank string: D2(rw)->clear banner motd show version Use this command to display hardware and firmware information. Refer to “ D[...]
-
Page 61
set system name D-Series CLI Reference 2-23 set system name Use this command to configure a name for the syst em. Synt ax set system name [ string ] Parameters Default s If string is not specif ied, the system name will be cleared. Mode Switch command, read ‐ writ[...]
-
Page 62
set system con tact 2-24 Basic Configuration set system cont act Use this command to identify a contact person for the system. Synt ax set system contact [ string ] Parameters Default s If string is not specif ied, the contact name will be cleared. Mode Switch comma[...]
-
Page 63
set length D-Series CLI Reference 2-25 Example This example shows how to set the terminal columns to 50: D2(su)->set width 50 set length Use this command to set the number of lines the CLI will display . This command is persistent (written[...]
-
Page 64
set logout 2-26 Basic Configuration Example This example shows how to display the CLI logout setting: D2(su)->show logout Logout currently set to: 10 minutes. set logout Use this command to set the time (in minutes) an idle console or Te l n e t CLI s[...]
-
Page 65
set console baud D-Series CLI Reference 2-27 Mode Switch command, read ‐ only . Example This example shows how to display all console settings: D2(su)->show console Baud Flow Bits StopB its Parity ------ ------- ---- ----- ----- ------ 9600 Disable 8 1 none set console baud Use this command t[...]
-
Page 66
set license 2-28 Basic Configuration License Key Field Descriptions When Enterasys supplies a license, it wil l be sent to you as a character string similar to the following: INCREMENT D2Policy 2006.0127 27-jan-2011 0123456789AB 0123456789AB The contents of the [...]
-
Page 67
show license D-Series CLI Reference 2-29 Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to activate a permanent license ke y on the switch wi th serial number 075103099041 . In this example, the sw itch is [...]
-
Page 68
clear license 2-30 Basic Configuration Usage Licenses can be displ ayed, applied, and cleared only with the license commands described in this chapter . General configuration commands such as show config or clear config do not affect [...]
-
Page 69
show inlinepower D-Series CLI Reference 2-31 Commands The commands used to review and set system pow er parameters are listed below . show inlinepower Use this command to display system power properties. Synt ax show inlinepower Parameters None. Default s None. Mode Switch [...]
-
Page 70
set inlinepower trap 2-32 Basic Configuration Default s None. Mode Switch command, read ‐ write. Example This example shows how to set the pow er threshold to 50 : D2(su)->set inlinepower thre shold 50 set inlinepower trap Use this command to enable or disable the [...]
-
Page 71
set port inlinepower D-Series CLI Reference 2-33 Example This example shows how to display PoE information for port ge.2.1 . In this case, the port’ s administrative state, Po E priority and class have not been changed from def ault va [...]
-
Page 72
Downloading a Firmware Image 2-34 Basic Configuration –H y p e r T e r m i n a l Copyright 1999 –T e r a Te r m Pro Ve r s i o n 2.3 Any other terminal applications may wor k but are not explicitly supported. The D2 switch allows you to download and [...]
-
Page 73
Downloading a Firmware Image D-Series CLI Reference 2-35 3. T ype 2 . The following baud rate sel ection screen displays: 1 - 1200 2 - 2400 3 - 4800 4 - 9600 5 - 19200 6 - 38400 7 - 57600 8 - 115200 0 - no change 4. T ype 8 to set the switch baud rate to 115200. The followi[...]
-
Page 74
Reviewing and Selecting a Boot Firmware Image 2-36 Basic Configuration Reverting to a Previous Image In the event that you need to downgrade to a previous vers i on of code, you can do so by completing the following steps described in this chapte[...]
-
Page 75
set boot system D-Series CLI Reference 2-37 Example This example shows how to display the switch’ s boot fi rmware image: D2(su)->show boot system Current system image to boot : bootfile set boot system Use this command to set the firmware image the switch loads ?[...]
-
Page 76
show telnet 2-38 Basic Configuration show telnet Use this command to display the status of Te l n e t on the switch. Synt ax show telnet Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows how to display Te l n e t status: D2[...]
-
Page 77
telnet D-Series CLI Reference 2-39 telnet Use this command to start a Te l n e t connection to a remote host. The D ‐ Series switch allows a total of four inbound and / or outbound Te l n e t session to run simult aneously . Synt ax[...]
-
Page 78
show snmp persistmode 2-40 Basic Configuration Purpose To set and view the persisten ce mode for CLI configuration commands, manually sa ve the running configuration, view , manage, and execu te configuration file s and image fi les, and set [...]
-
Page 79
set snmp persistmode D-Series CLI Reference 2-41 saved. In order to make configurat ion changes persistent when the mode is manual, the save config command must be issued as described in “ Configuration Pe r s i st e nc e Mode ” on pa ge [...]
-
Page 80
dir 2-42 Basic Configuration Default s None. Mode Switch command, read ‐ write. Example This example shows how to save the run ning configuration: D2(su)->save config dir Use this command to list configuration and image files stored in the file system. [...]
-
Page 81
show file D-Series CLI Reference 2-43 Files: Size ============================ ==== ======== configs: SSH 8293 baserouter_dec 4197 baserouter_jan 8293 baserouter_mar 8293 baserouter_apr 8293 logs: current.log 90129 show file Use this command to display the contents of a file. Synt ax show file filename Parameters[...]
-
Page 82
show config 2-44 Basic Configuration show config Use this command to display the system configuration or write the configuration to a file . Synt ax show config [ all | facility ] [ outfile { configs/ filen ame }] Parameters Default s By default, show config will display ?[...]
-
Page 83
configure D-Series CLI Reference 2-45 configure Use this command to execute a previously downloaded configuration file stored on the switch. Synt ax configure filename [ append ] Parameters Default s If append is not spec ified, the current running configuration [...]
-
Page 84
delete 2-46 Basic Configuration Examples This example shows how to download an image via TFTP: D2(su)->copy tftp://10.1.192 .34/version01000 system:image This example shows how to download a configuration file to the configs directory: D2(su)->copy tftp://[...]
-
Page 85
set tftp timeout D-Series CLI Reference 2-47 Usage The TFTP timeout val u e can be set with the set tftp timeout command. The TFTP retry va lu e can be set with the set tftp retry command. Example This example shows the output of [...]
-
Page 86
set tftp retry 2-48 Basic Configuration Mode Switch command, read ‐ write. Example This example shows how to clear the timeout va l u e to the default of 2 seconds. D2(rw)-> clear tftp timeout set t ftp retry Use this command to configure how many times[...]
-
Page 87
Clearing and Closing the CLI D-Series CLI Reference 2-49 Example This example shows how to clear the retry va l ue to the default of 5 ret ries. D2(rw)-> clear tftp retry Clearing and Closing the CLI Purpose To clear the CLI screen or to close your CLI ?[...]
-
Page 88
Resetting the Switch 2-50 Basic Configuration Parameters None. Default s None. Mode Switch command, read ‐ only . Usage By default, switch timeout occurs after 15 minutes of user inactivity , automatically closing yo u r CLI session. Use the set logout command[...]
-
Page 89
clear config D-Series CLI Reference 2-51 Examples This example shows how to reset the system: D2(su)->reset This command will reset all modules and may disconnect your telnet se ssion. Do you want to continue (y/n ) [n]? clear config Use this command to clear the user ‐ defined configurat[...]
-
Page 90
show webview 2-52 Basic Configuration Commands show webview Use this command to display We b Vi e w status. Synt ax show webview Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows how to display We b V i e w status: D2(rw)->show webview WebV[...]
-
Page 91
show ssl D-Series CLI Reference 2-53 Usage It is good practice for security reasons to disable HTTP access on the switch when finished configuring with We b V i e w, and then to only enable We b V i e w on the switch when changes [...]
-
Page 92
set ssl 2-54 Basic Configuration Mode Switch command, read ‐ write. Example This example shows how to enable SSL: D2(rw)->set ssl enabled[...]
-
Page 93
D-Series CLI Reference 3-1 3 Discovery Protocol Configuration This chapter describe s how to configure discovery protocols. Configuring CDP Purpose To review and configure the En terasys CDP discovery protocol. This protocol is used to discov er network topo[...]
-
Page 94
show cdp 3-2 Discovery Protocol Configuration Parameters Default s If port ‐ string is not specif ied, all CDP information will be displayed. Mode Switch command, read ‐ only . Example This example shows how to display CDP information for ports ge .1.1 t[...]
-
Page 95
set cdp state D-Series CLI Reference 3-3 set cd p state Use this command to enable or disable the CDP discov ery protocol on one or more ports. Synt ax set cdp state { auto | disable | enab le } [port-string] Parameters Default s If port ‐ string is not specif ied, th[...]
-
Page 96
set cdp interval 3-4 Discovery Protocol Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage The authentication code va l u e determines a switch’ s CDP domain. If tw o or more switches hav e the same CDP authentication code, the[...]
-
Page 97
set cdp hold-time D-Series CLI Reference 3-5 set cd p hold-time Use this command to set the hold time va l ue for CDP discovery protocol configurat ion messages. Synt ax set cdp hold-time hold-time Parameters Default s None. Mode Switch command, read ‐ write. Example This example[...]
-
Page 98
show neighbors 3-6 Discovery Protocol Configuration show neighbors This command displays Neighbor Discov ery information for either the CDP or Cisco DP protocols. Synt ax show neighbors [ port-string ] Parameters Default s If no port is specified, all Neighbor Discov er[...]
-
Page 99
show ciscodp D-Series CLI Reference 3-7 Commands The commands used to review and configure the Cisco di scover y protocol are listed below . Refer also to “ show neighbors ” on page 3 ‐ 6. show ciscod p Use this command to display global ?[...]
-
Page 100
show ciscodp port info 3-8 Discovery Protocol Configuration show ciscod p port info Use this command to display summary information about the Cisco discovery protocol on one or more ports. Synt ax show ciscodp port info [ port-string ] Parameters Default s If port ‐ string is[...]
-
Page 101
set ciscodp status D-Series CLI Reference 3-9 set ciscod p st atus Use this command to enable or disable the Cisco discov ery protocol globally on the switch. Synt ax set ciscodp state { auto | disable | enable } Parameters Default s None. Mode Switch command, read ‐ write. Example T[...]
-
Page 102
set ciscodp holdtime 3-10 Discovery Protocol Configuration Mode Switch command, read ‐ write. Example This example shows how to set the Cisco DP timer to 120 seconds. D2(su)->set ciscodp timer 12 0 set ciscod p hold time Use this command to set the time to [...]
-
Page 103
set ciscodp port D-Series CLI Reference 3-11 Default s •S t a t u s : ena bled •V o i c e VLAN: none •T r u s t mode: trusted •C o S va lu e : 0 Mode Switch mode, read ‐ write. Usage The following points describe how the Cisco DP exten ded trust settings wor k[...]
-
Page 104
clear ciscodp 3-12 Discovery Protocol Configuration Examples This example shows how to set the Cisco DP port voic e VLAN ID to 3 on port ge .1.6 and enab le the port operational state. D2(rw)->set ciscodp port sta tus enable vvid 3 ge.1.6 This example[...]
-
Page 105
D-Series CLI Reference 4-1 4 Port Configuration This chapter describe s the Po r t Configuration set of commands and how to use them. Port Configuration Summary Port St ring Synt ax Used in the CLI Commands requiring a port ‐ strin g parameter use the following sy[...]
-
Page 106
Port Configuration Summary 4-2 Port Configuration Port Slot/Unit Parameters Used in the CLI The “unit” parameter is often used interchangeably wi th “module” in the standalone switch CLI to indicate a module slot location. Examples This example shows [...]
-
Page 107
Reviewing Port Status D-Series CLI Reference 4-3 Example This example shows how to configure por t ge.2.1 in the D2G124 ‐ 12 to operate with a 100BASE ‐ FX transceiver installed. First, the port status is shown as operating as a 1000B[...]
-
Page 108
show port 4-4 Port Configuration show port Use this command to display whether or not one or more ports are enabled for switching . Synt ax show port [ port-string ] Parameters Default s If port ‐ string is not specif ied, operational status information fo[...]
-
Page 109
show port counters D-Series CLI Reference 4-5 Example This example shows how to display status information for ge .3.14: D2(su)->show port status ge. 3.14 Port Alias Oper Admin Speed Duplex Type (truncated) Status Status ------------ -------------- ------- ------- -------- ------- --- ---------- ge.3.14 up up [...]
-
Page 110
show port counters 4-6 Port Configuration Mode Switch command, read ‐ only . Examples This example shows how to display all counter statistics, including MIB2 network traffic and traffic through the device for ge .3.1: D2(su)->show port counters g e.3.1 Port: g[...]
-
Page 111
Disabling / Enabling and Naming Ports D-Series CLI Reference 4-7 Disabling / Enabling and Naming Port s Purpose To disable and re ‐ enable one or more ports, and to assign an alias to a port. By de fault, all ports are enabled at device startup. Yo[...]
-
Page 112
set port enable 4-8 Port Configuration set port enable Use this command to administratively enable one or more ports. Synt ax set port enable port-string Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to enable ge .1.3: D2(su)->[...]
-
Page 113
set port alias D-Series CLI Reference 4-9 set port alias Use this command to assign an alias name to a port. Synt ax set port alias port-string [ name ] Parameters Default s If name is not specified, the alias assigned to the port will be cleared. Mode Switc[...]
-
Page 114
show port speed 4-10 Port Configuration show port speed Use this command to display the default spee d setting on one or more ports. Synt ax show port speed [ port-string] Parameters Default s If port ‐ string is not specif ied, default speed settings for all [...]
-
Page 115
show port duplex D-Series CLI Reference 4-11 Example This example shows how to set ge .3.3 to a port speed of 10 Mbps: D2(su)->set port speed ge.3. 3 10 show port duplex Use this command to display the default duplex setting (half or full) for one[...]
-
Page 116
Enabling / Disabling Jumbo Frame Support 4-12 Port Configuration Mode Switch command, read ‐ write. Example This example shows how to set ge.1.17 to full duplex: D2(su)->set port duplex ge.1 .17 full Enabling / Disabling Jumbo Frame Support Purpose To review , enable, and disable [...]
