Page 1: Cli Reference Guide
CLI Reference Guide T1600G Series Switches REV2.0.0 1910011957...
Page 2 No part of the specifications may be reproduced in any form or by any means or used to make any derivative such as translation, transformation, or adaptation without permission from TP-Link Technologies CO., LTD CO., LTD. Copyright © 2016 Technologies CO., LTD CO., LTD. All rights reserved.
Page 3: Table Of Contents
CONTENTS Preface ..........................1 Chapter 1 Using the CLI ....................4 1.1 Accessing the CLI ............................. 4 1.1.1 Logon by Telnet ........................4 1.1.2 Logon by SSH .......................... 5 1.2 CLI Command Modes ..........................10 1.3 Privilege Restrictions ..........................13 1.4 Conventions ..............................
Page 4 mac-vlan ............................29 show mac-vlan ..........................29 show mac-vlan interface ......................30 Chapter 5 Protocol VLAN Commands ............... 31 protocol-vlan template ....................... 31 protocol-vlan vlan ......................... 32 protocol-vlan group ........................33 show protocol-vlan template ....................33 show protocol-vlan vlan ......................34 Chapter 6 Voice VLAN Commands ................
Page 5 show user configuration ......................55 show telnet-status........................55 Chapter 9 HTTP and HTTPS Commands ..............57 ip http server ..........................57 ip http max-users .......................... 58 ip http session timeout ....................... 58 ip http secure-server ........................59 ip http secure-protocol....................... 60 ip http secure-ciphersuite ......................
Page 6 11.6 show ip arp inspection ........................ 81 11.7 show ip arp inspection interface ..................... 82 11.8 show ip arp inspection statistics ..................... 82 11.9 clear ip arp inspection statistics ....................83 Chapter 12 DoS Defend Commands ................84 12.1 ip dos-prevent ..........................84 12.2 ip dos-prevent type........................
Page 7 15.5 dot1x guest-vlan(global) ......................104 15.6 dot1x quiet-period........................105 15.7 dot1x timeout ..........................105 15.8 dot1x max-reauth-req ......................106 15.9 dot1x .............................. 107 15.10 dot1x guest-vlan(interface) ....................107 15.11 dot1x port-control ........................108 15.12 dot1x port-method ........................109 15.13 show dot1x global ........................110 15.14 show dot1x interface ........................
Page 8 17.9 ip address ............................. 132 17.10 ip address-alloc .......................... 133 17.11 reset ............................... 134 17.12 reboot ............................134 17.13 reboot-schedule ........................135 17.14 copy running-config startup-config ..................136 17.15 copy startup-config tftp ......................136 17.16 copy tftp startup-config ......................137 17.17 boot application .........................
Page 9 19.4 shutdown ............................156 19.5 flow-control ..........................156 19.6 duplex ............................157 19.7 jumbo ............................. 158 19.8 speed ............................. 158 19.9 storm-control pps ........................159 19.10 storm-control ..........................160 19.11 bandwidth ............................. 161 19.12 clear counters ..........................161 19.13 show interface status ....................... 162 19.14 show interface counters ......................
Page 10 23.3 loopback-detection recovery-time ..................181 23.4 loopback-detection(interface) ....................182 23.5 loopback-detection config ..................... 182 23.6 loopback-detection recover ....................183 23.7 show loopback-detection global..................184 23.8 show loopback-detection interface ..................184 Chapter 24 ACL Commands ..................186 24.1 access-list create ........................186 24.2 mac access-list ..........................
Page 11 25.15 show power inline information interface ................206 25.16 show power profile ........................207 25.17 show power holiday ........................207 25.18 show power time-range ......................207 Chapter 26 MSTP Commands ..................209 26.1 debug spanning-tree ........................ 209 26.2 spanning-tree(global) ....................... 210 26.3 spanning-tree(interface) ......................
Page 12 27.5 ip igmp snooping report-suppression ................231 27.6 ip igmp snooping immediate-leave ..................232 27.7 ip igmp snooping drop-unknown ..................232 27.8 ip igmp snooping last-listener query-inteval ..............233 27.9 ip igmp snooping last-listener query-count ..............234 27.10 ip igmp snooping vlan-config ....................234 27.11 ip igmp snooping vlan-config (router-ports-forbidden) ..........
Page 13 28.10 ipv6 mld snooping vlan-config ....................258 28.11 ipv6 mld snooping vlan-config (router-ports-forbidden) ..........259 28.12 ipv6 mld snooping multi-vlan-config .................. 260 28.13 ipv6 mld snooping multi-vlan-config (router-ports-forbidden) ......... 261 28.14 ipv6 mld snooping multi-vlan-config (source-ip-replace) ........... 262 28.15 ipv6 mld snooping querier vlan ..................... 263 28.16 ipv6 mld snooping querier vlan (general query) ..............
Page 14 29.17 show snmp-server view ......................291 29.18 show snmp-server group ......................291 29.19 show snmp-server user ......................292 29.20 show snmp-server community ..................... 292 29.21 show snmp-server host ......................292 29.22 show snmp-server engineID ....................293 29.23 show rmon history ........................293 29.24 show rmon event ........................
Page 15 32.3 switchport ............................ 313 32.4 interface range port-channel ....................314 32.5 description ........................... 314 32.6 shutdown ............................315 32.7 interface port-channel ......................316 32.8 ip route ............................316 32.9 ipv6 routing ..........................317 32.10 ipv6 route ............................318 32.11 show interface vlan ........................318 32.12 show ip interface ........................
Page 16 34.17 line ssh ............................339 34.18 login authentication(ssh) ......................339 34.19 enable authentication(telnet) ....................340 34.20 enable authentication(ssh) ..................... 341 34.21 ip http login authentication ..................... 342 34.22 ip http enable authentication ....................342 34.23 show aaa global .......................... 343 Chapter 35 DHCP Relay Commands ................
Page 17: Preface
Guide stands T1600-28TS/T1600G-52TS/T1600G-28PS/T1600G-52PS JetStream Gigabit Smart Switch without any explanation. The commands in this guilde apply to these models if not specially noted, and T1600G-52TS is taken as an example model in the example commands. Overview of this Guide...
Page 18 Chapter 12: DoS Defend Command Provide information about the commands used for DoS defend and detecting the DoS attack. Chapter 13: System Log Commands Provide information about the commands used for configuring system log. Chapter 14: SSH Commands Provide information about the commands used for configuring and managing SSH (Security Shell).
Page 19 Provide information about the commands used for configuring the MSTP (Multiple Spanning Tree Protocol). Chapter 27: IGMP Snooping Commands Provide information about the commands used for configuring the IGMP Snooping (Internet Group Management Protocol Snooping). Chapter 28: MLD Snooping Commands Provide information about the commands used for configuring the MLD Snooping (Multicast Listener Discovery Snooping).
Page 20: Chapter 1 Using The Cli
Using the CLI Chapter 1 1.1 Accessing the CLI You can log on to the switch and access the CLI by logging on to the switch remotely by a Telnet or SSH connection through an Ethernet port. 1.1.1 Logon by Telnet To log on to the switch by a Telnet connection, please take the following steps: Click Start and type in cmd in the Search programs and files window and press the Enter button.
Page 21: Logon By Ssh
Type in the User name and Password (the factory default value for both of them are admin) and press the Enter button to enter User EXEC Mode , which is shown as Figure 1-2. Figure 1-2 Log in the Switch Type in enable command to enter Privileged EXEC Mode.
Page 22 Figure 1-4 Enable SSH function Password Authentication Mode  Open the software to log on to the interface of PuTTY. Enter the IP address of the switch into Host Name field; keep the default value 22 in the Port field; select SSH as the Connection type.
Page 23 Click the Open button in the above figure to log on to the switch. Enter the login user name and password to log on the switch, and then enter enable to enter Privileged EXEC Mode, so you can continue to configure the switch. Figure 1-6 Log on the Switch Key Authentication Mode ...
Page 24 After the key is successfully generated, please save the public key and private key to a TFTP server. Figure 1-8 Save the Generated Key Log on to the switch by Telnet and download the public key file from the TFTP server to the switch, as the following figure shows: Figure 1-9 Download the Public Key...
Page 25 Note: The key type should accord with the type of the key file. The SSH key downloading can not be interrupted. After the public key is downloaded, please log on to the interface of PuTTY and enter the IP address for login. Figure 1-10 SSH Connection Config...
Page 26: Cli Command Modes
Click Browse to download the private key file to SSH client software and click Open. Figure 1-11 Download the Private Key After successful authentication, please enter the login user name. If you log on to the switch without entering password, it indicates that the key has been successfully downloaded.
Page 27 Interface Configuration Mode can also be divided into Interface Ethernet, Interface link-aggregation and some other modes, which is shown as the following diagram. Interface Configuration Mode Interface gigabitEthernet User EXEC Mode Interface link-aggregation Interface range gigabitEthernet Interface range link-aggregation Interface vlan ……...
Page 28 Logout or Access the next Mode Accessing Path Prompt mode Layer 2 Interface: Use the interface Use the end command or press gigabitEthernet T1600G-52TS (config-if)# Ctrl+Z to return to Privileged port, interface EXEC mode. Interface lagid port-channel Enter the exit or the # command Configuration interface range to return to Global Configuration...
Page 29: Privilege Restrictions
Global Configuration Mode: In this mode, global commands are provided, such as the  Spanning Tree, Schedule Mode and so on. Interface Configuration Mode: In this mode, users can configure one or several ports,  different ports corresponds to different commands a).
Page 30: Conventions
1.4 Conventions 1.4.1 Format Conventions The following conventions are used in this Guide: Items in square brackets [ ] are optional  Items in braces { } are required  Alternative items are grouped in braces and separated by vertical bars. For example: ...
Page 31: Chapter 2 User Interface
User Interface Chapter 2 2.1 enable Description The enable command is used to access Privileged EXEC Mode from User EXEC Mode. Syntax enable Command Mode User EXEC Mode Privilege Requirement None. Example If you have set the password to access Privileged EXEC Mode from User EXEC Mode: T1600G-52TS>enable Enter password：...
Page 32: Enable Password
Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have access to these commands. Example Enable the global encryption function: T1600G-52TS(config)# service password-encryption 2.3 enable password Description The enable password command is used to set or change the password for users to access Privileged EXEC Mode from User EXEC Mode.
Page 33: Enable Secret
Privilege Requirement Only Admin level users have access to these commands. User Guidelines If the password you configured here is unencrypted and the global encryption function is enabled in service password-encryption, the password in the configuration file will be displayed in the symmetric encrypted form.
Page 34: Configure
encrypted password is configured, you should use the corresponding unencrypted password if you re-enter this mode. Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have access to these commands. User Guidelines If both the enable password and enable secret are defined, you must enter the password set in enable secret.
Page 35: Exit
2.6 exit Description The exit command is used to return to the previous Mode from the current Mode. Syntax exit Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Return to Global Configuration Mode from Interface Configuration Mode, and then return to Privileged EXEC Mode: T1600G-52TS(config-if)# exit T1600G-52TS(config)#exit...
Page 36: History
2.8 history Description The history command is used to show the latest 20 commands you entered in the current mode since the switch is powered. Syntax history Command Mode Privileged EXEC Mode and any Configuration Mode Privilege Requirement None. Example Show the commands you have entered in the current mode: T1600G-52TS (config)# history 1 history...
Page 37 Example Clear the commands you have entered in the current mode: T1600G-52TS(config)#history clear...
Page 38: Chapter 3 Ieee 802.1Q Vlan Commands
IEEE 802.1Q VLAN Commands Chapter 3 VLAN (Virtual Local Area Network) technology is developed for the switch to divide the LAN into multiple logical LANs flexibly. Hosts in the same VLAN can communicate with each other, regardless of their physical locations. VLAN can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains.
Page 39: Interface Vlan
3.2 interface vlan Description The interface vlan command is used to create VLAN Interface and enter Interface VLAN Mode. To delete VLAN Interface, please use no interface vlan command. Syntax vlan-id interface vlan vlan-id no interface vlan Parameter vlan-id —— Specify IEEE 802.1Q VLAN ID, ranging from 1 to 4094. Command Mode Global Configuration Mode Privilege Requirement...
Page 40: Switchport General Allowed Vlan
Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Specify the name of VLAN 2 as “group1”: T1600G-52TS(config)# vlan 2 T1600G-52TS(config-vlan)# name group1 3.4 switchport general allowed vlan Description The switchport general allowed vlan command is used to add the desired General port to IEEE 802.1Q VLAN and specify the port’s type.
Page 41: Switchport Pvid
3.5 switchport pvid Description The switchport pvid command is used to configure the PVID for the switch ports. Syntax vlan-id switchport pvid Parameter vlan-id —— VLAN ID, ranging from 1 to 4094. Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet / interface port-channel / interface range port-channel) Privilege Requirement Only Admin, Operator and Power User level users have access to these...
Page 42: Show Vlan Brief
Example Display the summarized information of IEEE 802.1Q VLAN: T1600G-52TS(config)# show vlan summary 3.7 show vlan brief Description The show vlan brief command is used to display the brief information of IEEE 802.1Q VLAN. Syntax show vlan brief Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None.
Page 43: Show Interface Switchport
Privilege Requirement None. Example Display the information of vlan 5: T1600G-52TS(config)# show vlan id 5 3.9 show interface switchport Description The show interface switchport command is used to display the IEEE 802.1Q VLAN configuration information of the specified port/LAG. Syntax port lagid show interface switchport [ gigabitEthernet...
Page 44: Chapter 4 Mac-Based Vlan Commands
MAC-based VLAN Commands Chapter 4 MAC VLAN (Virtual Local Area Network) is the way to classify the VLANs based on MAC Address. A MAC address is relative to a single VLAN ID. The untagged packets and the priority-tagged packets coming from the MAC address will be tagged with this VLAN ID. 4.1 mac-vlan mac-address Description The mac-vlan mac-address command is used to create a MAC-based VLAN...
Page 45: Mac-Vlan
4.2 mac-vlan Description The mac-vlan command is used to enable a port for the MAC-based VLAN feature. Only the port is enabled can the configured MAC-based VLAN take effect. To disable the MAC-based VLAN function, please use no mac-vlan command. All the ports are disabled by default. Syntax mac-vlan no mac-vlan...
Page 46: Show Mac-Vlan Interface
Privilege Requirement None. Parameter mac-addr —— MAC address, in the format of XX:XX:XX:XX:XX:XX. vlan-id —— Specify IEEE 802.1Q VLAN ID, ranging from 1 to 4094. Example Display the information of all the MAC-based VLAN entry: T1600G-52TS(config)#show mac-vlan all 4.4 show mac-vlan interface Description The show mac-vlan interface command is used to display the port state of MAC-based VLAN.
Page 47: Chapter 5 Protocol Vlan Commands
Protocol VLAN Commands Chapter 5 Protocol-based VLAN (Virtual Local Area Network) is the way to classify VLANs based on Protocols. A Protocol corresponds to a VLAN ID. The untagged packets and the priority-tagged packets matching the protocol template will be tagged with this VLAN ID. 5.1 protocol-vlan template Description The protocol-vlan template command is used to create Protocol-based...
Page 48: Protocol-Vlan Vlan
Example Create a Protocol-based VLAN template named “TP” whose Ethernet protocol type is 0x2024: T1600G-52TS(config)#protocol-vlan template name TP frame ether_2 ether-type 2024 5.2 protocol-vlan vlan Description The protocol-vlan vlan command is used to create a Protocol-based VLAN. To delete a Protocol-based VLAN, please use no protocol-vlan command. Syntax vlan-id template-idx...
Page 49: Protocol-Vlan Group
5.3 protocol-vlan group Description The protocol-vlan command is used to add the port to a specified protocol group. To remove the port from this protocol group, please use no protocol-vlan group command. Syntax index protocol-vlan group index no protocol-vlan group Parameter index ——...
Page 50: Show Protocol-Vlan Vlan
Privilege Requirement None. Example Display the information of the Protocol-based VLAN templates: T1600G-52TS(config)# show protocol-vlan template 5.5 show protocol-vlan vlan Description The show protocol-vlan vlan command is used to display the information about Protocol-based VLAN entry. Syntax show protocol-vlan vlan Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement...
