Page 1 SuperStack Command Reference Guide Version 3.1.x http://www.3com.com/ Part number: DUA1725-0CAA01 Published: July 2005 4 Switch 5500G-EI Family ®...
Page 2 All technical data and computer software are commercial in nature and developed solely at private expense. Software is delivered as “Commercial Computer Software” as defined in DFARS 252.227-7014 (June 1995) or as a “commercial item” as defined in FAR 2.101(a) and as such is provided with only such rights as are provided in 3Com’s standard commercial license for the Software.
Page 3: Table Of Contents
ONTENTS BOUT UIDE About This Software Version Organization of the Manual Intended Readership Conventions Related Manuals SING YSTEM CCESS Logging in Commands authentication-mode auto-execute command command-privilege level databits display history-command display user-interface display users free user-interface header history-command max-size idle-timeout language-mode lock parity...
Page 4 telnet user-interface user privilege level SING OMMANDS Ethernet Port Configuration Commands broadcast-suppression copy configuration description display interface display loopback-detection display port display unit duplex flow-control interface jumboframe enable loopback loopback-detection control enable loopback-detection enable loopback-detection interval-time loopback-detection per-vlan enable multicast-suppression port access vlan port hybrid pvid vlan port hybrid vlan...
Page 5 port link-aggregation group reset lacp statistics VLAN C SING OMMANDS VLAN Configuration Commands description display interface VLAN-interface display vlan interface VLAN-interface port shutdown vlan Voice VLAN Configuration Commands display voice vlan oui display voice vlan status voice vlan aging voice vlan enable voice vlan voice vlan mac_address voice vlan mode...
Page 6 display arp display arp timer aging reset arp Resilient ARP Configuration Commands debugging resilient-arp display resilient-arp resilient-arp enable resilient-arp interface vlan-interface BOOTP Client Configuration Commands debugging dhcp xrn xha ip address bootp-alloc DHCP Client Configuration Commands debugging dhcp client debugging dhcp xrn xha display dhcp client ip address dhcp-alloc DHCP Relay Configuration Commands...
Page 7 display tcp statistics display tcp status display udp statistics reset ip statistics reset tcp statistics reset udp statistics tcp timer fin-timeout tcp timer syn-timeout tcp window SING OUTING ROTOCOL Routing Table Display Commands display ip routing-table display ip routing-table acl display ip routing-table ip_address display ip routing-table ip_address1 ip_address2 display ip routing-table ip-prefix...
Page 8 summary timers traffic-share-across- interface OSPF Configuration Commands abr-summary area asbr-summary authentication-mode default cost default interval default limit default tag default type default-cost default-route-advertise display debugging ospf display ospf abr-asbr display ospf asbr-summary display ospf brief display ospf cumulative display ospf error display ospf interface display ospf lsdb display ospf nexthop...
Page 9 preference reset ospf router id silent-interface snmp-agent trap enable ospf spf-schedule-interval stub vlink-peer IP Routing Policy Configuration Commands apply cost apply tag display ip ip-prefix display route-policy filter-policy export filter-policy import if-match { acl | ip-prefix } if-match cost if-match interface if-match ip next-hop if-match tag ip ip-prefix...
Page 10 multicast routing-enable reset multicast forwarding-table reset multicast routing-table IGMP Configuration Commands debugging igmp display igmp group display igmp interface igmp enable igmp group-limit igmp group-policy igmp group-policy vlan igmp host-join igmp host-join port igmp host-join vlan igmp lastmember- queryinterval igmp max-response-time igmp robust-count igmp timer other-querier-present igmp timer query...
Page 11 S/ACL C SING OMMANDS ACL Configuration Command List display acl display packet-filter display time-range packet-filter reset acl counter rule time-range QoS Configuration Commands List display mirror display qos-interface all display qos-interface line-rate display qos-interface mirrored-to display qos-interface traffic-limit display qos-interface traffic-priority display qos-interface traffic-redirect display qos-interface traffic-statistic display queue-scheduler...
Page 12 SING ABRIC OMMANDS Fabric Commands display xrn-fabric change self-unit change unit-id set unit name sysname RSTP C SING OMMANDS RSTP Configuration Commands display stp display stp ignored-vlan display stp tc reset stp stp bpdu-protection stp cost stp edged-port stp loop-protection stp ignored vlan stp mcheck stp mode...
Page 13 dot1x retry dot1x supp-proxy-check dot1x timer reset dot1x statistics Centralized MAC Address Authentication Configuration Commands debugging mac-authentication event display mac-authentication mac-authentication mac-authentication domain mac-authentication timer AAA Configuration Commands access-limit attribute cut connection display connection display domain display local-user domain idle-cut level local-user messenger...
Page 14 secondary authentication server-type state stop-accounting-buffer enable timer timer realtime-accounting timer response-timeout user-name-format SING YSTEM ANAGEMENT File System Management Commands copy delete execute file prompt format mkdir more move rename reset recycle-bin rmdir undelete Configuration File Management Commands display current-configuration display saved-configuration display this display startup reset saved-configuration...
Page 15 cdup close delete disconnect mkdir passive quit remotehelp rmdir user verbose TFTP Configuration Commands tftp get tftp put MAC Address Table Management Commands display mac-address display mac-address aging-time mac-address mac-address max-mac-count mac-address timer Device Management Commands boot boot-loader boot bootrom display boot-loader display cpu display device...
Page 16 display config-agent display debugging display version System Debug Commands debugging display diagnostic-information Network Connection Test Commands end-station polling ip-address ping tracert HWPing Commands hwping-agent enable hwping count destination ip frequency test-type test-enable display hwping Log Commands display channel display info-center display logbuffer display logbuffer summary display trapbuffer...
Page 17 display snmp-agent statistics display snmp-agent sys-info display snmp-agent usm-user display snmp-proxy unit enable snmp trap snmp-agent community snmp-agent group snmp-agent local-engineid snmp-agent mib-view snmp-agent packet max-size snmp-agent sys-info snmp-agent target-host snmp-agent trap enable snmp-agent trap life snmp-agent trap queue-size snmp-agent trap source snmp-agent usm-user undo snmp-agent RMON Configuration Commands...
Page 18 SSH Configuration Commands debugging ssh server display rsa local-key-pair public display rsa peer-public-key display ssh server display ssh user-information peer-public-key end protocol inbound public-key-code begin public-key-code end rsa local-key-pair create rsa local-key-pair destroy rsa peer-public-key ssh server authentication-retries ssh server rekey-interval ssh server timeout ssh user assign rsa-key ssh user username authentication-type...
Page 19: About This Guide
3.0.x software on the 3Com Switch 5500G-EI. About This Software The software in the Switch 5500G-EI is a subset of that used in some other 3Com Version products. Depending on the capabilities of your hardware platform, some commands described in this guide may not be available on your Switch, although the unavailable commands may still display on the command line interface (CLI).
Page 20: Intended Readership
BOUT UIDE ■ Intended Readership The manual is intended for the following readers: ■ ■ ■ Conventions This manual uses the following conventions: Table 1 Icons Table 2 Text conventions Using System Management Commands — Introduces the commands used for system management and maintenance. Network administrators Network engineers Users who are familiar with the basics of networking...
Page 21: Related Manuals
Table 2 Text conventions Related Manuals The 3Com SuperStack 4 Switch 5500G-EI Getting Started Guide provides information about installation. The 3Com SuperStack 4 Switch 5500G-EI Configuration Guide provides information about configuring your network using the commands described in this guide.
Page 22 BOUT UIDE...
Page 23: System
SING This chapter describes how to use the following commands: Logging in Commands authentication-mode ■ auto-execute command ■ command-privilege level ■ databits ■ display history-command ■ display user-interface ■ display users ■ free user-interface ■ header ■ history-command max-size ■ idle-timeout ■...
Page 24: Ccess
1: U HAPTER SING YSTEM CCESS ■ ■ ■ Logging in Commands This section describes the commands that you can use to configure system access and system security. authentication-mode Syntax authentication-mode { password | scheme | none } View User interface view Parameter password: scheme:...
Page 25: Command-Privilege Level
undo auto-execute command View User Interface View Parameter text: Description Enter a specified command. When the user logs in, the command will be executed automatically. This command is usually used to configure the the terminal, which will connect the user to a designated device automatically. Enter command is not run automatically.
Page 26: Databits
1: U HAPTER SING YSTEM CCESS The command levels are, from lowest to highest: ■ ■ ■ ■ You can assign a priority level depending on user requirements. The commands that a user can access depend first on the access level assigned to the command and second on the access level assigned to the user interface.
Page 27: Display History-Command
Example To configure the data bits of the AUX (Console) port to 7 bits, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]user-interface aux 0 [SW5500-ui-aux0]databits 7 display Syntax history-command display history-command View All views Parameter None Description Use the...
Page 28 1: U HAPTER SING YSTEM CCESS This command without the absolute/relative index, transmission speed, priority, authentication methods, and physical location. This command with the interface in use with user interface name and other user interface information. Example To display information on a user interface with an index number of 0, enter the following.
Page 29: Display Users
Table 4 Output Description of the Field 1 total UIs in use UI’s name display users Syntax display users [ all ] View All views Parameter Enter to display information on all user interfaces. all: Description Use the interface. Use the user interfaces.
Page 30: Header
1: U HAPTER SING YSTEM CCESS Parameter type: number: Description Use this command to reset a specified user interface to its default settings. The user interface will be disconnected after the reset. and type number to its default settings. Use reset the interface with the specified index number to its default settings.
Page 31 Description Use the command to configure the system to display a header during user header log in. Use the undo header { shell | incoming | login } delete the specified header. When the user logs in, and a connection is activated, the After the user successfully logs in, the The first characters in the text are regarded as the start and stop characters.
Page 32: History-Command Max-Size
1: U HAPTER SING YSTEM CCESS Mode 2: Input in several lines <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]header shell % SHELL: After you pressing the <Enter> key, the system prompts the following message: Input banner text, and quit with the character '%'. Go on inputting the rest text and end your input with the first letter: Hello! Welcome % Press the <Enter>...
Page 33: Idle-Timeout
<SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]user-interface aux 0 [SW5500-ui-aux0]history-command max-size 20 idle-timeout Syntax idle-timeout undo idle-timeout View User interface view Parameter minutes: remain idle before it is disconnected. This can be in the range 0 to 35791. seconds: Optional.
Page 34: Lock
1: U HAPTER SING YSTEM CCESS Example To change the command line interface from English to Chinese, enter the following: <SW5500-ui-aux0>language-mode chinese lock Syntax lock View User View Parameter None Description Use the unauthorized users from accessing it. An authorized user must enter a valid password to access the interface.
Page 35: Protocol Inbound
Example To set mark parity on the AUX (Console) port, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]user-interface aux 0 [SW5500-ui-aux0]parity mark protocol inbound Syntax protocol inbound { all| ssh | telnet } View VTY user interface view Parameter Supports both Telnet and SSH protocols.
Page 36: Return
1: U HAPTER SING YSTEM CCESS ■ ■ Related commands: Example To return to user view from system view, enter the following: [SW5500]quit <SW5500> return Syntax return View System view or higher Parameter None Description Use the Ctrl+Z performs the same function as the To return to the next highest level of view, use Example To return to user view from any other view (the example below shows the...
Page 37: Send
To disable this function, that is to allow an unlimited number of information lines, enter the parameter as 0 . Example To configure a terminal to display 20 lines of information, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]user-interface aux 0 [SW5500-ui-aux0]screen-length 20 send...
Page 38 1: U HAPTER SING YSTEM CCESS ftp-directory character string of up to 64 characters. lan-access accessing users, 802.1x supplicants for example. terminal port). Description Use the command access after login. Use the command level of command (level 1). Commands are classified into four levels, as follows: ■...
Page 39: Set Authentication Password
By default, a password is required for users connecting over Modem or Telnet. If a password has not been set, the following prompt is displayed: has not been set! Example To configure the local authentication password on VTY 0 to 3Com, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 40: Speed
1: U HAPTER SING YSTEM CCESS Description Use the terminal service is enabled by default. Use the the terminal service for a user interface. When using the ■ ■ ■ Example To disable the terminal service on the VTY user interfaces 0 to 4, enter the following from another user interface: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 41: Super
undo stopbits View User interface view Parameter Sets the stop bits to 1. Sets the stop bits to 1.5. 1.5: Sets the stop bits to 2. Description Use the command to configure the stop bits on the AUX (Console) port. stopbits Use the undo stopbits...
Page 42: Super Password
1: U HAPTER SING YSTEM CCESS <SW5500>super 3 Password: The password prompt displays only if you set a password using the password super password Syntax super password [ level undo super password [ level View System View Parameter level: enter is set for the specified level. cipher: simple: password...
Page 43: System-View
For example, if the hostname of the Ethernet switch is , the prompt in user view will be MyHost Example To configure the hostname of the Switch to 3Com, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]sysname 3Com...
Page 44: User-Interface
1: U HAPTER SING YSTEM CCESS Parameter hostname: ip host ip_address: enter the host name, the Switch must be set to static resolution. service_port: range 0 to 65535. Optional. Description Use the switch via Telnet for remote management. To terminate the Telnet logon, press <Ctrl+K>...
Page 45: User Privilege Level
Description Using user-interface multiple user interface views to configure the corresponding user interfaces. Example To configure the user interfaces with index numbers 0 to 9, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]user-interface 0 9 [SW5500-ui0-9] This example command selects two AUX (Console) port user interfaces and two VTY user interfaces (VTY 0, VTY 1).
Page 46 1: U HAPTER SING YSTEM CCESS OMMANDS undo Negate a command or set its default...
Page 47 SING This chapter describes how to use the following commands: Ethernet Port Configuration Commands broadcast-suppression ■ copy configuration ■ description ■ display interface ■ display loopback-detection ■ display port ■ display unit ■ duplex ■ flow-control ■ interface ■ jumboframe enable ■...
Page 48 2: U HAPTER SING OMMANDS ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ debugging link-aggregation event debugging lacp packet debugging lacp state display link-aggregation summary display link-aggregation verbose display link-aggregation interface display lacp system-id lacp enable lacp port-priority lacp system-priority...
Page 49: Ethernet Port Configuration Commands
Ethernet Port This section describes the commands you can use to configure and manage the Configuration ports on your Switch 5500G-EI. Commands broadcast-suppression Syntax broadcast-suppression { ratio | pps undo broadcast-suppression View Ethernet Port View Parameter ratio port. The ratio value ranges from 1 to 100. The incremental step is 1. By default, the ratio is 100 meaning all broadcast traffic is accepted.
Page 50: Copy Configuration
2: U HAPTER SING OMMANDS copy configuration Syntax copy configuration source { interface_name interface_list agg-id View System View Parameter interface_type: interface_num: interface_name: interface_type interface_num. For more information, see the parameter item for the interface command. interface_list: interface_num interface_name be input 10 times repeatedly at most. agg-id: group, the port with minimum port number is the source port;...
Page 51: Display Interface
Description Use the description undo description By default, an Ethernet port does not have a description. Example Set the description of port Ethernet1/0/1 to be lanswitch-interface. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface Gigabitethernet 1/0/1 [SW5500-GigabitEthernet1/0/1]description lanswitch-interface display interface Syntax display interface [...
Page 52 2: U HAPTER SING OMMANDS IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc00-0010 The Maximum Transmit Unit is 1500 Media type is twisted pair, loopback not set Port hardware type is 1000_BASE_T Unkown-speed mode, unknown-duplex mode Link speed type is autonegotiation, link duplex type is autonegotiation Flow-control is not enabled The Maximum Frame Length is 1536...
Page 53: Display Loopback-Detection
Table 6 Output Description of the Display Interface Command PVID Mdi type Port link-type Tagged VLAN ID Untagged VLAN ID Last 300 minutes input rate: 0 packets/sec, 0 bytes/sec Last 300 minutes output rate: 0 packets/sec, 0 bytes/sec Input(total): 0 packets, 0 bytes - broadcasts, - multicasts Input(normal): 0 packets, 0 bytes 0 broadcasts, 0 multicasts...
Page 54: Display Port
2: U HAPTER SING OMMANDS Loopback-detection is running Detection interval time is 30 seconds There is no port existing loopback link Table 7 Output Description of the Display Loopback-detection Command Field Loopback-detection is running Detection interval time is 30 seconds There is no port existing loopback link display port Syntax...
Page 55: Duplex
Description Using display unit interfaces for the specified unit. Example Display the port information for all ports on Unit 1. <SW5500>display unit 1 interface Aux1/0/0 current state :DOWN Line protocol current state :DOWN Internet protocol processing : disabled Description : Aux1/0/0 Interface The Maximum Transmit Unit is 1500 Data drive mode: interactive...
Page 56: Flow-Control
2: U HAPTER SING OMMANDS System View: return to User View with Ctrl+Z. [SW5500]interface Gigabitethernet 1/0/1 [SW5500-GigabitEthernet1/0/1]duplex auto flow-control Syntax flow-control undo flow-control View Ethernet Port View Parameters None Description Use the avoids discarding data packets due to congestion. Use the command to disable flow control.
Page 57: Jumboframe Enable
Ethernet Port Configuration Commands You can use the at this command. This consists of the interface_name and the combined as a single parameter. For interface_type interface_number example Ethernet1/0/1. Description Use the command to enter the interface_type interface_number interface interface of the specified port. If you want to configure the parameters of an Ethernet port, you must first use this command to enter the Ethernet port view.
Page 58: Loopback-Detection Control Enable
2: U HAPTER SING OMMANDS View Ethernet Port View Parameter external: internal: Description Use the loopback test to check if the Ethernet port works normally. The loop test will finish automatically after being performed for a while. By default, the Ethernet port will not perform the loopback test. Example To perform the internal loop test for Ethernet1/0/1, enter the following: <SW5500>system-view...
Page 59: Loopback-Detection Enable
Example Enable port loopback detection control. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface Gigabitethernet 1/0/1 [SW5500-GigabitEthernet1/0/1]loopback-detection control enable loopback-detection Syntax enable loopback-detection enable undo loopback-detection enable View Ethernet Port View Parameter None Description Use the detection. If there is a loopback port found, the switch will put it under control. Use the detection.
Page 60: Loopback-Detection Per-Vlan Enable
2: U HAPTER SING OMMANDS By default, the interval is 30 seconds. Description Use the detection interval for the external loopback condition of each port. Use the loopback-detection interval-time Related commands: Example To configure the detection interval for the external loopback condition of each port to 10 seconds, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 61: Port Access Vlan
View Ethernet Port View Parameter : Specifies the bandwidth ratio of multicast traffic allowed on an Ethernet ratio port. The ratio value ranges from 1 to 100. The incremental step is 1. By default, the ratio is 100 meaning all multicast traffic is accepted. The smaller the ratio is, the less bandwidth is allocated to multicast traffic and therefore less broadcast traffic is accepted on the Ethernet port.
Page 62: Port Hybrid Pvid Vlan
2: U HAPTER SING OMMANDS System View: return to User View with Ctrl+Z. [SW5500]interface Gigabitethernet 1/0/1 [SW5500-GigabitEthernet1/0/1]port access vlan 3 port hybrid pvid vlan Syntax port hybrid pvid vlan undo port hybrid pvid View Ethernet Port View Parameter vlan_id: default is 1. Description Use the the hybrid port.
Page 63: Port Link-Type
Parameter vlan_id_list: 4094. The hybrid port will be added to the specified VLANs. This can be a single VLAN, a series of individual VLANs separated by a space, or the the first VLAN in a range of VLANs ( You can enter up to ten command.
Page 64: Port Trunk Permit Vlan
2: U HAPTER SING OMMANDS Description Use the port. Use the status. By default, a port is an access port. A port on a Switch can be configured as an access port, a hybrid port, a trunk port or a fabric port. However, to reconfigure between hybrid and trunk link types, you must first restore the default, or access, link type.
Page 65: Port Trunk Pvid Vlan
Ethernet Port Configuration Commands Example To add the trunk port Ethernet1/0/1 to VLAN 2, VLAN 4 and all VLANs in the range 50-100, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface Gigabitethernet 1/0/1 [SW5500-GigabitEthernet1/0/1]port trunk permit vlan 2 4 50 to 100 port trunk pvid vlan Syntax port trunk pvid vlan...
Page 66: Shutdown
2: U HAPTER SING OMMANDS Parameter interface_type: interface_num: interface_name: interface_type interface_num For parameter description, refer to the Description Use the on the port and count the related information again on the port for the user. If you do not enter a port type, or port type and port number, information is cleared from all ports on the Switch.
Page 67: Speed
speed Syntax For a 100 Mbps Ethernet port, the parameters for this command are as follows: speed { 10 | 100 | auto } For a 1000 Mbps Ethernet port, the parameters for this command are as follows: speed { 10 | 100 | 1000 | auto } For a 10000 Mbps Ethernet port, the parameters for this command are as follows: speed { 10 | 100 | 1000 | 10000 | auto } The undo form of this command is:...
Page 68: Ethernet Port Link Aggregation Commands
2: U HAPTER SING OMMANDS Parameter ratio port. The ratio value ranges from 1 to 100. The incremental step is 1. By default, the ratio is 100 meaning all unicast traffic is accepted. The smaller the ratio is, the less bandwidth is allocated to unicast traffic and therefore less broadcast traffic is accepted on the Ethernet port.
Page 69: Debugging Link-Aggregation Event
Description Use the aggregation error debugging. Use the error Example To enable link aggregation error debugging, enter the following: <SW5500>debugging link-aggregation error debugging Syntax link-aggregation event debugging link-aggregation event undo debugging link-aggregation event View User View Parameter None Description Use the aggregation events debugging.
