Who Should Use This Book This book is intended for network installers and system administrators engaged in configuring and maintaining a network. The administrator should be familiar with Ethernet concepts, IP addressing, Spanning Tree Protocol, and SNMP configuration parameters. G8332 Command Reference for ENOS 8.4...
Typographic Conventions The following table describes the typographic styles used in this book. Table 1. Typographic Conventions Typeface or Symbol Meaning plain fixedwidth This type is used for names of commands, files, and text directories used within the text. For example: View the readme.txt file. It also depicts on‐screen computer output and prompts. bold fixedwidth This bold type appears in command examples. It shows text text that must be typed in exactly as shown. For example: show sysinfo bold body text This bold type indicates objects such as window names, dialog box names, and icons, as well as user interface objects such as buttons, and tabs. italicized body text This italicized type indicates book titles, special terms, or words to be emphasized. angle brackets < > Indicate a variable to enter based on the description inside the brackets. Do not type the brackets when entering the command. Example: If the command syntax is ping <IP address> you enter ping 192.32.10.12 braces {} Indicate required elements in syntax descriptions where there is more than one option. You must choose only one of the options. Do not type the braces when entering the ...
ISCLI Command Modes The ISCLI has three major command modes listed in order of increasing privileges, as follows: User EXEC mode This is the initial mode of access. By default, password checking is disabled for this mode, on console. Privileged EXEC mode This mode is accessed from User EXEC mode. This mode can be accessed using the following command: enable Global Configuration mode This mode allows you to make changes to the running configuration. If you save the configuration, the settings survive a reload of the G8332. Several sub‐modes can be accessed from the Global Configuration mode. For more details, see Table 2. This mode can be accessed using the following command: configure terminal Each mode provides a specific set of commands. The command set of a higher‐privilege mode is a superset of a lower‐privilege mode—all lower‐privilege mode commands are accessible when using a higher‐privilege mode. The following table lists the ISCLI command modes. Table 2. ISCLI Command Modes Command Mode/Prompt Command used to enter or exit User EXEC Default mode, entered automatically on console RS G8332> Exit: exit or logout Privileged EXEC Enter Privileged EXEC mode, from User EXEC mode:...
Page 24
Table 2. ISCLI Command Modes (continued) Command Mode/Prompt Command used to enter or exit Router RIP Enter RIP Configuration mode, from Global Configuration mode: RS G8332(configrouterrip)# router rip Exit to Global Configuration mode: exit Exit to Privileged EXEC mode: end Route Map Enter Route Map Configuration mode, from Global Configuration mode: RS G8332(configroutemap)# routemap <1‐255> Exit to Global Configuration mode: exit Exit to Privileged EXEC mode: end Router VRRP Enter VRRP Configuration mode, from Global Configuration mode: RS G8332(configvrrp)# router vrrp Exit to Global Configuration mode: exit Exit to Privileged EXEC mode: end PIM Component Enter Protocol Independent Multicast (PIM) Component Configuration mode, from Global Configuration mode: RS G8332(configippimcomp)# ip pim component <1‐2>...
Global Commands Some basic commands are recognized throughout the ISCLI command modes. These commands are useful for obtaining online help, navigating through the interface, and for saving configuration changes. For help on a specific command, type the command, followed by help. Table 3. Description of Global Commands Command Action Provides more information about a specific command or lists commands available at the current level. list Lists the commands available at the current level. exit Go up one level in the command mode structure. If already at the top level, exit from the command line interface and log out. copy runningconfig Write configuration changes to non‐volatile flash startupconfig memory. logout Exit from the command line interface and log out. traceroute Use this command to identify the route used for station‐to‐station connectivity across the network. The format is as follows: traceroute [{<hostname>|<IP address>} [<max‐hops (1‐32)> [<msec‐delay (1‐4294967295)>]] [dataport|mgtport]] Where: hostname/IP address: Sets the hostname or IP address of the target station. maxhops: Sets the maximum distance to trace. msecdelay: Sets the number of milliseconds ...
Page 28
Table 3. Description of Global Commands Command Action telnet This command is used to form a Telnet session between the switch and another network device. The format is as follows: telnet [{<hostname>|<IP address>} [<service port (1‐65535)>] [dataport|mgtport]] Where: hostname/IP address: Sets the target station. port: Sets the logical Telnet port or service number. By default, the management port is used. To use a specific port, use the following options: data port: dataport management port: mgtport Note: The DNS parameters must be configured if specifying hostnames. show history This command displays the last ten issued commands. show who Displays a list of users who are currently logged in. show line Displays a list of users who are currently logged in, in table format. G8332 Command Reference for ENOS 8.4...
User Access Levels To enable better switch management and user accountability, three levels or classes of user access have been implemented on the G8332. Levels of access to CLI, Web management functions, and screens increase as needed to perform various switch management tasks. Conceptually, access classes are defined as follows: user Interaction with the switch is completely passive—nothing can be changed on the G8332. Users may display information that has no security or privacy implications, such as switch statistics and current operational state information. oper Operators can make temporary changes on the G8332. These changes are lost when the switch is rebooted. Operators have access to the switch management features used for daily switch operations. Because any changes an operator makes are undone by a reboot of the switch, operators cannot severely impact switch operation. admin Administrators are the only ones that may make permanent changes to the switch configuration—changes that are persistent across a reboot of the switch. Administrators can access switch functions to configure and troubleshoot problems on the G8332. Because administrators can also make temporary (operator‐level) changes as well, they must be aware of the interactions between temporary and permanent changes. Access to switch functions is controlled through the use of unique surnames and passwords. Once you are connected to the switch via local Telnet, remote Telnet, or SSH, you are prompted to enter a password. The default user names/password for each access level are listed in the following table. Note: It is recommended that you change default switch passwords after initial configuration and as regularly as required under your network security policies. Table 4. User Access Levels User Account Description and Tasks Performed Password User The User has no direct responsibility for switch ...
System Information The information provided by each command option is briefly described in the following table, with pointers to where detailed information can be found. Table 6. System Information Options Command Syntax and Usage dir [configs|images] Displays the configuration files and NOS images currently on the switch. configs ‐ displays only the configuration files currently on the switch images ‐ displays only the system images currently on the switch For more details, see page Command mode: Privileged EXEC show access user Displays configured user names and their status. Command mode: Privileged EXEC show logging [messages] [severity <0‐7>] [reverse] [|{include|exclude|section|begin|head <1‐2000>| |last <1‐2000>}] Displays the current syslog configuration, followed by the most recent 2000 syslog messages. messages displays the most recent 2000 syslog messages only severity displays syslog messages of the specified severity level reverse displays syslog messages starting with the most recent message | displays syslog messages that match one of the following filters: • include displays syslog messages that match the specified expression • exclude displays syslog messages that don’t match the specified expression •...
CLI Display Information These commands allow you to display information about the number of lines per screen displayed in the CLI. Table 7. CLI Display Information Options Command Syntax and Usage show terminallength Displays the number of lines per screen displayed in the CLI for the current session. A value of 0 means paging is disabled. Command mode: All show line console length Displays the number of lines per screen displayed in the CLI by default for console sessions. A value of 0 means paging is disabled. Command mode: All show line vty length Displays the number of lines per screen displayed in the CLI by default for Telnet and SSH sessions. A value of 0 means paging is disabled. Command mode: All G8332 Command Reference for ENOS 8.4...
SNMPv3 System Information SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 framework by supporting the following: a new SNMP message format security for messages access control remote configuration of SNMP parameters For more details on the SNMPv3 architecture please refer to RFC2271 to RFC2276. Table 9. SNMPv3 Information Options Command Syntax and Usage show snmpserver v3 Displays all the SNMPv3 information. To view a sample, see page Command mode: All show snmpserver v3 access Displays View‐based Access Control information. To view a sample, see page Command mode: All show snmpserver v3 community Displays information about the community table information. To view a sample, see page Command mode: All show snmpserver v3 group Displays information about the group, including the security model, user name and group name. To view a sample, see page Command mode: All show snmpserver v3 notify Displays the Notify table information. To view a sample, see page Command mode: All show snmpserver v3 targetaddress Displays the Target Address table information. To view a sample, see page Command mode: All show snmpserver v3 targetparameters...
SNMPv3 View Table Information The user can control and restrict the access allowed to a group to only a subset of the management information in the management domain that the group can access within each context by specifying the group’s rights in terms of a particular MIB view for security reasons. The following command displays the SNMPv3 View Table: show snmpserver v3 view Command mode: All View Name Subtree Mask Type iso 1.3 included v1v2only 1.3 included v1v2only 1.3.6.1.6.3.15 excluded v1v2only 1.3.6.1.6.3.16 excluded v1v2only 1.3.6.1.6.3.18 excluded Table 11. SNMPv3 View Table Information Parameters Field Description View Name Displays the name of the view. Subtree Displays the MIB subtree as an OID string. A view subtree is the set of all MIB object instances which have a common Object Identifier prefix to their names. Mask Displays the bit mask. Type Displays whether a family of view subtrees is included or excluded from the MIB view. G8332 Command Reference for ENOS 8.4...
SNMPv3 Group Table Information A group is a combination of security model and security name that defines the access rights assigned to all the security names belonging to that group. The group is identified by a group name. The following command displays SNMPv3 group information: show snmpserver v3 group Command mode: All All active SNMPv3 groups are listed below: Sec Model User Name Group Name snmpv1 v1v2only v1v2grp usm adminmd5 admingrp usm adminsha admingrp usm adminshaaes admingrp Table 13. SNMPv3 Group Table Information Parameters Field Description Sec Model Displays the security model used, which is any one of: USM, SNMPv1, SNMPv2, and SNMPv3. User Name Displays the name for the group. Group Name Displays the access name of the group. SNMPv3 Community Table Information The following command displays the SNMPv3 community table information stored in the SNMP engine: show snmpserver v3 community Command mode: All ...
SNMPv3 Target Parameters Table Information The following command displays SNMPv3 target parameters information: show snmpserver v3 targetparameters Command mode: All Name MP Model User Name Sec Model Sec Level v1v2param snmpv2c v1v2only snmpv1 noAuthNoPriv Table 16. SNMPv3 Target Parameters Table Information Field Description Name Displays the locally arbitrary, but unique identifier associated with this snmpTargeParamsEntry. MP Model Displays the Message Processing Model used when generating SNMP messages using this entry. User Name Displays the securityName, which identifies the entry on whose behalf SNMP messages will be generated using this entry. Sec Model Displays the security model used when generating SNMP messages using this entry. The system may choose to return an inconsistentValue error if an attempt is made to set this variable to a value for a security model the system does not support. Sec Level Displays the level of security used when generating SNMP messages using this entry. SNMPv3 Notify Table Information The following command displays the SNMPv3 Notify Table: show snmpserver v3 notify Command mode: All ...
General System Information The following command displays system information: show sysinfo Command mode: All System Information at 5:00:53 Fri Mar 13, 2015 Time zone: No timezone configured Daylight Savings Time Status: Disabled Lenovo RackSwitch G8332 Switch has been up for 0 days, 0 hours, 2 minutes and 6 seconds. Last boot: 5:00:09 Fri Mar 13, 2015 (reset from console) MAC address: a8:97:dc:88:c9:00 IP (If 1) address: 0.0.0.0 Management Port MAC Address: a8:97:dc:88:c9:fe Management Port IP Address (if 128): 10.241.39.14 Hardware Revision: 0 Hardware Part No: BAC0009500 Switch Serial No: Y019CM3CA180 Manufacturing date: 13/49 MTM Value: 8036HC4 ESN: MM17503 Software Version 8.4.1.0 (FLASH image1), active configuration. Boot kernel version 8.4.1.0 USB Boot: disabled Temperature CPU Local : 32 C Temperature Rear In/Ex : 28 C Temperature Front In/Ex : 25 C Temperature Hot Spot : 32 C Temperature Asic Max : 36 C Temperature MDA : 30 C System Warning at 85 C / Shutdown at 95 C / Set Point is 70 C Fan 1 Module 1: 7021rpm 60pwm(23%) FrontToBack Fan 2 Module 1: 7447rpm 60pwm(23%) FrontToBack Fan 3 Module 2: 6733rpm 60pwm(23%) FrontToBack Fan 4 Module 2: 7447rpm 60pwm(23%) FrontToBack Fan 5 Module 3: 6687rpm 60pwm(23%) FrontToBack Fan 6 Module 3: 7447rpm 60pwm(23%) FrontToBack Fan 7 Module 4: 6922rpm 60pwm(23%) FrontToBack Fan 8 Module 4: 7123rpm 60pwm(23%) FrontToBack System Fan Airflow: FrontToBack Power Supply 1: FrontToBack [94Y8104]...
Show Recent Syslog Messages The following command displays system log messages: show logging [messages] [severity <0‐7>] [reverse] Command mode: All Current syslog configuration: host 0.0.0.0 via MGT port, severity 7, facility 0 host2 0.0.0.0 via MGT port, severity2 7, facility2 0 console enabled severity level of console output 6 severity level of write to flash 7 syslogging all features Syslog source loopback interface not set Nov 2 5:49:53 172.25.254.19 INFO console: System log cleared by user admin. Nov 2 5:51:23 172.25.254.19 CRIT system: Fan Mod 4 Removed Nov 2 5:54:27 172.25.254.19 CRIT system: **** MAX TEMPERATURE (61) ABOVE FAIL THRESH **** Nov 2 5:54:27 172.25.254.19 CRIT system: **** PLATFORM THERMAL SHUTDOWN **** Nov 2 6:02:06 0.0.0.0 NOTICE system: link up on management port MGT Nov 2 6:02:06 0.0.0.0 INFO system: booted version 0.0.0 from FLASH image2, active configuration Nov 2 6:02:09 0.0.0.0 NOTICE system: SR SFP+ inserted at port 63 is Approved Nov 2 6:02:12 0.0.0.0 NOTICE system: 1m DAC inserted at port 64 is Accepted Nov 2 6:02:12 0.0.0.0 NOTICE system: link up on management port MGT Nov 2 6:03:11 0.0.0.0 NOTICE ip: MGT port default gateway 172.25.1.1 operational Nov 2 6:22:54 172.25.254.19 NOTICE mgmt: admin(admin) login on Console Nov 2 6:33:00 172.25.254.19 NOTICE mgmt: admin(admin) idle timeout from Console Each syslog message has a severity level associated with it, included in text form as a prefix to the log message. One of eight different prefixes is used, depending on the condition that the administrator is being notified of, as shown here. EMERG Indicates the system is unusable ALERT Indicates action should be taken immediately...
LDAP Information The following command displays LDAP server configuration information: show ldapserver Command mode: All except User EXEC for LDAP configured in legacy mode: Current LDAP settings: Primary LDAP Server (null) via MGT port Secondary LDAP Server (null) via MGT port Current LDAP server (null) LDAP port 389, Retries 3, Timeout 5, LDAP server OFF, Backdoor access disabled LDAP domain name LDAP user attribute uid for LDAP configured in enhanced mode: Current LDAP settings: LDAP server 1 10.10.43.55:389 via MGT port LDAP server 2 LDAPserver109:389 via DATA port LDAP server 3 (null) LDAP server 4 (null) LDAP Bind Mode Login Credentials LDAP Bind DN (null) Retries 3, Timeout 5, LDAP server OFF, Backdoor access disabled LDAP domain name LDAP attributes user attribute uid group attribute memberOf login attribute ibmchassisRole LDAP group filter (null) G8332 Command Reference for ENOS 8.4...
Page 52
Table 19. Layer 2 Information Commands (continued) Command Syntax and Usage show spanningtree Displays Spanning Tree information, including the status (on or off), Spanning Tree mode (RSTP, PVRST, or MSTP) and VLAN membership. In addition to seeing if STG is enabled or disabled, you can view the following STG bridge information: Priority Hello interval Maximum age value Forwarding delay Aging time You can also see the following port‐specific STG information: Port alias and priority Cost State For details, see page Command mode: All show spanningtree blockedports Lists the ports blocked by each STP instance. Command mode: All show spanningtree mst configuration Displays the current MSTP settings. Command mode: All show spanningtree mst <0‐32> [information] Displays Spanning Tree information for the specified instance. 0 is used for CIST. CIST bridge information includes: Priority ...