Page 51: Chapter 6 Voice Vlan Commands
Voice VLAN Commands Chapter 6 Voice VLANs are configured specially for voice data stream. By configuring Voice VLANs and adding the ports with voice devices attached to voice VLANs, you can perform QoS-related configuration for voice data, ensuring the transmission priority of voice data stream and voice quality.
Page 52: Voice Vlan Priority
Syntax time voice vlan aging no voice vlan aging Parameter time —— Aging time (in minutes) to be set for the Voice VLAN. It ranges from 1 to 43200 minutes and the default value is 1440 minutes. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands.
Page 53: Voice Vlan Mac-Address
Example Configure the priority of the Voice VLAN as 5: T1600G-52TS(config)# voice vlan priority 5 6.4 voice vlan mac-address Description The voice vlan mac-address command is used to create Voice VLAN OUI. To delete the specified Voice VLAN OUI, please use no voice vlan mac-address command.
Page 54: Switchport Voice Vlan Mode
6.5 switchport voice vlan mode Description The switchport voice vlan mode command is used to configure the Voice VLAN mode for the Ethernet port. Syntax switchport voice vlan mode { manual | auto } Parameter manual | auto —— Port mode. Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet / interface port-channel / interface range port-channel)
Page 55: Show Voice Vlan
Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet / interface port-channel / interface range port-channel) Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable port 1/0/3 for the Voice VLAN security feature: T1600G-52TS(config)# interface gigabitEthernet 1/0/3 T1600G-52TS(config-if)# switchport voice vlan security 6.7 show voice vlan...
Page 56: Show Voice Vlan Switchport
Syntax show voice vlan oui Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Display the configuration information of Voice VLAN OUI: T1600G-52TS(config)# show voice vlan oui 6.9 show voice vlan switchport Description The show voice vlan switchport command is used to display the Voice VLAN...
Page 57 T1600G-52TS(config)# show voice vlan switchport gigabitEthernet 1/0/2...
Page 58: Chapter 7 Etherchannel Commands
Etherchannel Commands Chapter 7 Etherchannel Commands are used to configure LAG and LACP function. LAG (Link Aggregation Group) is to combine a number of ports together to make a single high-bandwidth data path, which can highly extend the bandwidth. The bandwidth of the LAG is the sum of bandwidth of its member port.
Page 59: Port-Channel Load-Balance
Example Add ports 2-4 to EtherChannel Group 1 and enable the static LAG: T1600G-52TS(config)# interface range gigabitEthernet 1/0/2-4 T1600G-52TS(config-if-range)# channel-group 1 mode on 7.2 port-channel load-balance Description The port-channel load-balance command is used to configure the Aggregate Arithmetic for LAG. To return to the default configurations, please use no port-channel load-balance command.
Page 60: Lacp System-Priority
Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure the Aggregate Arithmetic for LAG as “src-dst-ip”: T1600G-52TS(config)# port-channel load-balance src-dst-ip 7.3 lacp system-priority Description The lacp system-priority command is used to configure the LACP system priority globally.
Page 61: Lacp Port-Priority
7.4 lacp port-priority Description The lacp port-priority command is used to configure the LACP port priority for specified ports. To return to the default configurations, please use no lacp port-priority command. Syntax lacp port-priority no lacp port-priority Parameter —— The port priority, ranging from 0 to 65535. It is 32768 by default. Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet)
Page 62: Show Etherchannel Load-Balance
Syntax channel-group-num show etherchannel [ ] { detail | summary } Parameter channel-group-num —— The EtherChannel Group number, ranging from 1 to 6. By default, it is empty, and will display the information of all EtherChannel Groups. detail —— The detailed information of EtherChannel. summary ——...
Page 63: Show Lacp
7.7 show lacp Description The show lacp command is used to display the LACP information for a specified EtherChannel Group. Syntax channel-group-num show lacp [ ] { internal neighbor } Parameter channel-group-num —— The EtherChannel Group number, ranging from 1 to 6.
Page 64 Example Display the LACP system priority: T1600G-52TS(config)# show lacp sys-id...
Page 65: Chapter 8 User Management Commands
User Management Commands Chapter 8 User Manage Commands are used to manage the user’s logging information by Web, Telnet or SSH, so as to protect the settings of the switch from being randomly changed. 8.1 user name (password) Description The user name command is used to add a new user or modify the existed users’...
Page 66: User Name (Secret)
encrypted password is configured, you should use the corresponding unencrypted password if you re-enter this mode. Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have access to these commands. User Guidelines If the password you configured here is unencrypted and the global encryption function is enabled in service password-encryption, the...
Page 67: User Access-Control Ip-Based
the the settings of different functions. “user” means that you can only view some of the the settings of different functions without the right to edit or modify. It is “admin” by default. 0 —— Specify the encryption type. 0 indicates that an unencrypted password will follow.
Page 68: User Access-Control Mac-Based
Syntax ip-addr ip-mask user access-control ip-based { } [ snmp ] [ telnet ] [ ssh ] [ http ] [ https ] [ ping ] [ all ] no user access-control [ ip-based index Parameter ip-addr —— The source IP address. Only the users within the IP-range you set here are allowed to access the switch.
Page 69: User Access-Control Port-Based
Parameter mac-addr —— The source MAC address. Only the user with this MAC address is allowed to access the switch. [ snmp ] [ telnet ] [ ssh ] [ http ] [ https ] [ ping ] [ all ] —— Specify the access interface.
Page 70: Telnet
Privilege Requirement Only Admin and Operator level users have access to these commands. Example Configure that only the users connected to ports 2-6 are allowed to access the switch: T1600G-52TS(config)# user access-control port-based interface gigabitEthernet 1/0/2-6 8.6 telnet Description The telnet enable command is used to enable the Telnet function. To disable the Telnet function, please use the telnet disable command.
Page 71: Show User Configuration
Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin level users have access to these commands. Example Display the information of the current users: T1600G-52TS(config)# show user account-list 8.8 show user configuration Description The show user configuration command is used to display the security configuration information of the user authentication information and the access interface.
Page 72 Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display whether the Telnet function is enabled: T1600G-52TS(config)# show telnet-status...
Page 73: Chapter 9 Http And Https Commands
HTTP and HTTPS Commands Chapter 9 With the help of HTTP (HyperText Transfer Protocol) or HTTPS (Hyper Text Transfer Protocol over Secure Socket Layer), you can manage the switch through a standard browser. HTTP is the protocol to exchange or transfer hypertext. SSL (Secure Sockets Layer), a security protocol, is to provide a secure connection for the application layer protocol (e.g.
Page 74: Ip Http Max-Users
9.2 ip http max-users Description The ip http max-users command is used to configure the maximum number of users that are allowed to connect to the HTTP server. To cancel this limitation, please use no ip http max-users command. Syntax admin-num guest-num ip http max-users no ip http max-users...
Page 75: Ip Http Secure-Server
no ip http session timeout Parameter minutes ——The timeout time, ranging from 5 to 30 in minutes. By default, the value is 10. Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these commands. Example Configure the timeout time of the HTTP server connection as 15 minutes: T1600G-52TS(config)# ip http session timeout 15...
Page 76: Ip Http Secure-Protocol
9.5 ip http secure-protocol Description The ip http secure-protocol command is used to configure the SSL protocol version. To restore to the default SSL version, please use no ip http secure-protocol command. By default, the switch supports SSLv3 and TLSv1. Syntax ip http secure-protocol { [ ssl3 ] [ tls1 ] } no ip http secure-protocol...
Page 77: Ip Http Secure-Max-Users
no ip http secure-ciphersuite Parameter [ 3des-ede-cbc-sha ] [ rc4-128-md5 ] [ rc4-128-sha ] [ des-cbc-sha ] —— Specify the encryption algorithm and the digest algorithm to use on an SSL connection. By default, the switch supports all these ciphersuites. Command Mode Global Configuration Mode Privilege Requirement...
Page 78: Ip Http Secure-Session Timeout
Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure the maximum number of the Admin and Guest users logging on to the HTTPS server as 5 and 3: T1600G-52TS(config)# ip http secure-max-users 5 3 9.8 ip http secure-session timeout Description...
Page 79: Ip Http Secure-Server Download Certificate
9.9 ip http secure-server download certificate Description The ip http secure-server download certificate command is used to download a certificate to the switch from TFTP server. Syntax ssl-cert ip-addr ip http secure-server download certificate ip-address Parameter ssl-cert —— The name of the SSL certificate which is selected to download to the switch.
Page 80: Ip Http Secure-Server Download Key
9.10 ip http secure-server download key Description The ip http secure-server download key command is used to download an SSL key to the switch from TFTP server. Syntax ssl-key ip-addr ip http secure-server download key ip-address Parameter ssl-key —— The name of the SSL key which is selected to download to the switch.
Page 81: Show Ip Http Configuration
9.11 show ip http configuration Description The show ip http configuration command is used to display the configuration information of the HTTP server, including status, session timeout, access-control, max-user number and the idle-timeout, etc. Syntax show ip http configuration Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None.
Page 82: Chapter 10 Binding Table Commands
Chapter 10 Binding Table Commands You can bind the IP address, MAC address, VLAN and the connected Port number of the Host together, which can be the condition for the ARP Inspection to filter the packets. 10.1 ip source binding Description The ip source binding command is used to bind the IP address, MAC address, VLAN ID and the Port number together manually.
Page 83: Ip Dhcp Snooping
Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Bind an ACL entry with the IP 192.168.0.1, MAC 00:00:00:00:00:01, VLAN ID 2 and the Port number 5 manually. And then enable the entry for the ARP detection: T1600G-52TS(config)#ip source...
Page 84: Ip Dhcp Snooping Vlan
Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the DHCP Snooping function globally: T1600G-52TS(config)#ip dhcp snooping 10.3 ip dhcp snooping vlan Description The ip dhcp snooping vlan command is used to enable DHCP Snooping function on a specified VLAN.
Page 85: Ip Dhcp Snooping Information Option
10.4 ip dhcp snooping information option Description The ip dhcp snooping information option command is used to enable the Option 82 function of DHCP Snooping. To disable the Option 82 function, please use no ip dhcp snooping information option command. Syntax ip dhcp snooping information option no ip dhcp snooping information option...
Page 86: Ip Dhcp Snooping Information Remote-Id
Parameter strategy —— The operations for Option 82 field of the DHCP request packets from the Host, including three types: keep: Indicates to keep the Option 82 field of the packets. It is the default option; replace: Indicates to replace the Option 82 field of the packets with the switch defined one;...
Page 87: Ip Dhcp Snooping Information Circuit-Id
Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet / interface port-channel / interface range port-channel) Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure the customized sub-option Remote ID for the Option 82 as tplink on port 1/0/1: T1600G-52TS(config)#interface gigabitEthernet 1/0/1 T1600G-52TS(config-if)#ip dhcp snooping information remote-id tplink...
Page 88: Ip Dhcp Snooping Trust
Example Enable and configure the customized sub-option Circuit ID for the Option 82 as “tplink” on port 1/0/1: T1600G-52TS(config)#interface gigabitEthernet 1/0/1 T1600G-52TS(config-if)#ip dhcp snooping information circuit-id tplink 10.8 ip dhcp snooping trust Description The ip dhcp snooping trust command is used to configure a port to be a Trusted Port.
Page 89: Ip Dhcp Snooping Limit Rate
containing the MAC address of the Host. The MAC Verify feature is to compare the two fields and discard the packet if the two fields are different. Syntax ip dhcp snooping mac-verify no ip dhcp snooping mac-verify Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet / interface port-channel / interface range port-channel) Privilege Requirement Only Admin, Operator and Power User level users have access to these...
Page 90: Ip Dhcp Snooping Decline Rate
Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Set the Flow Control of GigabitEthernet port 2 as 20 pps: T1600G-52TS(config)#interface gigabitEthernet 1/0/2 T1600G-52TS(config-if)#ip dhcp snooping limit rate 20 10.11 ip dhcp snooping decline rate Description The ip dhcp snooping decline rate command is used to enable the Decline Protect feature and configure the rate limit on DHCP Decine packets.
Page 91: Show Ip Source Binding
T1600G-52TS(config-if)#ip dhcp snooping decline rate 20 10.12 show ip source binding Description The show ip source binding command is used to display the IP-MAC-VID- PORT binding table. Syntax show ip source binding Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None.
Page 92: Show Ip Dhcp Snooping Interface
T1600G-52TS#show ip dhcp snooping 10.14 show ip dhcp snooping interface Description The show ip dhcp snooping interface command is used to display the DHCP Snooping configuration of a desired Gigabit Ethernet port/LAG or of all Ethernet ports/LAGs. Syntax port show ip dhcp snooping interface [ gigabitEthernet | port-channel lagid Parameters...
Page 93 Syntax port show ip dhcp snooping information interface [ gigabitEthernet port-channel-id port-channel Parameters port —— The Ethernet port number port-channel-id —— The ID of the port channel. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the DHCP snooping option 82 configuration of all Ethernet ports and port channels: T1600G-52TS#show ip dhcp snooping information interface...
Page 94: Chapter 11 Arp Inspection Commands
Chapter 11 ARP Inspection Commands ARP (Address Resolution Protocol) Detect function is to protect the switch from the ARP cheating, such as the Network Gateway Spoofing and Man-In-The-Middle Attack, etc. 11.1 ip arp inspection(global) Description The ip arp inspection command is used to enable the ARP Detection function globally.
Page 95: Ip Arp Inspection(Interface)
Syntax ip arp inspection trust no ip arp inspection trust Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet) Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure the Gigabit Ethernet ports 1/0/2-5 as the Trusted Port: T1600G-52TS(config)#interface range gigabitEthernet 1/0/2-5 T1600G-52TS(config-if-range)#ip arp inspection trust 11.3 ip arp inspection(interface)
Page 96: Ip Arp Inspection Limit-Rate
Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the arp defend function for the Gigabit Ethernet ports 1/0/2-6: T1600G-52TS(config)#interface range gigabitEthernet 1/0/2-6 T1600G-52TS(config-if-range)#ip arp inspection 11.4 ip arp inspection limit-rate Description The ip arp inspection limit-rate command is used to configure the ARP speed of a specified port.
Page 97: Ip Arp Inspection Recover
11.5 ip arp inspection recover Description The ip arp inspection recover command is used to restore a port to the ARP transmit status from the ARP filter status. Syntax ip arp inspection recover Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet) Privilege Requirement Only Admin, Operator and Power User level users have access to these...
Page 98: Show Ip Arp Inspection Interface
Example Display the ARP detection configuration globally: T1600G-52TS(config)#show ip arp inspection 11.7 show ip arp inspection interface Description The show ip arp inspection interface command is used to display the interface configuration of ARP detection. Syntax port show ip arp inspection interface [ gigabitEthernet Parameter port ——The Ethernet port number.
Page 99: Clear Ip Arp Inspection Statistics
Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the number of the illegal ARP packets received: T1600G-52TS(config)#show ip arp inspection statistics 11.9 clear ip arp inspection statistics Description The clear ip arp inspection statistics command is used to clear the statistic of the illegal ARP packets received.
Page 100: Chapter 12 Dos Defend Commands
Chapter 12 DoS Defend Commands DoS (Denial of Service) Attack is to occupy the network bandwidth maliciously by the network attackers or the evil programs sending a lot of service requests to the Host. With the DoS Defend enabled, the switch can analyze the specific field of the received packets and provide the defend measures to ensure the normal working of the local network.
Page 101 Syntax ip dos-prevent type { land | scan-synfin | xma-scan | null-scan | port-less-1024 | blat | ping-flood | syn-flood | win-nuke } no ip dos-prevent type { land | scan-synfin | xma-scan | null-scan | port-less-1024 | blat | ping-flood | syn-flood | win-nuke } Parameter land ——...
Page 102: Show Ip Dos-Prevent
12.3 show ip dos-prevent Description The show ip dos-prevent command is used to display the DoS information of the detected DoS attack, including enable/disable status, the DoS Defend Type, the count of the attack, etc. Syntax show ip dos-prevent Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None.
Page 103: Chapter 13 System Log Commands
Chapter 13 System Log Commands The log information will record the settings and operation of the switch respectively for you to monitor operation status and diagnose malfunction. 13.1 logging buffer Description The logging buffer command is used to store the system log messages to an internal buffer.
Page 104: Logging File Flash
Syntax level logging buffer level no logging buffer level Parameter level —— Severity level of the log information output to each channel. There are 8 severity levels marked with values 0-7. The smaller value has the higher priority. Only the log with the same or smaller severity level value will be output.