Page 70: Debugging Lacp State
2: U HAPTER SING OMMANDS interface_type: For more information, see the parameter item for the Description Use the a designated port or ports. Use the disable LACP packets debugging at a designated port or ports. Example To enable LACP packets debugging at Ethernet1/0/1, enter the following: <SW5500>debugging lacp packet interface ethernet1/0/1 debugging lacp state Syntax...
Page 71: Display Link-Aggregation Summary
Description Use the debugging on a designated port or ports. Use the command to disable LACP state machines debugging on a designated port or ports. Example To enable all LACP state machines debugging. <SW5500>debugging lacp state all display link-aggregation Syntax summary display link-aggregation summary View...
Page 72: Display Link-Aggregation Interface
2: U HAPTER SING OMMANDS Description Use the information of a link aggregation, including aggregation ID, the type of aggregation, load-sharing type, detailed local information (member ports, port status, port priority, LACP state flag and operation key), and detailed remote information (indexes of remote ports, port priority, LACP state flag, operation key and system ID.) Note that unlike a dynamic aggregation, a manual aggregation has no protocol to...
Page 73: Display Lacp System-Id
Description Use the aggregation information at a designated port, including aggregation group ID for the port, port priority, operation key, LACP state flag, partner information (system ID, port number, port priority, operation key, LACP state flag, LACP packet statistics). Note that unlike a dynamic aggregation, a manual aggregation has no protocol to get the remote peer information of the partner.
Page 74: Lacp Enable
2: U HAPTER SING OMMANDS Description Use the system priority and system MAC address. Related command: Example To display the local system ID. <SW5500>display lacp system-id Actor System ID: 0x8000, 00e0-fc00-0100 lacp enable Syntax lacp enable undo lacp enable View Ethernet Port View Parameter None...
Page 75: Lacp System-Priority
Description Use the undo lacp port-priority Related commands: link-aggregation interface Example To set port priority as 64, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface Gigabitethernet 1/0/1 [SW5500-GigabitEthernet1/0/1]lacp port-priority 64 lacp system-priority Syntax lacp system-priority undo lacp system-priority View System View...
Page 76: Link-Aggregation Group Agg-Id Mode
2: U HAPTER SING OMMANDS alname: Description Use the descriptor for an aggregation group. Use the agg-id description Related command: Example To configure myal1 as the descriptor of aggregation group 22, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]link-aggregation group 22 description myal1 [SW5500] link-aggregation group...
Page 77: Port Link-Aggregation Group
port link-aggregation Syntax group port link-aggregation group undo port link-aggregation group View Ethernet Port View Parameter agg_id: Description Use the port into a manual or static aggregation group. Use the link-aggregation group static aggregation group. Related command: Example To add Ethernet1/0/1 into aggregation group 22, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 78 2: U HAPTER SING OMMANDS Description Use the command to clear LACP statistics at a reset lacp statistics designated port. If no port is specified, then LACP statistics at all ports shall be cleared. Related command: display link-aggregation interface Example To clear LACP statistics at all Ethernet ports, enter the following: <SW5500>reset lacp statistics...
Page 79 SING This chapter describes how to use the following commands: VLAN Configuration Commands description ■ display interface VLAN-interface ■ display vlan ■ interface VLAN-interface ■ port ■ shutdown ■ vlan ■ Voice VLAN Commands display voice vlan oui ■ display voice vlan status ■...
Page 80: Vlan Configuration Commands
3: U VLAN C HAPTER SING OMMANDS VLAN Configuration This section describes the commands you can use to configure and manage the Commands VLANs and VLAN interfaces on your system. description Syntax description undo description View VLAN view Parameter string: characters.
Page 81: Display Vlan
VLAN interface description ■ Maximum Transmit Unit (MTU) ■ IP address and subnet mask ■ Format of the IP frames ■ MAC hardware address. ■ display interface vlan-interface interfaces. Use information on a specific VLAN interface Related command: Example To display information on VLAN interface 1, enter the following: <SW5500>display interface vlan-interface 1 The information displays in the following format: Vlan-interface1 current state :DOWN...
Page 82: Interface Vlan-Interface
3: U VLAN C HAPTER SING OMMANDS the command the command dynamically by the system. Use the command information of VLAN created statically by the system. Related command: Examples To display information about VLAN 1: <SW5500>display vlan 1 VLAN ID: 1 interface VLAN-interface Syntax interface vlan-interface...
Page 83: Shutdown
interface_list undo port View VLAN view Parameter interface_list VLAN, expressed as interface_name &<1-10> interface_type and interface_name is the interface name. For their meanings and value range, see the parameter of must be larger than or equal to the port number before : Represents the repeatable times of parameters, 1 is the minimal and 10 &<1-10>...
Page 84: Vlan
3: U VLAN C HAPTER SING OMMANDS By default, when all Ethernet ports are in DOWN status in VLAN interface, the VLAN interface is in DOWN status and is disabled. When there is one or more Ethernet ports in VLAN interface are in UP status, the VLAN interface is UP. This command can be used to start the interface after the related parameters and protocols of VLAN interface are set.
Page 85: Voice Vlan Configuration Commands
Mask ffff-ff00-0000 ffff-ff00-0000 ffff-ff00-0000 ffff-ff00-0000 ffff-ff00-0000 command to display the relative Voice display voice vlan status voice vlan vlan_id enable Voice VLAN Configuration Commands voice vlan enable Description 3com phone Cisco phone Polycom phone Pingtel phone voice vlan enable...
Page 86: Voice Vlan Aging
3: U VLAN C HAPTER SING OMMANDS Voice Vlan status: ENABLE Voice Vlan ID: 2 Voice Vlan configuration mode: AUTO Voice Vlan security mode: Security Voice Vlan aging time: 100 minutes Current -------------------------------- Ethernet1/0/2, Ethernet1/0/3, voice vlan aging Syntax voice vlan aging undo voice vlan aging View System View...
Page 87: Voice Vlan
You can only run the Voice VLAN function on the port when all the Voice VLAN features in system view and port view are enabled. For the related command, see Example To enable the Voice VLAN features on port Ethernet1/0/2, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 88: Voice Vlan Mode
Description of the MAC address, in the range of 1 to 30. command to set the MAC address that the voice vlan mac-address undo voice vlan mac-address Description 00:E0:BB 3Com phone 00:03:6B Cisco phone 00:E0:75 Polycom phone 00:D0:1E Pingtel phone display voice vlan oui command to set the Voice VLAN in auto mode.
Page 89: Voice Vlan Security
By default, the Voice VLAN is in auto mode. If required, the commands must be executed before the Voice VLAN features are enabled globally. For the related command, see Example To set the Voice VLAN in manual mode, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 90 3: U VLAN C HAPTER SING OMMANDS...
Page 91: Ower Over Ethernet
SING OMMANDS This chapter describes how to use the following commands: PoE Configuration Commands display poe interface ■ display poe interface power ■ display poe powersupply ■ poe max-power ■ poe mode ■ poe power-management ■ poe priority ■ poe update ■...
Page 92: Poe Configuration Commands
4: U HAPTER SING OWER OVER PoE Configuration This section describes the commands you can use to configure and manage the Commands PoE on your system. display poe interface Syntax display poe interface [ interface-name | interface-type interface-num ] View Any view Parameter interface-name | interface-type interface-num:...
Page 93: Display Poe Interface Power
GigabitEthernet1/0/15 GigabitEthernet1/0/16 GigabitEthernet1/0/17 GigabitEthernet1/0/18 GigabitEthernet1/0/19 GigabitEthernet1/0/20 GigabitEthernet1/0/21 GigabitEthernet1/0/22 GigabitEthernet1/0/23 GigabitEthernet1/0/24 GigabitEthernet1/0/25 GigabitEthernet1/0/26 GigabitEthernet1/0/27 GigabitEthernet1/0/28 GigabitEthernet1/0/29 GigabitEthernet1/0/30 GigabitEthernet1/0/31 GigabitEthernet1/0/32 GigabitEthernet1/0/33 GigabitEthernet1/0/34 GigabitEthernet1/0/35 GigabitEthernet1/0/36 GigabitEthernet1/0/37 GigabitEthernet1/0/38 GigabitEthernet1/0/39 GigabitEthernet1/0/40 GigabitEthernet1/0/41 GigabitEthernet1/0/42 GigabitEthernet1/0/43 GigabitEthernet1/0/44 GigabitEthernet1/0/45 GigabitEthernet1/0/46 GigabitEthernet1/0/47 GigabitEthernet1/0/48 display poe interface Syntax power display poe interface power [ interface-name | interface-type interface-num ] View Any view...
Page 94: Display Poe Powersupply
4: U HAPTER SING OWER OVER Port power Display the power information of all ports. [SW5500]display poe power PORT INDEX (mW) GigabitEthernet1/0/1 GigabitEthernet1/0/2 GigabitEthernet1/0/3 GigabitEthernet1/0/4 GigabitEthernet1/0/5 GigabitEthernet1/0/6 GigabitEthernet1/0/7 GigabitEthernet1/0/8 GigabitEthernet1/0/9 GigabitEthernet1/0/10 GigabitEthernet1/0/11 GigabitEthernet1/0/12 GigabitEthernet1/0/13 GigabitEthernet1/0/14 GigabitEthernet1/0/15 GigabitEthernet1/0/16 GigabitEthernet1/0/17 GigabitEthernet1/0/18 GigabitEthernet1/0/19 GigabitEthernet1/0/20 GigabitEthernet1/0/21 GigabitEthernet1/0/22...
Page 95: Poe Enable
Description Use the power sourcing equipment (PSE). Example Display the PSE parameters. [SW5500]display poe powersupply PSE ID PSE Legacy Detection PSE Total Power Consumption :12000 mW PSE Available Power PSE Peak Value PSE Average Value PSE Software Version PSE Hardware Version PSE CPLD Version PSE Power-Management mode poe enable...
Page 96: Poe Max-Power
4: U HAPTER SING OWER OVER View System View Parameter None Description Use the function. Use the detect function. PDs compliant with 802.3af standards are called standard PDs. By default, the nonstandard-PD detect function is disabled. Example Enable the nonstandard-PD detect function. [SW5500]poe legacy enable Legacy detection is enabled Disable the nonstandard-PD detect function.
Page 97: Poe Mode
View Ethernet Port View Parameter Supply power through the signal line. signal: Supply power through the spare line. Currently, the Switch 5500G-EI spare: Family does not support mode. If the subordinate PD only supports the spare mode, a conversion is needed.
Page 98: Poe Priority
4: U HAPTER SING OWER OVER View System View Parameter auto: manual: Description Use the mode of port used in the case of power overloading. Use the By default, the PoE management mode on port is Example Configure the PoE management mode on port to auto. SW5500]poe power-management auto Auto Power Management is enabled Restore the default management mode.
Page 99: Poe Update
If there are too many ports with critical priority, the total power these ports need might exceed the maximum power supplied by the equipment, i.e., 300W. In this case, no new PD can be added to the switch. When the remaining power of the whole equipment is below 18.8 W, no new PD can be added to the Switch.
Page 100 4: U E) C HAPTER SING OWER OVER THERNET OMMANDS Example Update the PSE processing software online. [SW5500]poe update refresh 0290_021.s19 Update PoE board successfully...
Page 101: Network Protocol
SING OMMANDS This chapter describes how to use the following commands: IP Address Configuration Commands display ip host ■ display ip interface ■ ip address ■ ip host ■ ARP Configuration Commands arp check enable ■ arp static ■ arp timer aging ■...
Page 102 5: U HAPTER SING ETWORK ROTOCOL ■ ■ ■ ■ ■ ■ ■ Access Management Configuration Commands ■ ■ ■ ■ ■ ■ UDP Helper Configuration Commands ■ ■ ■ ■ ■ IP Performance Configuration Commands ■ ■ ■ ■ ■...
Page 103 tcp timer syn-timeout ■ tcp window ■...
Page 104: Ip Address Configuration Commands
5: U HAPTER SING ETWORK IP Address This section describes the commands you can use to configure and manage IP Configuration Addressing on your Switch 5500G-EI. Commands display ip host Syntax display ip host View All Views Parameter None Description Use the corresponding IP addresses.
Page 105: Ip Address
The Maximum Transmit Unit : 1500 bytes input packets : 0, bytes : 0, multicasts : 0 output packets : 0, bytes : 0, multicasts : 0 TTL invalid packet number: ICMP packet input number: Echo reply: Unreachable: Source quench: Routing redirect: Echo request: Router advert:...
Page 106: Ip Host
20 characters. ip_address Description Use the the Switch 5500G-EI’s host table. This allows you to ping or Telnet a local device by host name. Use the from the host table. By default, the host name and corresponding IP address are null.
Page 107: Arp Configuration Commands
[SW5500]ip host Lanswitch1 202.38.0.8 ARP Configuration This section describes the commands you can use to configure and manage the Commands Address Resolution Protocol (ARP) operations on your Switch 5500G-EI. arp check enable Syntax arp check enable undo arp check enable...
Page 108: Arp Timer Aging
5: U HAPTER SING ETWORK ROTOCOL mac_address H-H-H (H indicates a four digit hexadecimal number, for example 00e0-fc01-0000). vlan_id with the ARP mapping entry. The VLAN ID can be in the range 1 to 4094. Optional. interface_type to this address. Optional, but must be entered if a VLAN ID is specified. interface_number frames to this address.
Page 109: Debugging Arp Packet
Description Use the Use the minutes. Related commands: Example To configure the dynamic ARP aging timer to 10 minutes, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]arp timer aging 10 debugging arp packet Syntax debugging arp [ packet | error | info packet ] undo debugging arp packet View User View...
Page 110: Display Arp
5: U HAPTER SING ETWORK ROTOCOL Table 9 Output Description of the Field operation sender_eth_addr sender_ip_addr target_eth_addr target_ip_addr display arp Syntax display arp [ | exclude } View All views Parameters dynamic static begin character string "text". include string "text". exclude character string "text".
Page 111: Display Arp Timer Aging
Table 10 Output Description of the Field IP Address MAC Address VLAN ID Port Name Aging Type display arp timer aging Syntax display arp timer aging View All views. Parameter None. Description Use the dynamic ARP aging timer. Example To display the current setting of the dynamic ARP aging timer, enter the following: <SW5500>display arp timer aging The information displays in the following format: Current ARP aging time is 10 minute(s)
Page 112: Resilient Arp Configuration Commands
5: U HAPTER SING ETWORK Description Use the from the ARP mapping table. You can remove entries of a specified type, or from a specified port. Use the this entry. Use the Use the Use the port. Related command: Example To clear static ARP entries, enter the following: <SW5500>reset arp static Resilient ARP...
Page 113: Display Resilient-Arp
Example To enable debugging resilient ARP packets, enter the following: <SW5500>debugging resilient-arp packet display resilient-arp Syntax display resilient-arp [ unit View Any view Parameter unit-id Description Use the information of the units, the resilient ARP packet-sending VLAN interfaces. If no unit ID is specified, the system displays the resilient ARP state information of all units.
Page 114: Resilient-Arp Interface Vlan-Interface
5: U HAPTER SING ETWORK ROTOCOL OMMANDS Example To enable the resilient ARP function, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]resilient-arp enable resilient-arp interface Syntax vlan-interface vlan-id resilient-arp interface vlan-interface undo resilient-arp interface vlan-interface vlan-id View System View...
Page 115: Bootp Client Configuration Commands
BOOTP Client This section describes the commands you can use to configure and manage the Configuration BOOTP Client operations on your Switch 5500G-EI. Commands debugging dhcp xrn xha Syntax debugging dhcp xrn xha undo debugging dhcp xrn xha View User view...
Page 116: Dhcp Client Configuration Commands
This section describes the commands you can use to configure and manage the Configuration Dynamic Host Configuration Protocol (DHCP) Client operations on your Switch Commands 5500G-EI. debugging dhcp client Syntax debugging dhcp client { all | error | event | packet }...
Page 117: Display Dhcp Client
Lease from 2002.09.20 01:05:03 Server IP: 169.254.0.1 Transaction ID = 0x3d8a7431 Default router: 2.2.2.2 DNS server: 1.1.1.1 Domain name: 3Com.com Client ID: 3com-00e0.fc0a.c3ef-Ethernet0/0 Next timeout will happen after 0 days 11 hours 56 minutes 1 seconds. ip address dhcp-alloc Syntax...
Page 118: Dhcp Relay Configuration Commands
[SW5500-Vlan-interface1]ip address dhcp-alloc DHCP Relay This section describes the commands you can use to configure and manage the Configuration Dynamic Host Configuration Protocol (DHCP) operations on your Switch Commands 5500G-EI. Syntax address-check address-check enable address-check disable View VLAN Interface View...
Page 119: Debugging Dhcp-Relay
<SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface vlan-interface 1 [SW5500-vlan-interface1]address-check enable Syntax debugging dhcp-relay debugging dhcp-relay undo debugging dhcp-relay View User view Parameter None Description Use the Use the debugging. By default, DHCP relay debugging is disabled. Related commands: display Example...
Page 120: Dhcp-Server
5: U HAPTER SING ETWORK ROTOCOL undo dhcp-security { View System View Parameters static ip_address mac_address Enter the client’s MAC address. dynamic static Description Use the DHCP Server group. Use the DHCP Server group. Related command: Example To assign the IP address 1.1.1.1 to the MAC address 0005-5D02-F2B3, and add this information to the static address table, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 121: Dhcp-Server Ip
Use the undo dhcp-server selected DHCP Server group. By default, DHCP Server requests are not forwarded. You can only add the primary VLAN interface to a DHCP Server group. The primary VLAN interface is the first interface that you configure. This command has more parameters when entered in system view.
Page 122: Display Dhcp-Security
5: U HAPTER SING ETWORK ROTOCOL To delete the IP addresses of DHCP Server group1, enter the following: [SW5500]undo dhcp-server 1 display dhcp-security Syntax display dhcp-security [ unit-id View All views Parameters ip_address dynamic static unit from 1 to 8. Description Use the Use the...
Page 123: Display Dhcp-Server Interface Vlan-Interface
Description Use the Server group. Related commands: interface vlan-interface Example To view information on DHCP Server group 0, enter the following: <SW5500>display dhcp-server 0 The information displays in the following format: The first IP address of DHCP Server group 0: 1.1.1.1 The second IP address of DHCP Server group 0: 1.1.1.2 Messages from this server group: 0 Messages to this server group: 0...
Page 124: Access Management Configuration Commands
The information shown above indicates that vlan-interface 2 is configured with a DHCP Server group whose ID is 0. Access Management This section describes the commands you can use to configure and manage the Configuration Access Management Configuration operations on your Switch 5500G-EI. Commands am enable Syntax am enable...
Page 125: Am Trap Enable
Enter to configure IP address pool for access management. ip-pool address-list ] & < 1-10 > start_ip_address ip_address_num the range. &< 1-10 > Description Use the am ip-pool management on a port. The packet whose source IP address is in the specified pool is allowed to be forwarded on Layer 3 via the port of the switch.
Page 126: Display Am
5: U HAPTER SING ETWORK ROTOCOL Use the function. By default, the access management trap is disabled. Example To enable the access management trap, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]am trap enable display am Syntax display am [ View...
Page 127: Display Isolate Port
Table 11 Output Description of the Field Status IP Pools display isolate port Syntax display isolate port View Any view Parameter none Description Use the Example To display port isolation information, enter the following: <SW5500>display isolate port UNIT 1: Ethernet1/0/1 port isolate Syntax port isolate...
Page 128: Udp Helper Configuration Commands
5: U HAPTER SING ETWORK Example To add Ethernet1/0/1 and Ethernet1/0/2 to isolation group, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface gigabitethernet 1/0/1 [SW5500-GigabitEthernet1/0/1]port isolate [SW5500-GigabitEthernet1/0/1]quit [SW5500]interface gigabitethernet 1/0/2 [SW5500-GigabitEthernet1/0/2]port isolate UDP Helper This section describes the commands you can use to configure and manage the Configuration UDP Helper Configuration operations on your Switch.
Page 129: Udp-Helper Enable
Parameter vlan_id VLAN interface ID. Description Use the destination Helper server corresponding to the VLAN interface. Example To display the information of destination Helper server corresponding to the VLAN interface 1, enter the following: <SW5500>display udp-helper server interface vlan-interface 1 interface name VLAN-interface1 192.1.1.2 udp-helper enable...
Page 130: Udp-Helper Server
5: U HAPTER SING ETWORK ROTOCOL Parameters port of 1 to 65535. netbios-ds netbios-ns tacacs tftp time Description Use the function. Use the Example To configure the UDP port with relay function as the UDP port corresponding to DNS, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 131: Ip Performance Configuration Commands
System View: return to User View with Ctrl+Z. [SW5500]interface vlan-interface 1 [SW5500-Vlan-interface1]udp-helper server 192.1.1.2 IP Performance This section describes the commands you can use to configure and manage the IP Configuration Performance Configuration operations on your Switch 5500G-EI. Commands display fib Syntax display fib View...
Page 132: Display Fib Acl
5: U HAPTER SING ETWORK ROTOCOL Parameters ip_address1, ip_address2 format. entries in this address range will be displayed. mask1 dotted decimal format, or an integer in the range of 0 to 32 to represent the mask length. longer Description Use the destination IP address (range).
Page 133: Display Fib
Destination/Mask 127.0.0.0/8 display fib Syntax display fib | { { begin | include | exclude } text } View Any view Parameters begin string text. include exclude Enter string of specific characters. text Description Use the buffer according to regular expression and related to the specific character string. Example To display the lines starting from the first one containing the string 169.254.0.0, enter the following:...