802.1X Information The following command displays 802.1X information: show dot1x information Command mode: All System capability : Authenticator System status : disabled Protocol version : 1 Guest VLAN status : disabled Guest VLAN : none Authenticator Backend Assigned Port Auth Mode Auth Status PAE State Auth State VLAN *1 forceauth unauthorized initialize initialize none *2 forceauth unauthorized initialize initialize none *3 forceauth unauthorized initialize initialize none The following table describes the IEEE 802.1X parameters. Table 20. 802.1X Parameter Descriptions Parameter Description Port Displays each port’s alias. Auth Mode Displays the Access Control authorization mode for the port. The Authorization mode can be one of the following: forceunauth auto forceauth Auth Status Displays the current authorization status of the port, either authorized or unauthorized. Authenticator Displays the Authenticator Port Access Entity State. The PAE State PAE state can be one of the following: initialize ...
FDB Information The forwarding database (FDB) contains information that maps the media access control (MAC) address of each known device to the switch port where the device address was learned. The FDB also shows which other ports have seen frames destined for a particular MAC address. Note: The master forwarding database supports up to 128K MAC address entries on the MP per switch. Table 21. FDB Information Options Command Syntax and Usage show macaddresstable Displays all entries in the Forwarding Database. Command mode: All show macaddresstable all Displays all unicast and multicast entries in the Forwarding Database. Command mode: All show macaddresstable address <MAC address> Displays a single database entry by its MAC address. You are prompted to enter the MAC address of the device. Enter the MAC address using the format, xx:xx:xx:xx:xx:xx. For example, 08:00:20:12:34:56. You can also enter the MAC address using the format, xxxxxxxxxxxx. For example, 080020123456. Command mode: All show macaddresstable configuredstatic Displays all configured static MAC entries in the FDB. Command mode: All show macaddresstable interface port <port alias or number> Displays all FDB entries for a particular port. Command mode: All show macaddresstable multicast Displays all static multicast MAC entries in the FDB. For details, see page Command mode: All show macaddresstable portchannel <1‐208> Displays all FDB entries for a particular Link Aggregation Group (LAG).
Show All FDB Information The following command displays Forwarding Database information: show macaddresstable Command mode: All Mac address Aging Time: 300 MAC address VLAN Port Trnk State Permanent Openflow a8:97:dc:8a:1e:00 1 105 TRK a8:97:dc:8a:1e:01 1 105 TRK a8:97:dc:8a:1e:02 2 105 TRK a8:97:dc:8a:1e:63 3 105 TRK a8:97:dc:d1:f4:00 4 105 TRK a8:97:dc:d1:f5:00 5 105 TRK An address that is in the forwarding (FWD) state, means that it has been learned by the switch. When in the aggregation (TRK) state, the port field represents the Link Aggregation Group (LAG) number. If the state for the port is listed as unknown (UNK), the MAC address has not yet been learned by the switch, but has only been seen as a destination address. When an address is in the unknown state, no outbound port is indicated, although ports which reference the address as a destination are listed under “Reference ports.” Clearing Entries from the Forwarding Database To clear the entire FDB, refer to “Forwarding Database Maintenance” on page 711. G8332 Command Reference for ENOS 8.4...
Link Aggregation Control Protocol The following command displays LACP information: show lacp information Command mode: All port mode adminkey operkey selected prio aggr trunk status minlinks 1 active 65535 65535 yes 32768 1 65 up 1 2 active 65535 65535 yes 32768 1 65 up 1 3 active 65535 65535 individual 32768 down 1 4 active 65535 65535 yes 32768 1 65 up 1 5 active 65535 65535 yes 32768 1 65 up 1 6 active 65535 65535 yes 32768 1 65 up 1 7 active 65535 65535 yes 32768 1 65 up 1 8 active 65535 65535 yes 32768 1 65 up 1 9 active 1000 1000 suspended 32768 down 1 10 active 1000 1000 suspended 32768 down 1 (*) LACP PortChannel is statically bound to the admin key LACP dump includes the following information for each port in the G8332: mode Displays the port’s LACP mode (active, passive or off). adminkey Displays the value of the port’s adminkey. operkey Shows the value of the port’s operational key. selected Indicates whether the port has been selected to be part of a Link Aggregation Group. prio Shows the value of the port priority. aggr Displays the aggregator associated with each port. trunk ...
Page 62
A monitor port’s Failover status is Operational only if all the following conditions hold true: Port link is up. If Spanning‐Tree is enabled, the port is in the Forwarding state. If the port is a member of an LACP Link Aggregation Group (LAG), the port is aggregated. If any of these conditions are not true, the monitor port is considered to be failed. A control port is considered to be operational if the monitor trigger state is Up. Even if a port’s link status is Down, Spanning‐Tree status is Blocking, and the LACP status is Not Aggregated, from a teaming perspective the port status is Operational, since the trigger is Up. A control port’s status is displayed as Failed only if the monitor trigger state is Down. G8332 Command Reference for ENOS 8.4...
LLDP Information The following commands display LLDP information. Table 25. LLDP Information Options Command Syntax and Usage show lldp Displays the current Link Layer Discovery Protocol (LLDP) configuration. Command mode: All show lldp information Displays all LLDP information. Command mode: All show lldp port [<port alias or number>] Displays LLDP information for all ports or a specific port. Command mode: All show lldp port <port alias or number> tlv evb Displays Edge Virtual Bridge (EVB) type‐length‐value (TLV) information for the specified port. Command mode: All show lldp receive Displays information about the LLDP receive state machine. Command mode: All show lldp remotedevice [<1‐256>|detail] Displays information received from LLDP‐capable devices. For more information, see page Command mode: All show lldp remotedevice port <port alias or number> Displays information received from LLDP‐capable devices for a specific port. A list of ports needs to be delimited by ʹ,ʹ and a range of ports delimited by ʹ‐ʹ. Command mode: All show lldp transmit Displays information about the LLDP transmit state machine. Command mode: All G8332 Command Reference for ENOS 8.4...
Unidirectional Link Detection Information The following commands display UDLD information: Table 26. UDLD Information Options Command Syntax and Usage show udld Displays all UDLD information. Command mode: All show interface port <port alias or number> udld Displays UDLD information about the selected port. Command mode: All UDLD Port Information The following command displays UDLD information for the selected port: show interface port <port alias or number> udld Command mode: All UDLD information on port 1 Port enable administrative configuration setting: Enabled Port administrative mode: normal Port enable operational state: link up Port operational state: advertisement Port bidirectional status: bidirectional Message interval: 15 Time out interval: 5 Neighbor cache: 1 neighbor detected Entry #1 Expiration time: 31 seconds Device Name: Device ID: 00:da:c0:00:04:00 Port ID: 1 UDLD information includes the following: Status (enabled or disabled) ...
OAM Discovery Information The following commands display OAM information: Table 28. OAM Discovery Information Options Command Syntax and Usage show interface port <port alias or number> oam Displays OAM information about the selected port. Command mode: All show oam Displays all OAM information. Command mode: All OAM Port Information The following command displays OAM information for the selected port: show interface port <port alias or number> oam Command mode: All OAM information on port 1 State enabled Mode active Link up Satisfied Yes Evaluating No Remote port information: Mode active MAC address 00:da:c0:00:04:00 Stable Yes State valid Yes Evaluating No OAM port display shows information about the selected port and the peer to which the link is connected. G8332 Command Reference for ENOS 8.4...
vLAG Aggregation Information The following command displays vLAG information for the Link Aggregation Group (LAG): show vlag portchannel <1‐104> Command mode: All vLAG is enabled on trunk 13 Protocol Static Current settings: enabled ports: 13 Current L2 trunk hash settings: smac dmac Current L3 trunk hash settings: sip dip Current ingress port hash: disabled Current L4 port hash: disabled Current FCoE trunk hash settings: sid did vLAG Peer Gateway Information The following command displays the current state of the vLAG peer gateway. show vlag peergateway Command mode: All Current peer gateway state: disabled vLAG VRRP Information The following command displays vLAG related VRRP information: show vlag vrrp Command mode: All vLAG VRRP mode: Active vLAG related VRRP information: 1: vrid 1, local role master, peer role backup 10: vrid 1, local role backup, peer role backup 100: vrid 1, local role backup, peer role master vLAG VRRP mode: Passive vLAG related VRRP information: 1: vrid 1, local role master, peer role init 10: vrid 1, local role backup, peer role init 100: vrid 1, local role backup, peer role init...
RSTP Information The following command displays RSTP information: show spanningtree stp <1> information Command mode: All Spanning Tree Group 1: On (RSTP) VLANs: 1 10 4095 Current Root: PathCost Port Hello MaxAge FwdDel 8000 00:25:03:49:29:00 0 0 2 20 15 Parameters: Priority Hello MaxAge FwdDel Aging Topology Change Counts 32768 2 20 15 300 1 Port Prio Cost State Role Designated Bridge Des Port Type 1 (pc12) 128 490!+ FWD DESG 800000:25:03:49:29:00 8026 P2P 2 (pc12) 128 490!+ FWD DESG 800000:25:03:49:29:00 8026 P2P 3 (pc12) 128 490!+ FWD DESG 800000:25:03:49:29:00 8026 P2P 4 (pc12) 128 490!+ FWD DESG 800000:25:03:49:29:00 8026 P2P MGT 0 0 FWD * * = STP turned off for this port. ! = Automatic path cost. + = Portchannel cost, not the individual port cost. The switch software uses the Per VLAN Rapid Spanning Tree Protocol (PVRST) spanning tree mode, with IEEE 802.1D (2004) Rapid Spanning Tree Protocol (RSTP) or IEEE 802.1Q (2003) Multiple Spanning Tree Protocol (MSTP), as alternatives. The following port‐specific information is also displayed: Table 30. PVRST/RSTP/MSTP Port Parameter Descriptions Parameter Description Priority The Port Priority parameter helps determine which bridge port (port) becomes the designated port. In a network topology that has multiple bridge ports connected to a single segment, the port with the lowest port priority becomes the designated port for the segment. Cost The Port Path cost parameter is used to help determine the designated port for a segment. Generally speaking, the faster the ...
PVRST Information The following command displays PVRST information: show spanningtree stp <1‐128> information Command mode: All Spanning Tree Group 1: On (PVRST) VLANs: 1 Current Root: PathCost Port Hello MaxAge FwdDel 8001 a8:97:dc:03:d5:00 490 1 2 20 15 Prev Root: Port Replaced at 8001 a8:97:dc:d2:12:00 0 16:33:08 3 32016 Parameters: Priority Hello MaxAge FwdDel Aging Topology Change Counts 32769 2 20 15 300 8 Port Prio Cost State Role Designated Bridge Des Port Type 1 (pc1) 128 490!+ FWD ROOT 8001a8:97:dc:03:d5:00 8042 P2P 2 (pc1) 128 490!+ FWD ROOT 8001a8:97:dc:03:d5:00 8042 P2P 3 (pc1) 128 490!+ FWD ROOT 8001a8:97:dc:03:d5:00 8042 P2P 4 (pc1) 128 490!+ FWD ROOT 8001a8:97:dc:03:d5:00 8042 P2P 11 128 2000! FWD DESG 8001a8:97:dc:d2:12:00 800b P2P 13 128 2000! FWD DESG 8001a8:97:dc:d2:12:00 800d P2P 14 128 2000! FWD DESG 8001a8:97:dc:d2:12:00 800e P2P 16 128 2000! FWD DESG 8001a8:97:dc:d2:12:00 8010 P2P ! = Automatic path cost. + = Portchannel cost, not the individual port cost. You can configure the switch software to use the IEEE 802.1D (2004) Rapid Spanning Tree Protocol (RSTP), the IEEE 802.1Q (2003) Multiple Spanning Tree Protocol (MSTP) or PerVLAN Rapid Spanning Tree Protocol (PVRST). The following port‐specific information is also displayed: Table 31. RSTP/MSTP/PVRST Port Parameter Descriptions Parameter Description Prio (port) The Port Priority parameter helps determine which bridge port becomes the designated port. In a network topology that ...
Spanning Tree Bridge Information The following command displays Spanning Tree bridge information: show spanningtree bridge Command mode: All STG Priority Hello MaxAge FwdDel Protocol VLANs 1 32768 2 20 15 PVRST 1 2 32768 2 20 15 PVRST 2 128 32768 2 20 15 PVRST 4095 show spanningtree vlan <VLAN ID (1‐4094)> bridge Command mode: All Vlan Priority Hello MaxAge FwdDel Protocol 1 32768 2 20 15 MSTP Table 32. Bridge Parameter Descriptions Parameter Description VLAN VLANs that are part of the Spanning Tree Group Priority The bridge priority parameter controls which bridge on the network will become the STP root bridge. The lower the value, the higher the priority. Hello The hello time parameter specifies, in seconds, how often the bridge transmits a configuration bridge protocol data unit (BPDU). Any bridge that is not the root bridge uses the root bridge hello value. MaxAge The maximum age parameter specifies, in seconds, the maximum time the bridge waits without receiving a configuration bridge protocol data unit before it reconfigures the STP network. FwdDel The forward delay parameter specifies, in seconds, the amount of time that a bridge port has to wait before it ...
Multiple Spanning Tree Information The following command displays Multiple Spanning Tree (MSTP) information: show spanningtree mst <0‐32> information Command mode: All Mstp Digest: 0x9f71e12a07f4e3004fe0ce1f241a7b66 Spanning Tree Group 5: On (MSTP) VLANs MAPPED: 5 VLANs: 5 Current Root: PathCost Port 0000 a8:97:dc:88:c9:00 0 0 Parameters: Priority Aging Topology Change Counts 0 300 1 Port Prio Cost State Role Designated Bridge Des Port Type 1 (pc105) 128 156!+ FWD DESG 0000a8:97:dc:88:c9:00 80e8 P2P 2 (pc105) 128 156!+ FWD DESG 0000a8:97:dc:88:c9:00 80e8 P2P 4 128 500! FWD DESG 0000a8:97:dc:88:c9:00 800a P2P,edge 22 (pc105) 128 156!+ FWD DESG 0000a8:97:dc:88:c9:00 80e8 P2P ! = Automatic path cost. + = Portchannel cost, not the individual port cost. In addition to seeing Common Internal Spanning Tree (CIST) status, you can view the following CIST bridge information: Table 34. CIST Parameter Descriptions Parameter Description CIST Root The CIST Root shows information about the root bridge for the Common Internal Spanning Tree (CIST). Values on this row of information refer to the CIST root. CIST Regional The CIST Regional Root shows information about the root Root bridge for this MSTP region. Values on this row of information refer to the regional root. Priority (bridge) The bridge priority parameter controls which bridge on the ...
Link Aggregation Group (LAG) Information The following command displays Link Aggregation Group (LAG) information: show portchannel information Command mode: All Trunk group 1: Enabled Protocol Static Port state: 1: STG 1 forwarding 2: STG 1 forwarding When LAGs are configured, you can view the state of each port in the various LAGs. Note: If Spanning Tree Protocol on any port in the LAG is set to forwarding, the remaining ports in the LAG will also be set to forwarding. G8332 Command Reference for ENOS 8.4...
Page 82
The following command displays VLAN information: show vlan Command mode: All VLAN Name Status Ports 1 Default VLAN ena 120 2 VLAN 2 dis 2122 100 VLAN 100 ena empty 200 VLAN 200 ena empty 300 VLAN 300 ena empty 4095 Mgmt VLAN ena MGT Primary Secondary Type Ports 100 200 isolated 14 100 300 community 12 This information display includes all configured VLANs and all member ports that have an active link state. Port membership is represented in slot/port format. VLAN information includes: VLAN Number VLAN Name Status Port membership of the VLAN Protocol VLAN information (if available) Private VLAN information (if available) G8332 Command Reference for ENOS 8.4...
Page 84
Table 37. Layer 3 Information Commands (continued) Command Syntax and Usage show ip igmp Displays IGMP Information. For more IGMP information options, see page 116. Command mode: All show ip information Displays all IP information. Command mode: All show ip interface brief Displays IP Information. For details, see page 128. IP information, includes: IP interface information: Interface number, IP address, subnet mask, VLAN number, and operational status. Default gateway information: Metric for selecting which configured gateway to use, gateway number, IP address, and health status IP forwarding settings, network filter settings, route map settings Command mode: All show ipv6 interface <interface number> Displays IPv6 interface information. For details, see page 126. Command mode: All show ip matchaddress [<1‐256>] Displays the current the Network Filter configuration. Command mode: All show ip mroute Displays the current IP multicast routes. Command mode: All show ip nat Displays NAT status information. For details, see page 148.
