Go to page of
Similar user manuals
-
Switch
Enterasys Enterasys Matrix 6H352-25
56 pages 1.6 mb -
Switch
Enterasys IRM2
88 pages 0.85 mb -
Switch
Enterasys Mid-Span Power Hub
28 pages 1.03 mb -
Switch
Enterasys 700
182 pages 1.8 mb -
Switch
Enterasys RBT-8200
50 pages 0.92 mb -
Switch
Enterasys D-Series
540 pages 3.93 mb -
Switch
Enterasys Enterasys Gold Distributed Forwarding Engine 4G4282-49
90 pages 1.99 mb -
Switch
Enterasys VH-2402S
110 pages 1.23 mb
A good user manual
The rules should oblige the seller to give the purchaser an operating instrucion of Enterasys N Standalone (NSA) Series, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.
What is an instruction?
The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Enterasys N Standalone (NSA) Series one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.
Unfortunately, only a few customers devote their time to read an instruction of Enterasys N Standalone (NSA) Series. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.
What should a perfect user manual contain?
First and foremost, an user manual of Enterasys N Standalone (NSA) Series should contain:
- informations concerning technical data of Enterasys N Standalone (NSA) Series
- name of the manufacturer and a year of construction of the Enterasys N Standalone (NSA) Series item
- rules of operation, control and maintenance of the Enterasys N Standalone (NSA) Series item
- safety signs and mark certificates which confirm compatibility with appropriate standards
Why don't we read the manuals?
Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Enterasys N Standalone (NSA) Series alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Enterasys N Standalone (NSA) Series, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Enterasys service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Enterasys N Standalone (NSA) Series.
Why one should read the manuals?
It is mostly in the manuals where we will find the details concerning construction and possibility of the Enterasys N Standalone (NSA) Series item, and its use of respective accessory, as well as information concerning all the functions and facilities.
After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.
Table of contents for the manual
-
Page 1
Enterasys Matrix ® N Standalone (NSA) Series Configuration Guide Firmware V ersion 5.41.xx P/N 9034073-08 Rev .0C[...]
-
Page 2
[...]
-
Page 3
i Notice Enterasys Networks reserves the right to make changes in specifications a nd other information contained in this document and its web site withou t prior not ice. The reader should in all cases c onsult Enterasys Networks to determine whether any such cha nges have been made. The hardware, firmware, or software described in this document i[...]
-
Page 4
ii ENTERASYS NETWORKS, INC. FIRMWARE LICENSE AGREEMENT BEFORE OPENING OR UTILIZING THE ENCLOS ED PRODUCT , CAREFULL Y READ THIS LICENSE AGREEMEN T . This document is an agreem ent (“Agreeme nt”) between t he e nd user (“Y ou”) and Enterasys Networks, I nc. on behalf of itself and its Affi liates (as here inafter def ined) (“Enterasys”) [...]
-
Page 5
iii 3. APPLICABLE LAW. This Agreement shall be interpreted and governed under the laws and in the state and federal courts of the Commonwealth of Massachusetts without regard to its conflicts of laws pr ovisions. You accep t the personal jurisdiction and venue of the Commonwealth of Massachusetts courts. None of the 1980 United Nations Convention o[...]
-
Page 6
iv 8. AUDIT RIGHTS. You hereby acknowledge that the inte llectual property rights associ ated with the Program are of critical value to Enterasys and, accord ingly, You hereby agree to maintain complete books, re cords and accounts showing (i) license fees due and paid, and (ii) the use, copying and deployment of the Pr ogram. You also grant to Ent[...]
-
Page 7
Matrix NSA Series Configuration Guide v Content s Figures ............. ............. ......... ............. .......... ............. ......... ............. ............. .......... ....................... . xi Tables........ .......... ............. ............. ......... ............. .......... ............. .......... ............. .........[...]
-
Page 8
Contents vi Matrix NSA Series C onfiguration Gu ide 2.2 General Configuration Command Set .............. ............. ............. ............ ....... 2-24 2.2.1 Setting User Accounts and Pa sswords .. ............. ............. .......... ... 2-24 2.2.2 Managing the Management Auth entication Notification MIB ........ 2-36 2.2.3 Setting Basic [...]
-
Page 9
Contents Matrix NSA Series Configuration Guide vii 4.4 Configuring Port Mirroring .......... ............ ............. ............. ................ ............. 4-87 4.4.1 Supported Mirrors ......... ... ... ... .... ... ... .......... ... ... .... ... ... .......... ... ... ... 4-87 4.4.2 IDS Mirroring Considerations ..... ... ............. ..[...]
-
Page 10
Contents viii Matrix NSA Series Configuration Guide 7 802.1Q VLAN CONFIGURATION 7.1 VLAN Configuration Summary ..... ............. ................ ............. ............. ............ 7-1 7.1.1 Port Assignment Scheme ......... ............. .......... ............. ......... ......... 7-1 7.1.2 Port String Syntax Used in the CLI ..............[...]
-
Page 11
Contents Matrix NSA Series Configu ration Guide ix 11 LOGGING AND NETW ORK MANAGEMENT 11.1 Process Overview: Network Management ....... ... .... ... ... ... .... ... ... ... ... .... ... ... ... 11-1 11.2 Logging And Network M anagement Command Set ......... ............. ............. ... 11-2 11.2.1 Configuring System Logging ...... .............[...]
-
Page 12
Contents x Matrix NSA Series Co nfiguration Guide 14 SECURITY CONFIGURATION 14.1 Overview of Security Methods ......... ... ......... ............. .......... ............. .......... ... 14-1 14.1.1 RADIUS Filter-ID Attrib ute and Dynamic Policy Profile Assignment14-3 14.2 Process Overview: Securi ty Configurat ion ....... ............. ......... [...]
-
Page 13
Matrix NSA Series Configuration Guide xi Figures Figure Page 2-1 Sample CLI Default Des cription ............. ............. ............. ............. ................ ............. ..... 2-9 2-2 Matrix N Standalone Startu p Screen ............. ......... .... ... ... ... .... ......... .... ... ... ... ... .......... ... 2-14 2-3 Performing a Ke[...]
-
Page 14
Figures xii Matrix NSA Series Configuration Guide[...]
-
Page 15
Matrix NSA Series Configura tion Guide xiii Ta b l e s Ta b l e Page 2-1 Default Device Settings for Basic Switch Operation ... .......... ............. ......... ............. ..... 2-1 2-2 Default Device Settings for Router Mode O peration ..... ............. ............. .......... ........... 2-7 2-3 Basic Line Editing Emacs & vi Commands [...]
-
Page 16
T ables xiv Matrix NSA Series Configurati on Guide 5-11 Basic SNMP Trap Configuration Command Set ............ ............. ............. ......... .......... 5-64 6-1 show spantree Output Deta ils ................ ............. .......... ............. ............. ......... .......... 6-10 6-2 Port-Specific show spantree stats Output Details ..[...]
-
Page 17
Ta b l e s Matrix NSA Series Configuration Guide xv 12-13 show ip dhcp server statistic s Output Details ... .......... ............. .......... ............ ......... 12-138 13-1 RIP Configuration Task Li st and Commands ...... .... ... ... ... .... ......... .... ... ... ... ... .......... ... 13-2 13-2 OSPF Configuration Task List and Commands .[...]
-
Page 18
T ables xvi Matrix NSA Series Configurati on Guide[...]
-
Page 19
Enterasys Matrix ® N S tandalone (NSA) Series Configuration Guide xvii About This Guide W elcome to the Enterasys Enterasys Matrix ® N S tandalo ne (NSA) Series C onfiguration Gu ide . This manual explains how to access th e device’ s Command Line Interface (CLI) an d how to use it to configure Matrix Series switch/router devices. USING THIS GU[...]
-
Page 20
xviii Enterasys Matrix ® N S tandalone (NSA) Series Configura tion Guide S TRUCTURE OF THIS GUIDE The guide is organized as follows: Chapter 1 , Introduction , provides an overview of the tasks th at can be accomplished using the CLI interface, an overview of local management requirements, and inform ation about obtaining technical support. Chapte[...]
-
Page 21
Enterasys Matrix ® N S t andalone (NSA) Se ries Configurati on Guide xix Chapter 9 , Port Priority and Rate Limiting Configuration , describes how to set the transmit priority of each port, display the current traffic class mapping-to-priority of each port, set ports to either transmit frames according to selected prio rity transmit queues or perc[...]
-
Page 22
xx Enterasys Matrix ® N S t andalone (NSA) Seri es Configuration Guide DOCUMENT CONVENTIONS This guide uses the following conventions: The following icons are used in this guide: bold typ e Bold type indicates requ ired user input, incl uding command keywords, that must be entered as shown for the command to execute. italic type When used in gener[...]
-
Page 23
Matrix NSA Series Configu ration Guide 1-1 1 Introduction This chapter provides an overview of the Matrix Series’ unique features and functionality , an overview of the tasks that may be accomplished us ing the CLI interface, an overview of ways to manage the devi ce , and information on how to co ntact Enterasys Networks for technical support. 1[...]
-
Page 24
Matrix Series CL I Overview 1-2 Matrix NSA Series Configuration Guide 1.2 MATRIX SERIES CLI OVERVIEW Enterasys Networks’ Matrix Series CLI interface allows you to perform a variety of network management tasks, includi ng the following: • Assign IP address and subnet mask. • Select a default gateway . • Assign a login password to th e device[...]
-
Page 25
Device Management Meth ods Matrix NSA Series Configuration Gui de 1-3 1.3 DEVICE MANAGEMENT METHODS The Matrix Series device can be managed us ing the following me tho ds: • Locally using a VT type terminal connected to the console port. • Remotely using a VT type term inal conn ected throu gh a modem . • Remotely using an SNMP management sta[...]
-
Page 26
Getting H elp 1-4 Matrix NSA Series Configuration Guide • A description of your network environm en t (for exampl e, la yout, cable type) • Network load and frame size at the time of trouble (if known) • The device history (for example, have you retu rned the device before, is this a recurring problem?) • Any previous Return Material Autho [...]
-
Page 27
Matrix NSA Series Configu ration Guide 2-1 2 S t artup and General Configuration This chapter describes factory default settings an d the S tartup and General Configuration set of commands. 2.1 ST ARTUP AND GENERAL CONFIGURATION SUMMARY At startup, the Matrix Series de vice is configured with many defaults and standard feature s. The following sect[...]
-
Page 28
S tartup a nd General Configu ration Summary Factory Default Settings 2-2 Matrix NSA Series Configuration Guide Does not apply to MA TRIX E7. Community name Public. Conver gence End Points phone detection Disabled globally and on all ports EAPOL Disabled. EAPOL authentication mode When enabled, set to auto for all ports. GARP timer Join timer set t[...]
-
Page 29
S tartup and General Configuration Summary Factory Default Settings Matrix NSA Series Configuration Gui de 2-3 LLDP trap interval 5 seconds LLDP-MED fast repeat 3 fast start LLDPDUs LLDP traps Disabled LLDP-MED traps Disabled Lockout Set to disable Read-W rite and Read-Only users, an d to lockout the default admin (Super User) account for 15 minute[...]
-
Page 30
S tartup a nd General Configu ration Summary Factory Default Settings 2-4 Matrix NSA Series Configuration Guide Policy classification Classification rules ar e automatically enabled when created. Port auto-negotiation Enabled on all ports. Port advertised ability Maximum ability advertised on all ports. Port broadcast suppression Disabled (no broad[...]
-
Page 31
S tartup and General Configuration Summary Factory Default Settings Matrix NSA Series Configuration Gui de 2-5 Spanning T ree edge port delay Enabled. Spanning T ree forward delay Set to 15 secon ds. Spanning T ree hello interval Set to 2 seconds. Spanning T ree ID (SID) Set to 0 . Spanning T ree legacy path cost Disabled. Spanning T ree maximum ag[...]
-
Page 32
S tartup a nd General Configu ration Summary Factory Default Settings 2-6 Matrix NSA Series Configuration Guide Spanning T ree Loop Protect event window 18 0 se conds. Spanning T ree Loop Protect traps Disabled. Spanning T ree disputed BPDU threshold Set to 0, meaning no traps are sent. SSH Disabled. System baud rate Set to 9600 baud. System contac[...]
-
Page 33
S tartup and General Configuration Summary Factory Default Settings Matrix NSA Series Configuration Gui de 2-7 T able 2-2 Default Device Sett ings for Router Mode Oper at ion Device F eature Default Setti ng Access groups (IP security) None configured. Access lists (IP security) None configured. Area authentication (OSPF) Disabled. Area default cos[...]
-
Page 34
S tartup a nd General Configu ration Summary Factory Default Settings 2-8 Matrix NSA Series Configuration Guide IP-directed broadcasts Disabled. IP forward-protoco l Enabled with no port specified. IP interfaces Disabled with no IP addresses specified. IRDP Disabled on all interfaces. When enabled, maximum advertisement interval is set to 600 secon[...]
-
Page 35
S tartup and General Configuration Summary CLI “Command Defaults” Descriptions Matrix NSA Series Configuration Gui de 2-9 2.1.2 CLI “Command De fault s” Descriptions Each command description in this guide includes a section entitled “Command Defaults” which contains different informat ion than the factory default settings on the device [...]
-
Page 36
S tartup a nd General Configu ration Summary Using WebView 2-10 Matrix NSA Series Configuration Guide well as view Read-Only commands. Administrators or Super Users will be allowed all Read-W rite and Read-Only privileges, and will be able to modify local user accounts. Th e Matri x Series device indicates which mode a user is logged in as by displ[...]
-
Page 37
S tartup and General Configuration Summary Process Overview: CLI S tartup and General Configuration Matrix NSA Series Configuration Guide 2-1 1 This example shows how to set the W ebV iew TCP port to 10 0. 2.1.5 Process Overview: CLI St ar tup and General Configuration Use the following steps as a guide to the st artup and gene ral configuration p [...]
-
Page 38
S tartup a nd General Configu ration Summary S tarti ng and Navigating the Command Lin e Interface 2-12 Matrix NSA Series Configuration Guide 2.1.6 St arting and Navigating the Command Line Interface 2.1.6.1 Using a Cons ole Port Connection Once you have connected a terminal to th e local console port as described in your Matrix Series Installation[...]
-
Page 39
S tartup and General Configuration Summary S tarting and Navigating the Comman d Line Interface Matrix NSA Series Configuration Guide 2-13 2.1.6.3 L ogging in with Administ ratively Configured Account If the device’ s default user account settings have been changed, proceed as follows: 1. At the login prompt, enter your administra tively-assigned[...]
-
Page 40
S tartup a nd General Configu ration Summary S tarti ng and Navigating the Command Lin e Interface 2-14 Matrix NSA Series Configuration Guide Figure 2-2 Matrix N St andalone St artup Screen 2.1.6.5 Getting Help with CLI Synt ax The Matrix Series device allows you to displa y usage and syntax information for individual commands by typin g help or ? [...]
-
Page 41
S tartup and General Configuration Summary S tarting and Navigating the Comman d Line Interface Matrix NSA Series Configuration Guide 2-15 2.1.6.7 Performing Keyword Lookup s Entering a space and a question mark ( ?) after a keyword will display all commands beginning with the keyword. Figure 2-3 shows how to perform a keyword look up for the show [...]
-
Page 42
S tartup a nd General Configu ration Summary S tarti ng and Navigating the Command Lin e Interface 2-16 Matrix NSA Series Configuration Guide 2.1.6.8 Displaying Scroll ing Screens If the CLI screen le ngth has been set using the se t length command as described in Section 2.2.3.30 , CLI output requiring more than one screen will display --More-- to[...]
-
Page 43
S tartup and General Configuration Summary Configuring the Line Editor Matrix NSA Series Configuration Guide 2-17 2.1.6.9 Abbreviating and Completing Commands The Matrix Series device allows you to abbr ev iate CLI co mmands and keywords down to the number of characters that will allow for a unique abbreviation. Figure 2-6 shows how to abbreviate t[...]
-
Page 44
S tartup a nd General Configu ration Summary Configuring the L ine Editor 2-18 Matrix NSA Series Configuration Guide T able 2-3 Basic Line Ed iting Emacs & vi Commands Key Sequence Emacs Command Ctrl+A Move cursor to begin ning of line. Ctrl+B Move cursor back one character . Ctrl+C Abort command. Ctrl+D Dele te a character . Ctrl+E Move cursor[...]
-
Page 45
S tartup and General Configuration Summary Configuring the Line Editor Matrix NSA Series Configuration Guide 2-19 k Get previous shell command in history j Get next shell command in history $ Go to end of line 0 Go to beginning of line aA p p e n d A Append at end o f line c SP ACE Change character cl Change character cw Change word cc Change entir[...]
-
Page 46
S tartup a nd General Configu ration Summary Configuring the L ine Editor 2-20 Matrix NSA Series Configuration Guide Commands The commands used to co nfigure the line-editor are listed belo w and described in the associated sections as shown. • show line-editor ( Section 2.1.7.1 ) • set line-editor ( Section 2.1.7.2 ) p Put last deletion after [...]
-
Page 47
S tartup and General Configuration Summary Configuring the Line Editor Matrix NSA Series Configuration Guide 2-21 2.1.7.1 show line-editor Use this command to show curre nt and default line-edi tor mode and Dele te characte r mode. show line-editor Command Default s None. Command T ype Switch command. Command Mode Read-Only Example This example sho[...]
-
Page 48
S tartup a nd General Configu ration Summary Configuring the L ine Editor 2-22 Matrix NSA Series Configuration Guide 2.1.7.2 set line-editor Use this command to set the curre nt and default line editing mode or the way the Delete character is treated by the line editor . Y ou can also set th e persistence of your line editing selections. set line-e[...]
-
Page 49
S tartup and General Configuration Summary Configuring the Line Editor Matrix NSA Series Configuration Guide 2-23 This example sets the default line -editor to emacs mode and sets th e selection to persist for future sessions: Matrix(rw)-> set line-edit or emacs default[...]
-
Page 50
General Configura tion Command Set Setting User Accounts and Passwords 2-24 Matrix NSA Series Configuration Guide 2.2 GENERAL CONFIG URATION COMMAND SET 2.2.1 Setting User A ccount s and Passwords Purpose T o change the device’ s default user login and password settings, and to ad d new user accounts and passwords. Commands The commands used to c[...]
-
Page 51
General Configura tion Command Set Setting User Accounts and Passwords Matrix NSA Series Configuration Guide 2-25 2.2.1.1 sho w system login Use this command to display us er l ogin account informatio n. show system login Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Super User . Example This example s[...]
-
Page 52
General Configura tion Command Set Setting User Accounts and Passwords 2-26 Matrix NSA Series Configuration Guide T able 2-4 show system lo gin Output Det ails Output What It Displays... Password h istory size Number of previously used us er login passwords that will be checked for duplication when the set password command is executed. Configured w[...]
-
Page 53
General Configura tion Command Set Setting User Accounts and Passwords Matrix NSA Series Configuration Guide 2-27 2.2.1.2 set system login Use this command to create a new use r login acc ount , or to disable or enable an existing account. The Matrix Series device supports up to 16 us er accounts, including the admin account, which cannot be disabl[...]
-
Page 54
General Configura tion Command Set Setting User Accounts and Passwords 2-28 Matrix NSA Series Configuration Guide 2.2.1.3 clear system login Use this command to remove a local login user account. clear system login username Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Super User . Example This example shows[...]
-
Page 55
General Configura tion Command Set Setting User Accounts and Passwords Matrix NSA Series Configuration Guide 2-29 2.2.1.4 set p assword Use this command to change system default passwords or to set a new login password on the CLI. set password [ username ] Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W[...]
-
Page 56
General Configura tion Command Set Setting User Accounts and Passwords 2-30 Matrix NSA Series Configuration Guide Examples This example shows how a super-user would ch ange the Read-W rite password from the system default (blank string): This example shows how a user with Read -W rite access would change his password: Matrix(su)-> set password r[...]
-
Page 57
General Configura tion Command Set Setting User Accounts and Passwords Matrix NSA Series Configuration Guide 2-31 2.2.1.5 set system p assword length Use this command to set the mi nimu m user login password lengt h. set system password length characters Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Super Us[...]
-
Page 58
General Configura tion Command Set Setting User Accounts and Passwords 2-32 Matrix NSA Series Configuration Guide 2.2.1.6 set system p assword agi ng Use this command to set th e number of days user passwords will remain valid before aging out, or to disable user acco unt password aging. set system password aging { days | disable } Synt ax Descript[...]
-
Page 59
General Configura tion Command Set Setting User Accounts and Passwords Matrix NSA Series Configuration Guide 2-33 2.2.1.7 set system p assword hi story Use this command to set the number of previously used user logi n passwords that will be checked for password duplication. This prevents duplicat e passwords from being entered into the system with [...]
-
Page 60
General Configura tion Command Set Setting User Accounts and Passwords 2-34 Matrix NSA Series Configuration Guide 2.2.1.8 show system lockout Use this command to display settings for locking out users after fail ed attempts to log in to the system. show system lockout Synt ax Description None. Command Default s None. Command T ype Switch command. C[...]
-
Page 61
General Configura tion Command Set Setting User Accounts and Passwords Matrix NSA Series Configuration Guide 2-35 2.2.1.9 set system lockout Use this command to set the numb er of failed login attempts before locking out (disabling) a read-write or read-only user acco unt, and the nu mber of minutes to lockout the default admin super user account a[...]
-
Page 62
General Configura tion Command Set Managing the Management Authen tica tion Notification MIB 2-36 Matrix NSA Series Configuration Guide 2.2.2 Managing the Management A uthentication Notification MIB Purpose This MIB provides controls for enabling/disabling th e sending of SNMP notifications when a user login authentication event occu rs for various[...]
-
Page 63
General Configura tion Command Set Managing th e Management Authe ntication Notifica tion MIB Matrix NSA Series Configuration Guide 2-37 2.2.2.1 show mgmt-auth-notify Use this command to display th e current setting for the Manageme nt Authentication Notification MIB. show mgmt-auth-notify Synt ax Description None. Command Default s None. Command T[...]
-
Page 64
General Configura tion Command Set Managing the Management Authen tica tion Notification MIB 2-38 Matrix NSA Series Configuration Guide 2.2.2.2 set mgmt-auth-notify Use this command to either enab le or disable the Man agement Authentication Notification MIB. By selecting the optional Mana gement access type, a u ser can specifically enable or disa[...]
-
Page 65
General Configura tion Command Set Managing th e Management Authe ntication Notifica tion MIB Matrix NSA Series Configuration Guide 2-39 Examples This example shows how to set all the authentication types to b e disabled on the Management Authentication Notification MIB. That in formation is then displayed with the show comma nd: This example shows[...]
-
Page 66
General Configura tion Command Set Managing the Management Authen tica tion Notification MIB 2-40 Matrix NSA Series Configuration Guide 2.2.2.3 clear mgmt-auth-notify Use this command to set the current setting for the Management Authenti cation Notification access types to the default setting of enabled. clear mgmt-auth-notify Synt ax Description [...]
-
Page 67
General Configura tion Command Set Managing th e Management Authe ntication Notifica tion MIB Matrix NSA Series Configuration Guide 2-41 Example This example displays the state of Management Authentication No tification access types prior to using the clear command, then displays the sa me information after using the clea r command: Matrix(su)->[...]
-
Page 68
General Configura tion Command Set Setting Basic Device Properties 2-42 Matrix NSA Series Configuration Guide 2.2.3 Setting Basic Device Pro perties Purpose T o display a nd set the system IP address a nd other basic system (device) pr operties, including time, contact name and alias, physical asset IDs for terminal output, timeout, and version inf[...]
-
Page 69
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-43 • set summertime date ( Section 2.2.3.16 ) • set summertime recurring ( Section 2.2.3.17 ) • clear summertime ( Section 2.2.3.18 ) • set prompt ( Section 2.2.3.19 ) • set cli completion ( Section 2.2.3.20 ) • loop ( Section 2.2.[...]
-
Page 70
General Configura tion Command Set Setting Basic Device Properties 2-44 Matrix NSA Series Configuration Guide 2.2.3.1 show ip address Use this command to display the sy stem IP address and subnet mask. show ip address Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows [...]
-
Page 71
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-45 2.2.3.2 set ip address Use this command to set the system IP ad dress, subnet mask and default gateway . set ip address ip-addr ess [ mask ip-mask ] [ gateway ip-gateway ] Synt ax Description Command Default s If not specified, ip-mask will[...]
-
Page 72
General Configura tion Command Set Setting Basic Device Properties 2-46 Matrix NSA Series Configuration Guide 2.2.3.3 clear ip address Use this command to clear the system IP address. clear ip address Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to cl ear th[...]
-
Page 73
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-47 2.2.3.4 show ip gratuitous-arp Use this command to disp lay the gratuitous ARP processing behavior . show ip gratuito us-arp Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example Th[...]
-
Page 74
General Configura tion Command Set Setting Basic Device Properties 2-48 Matrix NSA Series Configuration Guide 2.2.3.5 set ip gratuitous-arp Use this command to control the gr atuitous ARP processing be havior . set ip gratuitous-arp [request] [reply] [both] ] Synt ax Description Command Default s Disabled by default Command T ype Switch command. Co[...]
-
Page 75
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-49 2.2.3.6 clear i p gratuitous-arp Use this command to stop a ll gratuitous ARP processing. clear ip gratuitous-arp Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example[...]
-
Page 76
General Configura tion Command Set Setting Basic Device Properties 2-50 Matrix NSA Series Configuration Guide 2.2.3.7 show system Use this command to display system information, including contact informa tion, power an d fan tray status and uptime. show system Synt ax Description None. Command Default s None. Command T ype Switch command. Command M[...]
-
Page 77
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-51 T able 2-6 show system Output Det ails Output What It Displays... System contact Contact person for the sy stem. Default of a blank string can be changed with the se t system contact command ( Section 2.2.3.28 ). System location Where the s[...]
-
Page 78
General Configura tion Command Set Setting Basic Device Properties 2-52 Matrix NSA Series Configuration Guide 2.2.3.8 show system hardware Use this command to display the system’ s hardware configuration. show system hardware Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example The examp[...]
-
Page 79
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-53 Matrix(rw)-> show system h ardware CHASSIS HARDWARE INFORMATION ---------------------------- Chassis Type: Ma trix N Standalone Platfo rm Chassis Serial Number: 0001a300611b Power Supply 1: Not Installed Power Supply 2: Installed & O[...]
-
Page 80
General Configura tion Command Set Setting Basic Device Properties 2-54 Matrix NSA Series Configuration Guide 2.2.3.9 show system utilization Use this command to display system resource utilization information. show system utilization [ cpu | process | storage ] [ slot slot ] Synt ax Description Command Default s • If not specified, CPU, process,[...]
-
Page 81
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-55 ** Output continued from previous page ** Process Utilization: Slot: 1 CPU: 1 Name Pr ocID 5 sec 1 min 5 min --------------------------------- --------------------------- CLI 1 0.0% 0.0% 0.0% Chassis Data Synchronization 2 0.0% 0.0% 0.0% Co[...]
-
Page 82
General Configura tion Command Set Setting Basic Device Properties 2-56 Matrix NSA Series Configuration Guide ** Output continued from previo us page ** Name ProcID 5 sec 1 min 5 min ------------------------------- ----------------------------- Switch Web Server 34 1.4% 1.4% 1.4% Router Misc. 35 0.0% 0.0% 0.0% Router Multicast 36 0.0% 0.0% 0.0% Rou[...]
-
Page 83
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-57 2.2.3.10 set system utilization threshold Use this command to set the threshold for sending CPU utilization notification messages. Th e value range is [1..1000] and represents the % of system uti lization to use as the trap threshold. set s[...]
-
Page 84
General Configura tion Command Set Setting Basic Device Properties 2-58 Matrix NSA Series Configuration Guide 2.2.3.1 1 clear system utilization Use this command to clear the threshold for sending CPU utilization notification messages. clear system utilization Synt ax Description None. Command Default s None. Command T ype Switch command. Command M[...]
-
Page 85
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-59 2.2.3.12 show time Use this command to display the current time of day in the system clock. show time Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows how to[...]
-
Page 86
General Configura tion Command Set Setting Basic Device Properties 2-60 Matrix NSA Series Configuration Guide 2.2.3.13 set t ime Use this command to ch ange the time of day on the system cl ock. set time [ mm/dd/yyyy ] [ hh:mm:ss ] Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This examp[...]
-
Page 87
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-61 2.2.3.14 show summertime Use this command to display daylight savings time setti ngs. show summertime Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows how to[...]
-
Page 88
General Configura tion Command Set Setting Basic Device Properties 2-62 Matrix NSA Series Configuration Guide 2.2.3.15 set summertime Use this command to enable or disa ble the daylight savings time function. set summertime { enable | disable } [ zone ] Synt ax Description Command Default s If a zone name is not specified, none will be applied. Com[...]
-
Page 89
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-63 2.2.3.16 set summertime date Use this command to configure specific dates to start and stop daylight savings time. These settings will be non-recurring and will have to be reset annuall y . set summertime date start_month start_date s tart_[...]
-
Page 90
General Configura tion Command Set Setting Basic Device Properties 2-64 Matrix NSA Series Configuration Guide Example This example shows how to set a da ylight savings time start date of April 4, 2004 at 2 a.m. and an ending date of Octo ber 31, 2004 at 2 a.m. with an offset time of one hour: Matrix(rw)-> set summertime date April 4 2004 02:00 O[...]
-
Page 91
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-65 2.2.3.17 set summertime recurring Use this command to configure recurring dayli ght savings time settings. These settings will start and stop daylight savings time at the specified day of the month and hour each year and will not have to be[...]
-
Page 92
General Configura tion Command Set Setting Basic Device Properties 2-66 Matrix NSA Series Configuration Guide Example This example shows how set daylight savings time to recur start date of April 4, 2004 at 2 a .m. and an ending date of Octo ber 31, 2004 at 2 a.m. with an of fset time of one hour: Matrix(rw)-> set summertime recu rring first Sun[...]
-
Page 93
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-67 2.2.3.18 clear summertime Use this command to clear the da ylight savings time configuration. clear summertime Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example sh[...]
-
Page 94
General Configura tion Command Set Setting Basic Device Properties 2-68 Matrix NSA Series Configuration Guide 2.2.3.19 set p rompt Use this command to modi fy the command prompt. set prompt “pr ompt_string” Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to set t[...]
-
Page 95
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-69 2.2.3.20 set cli completion Use this command to enable or disable the CLI comm and completion func tion . When enabled, t his allows you to complete a un ique CLI command fragment using the keyboard spacebar . set cli completion { enable | [...]
-
Page 96
General Configura tion Command Set Setting Basic Device Properties 2-70 Matrix NSA Series Configuration Guide 2.2.3.21 loop Use this command to execute a command loop. loop count [ delay ] [ -r ] Synt ax Description Command Default s • If a delay is not specified, none will be set. • If not specified, the cu rsor will not refresh. Command T ype[...]
-
Page 97
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-71 2.2.3.22 show banner mot d Use this command to show the banner message of the day tha t w ill display at session login. show banner motd Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only [...]
-
Page 98
General Configura tion Command Set Setting Basic Device Properties 2-72 Matrix NSA Series Configuration Guide 2.2.3.23 set b anner mot d Use this command to set the banner messag e of the day displayed at session login. set banner motd message Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Exampl[...]
-
Page 99
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-73 2.2.3.24 clear banner mot d Use this command to clear the banner message of the day displayed at ses sion login to a blank string. clear banner motd Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mod[...]
-
Page 100
General Configura tion Command Set Setting Basic Device Properties 2-74 Matrix NSA Series Configuration Guide 2.2.3.25 show version Use this command to display hardware and firmware information. Refer to Section 2.2.5 for instructions on how to do wnload a firmware image. show version Synt ax Description None. Command Default s None. Command T ype [...]
-
Page 101
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-75 2.2.3.26 set system name Use this command to config ure a name for the system. set system name [ string ] Synt ax Description Command Default s If string is not specified, the syst em name will be cleared. Command T ype Switch command. Comm[...]
-
Page 102
General Configura tion Command Set Setting Basic Device Properties 2-76 Matrix NSA Series Configuration Guide 2.2.3.27 set syst em location Use this command to identify the location of the system. set system location [ string ] Synt ax Description Command Default s If string is not specified, the loca tion name will be cleared. Command T ype Switch[...]
-
Page 103
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-77 2.2.3.28 set system cont act Use this command to identify a contact person for the system. set system contact [ string ] Synt ax Description Command Default s If string is not specified, the co ntact name will be cleared. Command T ype Swit[...]
-
Page 104
General Configura tion Command Set Setting Basic Device Properties 2-78 Matrix NSA Series Configuration Guide 2.2.3.29 set w id th Use this command to set the number of columns for the terminal co nnected to the device’ s console port. The length of the CLI is set using the set length command as d esc r ibe d in Section 2.2.3.30 . set width scr e[...]
-
Page 105
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-79 2.2.3.30 set length Use this command to set the number of lines the CLI will display . set length scr eenlength Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows h[...]
-
Page 106
General Configura tion Command Set Setting Basic Device Properties 2-80 Matrix NSA Series Configuration Guide 2.2.3.31 show logout Use this command to display the time (in seconds) an idle console or T elnet CLI session will remain connected before timing out. show logout Synt ax Description None. Command Default s None. Command T ype Switch comman[...]
-
Page 107
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-81 2.2.3.32 set logout Use this command to set the time (in minutes) an i dle console or T elnet CLI session will remain connected before timing out. set logout timeout Synt ax Description Command Default s None. Command T ype Switch command. [...]
-
Page 108
General Configura tion Command Set Setting Basic Device Properties 2-82 Matrix NSA Series Configuration Guide 2.2.3.33 show physical alias Use this command to display th e alias, a text name, for one or more physical objects . show physical alias [ chassis ] | [ slot slot ] | [ backplane ba ckplane ] | [ module module ] |[ powersupply powersupply ][...]
-
Page 109
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-83 Example This example shows how to display physical alia s information for the chassi s. In this case, the chassis entity is 1 and there is no al ias currently set for the chassis: Matrix(rw)-> show physical alias chassis chassis-1 alias=[...]
-
Page 110
General Configura tion Command Set Setting Basic Device Properties 2-84 Matrix NSA Series Configuration Guide 2.2.3.34 set p hysical alias Use this command to set the alias, a text name, for a physical object. set physical alias { [ chassis ] [ slot slot ] [ backplane backplane ] [ mod ul e module ] [ powersupply powersupply ] [ powersupply-slot po[...]
-
Page 111
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-85 Command Mode Read-W rite. Example This example shows how to set the alias for the chassis to “chassisone”: Matrix(rw)-> set physical alias chassis chassisone[...]
-
Page 112
General Configura tion Command Set Setting Basic Device Properties 2-86 Matrix NSA Series Configuration Guide 2.2.3.35 clear physical alias Use this command to reset the alias for a physical object to a zero-length string. clear physical alias {[ chassis ] [ slot slot ] [ backplane backplane ] [ module module ] [ powersupply powersupply ] [ powersu[...]
-
Page 113
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-87 2.2.3.36 show physical assetid Use this command to display the asset ID for a module. show physical assetid module module Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This exampl[...]
-
Page 114
General Configura tion Command Set Setting Basic Device Properties 2-88 Matrix NSA Series Configuration Guide 2.2.3.37 set p hysical assetid Use this command to set the asset ID for a module. set physical assetid mod ule module string Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This ex[...]
-
Page 115
General Configura tion Command Set Setting Basic Device Properties Matrix NSA Series Configuration Guide 2-89 2.2.3.38 clear physical assetid Use this command to reset the asset ID for a moduleto a zero-length st ring. clear physical assetid module module Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W [...]
-
Page 116
General Configura tion Command Set Activating Licensed Fe atures 2-90 Matrix NSA Series Configuration Guide 2.2.4 Activating Licensed F eatures In order to enable advanced features , such as ro uting proto cols, and extended ACLs on a Matrix Series device , you must purchase and activate a license key . If you have purchased a license, you can proc[...]
-
Page 117
General Configura tion Command Set Activating Lice nsed Features Matrix NSA Series Configuration Guide 2-91 2.2.4.1 set license When an advanced license is available, use this command to activate licen sed features. If this is available on your Matrix Series device, a unique license key will display in the show license command output. Synt ax Descr[...]
-
Page 118
General Configura tion Command Set Activating Licensed Fe atures 2-92 Matrix NSA Series Configuration Guide 2.2.4.2 show license When available and activated, use this command to display your license key . show license Synt ax Description None. Command T ype Switch command. Command Mode Read-W rite. Command Default s None. Example This example show[...]
-
Page 119
General Configura tion Command Set Activating Lice nsed Features Matrix NSA Series Configuration Guide 2-93 2.2.4.3 clear l icense Use this command to clear license key settings. Synt ax Description Command T ype Switch command. Command Mode Read-W rite. Command Default s If not specified, the license settings will be cleared from all modules. Exam[...]
-
Page 120
General Configura tion Command Set Downloading a New Firmware Image 2-94 Matrix NSA Series Configuration Guide 2.2.5 Downloading a New Firmware Image Y ou can upgrade the operational firmware in the M atrix Series device without ph ysically opening the device or being in the same location. There are three ways to download firmware to the device: ?[...]
-
Page 121
General Configura tion Command Set Downloading a New F irmware Imag e Matrix NSA Series Configuration Guide 2-95 2.2.5.1 Downloading from an FTP or TFTP Server T o perform an FTP or TFTP do wnload, proceed as follows: 1. If you have not already done so, set the device’s IP address using the set ip address command as detailed in Section 2.2.3.2 . [...]
-
Page 122
General Configura tion Command Set Downloading a New Firmware Image 2-96 Matrix NSA Series Configuration Guide 3. Type 2 . The following baud rate selection screen displays: 4. Type 8 to set the device baud rate to 115200 . The following message displays: 5. Set the terminal baud rate to 1152 00 and press ENTER. 6. Type download to start the ZMODEM[...]
-
Page 123
General Configura tion Command Set Reviewing and Selecting a Boot Firmware Imag e Matrix NSA Series Configuration Guide 2-97 11. Type boot to reboot the device. The following mess ag e indicates the downloaded image booted successfully: 2.2.6 Reviewing and Selecting a Boot Firmware Image Purpose T o display and set the image file the device loads a[...]
-
Page 124
General Configura tion Command Set Reviewing and Selecting a Bo ot Firmware Image 2-98 Matrix NSA Series Configuration Guide 2.2.6.1 show boot system Use this command to display the fi rmware image the system will load at the next system reset. The system must be reset by software for the new boot image to take ef fect at startup. If the chassis is[...]
-
Page 125
General Configura tion Command Set Reviewing and Selecting a Boot Firmware Imag e Matrix NSA Series Configuration Guide 2-99 2.2.6.2 set boot system Use this command to set the firmwa re image the switch loads at startu p. This is the image that will be loaded automatically afte r th e system has been reset. Although it is not necessary to choose t[...]
-
Page 126
General Configura tion Command Set S tarti ng and Configuring T elnet 2-100 Matrix NSA Series Configuration Guide 2.2.7 St arting and Configuring T e lnet Purpose T o enable or disable T elne t, and to start a T elnet session to a remote host. The Matrix Series device allows a total of four inbound and / or ou tbound T elnet session to run simultan[...]
-
Page 127
General Configura tion Command Set S tarting and Configurin g T elnet Matrix NSA Series C onfiguration Guide 2 -101 2.2.7.1 show telnet Use this command to display the status of T elnet on the device. show telnet Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows how t[...]
-
Page 128
General Configura tion Command Set S tarti ng and Configuring T elnet 2-102 Matrix NSA Series Configuration Guide 2.2.7.2 set telnet Use this command to enable or disable T elnet on the device. set telnet { enable | disabl e }{ inbound | outbound | all } Synt ax Description Command Default s None. Command Mode Read-W rite. Example This example show[...]
-
Page 129
General Configura tion Command Set S tarting and Configurin g T elnet Matrix NSA Series C onfiguration Guide 2 -103 2.2.7.3 telnet Use this command to start a T elnet connection to a remote host. Th e Matrix Series de vice allows a total of four inb ound and / or outbound T elnet session to run simultaneously . telnet host [ port ] Synt ax Descript[...]
-
Page 130
General Configura tion Command Set S tarti ng and Configuring T elnet 2-104 Matrix NSA Series Configuration Guide 2.2.7.4 show router telnet Use this command to display the state of T elnet service to the router . show router telnet Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This[...]
-
Page 131
General Configura tion Command Set S tarting and Configurin g T elnet Matrix NSA Series C onfiguration Guide 2 -105 2.2.7.5 set router telnet Use this command to enable or disable T elnet service to the router interface IP address. set router telnet { enable | disable } Synt ax Description None. Command Default s None. Command T ype Switch command.[...]
-
Page 132
General Configura tion Command Set S tarti ng and Configuring T elnet 2-106 Matrix NSA Series Configuration Guide 2.2.7.6 clear router telnet Use this command to reset T elnet service to th e router to the default state of dis able d. clear router telnet Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Re[...]
-
Page 133
General Configura tion Command Set Managing Confi guration and Image Files Matrix NSA Series C onfiguration Guide 2 -107 2.2.8 Managin g Co nfiguration and Image Files Matrix Series devices provide a single configura tion interface which allows you to perform both switch and router configuration with the same co mmand set. The Matrix Series devices[...]
-
Page 134
General Configura tion Command Set Managing Configura tion and Image Files 2-108 Matrix NSA Series Configuration Guide 2.2.8.1 dir Use this command to list file s stored in the file system. dir [ filename ] Synt ax Description Command T ype Switc h. Command Mode Read-Only . Command Default s If filename is not specified, all files in the system wil[...]
-
Page 135
General Configura tion Command Set Managing Confi guration and Image Files Matrix NSA Series C onfiguration Guide 2 -109 Location Modules on which this image resides. Compatibility Module types on which t his image is qualified to run. Attempting to run an incomp atible image on a given module will not succeed. Files User maintained files, such as [...]
-
Page 136
General Configura tion Command Set Managing Configura tion and Image Files 2-1 10 Matrix NSA Series Configuration Guide 2.2.8.2 show file Use this command to display the contents of an image or configuration file. show file filename Synt ax Description Command T ype Switc h. Command Mode Read-Only . Command Default s None. Example This example (an [...]
-
Page 137
General Configura tion Command Set Managing Confi guration and Image Files Matrix NSA Series Configuration Guide 2-1 1 1 2.2.8.3 show config Use this command to display the system config uration or write the configuration to a file. show config [ all ] [ facility ] [ outfile outfile ] Synt ax Description Command T ype Switch. Command Mode Read-W ri[...]
-
Page 138
General Configura tion Command Set Managing Configura tion and Image Files 2-1 12 Matrix NSA Series Configuration Guide Example This example shows how to display th e current non-default device co nfiguration: Matrix(rw)-> show config This command shows non-default configurations only. Use 'show config all' to show b oth default and no[...]
-
Page 139
General Configura tion Command Set Managing Confi guration and Image Files Matrix NSA Series Configuration Guide 2-1 13 2.2.8.4 configure Use this command to execute a pr eviously downloaded configuration file stored on the device. configure filename [ append ] Synt ax Description Command T ype Switch. Command Mode Read-W rite. Command Default s If[...]
-
Page 140
General Configura tion Command Set Managing Configura tion and Image Files 2-1 14 Matrix NSA Series Configuration Guide 2.2.8.5 copy Use this command to upload or downloa d an image or a CLI configuration file. copy source destination Synt ax Description Command T ype Switc h. Command Mode Read-W rite. Command Default s None. Examples This example [...]
-
Page 141
General Configura tion Command Set Managing Confi guration and Image Files Matrix NSA Series Configuration Guide 2-1 15 This example shows how to uplo ad a configuration file via A nonymous FTP from the module in slot 3: This example shows how to copy a configuratio n file from the slot 3 directory to the slot 5 directory: Matrix(rw)-> copy slot[...]
-
Page 142
General Configura tion Command Set Managing Configura tion and Image Files 2-1 16 Matrix NSA Series Configuration Guide 2.2.8.6 delete Use this command to remove an image or a CL I configuration file from the Matrix system. delete filename Synt ax Description Command T ype Switc h. Command Mode Read-W rite. Command Default s None. Examples This exa[...]
-
Page 143
General Configura tion Command Set Managing Confi guration and Image Files Matrix NSA Series Configuration Guide 2-1 17 2.2.8.7 script Use this command to execute a script file. The script file must first be created on a PC and copied to the Matrix device using the copy command ( Section 2.2.8.5 ) before the script can be executed. The file can con[...]
-
Page 144
General Configura tion Command Set Managing Configura tion and Image Files 2-1 18 Matrix NSA Series Configuration Guide When the script command parses the file and performs the command line ar gument substitution, the commands are convert ed to the following: set port alias fe.1.1 scr ipt_set_port set port vlan fe.1.1 100 modify-egress set port jum[...]
-
Page 145
General Configura tion Command Set Enabling or Disabli ng the Path MTU Discovery Proto c ol Matrix NSA Series Configuration Guide 2-1 19 2.2.9 Enabling or Disabling the Path MTU Discovery Protocol Purpose T o enable or disable the path MTU (Maximum T ransmission Unit) discovery protoco l on the device. Because ports with transmission speeds higher [...]
-
Page 146
General Configura tion Command Set Enablin g or Di sabling t he Path MTU Discove ry Protoc ol 2-120 Matrix NSA Series Configuration Guide 2.2.9.1 show mtu Use this command to display the status of th e pat h MTU discovery protocol on the device. show mtu Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Re[...]
-
Page 147
General Configura tion Command Set Enabling or Disabli ng the Path MTU Discovery Proto c ol Matrix NSA Series C onfiguration Guide 2 -121 2.2.9.2 set mtu Use this command to disable or re-enable pa th MTU discovery protocol on the device. set mtu { enable | disable } Synt ax Description Command Default s None. Command T ype Switch command. Command [...]
-
Page 148
General Configura tion Command Set Enablin g or Di sabling t he Path MTU Discove ry Protoc ol 2-122 Matrix NSA Series Configuration Guide 2.2.9.3 clear mtu Use this command to reset the state of the path MTU discovery protocol back to enabled. clear mtu Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Rea[...]
-
Page 149
General Configura tion Command Set Pausing, Clearing and Closing the CLI Matrix NSA Series C onfiguration Guide 2 -123 2.2.10 Pausing , Cleari ng and Closing the CLI Purpose T o pause or clear the CLI screen or to close your CLI session. Commands The commands used to pause , clear and close the CLI session are listed below and described in the asso[...]
-
Page 150
General Configura tion Command Set Pausing, Clearing and Closing the CLI 2-124 Matrix NSA Series Configuration Guide 2.2.10.1 wait Use this command to pause the CLI for a specified number of seconds be fore executing the next command. wait seconds Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Ex[...]
-
Page 151
General Configura tion Command Set Pausing, Clearing and Closing the CLI Matrix NSA Series C onfiguration Guide 2 -125 2.2.10.2 cls (clear screen) Use this command to clear the sc reen for the current CLI session. cls Synt ax Description None . Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows[...]
-
Page 152
General Configura tion Command Set Pausing, Clearing and Closing the CLI 2-126 Matrix NSA Series Configuration Guide 2.2.10.3 exit | q uit Use either of these comman ds to leave a CLI session. exit quit Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows how to exit a C[...]
-
Page 153
General Configura tion Command Set Resetting the Device Matrix NSA Series C onfiguration Guide 2 -127 2.2.1 1 Resetting the Device Purpose T o reset one or more device modules , to clear the user -defined switch an d router configuration parameters, or to sche dule a system re set in order to load a new boot image. Commands The commands used to res[...]
-
Page 154
General Configura tion Command Set Resetting the Device 2-128 Matrix NSA Series Configuration Guide 2.2.1 1.1 show reset Use this command to display inform ation about scheduled device resets. show reset Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This command shows how to display[...]
-
Page 155
General Configura tion Command Set Resetting the Device Matrix NSA Series C onfiguration Guide 2 -129 2.2.1 1 .2 reset Use this command to rese t the device without losing any user -d efined configuration settings or to display information ab out device resets. reset {[ mod | system | nemcpu { mod . nemcpu }] [ cancel ]} Synt ax Description Command[...]
-
Page 156
General Configura tion Command Set Resetting the Device 2-130 Matrix NSA Series Configuration Guide This example shows how to cancel a scheduled system reset: This example shows how to reset a Matrix Secu rity Module installed on the DFE in slot 4. Matrix(rw)-> reset cancel Reset cancelled. Matrix(rw)-> reset nemcpu 4.1 This command will rese[...]
-
Page 157
General Configura tion Command Set Resetting the Device Matrix NSA Series C onfiguration Guide 2 -131 2.2.1 1 .3 reset at Use this command to schedule a system reset at a sp ecific future time. This feature is useful for loading a new boot im age . reset at hh:mm [ mm/dd ] [ r eason ] Synt ax Description Command Default s • If month and day are n[...]
-
Page 158
General Configura tion Command Set Resetting the Device 2-132 Matrix NSA Series Configuration Guide 2.2.1 1.4 reset in Use this command to schedule a system reset after a specific tim e. This fe ature is useful for loading a new boot image. reset in hh:mm [ re a s o n ] Synt ax Description Command Default s If a re a s o n is not specified, none wi[...]
-
Page 159
General Configura tion Command Set Resetting the Device Matrix NSA Series C onfiguration Guide 2 -133 2.2.1 1 .5 clear config Use this command to clear the u ser -defined switch a nd router conf iguration parameters for one or more modules. Executing clear config on one Matrix module resets that modu le back to its factory defaults. For a list of f[...]
-
Page 160
General Configura tion Command Set Gathering T echnical Support Information 2-134 Matrix NSA Series Configuration Guide 2.2.12 Gathering T echni cal Support Information Purpose T o gather common techni cal support information. Command The command used to display technical support-related info rmation is listed below and described in the associated [...]
-
Page 161
General Configura tion Command Set Gathering T echnica l Support Info rmation Matrix NSA Series C onfiguration Guide 2 -135 2.2.12.1 show support Use this command to display output for technical support-related commands. show support [ filename ] Synt ax Description Command Default s The following commands are executed: • show version ( Section 2[...]
-
Page 162
General Configura tion Command Set Gathering T echnical Support Information 2-136 Matrix NSA Series Configuration Guide Example This ex ample sh ows how to execute the show support command and save the results to slot 1 as a support3.txt file: There is no display example as the list of commands is quite lengthy . Click on the hyper-links in the “[...]
-
Page 163
Preparing the Device for Router Mode Pre-Routing Configuration T asks Matrix NSA Series C onfiguration Guide 2 -137 2.3 PREP ARING THE DEVICE FOR ROUTER MODE 2.3.1 Pre-Routing Configuration T asks The following pre-routin g tasks, as detailed in Section 2.1 and Section 2.2.1 , must be performed from the switch CLI. • S tarting up the CLI. ( Secti[...]
-
Page 164
Preparing the Device for Router Mode Pre-Routing Configuration T asks 2-138 Matrix NSA Series Configuration Guide The example in Figure 2-8 shows how to: • Configure module 1 as a ro uting module. T able 2-9 Enabling the Switch fo r Routing T o do thi s t ask... Ty p e t h i s command... At this prompt ... For det ails, see... Ste p 1 Configure a[...]
-
Page 165
Preparing the Device for Router Mode Reviewing and Configu ri ng Rou ting Matrix NSA Series C onfiguration Guide 2 -139 • Configure VLAN 1 on IP address 182.127.63.1 255.255.255.0 as the routing interface for that module. Figure 2-8 Enabling the Switch for Routin g 2.3.2 Reviewing and Configuring Routing Purpose T o review and configure routing .[...]
-
Page 166
Preparing the Device for Router Mode Reviewing and Configuring Ro uting 2-140 Matrix NSA Series Configuration Guide 2.3.2.1 show router Use this command to display which modules are configured for routing. show router Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows[...]
-
Page 167
Preparing the Device for Router Mode Reviewing and Configu ri ng Rou ting Matrix NSA Series C onfiguration Guide 2 -141 2.3.2.2 set router Use this command to config ure routing on a module. set router module Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to se t mo[...]
-
Page 168
Preparing the Device for Router Mode Reviewing and Configuring Ro uting 2-142 Matrix NSA Series Configuration Guide 2.3.2.3 clear router Use this command to disable ro utin g on a module. clear router module Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to set disa[...]
-
Page 169
Preparing the Device for Router Mode Reviewing and Configu ri ng Rou ting Matrix NSA Series C onfiguration Guide 2 -143 2.3.2.4 router Use this command to enable routi ng mode on a module. This must be a module previously configured for routing using the set router command as de scribed in Section 2.3.2.2 . Routing may be configured on one or two m[...]
-
Page 170
Preparing the Device for Router Mode Enabling Router C onfiguration Modes 2-144 Matrix NSA Series Configuration Guide 2.3.3 Enabling Router Configuration Modes The Matrix CLI provides dif ferent modes of router operation for issuing a subset of commands from each mode. Ta b l e 2 - 1 1 de scribes these modes of operation. NOTE: The command prompt s[...]
