TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452 should contain:
- informations concerning technical data of TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452
- name of the manufacturer and a year of construction of the TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452 item
- rules of operation, control and maintenance of the TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the TP-Link service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the TP-Link TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452 Gigabit Smart Switch REV1.3.0 191001 1017[...]

  • Page 2

    I COPYRIGHT & TRADEMARKS S pecifications are subject to change without notice. is a registered trademark of TP-LINK TECHNOLOGIES CO., L TD. Other brands and product names are trademarks or registered trademarks of t heir respective holders. No part of the specificatio ns ma y be reproduced in any form or by any means or used to make any derivat[...]

  • Page 3

    II CONTENTS Preface ………………………………………………………………………………….1 Chapter 1 Using the CLI ....................................................................................... 3 1.1 Accessin g the CLI .................................................................................................[...]

  • Page 4

    III voice vlan priority ............................................................................................................ ....... 24 voice vlan ma c-address ......................................................................................................... 24 switchport voic e vlan m ode ............................................[...]

  • Page 5

    IV Chapter 8 SSH Comm ands................................................................................. 47 ip ssh serv er .................................................................................................................. ........ 47 ip ssh version ..................................................................................[...]

  • Page 6

    V ip address-al loc dhcp .......................................................................................................... .. 68 ip address-al loc bootp ......................................................................................................... .. 69 reset ......................................................................[...]

  • Page 7

    VI show storm- control ............................................................................................................. ... 90 show band width ................................................................................................................. .... 91 Chapter 13 QoS Comma nds................................................[...]

  • Page 8

    VII access-list extende d ........................................................................................................... .1 1 3 rule ........................................................................................................................... ........... 1 14 access-list policy name........................................[...]

  • Page 9

    VIII spanning-tree co mmon-conf ig ............................................................................................. 133 spanning-tree mode............................................................................................................. 134 spanning-tree mst c onfigurat ion ...................................................[...]

  • Page 10

    IX show ip igmp s nooping interf ace ......................................................................................... 156 show ip igmp snooping vl an ................................................................................................ 157 show ip igmp s nooping multi- vlan .......................................................[...]

  • Page 11

    X lldp rece ive ................................................................................................................... ....... 181 lldp trans mit .................................................................................................................. ....... 182 lldp snmp -trap ................................................[...]

  • Page 12

    1 Preface This Guide is intended for network administrator to provide referenced information about CLI (Command Line Interface). The device mentioned in this Guide stands for TL-SG2210P/TL-SG2216/TL-SG2424/TL-SG2424P/TL-SG2452 Gigabit Smart Switch. The five devices of TL-SG2210P/TL-SG2216/ TL-S G2424/TL-SG2424P/TL-SG2452 are sharing this Guide. For[...]

  • Page 13

    2 Chapter 1 1: S ystem Configuration Commands Provide information about the commands used for configuring the Sy stem information and System IP, reboot and reset the switch, upgrade the sw itch system and comm ands used for device diagnose, including loopback test and cable test. Chapter 12: Ethernet Configuration Commands Provide information about[...]

  • Page 14

    3 Chapter 1 Using the CLI 1.1 Accessing the CLI Y ou can log on to the switch and access the CLI by logging on to the switch remotely by a T elnet or SSH connection through an Ethernet port. 1.1.1. Logon by Telnet T o log on to the switch by a T elnet connection, please take the following step s: 1. Click Start → Run to open the Run window , and [...]

  • Page 15

    4 1.1.2. Logon by SSH T o log on by SSH, a Putty client software is recommended. There are tw o authentication modes to set up an SSH connection: Password Authentication Mode : It requires username and password, which are both admin by default. Key Authentication Mode : It requires a public key for the sw itch and a private key for the SSH client s[...]

  • Page 16

    5 Figure 1-5 SSH Connection Config 2. Click the Open button in the above figure to log on to the switch. Enter the login user name and password to log on the switch, and then en ter enable to enter Privileged EXEC Mode, so you can continue to c onfigure the switch. Figure 1-6 Log on the Switch[...]

  • Page 17

    6  Key Authentication Mode 1. Select the key type and key length, and gene rate SSH key . Figure 1-7 Generate SSH Key Note: 1. The key length is in the range of 256 to 3072 bits. 2. During the key gene ration, randoml y moving the mouse quickly can accelerat e the key generation.[...]

  • Page 18

    7 2. After the key is successfully generated, pleas e save the public key and private key to a TFTP server . Figure 1-8 Save the Generated Key 3. Log on to the switch by T elnet and downlo ad the public key file from the TFTP server to the switch, as the following figure shows:[...]

  • Page 19

    8 Figure 1-9 Download the Public Key Note: 1. The key type should accord with the type of the key file. 2. The SSH key downloading can not be interrupt ed. 4. After the public key is downloaded, please log on to the interface of PuTTY and enter the IP address for login.[...]

  • Page 20

    9 Figure 1-10 SSH Connection Config 5. Click Browse to download the private key file to SSH client software and click Open . Figure 1-1 1 Download the Private Key[...]

  • Page 21

    10 6. After successful authentication, please enter the login user name. If you log on to the switch without entering password, it indicates t hat the key has been successfully downloaded. Figure 1-12 Log on the Switch 1.2 CLI Command Modes The CLI is divided into different command modes: User EXEC Mode, Privileged EXEC Mode, Global Configuration M[...]

  • Page 22

    11 Mode Accessing Path Prompt Logout or Access the next mode Privileged EXEC Mode Use the enable command to ente r this mode from User EXEC mode. TL- SG2424# Enter the disable or the exit command to return to User EXEC mode. Enter configure command to access Global Configuration mode. Global Configuration Mode Use the configure command to ente r th[...]

  • Page 23

    12  Interface Configuration Mode : In this mode, users can c onfigure one or several ports, different ports corresponds to dif ferent commands a). Interface gigabitEthernet: Configure parameters for an Ethernet port, such as Duplex-mode, flow control status. b). Interface range gigabitEthernet: Configur e parameters for several Ethernet ports. c[...]

  • Page 24

    13 1.4 Conventions 1.4.1 Format Conventions The following conventions are used in this Guide:  Items in square brackets [ ] are optional  Items in braces { } are required  Alternative items are grouped in braces and se parated by vertical bars. For example: speed {10 | 100 | 1000 }  Bold indicates an unalterable keyword. For example: sh[...]

  • Page 25

    14 Chapter 2 User Interface enable Description The enable command is used to access Privileged EXEC Mode from User EXEC Mode. Synt ax enable Command Mode User EXEC Mode Example If you have set the password to access Privileged EXEC Mode from User EXEC Mode: TL-SG2424>enable Enter p ass word : TL-SG2424# enable password Description The enable p[...]

  • Page 26

    15 Example Set the super password as admin to a ccess Privileged EXEC Mode from User EXEC Mode: TL-SG2424(config)# enable pass w ord admin disable Description The disable command is used to return to User EXEC Mode from Privileged EXEC Mode. Synt ax disable Command Mode Privileged EXEC Mode Example Return to User EXEC Mode from Privileged EXEC Mode[...]

  • Page 27

    16 exit Description The exit command is used to return to t he previous Mode from the current Mode. Synt ax exit Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Return to Global Configuration Mode fr om Interface Configuration Mode, and then return to Privileged EXEC Mode: TL-SG2424(config-if)# exit TL-SG2424(config)#exit TL-S[...]

  • Page 28

    17 Command Mode Privileged EXEC Mode and any Configuration Mod e Example Show the commands you have ent ered in the current mode: TL-SG2424 (config)# history 1 history history clear Description The history clear command is used to clear t he commands you have entered in the current mode, therefor e these commands will not be shown next time you use[...]