Page 86
Table 37. Layer 3 Information Commands (continued) Command Syntax and Usage show ip routing Displays the current IP forwarding settings. Command mode: All show ip slp information Displays Service Location Protocol (SLP) information. Command mode: All show ip slp directoryagents Displays SLP Directory Agent (DA) information. Command mode: All show ip slp useragents Displays SLP User Agent (UA) information. Command mode: All show ip tenant [info] <1‐30> Displays tenant information. Command mode: All show ip vrrp information Displays VRRP information. For details, see page 123. Command mode: All show ipsec manualpolicy Displays information about manual key management policy for IP security. For more information options, see page 132. Command mode: All show layer3 Dumps all Layer 3 switch information available (10K or more, depending on your configuration). If you want to capture dump data to a file, set your communication software on your workstation to capture session data before issuing the dump commands. Command mode: All show layer3 igmpgroups Displays the total number of IGMP groups that are registered on the switch. Command mode: All show layer3 ipmcgroups Displays the total number of current IP multicast (IPMC) groups that are ...
Show All IP Route Information The following command displays IP route information: show ip route Command mode: All Mgmt routes: Status code: * best Destination Mask Gateway Type Tag Metric If * 192.168.50.0 255.255.255.0 192.168.50.50 direct fixed 128 * 192.168.50.50 255.255.255.255 192.168.50.50 local addr 128 * 192.168.50.255 255.255.255.255 192.168.50.255 broadcast broadcast 128 Data routes: Status code: * best Destination Mask Gateway Type Tag Metric If * 127.0.0.0 255.0.0.0 0.0.0.0 martian martian * 224.0.0.0 224.0.0.0 0.0.0.0 martian martian * 224.0.0.0 240.0.0.0 0.0.0.0 multicast addr * 255.255.255.255 255.255.255.255 255.255.255.255 broadcast broadcast The following table describes the Type parameters. Table 39. IP Routing Type Parameters Parameter Description indirect The next hop to the host or subnet destination will be forwarded through a router at the Gateway address. direct Packets will be delivered to a destination host or subnet attached to the switch. local Indicates a route to one of the switch’s IP interfaces. broadcast Indicates a broadcast route. martian The destination belongs to a host or subnet which is filtered out. ...
ARP Information The ARP information includes IP address and MAC address of each entry, address status flags (see Table 42 on page 92), VLAN, age and port for the address. Table 41. ARP Information Options Command Syntax and Usage show [ip] arp [all] Displays all ARP entries. including: IP address and MAC address of each entry Address status flag The VLAN and port to which the address belongs The elapsed time (in seconds) since the ARP entry was learned For more information, see page Command mode: All show ip arp data Displays all data ARP entries. Command mode: All show [ip] arp find <IP address> Displays a single ARP entry by IP address. Command mode: All show ip arp inspection Displays the current Dynamic ARP Inspection (DAI) configuration settings. For details, see page Command mode: All show [ip] arp interface port <port alias or number> Displays the ARP entries on a single port. Command mode: All show ip arp management Displays all management ARP entries. Command mode: All show [ip] arp reply Displays the ARP entries for the switch’s IP interfaces.
Page 92
The Port field shows the target port of the ARP entry. The Flags field is interpreted as follows: Table 42. ARP Flag Parameters Flag Description Permanent entry created for switch IP interface. Indirect route entry. Unresolved ARP entry. The MAC address has not been learned. G8332 Command Reference for ENOS 8.4...
BGP Information The following commands display BGP information: Table 44. BGP Peer Information Options Command Syntax and Usage show ip bgp aggregateaddress [<1‐16>] Displays the current BGP aggregation configuration. Command mode: All show ip bgp information Displays the BGP routing table. See page 97 for a sample output. Command mode: All show ip bgp neighbor [<1‐192>] Displays the current BGP peer configuration. Command mode: All show ip bgp neighbor advertisedroutes Displays all BGP advertised routes to all neighbors. Command mode: All show ip bgp neighbor <1‐192> advertisedroutes Displays all BGP advertised routes to a specific peer. Command mode: All show ip bgp neighbor group Displays BGP group information. See page 96 for a sample output. Command mode: All show ip bgp neighbor information Displays BGP peer information. See page 95 for a sample output. Command mode: All show ip bgp neighbor <1‐192> information Displays BGP peer information for a specific peer. Command mode: All show ip bgp neighbor <1‐192> redistribute Displays BGP neighbor redistribution. Command mode: All G8332 Command Reference for ENOS 8.4...
BGP Group Information Following is an example of the information provided by the following command: show ip bgp neighbor group Command mode: All BGP Group Information: Local router ID: 1.1.1.2, Local AS: 100 Group 1: Name: toG82642007 Addr: 192.168.128.0 Mask: 255.255.255.248 Remote AS list: 200 Dynamic Peers Limit: 8 Dynamic Peers in established state: 1 Dynamic Peers of this group: 97: 192.168.128.4, Group: 1 (toG82642007), TTL 1 Remote AS: 200, Local AS: 100, Link type: EBGP Remote router ID: 2.2.1.2, Local router ID: 1.1.1.2 Configured Version: 4 Negotiated Version: 4 Total path attribute out: 0 In Total Messages: 74 Out Total Messages: 74 In Updates: 0 Out Updates: 0 Established Time: 01:12:36 MinAdvTime: 00:01:00 Configured holdtime: 00:03:00 Negotiated holdtime: 00:03:00 Configured keepalive 00:01:00 Negotiated keepalive 00:01:00 In Update Last Time: 00:00:00 Out Update Last Time: 00:14:32 Last Send Time: 01:26:54 Last Received Time: 01:26:54 Inrmap list count: 0 Outrmap list count: 0 G8332 Command Reference for ENOS 8.4...
OSPF Information The following commands display OSPF information: Table 45. OSPF Information Options Command Syntax and Usage show interface ip <1‐128> ospf Displays the current OSPF settings for the specified IP interface. Command mode: All show ip ospf area <0‐19> Displays OSPF settings for a particular area index. Command mode: All show ip ospf area information [<0‐19>] Displays area information for all areas or a particular area index. Command mode: All show ip ospf arearange <1‐16> Displays the current OSPF summary range settings. Command mode: All show ip ospf areavirtuallink <1‐3> Displays the current OSPF virtual link settings. Command mode: All show ip ospf areavirtuallink information Displays information about all the configured virtual links. Command mode: All show ip ospf generalinformation Displays general OSPF information. See page 100 for a sample output. Command mode: All show ip ospf host <1‐128> Displays the current OSPF host entries. Command mode: All show ip ospf host information Displays OSPF host configuration information. Command mode: All show ip ospf information Displays the OSPF information. Command mode: All G8332 Command Reference for ENOS 8.4...
OSPF General Information The following command displays general OSPF information: show ip ospf generalinformation Command mode: All OSPF Version 2 Router ID: 10.10.10.1 Started at 1663 and the process uptime is 4626 Area Border Router: yes, AS Boundary Router: no LS types supported are 6 External LSA count 0 External LSA checksum sum 0x0 Number of interfaces in this router is 2 Number of virtual links in this router is 1 16 new lsa received and 34 lsa originated from this router Total number of entries in the LSDB 10 Database checksum sum 0x0 Total neighbors are 1, of which 2 are >=INIT state, 2 are >=EXCH state, 2 are =FULL state Number of areas is 2, of which 3transit 0nssa Area Id : 0.0.0.0 Authentication : none Import ASExtern : yes Number of times SPF ran : 8 Area Border Router count : 2 AS Boundary Router count : 0 LSA count : 5 LSA Checksum sum : 0x2237B Summary : noSummary OSPF Interface Information The following command displays OSPF interface information: show ip ospf interface <interface number> Command mode: All Ip Address 10.10.12.1, Area 0.0.0.1, Admin Status UP Router ID 10.10.10.1, State DR, Priority 1 Designated Router (ID) 10.10.10.1, Ip Address 10.10.12.1 Backup Designated Router (ID) 10.10.14.1, Ip Address 10.10.12.2 Timer intervals, Hello 10, Dead 40, Wait 1663, Retransmit 5,...
OSPF Database Information The following commands display OSPF Database information: Table 46. OSPF Database Information Options Command Syntax and Usage show ip ospf database Displays all the Link State Advertisements (LSAs). Command mode: All show ip ospf database advertisingrouter <router ID (IP address)> Takes advertising router as a parameter. Displays all the LSAs in the LS database that have the advertising router with the specified router ID, for example: 20.1.1.1. Command mode: All show ip ospf database area <0‐19> Displays LS database information for the specified OSPF area. Command mode: All show ip ospf database asbrsummary [advertisingrouter <router ID (IP address)>|linkstateid <link state ID (IP address)>|self] Displays ASBR summary LSAs. The usage of this command is as follows: asbrsummary advertisingrouter 20.1.1.1 displays ASBR summary LSAs having the advertising router 20.1.1.1. asbrsummary linkstateid 10.1.1.1 displays ASBR summary LSAs having the link state ID 10.1.1.1. asbrsummary self displays the self advertised ASBR summary LSAs. asbrsummary with no parameters displays all the ASBR summary LSAs. Command mode: All show ip ospf database databasesummary Displays the following information about the LS database in a table format: Number of LSAs of each type in each area. Total number of LSAs for each area.
OSPFv3 Information The following commands display OSPFv3 information: Table 47. OSPFv3 Information Options Command Syntax and Usage show ipv6 ospf area <area index (0‐2)> Displays the OSPFv3 area information. Command mode: All show ipv6 ospf areas Displays the OSPFv3 Area Table. Command mode: All show ipv6 ospf arearange <1‐16> Displays the current OSPFv3 summary range settings. Command mode: All show ipv6 ospf arearange information Displays OSPFv3 summary ranges. Command mode: All show ipv6 ospf areavirtuallink <1‐3> Displays the current OSPFv3 virtual link settings. Command mode: All show ipv6 ospf areavirtuallink information Displays information about all the configured virtual links. Command mode: All show ipv6 ospf borderrouters Displays OSPFv3 routes to an ABR or ASBR. Command mode: All show ipv6 ospf host <1‐128> Displays the current OSPFv3 host entries. Command mode: All show ipv6 ospf host information Displays OSPFv3 host configuration information. Command mode: All show ipv6 ospf information Displays all OSPFv3 information. To view a sample display, see page 106. Command mode: All G8332 Command Reference for ENOS 8.4...
OSPFv3 Information Dump The following command displays OSPFv3 information: show ipv6 ospf information Command mode: All Router Id: 1.0.0.1 ABR Type: Standard ABR SPF schedule delay: 5 secs Hold time between two SPFs: 10 secs Exit Overflow Interval: 0 Ref BW: 100000 Ext Lsdb Limit: none Trace Value: 0x00008000 As Scope Lsa: 2 Checksum Sum: 0xfe16 Passive Interface: Disable Nssa Asbr Default Route Translation: Disable Autonomous System Boundary Router Redistributing External Routes from connected, metric 10, metric type asExtType1, no tag set Number of Areas in this router 1 Area 0.0.0.0 Number of interfaces in this area is 1 Number of Area Scope Lsa: 7 Checksum Sum: 0x28512 Number of Indication Lsa: 0 SPF algorithm executed: 2 times OSPFv3 Interface Information The following command displays OSPFv3 interface information: show ipv6 ospf interface Command mode: All Ospfv3 Interface Information Interface Id: 1 Instance Id: 0 Area Id: 0.0.0.0 Local Address: fe80::222:ff:fe7d:5d00 Router Id: 1.0.0.1 Network Type: BROADCAST Cost: 1 State: BACKUP Designated Router Id: 2.0.0.2 local address: fe80::218:b1ff:fea1:6c01 Backup Designated Router Id: 1.0.0.1 local address: fe80::222:ff:fe7d:5d00 Transmit Delay: 1 sec Priority: 1 IfOptions: 0x0 Timer intervals configured: Hello: 10, Dead: 40, Retransmit: 5 Hello due in 6 sec Neighbor Count is: 1, Adjacent neighbor count is: 1 Adjacent with neighbor 2.0.0.2 G8332 Command Reference for ENOS 8.4...
RIP Routes Information The following command displays RIP route information: show ip rip routes Command mode: All >> IP Routing# 30.1.1.0/24 directly connected 3.0.0.0/8 via 30.1.1.11 metric 4 4.0.0.0/16 via 30.1.1.11 metric 16 10.0.0.0/8 via 30.1.1.2 metric 3 20.0.0.0/8 via 30.1.1.2 metric 2 This table contains all dynamic routes learned through RIP, including the routes that are undergoing garbage collection with metric = 16. This table does not contain locally configured static routes. RIP Interface Information The following command displays RIP user information: show ip rip interface <interface number> Command mode: All RIP USER CONFIGURATION : RIP: ON, update 30 RIP on Interface 49 : 101.1.1.10, enabled version 2, listen enabled, supply enabled, default none poison disabled, split horizon enabled, trigg enabled, mcast enabled, metric 1 auth none, key none G8332 Command Reference for ENOS 8.4...
IPv6 Routing Table Information The following command displays IPv6 routing information: show ipv6 route Command mode: All IPv6 Routing Table 3 entries Codes : C Connected, S Static O OSPF S ::/0 [1/20] via 2001:2:3:4::1, Interface 2 C 2001:2:3:4::/64 [1/1] via ::, Interface 2 C fe80::20f:6aff:feec:f701/128 [1/1] Note that the first number inside the brackets represents the metric and the second number represents the preference for the route. G8332 Command Reference for ENOS 8.4...
IPv6 Neighbor Discovery Prefix Information The following command displays a summary of IPv6 Neighbor Discovery prefix information: show ipv6 prefix Command mode: All Codes: A Address , P PrefixAdvertisement D Default , N Not Advertised [L] Onlink Flag is set [A] Autonomous Flag is set AD 10:: 64 [LA] Valid lifetime 2592000 , Preferred lifetime 604800 P 20:: 64 [LA] Valid lifetime 200 , Preferred lifetime 100 Neighbor Discovery prefix information includes information about all configured prefixes. The following command displays IPv6 Neighbor Discovery prefix information for an interface: show ipv6 prefix interface <interface number> Command mode: All G8332 Command Reference for ENOS 8.4...
IGMP Information The following commands display IGMP information: Table 52. IGMP Multicast Group Information Commands Command Syntax and Usage show ip igmp Displays the current IGMP configuration parameters. Command mode: All show ip igmp filtering Displays current IGMP Filtering parameters. Command mode: All show ip igmp groups Displays information for all multicast groups. For details, see page 119. Command mode: All show ip igmp groups address <IP address> Displays a single IGMP multicast group by its IP address. Command mode: All show ip igmp groups detail <IP address> Displays details about an IGMP multicast group, including source and timer information. Command mode: All show ip igmp groups interface port <port alias or number> Displays all IGMP multicast groups on a single port. Command mode: All show ip igmp groups portchannel <1‐208> Displays all IGMP multicast groups on a single Link Aggregation Group (LAG). Command mode: All show ip igmp groups vlan <VLAN ID (1‐4094)> Displays all IGMP multicast groups on a single VLAN. Command mode: All show ip igmp ipmcgrp Displays information for all IPMC groups. For details, see page 120. Command mode: All G8332 Command Reference for ENOS 8.4...
IGMP Querier Information The following command displays IGMP Querier information for a particular VLAN: show ip igmp querier vlan <VLAN ID (1‐4094)> Command mode: All Current IGMP Querier information: IGMP Querier information for vlan 1: Other IGMP querier none Switchquerier enabled, current state: Querier Switchquerier type: Ipv4, address 1.1.1.1, Switchquerier general query interval: 125 secs, Switchquerier maxresponse interval: 100 'tenths of secs', Switchquerier startup interval: 31 secs, count: 2 Switchquerier robustness: 2 IGMP configured version is v3 IGMP Operating version is v3 IGMP Querier information includes: VLAN number Querier status Other IGMP querier—none IGMP querier present, address: (IP or MAC address) Other IGMP querier present, interval (minutes:seconds) Querier election type (IPv4 or MAC) and address Query interval Querier startup interval Maximum query response interval Querier robustness value IGMP version number G8332 Command Reference for ENOS 8.4...
IPMC Group Information The following command displays IGMP IPMC group information: show ip igmp ipmcgrp Command mode: All Total number of displayed ipmc groups: 4 Legend(possible values in Type column): SH static host DR dynamic registered SP static primary DU dynamic unregistered SB static backup M mrouter O other Source Group Vlan Port Type Timeleft =============== =============== ==== ============ ==== ========== * 232.0.0.1 1 DU 6 sec * 232.0.0.2 1 DU 6 sec * 232.0.0.3 1 DU 6 sec * 232.0.0.4 1 DU 6 sec IGMP IPMC Group information includes: IGMP source address IGMP group address VLAN and port Type of IPMC group Expiration timer value G8332 Command Reference for ENOS 8.4...
