Do not dispose of WEEE as unsorted municipal waste and have to collect such WEEE separately. Revision PLANET 24-Port 10/100/1000Mbps with 4 Gigabit SFP Layer 3 Managed Ethernet Switch User's Manual FOR MODEL: WGS3-24000 REVISION: 1.1 (May.2007) Part No. EM-WGS3-24000_v1.1 (2081-A96020-001)
Page 8
8.6.44 show mac-address-table stats ........................360 8.6.45 show monitor ..............................360 8.6.46 show port ..............................360 8.6.47 show port protocol............................361 8.6.48 show port-channel............................361 8.6.49 show storm-control............................362 8.6.50 show vlan..............................362 8.6.51 show vlan brief ..............................363 8.6.52 show vlan port...............................363 8.6.53 shutdown ..............................364 8.6.54 shutdown all ..............................364 8.6.55 snmp trap link-status.............................364 8.6.56 snmp trap link-status all ..........................364 8.6.57 spanning-tree ..............................365...
Page 11
10.1.8 dot1x port-control ............................404 10.1.9 dot1x port-control All .............................404 10.1.10 dot1x re-authenticate ..........................404 10.1.11 dot1x re-authentication..........................404 10.1.12 dot1x system-auth-control...........................405 10.1.13 dot1x timeout ..............................405 10.1.14 dot1x user ..............................406 10.1.15 radius accounting mode..........................406 10.1.16 radius server host ............................406 10.1.17 radius server key............................407 10.1.18 radius server msgauth ..........................407 10.1.19 radius server primary ..........................407 10.1.20 radius server retransmit ..........................408...
Page 12
11.1.2 show spanning-tree interface ........................418 11.1.3 show spanning-tree mst detailed........................418 11.1.4 show spanning-tree mst port detailed......................418 11.1.5 show spanning-tree mst port summary ......................419 11.1.6 show spanning-tree mst summary ........................420 11.1.7 show spanning-tree summary ........................420 11.1.8 show spanning-tree vlan ..........................420 11.1.9 spanning-tree ..............................421 11.1.10 spanning-tree configuration name .......................421 11.1.11 spanning-tree configuration revision......................421 11.1.12 spanning-tree edgeport ..........................421...
Page 13
12.1.18 show arp brief .............................430 12.1.19 show arp switch ............................431 12.2 IP Routing Commands ............................431 12.2.2 no routing..............................431 12.2.3 ip routing ...............................431 12.2.4 no ip routing ..............................432 12.2.6 no ip address ..............................432 12.2.7 ip route................................432 12.2.8 no ip route..............................433 12.2.9 ip route default ..............................433 12.2.10 no ip route default ............................433 12.2.11 ip route distance............................433 12.2.12 no ip route distance.............................434...
Page 14
12.5.2 ip vrrp (Interface Config) ..........................444 12.5.3 ip vrrp mode ..............................444 12.5.4 ip vrrp ip ................................444 12.5.5 ip vrrp authentication.............................445 12.5.6 ip vrrp preempt..............................445 12.5.7 ip vrrp priority ..............................446 12.5.8 ip vrrp timers advertise..........................446 12.5.9 show ip vrrp interface stats ...........................446 12.5.10 show ip vrrp ..............................447 12.5.11 show ip vrrp interface ..........................447 12.5.12 show ip vrrp interface brief ..........................448...
Page 15
12.7.22 default-metric (OSPF) ..........................458 12.7.23 distance ospf (OSPF)..........................458 12.7.24 distribute-list out (OSPF)..........................458 12.7.25 exit-overflow-interval (OSPF) ........................459 12.7.26 external-lsdb-limit (OSPF)...........................459 12.7.27 ip ospf areaid ..............................459 12.7.28 ip ospf authentication ..........................460 12.7.29 ip ospf cost..............................460 12.7.30 ip ospf dead-interval............................460 12.7.31 ip ospf hello-interval ............................461 12.7.32 ip ospf priority..............................461 12.7.33 ip ospf retransmit-interval..........................461 12.7.34 ip ospf transmit-delay..........................462...
Page 16
12.8.6 default-metric (RIP)............................479 12.8.7 distance rip..............................479 12.8.8 distribute-list out (RIP) ..........................480 12.8.9 ip rip authentication............................480 12.8.10 ip rip receive version ...........................480 12.8.11 ip rip send version ............................481 12.8.12 hostroutesaccept............................481 12.8.13 split-horizon ..............................481 12.8.14 redistribute (RIP)............................482 12.8.15 show ip rip..............................482 12.8.16 show ip rip interface brief ..........................483 12.8.17 show ip rip interface ............................483 13 CLI COMMANDS: IP Multicast ..................
Page 17
13.2.9 show ip dvmrp route............................497 13.3 Internet Group Management Protocol (IGMP) Commands ..................498 13.3.1 ip igmp ................................498 13.3.2 ip igmp version..............................498 13.3.3 set igmp mcrtrexpiretime..........................498 13.3.4 ip igmp last-member-query-count .........................499 13.3.5 igmp last-member-query-interval ........................499 13.3.6 ip igmp query-interval............................499 13.3.7 ip igmp query-max-response-time.........................500 13.3.8 ip igmp robustness............................500 13.3.9 ip igmp startup-query-count ..........................500 13.3.10 ip igmp startup-query-interval........................501...
Page 18
13.5.10 ip pimsm staticrp ............................513 13.5.11 ip pimsm register-rate-limit ..........................513 13.5.12 show ip pimsm rphash ..........................514 13.5.13 show ip pimsm staticrp..........................514 13.5.14 show ip pimsm ............................514 13.5.15 show ip pimsm componenttable........................515 13.5.16 show ip pimsm interface ..........................515 13.5.17 show ip pimsm interface stats ........................516 13.5.18 show ip pimsm neighbor ..........................516 13.5.19 show ip pimsm rp ............................517 13.5.20 show ip pimsm rphash ..........................517...
1. INTRODUCTION 1.1 Packet Contents Thank you for purchasing PLANET 24-Port 10/100/1000Mbps wtih 4 shared SFP Layer 3 Managed Switch- WGS3-24000. Terms of “WGS3-Layer 3 Switch” means the Switches mentioned titled in the cover page of this User’s manual, i.e.WGS3-24000.
1.3 Product Feature Physical Ports 24 RJ-45 ports for 10/100/1000Base-T 4 shared SFP mini-GBIC interfaces ( Shared with Port-12 and Port-24) One DB9 male/RS-232 console port One DB9 male/RS-232 console port One DB9 male/RS-232 console port Layer 2 Features Supports auto MDI/MDI-X on all 10/100/1000Base-T ports The 10/100/1000Base-TX ports support auto-sensing, auto-negotiation Supports Jumbo frame up to 9KB Provides wire speed of L2 switching performance...
Page 21
Supports VLAN routing Supports VRRP Supports IP routing Supports route redistribution Supports route preferences Multicast Supports PIM-DM and PIM-SM Supports DVMRP Supports IGMP v1/v2/v3 Security User/Password protected system management L2/L3/L4 ACL (access control list) RADIUS client TACACS client SSH v1/v2 SSL v3/TLS v1 IEEE 802.1x Port-Based Autentication Port MAC lock...
2.1.1 Product Overview PLANET WGS3-24000 is loaded with powerful traffic management and QoS features to enhance services offered by telcos. It provides 4 priority queues per port for different types of traffics, allowing administrators to set policies for classified filtering and rule-based rate limitation.
2.1.4 Switch Rear Panel Figure 2-2 shows the rear panel of the switch Figure 2-2 WGS3-24000 rear panel. Power Notice: The device is a power-required device, it means, it will not work till it is powered. If your networks should active all the time, please consider using UPS (Uninterrupted Power Supply) for your device.
2.2 Install the Switch This section describes how to install the Ethernet Switch and make connections to it. Please read the following topics and perform the procedures in the order being presented. 2.2.1 Desktop Installation To install the Switch on desktop or shelf, please follows these steps: Step1: Attach the rubber feet to the recessed areas on the bottom of the switch.
Caution: You must use the screws supplied with the mounting brackets. Damage caused to the parts by using incorrect screws would invalidate the warranty. Step3: Secure the brackets tightly. Step4: Follow the same steps to attach the second bracket to the opposite side. Step5: After the brackets are attached to the Switch, use suitable screws to securely attach the brackets to the rack, as shown in Figure 2-6 Figure 2-6 Mounting the Switch in a Rack...
Page 28
Figure 2-7 Plug-in the SFP transceiver Approved PLANET SFP Transceivers PLANET WGS3-24000 support both single mode and multi mode SFP transceiver. The following list of approved PLANET SFP transceivers is correct at the time of publication: ■MGB-SX SFP (1000BASE-SX SFP transceiver ) ■MGB-LX SFP (1000BASE-LX SFP transceiver )
Page 29
Make sure there is no network activity by consult or check with the network administrator. Or through the management interface of the switch/converter (if available) to disable the port in advance. Remove the Fiber Optic Cable gently. Turn the handle of the MGB/MFB module to horizontal. Pull out the module gently through the handle.
3. CONFIGURATION This chapter explains the methods that you can use to configure management access to the switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (work-station or personal computer) and the system. It also contains information about port connection options. This chapter covers the following topics: ▫...
Based on open standards Some settings require calculations Security can be compromised (hackers need only know the community name) Table 3-1 Management Methods Comparison 3.1.1 Administration Console The administration console is an internal, character-oriented, and command line user interface for performing system administration such as displaying statistics or changing option settings.
3.2 Web Management The switch provides a browser interface that lets you configure and manage the switch remotely. After you set up your IP address for the switch, you can access the switch's Web interface applications directly in your Web browser by entering the IP address of the switch.
4. Web Configuration The WGS3-24000 can be configured through an Ethernet connection, make sure the manager PC must be set on same the IP subnet address with the switch. For example, if you have changed the default IP address of the Switch to 192.168.1.1 with subnet mask 255.255.255.0 via console, then the manager PC should be set at 192.168.1.x (where x is a number between 2...
Page 34
Switch. The login screen in Figure 4-1 appears. Figure 4-1 Login screen Now, you can use the Web management interface to continue the switch management or manage the switch by console interface. It is recommended to use Internet Explore 6.0 or above to access WGS3-24000. Note:...
Main Functions Menu Main Screen Apply Button Figure 4-1-1 Main Page Via the Web-Management, the administrator can setup the WGS3-24000 by select the functions those listed in the Main Function. The screen in Figure 4-2 appears. Figure 4-1-2 WGS3-24000 Main Funcrions Menu...
The following functions can be configured here: System Switching Routing Security IP Multicast System Description After a successful login, the main screen appears, the main screen displays the port status and a list of System section and the topics it provide. As showed in Figure 4-2. System Name - Enter the name you want to use to identify this switch.
4.2 Configure System The System section provides information for configuring system parameters. Under system the following topics are provided to configure and view the system information: 。 ARP Cache 。 Inventory Information 。 System Loading 。 Configuration 。 Forward Database 。...
4.2.2 Inventory Information Use this panel to display the switch's Vital Product Data, stored in non-volatile memory at the factory. The page includes the following fields: System Description - The product name of this switch. 。 Machine Type - The machine type of this switch. 。...
4.2.3 Configuration Use this page to configure the parameters for system management, including the following fields: 。 System Description 。 Switch 。 Network Connectivity 。 Telnet Session 。 Outbound Telnet Client Configuration 。 Serial Port 。 User Account 。 Authentication List Configuration 。...
Page 40
Figure 4—2-3 System Description 4.2.4.2 Switch Configuration This page includes the following fields: Broadcast Storm Recovery Mode - Enable or disable this option by selecting the corresponding line on the 。 pull-down entry field. The factory default is disabled. IEEE 802.3x Flow Control Mode - Enable or disable this option by selecting the corresponding line on the 。...
Page 41
4.2.3.3 Network Connectivity The network interface is the logical interface used for in-band connectivity with the switch via any of the switch's front panel ports. The configuration parameters associated with the switch's network interface do not affect the configuration of the front panel ports through which traffic is switched or routed.
Page 42
Network Configuration Protocol Current - Choose what the switch should do following power-up: transmit a 。 Bootp request, transmit a DHCP request, or do nothing (none). The factory default is DHCP. Management VLAN ID - Specifies the management VLAN ID of the switch. It may be configured to any value in 。...
Page 43
4.2.3.5 Outbound Telnet Client Configuration This page includes the following fields: Configurable Data Admin Mode - Specifies if the Outbound Telnet service is Enabled or Disabled. Default value is Enabled. 。 。 Maximum Sessions - Specifies the maximum number of Outbound Telnet Sessions allowed. Default value is 5. Valid Range is (0 to 5).
Page 44
4.2.3.7 Serial Port Use this page to define the parameters of console connectivity. The configurable data are: Serial Port Login Timeout (minutes) - Specify how many minutes of inactivity should occur on a serial port 。 connection before the switch closes the connection. Enter a number between 0 and 160: the factory default is 5. Entering 0 disables the timeout.
Page 45
4.2.3.8 User Accounts By default, two user accounts exist: admin, with 'Read/Write' privileges 。 guest, with 'Read Only' privileges 。 By default, both of these accounts have blank passwords. The names are not case sensitive. If you logon with a user account with 'Read/Write' privileges (i.e. as admin) you can use the User Accounts screen to assign passwords and set security parameters for the default accounts, and to add and delete accounts (other than admin) up to the maximum of six.
Page 46
Figure 4-2-9 User Accounts 4.2.3.9 Authentication List Configuration Use this screen to configure login lists. A login list specifies the authentication method(s) you want used to validate switch or port access for the users associated with the list. The pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList, which you may not delete.
Page 47
Figure 4-2-10 Authentication List Configuration – Create User Figure 4-2-11 Authentication List Configuration – DefaultList 4.2.3.10 Login Session This page shows the information of login session, including: ID - Identifies the ID of this row. 。 User Name - Shows the user name of user made the session. 。...
Page 48
Figure 4-2-12 Login Sessions 4.2.3.11 Authentication List Summary This page lists the authenticate user, the information fields include: Authentication List - Identifies the authentication login list summarized in this row. 。 Method List - The ordered list of methods configured for this login list. 。...
Page 49
4.2.3.12 User Login Each configured user is assigned to a login list that specifies how the user should be authenticated when attempting to access the switch or a port on the switch. After creating a new user account on the User Account screen, you should assign that user to a login list for the switch using this screen and, if necessary, to a login list for the ports using the Port Access Control User Login Configuration screen.
4.2.4 Forwarding Database 4.2.4.1 Configuration Use this panel to set the Address Ageing Timeout for the forwarding database. Address Ageing Timeout (seconds) - The forwarding database contains static entries, which are never aged out, 。 and dynamically learned entries, which are removed if they are not updated within a given time. You specify that time by entering a value for the Address Ageing Timeout.
Figure 4-2-16 Forwarding Database Search 4.2.5 Log Buffered Log Configuration 。 Buffered Log 。 Command Logger Configuration 。 Console Log Configuration 。 Event Log 。 Hosts Configuration 。 Persistent Log Configuration 。 Persistent Log 。 Syslog Configuration 。 4.2.5.1 Buffered Log Configuration This log stores messages in memory based upon the settings for message component and severity.
Page 52
Behavior Indicates the behavior of the log when it is full. It can either wrap around or stop when the log space is 。 filled. Figure 4-2-17 Buffered Log Configuration 4.2.5.2 Buffered Log This help message applies to the format of all logged messages which are displayed for the buffered log, persistent log or console log.
Page 53
44.2.5.3 Command Logger Configuration This page includes the following fields: Configurable Data 。 Admin Mode - Enable/Disable the operation of the CLI Command logging by selecting the corresponding pulldown field and clicking Submit. Figure 4-2-19 Command Logger Configuration 4.2.5.4 Console Log Configuration This allows logging to any serial device attached to the host.
Page 54
4.2.5.5 Event Log This allows logging to any serial device attached to the host. Configurable Data 。 Admin Status -A log that is "Disabled" shall not log messages. A log that is "Enabled" shall log messages. Enable or Disable logging by selecting the corresponding line on the pulldown entry field. 。...
Page 55
Port -This is the port on the host to which syslog messages are sent. The default port is 514. The default port is 514. 。 Specify the port in the text field. 。 Severity Filter -A log records messages equal to or above a configured severity threshold. Select the severity option by selecting the corresponding line on the pulldown entry field.
Page 56
Severity Filter - A log records messages equal to or above a configured severity threshold. Select the severity 。 option by selecting the corresponding line on the pulldown entry field. These severity levels have been enumerated below: -Emergency (0): system is unusable -Alert (1): action must be taken immediately -Critical (2): critical conditions -Error (3): error conditions...
4.2.5.9 Syslog Configuration Figure 4-2-25 Syslog Configuration Configurable Data Admin Status -For Enabling and Disabling logging to configured syslog hosts. Setting this to disable stops logging to 。 all syslog hosts. Disable means no messages will be sent to any collector/relay. Enable means messages will be sent to configured collector/relays using the values configured for each collector/relay.
Page 58
you want the port to participate in the network. The factory default is enabled. LACP Mode - Selects the Link Aggregation Control Protocol administration state. The mode must be enabled in 。 order for the port to participate in Link Aggregation. May be enabled or disabled by selecting the corresponding line on the pull-down entry field.
Page 59
Figure 4-2-27 Port Summary Selection Criteria MST ID - Select the Multiple Spanning Tree instance ID from the list of all currently configured MST ID's to 。 determine the values displayed for the Spanning Tree parameters. Changing the selected MST ID will generate a screen refresh.
Page 60
Port Role - Each MST Bridge Port that is enabled is assigned a Port Role for each spanning tree. The port role will 。 be one of the following values: Root Port, Designated Port, Alternate Port, Backup Port, Master Port or Disabled Port.
Page 61
Delete - Remove the selected session configuration. 。 4.2.6.4 Periodic Port Mirroring Use this page to configure the periodic port mirroring. Figure 4-2-30 Periodic Port Mirroring Selection Criteria Session ID - A session ID can be selected. By default the First Session is selected. 。...
Page 62
4.2.6.5 Double VLAN Tunneling Use this page to configure the Doubble VLAN Tunneling. Figure 4-2-31 Double VLAN Tunneling Selection Criteria Slot/Port - Select the physical interface for which you want to display or configure data. Select 'All' to set the 。...
Page 63
4.2.6.7 Double VLAN Tunneling Summary Figure 4-2-32 Double VLAN Tunneling Summary Non-Configurable Data Slot/Port - The physical interface for which data is being displayed. 。 Mode - This specifies the administrative mode via which Double VLAN Tagging can be enabled or disabled. The 。...
4.2.7 SNMP 4.2.7.1 Community Configuration By default, two SNMP Communities exist: private, with 'Read/Write' privileges and status set to enable 。 public, with 'Read Only' privileges and status set to enable 。 These are well-known communities; you can use this menu to change the defaults or to add other communities. Only the communities that you define using this menu will have access to the switch using the SNMPv1 and SNMPv2c protocols.