-
Page 171
Preparing the Device for Router Mode Enabling Route r Confi guration Modes Matrix NSA Series C onfiguration Guide 2 -145 Router Configuration Mode Set IP protocol parameters. T ype route r and the pr otocol name (and, for OSPF , the instance ID ) from Global or Interface Configuration mode. Matrix>Router1 (config-router)# Key Chain Configuration[...]
-
Page 172
Preparing the Device for Router Mode Enabling Router C onfiguration Modes 2-146 Matrix NSA Series Configuration Guide Server Load Balancing (SLB) Real Server Configuration Mode Configure an LSNA T real server . Ty p e real and the real server IP addr ess from SLB Server Farm Configuration Mode. Matrix>Router1 (config-slb-real)# Server Load Balan[...]
-
Page 173
Matrix NSA Series Configu ration Guide 3-1 3 Configuring Discovery Protocols This chapter describes how to co nfigure the discovery pro tocols supported by the firmware using CLI commands. 3.1 OVERVIEW Currently , three discovery protcols are supported: • The Enterasys Discovery (CDP), described in Section 3.2.2 , “ Enterasys Discove ry Protoco[...]
-
Page 174
Discovery Protocols Command Set Displaying Neigh bors 3-2 Matrix NSA Series Configuration Guide 3.2.1.1 show neighbors Use this command to display Network Neigh bor Discovery information from all supported discovery protcols. show neighbors [ port-string ] Synt ax Description Command Default s If port-string is not specified, all Network Neig hbor [...]
-
Page 175
Discovery Protocols Command Set Displaying Neigh bors Matrix NSA Series Configuration Gui de 3-3 Matrix(rw)-> show neighbor s Port Device ID Port ID Type Netw ork Address --------------------------------- --------------------------------- ----------- ge.1.1 00-01-f4-00-71-9c g e.1.27 lldp ge.1.2 00-01-f4-00-71-9c g e.1.28 lldp ge.1.3 00-01-f4-96[...]
-
Page 176
Discovery Protocols Command Set Enterasys Discove ry Protocol 3-4 Matrix NSA Series Configuration Guide 3.2.2 Enterasys Disco very Protocol Purpose T o enable and configure the En terasys Discove ry Protocol (CDP), used to discover ne twork topology . When enabled, CDP allows Enterasys de vic es to send periodic PDUs about themselve s to neighborin[...]
-
Page 177
Discovery Protocols Command Set Enterasys Discovery Protocol Matrix NSA Series Configuration Gui de 3-5 3.2.2.1 show cdp Use this command to display the st atus of the CDP discovery protocol and message interval on one or more ports. show cdp [ port-string ] Synt ax Description Command Default s If port-string is not specified, all CDP information [...]
-
Page 178
Discovery Protocols Command Set Enterasys Discove ry Protocol 3-6 Matrix NSA Series Configuration Guide Ta b l e 3 - 1 provides an explanation of th e command ou tput. T able 3-1 show cdp Output Details Output What It Displays... CDP Global Status Whether CDP is glob ally auto-enabled, enabled or di sabled. The default state of auto-enabled can be [...]
-
Page 179
Discovery Protocols Command Set Enterasys Discovery Protocol Matrix NSA Series Configuration Gui de 3-7 3.2.2.2 set cd p state Use this command to enab le or dis able the CDP discovery prot oco l on one or more ports. set cdp state { auto | disable | enable } [ port-string ] Synt ax Description Command Default s If port-string is not specified, the[...]
-
Page 180
Discovery Protocols Command Set Enterasys Discove ry Protocol 3-8 Matrix NSA Series Configuration Guide 3.2.2.3 set cd p auth Use this command to set a global CDP authentica tion code. This va lue determines a de vice’ s CDP domain. If two or more devices ha ve the same CDP authentication co de, t hey will be entered into each other's CDP ne[...]
-
Page 181
Discovery Protocols Command Set Enterasys Discovery Protocol Matrix NSA Series Configuration Gui de 3-9 3.2.2.4 set cd p interval Use this command to set the message interval frequency (in seconds) of the C DP discovery protocol. set cdp interval fr equency Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-[...]
-
Page 182
Discovery Protocols Command Set Enterasys Discove ry Protocol 3-10 Matrix NSA Series Configuration Guide 3.2.2.5 set cdp hold-time Use this command to set the hold time value fo r CDP discovery protocol configuration messages. set cdp hold-time hold-time Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W r[...]
-
Page 183
Discovery Protocols Command Set Enterasys Discovery Protocol Matrix NSA Series Configuration Guide 3-1 1 3.2.2.6 clear cd p Use this command to reset CDP discove ry protocol settings to defaults. clear cdp {[ state ] [ port-state port-string ] [ interval ] [ hold-time ] [ auth-code ]} Synt ax Description Command Default s At least one optional para[...]
-
Page 184
Discovery Protocols Command Set Cisco Discovery Protocol 3-12 Matrix NSA Series Configuration Guide 3.2.3 Cisco Discovery Protocol Purpose T o enable and configure the Cisco Discove ry Proto col, used to discov er network topology . When enabled, the Cisco Discovery Protocol allows Cisco devices to send periodic PDUs about themselves to neighbor in[...]
-
Page 185
Discovery Protocols Command Set Cisco Discovery Protocol Matrix NSA Series Configuration Guide 3-13 3.2.3.1 sho w ciscod p Use this command to dis play global Cisco Discov ery Protocol info rma tion. show ciscodp Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows how t[...]
-
Page 186
Discovery Protocols Command Set Cisco Discovery Protocol 3-14 Matrix NSA Series Configuration Guide Holdtime (TTL) Number of seconds ne ighboring devices will hold PDU transmissions from the sending device. Default value of 180 can be changed with the s et ciscodp holdtim e command as described in Section 3.2.3.5 . Device ID The MAC address of the [...]
-
Page 187
Discovery Protocols Command Set Cisco Discovery Protocol Matrix NSA Series Configuration Guide 3-15 3.2.3.2 sho w ciscod p po rt info Use this command to display summ ary information ab out the Cisco Discovery Protocol on one or more ports. show ciscodp port info [ port-string ] Synt ax Description Command Default s If port-string is not specified,[...]
-
Page 188
Discovery Protocols Command Set Cisco Discovery Protocol 3-16 Matrix NSA Series Configuration Guide T able 3-3 show port ciscod p info Output Det ails Output What It Displays... Port Port design ation. S tate Whether CiscoDP is enabled or disabled on this port. Default state of enabled can be changed using the set ciscodp port command ( Section 3.2[...]
-
Page 189
Discovery Protocols Command Set Cisco Discovery Protocol Matrix NSA Series Configuration Guide 3-17 3.2.3.3 set ciscod p st atus Use this command to enab le or dis able Cisco Discovery Protocol gl ob ally on the device. set ciscodp status { auto | enable | disable } Synt ax Description Command Default s None. Command T ype Switch command. Command M[...]
-
Page 190
Discovery Protocols Command Set Cisco Discovery Protocol 3-18 Matrix NSA Series Configuration Guide 3.2.3.4 set ciscod p t imer Use this command to set the number of seconds between Cisco Discovery Protocol PDU transmissions. set ciscodp timer time Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. E[...]
-
Page 191
Discovery Protocols Command Set Cisco Discovery Protocol Matrix NSA Series Configuration Guide 3-19 3.2.3.5 set ciscod p hold time Use this command to set the time to live (TTL) for Cisco Discovery Protoc ol PDUs. This is the amount of time (in seconds) neig hboring devices will hold PDU transmissions from the sending device. set ciscodp holdtime t[...]
-
Page 192
Discovery Protocols Command Set Cisco Discovery Protocol 3-20 Matrix NSA Series Configuration Guide 3.2.3.6 set ciscod p p ort Use this command to set the st atus, voice VLAN, extended trus t mode, and CoS priority for untrusted traffic for the Cisco Discove ry Protocol on one or more ports. set ciscodp port { [ status { disable | enable }] [ vv id[...]
-
Page 193
Discovery Protocols Command Set Cisco Discovery Protocol Matrix NSA Series Configuration Guide 3-21 Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. status Set the CiscoDP port operational status disable Do not transmit or process CiscoDP PDUs enable T ransmit and process CiscoDP PDUs vvid Set the [...]
-
Page 194
Discovery Protocols Command Set Cisco Discovery Protocol 3-22 Matrix NSA Series Configuration Guide Examples This example shows how to set th e Cisco DP port voice VLAN ID to 3 on port fe.1. 6 and enable the port operational state: This example shows how to set th e Cisco DP extended trust mode to untrusted on port fe. 1.5 and set the CoS priority [...]
-
Page 195
Discovery Protocols Command Set Cisco Discovery Protocol Matrix NSA Series Configuration Guide 3-23 3.2.3.7 clear ciscodp Use this command to clear the Cisco Discov ery Protocol back to the default values. clear ciscodp { [ status | timer | holdtime | port { status | vvid | trust-ext | cos-ext }] } < port-string> Synt ax Description Command D[...]
-
Page 196
Discovery Protocols Command Set Cisco Discovery Protocol 3-24 Matrix NSA Series Configuration Guide This example shows how to clear the Ci sco DP port status on port fe.1.5: Matrix> clear ciscodp port statu s fe.1.5[...]
-
Page 197
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-25 3.2.4 Link Layer Discover y Protocol and LLDP-MED The IEEE 802.1AB standard, common ly referred to as the Link Layer Discovery Protocol (LLDP), is described in “IEEE 802.1AB-2005 Edition, IEEE S tandard for Local and Metropolitan [...]
-
Page 198
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-26 Matrix NSA Series Configuration Guide The standard specifies that certa in TL Vs are mand atory in transmitted LLDPDUs, while others are optional. Y o u can configure on a port-specific basis which optional LLDP and LLDP-MED TL Vs should be sent in LLDPDUs. Configuratio[...]
-
Page 199
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-27 • show lldp port local-info ( Section 3.2.4.6 ) • show lldp port remote-info ( Section 3.2.4.7 ) • show lldp port network -policy ( Section 3.2.4.8 ) • set lldp tx-interval ( Section 3.2.4.9 ) • set lldp hold-multiplier ( [...]
-
Page 200
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-28 Matrix NSA Series Configuration Guide 3.2.4.1 show lld p Use this command to display LLDP configuration information. show lldp Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows how to disp[...]
-
Page 201
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-29 3.2.4.2 show lld p port st atus Use this command to display the LLDP status of one or more ports. The command lists the ports that are enabled to send and receive LLDPPDUs . Ports are enabled or disabled w ith the set lldp port stat[...]
-
Page 202
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-30 Matrix NSA Series Configuration Guide 3.2.4.3 show lld p port trap Use this command to display the ports that are en abled to send an LLDP no tification when a remote system change has been detected or an LLDP-MED notification when a change in th e topology has been sen[...]
-
Page 203
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-31 3.2.4.4 show lld p port tx-tlv Use this command to display info rmation abou t which optional TL Vs have been configured to be transmitted on ports. Ports are configur ed to send optional T L Vs with the set lldp port tx-tlv command[...]
-
Page 204
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-32 Matrix NSA Series Configuration Guide 3.2.4.5 show lld p port location-info Use this command to display conf igured location information for one or more ports. Ports are configured with a lo cation value using the set lldp port location-info command. show lldp port loca[...]
-
Page 205
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-33 3.2.4.6 show lld p port local-info Use this command to display the lo cal system information stored for one or more ports. Y ou can use this information to detect misconfigurations or incompatibilities between the local port and the[...]
-
Page 206
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-34 Matrix NSA Series Configuration Guide Ta b l e 3 - 4 describes the information displayed by the show lldp port local-info command. Operational Speed/Duplex/Type : 100 full tx Max Frame Size (bytes) : 1522 Vlan Id : 1 LAG Supported/Enabled/Id : no/no/0 Protocol Id : Span[...]
-
Page 207
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-35 Chassis ID Mandatory basic LLDP TL V that identifies the chassis transmitting the LLDPDU. V alue is MAC address of chassis. Sys Name Optional basic LLDP TL V . V alu e is the administratively assigned name for the system. Sys Desc O[...]
-
Page 208
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-36 Matrix NSA Series Configuration Guide Network Policy (app/tag/vlanId/cos/dscp) L LDP -MED Extensions Networ k Poli cy TL V . For all applications enabled on the port to be tran smitted in a TL V , displays the application name, VLAN t ype (tagged or untagged), VLAN Id, [...]
-
Page 209
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-37 PoE Power Limit (mW) LLDP-MED Extensio ns Extended Powe r via MDI TL V . Displayed only when a port ha s PoE capabilities. Indicates the total power the po rt is capable of sourcing over a maximum length cable, based on its current [...]
-
Page 210
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-38 Matrix NSA Series Configuration Guide 3.2.4.7 show lld p port remote-info Use this command to display the remote system information stored fo r a remote de vice connected to a local port. Y ou can use this information to detect misconfigura tions or incompatibilities be[...]
-
Page 211
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-39 Note that the information fields displayed by the show lldp port remote-info command will vary , depending on the type of remote device that is co nnected to the port . Ta b l e 3 - 5 des cribes the output fields that are unique to [...]
-
Page 212
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-40 Matrix NSA Series Configuration Guide 3.2.4.8 show lld p port network-policy Use this command to display LLDP port network policy config uration info rmation. Network policy information is configured using the set lldp port network - policy command. show lldp port netwo[...]
-
Page 213
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-41 Command T ype Switch command. Command Mode Read-Only . Example This example shows how to display all LLD P network policy information for ge.1.1. Matrix(ro)->show lldp port networ k-policy all ge.1.1 Ports Application S tate Tag [...]
-
Page 214
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-42 Matrix NSA Series Configuration Guide 3.2.4.9 set lld p tx-interval Use this command to set the time, in seconds , between successive LLDP frame transmissions initiated by changes in the LLDP local system information. set lldp tx-interval fr equenc y Synt ax Description[...]
-
Page 215
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-43 3.2.4.10 set lld p hold-multiplier Use this command to set the time-to-live valu e used in LLDP frames sent by this device . The time-to-live for LLDPDU data is calculated by multiplying the transmit interval by the hold multiplier [...]
-
Page 216
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-44 Matrix NSA Series Configuration Guide 3.2.4.1 1 set lld p trap-in terval Use this command to set the mini mum interval between LLDP notific ations sent by this de vice. LLDP notifications are sent when a remo te system change has been detected. s et lldp trap-interval f[...]
-
Page 217
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-45 3.2.4.12 set lld p med-fast-repeat Network connectivity devices tran smit only LLDP TL Vs in LLDPDUs until they detect that an LLDP-MED endpoint device has connected to a port. At that point, the netw ork connectivity device starts [...]
-
Page 218
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-46 Matrix NSA Series Configuration Guide 3.2.4.13 set lldp port st atus Use this command to enable or disable transmitting and processing received LLDPDUs on a port or range of p orts. set lldp port status { tx-enable | rx-enable | both | disable } port-string Synt ax Desc[...]
-
Page 219
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-47 3.2.4.14 set lld p port trap Use this command to enable or disable sending LLDP notifications (traps) when a remote system change is detected. set lldp port trap { enable | disable } port-st ring Synt ax Description Command Default [...]
-
Page 220
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-48 Matrix NSA Series Configuration Guide 3.2.4.15 set lld p port med-trap Use this command to enable or disable sending an LLDP-MED notification when a change in the topology has been sensed on the port (that is, a remote endp oint device has been attach ed or removed from[...]
-
Page 221
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-49 3.2.4.16 set lld p port location-info Use this command to configure LLDP-MED location information on a port or range of ports. Currently , only Emergency Call Services (ECS ) Emer gency Location Ide ntifica tion Number (ELIN) is sup[...]
-
Page 222
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-50 Matrix NSA Series Configuration Guide 3.2.4.17 set l ld p port tx-tlv Use this command to select the optional LLDP and LLDP-MED TL Vs to be transmitted in LLDPDUs by the specified port or ports. Use the show lldp port local-in fo command to display the values of these T[...]
-
Page 223
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-51 mac-phy MAC-PHY Configuration/S tatus IEEE 802.3 Extensions TL V . V alue sent includes the operational MAU type, duplex, and speed of the port. poe Power via MDI IEEE 802.3 Extensions TL V . V alues sent include wh ether pair selec[...]
-
Page 224
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-52 Matrix NSA Series Configuration Guide Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example configures the management address, MED capability , MED network policy , and MED location identification TL Vs to be sent in LLDPDU[...]
-
Page 225
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-53 3.2.4.18 set lld p port network-policy Use this command to config ure network policy for a set of applica tions on a port or range of ports. The policies configured with th is comman d are s ent in LLDPD Us as LLDP-MED Network Polic[...]
-
Page 226
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-54 Matrix NSA Series Configuration Guide Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Usage As described in the ANSI/TIA S tandards document 1057, the Network Policy TL V is “intended for use with applications that have specific real-ti[...]
-
Page 227
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-55 Example This example configures the voice ap plication TL V on port fe.2.1 an d then configures the port to send the Network Policy TL V . Matrix(rw)->set lldp port network -policy voice state enable tag ta gged vlan dot1p fe.2.1[...]
-
Page 228
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-56 Matrix NSA Series Configuration Guide 3.2.4.19 clear lldp Use this command to return LLDP parameters to their default values. clear lldp { all | tx-interval | hold-multipler | trap-interval | med-fast-repeat } Synt ax Description Command Default s None. Command T ype Sw[...]
-
Page 229
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-57 3.2.4.20 clear lld p port st atus Use this command to return the port status to the default value of both (both transmitting and processing received LLDPDUs are enabled). clear lldp port status port-string Synt ax Description Comman[...]
-
Page 230
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-58 Matrix NSA Series Configuration Guide 3.2.4.21 clear lldp port trap Use this command to return th e po rt LLDP trap setting to the default value of di sabled. clear lldp port trap port-string Synt ax Description Command Default s None. Command T ype Switch command. Comm[...]
-
Page 231
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-59 3.2.4.22 clear lld p port med-trap Use this command to return the port LLDP-MED trap setting to the default value of disabled. clear lldp port med-trap port-string Synt ax Description Command Default s None. Command T ype Switch com[...]
-
Page 232
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-60 Matrix NSA Series Configuration Guide 3.2.4.23 clear lld p port location-info Use this command to return th e port ECS E LIN location settin g to the default value of null. clear lldp port location-info elin port-string Synt ax Description Command Default s None. Comman[...]
-
Page 233
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-61 3.2.4.24 clear lld p port network-policy Use this command to return networ k policy for a set of applications on a port or range of p orts to default values. clear lldp port network-policy { all | voice | voice-signaling | guest-voi[...]
-
Page 234
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-62 Matrix NSA Series Configuration Guide Command Default s At least one application (or all ) and one policy parameter must be specified. Command T ype Switch command. Command Mode Read-W rite. Example This example returns all network policy values for a ll applications on[...]
-
Page 235
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED Matrix NSA Series Configuration Guide 3-63 3.2.4.25 clear lld p p ort tx-tlv Use this command to clear the optional LLDP and LLDP-MED TL Vs to be transmitted in LLDPDUs by the specified port or po rts to the default value of disabled. clear lldp port tx-tlv {[ all ] | [ port[...]
-
Page 236
Discovery Protocols Command Set Link Layer Discovery Protocol and LLDP-MED 3-64 Matrix NSA Series Configuration Guide Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example disables the management address, MED capability , MED network policy , and MED location ident ification TL Vs from being sent in LL[...]
-
Page 237
Matrix NSA Series Configu ration Guide 4-1 4 Port Configuration This chapter describes the Port Configuratio n set of commands and how to use them. 4.1 PORT CONFIGURATION SUMMARY Console Port(s) Each Matrix Series module or standalone devi ce includes a c onsole po rt through which local management of the device can be accessed using a terminal or [...]
-
Page 238
Port Configuration Summary Port S t ring Syntax Used in the CLI 4-2 Matrix NSA Series Configuration Guide 4.1.1 Port St ring Synt ax Used in the CLI Commands requiring a port-string parameter use the following syntax to designate port type, slo t location, and port number: port type.port gr oup.port number Where port type can be: fe for 100-Mbps Et[...]
-
Page 239
Port Configuration Summary Port S t ring Syntax Used in the CLI Matrix NSA Series Configuration Gui de 4-3 This example shows the port-string syntax for specifying the 1-Gigabit Ethernet port 14 in port group 3. This example shows the port-string syntax for specifying Fast Ethe rnet ports 1 and 3 and Gigabit Ethernet port 1 1 in the module in chass[...]
-
Page 240
Process Overview: Port Configurati on Port S t ring Syntax Used in the CLI 4-4 Matrix NSA Series Configuration Guide 4.2 PROCESS OVERVIEW: PORT CONFIGURATION Use the following steps as a guide to conf iguringconsole and switch ports on the device: 6. Reviewing and setting console port properties ( Section 4.3.1 )Reviewing switch port status ( Secti[...]
-
Page 241
Port Configuration Command Set Setting Console Port Properties Matrix NSA Series Configuration Gui de 4-5 4.3 PORT CONFIGURATION COMMAND SET 4.3.1 Setting Console Port Properties Purpose T o review and set parameters for on e or more of the device’ s console ports, including baud rate, auto baud detection, st op bits and parity . Commands The com[...]
-
Page 242
Port Configuration Command Set Setting Console Port Properties 4-6 Matrix NSA Series Configuration Guide 4.3.1.1 show console Use this command to display propertie s set for one or more co nsole ports. show console [ port-string ] Synt ax Description Command Default s If port-string is not specified, properties for al l console ports will be displa[...]
-
Page 243
Port Configuration Command Set Setting Console Port Properties Matrix NSA Series Configuration Gui de 4-7 4.3.1.2 clear conso le Use this command to clear the properti es set for one or more console ports. clear console [ port-string ] Synt ax Description Command Default s If port-string is not specified, properties for all console ports will be cl[...]
-
Page 244
Port Configuration Command Set Setting Console Port Properties 4-8 Matrix NSA Series Configuration Guide 4.3.1.3 show console baud Use this command to display the baud rate for one or more console ports. show console baud [ port-string ] Synt ax Description Command Default s If port-string is not specified, baud rate for all console po rts will be [...]
-
Page 245
Port Configuration Command Set Setting Console Port Properties Matrix NSA Series Configuration Gui de 4-9 4.3.1.4 set console baud Use this command to set the baud ra te for one or more console ports. set console baud rate [ port-st ring ] Synt ax Description Command Default s If port-string is not specified, baud rate will be set for all console p[...]
-
Page 246
Port Configuration Command Set Setting Console Port Properties 4-10 Matrix NSA Series Configuration Guide 4.3.1.5 clear console baud Use this command to clear the baud rate for one or more console ports. clear console baud [ port-string ] Synt ax Description Command Default s If port-string is not specified, baud rate w ill be cleared for all conso[...]
-
Page 247
Port Configuration Command Set Setting Console Port Properties Matrix NSA Series Configuration Guide 4-1 1 4.3.1.6 show console flowcontrol Use this command to display the type of flow control setting for one or more console ports. show console flowcontrol [ port-string ] Synt ax Description Command Default s If port-string is not specified, the fl[...]
-
Page 248
Port Configuration Command Set Setting Console Port Properties 4-12 Matrix NSA Series Configuration Guide 4.3.1.7 set console flowcontrol Use this command to set the type of flo w control for one or more co nsole ports. set console flowcontrol { none | ctsrts | dsrdtr } [ port-string ] Synt ax Description Command Default s If port-string is not spe[...]
-
Page 249
Port Configuration Command Set Setting Console Port Properties Matrix NSA Series Configuration Guide 4-13 4.3.1.8 clear console flowcontrol Use this command to clear the type of fl ow control for one or more console ports. clear console flowcontrol [ port-string ] Synt ax Description Command Default s If port-string is not specified, flow control w[...]
-
Page 250
Port Configuration Command Set Setting Console Port Properties 4-14 Matrix NSA Series Configuration Guide 4.3.1.9 show console bit s Use this command to display the number of bits per character set for one or more console ports. show console bits [ port-string ] Synt ax Description Command Default s If port-string is not specified, the bits per cha[...]
-
Page 251
Port Configuration Command Set Setting Console Port Properties Matrix NSA Series Configuration Guide 4-15 4.3.1.10 set console bit s Use this command to set the number of bits per character for one or more console ports. set console bits num-bits [ port-string ] Synt ax Description Command Default s If port-string is not specified, bits per charac [...]
-
Page 252
Port Configuration Command Set Setting Console Port Properties 4-16 Matrix NSA Series Configuration Guide 4.3.1.1 1 clear console bi t s Use this command to clear the number of bits per character for one or more console ports. clear console bits [ port-string ] Synt ax Description Command Default s If port-string is not specified, bits per characte[...]
-
Page 253
Port Configuration Command Set Setting Console Port Properties Matrix NSA Series Configuration Guide 4-17 4.3.1.12 show console stopbit s Use this command to display the co nsole port stop bits per character . show console stopbits [ port-string ] Synt ax Description Command Default s If port-string is not specified, stop bits per character will be[...]
-
Page 254
Port Configuration Command Set Setting Console Port Properties 4-18 Matrix NSA Series Configuration Guide 4.3.1.13 set console stopbit s Use this command to set the stop bits pe r character for one or more console ports. set console stopbits { one | oneandhalf | two } [ port-stri ng ] Synt ax Description Command Default s If port-string is not spec[...]
-
Page 255
Port Configuration Command Set Setting Console Port Properties Matrix NSA Series Configuration Guide 4-19 4.3.1.14 clear console stopbit s Use this command to clear the stop bits per character for one or more console ports. clear console stopbits [ port-string ] Synt ax Description Command Default s If port-string is not specified, stop bits per ch[...]
-
Page 256
Port Configuration Command Set Setting Console Port Properties 4-20 Matrix NSA Series Configuration Guide 4.3.1.15 show con sole p arity Use this command to display the type of parity checking set for one or m ore console ports . show console parity [ port-string ] Synt ax Description Command Default s If port-string is not specified, parity type f[...]
-
Page 257
Port Configuration Command Set Setting Console Port Properties Matrix NSA Series Configuration Guide 4-21 4.3.1.16 set console p arity Use this command to set the parity type for one or more console ports. set console parity { none | odd | ev en | mark | space } [ port-string ] Synt ax Description Command Default s If port-string is not specified, [...]
-
Page 258
Port Configuration Command Set Setting Console Port Properties 4-22 Matrix NSA Series Configuration Guide 4.3.1.17 clear co nsole p a rity Use this command to clear the parity type for one or more console ports. clear console parity [ port-string ] Synt ax Description Command Default s If port-string is not specified, parity type w ill be cleared f[...]
-
Page 259
Port Configuration Command Set Reviewing Port S tatus Matrix NSA Series Configuration Guide 4-23 4.3.2 Reviewing Port St atus Purpose T o display operating statu s, duplex mode, speed , po rt type, and statistical information about traf fic received and transmitted through one or all switch ports on the device. Commands The commands used to review [...]
-
Page 260
Port Configuration Command Set Reviewin g Po rt S tat us 4-24 Matrix NSA Series Configuration Guide 4.3.2.1 show port Use this command to display whether or not one or more ports are enabled for switching. show port [ port-string ] Synt ax Description Command Default s If port-string is not specified, operational stat us information for all ports w[...]
-
Page 261
Port Configuration Command Set Reviewing Port S tatus Matrix NSA Series Configuration Guide 4-25 4.3.2.2 show port st atus Use this command to display oper ating and admin status, speed , duplex mode and po rt type for one or more ports on the d evice. show port status [ port-string ] [ -interesting ] Synt ax Description Command Default s If no opt[...]
-
Page 262
Port Configuration Command Set Reviewin g Po rt S tat us 4-26 Matrix NSA Series Configuration Guide T able 4- 1 s how po rt status Outpu t Details Output What It Displays... Port Port designation. For a detailed description of possible port-string values, refer to Section 4.1.1 . Alias (truncated) Alias configured for the port. For deta ils on usin[...]
-
Page 263
Port Configuration Command Set Reviewing Port S tatus Matrix NSA Series Configuration Guide 4-27 4.3.2.3 show port counters Use this command to display port counter statis tics detailing traffic throug h the device and through all MIB2 network device s. show port counters [ port-string ] [ switch | mib2 ] Synt ax Description Command Default s • I[...]
-
Page 264
Port Configuration Command Set Reviewin g Po rt S tat us 4-28 Matrix NSA Series Configuration Guide Examples This example shows how to display all counter stat istics, including MIB2 network traf fic and traffic through the device for fe.3.1: This example shows how to display all fe.3.1 port counter statistics related to traf fic through the device[...]
-
Page 265
Port Configuration Command Set Reviewing Port S tatus Matrix NSA Series Configuration Guide 4-29 Ta b l e 4 - 2 provides an explanation of th e command ou tpu t. T able 4-2 show port counter s Output Det ails Output What It Displays... Port Port designation. For a de tailed description of possible port-string values, refer to Section 4.1.1 . MIB2 I[...]
-
Page 266
Port Configuration Command Set Reviewin g Po rt S tat us 4-30 Matrix NSA Series Configuration Guide 4.3.2.4 show port operst atuscause Use this command to display the causes configured to place operating status to a down or dormant state for one or more ports. show port operstatuscause [ port-string ] [ any ] [ modifiable ][ admin ] [ linkloss ] [ [...]
-
Page 267
Port Configuration Command Set Reviewing Port S tatus Matrix NSA Series Configuration Guide 4-31 Command Default s If no options are specified, c auses for a ll ports will be displayed. Command T ype Switch command. Command Mode Read-Only . Example This example shows how to display operation status causes for ports ge.1.1 through 6. In this case, p[...]
-
Page 268
Port Configuration Command Set Reviewin g Po rt S tat us 4-32 Matrix NSA Series Configuration Guide 4.3.2.5 clear port operst atuscause Use this command to override the causes configured to place operating status to a down or dormant state for one or more ports. clear port operstatuscause [ port-string ] [ admin ] [ linkflap ] [ flowlimit ] [ polic[...]
-
Page 269
Port Configuration Command Set Disabling / Enabling and Namin g Ports Matrix NSA Series Configuration Guide 4-33 4.3.3 Disabling / Enabling and Naming Port s Purpose T o disable and re-enable one or more ports, and to as sign an alias to a port. By default, all ports are enabled at device startup. Y ou may want to disa ble ports for security or to [...]
-
Page 270
Port Configuration Command Set Disabling / Enabl ing and Naming Ports 4-34 Matrix NSA Series Configuration Guide 4.3.3.1 set port disable Use this command to administratively disable one or more ports. set port disable port-string Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This exampl[...]
-
Page 271
Port Configuration Command Set Disabling / Enabling and Namin g Ports Matrix NSA Series Configuration Guide 4-35 4.3.3.2 set port enable Use this command to administrativ ely enable one or more ports. set port enable port-string Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example [...]
-
Page 272
Port Configuration Command Set Disabling / Enabl ing and Naming Ports 4-36 Matrix NSA Series Configuration Guide 4.3.3.3 show port alias Use this command to display alias name(s assigned to one or more ports. show port alias [ port-string ] Synt ax Description Command Default s If port-string is not specified, aliases for al l ports will be display[...]
-
Page 273
Port Configuration Command Set Disabling / Enabling and Namin g Ports Matrix NSA Series Configuration Guide 4-37 4.3.3.4 set port alias Use this command to assign an alias name to a port. set port alias port-string [ string ] Synt ax Description Command Default s If string is not specified, the alias assign ed to the port will be cleared. Command T[...]
-
Page 274
Port Configuration Command Set Disabling / Enabl ing and Naming Ports 4-38 Matrix NSA Series Configuration Guide 4.3.3.5 show forcelinkdown Use this command to display the stat us of the force link do wn function. show forcelinkdown Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This[...]
-
Page 275
Port Configuration Command Set Disabling / Enabling and Namin g Ports Matrix NSA Series Configuration Guide 4-39 4.3.3.6 set forcelinkdown Use this command to enable or di sable th e force link do wn function . When enabled, this forces ports in the “operstatus down” state to be come disabled. set forcelinkdown { enable | disable } Synt ax Desc[...]
-
Page 276
Port Configuration Command Set Disabling / Enabl ing and Naming Ports 4-40 Matrix NSA Series Configuration Guide 4.3.3.7 clear forcelinkdown Use this command to resets the force link down function to the default state of disabled. clear forcelinkdown Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W[...]
-
Page 277
Port Configuration Command Set Setting Speed and Dupl ex Mode Matrix NSA Series Configuration Guide 4-41 4.3.4 Setting Speed and Duplex Mode Purpose T o review and set the operational speed in Mbps and the default duplex mode: Half , for half duplex, or Full , for full duplex for one or more ports. Commands The commands used to review and set port [...]
-
Page 278
Port Configuration Command Set Setting Speed and Duplex Mode 4-42 Matrix NSA Series Configuration Guide 4.3.4.1 show port speed Use this command to display the defaul t speed setting on one or more ports. show port speed [ port-string ] Synt ax Description Command Default s If port-string is not specified, default speed settings for all ports will [...]
-
Page 279
Port Configuration Command Set Setting Speed and Dupl ex Mode Matrix NSA Series Configuration Guide 4-43 4.3.4.2 set port speed Use this command to set the defau lt speed of one or more ports. Th is setting only takes effect on ports that have auto-negotiation disabled. set port speed port-string { 10 | 100 | 1000 } Synt ax Description Command Defa[...]
-
Page 280
Port Configuration Command Set Setting Speed and Duplex Mode 4-44 Matrix NSA Series Configuration Guide 4.3.4.3 show port duplex Use this command to display th e default duplex setting (half or full) for one or more ports. show port duplex [ port-string ] Synt ax Description Command Default s If port-string is not specified, default duplex setti ng[...]
-
Page 281
Port Configuration Command Set Setting Speed and Dupl ex Mode Matrix NSA Series Configuration Guide 4-45 4.3.4.4 set port duplex Use this command to set the default d uplex type for one or more ports. set port duplex port-string { full | half } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Examp[...]
-
Page 282
Port Configuration Command Set Enabling / Disabl ing Jumbo Frame Supp ort 4-46 Matrix NSA Series Configuration Guide 4.3.5 Enabling / Disabli ng Jumbo Frame Support Purpose T o review , enable, and disable jumb o frame support on one or mo re ports. This all ows Gigabit Ethernet ports to transmit frames up to 10 KB in size. Commands The commands us[...]
-
Page 283
Port Configuration Command Set Enabling / Disabling Jumbo F ra m e Support Matrix NSA Series Configuration Guide 4-47 4.3.5.1 show port jumbo Use this command to display the status of jumb o frame sup port and maximum transmission uni ts (MTU) on one or more ports. show port jumbo [ port-string ] Synt ax Description Command Default s If port-string[...]
-
Page 284
Port Configuration Command Set Enabling / Disabl ing Jumbo Frame Supp ort 4-48 Matrix NSA Series Configuration Guide 4.3.5.2 set port jumbo Use this command to enable or disa ble jumbo frame supp ort on one or more ports. set port jumbo { enable | disable } [ port-string ] Synt ax Description Command Default s If port-string is not specified, jumbo[...]
-
Page 285
Port Configuration Command Set Enabling / Disabling Jumbo F ra m e Support Matrix NSA Series Configuration Guide 4-49 4.3.5.3 clear p ort jumbo Use this command to reset jumb o frame support status to enabled on one or more ports. clear port jumbo [ port-string ] Synt ax Description Command Default s If port-string is not specified, jumbo frame sup[...]
-
Page 286
Port Configuration Command Set Setting Auto-Negotiation an d Advertised Abil ity 4-50 Matrix NSA Series Configuration Guide 4.3.6 Setting Auto-Negotiati on and Advertised Ability Purpose T o review , disable or enable auto-negotiation, and to review o r set a port’ s advertised mode of operation. During auto-negotiation and adverti sed ability , [...]
-
Page 287
Port Configuration Command Set Setting Auto -Negotiation and Advertised Ability Matrix NSA Series Configuration Guide 4-51 4.3.6.1 show port negotiation Use this command to display the status of auto-negotiation for one or more ports. show port negotiation [ port-string ] Synt ax Description Command Default s If port-string is not specified, auto-n[...]
-
Page 288
Port Configuration Command Set Setting Auto-Negotiation an d Advertised Abil ity 4-52 Matrix NSA Series Configuration Guide 4.3.6.2 set port negotiation Use this command to ena ble or disable auto-negotiation on one or more ports. set port negotiation port-stri ng { enable | disab le } Synt ax Description Command Default s None. Command T ype Switc[...]
-
Page 289
Port Configuration Command Set Setting Auto -Negotiation and Advertised Ability Matrix NSA Series Configuration Guide 4-53 4.3.6.3 show port mdix Use this command to display the MDI/MDIX mode on one or more ports. This function detects an d adapts to straight through (MDI) or c ross - over (MDIX) Ethernet cablin g on switch ports. show port mdix [ [...]
-
Page 290
Port Configuration Command Set Setting Auto-Negotiation an d Advertised Abil ity 4-54 Matrix NSA Series Configuration Guide 4.3.6.4 set port mdix Use this command to set MDI/MDIX mode on one or more ports. set port mdix [ port-string ] { auto | mdi | mdix } Synt ax Description Command Default s If port-string is not specified, mode will be set for [...]
-
Page 291
Port Configuration Command Set Setting Auto -Negotiation and Advertised Ability Matrix NSA Series Configuration Guide 4-55 4.3.6.5 clear p ort mdix Use this command to reset MDIX mode to the default sett ing of auto on one or more ports. clear port mdix [ port-string ] Synt ax Description Command Default s If port-string is not specified, mode will[...]
-
Page 292
Port Configuration Command Set Setting Auto-Negotiation an d Advertised Abil ity 4-56 Matrix NSA Series Configuration Guide 4.3.6.6 show port advertise Use this command to display the adve rtised ability on one or more ports. show port advertise [ port-string ] Synt ax Description Command Default s If port-string is not specified, advertised ab ili[...]
-
Page 293
Port Configuration Command Set Setting Auto -Negotiation and Advertised Ability Matrix NSA Series Configuration Guide 4-57 T able 4-3 show port advertis e Output Det ails Output What It Displays... capability Whether or not the port is capable of operating in the following modes: • 10t - 10BASE-T half duplex mode • 10tfd - 10BASE-T full duplex [...]
-
Page 294
Port Configuration Command Set Setting Auto-Negotiation an d Advertised Abil ity 4-58 Matrix NSA Series Configuration Guide 4.3.6.7 set port advertise Use this command to enable or di sable and to configure the adverti sed ability on one or more ports. set port advertise port-string [ 10t ] [ 10tfd ] [ 100tx ] [ 100txfd ] [ 1000x ] [ 1000xfd ] [ 10[...]
-
Page 295
Port Configuration Command Set Setting Auto -Negotiation and Advertised Ability Matrix NSA Series Configuration Guide 4-59 Command Mode Read-W rite. Example This example shows how to set fe.3.4 to advertise 100BASE-TX full dupl ex operation: Matrix(rw)-> set port adve rtise fe.3.4 100txfd[...]
-
Page 296
Port Configuration Command Set Setting Auto-Negotiation an d Advertised Abil ity 4-60 Matrix NSA Series Configuration Guide 4.3.6.8 clear port advertise Use this command to reset advertised ability to the default setting on one or more ports. clear port advertise port-string [ 10t | 10tfd | 100tx | 100txfd | 1000x | 10 00txfd | 1000t | 1000tfd | pa[...]
-
Page 297
Port Configuration Command Set Setting Auto -Negotiation and Advertised Ability Matrix NSA Series Configuration Guide 4-61 Command Default s If not specified, all modes of ad vertised ability will be cleared. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to re set all advertised ability to default settings o[...]
-
Page 298
Port Configuration Command Set Setting Flow Control 4-62 Matrix NSA Series Configuration Guide 4.3.7 Setting Flow Control Purpose T o review , enable or disable port flow control. Flow control is used to manage the transmission between two devices as sp ecified by IEEE 802.3x to prevent receiving po rts from being overwhelmed by frames from transmi[...]
-
Page 299
Port Configuration Command Set Setting Flow Control Matrix NSA Series Configuration Guide 4-63 4.3.7.1 show port flowcontrol Use this command to display the flow control state for one or more ports. show port flowcontrol [ port-string ] Synt ax Description Command Default s If port-string is not specified, flow control information for all ports wil[...]
-
Page 300
Port Configuration Command Set Setting Flow Control 4-64 Matrix NSA Series Configuration Guide TX Oper Whether or not the port is operationally enabled or disabled for sending flow control frames. RX Admin Whether or not the port is administratively enabled or disabled for acknowledging recei ved flow control frames. RX Oper Whether or not th e por[...]
-
Page 301
Port Configuration Command Set Setting Flow Control Matrix NSA Series Configuration Guide 4-65 4.3.7.2 set port flowcontrol Use this command to enable or disable fl ow control settings for one or more ports. set port flowcontrol port-string { r eceive | se nd | both }{ enable | disable } Synt ax Description Command Default s None. Command T ype Swi[...]
-
Page 302
Port Configuration Command Set Configuring Link T raps and Link Flap Detection 4-66 Matrix NSA Series Configuration Guide 4.3.8 Configuring Link T rap s and Link Flap Detection Purpose T o disable or re -enable link traps and to configure the link flapping detection function. By default, all ports are enabled to send SNMP trap mes sages indica ting[...]
-
Page 303
Port Configuration Command Set Configuring Link T ra ps and Link Flap Dete ctio n Matrix NSA Series Configuration Guide 4-67 4.3.8.1 show port trap Use this command to display whether the port is enabled for generating an SNMP trap message if its link state changes. show port trap [ port-string ] Synt ax Description Command Default s If port-string[...]
-
Page 304
Port Configuration Command Set Configuring Link T raps and Link Flap Detection 4-68 Matrix NSA Series Configuration Guide 4.3.8.2 set port trap Use this command to enable or disable ports for sending SNMP tr ap messages when thei r link status changes. set port trap port-string { enable | disable } Synt ax Description Command Default s None. Comman[...]
-
Page 305
Port Configuration Command Set Configuring Link T ra ps and Link Flap Dete ctio n Matrix NSA Series Configuration Guide 4-69 4.3.8.3 show linkflap Use this command to display link flap det ection state and config uration information. show linkflap { globalstate | portstate | parameters | metrics | portsupported | actsupported | maximum | downports [...]
-
Page 306
Port Configuration Command Set Configuring Link T raps and Link Flap Detection 4-70 Matrix NSA Series Configuration Guide Command Default s • If not specified, information about all link flap detection settings will be displayed. • If port-string is not specified, information for all ports will be displayed. Command T ype Switch command. Comman[...]
-
Page 307
Port Configuration Command Set Configuring Link T ra ps and Link Flap Dete ctio n Matrix NSA Series Configuration Guide 4-71 Ta b l e 4 - 5 provides an explanation of the show linkflap parameters command output. This example shows how to display the link flap metrics table : Ta b l e 4 - 6 provides an exp l an at ion of the sh ow linkfl ap metrics [...]
-
Page 308
Port Configuration Command Set Configuring Link T raps and Link Flap Detection 4-72 Matrix NSA Series Configuration Guide T imeElapsed T ime (in seconds) since the last link down event. V iolations Number of link flap viola tions on listed po rts si nce system start. T able 4-6 show linkflap metrics Output Det ails (Continued) Output What It Displa[...]
-
Page 309
Port Configuration Command Set Configuring Link T ra ps and Link Flap Dete ctio n Matrix NSA Series Configuration Guide 4-73 4.3.8.4 set linkflap globalstate Use this command to globally enable or disable the link flap detection fu nction. By default, the function is disable d globally and on all po rts. If disabled g lobally after per-port setting[...]
-
Page 310
Port Configuration Command Set Configuring Link T raps and Link Flap Detection 4-74 Matrix NSA Series Configuration Guide 4.3.8.5 set linkflap Use this command to enable or disable lin k flap monitoring on one or more ports. set linkflap portstate { disable | enable } [ port-string ] Synt ax Description Command Default s If port-string is not speci[...]
-
Page 311
Port Configuration Command Set Configuring Link T ra ps and Link Flap Dete ctio n Matrix NSA Series Configuration Guide 4-75 4.3.8.6 set linkflap interval Use this command to set the time interval (in seconds) for accumulatin g link down transitions. set linkflap interval port-string interval_value Synt ax Description Command Default s None. Comman[...]
-
Page 312
Port Configuration Command Set Configuring Link T raps and Link Flap Detection 4-76 Matrix NSA Series Configuration Guide 4.3.8.7 set linkflap action Use this command to set reactions to a link flap violation. set linkflap action port-string { disableI nterface | gensyslo gentry | ge ntrap | all } Synt ax Description Command Default s None. Command[...]
-
Page 313
Port Configuration Command Set Configuring Link T ra ps and Link Flap Dete ctio n Matrix NSA Series Configuration Guide 4-77 4.3.8.8 clear linkflap action Use this command to clear reac tions to a link flap violation. clear linkflap action [ port-string } { disableInterface | gensyslogentry | gentrap | all } Synt ax Description Command Default s If[...]
-
Page 314
Port Configuration Command Set Configuring Link T raps and Link Flap Detection 4-78 Matrix NSA Series Configuration Guide 4.3.8.9 set linkflap threshold Use this command to set the link flap action trigger count. set linkflap threshold port-string thr eshold_value Synt ax Description Command Default s None. Command T ype Switch command. Command Mod[...]
-
Page 315
Port Configuration Command Set Configuring Link T ra ps and Link Flap Dete ctio n Matrix NSA Series Configuration Guide 4-79 4.3.8.10 set linkflap downtime Use this command to set the time interval (in seconds) one or mo re ports will be held down after a link flap violation. set linkflap downtime port-string downtime_value Synt ax Description Comm[...]
-
Page 316
Port Configuration Command Set Configuring Link T raps and Link Flap Detection 4-80 Matrix NSA Series Configuration Guide 4.3.8.1 1 clear linkflap down Use this command to toggle link fl ap disabled ports to operational. clear linkflap down [ port-string ] Synt ax Description Command Default s If port-string is not specified, all ports di sabled by[...]
-
Page 317
Port Configuration Command Set Configuring Link T ra ps and Link Flap Dete ctio n Matrix NSA Series Configuration Guide 4-81 4.3.8.12 clear linkflap Use this command to clear all link flap options and / or statistics on one or more ports. clear linkflap { all | stats [ port-string ] | parameter port-string { threshold | interval | downtime | all } [...]
-
Page 318
Port Configuration Command Set Configuring Broadcast Suppressio n 4-82 Matrix NSA Series Configuration Guide 4.3.9 Configuring Broa dcast Suppression Purpose T o review , disable or set the broadcast thresholds on one or more ports. This limits the amount of received broadcast frames that the specified port will be allowed to switch out to other po[...]
-
Page 319
Port Configuration Command Set Configuring Broadcast Suppression Matrix NSA Series Configuration Guide 4-83 4.3.9.1 show port broadcast Use this command to disp lay port broadcast suppression information for one or more ports. show port broadcast [ port-string ] Synt ax Description Command Default s If port-string is not specified, broadcast stat u[...]
-
Page 320
Port Configuration Command Set Configuring Broadcast Suppressio n 4-84 Matrix NSA Series Configuration Guide Peak Rate (pkts/s) Peak rate of broadcast transmission received on this port in packets per second. Peak Rate T ime (ddd:hh:mm:ss) T ime (in day , hours, minutes and seconds) the peak rate was reached on this port. T able 4-7 show port broad[...]
-
Page 321
Port Configuration Command Set Configuring Broadcast Suppression Matrix NSA Series Configuration Guide 4-85 4.3.9.2 set port broadcast Use this command to set the broadcast suppression limit, in packets per second, on one or more ports. This sets a threshold on the broadcast traf fic that is received and sw itched out to other ports. set port broad[...]
-
Page 322
Port Configuration Command Set Configuring Broadcast Suppressio n 4-86 Matrix NSA Series Configuration Guide 4.3.9.3 clear port broadcast Use this command to reset the broadcast threshold an d/or clear the peak ra te and peak time values on one or switch more ports. clear port broadcast port-string [ threshold ] [ peak ] Synt ax Description Command[...]
-
Page 323
Configuring Port Mirroring Supported Mirrors Matrix NSA Series Configuration Guide 4-87 4.4 CONFIGURING PORT MIRRORING The Matrix device allows you to mirror (or redirect) the traffic be ing switch ed on a po rt or VL AN for the purposes of network traffic analysis and connection assurance. When port mirroring is enabled, one port becomes a monitor[...]
-
Page 324
Configuring Port Mirroring IDS Mirroring Considerations 4-88 Matrix NSA Series Configuration Guide 4.4.2 IDS Mirro ring Considerations An IDS mirror is a one-to-many port mirror that has been designed for use with an Intrusion Detection System. The following c onsiderations must be t aken in to account when configuring IDS mirroring on the Matrix d[...]
-
Page 325
Configuring Port Mirroring Setting Port Mirroring Matrix NSA Series Configuration Guide 4-89 4.4.4 Setting Port Mirroring Purpose T o review and configure port mirroring on the device. Commands The comm ands used to review an d configure p ort mirroring are listed below and described in the associated section as show n. • show port mirroring ( Se[...]
-
Page 326
Configuring Port Mirroring Setting Port Mirroring 4-90 Matrix NSA Series Configuration Guide 4.4.4.1 show port mirroring Use this command to display the source and tar g et ports for mirroring, and whether mirroring is currently enabled or dis able d for those ports. show port mirroring Synt ax Description None. Command Default s None. Command T yp[...]
-
Page 327
Configuring Port Mirroring Setting Port Mirroring Matrix NSA Series Configuration Guide 4-91 4.4.4.2 set port mirroring Use this command to create a ne w mirroring relationship or to en able or disable an existing mirroring relationshi p between two ports. set port mirroring { create | disable | enable } | igmp-mcast { enable | disable } sour ce de[...]
-
Page 328
Configuring Port Mirroring Setting Port Mirroring 4-92 Matrix NSA Series Configuration Guide Example This example shows how to enable port mirroring of transmitted and received frames with fe.1.4 as the source port and fe.1.1 1 as the target port: Matrix(rw)-> set port mirroring enable fe.1.4 fe.1.11 both[...]
-
Page 329
Configuring Port Mirroring Setting Port Mirroring Matrix NSA Series Configuration Guide 4-93 4.4.4.3 clear p ort mirroring Use this command to clear a port mirroring relationship. clear port mirroring { igmp-mcast | source destination } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This [...]
-
Page 330
Configuring LACP LACP Operation 4-94 Matrix NSA Series Configuration Guide 4.5 CONFIGURING LACP Using multiple links simultaneously to increase bandw idth is a desirable switch feature, which can be accomplished if both sides agree on a set of ports that are being used as a Link Aggregation Group (LAG). Once a LAG is formed from selected ports, pro[...]
-
Page 331
Configuring LACP LACP T erminology Matrix NSA Series Configuration Guide 4-95 The operation o f LACP invo lves the following activi ties: • Checking th at candidate links can actually be a ggregated. • Controlling the addition of a link to a LAG , and the creation of the group if necessary . • Monitoring the status of aggregated links to ensu[...]
-
Page 332
Configuring LACP Matrix Series Usa ge Consideratio ns 4-96 Matrix NSA Series Configuration Guide 4.5.3 Matrix Series Usage Considerations In normal usage (and typical impl ementations) there is no need to modify any of th e default LACP parameters on the Matrix Series device. The defa ult values will result in the maximum number of aggregations pos[...]
-
Page 333
Configuring LACP Matrix Series Usage Considerations Matrix NSA Series Configuration Guide 4-97 LACP uses a system priority value to build a LAG ID, whic h de termines aggregation precedenc e. If there are two partner devices competing for th e same aggregator , LACP compares the LAG IDs for each grouping of ports. The LAG with the lower LAG ID is g[...]
-
Page 334
Configuring LACP Configuring Link Aggreg ation 4-98 Matrix NSA Series Configuration Guide 4.5.4 Configuring Link Aggregation Purpose T o di sable and re -enable the Link Ag gregation Control Protocol (LACP), to display an d configure LACP settings for one or more aggregator ports, and to display and config ure the LACP settings for underlying phys [...]
-
Page 335
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series Configuration Guide 4-99 • clear lacp outportAlgorithm ( Section 4.5.4.20 )[...]
-
Page 336
Configuring LACP Configuring Link Aggreg ation 4-100 Matrix NSA Series Configuration Guide 4.5.4.1 show lacp Use this command to disp lay the global LACP enable state, or to display informa tion abou t one or more aggregator ports. Each Matr ix Series module provides virtua l link aggregator ports, which are designated in the CLI as lag.0.1 through[...]
-
Page 337
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series C onfiguration Guide 4 -101 T able 4-9 show lacp Output Det ails Output What It Displays... Aggregator LAG port designation. Each Matrix Series module provides 48 virtual link aggrega tor ports, which are de signated in the CLI as lag.0.1 throug h lag.0.48 . Once underlying physical p[...]
-
Page 338
Configuring LACP Configuring Link Aggreg ation 4-102 Matrix NSA Series Configuration Guide 4.5.4.2 set lacp Use this command to disable or enable the Li nk Aggregation Control Pro tocol (LACP) on the device. LACP is enabled by default. set lacp { disable | enable } Synt ax Description Command Default s None. Command T ype Switch command. Command Mo[...]