-
Page 117
set port jumbo D-Series CLI Reference 4-13 Example This example shows how to display the status of jumbo frame support for ge .1.1: D2(su)->show port jumbo ge.1 .1 Port Number Jumbo Status Max Frame Size ------------- -------------- - ------------------ ge.1.1 Enable 9216 set port jumbo Use[...]
-
Page 118
Setting Auto-Negotiation and Advertised Ability 4-14 Port Configuration Mode Switch command, read ‐ write. Example This example shows how to reset jumbo frame support status for Gigabit Ethernet port 14 in slot 3: D2(su)->clear port jumbo ge. 3.14 Setting Auto-Negotiation [...]
-
Page 119
set port negotiation D-Series CLI Reference 4-15 Parameters Default s If port ‐ string is not specif ied, auto ‐ negotiation status for all ports will be displayed. Mode Switch command, read ‐ only . Example This example shows how to display auto ‐ negotiation ?[...]
-
Page 120
set port advertise 4-16 Port Configuration Parameters Default s If port ‐ string is not specif ied, adv ertiseme nt for all ports will be display ed. Mode Switch command, read ‐ only . Example This example shows how to display adv ertisement status for Gigab[...]
-
Page 121
clear port advertise D-Series CLI Reference 4-17 Default s None. Mode Switch command, read ‐ write. Example This example shows how to configure port 1 to advertise 1000BASE ‐ T full duplex: D2(su)->set port advertise g e.1.1 1000tfd clear port advertise Use this command [...]
-
Page 122
Setting Flow Control 4-18 Port Configuration Example This example shows how to configure port 1 to not adv ertise 10 MB capability for auto ‐ negotiation: D2(su)->clear port advertise ge.1.1 10t 10tfd Setting Flow Control Purpose To review , enable or disable p[...]
-
Page 123
set flowcontrol D-Series CLI Reference 4-19 set flowcontrol Use this command to enable or disable flow control. Synt ax set flowcontrol { enable | disable } Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to enable flow control: D2(su)[...]
-
Page 124
show port trap 4-20 Port Configuration show port trap Use this command to display whether the port is enabled for generating an SNMP trap message if its link state changes. Synt ax show port trap [ port-string ] Parameters Default s If port ‐ string is not[...]
-
Page 125
show linkflap D-Series CLI Reference 4-21 Parameters Default s Sending traps when link statu s changes is enabled by default. Mode Switch command, read ‐ write. Example The following example disables sending trap on ge.3.1. D2(su)->set port trap ge.3.1 disable show linkfla[...]
-
Page 126
show linkflap 4-22 Port Configuration Default s •I f not specified, information about all link flap detection settings will be display ed. •I f port ‐ string is not specif ied, information for all ports will be displayed. Mode Switch mode, read[...]
-
Page 127
set linkflap globalstate D-Series CLI Reference 4-23 This example shows how to display the link flap metrics table: D2(rw)->show linkflap metric s Port LinkStatus Curre ntCount TotalCount TimeElapsed Violati ons -------- ----------- ----- ------- ---------- ----------- -------- ----- ge.1.1 operational 0 0[...]
-
Page 128
set linkflap portstate 4-24 Port Configuration Mode Switch mode, read ‐ write. Usage By default, the function is disabled global ly and on all ports. If dis abled globally after per ‐ port settings have been configured using the linkflap commands[...]
-
Page 129
set linkflap action D-Series CLI Reference 4-25 Default s None. Mode Switch command, read ‐ write. Example This example shows how to set the link flap interv al on port ge .1.4 to 10 00 seconds. D2(rw)->set linkflap interva l ge.1.4 1000 set linkflap action Use this co[...]
-
Page 130
set linkflap threshold 4-26 Port Configuration Parameters Default s If port ‐ string is not specif ied, actions will be cleared on al l ports. Mode Switch mode, read ‐ write. Example This example shows how to clear the link flap violation action on ?[...]
-
Page 131
set linkflap downtime D-Series CLI Reference 4-27 set linkflap downtime Use this command to set the time interv al (in seconds) one or more ports will be held down after a link flap violation. Synt ax set linkflap downtime port-string do wntime-value Parameters [...]
-
Page 132
clear linkflap 4-28 Port Configuration clear linkflap Use this command to clear all link flap options and / or stati stics on one or more ports . Synt ax clear linkflap { all | stats [ port-string ] | parameter port-string { threshold | interval | downtime | all } Parameters Defaul[...]
-
Page 133
show port broadcast D-Series CLI Reference 4-29 show port broadcast Use this command to display port broadcast suppression thresholds. Synt ax show port broadcast [ port-string ] Parameters Default s If port ‐ string is not specif ied, broad cast status of all ports will [...]
-
Page 134
clear port broadcast 4-30 Port Configuration Default s None. Mode Switch command, read ‐ write. Usage Pe r port broadcast suppression is hardset to be globally enabled on the D2. If you wo u ld like to disable broadcast suppression, you can get [...]
-
Page 135
Port Mirroring D-Series CLI Reference 4-31 Port Mirroring The D ‐ Series device allows you to mirror (or redirect) the traffic being switched on a port for the purposes of netw ork traffic analysis and connection assu rance. When port m[...]
-
Page 136
set port mirroring 4-32 Port Configuration Default s None. Mode Switch command, read ‐ only . Example This example shows how to display port mirroring information. In this case, ge .1.4 is configured as a source port and ge .1.11 is a target an[...]
-
Page 137
clear port mirroring D-Series CLI Reference 4-33 Usage Note that LAG ports and their underlying physical ports , as described in “ Link Aggregation Control Protocol (LACP) ” on page 4 ‐ 33, cannot be mir rored. Example This example shows how ?[...]
-
Page 138
Link Aggregation Control Protocol (LACP) 4-34 Port Configuration standard. This standard allow s the switch to determine which po rts are in LAGs and configure them dynamically . Since the protocol is based on the IEEE 802.3ad specification, [...]
-
Page 139
Link Aggregation Control Protocol (LACP) D-Series CLI Reference 4-35 D-Series Usage Considerations In normal usage (and typical implementations) there is no need to modify any of the default LACP parameters on the switch. The default val u e s will r[...]
-
Page 140
show lacp 4-36 Port Configuration There are a few cases in which ports wi ll not aggregat e: •A n underlying physical port is atta ched to another port on this same switch (loopback). •T h e r e is no available aggregator for [...]
-
Page 141
show lacp D-Series CLI Reference 4-37 Parameters Default s If port ‐ string is not specif ied, link aggregation information for all LAGs will be display ed. Mode Switch command, read ‐ only . Usage Each D ‐ Series module provides 6 virtual link aggregator [...]
-
Page 142
set lacp 4-38 Port Configuration set lacp Use this command to disable or enable the Link Aggregation Control Protocol (LACP) on the device. Synt ax set lacp {disable | enable} Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how[...]
-
Page 143
set lacp aadminkey D-Series CLI Reference 4-39 Mode Switch command, read ‐ write. Usage LACP uses this va l u e to determine aggregation precedence. If there are tw o partner devices competing for the same aggregator , LACP compares the LAG IDs [...]
-
Page 144
set lacp static 4-40 Port Configuration Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear the actor admin key for LAG port 6: D2(su)->clear lacp aadminkey lag.0.6 set lacp st atic Use this command to dis able [...]
-
Page 145
clear lacp static D-Series CLI Reference 4-41 clear lacp st atic Use this command to remove specific ports from a Link Aggregation Group. Synt ax clear lacp static lagportstring port -string Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how [...]
-
Page 146
clear lacp singleportlag 4-42 Port Configuration previous LAG member ports comes up connected to the same switch as before th e LAG wen t down. Example This example enables the formation of single port LAGs: D2(su)->set lacp singleportl ag enable [...]
-
Page 147
show port lacp D-Series CLI Reference 4-43 Mode Switch command, read ‐ only . Usage State definitions, such as ActorAdminState and Par t n e r AdminState, are indicated with letter abbreviations. If the show port lacp command dis plays one or more [...]
-
Page 148
set port lacp 4-44 Port Configuration set port lacp Use this command to set link aggrega tion parameters for one or more ports. These sett ings will determine the spe cified underl ying physical ports’ ability to join a LAG, and their ?[...]
-
Page 149
clear port lacp D-Series CLI Reference 4-45 Default s At least one parameter must be entered per port ‐ string. If enable or disable are not specified, port(s) will be enabled with the LACP parameters entered. Mode Switch command, read ‐ write. U[...]
-
Page 150
clear port lacp 4-46 Port Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage If you set a port to LACP passiv e using the command clear port lacp port < por t ‐ string > aadminstate lacpactive , the command clear port[...]
-
Page 151
Configuring Protected Ports D-Series CLI Reference 4-47 Configuring Protected Port s The Protected Por t feature is used to prevent por ts from forw arding traffic to each other , even when they are on the same VLAN. Por t s may be designated [...]
-
Page 152
show port protected 4-48 Port Configuration Example This example shows how to assign ports ge .1.1 through ge .1.3 to protected port group 1: D2(rw)->set port protected g e.1.1-3 1 show port protected Use this command to display information about the port[...]
-
Page 153
set port protected name D-Series CLI Reference 4-49 Mode Switch command, read ‐ write. Example This example shows how to clear protected ports ge .1.1 through ge .1.3: D2(rw)->clear port protected ge.1.1-3 set port protected name Use this command to assign a name to ?[...]
-
Page 154
clear port protected name 4-50 Port Configuration Example This example shows how to show the name of protected port group 1: D2(ro)->show port protected name 1 Group ID Group Name ---------------------------- - 1 group1 clear port protected name Use this command to clear the[...]
-
Page 155
D-Series CLI Reference 5-1 5 SNMP Configuration This chapter describe s the Simple Network Management Protocol (SNMP) set of commands and how to use them. SNMP Configuration Summary SNMP is an application ‐ layer protocol that facilitates the exchange [...]
-
Page 156
SNMP Configuration Summary 5-2 SNMP Configuration •S N M P network management applications, such as the Enterasys Ne tSight application, whic h communicate with agents to get statistics and alerts from the managed devices. SNMPv3 SNMPv3 is an i[...]
-
Page 157
Reviewing SNMP Statistics D-Series CLI Reference 5-3 Using SNMP Context s to Access S pecific MIBs By default, when operating from the switch CLI, D ‐ Se ries devices allow access to all SNMP MIBs or contexts. A context is a collection of MIB objec[...]
-
Page 158
show snmp engineid 5-4 SNMP Configuration Commands show snmp engineid Use this command to display the SNMP local engine ID. This is the SNMP v3 engine’ s administratively unique identifier . Synt ax show snmp engineid Parameters None. Default s None. Mode Switch comma[...]
-
Page 159
show snmp counters D-Series CLI Reference 5-5 show snmp counters Use this command to display SNMP traffic counter val u e s . Synt ax show snmp counters Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows how to display SNMP counter [...]
-
Page 160
show snmp counters 5-6 SNMP Configuration usmStatsUnknownEngineIDs = 0 usmStatsWrongDigests = 0 usmStatsDecryptionErrors = 0 Ta b l e 5 ‐ 19 provides an explanation of the command output. T able 5-19 show snmp counters Out put Det ails Output Field What It Displays... snmpInPkts Number of messages delivered to the SNMP[...]
-
Page 161
Configuring SNMP Users, Groups, and Communities D-Series CLI Reference 5-7 Configuring SNMP Users, Group s, and Communities Purpose To review and configure SNMP users, groups, and v1 and v2 communities. These are defined as follows: •U s e r — A person registered ?[...]
-
Page 162
show snmp user 5-8 SNMP Configuration Commands show snmp user Use this command to display information about SNMP users. These are people registe red to access SNMP management. Synt ax show snmp user [ list ] | [ user ] | [ re mote remote ] [ volatile | nonvolatile | re ad- only ] Param[...]
-
Page 163
set snmp user D-Series CLI Reference 5-9 Examples This example shows how to display an SNMP user list: D2(su)->show snmp user list --- SNMP user information -- - --- List of registered users : Guest admin1 admin2 netops This example shows how to display information for th e [...]
-
Page 164
clear snmp user 5-10 SNMP Configuration Default s If remote is not specified , the user will be registered for the local SNMP engine. If authenticat ion is not specified, no authentication wi ll be applied. If privacy is not specif ied, n[...]
-
Page 165
show snmp group D-Series CLI Reference 5-11 show snmp group Use this command to display an SNMP group configuration. An SNMP group is a collection of SNMPv3 users who share the same access privileges. Synt ax show snmp group [ groupname groupname ] [ user us[...]
-
Page 166
set snmp group 5-12 SNMP Configuration set snmp group Use this command to create an SN MP group. This associates SNMPv3 users to a group that shares common access privileges. Synt ax set snmp group groupname user user s ecurity-model { v1 | v2c | usm } [ volatile | nonvolat[...]
-
Page 167
show snmp community D-Series CLI Reference 5-13 Parameters Default s If not specified, settings r elated to all security models will be cle ared. Mode Switch command, read ‐ write. Example This example shows how to clear al l settings assigned to the “public” user within the [...]
-
Page 168
set snmp community 5-14 SNMP Configuration set snmp community Use this command to configure an SNMP community group. Synt ax set snmp community community [ securi tyname securityname ] [ context context ] [ transport transport ] [ volatile | no nvolatile ] Parameters Default s If securityname is not s[...]
-
Page 169
Configuring SNMP Access Rights D-Series CLI Reference 5-15 Default s None. Mode Switch command, read ‐ write. Example This example shows how to delete the community name “vip.” D2(su)->clear snmp community vip Configuring SNMP Access Right s Purpose To review and configure SNMP ?[...]
-
Page 170
show snmp access 5-16 SNMP Configuration Default s If groupname is not specified, access information for all SNMP groups will be displayed. If security ‐ mode l is not specified, access information for all SNMP versions wil l be display ed. If [...]
-
Page 171
set snmp access D-Series CLI Reference 5-17 set snmp access Use this command to set an SNMP access configuration. Synt ax set snmp access groupname security-m odel { v1 | v2c | usm } [ noauthentication | authentication | privacy ] [ context c ontext ] [ exact | prefix ] [ read read ] [ write write ] [ notify noti[...]