  • Page 29

    18 Chapter 3 IEEE 802.1Q VLAN Commands VLAN (Virtual Local Area Network) technology is developed for the switch to divide the LAN into multiple logical LANs flexibly . Hosts in the same VLAN can communicate with each other , regardless of their physical locations. VLAN can enhance performance b y conserving bandwidth, and improve security by limiti[...]

  • Page 30

    19 Parameter vlan-id —— S pecify IEEE 802.1Q VLAN ID, ranging from 1 to 4094. Command Mode Global Configuration Mode Example Create VLAN Interface 2: TL-SG2424(config)# interface vlan 2 name Description The name command is used to assign a description to a VLAN. T o clear the description, please use no name command. Synt ax name descript no nam[...]

  • Page 31

    20 Parameter vlan-list —— S pecify IEEE 802.1Q VLAN ID list, ranging from 2 to 4094, in the format of 2-3, 5. It is multi-optional. tagged | untagged —— Egress rule , unt agged or tagged. T agged: All pa ckets forwarded by the port are tagged. The pa ckets contain VLAN information. Untagged: Packets forwarded by the port are untagged. Com[...]

  • Page 32

    21 Synt ax show vlan summary Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the summarized inform ation of IEEE 802.1Q VLAN: TL-SG2424(config)# show vlan summary show vlan brief Description The show vlan brief command is used to display the brief information of IEEE 802.1Q VLAN. Synt ax show vlan brief Command Mode Pr[...]

  • Page 33

    22 Example Display the information of vlan 5: TL-SG2424(config)# show vlan id 5 show interface switchport Description The show interface switchport command is used to display the IEEE 802.1Q VLAN configuration information of the specified port or all ports. Synt ax show interface sw itchport [ port ] Parameter port —— The port number . By d efa[...]

  • Page 34

    23 Chapter 4 Voice VLAN Commands V oice VLANs are configured spec iall y for voice data stream. By configuring V oice VLANs and adding the ports with voice devic es attached to voice VLANs, you can perform QoS-related configuration for voice data, ens uring the transmission priority of voice data stream and voice quality . voice vlan Description Th[...]

  • Page 35

    24 Parameter time —— Aging time (in minutes) to be set for the V oice VLAN. It ranges from 1 to 43200 and the default value is 1440. Command Mode Global Configuration Mode Example Set the aging time for the V oice VLAN as 1 minute: TL-SG2424(config)# voice vlan aging time 1 voice vlan priority Description The voice vl an priority command is use[...]

  • Page 36

    25 Synt ax voice vlan mac-address mac-addr mask mask [ description descript ] no voice vlan mac-address mac-addr Parameter mac-addr —— The OUI address of the voic e device, in the format of XX:XX:XX:XX:XX :XX. mask —— The OUI address mask of the voice device, in the format of XX:XX:XX:XX:XX :XX. descript ——Give a description to the OUI [...]

  • Page 37

    26 Example Configure the port 3 to operate in the auto voice VLAN mode: TL-SG2424(config)# interface gigabitEthernet 1/0/3 TL-SG2424(config-if)# switchport voice vlan mode auto switchport voice vlan security Description The s w itchport voice vlan security command is used to enable the V oice VLAN security feature. T o disable the V oice VLAN secur[...]

  • Page 38

    27 Example Display the configuration inform ation of V oice VLAN globally: TL-SG2424(config)# show voice vlan show voice vlan oui Description The show voice vlan oui command is used to display the configura tion information of V oice VLAN OUI. Synt ax show voice vlan oui Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display [...]

  • Page 39

    28 Display the V oice VLAN configur atio n information of port 2: TL-SG2424(config)# show voice vlan switchport gigabitEthernet 1/0/2[...]

  • Page 40

    29 Chapter 5 Etherchannel Commands Etherchannel Commands are used to c onfigure LAG and LACP function. LAG (Link Aggregation Group) is to combine a number of ports together to make a single high-bandwidth data path, which can highly exte n d the bandwidth. The bandwidth of the LAG is the sum of bandwidth of it s member port. LACP (Link Aggregation [...]

  • Page 41

    30 port-channel load-balance Description The port-channel load-balance command is used to c onfigure the Aggregate Arithmetic for LAG . T o return to the default configur ations, please use no port-channel load-balance command. Synt ax port-channel load-balance { src-dst-mac | src-dst-ip } no port-channel load-balance Parameter src-dst-mac —— T[...]

  • Page 42

    31 Command Mode Global Configuration Mode Example Configure the LACP system priority as 1024 globally: TL-SG2424(config)# lacp system-priority 1024 lacp port-priority Description The lacp port-priority command is used to configure the LACP port priority for specified ports. T o return to t he default configurat ions, please use no lacp port-priorit[...]

  • Page 43

    32 Synt ax show etherchannel [ channel-group-n um ] { detail | summary } Parameter channel-group-num —— The EtherChannel G roup number , ranging from 1 to 6. By default, it is empty , and will displa y the information of all EtherChannel Groups. detail —— The detailed information of EtherChan nel. summary —— The EtherChannel information[...]

  • Page 44

    33 Parameter channel-group-num —— The EtherChannel G roup number , ranging from 1 to 6. By default, it is empty , and will displa y the information of all LACP groups. internal —— The internal LACP information. neighbor —— The neighbor LACP information. Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the in[...]

  • Page 45

    34 Chapter 6 User Management Commands User Management Commands are us ed to configure the user name and password for users to log on to the Web management p age with a certain access level so as to protect the settings of the switch from being randomly changed . user name Description The user name command is used to add a new user or modify the exi[...]

  • Page 46

    35 Example Add and enable a new admin user named tplink, of which the pa ssword is password: TL-SG2424(config)# user name tplink p assw ord password ty pe admin st atu s enable user access-control ip-based Description The user access-control ip-based command is used to limit the IP-range of the users for login. Only the users wi thin the IP-range y[...]

  • Page 47

    36 is allowed to login. T o cancel the user access limit, please use no user access-control command. Synt ax user access-control mac-based mac-addr no user access-control Parameter mac-addr —— The source MAC address. Only the user with this MAC address is allowed to login. Command Mode Global Configuration Mode Example Configure that only the u[...]

  • Page 48

    37 Example Configure that o nly the users c onnected to po rts 2-6 are allowed to logi n: TL-SG2424(config)# user access-control port-based interfa ce range gigabitEthernet 1/0/2-6 user max-number Description The user max-number command is used to configur e the number of the users logging on at the same time. T o cancel the limit to the num bers o[...]

  • Page 49

    38 Synt ax user idle-timeout minutes no user idle-timeout Parameter minutes ——The timeout time, ranging from 5 to 30 in minutes. By default, the value is 10. Command Mode Global Configuration Mode Example Configure the timeout time of the switch as 15 minutes: TL-SG2424(config)# user idle-timeout 15 show user account-list Description The show u[...]

  • Page 50

    39 Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the security configurat ion information of the users: TL-SG2424(config)# show user configuration[...]

  • Page 51

    40 Chapter 7 System Log Commands The log information will record the settings and oper ation of the switch re spectively for you to monitor operation status and diagnose malfunction. logging buffer Description The logging buffer command is used to configure the severity level and the status of the configuration input to the log buf fer . T o disabl[...]

  • Page 52

    41 logging file flash Description The logging file flash command is used to store the log messages in a file in the flash on the switch. T o disable t he log file flash f unction, please use no logging file flash command. The log file flash i ndicates the flash sector for saving system log. The information in the l og file of the flash will not be [...]

  • Page 53

    42 Command Mode Global Configuration Mode Example S pecify the log file synchroni zation frequency as 10 hours: TL-SG2424(config)#logging file flash frequency periodic 10 logging file flash level Description The logging file flash level command is used to s pecify the system log message severity level. Messages will a se verity level equal to or hi[...]

  • Page 54

    43 Synt ax clear logging [ buf fer | flash ] Parameter buffer | flash —The output channels: buffer and flash. Clear the information of the two channels, by default. Command Mode Global Configuration Mode Example Clear the information in the log file: TL-SG2424(config)# clear logging buffer logging host index Description The logging host index com[...]