Page 122
MLD Mrouter Information The following command displays MLD Mrouter information: show ipv6 mld mrouter Command mode: All Source: fe80:0:0:0:200:14ff:fea8:40c9 Port/Vlan: 26/4 Interface: 3 QRV: 2 QQIC:125 Maximum Response Delay: 1000 Version: MLDv2 Expires:1:02 The following table describes the MLD Mrouter information displayed in the output. Table 54. MLD Mrouter Statistic Description Source Displays the link‐local address of the reporter. Port/Vlan Displays the port/vlan on which the general query is received. Interface Displays the interface number on which the general query is received. Displays the Querier’s robustness variable value. QQIC Displays the Querier’s query interval code. Maximum Response Displays the configured maximum query response time. Delay Version Displays the MLD version configured on the interface. Expires Displays the amount of time that must pass before the multicast router decides that there are no more listeners for a multicast address or a particular source on a link. G8332 Command Reference for ENOS 8.4...
Page 124
The following command displays VRRP information: show ip vrrp information Command mode: All VRRP information: 1: vrid 2, 205.178.18.210, if 1, renter, prio 100, master 2: vrid 1, 205.178.18.202, if 1, renter, prio 100, backup 3: vrid 3, 205.178.18.204, if 1, renter, prio 100, master When virtual routers are configured, you can view the status of each virtual router using this command. VRRP information includes: Virtual router number Virtual router ID and IP address Interface number Ownership status owner identifies the preferred master virtual router. A virtual router is the owner when the IP address of the virtual router and its IP interface are the same. renter identifies virtual routers which are not owned by this device. Priority value. During the election process, the virtual router with the highest priority becomes master. Activity status master identifies the elected master virtual router. backup identifies that the virtual router is in backup mode. init identifies that the virtual router is waiting for a startup event. For example, once it receives a startup event, it transitions to master if its ...
IPv6 Interface Information The following command displays IPv6 interface information: show ipv6 interface <interface number> Command mode: All Interface information: 2: IP6 2001:0:0:0:225:3ff:febb:bb15/64 , vlan 1, up fe80::225:3ff:febb:bb15 Link local address: fe80::225:3ff:febb:bb15 Global unicast address(es): 2001::225:3ff:febb:bb15/64 Anycast address(es): Not Configured. Joined group address(es): ff02::1 ff02::2 ff02::1:ffbb:bb15 MTU is 1500 ICMP redirects are enabled ND DAD is enabled, Number of DAD attempts: 1 ND router advertisement is disabled For each interface, the following information is displayed: IPv6 interface address and prefix VLAN assignment Status (up, down or disabled) Path MTU size Status of ICMP redirects Status of Neighbor Discovery (ND) Duplicate Address Detection (DAD) Status of Neighbor Discovery router advertisements G8332 Command Reference for ENOS 8.4...
IP Information The following command displays Layer 3 information: show ip interface brief Command mode: All IP information: AS number 0 Interface information: 128: IP4 10.241.39.14 255.255.255.128 10.241.39.127, vlan 4095, up Loopback interface information: Default gateway information: metric strict 4: 10.241.39.1, up active Default IP6 gateway information: ECMP Hash Mechanism: dipsip Current BOOTP relay settings: OFF Global servers: Server 1 address 0.0.0.0 Server 2 address 0.0.0.0 Server 3 address 0.0.0.0 Server 4 address 0.0.0.0 Server 5 address 0.0.0.0 Current BOOTP relay option82 settings: OFF Current BOOTP relay option82 policy: Replace Current DHCP Snooping settings: Off DHCP Snooping is configured on the following VLANs: empty Insertion of option 82 information is Disable Interface Trusted Rate limit (pps) 1 No none 2 No none 3/1 No none 3/2 No none 3/3 No none 3/4 No none 4 No none ... 31 No none 32 No none MGT No none Current IP forwarding settings: ON, dirbr disabled, noicmprd disabled, ...
IKEv2 Information The following table lists commands that display information about IKEv2. Table 56. IKEv2 Information Commands Command Syntax and Usage show ikev2 Displays all IKEv2 information. See page 131 for sample output. Command mode: All show ikev2 cacert Displays the CA certificate. Command mode: All show ikev2 hostcert Displays the host certificate. Command mode: All show ikev2 identity Displays IKEv2 identity information. Command mode: All show ikev2 presharekey Displays the IKEv2 preshare key. Command mode: All show ikev2 proposal Displays the IKEv2 proposal. Command mode: All show ikev2 retransmitinterval Displays the IKEv2 retransmit interval. Command mode: All show ikev2 sa Displays the IKEv2 SA. Command mode: All G8332 Command Reference for ENOS 8.4...
IP Security Information The following table describes the commands used to display information about IP security. Table 57. IPsec Information Commands Command Syntax and Usage show ipsec dynamicpolicy [<1‐10>] Displays dynamic policy information. Command mode: All show ipsec manualpolicy [<1‐10>] Displays manual policy information. See page 133 for sample output. Command mode: All show ipsec sa Displays all security association information. Command mode: All show ipsec spd Displays all security policy information. Command mode: All show ipsec trafficselector [<1‐10>] Displays IPsec traffic selector information. Command mode: All show ipsec transformset [<1‐10>] Displays IPsec transform set information. Command mode: All G8332 Command Reference for ENOS 8.4...
DHCP Snooping Information The following command displays DHCP Snooping information: show ip dhcp snooping Command mode: All DHCP Snooping is configured on the following VLANs: empty Insertion of option 82 information is Disable Interface Trusted Rate limit (pps) 1 No none 5 No none 6 No none 7 No none 8 No none 9 No none 10 No none 11 No none 12 No none 13 No none 14 No none 15 No none The following command displays the DHCP binding table: show ip dhcp snooping binding Command mode: All Mac Address IP Address Lease(seconds) Type VLAN Interface 00:00:01:00:02:01 10.0.0.1 1600 dynamic 100 port 1 02:1c:5f:d1:18:9c 210.38.197.63 86337 Static 127 1 06:51:4d:e6:16:2d 194.116.155.190 86337 Static 105 1 08:69:0f:1d:ba:3d 40.90.17.26 86337 Static 150 1 08:a2:6d:00:36:56 40.194.18.213 86337 Static 108 1 0e:a7:f8:a2:74:2c 130.254.47.129 86337 Static 171 1 0e:b7:64:02:97:7c 35.92.27.110 86337 Static 249 1 Total number of bindings: 7 The DHCP Snooping binding table displays information for each entry in the table. Each entry has a MAC address, an IP address, the lease time, the interface to which the entry applies and the VLAN to which the interface belongs. G8332 Command Reference for ENOS 8.4...
PIM Component Information The following command displays Protocol Independent Multicast (PIM) component information: show ip pim component [<component ID (1‐2)>] Command mode: All PIM Component Information ComponentId: 1 PIM Mode: sparse, PIM Version: 2 Elected BSR: 0.0.0.0 Candidate RP Holdtime: 0 PIM component information includes the following: Component ID Mode (sparse, dense) PIM Version Elected Bootstrap Router (BSR) address Candidate Rendezvous Point (RP) hold time, in seconds PIM Interface Information The following command displays information about PIM interfaces: show ip pim interface Command mode: All Address IfName/IfId Ver/Mode Nbr Qry DRAddress DRPrio Count Interval 40.0.0.3 net4/4 2/Sparse 1 30 40.0.0.3 1 50.0.0.3 net5/5 2/Sparse 0 30 50.0.0.3 1 PIM interface information includes the following for each PIM interface: IP address ...
PIM Multicast Route Information Commands The following commands display PIM Multicast Route information: Table 59. PIM Multicast Route Information Options Command Syntax and Usage show ip pim mroute Displays information about all PIM multicast routes. Command mode: All show ip pim mroute [<component ID (1‐2)>] Displays PIM multicast routes for the selected component. Command mode: All show ip pim mroute count Displays a count of PIM multicast routes of each type. Command mode: All show ip pim mroute flags [s] [r] [w] Displays PIM multicast routes based on the selected entry flags. Enter flags in any combination: s: Shortest Path Tree (SPT) bit r: Rendezvous Point Tree (RPT) bit w: Wildcard bit Command mode: All show ip pim mroute group <multicast group IP address> Displays PIM multicast routes for the selected multicast group. Command mode: All show ip pim mroute interface {<interface number>|port <port alias or number>} Displays PIM multicast routes for the selected incoming IP interface. Command mode: All show ip pim mroute source <multicast source IP address> Displays PIM multicast routes for the selected source IP address.
Quality of Service Information The following commands display QoS information: Table 60. QoS information Options Command Syntax and Usage show qos protocolpacketcontrol information queue [all] Displays the packet rate configured for each configurable packet queue. The all option also displays the packet rate configured for each reserved packet queue. Command mode: All show qos protocolpacketcontrol information protocol Displays of mapping of protocol packet types to each packet queue number. The status indicates whether the protocol is running or not running. Command mode: All show qos randomdetect Displays WRED and ECN information. For details, see page 142. Command mode: All show qos transmitqueue Displays the current 802.1p parameters. Command mode: All show qos transmitqueue information Displays all 802.1p information. For details, see page 141. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 144
Access Control List Information The following commands display IPv4 Access Control List (ACL) information: Table 64. IPv4 Access Control List Information Commands Command Syntax and Usage show accesscontrol list [<1‐256>] Displays ACL list information. To view sample output, see page 145. Command mode: All show accesscontrol list <1‐256> ethernet Displays the current Ethernet parameters for the specified ACL. Command mode: All show accesscontrol list <1‐256> ipv4 Displays the current IPv4 parameters for the specified ACL. Command mode: All show accesscontrol list <1‐256> log Displays the current IPv4 ACL log state. Command mode: All show accesscontrol list <1‐256> meter Displays the current metering parameters for the specified ACL. Command mode: All show accesscontrol list <1‐256> mirror Displays the current port mirroring parameters for the specified ACL. Command mode: All show accesscontrol list <1‐256> packetformat Displays the current Packet Format parameters for the specified ACL. Command mode: All show accesscontrol list <1‐256> remark Displays the current re‐mark parameters for the specified ACL. Command mode: All show accesscontrol list <1‐256> tcpudp Displays the current TCP/UDP Filtering parameters for the specified ACL. Command mode: All show accesscontrol list <1‐256> vxlan Displays the current VxLAN Filtering parameters for the specified ACL. To ...
Table 65. ACL List Parameter Descriptions Parameter Description Re‐Mark Displays the ACL re‐mark parameters. Packet Format Displays the ACL Packet Format parameters, if configured. Actions Displays the configured action for the ACL. Statistics Displays status of ACL statistics (enabled or disabled). Mirror Target Displays ACL port mirroring parameters. Configuration Filter x profile Indicates the ACL number. Access Control List VxLAN Information The following command displays Access Control List (ACL) Virtual Extensible LAN (VxLAN) information: show accesscontrol list <1‐256> vxlan Command mode: All VXLAN VNID : 100 Access Control IPv6 List Information The following commands display IPv6 Access Control List (ACL) information: Table 66. IPv6 Access Control List Information Commands Command Syntax and Usage show accesscontrol list6 [<1‐128>] Displays the current ACL parameters.
NAT Information The following commands display information about Network Address Translation (NAT) settings. Table 67. NAT Information Options Command Syntax and Usage show ip nat Displays NAT status information. Command mode: Privileged EXEC show ip nat translations Displays configured translation entries list. For more information, see page page 149. Command mode: Privileged EXEC show ip nat translations full Displays configured translation entries list with counters for both directions. For more information, see page page 149. Command mode: Privileged EXEC NAT Status Information The following command displays current NAT information: show ip nat Command mode: Privileged EXEC Network address translation status: ENABLED. Dynamic timeout expiry time is 300 seconds. There are 5 entries in the NAT table, out of which 3 installed in hardware table 1 not installed because of missing egress 0 dynamically learned entries 5 statically configured entries 0 software only entries There are 0 configured dynamic rules. Following vlans are configured as inside: 1 Following vlans are configured as outside: 2 G8332 Command Reference for ENOS 8.4...
OpenFlow Information The following commands display OpenFlow information. Table 68. OpenFlow Information Options Command Syntax and Usage show openflow [flowallocation|group|information|table] Displays the current OpenFlow configuration. For more information, see page 151. flowallocation displays the configured, current and maximum number of flows for all OpenFlow instances. For more information, see page 153. group displays group information for all OpenFlow 1.3 instances. For more information, see page 155. information displays the configuration for all OpenFlow instances. For more information, see page 156. table displays the basic and emergency flow tables for all OpenFlow instances. For more information, see page 158. Command mode: All show openflow instance <1‐2> [group|information|table] Displays OpenFlow information for the specified instance ID: group displays group information per instance information displays the instance configuration table displays the basic and emergency flow tables per instance Command mode: All G8332 Command Reference for ENOS 8.4...
Page 152
In OpenFlow 1.3: Protocol Version: 1.3.1 Openflow State: Enabled FDB Table Priority: 1000 MPLS Table Priority: 65535 FDB Table FDBtimeout: 120 Openflow Instance ID: 1 state: enabled , buffering: disabled , tablemiss: drop echo req interval 30, echo reply timeout 15, retry 4 minflowtimeout : use controller provided values. max flows acl : Maximum Available max flows unicast fdb : Maximum Available max flows multicast fdb : Maximum Available max flows mpls push : Maximum Available max flows mpls pop : Maximum Available dpid: 0x000000000000ac01 tablemiss cookie: 0xffffffffffffffff mirrortocontroller cookie: 0xffffffffffffffff sendtocontroller cookie: 0xffffffffffffffff ports : 18,64 portchannel: 65,66 Controller Id: 1 Active Controller IP Address: 9.228.143.62, port: 6633, MgtPort Openflow Instance ID: 2 state: disabled , buffering: disabled , tablemiss: drop echo req interval 30, echo reply timeout 15, retry 4 minflowtimeout : use controller provided values. max flows acl : Maximum Available max flows unicast fdb : Maximum Available max flows multicast fdb : Maximum Available max flows mpls push : Maximum Available max flows mpls pop : Maximum Available dpid: 0x0002fccf629d9c00 tablemiss cookie: 0xffffffffffffffff mirrortocontroller cookie: 0xffffffffffffffff sendtocontroller cookie: 0xffffffffffffffff G8332 Command Reference for ENOS 8.4...
Page 154
In OpenFlow 1.3: Flow Allocation Information Instance 1 Maximum ACL Count Configured : Maximum Available Maximum Unicast FDB Count Configured : Maximum Available Maximum Multicast FDB Count Configured: Maximum Available Maximum MPLS PUSH Count Configured : Maximum Available Maximum MPLS POP Count Configured : Maximum Available Basic Entries Current ACL Count : 0 Current Unicast FDB Count : 0 Current Multicast FDB Count : 0 Current MPLS PUSH Count : 0 Current MPLS POP Count : 0 Static Entries Current static ACL Count : 0 Current static MPLS PUSH Count : 0 Current static MPLS POP Count : 0 Maximum Current Availability Maximum Available ACL Count : 1500 Maximum Available Unicast FDB Count : 123904 Maximum Available Multicast FDB Count : 4096 Maximum Available MPLS PUSH Count : 2000 Maximum Available MPLS POP Count : 1000 Instance 2 G8332 Command Reference for ENOS 8.4...
OpenFlow Configuration Information The following command displays the OpenFlow configuration for all instances: show openflow information Command mode: All In OpenFlow 1.0: Openflow feature is Enabled Openflow instance 1 is currently disabled Openflow Instance ID: 2 State : Enabled DataPath ID: 0x0002749975ab5c00 Max Retries per controller: 4 Echo Request Interval: 30 Echo Reply Timeout: 15 Emergency Timeout: 30 Minflowtimeout : 0, use controller provided values. Max ACL Flows: Maximum Available Max Unicast FDB Flows: Maximum Available Max Multicast FDB Flows: Maximum Available Buffering: Disabled Operational Mode: Normal Miss Send Len: 65535 Port Alias Status State Config Current Advertised Supported Peer 18 18 e 0x200 0x2 0xc0 0x0 0x0 0x0 19 19 e 0x200 0x2 0xc0 0x0 0x0 0x0 24 24 d 0x201 0x2 0xc0 0x0 0x0 0x0 86 23/1 d 0x201 0x2 0x0 0x0 0x0 0x0 87 23/2 d 0x201 0x2 0x0 0x0 0x0 0x0 88 23/3 d 0x201 0x2 0x0 0x0 0x0 0x0 89 23/4 d 0x201 0x2 0x0 0x0 0x0 0x0 Number of Ports: 7 Configured Controllers: Openflow Controller 1: IP Address: 9.70.31.71 Port: 6633 State: Active Retry Count: 0 G8332 Command Reference for ENOS 8.4...