-
Page 172
clear snmp access 5-18 SNMP Configuration If read view is not specified none will be applied. If write view is not specified, none will be applied. If notify view is not specified, none will be applied. If storage type is not [...]
-
Page 173
Configuring SNMP MIB Views D-Series CLI Reference 5-19 Configuring SNMP MIB V iews Purpose To review and configure SNMP MIB views. SNMP views map SNMP objects to access right s. Commands show snmp view Use this command to display the MIB configurat ion for S[...]
-
Page 174
show snmp cont ext 5-20 SNMP Configuration Example This example shows how to display SNMP MIB view configuration information: D2(su)->show snmp view --- SNMP MIB View informati on --- View Name = All Subtree OID = 1 Subtree mask = View Type = included Storage type = nonVolatil e Row status = active View Na[...]
-
Page 175
set snmp view D-Series CLI Reference 5-21 Mode Switch command, read ‐ only . Usage An SNMP context is a collection of management information that can be accessed by an SNMP agent or entity . The default conte xt allows all SNMP agents t[...]
-
Page 176
clear snmp view 5-22 SNMP Configuration clear snmp view Use this command to delete an SNMP v3 MIB view . Synt ax clear snmp view viewname subtree Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to delete SNMP MIB view “publi [...]
-
Page 177
show snmp targetparams D-Series CLI Reference 5-23 Parameters Default s If targetPara ms is not specified, entries associated with all target paramete rs will be displayed. If not specified, entries of all storage types will be displayed. Mode Switch com[...]
-
Page 178
set snmp targetparams 5-24 SNMP Configuration set snmp t argetp arams Use this command to set SNMP target parameters, a named set of security/authorization criteria used to generate a message to a target. Synt ax set snmp targetpa rams paramsname user user secur[...]
-
Page 179
Configuring SNMP Target Addresses D-Series CLI Reference 5-25 Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear SNMP target parameters named “v1ExampleParams”: D2(su)->clear snmp targetpar ams v1ExampleParams Configuring SNMP T arget Address[...]
-
Page 180
set snmp targetaddr 5-26 SNMP Configuration If not specified, entries of all storage types will be displayed for a target address. Mode Switch command, read ‐ only . Example This example shows how to display SNMP target address infor mation: D2(su)[...]
-
Page 181
clear snmp targetaddr D-Series CLI Reference 5-27 Default s If not specified, udpport will be set to 162 . If not specified, mask will be set to 255.255.255.255 If not specified, timeout will be set to 1500 . If not specified, number of ?[...]
-
Page 182
Configuring SNMP Notification Parameters 5-28 SNMP Configuration Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear SNMP target address entry “tr ”: D2(su)->clear snmp targetadd r tr Configuring SNMP Notification Parameters About SNMP Notify [...]
-
Page 183
show newaddrtrap D-Series CLI Reference 5-29 show newaddrtrap Use this comman d to display the global and port ‐ specif ic status of the SNMP new MAC addre sses trap function. Synt ax show newaddrtrap [ port-string ] Parameters Default s If port ‐ string is not [...]
-
Page 184
set newaddrtrap 5-30 SNMP Configuration set newaddrtrap Use this command to enable or disable SNMP trap messaging, globally or on one or more ports, when new source MAC addresses are detected. Synt ax set newaddrtrap [ port-string ] { enabl e | disable } Par[...]
-
Page 185
set snmp notify D-Series CLI Reference 5-31 Default s If a notify name is not specified, all entries will be displayed. If volatile , no nvolatile , or read ‐ only are not s pecified, all storage type entries will be di splayed. Mode Switch com[...]
-
Page 186
clear snmp notify 5-32 SNMP Configuration Default s If not specified, message type will be set to trap . If not specified, storage type will be set to nonvolatile . Mode Switch command, read ‐ write. Example This example shows how to set an [...]
-
Page 187
show snmp notifyfilter D-Series CLI Reference 5-33 show snmp notifyfilter Use this command to display SNMP notify filter information, ide ntifying which profiles will not receiv e SNMP notifications. Synt ax show snmp notifyfilter [ profile ] [ su btree oid-or-mibobject ] [ volatile | [...]
-
Page 188
clear snmp notifyfilter 5-34 SNMP Configuration Parameters Default s If not specified, mask is not set. If not specified, subtree will be included . If storage type is not specified, nonvolatile (permanent) will be applied. Mode Switch command, read ‐ [...]
-
Page 189
show snmp notifypr ofile D-Series CLI Reference 5-35 Example This example shows how to delete the SNMP notify filter “pilot1”: D2(su)->clear snmp notifyfil ter pilot1 subtree 1.3.6 show snmp notifyprofile Use this command to display SNMP notify profile information. T[...]
-
Page 190
clear snmp notifyprofile 5-36 SNMP Configuration Parameters Default s If storage type is not specified, nonvolatile (permanent) will be applied. Mode Switch command, read ‐ write. Example This example shows how to create an SNMP notify profile named area51[...]
-
Page 191
Creating a Basic SNMP Trap Configuration D-Series CLI Reference 5-37 Creating a Basic SNMP T rap Configuration T raps are notification messages sent by an SNMPv1 or v2 ag ent to a network management sta tion, a console, or a terminal to indicate the occu[...]
-
Page 192
Creating a Basic SNMP Trap Configuration 5-38 SNMP Configuration Example This example shows how to: • Create an SNMP community called mgmt . • Configure a trap notification called TrapSink . This trap notification will be sent with the community [...]
-
Page 193
D-Series CLI Reference 6-1 6 Spanning T ree Configuration This chapter describes the Spanning Tr e e Configuration set of commands and how to use them. Sp anning T ree Configuration Summary Overview: Single, Rapid, and Mult iple S p anning T ree Protocols The IEEE 802.1D Spanning ?[...]
-
Page 194
Spanning Tree Configuration Summary 6-2 Spanning Tree Configuration blocking for all traffic flowing between the tw o switches. The blocking links are effectively used only if the forw arding link goes down. MSTP assigns each VLAN present on [...]
-
Page 195
Configuring Spanning Tree Bridge Parameters D-Series CLI Reference 6-3 learning and the priorit y vect or is wor s e than tha t already held by th e port. If a disputed BPDU is receiv ed, the port is forced to the li stening state. Whe n [...]
-
Page 196
Configuring Spanning Tree Bridge Parameters 6-4 Spanning Tree Configuration Commands For information about... Refer to p age... show spantree stat s 6-5 set spantree 6-7 show spantree version 6-7 set spantree version 6-8 clear spantree version 6-8 show spantree bpdu-forwarding 6-9 set spantree bpdu-forwarding 6-9 show spantree bridgeprioritymode 6-[...]
-
Page 197
show spantree stats D-Series CLI Reference 6-5 show sp antree stat s Use this command to display Spanning Tr e e information for one or more ports. Synt ax show spantree stats [ port port-string ] [ sid sid ] [ ac tive ] Parameters Default s If port ‐ string is not specif ied, Sp[...]
-
Page 198
show spantree stats 6-6 Spanning Tree Configuration Example This example shows how to display the device’ s Spanning Tr e e configuration: D2(su)->show spantree stats Spanning tree status - enabled Spanning tree instance - 0 Designated Root MacAddr - 00-e0-63-9d-c1-c8 Designated Root Priority - 0 Designa[...]
-
Page 199
set spantree D-Series CLI Reference 6-7 set sp antree Use this command to globally enable or disable the Spanning Tr e e protocol on the switch. Synt ax set spantree { disable | enable } Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows [...]
-
Page 200
set spantree version 6-8 Spanning Tree Configuration Mode Switch command, read ‐ only . Example This example shows how to display Spanning Tr e e ve r si o n information for the device: D2(su)->show spantree versio n Force Version is mstp set sp antree version Use this command [...]
-
Page 201
show spantree bpdu-forwarding D-Series CLI Reference 6-9 Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset the Spanning Tr e e version: D2(su)->clear spantree versi on show sp antree bpdu-forwarding Use this command to disp lay the Spanning T [...]
-
Page 202
show spantree bridgeprioritymode 6-10 Spanning Tree Configuration Default s By default BP DU forw arding is disabled . Mode Switch command, read ‐ write. Usage The Spanning Tr e e protocol must be disabled ( set spantree disable ) for this feat ure to take eff[...]
-
Page 203
clear spantree bridgeprioritymode D-Series CLI Reference 6-11 Default s None Mode Switch command, read ‐ write. Usage The mode affects the range of priority val u e s used to determine which device is se lected as the Spanning Tr e e root as described [...]
-
Page 204
show spantree mstilist 6-12 Spanning Tree Configuration show sp antree mstilist Use this command to display a list of Multiple Spanning Tr e e (MST) instances configured on the device. Synt ax show spantree mstilist Parameters None. Default s None. Mode Switch command, read ‐[...]
-
Page 205
clear spantree msti D-Series CLI Reference 6-13 clear sp antree msti Use this command to delete one or more Multiple Spanning Tr e e instances. Synt ax clear spantree msti [ sid sid ] Parameters Default s If sid is not specifie d, all MST instances will be cleared. [...]
-
Page 206
set spantree mstmap 6-14 Spanning Tree Configuration set sp antree mstmap Use this command to map one or more filtering database IDs (FIDs) to a SID. Since VLANs are mapped to FIDs, this essentially maps one or more VLAN IDs to a [...]
-
Page 207
show spantree vlanlist D-Series CLI Reference 6-15 show sp antree vlanlist Use this command to display the Spanning Tr e e ID(s) assigned to one or more VLANs. Synt ax show spantree vlanlist [ vlan-list ] Parameters Default s If not specified, SID assignment will be [...]
-
Page 208
set spantree mstcfgid 6-16 Spanning Tree Configuration D2(su)->show spantree mstcfg id MST Configuration Identifie r: Format Selector: 0 Configuration Name: 00:01: f4:89:51:94 Revision Level: 0 Configuration Digest: ac:3 6:17:7f:50:28:3c:d4:b8:38:21:d8:ab:26:de: 62 set sp antree mstcfgid Use this command to set the MST ?[...]
-
Page 209
set spantree priority D-Series CLI Reference 6-17 set sp antree priority Use this command to set the device’ s Spanning Tr e e priority . Synt ax set spantree priority priority [ sid ] Parameters Default s If sid is not specifie d, priority will be set on Spanning [...]
-
Page 210
set spantree hello 6-18 Spanning Tree Configuration Example This example shows how to reset the bridge priority on SID 1: D2(su)->clear spantree prior ity 1 set sp antree hello Use this command to set the device’ s Spanning Tr e e hello time, This is ?[...]
-
Page 211
set spantree maxage D-Series CLI Reference 6-19 set sp antree maxage Use this command to set the bridge maxim um aging time. Synt ax set spantree maxage agingtime Parameters Default s None. Mode Switch command, read ‐ write. Usage The bridge maximum aging time is the maxi[...]
-
Page 212
set spantree fwddelay 6-20 Spanning Tree Configuration Example This example shows how to globally reset the maximum aging time: D2(su)->clear spantree maxag e set sp antree fwddelay Use this command to set the Spanning Tr e e forward delay . Synt ax set spantree fwdd[...]
-
Page 213
show spantree backuproot D-Series CLI Reference 6-21 Mode Switch command, read ‐ write. Example This example shows how to globally reset the bridge forward delay: D2(su)->clear spantree fwdde lay show sp antree backuproot Use this command to display the backup root [...]
-
Page 214
clear spantree backuproot 6-22 Spanning Tree Configuration Usage The Spanning Tr e e backup root function is disabled by def ault on the D ‐ Series. When thi s feature is enabled and the switch is directly connected to the root bridge, [...]
-
Page 215
set spantree tctrapsuppress D-Series CLI Reference 6-23 Mode Switch command, read ‐ only . Example This example shows how to display the status of topology change trap suppression: D2(rw)->show spantree tctrap suppress Topology change Trap Suppres sion is set to enabled set sp antree tctr[...]
-
Page 216
set spantree protomigration 6-24 Spanning Tree Configuration Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear topology change trap suppression setting: D2(rw)->clear spantree tctra psuppress set sp antree protomigration Use this c[...]
-
Page 217
set spantree spanguard D-Series CLI Reference 6-25 Default s None. Mode Switch command, read ‐ only . Example This example shows how to display the SpanGuard function status: D2(su)->show spantree spangu ard Spanguard is disabled set sp antree spanguard Use this command to enable [...]
-
Page 218
clear spantree spanguard 6-26 Spanning Tree Configuration clear sp antree spanguard Use this command to reset the statu s of the Spanning Tr e e SpanGuard function to disabled. Synt ax clear spantree spanguard Parameters None. Default s None. Mode Switch command, read ‐ write. Exampl[...]
-
Page 219
clear spantree spanguardtimeout D-Series CLI Reference 6-27 Synt ax set spantree spanguardtimeou t timeout Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to set the SpanGuard timeout to 600 seconds: D2(su)->set spantree spangua rdtimeout 600 clear[...]
-
Page 220
clear / set spantree spanguardlock 6-28 Spanning Tree Configuration Parameters Default s If no port string is specifie d, the SpanGuard lock status for all ports is display ed. Mode Switch command, read ‐ only . Example This example shows how to display the ?[...]
-
Page 221
set spantree spanguardtrapenable D-Series CLI Reference 6-29 Synt ax show spantree spanguardtrape nable Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows how to display the state of the SpanGuard trap function: D2(ro)->show spantree spangu ardt[...]
-
Page 222
show spantree legacypathcost 6-30 Spanning Tree Configuration Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset the SpanGuard trap function to enabled: D2(rw)->clear spantree spang uardtrapenable show sp antree legacypathcost Use t[...]
-
Page 223
clear spantree legacypathcost D-Series CLI Reference 6-31 Default s None. Mode Switch command, read ‐ write. Usage By default, legacy path cost is disabled. Enabling the device to calculate legacy path costs affects the range of va l i d va lu e s that [...]
-
Page 224
set spantree portadmin 6-32 Spanning Tree Configuration set sp antree portadmin Use this command to disable or enable the Spanning Tr e e algorithm on one or more ports. Synt ax set spantree portadmin port-string { disable | enable} Parameters Default s None. Mode Switch command, r[...]