Page 105: Logging File Flash Frequency
Privilege Requirement Only Admin and Operator level users have access to these commands. Example Enable the log file flash function: T1600G-52TS(config)#logging file flash 13.4 logging file flash frequency Description The logging file flash frequency command is used to specify the frequency to synchronize the system log file in the log buffer to the flash.
Page 106: Logging File Flash Level
13.5 logging file flash level Description The logging file flash level command is used to specify the system log message severity level. Messages with a severity level equal to or higher than this value will be stored to the flash. To restore to the default level, please use no logging file flash level command.
Page 107: Logging Monitor
Syntax idx host-ip level logging host index no logging host index Parameter —— The index of the log host. The switch supports 4 log hosts at most. host-ip —— The IP for the log host. level —— The severity level of the log information sent to each log host. There are 8 severity levels marked with values 0-7.
Page 108: Logging Monitor Level
Privilege Requirement Only Admin and Operator level users have access to these commands. Example Disable logging to the terminal devices: T1600G-52TS(config)# no logging monitor 13.8 logging monitor level Description The logging monitor level command is used to limit messages logged to the terminal devices.
Page 109: Clear Logging
13.9 clear logging Description The clear logging command is used to clear the information in the log buffer and log file. Syntax clear logging [ buffer | flash ] Parameter buffer | flash —The output channels: buffer and flash. Clear the information of the two channels, by default.
Page 110: Show Logging Loghost
T1600G-52TS(config)# show logging local-config 13.11 show logging loghost Description The show logging loghost command is used to display the configuration of the log host. Syntax index show logging loghost [ Parameter index ——The index of the log host whose configuration will be displayed, ranging from 1 to 4.
Page 111: Show Logging Flash
Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the log information from level 0 to level 5 in the log buffer: T1600G-52TS(config)# show logging buffer level 5 13.13 show logging flash Description The show logging flash command is used to display the log information in the log file according to the severity level.
Page 112: Chapter 14 Ssh Commands
Chapter 14 SSH Commands SSH (Security Shell) can provide the unsecured remote management with security and powerful authentication to ensure the security of the management information. 14.1 ip ssh server Description The ip ssh server command is used to enable SSH function. To disable the SSH function, please use no ip ssh server command.
Page 113: Ip Ssh Algorithm
Parameter v1 | v2 —— The SSH protocol version to be enabled. They represent SSH v1 and SSH v2 respectively. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable SSH v2: T1600G-52TS(config)# ip ssh version v2...
Page 114: Ip Ssh Timeout
14.4 ip ssh timeout Description The ip ssh timeout command is used to specify the idle-timeout time of SSH. To restore to the factory defaults, please use no ip ssh timeout command. Syntax value ip ssh timeout no ip ssh timeout Parameter value ——...
Page 115: Ip Ssh Download
Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Specify the maximum number of the connections to the SSH server as 3: T1600G-52TS(config)# ip ssh max-client 3 14.6 ip ssh download Description The ip ssh download command is used to download the SSH key file from TFTP server.
Page 116: Remove Public-Key
Download an SSH-1 type key file named ssh-key from TFTP server with the IP address fe80::1234: T1600G-52TS(config)# ip ssh download v1 ssh-key ip-address fe80::1234 14.7 remove public-key Description The remove public-key command is used to remove the SSH public key from the switch.
Page 117: Chapter 15 Ieee 802.1X Commands
 status of the supplicant. It is usually an 802.1X-supported network device, such as this TP-Link switch. It acts as an intermediary (proxy) between the supplicant and the authentication server, requesting identity information from the supplicant, verifying that information with the authentication server, and relaying a response to the supplicant.
Page 118: Dot1X Handshake
The dot1x handshake command is used to enable the handshake feature. The handshake feature is used to detect the connection status between the TP-Link 802.1x supplicant and the switch. Please disable the handshake feature if you are using a non-TP-Link 802.1x-compliant client software. This feature is enabled by default. Syntax...
Page 119: Dot1X Accounting
Parameter pap | eap ——Authentication Methods. pap: EAP termination mode. IEEE 802.1X authentication system uses extensible authentication protocol (EAP) to exchange information between the switch and the client. The EAP packets are terminated at the switch and repackaged in the Password Authentication Protocol (PAP) packets, and then transferred to the RADIUS server.
Page 120: Dot1X Guest-Vlan(Global)
Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the enable the IEEE 802.1X accounting function globally: T1600G-52TS(config)#dot1x accounting 15.5 dot1x guest-vlan(global) Description The dot1x guest-vlan command is used to enable the Guest VLAN function globally.
Page 121: Dot1X Quiet-Period
15.6 dot1x quiet-period Description The dot1x quiet-period command is used to enable the quiet-period function. To disable the function, please use no dot1x quiet-period command. Syntax time dot1x quiet-period [ no dot1x quiet-period Parameter time —— The length of the quiet-period time. If one user’s authentication fails, its subsequent IEEE 802.1x authentication requests will not be processed during the quiet-period time.
Page 122: Dot1X Max-Reauth-Req
Parameter time supplicant-timeout ——The maximum time for the switch to wait for the response from supplicant before resending a request to the supplicant., ranging from 1 to 9 in second. By default, it is 3 seconds. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands.
Page 123: Dot1X
Example Configure the maximum transfer times of the repeated authentication request as 5: T1600G-52TS(config)#dot1x max-reauth-req 5 15.9 dot1x Description The dot1x command is used to enable the IEEE 802.1X function for a specified port. To disable the IEEE 802.1X function for a specified port, please use no dot1x command.
Page 124: Dot1X Port-Control
Syntax dot1x guest-vlan no dot1x guest-vlan Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet) Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the Guest VLAN function for Gigabit Ethernet port 1/0/2: T1600G-52TS(config)#interface gigabitEthernet 1/0/2 T1600G-52TS(config-if)#dot1x guest-vlan 15.11...
Page 125: Dot1X Port-Method
unauthorized-force: In this mode, the port is forbidden working for its fixed unauthorized status. Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet) Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure the Control Mode for Gigabit Ethernet port 1/0/20 as “authorized-force”:...
Page 126: Show Dot1X Global
Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet) Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure the Control Type for Gigabit Ethernet port 1/0/20 as “port-based”: T1600G-52TS(config)#interface gigabitEthernet 1/0/20 T1600G-52TS(config-if)#dot1x port-method port-based 15.13 show dot1x global...
Page 127 Syntax port show dot1x interface [ gigabitEthernet Parameter —— port The Ethernet port number. If not specified, the information of all the ports will be displayed. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the configuration information of 802.1X for Gigabit Ethernet port 1/0/20: T1600G-52TS(config)#show dot1x interface gigabitEthernet 1/0/20 Display the configuration information of 802.1X for all Ethernet ports:...
Page 128: Chapter 16 Mac Address Commands
Chapter 16 MAC Address Commands MAC Address configuration can improve the network security by configuring the Port Security and maintaining the address information by managing the Address Table. 16.1 mac address-table static Description The mac address-table static command is used to add the static MAC address entry.
Page 129: Mac Address-Table Aging-Time
16.2 mac address-table aging-time Description The mac address-table aging-time command is used to configure aging time for the dynamic address. To return to the default configuration, please use no mac address-table aging-time command. Syntax aging-time mac address-table aging-time no mac address-table aging-time Parameter aging-time ——...
Page 130: Mac Address-Table Notification
mac-addr no mac address-table filtering {[ ] [ vid Parameter mac-addr —— The MAC address to be filtered. —— The corresponding VLAN ID of the MAC address. It ranges from 1 to 4094. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands.
Page 131: Mac Address-Table Notification (Interface)
Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the global MAC address notification and table full notification, specify the notification sending interval as 2 seconds: T1600G-52TS(config)# mac address-table notification global-status enable table-full-status enable interval 2 16.5 mac address-table notification (interface) Description...
Page 132: Mac Address-Table Max-Mac-Count
Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet) Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the learn-mode-change notification on port 1/0/2: T1600G-52TS(config)# mac address-table notification global-status enable T1600G-52TS(config)# interface gigabitEthernet 1/0/2 T1600G-52TS(config-if)# address-table...
Page 133 dynamic | static | permanent —— Learn mode for MAC addresses. There are three modes, including Dynamic mode, Static mode and Permanent mode. When Dynamic mode is selected, the learned MAC address will be deleted automatically after the aging time. When Static mode is selected, the learned MAC address will be out of the influence of the aging time and can only be deleted manually.
Page 134: Mac Address-Table Security
16.7 mac address-table security Description The mac address-table security command is used to configure security of the MAC address table in a specified VLAN. Syntax number mac address-table security vid max-learn { forward | drop | disable } Parameter —— Speicify the VLAN ID to configure its MAC address table. number ——...
Page 135: Show Mac Address-Table
16.8 show mac address-table Description The show mac address-table command is used to display the information of all address entries. Syntax show mac address-table [ dynamic | static | filtering ] Parameter dynamic | static | filtering —— The type of your desired entry. By default all the entries are displayed.
Page 136: Show Mac Address-Table Aging-Time
Example Clear the information of all static address entries: T1600G-52TS(config)# clear mac address-table static 16.10 show mac address-table aging-time Description The show mac address-table aging-time command is used to display the Aging Time of the MAC address. Syntax show mac address-table aging-time Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement...
Page 137: Show Mac Address-Table Interface
Privilege Requirement None. Example Display the security configuration of all ports: T1600G-52TS(config)# show mac address-table max-mac-count Display the security configuration of port 1/0/1: T1600G-52TS(config)# show mac address-table max-mac-count interface gigabitEthernet 1/0/1 16.12 show mac address-table interface Description The show mac address-table interface command is used to display the address configuration of the specified port/LAG.
Page 138: Show Mac Address-Table Address
Syntax vlan-id show mac address-table count [ vlan Parameter —— vlan- Specify the VLAN which the MAC entries belong to. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the total MAC entry information in different VLANs: T1600G-52TS(config)# show mac address-table count 16.14 show mac address-table address...
Page 139: Show Mac Address-Table Vlan
16.15 show mac address-table vlan Description The show mac address-table vlan command is used to display the MAC address configuration of the specified vlan. Syntax show mac address-table vlan Parameter —— The specified VLAN id. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None.
Page 140: Show Mac Address-Table Security
T1600G-52TS(config)# show mac address-table notification all 16.17 show mac address-table security Description The show mac address-table vlan command is used to display the MAC address security configuration of the specified vlan. Syntax show mac address-table security [ vid Parameter —— The specified VLAN id.
Page 141: Chapter 17 System Configuration Commands
Chapter 17 System Configuration Commands System Commands can be used to configure the System information and System IP, reboot and reset the switch, upgrade the switch system and other operations. 17.1 system-time manual Description The system-time manual command is used to configure the system time manually.
Page 142 The detailed information that each time-zone means are displayed as follow: UTC-12:00 —— TimeZone for International Date Line West. UTC-11:00 —— TimeZone for Coordinated Universal Time-11. UTC-10:00 —— TimeZone for Hawaii. UTC-09:00 —— TimeZone for Alaska. UTC-08:00 —— TimeZone for Pacific Time(US Canada). UTC-07:00 ——...
Page 143: System-Time Dst Predefined
backup-ntp-server —— The IP address for the Secondary NTP Server. fetching-rate —— Specify the rate fetching time from NTP server. Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these commands. Example Configure the system time mode as NTP, the time zone is UTC-12:00, the primary NTP server is 133.100.9.2 and the secondary NTP server is 139.78.100.163, the fetching-rate is 11 hours: T1600G-52TS(config)#...
Page 144: System-Time Dst Date
Privilege Requirement Only Admin and Operator level users have access to these commands. Example Configure the daylight saving time as USA standard: T1600G-52TS(config)#system-time dst predefined USA 17.4 system-time dst date Description The system-time dst date command is used to configure the one-off daylight saving time.
Page 145: System-Time Dst Recurring
Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these commands. Example Configure the daylight saving time from zero clock, Apr 1st to zero clock Oct 1st and the offset is 30 minutes in 2015: T1600G-52TS(config)# system-time dst date Apr 1 00:00 2015 Oct 1 00:00 2015 30 17.5 system-time dst recurring...
Page 146: Hostname
etime —— The end moment of the daylight saving time, HH:MM. offset —— The number of minutes to add during the daylight saving time. It is 60 minutes by default. Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these commands. Example Configure the daylight saving time from 2:00am, the first Sunday of May to 2:00am, the last Sunday of Oct and the offset is 45 minutes:...
Page 147: Location
To clear the system contact information, please use no contact-info command. Syntax contact_info contact-info [ no contact-info Parameter contact_info —— Contact Information. It consists of 32 characters at most. It is “www.tp-link.com” by default. Command Mode Global Configuration Mode...
Page 148: Ip Address
Privilege Requirement Only Admin and Operator level users have access to these commands. Example Configure the system contact information as www.tp-link.com: T1600G-52TS(config)# contact info www.tp-link.com 17.9 ip address Description This ip address command is used to configure the IP address and IP subnet mask for the specified interface manually.
Page 149: Ip Address-Alloc
17.10 ip address-alloc Description The IP address-alloc command is used to enable the DHCP Client function or the BOOTP Protocol. When this function is enabled, the specified interface will obtain IP from DHCP Server or BOOTP server. To disable the IP obtaining function on the specified interface, please use the no ip address command.
Page 150: Reset
17.11 reset Description The reset command is used to reset the switch’s software. After resetting, all configuration of the switch will restore to the factory defaults and your current settings will be lost. Syntax reset Command Mode Privileged EXEC Mode Privilege Requirement Only Admin level users have access to these commands.
Page 151: Reboot-Schedule
17.13 reboot-schedule Description This reboot-schedule command is used to configure the switch to reboot at a certain time point. To delete the reboot schedule settings, please use the reboot-schedule cancel command. Syntax time date reboot-schedule at ] [ save_before_reboot ] interval reboot-schedule in [ save_before_reboot ]...
Page 152: Copy Running-Config Startup-Config
17.14 copy running-config startup-config Description The copy running-config startup-config command is used to save the current settings. Syntax copy running-config startup-config Command Mode Privileged EXEC Mode Privilege Requirement Only Admin and Operator level users have access to these commands. Example Save current settings: T1600G-52TS# copy running-config startup-config 17.15...
Page 153: Copy Tftp Startup-Config
T1600G-52TS# copy startup-config tftp ip-address 192.168.0.148 filename config Backup the configuration files to TFTP server with the IP fe80::1234 and name this file config.cfg: T1600G-52TS# copy startup-config tftp ip-address fe80::1234 filename config 17.16 copy tftp startup-config Description The copy tftp startup-config command is used to download the configuration file to the switch from TFTP server.
Page 154: Boot Application
17.17 boot application Description The boot application command is used to configure the image file as startup image or backup image. Syntax boot application filename { image1 | image 2 } { startup | backup } no boot application Parameter image1 | image2 ——...
Page 155: Firmware Upgrade
Example Delete the backup image file: T1600G-52TS# remove backup-image 17.19 firmware upgrade Description The firmware upgrade command is used to upgrade the switch’s backup iamge file via the TFTP server. The uploaded firmware file will take place of the Backup Image, and user can chose whether to reboot the switch will the Backup Image.
Page 156: Ping
T1600G-52TS# firmware upgrade ip-address fe80::1234 filename firmware.bin It will only upgrade the backup image. Continue? (Y/N):y Operation OK! Reboot with the backup image? (Y/N): n 17.20 ping Description The ping command is used to test the connectivity between the switch and one node of the network.
Page 157: Tracert