  • Page 55

    44 Example Enable log host 2 and set its IP addr ess as 192.168.0.148, the level 5: TL-SG2424(config)# logging host index 2 192.168.0.148 5 show logging local-config Description The show logging local-config command is used to display the configuration of the Local Log including t he log buffer and the log file. Synt ax show logging local-config Co[...]

  • Page 56

    45 show logging buffer Description The show logging buffer command is used to display the log information in the log buffer according to the severity level. Synt ax show logging buffer [ level level ] Parameter leve l —— Severity level. There are 8 severi ty levels marked with values 0-7. The information of levels with priority not lower than t[...]

  • Page 57

    46 Example Display the log information with t he level marked 0~3 in the log file: TL-SG2424(config)# show logging flash level 3[...]

  • Page 58

    47 Chapter 8 SSH Commands SSH (Security Shell) can prov ide the unsecured remote management with security and powerful authentication to ensure the security of the management information. ip ssh server Description The ip ssh server command is used to enable SSH function. T o disable the SSH function, please use no ip ssh server command. Synt ax ip [...]

  • Page 59

    48 Example Enable SSH v2: TL-SG2424(config)# ip ssh version v2 ip ssh timeout Description The ip ssh timeout command is used to specify the idle-timeout time of SSH. T o restore to the fact ory defaults, please use ip ssh timeout command. Synt ax ip ssh timeout value no ip ssh timeout Parameter value —— The Idle-timeout time. During this period[...]

  • Page 60

    49 Command Mode Global Configuration Mode Example S pecify the maximum number of the c onnections to the SSH server as 3: TL-SG2424(config)# ip ssh max-client 3 ip ssh download Description The ip ssh download command is used to download the SSH key file from TFTP server . Synt ax ip ssh download { v1 | v2 } key-file ip-address ip-addr Parameter v1 [...]

  • Page 61

    50 Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the global conf iguration of SSH: TL-SG2424(config)# show ip ssh[...]

  • Page 62

    51 Chapter 9 SSL Commands SSL (Secure Sockets Layer), a security protocol, is to provide a secure connection for the application layer protocol (e.g. HTTP) based on TCP . Adopting asymmetrical encryptio n technology , SSL uses key pair to encrypt/decrypt information. A ke y pair refers to a public key (contained in the certificate) and its correspo[...]

  • Page 63

    52 Parameter ssl-cert —— The name of the SSL certificate wh ich is selected to download to the switch. The length of the name ranges from 1 to 25 characters. The Certificate must be BASE64 encoded. ip-addr —— The IP address of the TFTP server . Command Mode Global Configuration Mode Example Download an SSL Certificate named ssl-c ert from T[...]

  • Page 64

    53 show ip http secure-server Description The show ip http secure-server command is used to display the gl obal configuration of SSL. Synt ax show ip http secure-server Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the global configuration of SSL: TL-SG2424(config)# show ip http secure-server[...]

  • Page 65

    54 Chapter 10 MAC Address Commands MAC Address configuration can improve the network security by conf iguring the Port Security and maintaining the address information by managing the Address T able. mac address-table static Description The mac address-table st atic command is used to add the static MAC address entry . T o remove the corre sponding[...]

  • Page 66

    55 mac address-table aging-time Description The mac address-t able aging-time command is used to configure aging ti me for the dynamic address. T o return to the default configur ation , please use no mac address-t able agin g-time command. Synt ax mac address-t able agin g-time aging-time no mac address-t able ag ing-time Parameter aging-time —?[...]

  • Page 67

    56 Command Mode Global Configuration Mode Example Add a filtering address entry of which VLAN ID is 1 and MAC address is 00:1e:4b:04:01:5d: TL-SG2424(config)# mac address-table filtering mac 00:1e:4b:04:01:5d vid 1 mac address-table max-mac-count Description The mac address-t able max-mac-co unt command is used to configure the Port Security . T o [...]

  • Page 68

    57 status —— Enable or disable the Port Securi ty function for a specified port. By default, this function is disabled. Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Enable Port Security function for port 1, select S tatic mode as the learn mode, and specify the maximum number o[...]

  • Page 69

    58 Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the Aging T ime of the MAC address: TL-SG2424(config)# show mac address-table aging-time show mac address-table max-mac-count interface gigabitEthernet Description The show mac address-t able max-mac- count interface gigabitEthernet command is used to display the secur[...]

  • Page 70

    59 Synt ax show mac address-t able interface gigabitEthernet port Parameter port —— The Ethernet port number . Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the address configuration of port 1: TL-SG2424(config)# show mac address-table interface gigabitEthernet 1/0/1 show mac address-table mac-num Description The[...]

  • Page 71

    60 Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the information of the MAC address 00:00:00:00:23:00: TL-SG2424(config)#show mac address-t able mac 00:00:00: 00:23:00 show mac address-table vlan Description The show mac address-t able vlan command is used to display the MAC address configuration of the specified vla[...]

  • Page 72

    61 Chapter 11 System Commands System Commands can be used to configure the System informat ion and System IP , reboot and reset the switch, upgrade the swit ch system and other operations. system-time manual Description The system-time manual command is used to configure the system time manually . Synt ax system-time manual time Parameter time —?[...]

  • Page 73

    62 UTC-09:00 —— T imeZone for Alaska. UTC-08:00 —— TimeZone for Pacific T ime(US Canada). UTC-07:00 —— TimeZone for Mountain T ime(US Canada). UTC-06:00 —— TimeZone for Central Time(US Cana da). UTC-05:00 —— TimeZone for Eastern T ime(US Canad a). UTC-04:30 —— TimeZone for Caracas. UTC-04:00 —— T imeZone for Atlantic T i[...]

  • Page 74

    63 Command Mode Global Configuration Mode Example Configure the system time mode as NT P , the time zone is UTC-12:00, the primary NTP server is 133.100.9. 2 and the secondary NTP server is 139.78.100.163, the fetchi ng-rate is 1 1 hours: TL-SG2424(config)# s ystem-t ime ntp UTC-12:00 133.100.9.2 139.79 .100.163 11 system-time dst predefined Descri[...]

  • Page 75

    64 system-time dst date Description The system-time dst date command is used to configure the one-off daylight saving time. The start date is in the current year by default. The time range of the daylight saving time must shorter than one year , but you can configure it spanning years. T o disable DST function, please use no system-time dst command[...]

  • Page 76

    65 system-time dst recurring Description The system-time dst recurring command is used to configure the recurri ng daylight saving time. It can be confi gured spanning years. T o disable DST function, please use no system-time dst command. Synt ax system-time dst recurring { sweek } { sday } { smonth } { stime } { eweek } { eday } { emonth } { etim[...]

  • Page 77

    66 TL-SG2424(config)# system-time dst recurring first Sun May 02:00 last Sun Oct 02:00 45 hostname Description The hostname command is used to configure t he system name. T o clear the system name information, please use no hostname command. Synt ax hostname hostname no hostname Parameter hostname —— System Name. The length of the name ranges f[...]

  • Page 78

    67 Example Configure the system location as SHENZHEN: TL-SG2424(config)# location SHENSHEN contact-info Description The cont ac t-info command is used to configure the system cont act information. T o clear the system contac t information, please use no contact-info command. Synt ax cont act-info contact_info no cont act-info Parameter contact_info[...]

  • Page 79

    68 Example Set the VLAN 6 as IP ma nagement VLAN: TL-SG2424(config)# ip management-vlan 6 ip address Description The ip address command is used to configure the system IP address, Subnet Mask and Default Gateway . T o restore to the factory defa ults, please use no ip address command. This command should be configured in the Interface Configuration[...]