-
Page 225
show spantree portadmin D-Series CLI Reference 6-33 Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset the default Spanning Tr e e admin state to ena ble on ge .1.12: D2(rw)->clear spantree porta dmin ge.1.12 show sp antree po[...]
-
Page 226
set spantree portpri 6-34 Spanning Tree Configuration Parameters Default s If port ‐ string is not specif ied, port priority will be display ed for all Spanning Tr e e ports. If sid is not specifie d, port priority will be display ed for Spanning ?[...]
-
Page 227
clear spantree portpri D-Series CLI Reference 6-35 clear sp antree portpri Use this command to reset the bridge priority of a Spanning Tr e e port to a default va l u e of 128. Synt ax clear spantree portpri port-string [ sid sid ] Parameters Default s If sid is [...]
-
Page 228
set spantree adminpathcost 6-36 Spanning Tree Configuration Example This example shows how to display the admin path cost for ge .3.4 on SID 1: D2(su)->show spantree adminp athcost port ge.3.4 sid 1 Port ge.3.4 has a Port Admin Path Cost of 0 on SID 1 set sp antree adminpathcost Use thi[...]
-
Page 229
show spantree adminedge D-Series CLI Reference 6-37 Default s If sid is not specifie d, admin path cost will be reset for Spanning Tr e e 0. Mode Switch command, read ‐ write. Example This example shows how to reset the admin path cost to 0[...]
-
Page 230
clear spantree adminedge 6-38 Spanning Tree Configuration Default s None. Mode Switch command, read ‐ write. Usage The default behavior of the edge port administrativ e sta tus begins with the val u e set to false initially after the device is powe red [...]
-
Page 231
set spantree lp D-Series CLI Reference 6-39 Commands set sp antree lp Use this command to enable or disable the Loop Protect feature per port and optionally , per SID. The Loop Protect feature is disabled by default. See “Loop Protect” ?[...]
-
Page 232
show spantree lp 6-40 Spanning Tree Configuration Default s If no SID is specified, SID 0 is assumed. Mode Switch command, read ‐ write. Usage Loop Protect takes precedence ov er per port STP enable/disable (portAdmin). Normally portAdmin disabled wo u[...]
-
Page 233
clear spantree lp D-Series CLI Reference 6-41 clear sp antree lp Use this command to return the Loop Protect status per port and optionally , per SID, to its default state of disabled. Synt ax clear spantree lp port-string [ sid sid ] Parameters Default s If no [...]
-
Page 234
clear spantree lplock 6-42 Spanning Tree Configuration Mode Switch command, read ‐ only . Example This example shows how to display Loop Protect lock status on ge .1.1: D2(rw)->show spantree lplock port ge.1.1 The LoopProtect lock status for port ge.1.1 , SID 0 is UNLOCKED clear sp antree lpl[...]
-
Page 235
show spantree lpcapablepartner D-Series CLI Reference 6-43 Default s None. Mode Switch command, read ‐ write. Usage The default val ue for Loop Protect cap able partner is false. If the port is configured with a Loop Protect capable partner (true) , th[...]
-
Page 236
clear spantree lpcapablepartner 6-44 Spanning Tree Configuration clear sp antree lpcapablep artner Use this command to reset the Loop Protect capability of port link partners to the default state of false. Synt ax clear spantree lpcapablepart ner port-string Parameters Default [...]
-
Page 237
show spantree lpthreshold D-Series CLI Reference 6-45 Example This example shows how to set the Loop Protect threshold val u e to 4: D2(rw)->set spantree lpthres hold 4 show sp antree lpthreshold Use this command to display the current va l u e of the Loop ?[...]
-
Page 238
set spantree lpwindow 6-46 Spanning Tree Configuration set sp antree lpwindow Use this command to set the Loop Protect event window val u e in seconds. Synt ax set spantree lpwindow value Parameters Default s None. Mode Switch command, read ‐ write. Usage The Loop Protect Wi [...]
-
Page 239
clear spantree lpwindow D-Series CLI Reference 6-47 clear sp antree lpwindow Use this command to reset the Loop Protect event window to the defau lt va lu e of 180 seconds. Synt ax clear spantree lpwindow Parameters None. Default s None. Mode Switch command, read ‐ write. Exa[...]
-
Page 240
show spantree lptrapenable 6-48 Spanning Tree Configuration show sp antree lptrapenable Use this command to display the current status of Loop Protect ev ent notification. Synt ax show spantree lptrapenable Parameters None. Default s None. Mode Switch command, read ‐ only . Example This [...]
-
Page 241
show spantree disputedbpduthreshold D-Series CLI Reference 6-49 Synt ax set spantree disputedbpduthr eshold value Parameters Default s None. Mode Switch command, read ‐ write. Usage A disputed BPDU is one in which the flag s field indicates a designated role and learning, [...]
-
Page 242
clear spantree disputedbpduthreshold 6-50 Spanning Tree Configuration Mode Switch command, read ‐ only . Example This example shows how to display the current disputed BPDU threshold: D2(rw)->show spantree disput edbpduthreshold The disputed BPDU threshold value is 0 clear sp antree disputedbpdut[...]
-
Page 243
show spantree nonforwardingreason D-Series CLI Reference 6-51 Mode Switch command, read ‐ only . Usage Exceptional conditions causing a port to be placed in listening or blocking state inclu de a Loop Protect event, receipt of disputed BPDUs, and l[...]
-
Page 244
show spantree nonforwardingreason 6-52 Spanning Tree Configuration[...]
-
Page 245
D-Series CLI Reference 7-1 7 802.1Q VLAN Configuration This chapter describe s the D ‐ Series system’ s capabilities to implement 802.1Q virtual LANs (VLANs). VLAN Configuration Summary Vi rt u a l LANs allow the netw ork administrator to partition netw ork [...]
-
Page 246
Viewing VLANs 7-2 802.1Q VLAN Configuration If the D ‐ Series device is to be configured for multiple VLANs, it may be desirable to configure a management ‐ only VLAN. This allows a station connected to th e management VLAN to [...]
-
Page 247
show vlan D-Series CLI Reference 7-3 Command show vlan Use this command to display all information related to one or more VLANs. Synt ax show vlan [ static ] [ vlan-list ] [ portinfo [ vlan vlan-list | vlan-name ] [ port port- string ]] Parameters Default s If no options ar e specifie [...]
-
Page 248
Creating and Naming Static VLANs 7-4 802.1Q VLAN Configuration Creating and Naming St atic VLANs Purpose To create a new static VLAN, or to enable or disable exist ing VLAN(s). Commands set vlan Use this command to create a new static IEEE 802.1 Q VLAN, or ?[...]
-
Page 249
set vlan name D-Series CLI Reference 7-5 Mode Switch command, read ‐ write. Usage Once a VLAN is created, you can assign it a name using the set vlan name command described in “ set vlan name ” on page 7 ‐ 5. Each VLAN ID must [...]
-
Page 250
clear vlan name 7-6 802.1Q VLAN Configuration Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to remove a static VLAN 9 from the device’ s VLAN list: D2(su)->clear vlan 9 clear vlan name Use this command to remove [...]
-
Page 251
show port vlan D-Series CLI Reference 7-7 Commands show port vlan Use this command to display port VLAN identifier (PVID) information. PVID determines the VLAN to which all untagged frames receiv ed on one or more ports will be classified. Sy[...]
-
Page 252
set port vlan 7-8 802.1Q VLAN Configuration set port vlan Use this command to configure the PVID (port VLAN identifier) for one or more ports. Synt ax set port vlan port-string pvid [ modi fy-egress | no-modify-egress ] Parameters Default s None. Mode Switch command, read ‐ write[...]
-
Page 253
show port ingress filter D-Series CLI Reference 7-9 Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset ports ge .1.3 through 11 to a VL AN ID of 1 (Host VLAN): D2(su)->clear port vlan ge.1 .3-11 show port ingress filter Use this [...]
-
Page 254
set port ingress filter 7-10 802.1Q VLAN Configuration set port ingress filter Use this command to discard all frames received with a VLAN ID that don’ t match the port’ s VLAN egress list. Synt ax set port ingress-filter port-string {disable | enable} Parameters De[...]
-
Page 255
set port discard D-Series CLI Reference 7-11 Mode Switch command, read ‐ only . Example This example shows how to display the frame discard mode for ge.2.7. In this case, the port has been set to discar d all tagged frames: D2(su)->show port[...]
-
Page 256
Configuring the VLAN Egress List 7-12 802.1Q VLAN Configuration Configuring the VLAN Egress List Purpose To assign or remove ports on the egress list of a particular VLAN. This determines whi ch ports on the switch will be eligible to transmit frames[...]
-
Page 257
set vlan forbidden D-Series CLI Reference 7-13 Mode Switch command, read ‐ write. Example This example shows you how to show VLAN egress information for ge .1.1 through 3. In th is case, all three ports are allow ed to transmit VLAN 1 ?[...]
-
Page 258
set vlan egress 7-14 802.1Q VLAN Configuration set vlan egress Use this command to add ports to the VLAN egress list for the device, or to prevent one or mor e ports from participating in a VLAN. Th is determines which ports will [...]
-
Page 259
show vlan dynamicegress D-Series CLI Reference 7-15 Synt ax clear vlan egress vlan-list port-string [ for bidden ] Parameters Default s If forbidden is not specified, tagged and untagged settings will be cleared. Mode Switch command, read ‐ write. Examples This example shows how [...]
-
Page 260
set vlan dynamicegress 7-16 802.1Q VLAN Configuration Example This example shows how to display the dynamic egress status for VLANs 50 ‐ 55: D2(rw)->show vlan dynamicegr ess 50-55 VLAN 50 is disabled VLAN 51 is disabled VLAN 52 is disabled VLAN 53 is enabled VLAN 54 is enabled VLAN 55 is enabled [...]
-
Page 261
Setting the Host VLAN D-Series CLI Reference 7-17 Setting the Host VLAN Purpose To configure a host VLAN that only select devices are allow ed to access. This se cures the host port for management ‐ only tasks. Commands show host vlan Use this command [...]
-
Page 262
clear host vlan 7-18 802.1Q VLAN Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage The host VLAN should be a secure VLAN where only designated users ar e allowed access. Fo r example, a host VLAN could be s pecifically ?[...]
-
Page 263
Enabling/Disabling GVRP (GARP VLAN Registration Protocol) D-Series CLI Reference 7-19 Enabling/Disabling GVRP (GARP VLAN Registration Protocol) About GARP VLAN Registration Prot ocol (GVRP) The following sections describe the device operation when its ports are operating under the Generic [...]
-
Page 264
Enabling/Disabling GVRP (GARP VLAN Registration Protocol) 7-20 802.1Q VLAN Configuration Figure 7-7 Example of VLAN Propagation via GVRP Purpose To dynamically create VLANs acr oss a switched netw ork. The GVRP command set is used to display GVRP conf iguration information, [...]
-
Page 265
show gvrp D-Series CLI Reference 7-21 show gvrp Use this command to display GVRP configuration information. Synt ax show gvrp [ port-string ] Parameters Default s If port ‐ string is not specif ied, GVRP configuration information will be displayed for all ports an[...]
-
Page 266
set gvrp 7-22 802.1Q VLAN Configuration Example This example shows how to display GARP timer information on ports 1 through 10 in slot 1: D2(su)->show garp timer ge.1 .1-10 Port based GARP Configurati on: (Timer units are centiseconds) Port Number Join Leave Leaveall ----------- ---[...]
-
Page 267
clear gvrp D-Series CLI Reference 7-23 Mode Switch command, read ‐ write. Examples This example shows how to enable GVRP globally on the device: D2(su)->set gvrp enable This example shows how to disable GVRP globally on the device: D2(su)->set gvrp disab[...]
-
Page 268
set garp timer 7-24 802.1Q VLAN Configuration Default s None. Mode Switch command, read ‐ write. Usage The setting of these timers is critical and should only be changed by personnel familiar with the 802.1Q standards documentation, which is not su[...]
-
Page 269
D-Series CLI Reference 8-1 8 Dif f erentiated Services Configuration This chapter describe s the Differentiated Services (Diffserv) set of commands and how to use them. D ‐ Series devi ces support Diffserv po licy ‐ base d provisioning of netw ork resour[...]
-
Page 270
Globally Enabling or Disabling Diffserv 8-2 Differentiated Services Configuration Globally Enabling or Disabling Diffserv Purpose To globally enable or disable Diffserv on the device. Command The command used to gl obally enable or dis able Diffserv on the device is [...]
-
Page 271
Creating Diffserv Classes and Matching Conditions D-Series CLI Reference 8-3 Creating Diffserv Classes and Matching Conditions Purpose To review , create, and configure Diffser v classes and matching conditions. Commands The commands used to revie w , create, and configure Diffserv[...]
-
Page 272
show diffserv class 8-4 Differentiated Services Configuration show diffserv class Use this command to display information about Diffserv classes. Synt ax show diffserv class { summary | detai led classname } Parameters Default s None. Mode Switch command, read ‐ only . Example This example shows [...]
-
Page 273
set diffserv class delete D-Series CLI Reference 8-5 Example This example shows how to create a Diffserv class called “admin”: D2(rw)->set diffserv class c reate all admin set diffserv class delete Use this command to delete a Diffserv class and remove any ?[...]
-
Page 274
set diffserv class match 8-6 Differentiated Services Configuration dstip | srcip classname ipaddr ipmask Matches to a specific class based on dest ination or source IP address. dstl4port | srcl4port keyword classname keywo rd | number classname portn[...]
-
Page 275
set diffserv class match D-Series CLI Reference 8-7 Default s None. Mode Switch command, read ‐ write. Usage Any policy that is applied must be com posed of rules that come from only one of the foll owing four groups. •L a y e r 3: – Destination IP [...]
-
Page 276
set diffserv class rename 8-8 Differentiated Services Configuration Yo u cannot create and add a class to a policy before adding any rules (match conditions) to the class. Once a class is added to a policy , you cannot add any [...]
-
Page 277
Configuring Diffserv Poli cies and Assigning Classes D-Series CLI Reference 8-9 Configuring Diffserv Policies and Assigning Classes Purpose To review , create, and configure Diffser v policies and assign classes. Commands The commands used to review , create, and configure Di ffser[...]