-
Page 339
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series C onfiguration Guide 4 -103 4.5.4.3 clear l acp state Use this command to reset LACP to the default state of enabled. clear lacp state Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to reset LACP[...]
-
Page 340
Configuring LACP Configuring Link Aggreg ation 4-104 Matrix NSA Series Configuration Guide 4.5.4.4 set lacp asyspri Use this command to set the LACP system priority . LACP uses this value to determine aggregation precedence. If there are two pa rtner devices comp eting for the same aggreg ator , LACP compares the LAG IDs for each grouping of po rts[...]
-
Page 341
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series C onfiguration Guide 4 -105 4.5.4.5 set lacp aadminkey Use this command to set the administratively assign ed key for one or more aggregator ports. LACP will use this value to form an oper key . Only un derlying physical ports wi th oper keys matching those of their aggregators will b[...]
-
Page 342
Configuring LACP Configuring Link Aggreg ation 4-106 Matrix NSA Series Configuration Guide 4.5.4.6 clear lacp Use this command to clear LACP syst em priority or admin key settings. clear lacp {[ asyspri] [ aadminkey port-string ]} Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This exampl[...]
-
Page 343
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series C onfiguration Guide 4 -107 4.5.4.7 set lacp st atic Use this command to assign one or more underlyi ng physical ports to a Link Aggregatio n Gro up (LAG). set lacp static lagportstring [ key ] port-string Synt ax Description Command Default s If not specified, a key will be assigned [...]
-
Page 344
Configuring LACP Configuring Link Aggreg ation 4-108 Matrix NSA Series Configuration Guide Example This example shows how to add port fe.1 .6 to the LAG of agg regator port 48: Matrix(rw)-> set lacp static lag .0. 48 fe.1.6[...]
-
Page 345
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series C onfiguration Guide 4 -109 4.5.4.8 clear l acp static Use this command to remove specific ports from a Link Aggregation Group. clear lacp static lagportstring port-string Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This [...]
-
Page 346
Configuring LACP Configuring Link Aggreg ation 4-1 10 Matrix NSA Series Configuration Guide 4.5.4.9 show lacp singleportlag Use this command to display the stat us of the single port LAG function. show lacp singleportlag Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example sho[...]
-
Page 347
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series Configuration Guide 4-1 1 1 4.5.4.10 set singlepo rtlag Use this command to enable or disable the form ation of single port LAGs. When enabled, this maintains LAGs when only one port is rece iving protoc ol transmissions from a partner . set lacp singleportlag { enable | disable } Syn[...]
-
Page 348
Configuring LACP Configuring Link Aggreg ation 4-1 12 Matrix NSA Series Configuration Guide 4.5.4.1 1 clear si ngleportlag Use this command to reset the single port LAG function back to the default state of disabled. clear lacp singleportlag Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Ex[...]
-
Page 349
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series Configuration Guide 4-1 13 4.5.4.12 show port lacp Use this command to display link aggregation information for one or more underlying physical ports. show port lacp port port-string {[ status { detail | sum mary }] | [ counters ]} [ sort { port | lag }] Synt ax Description Command De[...]
-
Page 350
Configuring LACP Configuring Link Aggreg ation 4-1 14 Matrix NSA Series Configuration Guide Examples This example shows how to display detailed LACP status information f or port fe.1.12: This example shows how to display summarized LACP status informa tion for port fe.1.12: Matrix(rw)-> show port lacp por t fe.1.12 status detail Port Instance: f[...]
-
Page 351
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series Configuration Guide 4-1 15 This example shows how to display LACP counters for port fe.1.12: Matrix(rw)-> show port lac p port fe.1.12 counters Port Instance: fe.1.12 LACPDUsRx: 0 MarkerPDUsRX: 0 LACPDUsTx: 0 MarkerPDUsTx: 0 IllegalRx: 0 MarkerResponsePDUsRx: 0 UnknownRx: 0 MarkerR[...]
-
Page 352
Configuring LACP Configuring Link Aggreg ation 4-1 16 Matrix NSA Series Configuration Guide 4.5.4.13 set p ort lacp Use this command to set link aggr egation parameters for one or more ports. These settings will determine the specified underlying physical ports’ ability to join a LAG , and their administrative state once aggregated. set port lacp[...]
-
Page 353
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series Configuration Guide 4-1 17 asyspri asyspri Sets the port’ s actor system priority . The LACP implementation on the Matrix Series device uses this value to determine aggregation precedence when there are two devices competing for the same aggregator . V alid values are 0 - 65535 , wi[...]
-
Page 354
Configuring LACP Configuring Link Aggreg ation 4-1 18 Matrix NSA Series Configuration Guide Command Default s • At least one parameter must be entered per port-string. • If enable or disabl e are not specified, port(s) w ill be enabled with the LACP parameters entered. Command T ype Switch command. Command Mode Read-W rite. Example This example[...]
-
Page 355
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series Configuration Guide 4-1 19 4.5.4.14 clear port lacp Use this command to clear link aggreg ation settings for one or more ports. clear port lacp port port-string {[ aadminkey ] [ ap ortpri ] [ asyspri ] [ aadminstate { lacpactive | lacptimeout | lacpagg | lacpsync | lacpcollec t | lacp[...]
-
Page 356
Configuring LACP Configuring Link Aggreg ation 4-120 Matrix NSA Series Configuration Guide Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to clear all link aggregation parameters for port ge.3.16: padminstate lacpactive | lacptimeout | lacpagg | lacpsync | lacpcollect | lacpdist | lacp[...]
-
Page 357
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series C onfiguration Guide 4 -121 4.5.4.15 show lacp flowRegeneration Use this command to display th e LACP flow regeneration st ate. show lacp flowR egeneration Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example sho[...]
-
Page 358
Configuring LACP Configuring Link Aggreg ation 4-122 Matrix NSA Series Configuration Guide 4.5.4.16 set lacp flowRegeneration Use this command to enab le or disable LACP flow regeneration. When en abled and a ne w port joins a link aggregation group (LAG), LACP will redistribute all existing flows over the LAG . It will also attempt to load balance[...]
-
Page 359
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series C onfiguration Guide 4 -123 4.5.4.17 clear lacp flowRegeneration Use this command to reset LACP flow rege neration to its default state (disabled). clear lacp flowRegeneration Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Exa[...]
-
Page 360
Configuring LACP Configuring Link Aggreg ation 4-124 Matrix NSA Series Configuration Guide 4.5.4.18 show lacp outportAlgorithm Use this command to display the current LACP outport algorithm. show lacp outportAlgorithm Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows [...]
-
Page 361
Configuring LACP Configuring Link Aggrega tion Matrix NSA Series C onfiguration Guide 4 -125 4.5.4.19 set lacp outportAlgorithm Use this command to set the algorithm L ACP will use for outport determination. set lacp outportAlgorithm {d ip-sip | da-sa | round-robin} Synt ax Description Command Default s None. Command T ype Switch command. Command M[...]
-
Page 362
Configuring LACP Configuring Link Aggreg ation 4-126 Matrix NSA Series Configuration Guide 4.5.4.20 clear lacp outportAlgorithm Use this command to reset LACP to DI P-SIP , its de fault outport algorithm. clear lacp outportAlgorithm Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example Thi[...]
-
Page 363
Matrix NSA Series Configu ration Guide 5-1 5 SNMP Configuration This chapter describes the Simple Network Mana gement Protoc ol (SNMP) set of command s and how to use them. 5.1 SNMP CONFIGURATION SUMMARY SNMP is an application-layer protocol that f acilitates the exchange of management information between network device s. SNMP enables network admi[...]
-
Page 364
SNMP Configuration Summa ry SNMPv3 5-2 Matrix NSA Series Configuration Guide Does not apply to MA TRIX E7. 5.1.2 SNMPv3 SNMPv3 is an interoperable stan dards-based protocol tha t provid es secure access to de vices by authenticating and encrypting frames over the network. The adva nced security feat ures provided in SNMPv3 are as follows: • Messa[...]
-
Page 365
SNMP Configuration Summary Using SNMP Contexts to Access Sp ecific MIBs or Routing Modu les Matrix NSA Series Configuration Gui de 5-3 5.1.4 Using SNMP Context s to Access Specific MIBs or Routing Modules By default, when operating from the switch CLI, Matrix Series devices allow access to all SNMP MIBs or contexts. A context is a collection of MI [...]
-
Page 366
SNMP Configuration Summa ry Using SNMP Contexts to Access Specific MIBs or Ro uting Modules 5-4 Matrix NSA Series Configuration Guide All SNMP contexts known to the de vice ca n be di splayed us ing the show snmp context command as described in Section 5.3.4.2 . Examples This example permits the “powergroup” to manage all MIBs via SNMPv3: This [...]
-
Page 367
Process Overview: SNMP Co nfiguration Reviewing SNMP St a tistics Matrix NSA Series Configuration Gui de 5-5 5.2 PROCESS OVERVIEW : SNMP CONFIGURATION Use the following steps as a guide to configuring SNMP on the devic e: 1. Reviewing SNMP statistics ( Section 5.3.1 ) 2. Configuring SNMP users, groups and communities ( Section 5.3.2 ) 3. Configurin[...]
-
Page 368
SNMP Configuration Command Set Reviewing SNMP St a tistics 5-6 Matrix NSA Series Configuration Guide 5.3.1.1 show snmp engineid Use this command to display the SNMP local engine ID. This is the SNMP v3 engine’ s administratively unique identifier . show snmp engineid Synt ax Description None. Command Default s None. Command T ype Switch command. [...]
-
Page 369
SNMP Configuration Command Set Reviewing SNMP St a tistics Matrix NSA Series Configuration Gui de 5-7 5.3.1.2 show snmp counters Use this command to display SNMP traf fic counter values. show snmp counters Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows how to displ[...]
-
Page 370
SNMP Configuration Command Set Reviewing SNMP St a tistics 5-8 Matrix NSA Series Configuration Guide Ta b l e 5 - 3 shows a detailed explanation of the co mmand output. snmpOutBadValues = 0 snmpOutGenErrs = 0 snmpOutGetRequests = 0 snmpOutGetNexts = 0 snmpOutSetRequests = 0 snmpOutGetResponses = 39660 1 snmpOutTraps = 0 snmpSilentDrops = 0 snmpProx[...]
-
Page 371
SNMP Configuration Command Set Reviewing SNMP St a tistics Matrix NSA Series Configuration Gui de 5-9 snmpInASNParseErrs Number of ASN.1 (Abstract Syntax Notation) or BER (Bas ic Encoding R ule s) errors encountered by the SNMP entity when decoding received SNMP messages. snmpInTooBigs Number o f SNMP PDUs delivered to the SNMP protocol entity with[...]
-
Page 372
SNMP Configuration Command Set Reviewing SNMP St a tistics 5-10 Matrix NSA Series Configuration Guide snmpInGetResponses Number of SN MP Get-Response PDUs a ccepted and processed by the SNMP protocol entity . snmpInTraps Number of SNMP T rap PDUs ac cepted and processed by the SNMP protocol entity . snmpOutTooBigs Number of SNMP PDUs generated by t[...]
-
Page 373
SNMP Configuration Command Set Reviewing SNMP St a tistics Matrix NSA Series Configuration Guide 5-1 1 snmpProxyDrops Number of SNMP Get, Set, or Inform request error messages that were dropped because the reply was larger than the proxy tar g et’ s maximum message size. usmStatsUnsupporte dSec Levels Number of packets received by the SNMP engine[...]
-
Page 374
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities 5-12 Matrix NSA Series Configuration Guide 5.3.2 Configuring SNMP Users, Group s and Communities Purpose T o review and configure SNMP users, groups an d v1 and v2 commun ities. These are defined as follows: • User — A person registered in SNMPv3 to access SNMP manage[...]
-
Page 375
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities Matrix NSA Series Configuration Guide 5-13 5.3.2.1 sho w snmp user Use this command to display info rmation about SNMP users. These are people registered to access SNMP managemen t. show snmp user [ list ] | [ user ] | [ remote re m o t e ] [ volatile | nonvolatile | read[...]
-
Page 376
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities 5-14 Matrix NSA Series Configuration Guide Examples This example shows how to di splay an SNMP user list: This example shows how to display in formation for the SNMP “guest” user: Ta b l e 5 - 4 shows a detailed explanation of the co mmand output. Matrix(rw)-> show[...]
-
Page 377
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities Matrix NSA Series Configuration Guide 5-15 5.3.2.2 set snmp user Use this command to create a new SN MPv3 user . set snmp user user [ remote r emoteid ] [ authentication { md5 | sha }] [ authpasswor d ] [ privacy privpasswor d ] [ volatile | nonvolatile ] Synt ax Descript[...]
-
Page 378
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities 5-16 Matrix NSA Series Configuration Guide Example This example shows how to create a new SNMP user named “netops ”. By default , this user will be registered on the local SNMP engine without authentication and encryption. Entries related to this user will be stored i[...]
-
Page 379
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities Matrix NSA Series Configuration Guide 5-17 5.3.2.3 clear snmp user Use this command to remove a user from the SNMPv3 security-model list. clear snmp user user [ remote re m o t e ] Synt ax Description Command Default s If remote is not specified, the user will be removed [...]
-
Page 380
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities 5-18 Matrix NSA Series Configuration Guide 5.3.2.4 show snmp group Use this command to display an SNMP group conf ig uration. An SNMP group i s a collection of SNMPv3 users who share the same access privileges . show snmp group [ groupname gr oupname ] [ user user ] [ sec[...]
-
Page 381
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities Matrix NSA Series Configuration Guide 5-19 Example This example shows how to di splay SNMP group information: Ta b l e 5 - 5 shows a detailed explanatio n of the command output. Matrix(rw)-> show snmp group --- SNMP group information --- Security model = SNMPv1 Securit[...]
-
Page 382
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities 5-20 Matrix NSA Series Configuration Guide 5.3.2.5 set snmp group Use this command to create an SN MP group. This associates SNMPv3 users to a group that shares common access privileges. set snmp group gr oupname user user security-model { v1 | v2c | usm } [ volatile | no[...]
-
Page 383
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities Matrix NSA Series Configuration Guide 5-21 5.3.2.6 clear snmp group Use this command to clear SNMP group settings globally or fo r a specific SNMP group and user . clear snmp group gr oupname user [ security-model { v1 | v2c | usm }] Synt ax Description Command Default s [...]
-
Page 384
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities 5-22 Matrix NSA Series Configuration Guide 5.3.2.7 show snmp community Use this command to display SNMP community names and status. In SNMPv1 and v2, community names act as passwor ds to remote managem ent. show snmp community [ name ] Synt ax Description Command Default [...]
-
Page 385
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities Matrix NSA Series Configuration Guide 5-23 5.3.2.8 set snmp community Use this command to configur e an SNMP commun ity grou p. set snmp community community [ securityname securityname ] [ context context ] [ transport tran sport ] [ volatile | nonvolatile ] Synt ax Descr[...]
-
Page 386
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities 5-24 Matrix NSA Series Configuration Guide Command Mode Read-W rite. Examples This example shows how to set an SNMP community name called “vip”: This example shows how to grant SNMP manageme nt privileges to “v ip ” community from routing module 1 when operating i[...]
-
Page 387
SNMP Configuration Command Set Configuring SNMP Users, Groups and Communities Matrix NSA Series Configuration Guide 5-25 5.3.2.9 clear snmp community Use this command to delete an SNMP community name. clear snmp community name Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example sh[...]
-
Page 388
SNMP Configuration Command Set Configuring SNMP Access Ri ghts 5-26 Matrix NSA Series Configuration Guide 5.3.3 Configuring SN MP Access Right s Purpose T o review and configure SN MP ac cess rights, assi gning viewing privileges and security levels to SNMP user group s. Commands The commands used to review and configure SNMP access are lis ted bel[...]
-
Page 389
SNMP Configuration Command Set Configuring SNMP Access Rights Matrix NSA Series Configuration Guide 5-27 5.3.3.1 sho w snmp access Use this command to display access rights and secu rity levels configured for SNMP one or more groups. show snmp access [ gr oupname ] [security-model {v1 | v2c | usm} ] [noauthentication | authentication | privacy ] [ [...]
-
Page 390
SNMP Configuration Command Set Configuring SNMP Access Ri ghts 5-28 Matrix NSA Series Configuration Guide Command Mode Read-Only . Example This example shows how to di splay SNMP access information: Ta b l e 5 - 6 shows a detailed explanation of the co mmand output. Matrix(rw)-> show snmp access Group = SystemAdmin Security model = USM Security [...]
-
Page 391
SNMP Configuration Command Set Configuring SNMP Access Rights Matrix NSA Series Configuration Guide 5-29 Security level Security level applie d to this group. V alid levels are: • noAuthNoPrivacy ( no authentication required) • AuthNoPrivacy ( authentication required) • authPriv ( privacy -- most secure level) Read View Name of the view that [...]
-
Page 392
SNMP Configuration Command Set Configuring SNMP Access Ri ghts 5-30 Matrix NSA Series Configuration Guide 5.3.3.2 set snmp access Use this command to set an SNMP access configuration. set snmp access gr oupn ame security-model { v1 | v2c | usm } [ noauthentication | authentication | privacy ] [ context context ] [ exact | prefix ] [ read re a d ] [[...]
-
Page 393
SNMP Configuration Command Set Configuring SNMP Access Rights Matrix NSA Series Configuration Guide 5-31 Command Default s • If security level is not specified, no authentication will be applied. • If context is not specified, access will be enabled for the default context. If context is specified without a conte xt match, exact match will be a[...]
-
Page 394
SNMP Configuration Command Set Configuring SNMP Access Ri ghts 5-32 Matrix NSA Series Configuration Guide 5.3.3.3 clear snmp access Use this command to clear the SNMP access entr y of a specific group, including its set SNMP security-model, and level of security . clear snmp access gr oupname security-model { v1 | v2c | usm } [ noauthentication | a[...]
-
Page 395
SNMP Configuration Command Set Configuring SNMP MIB Views Matrix NSA Series Configuration Guide 5-33 5.3.4 Configuring SNMP MIB Vi ews Purpose T o review and configure SNMP MIB views. SNMP views map SNMP objects to access rights. Commands The commands used to review and configure SNMP MIB views are listed below and described in the associated secti[...]
-
Page 396
SNMP Configuration Command Set Configuring SNMP MIB Views 5-34 Matrix NSA Series Configuration Guide 5.3.4.1 show snmp view Use this command to display the MIB configuration for SNMPv3 view-based access (V ACM). show snmp view [ viewname ] [ subtree oid-or-mibobject ] [ volatil e | nonvolatile | read-only ] Synt ax Description Command Default s If [...]
-
Page 397
SNMP Configuration Command Set Configuring SNMP MIB Views Matrix NSA Series Configuration Guide 5-35 Example This example shows how to display SNMP MIB view configuration information: Ta b l e 5 - 7 provides an explanation of t he command output. For details on using the set snmp view command to assign variables, refer to Section 5.3.4.3 . Matrix(r[...]
-
Page 398
SNMP Configuration Command Set Configuring SNMP MIB Views 5-36 Matrix NSA Series Configuration Guide 5.3.4.2 show snmp context Use this command to display the context list conf iguration for SNMP’ s view-based acces s control. An SNMP context is a collection of management information that can be accessed by an SNMP agent or entity . The default c[...]
-
Page 399
SNMP Configuration Command Set Configuring SNMP MIB Views Matrix NSA Series Configuration Guide 5-37 5.3.4.3 set snmp view Use this command to set a MIB configur ation for SNMPv3 view-based access (V ACM). set snmp view viewname viewname subtree subtr ee [ mask mask ] [ included | excluded ] [ volatile | nonvolatile ] Synt ax Description Command De[...]
-
Page 400
SNMP Configuration Command Set Configuring SNMP MIB Views 5-38 Matrix NSA Series Configuration Guide 5.3.4.4 clear snmp view Use this command to delete an SNMPv3 MIB view . clear snmp view viewname subtr ee Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to de lete S[...]
-
Page 401
SNMP Configuration Command Set Configuring SNMP T arget Parameters Matrix NSA Series Configuration Guide 5-39 5.3.5 Configuring SNMP T arget Parameters Purpose T o review and configure SNMP tar get parame ters. This controls whe re and under what circumstances SNMP notifications will be sent. A t arget parameter entry can be bound to a tar get IP a[...]
-
Page 402
SNMP Configuration Command Set Configuring SNMP T arget Parameters 5-40 Matrix NSA Series Configuration Guide 5.3.5.1 show snmp t a rgetp arams Use this command to display SNMP parameters used to generate a message to a target. show snmp targetparams [ tar getParams ] [ volatile | nonvolatile | read-only ] Synt ax Description Command Default s • [...]
-
Page 403
SNMP Configuration Command Set Configuring SNMP T arget Parameters Matrix NSA Series Configuration Guide 5-41 Example This example shows how to display SN MP tar get parameters information: Ta b l e 5 - 8 shows a detailed explanatio n of the command output. Matrix(rw)-> show snmp targetparams --- SNMP TargetParams information --- Target Paramete[...]
-
Page 404
SNMP Configuration Command Set Configuring SNMP T arget Parameters 5-42 Matrix NSA Series Configuration Guide S torage type Whether entry is stored in volatile , non volatile or read-only memory . Row status Status of this entry: active , notInService, or notReady . T a ble 5- 8 sho w snmp t a rgetparams Output Details (Contin ued) Output What It D[...]
-
Page 405
SNMP Configuration Command Set Configuring SNMP T arget Parameters Matrix NSA Series Configuration Guide 5-43 5.3.5.2 set snmp t argetp arams Use this command to set SNMP tar get parameters , a named set of security/authorization criteria used to generate a message to a target. set snmp targetparams paramsname user user security-model { v1 | v2c | [...]
-
Page 406
SNMP Configuration Command Set Configuring SNMP T arget Parameters 5-44 Matrix NSA Series Configuration Guide Example This example shows how to set SNMP target pa rameters named “v1ExampleParams” for a user named “fred” us ing version 3 security mode l and message processing, and authentication : Matrix(rw)-> set snmp targetparams v1Exam[...]
-
Page 407
SNMP Configuration Command Set Configuring SNMP T arget Parameters Matrix NSA Series Configuration Guide 5-45 5.3.5.3 clear snmp t argetpa rams Use this command to clear the SNMP tar get paramete r config uratio n. clear snmp targetparams tar getParams Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rit[...]
-
Page 408
SNMP Configuration Command Set Configuring SNMP T arget Addresses 5-46 Matrix NSA Series Configuration Guide 5.3.6 Configuring SNMP T arget Addresses Purpose T o review and configure SNMP target addresses which will receive SNMP notification messages. An address configur ation can be lin ked to optional SNMP transmit, or tar get, parameters (such a[...]
-
Page 409
SNMP Configuration Command Set Configuring SNMP T arget Addresses Matrix NSA Series Configuration Guide 5-47 5.3.6.1 show snmp t arget addr Use this command to display SN MP tar get address information. show snmp targetaddr [ tar getAddr ] [ volatile | nonvolatile | read-only ] Synt ax Description Command Default s • If tar get Addr is not specif[...]
-
Page 410
SNMP Configuration Command Set Configuring SNMP T arget Addresses 5-48 Matrix NSA Series Configuration Guide T a bl e 5- 9 sho w snm p target addr Outpu t Details Output What It Displays... Target Address Name Unique identifie r in the snmpT ar getAddressT able . Tag List T ags a loca tion to the tar get address as a place to send notifications. IP[...]
-
Page 411
SNMP Configuration Command Set Configuring SNMP T arget Addresses Matrix NSA Series Configuration Guide 5-49 5.3.6.2 set snmp t arget addr Use this command to configure an SNMP tar get ad dress. The target address is a unique identifier and a specific IP address that will receive SN MP notification messages and determine which community strings wil[...]
-
Page 412
SNMP Configuration Command Set Configuring SNMP T arget Addresses 5-50 Matrix NSA Series Configuration Guide Command Default s • If not specified, udpp ort will be set to 162 . • If not specified, mask will be set to 255.255.255.255 • If not specified, timeout will be set to 1500 . • If not specified, number of r etries will be set to 3 . ?[...]
-
Page 413
SNMP Configuration Command Set Configuring SNMP T arget Addresses Matrix NSA Series Configuration Guide 5-51 5.3.6.3 clear snmp t argetaddr Use this command to delete an SNM P tar get addre ss entry . clear snmp targetaddr tar getAddr Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This ex[...]
-
Page 414
SNMP Configuration Command Set Configuring SNMP Notification Para meters 5-52 Matrix NSA Series Configuration Guide 5.3.7 Configuring SNMP Notification Parameters Purpose T o configure SNMP notification parameters and optional filters. Notifications are entities which handle the generation of SNMP v1 and v2 “traps ” or SNMP v3 “informs” mes[...]
-
Page 415
SNMP Configuration Command Set Configuring SNMP Notifi cation Parameters Matrix NSA Series Configuration Guide 5-53 5.3.7.1 show snmp notify Use this command to display the SNMP notif y configurat ion, which determines which management tar gets will receive SNMP notifications. show snmp notify [ notify ] [ volatile | nonvolatile | read-only ] Synt [...]
-
Page 416
SNMP Configuration Command Set Configuring SNMP Notification Para meters 5-54 Matrix NSA Series Configuration Guide Ta b l e 5 - 1 0 shows a detailed expla na tion of the comm an d output. T a ble 5- 10 sh ow snmp notify Output Deta ils Output What It Displays... Notify name A unique identifier us ed to index the SNMP notify table. Notify Tag Name [...]
-
Page 417
SNMP Configuration Command Set Configuring SNMP Notifi cation Parameters Matrix NSA Series Configuration Guide 5-55 5.3.7.2 set snmp notify Use this command to set the SNMP notify configurat i on. This creates an entry in the SNMP notify table, which is used to select mana gement tar g ets who should receive notification messages. This command’ s[...]
-
Page 418
SNMP Configuration Command Set Configuring SNMP Notification Para meters 5-56 Matrix NSA Series Configuration Guide 5.3.7.3 clear snmp notify Use this command to clear an SNMP notify configuration. clear snmp notify notify Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows [...]
-
Page 419
SNMP Configuration Command Set Configuring SNMP Notifi cation Parameters Matrix NSA Series Configuration Guide 5-57 About SNMP Notify Filters Profiles indicating which tar gets should not receive SNMP notification messages are kept in the NotifyFilter table. If this table is empty , meaning that no filtering is associated with any SNMP targ et, the[...]
-
Page 420
SNMP Configuration Command Set Configuring SNMP Notification Para meters 5-58 Matrix NSA Series Configuration Guide 5.3.7.4 show snmp notifyfilter Use this command to display SNMP notify filter informat ion, identifying which profiles will not receive SNMP notifications. show snmp notifyfilter [ pr ofile ] [subtree oid-or -mibobject ] [volatile | n[...]
-
Page 421
SNMP Configuration Command Set Configuring SNMP Notifi cation Parameters Matrix NSA Series Configuration Guide 5-59 5.3.7.5 set snmp notifyfilter Use this command to create an SNMP notify filter configuration. This identifies which management targets should NOT receive notific ation messages, which is useful for fine-tuning the amount of SNMP traff[...]
-
Page 422
SNMP Configuration Command Set Configuring SNMP Notification Para meters 5-60 Matrix NSA Series Configuration Guide 5.3.7.6 clear snmp notifyfilter Use this command to delete an SNMP notify filter configuration. clear snmp notifyfilter pr ofile subtree oid-or -mibobject Synt ax Description Command Default s None. Command T ype Switch command. Comma[...]
-
Page 423
SNMP Configuration Command Set Configuring SNMP Notifi cation Parameters Matrix NSA Series Configuration Guide 5-61 5.3.7.7 show snmp notifyprofile Use this command to display SNMP notify profile information. Th is associates tar get parameters to an SNMP notify filter to determine who should not receive SNMP notifications. show snmp notifyprofile [...]
-
Page 424
SNMP Configuration Command Set Configuring SNMP Notification Para meters 5-62 Matrix NSA Series Configuration Guide 5.3.7.8 set snmp notifyprofile Use this command to create an SNMP notify f ilter profile configuration. This associates a notification filter, created with the set snmp notifyfilter command ( Section 5 .3.7.5 ), to a set of SNMP targe[...]
-
Page 425
SNMP Configuration Command Set Configuring SNMP Notifi cation Parameters Matrix NSA Series Configuration Guide 5-63 5.3.7.9 clear snmp notifyprofile Use this command to delete an SNM P notify profile configuratio n. clear snmp notifyprofile pr ofile target param tar g etparam Synt ax Description Command Default s None. Command T ype Switch command.[...]
-
Page 426
SNMP Configuration Command Set Creating a Basic SNMP T rap Configuration 5-64 Matrix NSA Series Configuration Guide 5.3.8 Creating a Basic SN MP T rap Configuration T raps are notification messages sent by an SNMPv1 or v2 agent to a network management station, a console, or a terminal to indica te the occurrence of a significant event, such as when[...]
-
Page 427
SNMP Configuration Command Set Creating a Basic SNMP T rap Configura tion Matrix NSA Series Configuration Guide 5-65 Example This example shows how to: • create an SNMP community called mgmt • configure a trap notification called TrapSink This trap notification will be sent with the communit y name mgmt to the workstation 192.168.190.8 0 (which[...]
-
Page 428
SNMP Configuration Command Set Creating a Basic SNMP T rap Configuration 5-66 Matrix NSA Series Configuration Guide 4. Verifies that the v2ExampleParams description of how to step th rough the door is, in fact, there. The agent checks targetparams entries and determines this description was made with the set snmp targetparams command, which tells e[...]
-
Page 429
Matrix NSA Series Configu ration Guide 6-1 6 Spanning T ree Configuration This chapter describes the Spanning T ree Config uration se t of commands and how to use them. 6.1 SP ANNING T REE CO NFIGURATION SUMMARY 6.1.1 Overview: Single, Rapid an d Multiple S panning T ree Protocols The IEEE 802.1D Spanning T ree Protocol (STP) resolves the problems [...]
-
Page 430
Spanning T ree Configuration Summary Spanning T ree Fe atures 6-2 Matrix NSA Series Configuration Guide only if the forwarding link goe s do wn. MSTP assigns each VLAN present on the network to a particular Spanning T ree instance, allowing each switch port to be in a distinct state for each such instance: blocking for one Spanni ng T ree while for[...]
-
Page 431
Spanning T ree Configuration Summary Loop Protect Matrix NSA Series Configuration Gui de 6-3 Both upstream and downstream facing ports are pr otected. When a root or alternate port loses its path to the root bridge due to a message age expi ration it takes on the role of designated port. It will not forward traffic until a BPDU is received. When a [...]
-
Page 432
Spanning T ree Configuration Summary Process Overview: Spanning T ree Configuration 6-4 Matrix NSA Series Configuration Guide Message age expiration and the expiration of the Loop Protect timer are both Loop Protect events. A notice level syslog message is produced for each su ch event. T ra ps may be configured to report these events as well. A sy[...]
-
Page 433
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Gui de 6-5 6.2 SP ANNING T REE CONF IGURATION COMMAND SET 6.2.1 Configuring Sp anning T ree Bridge Parameters Purpose T o di spla y and set Spanning T ree bridge parame ters, including device priorities, hello time, maximum wait ti[...]
-
Page 434
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-6 Matrix NSA Series Configuration Guide • set spantree mstcfgid ( Section 6.2.1.19 ) • clear spantree mstcfgid ( Section 6.2.1.20 ) • show spantree bridgeprioritymode ( Section 6.2.1.21 ) • set spantree bridgeprioritymode ( Section 6.2.1.22 ) • clear [...]
-
Page 435
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Gui de 6-7 • set spantree tctrapsuppress ( Section 6.2.1.46 ) • clear spantree tctrapsuppress ( Section 6.2.1.47 ) • show spantree txholdcount ( Section 6.2.1.48 ) • set spantree txholdcount ( Section 6.2.1.49 ) • clear s[...]
-
Page 436
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-8 Matrix NSA Series Configuration Guide • clear spantree newroottrapenable ( Section 6.2.1.73 ) • clear spantree default ( Section 6.2.1.74 ) • show spantree debug ( Section 6.2.1.75 ) • clear spantree debug ( Section 6.2.1.76 )[...]
-
Page 437
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Gui de 6-9 6.2.1.1 show spantree st ats Use this command to display Spanning T ree information for one or more ports. show spantree stats [ port port-string ] [ sid sid ] [ active ] Synt ax Description Command Default s • If port[...]
-
Page 438
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-10 Matrix NSA Series Configuration Guide Examples This example shows how to display the device’ s Spanning T ree configuration: Ta b l e 6 - 1 s hows a detailed explanation of command output. Matrix(rw)-> show spantree sta ts Spanning tree status - enabled[...]
-
Page 439
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-1 1 Root Forward Delay Amount of time (in seconds) the root devi ce spends in listening or learn ing mode. Bridge ID MAC Address Unique bridge MAC address, recognized by all bridges in the network. Bridge ID Priority Bridge[...]
-
Page 440
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-12 Matrix NSA Series Configuration Guide This example shows how to display port-specific Spanning T ree inform ation for port ge.1.1. Ta b l e 6 - 2 desc ribes the port-specific information displayed. Matrix(rw)-> show spantree sta ts port ge.1.1 Spanning tr[...]
-
Page 441
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-13 Role Th e Spanning T ree role of the port. The port rol e is assigned b y the Spanning T ree protocol and determines the behavior of the port — eith er sending or receivin g BPDUs, and forwarding or blocking data traf [...]
-
Page 442
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-14 Matrix NSA Series Configuration Guide 6.2.1.2 show sp antree versio n Use this command to display the current version of the Spanning Tree proto col running on the device. show spantree version Synt ax Description None. Command Default s None. Command T ype [...]
-
Page 443
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-15 6.2.1.3 set sp antree version Use this command to set the version of the Span ning Tree protocol to MSTP (Multiple Spanning Tree Protocol), RSTP (Rapid Spanning Tree Protocol) or to STP 802.1D-compatible. set spantree ve[...]
-
Page 444
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-16 Matrix NSA Series Configuration Guide 6.2.1.4 clear sp antree version Use this command to reset the Span ning T ree version to MSTP mode. clear spantree version Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read[...]
-
Page 445
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-17 6.2.1.5 show spantree stpmode Use this command to display the Spanning T ree Protocol (STP) mode setting. show spantree st pmode Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mod[...]
-
Page 446
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-18 Matrix NSA Series Configuration Guide 6.2.1.6 set sp an tree stpmode Use this command to globally enable or disable the Spanning T ree Protocol (STP) mode. set spantree stpmode { none | ieee8021 } Synt ax Description Command Default s None. Command T ype Swi[...]
-
Page 447
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-19 6.2.1.7 clear spantree stpmode Use this command to reset the Sp anning T ree protocol mode to the default sett ing of IEEE802.1 . This re-enables Spanning T ree. clear spantree stpmode Synt ax Description None. Command D[...]
-
Page 448
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-20 Matrix NSA Series Configuration Guide 6.2.1.8 show sp antree maxco nfigurablestps Use this command to display the setting for the maximum number of user configurable Spanning T ree instances. show spantree maxconfigurablestps Synt ax Description None. Comman[...]
-
Page 449
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-21 6.2.1.9 set sp antree maxconfigu rablestp s Use this command to set the maximum number of user configurable Spanning T ree instances. set spantree maxconfigurablestps numstps Synt ax Description Command Default s None. C[...]
-
Page 450
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-22 Matrix NSA Series Configuration Guide 6.2.1.10 clear sp antree maxconfigurablestp s Use this command to clear the setting for the maximu m number of user configurable Spanning T ree instances. clear spantree maxconfigurablestps Synt ax Description None. Comm[...]
-
Page 451
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-23 6.2.1.1 1 show spantree mstilist Use this command to display a list of Multiple Sp anning T ree (MST) instan ces configured on the device. show spantree mstilist Synt ax Description None. Command Default s None. Command [...]
-
Page 452
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-24 Matrix NSA Series Configuration Guide 6.2.1.12 set sp antree msti Use this command to create or delete a Multiple Spanning T ree instance. set spantree msti sid sid { create | delete } Synt ax Description Command Default s None. Command T ype Switch command.[...]
-
Page 453
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-25 6.2.1.13 clear sp antree msti Use this command to delete one or mo re Multiple Spanning T ree instances. clear spantree msti sid Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read[...]
-
Page 454
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-26 Matrix NSA Series Configuration Guide 6.2.1.14 show spantree mstmap Use this command to display the mapping of a f iltering database ID (FID) to a Spanning T rees. Since VLANs are mapped to FIDs, this shows to which SID a VLAN is mapped. show spantree mstmap[...]
-
Page 455
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-27 6.2.1.15 set sp antree mstmap Use this command to map one or more fi ltering da tabase IDs (FIDs) to a SID. Since VLANs are mapped to FIDs, this essentially maps one or more VLAN IDs to a Spanning T ree (SID). set spantr[...]
-
Page 456
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-28 Matrix NSA Series Configuration Guide 6.2.1.16 clear spantree mstmap Use this command to map a FID back to SID 0. clear spantree mstmap fid Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This examp[...]
-
Page 457
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-29 6.2.1.17 show sp antree vlanl ist Use this command to display the VLAN ID(s ) assigned to one or more Spanning T ree s. show spantree vlanlist [ vlan-list ] Synt ax Description Command Default s If not specified, SID ass[...]
-
Page 458
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-30 Matrix NSA Series Configuration Guide 6.2.1.18 show spantree mstcfgid Use this command to display the MST configuration identifier elemen ts, including format selector , configuration name, revision level, and configuration digest. show spantree mstcfgid Syn[...]
-
Page 459
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-31 6.2.1.19 set sp antree mstcfgi d Use this command to set the MST config urati on name and/or revision level. set spantree mstcfgid { cfgname name | rev level } Synt ax Description Command Default s None. Command T ype Sw[...]
-
Page 460
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-32 Matrix NSA Series Configuration Guide 6.2.1.20 clear spantree mstcfgid Use this command to reset the MST revision level to a default value of 0, and the configuration name to a default string representing the bridge MAC address. clear spantree mstcfgid Synt [...]
-
Page 461
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-33 6.2.1.21 show sp antree bridgeprioritymode Use this command to display the Spanning T ree bridge priority mode setting. show spantree bridgeprioritymode Synt ax Description None. Command Default s None. Command T ype Swi[...]
-
Page 462
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-34 Matrix NSA Series Configuration Guide 6.2.1.22 set sp antree bridgeprioritymod e Use this command to set the Spanning Tree bridge pr iority mode to 802.1D (le gacy) or 802. 1t. This will af fect the range of priority values used to dete rmine which device is[...]
-
Page 463
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-35 6.2.1.23 clear sp antree bridg epri oritymode Use this command to reset the Span ning T ree bridge priority mode to the default setting of 802.1t. clear spantree bridgeprioritymode Synt ax Description None. Command Defau[...]
-
Page 464
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-36 Matrix NSA Series Configuration Guide 6.2.1.24 show spantree priority Use this command to display the Spanning T ree bridge priority . show spantree priority [ sid ] Synt ax Description Command Default s If sid is not specified, priority w ill be shown for S[...]
-
Page 465
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-37 6.2.1.25 set sp antree pri ority Use this command to set the devi ce’ s Spanning T ree priority . The device with the highest priority (lowest numerical value) become s the Spanning T ree root device. If all devices ha[...]
-
Page 466
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-38 Matrix NSA Series Configuration Guide This example shows how to set the bridge priority to 15 on all SIDs with 8021t priority mode enabled: This example shows how to set the bridge priority to 4000 on all SIDs with 8021t priority mode enabled: This example s[...]
-
Page 467
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-39 6.2.1.26 clear sp antree priority Use this command to reset the Spanning T ree priority to the default value of 32768. clear spantree priority [ sid ] Synt ax Description Command Default s If sid is not specified, priori[...]
-
Page 468
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-40 Matrix NSA Series Configuration Guide 6.2.1.27 show spantree bridgehellomode Use this command to display the status of bridge hello mode on the device. When enable d, a single bridge administrative hello time is being used. When disabled , pe r -port adminis[...]
-
Page 469
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-41 6.2.1.28 set sp antree bri dgehellomode Use this command to enable or disabl e bridge hello mode on the devi ce. set spantree bridgehellomode { enable | disab le } Synt ax Description Command Default s None. Command T yp[...]
-
Page 470
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-42 Matrix NSA Series Configuration Guide 6.2.1.29 clear spantree bridgehellomode Use this command to reset the Spanning T ree administrative hello mode to enabled. clear spantree bridgehellomode Synt ax Description None. Command Default s None. Command T ype Sw[...]
-
Page 471
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-43 6.2.1.30 show sp antree h ello Use this command to display th e Spanning T ree hello time. show spantree hello Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Exam[...]
-
Page 472
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-44 Matrix NSA Series Configuration Guide 6.2.1.31 set sp antree hello Use this command to set the device’ s Spanning T ree hello time, This is the time interval (in seconds) the device will transmit BP DUs indicating it is active. set spantree hello interval [...]
-
Page 473
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-45 6.2.1.32 clear sp antree hello Use this command to reset the Spanning T ree hello time to th e default value of 2 sec onds. clear spantree hello Synt ax Description None. Command Default s None. Command T ype Switch comm[...]
-
Page 474
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-46 Matrix NSA Series Configuration Guide 6.2.1.33 show spantree maxage Use this command to display the Sp anning T ree maximum aging time. show spantree maxage Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Onl[...]
-
Page 475
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-47 6.2.1.34 set sp antree maxag e Use this command to set the brid ge maximum aging time. This is the maximum time (in seconds) a device can wait without receiving a configuratio n message (bridge “hello”) before attemp[...]
-
Page 476
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-48 Matrix NSA Series Configuration Guide 6.2.1.35 clear spantree maxage Use this command to reset the ma ximum aging time for a Spanning T r ee to the default value of 20 seconds. clear spantree maxage Synt ax Description None. Command Default s None. Command T[...]
-
Page 477
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-49 6.2.1.36 show sp antree fw ddelay Use this command to display the Span ning T ree forward delay time. show spantree fwdde lay Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode R[...]
-
Page 478
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-50 Matrix NSA Series Configuration Guide 6.2.1.37 set sp antree fwddelay Use this command to set the Spanning T ree forwar d delay . This is the maximum time (in seconds) the root device will wait before changing states (i.e., listening to learning to forwardin[...]
-
Page 479
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-51 6.2.1.38 clear sp antree fwddelay Use this command to reset the Span ning T ree forward delay to the de fault setting of 15 seconds. clear spantree fwddelay Synt ax Description None. Command Default s None. Command T ype[...]
-
Page 480
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-52 Matrix NSA Series Configuration Guide 6.2.1.39 show spantree autoedge Use this command to display the status of automatic edge port detection. show spantree autoedge Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode[...]
-
Page 481
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-53 6.2.1.40 set sp antree aut oedge Use this command to enable or disable the au tomatic edge port detection function. set spantree autoedge { disable | enable } Synt ax Description Command Default s None. Command T ype Swi[...]
-
Page 482
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-54 Matrix NSA Series Configuration Guide 6.2.1.41 clear sp antree autoedge Use this command to reset automatic edge port detection to the default state of enabled. clear spantree autoedge Synt ax Description None. Command Default s None. Command T ype Switch co[...]
-
Page 483
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-55 6.2.1.42 show sp antree l egacyp athcost Use this command to display the defa ult S panning T ree path cost setting. show spantree legacypathcost Synt ax Description None. Command Default s None. Command T ype Switch com[...]
-
Page 484
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-56 Matrix NSA Series Configuration Guide 6.2.1.43 set sp antree legacyp athcost Use this command to enable or disable legacy (802.1D) path cost values. set spantree legacypathcost { disable | enable } Synt ax Description Command Default s None. Command T ype Sw[...]
-
Page 485
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-57 6.2.1.44 clear sp antree legacypathcost Use this command to set the Spanning T ree defau lt value for legacy path cost to 802.1t values. clear spantree legacypathcost Synt ax Description None. Command Default s None. Com[...]
-
Page 486
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-58 Matrix NSA Series Configuration Guide 6.2.1.45 show sp antree tctrapsuppress Use this command to display the status of topo logy change trap suppression on Rapid Spanning Tree edge ports. show spantree tctrapsuppress Synt ax Description None. Command Default[...]
-
Page 487
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-59 6.2.1.46 set sp antree tctrapsuppress Use this command to disable or enable topology change trap suppression on Rapid Spann ing Tree edge ports. By default, RSTP non-edge (bridge) ports that transition to forwardi ng or [...]
-
Page 488
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-60 Matrix NSA Series Configuration Guide 6.2.1.47 clear sp antree tctrap suppress Use this command to clear topology change trap suppression settings. clear spantree tctrapsuppress Synt ax Description None. Command Default s None. Command T ype Switch command. [...]
-
Page 489
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-61 6.2.1.48 show sp antree txholdcount Use this command to display the maxi mum BPDU transmission rate. show spantree txholdcount Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode [...]
-
Page 490
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-62 Matrix NSA Series Configuration Guide 6.2.1.49 set sp antree txholdcou nt Use this command to set the maximum BPDU tran smission rate. This is the number of BPDUs which will be transmitted be fore transmissions are subject to a one-second timer . set spantre[...]
-
Page 491
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-63 6.2.1.50 clear sp antree txhol dcou nt Use this command to reset the transmit hold count to the default value of 6. clear spantree txholdcount Synt ax Description None. Command Default s None. Command T ype Switch comman[...]
-
Page 492
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-64 Matrix NSA Series Configuration Guide 6.2.1.51 show spantree maxhop s Use this command to display the Spannin g T ree maximum hop count. show spantree maxhops Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-O[...]
-
Page 493
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-65 6.2.1.52 set sp antree maxhops Use this command to set the Spanning T ree maximum hop count. This is the maximum number of hops that the information for a particular Sp anning T ree instance may traverse (via relay of BP[...]
-
Page 494
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-66 Matrix NSA Series Configuration Guide 6.2.1.53 clear spantree maxhop s Use this command to reset the maximum hop count to the default value of 20. clear spantree maxhops Synt ax Description None. Command Default s None. Command T ype Switch command. Command [...]
-
Page 495
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-67 6.2.1.54 show sp antree sp anguard Use this command to display the status of the Spanning Tree span guard function. show spantree spanguard Synt ax Description None. Command Default s None. Command T ype Switch command. [...]
-
Page 496
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-68 Matrix NSA Series Configuration Guide 6.2.1.55 set sp antree sp an guard Use this command to enable or disable the Spanni ng Tree span guard functio n. When enabled, th is prevents an un authorized bridge from becoming part of the activ e Spanning Tre e topo[...]
-
Page 497
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-69 6.2.1.56 clear sp antree spanguard Use this command to resets the status of the Span ning Tree span guard function to disabled. clear spantree spanguard Synt ax Description None. Command Default s None. Command T ype Swi[...]
-
Page 498
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-70 Matrix NSA Series Configuration Guide 6.2.1.57 show sp antree spanguard timeout Use this command to display the Span ning Tree span guard timeout setting. show spantree spanguardtimeout Synt ax Description None. Command Default s None. Command T ype Switch c[...]
-
Page 499
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-71 6.2.1.58 set sp antree sp anguard timeout Use this command to set the amount of time (in sec onds) an edge port will remain lock ed by the span guard function. set spantree spanguardtimeout timeout Synt ax Description Co[...]
-
Page 500
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-72 Matrix NSA Series Configuration Guide 6.2.1.59 clear spantree sp ang uard timeout Use this command to reset the Spanning Tree span guard timeout to the default value of 300 seconds. clear spantree spanguardtimeout Synt ax Description None. Command Default s [...]
-
Page 501
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-73 6.2.1.60 show sp antree sp anguardlock Use this command to display the span gu ard lock status of one or more ports. show spantree spanguardlock port-string Synt ax Description Command Default s None. Command T ype Switc[...]
-
Page 502
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-74 Matrix NSA Series Configuration Guide 6.2.1.61 clear / set sp antree sp anguardlock Use either of these commands to unlock one or more ports locked by the Spanning Tree span guard function. When sp an guard is enab led, it locks ports that receive BP DUs whe[...]
-
Page 503
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-75 6.2.1.62 show sp antree sp anguard trapenable Use this command to displays the state of the Spanning Tree sp an guard trap functi on. show spantree spanguardtrapenable Synt ax Description None. Command Default s None. Co[...]
-
Page 504
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-76 Matrix NSA Series Configuration Guide 6.2.1.63 set sp antree sp an guard trap enable Use this command to enable or disable the sending of an SNMP trap message when span guard detects that an unauthorized port has tried to join the Spanning Tree. set spantree[...]
-
Page 505
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-77 6.2.1.64 clear sp antree spanguard trap enable Use this command to reset the Spanning Tree span guard trap functio n back to the default stat e of enabled. clear spantree spanguardtrapenable Synt ax Description None. Com[...]
-
Page 506
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-78 Matrix NSA Series Configuration Guide 6.2.1.65 show spantree backuproot Use this command to display the state of the Spanning T ree backup root functio n. show spantree backuproot [ sid] Synt ax Description Command Default s If sid is not specified, status w[...]
-
Page 507
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-79 6.2.1.66 set sp antree backup root Use this command to enable or di sable the Spanning T ree ba ckup root function. Ena bled by default on bridge(s) directly connected to the root brid ge, this prevents stale Spanning T [...]
-
Page 508
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-80 Matrix NSA Series Configuration Guide 6.2.1.67 clear spantree backuproot Use this command to reset the Spanning T ree backup root function to the default state of disabled. clear spantree backuproot sid Synt ax Description Command Default s None. Command T y[...]
-
Page 509
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-81 6.2.1.68 show sp antree backuproottrapendable Use this command to display the state of th e Spanning T ree backup root trap function. show spantree backuproottrapenable Synt ax Description None. Command Default s None. C[...]
-
Page 510
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-82 Matrix NSA Series Configuration Guide 6.2.1.69 set sp antree backuproottrapenable Use this command to enable or disable the Spanning T ree backup root trap function. When SNMP trap messageing is configured, this sends a trap message whe n the back up root fu[...]
-
Page 511
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-83 6.2.1.70 clear sp antree backuproottrapenable Use this command to resets the Spanning T ree ba ckup root trap function to the default state of disabled. clear spantree backuproottrapenable . Synt ax Description None. Com[...]
-
Page 512
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-84 Matrix NSA Series Configuration Guide 6.2.1.71 show spantree newroottrapendable Use this command to display the state of the Spanning T ree new root trap function . show spantree newroottrapenable Synt ax Description None. Command Default s None. Command T y[...]
-
Page 513
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-85 6.2.1.72 set sp antree new roottrapenable Use this command to enable or disable the Spannin g T ree ne w root trap function. When SNMP trap messaging is configured, this sends a trap message when a Spanning T ree becomes[...]
-
Page 514
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-86 Matrix NSA Series Configuration Guide 6.2.1.73 clear sp antree newroottrapenable Use this command to reset the Spanning T ree new ro ot trap function back to the default state of enabled. clear spantree newroottrapenable Synt ax Description None. Command Def[...]
-
Page 515
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-87 6.2.1.74 clear sp antree default Use this command to restore default values to a Spanning T ree. clear spantree default [ sid ] Synt ax Description Command Default s If sid is not specified, defaults will be restored on [...]
-
Page 516
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-88 Matrix NSA Series Configuration Guide 6.2.1.75 show spantree debug Use this command to display Spanning T ree debug cou nters for one or more ports. show spantree debug [ port port-string ] [ sid sid ] [ active ] Synt ax Description Command Default s • If [...]
-
Page 517
Spanning T ree Configuration Command Set Configuring Spanning T r ee Bridge Parameters Matrix NSA Series Configuration Guide 6-89 Example This example shows how to di spla y Spanning T ree debug counters for link ag gre gation port 3, SID 0: Matrix(rw)-> show spantree debug port lag.0.3 STP Diagnostic Common Counters fo r SID 0 -----------------[...]
-
Page 518
Spanning T ree Configuration Command Set Configuring Spanning T ree Brid ge Parameters 6-90 Matrix NSA Series Configuration Guide 6.2.1.76 clear spantree debug Use this command to clear Spanning T ree debug counters. clear spantree debug Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Exampl[...]
-
Page 519
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series Configuration Guide 6-91 6.2.2 Configuring Sp anning T ree Port Parameters Purpose T o di spla y and set Spanning T ree port parameters, including en abling or disabling the Sp anning T ree algorithm on one or more ports, displaying des ignated br[...]
-
Page 520
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-92 Matrix NSA Series Configuration Guide • show spantree adminedge ( Section 6.2.2.19 ) • set spantree adminedge ( Section 6.2.2.20 ) • clear spantree adminedge ( Section 6.2.2.21 ) • show spantree operedge ( Section 6.2.2.22 ) • show spantree adminpoint[...]
-
Page 521
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series Configuration Guide 6-93 6.2.2.1 sho w sp antree porten able Use this command to display the port stat us on one or more Spanning T re e po rts. show spantree portenable [port port-string ] Synt ax Description Command Default s If port-string is n[...]
-
Page 522
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-94 Matrix NSA Series Configuration Guide 6.2.2.2 set sp an tree portenab le Use this command to set the port status on one or more Spanning T ree ports. set spantree portenable port-string { enable | disable } Synt ax Description Command Default s None. Command T [...]