  • Page 80

    69 Synt ax ip address-alloc dhcp Command Mode Interface Configurati on Mode (interface vlan) Example Enable the DHCP Client f unction when the management VL AN of the switch is VLAN1: TL-SG2424(config)# interface vlan 1 TL-SG2424(config-if)# ip address-alloc dhcp ip address-alloc bootp Description The ip address-alloc bootp command is used to enabl[...]

  • Page 81

    70 Command Mode Privileged EXEC Mode Example Reset the software of the switch: TL-SG2424# reset reboot Description The reboot command is used to reboot the Switch. T o avoid damage, please don’t turn off the device while rebooting. Synt ax reboot Command Mode Privileged EXEC Mode Example Reboot the Switch: TL-SG2424# reboot copy running-config st[...]

  • Page 82

    71 copy startup-config tftp Description The copy startup-config t ftp command is used to backup the configuration file to TFTP server . Synt ax copy st artup-config t ftp ip-address ip-addr filename name Parameter ip-addr —— IP address of the TFTP server . name —— S pecify the name for the configur ation file which would be backup. Command [...]

  • Page 83

    72 TL-SG2424# copy t ftp st artup-config ip-address 192.168.0.148 filename config firmware upgrade Description The firmware upgrade command is used to upgrade the switch system file via the TFTP server . Synt ax firmware upgrade ip-address ip-addr filename name Parameter ip-addr —— IP address of the TFTP server . name —— S pecify the name f[...]

  • Page 84

    73 count (-i) —— The interval to send ICMP request pa ckets. It ranges from 100 to 1000 milliseconds. By default, this value is 1000. Command Mode User EXEC Mode and Privileged EXEC Mode Example T o test the connectivity between the swit ch and the network device with the IP 192.168.0.131, pl ease specify the count (-l) as 512 bytes and count ([...]

  • Page 85

    74 loopback interface gigabitEthernet Description The loopback interface gigabitEthernet command is used to test whether the port is available or not. Synt ax loopback interface gigabitEthernet { port } { internal | external } Parameter port —— The Gigabit Ethern et port number . internal | external —— Loopback T ype. There are two options:[...]

  • Page 86

    75 show running-config Description The show running-config command is used to display the current operating configuration of the system or of a specified port. Synt ax show running-config [ interface gigabitEthernet port ] Parameter port —— The Gigabit Ethernet port number . Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example [...]

  • Page 87

    76 Synt ax show system-time dst Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the DST time information of the switch TL-SG2424# show system- time dst show system-time ntp Description The show system-time ntp command is used to display the NTP mode configuration information. Synt ax show system-time ntp Command Mode P[...]

  • Page 88

    77 Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Show the cable-diagnostics of port 3: TL-SG2424# show cable-diagnostics interface gigabitEthernet 1/0/3[...]

  • Page 89

    78 Chapter 12 Ethernet Configuration Commands Ethernet Configuration Commands can be used to configure the B andwidth Control, Negotiation Mode and S torm Control for Ethernet ports. interface gigabitEthernet Description The interface gigabitEthernet command is used to enter the Interface gigabitEthernet Configurat ion Mode and configure t he corre[...]

  • Page 90

    79 User Guidelines Command in the Interface Range gigabitEthernet Mode is executed independently on all ports in the range. It does not affect the execution on the other ports at all if the command results in an error on one port. Example T o enter the Interface range gigabitEther net Configuration Mode, and configure ports 1, 2, 3, 6, 7 and 9 at t[...]

  • Page 91

    80 Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Disable port 3: TL-SG2424(config)# interface gigabitEthernet 1/0/3 TL-SG2424(config-if)# shutdo w n flow-control Description The flow-control command is used to enable the flow -control function for a port. T o disable the flow-contro[...]

  • Page 92

    81 Parameter rj45 | sfp —— Media type. Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Configure the media type of Combo port 22 as “ SFP ” : TL-SG2424 (config)# interface gigabitEthernet 1/0/22 TL-SG2424 (config-if)# media-type sfp duplex Description The duplex command is use[...]

  • Page 93

    82 Synt ax speed { 10 | 100 | 1000 | auto } no speed Parameter 10 | 100 | 1000 | auto —— The speed mode of the Ethernet port. There are four options: 10Mbps, 100Mbp s, 1000Mbps and Auto negotiation mode (default). Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Configure the S pee[...]

  • Page 94

    83 Example Enable the broadcast cont rol function for port 5: TL-SG2424(config)# interface gigabitEthernet 1/0/5 TL-SG2424(config-if)# storm-control broadcast For TL-SG2452: Description The storm-control broadcast command is used to enable the broadcast control function. T o disable the broadcast contro l function, please use no storm-control broad[...]

  • Page 95

    84 Synt ax storm-control multicast no storm-control multicast Parameter rate —— S pecify the bandwidth for receivi ng multicast packets on the port. The packet traf fic exceeding the bandwidth will be discarded. The va lue of it can be 128k | 256k| 512k|1m | 2m | 4m | 5m | 10m | 20m | 40m | 50m in bps. By default, the value is “128K”. Comma[...]

  • Page 96

    85 storm-control unicast For TL-SG2210P/TL-SG2216/TL-SG2424/TL-SG2424P: Description The storm-control unicast command is used to enable the unicast control function. T o disable the unicast control functi on, please use no storm-control unicast command. Unicast control f unction allows the switch to filter UL frame in the network. If the transmissi[...]

  • Page 97

    86 no storm-control unicast Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Enable the unicast cont rol function for port 5: TL-SG2452(config)# interface gigabitEthernet 1/0/5 TL-SG2452(config-if)# storm-control unicast storm-control rate This command is supported only on TL-SG2452. D[...]

  • Page 98

    87 bandwidth Description The bandwid th command is used to configure the bandwidth limit for an Ethernet port. T o disable t he bandwidth limit, please use no bandwid th command. Synt ax bandwidth {[ ingress ingress-rate ] [ egress egress-rate ]} no bandwid th { all | ingress | egress } Parameter ingress-rate —— S pecify the ban dwid th for rec[...]

  • Page 99

    88 show interface status Description The show interface status command is used to display the connective-st atus of an Ethernet port. Synt ax show interface [ gigabitEthernet port ] status Parameter port —— The Ethernet port number . Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the connective-status of all port [...]

  • Page 100

    89 show interface description Description The show interface description command is used to display the description of all ports or an Ethernet port. Synt ax show interface [ gigabitEthernet port ] description Parameter port —— The Ethernet port number . Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the descripti[...]

  • Page 101

    90 show interface configuration Description The show interface configuration command is used to display the configurations of all ports or an Ethernet port, including Port-status, Flow Control, Negotiation Mode and Port-description. Synt ax show interface [ gigabitEthernet port ] configuration Parameter port —— The Ethernet port number . Comman[...]

  • Page 102

    91 TL-SG2424(config)# show storm-control interface range gigabitEthernet 1/0/4-7 show bandwidth Description The show bandwidth command is used to display the bandwidth-limit information of Ethernet ports. Synt ax show bandwidth [ interface { gigabi tEthernet port | range gigabitEthernet port-list }] Parameter port —— The Ethernet port number . [...]

  • Page 103

    92 Chapter 13 QoS Commands QoS (Quality of Service) function is used to optimiz e the network performance. It provides you with network service experience of a better quality . qos For TL-SG2210P: Description The qos command is used to configure the priori ty level of packets from the port. T o return to the default configuration, please use no qos[...]

  • Page 104

    93 Parameter cos-id —— The priority of port. It ranges from 0 to 7, which represent CoS0-CoS7 respectively . By default, the priority is 0. Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) User Guidelines Port priority is one property of the port. When the port priority is specified, the d[...]

  • Page 105

    94 Example Enable the mapping relation between IE EE 802.1P Priority and egress queue: TL-SG2210P(config)# qos cos qos dscp Description The qos dscp command is used to enable the mapping relation between DSCP Priority and CoS value. T o disabl e the mapping relation, please use no qos dscp command. Synt ax qos dscp no qos dscp Command Mode Global C[...]