T1600G-52TS# ping 192.168.0.131 –n 8 –l 512 To test the connectivity between the switch and the network device with the count count IP fe80::1234, please specify the (-l) as 512 bytes and (-i) as 1000 milliseconds. If there is not any response after 8 times’ Ping test, the connection between the switch and the network device is failed to establish: T1600G-52TS# ping fe80::1234 –n 8 –l 512 17.21...
Page 158: Show System-Info
Test the connectivity between the switch and the network device with the IP maxHops fe80::1234. If the destination device has not been found after 20 the connection between the switch and the destination device is failed to establish: T1600G-52TS# tracert fe80::1234 20 17.22 show system-info Description...
Page 159: Show Boot
Example Display the system image files’ information: T1600G-52TS# show image-info 17.24 show boot Description The show boot command is used to display the boot configuration of the system. Syntax show boot Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin level users have access to these commands.
Page 160: Show Startup-Config
Example Display the system current operating configuration: T1600G-52TS# show running-config 17.26 show startup-config Description The show startup-config command is used to display the current configuration saved in the switch. These configuration settings will not be lost the next time you reboot the switch. Syntax show startup-config Command Mode...
Page 161: Show System-Time Dst
T1600G-52TS# show system-time 17.28 show system-time dst Description The show system-time dst command is used to display the DST information of the switch. Syntax show system-time dst Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the DST information of the switch T1600G-52TS# show system-time dst 17.29...
Page 162: Show Cable-Diagnostics Interface Gigabitethernet
17.30 show cable-diagnostics interface gigabitEthernet Description The show cable-diagnostics interface gigabitEthernet command is used to display the cable diagnostics of the connected Ethernet Port., which facilitates you to check the connection status of the cable connected to the switch, locate and diagnose the trouble spot of the network. Syntax port show cable-diagnostics interface gigabitEthernet...
Page 163: Show Memory-Utilization
Example Display the CPU utilization information of the switch: T1600G-52TS# show cpu-utilization 17.32 show memory-utilization Description The show memory-utilization command is used to display the current system’s memory utilization in the last 5 seconds/1minute/5minutes. Syntax show memory-utilization Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None.
Page 164: Chapter 18 Ipv6 Address Configuration Commands
Chapter 18 IPv6 Address Configuration Commands The IPv6 address configuration commands are provided in the Interface Configuration Mode, which includes the routed port, the LAG and the VLAN interface. Enter the configuration mode of these Layer 3 interfaces and configure their IPv6 parameters. 18.1 ipv6 enable Description This command is used to enable the IPv6 function on the speicified Layer 3...
Page 165: Ipv6 Address Link-Local
link-local source or destination addresses to other links. The autuconfigured ipv6 link-local address is in EUI-64 format. To verify the uniqueness of the link-local address, the manually configured ipv6 link-local address will be deleted when the autoconfigured ipv6 link-local address takes effect. Syntax ipv6 address autoconfig Configuration Mode...
Page 166: Ipv6 Address Dhcp
Example Configure the link-local address as fe80::1234 on the VLAN interface 1: T1600G-52TS(config)# interface vlan 1 T1600G-52TS(config-if)# ipv6 address fe80::1234 link-local 18.4 ipv6 address dhcp Description The ipv6 address dhcp command is used to enable the DHCPv6 Client function. When this function is enabled, the Layer 3 interface will try to obtain IP from DHCPv6 server.
Page 167: Ipv6 Address Eui-64
no ipv6 address ra Configuration Mode Interface Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the automatic ipv6 address configuration function to obtain IPv6 address through the RA message on VLAN interface 1: T1600G-52TS(config)# interface vlan 1 T1600G-52TS(config-if)# ipv6 address ra 18.6 ipv6 address eui-64...
Page 168: Ipv6 Address
T1600G-52TS(config)# interface vlan 1 T1600G-52TS(config-if)# ipv6 address 3ffe::/64 eui-64 18.7 ipv6 address Description This command is used to manually configure a global IPv6 address on the interface. To remove a global IPv6 address from the interface, please use no ipv6 address command. Syntax ipv6-addr ipv6 address...
Page 169 Privilege Requirement None. Example Display the ipv6 information of the management interface: T1600G-52TS(config)# show ipv6 interface...
Page 170: Chapter 19 Ethernet Configuration Commands
Chapter 19 Ethernet Configuration Commands Ethernet Configuration Commands can be used to configure the Bandwidth Control, Negotiation Mode and Storm Control for Ethernet ports. 19.1 interface gigabitEthernet Description The interface gigabitEthernet command is used to enter the Interface gigabitEthernet Configuration Mode and configure the corresponding Gigabit Ethernet port.
Page 171: Description
Parameter port-list —— The list of Ethernet ports. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. User Guidelines Command in the Interface Range gigabitEthernet Mode is executed independently on all ports in the range. It does not affect the execution on the other ports at all if the command results in an error on one port.
Page 172: Shutdown
Example Add a description Port _5 to port 1/0/5: T1600G-52TS(config)# interface gigabitEthernet 1/0/5 T1600G-52TS(config-if)# description Port_5 19.4 shutdown Description The shutdown command is used to disable an Ethernet port. To enable this port again, please use no shutdown command. Syntax shutdown no shutdown Command Mode...
Page 173: Duplex
Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet / interface port-channel / interface range port-channel) Privilege Requirement Only Admin and Operator level users have access to these commands. Example Enable the flow-control function for port 1/0/3: T1600G-52TS(config)# interface gigabitEthernet 1/0/3 T1600G-52TS(config-if)# flow-control 19.6 duplex Description...
Page 174: Jumbo
19.7 jumbo Description The jumbo command is used to allow the jumbo frame to pass through this port. To disable this feature, please use no jumbo command. This feature is disabled by default. Syntax jumbo no jumbo Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet / interface port-channel / interface range port-channel) Privilege Requirement Only Admin, Operator and Power User level users have access to these...
Page 175: Storm-Control Pps
Privilege Requirement Only Admin and Operator level users have access to these commands. Example Configure the Speed Mode as 100Mbps for port 1/0/3: T1600G-52TS(config)# interface gigabitEthernet 1/0/3 T1600G-52TS(config-if)# speed 100 19.9 storm-control pps Description The storm-control pps command is used to configure the storm control mode as pps(packets per second) on an interface.
Page 176: Storm-Control
19.10 storm-control Description The storm-control command is used to enable the broadcast, multicast, or unicast strom control function and to set threshold levels on an interface. To disable the storm control function, please use no storm-control command. Syntax rate storm-control { broadcast | multicast | unicast } { kbps | ratio | pps } { no storm-control { broadcast | multicast | unicast } Parameter broadcast | multicast | unicast ——...
Page 177: Bandwidth
19.11 bandwidth Description The bandwidth command is used to configure the bandwidth limit for an Ethernet port. To disable the bandwidth limit, please use no bandwidth command. Syntax ingress-rate egress-rate bandwidth {[ ingress ] [ egress no bandwidth { all | ingress | egress } Parameter ingress-rate ——...
Page 178: Show Interface Status
Parameter —— port The Ethernet port number. —— lagid The ID of the LAG. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these commands. Example Clear the statistic information of all ports and LAGs: T1600G-52TS(config)# clear counters 19.13 show interface status...
Page 179: Show Interface Counters
19.14 show interface counters Description The show interface counters command is used to display the statistics information of all ports/LAGs. Syntax port lagid show interface counters [ gigabitEthernet ] [ port-channel Parameter —— port The Ethernet port number. —— lagid The ID of the LAG.
Page 180: Show Storm-Control
Privilege Requirement None. Example Display the configurations of all Ethernet ports and LAGs: T1600G-52TS(config)# show interface configuration Display the configurations of port 1/0/2: T1600G-52TS(config)# show interface configuration gigabitEthernet 1/0/2 19.16 show storm-control Description The show storm-control command is used to display the storm-control information of Ethernet ports.
Page 181 Syntax port-list show bandwidth interface [ gigabitEthernet ] [ port-channel lagid-list Parameter —— port-list The list of Ethernet ports. lagid-list —— The list of LAGs. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the bandwidth-limit information of port 1/0/4: T1600G-52TS(config)# show bandwidth interface gigabitEthernet 1/0/4...
Page 182: Chapter 20 Qos Commands
Chapter 20 QoS Commands QoS (Quality of Service) function is used to optimize the network performance. It provides you with network service experience of a better quality. 20.1 qos Description The qos command is used to configure CoS (Class of Service) based on port. To return to the default configuration, please use no qos command.
Page 183: Qos Dscp
20.2 qos dscp Description The qos dscp command is used to enable the mapping relation between DSCP Priority and CoS value. To disable the mapping relation, please use no qos dscp command. Syntax qos dscp no qos dscp Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these...
Page 184: Qos Queue Dscp-Map
Parameter tag/cos-id —— The 8 priority levels defined by IEEE 802.1P or the priority level the packets with tag are mapped to, which ranges from CoS 0 to CoS 7. tc-id —— The egress queue the packets with tag are mapped to. It ranges from 0 to 7, which represents TC0 toTC7 respectively.
Page 185: Qos Queue Mode
no qos queue dscp-map Parameter dscp-list —— List of DSCP value. One or several DSCP values can be typed using comma to separate. Use a hyphen to designate a range of values, for instance, 1,4-7,11 indicates choosing 1,4,5,6,7,11. The DSCP value ranges from 0 to 63.
Page 186: Qos Queue Weight
Parameter sp —— Strict-Priority Mode. In this mode, the queue with higher priority will occupy the whole bandwidth. Packets in the queue with lower priority are sent only when the queue with higher priority is empty. wrr —— Weight Round Robin Mode. In this mode, packets in all the queues are sent in order based on the weight value for each queue.
Page 187 queues and scheduling algorithms you set. On this switch, the priority levels are labeled as TC0, TC1, TC2, TC3, TC4, TC5,TC6 and TC7. Syntax tc-id weight-value qos queue weight { Parameter tc-id —— The ID of the TC queue, ranging from 0 to 7. weight-value ——...
Page 188: Show Qos Interface
20.7 show qos interface Description The show qos interface command is used to display the configuration of QoS based on port priority. Syntax port-list lagid-list show qos interface [ gigabitEthernet ] [ port-channel Parameter —— port-list The list of Ethernet ports. lagid-list ——...
Page 189: Show Qos Dscp-Map
T1600G-52TS# show qos cos-map 20.9 show qos dscp-map Description The show qos dscp-map command is used to display the configuration of DSCP Priority. Syntax show qos dscp-map Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the configuration of DSCP Priority: T1600G-52TS# show qos dscp-map 20.10...
Page 190: Show Qos Status
20.11 show qos status Description The show qos status command is used to display the status of IEEE 802.1P priority and DSCP priority. Syntax show qos status Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the status of IEEE 802.1P priority and DSCP priority: T1600G-52TS# show qos status...
Page 191: Chapter 21 Port Mirror Commands
Chapter 21 Port Mirror Commands Port Mirror refers to the process of forwarding copies of packets from one or multiple ports to a monitoring port. Usually, the monitoring port is connected to data diagnose device, which is used to analyze the monitored packets for monitoring and troubleshooting the network. 21.1 monitor session destination interface Description The monitor session destination interface command is used to configure...
Page 192: Monitor Session Source Interface
T1600G-52TS(config)# no monitor session 1 destination interface gigabitEthernet 1/0/2 Delete the monitor session 1: T1600G-52TS(config)# no monitor session 1 21.2 monitor session source interface Description The monitor session source interface command is used to configure the monitored port/ LAG. To delete the corresponding monitored port, please use no monitor session source interface command.
Page 193: Show Monitor Session
Monitored ports number is not limited, but it can’t be the monitoring port at the same time. Whether the monitoring port and monitored ports are in the same VLAN or not is not demanded strictly. The monitoring port cannot be link-aggregation member. Example Create monitor session 1, then configure port 4, 5, 7 as monitored port and enable ingress monitoring:...
Page 194: Chapter 22 Port Isolation Commands
Chapter 22 Port Isolation Commands Port Isolation provides a method of restricting traffic flow to improve the network security by forbidding the port to forward packets to the ports that are not on its forwarding port list. 22.1 port isolation Description The port isolation command is used to configure the forward port/LAG list of a port/LAG, so that this port/LAG can only communicate with the ports/LAGs...
Page 195: Show Port Isolation Interface
22.2 show port isolation interface Description The show port isolation interface command is used to display the forward port list of a port/LAG. Syntax port lagid show port isolation interface [ gigabitEthernet | port-channel Parameter port —— The number of Ethernet port you want to show its forward port list, in the format of 1/0/2.
Page 196: Chapter 23 Loopback Detection Commands
Chapter 23 Loopback Detection Commands With loopback detection feature enabled, the switch can detect loops using loopback detection packets. When a loop is detected, the switch will display an alert or further block the corresponding port according to the configuration. 23.1 loopback-detection(global) Description The loopback-detection command is used to enable the loopback detection...
Page 197: Loopback-Detection Recovery-Time
Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Specify the interval-time as 50 seconds: T1600G-52TS(config)# loopback-detection interval 50 23.3 loopback-detection recovery-time Description The loopback-detection recovery-time command is used to configure the time after which the blocked port would automatically recover to normal status.
Page 198: Loopback-Detection(Interface)
23.4 loopback-detection(interface) Description The loopback-detection command is used to enable the loopback detection function specified port. disable please loopback-detection command. Syntax loopback-detection no loopback-detection Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet) Privilege Requirement Only Admin, Operator and Power User level users have access to these commands.
Page 199: Loopback-Detection Recover
Manual: Block status can only be removed manually. Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet) Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure the loopback detection process-mode as port-based and recovery-mode as manual for port 2: T1600G-52TS(config)# interface gigabitEthernet 1/0/2 T1600G-52TS(config-if)#...
Page 200: Show Loopback-Detection Global
23.7 show loopback-detection global Description The show loopback-detection global command is used to display the global configuration of loopback detection function such as loopback detection global status, loopback detection interval and loopback detection recovery time. Syntax show loopback-detection global Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None.
Page 201 T1600G-52TS# show loopback-detection interface Display the configuration of loopback detection function and the status of port 5: T1600G-52TS# show loopback-detection interface gigabitEthernet 1/0/5...
Page 202: Chapter 24 Acl Commands
Chapter 24 ACL Commands 24.1 access-list create Description The access-list create command is used to create standard-IP ACL, extend-IP ACL and the IPv6 ACL. Syntax access-list-num access-list create Parameter access-list-num —— ACL ID, ranging from 500 to 2499. The ID range of Standard-IP ACL ranges is 500-1499, the Extend-IP ACL is 1500-2499 and the IPv6 ACL is 3500-4499.
Page 203: Access-List Standard
Parameter access-list-num —— ACL ID, ranging from 0 to 499. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Create a MAC ACL whose ID is 23: T1600G-52TS(config)# mac access-list 23 24.3 access-list standard Description The access-list standard command is used to add Standard-IP ACL rule.
Page 204: Access-List Extended
Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Create a Standard-IP ACL whose ID is 520, and add Rule 10 for it. In the rule, the source IP address is 192.168.0.100, the source IP address mask is 255.255.255.0, and the packets match this rule will be forwarded by the switch: T1600G-52TS(config)# access-list create 520...
Page 205: Access-List Ipv6
destination-ip-mask —— The destination IP address mask. It is required if you typed the destination IP address. s-port —— The source port number. d-port —— The destination port number. protocol —— Configure the value of the matching protocol. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these...
Page 206: Rule
rule-id —— The rule ID. deny —— The operation to discard packets. permit ——The operation to forward packets. It is the default value. dscp-value —— Specify the dscp value, ranging from 0 to 63. flow-label-value —— The IPv6 flow label, which ranges from 0-0xfffff. source-ip ——...
Page 207: Access-List Policy Name
Syntax rule-id source-mac source-mac-mask rule { deny | permit } [[ smac ] smask destination-mac destination-mac-mask [[ dmac ] dmask rule-id no rule Parameter rule-id —— The rule ID. deny —— The operation to discard packets. permit ——The operation to forward packets. It is the default value. source-mac ——...
Page 208: Access-List Policy Action
Syntax name access-list policy name name no access-list policy name Parameter name —— The Policy Name, ranging from 1 to 16 characters. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands.