-
Page 523
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series Configuration Guide 6-95 6.2.2.3 clear spantree portenable Use this command to reset the default value for one or more Spanning T ree ports to enabled. clear spantree portenable port-string Synt ax Description Command Default s None. Command T ype[...]
-
Page 524
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-96 Matrix NSA Series Configuration Guide 6.2.2.4 show sp antree po rt admin Use this command to display the status of th e Spann ing T ree algorithm on one or more ports. show spantree portadmin [ port port-string ] Synt ax Description Command Default s If port-st[...]
-
Page 525
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series Configuration Guide 6-97 6.2.2.5 set sp antree port admin Use this command to disable or enable the Sp anning T ree algorithm on one or more ports. set spantree portadmin port-stri ng {disable | enable} Synt ax Description Command Default s None. [...]
-
Page 526
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-98 Matrix NSA Series Configuration Guide 6.2.2.6 clear sp antree port ad min Use this command to reset the default Spanning T ree admin status to enable on one or more ports. clear spantree portadmin port-string Synt ax Description Command Default s None. Command [...]
-
Page 527
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series Configuration Guide 6-99 6.2.2.7 set sp antree pro tomigration Use this command to reset the protocol state migration machine for one or more Spanning T ree ports. When operating in RSTP mode, this forces a port to transmit MSTP BPDUs. set spantre[...]
-
Page 528
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-100 Matrix NSA Series Configuration Guide 6.2.2.8 show sp antree po rt state Use this command to display the state (blocking, forwarding, etc.) for a port on one or more Spanning T rees. show spantree portstate [ port port-string ] [ sid sid ] Synt ax Description [...]
-
Page 529
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series C onfiguration Guide 6 -101 6.2.2.9 sho w sp antree blockedport s Use this command to display the blocked ports in a Spanning T ree. A port in this state does not participate in the transmission of frames, thus preventing duplicat ion arising thro[...]
-
Page 530
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-102 Matrix NSA Series Configuration Guide 6.2.2.10 show spantree portpri Use this command to show the Spanning T ree priority for one or more ports. Port priority is a component of the port ID, which is one elemen t used in determinin g Spanning T ree port roles. [...]
-
Page 531
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series C onfiguration Guide 6 -103 6.2.2.1 1 set spantree portpri Use this command to set a port’ s Spanning T ree priority . set spantree portpri port-string priority [ sid sid ] Synt ax Description Command Default s If sid is not specified, port prio[...]
-
Page 532
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-104 Matrix NSA Series Configuration Guide 6.2.2.12 clear spantree portpri Use this command to reset the bridge priority of a Spanning T ree port to a default value of 128. clear spantree portpri port-string [ sid sid ] Synt ax Description Command Default s If sid [...]
-
Page 533
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series C onfiguration Guide 6 -105 6.2.2.13 set sp antree porthell o Use this command to set the hello tim e for one or more Spanning T ree ports. This is the time interval (in seconds) the port(s) will transmit BPDUs. set spantree porthello port-string [...]
-
Page 534
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-106 Matrix NSA Series Configuration Guide 6.2.2.14 clear spantree porthello Use this command to reset the hello time for one or more Spanning T ree ports to the default of 2 seconds. clear spantree porthello port-string Synt ax Description Command Default s None. [...]
-
Page 535
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series C onfiguration Guide 6 -107 6.2.2.15 show sp antree p ortcost Use this command to display cost values assign ed to one or m ore Spanning T re e ports. show spantree portcost [ port port-string ] [ sid sid ] Synt ax Description Command Default s ?[...]
-
Page 536
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-108 Matrix NSA Series Configuration Guide 6.2.2.16 show spantree adminp athcost Use this command to display the admin path cost for a port on one or more Spanning T rees. show spantree adminpathcost [ port port-string ] [ sid sid ] Synt ax Description Command Defa[...]
-
Page 537
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series C onfiguration Guide 6 -109 6.2.2.17 set sp antree adminpathcost Use this command to set the administrative path cost on a port and one or more Spanning T rees. set spantree adminpathcost port-string cost [ sid sid ] Synt ax Description Command De[...]
-
Page 538
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-1 10 Matrix NSA Series Configuration Guide 6.2.2.18 clear spantree adminp athcost Use this command to reset the Spanning T ree de fault value for port admin path cost to 0. clear spantree adminpathcost port-string [ sid sid ] Synt ax Description Command Default s [...]
-
Page 539
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series Configuration Guide 6-1 1 1 6.2.2.19 show sp antree admi nedge Use this command to display the edge port administrative status for a port. show spantree adminedge [ port port-string ] Synt ax Description Command Default s If port-string is not spe[...]
-
Page 540
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-1 12 Matrix NSA Series Configuration Guide 6.2.2.20 set sp antree adminedge Use this command to set the edge port administrative status on a Spanning T ree port. set spantree adminedge port-string {true | false} Synt ax Description Command Default s None. Command [...]
-
Page 541
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series Configuration Guide 6-1 13 6.2.2.21 clear sp antree adminedg e Use this command to reset a Spanning T ree port to non-edge status. clear spantree adminedge port-string Synt ax Description Command Default s None. Command T ype Switch command. Comma[...]
-
Page 542
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-1 14 Matrix NSA Series Configuration Guide 6.2.2.22 show spantree operedge Use this command to display the Spanning T r ee edge port operating status for a port. show spantree operedge [ port port-string] Synt ax Description Command Default s If port-string is not[...]
-
Page 543
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series Configuration Guide 6-1 15 6.2.2.23 show sp antree adminpoint Use this command to display the administrative poi nt-to-point status of the LAN segment attached to a Spanning T ree port. show spantree adminpoint [ port port-string] Synt ax Descript[...]
-
Page 544
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-1 16 Matrix NSA Series Configuration Guide 6.2.2.24 show spantree operpoint Use this command to display the op erating point-to-point status of the LAN segment attached to a port. show spantree operpoint [ port port-string] Synt ax Description Command Default s If[...]
-
Page 545
Spanning T ree Configuration Command Set Configuring Spanning T re e Port Parameters Matrix NSA Series Configuration Guide 6-1 17 6.2.2.25 set sp antree adminp oint Use this command to set the administrativ e point-to-point status of the LAN segment attached to a Spanning T ree port. set spantree adminpoint port-string {true | false | auto} Synt ax[...]
-
Page 546
Spanning T ree Configuration Command Set Configuring Spanning T ree Port Parameters 6-1 18 Matrix NSA Series Configuration Guide 6.2.2.26 clear spantree adminpoint Use this c ommand to reset the administrative point-to-poi nt status of the LAN se gment attached to a Spanning T ree port to auto mode. clear spantree adminpoint port-string Synt ax Des[...]
-
Page 547
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series Configuration Guide 6-1 19 6.2.3 Configuring Sp anning T ree Loop Protect Features Purpose T o display and set Spanning T ree Loop Protect pa ra meters, including the glob al parameters of Loop Protect threshold, window , enablin g traps, an[...]
-
Page 548
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-120 Matrix NSA Series Configuration Guide • set spantree disputedbpduthreshold ( Section 6.2.3.18 ) • show spantree disput edbpduthreshold ( Section 6.2.3.19 ) • clear spantree disputedbpduthreshold ( Section 6.2.3.20 ) • show spantree nonforwarding[...]
-
Page 549
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -121 6.2.3.1 set sp antree lp Use this command to enable or disable the Loop Protect feature per port and optionally , per SID. The Loop Protect feature is d i sabled by default. See “Loo p Prote ct” on page 6-2 fo[...]
-
Page 550
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-122 Matrix NSA Series Configuration Guide 6.2.3.2 show sp antree lp Use this command to display the Loop Protect status p er port and/or per SID. show spantree lp [ port port-string ] [ sid sid ] Synt ax Description Command Default s If no port-string is sp[...]
-
Page 551
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -123 6.2.3.3 clear spantree lp Use this command to return the Loop Protect st atus per port and optionally , per SID, to its default state of disabled. clear spantree lp port-string [ sid sid ] Synt ax Description Comm[...]
-
Page 552
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-124 Matrix NSA Series Configuration Guide 6.2.3.4 show sp antree lpl ock Use this command to display the Loop Protect lo ck status per port an d/or per SID. A port can become locked if a configure d number of Loop Protect events occur during the configured [...]
-
Page 553
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -125 6.2.3.5 clear sp antree lplock Use this command to manually un lock a blocked port and optionally , per SID. The default state is unlocked . clear spantree lplock port-string [ sid sid ] Synt ax Description Comman[...]
-
Page 554
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-126 Matrix NSA Series Configuration Guide 6.2.3.6 set sp an tree lpcapablep artner Use this command to specify per port whether the link partner is Loop Protect capable. See “Loop Protect” on page 6-2 for more information. set spantree lpcapablepartner [...]
-
Page 555
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -127 Example This example shows how to set the Loop Prot ect capable partner to true for ge.1.1: Matrix(rw)-> set spantree lpcapablepartner ge.1.1 true[...]
-
Page 556
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-128 Matrix NSA Series Configuration Guide 6.2.3.7 show sp antree lpcapablep artner Use this command to the Loop Protect capab ility of a link partner for one or more ports. show spantree lpcapablepartner [ port port-string ] Synt ax Description Command Defa[...]
-
Page 557
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -129 6.2.3.8 clear spantree lpcap abl epartner Use this command to reset the Loop Protect capability of port link partners to the default state of false. clear spantree lpcapablepartner port-string Synt ax Description [...]
-
Page 558
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-130 Matrix NSA Series Configuration Guide 6.2.3.9 set spantree lpthreshold Use this command to set the Loop Protect event threshold. set spantree lpthreshold value Synt ax Description Command Default s None. The default event threshold is 3. Command T ype S[...]
-
Page 559
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -131 6.2.3.10 show sp antree lpthreshold Use this command to display the current value of the Loop Protect event threshold. show spantree lpthre shold Synt ax Description None. Command Default s None. Command T ype Swi[...]
-
Page 560
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-132 Matrix NSA Series Configuration Guide 6.2.3.1 1 clear sp antree lp threshold Use this command to return the Loop Protect event threshold to its default value of 3. clear spantree lpthreshold Synt ax Description None. Command Default s None. Command T yp[...]
-
Page 561
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -133 6.2.3.12 set sp antree lpw indow Use this command to set the Loop Pr otect event window value in seconds. set spantree lpwindow value Synt ax Description Command Default s None. Command T ype Switch command. Comma[...]
-
Page 562
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-134 Matrix NSA Series Configuration Guide 6.2.3.13 show spantree lpwindow Use this command to display the curre nt Loop Protect event window value. show spantree lpwindow Synt ax Description None. Command Default s None. Command T ype Switch command. Comman[...]
-
Page 563
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -135 6.2.3.14 clear sp antree lpwin dow Use this command to reset the Loop Protect even t window to the default value of 180 seconds. clear spantree lpwindow Synt ax Description None. Command Default s None. Command T [...]
-
Page 564
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-136 Matrix NSA Series Configuration Guide 6.2.3.15 set sp antree lptrapenable Use this command to enable or disable Loop Protect event notification. set spantree lptrapenable { enable | disable } Synt ax Description Command Default s None. Command T ype Swi[...]
-
Page 565
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -137 6.2.3.16 show sp antree l ptrapenable Use this command to display the current st atus of Loop Protect event notification. show spantree lptrapenable Synt ax Description None. Command Default s None. Command T ype [...]
-
Page 566
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-138 Matrix NSA Series Configuration Guide 6.2.3.17 clear spantree lptrapenable Use this command to return the Loop Protect e vent notification state to its default sta te of disabled. clear spantree lptrapenable Synt ax Description None. Command Default s N[...]
-
Page 567
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -139 6.2.3.18 set sp antree disputedbp duthreshold Use this command to set the disp uted BPDU threshold, which is the number of disputed BPDUs that must be received on a given por t/SID until a disputed BPDU trap is se[...]
-
Page 568
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-140 Matrix NSA Series Configuration Guide Example This example shows how to set the disputed BPDU threshold value to 5: Matrix(rw)-> set spantree disput edbpduthreshold 5[...]
-
Page 569
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -141 6.2.3.19 show sp antree disputedbpduthreshold Use this command to display the current value of the disputed BPDU threshold. show spantree disputedbpduthreshold Synt ax Description None. Command Default s None. Com[...]
-
Page 570
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-142 Matrix NSA Series Configuration Guide 6.2.3.20 clear sp antree disputedbp duthreshold Use this command to return the disputed BPDU thresh old to its de fault value of 0, meaning that disputed BPDU traps shou ld no t be sent. clear spantree disputedbpdut[...]
-
Page 571
Spanning T ree Configuration Command Set Configuring Spanning T ree Loop Protect F eatures Matrix NSA Series C onfiguration Guide 6 -143 6.2.3.21 show sp antree nonforwardingreason Use this command to display the reason for placing a port in a non-forwarding state due to an exceptional condition. show spantree nonforwardingreason [ port port-string[...]
-
Page 572
Spanning T ree Configuration Command Set Configuring Spanning T ree L oop Protect Features 6-144 Matrix NSA Series Configuration Guide[...]
-
Page 573
Matrix NSA Series Configu ration Guide 7-1 7 802.1Q VLAN Configuration This chapter describes the Matrix system’ s ca pabilities to implement 802.1Q virtual LANs (VLANs). It documents how to: • Create, enable, disable and name a VLAN. • Review status and other in formation related to VLANs. • Assign ports to a VLAN and filter unwanted frame[...]
-
Page 574
Process Overview: 802.1Q VLAN Configuration Port S t ring Syntax Used in the CLI 7-2 Matrix NSA Series Configuration Guide 7.1.2 Port St ring Synt ax Used in the CLI For information on how to designate port numbers in the CLI syntax, refer to Section 4.1.1 . 7.2 PROCESS OVERVIEW: 802 .1Q VLAN CONFIGURATION Use the following steps as a guid e to con[...]
-
Page 575
VLAN Configura tion Command Set Reviewing Existing VLANs Matrix NSA Series Configuration Gui de 7-3 7.3 VLAN CONFIGURATION COMMAND SET 7.3.1 Reviewing Existing VLANs Purpose T o display a list of VLANs currently configured on the device , to determine how one or more VLANs were created, the ports allowed and disallo wed to transmit traffic belongin[...]
-
Page 576
VLAN Configuration Command Set Reviewing Existing VL ANs 7-4 Matrix NSA Series Configuration Guide 7.3.1.1 show vlan Use this command to display all informatio n related to one or more VLANs. show vlan [static ] [ vlan-list ] Synt ax Description Command Default s If no options are specified, all information related to static and dynamic VLANs will [...]
-
Page 577
VLAN Configura tion Command Set Reviewing Existing VLANs Matrix NSA Series Configuration Gui de 7-5 Example This example shows how to display informatio n for VLAN 1. In this case, VLAN 1 is named “DEF AUL T VLAN” and it is enabled to operate. Ports allowed to transmit frames belonging to VLAN 1 are listed as egress ports. Ports that won’ t i[...]
-
Page 578
VLAN Configuration Command Set Creating and Naming S tatic VLANs 7-6 Matrix NSA Series Configuration Guide 7.3.2 Creating and Naming St atic VLANs Purpose T o create a ne w static VLAN, or to enable or disable existing VLAN(s). Commands The commands used to create and name static VLANs are list ed b elow and described in the associated section as s[...]
-
Page 579
VLAN Configura tion Command Set Creating and Naming S tatic VLANs Matrix NSA Series Configuration Gui de 7-7 7.3.2.1 set vlan Use this command to create a new static IEEE 802 .1Q VLAN, or to enable or disable an existing VLAN. Once a VLAN is created, you can assign it a name using the set vlan name command described in Section 7.3.2.2 . set vlan {c[...]
-
Page 580
VLAN Configuration Command Set Creating and Naming S tatic VLANs 7-8 Matrix NSA Series Configuration Guide 7.3.2.2 set vlan name Use this command to set or change the ASCII name for a new or existing VLAN. set vlan name vlan-list vlan-name Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example Th[...]
-
Page 581
VLAN Configura tion Command Set Creating and Naming S tatic VLANs Matrix NSA Series Configuration Gui de 7-9 7.3.2.3 clear vlan Use this command to remove a static VLAN from the list of VLANs reco gnized by the device. clear vlan vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example Th[...]
-
Page 582
VLAN Configuration Command Set Creating and Naming S tatic VLANs 7-10 Matrix NSA Series Configuration Guide 7.3.2.4 clear vlan name Use this command to remove the name of a VLAN from the VLAN list. clear vlan name vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows[...]
-
Page 583
VLAN Configura tion Command Set Assigning Port VLAN ID s (PVID s) and Ingress Filterin g Matrix NSA Series Configuration Guide 7-1 1 7.3.3 Assigning Port VLAN IDs (P VIDs) and Ingress Filtering About P VIDs and Policy Classification to a VLAN Port VLAN IDs (PVIDs) assign VLAN IDs to untagg ed frames on one or more ports. Using the set port vlan com[...]
-
Page 584
VLAN Configuration Command Set Assigning Port VLAN IDs (PVIDs) and Ingress Filtering 7-12 Matrix NSA Series Configuration Guide • show port discard ( Section 7.3.3.9 ) • set port discard ( Section 7.3.3.10 ) • clear port discard ( Section 7.3.3.1 1 )[...]
-
Page 585
VLAN Configura tion Command Set Assigning Port VLAN ID s (PVID s) and Ingress Filterin g Matrix NSA Series Configuration Guide 7-13 7.3.3.1 sho w port vlan Use this command to display port VLAN identif ier (PVID) information. PVID determines the VLAN to which all untagged frames received on one or more ports will be classified. show port vlan [ por[...]
-
Page 586
VLAN Configuration Command Set Assigning Port VLAN IDs (PVIDs) and Ingress Filtering 7-14 Matrix NSA Series Configuration Guide 7.3.3.2 set port vlan Use this command to configure the PVID (port VL AN identifier) for one or more ports. The PVID is used to classify untagged frames as they ingress into a given port. If the specified VLAN has not alre[...]
-
Page 587
VLAN Configura tion Command Set Assigning Port VLAN ID s (PVID s) and Ingress Filterin g Matrix NSA Series Configuration Guide 7-15 Example This exampl e sho ws how to add fe.1. 10 to th e port VLAN list of VLAN 4 (PVID 4). Since VLAN 4 is a new VLAN, it is created. T hen port fe.1.1 0 is added to VLAN 4’ s untagged egress list, and is cleared fr[...]
-
Page 588
VLAN Configuration Command Set Assigning Port VLAN IDs (PVIDs) and Ingress Filtering 7-16 Matrix NSA Series Configuration Guide 7.3.3.3 clear port vlan Use this command to reset a port’ s 802.1Q port VLAN ID (PVID) to the host VLAN ID 1. clear port vlan port-string Synt ax Description Command Default s None. Command T ype Switch command. Command [...]
-
Page 589
VLAN Configura tion Command Set Assigning Port VLAN ID s (PVID s) and Ingress Filterin g Matrix NSA Series Configuration Guide 7-17 7.3.3.4 sho w vlan interface Use this command to display the MIB -II inter face entry mapped to a VLAN. show vlan interface [ vlan-list ] Synt ax Description Command Default s If vlan-list is not specified, MIB2 interf[...]
-
Page 590
VLAN Configuration Command Set Assigning Port VLAN IDs (PVIDs) and Ingress Filtering 7-18 Matrix NSA Series Configuration Guide 7.3.3.5 set vlan interface Use this command to create, disable or enables a MIB-II interfa ce mapped to a VLAN. set vlan interface vlan-list { create | disable | enable } [ volatile ] Synt ax Description Command Default s [...]
-
Page 591
VLAN Configura tion Command Set Assigning Port VLAN ID s (PVID s) and Ingress Filterin g Matrix NSA Series Configuration Guide 7-19 7.3.3.6 clear vlan interface Use this command to clear the MIB -II interface entry ma pped to a VLAN. clear vlan interface vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mod[...]
-
Page 592
VLAN Configuration Command Set Assigning Port VLAN IDs (PVIDs) and Ingress Filtering 7-20 Matrix NSA Series Configuration Guide 7.3.3.7 show port ingress filter Use this command to show all ports that are en abled for port ingress filte ring, which limits incoming VLAN ID frames according to a port VLAN egress lis t. If the VLAN ID spec ified in th[...]
-
Page 593
VLAN Configura tion Command Set Assigning Port VLAN ID s (PVID s) and Ingress Filterin g Matrix NSA Series Configuration Guide 7-21 7.3.3.8 set port ingress filter Use this command to discard all frames received w ith a VLAN ID that don’t match the port’ s VLAN egress list. When ingress filtering is enabled on a port, the VLAN IDs of incoming f[...]
-
Page 594
VLAN Configuration Command Set Assigning Port VLAN IDs (PVIDs) and Ingress Filtering 7-22 Matrix NSA Series Configuration Guide 7.3.3.9 show port discard Use this command to display the frame discard mode for one or more ports. Ports can be set to discard frames based on whether or not they contain a VLAN tag. They can also be set to discard both f[...]
-
Page 595
VLAN Configura tion Command Set Assigning Port VLAN ID s (PVID s) and Ingress Filterin g Matrix NSA Series Configuration Guide 7-23 7.3.3.10 set port discard Use this command to set the frame di scard mode on one or more ports. s et port discar d port-string { tagged | untagged | none | both } Synt ax Description Command Default s None. Command T y[...]
-
Page 596
VLAN Configuration Command Set Assigning Port VLAN IDs (PVIDs) and Ingress Filtering 7-24 Matrix NSA Series Configuration Guide 7.3.3.1 1 clear po rt discard Use this command to reset the frame discard mode to the factory default setting (none). clear port discard port-string Synt ax Description Command Default s None. Command T ype Switch command.[...]
-
Page 597
VLAN Configura tion Command Set Configuring the VLAN Egress List Matrix NSA Series Configuration Guide 7-25 7.3.4 Configuring the VLAN Egress List Purpose T o assign or remove ports on the egress list of a pa rticular VLAN. This dete rmines which ports will be eligible to transmit frames for a particular VLAN. For example, port s 1, 5, 9 , 8 could [...]
-
Page 598
VLAN Configuration Command Set Configuring the VLAN Egress List 7-26 Matrix NSA Series Configuration Guide 7.3.4.1 show port egress Use this command to display the VLAN membership for one or more ports. show port egress [ port-string ] Synt ax Description Command Default s If port-string is not specified, VLAN membership will be displayed for all p[...]
-
Page 599
VLAN Configura tion Command Set Configuring the VLAN Egress List Matrix NSA Series Configuration Guide 7-27 7.3.4.2 set vlan egress Use this command to add ports to the VLAN egress list for the device, or to prevent one or more ports from participating in a VLAN. This de termines which ports will transmit frames for a particular VLAN. set vlan egre[...]
-
Page 600
VLAN Configuration Command Set Configuring the VLAN Egress List 7-28 Matrix NSA Series Configuration Guide This example shows how to forbid Fast Ethernet port s 13 through 1 5 in port group 1 fro m joining VLAN 7 and disallow egress on those ports: This example shows how to allo w Fast Ethernet port 2 in port group 1 to transmi t VLAN 7 frames as u[...]
-
Page 601
VLAN Configura tion Command Set Configuring the VLAN Egress List Matrix NSA Series Configuration Guide 7-29 7.3.4.3 clear vlan egress Use this command to remove ports from a VLAN’ s egress list. clear vlan egress vlan-list port-strin g [ forb idden ] Synt ax Description Command Default s If forbidden is not specified, tagged and un tagged sett in[...]
-
Page 602
VLAN Configuration Command Set Configuring the VLAN Egress List 7-30 Matrix NSA Series Configuration Guide 7.3.4.4 show vlan dynamic egress Use this command to display which VLANs are curre ntly enabled for VLAN dynamic egress. show vlan dynamicegre ss [ vlan-list ] Synt ax Description Command Default s If vlan-list is not specified, status for all[...]
-
Page 603
VLAN Configura tion Command Set Configuring the VLAN Egress List Matrix NSA Series Configuration Guide 7-31 7.3.4.5 set vlan dynamicegress Use this command to set the administrative status of one or more VLANs’ dynamic egress capability . If VLAN dynamic egress is enabled, the device will ad d the port receiving a tagged frame to the VLAN egr ess[...]
-
Page 604
VLAN Configuration Command Set Creating a Secure Ma nagement VLAN 7-32 Matrix NSA Series Configuration Guide 7.3.5 Creating a Secu re Management VLAN If the Matrix Series device is to be configur ed for multiple VL AN’ s, it may be desirable to configure a management-only VLAN. This allows a station connected to th e management VLAN to manage the[...]
-
Page 605
VLAN Configura tion Command Set Enabling/Disablin g GVRP Matrix NSA Series Configuration Guide 7-33 7.3.6 Enabling/Disabling GVRP Purpose T o dynamically create VLAN s across a switche d network. The GVRP (GARP VLAN Registratio n Protocol) command set is used to display GVRP configuration informatio n, the current global GVRP state setting, individ[...]
-
Page 606
VLAN Configuration Command Set Enabling/Disabli ng GVRP 7-34 Matrix NSA Series Configuration Guide Figure 7-1 Example of VLAN Prop agation via GVRP Configuring a VLAN on an 802.1Q switch creates a static VLAN entry . The entry will always remain registered and will not time out. Howe ver , dynamic entries will time-out and their registrations will [...]
-
Page 607
VLAN Configura tion Command Set Enabling/Disablin g GVRP Matrix NSA Series Configuration Guide 7-35 Commands The commands used to configure GVRP are listed be low and described in the associated section as shown. • show gvrp ( Section 7.3.6.1 ) • show garp timer ( Section 7.3.6.2 ) • set gvrp ( Section 7.3.6.3 ) • clear gvrp ( Section 7.3.6[...]
-
Page 608
VLAN Configuration Command Set Enabling/Disabli ng GVRP 7-36 Matrix NSA Series Configuration Guide 7.3.6.1 show gvrp Use this command to display GV RP configuration information. show gvrp [ port-string ] Synt ax Description Command Default s If port-string is not specified, GVRP confi guration information will be displayed for all ports and the dev[...]
-
Page 609
VLAN Configura tion Command Set Enabling/Disablin g GVRP Matrix NSA Series Configuration Guide 7-37 GVRP status Whether GV RP is enabled or disabled on the port. Last PDU Origin MAC addres s of the la st GVRP frame received on the port. T able 7-4 show gvrp Output Det ails (Continued) Output What It Displays...[...]
-
Page 610
VLAN Configuration Command Set Enabling/Disabli ng GVRP 7-38 Matrix NSA Series Configuration Guide 7.3.6.2 show garp timer Use this command to display GARP ti mer values for one or more ports. show garp timer [ port-string ] Synt ax Description Command Default s If port-string is not specified, GARP timer informa tion will be displayed for all port[...]
-
Page 611
VLAN Configura tion Command Set Enabling/Disablin g GVRP Matrix NSA Series Configuration Guide 7-39 Ta b l e 7 - 5 provides an explanation of t he command output. For details on using the set gvrp command to enable or disable GVRP , refer to Section 7.3.6.3 . For details on using the set garp timer command to change defa u lt timer values, refer to[...]
-
Page 612
VLAN Configuration Command Set Enabling/Disabli ng GVRP 7-40 Matrix NSA Series Configuration Guide 7.3.6.3 set gvrp Use this command to enable or disa ble GV RP globally on the device or on on e or more ports. set gvrp {enable | disable} [ port-string ] Synt ax Description Command Default s If port-string is not specified, GVRP will be disabled or [...]
-
Page 613
VLAN Configura tion Command Set Enabling/Disablin g GVRP Matrix NSA Series Configuration Guide 7-41 7.3.6.4 clear g vrp Use this command to clear GVRP status or on one or more ports. clear gvrp [ port-string ] Synt ax Description Command Default s If port-string is not specified, GVRP status will be cleared for all ports. Command T ype Switch comma[...]
-
Page 614
VLAN Configuration Command Set Enabling/Disabli ng GVRP 7-42 Matrix NSA Series Configuration Guide 7.3.6.5 set garp timer Use this command to adjust the values of the join, le ave, and leaveall timers. set garp timer {[j oin timer -value ] [leave timer-value ] [ leaveall timer -value ]} port-string Synt ax Description Command Default s None. Comman[...]
-
Page 615
VLAN Configura tion Command Set Enabling/Disablin g GVRP Matrix NSA Series Configuration Guide 7-43 This example shows how to set the leaveall timer value to 20000 centiseconds for all ports: Matrix(rw)-> set garp time r leaveall 20000 *.*.*[...]
-
Page 616
VLAN Configuration Command Set Enabling/Disabli ng GVRP 7-44 Matrix NSA Series Configuration Guide 7.3.6.6 clear garp timer Use this command to reset GARP timers back to default values. clear garp timer { [j oin ] [leave ] [ leaveall ]} port-string Synt ax Description Command Default s At least one optional para meter must be entered. Command T ype[...]
-
Page 617
Matrix NSA Series Configu ration Guide 8-1 8 Policy Classification Configuration This chapter describes the Policy Classificati on set of commands and how to use them. 8.1 POLICY CLASSIFICATION CONFIGURATION SUMMARY Matrix Series devices support policy profile-based provisioning of network reso urces by all owing IT administrators to: • Create, c[...]
-
Page 618
Process Overview: Policy Classification Configuratio n Configuring Policy Profil es 8-2 Matrix NSA Series Configuration Guide 8.2 PROCESS OVERVIEW: POLICY CLASSIFICATION CONFIGURATION Use the following steps as a guide to co nfigure policy classification on the device: 1. Configuring poli cy profiles ( Section 8.3.1 ) 2. Assigning classification ru[...]
-
Page 619
Policy Classification Configura tion Command Set Configuring Po licy Pro files Matrix NSA Series Configuration Gui de 8-3 • show policy syslog ( Section 8.3.1.1 1 ) • set policy syslog ( Section 8.3.1.12 ) • clear policy syslog ( Section 8.3.1.13 ) • set policy maptable ( Section 8.3.1.14 ) • show policy maptable ( Section 8.3.1.15 ) • [...]
-
Page 620
Policy Classification Con fig uration Command Set Configuring Policy Profil es 8-4 Matrix NSA Series Configuration Guide 8.3.1.1 show policy profile Use this command to display policy profile information. show policy profile { all | pr ofile-index [ consecutive-pids ] [ -verbose ]} Synt ax Description Command Default s If optional parameters are no[...]
-
Page 621
Policy Classification Configura tion Command Set Configuring Po licy Pro files Matrix NSA Series Configuration Gui de 8-5 Ta b l e 8 - 1 provides an explanation of th e command ou tpu t. T able 8-1 show policy profile Output Det ails Output What It Displays... Profile Index Number of the prolicy p rofile. Profile Name User-supplied name assigned to[...]
-
Page 622
Policy Classification Con fig uration Command Set Configuring Policy Profil es 8-6 Matrix NSA Series Configuration Guide 8.3.1.2 set policy profile Use this command to create a poli cy profile entry . set policy profile pr ofile-index [ name name ] [ pvid-status { enable | disable }] [ pvid pvid ] [ cos-status { enable | disable }] [ cos cos ] [ eg[...]
-
Page 623
Policy Classification Configura tion Command Set Configuring Po licy Pro files Matrix NSA Series Configuration Gui de 8-7 Command Default s If optional parameters are not specified, none will be applied. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to create a policy profile 1 named “netadmin” with PVID[...]
-
Page 624
Policy Classification Con fig uration Command Set Configuring Policy Profil es 8-8 Matrix NSA Series Configuration Guide 8.3.1.3 clear policy profile Use this command to dele te a policy profile entry . clear policy profile pr ofile-index Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example Thi[...]
-
Page 625
Policy Classification Configura tion Command Set Configuring Po licy Pro files Matrix NSA Series Configuration Gui de 8-9 8.3.1.4 show policy invalid Displays information ab out the action the device will apply on an invalid or unknown policy . show policy invalid { action | count | all } Synt ax Description Command Default s None. Command T ype Sw[...]
-
Page 626
Policy Classification Con fig uration Command Set Configuring Policy Profil es 8-10 Matrix NSA Series Configuration Guide 8.3.1.5 set policy invalid action Use this command to assign the action the device will apply to an invalid or unknown policy . set policy invalid action { default-policy | drop | forward } Synt ax Description Command Default s [...]
-
Page 627
Policy Classification Configura tion Command Set Configuring Po licy Pro files Matrix NSA Series Configuration Guide 8-1 1 8.3.1.6 clear policy invalid action Use this command to reset the action the device wi ll apply to an invalid or unknown p olicy to the default action of app lying the default po licy . clear policy invalid action Synt ax Descr[...]
-
Page 628
Policy Classification Con fig uration Command Set Configuring Policy Profil es 8-12 Matrix NSA Series Configuration Guide 8.3.1.7 set port tci overwrite Use this command to enable or disable the TCI overwrite function on o ne or more ports. When enabled, this allows policy rules to overwrite user priority and other cla ssification information in th[...]
-
Page 629
Policy Classification Configura tion Command Set Configuring Po licy Pro files Matrix NSA Series Configuration Guide 8-13 8.3.1.8 show policy accounting Use this command to display th e statu s of policy accounting. show policy accounting Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Exampl[...]
-
Page 630
Policy Classification Con fig uration Command Set Configuring Policy Profil es 8-14 Matrix NSA Series Configuration Guide 8.3.1.9 set policy accounting Use this command to enable or disa ble p olicy accounting, wh ic h controls the collection of classification rule statistics. This function is enabled by default. set policy accounting { enable | di[...]
-
Page 631
Policy Classification Configura tion Command Set Configuring Po licy Pro files Matrix NSA Series Configuration Guide 8-15 8.3.1.10 clear policy accounting Use this command to restore policy acco unting to its default state of enabled. clear policy accounting Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mod[...]
-
Page 632
Policy Classification Con fig uration Command Set Configuring Policy Profil es 8-16 Matrix NSA Series Configuration Guide 8.3.1.1 1 show policy syslog Use this command to show the formatting of rule usage messages . The messages will be either machine-readable or human-readable. show policy syslog machine-readable Synt ax Description Command Defaul[...]
-
Page 633
Policy Classification Configura tion Command Set Configuring Po licy Pro files Matrix NSA Series Configuration Guide 8-17 8.3.1.12 set policy syslog Use this command to set the rule usage messages as either machin e-readable or human-readable. set policy syslog machine-re adable {enable | disable} Synt ax Description Command Default s None. Command[...]
-
Page 634
Policy Classification Con fig uration Command Set Configuring Policy Profil es 8-18 Matrix NSA Series Configuration Guide 8.3.1.13 clear policy syslog Use this command to clear the rule usage messages to the default state of disabled (human-readable). clear policy syslog machine-readable Synt ax Description Command Default s None. Command T ype Swi[...]
-
Page 635
Policy Classification Configura tion Command Set Configuring Po licy Pro files Matrix NSA Series Configuration Guide 8-19 8.3.1.14 set policy mapt able Use this command to set the Set VLAN ID - Policy Profile mappings table. set policy maptable { vlan-list profile-index | response {tunnel | policy | both}} Synt ax Description Command Default s None[...]
-
Page 636
Policy Classification Con fig uration Command Set Configuring Policy Profil es 8-20 Matrix NSA Series Configuration Guide 8.3.1.15 show pol icy mapt able Use this command to display the VLAN ID - Policy Profile mappings table. show policy maptable vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read.[...]
-
Page 637
Policy Classification Configura tion Command Set Configuring Po licy Pro files Matrix NSA Series Configuration Guide 8-21 8.3.1.16 clear policy mapt able Use this command to clea r the VLAN ID - Policy Profile mappings table. clear policy maptable vlan-list | response Synt ax Description Command Default s None. Command T ype Switch command. Command[...]
-
Page 638
Policy Classification Con fig uration Command Set Assigning Classifica ti on Rules to Policy Profiles 8-22 Matrix NSA Series Configuration Guide 8.3.2 Assignin g Classification Rules to Policy Profiles Purpose T o review , assign and unassign classification an d admin rules. Classification rules map policy profiles to protoc ol-based frame filte r [...]
-
Page 639
Policy Classification Configura tion Command Set Assigning Classification Rules to Policy Profiles Matrix NSA Series Configuration Guide 8-23 8.3.2.1 show policy rule Use this command to display policy cla ssification and admin rule information. show policy rule [ attribute ] | [ all ] | [ admin-profile ] | [ pr ofile-index ] [ ether | ipdest | ipf[...]
-
Page 640
Policy Classification Con fig uration Command Set Assigning Classifica ti on Rules to Policy Profiles 8-24 Matrix NSA Series Configuration Guide Command Default s • If port-string , rule status, storage type, Sys log state, trap, and usage-list are not specified, all rules related to othe r specifications will be displayed. • If verbose is not [...]
-
Page 641
Policy Classification Configura tion Command Set Assigning Classification Rules to Policy Profiles Matrix NSA Series Configuration Guide 8-25 Examples This example shows how to display policy classif ication information for Ethernet type 2 rules: This example shows how to display admin rule information for the polic y profile with index number 1: T[...]
-
Page 642
Policy Classification Con fig uration Command Set Assigning Classifica ti on Rules to Policy Profiles 8-26 Matrix NSA Series Configuration Guide PortStr Ingress port(s) to which this rule applies. RS Whether or not the status o f th is rule is active (A), not in service or not ready . ST Whether or not this rule’ s st orage type is non-volatile ([...]
-
Page 643
Policy Classification Configura tion Command Set Assigning Classification Rules to Policy Profiles Matrix NSA Series Configuration Guide 8-27 8.3.2.2 show policy cap ability Use this command to display all policy classificati on capabilities su pported by your Matrix Series device. The output of this c ommand show s a table listing classifiable tra[...]
-
Page 644
Policy Classification Con fig uration Command Set Assigning Classifica ti on Rules to Policy Profiles 8-28 Matrix NSA Series Configuration Guide Matrix(rw)-> show policy capabil ity The following supports related to policy are supported in this device: VLAN Forwarding Priorit y Permit Deny TCI Overwrite Rule-Use Notification Rules Table Rule-Us [...]
-
Page 645
Policy Classification Configura tion Command Set Assigning Classification Rules to Policy Profiles Matrix NSA Series Configuration Guide 8-29 8.3.2.3 set policy classify Use this command to assign incomi ng untagged frames to a specif ic policy profile, classification and to VLAN or Class-of-Service classification rules. set policy classify pr ofil[...]
-
Page 646
Policy Classification Con fig uration Command Set Assigning Classifica ti on Rules to Policy Profiles 8-30 Matrix NSA Series Configuration Guide Command Default s • If mask is not specified, all data bits will be considered relevant. Command T ype Switch command. Command Mode Read-W rite. Examples This example shows how to use Ta b l e 8 - 3 to c[...]
-
Page 647
Policy Classification Configura tion Command Set Assigning Classification Rules to Policy Profiles Matrix NSA Series Configuration Guide 8-31 8.3.2.4 set policy rule Use this command to assign inco ming untagged frames to a specific policy profile and to VLAN or Class-of-Service classification rules. set policy rule admin-profile | pr ofile-index {[...]
-
Page 648
Policy Classification Con fig uration Command Set Assigning Classifica ti on Rules to Policy Profiles 8-32 Matrix NSA Series Configuration Guide Command Default s • If mask is not specified, all data bits will be considered relevant. tcpsourceport Classifies based on TCP source port . udpdestport Classifies based on UDP destination port . udpsour[...]
-
Page 649
Policy Classification Configura tion Command Set Assigning Classification Rules to Policy Profiles Matrix NSA Series Configuration Guide 8-33 • If port-string is not specified, rule will be scoped to all ports. Command T ype Switch command. Command Mode Read-W rite. Examples This example shows how to use Ta b l e 8 - 3 to cre ate (and enable) a c[...]
-
Page 650
Policy Classification Con fig uration Command Set Assigning Classifica ti on Rules to Policy Profiles 8-34 Matrix NSA Series Configuration Guide ipfrag Not applicable. Not applicable. ippr oto Protocol field in IP packet: 0 - 255 1 - 8 iptos T ype of Service field in IP packet: 0 - 255 1 - 8 llcDsapSsap DSAP/SSAP/CTRL field in llc: a-b-c-ab 1 - 40 [...]
-
Page 651
Policy Classification Configura tion Command Set Assigning Classification Rules to Policy Profiles Matrix NSA Series Configuration Guide 8-35 8.3.2.5 clear p olicy rule Use this command to delete one or all policy classification rule entries. clear policy rule admin-profile | pr ofile-index all-pid-entries | ether ipdest | ipfrag | ipproto | ipsour[...]
-
Page 652
Policy Classification Con fig uration Command Set Assigning Classifica ti on Rules to Policy Profiles 8-36 Matrix NSA Series Configuration Guide Command Default s When applicable, data , mask , and port-string must be specified for indiv idual rules to be cleared. Command T ype Switch command. Command Mode Read-W rite. Example This example shows ho[...]
-
Page 653
Policy Classification Configura tion Command Set Assigning Classification Rules to Policy Profiles Matrix NSA Series Configuration Guide 8-37 8.3.2.6 clear policy all-rules Use this command to remove all admin and classification rules. clear policy all-rules Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mod[...]
-
Page 654
Policy Classification Con fig uration Command Set Assigning Classifica ti on Rules to Policy Profiles 8-38 Matrix NSA Series Configuration Guide 8.3.2.7 set policy port Use this command to assign an administrative rule to a port. set policy port port-name admin-id Synt ax Description Command Default s None. Command T ype Switch command. Command Mod[...]
-
Page 655
Policy Classification Configura tion Command Set Assigning Classification Rules to Policy Profiles Matrix NSA Series Configuration Guide 8-39 8.3.2.8 show policy allowed-type Use this command to display a list of currently supported traffic rules applied to the admininstrative profile for one or more ports. show policy allowed-type port-string [ -v[...]
-
Page 656
Policy Classification Con fig uration Command Set Assigning Classifica ti on Rules to Policy Profiles 8-40 Matrix NSA Series Configuration Guide Example This example shows how to sh ow information about policie s allowed on po rt ge.1.5: Matrix(rw)-> show policy allowed -type ge.1.5 SUPPORTED AND ALLOWED TRAFFIC R ULE TYPES o Means Traffic Rule [...]
-
Page 657
Policy Classification Configura tion Command Set Assigning Classification Rules to Policy Profiles Matrix NSA Series Configuration Guide 8-41 8.3.2.9 set policy allowed-type Use this command to assign a list of traf fic rules that can be applie d to the admin profile for one or more ports. set policy allowed-type port-string traffic-rule rule-list [...]
-
Page 658
Policy Classification Con fig uration Command Set Assigning Classifica ti on Rules to Policy Profiles 8-42 Matrix NSA Series Configuration Guide 8.3.2.10 clear policy allo wed-type Use this command to clear the list of traf fic rules currently assigned to the admin profil e for one or more ports. This will reassign the default setting, whic h is al[...]
-
Page 659
Policy Classification Configura tion Command Set Assigning Classification Rules to Policy Profiles Matrix NSA Series Configuration Guide 8-43 8.3.2.1 1 clear policy port-hit Use this command to clear rule port hit indications on one or more ports. clear policy port-hit { all | port-list port-list } Synt ax Description Command Default s None. Comman[...]
-
Page 660
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-44 Matrix NSA Series Configuration Guide 8.3.3 Configuring Policy Cl ass of Service (CoS) Using Port-Based or Policy-Based CoS Settings The Matrix Series device supports Class of Se rvice (CoS), which allows you to assign mission-critical data to higher pr[...]
-
Page 661
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-45 Y ou can add to these default configuratio ns by defining new port group ings, and assigning inbo und rate limiters or transmit queues and priorities. Whether you are specifying IR L or TXQ parameters, the process fo[...]
-
Page 662
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-46 Matrix NSA Series Configuration Guide • show cos unit ( Section 8.3.3.4 ) • show cos port-config ( Section 8.3.3.5 ) • set cos port-config irl ( Section 8.3.3.6 ) • clear cos port-config irl ( Section 8.3.3.7 ) • set cos port-config txq ( Sect[...]
-
Page 663
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-47 8.3.3.1 show cos state Use this command to display the Class of Service enable state. show cos st ate Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example T[...]
-
Page 664
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-48 Matrix NSA Series Configuration Guide 8.3.3.2 set cos st ate Use this command to enable or disable Class of Service. set cos state { enable | disabl e } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. [...]
-
Page 665
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-49 8.3.3.3 show cos port-type Use this command to display Class of Service po rt type c onfigurations. The Matrix Series CoS implementation provides two default port ty pe grou pings for design ating ava ilable rate lim[...]
-
Page 666
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-50 Matrix NSA Series Configuration Guide Example This example shows how to display all Class of Serv ice por t type information. In this case, no new port groups have been configured: Ta b l e 8 - 5 provides an explanation of the command output . Matrix(rw[...]
-
Page 667
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-51 Numb T able 8-5 show cos port-t ype Output Det ails Output What It Displays... Index Port type index. Port type 0 designates the Matrix Platinum Series 7G4270 -12 module, and port ty pe 1 designates all other modules[...]
-
Page 668
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-52 Matrix NSA Series Configuration Guide 8.3.3.4 show cos unit Use this command to display C lass of Service units of measure information, including rate type, minimum and maximum limits of the port groups, and their respective granularity . show cos unit [...]
-
Page 669
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-53 8.3.3.5 show cos port-config Use this command to display Class of Service port group configurations. show cos port-config [ irl | txq ] [ gr oup-type-index ] Synt ax Description Command Default s If not specified, al[...]
-
Page 670
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-54 Matrix NSA Series Configuration Guide Example This example shows how to show all Class of Service port group configuration information: Matrix(rw)-> show cos port-confi g * Percentage/queue (if any) are approximations based on [(slices/queue) / total[...]
-
Page 671
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-55 8.3.3.6 set cos port-config irl Use this command to set the Class of Service inbound rate limiting port group configuration: set cos port-config irl gr oup-type-index [ name name ] [ ports port-list ] [ append ] | [ [...]
-
Page 672
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-56 Matrix NSA Series Configuration Guide 8.3.3.7 clear cos port-config irl Use this command to clear a non-default Class of Service inbou nd rate limiting port group configuration: clear cos port-config irl all | gr oup-type-in dex {[ entry ] | [ name ] | [...]
-
Page 673
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-57 8.3.3.8 set cos port-config txq Use this command to set the Class of Servic e transmit queue port group configuration: set cos port-config txq gr oup-type-index [ name name ] [ ports port-list ] [ append ] | [ clear [...]
-
Page 674
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-58 Matrix NSA Series Configuration Guide Example This example shows how to create a CoS transmit qu eue port group entry n amed “test txq” with a port group ID of 2 and a port type ID of 1: Matrix(rw)-> set cos port-config txq 2.1 name test txq[...]
-
Page 675
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-59 8.3.3.9 clear cos port-config txq Use this command to clear one or all non-defa ult Class of Service transmit queue port group configurations: clear cos port-config txq all | gr oup-type-index { entry | name | ports [...]
-
Page 676
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-60 Matrix NSA Series Configuration Guide 8.3.3.10 show cos port-resource Use this command to display C lass of Serv ice port resource configuration information. show cos port-resource irl gr oup-type-index [ r esour ce ] [ violators ] Synt ax Description C[...]
-
Page 677
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-61 Example This example shows how to show all inbound rate limitin g port resource config uration information for port group 0 .1: Matrix(rw)-> show cos port -resource irl 0.1 '?' after the rate value indic[...]
-
Page 678
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-62 Matrix NSA Series Configuration Guide 8.3.3.1 1 set cos port-resource irl Use this command to configure a Class of Serv ice inbound rate limiting port resource entry . set cos port-resource irl gr oup-ty pe-index irl-number {[ unit { percentage | kbps |[...]
-
Page 679
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-63 Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to config ure Class of Service port resource IRL entry 0 for port group 0 .1 assigning an inbound rate limit of 512 kilobits pe r[...]
-
Page 680
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-64 Matrix NSA Series Configuration Guide 8.3.3.12 clear cos po rt-resource irl Use this command to clear one or all Class of Service inbound rate limiting port resource configurations: clear cos port-resource irl all | gr ou p-type-index r esour ce [ uni t[...]
-
Page 681
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-65 8.3.3.13 set cos port-resource txq Use this command to configure a Cl ass of Service transmit queue port resource entry . set cos port-resource txq gr ou p-type-index transmit-queue {[ unit { percentage | kbps | mbps[...]
-
Page 682
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-66 Matrix NSA Series Configuration Guide Example This example shows how to conf igure a Class of Service port resource entry for port group 0.1 assigning 50 percent of the total availabl e inbound bandwidth to transmit queue 7: Matrix(rw)-> set cos port[...]
-
Page 683
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-67 8.3.3.14 clear cos port-resource txq Use this command to clear one or all Class of Service transmit queue port resource entry . clear cos port-resource txq all | gr oup-type-index r esour ce [ unit ] [ rate ] [ algor[...]
-
Page 684
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-68 Matrix NSA Series Configuration Guide 8.3.3.15 show cos referen ce Use this command to display Class of Service port reference information. show cos reference [ txq | irl gr oup-type-index [ re f e re n c e ]] Synt ax Description Command Default s If no[...]
-
Page 685
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-69 Example This example shows how to show all transmit queue reference conf iguration information for port group 0.1: Matrix(rw)-> show cos refe rence txq 0.1 Group Index Reference Type Que ue ----------- --------- -[...]
-
Page 686
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-70 Matrix NSA Series Configuration Guide 8.3.3.16 set cos reference irl Use this command to set a Class of Service inbound rate limiting reference configuration. set cos reference irl gr oup-type-index re f e re n c e rate-limit number Synt ax Description [...]
-
Page 687
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-71 8.3.3.17 clear cos reference irl Use this command to clear one or all Class of Service inbound rate limiting reference configurations. clear cos reference irl { all | gr oup-type-index re f e re n c e } Synt ax Descr[...]
-
Page 688
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-72 Matrix NSA Series Configuration Guide 8.3.3.18 set cos reference txq Use this command to set a Class of Service inbound rate limiting reference configuration. set cos reference txq gr ou p-type-index re f e re n c e queue number Synt ax Description Comm[...]
-
Page 689
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-73 8.3.3.19 clear cos reference txq Use this command to clear one or all non-defa ult Class of Service transmit queue reference configurations. clear cos reference txq { all | gr oup-type-index re f e re n c e } Synt ax[...]
-
Page 690
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-74 Matrix NSA Series Configuration Guide 8.3.3.20 show cos settings Use this command to display C lass of Service parameters. show cos settings [ cos-list ] Synt ax Description Command Default s If not specified, all CoS entries will be displayed. Command [...]
-
Page 691
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-75 8.3.3.21 set cos settings Use this command to configure a Cl ass of Service entry . set cos settings cos-list [ priority priority ] [ tos-value to s-value ] [ txq-reference txq-r efer ence ] [ irl-reference irl-r e f[...]
-
Page 692
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-76 Matrix NSA Series Configuration Guide 8.3.3.22 clear co s settings Use this command to clear Class of Service entry settings. clear cos settings cos-list {[ all ] | [ priority ] [ tos-value ] [ txq-reference ] [ irl-reference ]} Synt ax Description Comm[...]
-
Page 693
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-77 8.3.3.23 show cos violation irl Use this command to display Class of Service violation configurations. show cos violation irl [ violation-index] Synt ax Description Command Default s If no options are specified, all [...]
-
Page 694
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-78 Matrix NSA Series Configuration Guide 8.3.3.24 clear co s violation irl Use this command to clear Class of Service in bound rate limi ting violation configurations. clear cos violation irl { all | disabled-ports | violation-index } { both | status | cou[...]
-
Page 695
Policy Classification Configura tion Command Set Configuring Policy Class of Service (CoS) Matrix NSA Series Configuration Guide 8-79 8.3.3.25 clear cos all-entries Use this command to clears all Class of Serv ice entries except priority settings 0 - 7. clear cos all-entries Synt ax Description None. Command Default s None. Command T ype Switch com[...]
-
Page 696
Policy Classification Con fig uration Command Set Configuring Policy Class of Service (CoS) 8-80 Matrix NSA Series Configuration Guide[...]
-
Page 697
Matrix NSA Series Configu ration Guide 9-1 9 Port Priority and Rate Limiting Configuration This chapter describes the Port Pr iority and Rate Limiting set of commands and how to use them. 9.1 PORT PRIORITY CO NFIGURATION SUMMARY The Matrix Series device supports Class of Service (CoS), whic h allows you to assign mission-critical data to higher pr [...]
-
Page 698
Process Overview: Port Priority and Rate Limiting Configuration Configuring Port Pri ority 9-2 Matrix NSA Series Configuration Guide 9.2 PROCESS OVERVIEW: PORT PRIORITY AND RATE LIMITING CONFIGURATION Use the following steps as a guide to the port prio rity , QoS, and rate lim iting configuration process: 1. Configuring Port Priority ( Section 9.3.[...]
-
Page 699
Port Priority and Rate Limiting Configuration Command Set Configuring Port Priority Matrix NSA Series Configuration Gui de 9-3 9.3.1.1 show port priority Use this command to display the 802. 1D priority for one or more ports. show port priority [ port-strin g ] Synt ax Description Command Default s If port-string is not specified, priority fo r all[...]