Page 65
which SNMP clients may use that community to access this device. If either (IP Address or IP Mask) value is 0.0.0.0, access is allowed from any IP address. Otherwise, every client's IP address is ANDed with the mask, as is the Client IP Address, and, if the values are equal, access is allowed.
4.2.7.3 Supported MIBS This is a list of all the MIBs supported by the switch. Name - The RFC number if applicable and the name of the MIB. 。 Description - The RFC title or MIB description. 。 Refresh - Update the data. 。...
Page 67
to a Multicast address, including those that were discarded or not sent. Broadcast Packets Transmitted - The total number of packets that higher-level protocols requested be 。 transmitted to the Broadcast address, including those that were discarded or not sent. Transmit Packets Discarded - The number of outbound packets which were chosen to be discarded even though 。...
Page 68
4.2.9.2 Switch Summary ifIndex - This object indicates the ifIndex of the interface table entry associated with the Processor of this switch. 。 Broadcast Packets Received - The total number of packets received that were directed to the broadcast address. 。...
Page 69
4.2.8.3 Port Detailed Selection Criteria Slot.Port - Selects the interface for which data is to be displayed or configured. 。 Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with this port on an adapter. 。...
Page 70
address. Note that this number does not include packets directed to the broadcast address. Broadcast Packets Received - The total number of good packets received that were directed to the broadcast 。 address. Note that this does not include multicast packets. Total Packets Received with MAC Errors - The total number of inbound packets that contained errors preventing 。...
Page 71
Total Packets Transmitted (Octets) - The total number of octets of data (including those in bad packets) 。 transmitted on the network (excluding framing bits but including FCS octets). This object can be used as a reasonable estimate of Ethernet utilization. If greater precision is desired, the etherStatsPkts and etherStatsOctets objects should be sampled before and after a common interval.
Page 72
RSTP BPDUs Received - Number of RSTP BPDUs received at the selected port. 。 RSTP BPDUs Transmitted - Number of RSTP BPDUs transmitted from the selected port. 。 MSTP BPDUs Received - Number of MSTP BPDUs received at the selected port. 。...
Page 73
Broadcast Packets Received - The total number of good packets received that were directed to the broadcast 。 address. Note that this does not include multicast packets. Packets Transmitted Without Errors - The number of frames that have been transmitted by this port to its 。...
Total Memory - The total RAM memory available with the CPU. 。 Used Memory - The RAM memory already used by CPU. 。 Free Memory - The free memory available with the CPU. 。 % CPU Utilization - % of CPU capacity used over time. 。...
Page 75
4.2.9.2 System Reset Reboot the switch. Any configuration changes you have made since the last time you issued a save will be lost. You will be shown a confirmation screen after you select the button. Figure 4-2-42 System Reset 4.2.9.3 Reset Configuration to Default Have all configuration parameters reset to their factory default values.
Page 76
4.2.9.4 Reset Password to Default Reset all of the system login passwords to their default values. If you want the switch to retain the new values across a power cycle, you must perform a save. Figure 4-2-44 Reset Password to Default 4.2.9.5 Download File To Switch Use this menu to download a file to the switch.
Page 77
TFTP File Path - Enter the path on the TFTP server where the selected file is located. You may enter up to 32 。 characters. The factory default is blank. TFTP File Name - Enter the name on the TFTP server of the file you want to download. You may enter up to 32 。...
Page 78
Figure 4-2-46 Upload File from Switch Configurable Data File Type - Specify the type of file you want to upload. The available options are Configuration, Error Log, System 。 Trace, and Trap Log. The factory default is Error Log. TFTP Server IP Address - Enter the IP address of the TFTP server. The factory default is 0.0.0.0 。...
4.2.10 Trap Management 4.2.10.1 Trap Flags Use this menu to specify which traps you want to enable. When the condition identified by an active trap is encountered by the switch a trap message will be sent to any enabled SNMP Trap Receivers, and a message will be written to the trap log. Configurable Data Authentication - Enabled or disable activation of authentication failure traps by selecting the corresponding line 。...
Page 80
reset. Number of Traps since log last viewed - The number of traps that have occurred since the traps were last 。 displayed. Displaying the traps by any method (terminal interface display, Web display, upload file from switch etc.) will cause this counter to be cleared to 0. Log - The sequence number of this trap.
4.2.11 DHCP Server 4.2.11.1 Global Configuration Figure 4-2-50 DHCP Server Global Configuration Configurable Data Admin Mode - Specifies if the DHCP Service is to be Enabled or Disabled. Default value is Disable. 。 Ping Packet Count - Specifies the number of packets a server sends to a Pool address to check for duplication as 。...
Page 82
4.2.11.2 Pool Configuration DHCP Server Pool Configuration Figure 4-2-51 DHCP Server Pool Configuration Configurable Data Pool Name* - For a user with readwrite permission, this field would show names of all the existing pools along with 。 an additional option "Create". When the user selects "Create" another text box "Pool Name" appears where the user may enter name for the Pool to be created.For a user with readonly permission, this field would show names of the existing pools only.
Page 83
Hardware Address - Specifies the MAC address of the hardware platform of the DHCP client. 。 Hardware Address Type - Specifies the protocol of the hardware platform of the DHCP client. Valid types are 。 ethernet and ieee802. Default value is ethernet. Client ID - Specifies the Client Identifier for DHCP manual Pool.
Page 84
DNS Server Addresses - Specifies the list of DNS Server Addresses for the pool. The user may specify upto 8 DNS 。 Server Addresses in order of preference. NetBIOS Name Server Addresses - Specifies the list of NetBIOS Name Server Addresses for the pool. The user 。...
Page 85
Command Buttons Submit - Creates/Modifies the Pool Configuration. Sends the updated configuration to the switch. Configuration 。 changes take effect immediately. Delete - Deletes the Pool. This field is not visible to a user with readonly permission. 。 The network ip address/mask of the switch shall be within the same as ip pool. Note: 4.2.11.3 Pool Options DHCP Server Pool Options...
Page 86
4.2.11.4 Reset Configuration DHCP Server Reset Configuration Figure 4-2-55 DHCP Server Reset Configuration Selection Criteria Clear - Specifies whether All Dynamic Bindings/Specific Dynamic Binding/All Address Conflicts/Specific Address 。 Conflict is to be deleted. Clear IP Address - IP Address against the Binding/Address Conflict to be cleared.This field appears only if the user 。...
Page 87
Non-Configurable Data IP Address - Specifies the Client's IP Address. 。 Hardware Address - Specifies the Client's Hardware Address. 。 Lease Time - Specifies the Lease time left in Days, Hours and Minutes dd:hh:mm format. 。 Type - Specifies the Type of Binding: Dynamic / Manual. 。...
Page 88
DHCPREQUEST - Specifies the number of DHCPREQUEST messages received by the DHCP Server. 。 DHCPDECLINE - Specifies the number of DHCPDECLINE messages received by the DHCP Server. 。 DHCPRELEASE - Specifies the number of DHCPRELEASE messages received by the DHCP Server. 。...
4.2.12 SNTP 4.2.12.1 Global Configuration Figure 4-2-59 SNTP Global Configuration Configurable Data Client Mode - Specifies the mode of operation of SNTP Client. An SNTP client may operate in one of the following 。 modes. • Disable- SNTP is not operational. No SNTP requests are sent from the client nor are any received SNTP messages processed.
Page 90
Unicast Poll Timeout - Specifies the number of seconds to wait for an SNTP response when configured in unicast 。 mode. Allowed range is (1 to 30). Default value is 5. Unicast Poll Retry - Specifies the number of times to retry a request to an SNTP server after the first time-out 。...
Page 91
• OtherNone of the following enumeration values. • SuccessThe SNTP operation was successful and the system time was updated. • Request Timed OutA directed SNTP request timed out without receiving a response from the SNTP server. • Bad Date EncodedThe time provided by the SNTP server is not valid. •...
Page 92
Server - Specifies all the existing Server Addresses along with an additional option "Create". When the user selects 。 "Create" another text box "Address" appears where the user may enter Address for Server to be configured. Address - Specifies the address of the SNTP server. This is a text string of up to 64 characters containing the 。...
Page 93
4.2.12.4 Server Status Figure 4-2-62 SNTP Server Status Non-Configurable Data Address - Specifies all the existing Server Addresses. If no Server configuration exists, a message saying "No 。 SNTP server exists" flashes on the screen. Last Update Time - Specifies the local date and time (UTC) that the response from this server was used to update 。...
4.3 Switching This page provides all system operation for configuring VLAN, Port-based VLAN, Spanning Tree, Port Aggregation, and Multicast Support. The Switch page contains links to the following topics: 。 VLAN 。 Protocol-based VLAN 。 Filters 。 GARP 。 IGMP Snooping 。...
Page 95
entire network (assuming all switches on the network are IEEE 802.1Q-compliant). VLAN allow a network to be segmented in order to reduce the size of broadcast domains. All packets entering a VLAN will only be forwarded to the stations (over IEEE 802.1Q enabled switches) that are members of that VLAN, and this includes broadcast, multicast and unicast packets from unknown sources.
Page 96
Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC) must be recalculated. Adding an IEEE802.1Q Tag Original Ethernet Dest. Addr. Src. Addr. Length/E. type Data Old CRC Dest. Addr. Src. Addr. E.
Page 97
4.3.1.1 VLAN Configuration 802.1Q VLAN Configuration There are up to 4041 configurable VLAN groups. By default when 802.1Q is enabled, all ports on the switch belong to default VLAN (VID 1). The default VLAN cannot be deleted. Understand nomenclature of the Switch Tagging and Untagging Every port on an 802.1Q compliant switch can be configured as tagging or untagging.
Page 98
Selection Criteria VLAN ID and Name - You can use this screen to reconfigure an existing VLAN, or to create a new one. Use this 。 pulldown menu to select one of the existing VLANs, or select 'Create' to add a new one. Configurable Data VLAN ID - Specify the VLAN Identifier for the new VLAN.
Page 99
Figure 4-3-2 VLAN Status 4.3.1.3 VLAN Port Configuration Selection Criteria Slot.Port - Select the physical interface for which you want to display or configure data. Select 'All' to set the 。 parameters for all ports to same values. Configurable Data Port VLAN ID - Specify the VLAN ID you want assigned to untagged or priority tagged frames received on this port.
Page 100
Figure 4-3-3 VLAN Port Configuration 4.3.1.4 VLAN Port Summary This page shows the configured VLAN parameters. Slot.Port - The interface. 。 Port VLAN ID - The VLAN ID that this port will assign to untagged frames or priority tagged frames received on 。...
Page 101
Figure 4-3-4 VLAN Port Summary 4.3.1.5 VLAN Reset Configuration If you select this button and confirm your selection on the next screen, all VLAN configuration parameters will be reset to their factory default values. Also, all VLANs, except for the default VLAN, will be deleted. The factory default values are: All ports are assigned to the default VLAN of 1.
4.3.2 Protocol-based VLAN 4.3.2.1 Configuration You can use a protocol-based VLAN to define filtering criteria for untagged packets. By default, if you do not configure any port- (IEEE 802.1Q) or protocol-based VLANs, untagged packets will be assigned to VLAN 1. You can override this behavior by defining either port-based VLANs or protocol-based VLANs, or both.
Page 103
IP - IP is a network layer protocol that provides a connectionless service for the delivery of data. 。 ARP - Address Resolution Protocol (ARP) is a low-level protocol that dynamically maps network layer addresses 。 to physical medium access control (MAC) addresses IPX - The Internetwork Packet Exchange (IPX) is a connectionless datagram Network-layer protocol that forwards 。...
4.3.3 Port Security 4.3.3.1 Port Security Administration Figure 4-3-8 Port Security Administration Configurable Data 。 Port Security Mode - Enables or disables the Port Security feature. Command Buttons Submit - Applies the new configuration and causes the changes to take effect. These changes will not be retained 。...
Page 105
Unit/Slot/Port - Selects the interface to be configured. 。 Configurable Data 。 Port Security - Enables or disables the Port Security feature for the selected interface. 。 Maximum Dynamic MAC Addresses allowed - Sets the maximum number of dynamically learned MAC addresses on the selected interface.
Page 106
4.3.3.3 Port Security Static Figure 4-3-10 Port Security Statically Configured MAC Address Port Security Statically Configured MAC Addresses Selection Criteria Unit/Slot/Port - Select the physical interface for which you want to display data. 。 VLAN ID - selects the VLAN ID corresponding to the MAC address being deleted. 。...
Page 107
4.3.3.4 Port Security Dynamic Figure 4-3-11 Port Security Dynamically Learned MAC Address Port Security Dynamically Learned MAC Addresses. Selection Criteria 。 unit/slot/port - Select the physical interface for which you want to display data. Non-configurable data 。 MAC Address - Displays the allowable MAC address learned on a specific port. 。...
Page 108
4.3.3.6 Port MAC Deny This page allows setting up per Port Mac Deny Interface Configuration Figure 4-3-13 Per Port MAC Deny Interface Configuration Selection Criteria 。 unit/slot/port - Selects the interface to be configured. Configurable Data 。 Enable MAC Deny Feature - Used to enable or disable the MAC Deny Fe ature for the selected interface. 。...
Page 109
Selection Criteria 。 unit/slot/port - Selects the interface to be configured. Non-configurable data MAC Address - Displays the MAC addresses learned on a specific port. 。 。 VLAN ID - Displays the VLAN ID corresponding to the MAC address. Number of Dynamic MAC addresses learned - Displays the number of dynamically learned MAC addresses on a 。...
4.3.4 GARP 4.3.4.1 GARP Status This screen shows the GARP Status for the switch and for the individual ports. Note that the timers are only relevant when the status for a port shows as enabled. Figure 4-3-16 GARP Status Switch GVRP - Indicates whether the GARP VLAN Registration Protocol administrative mode for this switch is 。...
Page 111
LeaveAll PDU indicates that all registrations will shortly be deregistered. Participants will need to rejoin in order to maintain registration. An instance of this timer exists for each GARP participant for each port. The Leave All Period Timer is set to a random value in the range of LeaveAllTime to 1.5*LeaveAllTime. Permissible values are 200 to 6000 centiseconds (2 to 60 seconds).
Page 112
Leave Time (centiseconds) - Specify the time to wait after receiving an unregister request for a VLAN or multicast 。 group before deleting the associated entry, in centiseconds. This allows time for another station to assert registration for the same attribute in order to maintain uninterrupted service. Enter a number between 20 and 600 (0.2 to 6.0 seconds).
4.3.5 IGMP Snooping Computers and network devices that want to receive multicast transmissions need to inform nearby routers that they will become members of a multicast group. The Internet Group Management Protocol (IGMP) is used to communicate this information. IGMP is also used to periodically check the multicast group for members that are no longer active. In the case where there is more than one multicast router on a sub network, one router is elected as the ‘queried’.
Page 114
The Time-to-Live (TTL) field of query messages is set to 1 so that the queries will not be forwarded to other sub networks. IGMP version 2 introduces some enhancements such as a method to elect a multicast queried for each LAN, an explicit leave message, and query messages that are specific to a given group.
Page 115
4.3.5.1 IGMP Snooping Configuration and Status Use this menu to configure the parameters for IGMP Snooping, which is used to build forwarding lists for multicast traffic. Note that only a user with Read/Write access privileges may change the data on this screen. Figure 4-3-19 IGMP Snooping Configuration and Status Configurable Data Admin Mode - Select the administrative mode for IGMP Snooping for the switch from the pulldown menu.
Page 116
4.3.5.2 IGMP Snooping Interface Configuration Figure 4-3-20 IGMP Snooping Interface Configuration Configurable Data Slot/Port - The single select box lists all physical ,VLAN and LAG interfaces. Select the interface you want to 。 configure. Admin Mode - Select the interface mode for the selected interface for IGMP Snooping for the switch from the 。...
Page 117
This could take up to 10 to 30 seconds to become effective Notice: 4.3.5.3 VLAN Status Use this page to display the IGMP Snooping VLAN status. Figure 4-3-21 IGMP Snooping VLAN Status Non-Configurable Data 。 VLAN ID - All Vlan Ids for which the IGMP Snooping mode is Enabled. 。...
Page 118
Figure 4-3-22 IGMP Snooping VLAN Configuration Configurable Data VLAN ID - Specifies list of VLAN IDs for which IGMP Snooping is enabled. 。 。 VLAN ID - Appears when "New Entry" is selected in VLAN ID combo box. Specifies VLAN ID for which pre-configurable Snooping parameters are to be set.
Page 119
4.3.5.5 Multicast Router Statistics Figure 4-3-23 Multicast Router Statistics Non-Configurable Data 。 Slot/Port - The single select box lists all physical and LAG interfaces. Select the interface for which you want to display the statistics. 。 Multicast Router - Specifies for the selected interface whether multicast router is enable or disabled. Command Buttons 。...
Page 120
4.3.5.7 Multicast Router VLAN Statistics Figure 4-3-25 Multicast Router VLAN Statistics Selection Criteria 。 Slot/Port - The select box lists all Slot/Ports.Select the interface for which you want to display the statistics. Non-Configurable Data VLAN ID - All Vlan Ids for which the Multicast Router Mode is Enabled 。...
4.3.5.8 Multicast Router VLAN Configuration Figure 4-3-26 Multicast Router VLAN Configuration Selection Criteria 。 Slot/Port - The select box lists all Slot/Ports.Select the interface for which you want to display the statistics. Non-Configurable Data VLAN ID - All Vlan Ids for which the Multicast Router Mode is Enabled 。...
Page 122
groups). If the group is defined as a LACP static link aggregationing group, then any extra ports selected are placed in a standby mode for redundancy if one of the other ports fails. If the group is defined as a local static link aggregationing group, then the number of ports must be the same as the group member ports.
Page 123
factory default is enable. STP Mode - The Spanning Tree Protocol Administrative Mode associated with the Port Channel. The possible 。 values are: Disable - spanning tree is disabled for this Port Channel. 。 Enable - spanning tree is enabled for this Port Channel. 。...
Page 124
Link Trap - Whether or not a trap will be sent when link status changes. The factory default is enabled. 。 Configured Ports - A list of the ports that are members of the Port Channel, in slot.port notation. There can be a 。...
4.3.7 Multicast Forwarding Database 4.3.7.1 MFDB Table The Multicast Forwarding Database holds the port membership information for all active multicast address entries. The key for an entry consists of a VLAN ID and MAC address pair. Entries may contain data for more than one protocol. Figure 4-3-30 Multicast Forwarding Database Table Use this screen to display the MFDB information for a specific entry.
Page 126
Slot.Port(s) - The list of interfaces that are designated for forwarding (Fwd:) and filtering (Flt:) for the selected 。 address. Forwarding Port(s) - The resultant forwarding list is derived from combining all the forwarding interfaces and 。 removing the interfaces that are listed as the static filtering interfaces. 4.3.7.2 GMRP Table This screen will display all of the entries in the Multicast Forwarding Database that were created for the GARP Multicast Registration Protocol.