  • Page 106

    95 no qos queue cos-map Parameter tag/cos-id —— The 8 priority levels defined by IEEE 802.1P or the priority level the packet s with tag are mapped to, which ranges from 0 to 7 (for TL-SG2210P/ TL-SG2452) or ranges from CoS 0 to CoS 7 (for TL-SG2216/TL-SG2424/ TL-SG2424P) . tc-id —— The egress queue the p ackets with tag are mapped to. It r[...]

  • Page 107

    96 Parameter dscp-list —— List of DSCP value. One or several DSCP values can be typed using comma to separate. Use a hyphen to designate a range of values, for instance, 1,4-7,1 1 indicates choosing 1,4,5,6,7,1 1. The DSCP value ranges from 0 to 63. tc-id —— Th e TC queue ID, which ranges from 0 to 3. Command Mode Global Configuration Mode [...]

  • Page 108

    97 Command Mode Global Configuration Mode User Guidelines By default, the mapping relation between tag and the egress queue is: (0-7)-CoS 0, (8-15)-C oS 1, (16-23)-CoS 2, (24-31)-CoS 3, (32-39)- CoS 4, (40-47)-CoS 5, (48-55)-CoS 6, (56-63)-CoS 7. Example Map DSCP values 10-12 to CoS 2: TL-SG2424(config)# qos queue dscp-map 10-12 2 qos queue mode De[...]

  • Page 109

    98 queues, the switch allows TC3 to occ upy the whole bandwidth following the SP mode and the TC0, TC1 and TC2 in the WRR group will take up the bandwidth according to their ratio 1:2:4. equ —— Equal-Mode. In this mode, all the queues occupy the bandwidth equally . The weight value ratio of all the queues is 1:1:1:1. Command Mode Global Configu[...]

  • Page 110

    99 Synt ax show qos cos-map Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the configuratio n of IEEE 802.1P Priority and the mapping relation between cos-id and tc-id: TL-SG2424# show qos cos-map show qos dscp-map Description The show qos dscp-map command is used to disp lay the configuration of DSCP Priority . Synt [...]

  • Page 111

    100 show qos status Description The show qos status command is used to display the status of IEEE 802.1P priority and DSCP priority . Synt ax show qos status Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the status of IEEE 802. 1P priority and DSCP priority: TL-SG2424# show qos status[...]

  • Page 112

    101 Chapter 14 Port Mirror Commands Port Mirror refers to the process of forwarding copies of packets from one port to a monitoring port. Usually , the monitoring port is connected to data diagnose device , which is used to analyze the monitored packet s for monitoring and troubleshooting the netwo rk. monitor session destination interface Descript[...]

  • Page 113

    102 monitor session source interface Description The monitor session source interface command is used to configure the monitored port. T o delete the corre sponding monitored port, please use no monitor session source interface command. Synt ax monitor session session_num source interface gigabitEthernet port-list mode no monitor session session_nu[...]

  • Page 114

    103 TL-SG2424(config)# monitor session 1 source interface gigabitEthernet 1/0/4-5,1/0/7 rx Delete port 4 in monitor session 1 and its configuration: TL-SG2424(config)# no monitor session 1 source interface gigabitEthernet 1/0/4 rx show monitor session Description The show monitor session command is used to displa y the configuration of port monitor[...]

  • Page 115

    104 Chapter 15 Port Isolation Commands Port Isolation provides a method of restricting traffic flow to improve the network security by forbidding the port to forward packets to the ports that are not on its forwarding port list. port isolation Description The port isolation command is used to configure t he forward port list of a port, so that this[...]

  • Page 116

    105 Synt ax show port isolation interface [ gigabitEthernet port ] Parameter port —— The number of Ethernet port you want to show its forward port list, in the format of 1/0/2. Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the forward-list of port 2: TL-SG2424# show port isolation interface gigabitEthernet 1/0/2 [...]

  • Page 117

    106 Chapter 16 Loopback Detection Commands With loopback detection feature enabled, the switch can detect loops us ing loopback detection packet s. When a loop is detected, the switch will di splay an alert or further block the corresponding port according to the configuration. loopback-detection(global) Description The loopback-detection command i[...]

  • Page 118

    107 Example S pecify the interval -time as 50 seconds: TL-SG2424(config)# loopback-detection interval 50 loopback-detection recovery-time Description The loopback-detection recovery-time command is used to configure the time after which the blocked port would automatically recover to normal status. Synt ax loopback-detection recovery-time recovery-[...]

  • Page 119

    108 Example Enable the loopback detection f unction of ports 1-3: TL-SG2424(config)# interface range gigabitEthernet 1/0/1-3 TL-SG2424(Config-if-range)# loopback-detection loopback-detection config Description The loopback-detection config command is used to configure the process-mode and recovery-mode for the por ts by which the switch copes with [...]

  • Page 120

    109 loopback-detection recover Description The loopback-detection recover command is used to remove the block status of selected ports, recovering the blocked ports to no rmal status, Synt ax loopback-detection recover Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Recover the blocke[...]

  • Page 121

    11 0 show loopback-detection interface Description The show loopback-detection interface command is used to display the configuration of loopback det ection function and the st atus of t he specified Ethernet port. Synt ax show loopback-detection interface [ gigabitEthernet port ] Parameter port —— The Ethernet port number . Command Mode Privil[...]

  • Page 122

    111 Chapter 17 ACL Commands access-list create Description The access-list create command is used to create standard-IP ACL a nd extend-IP ACL. Synt ax access-list create access-list-num Parameter access-list-num —— ACL ID, rang ing from 100 to 299. The ID range of S tandard-IP ACL ranges is 100-199 and the Extend-IP ACL is 200-299. Command Mod[...]

  • Page 123

    11 2 TL-SG2424(config)# mac access-list 23 access-list standard Description The access-list standard command is used to add S tandard-IP ACL rule. T o delete the correspondi ng rule, please use no access-list standard command. S tandard-IP ACLs analyze and process da ta p ackets based on a series of match conditions, which c an be the source IP add[...]

  • Page 124

    11 3 access-list extended Description The acces s-list extended command is used to add Extended-IP ACL rule. T o delete the correspondi ng rule, please use no access-list exten ded command. Synt ax access-list extended acl-id rule rule-id { deny | permit } [[ sip source-ip ] smask source-ip-mask ] [[ dip destination-ip ] dm ask destination-ip-mask [...]

  • Page 125

    11 4 rule Description The rule command is used to configure MAC ACL rule. T o delete the corresponding rule, please use no rule command. Synt ax rule rule-id { deny | permit } [[ smac source-mac ] smask source-mac-mask ] [[ dmac destination-mac ] dmask destination-mac-mask ] no rule rule-id Parameter rule-id —— The rule ID. deny —— The oper[...]

  • Page 126

    11 5 Policy is used to control the data p a c kets those match the corresponding ACL rules by configuring ACLs and actions together for effect. The operations here include stream mirror , stream condi tion, QoS Remarking and redirect. Synt ax access-list policy name name no access-list policy name name Parameter name —— The Policy Name, ranging[...]

  • Page 127

    11 6 access-list bind(interface) Description The access- list bind command is used to bind a policy to a specified port. T o cancel the bind re lation, please use no access-list bind command. Synt ax access-list bind policy-name no access-list bind policy-name Parameter policy-name —— The name of the policy desired to bind. Command Mode Interfa[...]

  • Page 128

    11 7 TL-SG2424(config-if)# access-list bind policy1 show access-list Description The show access-list command is used to display configuration of ACL. Synt ax show access-list acl-id Parameter acl-id —— The ID of the ACL selected to display the configurat ion. Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the con[...]