-
Page 700
Port Priority and Rate Limiting Confi guratio n Command Set Configuring Port Pri ority 9-4 Matrix NSA Series Configuration Guide 9.3.1.2 set port priority Use this command to set the 802. 1D (802.1p) Class-of-S ervice tr ansmit queue priority (0 through 7) on each port. A port receiving a frame without priority information in its tag header is assi[...]
-
Page 701
Port Priority and Rate Limiting Configuration Command Set Configuring Port Priority Matrix NSA Series Configuration Gui de 9-5 9.3.1.3 clear p ort priority Use this command to reset the cu rrent CoS port priority setting to 0. This will cause all frames received without a priority value in its header to be set to priority 0. clear port priority por[...]
-
Page 702
Port Priority and Rate Limiting Confi guratio n Command Set Configuring Priority to T ransmit Queue Mapping 9-6 Matrix NSA Series Configuration Guide 9.3.2 Configuring Priority to T ransmit Queue Mapping Purpose T o perform the following: • V iew the current priority to tr ansmit queue mapping o f each port, which includes b oth physical and virt[...]
-
Page 703
Port Priority and Rate Limiting Configuration Command Set Configuring Priority to T ra nsmit Queue Ma ppin g Matrix NSA Series Configuration Gui de 9-7 9.3.2.1 show port priority-queue Use this command to display the port pri ority levels (0 through 7, with 0 as the lowest level) associated with the current transmit queue (0 - 15 depending on port [...]
-
Page 704
Port Priority and Rate Limiting Confi guratio n Command Set Configuring Priority to T ransmit Queue Mapping 9-8 Matrix NSA Series Configuration Guide This example shows how to display the tran smit queues associated with priority 3. Matrix(rw)-> show port priority- queue 3 fe.1.7 Priority TxQueue ---------- -------- ------- 3 1 fe.1.8 Priority T[...]
-
Page 705
Port Priority and Rate Limiting Configuration Command Set Configuring Priority to T ra nsmit Queue Ma ppin g Matrix NSA Series Configuration Gui de 9-9 9.3.2.2 set port priority-queue Use this comma nd to map 80 2.1D (802.1p ) priorities to transmit queues. This enables you to change the priority queue (0-7, depe nding on port type, wit h 0 being t[...]
-
Page 706
Port Priority and Rate Limiting Confi guratio n Command Set Configuring Priority to T ransmit Queue Mapping 9-10 Matrix NSA Series Configuration Guide 9.3.2.3 clear port priority-queue Use this command to reset port priority queue se ttings back to defaults for one or more ports. clear port priority-queue port-string Synt ax Description Command Def[...]
-
Page 707
Port Priority and Rate Limiting Configuration Command Set Configuring Port T raffic Rate Li mi ting Matrix NSA Series Configuration Guide 9-1 1 9.3.3 Configuring Port T raffic Rate Limiting Purpose T o limit the rate of inbound traffic on the Matrix Series device on a per port/priority basis. The allowable range for the rate limiting is kilo bytes [...]
-
Page 708
Port Priority and Rate Limiting Confi guratio n Command Set Configuring Port T raffic Rate Limiting 9-12 Matrix NSA Series Configuration Guide 9.3.3.1 show port ratelimit Use this command to show the traf fic rate limiting configur ation on one or more ports. show port ratelimit [ port-string ] Synt ax Description Command Default s If port-string i[...]
-
Page 709
Port Priority and Rate Limiting Configuration Command Set Configuring Port T raffic Rate Li mi ting Matrix NSA Series Configuration Guide 9-13 Ta b l e 9 - 1 shows a detailed explanatio n of the command output. T able 9-1 show port ratelimit Output Det ails Output What It Displays... Port Number Port designation. For a detailed description of possi[...]
-
Page 710
Port Priority and Rate Limiting Confi guratio n Command Set Configuring Port T raffic Rate Limiting 9-14 Matrix NSA Series Configuration Guide 9.3.3.2 set port ratelimit Use this command to configure the traffic rate limiting st atus and threshold (in kilobytes per second) for one or more ports. set port ratelimit { disable | enable } | port-string[...]
-
Page 711
Port Priority and Rate Limiting Configuration Command Set Configuring Port T raffic Rate Li mi ting Matrix NSA Series Configuration Guide 9-15 Command Mode Read-W rite. Example This example shows how to: • globally enable rate limiting • configure rate limiting for inboun d traffic on port fe .2.1, index 1, prio rity 5, to a threshold of 125 KB[...]
-
Page 712
Port Priority and Rate Limiting Confi guratio n Command Set Configuring Port T raffic Rate Limiting 9-16 Matrix NSA Series Configuration Guide 9.3.3.3 clear port ratelimit Use this command to clear rate limiti ng parameters for one or more ports. clear port ratelimit port-string [ index ] Synt ax Description Command Default s If not specified, all [...]
-
Page 713
Matrix NSA Series Configuration Guide 10 -1 10 IGMP Configuration This chapter describes the IGMP Configurati on set of commands and ho w to use them. 10.1 ABOUT IP MULTICA ST GROUP MANAGEMENT The Internet Group Management Proto co l (IGMP) runs between hosts and their imm edia tely neighboring mu ltic ast switch device. Th e protocol’ s mechanis[...]
-
Page 714
IGMP Configuration Summary 10-2 Matrix NSA Series Configuration Gui de In addition to passively monitoring IGMP query a nd report messages, the Matrix Series device can also actively send IGMP query mes sages to lea rn locations of mult icast s witches and member hosts in multicast groups within each VLAN. However , note that IGMP neither alters no[...]
-
Page 715
IGMP Configuration Command Set Enabling / Disabl ing IGMP Matrix NSA Series Configuration Guide 10-3 10.4 IGMP CONFIGURATION COMMAND SET 10.4.1 Enabling / Disabling IGMP Purpose T o display IGMP information and to enable or disable IGMP snooping on the device. Commands The commands used to display , enable and disable IGMP are listed below and desc[...]
-
Page 716
IGMP Configuration Command Set Enabling / Disabl ing IGMP 10-4 Matrix NSA Series Configuration Gui de 10.4.1.1 show igmp enable Use this command to display the status of IGMP on one or more VLAN(s). show igmp enable vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example show[...]
-
Page 717
IGMP Configuration Command Set Enabling / Disabl ing IGMP Matrix NSA Series Configuration Guide 10-5 10.4.1.2 set igmp enable Use this command to enable IGMP on one or more VLANs. set igmp enable vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to enable IGM[...]
-
Page 718
IGMP Configuration Command Set Enabling / Disabl ing IGMP 10-6 Matrix NSA Series Configuration Gui de 10.4.1.3 set igmp disable Use this command to disable IGMP on one or more VLANs. set igmp enable vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to disable[...]
-
Page 719
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series Configuration Guide 10-7 10.4.2 Configuring IGMP Purpose T o display and se t IGMP configuration paramete rs, including query inte rval and response time settings, and to create and configure static IGMP entries. Commands The commands used to configure IGMP are listed below and descr[...]
-
Page 720
IGMP Configuration Command Set Configuring IGMP 10-8 Matrix NSA Series Configuration Gui de 10.4.2.1 show igmp query Use this command to display the IGMP query status of one or more VLANs. show igmp query vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows how to di[...]
-
Page 721
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series Configuration Guide 10-9 10.4.2.2 set igmp query-enab le Use this command to enable IGMP querying on on e or more VLANs. set igmp qu ery-enable vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows h o[...]
-
Page 722
IGMP Configuration Command Set Configuring IGMP 10-10 Matrix NSA Series Configuration Guide 10.4.2.3 set igmp query-disabl e Use this command to disable IGMP querying on one or more VLANs. set igmp query-disable vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example show s [...]
-
Page 723
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series Configuration Guide 10-1 1 10.4.2.4 show igmp grp-full-action Use this command to show what action to take with multicast frames when the multicast IGMP group table is full show igmp grp-full-action Command Default s None. Command T ype Switch command. Command Mode Read-Only . Exampl[...]
-
Page 724
IGMP Configuration Command Set Configuring IGMP 10-12 Matrix NSA Series Configuration Guide 10.4.2.5 set igmp grp-full-action Use this command to determine wh at action to take with multicast frames when the mul ticast group table is full. set igmp grp-full-action action Synt ax Description Command Default s Flood multicast frames to the Vlan Comma[...]
-
Page 725
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series C onfiguration Guide 1 0-13 10.4.2.6 show igmp config Use this command to display IGMP configuration informa tion for one or more VLANs. show igmp config vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example [...]
-
Page 726
IGMP Configuration Command Set Configuring IGMP 10-14 Matrix NSA Series Configuration Guide T a bl e 10 -1 sh o w ig mp co nfig Output Details Output What It Displays... VlanQueryInterval Frequency (in seconds) of host-query fra me transmissions. VlanS tatus Whether or not VLAN config uration is Active or Not in Service . Vlan IGMP V ersion Whether[...]
-
Page 727
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series C onfiguration Guide 1 0-15 10.4.2.7 set igmp config Use this command to configure IGMP settings on one or more VLANs. set igmp config vlan-list {[ query-interva l query-interval ] [igmp-version igmp-version ] [ max-resp-time max-r esp-time ] [ robustness r obustness ] [ last-mem-int[...]
-
Page 728
IGMP Configuration Command Set Configuring IGMP 10-16 Matrix NSA Series Configuration Guide Example This example shows how to set the IGMP qu ery interval time to 25 0 seconds on VLAN 1: Matrix(rw)-> set igmp config 1 q uery-interval 250[...]
-
Page 729
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series C onfiguration Guide 1 0-17 10.4.2.8 set igmp delete Use this command to remove IGMP config uration settings for one or more VLANs. set igmp delete vlan-list Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows[...]
-
Page 730
IGMP Configuration Command Set Configuring IGMP 10-18 Matrix NSA Series Configuration Guide 10.4.2.9 show igmp group s Use this command to display in formation ab out IGMP groups known to one or m ore VLANs. show igmp groups [group < gr oup > ] [vlan-list < vlan-list> ] [sip <sip> ] [-verbose] Synt ax Description Command Default s[...]
-
Page 731
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series C onfiguration Guide 1 0-19 10.4.2.10 show igmp st atic Use this command to display static IGMP po rts for one or more VLANs or IGMP groups. show igmp static vlan-list [ group gr oup ] Synt ax Description Command Default s If not specified, static IGMP information will be displayed f[...]
-
Page 732
IGMP Configuration Command Set Configuring IGMP 10-20 Matrix NSA Series Configuration Guide 10.4.2.1 1 set igmp add-st atic Use this command to create a new static IGMP entry , or to add one or more new ports to an existing entry . set igmp add-static gr oup vlan-list [ modify ] [ include-ports ] [ exclude-ports ] Synt ax Description Command Defaul[...]
-
Page 733
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series C onfiguration Guide 1 0-21 10.4.2.12 set igmp remove-st atic Use this command to delete a sta tic IGMP entry , or to remove o ne or mo re ports from an existing entry . set igmp remove-static gr oup vlan-list [ modify ] [ include-ports ] [ exclude-ports ] Synt ax Description Command[...]
-
Page 734
IGMP Configuration Command Set Configuring IGMP 10-22 Matrix NSA Series Configuration Guide 10.4.2.13 show igmp protocols Use this command to display the binding of IP protocol id to IGMP classification show igmp protocols Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows how to display the bi[...]
-
Page 735
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series C onfiguration Guide 1 0-23 10.4.2.14 set igmp protocols Use this command to changes the IGMP classification of received IP frames set igmp protocols [ clas sification classification ] [ pr oto col-id pr otoco l-id ] [ modify ] Synt ax Description Command Default s None. Command T yp[...]
-
Page 736
IGMP Configuration Command Set Configuring IGMP 10-24 Matrix NSA Series Configuration Guide 10.4.2.15 clear igmp protocols Use this command to clear the binding of IP protocol id to IGMP classification clear igmp pr otocols [ pr otocol-id pr otocol-id ] Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W ri[...]
-
Page 737
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series C onfiguration Guide 1 0-25 10.4.2.16 show igmp vlan Use this command to display IGMP information for a specific VLAN. show igmp vlan [ vlan-list ] Synt ax Description Command Default s None Command T ype Switch command. Command Mode Read-Only . Example This example shows how to disp[...]
-
Page 738
IGMP Configuration Command Set Configuring IGMP 10-26 Matrix NSA Series Configuration Guide 10.4.2.17 show igmp reporters Use this command to display IGMP reporter information. show igmp reporters [ portlist portlist ] [ group gr oup ] [ vlan-list vlan-list ] [ sip sip ] Synt ax Description Command Default s None. Command T ype Switch command. Comm[...]
-
Page 739
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series C onfiguration Guide 1 0-27 10.4.2.18 show igmp flow Use this command to displa y IGMP flow information. show igmp flow s [ portlist portlist ] [ group gr ou p ] [ vlan-list vlan-list ] [ sip sip ] Synt ax Description Command Default s None. Command T ype Switch command. Command Mode[...]
-
Page 740
IGMP Configuration Command Set Configuring IGMP 10-28 Matrix NSA Series Configuration Guide 10.4.2.19 show igmp counters Use this command to displa y IGMP counter information. show igmp counters Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows how to display the IGMP[...]
-
Page 741
IGMP Configuration Command Set Configuring IGMP Matrix NSA Series C onfiguration Guide 1 0-29 10.4.2.20 show igmp number-groups Use this command to display the number of multicast groups suppor ted by the Matrix devi ce. T he command displays both the currently active number of groups and the configured number that will take effect at the next rebo[...]
-
Page 742
IGMP Configuration Command Set Configuring IGMP 10-30 Matrix NSA Series Configuration Guide[...]
-
Page 743
Matrix NSA Series Configura tion Guide 1 1-1 11 Logging and Network Management This chapter describes switch-rela ted logging an d network ma nagement commands and how to use them. 1 1 .1 PROCESS OVERVIEW : NETWORK MANAGEMENT Switch-related network management tasks incl ude the following: • Configuring System Lo gging ( Section 1 1.2.1 ) • Moni[...]
-
Page 744
Logging And Network Management Co mmand Set Configuring System Logging 1 1-2 Matrix NSA Series Configuration Guide 1 1.2 LOGGING AND NETWORK MANAGEMENT COMMAND SET 1 1.2.1 Configuring System Logging Purpose T o display and configure system lo gging, including Syslog server settings, logging severity levels for various applications, Syslog default s[...]
-
Page 745
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-3 1 1 .2.1.1 show logging all Use this command to display all config uration information for system logging. show logging all Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only .[...]
-
Page 746
Logging And Network Management Co mmand Set Configuring System Logging 1 1-4 Matrix NSA Series Configuration Guide Example This example shows how to displa y all system logging information: Ta b l e 1 1 - 1 provides an explanation of th e command output. Matrix(rw)-> show logging all Application Current Severity Level Server List ---------------[...]
-
Page 747
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-5 T able 1 1-1 show logging all Output Det ails Output What It Displays... Application A mnemonic abbreviatio n of the textual description for applications being logged. Current Severity Level Severity level ( 1 - 8 ) at which the server[...]
-
Page 748
Logging And Network Management Co mmand Set Configuring System Logging 1 1-6 Matrix NSA Series Configuration Guide 1 1.2.1.2 show logging server Use this command to display the Syslog configuration for a particular server . show logging server [ index ] Synt ax Description Command Default s If index is not specified, all Syslog se rver information [...]
-
Page 749
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-7 1 1 .2.1.3 set logging server Use this command to configure a Syslog server . s et logging server index [ ip-addr ip-addr ] [ facility facility ] [ severity severity ] [ descr descr ] [ port por t] [ state { enable | disable }] Synt ax[...]
-
Page 750
Logging And Network Management Co mmand Set Configuring System Logging 1 1-8 Matrix NSA Series Configuration Guide Command Default s • If ip-addr is not specified, an entry in the Syslog server table will be created with the specified index number and a message will display indica ting that no IP address has been assigned. • If not specified, f[...]
-
Page 751
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-9 1 1 .2.1.4 clear logging server Use this command to remove a server from the Syslog server table. clear logging server index Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example Th[...]
-
Page 752
Logging And Network Management Co mmand Set Configuring System Logging 1 1-10 Matrix NSA Series Configuration Guide 1 1.2.1.5 show logging default Use this command to display th e Syslog server default values. show logging default Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This c[...]
-
Page 753
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-1 1 1 1 .2.1.6 set logging default Use this command to set logging default values. set logging default {[ facility facility ] [ severity severity ] port port ]} Synt ax Description Command Default s None. Command T ype Switch command. Co[...]
-
Page 754
Logging And Network Management Co mmand Set Configuring System Logging 1 1-12 Matrix NSA Series Configuration Guide 1 1.2.1.7 clear logging default Use this command to reset logging default values. clear logging defaul t {[ facility ] [ severity ] [ port ]} Synt ax Description Command Default s • At least one optional para meter must be entered. [...]
-
Page 755
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-13 1 1 .2.1.8 show logging application Use this command to display the severity level of Syslog messages for one or all applications configured for logging on your system. show logging application [ mnemonic | all ] Synt ax Description C[...]
-
Page 756
Logging And Network Management Co mmand Set Configuring System Logging 1 1-14 Matrix NSA Series Configuration Guide Example This example shows how to display system logg ing information pertaining to the all supported applications. This example shows how to display system logging information pertaining to the SNMP application. Ta b l e 1 1 - 2 prov[...]
-
Page 757
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-15 T able 1 1-2 show logging application Output Det ails Output What It Displays... Application A mnemonic abbreviatio n of the textual description for applications being logged. Current Severity Level Severity level at which the server [...]
-
Page 758
Logging And Network Management Co mmand Set Configuring System Logging 1 1-16 Matrix NSA Series Configuration Guide 1 1.2.1.9 set logging application Use this command to set the severity level of lo g messages and the server(s ) to which messages will be sent for one or all applications. set logging application {[ mnemonic | all ]} [ level level ] [...]
-
Page 759
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-17 Command Default s • If level is not specified, none will be applied. • If server is not specified, messages will be sent to all Syslog servers. Command T ype Switch command. T able 1 1-3 Sample Mnemonic V alues for Log ging Applic[...]
-
Page 760
Logging And Network Management Co mmand Set Configuring System Logging 1 1-18 Matrix NSA Series Configuration Guide Command Mode Read-W rite. Example This example shows how to set the severity level for SSH (Secure Shell) to 4 so that error conditions will be logged for that application an d sent to Syslog server 1: Matrix(rw)-> set logging appl[...]
-
Page 761
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-19 1 1 .2.1.10 clear logging application Use this command to reset the logg ing severity level for one or all applications to the default value of 6 (notifications of significant conditions). clear logging application { mnemonic | all } [...]
-
Page 762
Logging And Network Management Co mmand Set Configuring System Logging 1 1-20 Matrix NSA Series Configuration Guide 1 1.2.1.1 1 show logging local Use this command to display the state of messag e logging to the console and a persistent file. show logging local Synt ax Description None. Command Default s None. Command T ype Switch command. Command [...]
-
Page 763
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-21 1 1 .2.1.12 set logging local Use this command to config ure log messages to the console and a pe rsistent file. set logging local console { enable | disable } file { enable | disable } Synt ax Description Command Default s None. Comm[...]
-
Page 764
Logging And Network Management Co mmand Set Configuring System Logging 1 1-22 Matrix NSA Series Configuration Guide 1 1.2.1.13 clear logging local Use this command to clear the console and pe rsistent store logging for the local session. clear logging local Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode[...]
-
Page 765
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-23 1 1 .2.1.14 set logging here Use this command to enable or disable the current CLI session as a Syslog destination. The ef fect of this command will be temporar y if the current CLI session is us ing T elnet or SSH, but persistent on [...]
-
Page 766
Logging And Network Management Co mmand Set Configuring System Logging 1 1-24 Matrix NSA Series Configuration Guide 1 1.2.1.15 clear logging here Use this command to clear the logging state for the current CLI session. clear logging here Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Exampl[...]
-
Page 767
Logging And Network Management Command Set Configuring System Loggin g Matrix NSA Series Configuration Guide 1 1-25 1 1 .2.1.16 show logging buffer Use this command to display the last 256 messages logged. show logging buffer Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This exampl[...]
-
Page 768
Logging And Network Management Co mmand Set Monitoring Network Events and S tatus 1 1-26 Matrix NSA Series Configuration Guide 1 1.2.2 Monitoring Network Event s and S t atus Purpose T o display switch events and command history , to set the size of the history buf fer , and to display and disconnect current user sessions. Commands Commands to moni[...]
-
Page 769
Logging And Network Management Command Set Monitoring Network Even ts and S tatus Matrix NSA Series Configuration Guide 1 1-27 1 1 .2.2.1 history Use this command to display the contents of the co mmand history buffer . The comma nd history buffer includes all the switch commands entere d up to a maximum of 50, as specified in the set history comma[...]
-
Page 770
Logging And Network Management Co mmand Set Monitoring Network Events and S tatus 1 1-28 Matrix NSA Series Configuration Guide 1 1.2.2.2 show history Use this command to display the size (in lines) of the history buf fer . show history Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example T[...]
-
Page 771
Logging And Network Management Command Set Monitoring Network Even ts and S tatus Matrix NSA Series Configuration Guide 1 1-29 1 1.2.2.3 set history Use this command to set the size of the history buf fe r . set history size [ defaul t ] Synt ax Description Command Default s If default is not specified, the history setting will not be persistent. C[...]
-
Page 772
Logging And Network Management Co mmand Set Monitoring Network Events and S tatus 1 1-30 Matrix NSA Series Configuration Guide 1 1.2.2.4 show netst at Use this command to display statistics fo r the switch’ s active network connections. show netstat [icmp | ip | routes | stats | tcp | udp ] Synt ax Description Command Default s If no parameters a[...]
-
Page 773
Logging And Network Management Command Set Monitoring Network Even ts and S tatus Matrix NSA Series Configuration Guide 1 1-31 Ta b l e 1 1 - 4 provides an explanation of the command out put . T able 1 1-4 show net st at Output Det ails Output What It Displays... PCB Protocol Control Block designatio n. Proto T ype of protocol running on the conn e[...]
-
Page 774
Logging And Network Management Co mmand Set Monitoring Network Events and S tatus 1 1-32 Matrix NSA Series Configuration Guide 1 1.2.2.5 ping Use this command to send ICMP echo-request packets to another node on the network from the switch CLI. ping [ -s ] host [ count ] Synt ax Description Command Default s • If -s is not specified, the ping wil[...]
-
Page 775
Logging And Network Management Command Set Monitoring Network Even ts and S tatus Matrix NSA Series Configuration Guide 1 1-33 This example shows how to ping IP address 134.141.89.29 with 10 packets: This example shows a continuous pi ng of IP address 134.141. 89.29. In this case, entering Ctrl+C after 9 iterations caused command execution to stop [...]
-
Page 776
Logging And Network Management Co mmand Set Monitoring Network Events and S tatus 1 1-34 Matrix NSA Series Configuration Guide 1 1.2.2.6 show users Use this command to display info rmation about the active console po rt or T elnet session(s) logged in to the switch. show users Synt ax Description None. Command Default s None. Command T ype Switch c[...]
-
Page 777
Logging And Network Management Command Set Monitoring Network Even ts and S tatus Matrix NSA Series Configuration Guide 1 1-35 1 1 .2.2.7 tell Use this command to send a m ess age to one or all users. tell { dest | all } message Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example [...]
-
Page 778
Logging And Network Management Co mmand Set Monitoring Network Events and S tatus 1 1-36 Matrix NSA Series Configuration Guide 1 1.2.2.8 disconnect Use this command to clos e an active console port or T elnet session from the switch CLI. disconnect { ip-addr | console } Synt ax Description Command Default s None. Command T ype Switch command. Comma[...]
-
Page 779
Logging And Network Management Command Set Configuring SMON Matrix NSA Series Configuration Guide 1 1-37 1 1 .2.3 Configuring SMON Purpose T o configure SMON (Switched Network Mon itoring) on the device. Commands Commands to configure SMON are listed below an d described in the associated section as shown. • show smon priority ( Section 1 1.2.3.1[...]
-
Page 780
Logging And Network Management Co mmand Set Configuring SMON 1 1-38 Matrix NSA Series Configuration Guide 1 1.2.3.1 show smon priority Use this command to display SMON user priority statistics. SMON generates aggregated statistics for IEEE 802.1 Q VLAN environments. show smon priority [ port-string ] [ priority priority ] Synt ax Description Comman[...]
-
Page 781
Logging And Network Management Command Set Configuring SMON Matrix NSA Series Configuration Guide 1 1-39 1 1 .2.3.2 set smon priority Use this command to create, start, or stop priority-encoded SMON user statistics counting. set smon priority {create | enable | disable} port-string [ owner ] Synt ax Description Command Default s If owner is not spe[...]
-
Page 782
Logging And Network Management Co mmand Set Configuring SMON 1 1-40 Matrix NSA Series Configuration Guide 1 1.2.3.3 clear smon priority Clears priority-encoded user stat istic s on one or more ports . clear smon priority [ port-string ] Synt ax Description Command Default s If port-string is not specified, priority stat istics will be cleared on al[...]
-
Page 783
Logging And Network Management Command Set Configuring SMON Matrix NSA Series Configuration Guide 1 1-41 1 1 .2.3.4 show smon vlan Use this command to display SMON (Switc hed Network Monitori ng) VLAN statistics. show smon vlan [ port-string ] [ vlan vlan-id ] Synt ax Description Command Default s • If port-string is not specified, SMON statistic[...]
-
Page 784
Logging And Network Management Co mmand Set Configuring SMON 1 1-42 Matrix NSA Series Configuration Guide 1 1.2.3.5 set smon vlan Use this command to create, start, or stop SNMP VLAN-related statistics counting. set smon vlan {create | enable | disable} port-string [ owner ] Synt ax Description Command Default s If owner is not specified, no ne wil[...]
-
Page 785
Logging And Network Management Command Set Configuring SMON Matrix NSA Series Configuration Guide 1 1-43 1 1 .2.3.6 clear smon vlan Use this command to delete an SMON VLAN statistics counting configuration. clear smon vlan [ port-string ] Synt ax Description Command Default s If port-string is not specified, VLAN statisti cs counting configurations[...]
-
Page 786
Logging And Network Management Co mmand Set Configuring RMON 1 1-44 Matrix NSA Series Configuration Guide 1 1.2.4 Configuring RMON RMON Monitoring Group Functions and Commands RMON (Remote Network Mon itoring) provides co mprehensive ne twork fault diagnosis, plannin g, and performance tuning informa tion and allows for interoperability between SNM[...]
-
Page 787
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-45 Alarm Periodically gathers statistical samples from variables in the probe and compares them with previously configured thresholds. If the monitored variable crosses a threshold, an event is generated. Alarm type, interval, starting threshold, s[...]
-
Page 788
Logging And Network Management Co mmand Set Configuring RMON 1 1-46 Matrix NSA Series Configuration Guide Host To p N Generates tables that describe hosts that top a list ordered by one of their statistics. These rate based statistics are samples of one of th eir base statistics over an interval specified by the management statio n. S tatistics, to[...]
-
Page 789
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-47 Filter Allows packets to be matched by a filter equation. These ma tc hed packets f orm a data stream or “channel” that may be captured or ma y generate eve nts. Packets ma tc hin g the filter configuration. show rmon channel ( Section 1 1.2[...]
-
Page 790
Logging And Network Management Co mmand Set Configuring RMON 1 1-48 Matrix NSA Series Configuration Guide 1 1.2.4.1 show rmon st at s Use this command to display RMON statistics measured for one or more ports. show rmon stats [ port-string ] [ wide ] [ bysize ] Synt ax Description Command Default s If port-string is not specified, RMON stats wil l [...]
-
Page 791
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-49 Ta b l e 1 1 - 6 provides an explanation of the command out put . T able 1 1-6 show rmon st ats Output Det ails Output What It Displays... Port Port de sign ation. Owner Name of the entity that configured this entry . Monitor is default. Data So[...]
-
Page 792
Logging And Network Management Co mmand Set Configuring RMON 1 1-50 Matrix NSA Series Configuration Guide Fragments Number of received frames that are not the minimum number of bytes in length, or received frames that had a bad or missing Frame Check Sequence (FCS), were less than 64 bytes in length (excludin g fra ming bits, but including FCS byte[...]
-
Page 793
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-51 1 1 .2.4.2 set rmon st at s Use this command to configure an RMON statist ics entry . set rmon stats index port-string [ owner ] Synt ax Description Command Default s If owner is not specified, monitor will be applied. Command T ype Switch comma[...]
-
Page 794
Logging And Network Management Co mmand Set Configuring RMON 1 1-52 Matrix NSA Series Configuration Guide 1 1.2.4.3 clear rmon st at s Use this command to delete one or more RMON st atistics entries. clear rmon stats { index-list | to-defaults } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Exam[...]
-
Page 795
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-53 1 1 .2.4.4 show rmon history Use this command to display RMON histo ry properties and statistics. The RMO N histo ry group records periodic statistical samples from a network. show rmon history [ port-string ] [ wide ] [ int erval ] Synt ax Desc[...]
-
Page 796
Logging And Network Management Co mmand Set Configuring RMON 1 1-54 Matrix NSA Series Configuration Guide Matrix(rw)-> show rmon history f e.3.14 Port: fe.3.14 ------------------------------- -------- Index 1001 Status = 1 valid Owner = monitor Data Source = 1.3.6.1.2.1 .2.2.1.1.11001 Interval = 30 Buckets Requested = 50 Buckets Granted = 50 Sam[...]
-
Page 797
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-55 1 1 .2.4.5 set rmon history Use this command to configure an RMON history entry . set rmon history index [ port-string ] [ buckets buckets ] [ interval interval ] [ owner owner ] Synt ax Description Command Default s • If buckets is not specif[...]
-
Page 798
Logging And Network Management Co mmand Set Configuring RMON 1 1-56 Matrix NSA Series Configuration Guide 1 1.2.4.6 clear rmon history Use this command to delete one or more RMON hi story entries or reset one or more entries to default values. Fo r spec ific values, refer to Section 1 1.2.4.5 . clear rmon history { index-list | to-defaults } Synt a[...]
-
Page 799
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-57 1 1 .2.4.7 show rmon alarm Use this command to display RMON alarm entrie s. The RMON alarm group periodically takes statistical samples from RMON variables and co mpares them with pr eviously configured thresholds. If the monitored va riable cro[...]
-
Page 800
Logging And Network Management Co mmand Set Configuring RMON 1 1-58 Matrix NSA Series Configuration Guide T able 1 1-7 show rmon alarm Output Details Output What It Displays... Index Index number for this alarm entry . Owner T ext string identifying who configured this entry . S tatus Whether this e vent entry is enabled (valid) or disabled. V aria[...]
-
Page 801
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-59 1 1 .2.4.8 set rmon alarm properties Use this command to configure an RMON alarm en try , or to create a new alarm entry with an unused alarm in dex number . set rmon alarm properties index [ interval interval ] [ object object ] [ type {absolut[...]
-
Page 802
Logging And Network Management Co mmand Set Configuring RMON 1 1-60 Matrix NSA Series Configuration Guide Command Default s • interval - 3600 seconds • type - absolute • startup - rising • rthresh - 0 • fthresh - 0 • revent - 0 • fevent - 0 • owner - monitor Command T ype Switch command. Command Mode Read-W rite. Example This exampl[...]
-
Page 803
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-61 1 1.2.4.9 set rmon alarm st atu s Use this command to enable an RMON alarm entry . An alarm is a notification that a statistical sample of a monitored variable has crossed a configured threshold. set rmon alarm status index enable Synt ax Descri[...]
-
Page 804
Logging And Network Management Co mmand Set Configuring RMON 1 1-62 Matrix NSA Series Configuration Guide 1 1.2.4.10 clear rmon alarm Use this command to dele te an RMON alarm entry . clear rmon alarm index Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to clear RMO[...]
-
Page 805
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-63 1 1 .2.4.1 1 show rmon event Use this command to display RMON event entry properties. show rmon ev ent [ index ] Synt ax Description Command Default s If index is not specified, information abou t all RMON entries will be displayed. Command T yp[...]
-
Page 806
Logging And Network Management Co mmand Set Configuring RMON 1 1-64 Matrix NSA Series Configuration Guide Description T ext string d escription of this event. T ype Whether the event notification will be a log entry , and SNMP trap, both, or none. Community SN MP community name if message type is set to trap. Last T ime Se nt When an event notifi c[...]
-
Page 807
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-65 1 1 .2.4.12 set rmon event properties Use this command to configure an RMON event entry , or to create a new event entry w ith an unused event index numb er . set rmon event properties index [ description description ] [ type {none | log | trap [...]
-
Page 808
Logging And Network Management Co mmand Set Configuring RMON 1 1-66 Matrix NSA Series Configuration Guide Example This example shows how to create and enable an RMON event e ntry called “STP topology change” that will send both a log entr y and an SNMP trap message to the “public” community: Matrix(rw)-> set rmon event pr operties 2 desc[...]
-
Page 809
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-67 1 1 .2.4.13 set rmon event st atus Use this command to enable an RMON event entry . An event entry describes the parameters of an RMON event that can be triggered. Events can be fired by RMON alarms and can be configured to create a log entry , [...]
-
Page 810
Logging And Network Management Co mmand Set Configuring RMON 1 1-68 Matrix NSA Series Configuration Guide 1 1.2.4.14 clear rmon event Use this command to delete an RMON event entry and any associated log entries. clear rmon event index Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This e[...]
-
Page 811
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-69 1 1 .2.4.15 show rmon host Use this command to display RMON properti es and statistics as sociated with each host discovered on the network. show rmon host [ port-string ] [ address | creation ] Synt ax Description Command Default s • If port-[...]
-
Page 812
Logging And Network Management Co mmand Set Configuring RMON 1 1-70 Matrix NSA Series Configuration Guide Example This example shows how to display RMON host properties and statistics. A control entry displays first, followed by actual entries corresponding to the control entry . For a description of the types of statistics shown, refer to Ta b l e[...]
-
Page 813
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-71 1 1 .2.4.16 set rmon host properties Use this command to configure an RMON host entry . set rmon host properties index port-string [ owner ] Synt ax Description Command Default s If owner is not specified, monitor will be appli ed. Command T ype[...]
-
Page 814
Logging And Network Management Co mmand Set Configuring RMON 1 1-72 Matrix NSA Series Configuration Guide 1 1.2.4.17 set rmon host st atus Use this command to enable an RMON host entry . set rmon host status index enable Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows ho[...]
-
Page 815
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-73 1 1 .2.4.18 clear rmon host Use this command to dele te an RMON host entry . clear rmon host index Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to clear RMON h[...]
-
Page 816
Logging And Network Management Co mmand Set Configuring RMON 1 1-74 Matrix NSA Series Configuration Guide 1 1.2.4.19 show rmon topN Use this command to displays RMON T opN proper ties and statistics. T opN monitoring prepares tables that describe the hosts topping a list ordered by one of their statistics. T opN lists are samples of one of the host[...]
-
Page 817
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-75 Ta b l e 1 1 - 9 provides an explanation of the comm and output. Properties are set using the set rmon topN properties command as describe d in Section 1 1.2.4.20 . T able 1 1-9 show rmon topN Output Det ails Output What It Displays... Index Ind[...]
-
Page 818
Logging And Network Management Co mmand Set Configuring RMON 1 1-76 Matrix NSA Series Configuration Guide 1 1.2.4.20 set rmon topN properties Use this command to configur e an RMON topN entry (report). set rmon topn properties index [ hindex hindex ] [ rate { inpackets | outpackets | inoctets | outoctets | errors | bcast | mc ast }] [ duration dura[...]
-
Page 819
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-77 Command Mode Read-W rite. Example This example shows how to configur e RMON T opN en try 1, for host 1 with a sampling interval of 60 seconds and a maximum number o f entries of 20: Matrix(rw)-> set rmon topN propert ies 1 1 inpackets 60 20[...]
-
Page 820
Logging And Network Management Co mmand Set Configuring RMON 1 1-78 Matrix NSA Series Configuration Guide 1 1.2.4.21 set rmon topN st atus Use this command to enab le an RMON topN entry . set rmon topN status index enable | Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows[...]
-
Page 821
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-79 1 1 .2.4.22 clear rmon topN Use this command to delete an RMON T opN entry . clear rmon topN index Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to delete RMON [...]
-
Page 822
Logging And Network Management Co mmand Set Configuring RMON 1 1-80 Matrix NSA Series Configuration Guide 1 1.2.4.23 show rmon matrix Use this command to display RM ON matrix properties and statis tics. The RMON matrix stores statistics for conversations between sets of two addresse s. show rmon matrix [ port-string ] [ source | dest ] Synt ax Desc[...]
-
Page 823
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-81 T able 1 1-10 provides an explanation of the command output. Properties are set using the set rmon matrix properties command as described in Section 1 1.2.4.24 . T able 1 1-10 show rmon matrix Output Det ails Output What It Displays... Matrix In[...]
-
Page 824
Logging And Network Management Co mmand Set Configuring RMON 1 1-82 Matrix NSA Series Configuration Guide 1 1.2.4.24 set rmon matrix properties Use this command to configure an RMON matrix ent ry . set rmon matrix properties index port-string [ owner ] Synt ax Description Command Default s If owner is not specified, monito r will be applied. Comman[...]
-
Page 825
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-83 1 1 .2.4.25 set rmon matrix st atus Use this command to enable an RMON matrix entry . set rmon matrix status index enable Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example sh[...]
-
Page 826
Logging And Network Management Co mmand Set Configuring RMON 1 1-84 Matrix NSA Series Configuration Guide 1 1.2.4.26 clear rmon matrix Use this command to delete an RMON matrix entry . clear rmon matrix index Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to delete [...]
-
Page 827
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-85 1 1 .2.4.27 show rmon channel Use this command to display RMON channel entries for one or more ports. show rmon channe l [ port-string ] Synt ax Description Command Default s If port-string is not specified, information abou t all channels will [...]
-
Page 828
Logging And Network Management Co mmand Set Configuring RMON 1 1-86 Matrix NSA Series Configuration Guide 1 1.2.4.28 set rmon channel Use this command to configure an RMON channel entry . set rmon channel index port-string [ accept { matched | failed }] [ control { on | off }] [ oneven t onevent ] [ offevent offevent ] [ event event ] [ estatus { r[...]
-
Page 829
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-87 Command Default s • If an action is not specified, packets will be accepted on filter matches. • If not specified, control will be set to off . • If onevent and offevent are not specified, none will be applied. • If event status is not s[...]
-
Page 830
Logging And Network Management Co mmand Set Configuring RMON 1 1-88 Matrix NSA Series Configuration Guide 1 1.2.4.29 clear rmon channel Use this command to clear an RMON channel entry . clear rmon channel index Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to clear[...]
-
Page 831
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-89 1 1 .2.4.30 show rmon filter Use this command to display on e or more RMON filter entries. show rmon filter [ index index | channel channel ] Synt ax Description Command Default s If no options are specified, information for all filter entries w[...]
-
Page 832
Logging And Network Management Co mmand Set Configuring RMON 1 1-90 Matrix NSA Series Configuration Guide 1 1.2.4.31 set rmon filter Use this command to conf igure an RMON filter entry . set rmon filter index channel_index [ offset offset ] [ status status ] [ smas k smask ] [ snotmask snotmask ] [ data data ] [ dmask dmask ] [ dnotmask dnotmask ] [...]
-
Page 833
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-91 Command Mode Read-W rite. Example This example shows how to create RMON filter 1 and apply it to channel 9: Matrix(rw)-> set rmon fil ter 1 10 offset 30 data 0a1543 05 dmask ffffffff[...]
-
Page 834
Logging And Network Management Co mmand Set Configuring RMON 1 1-92 Matrix NSA Series Configuration Guide 1 1.2.4.32 clear rmon filter Use this command to clear an RMON filter entry . clear rmon filter { index index | channel channel } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This e[...]
-
Page 835
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-93 1 1 .2.4.33 show rmon capture Use this command to display RMON capture en tries and associated buffer control entries. show rmon captur e [ index ] [ nodata ] Synt ax Description Command Default s If no options are specified, a ll buffer control[...]
-
Page 836
Logging And Network Management Co mmand Set Configuring RMON 1 1-94 Matrix NSA Series Configuration Guide Example This example shows how to display RMON captu re entries and associated buffer entries: Matrix(rw)-> show rmon capture Buf.control= 28062 Channel= 38 283 EntryStatus= valid ------------------------------- --------------------------- F[...]
-
Page 837
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-95 1 1 .2.4.34 set rmon capture Use this command to configure an RMON capture entr y , or to enable or disable an existing entry . set rmon capture index { channel [ action { lock | wr ap }] [ slice slice ] [ loadsize loadsize ] [ offset offset ] [[...]
-
Page 838
Logging And Network Management Co mmand Set Configuring RMON 1 1-96 Matrix NSA Series Configuration Guide Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to create RMON ca pture entry 1 to “listen” on channel 628: Matrix(rw)-> set rmon capture 1 628[...]
-
Page 839
Logging And Network Management Command Set Configuring RMON Matrix NSA Series Configuration Guide 1 1-97 1 1 .2.4.35 clear rmon capture Use this command to clears an RMON capture entry . clear rmon capture index Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This example shows how to clea[...]
-
Page 840
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-98 Matrix NSA Series Configuration Guide 1 1.2.5 Managing Switch Ne twork Addresses and Routes Purpose T o display , add or delete switch ARP table entr ies, to enable or disable RAD (Runtime Address Discovery) protocol, to display , add or delete IP routin[...]
-
Page 841
Logging And Network Management Command Set Managing Switch Network Addresses and Routes Matrix NSA Series Configuration Guide 1 1-99 1 1 .2.5.1 show arp Use this command to displa y the swit ch’ s ARP table. show arp Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example shows[...]
-
Page 842
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-100 Matrix NSA Series Configuration Guide 1 1.2.5.2 set arp Use this command to ad d mapping entries to the switch’ s ARP table. set arp ip-address mac-address [{ temp | pub | trail} ] Synt ax Description Command Default s • If temp is not specified, th[...]
-
Page 843
Logging And Network Management Command Set Managing Switch Network Addresses and Routes Matrix NSA Series Configuration Guide 1 1-1 01 1 1 .2.5.3 clear arp Use this command to delete a specific entry or all entries from the switch’ s ARP table. clear arp { ip | all } Synt ax Description Command Default s None. Command T ype Switch command. Comman[...]
-
Page 844
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-102 Matrix NSA Series Configuration Guide 1 1.2.5.4 show rad Use this command to display the status of the RAD (Runtime Address Discovery) protoc ol on the switch. show rad Synt ax Description None. Command Default s None. Command T ype Switch command. Comm[...]
-
Page 845
Logging And Network Management Command Set Managing Switch Network Addresses and Routes Matrix NSA Series Configuration Guide 1 1-1 03 1 1.2.5.5 set rad Use this command to enable or disable RAD (R untime Address Discovery) protocol. The Matrix Series device uses BOOTP/DHCP to obtain an IP address if one hasn’t been configured. RAD can also be us[...]
-
Page 846
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-104 Matrix NSA Series Configuration Guide 1 1.2.5.6 show ip route Use this command to display the switch’ s IP routing table entries. show ip route Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Ex[...]
-
Page 847
Logging And Network Management Command Set Managing Switch Network Addresses and Routes Matrix NSA Series Configuration Guide 1 1-1 05 Flags Route status. Possible valu es and their definiti ons include: U - route is usable (that is, "up") G - destination is a gateway H - host specific routing entry R - host or net unreachable D - created[...]
-
Page 848
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-106 Matrix NSA Series Configuration Guide 1 1.2.5.7 tracerout e Use this command to display a hop -by-hop path throu gh an IP network from th e device to a specific destination host. Three UDP or ICMP pr obes will be transmitted fo r each hop between the so[...]
-
Page 849
Logging And Network Management Command Set Managing Switch Network Addresses and Routes Matrix NSA Series Configuration Guide 1 1-1 07 Command Default s • If not specified, waittime will be set to 5 seconds. • If not specified, first-tt l will be set to 1 second. • If not specified, max-ttl will be set to 30 seconds. • If not specified, por[...]
-
Page 850
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-108 Matrix NSA Series Configuration Guide Example This example shows how to use traceroute to d isplay a round trip p ath to host 192.1 67.252.17. In this case, hop 1 is the Matrix Series switch, hop 2 is 14.1.0.45, and hop 3 is back to the host IP address.[...]
-
Page 851
Logging And Network Management Command Set Managing Switch Network Addresses and Routes Matrix NSA Series Configuration Guide 1 1-1 09 1 1 .2.5.8 set ip route Use this command to add a route to the switch’ s IP routing table. set ip route { destination | default} ga teway Synt ax Description Command Default s None. Command T ype Switch command. C[...]
-
Page 852
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-1 10 Matrix NSA Series Configuration Guide 1 1.2.5.9 clear ip route Use this command to delete switch IP routing table ent ries. clear ip route destination | default Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read[...]
-
Page 853
Logging And Network Management Command Set Managing Switch Network Addresses and Routes Matrix NSA Series Configu ration Guide 1 1-1 1 1 1 1 .2.5.10 show port mac Use this command to display the MAC address(es ) for one or more ports. These are port MAC addresses programmed into the device during manu facturing. T o show the MAC addresses learned o[...]
-
Page 854
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-1 12 Matrix NSA Series Configuration Guide 1 1.2.5.1 1 show mac Use this command to display th e timeout period for aging learned M AC addresses, and to show MAC addresses in the sw itch’ s filtering data base. These are addresses lea rned on a port throu[...]
-
Page 855
Logging And Network Management Command Set Managing Switch Network Addresses and Routes Matrix NSA Series Configu ration Guide 1 1-1 13 Examples This example shows how to displa y the MAC addr ess timeout period : This example shows how to display MAC address information for Fast Ethernet port 3 in port group 1: T able 1 1-13 provides an expla nati[...]
-
Page 856
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-1 14 Matrix NSA Series Configuration Guide 1 1.2.5.12 set mac Use this command to set the timeo ut period for aging learned MA C entries, to define what ports a multicast address can be dynamically learned on or flooded to, and to make a static entry into t[...]
-
Page 857
Logging And Network Management Command Set Managing Switch Network Addresses and Routes Matrix NSA Series Configu ration Guide 1 1-1 15 1 1 .2.5.13 clear mac Use this command to reset the timeout period for aging learned MAC entries to the default value of 300 seconds, or to clear MAC addresses out of the filte ring database(s). clear mac {[ all ] [...]
-
Page 858
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-1 16 Matrix NSA Series Configuration Guide This example shows how to clear all the MAC addresses associated with port fe.1.3: Matrix(rw)-> clear mac port-stri ng fe.1.3[...]
-
Page 859
Logging And Network Management Command Set Managing Switch Network Addresses and Routes Matrix NSA Series Configu ration Guide 1 1-1 17 1 1 .2.5.14 show newaddrtrap s Use this command to display the status of MAC address traps on one or more ports. show newaddrtrap [ port-string ] Synt ax Description Command Default s If port-string is not specifie[...]
-
Page 860
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-1 18 Matrix NSA Series Configuration Guide 1 1.2.5.15 set newaddrtrap s Use this command to enable or disable SNMP trap messaging, globally or on one or more ports, when new source MAC addresses are detec te d. set newaddrtrap [ port-string ] { enable | dis[...]
-
Page 861
Logging And Network Management Command Set Managing Switch Network Addresses and Routes Matrix NSA Series Configu ration Guide 1 1-1 19 1 1 .2.5.16 show movedaddrtrap Use this command to disp lay the status of mo ved MAC address traps on one or more ports. show movedaddrtrap [ port-string ] Synt ax Description Command Default s If port-string is no[...]
-
Page 862
Logging And Network Management Co mmand Set Managing Switch Network Addresses and Routes 1 1-120 Matrix NSA Series Configuration Guide 1 1.2.5.17 set movedaddrtrap Use this command to enable or disable SNMP trap messaging, globally or on one or more ports, when moved source MAC addresses are detected. set movedaddrtrap [ port-string ] { enable | di[...]
-
Page 863
Logging And Network Management Command Set Configuring Simple Network Time Protocol (SNTP) Matrix NSA Series Configuration Guide 1 1-1 21 1 1 .2.6 Configuring Simple Ne twork T ime Protocol (SNTP) Purpose T o configure the Simple Network T ime Protocol (SNTP ), which synchronizes device clo cks in a network. Commands Commands to configure SNTP are [...]
-
Page 864
Logging And Network Management Co mmand Set Configuring Simple Network Time Protocol (SNTP) 1 1-122 Matrix NSA Series Configuration Guide 1 1.2.6.1 show snt p Use this command to disp lay SNTP client settings. show sntp Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This example show[...]
-
Page 865
Logging And Network Management Command Set Configuring Simple Network Time Protocol (SNTP) Matrix NSA Series Configuration Guide 1 1-1 23 T able 1 1-14 show sntp Output Det ails Output What It Displays... SNTP V ersion SNTP version number . Current T ime Current time on the system clock. T imezone T ime zone name and am ount it is offset from UTC ([...]
-
Page 866
Logging And Network Management Co mmand Set Configuring Simple Network Time Protocol (SNTP) 1 1-124 Matrix NSA Series Configuration Guide 1 1.2.6.2 set sntp client Use this command to set the SNTP operation mode. set sntp client { broadcast | unicast | disable } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode [...]
-
Page 867
Logging And Network Management Command Set Configuring Simple Network Time Protocol (SNTP) Matrix NSA Series Configuration Guide 1 1-1 25 1 1 .2.6.3 clear sntp client Use this command to clear the SNTP client’ s operational mode. clear sntp client Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W [...]
-
Page 868
Logging And Network Management Co mmand Set Configuring Simple Network Time Protocol (SNTP) 1 1-126 Matrix NSA Series Configuration Guide 1 1.2.6.4 set sntp server Use this command to add a server from which the SN TP client will retrieve the current time when operating in unicast mode. Up to 10 servers can be set as SNTP servers. set sntp server i[...]
-
Page 869
Logging And Network Management Command Set Configuring Simple Network Time Protocol (SNTP) Matrix NSA Series Configuration Guide 1 1-1 27 1 1 .2.6.5 clear sntp server Use this command to remove one or all servers from the SNTP server list. clear sntp server { ip-addr ess | all } Synt ax Description Command Default s None. Command T ype Switch comma[...]
-
Page 870
Logging And Network Management Co mmand Set Configuring Simple Network Time Protocol (SNTP) 1 1-128 Matrix NSA Series Configuration Guide 1 1.2.6.6 set sntp broadcast delay Use this command to set the ro u nd trip delay , in microseconds, for SNTP broadcast frames. set sntp broadcastde lay time Synt ax Description Command Default s None. Command T [...]
-
Page 871
Logging And Network Management Command Set Configuring Simple Network Time Protocol (SNTP) Matrix NSA Series Configuration Guide 1 1-1 29 1 1 .2.6.7 clear sntp broadcast delay Use this command to clear the round tr ip delay time for SNTP broadcast frames. clear sntp broadcastdelay Synt ax Description None. Command Default s None. Command T ype Swit[...]
-
Page 872
Logging And Network Management Co mmand Set Configuring Simple Network Time Protocol (SNTP) 1 1-130 Matrix NSA Series Configuration Guide 1 1.2.6.8 set sntp poll-interval Use this command to set the poll in terval between SNTP unicast requests. set sntp poll-interval interval Synt ax Description Command Default s None. Command T ype Switch command.[...]
-
Page 873
Logging And Network Management Command Set Configuring Simple Network Time Protocol (SNTP) Matrix NSA Series Configuration Guide 1 1-1 31 1 1 .2.6.9 clear sntp poll-interval Use this command to clear the poll in terval between unicast SNTP requests. clear sntp poll-interval Synt ax Description None. Command Default s None. Command T ype Switch comm[...]
-
Page 874
Logging And Network Management Co mmand Set Configuring Simple Network Time Protocol (SNTP) 1 1-132 Matrix NSA Series Configuration Guide 1 1.2.6.10 set sntp poll-retry Use this command to set the number of poll retries to a unicast SNTP server . set sntp poll-retry re t r y Synt ax Description Command Default s None. Command T ype Switch command. [...]
-
Page 875
Logging And Network Management Command Set Configuring Simple Network Time Protocol (SNTP) Matrix NSA Series Configuration Guide 1 1-1 33 1 1 .2.6.1 1 clear sntp poll-retry Use this command to clear the number of poll retries to a unicast SNTP server . clear sntp poll-retry Synt ax Description None. Command Default s None. Command T ype Switch comm[...]
-
Page 876
Logging And Network Management Co mmand Set Configuring Simple Network Time Protocol (SNTP) 1 1-134 Matrix NSA Series Configuration Guide 1 1.2.6.12 set sntp poll-timeout Use this command to set the po ll timeout (in seconds) for a response to a unicast SNTP request. set sntp poll-timeout timeout Synt ax Description Command Default s None. Command [...]
-
Page 877
Logging And Network Management Command Set Configuring Simple Network Time Protocol (SNTP) Matrix NSA Series Configuration Guide 1 1-1 35 1 1 .2.6.13 clear sntp poll-timeout Use this command to clear the SNTP poll timeout. clear sntp poll-timeout Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rit[...]