Page 127
MAC Address - A VLAN ID - multicast MAC address pair for which the switch has forwarding and or filtering 。 information. The format is 8 two-digit hexadecimal numbers that are separated by colons, for example 00:01:23:45:67:89:AB:CD. Type - This displays the type of the entry. Static entries are those that are configured by the user. Dynamic entries 。...
4.3.8 Spanning Tree 1. Spanning Tree Protocol The IEEE 802.1D Spanning Tree Protocol and IEEE 802.1W Rapid Spanning Tree Protocol allow for the blocking of links between switches that form loops within the network. When multiple links between switches are detected, a primary link is established.
Page 129
Creating a Stable STP Topology It is to make the root port a fastest link. If all switches have STP enabled with default settings, the switch with the lowest MAC address in the network will become the root switch. By increasing the priority (lowering the priority number) of the best switch, STP can be forced to select the best switch as the root switch.
Page 130
Switch Blocking Listening Disable Learning Forwarding STP Port State Transitions You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up. If properly configured, each port stabilizes to the forwarding or blocking state.
Page 131
the root bridge The length of time between broadcasts of 2 seconds Hello Time the hello message by the switch Measures the age of a received BPDU for a 20 seconds Maximum Age Timer port and ensures that the BPDU is discarded when its age exceeds the value of the maximum age timer.
Page 132
Max. Age – The Max Age can be from 6 to 40 seconds. At the end of the Max Age, if a BPDU has still not been received from the Root Bridge, your Switch will start sending its own BPDU to all other Switches for permission to become the Root Bridge. If it turns out that your Switch has the lowest Bridge Identifier, it will become the Root Bridge.
Page 133
LAN 1 Portcast = 19 Port 3 Bridge ID = 15 Port 1 Port 2 Portcast = 4 Portcast = 4 Portcast = 4 Portcast = 4 Port 1 Port 1 Bridge ID = 30 Bridge ID = 20 Port 2 Port 2 Port 3 Portcast = 19...
Page 134
4.3.8.1 Spanning Tree Switch Configuration/Status This page is to enable/disable the Spanning Tree protocol. The switch support IEEE 802.1d Spanning Tree (STP), IEEE 802.1w Rapid Spanning Tree (RSTP) and IEEE 802.1S Multiple Spanning Tree (MSTP). Figure 4-3-33 Spanning Tree Switch Configuration/Status Configurable Data Spanning Tree Mode - Specifies whether spanning tree operation is enabled on the switch.
Page 135
4.3.8.2 Spanning Tree CST Configuration/Status Figure 4-3-34 Spanning Tree CST Configuration/Status Configurable Data Bridge Priority - Specifies the bridge priority for the Common and Internal Spanning tree (CST). The value lies 。 between 0 and 61440. It is set in multiples of 4096. For example if the priority is attempted to be set to any value between 0 and 4095, it will be set to 0.
Page 136
Time since topology change - The time in seconds since the topology of the CST last changed. 。 Topology change count - Number of times topology has changed for the CST. 。 Time since topology change - The time in seconds since the topology of the 。...
Page 137
Priority - The bridge priority for the MST instance selected. The bridge priority is set in multiples of 4096. For 。 example if the priority is attempted to be set to any value between 4095, it will be set to 0. If it is tried to be 0 and set to any value between 4096 and (2*4096-1) it will be set to 4096 and so on.
Page 138
Admin Edge Port - Specifies if the specified port is an Edge Port within the CIST. It takes a value of TRUE or 。 FALSE, where the default value is FALSE. Port Path Cost - Set the Path Cost to a new value for the specified port in the common and internal spanning tree. 。...
Page 139
Port Forwarding State - The Forwarding State of this port. 。 。 Port Role - Each MST Bridge Port that is enabled is assigned a Port Role for each spanning tree. The port role will be one of the following values: Root Port, Designated Port, Alternate Port, Backup Port, Master Port or Disabled Port.
Page 140
(Disabled). Path cost will be calculated based on the link speed of the port if the configured value for Port Path Cost is zero. Port ID - The port identifier for the specified port within the selected MST instance. It is made up from the port 。...
Page 141
4.3.8.6 Spanning Tree Statistics Figure 4-3-39 Spanning Tree Statistics Selection Criteria Slot.Port - Selects one of the physical or lag interfaces of the switch. 。 Non-Configurable Data STP BPDUs Received - Number of STP BPDUs received at the selected port. 。...
4.3.9 Class of Service 4.3.9.1 802.1p Priority Mapping This page is to configure the IEEE 802.1p priority mapping on the port. Figure 4-3-40 802.1p Priority Mapping Slot.Port - Select the physical interface for which you want to display or configure data. Select 'All' to set the 。...
4.4 Security This section is to control the access of the switch, includes the user access and management control. The Security page contains links to the following topics: 。 Port Access Control 。 RADIUS 。 TACACS+ 。 Secure HTTP 。 Secure Shell Understanding IEEE 802.1X Port-Based Authentication The IEEE 802.1X standard defines a client-server-based access control and authentication protocol that restricts unauthorized...
Page 144
Client—the device (workstation) that requests access to the LAN and switch services and responds to requests from the switch. The workstation must be running 802.1X-compliant client software such as that offered in the Microsoft Windows XP operating system. (The client is the supplicant in the IEEE 802.1X specification.) Authentication server—performs the actual authentication of the client.
Page 145
authorized. The specific exchange of EAP frames depends on the authentication method being used. “Figure 2-43” shows a message exchange initiated by the client using the One-Time-Password (OTP) authentication method with a RADIUS server. Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network.
retransmit the request. If no response is received from the server after the specified number of attempts, authentication fails, and network access is not granted. When a client logs off, it sends an EAPOL-logoff message, causing the switch port to transition to the unauthorized state. If the link state of a port transitions from up to down, or if an EAPOL-logoff frame is received, the port returns to the unauthorized state.
Page 147
auto: The authenticator PAE sets the controlled port mode to reflect the outcome of the authentication exchanges between the supplicant, authenticator, and the authentication server. Quiet Period - This input field allows the user to configure the quiet period for the selected port. This command 。...
Page 148
Reauthenticate - This button begins the reauthentication sequence on the selected port. This button is only 。 selectable if the control mode is is 'auto'. If the button is not selectable, it will be grayed out. Once this button is pressed, the action is immediate.
Page 149
Force Authorized: The authenticator PAE unconditionally sets the controlled port to authorize. Auto: The authenticator PAE sets the controlled port mode to reflect the outcome of the authentication exchanges between the supplicant, authenticator, and the authentication server. Operating Control Mode - This field indicates the control mode under which the port is actually operating. 。...
Page 150
this authenticator. EAPOL Logoff Frames Received - This displays the number of EAPOL logoff frames that have been received by 。 this authenticator. Last EAPOL Frame Version - This displays the protocol version number carried in the most recently received 。...
Page 151
Submit - Send the updated screen to the switch and cause the changes to take effect on the switch but these 。 changes will not be retained across a power cycle unless a save is performed. Refresh - Update the information on the page. 。...
Page 152
Figure 4-4-6 Port Access Privileges 4.4.1.7 Port Access Summary This page is to show the configured access control on each port. Port - Displays the port in slot.port format. 。 Users - Displays the users that have access to the port. 。...
4.4.2 RADIUS Radius Server — In this situation, need a Radius server in the network, the normal topologies as below 4.4.2.1 RADIUS Configuration This page is to configure the RADIUS server connection session parameters. Max Number of Retransmits - The value of the maximum number of times a request packet is retransmitted. The 。...
Page 155
Figure 4-4-8 RADIUS Configuration 4.4.2.2 RADIUS Server Configuration This page is to configure the RADIUS server connection features. RADIUS Server IP Address - Selects the RADIUS server to be configured. Select add to add a server. 。 IP Address - The IP address of the server being added. 。...
Page 156
Figure 4-4-9 RADIUS Server Configuration Windows Platform RADIUS Server Configuration Setup the RADIUS server and assign the client IP address to the Web-Smart switch. In this case, field in the default IP Address of the Web-Smart switch with 192.168.0.100. And also make sure the shared secret key is as same as the one you had set at the switch RADIUS server –...
Page 157
Set the Ports Authenticate Status to “Force Authorized” if the port is connected to the RADIUS Notice: server or the port is a uplink port that is connected to another switch. Or once the 802.1X stat to work, the switch might not be able to access the RADIUS server. Create user data.
Page 158
Figure 4-4-11 Windows Server RADIUS Server setting path Enter ” Active Directory Users and Computers”, create legal user data, the next, right-click a user what you created to enter properties, and what to be noticed:...
Page 159
Figure 4-4-12 TsInternetUser Properties screen 4.4.2.3 RADIUS Server Statistics This page shows the statistics of RADIUS Server usage. RADIUS Server IP Address - Selects the IP address of the RADIUS server for which to display statistics. 。 Round Trip Time (secs) - The time interval, in hundredths of a second, between the most recent 。...
Page 160
Pending Requests - The number of RADIUS Access-Request packets destined for this server that have not yet 。 timed out or received a response. Timeouts - The number of authentication timeouts to this server. 。 Unknown Types - The number of RADIUS packets of unknown type which were received from this server on the 。...
Page 161
4.4.2.4 RADIUS Accounting Server Configuration This page is to configure the RADIUS Accounting Server Accounting Server IP Address - Selects the accounting server for which data is to be displayed or configured. If 。 the add item is selected, a new accounting server can be configured. IP Address - The IP address of the accounting server to add.
Page 162
4.4.2.5 RADIUS Accounting Server Statistics This page shows the statistics of RADIUS Accounting Server. Accounting Server IP Address - Identifies the accounting server associated with the statistics. 。 Round Trip Time (secs) - Displays the time interval, in hundredths of a second, between the most recent 。...
Page 163
4.4.2.6 RADIUS Clear Statistics This will clear the accounting server, authentication server and RADIUS statistics. Figure 4-4-16 RADIUS Clear Statistics Command Buttons 。 Clear All RADIUS Statistics - This button will clear the accounting server, authentication server and RADIUS statistics. 4.4.2.7 802.1X Client Configuration Windows XP is originally 802.1X support.
Page 164
Select “Authentication” tab. Select “Enable network access control using IEEE 802.1X” to enable 802.1x authentication. Select “MD-5 Challenge” from the drop-down list box for EAP type. Click “OK”. When client has associated with WGSW-2840/5240, a user authentication notice appears in system tray. Click on the notice to continue.
Page 165
Enter the user name, password and the logon domain that your account belongs. 10. Click “OK” to complete the validation process.
4.4.3 TACACS+ TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. TACACS+ provides separate authentication, authorization and accounting services. TACACS+ is based on TACACS, but, in spite of its name, it is an entirely new protocol which is incompatible with any previous version of TACACS.
Page 167
4.4.3.2 Server Configuration This page is to configure the TACACS+ Serve, include IP Address, port and and Key String. Figure 4-4-18 TACACS+ Server Configuration Selection Criteria 。 TACACS+ Server Selects the TACACS+ server for which data is to be displayed or configured. If the add item is selected, a new TACACS server can be configured.
4.4.4 Secure HTTP Https is a URI scheme used to indicate a secure HTTP connection. It is syntactically identical to the http:// scheme normally used for accessing resources using HTTP. Using an https: URL indicates that HTTP is to be used, but with a different default TCP port (443) and an additional encryption/authentication layer between the HTTP and TCP.
4.4.5 Secure Shell Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (optionally) to allow the remote computer to authenticate the user.
4.5 QoS 4.5.1 IP Access Control List An ACL consists of a set of rules which are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional rules are not checked for a match. On this menu the interfaces to which an ACL applies must be specified, as well as whether it applies to inbound or outbound traffic.
Page 171
Command Buttons Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These 。 changes will not be retained across a power cycle unless a save is performed. Delete ACL - Removes the currently selected ACL from the switch configuration. 。...
Page 172
4.5.1.3 IP ACL Rule Configuration Use these screens to configure the rules for the Access Control Lists created using the Access Control List Configuration screen. What is shown on this screen varies depending on the current step in the rule configuration process. An ACL must first be selected to configure rules for.
Page 173
configuring other match criteria will not be offered. To configure specific match criteria for the rule, remove the rule and re-create it, or re-configure 'Match Every' to 'False' for the other match criteria to be visible. Protocol Keyword - Specify that a packet's IP protocol is a match condition for the selected IP ACL rule. The 。...
specifying its numeric value, then select the 'Other' option in the dropdown box and a text box will appear where the numeric value of the DSCP can be entered. • IP Precedence Configuration The IP Precedence field in a packet is defined as the high-order three bits of the Service Type octet in the IP header.
Page 175
MAC ACL - A new MAC Access Control List may be created or the configuration of an existing MAC ACL can be 。 updated based on selection. Configurable Data 。 MAC ACL Name - Specifies MAC ACL Name string which may include alphabetic, numeric, dash, underscore or space characters only.
Page 176
4.5.2.3 MAC ACL Rule Configuration Figure 4-5-6 MAC ACL Rule Configuration – Create New Extended MAC ACL Figure 4-5-7 MAC ACL Rule Configuration – Configure MAC ACL Rule Selection Criteria 。 MAC ACL - Select the MAC ACL for which to create or update a rule. 。...
Page 177
Destination MAC - Specifies the destination MAC address to compare against an Ethernet frame. Valid format is 。 (xx:xx:xx:xx:xx:xx). The BPDU keyword may be specified using a Destination MAC address of 01:80:C2:xx:xx:xx. Ethertype Key - Specifies the Ethertype value to compare against an Ethernet frame. 。...
Page 178
Figure 4-5-8 MAC ACL Rule Configuration – Setting items Figure 4-5-9 MAC ACL Rule Configuration – Source MAC configuration If only one or two MAC addresses are going to be blocked, rember to add a “Permit All” rule at the Note end of the ACL.
4.5.3 ACL Interface Configuration Use these pages to apply the IP Based ACL or MAC Based ACL to specify interface. Figure 4-5-10 ACL Interface Configuration Configurable Data 。 Slot/Port - Specifies list of all available valid interfaces for ACL mapping. All non-routing physical interfaces and interfaces participating in LAGs are listed.
Page 180
Direction - Displays selected packet filtering direction for ACL. 。 。 ACL Type - Displays the type of ACL assigned to selected interface and direction. 。 ACL Identifier - Displays the ACL Number(in case of IP ACL) or ACL Name(in case of MAC ACL) identifying the ACL assigned to selected interface and direction.
4.5.4 Differentiated Services Packets are filtered and processed based on defined criteria. The filtering criteria is defined by a class. The processing is defined by a policy's attributes. Policy attributes may be defined on a per-class instance basis, and it is these attributes that are applied when a match occurs.
Page 182
4.5.4.2 Diffserv Class Configuration Figure 4-5-12 Diffserv Class Configuration Selection Criteria Class Selector - Along with an option to create a new class, this lists all the existing DiffServ class names, from 。 which one can be selected. The content of this screen varies based on the selection of this field. If an existing class is selected then the screen will display the configured class.
Page 183
configured to be excluded, 'Yes' is displayed. Conversely, when a match criterion is configured to be included, 'No' is displayed. Figure 4-5-13 DiffServ Class Configuration – Class Match selector Figure 4-5-14 DiffServ Class Configuration – Destination IP Address...
Page 184
4.5.4.3 Diffserv Class Summary This page shows the configuration summary of the Diffserv. Figure 4-5-15 Diffserv Class Summary Non-Configurable Data Class Name - Displays names of the configured DiffServ classes. 。 Class Type - Displays types of the configured classes as 'all', 'any', or 'acl'. Class types are platform dependent. 。...
Page 185
becomes a non-configurable field displaying the configured policy type. Available Class List - This lists all existing DiffServ class names, from which one can be selected. This field is a 。 selector field only when a new policy class instance is to be created. After creation of the policy class instance this becomes a non-configurable field.
Page 186
Figure 4-5-18 DiffServ Policy Summary 4.5.4.6 DiffServ Policy Class Definition Policy Selector - This lists all the existing DiffServ policy names, from which one can be selected. 。 Member Class List - This lists all existing DiffServ classes currently defined as members of the specified Policy, 。...
Page 187
Figure 4-5-20 DiffServ Policy Class Definition – Assign Queue Figure 4-5-21 DiffServ Policy Attribute Summary 4.5.4.8 DiffServ Service Configuration Use this page to define the DiffServ policy on each port. Slot.Port - Select the Slot.Port that uniquely specifies an interface. This is a list of all valid slot number and port 。...
Page 188
Figure 4-5-22 DiffServ Service Configuration 4.5.4.9 DiffServ Service Summary This page shows the configuration summary of DiffServ service. Slot.Port - Shows the Slot.Port that uniquely specifies an interface. 。 Direction - Shows the traffic direction of this service interface, either In or Out. 。...
Page 189
service policy for any reason due to DiffServ treatment. This is the overall count per-interface, per-direction. Sent Packets/Octets - A count of the total number of packets/octets forwarded for all class instances in this 。 service policy after their defined DiffServ treatments were applied. In this case, forwarding means the traffic stream was passed to the next functional element in the data path, such as the switching or routing function of an outbound link transmission element.
Page 190
Sent Packets/Octets (Out) - Displays the count of the packets/octets forwarded for this class instance after the 。 defined DiffServ treatment was applied. In this case, forwarding means the traffic stream was passed to the next functional element in the data path, such as the switching or routing function or an outbound link transmission element Tail Dropped Packets/Octets (Out) - Displays the count of the packets/octets discarded due to tail dropping from 。...
4.5.5 Class of Service 4.5.5.1 Trust Mode Configuration Use this page to access Class of Service (CoS) Mapping Table Configuration Figure 4-5-26 Trust Mode Configuration Selection Criteria 。 Slot/Port - Specifies all CoS configurable interfaces. The option "Global" represents the most recent global configuration settings.
Page 192
IP DSCP Traffic Class - Specify which internal traffic class to map the corresponding IP DSCP value. Valid Range is 。 (0 to 7) . Non-Configurable Data 。 Untrusted Traffic Class - Displays traffic class (i.e. queue) to which all traffic is directed when in 'untrusted' mode. Valid Range is (0 to 7).
Page 193
Traffic Class - Specify which internal traffic class to map the corresponding IP Precedence. 。 IP Precedence - Displays the IP Precedence to be mapped. 。 4.5.5.3 IP DSCP Mapping Configuration This page is to configure the IP DSCP mapping on the port. Figure 4-5-28 IP DSCP Mapping Configuation Slot.Port - Select the physical interface for which you want to display or configure data.
Page 194
4.5.5.4 Interface Configuration Figure 4-5-29 CoS Interface Configuation Class of Service (CoS) Interface Configuration Selection Criteria 。 Slot/Port - Specifies all CoS configurable interfaces. The option "Global" represents the most recent global configuration settings. These may be overridden on a per-interface basis. Configurable Data 。...
Page 195
Figure 4-5-30 CoS Interface Queue Configuration Selection Criteria Slot/Port - Specifies all CoS configurable interfaces. The option "Global" represents the most recent global 。 configuration settings. These may be overridden on a per-interface basis. Queue ID - Specifies all the available queues per interface(platform based). 。...