RMON Information Commands The following table describes the Remote Monitoring (RMON) Information commands. Table 69. RMON Information Options Command Syntax and Usage show rmon Displays all RMON information. Command mode: All show rmon alarm [<1‐65535>] Displays RMON Alarm information. For details, see page 162. Command mode: All show rmon event [<1‐65535>] Displays RMON Event information. For details, see page 163. Command mode: All show rmon history [<1‐65535>] Displays RMON History information. For details, see page 161. Command mode: All G8332 Command Reference for ENOS 8.4...
RMON Alarm Information The following command displays RMON alarm information: show rmon alarm Command mode: All RMON Alarm group configuration: Index Interval Sample Type rLimit fLimit last value 1 1800 abs either 0 0 7822 Index rEvtIdx fEvtIdx OID 1 0 0 1.3.6.1.2.1.2.2.1.10.1 Index Owner 1 dan The following table describes the RMON Alarm Information parameters. Table 71. RMON Alarm Parameter Descriptions Parameter Description Index Displays the index number that identifies each alarm instance. Interval Displays the time interval over which data is sampled and compared with the rising and falling thresholds. Sample Displays the method of sampling the selected variable and calculating the value to be compared against the thresholds, as follows: abs — absolute value, the value of the selected variable is compared directly with the thresholds at the end of the sampling interval. delta — delta value, the value of the selected variable at the last sample is subtracted from the current value, and the difference compared with the thresholds. Type Displays the type of alarm, as follows: falling — alarm is triggered when a falling threshold is ...
Link Status Information The following command displays link information: show interface status [<port alias or number>] Command mode: All Port Speed Duplex Flow Ctrl Link Description TXRX 1 40000 full no no down 1 2/1 10000 full no no down 2/1 2/2 10000 full no no down 2/2 2/3 10000 full no no up 2/3 2/4 10000 full no no up 2/4 3/1 10000 full no no up 3/1 3/2 10000 full no no up 3/2 3/3 10000 full no no down 3/3 3/4 10000 full no no down 3/4 4/1 10000 full no no down 4/1 4/2 10000 full no no down 4/2 4/3 10000 full no no down 4/3 4/4 10000 full no no down 4/4 5 40000 full no no down 5 6 40000 full no no down 6 Use this command to display link status information about each port on the G8332, including: Port alias or port number Port description Port speed and Duplex mode (half, full or any) Flow control for transmit and receive (no, yes or both) Link status (up, down or disabled) G8332 Command Reference for ENOS 8.4...
VM Ready Information Commands The following command display information about the VMReady feature. Table 73. VMReady Information Options Command Syntax and Usage show virt Displays the current virtualization parameters. For a sample output, see page 170. Command mode: All show virt oui Displays all the configured MAC OUIs. For a sample output, see page 170. Command mode: All show virt port <port alias or number> Displays Virtual Machine information for the selected port. For a sample output, see page 171. Note: The selected port must be a server port. Command mode: All show virt portchannel <1‐208> Displays Virtual Machine information for the selected portchannel. For a sample output, see page 171. Command mode: All show virt vm [v [r]] Displays all Virtual Machine information. v displays verbose information r rescans data center For more details, see page 172. Command mode: All show virt vmcheck Displays the current VM Check settings. For a sample output, see page...
VMReady Information The following command displays the current virtualization options: show virt Command mode: All VMready is currently enabled Current Hello setting: disabled Current VMwarespecific settings ESX/ESXitovCenter heartbeat UDP port number: 902 Current VM profiles: None VM group 1 current configuration:Current VM group's secure mode: Disabled Current Group Ports: 13 17 Current Group vPorts: : empty VLAN: 2 VLAN Tagging: Disabled Current GROUP VMAP Config is empty VM group 2 current configuration: empty VM OUI Information The following command displays all the configured MAC OUIs: show virt oui Command mode: All VM MAC OUI Vendor Name 00:50:56 VMware 00:0c:29 VMware 00:05:69 VMware 00:0f:4b VirtualIron 00:03:ff Microsoft 00:15:5d Microsoft 00:1c:42 Parallels 00:16:3e Xen 00:80:27 Sun Number of MAC OUI entries: 9 G8332 Command Reference for ENOS 8.4...
VM Information The following command displays VM information: show virt vm Command mode: All IP Address VMAC Address Index Port VM Group(Profile) Check Status *127.31.46.50 00:50:56:4e:62:f5 4 3 *127.31.46.10 00:50:56:4f:f2:85 2 4 +127.31.46.51 00:50:56:72:ec:86 1 3 +127.31.46.11 00:50:56:7c:1c:ca 3 4 127.31.46.25 00:50:56:9c:00:c8 5 4 127.31.46.15 00:50:56:9c:21:2f 0 4 127.31.46.35 00:50:56:9c:29:29 6 3 Number of entries: 7 * indicates VMware ESX Service Console Interface + indicates VMware ESX/ESXi VMKernel or Management Interface VM information includes the following for each Virtual Machine (VM): State of the Virtual Machine (~ indicates the VM is inactive/idle) IP address MAC address Index number assigned to the VM Server port on which the VM was detected VM group that contains the VM, if applicable VM Check status for the corresponding VM VM Check Information The following command displays VM Check information: show virt vmcheck Command mode: All Action to take for spoofed VMs: Basic: Oper disable the link Advanced: Install ACL to drop traffic Maximum number of acls that can be used for mac spoofing: 50 Trusted ports by configuration: empty...
VMware Information Use these commands to display information about Virtual Machines (VMs) and VMware hosts in the data center. These commands require the presence of a configured Virtual Center. Table 74. VMware Information Options Command Syntax and Usage show virt vmware hello Displays Virtual Machine hello settings. For a sample output, see page 175. Command mode: All show virt vmware hosts Displays a list of VMware hosts. For a sample output, see page 175. Command mode: All show virt vmware showhost {<host UUID>|<host IP address>|<host name>} Displays detailed information about a specific VMware host. For a sample output, see page 176. Command mode: All show virt vmware showvm {<VM UUID>|<VM IP address>|<VM name>} Displays detailed information about a specific Virtual Machine (VM). For a sample output, see page 177. Command mode: All show virt vmware switchportmapping Displays ESX Server ‐ switchport mapping. For a sample output, see page 177. Command mode: All show virt vmware vms Displays the UUIDs and the names of all VMware VMs. For a sample output, see page 177. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 176
The following command displays information for a specific VM host: show virt vmware showhost {<host UUID>|<host IP address>|<host name>} Command mode: All Vswitches available on the host: vSwitch0 vSwitch1 Host physical nics: Device vSwitch MAC Address vmnic0 None 5c:f3:fc:49:f0:e4 vmnic1 vSwitch0 5c:f3:fc:49:f0:e6 vmnic2 None 00:00:c9:da:f5:d8 vmnic3 vSwitch1 00:00:c9:da:f5:dc vusb0 None 5e:f3:fc:4f:f0:e7 Port Groups and their vSwitches on the host: Lenovo_test vSwitch0 VM Network vSwitch0 Management Network vSwitch0 Lenovo_Default vSwitch1 Lenovo_test30 vSwitch1 Lenovo_test40 vSwitch1 VM Network 2 vSwitch1 Lenovo_test50 vSwitch1 Lenovo_unu vSwitch1 Detailed information about host and VM interfaces on this hypervisor: MAC Address 5c:f3:fc:49:f0:e6 Port N/A Type VM Kernel IP Address 10.241.32.131 Host Name 10.241.32.131 Host UUID cab9df068fd73ecfa4baf373ed60ad9d vSwitch vSwitch0 Port Group Management Network VLAN ID 0 G8332 Command Reference for ENOS 8.4...
EVB Information The following commands display Edge Virtual Bridge (EVB) Virtual Station Interface (VDP) discovery and configuration information. Table 75. EVB Information Options Command Syntax and Usage show virt evb profile Displays all EVB profile parameters. Command mode: All show virt evb profile <profile number> [ports] Displays the selected EVB profile parameters. It can include ports. Command mode: All show virt evb profile ports Displays all EVB profile parameters including ports. Command mode: All show virt evb vdp tlv Displays all active Virtual Station Interface (VSI) Discovery and Configuration Protocol (VDP) type‐length‐values (TLVs). Command mode: All show virt evb vdp vm Displays all associated Virtual Machines (VMs). For a sample output, see page 180. Command mode: All show virt evb vsidb <VSI database number (1)> Displays Virtual Station Interface database information. Command mode: All show virt evb vsitypes [mgrid <0‐255>|typeid <1‐16777215>| |version <0‐255>] Displays the current Virtual Station Interface Type database parameters. For a sample output, see page 179. Command mode: All G8332 Command Reference for ENOS 8.4...
VXLAN Gateway Datapath Information The following command displays VXLAN Gateway datapath information: show nwv nsxgw datapath Command mode: All VNID: 5001 Virtual Ports towards the Underlay Network: Local IP Address Port VLAN TAG 192.168.200.30 7/1 981 Y Unicast Virtual Ports towards the Overlay Network: Local IP Address Remote IP Address Port VLAN 192.168.200.30 192.168.200.11 6/1 18 192.168.200.30 192.168.200.12 6/2 18 Multicast Virtual Ports towards the Overlay Network: Local IP Address Remote IP Address Port VLAN 192.168.200.30 192.168.200.11 6/1 18 192.168.200.30 192.168.200.12 6/2 18 VNID: 5002 Virtual Ports towards the Underlay Network: Local IP Address Port VLAN TAG 192.168.200.30 7/1 329 Y Unicast Virtual Ports towards the Overlay Network: Local IP Address Remote IP Address Port VLAN 192.168.200.30 192.168.200.11 6/1 18 192.168.200.30 192.168.200.12 6/2 18 Multicast Virtual Ports towards the Overlay Network: Local IP Address Remote IP Address Port VLAN 192.168.200.30 192.168.200.11 6/1 18 192.168.200.30 192.168.200.12 6/2 18 G8332 Command Reference for ENOS 8.4...
DCBX Information The following table describes the Data Center Bridging Capability Exchange (DCBX) protocol information options. Table 78. DCBX Information Options Command Syntax and Usage show cee information dcbx port <port alias or number> Displays all DCBX information for the specified port or range of ports. Command mode: All show cee information dcbx port <port alias or number> app_proto Displays information about the DCBX Application Protocol state machine on the specified port or range of ports. For details, see page 195. Command mode: All show cee information dcbx port <port alias or number> control Displays information about the DCBX Control state machine for the specified port or range of ports. For details, see page 189. Command mode: All show cee information dcbx port <port alias or number> ets Displays information about the DCBX ETS state machine for the specified port or range of ports. For details, see page 192. Command mode: All show cee information dcbx port <port alias or number> feature Displays information about the DCBX Feature state machine for the specified port or range of ports. For details, see page 190. Command mode: All show cee information dcbx port <port alias or number> pfc Displays information about the DCBX PFC state machine for the specified port or range of ports. For details, see page 194. Command mode: All G8332 Command Reference for ENOS 8.4...
DCBX Feature Information The following command displays DCBX Feature information: show cee information dcbx port <port alias or number> feature Command mode: All DCBX Port Feature Statemachine Info ============================================================================ Port Type AdmState Will Advrt OpVer MxVer PrWill SeqNo Err OperMode Syncd 1 ETS enabled No Yes 0 0 No 1 No disabled No 1 PFC enabled No Yes 0 0 No 1 No disabled No 1 AppProt enabled No Yes 0 0 No 1 No disabled No 2 ETS enabled No Yes 0 0 No 1 No disabled No 2 PFC enabled No Yes 0 0 No 1 No disabled No 2 AppProt enabled No Yes 0 0 No 1 No disabled No 3 ETS enabled No Yes 0 0 No 1 No disabled No 3 PFC enabled No Yes 0 0 No 1 No disabled No 3 AppProt enabled No Yes 0 0 No 1 No disabled No 4 ETS enabled No Yes 0 0 Yes 2 No enabled Yes 4 PFC enabled No Yes 0 0 Yes 2 No enabled Yes 4 AppProt enabled No Yes 0 0 Yes 2 No enabled Yes 5 ETS enabled No Yes 0 0 No 1 No disabled No 5 PFC enabled No Yes 0 0 No 1 No disabled No 5 AppProt enabled No Yes 0 0 No 1 No disabled No The following table describes the DCBX Feature information. Table 79. DCBX Feature Information Fields Parameter Description Port Displays each port’s number. Type Feature type AdmState Feature status (Enabled or Disabled) Will Willing flag status (Yes/True or No/Untrue) Advrt Advertisement flag status (Yes/True or No/Untrue) OpVer Operating version negotiated with the peer device ...
Page 196
The following table describes the DCBX Application Protocol information. Table 81. DCBX Application Protocol Information Fields Parameter Description Protocol ID Identifies the supported Application Protocol. Selector Field Specifies the Application Protocol type, as follows: 0 = Ethernet Type 1 = TCP socket ID Organizationally Unique DCBX TLV identifier Port Port number Priority 802.1p value EnableDesr Status configured on this switch EnableOper Status negotiated with the peer (operating status) EnablePeer Status configured on the peer G8332 Command Reference for ENOS 8.4...
PFC Information The following table describes the Priority Flow Control (PFC) information options. Table 83. PFC Information Options Command Syntax and Usage show cee port <port alias or number> pfc Displays PFC information. Command mode: All show cee port <port alias or number> pfc information Displays PFC information. Command mode: All show cee port <port alias or number> pfc priority <0‐7> Displays PFC information. Command mode: All The following command displays PFC information: show cee port <port alias or number> pfc information Command mode: All PFC information for Port 1: PFC ON Priority State Description 0 Dis 1 Dis 2 Dis 3 Ena 4 Dis 5 Dis 6 Dis 7 Dis State indicates whether PFC is Enabled/Disabled on a particular priority G8332 Command Reference for ENOS 8.4...
FIP Snooping FCoE Forwarder Information The following command shows FCoE forwarder (FCF) information that has been learned (detected) by the switch: show fcoe fips fcf Command mode: All Total number of FCFs detected: 0 The following command displays FIP Snooping information for the selected port: show fcoe fips port <port alias or number> information Command mode: All FIP Snooping on port INT2: This port has been configured to automatically detect FCF. It has currently detected to have 0 FCF connecting to it. FIPS ACLs configured on this port: SMAC 00:c0:dd:13:9b:6f, action deny. SMAC 00:c0:dd:13:9b:70, action deny. SMAC 00:c0:dd:13:9b:6d, action deny. SMAC 00:c0:dd:13:9b:6e, action deny. DMAC 00:c0:dd:13:9b:6f, ethertype 0x8914, action permit. DMAC 00:c0:dd:13:9b:70, ethertype 0x8914, action permit. DMAC 00:c0:dd:13:9b:6d, ethertype 0x8914, action permit. DMAC 00:c0:dd:13:9b:6e, ethertype 0x8914, action permit. SMAC 0e:fc:00:01:0a:00, DMAC 00:c0:dd:13:9b:6d, ethertype 0x8906, vlan 1002, action permit. DMAC 01:10:18:01:00:01, Ethertype 0x8914, action permit. DMAC 01:10:18:01:00:02, Ethertype 0x8914, action permit. Ethertype 0x8914, action deny. Ethertype 0x8906, action deny. SMAC 0e:fc:00:00:00:00, SMAC mask ff:ff:ff:00:00:00, action deny. FIP Snooping port information includes the following: Fibre Channel Forwarding (FCF) mode Number of FCF links connected to the port List of FIP Snooping ACLs assigned to the port G8332 Command Reference for ENOS 8.4...
Page 202
Table 85. Fibre Channel Information Commands Command Syntax and Usage show fdmi database vlan <VLAN ID (2‐4094)> [all] Displays FDMI database information specific to a VLAN. For details, see page 204. Command mode: All show fdmi ports vlan <VLAN ID (2‐4094)> pwwn <port World Wide Name (WWN)> Displays FDMI ports information. Command mode: All show flogi database Displays fabric login database information. For details, see page 203. Command mode: All show flogi database vlan <VLAN ID (2‐4094)> Displays fabric login database information specific to a VLAN. Command mode: All show rscn scrtable vlan <VLAN ID (2‐4094)> Displays RSCN information. For details, see page 205. Command mode: All show zone name <zone name> vlan <VLAN ID (2‐4094)> Displays information for the specified zone. Command mode: All show zone status vlan <VLAN ID (2‐4094)> Displays zone status information. Command mode: All show zone vlan <VLAN ID (2‐4094)> Lists all zones and its members. For details, see page 205.