-
Page 278
set diffserv policy create 8-10 Differentiated Services Configuration Example This example shows how to display a summary of Diffserv policy information. In this case, there is one policy named “admin”, to which members of the “admin” [...]
-
Page 279
set diffserv policy class D-Series CLI Reference 8-11 Mode Switch command, read ‐ write. Usage In order to delete a policy you must first remove the service port(s) assigned to the po licy using the set diffserv service remove command as de[...]
-
Page 280
set diffserv policy police style simple 8-12 Differentiated Services Configuration Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to mark packets matching the “admin” policy in the “system” class for DSCP expedited [...]
-
Page 281
set diffserv policy police action conform D-Series CLI Reference 8-13 set diffserv policy police action conform Use this command to configure traffic policing actions for pac kets that conform to associated Diffserv classifications. Synt ax set diffserv policy police a ction conform { drop[...]
-
Page 282
set diffserv policy rename 8-14 Differentiated Services Configuration Default s None. Mode Switch command, read ‐ write. Example This example shows how to set the policying action to dr op for packets not conforming to the Diffserv policy “admin,” class ?[...]
-
Page 283
show diffserv service info D-Series CLI Reference 8-15 Commands The commands used to review and assign Diffserv policies to service po rts are list ed below and described in the associated section as shown. show diffserv service info Use this command [...]
-
Page 284
set diffserv service 8-16 Differentiated Services Configuration Parameters Default s None. Mode Switch command, read ‐ only . Example This example shows how to display a detailed incoming traffic statistics about servic e port ge.1.1: D2(rw)->show diffserv servic e stats detai[...]
-
Page 285
DiffServ Configuration Examples D-Series CLI Reference 8-17 DiffServ Configuration Examples Ty p i c a l l y , yo u wo u ld use the Diffserv command set to complete configuration tasks in the following order: 1. Enable DiffServ . 2. Create a Class. 3. Create one or [...]
-
Page 286
DiffServ Configuration Examples 8-18 Differentiated Services Configuration[...]
-
Page 287
D-Series CLI Reference 9-1 9 Policy Classification Configuration This chapter describe s the Po l i cy Classification set of commands and how to use them. Policy Classification Configuration Summary D ‐ Series devi ces support policy profile ‐ based provisioning of [...]
-
Page 288
show policy profile 9-2 Policy Classification Configuration Commands show policy profile Use this command to display policy profil e information. Synt ax show policy profile { all | profile-i ndex [ consecutive-pids ] [ -verbose ]} Parameters Default s If optional parameters are not specified, [...]
-
Page 289
show policy profile D-Series CLI Reference 9-3 Example This example shows how to display policy information for prof ile 11: D2(su)->show policy profile 11 Profile Index : 1 1 Profile Name : M acAuth1 Row Status : a ctive Port VID Status : E nable Port VID Override : 1 1 CoS : 0 CoS Status : D isable E[...]
-
Page 290
set policy profile 9-4 Policy Classification Configuration set policy profile Use this command to create a policy profile ent ry . Synt ax set policy profile profile-index [ na me name ] [ pvid-status { enable | disable }] [ pvid pvid ] [ cos-status { enable | dis able }] [ cos cos ] [ precedence precedence-list ] Pa[...]
-
Page 291
clear policy profile D-Series CLI Reference 9-5 clear policy profile Use this command to delete a policy profile ent ry . Synt ax clear policy profile profile-index Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to delete policy profi[...]
-
Page 292
show policy rule 9-6 Policy Classification Configuration show policy rule Use this command to display policy classification rule information. Synt ax show policy rule [ all | admin-profil e | profile-index ] [ ether | ipproto | ipdestsocket | ipsourcesocket | ipto s | macdest | macsource | tcpdestport | tcpsourceport[...]
-
Page 293
show policy rule D-Series CLI Reference 9-7 Default s If verbose is not s pecified, summary informat ion will be display ed. Mode Switch command, read ‐ only . Example This example shows how to display policy classification information for Ethernet type 2 [...]
-
Page 294
show policy capability 9-8 Policy Classification Configuration show policy cap ability Use this command to display de tailed policy classification capabilities supported by you r D ‐ Series device. Synt ax show policy capability Parameters None. Default s None. Mode Switch command, r[...]
-
Page 295
show policy capability D-Series CLI Reference 9-9 Example This example shows how to display the device’ s policy classification capabilities. Refer to “ set policy rule ” on page 9 ‐ 10 for a description of the parameters displayed: D2(su)-&g[...]
-
Page 296
set policy ru le 9-10 Policy Classification Configuration set policy rule Use this command to assign incoming untagged frames to a speci fic policy profile and to VLAN rules. This command has two forms of syntax—one to create an admin rule [...]
-
Page 297
set policy rule D-Series CLI Reference 9-11 Default s None. Mode Switch command, read ‐ write. Usage Ta b l e 9 ‐ 35 provides the set policy rule data val u e s that can be entered for a particular classification type, and the mask bits that can [...]
-
Page 298
clear policy rule 9-12 Policy Classification Configuration Examples This example shows how to use Ta b l e 9 ‐ 35 to assign a rule to policy profile 3 that will filter Ethernet II Ty p e 1526 frames to VLAN 7: D2(su)->set policy rule 3 et her 15[...]
-
Page 299
clear policy all-rules D-Series CLI Reference 9-13 Default s When applicable, data and mask must be specified for i ndividual rules to be cleared. Mode Switch command, read ‐ write. Examples This example shows how to delete Ethernet II Ty p e 1526 [...]
-
Page 300
Assigning Ports to Policy Profiles 9-14 Policy Classification Configuration Mode Switch command, read ‐ write. Example This example shows how to remove al l administrativ e and policy inde x rules: D2(su)->clear policy all-rul es Assigning Port s to Policy Profiles Purpose To assign a[...]
-
Page 301
clear policy port D-Series CLI Reference 9-15 Example This example shows how to allow Gigabit Etherne t ports 5 through 15 in slot 1 to transmit frames according to policy prof ile 1: D2(su)->set policy port ge.1 .5-15 1 clear policy port Use this com[...]
-
Page 302
Configuring Policy Clas s of Service (CoS) 9-16 Policy Classification Configuration enabled, the defaul t and user ‐ assigned policy ‐ based settings will override port ‐ based settings described in Chapter 10 . About Policy-Based CoS Configurations Once enabled using the set[...]
-
Page 303
Configuring Policy Class of Service (CoS) D-Series CLI Reference 9-17 D2(su)->show cos port-resour ce irl 1.0 1 Group Index Resource Type Un it Rate Rate Limit Type Action ----------- -------- ---- -- -- ---------- --------------- ------ 1.0 1 irl kb ps 512 drop none D2(su)->show cos port-resou rce irl 2.0 1 Group Index Resource Type Un it Ra[...]
-
Page 304
set cos state 9-18 Policy Classification Configuration Commands set cos st ate Use this command to enable or disable Class of Service. Synt ax set cos state { enable | disable } Parameters Default s None. Mode Switch command, read ‐ write. For information about... Refer to p age... set cos state 9-18 sh[...]
-
Page 305
show cos state D-Series CLI Reference 9-19 Example This example shows how to enable Class of Service: D2(rw)->set cos state enable show cos st ate Use this command to display the Class of Service enable state. Synt ax show cos state Parameters None. Default s None. Mode [...]
-
Page 306
set cos settings 9-20 Policy Classification Configuration set cos settings Use this command to configure a Class of Service entry in the CoS settings table. Synt ax set cos settings cos-index priority priority [ tos-value tos-value ] [ irl-reference irl-reference ] Parameters Default s If [...]
-
Page 307
clear cos settings D-Series CLI Reference 9-21 Example This example shows how to create CoS entry 8 with a priority va l u e of 3: D2(rw)->set cos settings 8 p riority 3 clear cos settings Use this command to clear Class of Service entry settings. Synt ax[...]
-
Page 308
set cos port-config 9-22 Policy Classification Configuration Example This example shows how to show all CoS settings: D2(su)->show cos settings CoS Index Priority ToS IRL --------- ---------- ------- ----- 0 0 * * 1 1 * * 2 2 * * 3 3 * * 4 4 * * 5 5 * * 6 6 * * 7 7 * * set cos port-config Use this command [...]
-
Page 309
show cos port-config D-Series CLI Reference 9-23 groups (1 through 7) can be configured. Currently , only one port type (type 0) is supported. This port type supports 100 limiters . Additional port groups may be created for flexibil ity .[...]
-
Page 310
clear cos port-config 9-24 Policy Classification Configuration Inbound Rate Limiting Port C onfiguration Entries ---------------------------- ----------------------------------------- - Port Group Name :Default Port Group :0 Port Type :0 Assigned Ports :none ---------------------------- ----------------------------------------- - Port Group Name :U[...]
-
Page 311
set cos port-resource D-Series CLI Reference 9-25 Example This example deletes all Por t Groups except for the Default group 0.0: D2(su)->clear cos port-confi g irl all set cos port-resource Use this command to set the inbound rate limit parameters for a [...]
-
Page 312
show cos port-re source 9-26 Policy Classification Configuration Example This ex ample se ts the inbound rate limit re source index number 1 for port group 2.0 to 10000 Kbps or 1 MB: D2(su)->set cos port-resourc e irl 2.0 1 unit kbps rate 10000 type dro p show cos po[...]
-
Page 313
set cos reference D-Series CLI Reference 9-27 Parameters Default s None. Mode Switch command, read ‐ write. Example This example clears the data rate to 0 for IRL resource index 1 for gr oup 2.0. D2(su)->clear cos port-resou rce irl 2.0 1 rate set cos reference Use this ?[...]
-
Page 314
show cos reference 9-28 Policy Classification Configuration Mode Switch command, read ‐ write. Usage The CoS refere nce table maps the user ‐ defined IRL references found in the CoS settings table (see “ set cos settings ” on page 9 ‐ 20) to ra[...]
-
Page 315
clear cos reference D-Series CLI Reference 9-29 Example This example shows the Class of Service IRL references for port group 1.0. Note tha t not all of the 100 possible references are display ed in this output example. D2(su)->show cos re[...]
-
Page 316
show cos unit 9-30 Policy Classification Configuration show cos unit Use this command to show possible CoS unit entries. Synt ax show cos unit Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows possible unit entries for inbound rate[...]
-
Page 317
show cos port-type D-Series CLI Reference 9-31 show cos port-type Use this command to display Class of Service port type configurations. Synt ax show cos port-type [ irl [ port-type ]] Parameters Default s If no parameters are specified, inbound rate limiting information fo[...]
-
Page 318
show cos port-type 9-32 Policy Classification Configuration[...]
-
Page 319
D-Series CLI Reference 10-1 10 Port Priority and Rate Limiting Configuration This chapter describes the Po r t Priority and Rate Li miting set of commands and how to use them. Port Priority Configuration Summary The D ‐ Series device supports Class of Serv[...]
-
Page 320
Configuring Port Priority 10-2 Port Priority and Rate Limiting Configuration Configuring Port Priority Purpose To view or configure port priority characteristics as follows: •D i s p l a y or change the port default Class ‐ of Service (CoS ) transmit priority (0 thr[...]
-
Page 321
set port priority D-Series CLI Reference 10-3 set port priority Use this command to set the 802.1D (802.1p) Class ‐ of ‐ Service transmit priority (0 through 7) on each port. A port receiving a frame without priority information in its tag he[...]
-
Page 322
Configuring Priority to Transmit Queue Mapping 10-4 Port Priority and Rate Limiting Configuration Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset ge .1.11 to the default priority: D2(rw)->clear port priority ge.1.11 Configuring Priority to[...]
-
Page 323
set port priority-queue D-Series CLI Reference 10-5 Parameters Default s If port-string is not specified, priority queue informati on for all ports will be displayed. Mode Switch command, read ‐ only . Example This example shows how to display priority queue information for ge .1.1. In this [...]
-
Page 324
clear port priority-queue 10-6 Port Priority and Rate Limiting Configuration Usage Priority to transmit queue mapping on an individual port basis can only be configured on Gigabit Ethernet ports ( ge .x.x). When you use the set port priority ‐ queu[...]
-
Page 325
show port txq D-Series CLI Reference 10-7 show port txq Use this command to display QoS transmit queue informat ion for one or more physical ports. Synt ax show port txq [ port-string ] Parameters Default s If the port ‐ string is not specified, the QoS settin[...]
-
Page 326
clear port txq 10-8 Port Priority and Rate Limiting Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage Queues can be set for strict priority (SP) or weig h te d round ‐ robin (WRR). If set for WRR mode, wei gh t s may be assign[...]
-
Page 327
clear port txq D-Series CLI Reference 10-9 Parameters Default s By default, transmit queues are de fined as follows: Mode Switch command, read ‐ write. Example This example shows how to clear transmit queue va l u e s on ge .1.1: D2(su)->clear port txq ge.1. 1 port[...]
-
Page 328
clear port txq 10-10 Port Priority and Rate Limiting Configuration[...]
-
Page 329
D-Series CLI Reference 11-1 11 IGMP Configuration This chapter describe s the IGMP Configuration set of commands and how to use them. IGMP Overview About IP Multicast Group Management The Internet Group Management Protocol (IGMP) runs between hosts and t[...]
-
Page 330
Configuring IGMP at Layer 2 11-2 IGMP Configuration multicast switch/router it passes through to ensure that traffic is only passed to the hosts that subscribed to this service. Configuring IGMP at Layer 2 Purpose To configure IGMP snooping from the [...]
-
Page 331
set igmpsnooping adminmode D-Series CLI Reference 11-3 Usage Configured information is display ed whether or not IGMP snooping is enabled. Status information is display ed only when the function is enabled. For information on enabling IGMP on [...]
-
Page 332
set igmpsnooping interfacemode 11-4 IGMP Configuration set igmp snooping interfacemode Use this command to enable or disable IGMP on one or all ports. Synt ax set igmpsnooping interfacemo de port-string {enable | disable} Parameters Default s None. Mode Switch command, read ‐ write. Usag[...]
-
Page 333
set igmpsnooping maxresponse D-Series CLI Reference 11-5 Usage The IGMP group membership interv al time sets the frequency of host ‐ query frame transmissions and must be greater than the IGMP maximum response time as described in “ set i[...]