-
Page 878
Logging And Network Management Co mmand Set Configuring Simple Network Time Protocol (SNTP) 1 1-136 Matrix NSA Series Configuration Guide 1 1.2.6.14 show timezone Use this command to disp lay SNTP time zone settings. show timezone Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This e[...]
-
Page 879
Logging And Network Management Command Set Configuring Simple Network Time Protocol (SNTP) Matrix NSA Series Configuration Guide 1 1-1 37 1 1 .2.6.15 set timezone Use this command to set the SNTP time zone name and the ho urs and minutes it is of fset from Coordinated Universal T ime (UTC). set timezone name [ hours ] [ minutes ] Synt ax Descriptio[...]
-
Page 880
Logging And Network Management Co mmand Set Configuring Simple Network Time Protocol (SNTP) 1 1-138 Matrix NSA Series Configuration Guide 1 1.2.6.16 clear timezone Use this command to remove SN TP time zone adjustment values. clear timezone Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Exa[...]
-
Page 881
Logging And Network Management Command Set Configuring Node Aliases Matrix NSA Series Configuration Guide 1 1-1 39 1 1 .2.7 Configuring Node Aliases Purpose T o review , configure, disable and re-enable node (port) alias functionality , which determines what network protoco l s are running on one or m ore ports. Commands Commands to configure node [...]
-
Page 882
Logging And Network Management Co mmand Set Configuring Node Aliases 1 1-140 Matrix NSA Series Configuration Guide 1 1.2.7.1 show nodealias Use this command to display node alias prop erties for one or more ports. show nodealias [ port-string ] Synt ax Description Command Default s If port-string is not specified, node alias prop erties will be dis[...]
-
Page 883
Logging And Network Management Command Set Configuring Node Aliases Matrix NSA Series Configuration Guide 1 1-1 41 Vlan ID VLAN ID assoc i ated with this a lias. MAC Address MAC addres s associated with this alias. Protocol Networking protocol running o n this port. Address / Source IP When applicable, a protoc ol-sp ecific address associated with [...]
-
Page 884
Logging And Network Management Co mmand Set Configuring Node Aliases 1 1-142 Matrix NSA Series Configuration Guide 1 1.2.7.2 show nodealias mac Use this command to display node alias entries based on MAC address and protocol. show nodealias mac mac_addr ess [ ip | apl | mac | hsrp | dhc ps | dhcpc | bootps | bootpc | ospf | vrrp | ipx | xrip | xsap[...]
-
Page 885
Logging And Network Management Command Set Configuring Node Aliases Matrix NSA Series Configuration Guide 1 1-1 43 Command Default s • If protocol is not specified, node alias entries for all protocols will be displayed. • If port-string is not specified, node alias entr ies will be displayed for all ports. Command Mode Read-Only . Example This[...]
-
Page 886
Logging And Network Management Co mmand Set Configuring Node Aliases 1 1-144 Matrix NSA Series Configuration Guide 1 1.2.7.3 show nodealias protocol Use this command to display node alias entries based on protocol and protocol ad dress. show nodealias protocol { ip | apl | mac | hsrp | dhcps | dhcpc | bootps | bootpc | ospf | vrrp | ipx | xrip | xs[...]
-
Page 887
Logging And Network Management Command Set Configuring Node Aliases Matrix NSA Series Configuration Guide 1 1-1 45 Example This example shows how to display node alias entr ies for IP traf fic on ge .3.16. Refer back to T able 1 1-15 for a description of the command output. Matrix(rw)-> show nodealia s protocol ip ge.3.16 Port: ge.3.16 Time: 1 d[...]
-
Page 888
Logging And Network Management Co mmand Set Configuring Node Aliases 1 1-146 Matrix NSA Series Configuration Guide 1 1.2.7.4 show nodealias config Use this command to display node alias conf iguration settings on one or more ports. show nodealias config [ port-string ] Synt ax Description Command Default s If port-string is not specified, node alia[...]
-
Page 889
Logging And Network Management Command Set Configuring Node Aliases Matrix NSA Series Configuration Guide 1 1-1 47 T able 1 1-16 show nodealias config Output Det ails Output What It Displays... Port Number Port designation. Max Entries Maximum nu mber of alias entries configured for this port. Set using the set nodealias maxentries command ( Sectio[...]
-
Page 890
Logging And Network Management Co mmand Set Configuring Node Aliases 1 1-148 Matrix NSA Series Configuration Guide 1 1.2.7.5 set nodealias Use this command to enable or disable a node a lias agent on one or more ports . Upon packet reception, node aliases are dynamica lly assigned to ports enabled with an alias agent, which is the default setting o[...]
-
Page 891
Logging And Network Management Command Set Configuring Node Aliases Matrix NSA Series Configuration Guide 1 1-1 49 1 1 .2.7.6 set nodea lias maxentries Use this command to set the maximum number of node alias en tries allowed for one or more ports. set nodealias maxentries val port-string Synt ax Description Command Default s None. Command T ype Sw[...]
-
Page 892
Logging And Network Management Co mmand Set Configuring Node Aliases 1 1-150 Matrix NSA Series Configuration Guide 1 1.2.7.7 clear nodealias Use this command to remove one or more node alias entries. clear nodealias { port-string port-string | alias-id alias-id } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode[...]
-
Page 893
Logging And Network Management Command Set Configuring Node Aliases Matrix NSA Series Configuration Guide 1 1-1 51 1 1 .2.7.8 clear nodealias config Use this command to reset node alias state to enabled and clear the maximum entries value. clear nodealias config port-string Synt ax Description Command Default s None. Command T ype Switch command. C[...]
-
Page 894
Logging And Network Management Co mmand Set Configuring NetFlow 1 1-152 Matrix NSA Series Configuration Guide 1 1.2.8 Configuring NetFlow NetFlow is a protocol developed for collecting IP traf fic information. Ne twork devices (switches and routers) with NetFlow enabled generate NetF low flow records, whic h are exported from th e device in UDP pac[...]
-
Page 895
Logging And Network Management Command Set Configuring NetFlow Matrix NSA Series Configuration Guide 1 1-1 53 V ersion Support The Matrix DFE firmware supports NetFlow V ersion 5 and V ersion 9. For more information about V ersion 9 data export format, refer to RFC 3954, “Cisco Systems NetFlow Services Export V ersion 9.” When transmitting NetF[...]
-
Page 896
Logging And Network Management Co mmand Set Configuring NetFlow 1 1-154 Matrix NSA Series Configuration Guide more often than once per second, as a minimum. For more information about setting the refresh rate, see the Usage discussion in Section 1 1.2.8.12 . Commands Commands to configure NetFlow ar e listed below and described in the associated se[...]
-
Page 897
Logging And Network Management Command Set Configuring NetFlow Matrix NSA Series Configuration Guide 1 1-1 55 1 1 .2.8.1 show net f low Use this command to displa y NetFlow configur ation information and/or statistics. show netflow [ config [ port-string ]] [ statistics [ export ]] Synt ax Description Command Default s If no parameters are entered,[...]
-
Page 898
Logging And Network Management Co mmand Set Configuring NetFlow 1 1-156 Matrix NSA Series Configuration Guide Disabled Ports: ----------------- lag.0.1-48 ge.1.1-10,12-22,24-52 Export Statistics: ------------------------------- ----- Network Packets Sampled: 232 Exported Packets: 43 Exported Records: 36 Export Packets Failed: 0 Export Records Dropp[...]
-
Page 899
Logging And Network Management Command Set Configuring NetFlow Matrix NSA Series Configuration Guide 1 1-1 57 1 1 .2.8.2 set net flow cache Use this command to enab le (create) or disable (free up) a NetFlow cache on each DFE blade in the Matrix system. A NetFlow cache ma intains NetFlow information for all active flows. By default, NetFlow caches [...]
-
Page 900
Logging And Network Management Co mmand Set Configuring NetFlow 1 1-158 Matrix NSA Series Configuration Guide 1 1.2.8.3 clear net flow cache Use this command to remove, or free up, the Ne tFlow caches on each DFE blade in the Matrix system. When this command is executed, NetF low is effectively disabled on the system. clear netflow cache Synt ax De[...]
-
Page 901
Logging And Network Management Command Set Configuring NetFlow Matrix NSA Series Configuration Guide 1 1-1 59 1 1 .2.8.4 set net f low export-destination Use this command to configure the NetFlow collector destination. By default, no collector address is configured. Only one collector destination per Matrix system can be configured. set netflow exp[...]
-
Page 902
Logging And Network Management Co mmand Set Configuring NetFlow 1 1-160 Matrix NSA Series Configuration Guide 1 1.2.8.5 clear netflo w export-destination Use this command to clear the NetFlow collector IP address. clear netflow export-destination [ ip-address [ udp-port ]] Synt ax Description Command Default s Since only one collector address per M[...]
-
Page 903
Logging And Network Management Command Set Configuring NetFlow Matrix NSA Series Configuration Guide 1 1-1 61 1 1 .2.8.6 set net flow export-interval Use this command to configure the NetFlow export interval. set netflow export-interval interval Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite Usage[...]
-
Page 904
Logging And Network Management Co mmand Set Configuring NetFlow 1 1-162 Matrix NSA Series Configuration Guide 1 1.2.8.7 clear netflow export-interval Use this command to clear NetFlow export interval to its default of 30 minutes. clear netflow export-interval Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mo[...]
-
Page 905
Logging And Network Management Command Set Configuring NetFlow Matrix NSA Series Configuration Guide 1 1-1 63 1 1 .2.8.8 set net flow port Use this command to enable NetFlow collect ion on a port. set netflow port port-string { enable | disable } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite Exam[...]
-
Page 906
Logging And Network Management Co mmand Set Configuring NetFlow 1 1-164 Matrix NSA Series Configuration Guide 1 1.2.8.9 clear net flow port Use this command to return a port to the default NetFlow collection state of disabled. clear netflow port port-string Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-[...]
-
Page 907
Logging And Network Management Command Set Configuring NetFlow Matrix NSA Series Configuration Guide 1 1-1 65 1 1 .2.8.10 set net flow export-version Use this command to set the NetFlow flow reco rd format used to ex port data. Refer to V ersion Support on page 153 for more information about Ne tFlow version support. Use the show netflow config com[...]
-
Page 908
Logging And Network Management Co mmand Set Configuring NetFlow 1 1-166 Matrix NSA Series Configuration Guide 1 1.2.8.1 1 clear net flow export-version Use this command to return the NetFlow flow record format used to export data to the default of V ersion 5. Use the show netflow config comman d ( Section 1 1.2.8.1 ) to display the current NetFlow [...]
-
Page 909
Logging And Network Management Command Set Configuring NetFlow Matrix NSA Series Configuration Guide 1 1-1 67 1 1 .2.8.12 set net flow template Use this command to configure th e NetFlow V ersion 9 template refresh rate and/or timeout values. set netflow template {[ refresh-rate packets ] [ timeout minutes ]} Synt ax Description Command Default s A[...]
-
Page 910
Logging And Network Management Co mmand Set Configuring NetFlow 1 1-168 Matrix NSA Series Configuration Guide The refresh rate defines the maximum dela y a new or restarted NetFlow collector would experience until it learns the format of the data records being forwarded (from the template referenced by the data records). Refresh rates affect NetFlo[...]
-
Page 911
Logging And Network Management Command Set Configuring NetFlow Matrix NSA Series Configuration Guide 1 1-1 69 1 1 .2.8.13 clear net flow template Use this command to reset the V ersion 9 template re fresh rate and/or timeout values to their default values. clear netflow template {[ refresh-rate ] [ timeout ]} Synt ax Description Command Default s A[...]
-
Page 912
Logging And Network Management Co mmand Set Configuring NetFlow 1 1-170 Matrix NSA Series Configuration Guide[...]
-
Page 913
Matrix NSA Series Configuration Guide 12 -1 12 IP Configuration This chapter describes the Internet Protocol (IP) configuration set of commands and how to use them. 12.1 PROCESS OVERVIEW: INTERNET PROTOCOL (IP) CONFIGURATION Use the following steps as a guide to configuring IP on the device: 1. Configuring routing interface settings ( Section 12.2.[...]
-
Page 914
IP Configuration Command Set Configuring Routing Interface Settings 12-2 Matrix NSA Series Configuration Gui de 12.2 IP CONFIGURATION COMMAND SET 12.2.1 Configuring Routing Interface Settings About Loopback vs . VLAN Interfaces Loopback interfaces are different from VLAN routing interfaces because they allow you to disconnect the operation of routi[...]
-
Page 915
IP Configuration Command Set Configuring Routing Interface Settings Matrix NSA Series Configuration Guide 12-3 Purpose T o enable routing interface configuration mod e on the device, to create VLAN or loopba ck routing interfaces, to review the usability status of interfaces configured for IP , to set IP addresses for interfaces, and to enable inte[...]
-
Page 916
IP Configuration Command Set Configuring Routing Interface Settings 12-4 Matrix NSA Series Configuration Gui de 12.2.1.1 show interface Use this command to display in formation about one or more in terfaces (VLANs or loopbacks) configured on the router . show interface [ vlan vlan-id | loopback lo opback-id | lo local-id ] Synt ax Description Comma[...]
-
Page 917
IP Configuration Command Set Configuring Routing Interface Settings Matrix NSA Series Configuration Guide 12-5 Example This example shows how to display information for all interfaces configured on the router . In this case, one loopback interface has been configured for routing. For a detailed description of this output, refer to T able 12-2 : Mat[...]
-
Page 918
IP Configuration Command Set Configuring Routing Interface Settings 12-6 Matrix NSA Series Configuration Gui de 12.2.1.2 interface Use this command to configure interfaces for IP routing. This comm and enables interface configuration mode from global configuration mod e, and, if the interface h as not previously been created, this command creates a[...]
-
Page 919
IP Configuration Command Set Configuring Routing Interface Settings Matrix NSA Series Configuration Guide 12-7 12.2.1.3 ip ecm- for warding-algorithm Use this command to enable ECM (Equal Cost Multipath) for forwarding I P packets on routing interfaces. ip ecm-forwarding-algorithm [ hash-thold | round-robin ] Synt ax Description Command Synt ax of [...]
-
Page 920
IP Configuration Command Set Configuring Routing Interface Settings 12-8 Matrix NSA Series Configuration Gui de 12.2.1.4 show ip interf ace Use this command to display in formation, including administra tive status, IP address, MTU (Maximum T ransmissi on Unit) size and bandwi dth, and ACL config urations, for interfaces configured for IP . show ip[...]
-
Page 921
IP Configuration Command Set Configuring Routing Interface Settings Matrix NSA Series Configuration Guide 12-9 T able 12-2 provides an explanatio n of the command ou tput. T able 12-2 show ip interfa ce Output Det ails Output What It Displays... Vlan | Lpbk | Lo N Whether the interface is admini stratively and operationally up or down. IP Address I[...]
-
Page 922
IP Configuration Command Set Configuring Routing Interface Settings 12-10 Matrix NSA Series Configuration Guide 12.2.1.5 ip address Use this command to set, remove, or disable a pr imary or secondary IP address for an interface. Each Matrix Series routing module or standalone de vi ce supports up to ro uting interfaces, with up to 50 secondary addr[...]
-
Page 923
IP Configuration Command Set Configuring Routing Interface Settings Matrix NSA Series Configuration Guide 12-1 1 12.2.1.6 no shut down Use this command to e nable an in terface for IP routing and to a llow the interface to automatically be enabled at device startup. no shutdown Synt ax Description None. Command T ype Router command. Command Mode In[...]
-
Page 924
IP Configuration Command Set Managing Router C onfiguration Fi les 12-12 Matrix NSA Series Configuration Guide 12.2.2 Managing Router Configuration Files Each Matrix Series device provides a single c onf iguration interface which allows you to perform both switch and router configuration with th e same command set.This sec tion demonstrates managin[...]
-
Page 925
IP Configuration Command Set Managing Router C onfiguration Fi les Matrix NSA Series C onfiguration Guide 1 2-13 12.2.2.1 sho w ru nning-config Use this command to display th e no n-default, user -supplied commands entered while configuring the device. show running-config Synt ax Description None. Command T ype Router command. Command Mode Any rout[...]
-
Page 926
IP Configuration Command Set Managing Router C onfiguration Fi les 12-14 Matrix NSA Series Configuration Guide 12.2.2.2 write Use this command to save or delete the router ru nning configuration, or to display it to output devices. write [ erase | file [ filename config-file ] | terminal ] Synt ax Description Command T ype Router command. Command M[...]
-
Page 927
IP Configuration Command Set Managing Router C onfiguration Fi les Matrix NSA Series C onfiguration Guide 1 2-15 Example This example shows how to display the rout er -s pe ci fic co nfig ura tion to the terminal: Matrix>Router1# write term inal Enable Config t interface vlan 1 iP Address 182.127.63.1 255.255. 255.0 no shutdown interface vlan 2 [...]
-
Page 928
IP Configuration Command Set Managing Router C onfiguration Fi les 12-16 Matrix NSA Series Configuration Guide 12.2.2.3 no ip routing Use this command to disable IP routing on the device an d remove the routing configuration. By default, IP routing is enab led when interfaces are config ured for it as described in Section 12.2.1 . no ip routing Syn[...]
-
Page 929
IP Configuration Command Set Performing a Basic Router Configura tion Matrix NSA Series C onfiguration Guide 1 2-17 12.2.3 Performing a Basi c Router Configuration 12.2.3.1 Usi ng Router-On ly Config Files Although the Matrix Series’ sing le configuration interface prov ides o ne set of co mmands to perform both switch and router configuration, i[...]
-
Page 930
IP Configuration Command Set Performing a Basic Router Confi guration 12-18 Matrix NSA Series Configuration Guide 12.2.3.3 Configuring the Router Y ou can configure th e router usin g either of the following methods. Using a downloaded file... 1. Download a router config file to the standalone or chassis using the copy command as described in Secti[...]
-
Page 931
IP Configuration Command Set Reviewing and Configuri ng th e ARP T able Matrix NSA Series C onfiguration Guide 1 2-19 12.2.4 Reviewing and Confi guring the ARP T able Purpose T o review and configure the rou tin g ARP table, to enable proxy ARP on an interface, and to set a MAC address on an interface. Commands The comm ands used to review an d con[...]
-
Page 932
IP Configuration Command Set Reviewing and Configuring the ARP T able 12-20 Matrix NSA Series Configuration Guide 12.2.4.1 show ip arp Use this command to display entr ies in the ARP (Address Resolution Protocol) table. ARP converts an IP address into a physical address. show ip arp [ ip-addr ess ] [ vlan vlan-id ] [ output-modifier ] Synt ax Descr[...]
-
Page 933
IP Configuration Command Set Reviewing and Configuri ng th e ARP T able Matrix NSA Series C onfiguration Guide 1 2-21 Example This example shows how to use the show ip arp command: T able 12-3 provides an explanatio n of the command ou tput. Matrix>Router1# show ip ar p Protocol Address Age (min) Hardwa re Addr Type Interface -------------------[...]
-
Page 934
IP Configuration Command Set Reviewing and Configuring the ARP T able 12-22 Matrix NSA Series Configuration Guide 12.2.4.2 arp Use this command to add or remo ve permanent (static) ARP table en tries. Up to 1,000 static ARP entries are supported per Matrix Series routing module or standalone devi ce. A multicast MAC address can be used in a static [...]
-
Page 935
IP Configuration Command Set Reviewing and Configuri ng th e ARP T able Matrix NSA Series C onfiguration Guide 1 2-23 12.2.4.3 ip gratuitous-arp Use this command to override the normal ARP updating process, that occurs by default. ip gratuitous-arp { ignore | reply | reque st } Synt ax Description Command Synt ax of the “no” Form The “no” f[...]
-
Page 936
IP Configuration Command Set Reviewing and Configuring the ARP T able 12-24 Matrix NSA Series Configuration Guide 12.2.4.4 ip gratuitous-arp-learning Use this command to allow an interface to learn new ARP bindings using gratuitous ARP . This command wil l be in ef fect if the i p gratuitous-arp ign ore command ( Section 12.2.4.3 ) is used. There w[...]
-
Page 937
IP Configuration Command Set Reviewing and Configuri ng th e ARP T able Matrix NSA Series C onfiguration Guide 1 2-25 12.2.4.5 ip p roxy-arp Use this command to enable proxy ARP on an interface. This varia tion of the ARP protocol allows the routing mo dule to send an ARP response on be half of an end node to th e requesting host. Proxy ARP can les[...]
-
Page 938
IP Configuration Command Set Reviewing and Configuring the ARP T able 12-26 Matrix NSA Series Configuration Guide 12.2.4.6 ip mac-address Use this command to set a MAC address on an interface. ip mac-address addr ess Synt ax Description Command Synt ax of the “no” Form The “no” form of this command clears the MAC address: no ip mac-addr ess[...]
-
Page 939
IP Configuration Command Set Reviewing and Configuri ng th e ARP T able Matrix NSA Series C onfiguration Guide 1 2-27 12.2.4.7 arp timeout Use this command to set the dura tion (in seconds) for entries to stay in the ARP table before expiring. The device can support up to 2000 outstan ding unresolved ARP entr ies. arp timeout seconds Synt ax Descri[...]
-
Page 940
IP Configuration Command Set Reviewing and Configuring the ARP T able 12-28 Matrix NSA Series Configuration Guide 12.2.4.8 clear arp-cache Use this command to delete all nonstatic (dynamic) entries from the ARP table. clear arp-cache Synt ax Description None. Configuration Mode Privileged EXEC: Matrix>Router1# Command Default s None. Example Thi[...]
-
Page 941
IP Configuration Command Set Configuring Broadcast Setti ngs Matrix NSA Series C onfiguration Guide 1 2-29 12.2.5 Configuring Broadcast Settings Purpose T o configure IP broadcast settings. Commands The commands used to configure IP broadcast settings are listed below and described in the associated section as show n: • ip directed-broadcast ( Se[...]
-
Page 942
IP Configuration Command Set Configuring Broadcast Setting s 12-30 Matrix NSA Series Configuration Guide 12.2.5.1 ip directed-broadcast Use this command to enable or disable IP directed broadcasts on an interface. ip directed-broadcast Synt ax Description None. Command Synt ax of the “no” Form The “no” form of this command disables IP direc[...]
-
Page 943
IP Configuration Command Set Configuring Broadcast Setti ngs Matrix NSA Series C onfiguration Guide 1 2-31 12.2.5.2 ip forward-protocol Use this command to enable UDP broadcast fo rwarding and specify which protocols will be forwarded. This co mmand wo rks in conjunction with the ip helper-address command to configure UDP broadcast forwarding. For [...]
-
Page 944
IP Configuration Command Set Configuring Broadcast Setting s 12-32 Matrix NSA Series Configuration Guide Command Default s If port is not specified, default forwarding services will be performed as listed above. Example This example shows how to enable forwarding of Domain Naming Syste m UDP datagrams (port 53): About DHCP/BOOTP Relay DHCP/BOOTP re[...]
-
Page 945
IP Configuration Command Set Configuring Broadcast Setti ngs Matrix NSA Series C onfiguration Guide 1 2-33 12.2.5.3 ip helper-address Use this command to enable DHCP/BOOTP relay and the forwarding of local UDP broadcasts specifying a new destination address. This command works in conjunction with the ip forward-proto col command ( Section 12.2.5.2 [...]
-
Page 946
IP Configuration Command Set Reviewing IP T raffi c and Config uring Routes 12-34 Matrix NSA Series Configuration Guide 12.2.6 Reviewing IP T raffi c and Configuring Routes Purpose T o review IP protocol information about the device, to review IP traf fic and configure routes, to enable and send router ICMP (ping) messages, and to execute tracerout[...]
-
Page 947
IP Configuration Command Set Reviewing IP T r affic and Con figuring Routes Matrix NSA Series C onfiguration Guide 1 2-35 12.2.6.1 show ip protocols Use this command to display information about IP protocols running on the device. show ip protocol s Synt ax Description None. Command T ype Router command. Command Mode Any router mode. Command Defaul[...]
-
Page 948
IP Configuration Command Set Reviewing IP T raffi c and Config uring Routes 12-36 Matrix NSA Series Configuration Guide Example This example shows how t o display IP proto col information. In this case, the rou ting protocol is RIP (Routing Information Protocol). For more information on config uring RIP parameters, refer to Section 13.2.2 : Matrix&[...]
-
Page 949
IP Configuration Command Set Reviewing IP T r affic and Con figuring Routes Matrix NSA Series C onfiguration Guide 1 2-37 12.2.6.2 sho w ip traffic Use this command to display IP traf fic statistics. show ip traffic [ softpath ] Synt ax Description Command T ype Router command. Command Mode Any router mode. Command Default s If softpath is not spec[...]
-
Page 950
IP Configuration Command Set Reviewing IP T raffi c and Config uring Routes 12-38 Matrix NSA Series Configuration Guide Example This example shows how to display IP traffic statistics: Matrix>Router1# show ip traffic IP Statistics: Rcvd: 10 total, 6 local des tination 0 header errors 0 unknown protocol, 0 security failures Frags: 0 reassemble d,[...]
-
Page 951
IP Configuration Command Set Reviewing IP T r affic and Con figuring Routes Matrix NSA Series C onfiguration Guide 1 2-39 12.2.6.3 clear ip stat s Use this command to clear all IP traffic co unters (IP , ICMP , UDP , TCP , IGMP , and ARP). clear ip stats Synt ax Description None. Configuration Mode Privileged EXEC: Matrix>Router1# Command Defaul[...]
-
Page 952
IP Configuration Command Set Reviewing IP T raffi c and Config uring Routes 12-40 Matrix NSA Series Configuration Guide 12.2.6.4 show ip route Use this command to display information about IP routes. show ip ro ute [ destination pr efix destination pr efix mask longer -prefixes | connected | ospf | rip | static | su mmary ] Synt ax Description Comm[...]
-
Page 953
IP Configuration Command Set Reviewing IP T r affic and Con figuring Routes Matrix NSA Series C onfiguration Guide 1 2-41 distributed to every mod ule for use by the router's distributed forwarding engin e on the ingress module as frames a re received. Command Default s If no parameters are specified, all IP route informatio n will be displaye[...]
-
Page 954
IP Configuration Command Set Reviewing IP T raffi c and Config uring Routes 12-42 Matrix NSA Series Configuration Guide 12.2.6.5 ip route Use this command to add or remove a static IP route. ip route pr efix mask { forwar d-addr | vlan vlan-id } [ distance ] [ pe rmanent ] [ tag value ] Synt ax Description Command Synt ax of the “no” Form The ?[...]
-
Page 955
IP Configuration Command Set Reviewing IP T r affic and Con figuring Routes Matrix NSA Series C onfiguration Guide 1 2-43 Examples This example shows how to set IP address 10.1.2.3 as the next hop gatewa y to destination address 10.0.0.0. The rou te is assigned a tag of 1: This example shows how to set IP address 10.1.2.3 as the next hop gatewa y t[...]
-
Page 956
IP Configuration Command Set Reviewing IP T raffi c and Config uring Routes 12-44 Matrix NSA Series Configuration Guide 12.2.6.6 ip icmp Use this command to re-enable th e Internet Control Message Protoc ol (ICMP), allowing a router to reply to IP pin g requests. By default, ICMP m essaging is enabled on a ro uting interface for both echo-reply and[...]
-
Page 957
IP Configuration Command Set Reviewing IP T r affic and Con figuring Routes Matrix NSA Series C onfiguration Guide 1 2-45 12.2.6.7 ping Use this command to test routing network connec tivity by sending IP ping requests. The ping utili ty (IP ping only) transmits a maximum of five echo requ es ts, with a packet size of 100. The applic ation stops wh[...]
-
Page 958
IP Configuration Command Set Reviewing IP T raffi c and Config uring Routes 12-46 Matrix NSA Series Configuration Guide 12.2.6.8 traceroute Use this command to display a hop -by-hop path throu gh an IP network from th e device to a specific destination host. Three ICMP probes w ill be tr ansmitted for each hop between the source and the traceroute [...]
-
Page 959
IP Configuration Command Set Configuring PIM Matrix NSA Series C onfiguration Guide 1 2-47 12.2.7 Configuring PIM Purpose T o review and configure Protoc ol Independent Multicast (PIM). Commands The commands used to review and configure PIM are listed below and described in the associated section as shown: • ip pim sparse mode ( Section 12.2.7.1 [...]
-
Page 960
IP Configuration Command Set Configuring PIM 12-48 Matrix NSA Series Configuration Guide 12.2.7.1 ip pim sparse mode Use this command to enable Prot ocol Independent Multicast (PIM) Sparse Mode (SM) on a routing interface. ip pim sparse-mode Synt ax Description None. Command Synt ax of the “no” Form The no form of this command disables PIM on a[...]
-
Page 961
IP Configuration Command Set Configuring PIM Matrix NSA Series C onfiguration Guide 1 2-49 12.2.7.2 ip pim bsr-candidate Use this command to enable th e router to announce its candid acy as a BootStrap Router (BSR). ip pim bsr-candidate pim-interface [ hash-mas k-length ] [ priority ]] Synt ax Description Command Synt ax of the “no” Form The no[...]
-
Page 962
IP Configuration Command Set Configuring PIM 12-50 Matrix NSA Series Configuration Guide Example This example sets the hash mask length to 30 and DR priority to 77 on VLAN 1: Matrix>Router1(config)# interfac e vlan 1 Matrix>Router1(config-if(Vlan 1 )) #ip pim bsr-candidate vlan 1 p riority 77[...]
-
Page 963
IP Configuration Command Set Configuring PIM Matrix NSA Series C onfiguration Guide 1 2-51 12.2.7.3 ip p im dr-priority Use this command to set the priority for which a rout er will be elected as the designated router (DR). ip pim dr-priority priority Synt ax Description Command Synt ax of the “no” Form The no form of this command di sables the[...]
-
Page 964
IP Configuration Command Set Configuring PIM 12-52 Matrix NSA Series Configuration Guide 12.2.7.4 ip pim rp-address Use this command to set a static rend ezvous point (RP) for a multicast group. ip pim rp-address rp-addr ess gr oup-addr e ss group-mask [ priority priority ] Synt ax Description Command Synt ax of the “no” Form The no form of thi[...]
-
Page 965
IP Configuration Command Set Configuring PIM Matrix NSA Series C onfiguration Guide 1 2-53 12.2.7.5 ip pim rp-candidate Use this command to enable the route r to advertise itself as a PI M candidate rendezvous point (RP) to the BSR. Only one RP candid ate can be configured per routing module or standalone dev ice. ip pim rp-candidate pim-interface [...]
-
Page 966
IP Configuration Command Set Configuring PIM 12-54 Matrix NSA Series Configuration Guide 12.2.7.6 show ip pim b sr Use this command to display Boot Strap Router (BSR) information. show ip pim bsr Synt ax Description None. Command T ype Router command. Command Mode Privileged EXEC: Matrix>Router1# Command Default s None. Example This example show[...]
-
Page 967
IP Configuration Command Set Configuring PIM Matrix NSA Series C onfiguration Guide 1 2-55 BSR Hash Mask Length Length of a mask (32 bits maximu m) that is to be added with the group address before the hash fu nction is called. This value is configured by the ip pim bsr-candidate command. BSR Uptime Interval that this router has been up (in hours:m[...]
-
Page 968
IP Configuration Command Set Configuring PIM 12-56 Matrix NSA Series Configuration Guide 12.2.7.7 show ip pim i nterface Use this command to disp lay information about PIM interfaces tha t are curre ntly up (not shutdown). show ip pim interface [ interface ] Synt ax Description Command T ype Router command. Command Mode Privileged EXEC: Matrix>R[...]
-
Page 969
IP Configuration Command Set Configuring PIM Matrix NSA Series C onfiguration Guide 1 2-57 Nbr -Count T otal number of PIM neighb ors on the interface, discovered by receiving PIM hello messages from other PIM routers on the interface. Query-Intvl Interval betwee n Hello messages. Default is 30 seconds. DR-Prior Designated router priority value on [...]
-
Page 970
IP Configuration Command Set Configuring PIM 12-58 Matrix NSA Series Configuration Guide 12.2.7.8 show ip pim neighbor Use this command to display inform ation about discovered PIM neighbors. show ip pim neighb or [ interface ] Synt ax Description Command T ype Router command. Command Mode Privileged EXEC: Matrix>Router1# Command Default s If no[...]
-
Page 971
IP Configuration Command Set Configuring PIM Matrix NSA Series C onfiguration Guide 1 2-59 Expires Interval in hours, minutes, and seconds until the entry will be removed from the IP multicast routing table. Mode Mode in which the interface is operating. (DR) Indicates that this neighbor is a designated router on the LAN. T able 12-6 show ip pim ne[...]
-
Page 972
IP Configuration Command Set Configuring PIM 12-60 Matrix NSA Series Configuration Guide 12.2.7.9 show ip pim rp Use this command to display the active rendezvo us points (RPs) that are cached with associated multicast routing entries. show ip pim rp [ gr oup | mapping | multicast gr oup addr ess ] Synt ax Description Command T ype Router command. [...]
-
Page 973
IP Configuration Command Set Configuring PIM Matrix NSA Series C onfiguration Guide 1 2-61 T able 12-7 provides an explanatio n of the command ou tput. T able 12-7 show ip pim rp Output Det ails Output What It Displays... Group(s) Address of the multicast group(s) about which to display RP data. RP Address of the RP for that group. Priority RP prio[...]
-
Page 974
IP Configuration Command Set Configuring PIM 12-62 Matrix NSA Series Configuration Guide 12.2.7.10 show ip pim rp-hash Use this command to displa y the rendezvous point (RP) that is being selected for a specified group. show ip pim rp-hash gr oup-ad dr ess Synt ax Description Command T ype Router command. Command Mode Privileged EXEC: Matrix>Rou[...]
-
Page 975
IP Configuration Command Set Configuring PIM Matrix NSA Series C onfiguration Guide 1 2-63 12.2.7.1 1 sho w ip mroute Use this command to display the IP multicast ro uting table. This table shows how a multicast routing protocol, such as PI M and DVMRP , will forw ard a multicast packet. In formation in the table includes source n etwork/mask and u[...]
-
Page 976
IP Configuration Command Set Configuring PIM 12-64 Matrix NSA Series Configuration Guide Example This example shows a portion of the IP multicast ro uting table display . In this case, it shows there are nine source PIM sparse mode (PIMSM) multicast networks. PIMSM network 1 shows an incoming route at VLAN-999 and outgoing rou tes at VLANs 410, 555[...]
-
Page 977
IP Configuration Command Set Configuring PIM Matrix NSA Series C onfiguration Guide 1 2-65 12.2.7.12 show ip mforward Use this command to display the IP multicast forw arding table. This table shows what multicast routes have actuall y b e en pr ogrammed into th e Matrix hardware. Although redundant to the show ip mroute display ( Section 12.2.7 .1[...]
-
Page 978
IP Configuration Command Set Configuring PIM 12-66 Matrix NSA Series Configuration Guide 12.2.7.13 show ip rpf Use this command to display the reverse path of an address in the unicast table. show ip rfp Synt ax Description None. Command T ype Router command. Command Mode Any router mode. Command Default s None. Example This example shows the rever[...]
-
Page 979
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-67 12.2.8 Configuring Load Sharing Network A ddress T ranslation (LSNA T) About LSNA T As defined in RFC 2391, LSNA T supports networ k reliability and availab ility by enabling high traffic servers to load balan[...]
-
Page 980
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-68 Matrix NSA Series Configuration Guide • The virtual port us ed by the virt ual server (configured with the virtual command , Section 12.2.8.15 ) should match the rea l port used by the real server (configured with the re al command, Section 1 2.2.8.[...]
-
Page 981
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-69 • S ticky persistence — a binding is determined by matching the source and destination IP addresses only . This allows all requests from a clie nt to the same virtual address to be directed to the same loa[...]
-
Page 982
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-70 Matrix NSA Series Configuration Guide If you also want to provide direct client access to real servers configured as part of a server farm group, there are two mechanisms that can provide direct client ac cess . The first mechanism, configured wit hin[...]
-
Page 983
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-71 • (Optional) Specify a load ba lancing algorithm. predictor ( Section 12.2.8.5 ) • (Optional) Configure this server farm to use sticky session persistence. (See “Sticky Persistence Configura tion Conside[...]
-
Page 984
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-72 Matrix NSA Series Configuration Guide • (Optional) Allow specific clients direct acce ss to a real server without using LSNA T . allow accessservers ( Section 12.2.8.19 ) Configure global direct access: • (Optional) Allow all clients to directly a[...]
-
Page 985
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-73 12.2.8.1 show ip slb serverfarms Use this command to display server lo ad balancing server farm information. show ip slb server farms [ detail | serverfarmname [ detail ]] Synt ax Description Command T ype Rou[...]
-
Page 986
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-74 Matrix NSA Series Configuration Guide 12.2.8.2 ip slb f tpctrlport Use this command to specify an FTP cont rol port for load balancing functio nality. By default, this is port 21. ip slb ftpctrlport port-number Synt ax Description Command Synt ax of t[...]
-
Page 987
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-75 12.2.8.3 ip slb serverfarm Use this command to identify an LSNAT server farm and enab le server lo ad balancing (S LB) server farm configuration mode. ip slb serverfarm serverfarm name Synt ax Description Comm[...]
-
Page 988
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-76 Matrix NSA Series Configuration Guide 12.2.8.4 real Use this command to add a real LSNA T server to a server farm and to enable LSNA T real server configuration mode. real ip-addr ess po rt number Synt ax Description Command Synt ax of the “no” Fo[...]
-
Page 989
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-77 12.2.8.5 predictor Use this command to specify which load balancing algorith m to use for selecting a real server in an LSNA T server farm. predictor [ r oundrobin | leastcon ns ] Synt ax Description Command S[...]
-
Page 990
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-78 Matrix NSA Series Configuration Guide 12.2.8.6 sticky Use this command to configure sticky session persistence for this server farm. See “S ticky Persistence Configuration Considerations” on page 12-69 for more information. This command is used in[...]
-
Page 991
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-79 12.2.8.7 show ip slb reals Use this command to display info rmation about the real servers. show ip slb reals [ detail | serverfarm s erverfarmname [ detail ]] Synt ax Description Command T ype Router command.[...]
-
Page 992
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-80 Matrix NSA Series Configuration Guide T able 12-9 provides an explanation of the detailed command output. Matrix Router1(config)#> Router1 >show ip slb reals serverfarm te n detail Server Farm : ten Real Server IP : 10.3.0 .3 Real Server Por t :[...]
-
Page 993
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-81 T able 12-9 show ip slb reals Output Det ails Output What It Displays... Server Farm Name of the server farm associated with this server . Assigned using the ip slb server farm command as described in Section [...]
-
Page 994
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-82 Matrix NSA Series Configuration Guide 12.2.8.8 inservice (real server) Use this command to ena ble a real LSNA T se rver . inservice Synt ax Description None. Command Synt ax of the “no” Form The “no” form of this command removes the real serv[...]
-
Page 995
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-83 12.2.8.9 faildetect (real server) Use this command to conf igure which method (type) is used to detect whether an LSNA T server is up or down. faildetect { ping-int seconds ping-r etries number | app-int secon[...]
-
Page 996
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-84 Matrix NSA Series Configuration Guide Example This example shows how to set the ping interval to 10 seconds and the retry numb er to 6 for the real server at IP 10.1.2.3 in the “httpserver” server farm: Matrix>Router1(config)# ip slb s erverfar[...]
-
Page 997
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-85 12.2.8.10 maxconns Use this command to limit th e number of connections to a real LSNA T server . maxconns maximum-number Synt ax Description Command Synt ax of the “no” Form The “no” form of this comm[...]
-
Page 998
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-86 Matrix NSA Series Configuration Guide 12.2.8.1 1 weight Use this command to specify the we ight load number of a real server that is a member of an LSNA T server farm. weight weight-number Synt ax Description Command Synt ax of the “no” Form The ?[...]
-
Page 999
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-87 12.2.8.12 show ip slb vservers Use this command to display server load balancing virtual server information. show ip slb vse rvers [ detail | virtserve r -name [ detail ]] Synt ax Description Command T ype Rou[...]
-
Page 1000
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-88 Matrix NSA Series Configuration Guide This example shows how to display detailed in formation about the “t est” virtual server: T able 1 2-10 provides an explanation of the detailed command output. Matrix Router1(config)#> show ip slb vservers [...]
-
Page 1001
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-89 In Service Whether or not this vi rtual server is enabled (using the inservice command as des cribed in Section 12.2.8.16 ). Service Name Whether or not the service named can also be accessed through this virt[...]
-
Page 1002
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-90 Matrix NSA Series Configuration Guide 12.2.8.13 ip slb vserver Use this command to identify an LSNA T virtual server and to access or enable the virtual server load balance (SLB) confi guration mode. ip slb vserver vserver-name Synt ax Description Com[...]
-
Page 1003
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-91 12.2.8.14 serverfarm Use this command to associa te a virtual server with an LSN A T server farm. serverfarm se rverfarm-name Synt ax Description Command Synt ax of the “no” Form The “no” form of this [...]
-
Page 1004
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-92 Matrix NSA Series Configuration Guide 12.2.8.15 virtual Use this command to configure a virtual server IP address. virtual ip-addr ess { tcp | udp } port [ ser vice service-name ] Synt ax Description Command Synt ax of the “no” Form The “no” f[...]
-
Page 1005
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-93 Command Mode SLB V irtual Server Configuration mode: Matrix>Router1(config-slb-vserver)# Command Default s If a TCP service name is not specified, none will be applied. Example This example shows how to set[...]
-
Page 1006
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-94 Matrix NSA Series Configuration Guide 12.2.8.16 inservice (virtual server) Use this command to enable a virtual LSNA T server . inservice Synt ax Description None. Command Synt ax of the “no” Form The “no” form of this command re moves the vir[...]
-
Page 1007
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-95 12.2.8.17 client Use this command to allow a specific client to us e a virtual server . If no clients are specified with this command, all clients will be allowed to use a virtual server . client ip-addr ess n[...]
-
Page 1008
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-96 Matrix NSA Series Configuration Guide 12.2.8.18 persistence level Use this command to set the type of binding used and the time limit to allow clients to remai n bound to an LSNA T virtual server . See “Session Pe rsistence” on page 12-68 for more[...]
-
Page 1009
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-97 Command Default s If not specified, persistence level is set to TCP . Examples This example shows how to set the TCP session pers istence timeout to 360 seconds on the virtual server named “virtual-http”: [...]
-
Page 1010
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-98 Matrix NSA Series Configuration Guide 12.2.8.19 allow accessservers Use this command to allow specific clients to access the load balanc ing real servers in a pa rticular LSNA T server farm without address translation. Specif ied clients can set up co[...]
-
Page 1011
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series C onfiguration Guide 1 2-99 12.2.8.20 ip slb allowaccess_all Use this command to allow all clients to direct ly access all services provided by real servers EXCEP T FOR those services configured for server load balancing. The real server[...]
-
Page 1012
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-100 Matrix NSA Series Configuration Guide Matrix>Router1(config)# ip slb a llowaccess_all Matrix>Router1(config)#ip slb s erverfarm httpserver Matrix>Router1(config-slb-sfarm )#real 10.1.2.1 port 80 Matrix>Router1(config-slb-real) #inservice [...]
-
Page 1013
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series Configura tion Guide 12-101 12.2.8.21 show ip slb conns Use this command to display active server load balancing connections. show ip slb conns [ detail | vserver virtualse rver [ detail ] | client client-ip [ detail ]] Synt ax Descripti[...]
-
Page 1014
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-102 Matrix NSA Series Configuration Guide This example shows how to display detailed in formation about active se rver load balancing connections: T able 12-1 1 provides an explan atio n of the detailed comman d o utput. Matrix>Router1# show ip slb co[...]
-
Page 1015
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series Configura tion Guide 12-103 12.2.8.22 show ip slb st ats Use this command to display lo ad server balancing statistics. show ip slb stats Synt ax Description None. Command T ype Router command. Command Mode Any router mode. Command Defau[...]
-
Page 1016
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-104 Matrix NSA Series Configuration Guide 12.2.8.23 show ip slb sticky Use this command to display server lo ad balancing active sticky connections. show ip slb sticky [ client ip-address ] Synt ax Description Command T ype Router command. Command Mode A[...]
-
Page 1017
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series Configura tion Guide 12-105 12.2.8.24 clear ip slb Use this command to clear server load balancing counters or to remove server load balancing connections. clear ip slb {[ counters ] [ connections { all | flowid flowid | serverfarm serve[...]
-
Page 1018
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-106 Matrix NSA Series Configuration Guide 12.2.8.25 show rou ter limit s Use this command to disp lay LSNA T router limits. show router limits [ lsnat-bindings ] | [ lsnat-cache] | [ lsnat-configs ] Synt ax Description Command T ype Switch command. Comma[...]
-
Page 1019
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series Configura tion Guide 12-107 12.2.8.26 set router limit s Use this command to set LSNA T router limits. set router limits [ lsnat-bindings lsnat-bindings ] | [ lsnat-cache lsnat-cache ] | [ lsnat-configs lsnat-configs ] Synt ax Descriptio[...]
-
Page 1020
IP Configuration Command Set Configuring Load Sharing Network Address T ranslatio n (LSNA T) 12-108 Matrix NSA Series Configuration Guide configured, and up to 500 rea l servers and 500 c lient access e ntries can be configured. Example This example shows how to set the LSNA T configur ation limit to 25. This means that up to 25 server farms, 25 vi[...]
-
Page 1021
IP Configuration Command Set Configuring L oad Sharing Ne twork Add ress T ranslation (LSNA T) Matrix NSA Series Configura tion Guide 12-109 12.2.8.27 clear router limit s Use this command to reset chassis-b ased LSNA T limits to default values. clear router limits [ lsnat-bindings ] | [ lsnat-cache ] | [ lsnat-configs ] Synt ax Description Command[...]
-
Page 1022
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-1 10 Matrix NSA Series Configuration Guide 12.2.9 Configuring Dynamic Ho st Configuration Protocol (DHCP) DHCP Overview The Dynamic Host Configuration Protocol (DHCP) provides services for allocating and delivering IP addresses and other configuration parameters [...]
-
Page 1023
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configu ration Guide 12 -1 1 1 DHCP T ask List The CLI commands for DHCP Serv er provide functionality for: 1. Configuring a DHCP local pool for a subnet (required) 2. Excluding IP addresses not to be assigned to the c lients by the DHCP server ([...]
-
Page 1024
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-1 12 Matrix NSA Series Configuration Guide Commands The commands used to configure DHCP are liste d below and described in the ass ociated section as shown: • ip dhcp server ( Section 12.2.9.1 ) • ip local pool ( Section 12.2.9.2 ) • exclude ( Section 12.2.[...]
-
Page 1025
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configuration Guide 12-1 13 • client-class ( Section 12.2.9.17 ) • client-identifier ( Section 12.2.9. 18 ) • client-name ( Section 12.2.9.19 ) • hardware-address ( Section 12.2.9.20 ) • show ip dh cp binding ( Section 1 2.2.9.21 ) • [...]
-
Page 1026
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-1 14 Matrix NSA Series Configuration Guide 12.2.9.1 ip dhcp server Use this command to enable DHCP server features on a routing interface. ip dhcp server Synt ax Description None. Command Synt ax of the “no” Form The “no” form of this command disables DHC[...]
-
Page 1027
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configuration Guide 12-1 15 12.2.9.2 ip l ocal pool Use this command to configure a lo cal address pool to use as a DHC P subnet. This defines the range of IP addresses to be used by DHCP server an d enables IP local pool configuration mode. ip l[...]
-
Page 1028
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-1 16 Matrix NSA Series Configuration Guide 12.2.9.3 exclude Use this command to exclude one or more addresses from a DHCP local address pool. exclu de ip-addr ess number Synt ax Description Command Synt ax of the “no” Form The “no” form of this command re[...]
-
Page 1029
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configuration Guide 12-1 17 12.2.9.4 ip d hcp ping packet s Use this command to specify the number of pack ets a DHCP server sends to an IP address before assigning the address to a requesting client. ip dhcp ping packets number Synt ax Descripti[...]
-
Page 1030
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-1 18 Matrix NSA Series Configuration Guide 12.2.9.5 ip dhcp ping timeout Use this command to specify the amount of time the DHCP server will wait for a ping reply from an IP address before timing out. ip dhcp ping timeout milliseconds Synt ax Description Command [...]
-
Page 1031
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configuration Guide 12-1 19 12.2.9.6 ip dhcp pool Use this command to assign a name to a DHCP server pool of addresses, and to enable DHCP address pool config uration mode. ip dhcp pool name Synt ax Description Command Synt ax of the “no” For[...]
-
Page 1032
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-120 Matrix NSA Series Configuration Guide 12.2.9.7 domain-name Use this command to assign a do main name to a DHCP client. domain-n ame domain Synt ax Description Command Synt ax of the “no” Form The “no” form of this comman d deletes a DHCP domain name: [...]
-
Page 1033
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configura tion Guide 12-121 12.2.9.8 dns-server Use this command to assign one or more DNS servers to DHCP clients. dns-server addr ess [ addr ess2...addr ess8 ] Synt ax Description Command Synt ax of the “no” Form The “no” form of this c[...]
-
Page 1034
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-122 Matrix NSA Series Configuration Guide 12.2.9.9 netbios-name-server Use this command to assign one or more NetBIOS WINS servers to DHCP clients. netbios-name-server addr ess [ addr ess 2...addr ess8 ] Synt ax Description Command Synt ax of the “no” Form Th[...]
-
Page 1035
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configura tion Guide 12-123 12.2.9.10 netbios-node-type Use this command to assign a NetBIOS node (server) type to DHCP clien ts. netbios-node-type type Synt ax Description Command Synt ax of the “no” Form The “no” form of this comman d d[...]
-
Page 1036
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-124 Matrix NSA Series Configuration Guide 12.2.9.1 1 default-router Use this command to assign a default router list to DHCP clients. default-router addr ess [ addr ess2...addr ess8 ] Synt ax Description Command Synt ax of the “no” Form The “no” form of t[...]
-
Page 1037
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configura tion Guide 12-125 12.2.9.12 bootfile Use this command to specify the defa ult boot image for a DHCP client. bootfile filename Synt ax Description Command Synt ax of the “no” Form The “no” form of this command deletes the boot im[...]
-
Page 1038
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-126 Matrix NSA Series Configuration Guide 12.2.9.13 next-server Use this command to specify the next server in the DHCP server boot process. The next server is the server the client will contact for the boot file if the primary server is not able to supply it. A [...]
-
Page 1039
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configura tion Guide 12-127 12.2.9.14 option Use this command to configure DHCP options. Th ese configuration parameters and oth er control information are carried in tagged data items that are stored in the options field of the DHCP message to n[...]
-
Page 1040
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-128 Matrix NSA Series Configuration Guide This example shows how to configure DHCP optio n 72, which assigns one or more W eb servers for DHCP clients. In this case, two W e b server addresse s are configure d : Matrix>Router1(config)# ip dhcp pool localpool M[...]
-
Page 1041
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configura tion Guide 12-129 12.2.9.15 lease Use this command to specify the duration of the lea se for an IP addres s assigned by a DH CP server to a client. lease { days [ hours ] [ minutes ] | infinite } Synt ax Description Command Synt ax of t[...]
-
Page 1042
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-130 Matrix NSA Series Configuration Guide 12.2.9.16 host Use this command to specify an IP ad dress and netwo rk mask for manual DHCP bindi ng. host addr ess [ mask | pr efix-length ] Synt ax Description Command Synt ax of the “no” Form The “no” form of t[...]
-
Page 1043
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configura tion Guide 12-131 12.2.9.17 client-class Use this command to identify an DH CP client c lass. Using this comman d to give a set of client cla ss properties a name, allows you to as sign properties to all DHCP clients within the class ra[...]
-
Page 1044
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-132 Matrix NSA Series Configuration Guide 12.2.9.18 client-identifier Use this command to ena ble DHCP host configur ation mode and associa te a client c lass with a DHCP client. client-identifier mac-addr ess [ client-class name ] Synt ax Description Command Syn[...]
-
Page 1045
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configura tion Guide 12-133 12.2.9.19 client-name Use this command to assign a name to a DHCP client. client-name name [ client-class name ] Synt ax Description Command Synt ax of the “no” Form The “no” form of this comm and deletes a cli[...]
-
Page 1046
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-134 Matrix NSA Series Configuration Guide 12.2.9.20 hardware-address Use this command to specify parameters for a new DHCP client address. This command also enables DHCP host configuration mode. hardware-address har dwar e-addr ess [ type ] Synt ax Description Co[...]
-
Page 1047
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configura tion Guide 12-135 12.2.9.21 show ip dhcp binding Use this command to display information about one or all DHCP address bindings. show ip dhcp binding [ ip - addr ess ] Synt ax Description Command T ype Router command. Command Mode Any D[...]
-
Page 1048
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-136 Matrix NSA Series Configuration Guide 12.2.9.22 clear ip dhcp bin ding Use this command to delete one or all automatic DHCP address bindings. clear ip dhcp binding { addr ess | * } Synt ax Description Command T ype Router command. Command Mode Privileged EXEC[...]