Page 196
Restore Defaults for All Queues - Restores default settings for all queues on the selected interface. 。 。 Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 4.5.5.6 Interface Queue Status Figure 4-5-31 CoS Interface Queue Status Selection Criteria...
4.6 Routing The PLANET new WGS3 Layer 3 seriew switches provide powerful IP routing, Multicast routing and Layer 3 redundancy capabilities. They support high density multilayer Gigabit Ethernet solutions to the enterprise and ISP. The WGS3 forwards IP packets between IP networks. When it receives an IP packet through one of its interfaces, it forwards the packet through one of its interfaces.
Page 198
The Routing folder provides access to the following windows: 4.6.1 IP 4.6.2 VLAN Routing 4.6.3 RIP 4.6.4 OSPF 4.6.5 Router 4.6.6 ARP 4.6.7 BOOTP/DHCP Realy Agent 4.6.8 Router Discovery 4.6.9 VRRP To configure the Layer 3 routing of the WGS3, the set up flow as following flow chart:...
Page 200
4.6.1 IP 4.6.1.1 IP Configuration Use this menu to configure routing parameters for the switch as opposed to an interface. Figure 4-6-1 IP Configuation Configurable Data 。 Routing Mode - Select enable or disable from the pulldown menu. You must enable routing for the switch before you can route through any of the interfaces.
Page 201
4.6.1.2 IP Statistics The statistics reported on this screen are as specified in RFC 1213. Figure 4-6-2 IP Statistics Non-Configurable Data IpInReceives - The total number of input datagrams received from interfaces, including those received in error. 。 。 IpInHdrErrors - The number of input datagrams discarded due to errors in their IP headers, including bad checksums, version number mismatch, other format errors, time-to-live exceeded, errors discovered in processing their IP options, etc.
Page 202
IpInDelivers - The total number of input datagrams successfully delivered to IP user-protocols (including ICMP). 。 。 IpOutRequests - The total number of IP datagrams which local IP user-protocols (including ICMP) supplied to IP in requests for transmission. Note that this counter does not include any datagrams counted in ipForwDatagrams. 。...
Page 203
IcmpOutMsgs - The total number of ICMP messages which this entity attempted to send. Note that this counter 。 includes all those counted by icmpOutErrors. 。 IcmpOutErrors - The number of ICMP messages which this entity did not send due to problems discovered within ICMP such as a lack of buffers.
Page 204
Selection Criteria 。 Slot/Port - Select the interface for which data is to be displayed or configured. Configurable Data IP Address - Enter the IP address for the interface. 。 。 Subnet Mask - Enter the subnet mask for the interface. This is also referred to as the subnet/network mask, and defines the portion of the interface's IP address that is used to identify the attached network.
Page 205
4.6.1.4 IP Interface Secondary Address Configuration Figure 4-6-4 IP Interface Secondary Address Configuration Selection Criteria Secondary Address - The IP Address for which data is to be displayed. Create must be selected to add a 。 secondary address to the interface. Configurable Data 。...
4.6.2 VLAN Routing 4.6.2.1 VLAN Routing Configuration Figure 4-6-5 VLAN Routing Configuraiton Selection Criteria 。 VLAN ID - Enter the ID of a VLAN you want to configure for VLAN Routing. Initially, the field will display the ID of the first VLAN.
Page 207
Click on the Create button. The page will be updated to display the interface and MAC address assigned to this new 。 VLAN. The IP address and Subnet Mask fields will be 0.0.0.0. 。 Note the interface assigned to the VLAN. 。...
Page 208
Figure 4-6-7 IP Interface Configuration 4.6.2.2 VLAN Routing Summary Figure 4-6-8 VLAN Routing Summary Non-Configurable Data 。 VLAN ID - The ID of the VLAN whose data is displayed in the current table row Slot/Port - The Slot/Port assigned to the VLAN Routing Interface 。...
4.6.3 RIP The Routing Information Protocol is used to specify how routers exchange routing table information. (See “RIP and RIP-2 Dynamic Routing Protocols” on Chapter “Advanced Topics”.) When RIP is enabled on this routing switch, it broadcasts RIP messages to all devices in the network every 30 seconds, and updates its own routing table when RIP messages are received from other routers.
Page 210
Split Horizon Mode - Select none, simple or poison reverse from the pulldown menu. Split horizon is a technique for 。 avoiding problems caused by including routes in updates sent to the router from which the route was originally learned. The options are: None - no special processing for this case.
Page 211
Non-Configurable Data 。 Slot/Port - The slot and port for which the information is being displayed. 。 IP Address - The IP Address of the router interface. Send Version - The RIP version to which RIP control packets sent from the interface conform. The value is one of 。...
Page 212
4.6.3.3 RIP Interface Configuration Figure 4-6-11 RIP Interface Configuation Selection Criteria Slot/Port - Select the interface for which data is to be configured. 。 Configurable Data Send Version - Select the version of RIP control packets the interface should send from the pulldown menu. The 。...
Page 213
RIP Admin Mode - Select enable or disable from the pulldown menu. Before you enable RIP version 1 or version 。 1c on an interface, you must first enable network directed broadcast mode on the corresponding interface. The default value is disable. Authentication Type - You may select an authentication type other than none by clicking on the 'Configure 。...
Page 214
Figure 4-6-12 RIP Interface Authentication Configuation 4.6.3.4 RIP Route Redistribution Configuration Figure 4-6-13 RIP Route Redistribution Configuration Configuration This screen can be used to configure the RIP Route Redistribution parameters. The allowable values for each fields are displayed next to the field. If any invalid values are entered, an alert message will be displayed with the list of all the valid values.
Page 215
Static Connected OSPF 。 Metric- Sets the metric value to be used as the metric of redistributed routes. This field displays the metric if the source was pre-configured and can be modified. The valid values are (1 to 15) 。 Match - One or more of these checkboxes must be selected to set the type of OSPF routes to be redistributed.
Page 216
Delete - Delete the entry of the Source Route selected as Configured Source from the list of Sources configured for 。 RIP Route Redistribution. 4.6.3.5 RIP Route Redistribution Summary Figure 4-6-14 RIP Route Redistribution Summary This screen displays the RIP Route Redistribution Configurations. Non Configurable Data 。...
4.6.4 OSPF To implement OSPF for a large network, you must first organize the network into logical areas to limit the number of OSPF routers that actively exchange Link State Advertisements (LSAs). You can then define an OSPF interface by assigning an IP interface configured on this switch to one of these groups. This OSPF interface will send and receive OSPF traffic to neighboring OSPF routers.
Page 218
4.6.4.1 OSPF Configuration Figure 4-6-15 OSPF Configuration Configurable Data Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the router within the autonomous 。 system (AS). If you want to change the Router ID you must first disable OSPF. After you set the new Router ID, you must re-enable OSPF to have the change take effect.
Page 219
Exit Overflow Interval - Enter the number of seconds that, after entering overflow state, the router should wait 。 before attempting to leave overflow state. This allows the router to again originate non-default AS-external-LSAs. If you enter 0, the router will not leave Overflow State until restarted. The range is 0 to 2147483647 seconds. 。...
Page 220
4.6.4.2 OSPF Interface Configuration Figure 4-6-17 OSPF Interface Configuration Selection Criteria 。 Slot/Port - Select the interface for which data is to be displayed or configured.
Page 221
Configurable Data 。 OSPF Admin Mode* - You may select enable or disable from the pulldown menu. The default value is 'disable.' You can configure OSPF parameters without enabling OSPF Admin Mode, but they will have no effect until you enable Admin Mode.
Page 222
the same for all routers attached to a network. This value should a multiple of the Hello Interval (e.g. 4). Valid values range from 1 to 2147483647. The default is 40. 。 Iftransit Delay Interval - Enter the OSPF Transit Delay for the specified interface. This specifies the estimated number of seconds it takes to transmit a link state update packet over the selected interface.
Page 223
Authentication Key - Enter the OSPF Authentication Key for the specified interface. If you do not choose to use 。 authentication you will not be prompted to enter a key. If you choose 'simple' authentication you cannot use a key of more than 8 octets.
Page 224
Other Designated Router - The interface is connected to a broadcast or NBMA network on which other routers have been selected to be the Designated Router and Backup Designated Router either. The router attempts to form adjacencies to both the Designated Router and the Backup Designated Router. The State is only displayed if the OSPF admin mode is enabled.
Page 225
4.6.4.3 OSPF Area Configuration OSPF protocol broadcast messages (i.e., Link State Advertisements) are restricted by area to limit their impact on network performance. Before assigning an Area ID to a specific OSPF interface, you must first specify the Area ID in this table.
Page 226
Metric Value - Enter the metric value you want applied for the default route advertised into the stub area. Valid 。 values range from 1 to 16,777,215. 。 Metric Type - Select the type of metric specified in the Metric Value field. •...
Page 227
To add a new Area ID, use the <Add> button. (The default 0.0.0.0 indicates the OSPF backbone.) To Note modify or delete an existing Area ID, highlight the table entry with the cursor and select Enter. 4.6.4.4 OSPF Stub Area Summary Figure 4-6-21 OSPF Stub Area Summary Non-Configurable Data 。...
Page 228
4.6.4.5 OSPF Area Range Configuration After you configure an area identifier, you can specify a subnetwork address range that covers all the individual networks in this area. This technique limits the amount of traffic exchanged between Area Border Routers (ABRs) by allowing them to advertise a single summary range.
Page 229
Advertisement - The Advertisement mode for the address range and area. 。 Command Buttons 。 Create - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. The new address range will be added to the display in the non-configurable data area.
Page 230
4.6.4.6 OSPF Interface Statistics This screen displays statistics for the selected interface. The information will be displayed only if OSPF is enabled. Figure 4-6-23 OSPF Interface Statistics Selection Criteria 。 Slot/Port - Select the interface for which data is to be displayed. Non-Configurable Data 。...
Page 231
IP Address - The IP address of the interface. 。 。 Interface Events - The number of times the specified OSPF interface has changed its state, or an error has occurred. 。 Virtual Events - The number of state changes or errors that have occurred on this virtual link. 。...
Page 232
4.6.4.7 OSPF Neighbor Table This screen displays the OSPF neighbor table list. When a particular neighbor ID is specified, detailed information about a neighbor is given. The information below will only be displayed if OSPF is enabled. Figure 4-6-24 OSPF Neighbor Table Selection Criteria 。...
Page 233
4.6.4.8 OSPF Neighbor Configuration This screen displays the OSPF neighbor configuration for a selected neighbor ID. When a particular neighbor ID is specified, detailed information about a neighbor is given. The information below will only be displayed if OSPF is enabled and the interface has a neighbor.
Page 234
Down - This is the initial state of a neighbor conversation. It indicates that there has been no recent information received from the neighbor. On NBMA networks, Hello packets may still be sent to "Down" neighbors, although at a reduced frequency. Attempt - This state is only valid for neighbors attached to NBMA networks.
Page 235
4.6.4.9 OSPF Link State Database Figure 4-6-26 OSPF Link State Database Non-Configurable Data 。 Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the router within the autonomous system (AS). The Router ID is set on the IP Configuration page. If you want to change the Router ID you must first disable OSPF.
Page 236
Options - The Options field in the link state advertisement header indicates which optional capabilities are associated with the advertisement. The options are: Q - This enables support for QoS Traffic Engineering. E - This describes the way AS-external-LSAs are flooded. MC - This describes the way IP multicast datagrams are forwarded according to the standard specifications.
Page 237
4.6.4.10 OSPF Virtual Link Configuration All OSPF areas must connect to the backbone. If an area does not have a direct physical connection to the backbone, you can configure a virtual link that provides a logical path to the backbone. To connect an isolated area to the backbone, the logical path can cross a single nonbackbone area to reach the backbone.
Page 238
Area ID and Neighbor Router ID - Select the virtual link for which you want to display or configure data. It consists 。 of the Area ID and Neighbor Router ID. Configurable Data Neighbor Router ID - Enter the neighbor portion of a Virtual Link specification. Virtual links may be configured 。...
Page 239
Non-Configurable Data Down - This is the initial interface state. In this state, the lower-level protocols have indicated that the interface is unusable. In this state, interface parameters will be set to their initial values. All interface timers will be disabled, and there will be no adjacencies associated with the interface. Waiting - The router is trying to determine the identity of the (Backup) Designated Router by monitoring received Hello Packets.
Page 240
(config)# router ospf (config-router)# area 0.0.0.1 virtual-link 10.0.0.2 4.6.4.11 OSPF Virtual Link Summary Figure 4-6-28 OSPF Virtual Link Summary Non-Configurable Data 。 Area ID - The ID of an OSPF area to which one of the router interfaces is connected. An Area ID is a 32 bit integer in dotted decimal format that uniquely identifies the area to which an interface is connected.
Page 241
Figure 4-6-29 OSPF Route Redistribution Configuration Configurable Data Configured Source - This select box is a dynamic selector and would be populated by only those Source Routes 。 that have already been configured for redistribute by OSPF. However, the topmost option in the select box would be "Create", and this allows the user to configure another, among the Available Source Routes.
Page 242
address of the route. (Note that a 1 in the mask indicates a "don’t care" in the corresponding address bit.) When an access list rule includes a destination IP address and netmask (an extended access list), the destination IP address is compared to the network mask of the destination of the route. The destination netmask in the access list serves as a wildcard mask, indicating which bits in the route’s destination mask are significant for the filtering operation.
Page 243
4.6.4.13 OSPF Route Redistribution Summary This screen displays the OSPF Route Redistribution Configurations. Figure 4-6-30 OSPF Route Redistribution Summary Non Configurable Data Source - The Source Route to be Redistributed by OSPF. 。 。 Metric- The Metric of redistributed routes for the given Source Route. Displays "Unconfigured" when not configured. 。...
4.6.5 Router 4.6.5.1 Router Table Figure 4-6-31 Router Route Table Non-Configurable Data 。 Network Address - The IP route prefix for the destination. 。 Subnet Mask - Also referred to as the subnet/network mask, this indicates the portion of the IP interface address that identifies the attached network.
Page 245
4.6.5.2 Router Best Routes Table Figure 4-6-32 Router Best Routes Table Non-Configurable Data 。 Network Address - The IP route prefix for the destination. Subnet Mask - Also referred to as the subnet/network mask, this indicates the portion of the IP interface address that 。...
Page 246
4.6.5.3 Route Entry Configuration Figure 4-6-33 Route Route Entry Configuration Selection Criteria 。 Network Address - Specifies the IP route prefix for the destination. In order to create a route a valid routing interface must exist and the next hop IP Address must be on the same network as the routing interface. Routing interfaces are created on the IP Interface Configuration page.
Page 247
Next Hop IP Address - The outgoing router IP address to use when forwarding traffic to the next router (if any) in the 。 path towards the destination. The next router will always be one of the adjacent neighbors or the IP address of the local interface for a directly attached network.
Page 248
OSPF Intra - The OSPF intra route preference value in the router. The default value is 8. The range is 1 to 255. The 。 OSPF specification (RFC 2328) requires that preferences must be given to the routes learned via OSPF in the following order: intra <...
Page 249
Network Address - Specifies the IP route prefix for the destination. This field will be present only when creating a 。 static route. Subnet Mask - Also referred to as the subnet/network mask, this indicates the portion of the IP interface address that 。...
4.6.6 ARP Use the following screen to display or edit entries in the Static ARP Table. Entries added to this table are retained until the associated IP interface is deleted or the switch is reset to the factory defaults. 4.6.6.1 ARP Create Use this screen to add an entry to the Address Resolution Protocol table.
Page 251
Figure 4-6-37 ARP Table Configuation Configurable Data 。 Age Time - Enter the value you want the switch to use for the ARP entry ageout time. You must enter a valid integer, which represents the number of seconds it will take for an ARP entry to age out. The range for this field is 15 to 21600 seconds.
Page 252
Remove IP Address - This appears only if the user selects Specific Dynamic/Gateway Entry or Specific Static Entry 。 in the Remove from Table Drop Down List. Allows the user to enter the IP Address against the entry that is to be removed from the ARP Table.
Page 253
4.6.6.3 ARP Interface Configuration Figure 4-6-38 ARP Interface Configuration Selection Criteria 。 Port - Select the interface for which data is to be configured. Configurable Data 。 Cache Size - Specifies the Cache size for the selected interface. Valid range is from 8 to 16.
4.6.7 BOOTP/DHCP Relay Agent If a DHCP server is not located in the same subnet with a host, you can configure this switch to forward any host configuration queries to a server located on another subnet or on another network. Depending on the configuration setup, the switch either: •...
Page 255
Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These 。 changes will not be retained across a power cycle unless a save is performed. 4.6.7.2 BOOTP/DHCP Relay Agent Status Figure 4-6-40 BOOTP/DHCP Relay Agent Status Non-Configurable Data Maximum Hop Count - The maximum number of Hops a client request can go without being discarded.
4.6.8 Router Discovery The Router Discovery is not a routing protocol but a Router Discovery Protocol. The function Router Discovery allows neighboring routers to be found from ICMP Router Advertisement messages. It also be named as IRDP (ICMP Router Discovery Protocol). – implemented as defined in RFC-1256. The ICMP router discovery messages are called "Router Advertisements"...
Page 257
Advertise Address - Enter the IP Address to be used to advertise the router. 。 。 Maximum Advertise Interval - Enter the maximum time (in seconds) allowed between router advertisements sent from the interface. 。 Minimum Advertise Interval - Enter the minimum time (in seconds) allowed between router advertisements sent from the interface.
Page 258
4.6.8.2 Router Discovery Status Figure 4-6-42 Router Discovery Status Non-Configurable Data 。 Slot/Port - The router interface for which data is displayed. 。 Advertise Mode - The values are enable or disable. Enable denotes that Router Discovery is enabled on that interface.
4.6.9 VRRP The Virtual Router Redundancy Protocol (VRRP) is designed to eliminate the single point of failure inherent in the static default routed environment. VRRP specifies an election protocol that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN.
Page 260
4.6.9.1 VRRP Configuration Figure 4-6-43 VRRP Configuration Configurable Data 。 VRRP Admin Mode - This sets the administrative status of VRRP in the router to active or inactive. Select enable or disable from the pulldown menu. The default is disable. Command Buttons 。...
Page 261
VRID and Slot/Port - Select 'Create' from the pulldown menu to configure a new Virtual Router, or select one of the 。 existing Virtual Routers, listed by interface number and VRID. Configurable Data VRID - This field is only configurable if you are creating new Virtual Router, in which case enter the VRID in the 。...
Page 262
4.6.9.3 Virtual Router Status Figure 4-6-45 Virtual Router Status Figure 4-6-46 Virtual Route Status Non-Configurable Data VRID - Virtual Router Identifier. 。 Slot/Port - Indicates the interface associate with the VRID. 。 Priority - The priority value used by the VRRP router in the election for the master virtual router. 。...