Page 134: Display Fib Statistics
5: U HAPTER SING ETWORK ROTOCOL 127.0.0.1/32 169.0.0.0/8 display fib statistics Syntax display fib statistics [ | { begin | include | exclude } View Any View Parameter begin text include exclude text Description Use the entries. Example To display the total number of FIB entries, enter the following: <SW5500>display fib statistics Route Entry Count : 30 display icmp statistics...
Page 135: Display Ip Socket
Output:echo Table 13 Output Description of the Field bad formats bad checksum echo destination unreachable source quench redirects echo reply parameter problem timestamp information request mask requests mask replies information reply time exceeded display ip socket Syntax display ip socket [ socktype View Any View Parameters...
Page 136: Display Ip Statistics
5: U HAPTER SING ETWORK ROTOCOL LA = 0.0.0.0:23, FA = 0.0.0.0:0, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_ACCEPTCONN SO_KEEPALIVE SO_SENDVPNID SO_SETKEEPALIVE, socket state = SS_PRIV SS_ASYNC Task = VTYD(18), socketid = 2, Proto = 6, LA = 10.153.17.99:23, FA = 10.153.17.56:1161, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_KEEPALIVE SO_OOBINLINE SO_SENDVPNID...
Page 137: Display Tcp Statistics
Example To view statistics about IP packets, enter the following: <SW5500>display ip statistics Input: Output: Fragment:input Reassembling:sum Table 15 Output Description of the Field Input: Output: Fragment: Reassembling: display tcp statistics Syntax display tcp statistics View Any View Parameter None IP Performance Configuration Commands 7120 bad protocol...
Page 138: Display Tcp Status
5: U HAPTER SING ETWORK ROTOCOL OMMANDS Description Use the command to view the statistics information display tcp statistics about TCP packets. The statistics information about TCP packets are divided into two major kinds which are Received packets and Sent packets. Each kind of packet is further divided into different kinds such as window probe packets, window update packets, duplicate packets, and out-of-order packets.
Page 139: Display Udp Statistics
Parameter None Description Use the Example To display the state of all TCP connections, enter the following: <SW5500>display tcp status TCPCB 03e37dc4 04217174 Table 16 Output Description of the Field Local Add:port Foreign Add:port State display udp statistics Syntax display udp statistics View Any View Parameter...
Page 140: Reset Ip Statistics
5: U HAPTER SING ETWORK ROTOCOL reset ip statistics Syntax reset ip statistics View User View Parameter None Description Use the Related commands: Example To clear the IP statistics information, enter the following: <SW5500>reset ip statistics reset tcp statistics Syntax reset tcp statistics View User View...
Page 141: Tcp Timer Fin-Timeout
Example To clear the UDP traffic statistics information, enter the following: <SW5500>reset udp statistics tcp timer fin-timeout Syntax tcp timer fin-timeout undo tcp timer fin-timeout View System View Parameter time-value from 76 to 3600; By default, 675 seconds. Description Use the Use the the TCP finwait timer.
Page 142: Tcp Window
5: U HAPTER SING ETWORK ROTOCOL Use the the timer. TCP will enable the synwait timer, if a SYN packet is sent. The TCP connection will be terminated If the response packet is not received. Related commands: Example To configure the TCP synwait timer value as 80 seconds, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 143 SING OMMANDS This chapter describes how to use the following commands: Routing Table Display Commands display ip routing-table ■ display ip routing-table acl ■ display ip routing-table ip_address ■ display ip routing-table ip_address1 ip_address2 ■ display ip routing-table ip-prefix ■ display ip routing-table protocol ■...
Page 144 6: U HAPTER SING OUTING ROTOCOL ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ OSPF Configuration Commands ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■...
Page 145 filter-policy export ■ filter-policy import ■ import-route ■ network ■ nssa ■ ospf ■ ospf authentication-mode ■ ospf cost ■ ospf dr-priority ■ ospf mib-binding ■ ospf mtu-enable ■ ospf network-type ■ ospf timer dead ■ ospf timer hello ■ ospf timer poll ■...
Page 146: Routing Table Display Commands
6: U HAPTER SING OUTING ■ ■ ■ Route Capacity Configuration Commands ■ ■ ■ ■ ■ Routing Table Display This section describes the commands you can use to display routing table Commands information. When the Switch runs a routing protocol, it is able to perform the functions of a router.
Page 147: Display Ip Routing-Table Acl
3.3.3.0/24 3.3.3.1/32 4.4.4.0/24 4.4.4.1/32 127.0.0.0/8 127.0.0.1/32 Table 17 Output Description of the Field Destination/Mask Protocol Cost Interface display ip routing-table Syntax display ip routing-table acl View All views. Parameters acl_number verbose routes that passed filtering rules. If you do not enter this parameter, the command only displays a summary of the active routes that passed filtering rules.
Page 148 6: U HAPTER SING OUTING ROTOCOL Routes matched by access-list 2000: Summary count: 4 Destination/Mask 10.1.1.0/24 10.1.1.2/32 For detailed description of the output information, see To display the verbose information of the active and inactive routes that are filtered through basic ACL 2000. <SW5500>display ip routing-table acl 2000 verbose The information displays in the following format: Routes matched by access-list 2000:...
Page 149 Table 18 Field State Cost display ip routing-table Syntax ip_address display ip routing-table verbose ] View All views Parameters ip_address Output Description of the ip routing-table acl verbose Description Route state desription: ActiveU — The route is selected and is optimum Blackhole —...
Page 150 6: U HAPTER SING OUTING ROTOCOL mask (in the range 0 to 32). Optional. longer-match address in natural mask range . Optional. verbose routes. Without this parameter, this command only displays a summary of active routes. Optional. Description Use the information for a specific IP address, and you can also choose the type of information to display.
Page 151: Display Ip Routing-Table Ip_Address1 Ip_Address2
For detailed description of output information, refer to display ip routing-table Syntax ip_address1 ip_address2 display ip routing-table [ verbose ] View All views Parameters ip_address1 mask1 want to start the address range. This command displays the route for your chosen address range.
Page 152 6: U HAPTER SING OUTING ROTOCOL Parameter ip_prefix_name verbose routes that passed filtering rules. Without this parameter, this command displays the summary of active routes that passed filtering rules. Description Use the command view information on the routes that passed filtering rules for the specified IP prefix name.
Page 153: Display Ip Routing-Table Protocol
State: <NoAdvise Int ActiveU Retain Gateway Unicast> For detailed information of the output information, refer to display ip routing-table Syntax protocol display ip routing-table protocol View All views Parameters protocol ■ ■ ■ ■ ■ ■ inactive command displays both active and inactive route information. Optional. verbose command displays the route summary.
Page 154: Display Ip Routing-Table Radix
6: U HAPTER SING OUTING ROTOCOL To display a summary of all static route information, enter the following: <SW5500>display ip routing-table protocol static The information displays in the following format: STATIC Routing tables: STATIC Routing tables status:<active>: STATIC Routing tables status:<inactive>: Destination/Mask Protocol 1.2.3.0/24 The displayed information helps you to confirm whether the configuration of the...
Page 155: Display Ip Routing-Table Statistics
display ip routing-table Syntax statistics display ip routing-table statistics View All views Parameter None Description Use the routing information for all protocols. The information includes the number of routes per protocol, the number of active routes per protocol, the number of routes added and deleted per protocol, and the number of routes that are labeled deleted but that are not deleted per protocol.
Page 156 6: U HAPTER SING OUTING ROTOCOL Parameter None Description Use the routing table information. The information displayed includes the route state, the verbose description of each route and the statistics of the entire routing table. All current routes, including inactive routes and invalid routes, are displayed. Example To display the verbose routing table information, enter the following: <SW5500>display ip routing-table verbose...
Page 157: Static Route Configuration Command
Table 21 Output Description of the Static Route This section describes the command you can use to configure a static route. Configuration Command delete static-routes all Syntax delete static-routes all View System View Parameter None Description Use the The system requests your confirmation before it deletes all the configured static routes.
Page 158 6: U HAPTER SING OUTING ROTOCOL mask-length 32-bit mask must be consecutive, the mask in dotted decimal format can be replaced by interface_name are sent to a NULL interface, are discarded immediately which decreases the system load. gateway_address preference_value The default is 60. reject blackhole Description...
Page 159: Rip Configuration Commands
Commands Information Protocol (RIP). When the Switch 5500G-EI runs a routing protocol, it is able to perform the functions of a router. The term router in this section can refer either to a physical router or to the Switch 5500G-EI running a routing protocol.
Page 160: Default Cost
6: U HAPTER SING OUTING ROTOCOL Example To configure the Switch not to perform zero checking for RIP-1 packet, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]rip [SW5500-rip]undo checkzero default cost Syntax default cost undo default cost View RIP view Parameter...
Page 161: Display Rip Interface
Example To display the current running state and configuration information of RIP, enter the following: <SW5500>display rip RIP is running public net VPN-Instance Checkzero is on Summary is on Traffic-share-across-interface is off Period update timer : 30 Timeout timer : 180 Garbage-collection timer : 120 No peer router Network :...
Page 162: Display Rip Routing
6: U HAPTER SING OUTING ROTOCOL Table 23 Description of the Field Address Interface Metrin/Out Input Output Split-horizon display rip routing Syntax display rip routing View All views Parameter None Description Use the Example To display rip routing information, enter the following: <SW5500>display rip routing RIP routing table: public net Destination/Mask...
Page 163: Filter-Policy Export
filter-policy export Syntax filter-policy { acl_number | gateway gateway-ip | ip-prefix ip_prefix_name | route-policy route-policy-name } export [routing_process] undo filter-policy { acl_number | gateway gateway-ip | ip-prefix ip_prefix-name | route-policy route-policy-name } export [routing_process] View RIP view Parameters acl_number destination addresses of the routing information. gateway-ip ip_prefix_name filter the destination addresses of the routing information.
Page 164: Filter-Policy Import
6: U HAPTER SING OUTING ROTOCOL filter-policy import Syntax filter-policy gateway undo filter-policy gateway filter-policy { ip-prefix-name undo filter-policy { gateway View RIP View Parameters gateway filter the addresses of this neighboring routers advertising the routing information. acl_number of the routing information. ip_prefix_name destination addresses of the routing information.
Page 165: Host-Route
host-route Syntax host-route undo host-route View RIP view Parameter None Description Use the host-route default. Use the undo host-route Example To configure RIP to reject a host route, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]rip [SW5500-rip]undo host-route import-route...
Page 166: Network
6: U HAPTER SING OUTING ROTOCOL transmits it with the specified cost value. This command can greatly enhance the RIP capability of obtaining routes, thus increases the RIP performance. If the default cost RIP continues to announce this cost to other routers running RIP, and marks this route with HOLDDOWN.
Page 167: Peer
3Com recommends that you do not use this command. RIP can use unicast to exchange information with non-broadcasting networks. If required, you can use this command to specify the destination address of the peer device.
Page 168: Reset
6: U HAPTER SING OUTING ROTOCOL Parameter value 100. Description Use the Use the The default value of each routing protocol is determined by the specific routing policy. This “preference” determines the optimal route in the IP routing table. You can use this command to modify the RIP preference.
Page 169: Rip Authentication-Mode
(as described in RFC2082). key-id Description Use the authentication mode and its parameters for the Switch 5500G-EI. command to enable RIP and enter the RIP command view. From here, command to disable RIP. By default, RIP is disabled. undo rip key-string key-id Enter to specify simple text authentication mode.
Page 170: Rip Input
6: U HAPTER SING OUTING ROTOCOL Use the simple text authentication key. Use the MD5 cipher text authentication key for RIP-2. Use the command to configure the MD5 cipher text authentication ID for RIP-2. Use the authentication. There are two RIP-2 authentication modes: simple authentication and MD5 cipher text authentication.
Page 171: Rip Metricin
Parameter None Description Use the rip input default, all interfaces except loopback interfaces are able to receive RIP packets. Use the undo rip input packets. This command is used in conjunction with two other two commands: . The rip work the receipt and the transmission of RIP packets on an interface.
Page 172: Rip Metricout
6: U HAPTER SING OUTING ROTOCOL [SW5500]interface Vlan-interface 1 [SW5500-Vlan-interface1]rip metricin 2 rip metricout Syntax rip metricout undo rip metricout View Interface View Parameter value ranging from 1 to 16. By default, the value is 1. Description Use the added to a route when an interface transmits RIP packets. Use the additional route metric.
Page 173: Rip Split-Horizon
RIP Configuration Commands This command is used in conjunction with two other commands: rip input control, respectively, the receipt and the rip work rip input rip output transmission of RIP packets on an interface. allows both receipt and rip work transmission of RIP packets.
Page 174: Rip Work
6: U HAPTER SING OUTING ROTOCOL Parameters Enter to set the interface version to RIP-1. Enter to set the interface version to RIP-2. broadcast multicast Description Use the on an interface. Use the the interface. The interface RIP version is RIP-1. By default, RIP-1 transmits packets in broadcast mode, while RIP-2 transmits packets in multicast mode.
Page 175: Summary
Use the undo rip work This command is used in conjunction with the commands. Refer to the descriptions of these commands for details. network Related commands: Example To disable the running of RIP on interface Vlan-interface 1, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 176: Timers
6: U HAPTER SING OUTING ROTOCOL timers Syntax timers { update update-timer-length | timeout timeout-timer-length} * undo timers { update | timeout } * View RIP View Parameters update-timer-length to 3600 seconds. The default value is 30 seconds. timeout-timer-length 3600 seconds. The default value is 180 seconds. Description Use the update, timeout, and garbage-collection.
Page 177: Ospf Configuration Commands
Commands Path First (OSPF) routing protocol. When the Switch 5500G-EI runs a routing protocol, it is able to perform the functions of a router. The term router in this section can refer either to a physical router or to the Switch 5500G-EI running a routing protocol.
Page 178: Area
6: U HAPTER SING OUTING ROTOCOL ABR. For each network segment configured with route aggregation, there is only one route transmitted to other areas. Example To enter area 1, and then aggregate the network segments, 66.48.10.0 and 66.48.120.0 into the summary route 66.48.0.0, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 179: Authentication-Mode
mask not-advertise matching the specified IP address and mask. routes via route-policy. This value can be in the range 0 to 4294967295. The default is 1. Description Use the OSPF. Use the After the summarization of imported routes is configured, if the local router is an autonomous system border router (ASBR), this command summarizes the imported Type-5 LSAs in the summary address range.
Page 180: Default Cost
6: U HAPTER SING OUTING ROTOCOL Use the mode for this area. By default, an area does not support an authentication mode. All the routers in one area must use the same authentication mode (no authentication, simple text authentication or MD5 cipher text authentication). In addition, all routers on the same segment must use the same authentication key.
Page 181: Default Interval
OSPF Configuration Commands Example To specify a default routing cost of 10 for an external route imported by OSPF, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]router id 1.1.1.1 [SW5500]ospf [SW5500-ospf-1]default cost 10 default interval Syntax seconds default interval...
Page 182: Default Tag
6: U HAPTER SING OUTING ROTOCOL Parameter routes to 2147483647. By default, the limit is 1000. Description Use the imported routes. Use the OSPF can import external routing information and advertise them to the whole AS. Importing too many external routes at once can greatly affect the performance of the device.
Page 183: Default Type
[SW5500]router id 1.1.1.1 [SW5500]ospf [SW5500-ospf-1]default tag 10 default type Syntax default type { 1 | 2 } undo default type View OSPF view Parameters Enter to set the default to external routes of type 1. Enter to set the default to external routes of type 2. Description Use the default type...
Page 184: Default-Route-Advertise
6: U HAPTER SING OUTING ROTOCOL Description Use the OSPF to a Stub or NSSA area. Use the route transmitted by OSPF to a Stub or NSSA. Related commands: Example To set area 1 as a Stub area, and to set the cost of the default route transmitted to this Stub area to 60, enter the following commands: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 185: Display Debugging Ospf
is not configured with default route, the keyword LSA to generate default route. Related command: Example If a local route has no default route, the ASE LSA of the default route will be generated. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]router id 1.1.1.1 [SW5500]ospf [SW5500-ospf-1]default-route-advertise...
Page 186: Display Ospf Asbr-Summary
6: U HAPTER SING OUTING ROTOCOL View All views Parameter process-id command is applied to all current OSPF processes if you do not specify a process Description Use the Border Router (ABR) and Autonomous System Border Router (ASBR) of OSPF. Example To display information on the ABR and ASBR of OSPF, enter the following: <SW5500>display ospf abr-asbr...
Page 187: Display Ospf Brief
If you do not specify an IP address and subnet mask, the summary information of all OSPF imported routes is displayed. Related command: Example To display the summary information of all OSPF imported routes, enter the following: <SW5500>display ospf asbr-summary OSPF Process 1 with Router ID 1.1.1.1 Summary Addresses Total summary address count:...
Page 188 6: U HAPTER SING OUTING ROTOCOL Example To display OSPF summary information, enter the following: <SW5500>display ospf brief OSPF Process 1 with Router ID 10.110.95.189 OSPF Protocol Information The information displays in the following format: RouterID: 10.110.95.189 spf-schedule-interval: 5 Routing preference: Inter/Intra: 10 External: 150 Default ASE parameters: Metric: 1 Tag: 0.0.0.1 Type: 2 SPF computation count: 16 Area Count: 1...
Page 189: Display Ospf Cumulative
Table 27 Output Description of the Timers display ospf cumulative Syntax display ospf [ View All Views Parameter process-id applied to all current OSPF processes if you do not specify a process ID. Description Use the information. Example To display the OSPF cumulative information, enter the following: <SW5500>display ospf cumulative OSPF Process 1 with Router ID 1.1.1.1 The information displays in the following format:...
Page 190: Display Ospf Error
6: U HAPTER SING OUTING ROTOCOL Table 28 Output Description of the Field IO Statistics checksum sum LSAs Router SumNet SumASB Area Routing Table display ospf error Syntax display ospf [ View All Views Parameter process-id is applied to all current OSPF processes if you do not specify a process ID. Description Use the Example...
Page 191 0: OSPF: packet size > ip length 0:OSPF: transmit error 0: OSPF: interface down 0: HELLO: netmask mismatch 0: HELLO: dead timer mismatch 0: HELLO: router id confusion 0: HELLO: NBMA neighbor unknown 0: DD: router id confusion 0: DD: unknown LSA type 0: LS ACK: wrong ack 0: LS ACK: unknown LSA type...
Page 192: Display Ospf Interface
6: U HAPTER SING OUTING ROTOCOL Table 29 Description of information generated by the Field LS REQ: empty request LS REQ: wrong request LS UPD: neighbor state low LS UPD: newer self-generate LSA LS UPD: LSA checksum wrong LS UPD:received less recent LSA LS UPD: unknown LSA type OSPF routing: next hop not exist DD: MTU option mismatch...
Page 193: Display Ospf Lsdb
Table 30 Output Description of the Field Cost State Type Priority Designated Router Backup Designated Router Timers display ospf lsdb Syntax display ospf [ network | nssa | router | summary ] [ address View All Views Parameters process-id is applied to all current OSPF processes if you do not specify a process ID. Enter the ID of the OSPF area, as either an ID number or an IP address.
Page 194 6: U HAPTER SING OUTING ROTOCOL Description Use the OSPF connecting state. Example To display database information about the OSPF connecting state, enter the following: <SW5500>display ospf lsdb OSPF Process 1 with Router ID 1.1.1.1 The information displays in the following format: Link State Database Area: 0.0.0.0 Type LinkState ID...
Page 195: Display Ospf Nexthop
seq#: chksum: Options: Net mask: 255.255.0.0 Table 32 Output Description of the Field type ls id adv rtr ls age Seq# chksum Options Net mask E type Forwarding Address Forwarding address display ospf nexthop Syntax display ospf [ View All Views Parameter process-id is applied to all current OSPF processes if you do not specify a process ID.
Page 196: Display Ospf Peer
6: U HAPTER SING OUTING ROTOCOL Table 33 Output Description of the Field Address Type Refcount Intf Addr Intf Name display ospf peer Syntax display ospf [ View All Views Parameter process-id command is applied to all current OSPF processes if you do not specify a process Description Use the Use the...
Page 197: Display Ospf Request-Queue
Table 34 Output Description of the Field Mode Priority Dead timer expires in 31 seconds Neighbor has been up for 01:14:14 To view brief information for every peer, enter the following: <SW5500>display ospf peer brief OSPF Process 1 with Router ID 1.1.1.1 Neighbor Statistics Area ID Down Attempt Init 2-Way ExStart Exchange Loading Full Total 0.0.0.0 0...
Page 198: Display Ospf Retrans-Queue
6: U HAPTER SING OUTING ROTOCOL View All Views Parameter process-id command is applied to all current OSPF processes if you do not specify a process Description Use the OSPF request-queue. Example To display the information on the OSPF request-queue, enter the following: <SW5500>display ospf request-queue The information displays in the following format: The Router's Neighbors is...
Page 199: Display Ospf Routing
Example To display information on the OSPF retransmission queue, enter the following: <SW5500>display ospf retrans-queue OSPF Process 200 with Router ID 103.160.1.1 The information displays in the following format: The Router's Neighbors is RouterID: 162.162.162.162 Address: 103.169.2.2 Interface: 103.169.2.5 display ospf routing Syntax display ospf [ View...