-
Page 334
set igmpsnooping add-static 11-6 IGMP Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage This timer is for expiring the switch from the multicast database. If the timer expires, and the only address left is the multicast [...]
-
Page 335
set igmpsnooping remove-static D-Series CLI Reference 11-7 Example This example creates an IGMP entry for the multicast group with IP address of 233.11.22.33 configured on VLAN 20 configured with the port ge .1.1. D2(su)->set igmpsnooping add -static 233.[...]
-
Page 336
show igmpsnooping mfdb 11-8 IGMP Configuration Mode Switch command, read ‐ only . Example This example displays the static IGMP ports for VLAN 20. D2(su)->show igmpsnooping st atic 20 ---------------------------- ----------------------------------------- ----------- Vlan Id = 20 Static Multicast G ro[...]
-
Page 337
clear igmpsnooping D-Series CLI Reference 11-9 Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear all IGMP snooping entries: D2(su)->clear igmpsnooping Are you sure you want to cle ar all IGMP snooping entries? (y/n) y IGMP Snooping Entries Cle[...]
-
Page 338
clear igmpsnooping 11-10 IGMP Configuration[...]
-
Page 339
D-Series CLI Reference 12-1 12 Logging and Network Management This chapter describe s switch ‐ related logging and network management commands and how to use them. Configuring System Logging Purpose To dis play and configure system logging, including Syslog se[...]
-
Page 340
show logging ser ver 12-2 Logging and Network Management show logging server Use this command to display the Syslog configuration for a particular serv er . Synt ax show logging server [ index] Parameters Default s If index is not specif ied, all Sy slog serv er information[...]
-
Page 341
set logging server D-Series CLI Reference 12-3 set logging server Use this command to configure a Syslog server . Synt ax s et logging server index [ ip-addr ip-addr ] [ facility facility ] [ severity severity ] [ descr descr ] [ port por t] [ state { en able | disable }] Parameters Default s If ip ‐ addr is ?[...]
-
Page 342
clear logging server 12-4 Logging and Network Management clear logging server Use this command to remove a serv er from the Syslog serv er table. Synt ax clear logging server index Parameters Default s None. Mode Switch command, read ‐ write. Example This command shows how to [...]
-
Page 343
set logging default D-Series CLI Reference 12-5 set logging default Use this command to set logging default val u e s . Synt ax set logging default {[ facility facil ity] [ severity severity ] port port] } Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how ?[...]
-
Page 344
show logging application 12-6 Logging and Network Management Default s At least one optional parameter must be entere d. All three optional keywor ds must be entered to reset all logging val u e s to defaults. Mode Switch command, read ‐ write. Example This ?[...]
-
Page 345
set logging application D-Series CLI Reference 12-7 Example This example shows how to display system logging information pertaining to the SNMP application. D2(ro)->show logging applica tion SNMP Application Current Severi ty Level ---------------------------- ----------------- 90 SNMP 6 1(emer[...]
-
Page 346
clear logging application 12-8 Logging and Network Management Default s If level is not specified, none will be applied. Mode Switch command, read ‐ write. Example This example shows how to set the sev erity level for SNMP to 4 so that error co[...]
-
Page 347
show logging local D-Series CLI Reference 12-9 Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset the logging severity lev el to 6 for SNMP . D2(rw)->clear logging applic ation SNMP show logging local Use this command to ?[...]
-
Page 348
clear logging local 12-10 Logging and Network Management Parameters Default s None. Mode Switch command, read ‐ write. Example This command shows how to enable logging to the console and disable logging to a persistent file: D2(su)->set logging local co nsole enable file d[...]
-
Page 349
Monitoring Network Events and Status D-Series CLI Reference 12-11 Default s None. Mode Switch command, read ‐ only . Example This example shows a porti on of the information display ed with the show logging buffer command: D2(su)->show logging buffer <165>Sep 4 07:43:09 10.4[...]
-
Page 350
show history 12-12 Logging and Network Management Mode Switch command, read ‐ only . Example This example shows how to display the contents of the command history buffer . It shows there are five command s in the buffer: D2(su)->history 1 hist 2 show gv[...]
-
Page 351
ping D-Series CLI Reference 12-13 Mode Switch command, read ‐ write. Example This example shows how to set the size of the command histor y buffer to 30 lines: D2(su)->set history 30 ping Use this command to send ICMP echo ‐ request packets to[...]
-
Page 352
disconnect 12-14 Logging and Network Management Mode Switch command, read ‐ only . Example This example shows how to use the show users command. In this output, there are two Te l n e t users logged in with Read ‐ Wr i t e access privileges f[...]
-
Page 353
Managing Switch Network Addresses and Routes D-Series CLI Reference 12-15 Managing Switch Network Addresses and Routes Purpose To display or delete switch ARP table entries, and to display MAC address information. Commands show arp Use this command to display the switch’ [...]
-
Page 354
set arp 12-16 Logging and Network Management Example This example shows how to display the ARP table: D2(su)->show arp LINK LEVEL ARP TABLE IP Address Phys Addres s Flags Interface ---------------------------- ------------------------- 10.20.1.1 00-00-5e-00 -01-1 S host 134.142.21.194 00-00-5e-00 -01-1 S host [...]
-
Page 355
clear arp D-Series CLI Reference 12-17 clear arp Use this command to delete a specific entry or all entries from the switch’ s ARP tab le. Synt ax clear arp { ip-address | all } Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows [...]
-
Page 356
show mac 12-18 Logging and Network Management Default s If not specified, waittime will be set to 5 seconds. If not specified, first ‐ tt l will be set to 1 second. If not specified, max ‐ ttl will be set to 30 seconds. If not spe[...]
-
Page 357
show mac agetime D-Series CLI Reference 12-19 Mode Switch command, read ‐ only . Example This example shows how to display MAC addre ss information for ge .3.1: D2(su)->show mac port ge.3.1 MAC Address FID Port Type ----------------- ---- ----- -------- -------- 00-09-6B-0F-13-E6 15 ge.3. 1 Learn[...]
-
Page 358
set mac agetime 12-20 Logging and Network Management Mode Switch command, read ‐ only . Example This example shows how to display the MAC timeout period: D2(su)->show mac agetime Aging time: 300 seconds set mac agetime Use This command to set the timeout period for [...]
-
Page 359
set mac algorithm D-Series CLI Reference 12-21 Example This example shows how to reset the MAC timeout period to the default val u e of 300 seconds. D2(su)->clear mac agetime set mac algorithm Use this command to set the MAC algorithm mode, which [...]
-
Page 360
clear mac algorithm 12-22 Logging and Network Management Default s None. Mode Switch command, read ‐ only . Example This example shows the output of this command. D2(su)->show mac algorithm Mac hashing algorithm is mac -crc16-upperbits. clear mac algorithm Use this command to return the ?[...]
-
Page 361
clear mac address D-Series CLI Reference 12-23 Default s If no port ‐ string is defined, the command will apply to all ports. Mode Switch command, read ‐ write. Example This example configures multicast MAC address 01 ‐ 01 ‐ 22 ‐ 33 ‐ 44 ‐ 55 for VLAN [...]
-
Page 362
set mac unreserved-flood 12-24 Logging and Network Management Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example displays the status of multicast flood protection. D2(su)->show mac unreserved- flood mac unreserved flood is disa bled. set mac unreserved-flood Use [...]
-
Page 363
Configuring Simple Network Time Protocol (SNTP) D-Series CLI Reference 12-25 Configuring Simple Network T ime Protocol (SNTP) Purpose To configure the Simple Network Time Protocol (SNTP), which synchronizes device clocks in a network. Commands show sntp Use this command to disp[...]
-
Page 364
show sntp 12-26 Logging and Network Management Example This example shows how to display SNTP client settings: D2(su)->show sntp SNTP Version: 3 Current Time: TUE SEP 09 16: 13:33 2003 Timezone: 'EST', offset from UTC is -4 hours and 0 minutes Client Mode: unicast Broadcast Count: 0 Poll Interval: 512 se[...]
-
Page 365
set sntp client D-Series CLI Reference 12-27 set sntp client Use this command to set the SNTP operation mode. Synt ax set sntp client { broadcast | unicast | disab le } Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to enable SNTP in [...]
-
Page 366
set sntp server 12-28 Logging and Network Management set sntp server Use this command to add a serv er from which the SNTP client will retrieve the current time when operating in unicast mode. Up to 10 serv ers can be set as SNTP [...]
-
Page 367
set sntp poll-interval D-Series CLI Reference 12-29 set sntp poll-interval Use this command to set the poll interval betw een SNTP unicast requests. Synt ax set sntp poll-interval interval Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how ?[...]
-
Page 368
clear sntp poll-retry 12-30 Logging and Network Management Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to set the number of SNTP poll retries to 5: D2(su)->set sntp poll-retry 5 clear sntp poll-retry Use this command to [...]
-
Page 369
clear sntp poll-timeout D-Series CLI Reference 12-31 Mode Switch command, read ‐ write. Example This example shows how to set the SNTP poll timeout to 10 seconds: D2(su)->set sntp poll-timeou t 10 clear sntp poll-timeout Use this command to clear the SNTP poll [...]
-
Page 370
show nodealias config 12-32 Logging and Network Management show nodealias config Use this command to display node alias configuration settings on one or more ports. Synt ax show nodealias config [ port-string ] Parameters Default s If port ‐ string is not specif ied, node [...]
-
Page 371
clear nodealias config D-Series CLI Reference 12-33 Parameters Default s None. Mode Switch command, read ‐ write. Usage Upon packet reception, node al iases are dynamically assigned to ports enabled wi th an alias agent, which is the default setting on D ?[...]
-
Page 372
clear nodealias config 12-34 Logging and Network Management[...]
-
Page 373
D-Series CLI Reference 13-1 13 RMON Configuration This chapter describe s the commands used to configure RMON on a D ‐ Series switch. RMON Monitoring Group Functions RMON (Remote Network Monitoring) provides comprehensiv e network fault diagnosis, planning, an[...]
-
Page 374
RMON Monitoring Group Functions 13-2 RMON Configuration History Records periodic st atistical samples from a network. Sample period, number of samples and item(s) sampled. “ show rmon history ” on page 13-5 “ set rmon history ” on page 13-6 “ clear rmon history ” on page 13-7 Alarm Periodically gathers statistical samples from variables[...]
-
Page 375
Statistics Group Commands D-Series CLI Reference 13-3 S t atistics Group Commands Purpose To display , configure, and clear RMON statistics. Commands show rmon st ats Use this command to display RMON statistics measured for one or more ports. Synt ax show rmon stats [ port-[...]
-
Page 376
set rmon stats 13-4 RMON Configuration Example This example shows how to display RMON statistics for Gigabit Ethernet port 1 in switch 1. : D2(su)->show rmon stats ge.1 .1 Port: ge.1.1 ---------------------------- --------- Index = 1 Owner = monitor Data Source = ifIndex.1 Drop Events =[...]
-
Page 377
clear rmon stats D-Series CLI Reference 13-5 clear rmon st ats Use this command to delete one or more RMON statistics entries. Synt ax clear rmon stats { index-list | to-de faults } Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to de[...]
-
Page 378
set rmon history 13-6 RMON Configuration Parameters Default s If port ‐ string is not specif ied, information about all RMON history entries will be displayed. Mode Switch command, read ‐ only . Example This example shows how to display RMON history entr[...]
-
Page 379
clear rmon history D-Series CLI Reference 13-7 Default s If buckets is not specif ied, the maximum number of entries maintained will be 50. If not specified, interval will be set to 30 seconds. If owner is not spec ified, monitor will [...]
-
Page 380
show rmon alarm 13-8 RMON Configuration Commands show rmon alarm Use this command to display RMON alarm entrie s. The RMON alarm group periodically takes statistical samples from RMON var ia bl es and compares them with previously configured threshol[...]
-
Page 381
set rmon alarm properties D-Series CLI Reference 13-9 set rmon alarm properties Use this command to configure an RMON alarm entr y , or to create a new alarm entry with an unused alarm index number . Synt ax set rmon alarm properties index [ int erval interval ][...]
-
Page 382
set rmon alarm status 13-10 RMON Configuration Default s interval ‐ 3600 seconds type ‐ absolute startup ‐ rising rthresh ‐ 0 fthresh ‐ 0 revent ‐ 0 fevent ‐ 0 owner ‐ monitor Mode Switch command, read ‐ write. Example This example shows how to confi[...]
-
Page 383
clear rmon alarm D-Series CLI Reference 13-11 Parameters Default s None. Mode Switch command, read ‐ write. Usage An RMON alarm entry can be created us ing this command, configured using the set rmon alarm properties command (“ set rmon alarm properties [...]
-
Page 384
Event Group Commands 13-12 RMON Configuration Event Group Commands Purpose To display and clear RMON ev ents, and to configure RMON event properties. Commands show rmon event Use this command to display RMON event entry properties. Synt ax show rmon event [ index] Parameter[...]
-
Page 385
set rmon event properties D-Series CLI Reference 13-13 set rmon event properties Use this command to configure an RMON event entry , or to create a new eve nt entry with an unused event index number . Synt ax set rmon event properties index [ description descrip[...]
-
Page 386
set rmon event status 13-14 RMON Configuration Example This example shows how to create and enable an RMON event entry called “STP topology change” that will send both a log entry and an SNMP trap message to the “public” ?[...]
-
Page 387
Filter Group Commands D-Series CLI Reference 13-15 Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear RMON event 1: D2(rw)->clear rmon event 1 Filter Group Commands The packet capture and filter function is di sabled by default. [...]
-
Page 388
show rmon channel 13-16 RMON Configuration show rmon channel Use this command to display RMON channel entries for one or more ports. Synt ax show rmon channel [ port-string ] Parameters Default s If port ‐ string is not specif ied, information about all channels w[...]
-
Page 389
clear rmon channel D-Series CLI Reference 13-17 Default s If an action is not specified, packets will be accepted on filter matches. If not specified, control will be set to off . If a description is not specif ied, none will be appli[...]
-
Page 390
set rmon filter 13-18 RMON Configuration Parameters Default s If no options are specified, information for all filter entries will be display ed. Mode Switch command, read ‐ only . Example This example shows how to display all RMON filter entries and ?[...]