Page 263
VMAC Address - The virtual MAC Address associated with the Virtual Router, composed of a 24 bit 。 organizationally unique identifier, the 16 bit constant identifying the VRRP address block and the 8 bit VRID. Auth Type - The type of authentication in use for the Virtual Router 。...
Page 264
4.6.9.4 Virtual Router Statistics Figure 4-6-47 Virtual Router Statistics Selection Criteria 。 VRID and Slot/Port - Select the existing Virtual Router, listed by interface number and VRID, for which you want to display statistical information. Non-Configurable Data 。 Router Checksum Errors - The total number of VRRP packets received with an invalid VRRP checksum value. Router Version Errors - The total number of VRRP packets received with an unknown or unsupported version 。...
Page 265
Advertisement Received - The total number of VRRP advertisements received by this virtual router. 。 。 Advertisement Interval Errors - The total number of VRRP advertisement packets received for which the advertisement interval was different than the one configured for the local virtual router . 。...
Page 266
Secondary Address - The ip address for which data is to be displayed. Create must be selected to add a 。 secondary address to the interface. Configurable Data IP Address - Enter the IP address for the interface. This address must be a member of one of the subnets currently 。...
4.7 IP Multicast The WGS3 supports the following Multicast routing protocol : DVMRP IGMP Multicast Mdebug PIM-DM PIM-SM 4.7.1 Multicast 4.7.1.1 Multicast Global Configuration Figure 4-6-49 Multicast Global Configuation Selection Criteria Admin Mode - Select enable or disable to set the administrative status of Multicast Forwarding in the router. The default is disable.
Page 268
Number Of Packets For Which Source Not Found - The number of multicast packets that were supposed to be routed but which failed the RPF check. Number Of Packets For Which Group Not Found - The number of multicast packets that were supposed to be routed but for which no multicast route was found.
Page 269
Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 4.7.1.3 Multicast Mroute Summary This screen displays selected contents of the Mroute Table in tabular form. If there are no routes in the table you will not be presented with the Selection Criteria.
Page 270
Search - Search the Mroute table for an entry matching the Source IP (if entered) and Group IP address. Clear Route - Remove the data on the screen for the Source IP (if entered) and Group IP address you have specified.
Page 271
Slot/Port - Select the interface number from the dropdown menu. This is the interface that connects to the neighbor router for the given source IP address. Command Buttons Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed.
Page 272
4.7.1.6 Multicast Admin Boundary Configuration The definition of an administratively scoped boundary is a mechanism is a way to stop the ingress and egress of multicast traffic for a given range of multicast addresses on a given routing interface. Figure 4-6-54 Multicast Admin Boundary Configuration Selection Criteria Group IP - Select 'Create Boundary' from the pulldown menu to create a new admin scope boundary, or select one of the existing boundary specifications to display or update its configuration.
Page 273
4.7.1.7 Multicast Admin Boundary Summary Figure 4-6-55 Multicast Admin Boundary Summary Non-Configurable Data Slot/Port - The router interface to which the administratively scoped address range is applied. Group IP - The multicast group address for the start of the range of addresses to be excluded. Mask - The mask that is applied to the multicast group address.
4.7.2 IGMP 4.7.2.1 IGMP Global Configuration Figure 4-6-56 IGMP Global Configuation Configurable Data Admin Mode - Select enable or disable from the pulldown menu to set the administrative status of IGMP in the router to active or inactive. The default is disable. Command Buttons Submit - Send the updated configuration to the router.
Page 275
4.7.2.2 IGMP Interface Configuration Figure 4-6-57 IGMP Interface Configuration Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed or configured from the pulldown menu. Slot 0 is the base unit. You must have configured at least one router interface before configuring or displaying data for an IGMP interface, otherwise an error message will be displayed.
Page 276
Query Max Response Time - Enter the maximum query response time to be advertised in IGMPv2 queries on this interface, in tenths of a second. The default value is 10. Valid values are from (0 to 255) . Startup Query Interval - Enter the number of seconds between the transmission of startup queries on the selected interface.
Page 277
4.7.2.3 IGMP Interface Configuration Summary Figure 4-6-58 IGMP Configuration Summary Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Non-Configurable Data Interface Mode - The administrative status of IGMP on the selected interface. IP Address - The IP address of the selected interface.
Page 278
Robustness - The robustness parameter for the selected interface. This variable allows tuning for the expected packet loss on a subnet. If a subnet is expected to be lossy, the robustness variable may be increased. IGMP is robust to (robustness variable-1) packet losses. Startup Query Interval - The interval at which startup queries are sent on the selected interface.
Page 279
requires that all routers on a LAN be configured to run the same version of IGMP. Therefore, a configuration error is indicated if any queries are received with the wrong version number. Number of Joins - The number of times a group membership has been added on the selected interface; that is, the number of times an entry for this interface has been added to the cache table.
Page 280
Version 1 Host Timer - The time remaining until the local router will assume that there are no longer any IGMP version 1 members on the IP subnet attached to this interface. When an IGMPv1 membership report is received, this timer is reset to the group membership timer.
Non-Configurable Data Interface - This parameter shows the interface on which multicast packets are forwarded. Group Compatibility Mode - This parameter shows group compatibility mode (v1, v2 and v3) for this group on the specified interface. Source Filter Mode - The source filter mode (Include/Exclude/NA) for the specified group on this interface. Source Hosts - This parameter shows source addresses which are members of this multicast address.
Page 282
V1, V2 : No support Pruning and Generation ID 。 V3.0, v3.1, v3.2 : Have support Pruning but no support Generation ID 。 DVMRP Negihbor Discovery DVMRP Probe messages are periodically multicast to the all DVMRP Routers group address (224.0.0.4). Once you have received a Probe from a neighbor that contains your address in the neighbor list, your have established a two-way neighbor adjacency with this router.
Page 283
Non-Configurable Data Version - The current value of the DVMRP version string. Total Number of Routes - The number of routes in the DVMRP routing table. Reachable Routes - The number of routes in the DVMRP routing table that have a non-infinite metric. Command Buttons Submit - Send the updated configuration to the switch.
Page 284
Interface Metric - Enter the DVMRP metric for the selected interface. This value is sent in DVMRP messages as the cost to reach this network. Valid values are from (1 to 31). Command Buttons Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed.
Page 285
4.7.3.3 DVMRP Configuration Summary Figure 4-6-64 DVMRP Configuration Summary Selection Criteria Slot/Port - Select the interface for which data is to be displayed. You must configure at least one router interface before you can display data for a DVMRP interface. Otherwise you will see a message telling you that no router interfaces are available, and the configuration summary screen will not be displayed.
Page 286
Protocol State - The operational state of the DVMRP protocol on the selected interface, either operational or non-operational. Local Address - The IP address used as a source address in packets sent from the selected interface. Interface Metric - The metric used to calculate distance vectors for the selected interface. Generation ID - The DVMRP generation ID used by the router for the selected interface.
Page 287
Command Buttons Refresh - Refresh the screen with the new data. 4.7.3.4 DVMRP Next Hop Summary Figure 4-6-65 DVMRP Next Hop Summary Non-Configurable Data Source IP - The IP address used with the source mask to identify the source network for this table entry. Source Mask - The network mask used with the source IP address.
Page 288
4.7.3.5 DVMRP Prune Summary Figure 4-6-66 DVMRP Prune Summary Non-Configurable Data Group IP - The group address which has been pruned. Source IP - The address of the source or source network which has been pruned. Source Mask - The subnet mask to be combined with the source IP address to identify the source or source network which has been pruned.
Page 289
4.7.3.6 DVMRP Route Summary Figure 4-6-67 DVMRP Route Summary Non-Configurable Data Source Address - The network address that is combined with the source mask to identify the sources for this entry. Source Mask - The subnet mask to be combined with the source address to identify the sources for this entry. Upstream Neighbor - The address of the upstream neighbor (e.g., RPF neighbor) from which IP datagrams from these sources are received.
4.7.4 Mdebug 4.7.4.1 Mrinfo Run Use this screen to initiate an mrinfo command. You can use the mrinfo command to find out information about neighboring multicast routers. While you initiate the query using this screen, the results are displayed on the Mrinfo Show screen. Figure 4-6-68 Mrinfo Run Configurable Data Router Interface - Enter the IP address of the router interface for which you want to see the neighbor router...
Page 291
4.7.4.2 Mrinfo Show This screen displays the results of an mrinfo command. Figure 4-6-69 Mrinfo Show Non-Configurable Data Router Interface - The IP address of the router interface for which configuration information was requested. Neighboring router's IP Address - The IP address of the neighboring router. Metric - The routing metric for this router.
Page 292
4.7.4.3 Mstat Run Use this screen to initiate an mstat command on the router. You can use the mstat command to see the hop-by-hop path taken by packets from a given multicast source to the destination. It also gives you information regarding packet rate and packet loss on the path.
Page 293
4.7.4.4 Mstat Show This screen is used to display the results of an mstat command. Figure 4-6-71 Mstat Show Non-Configurable Data This screen shows the path taken by multicast traffic between the specified IP addresses. Forward data flow is indicated by arrows pointing downward and the query path is indicated by arrows pointing upward. For each hop, both the entry and exit addresses of the router are shown if different, along with the initial TTL required for packets to be forwarded at this hop and the propagation delay across the hop.
Page 294
4.7.4.5 Mtrace Configuration Figure 4-6-72 Mtrace Configuation Configurable Data Admin Mode - Select enable or disable from the pulldown menu. If you select enable the router will process and forward mtrace requests received from other routers, otherwise received mtrace requests will be discarded. This field is non-configurable for read-only users.
Page 295
4.7.4.6 Mtrace Run Figure 4-6-73 Mtrace Run Use this screen to initiate an mtrace command on the router. You can use the mtrace command trace the path from the source to a destination branch for a multicast distribution tree. Configurable Data Source Address - Enter the IP address of a multicast-capable source.
Page 296
4.7.4.7 Mtrace Show This screen displays the results of an mtrace command. The mtrace command is used to trace the path from source to a destination branch for a multicast distribution tree. Figure 4-6-74 Mtrace Show Non-Configurable Data Number of hops away from destination - The number of hops away from the destination. IP address of intermediate router - The IP address of the intermediate router in the path being traced between source and destination for the hop number in the previous field.
4.7.5 PIM-DM Dense mode PIM initiates forwarding state in routers when a source begins to send. A source does not give any prior notifications to the network when it sends multicast datagrams to a group G. If a receiving router does not already have a forwarding entry, it creates it for the source and group G.
Page 298
4.7.5.1 PIM-DM Global Configuration Figure 4-6-75 PIM-DM Global Configuration Configurable Data Admin Mode - Select enable or disable from the pulldown menu to set the administrative status of PIM-DM in the router. The default is disable. Command Buttons Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed.
Page 299
Slot/Port - Select the Slot and port for which data is to be displayed or configured. Slot 0 is the base unit. You must have configured at least one router interface before configuring or displaying data for a PIM-DM interface, otherwise an error message will be displayed.
Page 300
Selection Criteria Slot/Port - Select the physical interface for which data is to be displayed. There must be configured at least one router interface before displaying data for a PIM-DM interface, otherwise a message will be displayed. Non-Configurable Data Interface Mode - Displays the administrative status of PIM-DM for the selected interface. The default is disable. Protocol State - The operational state of the PIM-DM protocol on this interface.
4.7.6 PIM-SM Protocol Independent Multicast--Sparse Mode (PIM-SM) A router receives explicit Join/Prune messages from those neighboring routers that have downstream group members. The router then forwards data packets addressed to a multicast group, G, only onto those interfaces on which explicit joins have been received.
Page 302
Configurable Data PIMSM Admin Mode - Select enable or disable from the pulldown menu to set the administrative status of PIM-SM in the router. You must enable IGMP before enabling PIM-SM. The default is disable. Join/Prune Interval - Enter the interval between the transmission of PIM-SM Join/Prune messages. The valid values are from (10 to 3600 secs).
Page 303
PIMSM Admin Mode - The administrative status of PIM-SM in the router: either enable or disable. Join/Prune Interval - The interval between the transmission of PIM-SM Join/Prune messages. Data Threshold Rate - The minimum source data rate in K bits/second above which the last-hop router will switch to a source-specific shortest path tree.
Page 304
Hello Interval - Enter the time in seconds between the transmission of which PIM Hello messages on this interface. The valid values are from (10 to 3600 secs) . The default value is 30. CBSR Preference - Enter the preference value for the local interface as a candidate bootstrap router. The value of -1 is used to indicate that the local interface is not a candidate BSR interface.
Page 305
4.7.6.4 PIM-SM Interface Summary Figure 4-6-81 PIM-SM Interface Summary Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Non-Configurable Data Mode - The administrative status of PIM-SM in the router: either enable or disable. IP Address - The IP address of the selected PIM interface.
Page 306
CBSR Preference - The preference value for the local interface as a candidate bootstrap router. The value of -1 is used to indicate that the local interface is not a candidate BSR interface. CBSR Hash Mask Length - The CBSR hash mask length to be advertised in bootstrap messages if this interface is elected as the bootstrap router.
Page 307
Component BSR Address - Displays the IP address of the bootstrap router (BSR) for the local PIM region. Component BSR Expiry Time - Displays the minimum time remaining before the bootstrap router in the local domain will be declared. Component CRP Hold Time - The hold time of the component when it is a candidate Rendezvous Point in the local domain.
Page 308
4.7.6.7 PIM-SM Candidate RP Summary Figure 4-6-84 PIM-SM Candidate RP Summary Non-Configurable Data Group Address - The group address transmitted in Candidate-RP-Advertisements. Group Mask - The group address mask transmitted in Candidate-RP-Advertisements to fully identify the scope of the group which the router will support if elected as a Rendezvous Point. Address - Displays the unicast address of the interface which will be advertised as a Candidate RP.
Page 309
Configurable Data IP Address - IP Address of the RP to be created or deleted. Group - Group Address of the RP to be created or deleted. Group Mask - Group Mask of the RP to be created or deleted. Command Buttons Submit - Attempts to create the specified static RP IP Address for the PIM-SM router.
5. COMMAND STRUCTURE The Command Line Interface (CLI) syntax, conventions and terminology are described in this section. Each CLI command is illustrated using the structure outlined below. 5.1 Format Commands are followed by values, parameters, or both. Example 1 network parms <ipaddr> <netmask> [<gateway>] ▫...
also be entered as a 32-bit number. macaddr The MAC address format is six hexadecimal numbers separated by colons, for example 00:06:29:32:81:40. areaid Area IDs may be entered in dotted-decimal notation (for example, 0.0.0.1). An area ID of 0.0.0.0 is reserved for the backbone.
6. QUICK START UP The CLI Quick Start up details procedures to quickly become acquainted with the software. 6.1 Quick Starting the Switch Read the device Installation Guide for the connectivity procedure. In-band connectivity allows access to the software locally or from a remote workstation.
Page 313
Type - Indicates if the port is a special type of port Admin Mode - Selects the Port Control Administration State Physical Mode - Selects the desired port speed and duplex mode Physical Status - Indicates the port speed and duplex mode Link Status - Indicates whether the link is up or down Link Trap - Determines whether or not to send a trap when link status changes...
Page 314
To view the network parameters the operator can access the device by the following three methods. ▫ Simple Network Management Protocol - SNMP ▫ Telnet ▫ Web Browser Helpful Hint: The user should do a “copy system:running-config nvram:startup-config” after configuring the Note network parameters so that the configurations are not lost Command...
Page 315
Command Details The types are: copy { ▫ config - configuration file nvram:startup-config | ▫ errorlog - error log nvram:errorlog | ▫ system trace - system trace nvram:msglog | ▫ traplog - trap log nvram:traplog} <url> The URL must be specified as: ▫...
Page 316
clear config Enter yes when the prompt pops up to clear all the configurations made to the switch. copy Enter yes when the prompt pops up that asks if you want to save system:running-config the configurations made to the switch. nvram:startup-config reload OR Cold Boot the Enter yes when the prompt pops up that asks if you want to reset...
7. MODE-BASED CLI The CLI groups all the commands in appropriate modes according to the nature of the command. A sample of the CLI command modes are described below. Each of the command modes supports specific software commands. ▫ User Exec Mode ▫...
<slot/port> command EXEC mode enter ctrl-Z. Line Config Mode From the Global (Switching) (line) # To exit to the Global Configuration mode, Config mode enter enter the lineconfig exit. To return to User command. Exec mode enter ctrl-Z. Policy Map Mode From the Global (Switching) To exit to the Global...
Root The User Exec commands are also accessible in the Privileged Exec mode User Exec Enable Password Return to Exec Correct? Prompt Privileged Exec VLAN Global Config Interface Class Map Policy Map Line Config Config Policy Class Figure 7-1 Mode-Based CLI Accessing to all commands in the Privileged Exec mode and below is restricted through a password.
Page 320
Command Prompt: (Switching) > Privileged Exec Mode To have access to the full suite of commands, the operator must enter the Privileged Exec mode. The Privileged Exec mode requires password authentication. From Privileged Exec mode, the operator can issue any Exec command, enter the VLAN mode or enter the Global Configuration mode.
Command Prompt: (Switching) (Config policy-map) # Policy Class Mode Use the class <class-name> command to access the QoS policy-classmap mode to attach/remove a diffserv class to a policy and to configure the QoS policy map. (Switching) (Config-policy-map) # class <class-name> Command Prompt: (Switching) (Config –...
function is associated with the node where the mandatory parameters are fetched. The call back function then takes care of the optional parameters. Once the control has reached the callback function, the callback function has complete information about the parameters entered by the operator.
8. CLI Commands: Base This chapter provides detailed explanation of the Switching commands. The commands are divided into four functional groups: ▫ Show commands display switch settings, statistics, and other information. ▫ Configuration Commands configure features and options of the switch. For every configuration command there is a show command that displays the configuration setting.
Note Event log information is retained across a switch reset. 8.1.3 show hardware This command displays inventory information for the switch. ▫ show hardware Format ▫ Privileged EXEC Mode ▫ Text used to identify the product name of this switch. Switch Description ▫...
received by the processor. ▫ The total number of packets received that were directed to the broadcast address. Broadcast Packets Received Note that this does not include multicast packets. ▫ The number of inbound packets that contained errors preventing them from being Packets Received With Error deliverable to a higher-layer protocol.
Page 326
▫ Packets Received 1519-1522 Octets - The total number of packets (including bad packets) received that were between 1519 and 1522 octets in length inclusive (excluding framing bits but including FCS octets). ▫ Packets Received > 1522 Octets - The total number of packets received that were longer than 1522 octets (excluding framing bits, but including FCS octets) and were otherwise well formed.
Page 327
▫ Reserved Address Discards - The number of frames discarded that are destined to an IEEE 802.1 reserved address and are not supported by the system. ▫ Broadcast Storm Recovery - The number of frames discarded that are destined for FF:FF:FF:FF:FF:FF when Broadcast Storm Recovery is enabled.
Page 328
octets ▫ Oversized - The total number of frames that exceeded the max permitted frame size. This counter has a max increment rate of 815 counts per sec. at 10 Mb/s. ▫ Underrun Errors - The total number of frames discarded because the transmit FIFO buffer became empty during frame transmission.