Page 200: Display Ospf Vlink
6: U HAPTER SING OUTING ROTOCOL Table 37 Output Description of the Field Destination Cost Type NextHop AdvRouter Area Intra Area Inter Area NSSA display ospf vlink Syntax display ospf [ View All Views Parameter process-id command is applied to all current OSPF processes if you do not specify a process Description Use the virtual links.
Page 201: Filter-Policy Export
Table 38 Output Description of the Cost Type Transit Area Timers filter-policy export Syntax filter-policy { ip_prefix undo filter-policy { ip_prefix-name View OSPF View Parameter acl_number ip_prefix_name routing_protocol can be one of the following: Description Using the the advertised routing information. Only the routing information that meets these conditions is advertised.
Page 202: Filter-Policy Import
6: U HAPTER SING OUTING ROTOCOL [SW5500-ospf-1]filter-policy 2000 export filter-policy import Syntax filter-policy { ip_prefix_name undo filter-policy { ip_prefix_name View OSPF View Parameter acl_number addresses of the routing information. ip_prefix_name destination addresses of the routing information. gateway the addresses of the neighboring routers advertising the routing information. Description Using the the routing information received.
Page 203: Network
By default, the routing information of other protocols is not imported. 3Com recommends that you configure the route type, cost, and tag together in one command; otherwise, the new configuration overwrites the old one. Example To configure an imported RIP route with the external route of type 2, a route tag of 33 and a route cost of 50, enter the following: <SW5500>system-view...
Page 204: Nssa
6: U HAPTER SING OUTING ROTOCOL ip_mask the complement of the IP address mask). Description Using the protocol to which the interface belongs. Using the default, the interface does not belong to any area. With the two parameters, be configured as an area. To run the OSPF protocol on one interface, the master IP address of this interface must be in the range of the network segment specified by this command.
Page 205: Ospf
OSPF Configuration Commands For all the routers connected to the NSSA area, the command must be used nssa to configure the area as the NSSA attribute. parameter is used to generate a default type-7 default-route-advertise LSA. No matter whether there is route 0.0.0.0 in the routing table on an ABR, type-7 LSA default route will always be generated.
Page 206: Ospf Authentication-Mode
Area 1 is where the network segment 131.119.0.0 of Interface Vlan-interface 1 is located. To set this area to support MD5 cipher text authentication, with an authentication key identifier of 15 and an authentication key of 3Com, enter the following: <SW5500>system-view...
Page 207: Ospf Cost
[SW5500-ospf-1]area 1 [SW5500-ospf-1-area-0.0.0.1]network 131.119.0.0 0.0.255.255 [SW5500-ospf-1-area-0.0.0.1]authentication-mode md5 [SW5500-ospf-1-area-0.0.0.1]quit [SW5500-ospf-1]quit [SW5500]interface vlan-interface 1 [SW5500-Vlan-interface1]ospf authentication-mode md5 15 3Com ospf cost Syntax ospf cost undo ospf cost View VLAN Interface view Parameter Enter the cost for running the OSPF protocol, in the range 1 to 65535.
Page 208: Ospf Mib-Binding
6: U HAPTER SING OUTING ROTOCOL Description Using the electing the "designated router" on an interface. Using the dr-priority The priority of the interface determines the qualification of the interface when the "designated router" (DR) is elected. The interface with the higher priority will be always be elected the DR.
Page 209: Ospf Mtu-Enable
Cancel the binding of MIB operation. [SW5500]undo ospf mib-binding ospf mtu-enable Syntax ospf mtu-enable undo ospf mtu-enable View VLAN Interface view Parameter None Description Using the MTU value when sending DD packets. Using the default, the MTU value is 0 when sending DD packets, that is the MTU value of the interface is not written.
Page 210: Ospf Timer Dead
6: U HAPTER SING OUTING ROTOCOL Description Use the interface. Use the of the OSPF interface. OSPF divides networks into four types by link layer protocol: ■ ■ ■ ■ NBMA means that a network is non-broadcast and multi-accessible. ATM is a typical example.
Page 211: Ospf Timer Hello
Parameter Enter the amount of dead time allowed, in seconds, in the range 1 to seconds 65535. Description Using the time allowed to OSPF neighbors, in seconds. Using the By default, the dead time allowed to OSPF neighbors is 40 seconds. If no Hello message is received from a neighbor in the specified time, the neighbor is considered unresponsive or down.
Page 212: Ospf Timer Poll
6: U HAPTER SING OUTING ROTOCOL <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface Vlan-interface 1 [SW5500-Vlan-interface1]ospf timer hello 20 ospf timer poll Syntax ospf timer poll undo ospf timer poll View VLAN Interface view Parameter seconds default value is 120 seconds. Description Using the interval.
Page 213: Ospf Trans-Delay
Using the interval value for LSA re-transmission on an interface. When a router transmits a Link State Advertisement (LSA) to the peer, it waits for the acknowledgement packet. If no acknowledgement is received from the neighbor within the time you set using this command, the LSA is re-transmitted. According to RFC2328, the LSA retransmit between adjacent routers should not be set too short to avoid unexpected re-transmission.
Page 214: Peer
6: U HAPTER SING OUTING ROTOCOL peer Syntax peer undo peer View OSPF View Parameter ip_address dr_priority_number priority value of the network neighbor. The range is from 0 to 255. The default value is 1. Description Using the connected to a network of NBMA type. Using the cancel the configured neighboring point.
Page 215: Reset Ospf
Because multiple dynamic routing protocols could be running on a router at any one time, priority needs to be assigned to each protocol. Using this command, you can set a default preference for each routing protocol. The protocol with the higher preference has priority.
Page 216: Silent-Interface
6: U HAPTER SING OUTING ROTOCOL OMMANDS View System View Parameter Enter the router ID as a 32-bit unsigned integer. router_id Description Using the command, you can configure the ID of a router running the router id OSPF protocol. Using the command, you can cancel the router ID that has been undo router id set.
Page 217: Snmp-Agent Trap Enable Ospf
OSPF Configuration Commands Description Using the command, you can prevent an interface from silent-interface transmitting OSPF packets. Using the command, you can restore the default setting. undo silent-interface By default, the interface transmits OSPF packets. You can use this command to stop the transmission of OSPF packets on an interface.
Page 218: Spf-Schedule-Interval
6: U HAPTER SING OUTING ROTOCOL This command cannot be applied to the OSPF processes that are started after the command is executed. By default, the switch does not send TRAP packets in case of OSPF anomalies. For detailed configuration of SNMP TRAP, see Commands”...
Page 219: Vlink-Peer
View OSPF Area view Parameter Enter to prevent the transmission of Summary LSAs to the Stub area. no-summary Description Using the command, you can configure the type of an OSPF area as “stub”. stub Using the undo stub areas are set as Stub areas. If the router is an ABR, it will send a default route to the connected stub area.
Page 220: Ip Routing Policy Configuration Commands
6: U HAPTER SING OUTING simple eight characters or less. This must equal the authentication key of the virtually linked neighbor. be equal to the authentication key ID of the virtually linked peer. is a character string not exceeding 16 characters. It will be displayed in a cipher text form in a length of 24 characters when display current-configuration command is executed.
Page 221: Apply Tag
View Route Policy View Parameter Enter the route cost value of route information. value Description Use the apply cost information. This command is one of the Route-policy attribute set. Use the undo apply cost Related commands: if-match ip next-hop ip next-hop, apply local-preference, apply origin Example Define one apply...
Page 222: Display Ip Ip-Prefix
6: U HAPTER SING OUTING ROTOCOL <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]route-policy permit node 1 [SW5500-route-policy]apply tag 100 display ip ip-prefix Syntax display ip ip-prefix [ View All Views Parameter ip_prefix_name Description Use the Related command: Example Display the information of the address prefix list named to p1.
Page 223: Filter-Policy Export
Example Display the information of Route-policy named as policy1. <SW5500>display route-policy policy1 Route-policy : policy1 Permit 10 : if-match (prefixlist) p1 Table 40 Output Description of the Field Route-policy Permit 10 filter-policy export Syntax filter-policy { protocol undo filter-policy { protocol View Routing Protocol view...
Page 224: Filter-Policy Import
6: U HAPTER SING OUTING ROTOCOL It may be necessary that only the routing information that meets special conditions can be advertised. Then, the filter-policy command can be used to set the filtering conditions for the advertised routing information. Only the routing information passing the filter can be advertised.
Page 225: If-Match { Acl | Ip-Prefix
It may be necessary that only the routing information that meets special conditions can be received. Then, the filter-policy command can be used to set the filtering conditions for the received routing information. Only the routing information passing the filtration can be received. Related command: Example Define the filtering rule for receiving routing information of RIP.
Page 226: If-Match Cost
6: U HAPTER SING OUTING ROTOCOL if-match cost Syntax if-match cost undo if-match cost View Route Policy view Parameter value Description Use the route-policy to match the cost of the routing information. Use the rule. By default, no match sub-statement is defined. Related commands: i if-match ip next-hop apply local-preference, apply cost, apply origin...
Page 227: If-Match Ip Next-Hop
Use the condition. By default, no match sub-statement is defined. Related command: next-hop apply cost, apply local-preference, apply origin Example Define one match sub-statement to match the route whose next hop interface is Vlan-interface 1. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]route-policy permit node 1 % New sequence of this list [SW5500-route-policy]if-match interface Vlan-interface 1...
Page 228: If-Match Tag
6: U HAPTER SING OUTING ROTOCOL [SW5500]route-policy permit node 1 [SW5500-route-policy]if-match ip next-hop ip-prefix p1 if-match tag Syntax if-match tag undo if-match tag View Route Policy view Parameter value Description Use the information. Use the Related commands: if-match ip next-hop apply cost, apply local-preference, apply origin Example Define one match sub-statement and enable the OSPF route information whose...
Page 229: Route-Policy
Enter to specify the match mode of the defined address prefix list items as permit permit mode. Enter to specify the match mode of the defined address prefix list items as deny deny mode. Enter the IP address prefix range (IP address). If it is 0.0.0.0 0, all the IP network addresses are matched.
Page 230 6: U HAPTER SING OUTING ROTOCOL undo route-policy node_number View System view Parameter route_policy_name uniquely. permit permit mode. deny mode. node node_number route-policy is used for routing information filtration, the node with smaller node-number will be tested first. Description Use the Use the By default, no Route-policy is defined.
Page 231: Route Capacity Configuration Commands
Route Capacity This section describes the commands you can use to configure route capacity on Configuration the Switch. Commands display memory Syntax display memory [ unit Mode Any View Parameter unit-id Description Use the display memory command to view the memory setting. Example To display the current memory setting, enter the following: <SW5500>...
Page 232: Memory Auto-Establish Disable
6: U HAPTER SING OUTING ROTOCOL Example Display the current memory setting and state information. <SW5500>display memory limit Current memory limit configuration information: Free Memory: 67397036 (Bytes) The state information about connection: The displayed information is defined in Table 42 Output Description of the Item system memory safety system memory limit...
Page 233: Memory Auto-Establish Enable
memory of the Ethernet switch reduces to a lower limit, the connection will be disconnected forcibly). Related commands: limit } Example Disable memory resume of the current Ethernet switch and recover connections of all the protocols automatically. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]memory auto-establish disable memory auto-establish Syntax...
Page 234 6: U HAPTER SING OUTING ROTOCOL Parameter safety Mbytes. Its value range depends on the idle memory of the active Switch. The default value is 4Mbytes. limit value range depends on the idle memory of the active Switch. The default value is 2Mbytes.
Page 235 SING OMMANDS This chapter describes how to use the following commands: IGMP Snooping Configuration Commands display igmp-snooping configuration ■ display igmp-snooping group ■ display igmp-snooping statistics ■ igmp-snooping ■ igmp-snooping host-aging-time ■ igmp-snooping max-response-time ■ igmp-snooping router-aging-time ■ reset igmp-snooping statistics ■...
Page 236 7: U HAPTER SING ULTICAST ■ ■ ■ ■ ■ ■ ■ ■ ■ PIM Configuration Commands ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■...
Page 237: Igmp Snooping Configuration Commands
IGMP Snooping This section describes how to use the Internet Group Management Protocol Configuration (IGMP) configuration commands on your Switch 5500G-EI. Commands display igmp-snooping Syntax configuration display igmp-snooping configuration View All views Parameter None Description Use the Snooping configuration information.
Page 238: Display Igmp-Snooping Statistics
7: U HAPTER SING ULTICAST Description Use the and MAC multicast groups under VLAN. This command displays the IP multicast group and MAC multicast group information of a VLAN or all the VLAN where the Ethernet Switch is located. It displays the information such as VLAN ID, router port, IP multicast group address, member ports in the IP multicast group, MAC multicast group, MAC multicast group address, and the member ports in the MAC multicast group.
Page 239: Igmp-Snooping
Related command: Example Display statistics information about IGMP Snooping. <SW5500>display igmp-snooping statistics Received IGMP general query packet(s) number:0. Received IGMP specific query packet(s) number:0. Received IGMP V1 report packet(s) number:0. Received IGMP V2 report packet(s) number:0. Received IGMP leave packet(s) number:0. Received error IGMP packet(s) number:0.
Page 240: Igmp-Snooping Max-Response-Time
7: U HAPTER SING ULTICAST undo igmp-snooping host-aging-time View System View Parameter seconds from 200 to 1000 and measured in seconds. The default is 260. Description Use the time of the multicast group members. Use the value. This command sets the aging time of the multicast group member so that the refresh frequency can be controlled.
Page 241: Igmp-Snooping Router-Aging-Time
Example Configure to respond to the IGMP Snooping packet within 20s. <SW5500>system-view System View: return to User View with Ctrl+Z [SW5500]igmp-snooping max-response-time 20 igmp-snooping Syntax router-aging-time igmp-snooping router-aging-time undo igmp-snooping router-aging-time View System View Parameter seconds in seconds. The default is 105. Description Use the port aging time of IGMP Snooping.
Page 242: Multicast Common Configuration Commands
Related command: Example Clear IGMP Snooping statistics information. <SW5500>reset igmp-snooping statistics Multicast Common This section describes how to use the Multicast Common configuration commands Configuration on your Switch 5500G-EI. Commands debugging multicast Syntax forwarding debugging multicast forwarding undo debugging multicast forwarding...
Page 243: Debugging Multicast Status-Forwarding
Use the functions. Example Enable multicast kernel routing debugging functions. <SW5500>debugging multicast kernel-routing debugging multicast Syntax status-forwarding debugging multicast status-forwarding undo debugging multicast status-forwarding View User View Parameter None Description Use the forwarding status debugging functions. Use the debugging functions. Example Enable multicast forwarding status debugging functions.
Page 244: Display Multicast Routing-Table
7: U HAPTER SING ULTICAST Related command: Example View the multicast forwarding table information. <SW5500>display multicast forwarding-table Multicast Forwarding Cache Table Total 2 entries 00001. (4.4.4.4, 224.2.254.84), iif Vlan-interface1, 0 oifs 00002. (4.4.4.4, 224.2.149.17), iif Vlan-interface1, 1 oifs Matched 2 entries Table 43 Information from the Field Multicast Forwarding Cache Table...
Page 245 Register interface of PIM-SM. register: Description Use the display multicast routing-table multicast routing table. This command displays the multicast routing table information, while the multicast forwarding-table information. Example View the routing table information corresponding to multicast group 225.1.1.1 in the multicast routing table. <SW5500>system-view System View: return to User View with Ctrl+Z [SW5500]display multicast routing-table 225.1.1.1...
Page 246: Mtracert
7: U HAPTER SING ULTICAST mtracert Syntax mtracert View Any view Parameter source-address ast-hop-address This address must be an interface address of a hop router. By default, it is a physical interface address of the local router. group-address Description Using the source to the destination receiver along Multicast Distribution Tree, according to either the multicast kernel routing table or RPF rule to the source.
Page 247: Multicast Route-Limit
multicast route-limit Syntax multicast route-limit undo multicast route-limit View System View Parameter limit: Description Use the routing table. When the preset capacity is exceeded, the router will discard new (S, G) protocol and data packets. Use the default value. By default, the capacity of multicast routing table is set to 256. If the existing route entries exceed the capacity value you configured using this command, the system will not delete the existing entries, but prompts the user with the following message:...
Page 248: Reset Multicast Forwarding-Table
7: U HAPTER SING ULTICAST Use the By default, IP multicast routing is disabled. The system will not forward any multicast packet when IP multicast routing is disabled. Related commands: Example Enable IP multicast routing. <SW5500>system-view System View: return to User View with Ctrl+Z [SW5500]multicast routing-enable reset multicast Syntax...
Page 249: Reset Multicast Routing-Table
Related commands: routing-table Example Clear the forwarding entry with address of 225.5.4.3 from the MFC forwarding table. <SW5500>reset multicast forwarding-table 225.5.4.3 Clear statistic information of the forwarding entry with address of 225.5.4.3 from the MFC forwarding table. <SW5500>reset multicast forwarding-table statistics 225.5.4.3 reset multicast Syntax routing-table...
Page 250: Igmp Configuration Commands
<SW5500>reset multicast forwarding-table statistics 225.5.4.3 IGMP Configuration This section describes how to use the IGMP Configuration commands on your Commands Switch 5500G-EI. debugging igmp Syntax debugging igmp { all | event | host | packet | timer } undo debugging igmp { all | event | host | packet | timer }...
Page 251: Display Igmp Interface
Parameter group-address interface-type interface-number router, used to specify the specific interface. Description Use the IGMP multicast group. You can specify to show the information of a group or the member information of the multicast group on an interface. The information displayed contains the multicast groups that are joined by the downstream hosts through IGMP or through command line.
Page 252: Igmp Enable
7: U HAPTER SING ULTICAST Example View the IGMP configuration and running information of all interfaces. <SW5500>display igmp interface Vlan-interface1 (10.153.17.99): igmp enable Syntax igmp enable undo igmp enable View VLAN Interface View Parameter None Description Use the Use the By default, IGMP is disabled.
Page 253: Igmp Group-Policy
undo igmp group-limit View VLAN Interface View Parameter number Description Use the Use the By default, you can add up to 1024 IGMP groups on an interface. If the existing IGMP groups exceed the quantity limit you configured using this command, the system will not delete the existing entries.
Page 254: Igmp Group-Policy Vlan
7: U HAPTER SING ULTICAST ROTOCOL OMMANDS Description Use the command to set the filter of multicast groups on an igmp group-policy interface to control the accessing to the IP multicast groups. Use the undo igmp command to remove the filter configured. group-policy By default, no filter is configured, that is, a host can join any multicast group.
Page 255: Igmp Host-Join
Example Configure that only the hosts contained in the access-list 2000 connected to the port GigabitEthernet1/0/1 in VLAN-interface10 can be added to the multicast group, which is configured to use IGMP version 2. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface GigabitEthernet 1/0/1 [SW5500-GigabitEthernet1/0/1]igmp group-policy 2000 vlan 10 igmp host-join...
Page 256: Igmp Host-Join Vlan
7: U HAPTER SING ULTICAST Parameter group-address join. port: Description Use the of an ethernet Switch to join a multicast group. Use the By default, an interface does not join any multicast group. Related command: group-policy. Example Add port GigabitEthernet 1/0/1 in VLAN-interface10 to the multicast group at 225.0.0.1.
Page 257: Igmp Lastmember-Queryinterval
IGMP Configuration Commands For the related command, see igmp host-join port igmp host-join igmp group-policy Example Add port GigabitEthernet 1/0/1 in VLAN-interface10 to the multicast group at 225.0.0.1. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface Vlan-interface 10 [SW5500-Vlan-interface10]igmp enable [SW5500-Vlan-interface10]quit [SW5500]interface GigabitEthernet 1/0/1...
Page 258: Igmp Max-Response-Time
7: U HAPTER SING ULTICAST Report messages are received from any hosts within the defined period, the IGMP Querier considers it a timeout and stops membership maintenance for the group. This command only takes effect on an IGMP Querier running IGMP v2. For a Querier running IGMP v1, this command cannot take effect because the IGMP group members cannot send an IGMP Leave message when they leave a group.
Page 259: Igmp Timer Other-Querier-Present
IGMP Configuration Commands View VLAN Interface View Parameter IGMP robust value, number of sending the IGMP group query robust-value message after the IGMP query router receives the IGMP Leave message from the host. It is in the range of 2 to 5. The default is 2. Description command to set the number of sending the IGMP group igmp robust-count...
Page 260: Igmp Timer Query
7: U HAPTER SING ULTICAST View VLAN Interface View Parameter seconds By default, the value is twice the value of IGMP query message interval, i.e., 120 seconds. Description Use the of presence of the IGMP querier. Use the default value. On a shared network, where there are multiple multicast routers on the same network segment, the query router (querier for short) takes charge of sending query messages periodically on the interface.
Page 261: Igmp Version
A multicast router periodically sends out IGMP query messages to attached segments to find hosts that belong to different multicast groups. The query interval can be modified according to the practical conditions of the network. Related command: Example Configure to transmit the host-query message every 60 seconds via VLAN-interface2.
Page 262: Pim Configuration Commands
Delete the IGMP groups ranging from 225.1.1.0 to 225.1.1.255 on the Vlan-interface10. <SW5500>reset igmp group interface Vlan-interface10 225.1.1.0 255.255.255.0 PIM Configuration This section describes how to use the Protocol Independent Multicast (PIM) Commands configuration commands on your Switch 5500G-EI. bsr-policy Syntax bsr-policy undo bsr-policy View PIM View...