Page 209: Access-List Bind Acl(Interface)
24.9 access-list bind acl(interface) Description The access-list bind acl command is used to bind an ACL to the specified port. To cancel the bind relation, please use no access-list bind acl command. Syntax acl-id access-list bind acl acl-id no access-list bind acl Parameter acl-id ——...
Page 210: Access-List Bind(Interface)
Command Mode Interface VLAN Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Bind ACL 100 to VLAN 2: T1600G-52TS(config)# interface vlan 2 T1600G-52TS(config-if)# access-list bind acl 100 24.11 access-list bind(interface) Description The access-list bind command is used to bind a policy to a specified port.
Page 211: Access-List Bind(Vlan)
24.12 access-list bind(vlan) Description The access-list bind command is used to bind a policy to a VLAN. To cancel the bind relation, please use no access-list bind command. Syntax policy-name access-list bind policy-name no access-list bind Parameter policy-name —— The name of the policy desired to bind. Command Mode Interface VLAN Mode Privilege Requirement...
Page 212: Show Access-List Policy
T1600G-52TS(config)# show access-list 20 24.14 show access-list policy Description The show access-list policy command is used to display the information of a specified policy. Syntax name show access-list policy Parameter name —— The Policy Name desired to show. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None.
Page 213: Chapter 25 Poe Commands
PoE Commands Chapter 25 Note: Only T1600G-28PS and T1600G-52PS support PoE function. PoE (Power over Ethernet) technology describes a system to transmit electrical power along with data to remote devices over standard twisted-pair cable in an Ethernet network. It is especially useful for supplying power to IP telephones, wireless LAN access points, cameras and so on.
Page 214: Power Time-Range
Syntax name power profile [ supply { enable | disable } [ priority { low | middle | high } power-limit [ consumption { | auto | class1 | class2 | class3 | class4 } ] ] ] name no power profile Parameter name ——...
Page 215: Absolute
included or excluded. To delete the corresponding PoE time-range configuration, please use no power time-range command. The PoE time-range determines the power supply time of the switch. You can specify a PoE time-range for each PoE port individually. Syntax name power time-range name no power time-range...
Page 216: Periodic
end-date —— The end date in Absolute Mode, in the format of MM/DD/YYYY-HH:MM. index —— Specify the index of the absolute time-range to delete. If not specified, all absolute time-ranges will be deleted. Command Mode Power Time-range Configuration Mode Example Create an absolute mode time-range for the PoE of the switch and specify the date extending from 08:00 on May 5th, 2012 to 22:00 on Oct.
Page 217: Power Holiday
day-of-the-week —— Specify the days included in a week, ranging from 1-7, in the format as 1,3-4. index —— Specify the index of the periodic time-range to delete. If not specified, all periodic time-ranges will be deleted. Command Mode Power Time-range Configuration Mode Example Configure the Time-range named “tRange2”...
Page 218: Holiday
Example Create a PoE holiday named “LaborDay”, and configure the start date as October 1st and the end date as October 3rd: T1600G-52PS(config)# power holiday LaborDay start-date 05/01 end-date 05/03 25.7 holiday Description The holiday command is used to configure holiday mode for the Time-range of the switch.
Page 219: Power Inline Priority
Parameter consumption —— The max power the port in the profile can supply. There are six options: “power-limit”, “auto”, ”class1”, “class2”, “class3” and “class4”. “power-limit” indicates you can manually enter a value. It ranges from 1 to 300. The value is in the unit of 0.1 watt. For instance, if you want to configure the max power as 5w, you should enter 50.
Page 220: Power Inline Supply
25.10 power inline supply Description The power inline supply command is used to configure the PoE status of the corresponding port. Syntax power inline supply { enable | disable } Parameter enable | disable —— The PoE status of the port. By default, the PoE status is “enable”.
Page 221: Power Inline Time-Range
Example Bind the PoE profile named “IP Camera” to port 2: T1600G-52PS(config)# interface gigabitEthernet 1/0/2 T1600G-52PS(config-if)# power inline profile “IP Camera” 25.12 power inline time-range Description The power inline time-range command is used to bind a PoE time-range to the corresponding port. To cancel the bind relation, please use no power inline time-range command.
Page 222: Show Power Inline Configuration Interface
Example Display the PoE information of the system: T1600G-52PS# show power inline 25.14 show power inline configuration interface Description The show power inline configuration interface command is used to display the PoE configuration of the certain port. Syntax port show power inline configuration interface [ gigabitEthernet Parameter port ——...
Page 223: Show Power Profile
25.16 show power profile Description The show power profile command is used to display the defined PoE profile. Syntax show power profile Command Mode Privileged EXEC Mode and Any Configuration Mode Example Display the defined PoE profile: T1600G-52PS# show power profile 25.17 show power holiday Description...
Page 224 Command Mode Privileged EXEC Mode and Any Configuration Mode Example Display the configuration of PoE time-range: T1600G-52PS# show power time-range...
Page 225: Chapter 26 Mstp Commands
Chapter 26 MSTP Commands MSTP (Multiple Spanning Tree Protocol), compatible with both STP and RSTP and subject to IEEE 802.1s, can disbranch a ring network. STP is to block redundant links and backup links as well as optimize paths. 26.1 debug spanning-tree Description The debug spanning-tree command is used to enable debuggning of spanning-tree activities.
Page 226: Spanning-Tree(Global)
Privilege Requirement Only Admin level users have access to these commands. Example Display all the spanning-tree debug messages: T1600G-52TS# debug spanning-tree all 26.2 spanning-tree(global) Description The spanning-tree command is used to enable STP function globally. To disable the STP function, please use no spanning-tree command. Syntax spanning-tree no spanning-tree...
Page 227: Spanning-Tree Common-Config
Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the STP function for port 1/0/2: T1600G-52TS(config)# interface gigabitEthernet 1/0/2 T1600G-52TS(config-if)# spanning-tree 26.4 spanning-tree common-config Description The spanning-tree common-config command is used to configure the parameters of the ports for comparison in the CIST and the common parameters of all instances.
Page 228: Spanning-Tree Mode
default, it is automatic. It ranges from o to 2000000. By default, it is 0 which is mean auto. portfast —— Enable/ Disable Edge Port. By default, it is disabled. The edge port can transit its state from blocking to forwarding rapidly without waiting for forward delay.
Page 229: Spanning-Tree Mst Configuration
Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure the spanning-tree mode as mstp: T1600G-52TS(config)# spanning-tree mode mstp 26.6 spanning-tree mst configuration Description The spanning-tree mst configuration command is used to access MST Configuration Mode from Global Configuration Mode, as to configure the VLAN-Instance mapping, region name and revision level.
Page 230: Name
please use no instance command. When an instance is disabled, the related mapping VLANs will be removed. Syntax instance-id vlan-id instance vlan instance-id vlan-id no instance [ vlan Parameters instance-id —— Instance ID, ranging from 1 to 8. vlan-id —— The VLAN ID selected to mapping with the corresponding instance.
Page 231: Revision
Parameters name —— The region name, used to identify MST region. It ranges from 1 to 32 characters. Command Mode MST Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure the region name of MST as “region1”: T1600G-52TS(config)# spanning-tree mst configuration T1600G-52TS(config-mst)# name region1 26.9 revision...
Page 232: Spanning-Tree Mst Instance
26.10 spanning-tree mst instance Description The spanning-tree mst instance command is used to configure the priority of MST instance. To return to the default value of MST instance priority, please use no spanning-tree mst instance command. Syntax instance-id spanning-tree mst instance priority instance-id no spanning-tree mst instance...
Page 233: Spanning-Tree Priority
instance-id no spanning-tree mst instance Parameter instance-id —— Instance ID, ranging from 1 to 8. —— Port Priority, which must be multiple of 16 ranging from 0 to 240. By default, it is 128. Port Priority is an important criterion on determining if the port will be chosen as the root port by the device connected to this port.
Page 234: Spanning-Tree Tc-Defend
Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure the bridge priority as 4096: T1600G-52TS(config)# spanning-tree priority 4096 26.13 spanning-tree tc-defend Description The spanning-tree tc-defend command is used to configure the TC Protect of Spanning Tree globally.
Page 235: Spanning-Tree Timer
26.14 spanning-tree timer Description The spanning-tree timer command is used to configure forward-time, hello-time and max-age of Spanning Tree. To return to the default configurations, please use no spanning-tree timer command. Syntax forward-time hello-time spanning-tree timer {[ forward-time ] [ hello-time max-age [ max-age no spanning-tree timer...
Page 236: Spanning-Tree Hold-Count
26.15 spanning-tree hold-count Description The spanning-tree hold-count command is used to configure the maximum number of BPDU packets transmitted per Hello Time interval. To return to the default configurations, please use no spanning-tree hold-count command. Syntax value spanning-tree hold-count no spanning-tree hold-count Parameter value ——...
Page 237: Spanning-Tree Bpdufilter
Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure the max-hops of STP as 30: T1600G-52TS(config)# spanning-tree max-hops 30 26.17 spanning-tree bpdufilter Description The spanning-tree bpdufilter command is used to enable the BPDU filter function for a port.
Page 238: Spanning-Tree Guard Loop
itself automatically as ERROR-PORT when it receives BPDU packets, and the port will disable the forwarding function for a while. To disable the BPDU protect function, please use no spanning-tree bpduguard command. Syntax spanning-tree bpduguard no spanning-tree bpduguard Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet / interface port-channel / interface range port-channel) Privilege Requirement...
Page 239: Spanning-Tree Guard Root
Example Enable the Loop Protect function for port 2: T1600G-52TS(config)# interface gigabitEthernet 1/0/2 T1600G-52TS(config-if)# spanning-tree guard loop 26.20 spanning-tree guard root Description The spanning-tree guard root command is used to enable the Root Protect function for a port. With the Root Protect function enabled, the root bridge will set itself automatically as ERROR-PORT when receiving BPDU packets with higher priority, in order to maintain the role of root ridge.
Page 240: Spanning-Tree Mcheck
removing MAC address entries, which may decrease the performance and stability of the network. With the Protect of Spanning Tree function enabled, you can configure the number of TC-BPDUs in a required time, so as to avoid the process of removing MAC addresses frequently. Syntax spanning-tree guard tc no spanning-tree guard tc...
Page 241: Show Spanning-Tree Active
26.23 show spanning-tree active Description The show spanning-tree active command is used to display the active information of spanning-tree. Syntax show spanning-tree active Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the active information of spanning-tree: T1600G-52TS(config)# show spanning-tree active 26.24 show spanning-tree bridge...
Page 242: Show Spanning-Tree Interface
26.25 show spanning-tree interface Description The show spanning-tree interface command is used to display the spanning-tree information of all ports or a specified port. Syntax port lagid show spanning-tree interface [ gigabitEthernet | port-channel [ edge | ext-cost | int-cost | mode | p2p | priority | role | state | status ] Parameter port ——...
Page 243: Show Spanning-Tree Mst
Parameter port —— The Ethernet port number. lagid —— The ID of the LAG. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the protect information of all ports: T1600G-52TS(config)# show spanning-tree interface-security Display the protect information of port 1: T1600G-52TS(config)# show spanning-tree interface-security gigabitEthernet 1/0/1 Display the interface security bpdufilter information:...
Page 244 Example Display the region information and mapping information of VLAN and MST Instance: T1600G-52TS(config)#show spanning-tree mst configuration Display the related information of MST Instance 1: T1600G-52TS(config)#show spanning-tree mst instance 1 Display all the ports information of MST Instance 1: T1600G-52TS(config)#show spanning-tree mst instance 1 interface...
Page 245: Chapter 27 Igmp Snooping Commands
Chapter 27 IGMP Snooping Commands IGMP Snooping (Internet Group Management Protocol Snooping) is a multicast control mechanism running on Layer 2 switch. It can effectively prevent multicast groups being broadcasted in the network. 27.1 ip igmp snooping(global) Description The ip igmp snooping command is used to configure IGMP Snooping globally.
Page 246: Ip Igmp Snooping Rtime
Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet / interface port-channel / interface range port-channel) Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable IGMP Snooping function of port 1/0/3: T1600G-52TS(config)# interface gigabitEthernet 1/0/3 T1600G-52TS(config-if)# ip igmp snooping 27.3 ip igmp snooping rtime...
Page 247: Ip Igmp Snooping Mtime
27.4 ip igmp snooping mtime Description The ip igmp snooping mtime command is used to specify member port aging time globally. The default aging time is 260 seconds. To restore the default timer, please use no ip igmp snooping mtime command. Syntax mtime ip igmp snooping mtime...
Page 248: Ip Igmp Snooping Immediate-Leave
Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the IGMP report suppression function: T1600G-52TS(config)# ip igmp snooping report-suppression 27.6 ip igmp snooping immediate-leave Description The ip igmp snooping immediate-leave command is used to configure the Fast Leave function for port.
Page 249: Ip Igmp Snooping Last-Listener Query-Inteval
Syntax ip igmp snooping drop-unknown no ip igmp snooping drop-unknown Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Specify the operation to process unknown multicast as discard: T1600G-52TS(config)# ip igmp snooping drop-unknown 27.8 ip igmp snooping last-listener query-inteval Description...
Page 250: Ip Igmp Snooping Last-Listener Query-Count
27.9 ip igmp snooping last-listener query-count Description The ip igmp snooping last-listener query-count command is used to specify the numbers of Specific Query Message to be sent. The default value is 2. To restore the default number, please use no ip igmp snooping last-listener query-count command.
Page 251 vlan-id-list router-time no ip igmp snooping vlan-config [ rtime | mtime member-time port-list | rport interface { gigabitEthernet | port-channel lagid vlan-id-list no ip igmp snooping vlan-config static interface port-list lagid { gigabitEthernet | port-channel Parameter vlan-id-list —— The ID list of the VLAN desired to modify configuration, ranging from 1 to 4094, in the format of 1-3, 5.
Page 252: Ip Igmp Snooping Vlan-Config (Router-Ports-Forbidden)
T1600G-52TS(config)# ip igmp snooping vlan-config 2 static 225.0.0.1 interface gigabitEthernet 1/0/1-3 27.11 ip igmp snooping vlan-config (router-ports-forbidden) Description This command is used to forbid the specified ports as being router ports in the specified VLAN(s). To delete the forbidden router ports, please use no ip vlan-id-list igmp snooping vlan-config router-ports-forbidden command.
Page 253: Ip Igmp Snooping Multi-Vlan-Config
27.12 ip igmp snooping multi-vlan-config Description The ip igmp snooping multi-vlan-config command is used to create Multicast VLAN. To delete the corresponding Multicast VLAN, please use no ip igmp snooping multi-vlan-config command. To restore the default values, please use no ip igmp snooping multi-vlan-config with specified parameters.
Page 254: Ip Igmp Snooping Multi-Vlan-Config (Router-Ports-Forbidden)
T1600G-52TS(config)# ip igmp snooping multi-vlan-config 3 rtime 100 T1600G-52TS(config)# ip igmp snooping multi-vlan-config 3 mtime 100 T1600G-52TS(config)# ip igmp snooping multi-vlan-config 3 rport interface gigabitEthernet 1/0/3 27.13 ip igmp snooping multi-vlan-config (router-ports-forbidden) Description This command is used to forbid the specified ports as being router ports in the specified multicast VLAN.
Page 255: Ip Igmp Snooping Querier Vlan
27.14 ip igmp snooping multi-vlan-config (source-ip-replace) Description This command is used to replace the multicast source IP address of the IGMP packets in the specified multicast VLAN. To delete the forbidden router ports, please use no ip igmp snooping multi-vlan-config replace-sourceip command.
Page 256: Ip Igmp Snooping Querier Vlan (General Query)
vlan-id no ip igmp snooping querier vlan Parameter vlan-id — VLAN ID, ranging from 1 to 4094. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the IGMP Snooping Querier function of VLAN 1: T1600G-52TS(config)#ip igmp snooping querier vlan 1 27.16 ip igmp snooping querier vlan (general...
Page 257: Ip Igmp Snooping Max-Groups
ip-addr —— The source IP of the general query frame sent by IGMP Snooping Querier. It should not be a multicast IP or a broadcast IP. By default, it is 192.168.0.1. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands.
Page 258: Ip Igmp Snooping Authentication
drop —— When the number of the dynamic multicast groups that a port joins has exceeded the max-group, the port will not join any new multicast group. replace —— When the number of the dynamic multicast groups that a port joins has exceeded the max-group, the newly joined multicast group will replace an existing multicast group with the lowest multicast group address.
Page 259: Ip Igmp Snooping Accounting
Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. User Guidelines The IGMP Authentication feature will take effect only when AAA function is enabled and the RADIUS server is configured. For how to enable AAA function and configure RADIUS server, please refer to aaa enable radius-server...
Page 260: Ip Igmp Profile