The display parameters when the argument is 'switchport' are as follows: ▫ Octets Received - The total number of octets of data received by the processor (excluding framing bits but including FCS octets). ▫ Total Packets Received Without Error- The total number of packets (including broadcast packets and multicast packets) received by the processor.
▫ Format show logging ▫ Mode Privileged EXEC ▫ Number of Traps since last reset - The number of traps that have occurred since the last reset of this device. ▫ Number of Traps since log last displayed - The number of traps that have occurred since the traps were last displayed. Getting the traps by any method (terminal interface display, Web display, upload file from switch etc.) will result in this counter being cleared to 0.
Note Message log information is not retained across a switch reset. 8.1.9 show running-config This command is used to display the current setting of different protocol packages supported on switch. This command displays only those parameters, the values of which differ from default value. The output is displayed in the script format, which can be used to configure another switch with same configuration.
8.3 Dot1P Commands 8.3.1 classofservice dot1pmapping This command maps an 802.1p priority to an internal traffic class for a device when in 'Global Config' mode. The number of available traffic classes may vary with the platform. Userpriority and trafficclass can both be the range from 0-7. The command is only available on platforms that support priority to traffic class mapping on a 'per-port' basis, and the number of available traffic classes may vary with the platform.
8.4.1.1 no port-channel staticcapability This command disables the support of static port-channels (link aggregations - LAGs) on the device. ▫ Disabled Default ▫ Format no port-channel staticcapability ▫ Mode Global Config 8.4.2 show port-channel brief This command displays the static capability of all port-channels (LAGs) on the device as well as a summary of individual port-channels.
8.5.2 mtu This command sets the maximum transmission unit (MTU) size (in bytes) for physical and port-channel (LAG) interfaces. For the standard implementation, the range of <mtusize> is a valid integer between 1522-9216. ▫ 1522 Default ▫ Format mtu <1522-9216> ▫...
▫ Format network mac-type {local | burnedin} ▫ Mode Privileged EXEC 8.5.5.1 no network mac-type This command resets the value of MAC address to its default. Format no network mac-type Mode Privileged EXEC 8.5.6 network parms This command sets the IP Address, subnet mask and gateway of the router. The IP Address and the gateway must be on the same subnet.
Note Changing the timeout value for active sessions does not become effective until the session is reaccessed. Any keystroke will also activate the new timeout duration. ▫ Default ▫ Format remotecon timeout <0-160> ▫ Mode Privileged EXEC 8.5.9.1 no remotecon timeout This command sets the remote connection session timeout value, in minutes, to the default.
8.5.12 set prompt This command changes the name of the prompt. The length of name may be up to 64 alphanumeric characters. ▫ Format set prompt <prompt string> ▫ Mode Privileged EXEC 8.5.13 show forwardingdb agetime This command displays the timeout for address aging. In an IVL system, the [fdbid | all] parameter is required. ▫...
8.5.15 show remotecon This command displays telnet settings. ▫ Format show remotecon ▫ Mode Privileged EXEC and User EXEC Remote Connection Login Timeout (minutes) - This object indicates the number of minutes a remote connection session is allowed to remain inactive before being logged off. A zero means there will be no timeout. This may be specified as a number from 0 to 160.
IP Address. Note: that if the Subnet Mask is set to 0.0.0.0, an IP Address of 0.0.0.0 matches all IP addresses. The default value is 0.0.0.0 ▫ Client IP Mask - A mask to be ANDed with the requesting entity's IP address before comparison with IP Address. If the result matches with IP Address then the address is an authentic cated IP address.
▫ Spanning Tree Flag - May be enabled or disabled. The factory default is enabled. Indicates whether spanning tree traps will be sent. ▫ Broadcast Storm Flag - May be enabled or disabled. The factory default is enabled. Indicates whether broadcast storm traps will be sent.
8.5.22 snmp-server community ipmask This command sets a client IP mask for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP address value to denote a range of IP addresses from which SNMP clients may use that community to access the device.
8.5.25 snmp-server community rw This command restricts access to switch information. The access mode is read/write (also called private). ▫ Format snmp-server community rw <name> ▫ Mode Global Config 8.5.26 snmp-server enable traps This command enables the Authentication Flag. ▫ Default Enabled ▫...
This command disables Link Up/Down traps for the entire switch. ▫ Format no snmp-server enable traps linkmode ▫ Mode Global Config 8.5.29 snmp-server enable traps multiusers This command enables Multiple User traps. When the traps are enabled, a Multiple User Trap is sent when a user logs in to the terminal interface (EIA 232 or telnet) and there is an existing terminal interface session.
8.5.32 snmptrap ipaddr This command assigns an IP address to a specified community name. The maximum length of name is 16 case-sensitive alphanumeric characters. ▫ Format snmptrap ipaddr <name> <ipaddrold> <ipaddrnew> ▫ Mode Global Config IP addresses in the SNMP trap receiver table must be unique. If you make multiple entries using the Note same IP address, the first entry is retained and processed.
8.6 Device Configuration Commands 8.6.1 addport This command adds one port to the port-channel (LAG). The first interface is a logical slot and port number of a configured port-channel. ▫ Format addport <logical slot/port> ▫ Mode Interface Config Before adding a port to a port-channel, set the physical mode of the port. See 'speed' command. Note 8.6.2 auto-negotiate This command enables automatic negotiation on a port.
8.6.5 deleteport This command deletes the port from the port-channel (LAG). The interface is a logical slot and port number of a configured port-channel. ▫ Format deleteport <logical slot/port> ▫ Mode Interface Config 8.6.6 macfilter This command adds a static MAC filter entry for the MAC address <macaddr> on the VLAN <vlanid>. The <macaddr> parameter must be specified as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6.
8.6.8 macfilter adddest all This command adds all interfaces to the destination filter set for the MAC filter with the given <macaddr> and VLAN of <vlanid>. The <macaddr> parameter must be specified as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6. The <vlanid>...
<vlanid>. The <macaddr> parameter must be specified as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6. The <vlanid> parameter must identify a valid VLAN. ▫ Format no macfilter addsrc all <macaddr> <vlanid> ▫ Mode Global Config 8.6.11 monitor session This command configures a probe port and a monitored port for monitor session (port monitoring).
8.6.13.1 no port lacpmode This command disables Link Aggregation Control Protocol (LACP) on a port. ▫ Format no port lacpmode ▫ Mode Interface Config 8.6.14 port lacpmode all This command enables Link Aggregation Control Protocol (LACP) on all ports. ▫ Format port lacpmode all ▫...
8.6.17 port-channel linktrap This command enables link trap notifications for the port-channel (LAG). The interface is a logical slot and port for a configured port-channel. The option all sets every configured port-channel with the same administrative mode setting. ▫ Default Enabled ▫...
▫ Default none ▫ Format protocol vlan group <groupid> ▫ Mode Interface Config 8.6.20.1 no protocol vlan group This command removes the <interface> from this protocol-based VLAN group that is identified by this <groupid>. If <all> is selected, all ports will be removed from this protocol group. ▫...
8.6.23 set garp timer join all This command sets the GVRP join time for all ports and per GARP. Join time is the interval between the transmission of GARP Protocol Data Units (PDUs) registering (or re-registering) membership for a VLAN or multicast group. This command has an effect only when GVRP is enabled.
VLAN or a multicast group before deleting the VLAN entry. This can be considered a buffer time for another station to assert registration for the same attribute in order to maintain uninterrupted service time is 20 to 600 (centiseconds). Note This command has an effect only when GVRP is enabled.
▫ 1000 centiseconds (10 seconds) Default ▫ Format set garp timer leaveall all <200-6000> ▫ Mode Global Config 8.6.27.1 no set garp timer leaveall all This command sets how frequently Leave All PDUs are generated for all ports to 1000 centiseconds (10 seconds). This command has an effect only when GVRP is enabled.
8.6.30 set gmrp interfacemode all This command enables GARP Multicast Registration Protocol on all interfaces. If an interface which has GARP enabled is enabled for routing or is enlisted as a member of a port-channel (LAG), GARP functionality will be disabled on that interface. GARP functionality will subsequently be re-enabled if routing is disabled and portchannel (LAG) membership is removed from an interface that has GARP enabled.
8.6.33 set gvrp interfacemode all This command enables GVRP (GARP VLAN Registration Protocol) for all ports. ▫ Default Disabled ▫ Format set gvrp interfacemode all ▫ Mode Global Config 8.6.33.1 no set gvrp interfacemode all This command disables GVRP (GARP VLAN Registration Protocol) for all ports. If GVRP is disabled, Join Time, Leave Time and Leave All Time have no effect.
assert registration for the same attribute in order to maintain uninterrupted service. There is an instance of this timer on a per-Port, per-GARP participant basis. Permissible values are 20 to 600 centiseconds (0.2 to 6.0 seconds). The factory default is 60 centiseconds (0.6 seconds). The finest granularity of specification is 1 centisecond (0.01 seconds). ▫...
8.6.38 show igmpsnooping This command displays IGMP Snooping information. Configured information is displayed whether or not IGMP Snooping is enabled. Status information is only displayed when IGMP Snooping is enabled. ▫ Format show igmpsnooping ▫ Mode Privileged EXEC ▫ Admin Mode - This indicates whether or not IGMP Snooping is active on the switch. ▫...
added to the table as a result of a learning process or protocol. ▫ Description - The text description of this multicast table entry. ▫ Interfaces - The list of interfaces that are designated for forwarding (Fwd:) and filtering (Flt:). 8.6.41 show mac-address-table multicast This command displays the Multicast Forwarding Database (MFDB) information.
▫ Mac Address - An unicast MAC address for which the switch has forwarding and or filtering information. The format is 6 or 8 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB. In an IVL system the MAC address will be displayed as 8 bytes.
▫ Admin Mode - Selects the Port control administration state. The port must be enabled in order for it to be allowed into the network. - May be enabled or disabled. The factory default is enabled. ▫ Physical Mode - Selects the desired port speed and duplex mode. If auto-negotiation support is selected, then the duplex mode and speed will be set from the auto-negotiation process.
▫ Type -This field displays the status designating whether a particular port-channel (LAG) is statically or dynamically maintained. The possible values of this field are Static, indicating that the port-channel is statically maintained; and Dynamic, indicating that the port-channel is dynamically maintained. ▫...
IEEE 802.1Q standard. ▫ Tagging - Select the tagging behavior for this port in this VLAN. Tagged - specifies to transmit traffic for this VLAN as tagged frames. Untagged - specifies to transmit traffic for this VLAN as untagged frames. 8.6.51 show vlan brief This command displays a list of all configured VLANs.
8.6.53 shutdown This command disables a port. ▫ Default Enabled ▫ Format shutdown ▫ Mode Interface Config 8.6.53.1 no shutdown This command enables a port. ▫ Format no shutdown ▫ Mode Interface Config 8.6.54 shutdown all This command disables all ports. ▫...
Note: This command is valid only when the Link Up/Down Flag is enabled (see "snmpserver enable traps linkmode"). ▫ Format snmp trap link-status all ▫ Mode Global Config 8.6.56.1 no snmp trap link-status all This command disables link status traps for all interfaces. Note: This command is valid only when the Link Up/Down Flag is enabled (see "snmpserver enable traps linkmode").
8.6.62.1 no storm-control broadcast This command disables broadcast storm recovery mode. The threshold implementation follows a percentage pattern. If the broadcast traffic on any Ethernet port exceeds the high threshold percentage (as represented in "Broadcast Storm Recovery Thresholds" table) of the link speed, the switch discards the broadcasts traffic until the broadcast traffic returns to the low threshold percentage or less.
This command deletes an existing VLAN. The ID is a valid VLAN identification number (ID 1 is reserved for the default VLAN). VLAN range is 2-4094. ▫ Format no vlan <2-4094> ▫ Mode VLAN database 8.6.65 vlan acceptframe This command sets the frame acceptance mode per interface. For VLAN Only mode, untagged frames or priority frames received on this interface are discarded.
8.6.68 vlan name This command changes the name of a VLAN. The name is an alphanumeric string of up to 16 characters, and the ID is a valid VLAN identification number. ID range is 1- 4094. ▫ The name for VLAN ID 1 is always Default. The name for other VLANs is defaulted to a blank string. Default ▫...
▫ Format vlan port acceptframe all {vlanonly | all} ▫ Mode Global Config 8.6.71.1 no vlan port acceptframe all This command sets the frame acceptance mode for all interfaces to Admit All. For Admit All mode, untagged frames or priority frames received on this interface are accepted and assigned the value of the interface VLAN ID for this port.
8.6.74.1 no vlan port tagging all This command configures the tagging behavior for all interfaces in a VLAN to disabled. If tagging is disabled, traffic is transmitted as untagged frames. The ID is a valid VLAN identification number. ▫ Format no vlan port tagging all <1-4094>...
This command sets the VLAN ID per interface to 1. ▫ Format no vlan pvid <1-4094> ▫ Mode Interface Config 8.6.79 vlan tagging This command configures the tagging behavior for a specific interface in a VLAN to enabled. If tagging is enabled, traffic is transmitted as tagged frames.
▫ Format show users ▫ Mode Privileged EXEC ▫ User Name - The name the user will use to login using the serial port, Telnet or Web. A new user may be added to the switch by entering a name in a blank entry. The user name may be up to eight characters, and is not case sensitive. Two users are included as the factory default, 'admin' and 'guest'.
This command sets the password of an existing operator to blank. When a password is changed, a prompt will ask for the operator's former password. If none, press enter. ▫ Format no users passwd <username> ▫ Mode Global Config 8.7.6 users snmpv3 accessmode This command specifies the snmpv3 access privileges for the specified login user.
encryption. ▫ Default no encryption ▫ Format users snmpv3 encryption <username> {none | des [key]} ▫ Mode Global Config 8.7.8.1 no users snmpv3 encryption This command sets the encryption protocol to none. The <username> is the login user name for which the specified encryption protocol will be used.
8.8.9 logout This command closes the current telnet connection or resets the current serial connection. Note Save configuration changes before logging out. ▫ Format logout ▫ Mode Privileged EXEC 8.8.10 ping This command checks if another computer is on the network which is listening for connections. To use this command, configure the switch for network (in-band) connection.
9. CLI COMMANDS: QUALITY OF SERVICE This chapter provides a detailed explanation of the Quality of Service (QOS) commands. The following QOS CLI commands are available in the software QOS Package. The commands are divided into these different groups: ▫ Show commands are used to display device settings, statistics and other information.
specified by the srcip and srcmask parameters.The source layer 4 port match condition for the ACL rule are specified by the port value parameter.The <startport> and <endport> parameters identify the first and last ports that are part of the port range. They have values from 0 to 65535.
Page 380
definition is to delete the class and re-create it. 2. Policy ▫ creating and deleting policies ▫ associating classes with a policy ▫ defining policy statements for a policy/class combination 3. Service ▫ adding and removing a policy to/from a directional (i.e., inbound, outbound) interface Packets are filtered and processed based on defined criteria.
9.3.1 diffserv This command sets the DiffServ operational mode to active. While disabled, the DiffServ configuration is retained and can be changed, but it is not activated. When enabled, Diffserv services are activated. ▫ Format diffserv ▫ Mode Global Config 9.3.1.1 no diffserv This command sets the DiffServ operational mode to inactive.
For any class, at least one class match condition must be specified for the class to be considered valid. The class match conditions are obtained from the referenced access list at the time of class creation. Thus, any Note subsequent changes to the referenced ACL definition do not affect the DiffServ class. To pick up the latest ACL definition, the DiffServ class must be deleted and re-created.
▫ Format match class-map <refclassname> ▫ Mode Class-Map Config Restrictions - The class types of both <classname> and <refclassname> must be identical (i.e., any vs. any, or all vs. all). A class type of acl is not supported by this command. Cannot specify <refclassname> the same as <classname> (i.e., self-referencing of class name not allowed).
▫ Mode Class-Map Config 9.4.7 match dstl4port This command adds to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or numeric notation or a numeric range notation. To specify the match condition as a single keyword, the value for <portkey>...
The precedence value is an integer from 0 to 7. The optional [not] parameter has the effect of negating this match condition for the class (i.e., match all IP Precedence values except for what is specified here). Note The ip dscp, ip precedence, and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header, but with a slightly different user notation.
except for the one specified here). ▫ Default None ▫ Format match [not] protocol {<protocol-name> | <0-255>} ▫ Mode Class-Map Config 9.4.12 match source-address mac This command adds to the specified class definition a match condition based on the source MAC address of a packet. The <address>...
▫ Format match [not] srcl4port {<portkey> | <0-65535> [<0-65535>]} ▫ Mode Class-Map Config 9.4.15 match vlan This command adds to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field of a packet. The VLAN ID is an integer from 1 to 4094. The optional [not] parameter has the effect of negating this match condition for the class (i.e., match all VLAN Identifier values except for what is specified here).
▫ Incompatibilities - Expedite (all forms) 9.5.2 bandwidth percent This command identifies a minimum amount of bandwidth to be reserved for the specified class instance within the named policy using a relative rate notation. The committed information rate is specified as a percentage of total link capacity and is an integer from 1 to 100.
Note The actual bandwidth allocation does not occur until the policy is attached to an interface in a particular direction. Note The expedite kbps and percent commands are alternative ways to specify the same expedite policy attribute. ▫ Format expedite kbps <1-4294967295> [1-128] ▫...
9.5.7 mark ip-precedence This command marks all packets for the associated traffic stream with the specified IP Precedence value. The IP Precedence value is an integer from 0 to 7. ▫ Format mark ip-precedence <0-7> ▫ Mode Policy-Class-Map Config ▫ Policy Type - In ▫...
cs5, cs6, cs7, ef. For set-prec-transmit, an IP Precedence value is required and is specified as an integer from 0-7. ▫ Format police-single-rate {<1-4294967295> <1-128> <1-128> conformaction {drop | set-prec-transmit <0-7> | set-dscp-transmit <0- 63> | transmit} exceed-action {drop | set-prec-transmit <0-7> | set-dscp-transmit <0-63> | transmit} [violate-action {drop | set-prec-transmit <0-7>...
Note The policy type dictates which of the individual policy attribute commands are valid within the policy definition. Note The CLI mode is changed to Policy-Map Config when this command is successfully executed. ▫ Format policy-map <policyname> {in | out} ▫...
9.5.14 shape bps-average This command is used to establish average rate traffic shaping for the specified class, which limits transmissions for the class to the committed information rate, with excess traffic delayed via queuing. The committed information rate is specified in kilobits-per-second (Kbps) and is an integer from 1 to 4294967295.
9.6 Service Commands The 'service' command set is used in DiffServ to define: ▫ Traffic Conditioning Assign a DiffServ traffic conditioning policy (as specified by the policy commands) to an interface in the incoming direction ▫ Service Provisioning Assign a DiffServ service provisioning policy (as specified by the policy commands) to an interface in the outgoing direction The service commands attach a defined policy to a directional interface.