Fabric Device Management Interface Database Information The following command displays information about the FDMI configuration: show fdmi database vlan <VLAN ID (2‐4094)> all Command mode: All No of records in FDMI DB: 5 Registered HBA List HBAID: 20:01:00:00:00:00:00:00 Node Name :20:00:00:05:1e:78:c2:0e Manufacturer :IBM Serial Number :AUS0402F0B3 Model :IBM1020 Model Description:IBM1020 Hardware Version :RevC Driver Version :2.3.0.0 Firmware Version :2.3.0.0 OS Name/Version :Microsoft Windows Server 2003 R2 | Service Pack 2 CT Payload Len :00000840 Registered HBA List HBAID: 20:01:00:00:00:00:00:01 Node Name :20:00:00:05:1e:78:c2:0e Manufacturer :IBM Serial Number :AUS0402F0B3 Model :IBM1020 Model Description:IBM1020 Hardware Version :RevC Driver Version :2.3.0.0 Firmware Version :2.3.0.0 OS Name/Version :Microsoft Windows Server 2003 R2 | Service Pack 2 CT Payload Len :00000840 G8332 Command Reference for ENOS 8.4...
Information Dump The following command dumps switch information: show informationdump Command mode: All Use the dump command to dump all switch information available (10K or more, depending on your configuration). This data is useful for tuning and debugging switch performance. If you want to capture dump data to a file, set your communication software on your workstation to capture session data prior to issuing the dump commands. G8332 Command Reference for ENOS 8.4...
Port Statistics These commands display traffic statistics on a port‐by‐port basis. Traffic statistics include SNMP Management Information Base (MIB) objects. Table 87. Port Statistics Commands Command Syntax and Usage show interface port <port alias or number> bitrateusage Displays the traffic rate in kilobits per second. Command mode: All show interface port <port alias or number> bridgingcounters Displays bridging (“dot1”) statistics for the port. See page 216 for sample output. Command mode: All show interface port <port alias or number> bridgingrate Displays per‐second bridging (“dot1”) statistics for the port. Command mode: All show interface port <port alias or number> dot1x counters Displays IEEE 802.1X statistics for the port. See page 211 for sample output. Command mode: All show interface port <port alias or number> egressqueuecounters [<queue number (0‐7)>|drop] Displays the total number of packets and bytes either successfully transmitted or dropped for each queue of the specified ports. queue number filters the output to the specified queue number drop lists only the queues with dropped traffic (non‐zero counters for dropped packets/bytes counters) See page 227 for sample output. Command mode: All show interface port <port alias or number> egressqueuerate [<queue number (0‐7)>|drop] Displays the number of packets and bytes per second either successfully ...
Page 210
Table 87. Port Statistics Commands (continued) Command Syntax and Usage show ip bootprelay counters interface <port alias or number> Displays BOOTP relay statistics for the port. See page 215 for sample output. Command mode: All clear counters Clears statistics for all ports. Command mode: Privileged EXEC clear interfaces Clears counters for all interfaces and queues. Command mode: Privileged EXEC clear interface port <port alias or number> counters Clears all statistics for the port. Command mode: Privileged EXEC clear interface port <port alias or number> egressqueuecounter Clears all QoS egress counters for the specified ports for all queues. Command mode: Privileged EXEC clear ip bootprelay counters [interface <port alias or number>] Clears BOOTP relay statistics for a specific ports or all ports. Command mode: Privileged EXEC G8332 Command Reference for ENOS 8.4...
802.1X Authenticator Diagnostics Use the following command to display the 802.1X authenticator diagnostics of the selected port: show interface port <port alias or number> dot1x counters Command mode: All Authenticator Diagnostics: authEntersConnecting = 1820 authEapLogoffsWhileConnecting = 0 authEntersAuthenticating = 463 authSuccessesWhileAuthenticating = 5 authTimeoutsWhileAuthenticating = 0 authFailWhileAuthenticating = 458 authReauthsWhileAuthenticating = 0 authEapStartsWhileAuthenticating = 0 authEapLogoffWhileAuthenticating = 0 authReauthsWhileAuthenticated = 3 authEapStartsWhileAuthenticated = 0 authEapLogoffWhileAuthenticated = 0 backendResponses = 923 backendAccessChallenges = 460 backendOtherRequestsToSupplicant = 460 backendNonNakResponsesFromSupplicant = 460 backendAuthSuccesses = 5 backendAuthFails = 458 The following table describes the 802.1X authenticator diagnostics statistics. Table 89. 802.1X Authenticator Diagnostics of a Port Statistics Description authEntersConnecting Total number of times that the state machine transitions to the CONNECTING state from any other state. authEapLogoffsWhileConnecting Total number of times that the state machine transitions from CONNECTING ...
Page 214
Table 89. 802.1X Authenticator Diagnostics of a Port (continued) Statistics Description backendAccessChallenges Total number of times that the state machine receives an initial Access‐Challenge packet from the Authentication server. Indicates that the Authentication Server has communication with the Authenticator. backendOtherRequests Total number of times that the state ToSupplicant machine sends an EAP‐Request packet (other than an Identity, Notification, Failure, or Success message) to the Supplicant. Indicates that the Authenticator chose an EAP‐method. backendNonNakResponses Total number of times that the state FromSupplicant machine receives a response from the Supplicant to an initial EAP‐Request, and the response is something other than EAP‐NAK. Indicates that the Supplicant can respond to the Authenticator.s chosen EAP‐method. backendAuthSuccesses Total number of times that the state machine receives an Accept message from the Authentication Server. Indicates that the Supplicant has successfully authenticated to the Authentication Server. backendAuthFails Total number of times that the state machine receives a Reject message from the Authentication Server. Indicates that the Supplicant has not authenticated to the Authentication Server. ...
Bridging Statistics Use the following command to display the bridging statistics of the selected port: show interface port <port alias or number> bridgingcounters Command mode: All Bridging statistics for port 1: dot1PortInFrames: 63242584 dot1PortOutFrames: 63277826 dot1PortInDiscards: 0 dot1TpLearnedEntryDiscards: 0 dot1StpPortForwardTransitions: 0 The following table describes the bridging statistics. Table 90. Bridging Statistics of a Port Statistics Description dot1PortInFrames The number of frames that have been received by this port from its segment. A frame received on the interface corresponding to this port is only counted by this object if and only if it is for a protocol being processed by the local bridging function, including bridge management frames. dot1PortOutFrames The number of frames that have been transmitted by this port to its segment. Note that a frame transmitted on the interface corresponding to this port is only counted by this object if and only if it is for a protocol being processed by the local bridging function, including bridge management frames. dot1PortInDiscards Count of valid frames received which were discarded (that is, filtered) by the Forwarding Process. dot1TpLearnedEntry The total number of Forwarding Database entries, Discards which have been or would have been learnt, but have been discarded due to a lack of space to store them in the Forwarding Database. If this counter is increasing, it indicates that the Forwarding Database is regularly ...
Page 218
Table 91. Ethernet Statistics of a Port (continued) Statistics Description dot3StatsSingleCollision A count of successfully transmitted frames on a Frames particular interface for which transmission is inhibited by exactly one collision. A frame that is counted by an instance of this object is also counted by the corresponding instance of either the ifOutUcastPkts, ifOutMulticastPkts, or ifOutBroadcastPkts, and is not counted by the corresponding instance of the dot3StatsMultipleCollisionFrame object. dot3StatsMultipleCollision A count of successfully transmitted frames on a Frames particular interface for which transmission is inhibited by more than one collision. A frame that is counted by an instance of this object is also counted by the corresponding instance of either the ifOutUcastPkts, ifOutMulticastPkts, or ifOutBroadcastPkts, and is not counted by the corresponding instance of the dot3StatsSingleCollisionFrames object. dot3StatsLateCollisions The number of times that a collision is detected on a particular interface later than 512 bit‐times into the transmission of a packet. Five hundred and twelve bit‐times corresponds to 51.2 microseconds on a 10 Mbit/s system. A (late) collision included in a count represented by an instance of this object is also considered as a (generic) collision for purposes of other collision‐related statistics. dot3StatsExcessive A count of frames for which transmission on a ...
Interface Statistics Use the following command to display the interface statistics of the selected port: show interface port <port alias or number> interfacecounters Command mode: All Interface statistics for port 1: ifHCIn Counters ifHCOut Counters Octets: 51697080313 51721056808 UcastPkts: 65356399 65385714 BroadcastPkts: 0 6516 MulticastPkts: 0 0 FlowCtrlPkts: 0 0 PriFlowCtrlPkts: 0 0 Discards: 0 0 Errors: 0 21187 Ingress Discard reasons: Egress Discard reasons: VLAN Discards: 0 HOLblocking Discards: 0 Filter Discards: 0 MMU Discards: 0 Policy Discards: 0 Cell Error Discards: 0 NonForwarding State: 0 MMU Aging Discards: 0 IBP/CBP Discards: 0 Other Discards: 0 OBM LP packet discards: 0 OBM HP packet discards: 0 Empty Egress Portmap: 3085 * * Check for "HOLblocking" discards on associated egress ports The following table describes the interface statistics. Table 92. Interface Statistics of a Port Statistics Description ifInOctets The total number of octets received on the interface, including framing characters. ifInUcastPkts The number of packets, delivered by this sub‐layer to a higher sub‐ layer, which were not addressed to a multicast or broadcast address at this sub‐layer. ifInBroadcastPkts The number of packets, delivered by this sub‐layer to a higher sub‐ layer, which were addressed to a broadcast ...
Page 222
Table 92. Interface Statistics of a Port (continued) Statistics Description For packet‐oriented interfaces, the number of outbound ifOutErrors packets that could not be transmitted because of errors. For character‐oriented or fixed‐length interfaces, the number of outbound transmission units that could not be transmitted because of errors. VLAN Discards Discarded because the packet was tagged with a VLAN to which this port is not a member. Filter Discards Dropped by the Content Aware Engine (user‐configured filter). Policy Discards Dropped due to policy setting. For example, due to a user‐configured static entry. Non‐Forwarding State Discarded because the ingress port is not in the forwarding state. IBP/CBP Discards Discarded because of Ingress Back Pressure (flow control), or because the Common Buffer Pool is full (for example, insufficient packet buffering). OBM LP packet Number of low priority packets discarded because of discards oversubscription buffer management. Oversubscription is applicable only for packet size less than 200 bytes. OBM HP packet Number of high priority packets discarded because of discards oversubscription buffer management. Oversubscription is applicable only for packet size less than 200 bytes. HOL‐blocking Dis‐ Discarded because of the Head Of Line (HOL) blocking cards mechanism. Low‐priority packets are placed in a sepa‐...
RMON Statistics Use the following command to display the Remote Monitoring (RMON) statistics of the selected port: show interface port <port alias or number> rmoncounters Command mode: All RMON statistics for port 1: etherStatsDropEvents: NA etherStatsOctets: 538 etherStatsPkts: 4 etherStatsBroadcastPkts: 1 etherStatsMulticastPkts: 3 etherStatsCRCAlignErrors: 0 etherStatsUndersizePkts: 0 etherStatsOversizePkts: 0 etherStatsFragments: 0 etherStatsJabbers: 0 etherStatsCollisions: 0 etherStatsPkts64Octets: 3 etherStatsPkts65to127Octets: 0 etherStatsPkts128to255Octets: 0 etherStatsPkts256to511Octets: 1 etherStatsPkts512to1023Octets: 0 etherStatsPkts1024to1518Octets: 0 The following table describes the RMON statistics. Table 95. RMON Statistics of a Port Statistics Description etherStatsDropEvents The total number of packets received that were dropped because of system resource constraints. etherStatsOctets The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets). etherStatsPkts The total number of packets (including bad ...
Page 226
Table 95. RMON Statistics of a Port (continued) Statistics Description etherStatsPkts128to255Octets The total number of packets (including bad packets) received that were greater than 127 octets in length (excluding framing bits but including FCS octets). etherStatsPkts256to511Octets The total number of packets (including bad packets) received that were greater than 255 octets in length (excluding framing bits but including FCS octets). etherStatsPkts512to1023 The total number of packets (including bad Octets packets) received that were greater than 511 octets in length (excluding framing bits but including FCS octets). etherStatsPkts1024to1518 The total number of packets (including bad Octets packets) received that were greater than 1023 octets in length (excluding framing bits but including FCS octets). G8332 Command Reference for ENOS 8.4...
Layer 2 Statistics The following commands display Layer 2 statistics: Table 99. Layer 2 Statistics Commands Command Syntax and Usage show hotlinks counters Displays Hot Links statistics. See page 235 for sample output. Command mode: All show interface port <port alias or number> lacp counters Displays Link Aggregation Control Protocol (LACP) statistics. See page 234 for sample output. Command mode: All show interface port <port alias or number> lldp counters Displays LLDP statistics. See page 236 for sample output. Command mode: All show macaddresstable counters Displays FDB statistics. See page 233 for sample output. Command mode: All show macaddresstable counters all Displays all FDB statistics for all FDB entries. Command mode: All show macaddresstable counters interface port <port alias or number> Displays FDB statistics for a particular port. Command mode: All show macaddresstable counters portchannel <1‐208> Displays all FDB statistics for a particular Link Aggregation Group (LAG). Command mode: All show macaddresstable counters state {unknown|forward| |trunk} Displays all FDB statistics for a particular state.
LACP Statistics Use the following command to display Link Aggregation Control Protocol (LACP) statistics: show interface port <port alias or number> lacp counters Command mode: All Port 1: Valid LACPDUs received: 870 Valid Marker PDUs received: 0 Valid Marker Rsp PDUs received: 0 Unknown version/TLV type: 0 Illegal subtype received: 0 LACPDUs transmitted: 6031 Marker PDUs transmitted: 0 Marker Rsp PDUs transmitted: 0 Link Aggregation Control Protocol (LACP) statistics are described in the following table: Table 101. LACP Statistics Statistic Description Valid LACPDUs Total number of valid LACP data units received. received Valid Marker PDUs Total number of valid LACP marker data units received. received Valid Marker Rsp Total number of valid LACP marker response data units PDUs received received. Unknown Total number of LACP data units with an unknown version/TLV type version or type, length, and value (TLV) received. Illegal subtype ...
LLDP Port Statistics Use the following command to display statistics: LLDP show interface port <port alias or number> lldp counters Command mode: All LLDP Port 1 Statistics Frames Transmitted : 0 Frames Received : 0 Frames Received in Errors : 0 Frames Discarded : 0 TLVs Unrecognized : 0 Neighbors Aged Out : 0 The following table describes the LLDP port statistics: Table 103. LLDP port Statistics Statistic Description Frames Total number of LLDP frames transmitted. Transmitted Frames Received Total number of LLDP frames received. Frames Received Total number of LLDP frames that had errors. in Errors Frames Total number of LLDP frames discarded. Discarded TLVs Total number of unrecognized TLV (Type, Length, and Unrecognized Value) fields received. Neighbors Aged Total number of neighbor devices that have had their LLDP information aged out. G8332 Command Reference for ENOS 8.4...
OAM Statistics Use the following command to display OAM statistics: show oam counters Command mode: All OAM statistics on port 1 Information OAMPDU Tx : 0 Information OAMPDU Rx : 0 Unsupported OAMPDU Tx : 0 Unsupported OAMPDU Tx : 0 Local faults 0 Link fault records 0 Critical events 0 Dying gasps Remote faults 0 Link fault records 0 Critical events 0 Dying gasps OAM statistics include the following: Total number of OAM Protocol Data Units (OAMPDU) transmitted and received. Total number of unsupported OAM Protocol Data Units (OAMPDU) transmitted and received. Local faults detected. Remote faults detected. G8332 Command Reference for ENOS 8.4...
The following table describes the vLAG statistics: Table 105. VLAG Statistics Statistic Description Role Election Total number of vLAG PDUs sent/received for role elections. System Info Total number of vLAG PDUs sent/received for getting system information. Peer Instance Total number of vLAG PDUs sent/received for enabling Enable peer instance. Peer Instance Total number of vLAG PDUs sent/received for disabling Disable peer instance. FDB Dynamic Add Total number of vLAG PDUs sent/received for addition of FDB dynamic entry. FDB Dynamic Del Total number of vLAG PDUs sent/received for deletion of FDB dynamic entry. FDB Inactive Add Total number of vLAG PDUs sent/received for addition of FDB inactive entry. FDB Inactive Del Total number of vLAG PDUs sent/received for deletion of FDB inactive entry. Health Check Total number of vLAG PDUs sent/received for health checks. ISL Hello Total number of vLAG PDUs sent/received for ISL hello. Other Total number of vLAG PDUs sent/received for other reasons.