Page 263: C-Bsr
Use the undo bsr-policy range limit is set and all received messages are taken as legal. In a PIM SM network using the BSR (bootstrap router) mechanism, every router can set itself as a C-BSR (candidate BSR) and have the authority to advertise RP information in the network once it wins the election.
Page 264: C-Rp
7: U HAPTER SING ULTICAST Parameter interface-type interface-number router. The candidate BSR is configured on the interface. PIM-SM must be enabled on the interface first. hash-mask-len: priority higher the priority of the BSR. The value ranges from 0 to 255. The default value is Description Use the Use the...
Page 265: Crp-Policy
Use the undo c-rp By default, no candidate RP is configured. Related command: Example Configure the Ethernet Switch to advertise the BSR that it is the C-RP in the PIM domain. The standard access list 2000 defines the groups related to the RP. The address of C-RP is designated as the IP address of VLAN-interface10.
Page 266: Debugging Pim Common
7: U HAPTER SING ULTICAST the source address and their server group addresses are subset of those in ACL, can the be considered as matched. Related commands: Example Configure C-RP filtering policy on the C-BSR routers, allowing only 1.1.1.1/32 as C-RP and to serve only for the groups 225.1.0.0/16.
Page 267: Debugging Pim Sm
undo debugging pim dm { alert | all | mrt | timer | warning | { recv | send } { all | assert | graft | graft-ack | join | prune } } View User View Parameter alert: all the debugging information of PIM-DM. all: debugging information of PIM-DM multicast routing table.
Page 268: Display Pim Bsr-Info
7: U HAPTER SING ULTICAST mrt: timer: warning: recv: send: alert | fresh assert | boostrap | crpadv | jp | reg | regstop: assert | bsr | crpadv | jp | jpdelay | mrt | probe | spt information of PIM-SM timer. Description Use the Use the...
Page 269: Display Pim Interface
Table 46 Output description of the Field Priority Mask Length:30 Expires:00:01:55 display pim interface Syntax display pim interface [ View All Views Parameter interface-type: interface-number: Description Use the about an interface. Example <SW5500>display pim interface PIM information of VLAN-interface 2: IP address of the interface is 10.10.1.20 PIM is enabled PIM version is 2...
Page 270: Display Pim Routing-Table
7: U HAPTER SING ULTICAST View All Views Parameter interface-type interface-number to specify the interface. Description Use the Example <SW5500>display pim neighbor Neighbor Address 8.8.8.6 Table 48 Output description about PIM neighbors Field Neighbor Address Interface Uptime Expires display pim Syntax routing-table display pim routing-table [ { { *g [...
Page 271: Display Pim Rp-Info
Example View the contents of the PIM multicast routing table on the router. <SW5500>display pim routing-table PIMSM Routing Table Total 0 (*,*,RP), 0 (*,G), 2 (S,G) (192.168.1.2, 224.2.178.130), Protocol 0x20: PIMSM, Flag 0x4: SPT UpTime: 23:59, Timeout after 196 seconds Upstream interface: VLAN-interface2, RPF neighbor: NULL Downstream interface list: NULL (192.168.1.2, 224.2.181.90),...
Page 272: Pim
7: U HAPTER SING ULTICAST Syntax undo pim View System View Parameter None Description Use the Use the The global parameters of PIM can only be configured in PIM View. Example Enable multicast and enter the PIM View. <SW5500>system-view System View: return to User View with Ctrl+Z [SW5500]multicast routing-enable [SW5500]pim [SW5500-pim]...
Page 273: Pim Dm
Related command: Example Configure domain border on VLAN-interface10. <SW5500>system-view System View: return to User View with Ctrl+Z [SW5500]interface Vlan-interface-10 [SW5500-vlan-interface10]pim bsr-boundary pim dm Syntax pim dm undo pim dm View Interface View Parameter None Description Use the Use the By default, PIM-DM is disabled. Once PIM-DM is enabled on an interface, PIM-SM cannot be enabled on the same interface and vice versa.
Page 274: Pim Neighbor-Policy
7: U HAPTER SING ULTICAST Description Use the interface. No neighbor can be added when the limit is reached. Use the By default, the PIM neighbors on the interface are limited to 128. If the existing PIM neighbors exceed the configured value during configuration, they will not be deleted.
Page 275: Pim Sm
[SW5500-acl-basic-2000]rule permit source 10.10.1.2 0 [SW5500-acl-basic-2000]rule deny source 10.10.1.1 0 pim sm Syntax pim sm undo pim sm View Interface View Parameter None Description Use the pim sm Use the undo pim sm By default, PIM-SM is disabled. Once PIM-SM is enabled on an interface, PIM-DM cannot be enabled on the same interface and vice versa.
Page 276: Register-Policy
7: U HAPTER SING ULTICAST Example Configure to transmit Hello packet via VLAN-interface10 every 40 seconds. <SW5500>system-view System View: return to User View with Ctrl+Z [SW5500]multicast routing-enable [SW5500]interface Vlan-interface-10 [SW5500-vlan-interface10]pim timer hello 40 register-policy Syntax register-policy undo register-policy View PIM View Parameter acl-number and group addresses.
Page 277: Reset Pim Routing-Table
neighbor-address interface Description Use the Related command: Example Clear the PIM neighbor 25.5.4.3. <SW5500>reset pim neighbor 25.5.4.3 reset pim routing-table Syntax reset pim routing-table { all | { group-mask-length source-mask-length interface-number View User View Parameter all: group-address: mask mask-length source-address mask mask-length incoming-interface:...
Page 278: Source-Policy
7: U HAPTER SING ULTICAST ROTOCOL OMMANDS must be 224.0.0.0, and source address has no mask), then it means only the (*, *, RP) item will be cleared. If in this command, the group-address is any a group address, and source-address is 0 (where group address can have a mask, and source address has no mask), then only the (*, G) item will be cleared.
Page 279: Static-Rp
System View: return to User View with Ctrl+Z [SW5500]multicast routing-enable [SW5500]pim [SW5500-pim]source-policy 1 [SW5500-pim]quit [SW5500]acl number 1 [SW5500-acl-basic-1]rule permit source 10.10.1.2 0 [SW5500-acl-basic-1]rule deny source 10.10.1.1 0 static-rp Syntax rp-address static-rp undo static-rp View PIM View Parameter Static RP address, a legal unicast IP address. rp-address: Basic ACL, used to control the range of the multicast group served acl-number:...
Page 280 7: U HAPTER SING ULTICAST ROTOCOL OMMANDS...
Page 281 SING This chapter describes how to use the following commands: ACL Configuration Command List ■ display acl ■ display packet-filter ■ display time-range ■ packet-filter ■ reset acl counter ■ rule ■ time-range ■ QoS Configuration Commands List display mirror ■...
Page 282: Acl Configuration Command List
8: U S/ACL C HAPTER SING ■ QoS Profile Configuration Commands ■ ■ ■ ■ ■ ■ ■ Logon user’s ACL Control Command ■ ■ ■ ■ ■ ACL Configuration This section describes how to use the ACL configuration commands on your Command List Switch.
Page 283: Display Acl
Description Use the command to define an ACL identified by a number, and enter the corresponding ACL View. Use the undo acl number, or cancel the entire ACL. By default, the ACLs are matched in After entering a corresponding ACL View, you can use the create subitems of this ACL (you can exit the ACL View by using the command).
Page 284: Display Packet-Filter
8: U S/ACL C HAPTER SING Example Display the content of all the ACLs. <SW5500>display acl all Basic acl 2000, 0 rule,match-order is auto Acl’s step is 1 Advanced ACL Acl's step is 1 rule 1 permit ip (0 times matched) display packet-filter Syntax display packet-filter { interface {...
Page 285: Packet-Filter
Note that the system has a delay of about 1 minute when updating the ACL state, while the display time-range when display time-range may not have been activated yet. For the related configuration, see the Example Display all the time ranges. <SW5500>display time-range all Current time is 14:36:36 Apr/1/2000 Thursday Time-range : hhy ( Inactive )
Page 286: Reset Acl Counter
8: U S/ACL C HAPTER SING System View: return to User View with Ctrl+Z [SW5500]interface GigabitEthernet 1/0/1 [SW5500-GigabitEthernet1/0/1]packet-filter inbound ip-group 2000 reset acl counter Syntax reset acl counter { all | View User View Parameter all: acl-number Description Use the zero.
Page 287 View Corresponding ACL View Parameter Specifies the subitems of an ACL, ranging from 0 to 65534. rule-id Permits packets that meet the requirements. permit: Denies packets that meet the requirements. deny: Name of a time range, during which a rule takes effect. time-range name The following parameters are various property parameters carried by packets.
Page 288 8: U S/ACL C HAPTER SING icmp-type ICMP packet. a number which ranges from 0 to 255; when the protocol is “icmp” and the type of packet is not notated by a character, ranging from 0 to 255. established TCP, appears when protocol is tcp. precedence to 7.
Page 289: Time-Range
<SW5500>system-view System View: return to User View with Ctrl+Z [SW5500]acl number 3000 [SW5500-acl-adv-3000]rule 1 permit tcp established source 1.1.1.1 0 destination 2.2.2.2 0 [SW5500-acl-adv-3000] Add a subrule to a basic ACL: <SW5500>system-view System View: return to User View with Ctrl+Z [SW5500]acl number 2000 [SW5500-acl- basic-2000]rule 1 permit source 1.1.1.1 0 fragment [SW5500-acl- basic-2000]...
Page 290: Qos Configuration Commands List
System View: return to User View with Ctrl+Z [SW5500]time-range test from 0:0 1-1-2000 QoS Configuration This section describes how to use the Quality of Service (QoS) configuration Commands List commands on your Switch 5500G-EI. display mirror Syntax display mirror View...
Page 291: Display Qos-Interface All
display qos-interface all Syntax display qos-interface { i interface-num | unit-id View All views Parameter interface-name | interface-type interface-num For more information, refer to the unit-id Description Using the interface-num | unit-id interfaces. If you do not input interface parameters, this command will display all QoS setting information for the Switch, including traffic policing, rate limit at interface, and so on.
Page 292: Display Qos-Interface Line-Rate
8: U S/ACL C HAPTER SING View Any view Parameter interface-name | interface-type interface-num detailed a description, refer to the unit-id Description Use the limitations of the interface output. If you do not specify interface parameters, you will view the traffic rate limitations of all interfaces’ output. If you enter interface parameters, you will view the parameter settings of traffic rate limitations of the specified interfaces’...
Page 293: Display Qos-Interface Traffic-Limit
Inbound: Matches: Acl 2000 rule 1 running display qos-interface Syntax traffic-limit display qos-interface { interface-num | unit-id View All views Parameter interface-name | interface-type interface-num the Switch, for more information, refer to the unit-id Description Use the limit settings. If you set the port parameters, the configuration information about the specified port will be displayed.
Page 294: Display Qos-Interface Traffic-Redirect
8: U S/ACL C HAPTER SING This command is used for displaying the traffic priority settings. The information displayed includes the ACL corresponding to the traffic tagged with priority, priority type and value. Related command: Example Display the traffic priority settings. <SW5500>display qos-interface GigabitEthernet1/0/1 traffic-priority GigabitEthernet1/0/1: traffic-priority Inbound:...
Page 295: Display Qos-Interface Traffic-Statistic
Parameter interface-name | interface-type interface-num: Switch. For detailed information, refer to the unit-id Description Use the traffic statistics information. The information displayed includes the ACL corresponding to the traffic to be counted and the number of packets counted. Related command: Example Display the traffic statistics information.
Page 296: Line-Rate
8: U S/ACL C HAPTER SING line-rate Syntax line-rate outbound undo line-rate outbound View Ethernet Port View Parameter target-rate The number inputted must be a multiple of 64. For 1000 Mbps port, the range is from 64 to 1000000. Description Use the interfaces.
Page 297: Mirroring-Port
Specifies the traffic will be mirror to CPU cpu: interface { the destination port where the traffic will be mirrored to. the port number. name together. Description Use the mirrored-to traffic mirroring. Use the undo mirrored-to This command is used for mirroring the traffic matching the specified ACL (whose action is permit).
Page 298: Monitor-Port
8: U S/ACL C HAPTER SING the Fabric. You need to configure the monitor port before configuring the monitored port. Related command: Example To configure GigabitEthernet1/0/1 as a monitored port, and monitor packets in both directions, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z [SW5500]interface gigabitethernet 1/0/1 [SW5500-GigabitEthernet1/0/1]mirroring-port both...
Page 299: Priority Trust
Parameter priority-level Description Use the priority Use the undo priority By default, the priority level of the port is 0. The Switch replaces the 802.1p priority carried by a packet with the port priority that is defined. Every port on the Switch supports eight packet egress queues. The Switch puts the packets into different egress queues according to their priorities.
Page 300: Queue-Scheduler
8: U S/ACL C HAPTER SING [SW5500-GigabitEthernet1/0/1]priority trust [SW5500-GigabitEthernet1/0/1] queue-scheduler Syntax queue-scheduler { queue4-weight queue5-weight queue6-weight queue7-weight queue8-weight undo queue-scheduler View Ethernet Port View Parameter queue5-weight queue6-weight queue7-weight queue8-weight the queue uses weight round robin (WWR) scheduling. queue1-weight: the weight of queue 1, the percentage allocated by bandwidth; queue2-weight: the weight of queue 2, and so on.
Page 301: Traffic-Limit
Parameters : specify the traffic received by the Ethernet port. inbound ip-group acl-number : Sequence number of ACL, ranging from 2000 to 3999. acl-number acl-number link-group of ACL, ranging from 4000 to 4999. : Specifies the subitem of an active ACL, ranging from 0 to 65534; if not rule rule specified, all subitems of the ACL will be activated.
Page 302: Traffic-Priority
ACL rule, and is only effective with a permit rule. The granularity of traffic limit is 64 kbps. You can only remark traffic with a DSCP value. The Switch 5500G-EI does not permit CoS remarking with this command. Example Perform traffic limitation on packets that match the permit rule of ACL 2000.
Page 303 undo traffic-priority inbound acl-number link-group rule rule View Ethernet Port View Parameter : Performs priority marking to the packets received by the interface. inbound : Activates IP ACLs, including basic and advanced ACLs. acl-number ip-group : Sequence number of ACL, ranging from 2000 to 3999. acl-number : Activates Layer 2 ACLs.
Page 304: Traffic-Redirect
8: U S/ACL C HAPTER SING [SW5500]interface gigabitethernet 1/0/1 [SW5500-Ethernet1/0/1]traffic-priority inbound ip-group 2000 cos 0 traffic-redirect Syntax traffic-redirect link-group rule interface-num undo traffic-redirect inbound | { ip-group link-group rule View Ethernet Port View Parameter inbound ip-group acl-number link-group of ACL, ranging from 4000 to 4999. rule specified, all subitems of the ACL will be activated.
Page 305: Traffic-Statistic
[SW5500]interface gigabitethernet1/0/2 [SW5500-GigabitEthernet1/0/2] traffic-redirect inbound ip-group 2000 interface gigabitethernet1/0/1 traffic-statistic Syntax traffic-statistic link-group rule undo traffic-statistic inbound { ip-group link-group rule View System View Parameter : Performs traffic statistic on the packets received by the interface. inbound ip-group acl-number acl-number link-group of ACL, ranging from 4000 to 4999.
Page 306: Qos Profile Configuration Commands
8: U S/ACL C HAPTER SING QoS Profile This section describes how to use the Quality of Service (QoS) Profile configuration Configuration commands on your Switch. Commands apply qos-profile Syntax apply qos-profile undo apply qos-profile View Ethernet Port View Parameter profile-name letters [a-z, A-Z] and excluding all, interface, and user which are reserved as keywords.
Page 307: Packet-Filter
Description Use the display qos-profile information. Example To display QoS profile configuration information, enter the following: <SW5500> display qos-profile all qos-profile: qos-profile student, 3 actions packet-filter inbound link-group 4000 rule 1 traffic-limit inbound ip-group 2000 rule 1 128 exceed drop traffic-priority inbound ip-group 2000 rule 1 local-precedence 0 packet-filter Syntax...
Page 308: Qos-Profile
8: U S/ACL C HAPTER SING qos-profile Syntax qos-profile undo qos-profile View System View Parameter profile-name letters [a-z, A-Z] and excluding all, interface, and user which are reserved as keywords. Description Use the corresponding view. For an existing profile, you can directly enter the corresponding view.
Page 309: Traffic-Limit
After you configure the QoS profiles and the user pass the authentication, the Switch will deliver the right profile dynamically to the port from which the user is accessed. The QoS profile can be delivered to the port in these different modes: User-based mode: If the source station information (source MAC address, ■...
Page 310: Traffic-Priority
8: U S/ACL C HAPTER SING ■ ■ Description Use the with the granularity of 64 kbps. Use the QoS profile. You cannot remove traffic policing action from the specific QoS profile which has been applied to the port. Example To add to the qos-profile student this traffic policing action: Limits traffic for the packets matching ACL 2000, the target rate is 128 kbps, drop the packets at a rate exceeding this target rate, enter the following:...
Page 311: Logon User's Acl Control Command
[SW5500-qos-profilestudent]traffic-priority inbound ip-group 2000 local-precedence 0 Logon user’s ACL This section describes how to use the Logon user’s ACL control commands on your Control Command Switch 5500G-EI. Syntax undo acl { inbound | outbound } View VTY User Interface View...
Page 312: Ip Http Acl
8: U S/ACL C HAPTER SING Description Using the to the TELNET users. Using the from the TELNET users. Example Perform ACL control to the users who access the local Switch using TELNET (basic ACL 2000 has been defined). <SW5500>system-view System View: return to User View with Ctrl+Z [SW5500]user-interface vty 0 4 [SW5500-ui-vty0-4]acl 2000 inbound...
Page 313: Snmp-Agent Group
Parameter : Indicates that this community name has the read-only right within the read specified view. : Indicates that this community name has the read-write right within the write specified view. community-name mib-view name. view-name acl-number from 2000 to 2999 Description Using the name, permit the access to the Switch using SNMP, and reference the ACL to...
Page 314: Snmp-Agent Usm-User
8: U S/ACL C HAPTER SING v2c: groupname authentication: system will authenticate but not encrypt SNMP data packets. privacy: read-view: read-view write-view: write-view notify-view: notify-view: from 2000 to 2999 Description Using the and reference the ACL to perform ACL control to the network management users remove a specified SNMP group.
Page 315 Parameter : V 1 security mode. : V 2 security mode. : V 3 security mode. : The user name, ranging from 1 to 32 bytes. user-name : The corresponding group name of the user, ranging from 1 to 32 group-name bytes.
Page 316 8: U S/ACL C HAPTER SING OMMANDS [SW5500] snmp-agent usm-user v3 John Mygroup authentication-mode md5 hello acl 2002...
Page 317: Fabric Commands
This chapter describes how to use the following commands: RSTP Configuration Commands ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ RSTP C SING OMMANDS display stp display stp ignored-vlan display stp tc...
Page 318: Change Unit-Id
10: U RSTP C HAPTER SING OMMANDS RSTP Configuration This section describes how to use the Rapid Spanning Tree Protocol (RSTP) Commands configuration commands on your Switch. display stp Syntax display stp [ interface display stp brief View Any view Parameter interface Ethernet ports.
Page 319: Set Unit Name
Maximum transmission limit is 3 Times: Hello Time 2 sec, Forward Delay 15 sec, Message Age 0 BPDU sent: TCN: 0, RST: 0, Config BPDU: 0 BPDU received: 0 TCN: 0, RST: 0, Config BPDU: 0 Table 50 Display information Field Protocol mode The bridge ID (Pri.MAC):...
Page 320 10: U RSTP C HAPTER SING OMMANDS display stp ignored-vlan Syntax display stp ignored-vlan View Any view Parameter None Description Use the VLANs. After a STP-Ignored VLAN is configured, the packets of this VLAN will be forwarded on any Switch port, with no restriction from the calculated STP path. Example To display the list of STP-Ignored VLANs, enter the following: <SW5500>display stp ignored-vlan...
Page 321 Parameter interface_list interface Ethernet ports. Expressed as interface_num interface_name interface_name } ] }&<1-10> For details about interface_type command in this manual. port Indicates the preceding parameter can be input up to 10 times. &<1-10> Description Use the command to reset the statistics information about Rapid reset stp Spanning Tree Protocol (RSTP).
Page 322: Display Stp
10: U RSTP C HAPTER SING OMMANDS for the device and ports. This command enables/disables RSTP on a device in system view and enables/disables RSTP on a port in Ethernet Port View. Related command: stp mode Example To enable RSTP on a Switch, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 323: Stp Cost
[SW5500]stp bpdu-protection stp cost Syntax cost stp cost undo stp cost View Ethernet Port View Parameter Specifies the path cost, ranging from 1 to 2000000. cost Description Use the stp cost current Ethernet port. Use the undo stp cost By default, the bridge gets the path cost directly through the speed of the link connected to the port.
Page 324: Display Stp Tc
10: U RSTP C HAPTER SING OMMANDS Parameter enable: disable: Description Use the edge port. Use the non-edge port. Use the By default, all the Ethernet ports of the bridge are configured as non-edge ports. If the current Ethernet port is connected to other Switch, you can use the edged-port disable non-edge port.
Page 325: Stp
Example To enable loop protection function in GigabitEthernet1/0/1, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface GigabitEthernet1/0/1 [SW5500-GigabitEthernet1/0/1]stp loop-protection stp ignored vlan Syntax stp ignored vlan vlan-list undo stp ignored vlan View System View Parameter vlan-list }&<1-10>...