Interface Config (for a specific interface) 9.7 Show Commands The 'show' command set is used in DiffServ to display configuration and status information for: 。 Classes 。 Policies 。 Services This information can be displayed in either summary or detailed formats. The status information is only shown when the DiffServ administrative mode is enabled;...
only meaningful if the class type is acl. (Note that the contents of the ACL may have changed since this class was created.) ▫ Ref Class Name - The name of an existing DiffServ class whose match conditions are being referenced by the specified class definition.
Page 397
policy. ▫ Mark IP Precedence - Denotes the mark/re-mark value used as the IP Precedence for traffic matching this class. This is not displayed if precedence is not specified using police-tworate command, or if either mark DSCP or policing is in use for the class under this policy.
▫ Random Drop Sampling Rate - This field displays the RED sampling rate. This is not displayed if the queue depth management scheme is not RED. ▫ Random Drop Decay Exponent - This field displays the RED decay exponent. This is not displayed if the queue depth management scheme is not RED.
9.7.6 show policy-map interface This command displays policy-oriented statistics information for the specified interface and direction. The <slot/port> parameter specifies a valid slot number and port number for the system. The direction parameter indicates the interface direction of interest. This command is only allowed while the DiffServ administrative mode is enabled. Note ▫...
are shown in the display output. 9.7.7 show service-policy This command displays a summary of policy-oriented statistics information for all interfaces in the specified direction. The direction parameter indicates the interface direction of interest. This command enables or disables the route reflector client. A route reflector client relies on a route reflector to re-advertise its routes to the entire AS.
9.8.2 show rate-limiting This command displays the bandwidth of limiting in both ingress and egress direction for one or all interface ▫ Format show rate-limiting {<slot/port> | all} ▫ Mode Privileged EXEC and User EXEC...
10. CLI COMMANDS: SECURITY 10.1 Security Commands This section describes commands used for configuring security settings for login users and port users. 10.1.1 authentication login This command creates an authentication login list. The <listname> is up to 15 alphanumeric characters and is not case sensitive.
10.1.3 clear radius statistics This command is used to clear all RADIUS statistics. ▫ Format clear radius statistics ▫ Mode Privileged EXEC 10.1.4 dot1x defaultlogin This command assigns the authentication login list to use for non-configured users for 802.1x port security. This setting is over-ridden by the authentication login list assigned to a specific user if the user is configured locally.
10.1.8 dot1x port-control This command sets the authentication mode to be used on the specified port. . The control mode may be one of the following. ▫ force-unauthorized: The authenticator PAE unconditionally sets the controlled port to unauthorized. ▫ force-authorized: The authenticator PAE unconditionally sets the controlled port to authorized. ▫...
▫ Mode Interface Config 10.1.11.1 no dot1x re-authentication This command disables re-authentication of the supplicant for the specified port. ▫ Format no dot1x re-authentication ▫ Mode Interface Config 10.1.12 dot1x system-auth-control This command is used to enable the dot1x authentication support on the switch. By default, the authentication support is disabled.
▫ Format dot1x timeout {{reauth-period <seconds>} | {quiet-period <seconds>} | {tx-period <seconds>} | {supp-timeout <seconds>} | {server-timeout <seconds>}} ▫ Mode Interface Config 10.1.13.1 no dot1x timeout This command sets the value, in seconds, of the timer used by the authenticator state machine on this port to the default values. Depending on the token used, the corresponding default values are set.
match that of a previously configured RADIUS authentication server. The port number must lie between 1 - 65535, with 1812 being the default value. If the 'acct' token is used, the command configures the IP address to use for the RADIUS accounting server. Only a single accounting server can be configured.
▫ Mode Global Config 10.1.20 radius server retransmit This command sets the maximum number of times a request packet is re-transmitted when no response is received from the RADIUS server. The retries value is an integer in the range of 1 to 15. ▫...
The IP address parameter must match that of a previously configured RADIUS accounting server. The following information regarding the statistics of the RADIUS accounting server is displayed. ▫ Accounting Server IP Address - IP Address of the configured RADIUS accounting server ▫...
10.1.25 show dot1x This command is used to show a summary of the global dot1x configuration, summary information of the dot1x configuration for a specified port or all ports, the detailed dot1x configuration for a specified port and the dot1x statistics for a specified port - depending on the tokens used.
are True or False. ▫ Control Direction - Indicates the control direction for the specified port or ports. Possible values are both or in. If the optional parameter 'statistics <slot/port>' is used, the dot1x statistics for the specified port are displayed. ▫...
▫ Accounting Mode - Yes or No If the optional token 'servers' is included, the following information regarding the configured RADIUS servers is displayed. ▫ IP Address - IP Address of the configured RADIUS server ▫ Port -The port in use by this server ▫...
10.1.29 show users authentication This command displays all user and all authentication login information. It also displays the authentication login list assigned to the default user. ▫ Format show users authentication ▫ Mode Privileged EXEC ▫ User - This field lists every user that has an authentication login list assigned. ▫...
10.2.2 ip ssh protocol This command is used to set or remove protocol levels (or versions) for SSH. Either SSH1 (1), SSH2 (2), or both SSH 1 and SSH 2 (1 and 2) can be set. ▫ 1 and 2 Default ▫...
10.3.3 ip http secure-server This command is used to enable the secure socket layer for secure HTTP. ▫ Default Disabled ▫ Format ip http secure-server ▫ Mode Privileged EXEC 10.3.3.1 no ip http secure-server This command is used to disable the secure socket layer for secure HTTP. ▫...
specified as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6. The <vlanid> parameter must identify a valid VLAN. ▫ Format mac-lock <vlanid> <macaddr> ▫ Mode Interface Config 10.4.1.1 no mac-lock This command removes the MAC address with the MAC address of <macaddr> and VLAN of <vlanid> locked by the specified interface.
11. CLI COMMANDS: SWITCHING 11.1 Spanning Tree Commands This section provides detailed explanation of the spanning tree commands. The commands are divided into two functional groups: ▫ Show commands display spanning tree settings, statistics, and other information. ▫ Configuration Commands configure features and options of the switch. For every configuration command there is a show command that displays the configuration setting.
▫ Bridge Hold Time - Minimum time between transmission of Configuration Bridge Protocol Data Units (BPDUs) 11.1.2 show spanning-tree interface This command displays the settings and parameters for a specific switch port within the common and internal spanning tree. The <slot/port> is the desired switch port. The following details are displayed on execution of the command. ▫...
▫ Port Identifier ▫ Port Priority ▫ Port Forwarding State - Current spanning tree state of this port ▫ Port Role ▫ Port Path Cost - Configured value of the Internal Port Path Cost parameter ▫ Designated Root - The Identifier of the designated root for this port. ▫...
▫ STP State - The forwarding state of the port in the specified spanning tree instance ▫ Port Role - The role of the specified port within the spanning tree. ▫ Link Status - The operational status of the link. Possible values are "Up" or "Down". ▫...
11.1.9 spanning-tree This command sets the spanning-tree operational mode to enabled. ▫ Default Disabled ▫ Format spanning-tree ▫ Mode Global Config 11.1.9.1 no spanning-tree This command sets the spanning-tree operational mode to disabled. While disabled, the spanning-tree configuration is retained and can be changed, but is not activated.
▫ Format spanning-tree edgeport ▫ Mode Interface Config 11.1.12.1 no spanning-tree edgeport This command specifies that this port is not an Edge Port within the common and internal spanning tree. ▫ Format no spanning-tree edgeport ▫ Mode Interface Config 11.1.13 spanning-tree forceversion This command sets the Force Protocol Version parameter to a new value.
▫ Format spanning-tree hello-time <1-10> ▫ Mode Global Config 11.1.15.1 no spanning-tree hello-time This command sets the Hello Time parameter for the common and internal spanning tree to the default value, i.e. 2. ▫ Format no spanning-tree hello-time ▫ Mode Global Config 11.1.16 spanning-tree max-age This command sets the Bridge Max Age parameter to a new value for the common and internal spanning tree.
CIST ID) is passed as the <mstid>, then the configurations are performed for the common and internal spanning tree instance. If the 'cost' token is specified, this command sets the path cost for this port within a multiple spanning tree instance or the common and internal spanning tree instance, depending on the <mstid>...
▫ Format spanning-tree mst priority <mstid> ▫ Mode Global Config 11.1.20 spanning-tree mst vlan This command adds an association between a multiple spanning tree instance and a VLAN. The VLAN will no longer be associated with the common and internal spanning tree. The instance <mstid> is a number that corresponds to the desired existing multiple spanning tree instance.
12. CLI COMMANDS: Routing This chapter describes the routing commands available in the FASTPATH CLI. The Routing Commands chapter contains the following sections: “Address Resolution Protocol (ARP) Commands” on page 93 “IP Routing Commands” on page 98 “Router Discovery Protocol Commands” on page 106 “Virtual LAN Routing Commands”...
▫ Mode Global Config 12.1.3 ip proxy-arp This command enables proxy ARP on a router interface. Without proxy ARP, a device only responds to an ARP request if the target IP address is an address configured on the interface where the ARP request arrived. With proxy ARP, the device may also respond if the target IP address is reachable.
12.1.8 no arp dynamicrenew This command prevents dynamic ARP entries from renewing when they age out. ▫ Format no arp dynamicrenew ▫ Mode Privileged EXEC 12.1.9 arp purge This command causes the specified IP address to be removed from the ARP cache. Only entries of type dynamic or gateway are affected by this command.
▫ Mode Global Config 12.1.14 arp timeout This command configures the ARP entry ageout time. The value for <seconds> is a valid positive integer, which represents the IP ARP entry ageout time in seconds. The range for <seconds> is between 15-21600 seconds. ▫...
Is the maximum number of entries in the ARP table. This value was configured into the Cache Size unit. Displays whether the ARP component automatically attempts to renew dynamic ARP Dynamic Renew Mode entries when they age out. Field listing the total entries in the ARP table and the peak entry count in the ARP table. Total Entry Count Current / Peak Field listing the static entry count in the ARP table and maximum static entry count in the...
12.1.19 show arp switch This command displays the contents of the switch’s Address Resolution Protocol (ARP) table. ▫ Format show arp switch ▫ Mode Privileged EXEC Is the IP address of a device on a subnet attached to the switch. IP Address Is the hardware MAC address of that device.
12.2.4 no ip routing This command disables the IP Router Admin Mode for the master switch. ▫ Format no ip routing ▫ Mode Global Config 12.2.5 ip address This command configures an IP address on an interface. You can also use this command to configure one or more secondary IP addresses on the interface.The value for <ipaddr>...
▫ Format ip route <ipaddr> <subnetmask> [<nexthopip>][<preference>] ▫ Mode Global Config 12.2.8 no ip route This command deletes a single next hop to a destination static route. If you use the <nexthopip> parameter, the next hop is deleted. If you use the <preference> value, the preference value of the static route is reset to its default. ▫...
▫ Format ip route distance <1-255> ▫ Mode Global Config 12.2.12 no ip route distance This command sets the default static route preference value in the router. Lower route preference values are preferred when determining the best route. ▫ Format no ip route distance ▫...
dropped. ▫ Format no ip netdirbcast Mode Interface Config 12.2.17 ip mtu This command sets the IP Maximum Transmission Unit (MTU) on a routing interface. The IP MTU is the size of the largest IP packet that can be transmitted on the interface without fragmentation. FASTPATH software currently does not fragment IP packets.
12.2.19 encapsulation This command configures the link layer encapsulation type for the packet. The encapsulation type can be ethernet or snap. ▫ Default ethernet ▫ Format encapsulation {ethernet | snap} ▫ Mode Interface Config Note : Routed frames are always ethernet encapsulated when a frame is routed to a VLAN. 12.2.20 show ip brief This command displays all the summary information of the IP.
enable or disable. This value was configured into the unit. Displays whether Routing Configuration is enabled or disabled on the system. Routing Configuration Displays whether the Interface Configuration is enabled or disabled on the system. Interface Configuration Status Displays whether forwarding of network-directed broadcasts is enabled or disabled. Forward Net Directed This value was configured into the unit.
User EXEC Interface Valid slot and port number separated by forward slashes. The IP address of the routing interface in 32-bit dotted decimal format. IP Address The IP mask of the routing interface in 32-bit dotted decimal format. IP Mask Indicates if IP forwards net-directed broadcasts on this interface.
preferred over routes with higher values. The cost associated with this route. Metric The outgoing router IP address to use when forwarding traffic to the next router (if any) in via Next-Hop the path toward the destination The outgoing router interface to use when forwarding traffic to the next destination Interface 12.2.24 show ip route summary Use this command to display the routing table summary.
This field displays the OSPF External Type-2 route preference value. OSPF Ext T2 This field displays the OSPF NSSA Type-1 route preference value. OSPF NSSA T1 This field displays the OSPF NSSA Type-2 route preference value. OSPF NSSA T2 This field displays the RIP route preference value. This field displays the BGP-4 route preference value.
▫ Format ip irdp address <ipaddr> ▫ Mode Interface Config 12.3.2.1 no ip irdp address This command configures the default address used to advertise the router for the interface. ▫ Format no ip irdp address ▫ Mode Interface Config 12.3.3 ip irdp holdtime This command configures the value, in seconds, of the holdtime field of the router advertisement sent from this interface.
▫ Mode Interface Config 12.3.5.1 no ip irdp minadvertinterval This command sets the default minimum time to the default. ▫ Format no ip irdp minadvertinterval ▫ Mode Interface Config 12.3.6 ip irdp preference This command configures the preferability of the address as a default router address, relative to other router addresses on the same subnet.
Displays the preference of the address as a default router address, relative to other router Preference addresses on the same subnet. 12.4 Virtual LAN Routing Commands This section describes the commands you use to view and configure VLAN routing and to view VLAN routing status information. 12.4.1 vlan routing This command creates routing on a VLAN.
12.5.1 ip vrrp (Global Config) Use this command in Global Config mode to enable the administrative mode of VRRP on the router. Default none ▫ Format ip vrrp ▫ Mode Global Config 12.5.1.1 no ip vrrp Use this command in Global Config mode to disable the default administrative mode of VRRP on the router. ▫...
255. You can use the optional [secondary] parameter to designate the IP address as a secondary IP address. ▫ Default none ▫ Format ip vrrp <vrid> ip <ipaddr> [secondary] ▫ Mode Interface Config 12.5.4.1 no ip vrrp ip Use this command in Interface Config mode to delete a secondary IP address value from the interface. To delete the primary IP address, you must delete the virtual router on the interface.
12.5.7 ip vrrp priority This command sets the priority value for the virtual router configured on a specified interface. The priority of the interface is a priority integer from 1 to 254. The parameter <vrid> is the virtual router ID which has an integer value ranges from 1 to 255. ▫...
interval is different than the configured value for this virtual router. Errors Represents the total number of VRRP packets received that don't pass the authentication Authentication Failure check. Represents the total number of VRRP packets received by the virtual router with IP TTL IP TTL errors (time to live) not equal to 255.
interface. ▫ Format show ip vrrp interface <slot/port> <vrid> ▫ Modes Privileged EXEC User EXEC This field represents the configured IP Address for the Virtual router. IP Address Represents the VMAC address of the specified router. VMAC address Represents the authentication type for the specific virtual router. Authentication type Represents the priority value for the specific virtual router.
▫ Mode Global Config 12.6.1.1 no bootpdhcprelay cidoptmode This command disables the circuit ID option mode for BootP/DHCP Relay on the system. ▫ Format no bootpdhcprelay cidoptmode ▫ Mode Global Config 12.6.2 bootpdhcprelay enable This command enables the forwarding of relay requests for BootP/DHCP Relay on the system. ▫...
▫ Mode Global Config 12.6.4.1 no bootpdhcprelay minwaittime This command configures the default minimum wait time in seconds for BootP/DHCP Relay on the system. ▫ Format no bootpdhcprelay minwaittime ▫ Mode Global Config 12.6.5 bootpdhcprelay serverip This command configures the server IP Address for BootP/DHCP Relay on the system. The <ipaddr> parameter is an IP address in a 4-digit dotted decimal format.
12.7 Open Shortest Path First (OSPF) Commands This section describes the commands you use to view and configure OSPF, which is a link-state routing protocol that you use to route traffic within a network. 12.7.1 router ospf Use this command to enter Router OSPF mode. ▫...
according to RFC 2328, OSPF 1583 compatibility mode should be disabled. ▫ Default enabled ▫ Format 1583compatibility ▫ Mode Router OSPF Config no 1583compatibility This command disables OSPF 1583 compatibility. ▫ Format no 1583compatibility ▫ Mode Router OSPF Config 12.7.5 area default-cost (OSPF) This command configures the default cost for the stub area.
▫ Format no area <areaid> nssa default-info-originate [<metric>] [{comparable | non-comparable}] ▫ Mode Router OSPF Config 12.7.8 area nssa no-redistribute (OSPF) This command configures the NSSA Area Border router (ABR) so that learned external routes will not be redistributed to the NSSA.
12.7.11 area nssa translator-stab-intv (OSPF) This command configures the translator <stabilityinterval> of the NSSA. The <stabilityinterval> is the period of time that an elected translator continues to perform its duties after it determines that its translator status has been deposed by another router.
▫ Mode Router OSPF Config 12.7.14 area stub no-summary (OSPF) This command configures the Summary LSA mode for the stub area identified by <areaid>. Use this command to prevent LSA Summaries from being sent. ▫ Default disabled ▫ Format area <areaid> stub no-summary ▫...
▫ Mode Router OSPF Config no area virtual-link authentication This command configures the default authentication type for the OSPF virtual interface identified by <areaid> and <neighbor>. The <neighbor> parameter is the Router ID of the neighbor. ▫ Format no area <areaid> virtual-link <neighbor> authentication ▫...
12.7.19 area virtual-link retransmit-interval (OSPF) This command configures the retransmit interval for the OSPF virtual interface on the virtual interface identified by <areaid> and <neighbor>. The <neighbor> parameter is the Router ID of the neighbor. The range for seconds is 0 to 3600. ▫...
12.7.22 default-metric (OSPF) This command is used to set a default for the metric of distributed routes. ▫ Format default-metric <1-16777214> ▫ Mode Router OSPF Config no default-metric (OSPF) This command is used to set a default for the metric of distributed routes. ▫...
▫ Mode Router OSPF Config 12.7.25 exit-overflow-interval (OSPF) This command configures the exit overflow interval for OSPF. It describes the number of seconds after entering Overflow state that a router will wait before attempting to leave the Overflow State. This allows the router to again originate non-default AS-external-LSAs.
▫ Mode Interface Config 12.7.28 ip ospf authentication This command sets the OSPF Authentication Type and Key for the specified interface. The value of <type> is either none, simple or encrypt. The [key] is composed of standard displayable, non-control keystrokes from a Standard 101/102-key keyboard.
no ip ospf dead-interval This command sets the default OSPF dead interval for the specified interface. ▫ Format no ip ospf dead-interval ▫ Mode Interface Config 12.7.31 ip ospf hello-interval This command sets the OSPF hello interval for the specified interface. The value for seconds is a valid positive integer, which represents the length of time in seconds.