-
Page 1049
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configura tion Guide 12-137 12.2.9.23 show ip dhcp server st atistics Use this command to display DHCP server statistics. show ip dhcp server statistics Synt ax Description None. Command T ype Router command. Command Mode Any DHCP configuration m[...]
-
Page 1050
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-138 Matrix NSA Series Configuration Guide T able 1 2-13 provides an explanation of th e command output. T a ble 12 -13 s how ip dhcp s erver statistics Outp ut Details Output What It Displays... Memory usage Bytes of RAM allocated by the DHCP server . Address poo[...]
-
Page 1051
IP Configuration Command Set Configuring Dynamic Host C onfigurati on Protocol (DHCP) Matrix NSA Series Configura tion Guide 12-139 12.2.9.24 clear ip dhcp server st atistics Use this command to reset all DHCP server counte rs. clear ip dhcp server statistics Synt ax Description None. Command T ype Router command. Command Mode Privileged EXEC: Matr[...]
-
Page 1052
IP Configuration Command Set Configuring Dynamic Host Configuration Protocol (DHCP) 12-140 Matrix NSA Series Configuration Guide[...]
-
Page 1053
Matrix NSA Series Configuration Guide 13 -1 13 Routing Protocol Configuration This chapter describes the Routing Protocol Config uration set of commands and how to use them. 13.1 PROCESS OVERVIEW: ROUTING PROTOCOL CONFIGURATION Use the following steps as a guide to conf iguring routing proto cols on the device: 1. Activating advanced routing featur[...]
-
Page 1054
Routing Protocol Config uration Command Set Activating Advanced Routing Feature s 13-2 Matrix NSA Series Configuration Gui de 13.2 ROUTING PROTOCOL CONFIGURATION COMMAND SET 13.2.1 Activating Advanced Routing Features In order to enable ad va nced routing prot oc ols, such as OSPF and extend ed ACLs, on a Matrix Series device , you must purchase an[...]
-
Page 1055
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series Configuration Guide 13-3 Specify a RIP version. ip rip send version ( Section 13.2.2.7 ) ip rip receive version ( Section 13. 2.2.8 ) Configure RIP authentication. key chain ( Section 13.2. 2.9 ) key ( Section 13.2.2.10 ) key-string ( Section 13.2.2. 1 1 ) accept-lifeti[...]
-
Page 1056
Routing Protocol Config uration Command Set Configuring RIP 13-4 Matrix NSA Series Configuration Gui de 13.2.2.1 router rip Use this command to enable or disable RIP configuration mode. router rip Synt ax Description None. Command Synt ax of the “no” Form The “no” form of this command disables RIP: no router ri p Command T ype Router comman[...]
-
Page 1057
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series Configuration Guide 13-5 13.2.2.2 netw ork Use this command to attac h a network of directly connected networks to a RIP routing process, or to remove a network from a RIP routing process. network ip-addr ess Synt ax Description Command Synt ax of the “no” Form The [...]
-
Page 1058
Routing Protocol Config uration Command Set Configuring RIP 13-6 Matrix NSA Series Configuration Gui de 13.2.2.3 neighbor Use this command to instruct the router to send un icast RIP information to an IP addr ess. RIP is normally a broadcast protocol. In order for RIP r outing updates to reach nonbroadcast networks, the neighbor ’ s IP address mu[...]
-
Page 1059
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series Configuration Guide 13-7 13.2.2.4 dist ance Use this command to configure th e administrative distance for RIP routes. If several routes (coming from different protocols) are presented to the Matrix Series Route T able Manager (R TM), the protocol with the lowest admini[...]
-
Page 1060
Routing Protocol Config uration Command Set Configuring RIP 13-8 Matrix NSA Series Configuration Gui de Example This example shows how to ch ange the default administrative distance for RIP to 1001: Matrix>Router1(config)# router r ip Matrix>Router1(config-router)# d istance 100[...]
-
Page 1061
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series Configuration Guide 13-9 13.2.2.5 ip rip off set Use this command to add or remove an of fset to the metric of an incoming or outg oing RIP route. Adding an offset on an interface is used fo r the purpose of making an interface a backup. ip rip offset { in | out } value[...]
-
Page 1062
Routing Protocol Config uration Command Set Configuring RIP 13-10 Matrix NSA Series Configuration Guide 13.2.2.6 timers Use this command to adjust RIP routing timers determining the frequency of routing updates, the length of time before a route b ecomes invalid, and the interval du ring which routing information regarding better paths is suppress [...]
-
Page 1063
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series Configuration Guide 13-1 1 13.2.2.7 ip rip send version Use this command to set the RIP version(s) for update packets transmitted on an interface. ip rip send version { 1 | 2 | r1compatible } Synt ax Description Command Synt ax of the “no” Form The “no” form of [...]
-
Page 1064
Routing Protocol Config uration Command Set Configuring RIP 13-12 Matrix NSA Series Configuration Guide 13.2.2.8 ip rip receive version Use this command to set the RI P version(s) for update packets a ccepted on the interface . ip rip receive version { 1 | 2 | 1 2 | none } Synt ax Description Command Synt ax of the “no” Form The “no” form o[...]
-
Page 1065
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series C onfiguration Guide 1 3-13 About RIP Authentication The following tasks must be completed to configur e RIP authentication on a Matrix Series routing module: 1. Create a key chain as described in Sectio n 13.2.2.9 . 2. Add a key to the chain as described in Section 13.[...]
-
Page 1066
Routing Protocol Config uration Command Set Configuring RIP 13-14 Matrix NSA Series Configuration Guide 13.2.2.9 key chain Creates or deletes a key chain used globally for RIP authentication. key chai n name Synt ax Description Command Synt ax of the “no” Form The “no” form of this command deletes the specified key chain: no key chain name [...]
-
Page 1067
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series C onfiguration Guide 1 3-15 13.2.2.10 key Use this command to identify a RIP authentication key on a key chain. key key-id Synt ax Description Command Synt ax of the “no” Form The “no” form of this comman d re moves the key from the key chain: no key key-id Comm[...]
-
Page 1068
Routing Protocol Config uration Command Set Configuring RIP 13-16 Matrix NSA Series Configuration Guide 13.2.2.1 1 key-string Use this command to specify a RIP authentication string for a key . Once c onfigured, this string must be sent and received in RIP packets in order for them to be authenticated. key-string text Synt ax Description Command Sy[...]
-
Page 1069
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series C onfiguration Guide 1 3-17 13.2.2.12 accept-lifeti me Use this command to speci fy the time period during which an authentication key on a key ch ain is valid to be received. accept-lifetime start-time month date year { duration seconds | end-time | infinite } Synt ax [...]
-
Page 1070
Routing Protocol Config uration Command Set Configuring RIP 13-18 Matrix NSA Series Configuration Guide Command Mode Key chain key co nfig uration : Matrix>Router1(con fig-keychain-key)# Command Default s None. Examples This example shows how to allow the “password” au thentication key to be received as valid on its RIP-configured interface [...]
-
Page 1071
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series C onfiguration Guide 1 3-19 13.2.2.13 send-lifetime Use this command to speci fy the time period during which an authentication key on a key ch ain is valid to be sent. send-lifetime start-time month date year { duration seconds | end-time | infinite } Synt ax Descripti[...]
-
Page 1072
Routing Protocol Config uration Command Set Configuring RIP 13-20 Matrix NSA Series Configuration Guide Command Default s None. Example This example shows how to allow the “password” authentication key to be sent as valid on its RIP-configured interface beginnin g at 2:30 on November 30, 2002 with no ending time (infinitely): Matrix>Router1([...]
-
Page 1073
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series C onfiguration Guide 1 3-21 13.2.2.14 ip rip authentication keychain Use this command to enable or disable a RIP au thentication key chain for use on an interface. ip rip authen tication keyc hain name Synt ax Description Command Synt ax of the “no” Form The “no?[...]
-
Page 1074
Routing Protocol Config uration Command Set Configuring RIP 13-22 Matrix NSA Series Configuration Guide 13.2.2.15 ip rip aut hentication mode Use this command to set th e authentication mode when a key chain is present. ip rip authentication mode { text | md5 } Synt ax Description Command Synt ax of the “no” Form The “no” form of this comma[...]
-
Page 1075
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series C onfiguration Guide 1 3-23 13.2.2.16 no auto-summary Use this command to disable automatic route summariz ation. By default, RIP ve rsion 2 supports automatic route summarization, which summarizes subprefixes to the classful network boundary when crossing network boun [...]
-
Page 1076
Routing Protocol Config uration Command Set Configuring RIP 13-24 Matrix NSA Series Configuration Guide 13.2.2.17 ip rip disable-triggered-up dates Use this command to prevent RIP from sending trig gered up dates. T riggered updates are sent when there is a cha nge in the ne tw ork an d a new route with a lower metric is lea r ne d, or an old route[...]
-
Page 1077
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series C onfiguration Guide 1 3-25 13.2.2.18 ip split-horizon poison Use this command to enable or disable split ho rizon poison-reverse mode for RIP packets. Split horizon prevents packets from exit ing through the same interface on which they were received. Poison-reverse ex[...]
-
Page 1078
Routing Protocol Config uration Command Set Configuring RIP 13-26 Matrix NSA Series Configuration Guide 13.2.2.19 p assive-interface Use this command to prevent RIP from tran smitting update packets on an interface. passive-interface vlan vlan-id Synt ax Description Command Synt ax of the “no” Form The “no” form of this comm and disables pa[...]
-
Page 1079
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series C onfiguration Guide 1 3-27 13.2.2.20 receive-interface Use this command to allow RIP to receive update pa cke ts on an interface. Th is does not affect the sending of RIP updates on the specified interface. receive-interface vlan vlan-id Synt ax Description Command Syn[...]
-
Page 1080
Routing Protocol Config uration Command Set Configuring RIP 13-28 Matrix NSA Series Configuration Guide 13.2.2.21 distribute-list Use this command to filte r networks received and to suppress networks from being advertised in RIP updates. distribute-list access-list-number { in vlan vlan-id | out vlan vlan-id } Synt ax Description Command Synt ax o[...]
-
Page 1081
Routing Protocol Conf igura tion Command Set Configuring R IP Matrix NSA Series C onfiguration Guide 1 3-29 13.2.2.22 redistribute Use this command to allow rout i ng information disco vered through non-RIP p rotocols to be distributed in RIP update messages. redistribute { connected | ospf pr ocess-id | static } [ metric metric value ] [ subnets ][...]
-
Page 1082
Routing Protocol Config uration Command Set Configuring RIP 13-30 Matrix NSA Series Configuration Guide Example This example shows how to redistribute routing info rmation discovered th rough OSPF process ID 1 non-subnetted routes into RIP update messages: Matrix>Router1(config)# router r ip Matrix>Router1(config-router)# r edistribute ospf 1[...]
-
Page 1083
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-31 13.2.3 Configuring OSPF Purpose T o enable and configure th e Open Shortest Path First (OSPF) routing protocol. OSPF Configuration T ask List and Commands T able 13-2 lists the tasks and commands associated with OSPF configuration. Commands a[...]
-
Page 1084
Routing Protocol Config uration Command Set Configuring OSPF 13-32 Matrix NSA Series Configuration Guide • Set a priority to help determine the OSPF designated router for the network. ip ospf priority ( Section 13 .2.3.5 ) • Adjust timers and message intervals. timers spf ( Section 1 3.2.3.6 ) ip ospf retransmit-interval ( Section 13.2.3.7 ) ip[...]
-
Page 1085
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-33 Limit link state database overflow . d atabase-overflow ( Section 13.2.3.22 ) Monitor and maintain OSPF . show ip ospf ( Section 13.2.3.23 ) show ip ospf database ( Section 13.2.3.24 ) show ip ospf border -routers ( Section 13.2.3.25 ) show i[...]
-
Page 1086
Routing Protocol Config uration Command Set Configuring OSPF 13-34 Matrix NSA Series Configuration Guide 13.2.3.1 router osp f Use this command to enable or disable Open Sh ortest Path First (OSPF) configuration mode. r o uter ospf pr ocess-id Synt ax Description Command Synt ax of the “no” Form The “no” form of this command disables OSPF c[...]
-
Page 1087
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-35 13.2.3.2 netw ork Use this command to configur e area IDs for OSPF interfaces. network ip - addr ess wildcar d-mask area ar ea-id Synt ax Description Command Synt ax of the “no” Form The “no” form of this command removes OSPF routing [...]
-
Page 1088
Routing Protocol Config uration Command Set Configuring OSPF 13-36 Matrix NSA Series Configuration Guide 13.2.3.3 router id Use this command to set the OSPF router ID for the device. The OSPF protocol uses the router ID as a tie-breaker for path selection. If not specified, this will be set to the lowest IP address of the interfaces configured for [...]
-
Page 1089
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-37 13.2.3.4 ip o sp f cost Use this command to set the cost of sending an OSPF packet on an interface. Each router interface that participates in OSPF routing is assigned a de fault cost. This command overwrites the default of 10. ip ospf cost c[...]
-
Page 1090
Routing Protocol Config uration Command Set Configuring OSPF 13-38 Matrix NSA Series Configuration Guide 13.2.3.5 ip osp f priority Use this command to set the OSPF priority value for router interfaces. The priority value is communicated between routers by means of he llo messages and influen ces the election of a designated rout er . ip ospf prior[...]
-
Page 1091
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-39 13.2.3.6 timers sp f Use this command to change OSPF timer values to fine-tune the OSPF network. timers spf spf-delay spf-hold Synt ax Description Command Synt ax of the “no” Form The “no” form of this command res tores the default ti[...]
-
Page 1092
Routing Protocol Config uration Command Set Configuring OSPF 13-40 Matrix NSA Series Configuration Guide 13.2.3.7 ip osp f retransmit- interval Use this command to set the amou nt of time between retransmissions of link state advertisements (LSAs) for adjacencies that belong to an interface. ip ospf r etransmit-interval seconds Synt ax Description [...]
-
Page 1093
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-41 13.2.3.8 ip ospf transmit-delay Use this command to set the amount of time requir ed to transmit a link state update packet on an interface. ip ospf transmit-delay seconds Synt ax Description Command Synt ax of the “no” Form The “no” [...]
-
Page 1094
Routing Protocol Config uration Command Set Configuring OSPF 13-42 Matrix NSA Series Configuration Guide 13.2.3.9 ip osp f hello-interval Use this command to set th e number of seconds a ro uter must wait before sending a hello packet to neighbor routers on an interface. Each Matrix Series routing module or standa lone device can support communicat[...]
-
Page 1095
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-43 13.2.3.10 ip osp f dead -interval Use this command to set the numb er of seconds a router must wait to receive a hello packet from its neighbor before determining that the neighbor is out of service. ip ospf dead-interval seconds Synt ax Desc[...]
-
Page 1096
Routing Protocol Config uration Command Set Configuring OSPF 13-44 Matrix NSA Series Configuration Guide 13.2.3.1 1 ip osp f authentication-key Use this command to assign a password to be us ed by neighboring rout ers using OSPF’ s simple password authentication. Th is password is used as a “key” that is inserted directly into the OSPF header[...]
-
Page 1097
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-45 13.2.3.12 ip osp f message digest key md5 Use this command to enable or disable OSPF MD 5 authentication on an in terface. This validates OSPF MD5 routing updates be tween neighboring routers. ip ospf message-digest-key keyid md5 key Synt ax [...]
-
Page 1098
Routing Protocol Config uration Command Set Configuring OSPF 13-46 Matrix NSA Series Configuration Guide 13.2.3.13 dist ance osp f Use this command to configure the administrative distance for OSPF routes. If several routes (coming from different protocols) are presented to the Matrix Series Route T able Manager (R TM), the protocol with the lowest[...]
-
Page 1099
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-47 Command Default s If route type is not specifie d, the distance value will be applied to all OSPF routes. Example This example shows how to change the default administrative distan ce for external OSPF routes to 100: Matrix>Router1(config)[...]
-
Page 1100
Routing Protocol Config uration Command Set Configuring OSPF 13-48 Matrix NSA Series Configuration Guide 13.2.3.14 area range Use this command to define the range of addresse s to be used by Area Border Routers (ABRs) when they communicate routes to other areas. Each Ma trix Series module or standalone device can support up to 6 OSPF areas and up t[...]
-
Page 1101
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-49 13.2.3.15 area authentication Use this command to enable or disa ble authenti cation for an OSPF area. area area-id authentication { simple | message-digest } Synt ax Description Command Synt ax of the “no” Form The “no” form of this [...]
-
Page 1102
Routing Protocol Config uration Command Set Configuring OSPF 13-50 Matrix NSA Series Configuration Guide 13.2.3.16 area stub Use this command to define an OSPF area as a stub area. This is an area that carries no external routes. area ar ea-id stub [ no-summary ] Synt ax Description Command Synt ax of the “no” Form The “no” form of this com[...]
-
Page 1103
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-51 13.2.3.17 area default cost Use this command to set the cost va lue for the default route that is sent into a stub area by an Area Border Router (ABR). The use of this command is restricted to ABRs attached to stub areas. area area-id default[...]
-
Page 1104
Routing Protocol Config uration Command Set Configuring OSPF 13-52 Matrix NSA Series Configuration Guide 13.2.3.18 area nssa Use this command to configure an area as a no t so stubby area (NSSA). An NSSA allows some external routes represented by external Link State Advertisements (LSAs) to be imported into it. This is in contrast to a stub area th[...]
-
Page 1105
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-53 13.2.3.19 area virtual-link Use this command to define an OSPF virtual lin k, which represents a lo gical connection between the backbone and a non-backbone OSPF area. area ar ea-id virtual-link ip-addr ess The options for using this syntax a[...]
-
Page 1106
Routing Protocol Config uration Command Set Configuring OSPF 13-54 Matrix NSA Series Configuration Guide Command Synt ax of the “no” Form The “no” form of this comm and removes the virtual link: no area ar ea-id virtual-link ip-addr ess authentication-key key no area ar ea-id virtual-link ip-addr ess dead-interval seconds no area ar ea-id v[...]
-
Page 1107
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-55 13.2.3.20 p assive-interface Use this command to enable passiv e OSPF on an interface. This allo ws an interface to be included in the OSPF route table, but turns of f sending and receiving hellos for an interface. It also prevents OSPF adjac[...]
-
Page 1108
Routing Protocol Config uration Command Set Configuring OSPF 13-56 Matrix NSA Series Configuration Guide 13.2.3.21 redistribute Use this command to allow rou ting inf ormation discovered through non-OSPF protocols to be distributed in OSPF update messages. redistribute { rip | static [ metric metric value ] [ metric-type type-value ] [ subnets ] [ [...]
-
Page 1109
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-57 Command Synt ax of the “no” Form The “no” form of this command clears redistribution parameters: no redistribute { connected | rip | static } Command Mode Router configuration: Matrix>Router1(config-router)# Command Default s • I[...]
-
Page 1110
Routing Protocol Config uration Command Set Configuring OSPF 13-58 Matrix NSA Series Configuration Guide 13.2.3.22 dat abase-overflow Use this command to limit the size of OSPF lin k state database overflow , a condition where the router is unable to maintain the database in its entirety . Setting database ov erflow allows you to set a limit on the[...]
-
Page 1111
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-59 Command Default s None. Example This example shows how to set the OSPF database exit overflow interval to 240 seconds, the overflow limit to 3800 LSAs, an d the warning level to 2500 LSAs: Matrix->Router1(config)# r outer ospf 1 Matrix->[...]
-
Page 1112
Routing Protocol Config uration Command Set Configuring OSPF 13-60 Matrix NSA Series Configuration Guide 13.2.3.23 show ip o sp f Use this command to di splay OSPF information. show ip ospf Synt ax Description None. Command T ype Router command. Command Mode Any router mode. Command Default s None.[...]
-
Page 1113
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-61 Example This example shows how to display OSPF information: Matrix>Router1# show ip os pf Routing Process "ospf 20 " with I D 134.141.7.2 Supports only single TOS(TOS0) ro ute It is an area border and autonomo us system boundary [...]
-
Page 1114
Routing Protocol Config uration Command Set Configuring OSPF 13-62 Matrix NSA Series Configuration Guide 13.2.3.24 show ip o sp f database Use this command to display the OSPF link state database. show ip ospf database [ link-state-id ] The options for using this syntax ar e: • show ip ospf database ro uter [ link-state-id ] • show ip ospf data[...]
-
Page 1115
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-63 Command T ype Router command. Command Mode Any router mode. Command Default s If link-state-id is not specified, the specified ty pe of database records wi ll be displayed for all link st ate IDs. Example This example shows how to display a l[...]
-
Page 1116
Routing Protocol Config uration Command Set Configuring OSPF 13-64 Matrix NSA Series Configuration Guide T able 13-3 show ip ospf dat abase Output Det ails Output What It Displays... Link ID Link ID, which varies as a function of the link state record type, as follows: • Net Link States - Shows the interface IP address of the designated rou t er [...]
-
Page 1117
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-65 13.2.3.25 show ip osp f bord er-routers Use this command to display in formation about OSPF internal entries to Area Border Routers (ABRs) and Autonomous System Boundary Routers (ASBRs). show ip ospf border-routers Synt ax Description None. C[...]
-
Page 1118
Routing Protocol Config uration Command Set Configuring OSPF 13-66 Matrix NSA Series Configuration Guide 13.2.3.26 show ip o sp f interf ace Use this command to display OSPF interface related information, in cluding network type, priority , cost, hello interval, and dead interval. show ip ospf interface [ vlan vlan-id ] Synt ax Description Command [...]
-
Page 1119
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-67 T able 13-4 show ip osp f interface Output Det ails Output What It Disp lays... Vlan Interface (VLAN) administrative status as up or down. Internet Address IP address and mask assigned to this interface. Router ID Router ID, which O SPF selec[...]
-
Page 1120
Routing Protocol Config uration Command Set Configuring OSPF 13-68 Matrix NSA Series Configuration Guide Adjacent neighbor count Number of adjacent (FULL state) neighbors over this interface. Adjacent with neighbor IP address of the adjacent neighbor . T able 13-4 show ip osp f interface Output Det ails (Continued) Output What It Displays...[...]
-
Page 1121
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-69 13.2.3.27 show ip ospf neighbor Use this command to disp lay the state of communic ation between an OSPF rout er and its neighbor routers. show ip ospf neighbor [ detail ] [ ip-addr ess ] [ vlan vlan-id ] Synt ax Description Command T ype Rou[...]
-
Page 1122
Routing Protocol Config uration Command Set Configuring OSPF 13-70 Matrix NSA Series Configuration Guide T able 13-5 provides an expla natio n o f the command outp ut. T able 13-5 show ip ospf neighbor Output Det ails Output What It Displays... ID Neighbor ’ s router ID of the OSPF neighbor . Pri Neighbor ’ s priority over this interface. S tat[...]
-
Page 1123
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-71 13.2.3.28 show ip osp f virtual-links Use this command to display info rmation abou t the virtual link s configured on a rou ter . A virtual link represents a logical connection between the backbone and a non-backbone OS PF area. show ip ospf[...]
-
Page 1124
Routing Protocol Config uration Command Set Configuring OSPF 13-72 Matrix NSA Series Configuration Guide T ransit Delay T ime (in sec onds) added to the LSA (Link S tate Advertisement) age field when the LSA is transmitted through the virtual link. S tate Interface state assigned to a virtual link, which is point-to-point. T imer intervals configur[...]
-
Page 1125
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-73 13.2.3.29 clear ip osp f pro cess Use this command to reset the OSPF process. This will require adjacencies to be reestablished a nd routes to be reconver ged. clear ip ospf process pr ocess-id Synt ax Description Command T ype Router command[...]
-
Page 1126
Routing Protocol Config uration Command Set Configuring OSPF 13-74 Matrix NSA Series Configuration Guide 13.2.3.30 debug ip osp f Use this command to enable OSPF pro t oc ol debugging output. debug i p osp f { subsystem } Synt ax Description Command Synt ax of the “no” Form The “no” form of th is command disables OSPF protocol debugging out[...]
-
Page 1127
Routing Protocol Conf igura tion Command Set Configuring OSPF Matrix NSA Series C onfiguration Guide 1 3-75 13.2.3.31 rfc1583comp atible Use this command to enable the O SPF router for RFC 1385 compatibility . rfc1583compatible Synt ax Description None Command Synt ax of the “no” Form The “no” form of this command re moves OSPF RFC 1583 com[...]
-
Page 1128
Routing Protocol Config uration Command Set Configuring DVMRP 13-76 Matrix NSA Series Configuration Guide 13.2.4 Configuring DVMRP Purpose T o enable and configure the Distanc e V ector Mul ticast Routing Protocol (DVMRP) on an interface. DVMRP routes multicast traf fic using a techniqu e known as Reverse Path Forwarding. W hen a router receives a [...]
-
Page 1129
Routing Protocol Conf igura tion Command Set Configuring DVMRP Matrix NSA Series C onfiguration Guide 1 3-77 13.2.4.1 ip dvmrp Use this command to enable or disable DVMRP on an interface. ip dvmrp Synt ax Description None. Command Synt ax of the “no” Form The “no” form of this command disables DVMRP: no ip dvmrp Command T ype Router command[...]
-
Page 1130
Routing Protocol Config uration Command Set Configuring DVMRP 13-78 Matrix NSA Series Configuration Guide 13.2.4.2 ip dvmrp met ric Use this command to configure the metric associat ed with a set of destinations for DVMRP reports. ip dvmrp metric metric Synt ax Description Command T ype Router command. Command Mode Interface configuration: Matrix&g[...]
-
Page 1131
Routing Protocol Conf igura tion Command Set Configuring DVMRP Matrix NSA Series C onfiguration Guide 1 3-79 13.2.4.3 show ip dvmrp route Use this command to displa y DVMRP routing information. show ip dvmrp route Synt ax Description None. Command T ype Router command. Command Mode Any router mode. Command Default s None. Example This example shows[...]
-
Page 1132
Routing Protocol Config uration Command Set Configuring DVMRP 13-80 Matrix NSA Series Configuration Guide Matrix>Router1# show ip dvmrp ro ute flag characters used: ------------- V Neighbor is verified. P Neighbor supports pruning. G Neighbor supports generation ID. N Neighbor supports netmask in prunes and grafts. S Neighbor supports SNMP. M Ne[...]
-
Page 1133
Routing Protocol Conf igura tion Command Set Configuring IRDP Matrix NSA Series C onfiguration Guide 1 3-81 13.2.5 Configuring IRDP Purpose T o enable and configure the ICMP Router Discovery Protocol (IRDP) on an interface. This protocol enables a host to determine the address of a router it can use as a default gateway . Commands The commands used[...]
-
Page 1134
Routing Protocol Config uration Command Set Configuring IRDP 13-82 Matrix NSA Series Configuration Guide 13.2.5.1 ip ird p Use this command to enable or disable IRDP on an interface. ip ird p Synt ax Description None. Command Synt ax of the “no” Form The “no” form of this command disables IRDP on an interface: no ip irdp Command T ype Route[...]
-
Page 1135
Routing Protocol Conf igura tion Command Set Configuring IRDP Matrix NSA Series C onfiguration Guide 1 3-83 13.2.5.2 ip ird p maxadvertinterval Use this command to set the maximum interv al in seconds between IRDP advertisements. ip irdp maxadvertinterval interval Synt ax Description Command Synt ax of the “no” Form The “no” form of this co[...]
-
Page 1136
Routing Protocol Config uration Command Set Configuring IRDP 13-84 Matrix NSA Series Configuration Guide 13.2.5.3 ip ird p minadvertinterval Use this command to set the minimum interval in seco nds between IRDP advertisement s. ip irdp minadvertinterval interval Synt ax Description Command Synt ax of the “no” Form The “no” form of this comm[...]
-
Page 1137
Routing Protocol Conf igura tion Command Set Configuring IRDP Matrix NSA Series C onfiguration Guide 1 3-85 13.2.5.4 ip ird p hold time Use this command to set the length of time in se conds IRDP advertisements are held valid. ip irdp holdtime holdtime Synt ax Description Command Synt ax of the “no” Form The “no” form of this command res et[...]
-
Page 1138
Routing Protocol Config uration Command Set Configuring IRDP 13-86 Matrix NSA Series Configuration Guide 13.2.5.5 ip ird p preference Use this command to set the IRDP preference value for an interface. This valu e i s us e d b y I RD P t o determine the interface ’ s selection as a default gatewa y address. ip irdp preference pr efer ence Synt ax[...]
-
Page 1139
Routing Protocol Conf igura tion Command Set Configuring IRDP Matrix NSA Series C onfiguration Guide 1 3-87 13.2.5.6 ip irdp address Use this command to add additional IP addresses for IRDP to advertise. ip irdp address ip-addr ess pr efer ence Synt ax Description Command Synt ax of the “no” Form The “no” form of this command clears an IP a[...]
-
Page 1140
Routing Protocol Config uration Command Set Configuring IRDP 13-88 Matrix NSA Series Configuration Guide 13.2.5.7 no ip ird p multicast Use this command to enable the ro uter to send IRDP advertisements using broadcast rather than multicast transmissions. By default, the rout er sends IRDP advertisements via multicast. no ip irdp multicast Synt ax [...]
-
Page 1141
Routing Protocol Conf igura tion Command Set Configuring IRDP Matrix NSA Series C onfiguration Guide 1 3-89 13.2.5.8 sho w ip ird p Use this command to display IRDP information. show ip irdp [ vlan vlan-id ] Synt ax Description Command T ype Router command. Command Mode Interface configuration: Matrix>Router1(config-if(Vlan 1))# Command Default [...]
-
Page 1142
Routing Protocol Config uration Command Set Configuring VRRP 13-90 Matrix NSA Series Configuration Guide 13.2.6 Configuring VRRP Purpose T o enable and configure the V irtual Router Redundancy Proto col (VRRP). This protocol el iminates the single point of failure inherent in the static default routed environm ent by transferring the responsibility[...]
-
Page 1143
Routing Protocol Conf igura tion Command Set Configuring VRRP Matrix NSA Series C onfiguration Guide 1 3-91 13.2.6.1 rout er vrrp Use this command to enable or disable VRRP configuration mode. router vrrp Synt ax Description None. Command Synt ax of the “no” Form The “no” form of this command rem o ves all VRRP config urations from the runn[...]
-
Page 1144
Routing Protocol Config uration Command Set Configuring VRRP 13-92 Matrix NSA Series Configuration Guide 13.2.6.2 create Use this command to create a VRRP session. Each Matrix Series routing module or standalone device supports up to VRRP sessions. Up to four VRIDs can be as sociated with an individual routing interface. create vlan vlan-id vrid Sy[...]
-
Page 1145
Routing Protocol Conf igura tion Command Set Configuring VRRP Matrix NSA Series C onfiguration Guide 1 3-93 13.2.6.3 address Use this command to configure a virtual router IP addres s. If the virtual router IP address is the same as the interface (VLAN) address owned by a VRRP router , then the router owning the address becomes the master . The mas[...]
-
Page 1146
Routing Protocol Config uration Command Set Configuring VRRP 13-94 Matrix NSA Series Configuration Guide Command T ype Router command. Command Mode Router configuration: Matrix>Router1(config-router)# Command Default s None. Examples This example shows how to configure a virtual router address o f 182. 127.6 2.1 on VLAN 1, VRID 1, and to set the[...]
-
Page 1147
Routing Protocol Conf igura tion Command Set Configuring VRRP Matrix NSA Series C onfiguration Guide 1 3-95 13.2.6.4 prio rity Use this command to set a priority value for a VRRP router . priority vlan vlan-id vrid priority-value Synt ax Description Command Synt ax of the “no” Form The “no” form of this command cl ears the VRRP priority con[...]
-
Page 1148
Routing Protocol Config uration Command Set Configuring VRRP 13-96 Matrix NSA Series Configuration Guide 13.2.6.5 master-icmp-reply Use this command to enable ICMP replies for non-owner masters. Th is provides the ability for the virtual router maste r to respond to an ICMP echo even if it does not “own” the virtual IP address. W ithout this fu[...]
-
Page 1149
Routing Protocol Conf igura tion Command Set Configuring VRRP Matrix NSA Series C onfiguration Guide 1 3-97 13.2.6.6 advertise-interval Use this command to set the interval in seconds between VRRP advertisements. These are sent by the master router to other routers participating in the VRRP master sel ection process, informing them of its configure[...]
-
Page 1150
Routing Protocol Config uration Command Set Configuring VRRP 13-98 Matrix NSA Series Configuration Guide Example This example shows how set an advertise in terval of 3 seconds on VLAN 1, VRID 1: Matrix>Router1(config)# router v rrp Matrix>Router1(config-router)# a dvertise-interval vlan 1 1 3[...]
-
Page 1151
Routing Protocol Conf igura tion Command Set Configuring VRRP Matrix NSA Series C onfiguration Guide 1 3-99 13.2.6.7 critical -ip Use this command to set a critical IP address for VRRP routing. A critical IP address defines an interface — in addition to the interface between hosts and a first-hop router — that will prevent the master router fro[...]
-
Page 1152
Routing Protocol Config uration Command Set Configuring VRRP 13-100 Matrix NSA Series Configuration Guide Example This example shows how to set IP address 182.127.62.3 as a critic al IP address associated with VLAN 1, VRID 1: Matrix>Router1(config)# router v rrp Matrix>Router1(config-router)# c ritical-ip vlan 1 1 182.127.62.3[...]
-
Page 1153
Routing Protocol Conf igura tion Command Set Configuring VRRP Matrix NSA Series Configura tion Guide 13-101 13.2.6.8 preempt Use this command to enable or disable preempt mode on a VRRP router . Preempt is enabled on VRRP routers by default, which allows a higher pr iority backup router to preempt a lower priority master . preempt vlan-id vrid Synt[...]
-
Page 1154
Routing Protocol Config uration Command Set Configuring VRRP 13-102 Matrix NSA Series Configuration Guide 13.2.6.9 preempt-delay Use this command to set a preempt delay time on a VRRP router . When preempt mode is enabled this specifies a delay (in seconds) that a higher pr iority backup router must wait to preempt a lower priority master . For mor[...]
-
Page 1155
Routing Protocol Conf igura tion Command Set Configuring VRRP Matrix NSA Series Configura tion Guide 13-103 Example This example shows how to set the preemp t delay to 60 seconds on VLAN 1 , VRID 1: Matrix>Router1(config)# ro uter vrrp Matrix>Router1(config-router)# preempt-delay vlan 1 1 60[...]
-
Page 1156
Routing Protocol Config uration Command Set Configuring VRRP 13-104 Matrix NSA Series Configuration Guide 13.2.6.10 enable Use this command to ena ble VRRP on an inte rface. enable vlan vlan-id vrid Synt ax Description Command Synt ax of the “no” Form The “no” form of this command disables VRRP on an interface: no enable vlan vlan-id vrid C[...]
-
Page 1157
Routing Protocol Conf igura tion Command Set Configuring VRRP Matrix NSA Series Configura tion Guide 13-105 13.2.6.1 1 ip vrrp authentication-key Use this command to set a VRRP auth entication password on an interface. ip vrrp authentication-key passwor d Synt ax Description Command Synt ax of the “no” Form The “no” form of this command cl [...]
-
Page 1158
Routing Protocol Config uration Command Set Configuring VRRP 13-106 Matrix NSA Series Configuration Guide 13.2.6.12 ip vrrp message-digest-key Use this command to set a VRRP MD5 au thentication password on an interface. ip vrrp message-digest-key vrid md5 passwor d [ hmac-9 6] Synt ax Description Command Synt ax of the “no” Form The “no” fo[...]
-
Page 1159
Routing Protocol Conf igura tion Command Set Configuring VRRP Matrix NSA Series Configura tion Guide 13-107 13.2.6.13 show ip vrrp Use this command to displa y VRRP routing information. show ip vrrp Synt ax Description None. Command T ype Router command. Command Mode Any router mode . Command Default s None. Example This example shows how to displa[...]
-
Page 1160
Routing Protocol Config uration Command Set Configuring VRRP 13-108 Matrix NSA Series Configuration Guide[...]
-
Page 1161
Matrix NSA Series Configuration Guide 14 -1 14 Security Configuration This chapter describes the Security Configura tion set of commands and how to use th em. 14.1 OVERVIEW OF SECURITY METHODS The following security methods are avai lable fo r controlling which users are allowed to access, monitor , and m anage the devic e. • Local user cred en t[...]
-
Page 1162
Overview of Security Methods 14-2 Matrix NSA Series Configuration Gui de • MAC Locking — locks a port to one or mo re MAC addresses, preventing connection of unauthorized devices via the port. For details, refer to Section 14.3.9 . • Multiple User Multiple Authentication – allows multiple users on a given port to simultaneously authenticate[...]
-
Page 1163
Overview of Security Methods RADIUS Filter-ID Attribute and Dynamic Policy Profile Assignment Matrix NSA Series Configuration Guide 14-3 14.1.1 RADIUS Filter-ID Attribut e and Dynamic Policy Profile Assignment If you configure an authentication method that requires communica tion with a RADIUS server , you can use the RADIUS Filter -ID attribute to[...]
-
Page 1164
Process Overview: Security Configuration RADIUS Filter-ID Attribute and Dynamic Poli cy Profile Assignment 14-4 Matrix NSA Series Configuration Gui de 14.2 PROCESS OVERVIEW: SECURITY CONFIGURATION Use the following steps as a guide to co nfiguring security methods on the dev i ce: 1. Setting the Authentication Login Method ( Section 14.3.1 ) 2. Con[...]
-
Page 1165
Security Configurati on Command Set Setting the Auth entication Login Me thod Matrix NSA Series Configuration Guide 14-5 14.3 SECURITY CONFIGURATION COMMAND SET 14.3.1 Setting the Authentication Login Method Purpose T o configure the authentication logi n method. Commands The commands used to configure the authentication login method ar e listed be[...]
-
Page 1166
Security Configuration Command Set Setting the Authenticatio n Logi n Method 14-6 Matrix NSA Series Configuration Gui de 14.3.1.1 show authenti cation login Use this command to display the cu rrent authenticatio n login method. show aut hentication log in Synt ax Description None. Command T ype Switch command. Command Mode Read-Only . Command Defau[...]
-
Page 1167
Security Configurati on Command Set Setting the Auth entication Login Me thod Matrix NSA Series Configuration Guide 14-7 14.3.1.2 set authentication login Use this command to set th e authentication login method. set authentication login { any | local | radius | tacacs } Synt ax Description Command T ype Switch command. Command Mode Read-W rite. Co[...]
-
Page 1168
Security Configuration Command Set Setting the Authenticatio n Logi n Method 14-8 Matrix NSA Series Configuration Gui de 14.3.1.3 clear authenticat ion login Use this command to reset the authentication login method to the default setting of “any”. clear authentication login Synt ax Description None. Command T ype Switch command. Command Mode R[...]
-
Page 1169
Security Configurati on Command Set Configuring RADIUS Matrix NSA Series Configuration Guide 14-9 14.3.2 Configuring RADIUS Purpose T o perform the following: • Review the RADIUS client/server configuration on the device. • Enable or disable the RADIUS client. • Set local and remote login options. • Set primary and secondary serve r paramet[...]
-
Page 1170
Security Configuration Command Set Configuring RADIUS 14-10 Matrix NSA Series Configuration Guide 14.3.2.1 show radius Use this command to display the current RADIUS client/server configuration. show radius [ state | retries authtype || timeout | server [ index | all ]] Synt ax Description Command T ype Switch command. Command Mode Read-Only . Comm[...]
-
Page 1171
Security Configurati on Command Set Configuring RADIUS Matrix NSA Series Configuration Guide 14-1 1 T able 14-1 provides an explanatio n of the command ou tput. T able 14-1 show radius Output De t ails Output What It Displays... RADIUS state Whether the RADIUS client is enabled or disabled . RADIUS retries Number of retry attemp ts before the RADIU[...]
-
Page 1172
Security Configuration Command Set Configuring RADIUS 14-12 Matrix NSA Series Configuration Guide 14.3.2.2 set radius Use this command to enable, disable, or configure RADIUS authentication. set radius {[ enable | disable ] [ retries number-of-r etries ] [ timeout timeout ] [ server { index ip-addr ess port [ secr et-value ]} [ realm { management-a[...]
-
Page 1173
Security Configurati on Command Set Configuring RADIUS Matrix NSA Series C onfiguration Guide 1 4-13 Command Default s • If secr et-value is not specified, none will be applied. • If realm is not specified, any authentication will be allowed. Examples This example shows how to enable the RADIUS client for authenticating with RADIUS server 1 at [...]
-
Page 1174
Security Configuration Command Set Configuring RADIUS 14-14 Matrix NSA Series Configuration Guide 14.3.2.3 clear radius Use this command to clear RADIUS server settings. clear radius [ state ] [ retries ] [ timeout ] [ server [ index | all ] [ realm { index | all }] Synt ax Description Command T ype Switch command. Command Mode Read-W rite. Command[...]
-
Page 1175
Security Configurati on Command Set Configuring RADIUS Matrix NSA Series C onfiguration Guide 1 4-15 14.3.2.4 show radi us accounting Use this command to display the RADIUS accoun ting configurat ion. This transmits accounting information between a network access se rver and a shared accounting server . show radius accounting [ updateinterval ] | [[...]
-
Page 1176
Security Configuration Command Set Configuring RADIUS 14-16 Matrix NSA Series Configuration Guide For details on enabling and configuring RADIUS accounting, refer to Section 14.3. 2.5 : Matrix(rw)-> show radius account ing Accounting state: Enabled Accounting update interval: 1800 secs Accounting interval minimum: 600 secs Server Server A cct In[...]
-
Page 1177
Security Configurati on Command Set Configuring RADIUS Matrix NSA Series C onfiguration Guide 1 4-17 14.3.2.5 set ra dius accounting Use this command to conf igure RADIUS accountin g. set radius accounting {[ enable ] [ disable ] [ intervalminimum value ] [ updateinterval value ] [ retries re t r i e s ] [ timeout timeou t ] [ server { index | all [...]
-
Page 1178
Security Configuration Command Set Configuring RADIUS 14-18 Matrix NSA Series Configuration Guide Command Mode Read-W rite. Command Default s None. Examples This example shows how to enab le the RADIUS accounting client for authenticating with the accounting server 1 at IP address 10.2.4.1 2, UDP authentication port 1800. As previously noted , the [...]
-
Page 1179
Security Configurati on Command Set Configuring RADIUS Matrix NSA Series C onfiguration Guide 1 4-19 14.3.2.6 clear radius accou nting Use this command to clear RADIUS accounting configuration settings. clear radius accounting {[ server { index | all }] [ retries { index | all }] [ timeout { index | all }] [ intervalminimum] [ updateinterval ]} Syn[...]
-
Page 1180
Security Configuration Command Set Configuring RFC 358 0 14-20 Matrix NSA Series Configuration Guide 14.3.3 Configuring RFC 3580 About RFC 3580 RFC 3580 provides suggestions on how 802.1x Au thenticators sh ould leverage RADIUS as the backend AAA infrastruc ture. RFC 35 80 is divided into several major sec tio ns: RADIUS Accounting, RADIUS Authenti[...]
-
Page 1181
Security Configurati on Command Set Configuring R FC 3580 Matrix NSA Series C onfiguration Guide 1 4-21 14.3.3.1 show vlanauthorization Use this command to display th e VLAN Authorization settings. show vlanauthorization [ port-list ] | [ all ] Synt ax Description Command T ype Switch command. Command Mode Read-Only . Command Default s If no parame[...]
-
Page 1182
Security Configuration Command Set Configuring RFC 358 0 14-22 Matrix NSA Series Configuration Guide 14.3.3.2 set vlanauthorization Use this command to set the VLAN Authorization attributes. set vlanauthorization enable | disable | port port-list {[ enable | disable ] none | tagged | untagged | dynamic } Synt ax Description Command T ype Switch com[...]
-
Page 1183
Security Configurati on Command Set Configuring R FC 3580 Matrix NSA Series C onfiguration Guide 1 4-23 14.3.3.3 clear vlanauthorization Use this command to clear the VLAN Authorization attributes to the defaults. clear vlanauthorization port-list all Synt ax Description Command T ype Switch command. Command Mode Read-W rite. Command Default s None[...]
-
Page 1184
Security Configuration Command Set Configuring T ACACS+ 14-24 Matrix NSA Series Configuration Guide 14.3.4 Configuring T ACACS+ Purpose T o perform the following: • Review the T ACACS+ client and server configurations on the devic e. • Enable or disable the T ACACS+ client. • Set local and remote logi n options. • Set server parameters, inc[...]
-
Page 1185
Security Configurati on Command Set Configuring T ACACS+ Matrix NSA Series C onfiguration Guide 1 4-25 14.3.4.1 show tacacs Use this command to display the current T A CACS+ configuration in formation and status. show tacacs [ state ] Synt ax Description Command Default s If state is not specified, all T ACACS+ configuration information will be dis[...]
-
Page 1186
Security Configuration Command Set Configuring T ACACS+ 14-26 Matrix NSA Series Configuration Guide T able 14-2 show taca cs Output Det ails Output What It Displays... T ACACS+ state Whether the T ACACS+ client is enabled or disabled . T ACACS+ session accounting state Whether T ACACS+ session accounting is enabled or disabl ed. T ACACS+ command au[...]
-
Page 1187
Security Configurati on Command Set Configuring T ACACS+ Matrix NSA Series C onfiguration Guide 1 4-27 14.3.4.2 set t acacs Use this command to enable or disable the T ACACS+ client. set tacacs { enable | disable } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Usage The T ACACS+ client can be en[...]
-
Page 1188
Security Configuration Command Set Configuring T ACACS+ 14-28 Matrix NSA Series Configuration Guide 14.3.4.3 show t acacs server Use this command to display the cu rrent T ACACS+ server configuration. show tacacs server { index | all } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-Only . Example This ex[...]
-
Page 1189
Security Configurati on Command Set Configuring T ACACS+ Matrix NSA Series C onfiguration Guide 1 4-29 14.3.4.4 set tacacs server Use this command to configure the T ACACS+ serve r(s) to be used by the T ACACS+ client. Y ou can configure the timeout value for all configured servers or a sing le serv er , or you can co nfigure the IP address, TCP po[...]
-
Page 1190
Security Configuration Command Set Configuring T ACACS+ 14-30 Matrix NSA Series Configuration Guide 14.3.4.5 clear t acacs server Use this command to remove one or all configured T ACACS+ servers, or to return the timeout value to its default value for on e or all configured T AC ACS+ servers. clear tacacs server { all | index } [ timeout ] Synt ax[...]
-
Page 1191
Security Configurati on Command Set Configuring T ACACS+ Matrix NSA Series C onfiguration Guide 1 4-31 14.3.4.6 show tacacs session Use this command to display the curre nt T ACACS+ client session settings. show tacacs session { authorization | accounting [ state ]} Synt ax Description Command Default s If state is not specified, all session accoun[...]
-
Page 1192
Security Configuration Command Set Configuring T ACACS+ 14-32 Matrix NSA Series Configuration Guide 14.3.4.7 set t a cacs session Use this command to enable or disable T ACA CS + session accounting, or to configure T A CACS+ session authorization parameters. For simplicity , separate syntax formats are shown for configuring session accounting and s[...]
-
Page 1193
Security Configurati on Command Set Configuring T ACACS+ Matrix NSA Series C onfiguration Guide 1 4-33 Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Usage When session accounting is enabled, the T ACACS+ server will log accounting information, such as start and stop times, IP address of the client, and so forth, fo[...]
-
Page 1194
Security Configuration Command Set Configuring T ACACS+ 14-34 Matrix NSA Series Configuration Guide 14.3.4.8 clear t acacs sessio n Use this command to return the T ACACS+ session authorization settings to their default values. clear tacacs session authorization { [ service ] [ read-only ] [ read-write ] [ super-user ] } Synt ax Description Command[...]
-
Page 1195
Security Configurati on Command Set Configuring T ACACS+ Matrix NSA Series C onfiguration Guide 1 4-35 14.3.4.9 show tacacs command Use this command to display the sta tus (enabled or disa bled ) of T ACACS+ accou ntin g or authorization on a per-command basis. show tacacs command { accounting | authorization } [ state ] Synt ax Description Command[...]
-
Page 1196
Security Configuration Command Set Configuring T ACACS+ 14-36 Matrix NSA Series Configuration Guide 14.3.4.10 set t acacs command Use this command to enable or disable T ACACS + accounting or authori zation on a per-command basi s. set tacacs command { accounting | authorization } { enable | disable } Synt ax Description Command Default s None. Com[...]
-
Page 1197
Security Configurati on Command Set Configuring T ACACS+ Matrix NSA Series C onfiguration Guide 1 4-37 14.3.4.1 1 sho w t acacs si ngleconnect Use this command to display the current status of the T ACACS+ client’ s ability to send multiple requests over a single TCP connection. show tacacs singleconnect [ state ] Synt ax Description Command Defa[...]
-
Page 1198
Security Configuration Command Set Configuring T ACACS+ 14-38 Matrix NSA Series Configuration Guide 14.3.4.12 set t acacs singleconnect Use this command to enable or disable the ability of the T ACACS+ client to send multiple requests over a single TCP connection. When enabled, the T ACACS+ client will use a single TCP connection for all requ ests [...]
-
Page 1199
Security Configurati on Command Set Configuring 802.1X Authentication Matrix NSA Series C onfiguration Guide 1 4-39 14.3.5 Configuring 802.1X Authentication About Multi-User Authentication Enterasys Networks’ enhanced version of the IEEE 802.1X-2001 specificati on decreases security vulnerabilities inherent with the standard implemen tation, and [...]
-
Page 1200
Security Configuration Command Set Configuring 802.1X Authenticatio n 14-40 Matrix NSA Series Configuration Guide Commands The commands used to review and configure 802.1X are liste d below and described in the associated section as shown: • show dot1x ( Section 14.3.5. 1 ) • show dot1x auth-config ( Section 14.3.5. 2 ) • set dot1x ( Section [...]
-
Page 1201
Security Configurati on Command Set Configuring 802.1X Authentication Matrix NSA Series C onfiguration Guide 1 4-41 14.3.5.1 sho w dot1x Use this command to display 802.1X status, di agnostics, statistics, and reauthentication or initialization control information for one or more ports. show dot1x [ auth-config | access -entity | auth-diag | auth-s[...]
-
Page 1202
Security Configuration Command Set Configuring 802.1X Authenticatio n 14-42 Matrix NSA Series Configuration Guide • If port-string is not specified, information for all ports will be displayed. Examples This example shows how to display 802.1X status: This example shows how to di splay authentication diagnost ics information for fe.1.1: Matrix(rw[...]
-
Page 1203
Security Configurati on Command Set Configuring 802.1X Authentication Matrix NSA Series C onfiguration Guide 1 4-43 This example shows how to display authen tication session statistics for fe.1.1: This example shows how to display authentication sta tistics for fe.1.1: Matrix(rw)-> show dot1x au th-session-stats fe.1.1 Port: 1 Auth-Session-Stats[...]
-
Page 1204
Security Configuration Command Set Configuring 802.1X Authenticatio n 14-44 Matrix NSA Series Configuration Guide 14.3.5.2 show dot1x auth-config Use this command to display 802.1 X authentication configuration se ttings for one or more ports. show dot1x auth-config [ authcontrolled-portcontrol ] [ keytxenabled ] [ maxreq ] [ quietperiod ] [ reauth[...]
-
Page 1205
Security Configurati on Command Set Configuring 802.1X Authentication Matrix NSA Series C onfiguration Guide 1 4-45 Command T ype Switch command. Command Mode Read-Only . Command Default s • If no parameters are specified, all 802.1X settin gs will be displayed. • If port-string is not specified, informa tion for all ports will be displayed. Ex[...]
-
Page 1206
Security Configuration Command Set Configuring 802.1X Authenticatio n 14-46 Matrix NSA Series Configuration Guide 14.3.5.3 set dot1x Use this command to enable or disable 802.1X au thentication, to reauthenticate one or more access entities, or to reinitialize one or more supplicants. set dot1x {[ enable | disable ] [ init | reauth [ port-string ] [...]
-
Page 1207
Security Configurati on Command Set Configuring 802.1X Authentication Matrix NSA Series C onfiguration Guide 1 4-47 14.3.5.4 set dot1 x auth-config Use this command to config u re 80 2.1 X authentica tio n. set dot1x auth-config {[ authcontrolled-portcontrol { auto | forced-auth | forced-unauth }] [ keytxenabled { false | true }] [ maxreq value ] [[...]
-
Page 1208
Security Configuration Command Set Configuring 802.1X Authenticatio n 14-48 Matrix NSA Series Configuration Guide Command T ype Switch command. Command Mode Read-W rite. Command Default s If port-string is not specified, authentication pa rameters will be set on all ports Examples This example shows how to set EAPOL port control to forced authorize[...]
-
Page 1209
Security Configurati on Command Set Configuring 802.1X Authentication Matrix NSA Series C onfiguration Guide 1 4-49 14.3.5.5 clear d ot1x auth-config Use this command to reset 802.1X authentication parameters to default values on one or more ports. clear dot1x auth-config [ authcontrolled-portcontrol ] [ keytxenabled ] [ maxreq ] [ quietperiod ] [ [...]