Page 326: Stp Bpdu-Protection
10: U RSTP C HAPTER SING OMMANDS Parameter None Description If the network is unstable, even when the bridge running STP on the segment is removed, the corresponding port will still work in the STP compatible mode. Use the If there is any bridge running STP on the segment connected to the current Ethernet port, the port will Switch to run RSTP in STP compatible mode.
Page 327: Stp Edged-Port
This command can be used for specifying the current Ethernet Switch to run the Spanning Tree in RSTP mode or in STP compatible mode. Related commands: Example To set Spanning Tree to work in STP compatible mode, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 328: Stp Loop-Protection
10: U RSTP C HAPTER SING OMMANDS View Ethernet Port View Parameter force-true: link. force-false: point-to-point link. auto: point-to-point link or not. Description Use the current Ethernet port as a point-to-point link or not a point-to-point link. Use the link, that is, RSTP is responsible for checking whether the link to the current Ethernet port is a point-to-point link or not.
Page 329: Stp Priority
RSTP Configuration Commands Example To set the priority of GigabitEthernet1/0/1 to 64, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface GigabitEthernet1/0/1 [SW5500-GigabitEthernet1/0/1]stp port priority 64 stp priority Syntax bridge-priority stp priority undo stp priority View System View Parameter Specifies the priority of a Switch, ranging from 0 to 61440.
Page 330: Stp Root Secondary
10: U RSTP C HAPTER SING OMMANDS Description Use the primary root of a spanning tree. Use the a spanning tree. By default, the Switch is not a primary root. You can designate a primary root for the spanning tree without caring about the priority configuration of the Switch.
Page 331: Stp Pathcost-Standard
RSTP Configuration Commands You can configure no more than one primary root for a spanning tree but you can configure one or more secondary roots for it. You cannot change the bridge priority of a Switch if you configure it as a secondary root of a spanning tree. Example To designate the Switch as a secondary root of the STP, enter the following: <SW5500>system-view...
Page 332: Stp Timeout-Factor
10: U RSTP C HAPTER SING OMMANDS stp timeout-factor Syntax stp timeout-factor undo stp timeout-factor View System View Parameter number Description Use the for the Switch. Use the value. By default, the multiple is 3. The Ethernet Switch transmits RSTP packets every hello time seconds. By default, if the Switch does not receive RSTP packets from the upstream Switch for 3 x hello time seconds, the Switch will decide the upstream Switch is dead and will recalculate the topology of the network.
Page 333: Stp Timer Hello
Use the forward delay time. The value of forward delay is related to the “diameter” of the switching network. The more extensive the switching network is, the longer the forward delay should be set. You can use this command to modify the value of forward delay. The default value, 1500, is recommended.
Page 334 10: U RSTP C HAPTER SING OMMANDS undo stp timer max-age View System View Parameter centiseconds 4000. By default, the value is 2000 centiseconds. Description Use the Use the Maximum age is used for judging if an RSTP packet is outdated. If the value is set too small, the spanning tree will be computed too frequently because the network congestion may be considered as a link failure.
Page 335: Stp Root-Protection
RSTP Configuration Commands Example To set the parameter of GigabitEthernet1/0/1 to 5, enter the following: packetnum <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]interface GigabitEthernet1/0/1 [SW5500-GigabitEthernet1/0/1]stp transmit-limit 5...
Page 336 10: U RSTP C HAPTER SING OMMANDS...
Page 337 This chapter describes how to use the following commands: Fabric Configuration Commands ■ ■ ■ ■ ■ Fabric Commands This section describes how to use the Fabric configuration commands on your Switch 5500G-EI. display xrn-fabric Syntax display xrn-fabric View Any view Parameter None Description...
Page 338: Stp Transmit-Limit
Fabric. By default, the unit ID of a Switch is set to 1. A unit ID can be set to a value in the range from 1 to the maximum number of devices supported in XRN by the Switch 5500G-EI. Related command:...
Page 339 UID CPU-Mac 00e0-fc00-5502 10 00e0-fc03-5502 10 00e0-fc04-5502 10 00e0-fc05-5502 10 00e0-fc06-5502 10 00e0-fc07-5502 5 00e0-fc04-6502 10 00e0-fc01-5502 10 set unit name Syntax unit-id set unit View System view Parameter : Unit ID of a device. unit-id : Unit name of a device. It is a string comprising 1 to 64 characters. unit-name Description Use this command to set a name for a device.
Page 340 9: U HAPTER SING ABRIC OMMANDS Use the Example Change the fabric name of the device to "building1". <SW5500>display xrn-fabric Fabric name(HostName): SW5500, Fabric authentication: md5 Fabric mode : L3, Fabric unit number: 2 Unit Name First Second [SW5500]sysname building1 <building1>display xrn-fabric Fabric name(HostName): building1, Fabric authentication: md5 Fabric mode : L3, Fabric unit number: 2...
Page 341 This chapter describes how to use the following commands: 802.1x Configuration Commands ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ Centralized MAC Address Authentication Configuration Commands ■ ■ ■ ■ ■ AAA Configuration Commands ■ ■ ■...
Page 342 11: U RADIUS C HAPTER SING ■ ■ ■ ■ ■ ■ ■ ■ RADIUS Protocol Configuration Commands ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■...
Page 343: Configuration Commands
802.1x Configuration This section describes how to use the 802.1x configuration commands on your Commands Switch 5500G-EI. display dot1x Syntax display dot1x [ sessions | statistics [ interface View All views Parameter interface: sessions: statistics: interface-list expressed in the format...
Page 344: Dot1X
11: U RADIUS C HAPTER SING Configuration: Transmit Period 30 s, Total maximum 802.1x user resource number is 1024 Total current used 802.1x resource number is 0 GigabitEthernet1/0/1 is link-up … (Omitted) dot1x Syntax dot1x [ interface undo dot1x [ interface View Ethernet Port View Parameter...
Page 345: Dot1X Authentication-Method
enabled globally, if the parameters are not configured globally or for a specified port, they will maintain the default values. After the global 802.1x performance is enabled, only when port 802.1x performance is enabled will the configuration of 802.1x become effective on the port.
Page 346: Dot1X Dhcp-Launch
11: U RADIUS C HAPTER SING not necessary to transfer the EAP packet to a standard RADIUS packet first and then send it to RADIUS server. To use PAP, CHAP or EAP authentication, RADIUS server should support PAP, CHAP or EAP authentication respectively. Related command: Example Configure 802.1x user to use PAP authentication...
Page 347: Dot1X Port-Control
Parameter user-number ranging from 1 to 1024. By default, the maximum user number is 1024. interface interfaces, expressed in the format interface-num interface in the format interface-name interface-num interface name. For the respective meanings and value ranges, see the parameters in the Port Command chapter.
Page 348: Dot1X Port-Method
11: U RADIUS C HAPTER SING authorized-force: stay in authorized state and the user is allowed to access the network resources without authentication/authorization. unauthorized-force: always stay in non-authorized mode and the user is not allowed to access the network resources. interface interfaces, expressed in the format interface-num...
Page 349: Dot1X Quiet-Period
Parameter macbased: authentication on the supplicant based on MAC address. portbased: authentication on the supplicant based on interface number. interface interfaces, expressed in the format interface-num interface in the format interface-name interface-num interface name. For the respective meanings and value ranges, see the parameters in the Port Command chapter.
Page 350: Dot1X Retry
11: U RADIUS C HAPTER SING OMMANDS View System View Parameter None Description Use the command to enable the quiet-period timer. Use the dot1x quiet-period command to disable this timer. undo dot1x quiet-period If an 802.1x user has not been authenticated, the Authenticator will keep quiet for a while (which is specified by quiet-period timer) before launching the authentication again.
Page 351: Dot1X Supp-Proxy-Check
Note that when performing this function, the user logging on via proxy needs to run the 3Com 802.1x client program, (3Com 802.1x client program version V1.29 or above is needed). This command is used to set a control method on the specified interface when executed in System View.
Page 352: Dot1X Timer
11: U RADIUS C HAPTER SING only if you enable this feature on a specific port can this configuration take effect on the port. Related command: Example To configure the Switch to cut the network connection to a user upon detecting the use of proxy on GigabitEthernet 1/0/1 ~ GigabitEthernet 1/0/8, enter the following: <SW5500>system-view...
Page 353: Reset Dot1X Statistics
quiet-period-value from 10 to 120 in units of second and defaults to 60. server-timeout: Authentication Server has not responded before the specified period expires, the Authenticator will resend the authentication request. server-timeout-value Authentication Server is. The value ranges from 100 to 300 seconds and defaults to 100 seconds.
Page 354: Centralized Mac Address Authentication Configuration Commands
11: U HAPTER SING View User View Parameter interface interface-list interface-num interface-type interface-num specifies the port type, interface-name ranges, read the Parameter of the Port Configuration section. Description Use the This command can be used to re-perform statistics if the user wants to delete the former statistics of 802.1x.
Page 355: Display Mac-Authentication
Description Use the MAC address authentication event debugging. Use the mac-authentication event Example To enable centralized MAC address authentication event debugging, enter the following: <SW5500>debugging mac-authentication event display Syntax mac-authentication display mac-authentication [ interface View Any view Parameter interface interfaces, expressed in the format interface-num interface in the format interface-name...
Page 356: Mac-Authentication
11: U RADIUS C HAPTER SING Table 52 Description of MAC address authentication configuration information Field mac address authentication is Enabled offline detect period quiet period server response timeout value max allowed user number current user number amounts current domain Silent Mac User info GigabitEthernet1/0/1 is link-up...
Page 357: Mac-Authentication Domain
Description Use the authentication feature on a specified port or globally. Use the mac-authentication globally. By default, the centralized MAC address authentication feature is disabled on each port and globally. In System View, if the MAC address authentication feature is enabled globally; if the parameter is specified, the feature is enabled on the specified interfaces.
Page 358: Mac-Authentication Timer
11: U RADIUS C HAPTER SING By default, the domain used by centralized MAC address authentication user is null, that is, not configured. Example To configure the domain used by the MAC address to Cams, enter the following: <SW5500> system-view System View: return to User View with Ctrl+Z.
Page 359: Aaa Configuration Commands
AAA Configuration This section describes how to use the AAA configuration commands on your Commands Switch 5500G-EI. access-limit Syntax access-limit { disable | enable View ISP Domain View Parameter disable: enable current ISP domain, ranging from 1 to 1048 Description Use the supplicants in the current ISP domain.
Page 360: Cut Connection
11: U RADIUS C HAPTER SING access-limit access the device using the current user name. The argument in the range of 1 to 1024. takes on the hexadecimal format of vlan a user belongs. The argument location: nas-ip remote port with a user. The argument decimal format and defaults to 127.0.0.1.
Page 361: Display Connection
access-type { dot1x | gcm | mac authentication }: category of connections according to logon type. means gcm user. authentication users. domain domain-name 24 characters. The specified ISP domain shall have been created. mac-address MAC address is format (H-H-H). radius-scheme according to RADIUS server name.
Page 362 11: U RADIUS C HAPTER SING View All views Parameter access-type { dot1x | mac-authentication }: supplicants according to their logon type. mac-authentication domain domain-name 24 characters. The specified ISP domain shall have been created. mac-address radius-scheme according to RADIUS server name. server name with a character string not exceeding 32 characters.
Page 363: Display Domain
display domain Syntax display domain [ isp-name ] View All views Parameter isp-name: 24 characters. The specified ISP domain shall have been created. Description Use the display domain domain or display the summary information of all ISP domains. This command is used to output the configuration of a specified ISP domain or display the summary information of all ISP domains.
Page 364: Domain
11: U RADIUS C HAPTER SING idle-cut: function. means the user enables the function. This parameter only takes effect on the users configured as lan-access type. For other types of users, the idle-cut enable not display any information. service-type: that the specified user type is telnet. type is terminal which refers to users who use the terminal service (login from the console port).
Page 365 ISP domain is a group of users belonging to the same ISP. Generally, for a username in the userid@isp-name format, taking example, the isp-name (that is, name. When 3Com 5500 Series Ethernet Switches control user access, as for an ISP user whose username is in userid@isp-name userid part as username for identification and take isp-name part as domain name.
Page 366: Idle-Cut
11: U RADIUS C HAPTER SING idle-cut Syntax idle-cut { disable | enable View ISP Domain View Parameter disable: enable: minute minutes. flow bytes. Description Use the domain. By default, after an ISP domain is created, this attribute in user template is disable The user template is a set of default user attributes.
Page 367: Local-User
In the case of authentication requiring both username and password, however, the accessible command level depends on user priority level. Example To set the priority level of the user 3Com to 3, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]local-user 3Com1...
Page 368: Messenger
11: U RADIUS C HAPTER SING ssh: terminal: terminal service (login from the console port). all: Description Use the view. Use the By default, no local user. Related commands: Example To add a local user named 3Com1, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 369: Password
If the threshold is reached, the Switch sends messages containing the user's ■ remaining online time to the client at the interval you configured. The client keeps the user informed of the remaining online time through a ■ message alert dialog box. Example To configure to start the sending of alert messages when the user's remaining online time is 30 minutes and send the messages at an interval of five minutes,...
Page 370: Scheme
11: U RADIUS C HAPTER SING Parameter radius-scheme-name exceeding 32 characters. Description Use the current ISP domain. This command is used to specify the RADIUS scheme for the current ISP domain. The specified RADIUS scheme shall have been created. Related commands: Example The following example designates the current ISP domain, marlboro.net, to use the RADIUS server, Radserver.
Page 371: Self-Service-Url
ISP domain. If both of these two commands are used, the latest configuration will take effect. Related command: Example To specify the current ISP domain, 3Com163.net, to use the RADIUS scheme 3Com, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]domain marlboro.net [SW5500-isp-marlboro.net]scheme radius-scheme 3Com...
Page 372: Service-Type
11: U RADIUS C HAPTER SING Example In the ISP domain "marlboro.net", configure the URL address of the page used to change the user password on the self-service server to http://10.153.89.94/selfservice/modPasswd1x.jsp <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]domain marlboro.net [SW5500-isp-marlboro.net] self-service-url enable http://10.153.89.94/selfservice/modPasswd1x.jsp|userName...
Page 373: State
You can use either level local user. If both of these commands are used, the latest configuration takes effect. Example To set to provide the lan-access service for the user JohnQ, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]local-user JohnQ [SW5500-luser-JohnQ]service-type lan-access state...
Page 374: Radius Protocol Configuration Commands
11: U HAPTER SING [SW5500]domain marlboro.net [SW5500-isp-marlboro.net]state block [SW5500-isp-marlboro.net]quit To set the user 3Com1 to be in the block state, enter the following: [SW5500-user-3Com1]state block RADIUS Protocol This section describes how to use the RADIUS Protocol configuration commands Configuration on your Switch. Commands accounting optional Syntax...
Page 375: Display Local-Server Statistics
To set the unit of data flow that is sent to kilo-byte and the data packet to kilo-packet, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]radius scheme 3Com New Radius scheme [SW5500-radius-3Com]data-flow-format data kilo-byte packet kilo-packet display local-server Syntax statistics display local-server statistics...
Page 376: Display Radius
11: U RADIUS C HAPTER SING Parameter None Description Use the local RADIUS authentication server. Related command: Example To display the statistics of local RADIUS authentication server, enter the following <SW5500>display local-server statistics On Unit 1: The localserver packet statistics: Receive: Discard: Auth Receive:...
Page 377: Display Radius Statistics
SchemeName Primary Auth IP Primary Acct IP Second Second Auth Server Encryption Key= 3Com Acct Server Encryption Key= 3Com Accounting method = required TimeOutValue(in second)=3 RetryTimes=3 RealtimeACCT(in minute)=12 Permitted send realtime PKT failed counts Retry sending times of noresponse acct-stop-PKT =500...
Page 378: Display Stop-Accounting-Buffer
11: U RADIUS C HAPTER SING Code= 5,Num=0 Code=11,Num=0 Code=22,Num=0 Running statistic: RADIUS received messages statistic: Normal auth request EAP auth request Account request Account off request Leaving request display Syntax stop-accounting-buffer display stop-accounting-buffer { radius-scheme session-id user-name View All views Parameter radius-scheme accounting requests according to RADIUS server name.
Page 379: Key
Configures to set/delete the encryption key for RADIUS authentication: authentication/authorization packet. Specifies the key with a character string not exceeding 16 characters. By string default, the key is “3Com”. Description Use the command to configure encryption key for RADIUS authentication/authorization or accounting packet. Use the to restore the default key.
Page 380: Local-Server
RADIUS authentication server. RADIUS service, which adopts authentication/authorization/accounting servers to manage users, is widely used in the Switch 5500G-EI. Besides, local authentication/authorization service is also used in these products and it is called local RADIUS authentication server function, that is, realize basic RADIUS function on the Switch.
Page 381: Nas-Ip
RADIUS Protocol Configuration Commands Example To set the IP address of local RADIUS authentication server to 10.110.1.2 and the password to 3Com, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]local-server nas-ip 10.110.1.2 key 3Com nas-ip...
Page 382: Primary Authentication
Related commands: Example To set the IP address of the primary accounting server of RADIUS scheme, “3Com”, to 10.110.1.2 and the UDP port 1813 to provide RADIUS accounting service, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 383: Radius Nas-Ip
Example To set the IP address of the primary authentication/authorization server of RADIUS server group, “3Com”, to 10.110.1.1 and the UDP port 1812 to provide RADIUS authentication/authorization service, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 384: Radius Scheme
Note that a scheme currently in use by the online user cannot be removed. Related commands: realtime-accounting stop-accounting radius Example To create a RADIUS scheme named “3Com” and enter its view, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. OMMANDS radius-scheme-name radius-scheme-name...
Page 385: Reset Radius Statistics
[SW5500]radius scheme 3Com New Radius scheme [SW5500-radius-3Com] reset radius statistics Syntax reset radius statistics View User View Parameter None Description Use the reset radius statistics command to clear the statistic information related to the RADIUS protocol. Related command: Example To clear the RADIUS protocol statistics, enter the following: <SW5500>reset radius statistics...
Page 386: Retry
11: U RADIUS C HAPTER SING and “>”. The @ character can only be used once in one username. The pure username (the part before @, namely the user ID) cannot exceed 24 characters. Description Use the accounting requests, which are saved in the buffer and have not been responded. By default, after transmitting the stopping accounting requests, if there is no response from the RADIUS server, the Switch will save the packet in the buffer and retransmit it for several times, which is set through the...
Page 387: Retry Realtime-Accounting
Therefore, it is necessary to disconnect the user at the NAS end and on the RADIUS server synchronously when unexpected failure occurs. The Switch 5500G-EI Family supports a maximum number of times that real-time accounting requests can fail to be responded to.
Page 388: Retry Stop-Accounting
Example To indicate that, when stopping accounting request for the server “3Com” in the RADIUS server group, the Switch will retransmit the packets for up to 1000 times, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 389: Secondary Authentication
For detailed information, read the Description of the command. Related commands: Example To set the IP address of the second accounting server of RADIUS scheme, 3Com, to 10.110.1.1 and the UDP port 1813 to provide RADIUS accounting service, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 390: Server-Type
RADIUS server type. Related command: radius scheme Example To set the RADIUS server type of RADIUS scheme, “3Com” to 3Com, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]radius scheme 3Com...
Page 391: State
Related commands: radius scheme authentication primary accounting Example To set the second authentication server of RADIUS scheme, “3Com”, to be active, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]radius scheme 3Com [SW5500-radius-3Com]state secondary authentication active...
Page 392: Stop-Accounting-Buffer Enable
Example To indicate that, for the server “3Com” in the RADIUS scheme, the Switch will save the stopping accounting request packets in the buffer, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 393: Timer Realtime-Accounting
Setting a suitable timer according to the network situation will enhance system performance. Related commands: radius scheme retry Example To set the response timeout timer of RADIUS scheme, 3Com, to 5 seconds, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]radius scheme 3Com [SW5500-radius-3Com]timer 5...
Page 394: Timer Response-Timeout
Related commands: Example To set the response timeout timer in the RADIUS scheme 3Com to 5 seconds, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 395: User-Name-Format
RADIUS Protocol Configuration Commands [SW5500]radius scheme 3Com [SW5500-radius-3Com]timer response-timeout 5 user-name-format Syntax user-name-format { with-domain | without-domain } View RADIUS Scheme View Parameter Specifies to send the username with domain name to RADIUS with-domain: server. Specifies to send the username without domain name to without-domain: RADIUS server.
Page 396 11: U RADIUS C HAPTER SING OMMANDS...
Page 397 This chapter describes how to use the following commands: File System Management Commands ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ Configuration File Management Commands ■ ■ ■ ■ ■ ■ ■ FTP Server Configuration Commands ■...
Page 398 12: U HAPTER SING YSTEM ANAGEMENT ■ ■ ■ FTP Client Commands ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ TFTP Configuration Commands ■ ■ MAC Address Table Management Commands ■...
Page 399 boot bootrom ■ display boot-loader ■ display cpu ■ display device ■ display fan ■ display memory ■ display power ■ display schedule reboot ■ reboot ■ schedule reboot at ■ schedule reboot delay ■ Basic System Configuration and Management Commands clock datetime ■...
Page 400 12: U HAPTER SING YSTEM ANAGEMENT Log Commands ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ SNMP Configuration Commands ■ ■ ■ ■ ■ ■ ■...
Page 401 snmp-agent packet max-size ■ snmp-agent sys-info ■ snmp-agent target-host ■ snmp-agent trap enable ■ snmp-agent trap life ■ snmp-agent trap queue-size ■ snmp-agent trap source ■ snmp-agent usm-user ■ undo snmp-agent ■ RMON Configuration Commands display rmon alarm ■ display rmon event ■...