  • Page 129

    11 8 show access-list bind Description The show access-list bind command is used to displa y the configuration of Policy bind. Synt ax show access-list bind Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the configuration of Policy bind: TL-SG2424(config)# show access-list bind[...]

  • Page 130

    11 9 Chapter 18 DHCP Filtering Commands DHCP Filtering functions to monitor the process of hosts obt aining IP addresses from DHCP Servers by configuring the desir ed port(s) as Trusted Port(s). Only the ho st s connected to the trusted port(s) can receive DHCP packets from DHCP servers. In this way , the switch can devoid of DHCP cheating att ack [...]

  • Page 131

    120 Example Configure port 1 to be a trusted port: TL-SG2424(config)#interface gigabitEthernet 1/0/1 TL-SG2424(config-if)#ip dhcp filtering trust show ip dhcp filtering Description The show ip dhcp filtering command is used to displa y the running status of DHCP Filtering. Syntax show ip dhcp filtering Command Mode Privileged EXEC Mode and Any Conf[...]

  • Page 132

    121 Chapter 19 PoE Commands Note: Only TL-SG2210P and TL-SG2424P supports PoE function. PoE (Power over Ethernet) technology describes a system to transmit electrical power along with data to remote devices over standard twisted-pair cable in an Ethernet netwo rk. It is especially useful for supplying power to IP telephones, wi reless LAN access po[...]

  • Page 133

    122 Syntax power profile name [ supply { enable | disable } [ priority { low | middle | high } [ consumption { power-limit | auto | class1 | class2 | class3 | cla ss4 } ] ] ] no power profile name Parameter name —— The PoE profile name, ranging from 1 to 16 characters. If the name being assigned contains spaces then put it inside double quotes.[...]

  • Page 134

    123 absolute, pe riodic and holiday. A PoE time-ra nge can implement mul tiple time-ranges simult aneously as l ong as they d o not conflict with each othe r. To delete the cor responding PoE tim e-range confi guration, pleas e use no power time-range comm and. The PoE tim e-range det ermines t he power s upply ti me of the switch. You can s pecify[...]

  • Page 135

    124 Example Create a PoE holiday named “Natio nal Da y”, and configure the start date as October 1st and the end date as October 3rd: TL-SG2424P(config)# power holiday NationalDay start-date 10/01 end-date 10/03 absolute Description The absolute command is used to create an absolute mode time-range for the PoE time-range of the switch. The swit[...]

  • Page 136

    125 periodic time occurs. To delete t he corresponding periodic mode time-range configuration, please use no periodic command. Syntax periodic { [ week-date week-day ] [ time-slice1 time-slice ] [ time-slice2 time-slice ] [ time-slice3 time-slice ] [ time-slice4 time-slice ] } no periodic [ week-date | time-slice ] Parameter week-day — — Period[...]

  • Page 137

    126 Command Mode Power Time-range Create Configuration Mode Example Create a holiday mode time-range for the PoE time-range nam ed “tRange3” and configure PoE time-range of the switch excludes the PoE holiday: TL-SG2424P(config)# power time-range tRange3 TL-SG2424P(config-pwr-time-range)# holiday exclude power inline consumption (interface) Des[...]

  • Page 138

    127 power inline priority Description The power inline priority command is used to configure the PoE priority for the corresponding port Syntax power inline priority { low | middle | high } Parameter priority ——The PoE priority of the por t. The priority levels include “high”, “middle” and “low” in descending or de r. When the suppl[...]

  • Page 139

    128 TL-SG2424P(config)# interface gigabitEthernet 1/0/2 TL-SG2424P(config-if)# power inline supply enable power inline profile Description The power inline profile command is used to bind a Po E profile to the corresponding port. To cancel the bind relation, please use no pow er inline profile command. Syntax power inline profile name no power inli[...]

  • Page 140

    129 Command Mode Interface Configuration Mode Example Bind the PoE time-range named “tRange2" to port 2: TL-SG2424P(config)# interface gigabitEthernet 1/0/2 TL-SG2424P(config-if)# power inline time-range tRange2 show power inline Description The show power inline command is used to display the global PoE information of the system. Syntax sho[...]

  • Page 141

    130 show power inline information interface Description The show pow er inline information command is used to display the PoE information of the certain port. Syntax show power inline information interface [ gigabitEthernet port ] Parameter port —— The Ethernet port number. Command Mode Privileged EXEC Mode and Any Configuration Mode Example Di[...]

  • Page 142

    131 Command Mode Privileged EXEC Mode and Any Configuration Mode Example Display the defined PoE holiday: TL-SG2424P# show pow er holiday show power time-range Description The show pow er time-range command is used to displa y the configuration of PoE time-range. Syntax show power time-range Command Mode Privileged EXEC Mode and Any Configuration M[...]

  • Page 143

    132 Chapter 20 MSTP Commands MSTP (Multiple S panning T ree Protocol), compat ible with both STP and RSTP and subject to IEEE 802.1s, can disbranch a ri ng network. STP is to block redunda nt links and backup links as well as optimize paths. spanning-tree(global) Description The spanning-tree command is used to enable STP function globally . T o di[...]

  • Page 144

    133 Example Enable the STP function for port 2: TL-SG2424(config)# interface gigabitEthernet 1/0/2 TL-SG2424(config-if)# spanning-tree spanning-tree common-config Description The sp anning-tree common-config command is used to configure the parameters of the port s for comparison in the CIST and the common parameters of all insta nces. T o return t[...]

  • Page 145

    134 point-to-point —— The P2P link status, with auto, open and close options. By default, the option is auto. If the two port s in the P2P link ar e root port or designated port, they can transit their states to forwarding rapidly to reduce the unnecessary forward delay . Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / i[...]

  • Page 146

    135 spanning-tree mst configuration Description The spanning-tree mst configuration command is used to access MST Configuration Mode from Global Confi guration Mode, as to configure the VLAN-Instance mapping, region name and revision level. T o return to the default configuration of the co rresponding Instance, please use no sp anning-tree mst conf[...]

  • Page 147

    136 Example Map the VLANs 1-100 to Instance 1: TL-SG2424(config)# sp anning-tree mst configuration TL-SG2424(config-mst)# instance 1 vlan 1-100 Disable Instance 1, namely remove all the mapping VLANs 1-100: TL- SG2424(config)# sp anning-tree mst configuration TL- SG2424(config-mst)# no inst ance 1 Remove VLANs 1-50 in mapping VLANs 1-100 for Instan[...]

  • Page 148

    137 Parameters revision —— The revision level for MST region identification, ranging from 0 to 65535. Command Mode MST Configuration Mode Example Configure the revision level of MST as 100: TL-SG2424(config)# sp anning-tree mst configuration TL-SG2424(config-mst)# revision 100 spanning-tree mst instance Description The sp anning-tree mst inst a[...]

  • Page 149

    138 use no sp anning-tree mst command. A port can play different roles in different spanning tree instance. Y ou can use this command to configur e the parameters of the ports in dif ferent instance IDs as well as view status of the port s in the specified instance. Synt ax sp anning-tr ee mst inst ance instance-id {[ port-priority pri ] | [ cost c[...]

  • Page 150

    139 Command Mode Global Configuration Mode Example Configure the bridge priority as 4096: TL-SG2424(config)# sp anning-tree priorit y 4096 spanning-tree tc-defend Description The spanning-tree tc-defend command is used to confi gure the TC Protect of S panning T ree globally . T o return to t he default configurat ion, please use no sp anning-tr ee[...]

  • Page 151

    140 spanning-tree timer Description The spanning-tree timer command is used to configure forward-time, hello-time and max-age of S panning T ree. T o return to the default configurations, please use no sp anning-tree timer command. Synt ax sp anning-tr ee timer {[ forward-time forward-ti me ] [ hello-time hello-time ] [ max-age max-age ]} no sp ann[...]