-
Page 391
clear rmon filter D-Series CLI Reference 13-19 Default s If owner is not spec ified, it will be set to monitor. If no other options are specifie d, none (0) will be applied. Mode Switch command, read ‐ write. Example This example shows how [...]
-
Page 392
Packet Capture Commands 13-20 RMON Configuration Packet Capture Commands Note that packet capture filter is sampling only and does not guarantee receipt of back ‐ to ‐ back packets. Purpose To display RMON capture entries, configure, enable, or disable ?[...]
-
Page 393
set rmon capture D-Series CLI Reference 13-21 Example This example shows how to display RMON capture entries and as sociated buffer entries: D2(rw)->show rmon capture Buf.control= 28062 Channel= 38283 EntryStatus= valid ---------------------------- ------------------------------ FullStatus avail Fu[...]
-
Page 394
clear rmon capture 13-22 RMON Configuration Default s If not specified, action defaults to lock . If not specified, offset defaults to 0 . If not specified, asksize defaults to ‐ 1 (which will request as many octets as possible). If slice ?[...]
-
Page 395
D-Series CLI Reference 14-1 14 DHCP Server Configuration This chapter describe s the commands to configure the IPv4 DHCP serv er functionality on a D ‐ Series switch. DHCP Overview Dynamic Host Configuration Protocol (DHCP) for IPv4 is a netw ork l[...]
-
Page 396
DHCP Overview 14-2 DHCP Server Configuration • Boot file •D H C P options as defined by RFC 2132 Configuring a DHCP Server For DHCP to function on D ‐ Series systems, the system has to “know about” the IP netw ork for which the DHCP [...]
-
Page 397
Configuring General DHCP Server Parameters D-Series CLI Reference 14-3 Configuring General DH CP Server Paramete rs Purpose To configure DHCP server parameters, and to display and clear address binding information, server statistics, and conflict information. Commands set dhcp Use [...]
-
Page 398
set dhcp bootp 14-4 DHCP Server Configuration Example This example enables DHCP server functionality . D2(rw)->set dhcp enable set dhcp bootp Use this command to enable or disable automatic address allocation for BOOTP clients. By default, address allocation [...]
-
Page 399
show dhcp conflict D-Series CLI Reference 14-5 show dhcp conflict Use this command to display conflict information, for one address or al l addresses. Synt ax show dhcp conflict [ address ] Parameters Default s If no address is specified, c onflict information for all ?[...]
-
Page 400
set dhcp exclude 14-6 DHCP Server Configuration Examples This example disables DHCP conflict logging. D2(rw)->clear dhcp conflict logging This example clears the conflict information for the IP address 192.0.0.2. D2(rw)->clear dhcp conflict 192.0.0.2 set dhcp exclude Use this[...]
-
Page 401
set dhcp ping D-Series CLI Reference 14-7 Default s None. Mode Switch command, read ‐ write. Example This example clears the previously excluded range of IP addres ses between 192.1 68.1.88 through 192.168.1.100. D2(rw)->clear dhcp exclude 1 92.168.1.88 192.168.1.100 set dhcp ping Use[...]
-
Page 402
show dhcp binding 14-8 DHCP Server Configuration Default s None. Mode Switch command, read ‐ write. Example This example resets the number of ping packets sent back to the default val u e . D2(rw)->clear dhcp ping pack ets show dhcp binding Use this command to display [...]
-
Page 403
show dhcp server statistics D-Series CLI Reference 14-9 Parameters Default s None. Mode Switch command, read ‐ write. Example This example deletes the DHCP address binding for IP address 192.168.1.1. D2(rw)->clear dhcp binding 1 92.168.1.1 show dhcp server st atistics Use this command [...]
-
Page 404
clear dhcp server st atistics 14-10 DHCP Server Configuration clear dhcp server st atistics Use this command to clear all DHCP server counters. Synt ax clear dhcp server statistics Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example clears all DHCP se[...]
-
Page 405
Configuring IP Address Pools D-Series CLI Reference 14-11 Commands For information about... Refer to p age... set dhcp pool 14-12 clear dhcp pool 14-12 set dhcp pool ne twork 14-1 3 clear dhcp pool network 14-13 set dhcp pool hardware-a ddress 14-14 clear dhcp pool hardware-address 14-14 set dhcp pool ho st 14-15 clear dhcp pool host 14-16 set dhcp[...]
-
Page 406
set dhcp pool 14-12 DHCP Server Configuration set dhcp pool Use this command to create and assign a name to a DHCP serv er pool of addres ses. Up to 16 address pools may be configured on a D ‐ Series. Not e that entering this ?[...]
-
Page 407
set dhcp pool network D-Series CLI Reference 14-13 set dhcp pool network Use this command to configure the subnet number and mas k for an automatic DHCP address pool. Synt ax set dhcp pool poolname network numbe r { mask | prefix-length } Parameters Default s None. Mode Switch command,[...]
-
Page 408
set dhcp pool hardware -address 14-14 DHCP Server Configuration Default s None. Mode Switch command, read ‐ write. Example This example deletes the netw ork and mask from the address pool named “auto1.” D2(rw)->clear dhcp pool auto 1 network set dhcp pool hardware-address Use this[...]
-
Page 409
set dhcp pool host D-Series CLI Reference 14-15 Parameters Default s None. Mode Switch command, read ‐ write. Example This example deletes the client hardw are address from the address pool named “manual1.” D2(rw)->clear dhcp pool manu al1 hardware-address set dhcp pool host Use t[...]
-
Page 410
clear dhcp pool host 14-16 DHCP Server Configuration clear dhcp pool host Use this command to remove the host IP address from a manual binding address pool. Synt ax clear dhcp pool poolname host Parameters Default s None. Mode Switch command, read ‐ write. Example This exampl[...]
-
Page 411
clear dhcp pool client-identifier D-Series CLI Reference 14-17 Example This example shows how to configure the minimum requirem ents for a manual binding address pool, using a client identifier rather than the hardware address of the client’ s [...]
-
Page 412
clear dhcp pool client-name 14-18 DHCP Server Configuration Mode Switch command, read ‐ write. Example This example configures the client name “appsvr1” to the manual binding pool “manual2.” D2(rw)->set dhcp pool manual 2 client-identifier 01:22:33:44:55:66 D2(rw)->set dhcp poo[...]
-
Page 413
clear dhcp pool bootfile D-Series CLI Reference 14-19 Mode Switch command, read ‐ write. Example This example sets the boot image filename for addres s pool named “auto1.” D2(rw)->set dhcp pool auto1 bootfile image1.img clear dhcp pool boot file Use this command to remove [...]
-
Page 414
clear dhcp pool next-ser ver 14-20 DHCP Server Configuration Mode Switch command, read ‐ write. Example This example specifies the file serv er from which clients being served by addre ss pool “auto1” should download the boot image file “image1.img.?[...]
-
Page 415
clear dhcp pool lease D-Series CLI Reference 14-21 Default s If no lease time is specified, a lease duration of 1 day is configured. Mode Switch command, read ‐ write. Example This example configures a lease duration of 12 hours for the address[...]
-
Page 416
clear dhcp pool default-router 14-22 DHCP Server Configuration Synt ax set dhcp pool poolname default-route r address [ address2 ... address8 ] Parameters Default s None. Mode Switch command, read ‐ write. Example This example assigns a default router at 10.10 .10.1 to the address poo l name[...]
-
Page 417
clear dhcp pool dns-server D-Series CLI Reference 14-23 Synt ax set dhcp pool poolname dns-server ad dress [ address2 ... address8 ] Parameters Default s None. Mode Switch command, read ‐ write. Example This example assigns a DNS serve r at 10.14.10.1 to the address pool “‘aut o1.” D2([...]
-
Page 418
clear dhcp pool domain-name 14-24 DHCP Server Configuration Synt ax set dhcp pool poolname domain-name d omain Parameters Default s None. Mode Switch command, read ‐ write. Example This example assigns the “mycompany .com” doma in name to the address pool “auto1.” D2(rw)->set dhcp[...]
-
Page 419
clear dhcp pool netbios-name-server D-Series CLI Reference 14-25 Synt ax set dhcp pool poolname netbios-name- server address [ address2 ... address8 ] Parameters Default s None. Mode Switch command, read ‐ write. Example This example assigns a NetBIOS name serv er at 10.15.10.1 to the address ?[...]
-
Page 420
set dhcp pool netbio s-node-type 14-26 DHCP Server Configuration set dhcp pool netbios-node-type Use this command to specify a NetBIOS node (server) type for the DHCP clients serv ed by the address pool being configured. Synt ax set dhcp pool poolname netbios-node- [...]
-
Page 421
set dhcp pool option D-Series CLI Reference 14-27 Example This example removes the NetBIOS node type from the address pool “auto1.” D2(rw)->clear dhcp pool auto 1 netbios-node-type set dhcp pool option Use this command to configure DHCP options, described in RFC [...]
-
Page 422
show dhcp pool configuration 14-28 DHCP Server Configuration Parameters Default s None. Mode Switch command, read ‐ write. Example This example removes option 19 from address pool “auto1.” D2(rw)->clear dhcp pool auto 1 option 19 show dhcp pool configuration Use this command to displa[...]
-
Page 423
show dhcp pool configuration D-Series CLI Reference 14-29 Example This example displays configuration information for all address pools. D2(rw)->show dhcp pool confi guration all Pool: Atg_Pool Pool Type Dynamic Network 192.0.0.0 255.255.255 .0 Lease Time 1 days 0 hrs 0 mins Default Routers 192.0.0.1 Pool: static1[...]
-
Page 424
show dhcp pool configuration 14-30 DHCP Server Configuration[...]
-
Page 425
D-Series CLI Reference 15-1 15 Security Configuration This chapter describe s the Security Configurat ion set of commands and how to use them. Overview of Security Methods The following security methods are av ailable for controlling which users are allo[...]
-
Page 426
Overview of Security Methods 15-2 Security Configuratio n ports. For details on using CLI command s to configure 802.1X, refer to “ Config uring 802.1X Authentication ” on page 15 ‐ 9. •M A C Authentication – provides a mechanism for administrato r[...]
-
Page 427
Configuring RADIUS D-Series CLI Reference 15-3 •T o specify a management level ( management access authentication): Enterasys:ve rsion=1:mgmt= level where level indicates the management lev el, either ro , rw , or su . •T o specify both manageme nt lev el an[...]
-
Page 428
show radius 15-4 Security Configuratio n Parameters Default s If no parameters are specified, all RA DIUS configuration information will be displayed . Mode Switch command, read ‐ only . Example This example shows how to display RADIUS configuration information: ?[...]
-
Page 429
set radius D-Series CLI Reference 15-5 set radius Use this command to enable, disable, or configure RADIUS authentication. Synt ax set radius { enable | disable } | { retries number-of-retries } | { timeout timeout } | { server index ip-address port [ secre t-value ] [ realm { management-access | any | network-ac[...]
-
Page 430
clear radius 15-6 Security Configuratio n Examples This example shows how to enable the RADIUS client for authentica ting with RADIUS ser ver 1 at IP address 192.168.6.203, UDP authentica tion port 1812, and an authentication passw ord of [...]
-
Page 431
show radius accounting D-Series CLI Reference 15-7 Examples This example shows how to clear all settings on all RADIUS servers: D2(su)->clear radius server all This example shows how to reset the RADIUS timeout to the default va lu e of 20 sec[...]
-
Page 432
set radius accounting 15-8 Security Configuratio n set radius accounting Use this command to configure RADIUS accounting. Synt ax set radius accounting {[ enable | dis able ] [ retries retries ] [ timeout timeout ] [ server ip_address port [ server-secr et ] Parameters Mode Switch command, read ‐ write. Default[...]
-
Page 433
clear radius accounting D-Series CLI Reference 15-9 clear radius accounting Use this command to clear RADIUS accounting configuration setting s. Synt ax clear radius accounting { server ip-a ddress | retries | timeout | counter } Parameters Mode Switch command, read ‐ write. Default s None. Example This[...]
-
Page 434
show dot1x 15-10 Security Configuration show dot1x Use this command to display 802.1X statu s, diagnostics, statistics, and reauthenti cation or initialization control informa tion for one or more ports. Synt ax show dot1x [ auth-diag ] [ auth-stats ] [ port [ init | re aut[...]
-
Page 435
show dot1x auth-config D-Series CLI Reference 15-11 Examples This example shows how to display 802.1X status: D2(su)->show dot1x DOT1X is disabled. This example shows how to display authentication diagnostics information for ge .1.1 : D2(su)->show dot1x auth-diag ge.1[...]
-
Page 436
show dot1x auth-config 15-12 Security Configuration Parameters Default s If no parameters are specified, all 802.1X setti ngs will be display ed. If port ‐ string is not specif ied, information for all ports will be displayed. Mode Switch command, read ‐[...]
-
Page 437
set dot1x D-Series CLI Reference 15-13 This example shows how to display all 802.1X authentication configuration set tings for ge .1.1: D2(ro)->show dot1x auth-conf ig ge.1.1 Port : 1 Auth-Config PAE state: Initialize Backend auth state: Initialize Admin controlled directions : Both Oper contro[...]
-
Page 438
set dot1x auth-config 15-14 Security Configuration set dot1x auth-config Use this command to configure 802.1X authentica tion. Synt ax set dot1x auth-config {[ authcontroll ed-portcontrol { auto | forced-auth | forced-unauth }] [ maxreq value ] [ quietperiod value ] [ reauthenabled { false | true }] [ reauthperiod value ] [ [...]
-
Page 439
clear dot1x auth-config D-Series CLI Reference 15-15 Examples This example shows how to enable reauthenti cation control on ports ge .1.1 ‐ 3: D2(su)->set dot1x auth-confi g reauthenabled true ge.1.1-3 This example shows how to set the 802.1X quiet period to 12[...]
-
Page 440
show eapol 15-16 Security Configuration This example shows how to reset the 802.1X quiet period to 60 seconds on ports ge .1.1 ‐ 3: D2(su)->clear dot1x auth-con fig quietperiod ge.1.1-3 show eapol Use this command to display EAPOL status or settings [...]
-
Page 441
set eapol D-Series CLI Reference 15-17 set eapol Use this command to enable or disable EAPOL port ‐ based user authentication with the RADIUS server and to set the authentication mode for one or more ports . Synt ax set eapol [ enable | disable ] [[...]