▫ Mode Interface Config no ip ospf retransmit-interval This command sets the default OSPF retransmit Interval for the specified interface. ▫ Format no ip ospf retransmit-interval ▫ Mode Interface Config 12.7.34 ip ospf transmit-delay This command sets the OSPF Transit Delay for the specified interface. The transmit delay is specified in seconds. In addition, it sets the estimated number of seconds it takes to transmit a link state update packet over this interface.
12.7.40 trapflags (OSPF) This command enables OSPF traps. ▫ Default enabled ▫ Format trapflags ▫ Mode Router OSPF Config no trapflags This command disables OSPF traps. ▫ Format no trapflags ▫ Mode Router OSPF Config 12.7.41 show ip ospf This command displays information relevant to the OSPF router. ▫...
link-state database. Shows the number of new link-state advertisements that have been originated. New LSAs Originated Shows the number of link-state advertisements received determined to be new LSAs Received instantiations. Shows the maximum number of non-default AS-external-LSAs entries that can be stored External LSDB Limit in the link-state database.
The type of the route to the destination. It can be either: Type ▫ intra — Intra-area route ▫ inter — Inter-area route Router ID of the destination Router ID Cost of using this route Cost The area ID of the area from which this route is learned. Area ID Next hop toward the destination Next Hop...
Shows whether to redistribute information into the NSSA Redistribute into NSSA Shows whether to advertise a default route into the NSSA Default Information Originate Shows the metric value for the default route advertised into the NSSA. Default Metric Shows the metric type for the default route advertised into the NSSA. Default Metric Type Shows the NSSA translator role of the ABR, which is always or candidate.
to show the autonomous system boundary router (ASBR) summary LSAs. Use external to display the external LSAs. Use network to display the network LSAs. Use nssaexternal to display NSSA external LSAs. Use router to display router LSAs. Use summary to show the LSA database summary information. Use <lsid> to specify the link state ID (LSID). The value of <lsid> can be an IP address or an integer in the range of 0-4294967295.
Total number of summary network LSAs in the database. Summary Net Number of summary ASBR LSAs in the database. Summary ASBR Total number of Type-7 external LSAs in the database. Type-7 Ext Total number of self originated AS external LSAs in the OSPFv3 Self-Originated Type-7 link state database.
The OSPF Authentication Type for the specified interface are: none, simple, and encrypt. Authentication Type The information below will only be displayed if OSPF is enabled. Broadcast LANs, such as Ethernet and IEEE 802.5, take the value broadcast. The OSPF OSPF Interface Type Interface Type will be 'broadcast'.
interface. 12.7.50 show ip ospf interface stats This command displays the statistics for a specific interface. The information below will only be displayed if OSPF is enabled. ▫ Format show ip ospf interface stats <slot/port> ▫ Modes Privileged EXEC ▫ User EXEC The area id of this OSPF interface.
Page 472
(NOTE: This field only applies to OSPFv2.) The number of received OSPF packets discarded where the ingress interface is in a Virtual Link Not Found non-backbone area and the OSPF header identifies the packet as belonging to the backbone, but OSPF does not have a virtual link to the packet’s sender. The number of OSPF packets discarded because the area ID in the OSPF header is not Area Mismatch the area ID configured on the ingress interface.
12.7.51 show ip ospf neighbor This command displays information about OSPF neighbors. If you do not specify a neighbor IP address, the output displays summary information in a table. If you specify an interface or tunnel, only the information for that interface or tunnel displays. The <ip-address>...
Exchange state the neighboring routers are fully adjacent and they will now appear in Full - router-LSAs and network-LSAs Shows the amount of time, in seconds, to wait before the router assumes the neighbor is Dead Time unreachable. If you specify an IP address for the neighbor router, the following fields display: Valid slot and port number separated by forward slashes.
User EXEC The area id of the requested OSPF area. Area ID An IP Address which represents this area range. IP Address A valid subnet mask for this area range. Subnet Mask The type of link advertisement associated with this area range. Lsdb Type The status of the advertisement.
Is a 32-bit identifier for the created stub area Area ID Is the type of service associated with the stub metric. FASTPATH only sup Type of Service ports Normal TOS. The metric value is applied based on the TOS. It defaults to the least metric of the type of Metric Val service among the interfaces to other areas.
Page 477
The area id of the requested OSPF area. Area Id The neighbor interface of the OSPF virtual interface. Neighbor The configured hello interval for the OSPF virtual interface. Hello Interval The configured dead interval for the OSPF virtual interface. Dead Interval The configured retransmit interval for the OSPF virtual interface.
12.8 Routing Information Protocol (RIP) Commands This section describes the commands you use to view and configure RIP, which is a distance-vector routing protocol that you use to route traffic within a small network. 12.8.1 router rip Use this command to enter Router RIP mode. ▫...
▫ Default disabled ▫ Format auto-summary ▫ Mode Router RIP Config no auto-summary This command disables the RIP auto-summarization mode. ▫ Format no auto-summary ▫ Mode Router RIP Config 12.8.5 default-information originate (RIP) This command is used to control the advertisement of default routes. ▫...
no distance rip This command sets the default route preference value of RIP in the router. ▫ Format no distance rip ▫ Mode Router RIP Config 12.8.8 distribute-list out (RIP) This command is used to specify the access list to filter routes received from the source protocol. Default 0 ▫...
▫ Mode Interface Config no ip rip receive version This command configures the interface to allow RIP control packets of the default version(s) to be received. ▫ Format no ip rip receive version ▫ Mode Interface Config 12.8.11 ip rip send version This command configures the interface to allow RIP control packets of the specified version to be sent.
case. Simple - a route will not be included in updates sent to the router from which it was learned. Poisoned reverse - a route will be included in updates sent to the router from which it was learned, but the metric will be set to infinity. ▫...
None, simple or poison reverse. Split Horizon Mode Enable or disable. If enabled, groups of adjacent routes are summarized into single Auto Summary Mode entries, in order to reduce the total number of entries The default is enable. Host Routes Accept Mode Enable or disable. If enabled the router accepts host routes. The default is enable. The number of route changes made to the IP Route Database by RIP.
Page 484
▫ Format show ip rip interface <slot/port> ▫ Modes Privileged EXEC User EXEC Valid slot and port number separated by forward slashes. This is a configured value. Interface The IP source address used by the specified RIP interface. This is a configured value. IP Address The RIP version(s) used when sending updates on the specified interface.
13 CLI COMMANDS: IP Multicast This chapter provides a detailed explanation of the IP Multicast commands. The following IP Multicast CLI commands are available in the switch’s Multicast module. Note: The command in this chapter are applied only for Layer 3 Series. 13.1 Multicast Commands The following commands are used to configure IP Multicast.
▫ Mode Global Config 13.1.3 ip multicast staticroute This command creates a static route which is used to perform RPF checking in multicast packet forwarding. The combination of the <sourceipaddr> and the <mask> fields specify the network IP address of the multicast packet source. The <groupipaddr> is the IP address of the next hop toward the source.
▫ Default none ▫ Format mrinfo [<ipaddr>] ▫ Mode Privileged EXEC 13.1.6 mstat This command is used to find the IP Multicast packet rate and loss information path from a source to a receiver (unicast router id of the host running mstat). The results of this command will be available in the results buffer pool which can be displayed by using the command “show mstat”...
This field displays the administrative status of multicast. This is a configured value. Admin Mode This field indicates the current state of the multicast protocol. Possible values are Protocol State Operational or Non-Operational. This field displays the maximum number of entries allowed in the multicast table. Table Max Size This displays the number of packets for which the source is not found.
13.1.11 show ip mcast mroute This command displays a summary or all the details of the multicast table. ▫ Format show ip mcast mroute {detail | summary} ▫ Modes Privileged EXEC User EXEC If the “detail” parameter is specified, the following fields are displayed: This field displays the IP address of the multicast data source.
This field displays the IP address of the destination of the multicast packet. Group IP Addr This field displays the multicast routing protocol by which this entry was created. Protocol This field displays the interface on which the packet for this group arrives. Incoming Interface This field displays the list of outgoing interfaces on which this packet is forwarded.
13.1.14 show ip mcast mroute static This command displays all the static routes configured in the static mcast table if is specified or displays the static route associated with the particular <sourceipaddr>. ▫ Format show ip mcast mroute static [<sourceipaddr>] ▫...
with fresh results. ▫ Default none ▫ Format show mstat ▫ Mode Privileged EXEC 13.1.17 show mtrace This command is used to display results of multicast trace path from the results buffer pool of the router, subsequent to the execution/completion of a "mtrace <source> [group] [receiver]" command. The results subsequent to the completion of the "mtrace"...
13.2 Distance Vector Multicast Routing Protocol (DVMRP) Commands This section provides a detailed explanation of the DVMRP commands. The commands are divided into the following different groups: ◆Show commands are used to display device settings, statistics and other information. ◆Configuration commands are used to configure features and options of the switch. For every configuration command there is a show command that will display the configuration setting.
▫ Format ip dvmrp trapflags ▫ Mode Global Config no ip dvmrp trapflags This command disables the DVMRP trap mode. ▫ Format no ip dvmrp trapflags ▫ Mode Global Config 13.2.4 show ip dvmrp This command displays the system-wide information for DVMRP. ▫...
This field indicates whether DVMRP is enabled or disabled on the specified interface. This Interface Mode is a configured value. This field indicates the metric of this interface. This is a configured value. Metric This is the IP Address of the interface. This Field is displayed only when DVMRP is Local Address operational on the interface.
This shows the capabilities of neighbor. Capabilities This shows the number of routes received from the neighbor. Received Routes This field displays the number of invalid packets received from this neighbor. Rcvd Bad Pkts This field displays the number of correct packets received with invalid routes. Rcvd Bad Routes 13.2.7 show ip dvmrp nexthop This command displays the next hop information on outgoing interfaces for routing multicast datagrams.
13.2.9 show ip dvmrp route This command displays the multicast routing information for DVMRP. ▫ Format show ip dvmrp route ▫ Mode Privileged EXEC and User EXEC This field displays the multicast address of the source group. Source Address This field displays the IP Mask for the source group. Source Mask This field indicates the IP Address of the neighbor which is the source for the packets for a Upstream Neighbor...
13.3 Internet Group Management Protocol (IGMP) Commands This section provides a detailed explanation of the IGMP commands. The commands are divided into the following different groups: ◆Show commands are used to display device settings, statistics and other information. ◆Configuration commands are used to configure features and options of the switch. For every configuration command there is a show command that will display the configuration setting.
no set igmp mcrtrexpiretime This command sets the Multicast Router Present Expiration time on the system to 0. A value of 0 indicates an infinite timeout, i.e. no expiration. ▫ Format no set igmp mcrtrexpiretime ▫ Mode Global Config 13.3.4 ip igmp last-member-query-count This command sets the number of Group-Specific Queries sent before the router assumes that there are no local members on the interface.
no ip igmp query-interval This command resets the query interval for the specified interface to the default value. This is the frequency at which IGMP Host-Query packets are transmitted on this interface. ▫ Format no ip igmp query-interval ▫ Mode Interface Config 13.3.7 ip igmp query-max-response-time This command configures the maximum response time interval for the specified interface, which is the maximum query...
range for <count> is 1 to 20. ▫ Default ▫ Format ip igmp startup-query-count <count> ▫ Mode nterface Config no ip igmp startup-query-count (only for Layer 3 Series) This command resets the number of Queries sent out on startup, separated by the Startup Query Interval on the interface to the default value.
13.3.12 set igmp maxresponse This command sets the IGMP Maximum Response time for the system, on a particular interface or VLAN. The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface.
13.3.15 show ip igmp This command displays the system-wide IGMP information. ▫ Format show ip igmp ▫ Modes Privileged EXEC User EXEC This field displays the administrative status of IGMP. This is a configured value. IGMP Admin Mode Valid unit, slot and port number separated by forward slashes Unit/Slot/Port This field indicates whether IGMP is enabled or disabled on the interface.
This displays the list of multicast groups that are registered on this interface. Groups If detail is specified, the following fields are displayed: This displays the IP Address of the registered multicast group on this interface. Multicast IP Address This displays the IP Address of the source of the last membership report received for the Last Reporter specified multicast group address on this interface.
This field indicates the frequency at which IGMP Host-Query packets are transmitted on Query Interval this interface. This is a configured value. Query Max Response Time This field indicates the maximum query response time advertised in IGMPv2 queries on this interface. This is a configured value. This field displays the tuning for the expected packet loss on a subnet.
Valid unit, slot and port number separated by forward slashes. Interface Group Compatibility Mode The group compatibility mode (v1, v2 or v3) for the specified group on this interface. The source filter mode (Include/Exclude) for the specified group on this interface. This is Source Filter Mode “-----”...
13.4 Protocol Independent Multicast – Dense Mode (PIM-DM) Commands This section provides a detailed explanation of the PIM-DM commands. The commands are divided into the following different groups: ◆Show commands are used to display device settings, statistics and other information. ◆...
no ip pimdm query-interval This command resets the transmission frequency of hello messages between PIM enabled neighbors to the default value. ▫ Format no ip pimdm query-interval ▫ Mode Interface Config 13.4.4 show ip pimdm This command displays the system-wide information for PIM-DM. ▫...
▫ Format show ip pimdm interface stats {<unit/slot/port> | all} ▫ Mode Privileged EXEC and User EXEC Valid unit, slot and port number separated by forward slashes. Interface This field indicates the IP Address that represents the PIM-DM interface. IP Address This field displays the neighbor count for the PIM-DM interface.
13.5 Protocol Independent Multicast - Sparse Mode(PIM-SM) Commands This section provides a detailed explanation of the PIM-SM commands. The commands are divided into the following different groups: ◆Show commands are used to display device settings, statistics and other information. ◆Configuration commands are used to configure features and options of the switch. For every configuration command there is a show command that will display the configuration setting.
are from (-1 to 255), and the value of -1 is used to indicate that the local interface is not a Candidate RP interface. The active router interface, with the highest IP Address and crppreference greater than -1, is chosen as the CRP for the router. The default value is 0.In the CRP advertisements sent to the bootstrap router (BSR), the router interface advertises itself as the CRP for the group range 224.0.0.0 mask 240.0.0.0.
▫ Mode Global Config 13.5.6 ip pimsm mode This command sets administrative mode of PIM-SM multicast routing on a routing interface to enabled. ▫ Default disabled ▫ Format ip pimsm mode ▫ Mode Interface Config no ip pimsm mode This command sets administrative mode of PIM-SM multicast routing on a routing interface to disabled. ▫...
▫ Mode Global Config 13.5.9 ip pim-trapflags This command enables the PIM trap mode for both Sparse Mode (SM) and Dense Mode. (DM). Default disabled ▫ Format ip pim-trapflags ▫ Mode Global Config no ip pim-trapflags This command disables the PIM trap mode. ▫...
13.5.12 show ip pimsm rphash This command displays the RP router that will be selected from the set of active RP routers. The RP router, for the group, is selected by using the hash algorithm defined in RFC 2362. ▫ Format show ip pimsm rphash <groupaddress>...
Valid unit, slot and port number separated by forward slashes. Unit/Slot/Port This field indicates whether PIM-SM is enabled or disabled on the interface. This is a Interface Mode configured value. This field indicates the current state of the PIM-SM protocol on the interface. Possible Protocol State values are Operational or Non-Operational.
This field indicates the frequency at which PIM hello messages are transmitted on this Hello Interval interface. This is a configured value. By default, the value is 30 seconds. This field shows the preference value for the local interface as a candidate bootstrap CBSR Preference router.
This field indicates the expiry time of the neighbor on this interface. Expiry Time 13.5.19 show ip pimsm rp This command displays the PIM information for candidate Rendezvous Points (RPs) for all IP multicast groups or for the specific <groupaddress> <groupmask> provided in the command. The information in the table is displayed for each IP multicast group. ▫...
14. SWITCH OPERATION 14.1 Address Table The Switch is implemented with an address table. This address table composed of many entries. Each entry is used to store the address information of some node in network, including MAC address, port no, etc. This in-formation comes from the learning process of Ethernet Switch.
14.5 Auto-Negotiation The STP ports on the Switch have built-in "Auto-negotiation". This technology automatically sets the best possible bandwidth when a connection is established with another network device (usually at Power On or Reset). This is done by detect the modes and speeds at the second of both device is connected and capable of, both 10Base-T and 100Base-TX devices can connect with the port in either Half- or Full-Duplex mode.
15. TROUBLE SHOOTING This chapter contains information to help you solve problems. If the Ethernet Switch is not functioning properly, make sure the Ethernet Switch was set up according to instructions in this manual. The Link LED is not lit Solution: Check the cable connection and remove duplex mode of the Ethernet Switch Some stations cannot talk to other stations located on the other port...
APPENDEX A A.1 Switch's RJ-45 Pin Assignments 1000Mbps, 1000Base T Contact MDI-X BI_DA+ BI_DB+ BI_DA- BI_DB- BI_DB+ BI_DA+ BI_DC+ BI_DD+ BI_DC- BI_DD- BI_DB- BI_DA- BI_DD+ BI_DC+ BI_DD- BI_DC- Implicit implementation of the crossover function within a twisted-pair cable, or at a wiring panel, while not expressly forbidden, is beyond the scope of this standard.
Page 522
The standard RJ-45 receptacle/connector There are 8 wires on a standard UTP/STP cable and each wire is color-coded. The following shows the pin allocation and color of straight cable and crossover cable connection: Straight Cable SIDE 1 SIDE2 1 = White / Orange 1 = White / Orange SIDE 1 2 = Orange...
GLOSSARY Bandwidth Utilization The percentage of packets received over time as compared to overall bandwidth. BOOTP Boot protocol used to load the operating system for devices connected to the network. Distance Vector Multicast Routing Protocol (DVMRP) A distance-vector-style routing protocol used for routing multicast datagrams through the Internet. DVMRP combines many of the features of RIP with Reverse Path Broadcasting (RPB).
Page 524
IEEE 802.1D Specifies a general method for the operation of MAC bridges, including the Spanning Tree Protocol. IEEE 802.1Q VLAN Tagging—Defines Ethernet frame tags which carry VLAN information. It allows switches to assign end-stations to different virtual LANs, and defines a standard way for VLANs to communicate across switched networks. IEEE 802.3ac Defines frame extensions for VLAN tagging.
Page 525
Management Information Base (MIB) An acronym for Management Information Base. It is a set of database objects that contains information about a specific device. Multicast Switching A process whereby the switch filters incoming multicast frames for services no attached host has registered for, or forwards them to all ports contained within the designated multicast VLAN group.
Page 526
Serial Line Internet Protocol (SLIP) Serial Line Internet Protocol, a standard protocol for point-to-point connections using serial lines. Spanning Tree Protocol (STP) A technology that checks your network for any loops. A loop can often occur in complicated or back-up linked network systems. Spanning-tree detects and directs data along the shortest path, maximizing the performance and efficiency of the network.