-
Page 1210
Security Configuration Command Set Configuring 802.1X Authenticatio n 14-50 Matrix NSA Series Configuration Guide • If port-string is not specified, paramete rs will be set on all ports. Examples This example shows how to reset the 802.1X port control mode to auto on all ports: This example shows how to rese t reauthenticatio n control to disable[...]
-
Page 1211
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-51 14.3.6 Configuring Port Web Authentication (PW A ) About PW A PW A provides a way of authenticating us ers before allowing general access to the network. A PW A user ’ s access to the network is restricted until afte r the[...]
-
Page 1212
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-52 Matrix NSA Series Configuration Guide Setting the port mode in this fashion will al low traffic to flow t hrough the port without authentication according to its configuration. By default, this would allow all traf fic to be forwarded. Conversely , you could configur[...]
-
Page 1213
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-53 Commands The comm ands need ed to review and configure PW A are listed belo w and de scribed in the associated section as show n: • show pwa ( Section 14.3.6.1 ) • set pwa ( Section 14.3.6.2 ) • set pwa hostname ( Sect[...]
-
Page 1214
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-54 Matrix NSA Series Configuration Guide 14.3.6.1 show pwa Use this command to display por t web authen tication information fo r one or more ports. show pwa [ port-string ] Synt ax Description Command Default s If port-string is not specified, PW A informatio n will be[...]
-
Page 1215
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-55 T able 14-3 show pwa Output De t a ils Output What It Displays... PW A S tatus Whether or not port web authentication is enabled or disabled. Default state of disabled can be changed using the set pwa command as described in[...]
-
Page 1216
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-56 Matrix NSA Series Configuration Guide Mode PW A po rt control mode. Auth S tatus Whether or no t the p ort state is disconnected, authenticating authenticated, or held (a uthentication has failed). Quiet Period Amount of time a port will be in the held state after a [...]
-
Page 1217
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-57 14.3.6.2 set pwa Use this command to enable or disable port web authe ntication. set pwa { enable | disable } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This e[...]
-
Page 1218
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-58 Matrix NSA Series Configuration Guide 14.3.6.3 set pwa hostn ame Use this command to set a port web authenticatio n host name. This is a URL for accessing the PW A login p age. set pwa hostname name Synt ax Description Command Default s None. Command T ype Switch com[...]
-
Page 1219
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-59 14.3.6.4 clear p wa hostname Use this command to clear the po rt web authentication host name. clear pwa hostname Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Exam[...]
-
Page 1220
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-60 Matrix NSA Series Configuration Guide 14.3.6.5 show pwa banner Use this command to display the port web authentication login banner string. show pwa banner Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-Only . Exampl[...]
-
Page 1221
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-61 14.3.6.6 set pwa ban ner Use this command to configure a string to be displayed as th e PW A login banne r . set pwa banner string Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W[...]
-
Page 1222
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-62 Matrix NSA Series Configuration Guide 14.3.6.7 clear pwa banner Use this command to reset the PW A login banner to a blank string. clear pwa banner Synt ax Description None. Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This [...]
-
Page 1223
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-63 14.3.6.8 set pwa displaylogo Use this command to set the display opt ions for the Enterasys Networks logo. set pwa displaylogo { display | hide } Synt ax Description Command Default s None. Command T ype Switch command. Comm[...]
-
Page 1224
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-64 Matrix NSA Series Configuration Guide 14.3.6.9 set pwa redi rectt ime Use this command to set the PW A login success page redirect time. set pwa redirecttime time Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Exam[...]
-
Page 1225
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-65 14.3.6.10 set pwa ip address Use this command to set the PW A IP address. This is the IP addr ess of the end station from which PW A will prevent network access until the user is authenticated. set pwa ipaddress ip-addr ess [...]
-
Page 1226
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-66 Matrix NSA Series Configuration Guide 14.3.6.1 1 set pwa proto col Use this command to set the po rt web authenticat ion protocol. set pwa protocol { chap | pap } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Exam[...]
-
Page 1227
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-67 14.3.6.12 set pwa enhancedmode Use this command to enab le or dis able PW A enhanced mode. When enabled, use rs on unauthenticated PW A ports can type any URL into a browser and be presented th e PW A login page on their ini[...]
-
Page 1228
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-68 Matrix NSA Series Configuration Guide 14.3.6.13 set pwa guestname Use this command to set a guest user name for PW A enhanced mo de networking . When enhanc ed mode is enabled (as des cribe d in Section 14.3.6.12 ), PW A will use this name to grant network access to [...]
-
Page 1229
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-69 14.3.6.14 clear pwa guestname Use this command to clear the PW A guest user name. clear pwa guestname Synt ax Description None. Command T ype Switch command. Command Default s None. Command Mode Read-W rite. Example This exa[...]
-
Page 1230
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-70 Matrix NSA Series Configuration Guide 14.3.6.15 set pwa guestpassword Use this command to set the guest user passwo rd for PW A networking. When enh an ced mode is enabled, (as des cribed in Section 14.3.6 .12 ) PW A will use this pas sword and the guest user name to[...]
-
Page 1231
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-71 14.3.6.16 set pwa guest st atus Use this command to enable or disable guest networking for port we b authentication. When enhanced mode is enabled (as des cribed in Section 14.3.6.12 ), PW A will use a guest password and gue[...]
-
Page 1232
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-72 Matrix NSA Series Configuration Guide 14.3.6.17 set pwa initialize Use this command to initializ e a PW A port to its defa ult unauthenticated state. set pwa initialize [ port-string ] Synt ax Description Command T ype Switch command. Command Default s If port-string[...]
-
Page 1233
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-73 14.3.6.18 set pwa quietperiod Use this command to set the amount of time a port will remain in the held state after a user unsuccessfully attempts to log on to the network. set pwa quietperiod time [ port-string ] Synt ax De[...]
-
Page 1234
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-74 Matrix NSA Series Configuration Guide 14.3.6.19 set pwa maxrequ ests Use this command to set the maximum number of log on attempts all owed be fore transitioning the PW A port to a held state. set pwa maxrequests re q u e s t s [ port-string ] Synt ax Description Com[...]
-
Page 1235
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-75 14.3.6.20 set pwa portcontrol Use this command to set the PW A port control mode. s et pwa portcontrol { auto | forceauthorized | forceunauthorized | promiscuousauto } [ port-string ] Synt ax Description Command Default s If[...]
-
Page 1236
Security Configuration Command Set Configuring Port Web Authentication (PWA) 14-76 Matrix NSA Series Configuration Guide Example This example shows how to set the PW A control mode to auto for all ports: Matrix(rw)-> set pwa portcontrol auto[...]
-
Page 1237
Security Configurati on Command Set Configuring Po rt Web Authenticati on (PWA) Matrix NSA Series C onfiguration Guide 1 4-77 14.3.6.21 show pwa session Use this command to display info rmation about current PW A sessions. show pwa session [ port-string ] Synt ax Description Command T ype Switch command. Command Default s If port-string is not spec[...]
-
Page 1238
Security Configuration Command Set Configuring MAC Authentica tion 14-78 Matrix NSA Series Configuration Guide 14.3.7 Configuring MAC Authentication Purpose T o review , disable, enable and configure MA C authentication. This allows the device to authenticate source MAC addresses in an exchange with an authen tication server . The authenticator (sw[...]
-
Page 1239
Security Configurati on Command Set Configuring MAC Authen tication Matrix NSA Series C onfiguration Guide 1 4-79 • clear macauthentication reauthperiod ( Section 14.3.7.17 ) • set macauthentication quietperiod ( Section 14.3.7.18 ) • clear macauthentication quietperiod ( Section 14.3.7.1 9 )[...]
-
Page 1240
Security Configuration Command Set Configuring MAC Authentica tion 14-80 Matrix NSA Series Configuration Guide 14.3.7.1 show macauthent ication Use this command to displa y MAC authentication information for one or more ports. show macauthentication [ port-string ] Synt ax Description Command T ype Switch command. Command Mode Read-Only . Command D[...]
-
Page 1241
Security Configurati on Command Set Configuring MAC Authen tication Matrix NSA Series C onfiguration Guide 1 4-81 T able 14-4 show macauthentica tion Output Det ails Output What It Displays... MAC authentication Whether MAC auth entication is globally enabled or disabled. Set using the set macauthentication command as described in Se ction 14.3.7.3[...]
-
Page 1242
Security Configuration Command Set Configuring MAC Authentica tion 14-82 Matrix NSA Series Configuration Guide 14.3.7.2 show macauthent ication session Use this command to display the active MAC authenticated sessions. show macauthentication session Synt ax Description None. Command T ype Switch command. Command Mode Read-Only . Command Default s I[...]
-
Page 1243
Security Configurati on Command Set Configuring MAC Authen tication Matrix NSA Series C onfiguration Guide 1 4-83 Reauth Period Reauthentication peri od for this port, set using the set macauthentication reauthperiod command des cribed in Section 14.3.7.16 . Reauthentications Whether or not reauthentication is enabled or disabled on this port. Set [...]
-
Page 1244
Security Configuration Command Set Configuring MAC Authentica tion 14-84 Matrix NSA Series Configuration Guide 14.3.7.3 set macauthentication Use this command to globally enab le or disable MAC authentication. set macauthentication { enable | disable } Synt ax Description Command T ype Switch command. Command Mode Read-W rite. Command Default s Non[...]
-
Page 1245
Security Configurati on Command Set Configuring MAC Authen tication Matrix NSA Series C onfiguration Guide 1 4-85 14.3.7.4 set macauthentication p assword Use this command to set a MAC authentication password. set macauthentication password passwo r d Synt ax Description Command T ype Switch command. Command Mode Read-W rite. Command Default s None[...]
-
Page 1246
Security Configuration Command Set Configuring MAC Authentica tion 14-86 Matrix NSA Series Configuration Guide 14.3.7.5 clear macauthentication password Use this command to clear the MAC authentication password. clear macauthentication password Synt ax Description None. Command T ype Switch command. Command Mode Read-W rite. Command Default s None.[...]
-
Page 1247
Security Configurati on Command Set Configuring MAC Authen tication Matrix NSA Series C onfiguration Guide 1 4-87 14.3.7.6 set macauthenti cation significant-bit s Use this command to set the number of sign ificant bits of the MAC address to use for authentication. set macauthentication significant-bits number Synt ax Description Command T ype Swit[...]
-
Page 1248
Security Configuration Command Set Configuring MAC Authentica tion 14-88 Matrix NSA Series Configuration Guide 14.3.7.7 clear macauthentication significant-bit s Use this command to clear the MAC au thentication significant bits setting. clear macauthenticat ion significant-bits Synt ax Description None. Command T ype Switch command. Command Mode R[...]
-
Page 1249
Security Configurati on Command Set Configuring MAC Authen tication Matrix NSA Series C onfiguration Guide 1 4-89 14.3.7.8 set macauthentication port Use this command to enable or disable one or more ports for MAC authentication. set macauthentication port { enable | disable } port-string Synt ax Description Command T ype Switch command. Command Mo[...]
-
Page 1250
Security Configuration Command Set Configuring MAC Authentica tion 14-90 Matrix NSA Series Configuration Guide 14.3.7.9 set macauthentication authallocated Use this command to set the numb er of MAC authentication s essions allowed for one or more ports. set macauthentication authallocated nu mber port-string Synt ax Description Command T ype Switc[...]
-
Page 1251
Security Configurati on Command Set Configuring MAC Authen tication Matrix NSA Series C onfiguration Guide 1 4-91 14.3.7.10 clear macauthenti cation authallocated Use this command to clear the number of MAC authentication sessions allowed for one or more ports. clear macauthentication authallocated [ port-string ] Synt ax Description Command T ype [...]
-
Page 1252
Security Configuration Command Set Configuring MAC Authentica tion 14-92 Matrix NSA Series Configuration Guide 14.3.7.1 1 set macauthentication portinitialize Use this command to force one or more MAC auth entication ports to re-initialize and remove any currently active sessions on those ports. set macauthentication portinitialize port -string Syn[...]
-
Page 1253
Security Configurati on Command Set Configuring MAC Authen tication Matrix NSA Series C onfiguration Guide 1 4-93 14.3.7.12 set macauthentication macinitialize Use this command to force a current MAC authenticatio n session to re-initialize and remove the session. set macauthentication macinitialize mac_addr Synt ax Description Command T ype Switch[...]
-
Page 1254
Security Configuration Command Set Configuring MAC Authentica tion 14-94 Matrix NSA Series Configuration Guide 14.3.7.13 set macauthentication reauthentication Use this command to enable or disable reauth entication of all currently authenticated MAC addresses on one or more ports. set macauthenticatio n reauthentication { enable | di sabl e } port[...]
-
Page 1255
Security Configurati on Command Set Configuring MAC Authen tication Matrix NSA Series C onfiguration Guide 1 4-95 14.3.7.14 set macauthentication portreauthenticate Use this command to force an immediate reauthenti cation of the currently active sessions on one or more MAC authentication ports. set macauthentication portreauthenticate port-string S[...]
-
Page 1256
Security Configuration Command Set Configuring MAC Authentica tion 14-96 Matrix NSA Series Configuration Guide 14.3.7.15 set macauthentication macreauthenticate Use this command to forc e an immediate rea uthentic ation of a MAC addre ss. set macauthenticatio n mac reauthe ntic ate mac_addr Synt ax Description Command T ype Switch command. Command [...]
-
Page 1257
Security Configurati on Command Set Configuring MAC Authen tication Matrix NSA Series C onfiguration Guide 1 4-97 14.3.7.16 set macauthenti cation reauthperiod Use this command to set the MA C reauthentication period (in se conds). This is the time lapse between attempts to reauthenticate any curre nt MAC address authenticated to a port. set macaut[...]
-
Page 1258
Security Configuration Command Set Configuring MAC Authentica tion 14-98 Matrix NSA Series Configuration Guide 14.3.7.17 clear macauthen tication reauthperiod Use this command to clear the MAC reauth entication period on one or more ports. clear macauthentication reauthperiod [ port-string ] Synt ax Description Command T ype Switch command. Command[...]
-
Page 1259
Security Configurati on Command Set Configuring MAC Authen tication Matrix NSA Series C onfiguration Guide 1 4-99 14.3.7.18 set macauthe ntication quietperiod Use this command to enable a reauthentication atte mpt for failed entries at the period specified in seconds. De fault va lue is 0 (never). set macauthentication quietperiod time port-stri ng[...]
-
Page 1260
Security Configuration Command Set Configuring MAC Authentica tion 14-100 Matrix NSA Series Configuration Guide 14.3.7.19 clear macauthen tication quietperiod Use this command to clear the macauthentication qu iet period on one or more ports to the default value. The default value is 0 (never). clear macauthentication quietperiod [ port-string ] Sy[...]
-
Page 1261
Security Configurati on Command Set Configuring Con vergence End Points (CEP) Phone Detection Matrix NSA Series Configura tion Guide 14-101 14.3.8 Configuring Conver gence End Point s (C EP) Phone Detection About CEP Phone Detection Convergence is a method to detect a remote IP te lephony or video device and apply a policy to the connection port ba[...]
-
Page 1262
Security Configuration Command Set Configuring Convergence End Points (CEP) Phone Detection 14-102 Matrix NSA Series Configuration Guide • show cep connections ( Section 14.3 .8.1 ) • show cep detection ( Section 14.3.8.2 ) • show cep policy ( Section 14. 3.8.3 ) • show cep port ( Section 14.3.8.4 ) • set cep ( Section 14.3.8. 5 ) • set[...]
-
Page 1263
Security Configurati on Command Set Configuring Con vergence End Points (CEP) Phone Detection Matrix NSA Series Configura tion Guide 14-103 14.3.8.1 show cep connections Use this command to display all learned CEPs. show cep connections port-string Synt ax Description Command Default s None Command Mode Read-Only . Example This example shows how to[...]
-
Page 1264
Security Configuration Command Set Configuring Convergence End Points (CEP) Phone Detection 14-104 Matrix NSA Series Configuration Guide 14.3.8.2 show cep detection Use this command to display CE P phone detection parameters. show cep detection [ detection-id ] Synt ax Description Command Default s If no detection-id is specified, all CEP detec tio[...]
-
Page 1265
Security Configurati on Command Set Configuring Con vergence End Points (CEP) Phone Detection Matrix NSA Series Configura tion Guide 14-105 14.3.8.3 show cep po licy Use this command to display the global policies of all su pported CEP types. show cep policy Synt ax Description None. Command Default s None Command Mode Read-Only . Examples This exa[...]
-
Page 1266
Security Configuration Command Set Configuring Convergence End Points (CEP) Phone Detection 14-106 Matrix NSA Series Configuration Guide 14.3.8.4 show cep port Use this command to disp lay enable status of all supp orted CEP types. show cep port port-string Synt ax Description Command Default s None Command Mode Read-Only . Examples This example sh[...]
-
Page 1267
Security Configurati on Command Set Configuring Con vergence End Points (CEP) Phone Detection Matrix NSA Series Configura tion Guide 14-107 14.3.8.5 set cep Use this command to globally en able or disable CEP detection. set cep { enable | disable } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. E[...]
-
Page 1268
Security Configuration Command Set Configuring Convergence End Points (CEP) Phone Detection 14-108 Matrix NSA Series Configuration Guide 14.3.8.6 set cep port Use this command to enable or disable a CEP detection type on one or more ports. set cep port port-string { cisco | h323 | siemens | sip } { enable | disable } Synt ax Description Command Def[...]
-
Page 1269
Security Configurati on Command Set Configuring Con vergence End Points (CEP) Phone Detection Matrix NSA Series Configura tion Guide 14-109 14.3.8.7 set cep policy Use this command to set a global defau lt policy for a CEP detection type. This is the policy that will be applied when a phone of the specified type is de tected on a port. It must be c[...]
-
Page 1270
Security Configuration Command Set Configuring Convergence End Points (CEP) Phone Detection 14-1 10 Matrix NSA Series Configuration Guide 14.3.8.8 set cep detection-id Use this command to create a new H.323, Siemens, or SIP phone detectio n configuration grou p, or enable, disabl e or remove an existing group. set cep detection-id id { create | del[...]
-
Page 1271
Security Configurati on Command Set Configuring Con vergence End Points (CEP) Phone Detection Matrix NSA Series Configu ration Guide 14 -1 1 1 14.3.8.9 set cep detection-id type Use this command to specify whether a phone detection group will use H.323, Siemens or SIP as its phone discovery type. set cep detection-id id type { h323 | siemens | sip [...]
-
Page 1272
Security Configuration Command Set Configuring Convergence End Points (CEP) Phone Detection 14-1 12 Matrix NSA Series Configuration Guide 14.3.8.10 set cep detection-id address Use this command to set an H.323, Siemens, or SI P phone detection group’ s IP address or mask . By default, H.323 will use 22 4.0.1.41 as its IP address and Siemen s will[...]
-
Page 1273
Security Configurati on Command Set Configuring Con vergence End Points (CEP) Phone Detection Matrix NSA Series Configuration Guide 14-1 13 14.3.8.1 1 set cep de tection-id protocol Use this command to specify an IP protocol type for H.323, Siemens, o r SIP convergence end points detection. If an IP address is not set fo r a phone detection group a[...]
-
Page 1274
Security Configuration Command Set Configuring Convergence End Points (CEP) Phone Detection 14-1 14 Matrix NSA Series Configuration Guide 14.3.8.12 set cep detection-id porthigh | portlow Use this command to set the maximum and minimu m ports used for TCP or UDP convergence end points detection. Once UDP and/or TCP phon e detection has been specifi[...]
-
Page 1275
Security Configurati on Command Set Configuring Con vergence End Points (CEP) Phone Detection Matrix NSA Series Configuration Guide 14-1 15 14.3.8.13 set cep initialize Use this command to clear all ex istin g CEP co nnections for one or more CEP-enable d ports. This command is similar to the clear cep users command. set cep initialize [ port-strin[...]
-
Page 1276
Security Configuration Command Set Configuring Convergence End Points (CEP) Phone Detection 14-1 16 Matrix NSA Series Configuration Guide 14.3.8.14 clear cep Use this command to clear conver gence end points parameters. clear cep { all | policy | detection [ detection-id ] | users [ port-string ] | port [ port-string { all | cisco | h323 | siemens [...]
-
Page 1277
Security Configurati on Command Set Configuring Con vergence End Points (CEP) Phone Detection Matrix NSA Series Configuration Guide 14-1 17 Examples This example shows how to clear all CEP policy parameters This example shows how to clear detection id 4 parameters This example shows how to clears ports fe .1.1-5 of Cisco phone d etection parameters[...]
-
Page 1278
Security Configuration Command Set Configuring MAC Locking 14-1 18 Matrix NSA Series Configuration Guide 14.3.9 Configuring MAC Locking Purpose T o review , disable , enable and configure MAC locking. This lock s a MAC address to one or more ports, preventing connection of un authorized de vices via the port(s). When source MAC addresses are receiv[...]
-
Page 1279
Security Configurati on Command Set Configuring MAC Lockin g Matrix NSA Series Configuration Guide 14-1 19 14.3.9.1 show maclo ck Use this command to display the status of MAC locking on one or more ports. show maclock [ port_string ] Synt ax Description Command Default s If port_string is not specified, MAC locking stat us will be displayed for al[...]
-
Page 1280
Security Configuration Command Set Configuring MAC Locking 14-120 Matrix NSA Series Configuration Guide T able 14-6 show maclock Output Det ails Output What It Displays... Port Numbe r Port des ignation . For a detailed description of possible port_string values, refer to Section 4.1.1 . Port S tatus Whether MAC locking is enabled or disabled on th[...]
-
Page 1281
Security Configurati on Command Set Configuring MAC Lockin g Matrix NSA Series Configura tion Guide 14-121 14.3.9.2 show maclo ck st atio ns Use this command to disp lay MAC locking information about en d stations connected to the device. show maclock stations [ firstarrival | static ][ port-string ] Synt ax Description Command Default s If no para[...]
-
Page 1282
Security Configuration Command Set Configuring MAC Locking 14-122 Matrix NSA Series Configuration Guide T able 14-7 provides an explanation of the command output. T able 14-7 sho w mac lo c k stations Outp ut Details Output What It Displays... Port Numbe r Port des ignation . For a detailed description of possible port_string values, refer to Secti[...]
-
Page 1283
Security Configurati on Command Set Configuring MAC Lockin g Matrix NSA Series Configura tion Guide 14-123 14.3.9.3 set maclock enable Use this command to enable MAC locking on one or more ports. When enab led and configured for a specific MAC address and port string, this lock s a port so that only designated end station addresses are allowed to p[...]
-
Page 1284
Security Configuration Command Set Configuring MAC Locking 14-124 Matrix NSA Series Configuration Guide 14.3.9.4 set maclock disable Use this command to disable MAC locking on one or more ports. set maclock disable [ port_string ] Synt ax Description Command Default s If port_string is not specified, MAC locking w ill be disabled on all ports. Comm[...]
-
Page 1285
Security Configurati on Command Set Configuring MAC Lockin g Matrix NSA Series Configura tion Guide 14-125 14.3.9.5 set maclock Use this command to create a static MAC addr ess and enable or disable MAC locking for the specific MAC address and port. When created and enabled, this allows only the end station designated by the MAC address to particip[...]
-
Page 1286
Security Configuration Command Set Configuring MAC Locking 14-126 Matrix NSA Series Configuration Guide 14.3.9.6 set maclock first arrival Use this command to restrict MAC locking on a port to a maximum number of end station addresses first connected to that port. set maclock firstarrival port_string value Synt ax Description Command Default s None[...]
-
Page 1287
Security Configurati on Command Set Configuring MAC Lockin g Matrix NSA Series Configura tion Guide 14-127 14.3.9.7 set maclock move Use this command to move all current first arrival MACs to static entries. set maclock move port-string Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W rite. Example This [...]
-
Page 1288
Security Configuration Command Set Configuring MAC Locking 14-128 Matrix NSA Series Configuration Guide 14.3.9.8 clear maclock firstarrival Use this command to reset the number of first arri val MAC addresses allowed per port to the default value of 600. clear maclock firstarrival port-string Synt ax Description Command Default s None. Command T yp[...]
-
Page 1289
Security Configurati on Command Set Configuring MAC Lockin g Matrix NSA Series Configura tion Guide 14-129 14.3.9.9 set maclock static Use this comm and to restrict MAC locking on a port to a maximum number of static (management defined) MAC addresses for end stations connected to that port. set maclock static port_string value Synt ax Description [...]
-
Page 1290
Security Configuration Command Set Configuring MAC Locking 14-130 Matrix NSA Series Configuration Guide 14.3.9.10 clear maclock static Use this command to reset the number of static MA C addresses allowed per port to the default value of 20. clear maclock static port_string Synt ax Description Command Default s None. Command T ype Switch command. C[...]
-
Page 1291
Security Configurati on Command Set Configuring MAC Lockin g Matrix NSA Series Configura tion Guide 14-131 14.3.9.1 1 set maclock trap Use this command to enable or disable MAC lock trap messaging. When enabled, this authorizes the device to send an SNMP tra p message if an end station is connected that exceeds the maximum values config ured using [...]
-
Page 1292
Security Configuration Command Set Configuring MAC Locking 14-132 Matrix NSA Series Configuration Guide 14.3.9.12 clear maclock Use this command to clear MAC locking from one or more static MAC addresses. clear maclock { all | mac-addr ess port-string } Synt ax Description Command Default s None. Command T ype Switch command. Command Mode Read-W ri[...]
-
Page 1293
Security Configurati on Command Set Configuring Multiple Authentica tio n Matrix NSA Series Configura tion Guide 14-133 14.3.10 Configuring Multiple Authentication About Multiple Authentication When enabled, multiple authentic ation allows multiple users to authenticate using up to three methods on the same port, and receive a policy traf fic profi[...]
-
Page 1294
Security Configuration Command Set Configuring Multiple Authentication 14-134 Matrix NSA Series Configuration Guide Purpose T o configure multiple authentication. Commands The commands used to configure multiple authentication are listed below and d escribed in the associated section as shown: • set multiauth mode ( Section 14.3. 10.1 ) • clear[...]
-
Page 1295
Security Configurati on Command Set Configuring Multiple Authentica tio n Matrix NSA Series Configura tion Guide 14-135 14.3.10.1 set multiauth mode Use this command to set the system authentic ation mode to use mu ltiple authenticators simultaneously or to strictly adhere to 802.1X. set multiauth mode { mu lti | strict } Synt ax Description Comman[...]
-
Page 1296
Security Configuration Command Set Configuring Multiple Authentication 14-136 Matrix NSA Series Configuration Guide 14.3.10.2 clear multiau th mode Use this command to clear the system authentication mode. clear multiauth mode Synt ax Description None. Command T ype Switch command. Command Mode Read-W rite. Command Default s None. Examples This exa[...]
-
Page 1297
Security Configurati on Command Set Configuring Multiple Authentica tio n Matrix NSA Series Configura tion Guide 14-137 14.3.10.3 set multiauth precedence Use this command to set the system’ s multiple authentication administra tive precedence.When a user is succes sfully authenticated by more than one method at the same tim e, the precedence of [...]
-
Page 1298
Security Configuration Command Set Configuring Multiple Authentication 14-138 Matrix NSA Series Configuration Guide 14.3.10.4 clear multiau th precedence Use this command to clear the system’ s multip le authentication administrative precedence. clear multiauth precedence Synt ax Description None. Command T ype Switch command. Command Mode Read-W[...]
-
Page 1299
Security Configurati on Command Set Configuring Multiple Authentica tio n Matrix NSA Series Configura tion Guide 14-139 14.3.10.5 show multiauth port Use this command to display multiple authen tication properties for one or more ports. show multiauth port [ port-string ] Synt ax Description Command T ype Switch command. Command Mode Read-Only . Co[...]
-
Page 1300
Security Configuration Command Set Configuring Multiple Authentication 14-140 Matrix NSA Series Configuration Guide 14.3.10.6 set multiauth port Use this command to set mu ltiple authentication propertie s for one or more ports. set multiauth port mode {auth-opt | au th-reqd | force-auth | forc e-unauth} | numusers numusers port-string Synt ax Desc[...]
-
Page 1301
Security Configurati on Command Set Configuring Multiple Authentica tio n Matrix NSA Series Configura tion Guide 14-141 14.3.10.7 clear multiauth port Use this command to clear multiple authen tication properties for one or more ports. clear multiauth port {[ mode ] [ numusers ] port-string } Synt ax Description Command T ype Switch command. Comman[...]
-
Page 1302
Security Configuration Command Set Configuring Multiple Authentication 14-142 Matrix NSA Series Configuration Guide 14.3.10.8 show multiauth st ation Use this command to display multiple au thentication station (end user) entries. show multiauth station [ mac addr ess ] [ port port-string ] Synt ax Description Command T ype Switch command. Command [...]
-
Page 1303
Security Configurati on Command Set Configuring Multiple Authentica tio n Matrix NSA Series Configura tion Guide 14-143 14.3.10.9 clear multiauth st ation Use this command to clear one or more multiple authentica tion station entries. clear multiauth station [ mac addr ess ] port port-string Synt ax Description Command T ype Switch command. Command[...]
-
Page 1304
Security Configuration Command Set Configuring Multiple Authentication 14-144 Matrix NSA Series Configuration Guide 14.3.10.10 show multiauth sessi on Use this command to display multip le authentication session entries. show multiauth session [ all ] [ agent { dot1x | mac | pwa | cep }] [ mac addr ess ] [ port port-string ] Synt ax Description Com[...]
-
Page 1305
Security Configurati on Command Set Configuring Multiple Authentica tio n Matrix NSA Series Configura tion Guide 14-145 Example This example shows how to display multiple auth entication session: Matrix(rw)-> show multiaut h session Multiple authentication session e ntries --------------------------------- -------- Port : fe.2.2 Station address [...]
-
Page 1306
Security Configuration Command Set Configuring Multiple Authentication 14-146 Matrix NSA Series Configuration Guide 14.3.10.1 1 show multiauth idle-timeout Use this command to display the mu ltiple authentication timeout value for an idle session. This will display the idle-timeout vlaues, in seconds, for the following authentic ation types: dot1x,[...]
-
Page 1307
Security Configurati on Command Set Configuring Multiple Authentica tio n Matrix NSA Series Configura tion Guide 14-147 14.3.10.12 set multiauth idle-timeout Use this command to set the multiple authentic ation timeout value for an idle session. This command can set the idle-time out vlaues, in second s, for the following auth entication types: dot[...]
-
Page 1308
Security Configuration Command Set Configuring Multiple Authentication 14-148 Matrix NSA Series Configuration Guide 14.3.10.13 clear multiauth idle-timeout Use this command to clear multiple authentication idle-timeout values , for an idle session, back to the default values for one or all authentication type s. The default value is 300 seconds for[...]
-
Page 1309
Security Configurati on Command Set Configuring Multiple Authentica tio n Matrix NSA Series Configura tion Guide 14-149 14.3.10.14 show mult iauth session-timeout Use this command to display mu ltiple authentication session-timeo ut values for an active session. This will display the session-timeo ut values, in seconds, for the following authentica[...]
-
Page 1310
Security Configuration Command Set Configuring Multiple Authentication 14-150 Matrix NSA Series Configuration Guide 14.3.10.15 set multiauth session-timeout Use this command to set multiple authentication session-timeout values, for an active session. set multiauth session-timeout [ cep | dot1x | mac | pwa ] timeout Synt ax Description Command Defa[...]
-
Page 1311
Security Configurati on Command Set Configuring Multiple Authentica tio n Matrix NSA Series Configura tion Guide 14-151 14.3.10.16 clear mult iauth session-timeout Use this command to clear multip le aut hentication session-timeout values, for an active session, back to the default values. clear multiauth session-timeout [ cep | dot1x | mac | pwa ][...]
-
Page 1312
Security Configuration Command Set Configuring Secu re Shell (SSH) 14-152 Matrix NSA Series Configuration Guide 14.3.1 1 Configuring Se cure Shell (SSH) Purpose T o review , enable, disable, and configure the Secu re Shell (SSH) protoc ol, which provides secure Te l n e t . Commands The commands used to review and configure SSH are listed below and[...]
-
Page 1313
Security Configurati on Command Set Configuring Secure Shell (SSH) Matrix NSA Series Configura tion Guide 14-153 14.3.1 1.1 show ssh state Use this command to display the cu rrent status of SSH on the device. show ssh stat e Synt ax Description None. Command T ype Switch command. Command Mode Read-Only . Command Default s None. Examples This exampl[...]
-
Page 1314
Security Configuration Command Set Configuring Secu re Shell (SSH) 14-154 Matrix NSA Series Configuration Guide 14.3.1 1 .2 set ssh Use this command to enable, disable or reinitialize SSH server on the device. set ssh { enable | disable | reinitialize} Synt ax Description Command T ype Switch command. Command Mode Read-W rite. Command Default s Non[...]
-
Page 1315
Security Configurati on Command Set Configuring Secure Shell (SSH) Matrix NSA Series Configura tion Guide 14-155 14.3.1 1.3 set ssh hostkey Use this command to set or rein itialize new SSH authentication keys. set ssh hostkey [ reinitialize ] Synt ax Description Command T ype Switch command. Command Mode Read-W rite. Command Default s None. Example[...]
-
Page 1316
Security Configuration Command Set Configuring Secu re Shell (SSH) 14-156 Matrix NSA Series Configuration Guide 14.3.1 1 .4 show rou ter ssh Use this command to display the st ate of SSH service to the router . show router ssh Synt ax Description None. Command T ype Switch command. Command Mode Read-Only . Command Default s None. Example This examp[...]
-
Page 1317
Security Configurati on Command Set Configuring Secure Shell (SSH) Matrix NSA Series Configura tion Guide 14-157 14.3.1 1.5 set router ssh Use this command to enables or di sable SSH service to the router . set router ssh { enable | disable } Synt ax Description Command T ype Switch command. Command Mode Read-W rite. Command Default s None. Example[...]
-
Page 1318
Security Configuration Command Set Configuring Secu re Shell (SSH) 14-158 Matrix NSA Series Configuration Guide 14.3.1 1.6 clear router ssh Use this command to reset SSH service to the router to the default state of disabled. clear router ssh Synt ax Description None. Command T ype Switch command. Command Mode Read-W rite. Command Default s None. E[...]
-
Page 1319
Security Configurati on Command Set Configuring Access Lists Matrix NSA Series Configura tion Guide 14-159 14.3.12 Con figuring Access L ist s Purpose T o review and configure security access contro l lists (ACLs), which permit or de ny access to routing interfaces based on protocol and source IP address restrictions. Commands The commands used to [...]
-
Page 1320
Security Configuration Command Set Configuring Access Lists 14-160 Matrix NSA Series Configuration Guide 14.3.12.1 show access-lists Use this command to display c onfigured IP access lists w hen operating in router mode. show access-lists [ number ] Synt ax Description Command T ype Router command. Command Mode Any router mode. Command Default s If[...]
-
Page 1321
Security Configurati on Command Set Configuring Access Lists Matrix NSA Series Configura tion Guide 14-161 14.3.12.2 access-list (standard) Use this command to define a standard IP access list by num be r when operating in router mode. Restrictions defined by an access list are applied by using the ip access-group comma nd ( Section 14.3.12.4 ). ac[...]
-
Page 1322
Security Configuration Command Set Configuring Access Lists 14-162 Matrix NSA Series Configuration Guide Command Synt ax of the “no” Form The “no” form of this command re moves the defined access list or entry: no access-list access-list-num ber [ entry ] Command T ype Router command. Command Mode Global configuration: Matrix>Router1(con[...]
-
Page 1323
Security Configurati on Command Set Configuring Access Lists Matrix NSA Series Configura tion Guide 14-163 This example moves entry 16 to the beginning of ACL 22: Matrix>Router1(config)# ac cess-list 22 move 1 16[...]
-
Page 1324
Security Configuration Command Set Configuring Access Lists 14-164 Matrix NSA Series Configuration Guide 14.3.12.3 access-list (extended) Use this command to define an extended IP acce ss list by number when operating in router mode. Restrictions defined by an access list are applied by us ing the ip acc ess-group command as described in Sec tion 1[...]
-
Page 1325
Security Configurati on Command Set Configuring Access Lists Matrix NSA Series Configura tion Guide 14-165 Synt ax Description access-list-number Specifies an extended access list number . V alid values are from 100 to 199 . insert | re place entry (Optional) Inserts this new entr y before a specified entry in an existing ACL, or replaces a specifi[...]
-
Page 1326
Security Configuration Command Set Configuring Access Lists 14-166 Matrix NSA Series Configuration Guide destination Specifies the network or host to which the packet will be sent. V alid options for e xpressing destination are: • IP address (A.B.C.D) • any - Any destination host • host sour ce - IP address of a single destination host destin[...]
-
Page 1327
Security Configurati on Command Set Configuring Access Lists Matrix NSA Series Configura tion Guide 14-167 Command Synt ax of the “no” Form The “no” form of this command removes the defined access list or entry: no access-list access-list-numbe r [ entry ] Command T ype Router command. Command Mode Global configuration: Matrix>Router1(co[...]
-
Page 1328
Security Configuration Command Set Configuring Access Lists 14-168 Matrix NSA Series Configuration Guide This example shows how to defi ne access list 102 to deny TCP packets transmitted from any IP source port with a the Dif fServ value set to 55. Matrix>Router1(config)# access-l ist 102 deny tcp any any dscp 55[...]
-
Page 1329
Security Configurati on Command Set Configuring Access Lists Matrix NSA Series Configura tion Guide 14-169 14.3.12.4 ip access-g roup Use this command to apply access restrictions to inbound or outbound fram es on an interface when operating in router mode. ip access-group access-list-number { in | out } Synt ax Description Command Synt ax of the ?[...]
-
Page 1330
Security Configuration Command Set Configuring Policy-Based Rou ting 14-170 Matrix NSA Series Configuration Guide 14.3.13 Configuring Policy-Based Routing About Policy-Based Routing Normally , IP pac kets are forwarded ac cording to the route that has been selected by traditional routing pro tocols, such as RIP and OSPF , or by st atic routes. In t[...]
-
Page 1331
Security Configurati on Command Set Configuring Policy-Ba sed Routing Matrix NSA Series Configura tion Guide 14-171 • ip policy pinger ( Section 14.3 .13.9 )[...]
-
Page 1332
Security Configuration Command Set Configuring Policy-Based Rou ting 14-172 Matrix NSA Series Configuration Guide 14.3.13.1 show rou te-map Use this command to displa y a configured route map li st for policy-based rou ting. show route-map id-number Synt ax Description Command T ype Router command. Command Mode Global configuration: Matrix>Route[...]
-
Page 1333
Security Configurati on Command Set Configuring Policy-Ba sed Routing Matrix NSA Series Configura tion Guide 14-173 14.3.13.2 route-map Use this command to create a route map for policy- based routin g and to enab le policy-based routing configuration mode. route-map id-number [ permit | deny ] [ sequence-number ] Synt ax Description Command Synt a[...]
-
Page 1334
Security Configuration Command Set Configuring Policy-Based Rou ting 14-174 Matrix NSA Series Configuration Guide Command Default s • If permit or deny is not specified, this comm and will enable route map or policy based ro uting configuration mode. • If sequence-number is n ot s pecif ied, 10 will be applied. Example This example shows how to[...]
-
Page 1335
Security Configurati on Command Set Configuring Policy-Ba sed Routing Matrix NSA Series Configura tion Guide 14-175 14.3.13.3 match i p address Use this command to match a packet source IP address against a PBR access list. Up to 5 access lists can be matched. match ip address access-list-number Synt ax Description Command Synt ax of the “no” F[...]
-
Page 1336
Security Configuration Command Set Configuring Policy-Based Rou ting 14-176 Matrix NSA Series Configuration Guide 14.3.13.4 set next hop Use this command to set one or more next hop IP address for pac kets matching an extended access list in a co nfigured route map. Up to five n ext hops can be specif ied. set next hop { next-hop1 }[ next-hop2. ...[...]
-
Page 1337
Security Configurati on Command Set Configuring Policy-Ba sed Routing Matrix NSA Series Configura tion Guide 14-177 14.3.13.5 show ip policy Use this command to display the po licy applied to a routing interface . show ip policy Synt ax Description None. Command T ype Router command. Command Mode Global configuration: Matrix>Router1(config)# Com[...]
-
Page 1338
Security Configuration Command Set Configuring Policy-Based Rou ting 14-178 Matrix NSA Series Configuration Guide Pinger Whether PBR ne xt ho p pinging is on or off. Can be turned on and configured us ing the ip policy pinger command as described in Section 14.3.13.9 . Interval PB R next hop pi ng interval (in secon ds). Default of 3 can be reset u[...]
-
Page 1339
Security Configurati on Command Set Configuring Policy-Ba sed Routing Matrix NSA Series Configura tion Guide 14-179 14.3.13.6 ip p olicy route-map Use this command to assign a rout e map list to a routing interface . ip policy route-map id-num ber Synt ax Description Command Synt ax of the “no” Form The “no” form of un-a ssigns a route map [...]
-
Page 1340
Security Configuration Command Set Configuring Policy-Based Rou ting 14-180 Matrix NSA Series Configuration Guide 14.3.13.7 ip policy priority Use this command to prioritize P BR next hop behavior . ip policy priority {[ only ] [ first ] [ last ]} Synt ax Description Command Synt ax of the “no” Form The “no” form of this command resets the [...]
-
Page 1341
Security Configurati on Command Set Configuring Policy-Ba sed Routing Matrix NSA Series Configura tion Guide 14-181 14.3.13.8 ip policy load-policy Use this command to configure PBR next h op behavior . When more than one next hop is co nfigured (using the set next hop command as described in Section 14.3.13.4 ) the load policy specifies choosing o[...]
-
Page 1342
Security Configuration Command Set Configuring Policy-Based Rou ting 14-182 Matrix NSA Series Configuration Guide 14.3.13.9 ip policy pinger Use this command to configure behavior for p inging PBR next hops. ip policy pinger { off | on [ interva l interval ] [ retrie s re t r i e s } Synt ax Description Command Synt ax of the “no” Form The “n[...]
-
Page 1343
Security Configurati on Command Set Configuring Denia l of Service (DoS ) Prevention Matrix NSA Series Configura tion Guide 14-183 14.3.14 Configuring Denial of Service (DoS) Prevention Purpose T o configure Denial of Service (DoS) prevention, which will protect the router from attacks and notify administrators via Sys l og . Commands The commands [...]
-
Page 1344
Security Configuration Command Set Configuring Denial of Service (DoS) Prevention 14-184 Matrix NSA Series Configuration Guide 14.3.14.1 show host dos Use this command to display Denial of Service security status and counters. show hostdos Synt ax Description None, Command T ype Router command. Command Mode Global configuration: Matrix>Router1(c[...]
-
Page 1345
Security Configurati on Command Set Configuring Denia l of Service (DoS ) Prevention Matrix NSA Series Configura tion Guide 14-185 14.3.14.2 host dos Use this command to enable or disabl e Denial of Service security features . hostdos { land | fragmicmp | largeicmp size | checkspoof | portscan } Synt ax Description Command Synt ax of the “no” F[...]
-
Page 1346
Security Configuration Command Set Configuring Denial of Service (DoS) Prevention 14-186 Matrix NSA Series Configuration Guide Examples This example shows how to globa lly enable land attack and larg e ICMP packets protection for packet s lar ger than 2000 bytes: This example shows how to enable spoofed address checking on the VLAN 1 interface: Mat[...]
-
Page 1347
Security Configurati on Command Set Configuring Denia l of Service (DoS ) Prevention Matrix NSA Series Configura tion Guide 14-187 14.3.14.3 clear host dos-counters Use this command to clear Denial of Service security counters. clear hostdos-counters Synt ax Description None. Command T ype Router command. Command Mode Global configuration: Matrix&g[...]
-
Page 1348
Security Configuration Command Set Configuring Flow Setup Throttling (FST) 14-188 Matrix NSA Series Configuration Guide 14.3.15 Configuring Flow Setup Throttling (FST) About FST Flow Setup Throttling (FST) is a proactive feature d esigned to mitigate DoS attacks before the virus can wreak havoc on the network. FST di rectly co mbats the effects of [...]
-
Page 1349
Security Configurati on Command Set Configuring Flow Setup Throttling (FST) Matrix NSA Series Configura tion Guide 14-189 • set flowlimit port ( Section 14.3. 15.8 ) • clear flowlimit port class ( Section 14.3.15.9 ) • set flowlimit shutdown ( Section 14. 3.15.10 ) • set flowlimit notification ( S ection 14.3.15.1 1 ) • clear flowlimit no[...]
-
Page 1350
Security Configuration Command Set Configuring Flow Setup Throttling (FST) 14-190 Matrix NSA Series Configuration Guide 14.3.15.1 show flowlimit Use this command to display fl ow setup throttling information. show flowlimit [ port [ port-string ]] [ stats [ port-string ]] Synt ax Description Command T ype Switch command. Command Mode Read-Only . Co[...]
-
Page 1351
Security Configurati on Command Set Configuring Flow Setup Throttling (FST) Matrix NSA Series Configura tion Guide 14-191 14.3.15.2 set flowlimit Use this command to globally enab le or disable flow setup throttling. set flowlimit { enable | disable } Synt ax Description Command T ype Switch command. Command Mode Read-W rite. Command Default s None[...]
-
Page 1352
Security Configuration Command Set Configuring Flow Setup Throttling (FST) 14-192 Matrix NSA Series Configuration Guide 14.3.15.3 set flowli mit limit Use this command to set a flow lim it that will trigger an action for a port user classi fication. Once configured, this limit can be: • associated with an action using the set flowlimit action com[...]
-
Page 1353
Security Configurati on Command Set Configuring Flow Setup Throttling (FST) Matrix NSA Series Configura tion Guide 14-193 Example This example shows how to set th e flow limit 1 to 12 flows on ports classified as user ports: Matrix(rw)-> set flowlimit limit1 12 userport[...]
-
Page 1354
Security Configuration Command Set Configuring Flow Setup Throttling (FST) 14-194 Matrix NSA Series Configuration Guide 14.3.15.4 clear flowlimit limit Use this command to remove a flow limit configuration. clear flowlimit { limit1 | l imit2 } [ userport | serverport | aggregated user | interswitchlink | unspecified ] Synt ax Description Command T [...]
-
Page 1355
Security Configurati on Command Set Configuring Flow Setup Throttling (FST) Matrix NSA Series Configura tion Guide 14-195 14.3.15.5 set flowlimit action Use this command to associate an action with a flow limit. This is the act ion that will occur once the associated flow limit is reached. set flowlimit { action1 | action2 } [ notify ] [ drop ] [ d[...]
-
Page 1356
Security Configuration Command Set Configuring Flow Setup Throttling (FST) 14-196 Matrix NSA Series Configuration Guide Command Default s • If action is not specified, no action will be applied. • If classification port type is not specified, none will be applied. Example This example shows how to set flow limiting action 1 to discard all flows[...]
-
Page 1357
Security Configurati on Command Set Configuring Flow Setup Throttling (FST) Matrix NSA Series Configura tion Guide 14-197 14.3.15.6 clear fl owlimit action Use this command to remove a fl ow limiting action configuration. clear flowlimit { action1 | action2 } [ notify ] [ drop ] [ disable ] [ userport | serverport | aggregateduser | interswitchlink[...]
-
Page 1358
Security Configuration Command Set Configuring Flow Setup Throttling (FST) 14-198 Matrix NSA Series Configuration Guide 14.3.15.7 show flowlimit class Use this command to display flow lim iting classification configuration(s). show flowlimit class [ userport | se rverport | aggr egateduser | interswitchlink | unspecified ] Synt ax Description Comma[...]
-
Page 1359
Security Configurati on Command Set Configuring Flow Setup Throttling (FST) Matrix NSA Series Configura tion Guide 14-199 Example This example shows how to show flow limits and as sociated actions c onfigured for the various port classifications: Matrix(rw)-> show flowlimi t class Flow setup throttling class confi guration: Class Limit Action --[...]
-
Page 1360
Security Configuration Command Set Configuring Flow Setup Throttling (FST) 14-200 Matrix NSA Series Configuration Guide 14.3.15.8 set flowli mit port Use this command to: • enable or disable flow limiting on on e or more port(s), • assign a flow limiting user classifica tion to one or more port(s). On ce a classification is assigned, these port[...]
-
Page 1361
Security Configurati on Command Set Configuring Flow Setup Throttling (FST) Matrix NSA Series Configura tion Guide 14-201 Example This example shows how to assign the user port classification type to Fast Ethernet ports 3-5 in port group 2: Matrix(rw)-> set flowlimit port class userport fe.2.3-5[...]
-
Page 1362
Security Configuration Command Set Configuring Flow Setup Throttling (FST) 14-202 Matrix NSA Series Configuration Guide 14.3.15.9 clear flowlimit port class Use this command to remove flow lim iting port classif ication properties. clear flowlimit port class [ port-string ] Synt ax Description Command T ype Switch command. Command Mode Read-W rite.[...]
-
Page 1363
Security Configurati on Command Set Configuring Flow Setup Throttling (FST) Matrix NSA Series Configura tion Guide 14-203 14.3.15.10 set flow limit shutdown Use this command to enable or disable the flow lim it shut down fu nction. When enabled, this allows ports configured with a “disable” action to shut down. For information on using the set [...]
-
Page 1364
Security Configuration Command Set Configuring Flow Setup Throttling (FST) 14-204 Matrix NSA Series Configuration Guide 14.3.15.1 1 set flowlimit notification Use this command to enable or di sable flow limit notification, or to set a notification interval. When enabled, this allows ports configured with a “t rap” action to send an SNMP trap me[...]
-
Page 1365
Security Configurati on Command Set Configuring Flow Setup Throttling (FST) Matrix NSA Series Configura tion Guide 14-205 14.3.15.12 clear flowlimit notification interval Use this command to reset the SNMP flow limit notifi cation interval to th e default value of 120 seconds. clear flowlimit notification interval Synt ax Description None. Command [...]
-
Page 1366
Security Configuration Command Set Configuring Flow Setup Throttling (FST) 14-206 Matrix NSA Series Configuration Guide 14.3.15.13 clear flowlimit st at s Use this command to reset flow limiting statistics back to default values on one or more port(s). clear flowlimit stats [ port-st ring ] Synt ax Description Command T ype Switch command. Command [...]
-
Page 1367
Matrix NSA Series Configuration Guide Index-1 Index Numerics 802.1D 6-1 802.1Q 7-1 802.1w 6-1 802.1x 14-12 , 14-27 A Access Groups 14-169 Access Lists 14-161 to 14-164 Addresses IP, adding to switch rou ting table 11 -1 0 9 MAC, adding entries to routing tabl e 12-10 MAC, setting for IP routing 12-26 setting the router ID address 13-36 Advertised A[...]
-
Page 1368
Index Index-2 M atrix NSA Se ries Conf iguratio n Guide Contexts (SNM P) 5-3 Convergence En d Points (CEP) phone detection 14-101 Copying Configuratio n or Image Files 2-1 14 Cost area default 13-51 OSPF 13-37 , 13-51 Spanning T ree port 6-1 12 D Debugging OSPF 13-74 Defaults CLI behavior, describe d 2-9 factory installed 2-1 DHCP Server 12-1 10 DH[...]
-
Page 1369
Index Matrix NSA Series Configuration Guide Index-3 L License key advanced routing 2-90 , 13-2 Line Editing C ommands 2-1 1 , 2-17 Link Aggrega tion (LACP) 4-98 Link Layer Discovery Pro tocol (LLDP) configuring 3-25 Link State Advert isements displaying 13-6 2 retransmit interval 13-40 transmit de lay 13-41 LLDP configuring 3-25 LLDP-MED configurin[...]
-
Page 1370
Index Index-4 M atrix NSA Se ries Conf iguratio n Guide retransmit interval 13-40 timers 13-39 transmit de lay 13- 41 virtual links 13-53 , 13-71 P Password aging 2-32 history 2-32 , 2-33 set new 2-29 setting the login 2-29 Path MTU Di scovery Protocol 2-1 19 Phone detection Cisco, Siemens and H.323 14-101 PIM 12-47 Ping 11 - 3 2 , 12-45 Policy Man[...]
-
Page 1371
Index Matrix NSA Series Configuration Guide Index-5 S Scrolling Screens 2-16 Secure Shell (SSH) 14-152 enabling 14- 154 regenerating new keys 14-155 Security methods, overview of 14-1 Serial Port downloading upgra des via 2-94 set policy classify 8- 29 set policy port 8-1 1 , 8-38 set policy syslog 8-17 , 8-19 , 8-20 SNMP access rights 5-26 accessi[...]
-
Page 1372
Index Index-6 M atrix NSA Se ries Conf iguratio n Guide egress lists 7-25 enabling GVRP 7-33 ingress filtering 7-1 1 naming 7-8 reviewing existing 7-3 secure management, creating 7- 32 VRRP authentic ation 13-105 configuration mo de, enabling 13-91 creating a session 13-92 critical IP 13-99 enabling on an inte rface 13-104 priority 13- 95 virtual r[...]