-
Page 442
clear eapol 15-18 Security Configuration Parameters Default s None. Mode Switch command, read ‐ write. Examples This example shows how to enable EAPOL: D2(su)->set eapol enable This example shows how to enable EAPOL with forced authorized mode on port ge .1.1: [...]
-
Page 443
Configuring MAC Authentication D-Series CLI Reference 15-19 Mode Switch command, read ‐ write. Example This example shows how to clear the EAPOL au thentication mode for port ge .1.3: D2(su)->clear eapol auth-mod e ge.1.3 Configuring MAC Authentication Purpose To review , disable,[...]
-
Page 444
show macauthentication 15-20 Security Configuration show macauthentication Use this command to display MAC authentication information for one or more ports. Synt ax show macauthentication [ port-string ] Parameters Default s If port ‐ string is not specif ied, MAC authenticat[...]
-
Page 445
show macauthentication session D-Series CLI Reference 15-21 show macauthentication session Use this command to display the active MAC authe nticated se ssions. Synt ax show macauthentication sessi on Parameters None. Default s If port ‐ string is not specif ied, MAC sessio n informat[...]
-
Page 446
set macauthentication 15-22 Security Configuration Example This example shows how to display MAC se ssion information: D2(su)->show macauthenticati on session Port MAC Address Duration Reauth Period Reauthenticati ons ----- ----------------- ---------- ------------- ----------------- ge.1.2 00:60:97:b5:4c:07 0,00:[...]
-
Page 447
set macauthentication password D-Series CLI Reference 15-23 set macauthentication p assword Use this command to set a MAC authentication password. Synt ax set macauthentication passwo rd password Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to [...]
-
Page 448
set macauthentication portinitialize 15-24 Security Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage Enabling port(s) for MAC authentication requires globally enabling MAC authentication on the switch as described in “ set macauthenticat[...]
-
Page 449
set macauthentication portquietperiod D-Series CLI Reference 15-25 set macauthentication portquietperiod This sets the number of seconds following a failed authentication before another attempt may be made on the port. Synt ax set macauthentication portqu ietperiod time port-st[...]
-
Page 450
set macauthentication macinitialize 15-26 Security Configuration set macauthentication macinitialize Use this command to force a current MAC authentication session to re ‐ init ialize and remove the session. Synt ax set macauthentication macini tialize mac-addr Parameters Mode Switch [...]
-
Page 451
set macauthentication portreauthenticate D-Series CLI Reference 15-27 set macauthentication portreauthenticate Use this command to force an immediate reauthentication of the currently active sessions on one or more MAC authenticati on ports. Synt ax set macauthentication po[...]
-
Page 452
set macauthentication reauthperiod 15-28 Security Configuration set macauthentication reauthperiod Use this command to set the MAC reauthentication period (in seconds). Thi s is the time lapse between attempts to reauthenticate any current MAC address au[...]
-
Page 453
set macauthentication significant-bits D-Series CLI Reference 15-29 Example This example shows how to globally clear the MAC reauthentication period: D2(su)->clear macauthenticat ion reauthperiod set macauthentication significant-bit s Use this command to set the number of s[...]
-
Page 454
Configuring Multiple Authentication Methods 15-30 Security Configuration Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example resets the MAC authentication significant bits to 48. D2(su)->clear macauthenticat ion significant-bits Configuring Multiple Authentication[...]
-
Page 455
show multiauth D-Series CLI Reference 15-31 show multiauth Use this command to display multiple authenticati on system configuration. Synt ax show multiauth Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows how to display multiple auth[...]
-
Page 456
clear multiauth mode 15-32 Security Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage Multiauth multi mode requires that MAC, PW A, and 802.1 X authentication be enabled globally , and configured appropriately on the desired ports ?[...]
-
Page 457
set multiauth precedence D-Series CLI Reference 15-33 set multiauth precedence Use this command to set the system’ s multi ple authentication administrative precedence. Synt ax set multiauth precedence {[ dot1x ] [ mac ] } Parameters Default s None. Mode Switch command, read ‐ write. Usage When ?[...]
-
Page 458
show multiauth port 15-34 Security Configuration show multiauth port Use this command to display multiple authenticati on properties for one or more ports . Synt ax show multiauth port [ port-string ] Parameters Default s If port ‐ string is not specifie d, multiple authentic[...]
-
Page 459
clear multiauth port D-Series CLI Reference 15-35 Default s None. Mode Switch command, read ‐ write. Examples This example shows how to set the port multipl e authentica tion mode to required on ge .3.14: D2(rw)->set multiauth port m ode auth-reqd ge.3.14 This example show[...]
-
Page 460
show multiauth station 15-36 Security Configuration show multiauth st ation Use this command to display multiple authenticati on station (end user) entries. Synt ax show multiauth station [ mac address ] [ port port-stri ng ] Parameters Mode Switch command, read ‐ only . Default s If no opti[...]
-
Page 461
show multiauth idle-timeout D-Series CLI Reference 15-37 Default s If no options are specified, multiple au thentication session entries will be disp layed for all sessions, authentication types, MAC addresses, and ports. Mode Switch command, read ‐ only . Exa[...]
-
Page 462
set multiauth idle-timeout 15-38 Security Configuration set multiauth idle-timeout Use this command to set the maximum number of consecutive seconds an authenticated session may be idle before termination of the session. Synt ax set multiauth idle-timeout [ dot1[...]
-
Page 463
show multiauth session-timeout D-Series CLI Reference 15-39 Parameters Default s If no authentica tion method is specified, the idle timeout va lu e is reset to its def ault va l u e of 0 for all authentica tion methods. Mode Switch mode, read ‐ write. Exa[...]
-
Page 464
set multiauth session-timeout 15-40 Security Configuration set multiauth session-timeout Use this command to set the maximum number of seconds an authenticate d session may last before termination of the session. Synt ax set multiauth session-timeou t [ dot1x | mac | pw[...]
-
Page 465
Configuring VLAN Authorization (RFC 3580) D-Series CLI Reference 15-41 Parameters Default s If no authentica tion method is specified, the session timeout val u e is reset to its default va l ue of 0 for all authentication methods. Mode Switch mode, read ‐[...]
-
Page 466
show policy maptable response 15-42 Security Configuration Commands show policy mapt able response Displays the current policy maptable response setting. When VLAN authorization is enable d (as described in this section) and the policy maptab le response is [...]
-
Page 467
set vlanauthorization D-Series CLI Reference 15-43 Parameters Default s Set to policy . Mode Switch command, read ‐ write. Examples This example shows how to set the policy maptable response to tunnel: D2(rw)-> set policy maptable response tunnel set vlanauthorization Enable or ?[...]
-
Page 468
set vlanauthorization egress 15-44 Security Configuration set vlanauthorization egress Controls the modification of the current VLAN egress list of 802.1x authenticated ports for the VLANs returned in the RADIUS authorization filter id string. Synt ax set vl[...]
-
Page 469
show vlanauthorization D-Series CLI Reference 15-45 Mode Switch command, read ‐ write. Example This example show how to clear VLAN authorization for all ports on slots 3, 4, and 5: D2(rw)->clear vlanauthorizat ion ge.3-5.* show vlanauthorization Displays the VLAN ?[...]
-
Page 470
Configuring MAC Locking 15-46 Security Configuration Configuring MAC Locking This feature locks a MAC address to one or more ports, preventing connection of unauthorized devices through the port(s). When source MAC addresses are receiv ed on spec[...]
-
Page 471
show maclock D-Series CLI Reference 15-47 show maclock Use this command to display the status of MAC locking on one or more port s. Synt ax show maclock [ port-string ] Parameters Default s If port ‐ string is not specif ied, MAC locking status will be [...]
-
Page 472
show maclock stations 15-48 Security Configuration show maclock st ations Use this command to display MAC locking information about end stations connected to the switch. Synt ax show maclock stations [first arrival | static] [ port-string ] Parameters Default s If no parameters are[...]
-
Page 473
set maclock enable D-Series CLI Reference 15-49 Example This example shows how to display MAC locking information for the end stations connected to all Gigabit Ethernet ports in unit/module 2: D2(su)->show maclock station s ge.2.* Port Number MAC Address Stat[...]
-
Page 474
set maclock disable 15-50 Security Configuration Usage When enabled and configured, MAC locking defines which MAC addresses , as wel l as how many MAC addresses are permitted to use sp ecific port(s). MAC locking is disabled by default at[...]
-
Page 475
clear maclock D-Series CLI Reference 15-51 Default s None. Mode Switch command, read ‐ write. Usage Configuring a port for MAC locking requ ires globally enabling it on the swi tch first using the set maclock enable command as described in “ set [...]
-
Page 476
set maclock s tatic 15-52 Security Configuration Usage The MAC address that is cleared will no longer be able to communicate on the port unless the first arrival li mit has been set to a va l u e greater than 0 and this li[...]
-
Page 477
set maclock firstarriv al D-Series CLI Reference 15-53 Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset the number of allow able static MACs on ge .2.3: D2(rw)->clear maclock static ge.2.3 set maclock first arrival Use this [...]
-
Page 478
clear maclock firstarrival 15-54 Security Configuration Example This example shows how to restrict MAC locking to 6 MAC addresses on ge .2.3: D2(su)->set maclock firstarr ival ge.2.3 6 clear maclock first arrival Use this command to reset the number of first [...]
-
Page 479
clear maclock agefirstarriva l D-Series CLI Reference 15-55 Mode Switch mode, read ‐ write. Example This example enables first arrival ag ing on port ge .1.1. D2(su)-> set maclock agefirs tarrival ge.1.1 enable clear maclock agefirst arrival Use this command to reset first arriv a[...]
-
Page 480
set maclock trap 15-56 Security Configuration Mode Switch command, read ‐ write. Usage If there are more first arriva l MACs than the allow ed maximum static MACs, then only the latest first arriv al MACs wil l be moved to static entries. ?[...]
-
Page 481
Configuring Port Web Authentication (PWA) D-Series CLI Reference 15-57 Configuring Port W eb Authentication (PW A) About PW A PW A provides a wa y of authenticating users before allowing general access to the netw ork To log on using PW A, the user makes a r[...]
-
Page 482
show pwa 15-58 Security Configuration show pwa Use this command to display port web authentication information for one or more ports. Synt ax show pwa [ port-string ] Parameters Default s If port ‐ string is not specif ied, PW A information w ill be displayed [...]
-
Page 483
set pwa D-Series CLI Reference 15-59 set pwa Use this command to enable or disable port web authentication. Synt ax set pwa { enable | disable } Parameters Default s None. Mode Switch command, read ‐ write. PW A Logo Whether the Enterasys Networks logo w ill be displayed or hi dden at user login. Defaul[...]
-
Page 484
show pwa banner 15-60 Security Configuration Example This example shows how to enable port web authentication: D2(su)->set pwa enable show pwa banner Use this command to display the port web a uthentication login banner string. Synt ax show pwa banner Parameters None[...]
-
Page 485
clear pwa banner D-Series CLI Reference 15-61 clear pwa banner Use this command to reset the PW A log in banner to a blank string. Synt ax clear pwa banner Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset the [...]
-
Page 486
set pwa ipaddress 15-62 Security Configuration set pwa ip address Use this command to set the PW A IP address. This is the IP addres s of the end stati on from which PW A will prevent network access until the user is authentica ted. ?[...]
-
Page 487
set pwa guestname D-Series CLI Reference 15-63 set pwa guestname Use this command to set a guest user name for PW A netw orking. PW A will use this name to grant network access to guests without established login names and passw ords. Syn[...]
-
Page 488
set pwa guestpassword 15-64 Security Configuration set pwa guestp assword Use this command to set the guest user password for PW A networking. Synt ax set pwa guestpassword Parameters None. Default s None. Mode Switch command, read ‐ write. Usage PW A will use this password ?[...]
-
Page 489
set pwa initialize D-Series CLI Reference 15-65 Usage PW A will use a guest passw ord and guest user name to grant network access with default policy privileges to users without established login names and passwords. Example This example show[...]
-
Page 490
set pwa maxrequest 15-66 Security Configuration Default s If port ‐ string is not specif ied, quiet period will be set for all ports. Mode Switch command, read ‐ write. Example This example shows how to set the PW A quiet period to 30 seconds[...]
-
Page 491
show pwa session D-Series CLI Reference 15-67 Default s If port ‐ string is not specif ied, PW A will enabled on all ports. Mode Switch command, read ‐ write. Example This example shows how to enable PW A on ports 1 ‐ 22: D2(su)->set pwa portcontrol enable [...]
-
Page 492
set pwa enhancedmode 15-68 Security Configuration set pwa enhancedmode This command enables PW A URL redirection. The switch intercepts all HTTP packets on port 80 from the end user , and sends the end user a refresh page destined for [...]
-
Page 493
set ssh D-Series CLI Reference 15-69 Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows how to display SSH status on the switch: D2(su)->show ssh status SSH Server status: Disabled set ssh Use this command to enable, disable or ?[...]
-
Page 494
set ssh hostkey 15-70 Security Configuration Default s If reinitialize is not specified, the user must supply SSH authentication key va l u e s . Mode Switch command, read ‐ write. Example This example shows how to regenerate SSH keys: D2(su)->set ssh hostkey r[...]
-
Page 495
1 Index Numerics 802.1D 6-1 802.1p 9-15 , 10-1 802.1Q 7-1 802.1s 6-1 802.1w 6-1 802.1x 15-5 , 15-17 A Advertised Ability 4-14 Alias node 12-31 Authentication EAPOL 15-17 MAC 15-19 Port web 15-57 RADIUS server 15-5 , 15-8 SSH 15-69 Auto-negotiation 4-14 B banner motd 2-21 Baud Rate 2-27 Broadcast suppression, enabling on ports 4-28 C CDP Discovery P[...]
-
Page 496
2 configuring 10-2 Port String syntax used in the CLI 4-1 Port Trunking 4-33 Port web authenti cation configuring 15-57 Port(s) alias 4-9 assignment scheme 4-1 auto-negotiation and adverti sed ability 4-14 broadcast suppression 4-28 counters, reviewing statistics 4-5 duplex mode, setting 4-9 flow control 4-18 link flap about 4-19 configuration defa[...]