27.20 ip igmp profile Description The ip igmp profile command is used to create the configuration profile. To delete the corresponding profile, please use no ip igmp profile command. Syntax ip igmp profile no ip igmp profile Parameter —— Specify the id of the configuration profile, ranging from 1 to 999. Command Mode Global Configuration Mode Privilege Requirement...
Page 261: Permit
Example Configure the filtering mode of profile 1 as deny: T1600G-52TS(config)# ip igmp profile 1 T1600G-52TS(config-igmp-profile)#deny 27.22 permit Description The permit command is used to configure the filtering mode of profile as permit. Syntax permit Command Mode Profile Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands.
Page 262: Ip Igmp Filter
Parameter start-ip —— The start filtering multicast IP address. end-ip —— The end filtering multicast IP address. Command Mode Profile Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Configure one of the filter multicast address entry as range 225.1.1.1 to 226.3.2.1 in profile 1: T1600G-52TS(config)# ip igmp profile 1 T1600G-52TS(config-igmp-profile)#range 225.1.1.1 226.3.2.1...
Page 263: Clear Ip Igmp Snooping Statistics
T1600G-52TS(config-if)# ip igmp filter 1 27.25 clear ip igmp snooping statistics Description The clear ip igmp snooping statistics command is used to clear the statistics of the IGMP packets. Syntax clear ip igmp snooping statistics Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands.
Page 264: Show Ip Igmp Snooping Interface
27.27 show ip igmp snooping interface Description The show ip igmp snooping interface command is used to display the port configuration of IGMP snooping. Syntax port port-list show ip igmp snooping interface [ gigabitEthernet [ { basic-config | max-groups | packet-stat } lagid show ip igmp snooping interface [ port-channel [ ] ] { basic-config |...
Page 265: Show Ip Igmp Snooping Vlan
27.28 show ip igmp snooping vlan Description The show ip igmp snooping vlan command is used to display the VLAN configuration of IGMP snooping. Syntax vlan-id show ip igmp snooping vlan [ Parameter vlan-id ——The VLAN ID selected to display. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement...
Page 266: Show Ip Igmp Snooping Groups
27.30 show ip igmp snooping groups vlan Description The show ip igmp snooping groups vlan command is used to display the information of the multicast groups of a selected VLAN. Syntax vlan-id multicast_addr show ip igmp snooping groups vlan Parameter vlan-id ——The VLAN ID selected to display.
Page 267: Show Ip Igmp Snooping Querier
count—— The numbers of all multicast groups. dynamic—— Display dynamic multicast groups. dynamic count—— The numbers of all dynamic multicast groups. static—— Display static multicast groups. static count—— The numbers of all static multicast groups. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None.
Page 268: Show Ip Igmp Profile
Syntax vlan-id show ip igmp snooping querier [ vlan Parameter vlan-id ——The VLAN ID selected to display, ranging from 1 to 4094. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display all Querier information: T1600G-52TS(config)# show ip igmp snooping querier 27.33 show ip igmp profile Description...
Page 269: Chapter 28 Mld Snooping Commands
Chapter 28 MLD Snooping Commands MLD Snooping (Multicast Listener Discovery Snooping) is a multicast control mechanism running on Layer 2 switch. It can effectively prevent multicast groups being broadcasted in the IPv6 network. 28.1 ipv6 mld snooping(global) Description The ipv6 mld snooping command is used to enable MLD Snooping function globally.
Page 270: Ipv6 Mld Snooping Rtime
Privilege Requirement Only Admin and Operator level users have access to these commands. Example Enable MLD Snooping on port 1/0/3: T1600G-52TS(config)# interface gigabitEthernet 1/0/3 T1600G-52TS(config-if)# ipv6 mld snooping 28.3 ipv6 mld snooping rtime Description The ipv6 mld snooping rtime command is used to specify router port aging time globally.
Page 271: Ipv6 Mld Snooping Report-Suppression
Parameter mtime —— Specify the aging time in seconds, ranging from 60 to 600. The default aging time is 260 seconds. Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these commands. Example Specify MLD Snooping member port aging time as 100 seconds globally: T1600G-52TS(config)# ipv6 mld snooping mtime 100 28.5 ipv6 mld snooping report-suppression...
Page 272: Ipv6 Mld Snooping Immediate-Leave
28.6 ipv6 mld snooping immediate-leave Description The ipv6 mld snooping immediate-leave command is used to configure the Fast Leave function for port. To disable the Fast Leave function, please use no ipv6 mld snooping immediate-leave command. Syntax ipv6 mld snooping immediate-leave no ipv6 mld snooping immediate-leave Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range...
Page 273: Ipv6 Mld Snooping Last-Listener Query-Inteval
28.8 ipv6 mld snooping last-listener query-inteval Description The ipv6 mld snooping last-listener query-inteval command is used to specify the interval to send Specific Query Message. The default value is 1 second. To restore the default interval, please use no ipv6 mld snooping last-listener query-inteval command.
Page 274: Ipv6 Mld Snooping Vlan-Config
Privilege Requirement Only Admin and Operator level users have access to these commands. Example Specify the number of Specific Query Message to 3: T1600G-52TS(config)# ipv6 mld snooping last-listener query-count 3 28.10 ipv6 mld snooping vlan-config Description The ipv6 mld snooping vlan-config command is used to enable VLAN MLD Snooping function or to modify MLD Snooping parameters, and to create static multicast IP entry.
Page 275: Ipv6 Mld Snooping Vlan-Config (Router-Ports-Forbidden)
port-list —— The list of Ethernet ports. lagid —— The ID of the LAGs. —— The static multicast IP address. Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these commands. Example Enable the MLD Snooping function and modify Router Port Time as 300 seconds, Member Port Time as 200 seconds for VLAN 1-3, and set the router port as 1/0/1 for VLAN 1-2: T1600G-52TS(config)# ipv6 mld snooping vlan-config 1-3 rtime 300...
Page 276: Ipv6 Mld Snooping Multi-Vlan-Config
Parameter vlan-id-list —— The ID list of the VLAN desired to modify configuration, ranging from 1 to 4094, in the format of 1-3, 5. port-list —— Forbid the specified ports as being router ports. Packets sent from multicast routers to these ports will be discarded. port-channel-id ——...
Page 277: Ipv6 Mld Snooping Multi-Vlan-Config (Router-Ports-Forbidden)
router-time —— Router Port Time. Within this time, if the switch does not receive MLD query message from the router port, it will consider this port is not a router port any more. Router Port Time ranges from 60 to 600 in seconds.
Page 278: Ipv6 Mld Snooping Multi-Vlan-Config (Source-Ip-Replace)
no ipv6 mld snooping multi-vlan-config router-ports-forbidden [ interface port-list port-channel-id { gigabitEthernet | port-channel Parameter vlan-id ——The ID of the multicast VLAN, ranging from 2 to 4094. port-list —— Forbid the specified ports as being router ports. Packets sent from multicast routers to these ports will be discarded. port-channel-id ——...
Page 279: Ipv6 Mld Snooping Querier Vlan
Privilege Requirement Only Admin level users have access to these commands. Example Replace the source IP address of the MLD packets in multicast VLAN 2 as fe80::02ff:ffff:fe00:0001: T1600G-52TS(config)# ipv6 mld snooping multi-vlan-config 2 replace-sourceip fe80::02ff:ffff:fe00:0001 28.15 ipv6 mld snooping querier vlan Description The ipv6 mld snooping querier vlan command is used to enable the MLD Querier function.
Page 280: Ipv6 Mld Snooping Max-Groups
return to the default configuration, please use no ipv6 mld snooping querier vlan command. Syntax vlan-id interval | ipv6 mld snooping querier vlan { query-interval response-time | ip-addr max-response-time general-query source-ip vlan-id ipv6 snooping querier vlan query-interval max-response-time general-query source-ip } Parameter vlan-id ——...
Page 281 receives an MLD report message and the maximum number of entries is in the forwarding table. To remove the maximum group limitation and return to the default of no limitation on the specified port, please use the no ipv6 mld snooping max-groups command.
Page 282: Ipv6 Mld Profile
28.18 ipv6 mld profile Description The ipv6 mld profile command is used to create the configuration profile. To delete the corresponding profile, please use no ipv6 mld profile command. Syntax ipv6 mld profile no ipv6 mld profile Parameter —— Specify the id of the configuration profile, ranging from 1 to 999. Command Mode Global Configuration Mode Privilege Requirement...
Page 283: Permit
T1600G-52TS(config)# ipv6 mld profile 1 T1600G-52TS(config-mld-profile)#deny 28.20 permit Description The permit command is used to configure the filtering mode of profile as permit. Syntax permit Command Mode Profile Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these commands. Example Configure the filtering mode of profile 1 as permit: T1600G-52TS(config)# ipv6 mld profile 1...
Page 284: Ipv6 Mld Filter
Command Mode Profile Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these commands. Example Configure one of the filter multicast address entry as range ff80::1234 to ff80::1235 in profile 1: T1600G-52TS(config)# ipv6 mld profile 1 T1600G-52TS(config-mld-profile)#range ff80::1234 ff80::1235 28.22 ipv6 mld filter...
Page 285: Clear Ipv6 Mld Snooping Statistics
28.23 clear ipv6 mld snooping statistics Description The clear ipv6 mld snooping statistics command is used to clear the statistics of the MLD packets. Syntax clear ipv6 mld snooping statistics Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands.
Page 286: Show Ipv6 Mld Snooping Interface
28.25 show ipv6 mld snooping interface Description The show ipv6 mld snooping interface command is used to display the port configuration of MLD snooping. Syntax port port-list show ipv6 mld snooping interface [ gigabitEthernet [ { basic-config | max-groups | packet-stat } lagid show ipv6 mld snooping interface [ port-channel [ ] ] { basic-config |...
Page 287: Show Ipv6 Mld Snooping Multi-Vlan
Syntax vlan-id show ipv6 mld snooping vlan [ Parameter vlan-id —— The VLAN ID selected to display, ranging from 1 to 4094. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display all of the VLAN information: T1600G-52TS(config)# show ipv6 mld snooping vlan 28.27 show ipv6 mld snooping multi-vlan...
Page 288 Parameter vlan-id ——The VLAN ID selected to display. ipv6_multicast_addr —— IPv6 address of the multicast group. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display all the multicast entries in VLAN 5: T1600G-52TS#show ipv6 mld snooping groups vlan 5 Display information of the multicast group with the IPv6 address ff80::1234 in VLAN 5: T1600G-52TS#show ipv6 mld snooping groups vlan 5 ff80::1234...
Page 289: Show Ipv6 Mld Snooping Querier
Privilege Requirement None. Example Display the information of all MLD snooping groups: T1600G-52TS#show ipv6 mld snooping groups Display all the multicast entries in VLAN 5: T1600G-52TS(config)#show ipv6 mld snooping groups vlan 5 Display the count of multicast entries in VLAN 5: T1600G-52TS(config)#show ipv6 mld snooping groups vlan 5 count Display the dynamic multicast groups of VLAN 5: T1600G-52TS(config)#show ipv6 mld snooping groups vlan 5 dynamic...
Page 290: Show Ipv6 Mld Profile
Example Display all Querier information: T1600G-52TS(config)# show ipv6 mld snooping querier 28.31 show ipv6 mld profile Description The show ipv6 mld profile command is used to display the configuration information of all the profiles or a specific profile. Syntax show ipv6 mld profile [ Parameter ——...
Page 291: Chapter 29 Snmp Commands
Chapter 29 SNMP Commands SNMP (Simple Network Management Protocol) functions are used to manage the network devices for a smooth communication, which can facilitate the network administrators to monitor the network nodes and implement the proper operation. 29.1 snmp-server Description The snmp-server command is used to enable the SNMP function.
Page 292: Snmp-Server Group
Parameter name —— The entry name of View, ranging from 1 to 16 characters. Each View includes several entries with the same name. mib-oid —— MIB Object ID. It is the Object Identifier (OID) for the entry of View, ranging from 1 to 61 characters. include | exclude ——...
Page 293 Parameter name ——The SNMP Group name, ranging from 1 to 16 characters. The Group Name, Security Model and Security Level compose the identifier of the SNMP Group. These three items of the Users in one group should be the same. smode ——...
Page 294: Snmp-Server User
29.4 snmp-server user Description The snmp-server user command is used to add User. To delete the corresponding User, please use no snmp-server user command. The User in an SNMP Group can manage the switch via the management station software. The User and its Group have the same security level and access right. Syntax name group-name...
Page 295: Snmp-Server Community
emode —— The Privacy Mode of the SNMP v3 User, with none and DES options. None indicates no privacy method is used, and DES indicates DES encryption method is used. By default, the Privacy Mode is “none”. encrypt-pwd —— Privacy Password, ranging from 1 to 16 characters. The question marks and spaces are not allowed.
Page 296: Snmp-Server Host
Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have access to these commands. Example Add community public, and the community has read-write management right to View viewDefault: T1600G-52TS(config)# snmp-server community public read-write viewDefault 29.6 snmp-server host Description The snmp-server host command is used to add Notification.
Page 297 type has a higher security than the trap type and resend and timeout need to be configured if you select this option. You can only select the trap type in Security Model v1. By default, the type of the notifications is “trap”. retries ——...
Page 298: Snmp-Server Engineid
29.7 snmp-server engineID Description The snmp-server engineID command is used to configure the local and remote engineID of the switch. To restore to the default setting, please use no snmp-server engineID command. Syntax local-engineID remote-engineID snmp-server engineID { [ local ] [ remote no snmp-server engineID Parameter...
Page 299: Snmp-Server Traps Link-Status
disable the sending of SNMP standard traps, please use no snmp-server traps snmp command. Syntax snmp-server traps snmp [ linkup | linkdown | warmstart | coldstart | auth-failure ] no snmp-server traps snmp [ linkup | linkdown | warmstart | coldstart | auth-failure ] Parameter linkup ——...
Page 300: Snmp-Server Traps
Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet) Privilege Requirement Only Admin level users have access to these commands. Example Enable SNMP link status trap for port 3: T1600G-52TS(config)# interface gigabitEthernet 1/0/3 T1600G-52TS(config-if)# snmp-server traps link-status 29.10 snmp-server traps Description The snmp-server traps command is used to enable SNMP extended traps.
Page 301: Snmp-Server Traps Vlan
spanning-tree —— Enable spanning-tree trap. It is sent when the port forwarding status changes or the port receives TCN packet or packet with TC fport-channel-. memory —— Enable memory trap. It is sent when memory usage exceeds 80%. Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have access to these commands.
Page 302: Rmon History
Enable VLAN-created trap only for the switch: T1600G-52TS(config)# snmp-server traps vlan create 29.12 rmon history Description The rmon history command is used to configure the history sample entry. To return to the default configuration, please use no rmon history command. RMON (Remote Monitoring), basing on SNMP architecture, functions to monitor the network.
Page 303: Rmon Event
T1600G-52TS(config)# rmon history 1-3 interface gigabitEthernet 1/0/2 interval 100 owner owner1 29.13 rmon event Description The rmon event command is used to configure the entries of SNMP-RMON Event. To return to the default configuration, please use no rmon event command. Event Group, as one of the commonly used RMON Groups, is used to define RMON events.
Page 304: Rmon Alarm
T1600G-52TS(config)# rmon event 1-4 user user1 description description1 type log owner owner1 29.14 rmon alarm Description The rmon alarm command is used to configure SNMP-RMON Alarm Management. To return to the default configuration, please use no rmon alarm command. Alarm Group is one of the commonly used RMON Groups. RMON alarm management allows monitoring the specific alarm variables.
Page 305: Rmon Statistics
r-event —— Rise Event, which is the index of the corresponding event which will be triggered if the sampled value is larger than the Rising Threshold. It ranges from 1 to 12. f-hold —— The falling counter value that triggers the alarm, Falling Threshold ranging from 1 to 2147483647.
Page 306: Show Snmp-Server
Syntax index port owner-name rmon statistics interface gigabitEthernet [ owner [ status { underCreation | valid }] index no rmon statistics Parameter index —— The index number of the statistics entry, ranging from 1 to 65535, in the format of 1-3,5. port ——...
Page 307: Show Snmp-Server View
Example Display SNMP configuration globally: T1600G-52TS# show snmp-server 29.17 show snmp-server view Description The show snmp-server view command is used to display the View table. Syntax show snmp-server view Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin level users have access to these commands.
Page 308: Show Snmp-Server User
29.19 show snmp-server user Description The show snmp-server user command is used to display the User table. Syntax show snmp-server user Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin level users have access to these commands. Example Display the User table: T1600G-52TS# show snmp-server user...
Page 309: Show Snmp-Server Engineid
Syntax show snmp-server host Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin level users have access to these commands. Example Display the Host table: T1600G-52TS# show snmp-server host 29.22 show snmp-server engineID Description The show snmp-server engineID command is used to display the engineID of the SNMP.
Page 310: Show Rmon Event
Parameter index —— The index number of the entry selected to display the configuration, ranging from 1 to 12, in the format of 1-3, 5. You can select more than one entry for each command. By default, the configuration of all history sample entries is displayed.
Page 311: Show Rmon Alarm
29.25 show rmon alarm Description The show rmon alarm command is used to display the configuration of the Alarm Management entry. Syntax index show rmon alarm [ Parameter index —— The index number of the entry selected to display the configuration, ranging from 1 to 12, in the format of 1-3, 5.