Page 242
Table 106. Layer 3 Statistics Commands (continued) Command Syntax and Usage show ip igmp port <port alias or number> counter Displays port IGMP statistics. Command mode: All show ip igmp vlan <VLAN ID (1‐4094)> counter Displays IGMP statistics for a specific VLAN. See page 263 for sample output. Command mode: All show ipv6 mld counters Displays MLD statistics. See page 266 for sample output. Command mode: All show ip nat statistics Displays Network Address Translation (NAT) statistics. Command mode: All show ipv6 neighbors counters Displays IPv6 Neighbor Cache statistics. Command mode: All show ip ospf counters Displays Open Shortest Path First (OSPF) statistics. See page 269 for sample output. Command mode: All show ipv6 ospf counters Displays Open Shortest Path First version 3 (OSPFv3) statistics. See page 274 for sample output. Command mode: All show ip pim counters Displays Protocol Independent Multicast (PIM) statistics for all configured PIM interfaces. See page 279 for sample output. Command mode: All show ip pim interface {<1‐126>|loopback <1‐5>|port <port alias or number>} counters Displays PIM statistics for the selected interface.
Page 248
Table 107. IPv4 Statistics (continued) Statistics Description ipOutRequests The total number of IP datagrams which local IP user‐protocols (including ICMP) supplied to IP in requests for transmission. Note that this counter does not include any datagrams counted in ipForwDatagrams. ipOutDiscards The number of output IP datagrams for which no problem was encountered to prevent their transmission to their destination, but which were discarded (for example, for lack of buffer space). Note that this counter would include datagrams counted in ipForwDatagrams if any such packets met this (discretionary) discard criterion. ipDefaultTTL The default value inserted into the TimeToLive (TTL) field of the IP header of datagrams originated at this entity (the switch), whenever a TTL value is not supplied by the transport layer protocol. G8332 Command Reference for ENOS 8.4...
Page 250
Table 108. IPv6 Statistics (continued) Statistic Description AddrErrors Number of datagrams discarded because the IP address in their IP headerʹs destination field was not a valid address to be received at this entity (the switch). This count includes invalid addresses. For entities which are not IP Gateways and therefore do not forward datagrams, this counter includes datagrams discarded because the destination address was not a local address. FwdDgrams Number of input datagrams for which this entity (the switch) was not their final IP destination, as a result of which an attempt was made to find a route to forward them to that final destination. In entities which do not act as IP Gateways, this counter will include only those packets, which were Source‐Routed via this entity (the switch), and the Source‐ Route option processing was successful. UnknownProtos Number of locally addressed datagrams received successfully but discarded because of an unknown or unsupported protocol. Discards Number of IP datagrams for which no problems were encountered to prevent their continued processing, but which were discarded (for example, for lack of buffer space). Note that this counter does not include any datagrams discarded while awaiting re‐assembly. Delivers Number of datagrams successfully delivered to IP user‐protocols (including ICMP). OutRequests Number of IP datagrams which local IP user‐protocols (including ICMP) supplied to IP in requests for transmission. OutDiscards Number of output IP datagrams for which no problem was encountered to prevent their transmission to their ...
Page 252
Table 109. ICMP Statistics Statistic Description Redirects Number of ICMP Redirect messages received. AdminProhib The number of ICMP destination unreachable/communication administratively prohibited messages received by the interface. ICMPBadCode The number of ICMP Parameter Problem messages received by the interface. Sent ICMPMsgs Number of ICMP messages which this entity (the switch) attempted to send. ICMPErrMsgs Number of ICMP messages which this entity (the switch) did not send due to problems discovered within ICMP such as a lack of buffer. This value should not include errors discovered outside the ICMP layer such as the inability of IP to route the resultant datagram. In some implementations there may be no types of errors that contribute to this counterʹs value. DstUnReach Number of ICMP Destination Unreachable messages sent. TimeExcds Number of ICMP Time Exceeded messages sent. ParmProbs Number of ICMP Parameter Problem messages sent. PktTooBigs The number of ICMP Packet Too Big messages sent by the interface. EchoReq Number of ICMP Echo (request) messages sent. EchoReply Number of ICMP Echo Reply messages sent. RouterSols Number of Router Solicitation messages sent by the switch. RouterAdv Number of Router Advertisements sent by the switch.
IPv4 Route Statistics The following command displays IPv4 route statistics: show ip route counters Command mode: All Route statistics: Current total outstanding routes : 2 Highest number ever recorded : 2 Current static routes : 0 Current RIP routes : 0 Current OSPF routes : 0 Current BGP routes : 0 Maximum supported routes : 15872 ECMP statistics (active in ASIC): Maximum number of ECMP routes : 15483 Maximum number of static ECMP routes : 128 Number of routes with ECMP paths : 0 The following table describes the IPv4 route statistics. Table 111. IPv4 Route Statistics Statistics Description Current total Total number of outstanding routes in the route table. outstanding routes Highest number ever Highest number of routes ever recorded in the route table. recorded Current static routes Total number of static routes in the route table. Current RIP routes Total number of RIP routes in the route table. Current OSPF routes Total number of OSPF routes in the route table. Current BGP routes Total number of BGP routes in the route table. Maximum supported Maximum number of routes that are supported. routes Maximum number of ...
ARP statistics The following command displays Address Resolution Protocol statistics. show [ip] arp counters Command mode: All Mgmt ARP statistics: arpEntriesCur: 1 arpEntriesHighWater: 2 Data ARP statistics: arpEntriesCur: 1 arpEntriesHighWater: 1 arpEntriesMax: 16383 The following table describes the ARP statistics. Table 113. ARP Statistics Statistic Description arpEntriesCur The total number of outstanding ARP entries in the ARP table. arpEntriesHighWater The highest number of ARP entries ever recorded in the ARP table. arpEntriesMax The maximum number of ARP entries that are supported. The following command displays Dynamic ARP Inspection statistics. show ip arp inspection statistics [vlan <VLAN ID (1‐4094)>] Command mode: All Vlan Forwarded Dropped 2 100 200 G8332 Command Reference for ENOS 8.4...
ICMP Statistics The following command displays ICMP statistics: show ip icmp counters Command mode: All ICMP statistics: icmpInMsgs: 245802 icmpInErrors: 1393 icmpInDestUnreachs: 41 icmpInTimeExcds: 0 icmpInParmProbs: 0 icmpInSrcQuenchs: 0 icmpInRedirects: 0 icmpInEchos: 18 icmpInEchoReps: 244350 icmpInTimestamps: 0 icmpInTimestampReps: 0 icmpInAddrMasks: 0 icmpInAddrMaskReps: 0 icmpOutMsgs: 253810 icmpOutErrors: 0 icmpOutDestUnreachs: 15 icmpOutTimeExcds: 0 icmpOutParmProbs: 0 icmpOutSrcQuenchs: 0 icmpOutRedirects: 0 icmpOutEchos: 253777 icmpOutEchoReps: 18 icmpOutTimestamps: 0 icmpOutTimestampReps: 0 icmpOutAddrMasks: 0 icmpOutAddrMaskReps: 0 The following table describes the ICMP statistics. Table 115. ICMP Statistics Statistic Description icmpInMsgs The total number of ICMP messages which the entity (the switch) received. Note that this counter includes all those counted by icmpInErrors. icmpInErrors The number of ICMP messages which the entity (the switch) received but determined as having ICMP‐specific errors (bad ICMP checksums, bad length, and so forth). icmpInDestUnreachs The number of ICMP Destination Unreachable messages received. icmpInTimeExcds The number of ICMP Time Exceeded messages received. icmpInParmProbs The number of ICMP Parameter Problem messages ...
TCP Statistics The following command displays TCP statistics: show ip tcp counters Command mode: All TCP statistics: tcpRtoAlgorithm: 4 tcpRtoMin: 0 tcpRtoMax: 240000 tcpMaxConn: 512 tcpActiveOpens: 252214 tcpPassiveOpens: 7 tcpAttemptFails: 528 tcpEstabResets: 4 tcpInSegs: 756401 tcpOutSegs: 756655 tcpRetransSegs: 0 tcpInErrs: 0 tcpCurrEstab: 0 tcpCurConn: 3 tcpOutRsts: 417 The following table describes the TCP statistics. Table 116. TCP Statistics Statistic Description tcpRtoAlgorithm The algorithm used to determine the timeout value used for retransmitting unacknowledged octets. tcpRtoMin The minimum value permitted by a TCP implementation for the retransmission timeout, measured in milliseconds. More refined semantics for objects of this type depend upon the algorithm used to determine the retransmission timeout. In particular, when the timeout algorithm is rsre(3), an object of this type has the semantics of the LBOUND quantity described in RFC 793. tcpRtoMax The maximum value permitted by a TCP implementation for the retransmission timeout, measured in milliseconds. More refined semantics for objects of this type depend upon the algorithm used to determine the retransmission timeout. In particular, when the timeout algorithm is rsre(3), an object of this type has the semantics of the UBOUND quantity described in RFC 793. tcpMaxConn The limit on the total number of TCP connections the ...
UDP Statistics The following command displays UDP statistics: show ip udp counters Command mode: All UDP statistics: udpInDatagrams: 54 udpOutDatagrams: 43 udpInErrors: 0 udpNoPorts: 1578077 The following table describes the UDP statistics. Table 117. UDP Statistics Statistic Description udpInDatagrams The total number of UDP datagrams delivered to the switch. udpOutDatagrams The total number of UDP datagrams sent from this entity (the switch). udpInErrors The number of received UDP datagrams that could not be delivered for reasons other than the lack of an application at the destination port. udpNoPorts The total number of received UDP datagrams for which there was no application at the destination port. G8332 Command Reference for ENOS 8.4...
Page 264
Table 118. IGMP Statistics (continued) Statistic Description rxIgmpDiscardPkts Total number of IGMP packets discarded rxIgmpLeaves Total number of Leave requests received rxIgmpReports Total number of Membership Reports received txIgmpReports Total number of Membership reports transmitted txIgmpGrpSpecificQueries Total number of Membership Query packets transmitted to specific groups txIgmpLeaves Total number of Leave messages transmitted rxIgmpV3CurrentStateRecords Total number of Current State records received rxIgmpV3SourceListChangeRecords Total number of Source List Change records received rxIgmpV3FilterChangeRecords Total number of Filter Change records received txIgmpGenQueries Total number of General Membership Query packets transmitted rxPimHellos Total number of PIM hellos received G8332 Command Reference for ENOS 8.4...
OSPF Statistics The following commands display OSPF statistics: Table 121. OSPF Statistics Commands Command Syntax and Usage show ip ospf counters Displays global OSPF statistics. See page 269 for sample output. Command mode: All show ip ospf area [<0‐19>] counters Displays OSPF statistics for all areas or a specified area. Command mode: All show ip ospf interface [<interface number>|port <port alias or number>] counters Displays OSPF statistics for all interfaces or a specified interface. Command mode: All clear ip ospf counters Clears OSPF statistics. Command mode: Privileged EXEC G8332 Command Reference for ENOS 8.4...
Page 270
Table 122. OSPF General Statistics (continued) Statistic Description Tx Hello The sum total of all Hello packets transmitted on all OSPF areas and interfaces. Rx Database The sum total of all Database Description packets received on all OSPF areas and interfaces. Tx Database The sum total of all Database Description packets transmitted on all OSPF areas and interfaces. Rx ls Requests The sum total of all Link State Request packets received on all OSPF areas and interfaces. Tx ls Requests The sum total of all Link State Request packets transmitted on all OSPF areas and interfaces. Rx ls Acks The sum total of all Link State Acknowledgement packets received on all OSPF areas and interfaces. Tx ls Acks The sum total of all Link State Acknowledgement packets transmitted on all OSPF areas and interfaces. Rx ls Updates The sum total of all Link State Update packets received on all OSPF areas and interfaces. Tx ls Updates The sum total of all Link State Update packets transmitted on all OSPF areas and interfaces. Nbr Change Stats: hello The sum total of all Hello packets received from neighbors on all OSPF areas and interfaces. Start The sum total number of neighbors in this state (that is, an indication that Hello packets should now be sent to the neighbor at intervals of HelloInterval seconds.) across all OSPF areas and interfaces.
Page 272
Table 122. OSPF General Statistics (continued) Statistic Description Timers Kickoff: hello The sum total number of times the Hello timer has been fired (which triggers the send of a Hello packet) across all OPSF areas and interfaces. retransmit The sum total number of times the Retransmit timer has been fired across all OPSF areas and interfaces. lsa lock The sum total number of times the Link State Advertisement (LSA) lock timer has been fired across all OSPF areas and interfaces. lsa ack The sum total number of times the LSA Ack timer has been fired across all OSPF areas and interfaces. dbage The total number of times the data base age (Dbage) has been fired. summary The total number of times the Summary timer has been fired. ase export The total number of times the Autonomous System Export (ASE) timer has been fired. G8332 Command Reference for ENOS 8.4...
OSPFv3 Global Statistics The following command displays statistics about OSPFv3 packets received on all OSPFv3 areas and interfaces: show ipv6 ospf counters Command mode: All OSPFv3 stats Rx/Tx/Disd Stats: Rx Tx Discarded Pkts 9695 95933 0 hello 9097 8994 0 database 39 51 6 ls requests 16 8 0 ls acks 172 360 0 ls updates 371 180 0 Errors rx on pasv intf 0 rx but ospf off 0 rx on intf not up 0 rx version mismatch 0 rx rtr id is zero 0 rx with our rtr id 0 instance id mismatch 0 area mismatch 0 dest addr mismatch 0 bad checksum 0 no associated nbr 0 bad packet type 0 hello mismatch 0 options mismatch 0 dead mismatch 0 bad nbma/ptomp nbr 0 Nbr change stats: Intf change Stats: down 0 down 5 attempt 0 loop 0 init 1 waiting 6 n2way 1 ptop 0 exstart 1 dr 4 exchange done 1 backup 6 loading done 1 dr other 0 full 1 all events 33...
Page 276
Table 124. OSPFv3 General Statistics (continued) Statistics Description Tx ls updates The sum total of all Link State Update packets transmitted on all OSPFv3 interfaces. Discarded ls The sum total of all Link State Update packets discarded. updates Nbr Change Stats: down The total number of Neighboring routers down (in the initial state of a neighbor conversation) across all OSPFv3 interfaces. attempt The total number of transitions into attempt state of neighboring routers across allOSPFv3 interfaces. init The total number of transitions into init state of neighboring routers across all OSPFv3 interfaces. n2way The total number of bidirectional communication establishment between this router and other neighboring routers. exstart The total number of transitions into exstart state of neighboring routers across all OSPFv3 interfaces exchange done The total number of neighbors in this state (that is, in an adjacencyʹs final state) having transmitted a full sequence of Database Description packets, across all OSPFv3 interfaces. loading done The total number of link state updates received for all out‐of‐date portions of the database across all OSPFv3 interfaces. full The total number of transitions into full state of neighboring routers across all OSPFv3 interfaces. all events The total number of state transitions of neighboring routers ...
VRRP Statistics Virtual Router Redundancy Protocol (VRRP) support on the G8332 provides redundancy between routers in a LAN. This is accomplished by configuring the same virtual router IP address and ID number on each participating VRRP‐capable routing device. One of the virtual routers is then elected as the master, based on a number of priority criteria, and assumes control of the shared virtual router IP address. If the master fails, one of the backup virtual routers will assume routing authority and take control of the virtual router IP address. When virtual routers are configured, you can display the protocol statistics for VRRP. The following command displays VRRP statistics: show ip vrrp counters Command mode: All VRRP statistics: vrrpInAdvers: 0 vrrpBadAdvers: 0 vrrpOutAdvers: 0 vrrpOutGratuitousARPs: 0 vrrpBadVersion: 0 vrrpBadVrid: 0 vrrpBadAddress: 0 vrrpBadData: 0 vrrpBadPassword: 0 vrrpBadInterval: 0 The following table describes the VRRP statistics. Table 125. VRRP Statistics Statistics Description vrrpInAdvers The total number of valid VRRP advertisements that have been received. vrrpBadAdvers The total number of VRRP advertisements received that were dropped. vrrpOutAdvers The total number of VRRP advertisements that have been sent. vrrpBadVersion The total number of VRRP advertisements received that had a bad version number. vrrpOut The total number of VRRP gratuitous ARPs that have been GratuitousARPs sent.