  • Page 152

    141 Synt ax sp anning-tree hold-count value no sp anning-tree hold-count Parameter value —— The maximum number of BPDU packets transmitted per Hello Time interval, ranging from 1 to 20 in pps. By default, it is 5. Command Mode Global Configuration Mode Example Configure the hold-count of STP as 8pp s: TL-SG2424(config)# sp anning-tree hold-coun[...]

  • Page 153

    142 spanning-tree bpdufilter Description The sp anning-tree bpdufilter command is used to enable the BPDU filter function for a port. With the function enabled, the port can be prevented from receiving and sending any BPDU packets. T o disable the BPDU filter function, please use no sp anning-tree bpdufilter command. Synt ax sp anning-tree bpdufilt[...]

  • Page 154

    143 Example Enable the BPDU protect function for port 2: TL-SG2424(config)# interface gigabitEthernet 2 TL-SG2424(config-if)# sp anning-tree bpduguard spanning-tree guard loop Description The spanning-tree guard loop command is used to enable the Loop Protect function for a port. Loop Protect is to prevent the loops in the network broug ht by recal[...]

  • Page 155

    144 Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Enable the Root Protec t function for port 2: TL-SG2424(config)# interface gigabitEthernet 1/0/2 TL-SG2424(config-if)# spanning-tree guard root spanning-tree guard tc Description The spanning-tree guard tc command is used to enable t[...]

  • Page 156

    145 Synt ax sp anning-tr ee mcheck Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Enable mcheck for port 2: TL-SG2424(config)# interface gigabitEthernet 1/0/2 TL-SG2424(config-if)# spanning-tree mcheck show spanning-tree active Description The show spanning-tree active command is use[...]

  • Page 157

    146 Example Display the bridge parameters: TL-SG2424(config)# show spanning-tree bridge show spanning-tree interface Description The show spanning-tree interface command is used to display the spanning-tree information of all ports o r a specified port. Synt ax show spanning-tree interface [ gigabitEthernet port ] [ edge | ext-cost | int-cost | mod[...]

  • Page 158

    147 Parameter port —— The Ethernet port number . Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the protect information of all ports: TL-SG2424(config)# show spanning-tree interface-security Display the protect information of port 1: TL-SG2424(config)#show sp anning-tree interface-security gigabitEthernet 1/0/1 Di[...]

  • Page 159

    148 Display all the ports information of MST Inst ance 1: TL-SG2424(config)#show sp anning-tree mst inst ance 1 inte rface[...]

  • Page 160

    149 Chapter 21 IGMP Commands IGMP Snooping (Internet Group Management Prot ocol Snooping) is a multicast control mechanism running on Layer 2 switch. It can effectively prevent multicast groups being broadcasted in the network. ip igmp snooping(global) Description The ip igmp snooping command is used to configure IGMP Snooping globally . T o disabl[...]

  • Page 161

    150 Example Enable IGMP Snooping function of port 3: TL-SG2424(config)# interface gigabitEthernet 1/0/3 TL-SG2424(config-if)# ip igmp snooping ip igmp snooping immediate-leave Description The ip igmp snooping immediate-leave command is used to configure the Fast Leave function for port. T o disabl e the Fast Leave fu nction, please use no ip igmp s[...]

  • Page 162

    151 Example S pecify the operation to proce ss unknown multicast as discard: TL-SG2424(config)# ip igmp snooping drop-unknown ip igmp snooping vlan-config Description The ip igmp snooping v lan-config command is used to enable VLAN IGMP Snooping function or to modify IGMP Snooping parameters, and to create static multicast IP entry . T o disable th[...]

  • Page 163

    152 Command Mode Global Configuration Mode Example Enable the IGMP Snooping function and m odify Router Port T ime as 300 seconds, Member Port T ime as 200 sec onds for VLAN 1-3, and set the Leave time as 15 seconds for VLAN 1-2: TL -SG24 24(c onfig )# ip igmp snooping vlan-confi g 1-3 rtime 300 TL -SG242 4(co nfig )# ip igmp snooping vl an-config [...]

  • Page 164

    153 leave-time —— Leave Time, which is the interval between the switch receiving a leave message from a host and the switch removing the host from the multicast groups. Leave Time ranges from 1 to 30 in seconds. By default, it is 1. port —— The Ethernet port number . Command Mode Global Configuration Mode Example Enable Multicast VLAN 3, an[...]

  • Page 165

    154 Example Bind the filtering address ID 2-6 to port 3: TL-SG2424(config)# interface gigabitEthernet 1/0/3 TL-SG2424(config-if)# ip igmp snooping filter addr-id 2-6 ip igmp snooping filter(global) Description The ip igmp snooping filter command is used to add or modify the multica st filtering IP-range. T o del ete the multicast filter ing IP-rang[...]

  • Page 166

    155 Synt ax ip igmp snooping filter no ip igmp snooping filter Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Enable IGMP Snooping filter function for port 3: TL-SG2424(config)# interface gigabitEthernet 1/0/3 TL-SG2424(config-if)# ip igmp snooping filter ip igmp snooping filter maxg[...]

  • Page 167

    156 Synt ax ip igmp snooping filter mode mode Parameter mode —— Action Mode, with refuse and accept options. Refuse indicates only the multicast packe ts whose multicast IP is not in th e IP-range will be processed, while accept indicates only the multicas t pa ckets whose multicast IP is in the IP-range will be processed. By def ault, the opti[...]

  • Page 168

    157 Synt ax show ip igmp snooping interface gigabitEthernet [ port | port-list ] { basic-config | filt er | packet-stat } Parameter port —— The Ethernet port number . port-list —— The list of Ethernet port s. basic-config | filter | pa cket-stat —— The related configuration information selected to display . Command Mode Privileged EXEC [...]

  • Page 169

    158 Example Display the IGMP snooping configur ation information of VLAN 2: TL-SG2424# show ip igmp snooping vlan 2 show ip igmp snooping multi-vlan Description The sho w ip igmp snooping multi-vlan command is used to display the Multicast VLAN configuration. Synt ax show ip igmp snooping multi-vlan Command Mode Privileged EXEC Mode and Any Co nfig[...]

  • Page 170

    159 Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the information of all IGMP snooping groups: TL-SG2424#show ip igmp snooping group s Display all the multicast entries in VLAN 5: TL-SG2424(config)#show ip igmp snooping groups vlan 5 Display the count of multic ast entries in VLAN 5: TL-SG2424(config)#show ip igmp sn[...]

  • Page 171

    160 Example Display all the multicast fi lter address information: TL-SG2424(config)# show ip igmp snooping filter[...]

  • Page 172

    161 Chapter 22 SNMP Commands SNMP (Simple Network Management Protocol) func tions are used to manage the network devices for a smooth communication, whic h can facilitate the network administrators to monitor the network nodes and implement the proper operation. snmp-server Description The snmp-server command is used t o enable the SNMP function. B[...]

  • Page 173

    162 mib-oid —— MIB Object ID. It is the Object I dentifier (OID) for the entry of V iew , ranging from 1 to 61 characters. include | exclude —— View T ype, with include and exclude options. They represent the view entry can/cannot be managed by the SNMP management station individually . Command Mode Global Configuration Mode Example Add a V[...]

  • Page 174

    163 By default, the Security Level is noAuthN oPriv . T here is no need to configure this in SNMP v1 Mode and SNMP v2c Mode. read-view —— Select the View to be the Read View . The management access is restricted to read-only , and changes cannot be made to the assigned SNMP Vie w . write-view —— Select the View to be the Write V iew . The m[...]

  • Page 175

    164 Parameter name —— User Name, ranging from 1 to 16 characters. local | remote —— User T ype, with local and remote options. Local indicates that the user is c onnected to a local SNMP engine, while remote means that the user is connected to a remote SNMP engine. group-name —— The Group Name of the User . The User is classified to the[...]