Page 402: File System Management Commands
File System This section describes the commands you can use to manage the file system on Management your Switch 5500G-EI. Commands In switches supporting the XRN feature, the file path must start with "unit[No.]>flash:/:", the [No.] is the unit ID. For example, suppose unit ID is 1, and the path of the "text.txt"...
Page 403: Copy
Example Change the current working directory of the switch to flash. <SW5500>cd flash: <SW5500>pwd unit1>flash: copy Syntax file-source file-dest copy View User view Parameter Source file name. file-source: Destination file name. file-dest: Description Use the command to copy a file. copy When the destination filename is the same as that of an existing file, the system will ask whether to overwrite it.
Page 404: Dir
12: U HAPTER SING YSTEM ANAGEMENT Parameter /unreserved parameter. file-path: Description Use the Switch. The deleted files are kept in the recycle bin and will not be displayed when you use The files deleted by the command or deleted permanently from the recycle bin, using the reset recycle-bin If two files with the same name in a directory are deleted, only the latest deleted file will be kept in the recycle bin.
Page 405: Execute
Display information for directory flash:/test/ <SW5500>dir flash:/test/ Directory of unit1>flash:/test/ 1 -rw- Aug 29 2000 17:49:36 test.txt 20578304 bytes total (3104544 bytes free) Display all of the files with names starting with "t" in directory flash:/test/ <SW5500>dir flash:/test/t* Directory of unit1>flash:/test/t* 1 -rw- Aug 29 2000 17:49:36 test.txt 20578304 bytes total (3104544 bytes free)
Page 406: File Prompt
12: U HAPTER SING YSTEM ANAGEMENT [SW5500]execute test.bat file prompt Syntax file prompt { alert | quiet } View System view Parameter alert: alert quiet: Description Use the the Switch. If the prompt mode is set as some non-recoverable operations may lead to system damage. Example Configure the prompt mode of file operation as <SW5500>system-view...
Page 407: More
View User view Parameter : Directory name. directory Description Use the command to create a directory in the specified directory on the mkdir storage device. The directory to be created cannot have the same name as that of any other directory or file in the specified directory.
Page 408: Pwd
-rw- Jul 12 2001 20:08:32 -rw- 2145718 Jul 12 2001 12:28:08 drw- Jul 12 2001 19:41:20 -rw- Jul 12 2001 20:26:48 drw- Jul 12 2001 20:23:37 16125952 bytes total (13970432 bytes free) ne80.bin test subdir sample.txt 3Com.bin test sample.txt subdir...
Page 409: Rename
Description Use the Error may occur without setting the current path. Example Display the current path. <SW5500>pwd unit1>flash: rename Syntax rename filepath-source filepath-dest View User view Parameter filepath filepath Description Use the rename If the destination file name is the same as an existing directory name, the rename operation will fail.
Page 410: Rmdir
12: U HAPTER SING YSTEM ANAGEMENT View User view Parameter file-path /force Description Use the recycle bin. recycle-bin Example Delete the file from the recycle bin. <SW5500>reset recycle-binflash:/p1h_logic.out Clear unit1>flash:/plh_logic.out? [Y/N]: rmdir Syntax rmdir View User view Parameter directory Description Use the empty.
Page 411: Configuration File Management Commands
<SW5500>dir /all Directory of unit1>flash:/ 16125952 bytes total (13972480 bytes free) Configuration File This section describes the commands you can use to manage the configuration Management files on your Switch 5500G-EI. Commands display Syntax current-configuration display current-configuration [ controller | interface...
Page 412 When there is much configuration information to use the regular expression to filter the output information. For specific rules about the regular expression, refer to the Switch 5500G-EI Configuration manual. Related commands: saved-configuration Example To view the running configuration parameters of the switch, enter the following: <SW5500>display current-configuration...
Page 413: Display Saved-Configuration
Configuration File Management Commands To view the pre-positive and post-positive configuration information, enter the following: <SW5500>display current-configuration configuration display Syntax saved-configuration display saved-configuration [ unit unit-id View All views Parameter Specify the Unit ID of switch. unit unit-id Description Use the command to view the configuration files display saved-configuration in the flash memory of the Switch.
Page 414: Display Startup
12: U HAPTER SING YSTEM ANAGEMENT configurations of the protocol views are displayed when executing this command in protocol sub-views. For the related command, see current-configuration, display saved-configuration Example Display the configuration parameters for the current view of the switch system. [SW5500]display this display startup Syntax...
Page 415: Save
■ the new version's software. Perform to erase the old configuration files. When a Switch 5500G-EI is reused on a network but in a different manner to ■ previously, the original configuration file should be erased and the switch reconfigured.
Page 416: Startup Saved-Configuration
Configure the configuration file for the next start-up. <SW5500>startup saved-configuration sw5500cfg.cfg FTP Server This section describes how to use the File Transfer Protocol (FTP) configuration Configuration commands on your Switch 5500G-EI. Commands ANAGEMENT OMMANDS reset saved-configuration, display : Specify the Unit ID of switch.
Page 417: Display Ftp-Server
display ftp-server Syntax display ftp-server View All views Parameter None Description Use the display ftp-server FTP Server. You can perform this command to verify the configuration after setting FTP parameters. Example Display the configuration of FTP Server parameters. <SW5500>display ftp-server Ftp server is running Max user number User count...
Page 418: Ftp Timeout
12: U HAPTER SING YSTEM ANAGEMENT Parameter enable: Description ■ ■ By default, FTP Server is shut down. Perform this command to easily start or shut down FTP Server, preventing the Switch from being attacked by an unknown user. Example Shut down FTP Server.
Page 419: Password
undo local-user { lan-access | ssh | terminal }]} View System view Parameter Enter a local user name, up to 80 characters in length, excluding "/", user_name ":", "*", "?", "<" and ">". (The @ character can be used once in a that part of the user name which precedes the @ symbol must not be more than 55 characters in length.
Page 420: Service-Type
12: U HAPTER SING YSTEM ANAGEMENT Parameters simple: cipher: password: to 24 characters in length for cipher text. Description ■ ■ The settings in the command override the settings in the Related command: Example To set the user guest to display the password 20030422 in simple text, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 421: Ftp Client Commands
To configure a service type of LAN access for the user guest, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]local-user-guest [SW5500-luser-guest]service-type lan-access FTP Client Commands This section describes the File Transfer Protocol (FTP) Client commands on your Switch 5500G-EI. ascii Syntax ascii View FTP Client view Parameter...
Page 422: Binary
12: U HAPTER SING YSTEM ANAGEMENT OMMANDS By default, the file transmission mode is ASCII mode. Perform this command if the user needs to change the file transmission mode to default mode. Example Configure to transmit data in the ASCII mode. [ftp]ascii 200 Type set to A.
Page 423: Cdup
View FTP Client view Parameter Path name. pathname Description Use the command to change the working path on the remote FTP Server. This command is used to access another directory on FTP Server. Note that the user can only access the directories authorized by the FTP server. Example Change the working path to flash: [ftp]cd flash:/temp...
Page 424: Delete
12: U HAPTER SING YSTEM ANAGEMENT Example Terminate connection with the remote FTP Server and stay in FTP Client view. [ftp]close delete Syntax delete remotefile View FTP Client view Parameter remotefile: Description Use the This command is used to delete a file. Example Delete the file [ftp]delete temp.c...
Page 425: Ftp
Parameter None Description Using the command, subscribers can disconnect FTP client side from disconnect FTP server side without exiting FTP client side view. This command terminates the control connection and data connection with the remote FTP Server at the same time. Example Terminate connection with the remote FTP Server and stay in FTP Client view.
Page 426: Lcd
12: U HAPTER SING YSTEM ANAGEMENT Example Download the file [ftp]get temp1.c temp.c Syntax View FTP Client view Parameter None Description Use the Example Show local working path. [ftp]lcd % Local directory now flash:/temp Syntax ls [ View FTP Client view Parameter remotefile localfile...
Page 427: Passive
Parameter Directory name. pathname Description Use the command to create a directory on the remote FTP Server. mkdir User can perform this operation as long as the remote FTP server has authorized the operation. Example Create the directory [ftp]mkdir flash:/lanswitch passive Syntax passive...
Page 428: Pwd
12: U HAPTER SING YSTEM ANAGEMENT Example Upload the local file [ftp]put temp.c temp1.c Syntax View FTP Client view Parameter None Description Use the Example Show the current directory on the remote FTP Server. [ftp]pwd "flash:/temp" is current directory. quit Syntax quit View...
Page 429: Rmdir
Description Use the remotehelp command. Example Show the syntax of the protocol command [ftp]remotehelp user Syntax: USER <sp> <username> rmdir Syntax rmdir pathname View FTP Client view Parameter Directory name of remote FTP Server. pathname Description Use the command to delete the specified directory from FTP Server. rmdir Example Delete the directory...
Page 430: Tftp Configuration Commands
By default, verbose is disabled. Example Enable verbose. [ftp]verbose TFTP Configuration This section describes the Trivial File Transfer Protocol (TFTP) Commands on your Commands Switch 5500G-EI. tftp get Syntax tftp View User view Parameter tftp-server server should be a string ranging from 1 to 20 characters.
Page 431: Mac Address Table Management Commands
Related commands: Example < MAC Address Table This section describes the commands you can use to manage the MAC Address Management Table on your Switch 5500G-EI. Commands display mac-address Syntax display mac-address [ | blackhole ] [ interface { interface-num...
Page 432: Display Mac-Address Aging-Time
12: U HAPTER SING YSTEM ANAGEMENT For details about the parameters, refer to the Port Configuration in this manual. count the MAC address table if the user enters this parameter when using this command. Description Use the information. When managing the Layer-2 addresses of the switch, the administrator can perform this command to view such information as the Layer-2 address table, address status (static or dynamic), Ethernet port of the MAC address, VLAN of the address, and system address aging time.
Page 433: Mac-Address
The above information indicates that the dynamic entry in the MAC address table is no-aging. mac-address Syntax mac-address { static | dynamic | blackhole } interface name undo mac-address [ { static | dynamic | blackhole } interface interface { vlan View System view...
Page 434: Mac-Address Max-Mac-Count
12: U HAPTER SING YSTEM ANAGEMENT [SW5500]mac-address static 00e0-fc01-0101 interface gigabitethernet 1/0/1 vlan 2 mac-address Syntax max-mac-count mac-address max-mac-count undo mac-address max-mac-count View Ethernet port view Parameter count: addresses a port can learn. 0 means that the port is not allowed to learn MAC addresses.
Page 435 MAC Address Table Management Commands Parameter Specifies the aging time (measured in seconds) of the Layer-2 dynamic age: aging address table entry, ranging from 10 to 1000000; by default, the aging time is 300 seconds. No aging time. no-aging: Description Use the command to configure the aging time of the Layer-2 mac-address timer...
Page 436: Device Management Commands
12: U HAPTER SING YSTEM Device Management This section describes the device management commands available on your Switch Commands 5500G-EI. boot boot-loader Syntax boot boot-loader View User view Parameter file-path: Description Use the time. You can not specify the app file stored in another Unit as the boot application of a Unit.
Page 437: Display Cpu
Parameter unit-id unit Description Use the display boot-loader and the next boot. Example <SW5500>display boot-loader The app to boot of board 0 at the next time is: flash:/platform.app The app to boot of board 0 at this time is: flash:/PLATV100R002B09D002.APP display cpu Syntax display cpu [ unit...
Page 438: Display Fan
12: U HAPTER SING YSTEM ANAGEMENT Parameter unit Description Use the information of a card, including physical card number, physical daughter card number, number of ports, hardware version number, FPGA version number, version number of BOOTROM software, application version number, address learning mode, interface card type and interface card type description, etc.
Page 439: Display Power
Example To display the current memory status, enter the following: <SW5500>display memory The information displays in the following format: System Total Memory(bytes): 32491008 Total Used Memory(bytes): 13181348 Used Rate: 40% Table 55 Display information Field System Total Memory (bytes) Total Used Memory (bytes) Used Rate display power Syntax...
Page 440: Reboot
12: U HAPTER SING YSTEM ANAGEMENT Related command: undo schedule reboot. Example Display the configuration of the schedule reboot terminal service parameters of the current switch. <SW5500>display schedule reboot Reboot system at 16:00:00 2002/11/1 (in 2 hours and 5 minutes). reboot Syntax reboot [ unit...
Page 441: Schedule Reboot Delay
Device Management Commands If the command sets specified date parameters, which schedule reboot at represents a data in the future, the switch will be restarted in specified time, with error not more than 1 minute. If no specified date parameters are configured, two cases are involved: If the configured time is after the current time, the switch will be restarted at the time point of that day;...
Page 442: Basic System Configuration And Management Commands
Reboot scheduled for 23:00:00 UTC 2002/11/1 (in 1 hours and 28 minutes) Proceed with reboot? [Y/N]:y Basic System This section describes the basic system configuration and system management Configuration and commands available on your Switch 5500G-EI. Management Commands clock datetime Syntax clock datetime...
Page 443: Clock Summer-Time
<SW5500>clock datetime 09:30:00 2004/01/01 clock summer-time Syntax clock summer-time end_date offset_time clock summer-time end-time end-date | start-time start-year start-month start-week start-day end-time end-year end-month end-week end-day } offset-time undo clock summer-time View User view Parameters zone_name length. one-off repeating selected year. start_time start_date end_time...
Page 444: Clock Timezone
12: U HAPTER SING YSTEM ANAGEMENT offset_time format HH:MM:SS. Description Use the end date and time of summer time. Use the summer time. Use the Related command: Example To set the summer time for zone 2 to start at 06:00:00 on 08/06/2002, and end at 06:00:00 on 01/09/2002, with a time added of one hour, enter the following: <SW5500>clock summer-time z2 one-off 06:00:00 2002/06/08 06:00:00 2002/09/01 01:00:00...
Page 445: Sysname
Related command: Example To set the local time zone as zone 5, and configure the local time to be 5 hours ahead of UTC, enter the following: <SW5500>clock timezone z5 add 05:00:00 sysname Syntax sysname undo sysname View System view Parameter sysname: from1 to 30 characters.
Page 446: Display Config-Agent
12: U HAPTER SING YSTEM ANAGEMENT Description Use the time from the terminal display.. For the related commands, see Example View the current system date and clock. <SW5500>display clock 15:50:45 UTC Mon 2001/2/12 display config-agent Syntax display config-agent unit-id View Any view Parameter unit-id...
Page 447: Display Debugging
Display the information about the system version. <SW5500>display version System Debug This section describes the system debugging options, and the system diagnostics Commands information that can be displayed on your Switch 5500G-EI. interface-name } ] [ module-name Specify the Ethernet port name.
Page 448: Debugging
View All views Parameter None Description Use the information on all currently running modules. This information helps you to monitor and troubleshoot your Switch 5500G-EI. OMMANDS module-name debugging-option module-name : Disable all the debugging. Specify the module name. Debugging option.
Page 449: Network Connection Test Commands
To display system information on all currently running modules, enter the following: <SW5500>display diagnostic-information Network Connection This section describes the network connection test commands available on your Test Commands Switch 5500G-EI. end-station polling Syntax ip-address end-station polling ip-address undo end-station polling ip-address...
Page 450 12: U HAPTER SING YSTEM ANAGEMENT Parameter transmitted, ranging from 1 to 4294967295. interface-type interface-num: interface-name: resolution. the packet completely with ff. packet header) in bytes. in ms). -tos string Description Use the of the host. By default, when the parameters are not specified: ■...
Page 451: Tracert
host will be treated as IP address first. If it is not an IP address, perform domain ■ name resolution, the default padding operation starts from 0x01 and ends on 0x09 ■ (progressively), then performs again, show all the information including statistics, ■...
Page 452 12: U HAPTER SING YSTEM ANAGEMENT View All views Parameter from 0 to the maximum TTL. than the initial TTL. Generally, user need not modify this option. number of query packets sent, larger than 0. timeout in seconds, larger than 0. string Description Use the...
Page 453: Hwping Commands
15 * * * 16 * * * 17 * * * 18 ALLSPICE.LCS.MIT.EDU (18.26.0.115) 339 ms 279 ms 279 ms HWPing Commands This section displays the hwping options available on your Switch 5500G-EI. hwping-agent enable Syntax hwping-agent enable undo hwping-agent enable...
Page 454: Count
12: U HAPTER SING YSTEM ANAGEMENT OMMANDS View System View Parameter Specify the name of the administrator creating an HWPing administrator-name: test group. Test operation tag. operation-tag: Description Use the command to create an HWPing test group. Executing this hwping command allows the systemto access the HWPing test group view.
Page 455: Frequency
View HWPing Test Group View Parameter Destination IP address in a test ip-address: Description Use the destination-ip test. Use the undo destination-ip address. By default, no destination IP address is configured for any test. Example Set the destination IP address in the test to 169.254.10.3 [SW5500-administrator-icmp]destination-ip 169.254.10.3 frequency Syntax...
Page 456: Test-Enable
12: U HAPTER SING YSTEM ANAGEMENT Parameter test-type: Test type, which can be one of the following key words: ■ ■ ■ ■ ■ ■ ■ ■ Description Use the test-type command to configure the type of test. HWPing tests include DHCP, FTP, HTTP, ICMP, SNMP, TCP and UDP test. The default test type is ICMP.
Page 457: Log Commands
Display the test result of the test group whose administrator name is ‘administrator’ and operation tag is ‘jitter’. [SW5500]display hwping result administrator icmp Log Commands This section displays the logging options available on your Switch 5500G-EI. display channel Syntax display channel [...
Page 458: Display Info-Center
12: U HAPTER SING YSTEM ANAGEMENT display info-center Syntax display info-center View All views Parameter None Description Use the log and the information recorded in the memory buffer. If the information in the current log/trap buffer is less than the specified sizeval, display the actual log/trap information.
Page 459 View Any view Parameter : Information level. level : Information level, do not output information below this level. By severity default, the log information level is warnings, the trap information level is debugging, the debugging information level is debugging. Information at different levels is as follows: : Level 1 information, which cannot be used by the system.
Page 460: Display Logbuffer Summary
12: U HAPTER SING YSTEM ANAGEMENT Dropped messages : 0 Overwritten messages : 0 Current messages : 91 display logbuffer Syntax summary display logbuffer summary [ level View Any view Parameter level: Information level. severity: Information level, do not output information below this level. By default, the log information level is warnings, the trap information level is debugging, the debugging information level is debugging.
Page 461: Info-Center Channel Name
Parameter : Configure the size of buffer. size buffersize the size of the buffer is 256. Description Using and the information recorded in trapbuffer. For the related commands, see info-center logbuffer monitor channel. Example Show the system trapbuffer attribute and the log information in trapbuffer. <SW5500>display trapbuffer Trapping Buffer Configuration and contents: enabled...
Page 462: Info-Center Console Channel
By default, the Switch 5500G-EI does not output log information to the console. This command takes effect only after system logging is started. For the related commands, see...
Page 463: Info-Center Logbuffer
Log Commands View System view Parameter None Description Use the command to enable the system log function. Use info-center enable command to disable system log function. undo info-center enable By default, system log function is enabled. Only after the system log function is enabled can the system output the log information to the info-center loghost and console, etc.
Page 464: Info-Center Loghost
12: U HAPTER SING YSTEM ANAGEMENT Description Use the to the memory buffer. Use the cancel the information output to buffer This command takes effect only after the system logging is enabled. For the related commands, see Example Send log information to buffer and sets the size of buffer as 50. <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 465: Info-Center Loghost Source
For the related commands, see Example Configure to send log information to the UNIX workstation at 202.38.160.1. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]info-center loghost 202.38.160.1 info-center loghost syntax source info-center loghost source undo info-center source View System view Parameter source...
Page 466: Info-Center Snmp Channel
12: U HAPTER SING YSTEM ANAGEMENT channel-name: channel7, channel8, channel9, console, logbuffer, loghost, monitor, snmpagent, trapbuffer. Description Use the the log information to the user terminal. output the log information to the user terminal to the default value. By default, switches do not output log information to user terminal. This command takes effect only after system logging is started.
Page 467: Info-Center Source
[SW5500]info-center snmp channel 6 info-center source Syntax info-center source { channel-name level severity } ] * undo info-center source { channel-number | channel-name View System view Parameter modu-name: default: Log information. log: Trap information. trap: debugging: level: severity: default, the log information level is warnings, the trap information level is debugging, the debugging information level is debugging.
Page 468 12: U HAPTER SING YSTEM ANAGEMENT channel-name: channel8, channel9, console, logbuffer, loghost, monitor, snmpagent, trapbuffer. state: state: Description Use the channel. Use the the information channel. For example, for the filter of IP module log output, you can configure to output the logs at a level higher than warnings to the log host and output those higher than informational to the log buffer.
Page 469: Info-Center Switch-On
info-center switch-on Syntax info-center switch-on { logging | trapping ]* undo info-center switch-on { logging | trapping ]* View System view Parameter unit-id: master: all: debugging: logging: trapping: Description Use the synchronization switch of the specified switch. Use the synchronization switch of the specified switch. By default, the debugging information synchronization switch on master unit is enabled, log information and trap information switches on master unit are disabled, all information synchronization switches on slave unit are...
Page 470: Info-Center Timestamp
12: U HAPTER SING YSTEM ANAGEMENT info-center timestamp Syntax info-center timestamp { log | trap | debugging } { boot | date | none undo info-center timestamp { log | trap | debugging } View System view Parameter log: trap: debugging: boot: 32 bits of the elapsed time (in milliseconds) after system starts, and yyyyyy is the...