Page 312 Privilege Requirement Only Admin level users have access to these commands. Example Display the configuration of the statistics entry 1: T1600G-52TS#show rmon statistics 1...
Page 313: Chapter 30 Lldp Commands
LLDP Commands Chapter 30 LLDP function enables network devices to advertise their own device information periodically to neighbors on the same LAN. The information of the LLDP devices in the LAN can be stored by its neighbor in a standard MIB, so it is possible for the information to be accessed by a Network Management System (NMS) such as SNMP.
Page 314: Lldp Timer
Parameter multiplier —— Configure the Hold Multiplier parameter. It ranges from 2 to 10. By default, it is 4. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Specify Hold Multiplier as 5: T1600G-52TS(config)#lldp hold-multiplier 5 30.3 lldp timer...
Page 315: Lldp Receive
fast-count —— When the port's LLDP state transforms from Disable (or Rx_Only) to Tx&Rx (or Tx_Only), the fast start mechanism will be enabled, that is, the transmit interval will be shorten to a second, and several LLDPDUs will be sent out (the number of LLDPDUs equals this parameter). The value ranges from 1 to 10 and the default value is 3.
Page 316: Lldp Transmit
30.5 lldp transmit Description The lldp transmit command is used to enable the designated port to transmit LLDPDU. To disable the function, please use no lldp transmit command. Syntax lldp transmit no lldp transmit Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet) Privilege Requirement Only Admin, Operator and Power User level users have access to these...
Page 317: Lldp Tlv-Select
Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the SNMP notification for Gigabit Ethernet port 1/0/1: T1600G-52TS(config)#interface gigabitEthernet 1/0/1 T1600G-52TS(config-if)#lldp snmp-trap 30.7 lldp tlv-select Description The lldp tlv-select command is used to configure TLVs to be included in outgoing LLDPDU.
Page 318: Lldp Med-Fast-Count
30.8 lldp med-fast-count Description The lldp med-fast-count command is used to configure the number of the LLDP-MED frames that will be sent out. When LLDP-MED fast start mechanism is activated, multiple LLDP-MED frames will be transmitted based on this parameter. The default value is 4. To return to the default configuration, please use no lldp med-fast-count command.
Page 319: Lldp Med-Tlv-Select
Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet) Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the LLDP-MED feature for port 1/0/2: T1600G-52TS(config)# interface gigabitEthernet 1/0/2 T1600G-52TS(config-if)# lldp med-status 30.10 lldp med-tlv-select Description...
Page 320: Lldp Med-Location
T1600G-52TS(config-if)# no lldp med-tlv-select network-policy inventory- management 30.11 lldp med-location Description The lldp med-location command is used to configure the Location Identification TLV's content in outgoing LLDPDU of the port. Syntax identifier lldp med-location emergency-number civic-address language province-state county [ [ language ] [ province-state ] [ county ] [city...
Page 321: Show Lldp
30.12 show lldp Description The show lldp command is used to display the global configuration of LLDP. Syntax show lldp Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the global configuration of LLDP: T1600G-52TS#show lldp 30.13 show lldp interface Description...
Page 322: Show Lldp Local-Information Interface
30.14 show lldp local-information interface Description The show lldp local-information interface command is used to display the LLDP information of the corresponding port. By default, the LLDP information of all the ports will be displayed. Syntax port show lldp local-information interface [ gigabitEthernet Parameters port ——...
Page 323: Show Lldp Traffic Interface
Example Display the neighbor information of Gigabit Ethernet port 1/0/1: T1600G-52TS#show lldp neighbor-information interface gigabitEthernet 1/0/1 30.16 show lldp traffic interface Description The show lldp traffic interface command is used to display the LLDP statistic information between the local device and neighbor device of the corresponding port.
Page 324: Chapter 31 Arp Commands
ARP Commands Chapter 31 Address Resolution Protocol (ARP) is used to resolve an IP address into an Ethernet MAC address. The swich maintains an ARP mapping table to record the IP-to-MAC mapping relations, which is used for forwarding packets. An ARP mapping table contains two types of ARP entries: dynamic and static.
Page 325: Clear Arp-Cache
31.2 clear arp-cache Description This clear arp-cache command is used to clear all the dynamic ARP entries. Syntax clear arp-cache Command Mode Privileged EXEC Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Clear all the dynamic ARP entries: T1600G-52TS(config)# clear arp-cache...
Page 326: Show Arp
Example Configure the ARP aging time as 60 seconds on interface 1/0/1: T1600G-52TS(config)# interface gigabitEthernet 1/0/1 T1600G-52TS(config-if)# arp timeout 60 31.4 show arp Description This show arp command is used to display the active ARP entries. If no parameter is speicified, all the active ARPA entries will be displayed. Syntax show arp [ show ip arp [...
Page 327: Show Ip Arp Summary
Parameter port —— Specify the number of the routed port. lagid —— Specify the ID of the LAG. —— Specify the VLAN interface ID. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the ARP entry associated with VLAN interface 2 : T1600G-52TS(config)# show ip arp vlan 2 31.6 show ip arp summary Description...
Page 328: Chapter 32 Static Routes Commands
Static Routes Commands Chapter 32 32.1 interface vlan Description This interface vlan command is used to create the VLAN interface. To delete the specified VLAN interface, please use the no interface vlan command. Syntax interface vlan { no interface vlan { Parameter ——...
Page 329: Switchport
Parameter —— The ID of the loopback interface, ranging from 1 to 64. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Create the loopback interface 1: T1600G-52TS(config)# interface loopback 1 32.3 switchport Description This switchport command is used to switch the Layer 3 interface into the...
Page 330: Interface Range Port-Channel
32.4 interface range port-channel Description This interface range port-channel command is used to create multiple port-channel interfaces. Syntax port-channel-list interface range port-channel Parameter port-channel-list —— The list of the port-channel interface, ranging from 1 to 14, in the format of 1-3, 5. Command Mode Global Configuration Mode Privilege Requirement...
Page 331: Shutdown
Command Mode Interface Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Add a description system-if to the routed port 1/0/9 : T1600G-52TS(config)# interface gigabitEthernet 1/0/9 T1600G-52TS(config-if)# no switchport T1600G-52TS(config-if)# description system-if 32.6 shutdown Description This shutdown command is used to shut down the specified interface.
Page 332: Interface Port-Channel
32.7 interface port-channel Description This interface port-channel command is used to create the port-channel interface. To delete the specified port-channel interface, please use the no interface port-channel command. Syntax port-channel-id interface port-channel { port-channel-id no interface port-channel { Parameter port-channel-id ——...
Page 333: Ipv6 Routing
next hop-address —— The address of the next-hop. distance —— The distance metric of this route, ranging from 1 to 255. The smaller the distance is, the higher the priority is. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands.
Page 334: Ipv6 Route
32.10 ipv6 route Description This ipv6 route command is configure the IPv6 static route. To clear the corresponding entry, please use the no ipv6 route command. Syntax ipv6-dest-address next-hop-address distance ipv6 route { ipv6-dest-address next-hop-address no ipv6 route { Parameter ipv6-dest-address ——...
Page 335: Show Ip Interface
Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None. Example Display the information of VLAN 2: T1600G-52TS(config)#show interface vlan 2 32.12 show ip interface Description This show ip interface command is used to display the detailed information of the specified Layer 3 interface.
Page 336: Show Ip Interface Brief
32.13 show ip interface brief Description This show ip interface brief command is used to display the summary information of the Layer 3 interfaces. Syntax show ip interface brief Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None.
Page 337: Show Ip Route Specify
Example Display the static routes: T1600G-52TS(config)# show ip route static 32.15 show ip route specify Description This show ip route specify command is used to display the valid routing information to the specified IP address or network segments. Syntax mask show ip route specify { ] [ longer-prefixes ] Parameter...
Page 338: Show Ip Route Summary
32.16 show ip route summary Description This show ip route summary command is used to display the summary information of the route entries classified by their sources. Syntax show ip route summary Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None.
Page 339: Show Ipv6 Route
32.18 show ipv6 route Description This show ipv6 route command is used to display the IPv6 route entries of the specified type. Syntax show ipv6 route [ static | connected ] Parameter static | connected —— Specify the route type. If not specified, all types of route entries will be displayed.
Page 340 Example Display the summary information of IPv6 route entries: T1600G-52TS(config)# show ipv6 route summary...
Page 341: Chapter 33 Sdm Template Commands
Chapter 33 SDM Template Commands This chapter describes how to configure the Switch Database Management (SDM) templates to allocate hardware resources on the switch for different uses. 33.1 sdm prefer Description The sdm prefer command is used to configure the SDM template. The SDM template is used to allocate system resources to best support the features being used in your application.
Page 342: Show Sdm Prefer
33.2 show sdm prefer Description The show sdm prefer command is used to display resource allocation of the current SDM template in use, or the SDM templates that can be used. Syntax show sdm prefer { used | default | enterpriseV4 | enterpriseV6 } Parameter used ——...
Page 343: Chapter 34 Aaa Commands
Chapter 34 AAA Commands AAA stands for authentication, authorization and accounting. This feature is used to authenticate users trying to log in to the switch or trying to access the administrative level privilege. Applicable Access Application  The authentication can be applied on the following access applications:Telnet, SSH and HTTP. Authentication Method List ...
Page 344: Tacacas-Server Host
Example Enable the AAA function globally: T1600G-52TS(config)# aaa enable 34.2 tacacas-server host Description The tacacs-server host command is used to configure a new TACACS+ server. To delete the specified TACACS+ server, please use no tacacs-server host command. Syntax ip-address port-id time tacacs-server host [ port...
Page 345: Show Tacacs-Server
User Guidelines The TACACS+ servers you configured are added in the server group “tacacs” by default. Example Configure a TACACS+ server with the IP address as 1.1.1.1, TCP port as 1500, timeout as 6 seconds, and the unencrypted key string as 12345. T1600G-52TS(config)# tacacs-server host 1.1.1.1 port 1500 timeout 6 key 12345 34.3 show tacacs-server...
Page 346: User Guidelines
Syntax ip-address port-id port-id radius-server host [ auth-port ] [ acct-port time number string encrypted-string [ timeout ] [ retransmit ] [ key { [ 0 ] ip-address no radius-server host Parameter ip-address —— Specify the IP address of the RADIUS server. port-id auth-port ——...
Page 347: Show Radius-Server
Example Configure a RADIUS server with the IP address as 1.1.1.1, authentication port as 1200, timeout as 6 seconds, retransmit times as 3, and the unencrypted key string as 12345. T1600G-52TS(config)# radius-server host 1.1.1.1 auth-port 1200 timeout 6 retransmit 3 key 12345 34.5 show radius-server Description This show radius-server command is used to display the summary...
Page 348: Server
Syntax group-name aaa group { radius | tacacs } group-name no aaa group { radius | tacacs } Parameter radius | tacacs —— Specify the server group type as RADIUS or TACACS+. group-name —— Specify the server group name. Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have access to these commands.
Page 349: Show Aaa Group
T1600G-52TS(config)# aaa group radius radius1 T1600G-52TS(aaa-group)# server 1.1.1.1 34.8 show aaa group Description This show aaa group command is used to display the summary information of the AAA groups. All the servers in this group will be listed if you specify the group name.
Page 350: Aaa Authentication Enable
Parameter method-list —— Specify the method list name. method1, method2, method3, method4 —— Specify the authentication methods in order. The next authentication method is tried only if the previous method does not respond, not if it fails. The preset methods include radius, tacacs, local and none. “radius” means the RADIUS server group “radius”;...
Page 351: Aaa Authentication Dot1X Default
Parameter method-list —— Specify the method list name. method1, method2, method3, method4 —— Specify the authentication methods in order. The next authentication method is tried only if the previous method does not respond, not if it fails. The preset methods include radius, tacacs, local and none. “radius” means the RADIUS server group “radius”;...
Page 352: Aaa Accounting Dot1X Default
Parameter method —— Specify the method name. Only RADIUS server group is supported, and the default method is server group “radius”. Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have access to these commands. Example Configure the default 802.1X authentication method as “radius1”: T1600G-52TS(config)# aaa authentication dot1x default radius1 34.12 aaa accounting dot1x default...
Page 353: Show Aaa Authentication
34.13 show aaa authentication Description This show aaa authentication command is used to display the summary information of the authentication login, enable and dot1x metheod list. Syntax show aaa authentication [ login | enable | dot1x ] Parameter login | enable | dot1x —— Specify the method list type. Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement...
Page 354: Line Telnet
Example Display the information of the default 802.1X accounting method list: T1600G-52TS(config)# show aaa accounting 34.15 line telnet Description The line telnet command is used to enter the Line Configuration Mode to configure the telnet terminal line to which you want to apply the authentication list.
Page 355: Line Ssh
Command Mode Line Configuration Mode Privilege Requirement Only Admin level users have access to these commands. Example Configure the login authentication method list on the telnet terminal line as “list1”: T1600G-52TS(config)#line telnet T1600G-52TS(config-line)# login authentication list1 34.17 line ssh Description The line ssh command is used to enter the Line Configuration Mode to configure the ssh terminal line to which you want to apply the authentication list.
Page 356: Enable Authentication(Telnet)
Syntax method-list login authentication { no login authentication Parameter method-list —— Specify the login method list on the ssh terminal line. It is “default” by default, which contains the method “local”. Command Mode Line Configuration Mode Privilege Requirement Only Admin level users have access to these commands. Example Configure the login authentication method list on the ssh terminal line as “list1”:...
Page 357: Enable Authentication(Ssh)
Privilege Requirement Only Admin level users have access to these commands. Example Configure the enable authentication method list on the telnet terminal line as “list2”: T1600G-52TS(config)#line telnet T1600G-52TS(config-line)# enable authentication list2 34.20 enable authentication(ssh) Description The enable authentication command is used to apply the privilege authentication method list to the ssh terminal line.
Page 358: Ip Http Login Authentication
34.21 ip http login authentication Description The ip http login authentication command is used to apply the login authentication method list to users accessing through HTTP. To restore to the default authentication method list, please use the no ip http login authentication command.
Page 359: Show Aaa Global
Parameter method-list —— Specify the enable method list on the HTTP access. It is “default” by default, which contains the method “none”. Command Mode Line Configuration Mode Privilege Requirement Only Admin level users have access to these commands. Example Configure the enable authentication method list on the HTTP access as “list2”: T1600G-52TS(config)# ip http enable authentication list2 34.23...
Page 360: Chapter 35 Dhcp Relay Commands
Chapter 35 DHCP Relay Commands A DHCP Relay is a Layer 3 device that forwards DHCP packets between clients and servers. DHCP Relay forward requests and replies between clients and servers when they are not on the same physical subnet. 35.1 service dhcp relay Description The service dhcp relay command is used to enable DHCP Relay function...
Page 361: Ip Dhcp Relay Information
Parameter ip-address —— DHCP Server address. Command Mode Interface Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Add DHCP Server address 192.168.2.1 to interface VLAN 1: T1600G-52TS(config)# interface vlan 1 T1600G-52TS(config-if)# ip helper-address 192.168.2.1 35.3 ip dhcp relay information Description...
Page 362: Ip Dhcp Relay Information Policy
35.4 ip dhcp relay information policy Description The ip dhcp relay information policy command is used to specify the operation for the Option 82 field of the DHCP request packets from the Host. To restore to the default option, please use no ip dhcp relay information policy command.
Page 363: Ip Dhcp Relay Information Circuit-Id
—— Specify the circuit ID, ranging from 1 to 64 characters. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Specify the circuit ID as “TP-Link”: T1600G-52TS(config)# ip dhcp relay information circuit-id TP-Link...
Page 364: Ip Dhcp Relay Information Remote-Id
Only Admin, Operator and Power User level users have access to these commands. Example Specify the remote ID as “TP-Link”: T1600G-52TS(config)# ip dhcp relay information remote-id TP-Link 35.8 show ip dhcp relay Description The show ip dhcp relay command is used to display the global status and Option 82 configuration of DHCP Relay.
Page 365 Example Display the configuration of DHCP Relay: T1600G-52TS(config)# show ip dhcp relay...