  • Page 176

    165 snmp-server community Description The snmp-server community command is used to add Community . T o delete the corresponding Community , please use no snmp-server community command. SNMP v1 and SNMP v2c adopt community nam e authentication. The community name can limit access to the SNMP agent from SNMP network management station, func tioning a[...]

  • Page 177

    166 udp-port —— UDP port, which is used to s end notifications. The UDP por t functions with the IP address for the not ification sending. It ranges from 1 to 65535. user-name —— The User name of the management station. smode —— The Security Model of the mana gement station, with v1, v2c and v3 options. By default, the option is v1. sle[...]

  • Page 178

    167 snmp-server engineID Description The snmp-server engineID command is used to configure the local and remote engineID of the switch. T o restore to the default setting, please use no snmp-server engineID command. Synt ax snmp-server engineID { [ local local-engineID ] [ remote remote-engineID ] } no snmp-server engineID Parameter local-engineID [...]

  • Page 179

    168 Synt ax snmp-server traps snmp [ lin kup | linkdown | wa rmstart | coldst art ] no snmp-server traps snmp [ linkup | linkdown | warmst art | coldstart ] Parameter linkup —— Enable linkup trap. It is s ent when port status changes from linkdown to linkup. By default, it is enabled. linkdown ——Enable linkdown trap. It is sent when port st[...]

  • Page 180

    169 snmp-server traps Description The snmp-server traps command is used to enable SNMP extended traps. T o disable the sending of SNMP extended trap s, please use no snmp-server trap s command. Synt ax snmp-server traps { bandwid th-control | cpu | flash | ipaddr-change | lldp | loopback-detection | storm-c ontrol | spanning-tree } no snmp-server t[...]

  • Page 181

    170 snmp-server traps mac Description The snmp-server traps mac command is used to enable SNMP extended MAC address-related traps which include four types: new , full, learn-mode-change and max-lear ned. T o disable the sending of SNMP extended MAC address related traps, please use no snmp-server traps mac command. Synt ax snmp-server traps mac [ n[...]

  • Page 182

    171 Synt ax snmp-server traps vlan [ create | delete ] no snmp-server traps vlan [create | delete ] Parameter create —— Enable VLAN-created trap. It is sent when new VLAN is created successfully . delete —— Enable VLAN-deleted traps. It is sent when VLAN is deleted successfully . Command Mode Global Configuration Mode Example Enable all SNM[...]

  • Page 183

    172 seconds —— The interval to take samplings from the port, ranging from 10 to 3600 in seconds. By default, it is 1800. owner-name —— The owner of the history sample entry , ranging from 1 to 16 characters. By default, it is “monitor”. Command Mode Global Configuration Mode Example Configure the sample port as Gi1/0/2 and the sample in[...]

  • Page 184

    173 Command Mode Global Configuration Mode Example Configure the user name of entry 1, 2, 3 and 4 as user1, the description of the event as description1, the type of event as log and the owner of the eve nt as owner1: TL-SG2424(config)# rmon event 1-4 user user1 description description1 ty pe log ow ne r owner1 rmon alarm Description The rmon alarm[...]

  • Page 185

    174 last sampled value from the current val ue, and then comparing the difference in the values with the threshold. By def ault, the Sample T ype is “absolute”. r-hold —— The rising counter value that tr iggers the Rising Threshold alarm, ranging from 1 to 65535. By default, it is 100. r-event —— Rise Event, which is the index of the co[...]

  • Page 186

    175 Synt ax show snmp-server Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display SNMP configuration globally: TL-SG2424# show snmp-server show snmp-server view Description The show snmp-server view command is used to display the View t able. Synt ax show snmp-server view Command Mode Privileged EXEC Mode and Any Co nfigura[...]

  • Page 187

    176 show snmp-server user Description The show snmp-server user command is used to display the User table. Synt ax show snmp-server user Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the User table: TL-SG2424# show snmp-server user show snmp-server community Description The show snmp-serve r community command is used[...]

  • Page 188

    177 Example Display the Host table: TL-SG2424# show snmp-server host show snmp-server engineID Description The show snmp-server engineID command is used to display the engineID of the SNMP . Synt ax show snmp-server engineID Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the engineID: TL-SG2424# show snmp-server engin[...]

  • Page 189

    178 show rmon event Description The show rmon event command is used to displa y the configuration of SNMP-RMON Event. Synt ax show rmon event [ index ] Parameter index —— The index nu mber of the entry sele cted to display the configuration, ranging from 1 to 12, in the format of 1- 3, 5. Y ou can select more than one entry for each command. By[...]

  • Page 190

    179 Chapter 23 LLDP Commands Note: Only TL-SG2210P and TL-SG2424P support LLDP function. LLDP function enables network devic es to advertise their own device information periodically to neighbors on the same LAN. The information of the LLDP devices in the LAN can be stored by its neighbor in a standard MIB, so it is possible fo r the information to[...]

  • Page 191

    180 Parameter multiplier —— Configure the Hold Multiplier parameter . It ranges from 2 to 10. By default, it is 4. Command Mode Global Configuration Mode Example S pecify Hold Multiplier as 5: TL-SG2424P(config)# ll d p hold-multiplier 5 lldp timer Description The lldp timer command is used to confi gure the parameters about transmission. T o r[...]

  • Page 192

    181 be sent out (the number of LLDPDUs equals this para meter). The value ranges from 1 to 10 and the default value is 3. Command Mode Global Configuration Mode Example S pecify the T ransmit Interval of LLD PDU as 45 seconds and Trap message to NMS as 120 seconds: TL-SG2424P(config)# lld p timer tx-interval 45 TL-SG2424P(config)# lld p timer notif[...]

  • Page 193

    182 Synt ax lld p receive no lld p receive Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Enable port 1 to receive LLDPDU: TL-SG2424P(config)# interface gigabitEthernet 1/0/1 TL-SG2424P(config-if)# lldp receive lldp transmit Description The lld p transmit command is used to enabl e t[...]

  • Page 194

    183 Synt ax lld p snmp-trap no lld p snmp-trap Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Enable the SNMP notif ication for port 1: TL-SG2424P(config)# interface gigabitEthernet 1/0/1 TL-SG2424P(config-if)# lldp snmp-trap lldp tlv-select Description The lld p tlv-select command i[...]

  • Page 195

    184 lldp med-location Description The lldp med-location command is used to configure the Locat ion Identification TL V's content in outgoing LLDPDU of the port. Synt ax lld p med-location { emergency-number identifier | civic-address { [ language language ] [ province-state province-st ate ] [ county county ] [city city ] [ street street ] [ h[...]

  • Page 196

    185 S tatus will be changed to Tx&Rx. T o disable the LLDP-MED feature for the corresponding port, please use no lldp med-st atu s command. Synt ax lld p med-status no lld p med-st atus Command Mode Interface Configuration Mode (interfa ce gigabitEthernet / interface range gigabitEthernet) Example Enable the LLDP-MED feature for port 2: TL-SG24[...]

  • Page 197

    186 show lldp Description The show lldp comman d is used to display t he global configuration of LLDP and LLDP-MED fast start repeat count number . Synt ax show lldp Command Mode Privileged EXEC Mode and Any Co nfiguration Mode Example Display the global configur ation of LLDP and LLDP-MED fast start repeat count number: TL-SG2424P# show lldp show [...]

  • Page 198

    187 show lldp local-information interface Description The show lld p local-information interface command is used to display the LLDP and LLDP-MED local information of the corresponding port. By default, the information of all the ports will be displayed. Synt ax show lldp local-information interface [ gigabitEthernet port ] Parameter port —— Th[...]

  • Page 199

    188 show lldp traffic interface Description The show lld p traffic interface command is used to display the LLDP statistic information between the local device and neighbo r device of the corresponding port. By default, the LLDP st atistic informat ion of all the ports will be displayed. Synt ax show lldp traffic interface [ gigabitEthernet port ] [...]