Page 471: Reset Logbuffer
buffersize: channel: channel-number: ten channels. channel-name: Description Use the info-center trapbuffer buffer. Use the information to trap buffer. By default, output information is transmitted to trap buffer and size of trap buffer is 256. This command takes effect only after the system logging is enabled. Related commands: Example Send information to the trap buffer and sets the size of buffer as 30.
Page 472: Terminal Debugging
12: U HAPTER SING YSTEM ANAGEMENT Parameter None Description Use the Example Clear information in trap buffer. <SW5500>reset trapbuffer terminal debugging Syntax terminal debugging undo terminal debugging View User view Parameter None Description Use the information on the terminal. Use the configure not to display the debugging information on the terminal.
Page 473: Terminal Monitor
Log Commands By default, this function is enabled. Example Disable the terminal log display. <SW5500>undo terminal logging terminal monitor Syntax terminal monitor undo terminal monitor View User view Parameter None Description Use the command to enable the log debugging/log/trap on terminal monitor the terminal monitor.
Page 474: Snmp Configuration Commands
By default, this function is enabled. Example Enable trap information display. <SW5500>terminal trapping SNMP Configuration This section displays the Simple Network Management Protocol (SNMP) Commands commands available on your Switch 5500G-EI. display snmp-agent Syntax display snmp-agent { local-engineid | remote-engineid } View All views Parameter...
Page 475: Display Snmp-Agent Group
Description Use the configured community names. Example Display the currently configured community names. <SW5500>display snmp-agent community community name:public group name:public storage-type: nonVolatile community name:tom group name:guest storage-type: nonVolatile display snmp-agent Syntax group display snmp-agent group [ View All views Parameter groupname: Description Use the...
Page 476: Display Snmp-Agent Mib-View
12: U HAPTER SING YSTEM ANAGEMENT display snmp-agent Syntax mib-view display snmp-agent mib-view [ exclude | include | viewname View All views Parameter exclude: include: viewname: mib-view: Description configuration information of the Switch. Example Display the information about the currently configured MIB view. <SW5500>display snmp-agent mib-view View name:mv Storage-type: nonVolatile...
Page 477: Display Snmp-Agent Statistics
display snmp-agent Syntax statistics display snmp-agent statistics View All views Parameter None Description Use the SNMP communication. This command provides a counter for SNMP operations. Example Display the current state of SNMP communication. <SW5500>display snmp-agent statistics 0 Messages delivered to the SNMP entity 0 Messages which were for an unsupported version 0 Messages which used an unknown community name 0 Messages which represented an illegal operation for the community...
Page 478: Display Snmp-Agent Sys-Info
12: U HAPTER SING YSTEM ANAGEMENT Table 60 Output description of the display snmp-agent statistics command 0 Get-request PDUs accepted and processed 0 Get-next PDUs accepted and processed 0 Set-request PDUs accepted and processed 3 Messages passed from the SNMP entity 0 SNMP PDUs which had a tooBig error (Maximum packet size 1500)
Page 479: Display Snmp-Agent Usm-User
display snmp-agent Syntax usm-user display snmp-agent usm-user [ engineid username View All views Parameter engineid: username: groupname: Description Use the SNMP usernames in the group username list. Example Display the information of all the current users. <SW5500>display snmp-agent usm-user User name: authuser Engine ID: 00000009020000000C025808 UserStatus: active The following table describes the output fields.
Page 480: Enable Snmp Trap
12: U HAPTER SING YSTEM Number of GetReq msgs sent :0 Number of GetNextReq msgs Received :0 Number of GetNextReq msgs sent :0 Number of GetResp msgs received :0 Number of GetResp msgs sent :0 Number of GetNextResp msgs received :0 Number of GetNextResp msgs sent :0 Number of SnmpMibSync msgs received :0 Number of SnmpMibSync msgs sent :0...
Page 481: Snmp-Agent Group
View System view Parameter Indicate that MIB object can only be read. read: write: community-name: view-name: acl-list Description Use the enable access to SNMP. Use the the settings of community access name. Example Configure community name as <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]snmp-agent community read guest Configure community name as <SW5500>system-view...
Page 482: Snmp-Agent Local-Engineid
Description Use the map an SNMP user to SNMP view. Use the 3Com recommends that you do not use the configuring an SNMP group, for the following reasons: ■ ■ Example Create an SNMP group named <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 483: Snmp-Agent Mib-View
Description Use the or remote SNMP engine on the Switch. Use the local-engineid Device information is determined according to different products. It can be IP address, MAC address or user defined text. However, you must use numbers in hexadecimal form. Example Configure the ID of a local or remote device as 1234512345.
Page 484: Snmp-Agent Sys-Info
| v3 }* | all } ] View System view Parameter sysContact: contact (in bytes), with a length ranging from 1 to 255. The default contact information is "3Com Marlborough USA". sysLocation: default, the character string is "Marlborough USA". version: v2c: all:...
Page 485: Snmp-Agent Target-Host
Description Use the geographical location of the device, contact information for system maintenance and version information of running SNMP. Use the location Example Set system location as Building 3/Room 214. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]snmp-agent sys-info location Building 3/Room 214 snmp-agent target-host Syntax snmp-agent target-host trap address udp-domain...
Page 486: Snmp-Agent Trap Enable
12: U HAPTER SING YSTEM Use the configured to receive SNMP notification. You must enter the snmp-agent target-host enables the device to transmit Trap packets. To send Trap messages, at least one snmp-agent target-host Example To enable Trap messages to be sent to enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 487: Snmp-Agent Trap Life
coldstart rebooted. linkdown turns down. linkup turns up. warmstart re-enabled. system: Description Use the message. Use the message sending. By default, Trap message sending is disabled. snmp-agent trap enable command should be used at the same time. The command specifies which hosts can receive Trap message. To send Trap messages, at least one Example Enable to send the trap packet of SNMP authentication failure to...
Page 488: Snmp-Agent Trap Queue-Size
12: U HAPTER SING YSTEM For the related commands, see snmp-agent target-host Example Configure the timeout interval of Trap packet as 60 seconds. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]snmp-agent trap life 60 snmp-agent trap Syntax queue-size snmp-agent trap queue-size undo snmp-agent trap queue-size View...
Page 489: Snmp-Agent Usm-User
Example Configure the IP address of the VLAN interface 1 as the source address for transmitting the Trap packets. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]snmp-agent trap source vlan-interface 1 snmp-agent usm-user Syntax snmp-agent usm-user { v1 | v2c } undo snmp-agent usm-user { v1 | v2c } snmp-agent usm-user v3 md5 | sha }...
Page 490: Undo Snmp-Agent
[SW5500]undo snmp-agent RMON Configuration This section describes the Remote Monitoring (RMON) configuration commands Commands available on your Switch 5500G-EI. ANAGEMENT OMMANDS Enter the encryption password with a character string, ranging Enter the access control list for this user, based on USM name.
Page 491: Display Rmon Alarm
Description Use the For the related commands, see Example Display the RMON alarm information. <SW5500>display rmon alarm Alarm table 1 owned by 3COM is VALID. Samples absolute value : 1.3.6.1.2.1.16.1.1.1.4.1 <etherStatsOctets.1> Sampling interval Rising threshold Falling threshold When startup enables...
Page 492: Display Rmon Eventlog
(counted on system initiate/boot time in centiseconds). Related command: Example Show the RMON event. <SW5500>display rmon event Event table 1 is VALID, and owned by 3COM. 00h:02m:27s. Table 63 Output description of the display rmon event command Field Event table 1...
Page 493: Display Rmon History
(including utility, error number and total packet number). For the related commands, see Example Show the RMON history information. <SW5500>display rmon history gigabitethernet 2/0/1 History control entry 1 owned by 3Com is VALID, Samples interface Sampling interval Latest sampled values : Dropevents...
Page 494: Display Rmon Prialarm
Related command: Example Display alarm information about extended RMON. <SW5500>display rmon prialarm Prialarm table 1 owned by 3Com is VALID. OMMANDS Description Index number in history control table Owner The entry corresponding to the index is valid...
Page 495: Display Rmon Statistics
Related command: Example Show RMON statistics. <SW5500>display rmon statistics GigabitEthernet 1/0/1 Statistics entry 1 owned by 3Com is VALID. Description Index of extended alarm entry. Creator of the extended alarm entry. The entry corresponding to the index is valid Sampling the absolute value of the node 1.3.6.1.2.1.16.1.1.1.4.1...
Page 496: Rmon Alarm
12: U HAPTER SING YSTEM ANAGEMENT Table 67 Output description of the display rmon statistics command Field Interface 3Com VALID octets packets broadcast packets multicast packets undersized packets oversized packets fragments packets jabbers CRC alignment errors collisions Dropped packet (insufficient resources)
Page 497: Rmon Event
falling-threshold 2147483647. event-entry2 from 0 to 65535. Specifies the creator of the alarm. Length of the character string text owner ranges from 1 to 127. Description Use the rmon alarm command to delete an entry from this table. rmon alarm In this way, the alarm event can be triggered in the abnormal situations and then decides to log and send trap to the NM station.
Page 498: Rmon History
12: U HAPTER SING YSTEM ANAGEMENT owner this entry. The length of the character string ranges from 1 to 127. Description Use the rmon event Event management of RMON defines the way to deal with event number and event-log, send trap message or log while sending trap message. In this way, alarm events may obtain corresponding treatment Example Add the entry 10 to the event table and mark it as log event.
Page 499: Rmon Prialarm
[SW5500-GigabitEthernet1/0/1]undo rmon history 15 rmon prialarm Syntax rmon prialarm delta | absolute | changeratio } rising-threshold event-entry1 entrytype { forever | cycle undo rmon prialarm View System view Parameter entry-number: alarm-var: several integer MIB node instances. The node can be OID in dotted notation. alarm-des: sampling-timer: measured in seconds.
Page 500: Rmon Statistics
12: U HAPTER SING YSTEM ANAGEMENT OMMANDS Example Delete line 10 from the extended RMON alarm table. <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]undo rmon prialarm 10 rmon statistics Syntax entry-number text-string rmon statistics [ owner entry-number undo rmon statistics View Ethernet port view...
Page 501: Ntp Configuration Commands
NTP Configuration This section describes the Network Time Protocol (NTP) configuration commands Commands available on your Switch 5500G-EI. debugging ntp-service Syntax debugging ntp-service { access | adjustment | authentication | event | filter | packet | parameter | refclock | selection |...
Page 502: Display Ntp-Service Sessions
12: U HAPTER SING YSTEM ANAGEMENT display ntp-service Syntax sessions display ntp-service sessions [ verbose ] View All views. Parameter verbose Description Use the the sessions maintained by NTP service provided by the local equipment. By default, the status of all the sessions maintained by NTP service provided by the local equipment will be displayed.
Page 503: Display Ntp-Service Trace
The following table describes the outputs: Table 68 NTP service status information Output clock status:unsynchronized clock stratum: 16 reference clock ID nominal frequency actual frequency clock precision clock offset root delay root dispersion peer dispersion reference time display ntp-service trace Syntax display ntp-service trace Views...
Page 504: Ntp-Service Access
12: U HAPTER SING YSTEM ANAGEMENT OMMANDS server 127.0.0.1,stratum 8, offset 0.000000, synch distance 0.00000 refid 127.127.1.0 ntp-service access Syntax ntp-service access { query | synchronization | server | peer } acl-number undo ntp-service access { query | synchronization | server | peer } View System view.
Page 505: Ntp-Service Authentication-Keyid
Parameters None Description Use the NTP-service authentication function, if no IP address is specified, the switch automatically selects 224.0.1.1 as the multicast IP address. Use the ntp-service authentication enable address is specified, the switch will disable the configuration of the multicast IP address 224.0.1.1.
Page 506: Ntp-Service Broadcast-Server
12: U HAPTER SING YSTEM ANAGEMENT undo ntp-service broadcast-client View VLAN interface view Parameter None. Description Use the client mode. Use the the NTP broadcast client mode. By default, the NTP broadcast client mode is disabled. Designate an interface on the local Switch to receive NTP broadcast messages and operate in broadcast client mode.
Page 507: Ntp-Service Max-Dynamic Sessions
Designate an interface on the local equipment to broadcast NTP packets. The local equipment runs in broadcast-server mode and regularly broadcasts packets to its clients. Example Configure to broadcast NTP packets via Vlan-Interface1 and encrypt them with Key 4 and set the NTP version number as 3. <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 508: Ntp-Service Multicast-Server
12: U HAPTER SING YSTEM ANAGEMENT Description Use the multicast client mode. Use the to disable the NTP multicast client mode. By default, the multicast client service is disabled. 224.0.1.1. Designate an interface on the local Switch to receive NTP multicast messages and operate in multicast client mode.
Page 509: Ntp-Service Reliable Authentication-Keyid
NTP Configuration Commands Designate an interface on the local equipment to transmit NTP multicast packet. The local equipment operates in multicast-server mode and multicasts packets regularly to its clients. Example Configure to transmit NTP multicast packets encrypted with Key 4 via Vlan-Interface1 at 224.0.1.1 and use NTP version 3.
Page 510: Ntp-Service In-Interface Disable
12: U HAPTER SING YSTEM ANAGEMENT View System view Parameter interface-name be taken from the address of the interface. interface-type interface-number parameter. interface-number with the interface-type parameter. Description Use the transmit NTP message. Use the to cancel the current setting. The source address specifies where the packets are transmitted from.
Page 511: Ntp-Service Unicast-Peer
System View: return to User View with Ctrl+Z. [SW5500]interface vlan-interface1 [SW5500-Vlan-Interface1]ntp-service in-interface disable ntp-service unicast-peer Syntax ntp-service unicast-peer authentication-key interface-type interface-number undo ntp-service unicast-peer View System view Parameter ip-address version number authentication-key keyid to 4294967295. source-interface interface-name message to a peer, the source IP address of the message is taken from the address of the interface.
Page 512: Ntp-Service Unicast-Server
12: U HAPTER SING YSTEM ANAGEMENT <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]ntp-service unicast-peer 131.108.22.33 version 3 source-interface Vlan-Interface 1 ntp-service Syntax unicast-server ntp-service unicast-server authentication-keyid interface-type interface-number undo ntp-service unicast-server View System view Parameter ip-address version number authentication-keyid keyid...
Page 513: Ssh Configuration Commands
System View: return to User View with Ctrl+Z. [SW5500]ntp-service unicast-server 128.108.22.44 version 3 SSH Configuration This section describes the SSH configuration commands available on your Switch Commands 5500G-EI. debugging ssh server Syntax debugging ssh server { all | vty undo debugging ssh server { all | vty...
Page 514: Display Rsa Peer-Public-Key
12: U HAPTER SING YSTEM ANAGEMENT Parameter None Description Use the and public key of the server. If no key is generated, corresponding information will be prompted, for example, “RSA keys not found”. Related command: Example To display local key pair and public key of the server, enter the following: <SW5500>display rsa local-key-pair public % Key pair was generated at: 12:26:33 UTC 2002/4/4 Key name: rtvrp_Host...
Page 515: Display Ssh Server
<SW5500>display rsa peer-public-key name abcd Key name:abcd Key address: Data: 30818602 8180739A 291ABDA7 04F5D93D C8FDF84C 42746319 91C164B0 DF178C55 FA833591 C7D47D53 81D09CE8 2913D7ED F9C08511 D83CA4ED 2B30B809 808EB0D1 F52D045D E40861B7 4A0E1355 23CCD74C AC61F8E5 8C452B2F 3F2DA0DC C48E3306 367FE187 BDD94401 8B3B69F3 CBB0A573 202C16BB 2FC1ACF3 EC8F828D 55A36F1C DDC4BB45 504F0201 25 display ssh server Syntax display ssh server { session | status }...
Page 516: Peer-Public-Key End
12: U HAPTER SING YSTEM ANAGEMENT Parameter username Description Use the user, including username, corresponding key, authentication type. If a username is specified, the system just gives its information. Related commands: authentication-type Example To display SSH user information, enter the following: [SW5500]display ssh user-information Username hanqi1...
Page 517: Public-Key-Code Begin
telnet: Description Use the designated user interface. By default, the system supports both Telnet and SSH protocols. If SSH protocol is enabled and specified for the user interface, but no local RSA key is configured, SSH cannot take effect yet till you log onto the system next time. If SSH protocol is specified, to ensure a successful logon, you must configure the AAA authentication using the protocol inbound ssh...
Page 518: Public-Key-Code End
12: U HAPTER SING YSTEM ANAGEMENT OMMANDS <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]rsa peer-public-key SW5500003 [SW5500-rsa-public-key]public-key-code begin [SW5500-rsa-key-code]308186028180739A291ABDA704F5D93DC8FDF84C427463 [SW5500-rsa-key-code]1991C164B0DF178C55FA833591C7D47D5381D09CE82913 [SW5500-rsa-key-code]D7EDF9C08511D83CA4ED2B30B809808EB0D1F52D045DE4 [SW5500-rsa-key-code]0861B74A0E135523CCD74CAC61F8E58C452B2F3F2DA0DC [SW5500-rsa-key-code]C48E3306367FE187BDD944018B3B69F3CBB0A573202C16 [SW5500-rsa-key-code]BB2FC1ACF3EC8F828D55A36F1CDDC4BB45504F020125 [SW5500-rsa-key-code]public-key-code end public-key-code end Syntax public-key-code end View Public key edit view Parameter None Description Use the...
Page 519: Rsa Local-Key-Pair Destroy
SSH Configuration Commands Description Use the command to create local RSA host key pair rsa local-key-pair create and server key pair. If you have configured RSA key, the system gives an alarm after using this command and prompts that the existing one will be replaced. The key naming format is switch name plus server and switch name plus host, for example, SW5500_host and SW5500_server.
Page 520: Rsa Peer-Public-Key
12: U HAPTER SING YSTEM ANAGEMENT Acknowledgement information will be promoted before the system clears all RSA key pairs. This command is just a one-time instruction, so the result will not be stored in the configuration file. Related command: Example To remove all key pairs at the server, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 521: Ssh Server Rekey-Interval
Description Use the authentication retry times value, which takes effect at next logon. Use the default retry value. By default, it is 3. Related command: Example To define the authentication retry times value as 4, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z. [SW5500]ssh server authentication-retries 4 ssh server rekey-interval Syntax...
Page 522: Ssh User Assign Rsa-Key
12: U HAPTER SING YSTEM ANAGEMENT Parameter seconds Description Use the registration authentication, which takes effect at next logon. Use the By default, the timeout value is 60 seconds. Related command: Example To define the registration timeout value as 80 seconds, enter the following: <SW5500>system-view System View: return to User View with Ctrl+Z.
Page 523: Ssh User Username Authentication-Type
ssh user username Syntax authentication-type ssh user undo ssh user View System view Parameter username Specifies authentication type as password and RSA. all: password: Specifies authentication type as RSA. rsa: Description Use the authentication type for a designated user. Use the the default mode in which logon fails.
Page 524 12: U HAPTER SING YSTEM ANAGEMENT OMMANDS...
Page 525: Ootrom Nterface
During the initial boot phase of the Switch the following prompt is Bootrom Interface displayed with a five second countdown timer allowing access to the bootrom: Starting... ****************************************************** * SuperStack 4 Switch 5500G-EI 52-Port BOOTROM, Version 1.0 ****************************************************** Copyright 2003-2005 3Com Corporation. Reserved. Creation date CPU type...
Page 526: Boot Menu
A: B HAPTER OOTROM NTERFACE BOOT MENU 1. Download application file to flash 2. Select application file to boot 3. Display all files in flash 4. Delete file from flash 5. Modify bootrom password 6. Enter bootrom upgrade menu 7. Skip current configuration file 8.
Page 527: Display All Files In Flash
Enter Option 1 at the prompt to display the following: File Number ================================================= 1(*) Free Space: 10491904 bytes (*)-with main attribute;(b)-with backup attribute (*b)-with both main and backup attribute Please input the file number to be change: An asterisk (*) indicates the current main boot file. A similar screen will be displayed for the configuration files and the web files.
Page 528: Modify Bootrom Password
A: B HAPTER OOTROM NTERFACE File Number Free Space: 10460160 bytes The current application file is s4b03_01_04s168.app (*)-with main attribute;(b)-with backup attribute (*b)-with both main and backup attribute Please input the file number to delete: The current application file is name and an * indicates the file in the list. If the filename is in brackets, for example has been deleted from the CLI but is still present in the recycle-bin.
Page 529: Set Switch Startup Mode
Menu Option 5) is lost, bootrom access is no longer possible. If access to the bootrom menu is required, the Switch will need to be returned to 3Com for repair. The super password is a fixed password that is based on the hardware of the Switch.
Page 530 A: B HAPTER OOTROM NTERFACE Selecting a FTP download 1. Set TFTP protocol parameter 2. Set FTP protocol parameter 3. Set XMODEM protocol parameter 0. Return to boot menu Enter your choice(0-3): 2 Load File name:s4b03_01_04s168.app Switch IP address:10.1.1.200 Server IP address:10.1.1.177 FTP User Name FTP User Password Are you sure to download file to flash? Yes or No(Y/N) y...

This manual is also suitable for:

Superstack 4 5500g-ei series

3Com 5500G-EI Command Reference Manual

About this Guide

System

Using Port

Ower over Ethernet

Network Protocol

Quick Links

Related Manuals for 3Com 5500G-EI

Summary of Contents for 3Com 5500G-EI