This manual is also suitable for:

T1600g-52ts T1600g-28ps T1600g-52ps

TP-Link T1600-28TS Cli Reference Manual

Preface

Chapter 1 Using the CLI

Chapter 2 User Interface

Chapter 3 IEEE 802.1Q VLAN Commands

Chapter 4 MAC-Based VLAN Commands

Chapter 5 Protocol VLAN Commands

Chapter 6 Voice VLAN Commands

Chapter 7 Etherchannel Commands

Chapter 8 User Management Commands

Chapter 9 HTTP and HTTPS Commands

Chapter 10 Binding Table Commands

Chapter 11 ARP Inspection Commands

Chapter 12 Dos Defend Commands

Chapter 13 System Log Commands

Chapter 14 SSH Commands

Chapter 15 IEEE 802.1X Commands

Chapter 16 MAC Address Commands

Chapter 17 System Configuration Commands

Chapter 18 Ipv6 Address Configuration Commands

Chapter 19 Ethernet Configuration Commands

Chapter 20 Qos Commands

Chapter 21 Port Mirror Commands

Chapter 22 Port Isolation Commands

Chapter 23 Loopback Detection Commands

Chapter 24 ACL Commands

Chapter 25 Poe Commands

Chapter 26 MSTP Commands

Quick Links

CLI Reference Guide

Related Manuals for TP-Link T1600-28TS

Summary of Contents for TP-Link T1600-28TS