Routing Information Protocol Statistics The following command displays RIP statistics: show ip rip counters Command mode: All RIP ALL STATS INFORMATION: RIP packets received = 12 RIP packets sent = 75 RIP request received = 0 RIP response recevied = 12 RIP request sent = 3 RIP reponse sent = 72 RIP route timeout = 0 RIP bad size packet received = 0 RIP bad version received = 0 RIP bad zeros received = 0 RIP bad src port received = 0 RIP bad src IP received = 0 RIP packets from self received = 0 G8332 Command Reference for ENOS 8.4...
Page 288
Table 129. OpenFlow Statistics Parameter Description Vendor Count of Vendor messages received by the switch from the Controller. Available only in OpenFlow 1.0. Vendor Flow‐Mod Available only in OpenFlow 1.0. Count of vendor‐defined add flow_mod messages received by the switch. Available only in OpenFlow 1.0. Modify Count of vendor‐defined modify flow_mod messages received by the switch. Available only in OpenFlow 1.0. Modify‐Strict Count of vendor‐defined modify_strict flow_mod messages received by the switch. Available only in OpenFlow 1.0. Delete Count of vendor‐defined delete flow_mod messages received by the switch. Available only in OpenFlow 1.0. Delete‐Strict Count of vendor‐defined deletestrict flow_mod messages received by the switch. Available only in OpenFlow 1.0. Feature‐Request Count of Feature Request messages received from the Controller by the switch. Feature‐Reply Count of Feature Reply messages sent from the switch to the Controller. Get‐Config‐Request Count of Get Config Request messages received from the Controller by the switch. Get‐Config‐Reply Count of Get Config Reply messages sent from the switch to the Controller. Set‐Config Count of Set Config messages received from the Controller by the switch.
Page 290
Table 129. OpenFlow Statistics Parameter Description Group‐Mod Available only in OpenFlow 1.3 Count of Group Add messages received from Controller. Available only in OpenFlow 1.3. Modify Count of Group Modify messages received from Controller. Available only in OpenFlow 1.3. Delete Count of Group Delete messages received from Controller. Available only in OpenFlow 1.3. Port‐Mod Count of port_mod messages received by the switch from the Controller. Statistics‐Request Available only in OpenFlow 1.0. Desc Count of Description statistics requests received from the Controller by the switch. Available only in OpenFlow 1.0. Flow Count of Flow statistics requests received from the Controller by the switch. Available only in OpenFlow 1.0. Aggregate Count of Aggregate statistics requests received from the Controller by the switch. Available only in OpenFlow 1.0. Table Count of Table statistics requests received from the Controller by the switch. Available only in OpenFlow 1.0. Port Count of Port statistics requests received from the Controller by the switch. Available only in OpenFlow 1.0. Vendor Available only in OpenFlow 1.0. stats Count of Vendor statistics requests received from the Controller by the switch. Available only in OpenFlow 1.0. stats‐strict Count of Vendor strict statistics requests received from the ...
Page 292
Table 129. OpenFlow Statistics Parameter Description Group counter Count of Group statistics replies sent to the Controller. statistics Available only in OpenFlow 1.3. Group description Count of Group description replies sent to the Controller. Available only in OpenFlow 1.3. Group features Count of Group features replies sent to the Controller. Available only in OpenFlow 1.3. Port description Count of Port description replies sent to the Controller by the switch. Available only in OpenFlow 1.3. Barrier‐Request Count of barrierrequest messages received from the Controller by the switch. Barrier‐Reply Count of barrierreply messages sent to the Controller by the switch. Error Messages Count of error messages handled ‐ sending/receiving error messages. Hello Failed Sent Incompatible Count of error messages sent by the switch if the version in the Hello message is incompatible with the version of the Controller. Hello Failed Recv Incompatible Count of error messages received by the switch if the version in the Hello message is incompatible with the version of the Controller. Bad Request Bad‐Version Count of error messages sent due to badversion in the request header.
Page 294
Table 129. OpenFlow Statistics Parameter Description Match‐Inconsistent Count of error messages sent because the action cannot apply for this match or because there is a setfield missing prerequisite. Available only in OpenFlow 1.3. Unsupported‐Order Count of error messages sent because the action order in an applyactions instruction is unsupported for the action list. Available only in OpenFlow 1.3. Bad‐Set‐Type Count of error messages sent due to unsupported type in the setfield action. Available only in OpenFlow 1.3. Bad‐Set‐Len Count of error messages sent due to length problem in the setfield action. Available only in OpenFlow 1.3. Bad‐Set‐Argument Count of error messages sent due to bad argument in the setfield action. Available only in OpenFlow 1.3. Bad Instruction Available only in OpenFlow 1.3 Unknown‐Instructio Count of error messages sent due to unknown instruction in the received flowmod message. Available only in OpenFlow 1.3. Unsupport‐ Count of error messages sent due to unsupported Instruction instruction in the received flowmod message. Available only in OpenFlow 1.3. Bad‐Len Count of error messages sent due to wrong instruction length. Available only in OpenFlow 1.3. Permission‐Error Count of error messages sent due to permission error while processing the instruction. Available only in OpenFlow 1.3. Bad Match Available only in OpenFlow 1.3 Bad‐Type...
Page 296
Table 129. OpenFlow Statistics Parameter Description Bad‐Flags Count of error messages sent when the specified flags in the flow_mod message are unsupported. Available only in OpenFlow 1.3. Group‐Mod‐Failed Available only in OpenFlow 1.3 Group‐Exists Count of error message sent to Controller due to already existing group. Available only in OpenFlow 1.3. Invalid‐Group Count of error message sent to Controller due to invalid group. Available only in OpenFlow 1.3. Weight‐ Count of error message sent to Controller due to Unsupported unsupported “weight” parameter. Available only in OpenFlow 1.3. Out‐of‐Groups Count of error message sent to Controller due to full group table. Available only in OpenFlow 1.3. Out‐of‐Buckets Count of error message sent to Controller due to full bucket count per group. Available only in OpenFlow 1.3. Chaining‐ Count of error message sent to Controller due to Unsupported unsupported groups that forward to groups. Available only in OpenFlow 1.3. Watch‐Unsupported Count of error message sent to Controller due to unsupported “watch” parameter. Available only in OpenFlow 1.3. Loop Count of error message sent to Controller due to unsupported checking that no loop is created while chaining groups. Available only in OpenFlow 1.3.
Management Processor Statistics The following commands display Management Processor (MP) statistics: Table 130. Management Processor Statistics Options Command Syntax and Usage show mp i2c show processes i2c Displays Inter‐Integrated Circuit (I2C) statistics. Command mode: All show mp memory show processes memory Displays memory utilization statistics. Command mode: All show mp packet Displays MP packet statistics.For command options, see page 300. Command mode: All show mp tcpblock show processes tcpblock Displays all TCP control blocks that are in use. To view a sample output and a description of the stats, see page 310. Command mode: All show mp thread show processes thread Displays thread statistics. Command mode: All show mp udpblock show processes udpblock Displays all UDP control blocks that are in use. To view a sample output, see page 311. Command mode: All show processes Displays MP specific statistics. For command options, see page 312.
MP Packet Statistics Commands The following commands display MP Packet statistics: Table 131. Packet Statistics Commands Command Syntax and Usage show mp packet counters Displays packet statistics, to check for leaks and load. To view a sample output and a description of the stats, see page 301. Command mode: All show mp packet dump {all|rx|tx} all displays all packet statistics and logs received or sent by the CPU. rx displays all packet statistics and logs received by the CPU. tx displays all packet statistics and logs sent by the CPU. Command mode: All show mp packet last {both|rx|tx} <number of logs (1‐1000)> both displays a list of the most recent packets received or sent by the CPU. rx displays a log of the most recent packets received by the CPU. tx displays a log of the most recent packets sent by the CPU. Command mode: All show mp packet logs {all|rx|tx} all displays a log of all packets received or sent by the CPU. rx displays a log of packets received by the CPU. tx displays a log of packets sent by the CPU. Command mode: All show mp packet parse {rx|tx} <parsing option>...
Page 304
Table 132. Packet Statistics (continued) Statistics Description jumbo packet buffers current Total number of packet allocations with more than 1536 bytes from the packet buffer pool by the TCP/IP protocol stack. Maximum number of jumbo packet allocations supported. hi‐watermark The highest number of packet allocation with more than 1536 bytes from the packet buffer pool by the TCP/IP protocol stack. pkt_hdr statistics current Total number of packet allocations with more than 1536 bytes from the packet buffer pool by the TCP/IP protocol stack. Maximum number of packet allocations with more than 1536 bytes from the packet buffer pool by the TCP/IP protocol stack. hi‐watermark The highest number of packet allocation with more than 1536 bytes from the packet buffer pool by the TCP/IP protocol stack. G8332 Command Reference for ENOS 8.4...
Logged Packet Statistics The following command displays logged packets that have been received or sent, based on the specified filter: show mp packet parse {rx|tx} <parsing option> The filter options are described in the following table. Table 133. Packet Log Parsing Options Command Syntax and Usage show mp packet parse {rx|tx} arp Displays only ARP packets logged. Command mode: All show mp packet parse {rx|tx} bgp Displays only BGP packets logged. Command mode: All show mp packet parse {rx|tx} bpdu Displays only BPDUs logged Command mode: All show mp packet parse {rx|tx} cisco Displays only Cisco packets (BPDU/CDP/UDLD) logged. Command mode: All show mp packet parse {rx|tx} dhcp Displays only DHCP packets logged. Command mode: All show mp packet parse {rx|tx} ecp Displays only ECP packets logged. Command mode: All show mp packet parse {rx|tx} fcoe Displays only FCoE FIP PDUs logged. Command mode: All show mp packet parse {rx|tx} ftp Displays only FTP packets logged. Command mode: All show mp packet parse {rx|tx} http Displays only HTTP packets logged. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 308
Table 133. Packet Log Parsing Options (continued) Command Syntax and Usage show mp packet parse {rx|tx} ospf Displays only OSPF packets logged. Command mode: All show mp packet parse {rx|tx} other Displays logs of all packets not explicitly selectable. Command mode: All show mp packet parse {rx|tx} pim Displays only PIM packets logged. Command mode: All show mp packet parse {rx|tx} port <port alias or number> Displays only logged packets with the specified port. Command mode: All show mp packet parse {rx|tx} radius Displays only RADIUS packets logged. Command mode: All show mp packet parse {rx|tx} rarp Displays only Reverse‐ARP packets. Command mode: All show mp packet parse {rx|tx} raw Displays raw packet buffer in addition to headers. Command mode: All show mp packet parse {rx|tx} rip Displays only RIP packets logged. Command mode: All show mp packet parse {rx|tx} snmp Displays only SNMP packets logged. Command mode: All show mp packet parse {rx|tx} ssh Displays only SSH packets logged. Command mode: All show mp packet parse {rx|tx} tacacs Displays only TACACS packets logged. Command mode: All G8332 Command Reference for ENOS 8.4...
CPU Statistics History The following command displays a history of CPU use statistics: show processes cpu history Command mode: All CPU Utilization History 40 (LACP) 8% at 12:41:07 Mon Jul 6, 2015 75 (ARP ) 32% at 12:41:08 Mon Jul 6, 2015 75 (ARP ) 48% at 12:41:13 Mon Jul 6, 2015 54 (PROX) 62% at 13:52:06 Mon Jul 6, 2015 54 (PROX) 63% at 15:03:43 Mon Jul 6, 2015 54 (PROX) 64% at 4:02:46 Wed Jul 8, 2015 54 (PROX) 65% at 3:54:27 Thu Jul 9, 2015 G8332 Command Reference for ENOS 8.4...
Page 316
Table 136. QoS Statistics Commands Command Syntax and Usage show qos protocolpacketcontrol queuecounters [<packet queue number (0‐43)>|all] Displays the total number of packets received by each queue. The all option displays the number of packets reveived by all queues, including the reserved packet queues. Command mode: All clear qos protocolpacketcontrol all Clears all packet queue statistics. Command mode: Privileged EXEC clear qos protocolpacketcontrol protocolcounters [<packet type>] Clears packet queue statistics for the selected packet type. Command mode: Privileged EXEC clear qos protocolpacketcontrol queuecounters [<packet queue number (0‐43)>] Clears packet queue statistics for the selected queue. Command mode: Privileged EXEC G8332 Command Reference for ENOS 8.4...
SNMP Statistics The following command displays SNMP statistics: show snmpserver counters Command mode: All SNMP statistics: snmpInPkts: 150097 snmpInBadVersions: 0 snmpInBadC'tyNames: 0 snmpInBadC'tyUses: 0 snmpInASNParseErrs: 0 snmpEnableAuthTraps: 0 snmpOutPkts: 150097 snmpInBadTypes: 0 snmpInTooBigs: 0 snmpInNoSuchNames: 0 snmpInBadValues: 0 snmpInReadOnlys: 0 snmpInGenErrs: 0 snmpInTotalReqVars: 798464 snmpInTotalSetVars: 2731 snmpInGetRequests: 17593 snmpInGetNexts: 131389 snmpInSetRequests: 615 snmpInGetResponses: 0 snmpInTraps: 0 snmpOutTooBigs: 0 snmpOutNoSuchNames: 1 snmpOutBadValues: 0 snmpOutReadOnlys: 0 snmpOutGenErrs: 1 snmpOutGetRequests: 0 snmpOutGetNexts: 0 snmpOutSetRequests: 0 snmpOutGetResponses: 150093 snmpOutTraps: 4 snmpSilentDrops: 0 snmpProxyDrops: 0 The following tabl describes the SNMP statistics. Table 140. SNMP Statistics Statistic Description snmpInPkts The total number of Messages delivered to the SNMP entity from the transport service. snmpInBadVersions The total number of SNMP Messages, which were delivered to the SNMP protocol entity and were for an unsupported SNMP version. snmpInBadCʹtyNames The total number of SNMP Messages delivered to the SNMP entity which used an SNMP community name not known to the said entity (the switch). snmpInBadCʹtyUses The total number of SNMP Messages delivered to ...
Page 326
Table 140. SNMP Statistics (continued) Statistic Description snmpInGenErrs The total number of SNMP Protocol Data Units (PDUs), which were delivered to the SNMP protocol entity and for which the value of the error‐status field is genErr. snmpInTotalReqVars The total number of MIB objects which have been retrieved successfully by the SNMP protocol entity as a result of receiving valid SNMP Get‐Request and Get‐Next Protocol Data Units (PDUs). snmpInTotalSetVars The total number of MIB objects, which have been altered successfully by the SNMP protocol entity as a result of receiving valid SNMP Set‐Request Protocol Data Units (PDUs). snmpInGetRequests The total number of SNMP Get‐Request Protocol Data Units (PDUs), which have been accepted and processed by the SNMP protocol entity. snmpInGetNexts The total number of SNMP Get‐Next Protocol Data Units (PDUs), which have been accepted and processed by the SNMP protocol entity. snmpInSetRequests The total number of SNMP Set‐Request Protocol Data Units (PDUs), which have been accepted and processed by the SNMP protocol entity. snmpInGetResponses The total number of SNMP Get‐Response Protocol Data Units (PDUs), which have been accepted and processed by the SNMP protocol entity. snmpInTraps The total number of SNMP Trap Protocol Data Units (PDUs), which have been accepted and processed by the SNMP protocol entity. snmpOutTooBigs The total number of SNMP Protocol Data Units ...
NTP Statistics Enterprise NOS uses NTP (Network Timing Protocol) version 3 to synchronize the switch’s internal clock with an atomic time calibrated NTP server. With NTP enabled, the switch can accurately update its internal clock to be consistent with other devices on the network and generates accurate syslogs. The following command displays NTP statistics: show ntp counters Command mode: All NTP statistics: Primary Server: Requests Sent: 17 Responses Received: 17 Updates: 1 Secondary Server: Requests Sent: 0 Responses Received: 0 Updates: 0 Last update based on response from primary server. Last update time: 15:22:05 Wed Nov 28, 2012 Current system time: 8:05:21 Thu Nov 29, 2012 The following table describes the NTP statistics. Table 141. NTP Statistics Field Description Primary Server Requests Sent: The total number of NTP requests the switch sent to the primary NTP server to synchronize time. Responses Received: The total number of NTP responses received from the primary NTP server. Updates: The total number of times the switch updated its time based on the NTP responses received from the primary NTP server. Secondary Server Requests Sent: The total number of NTP requests the ...
PTP Statistics The following commands display PTP statistics: Table 143. Precision Time Protocol Statistics Commands Command Syntax and Usage show ptp counters Displays Precision Time Protocol statistics. Command mode: All show interface port <port alias or number> ptpcounters Displays Precision Time Protocol statistics for the port. Command mode: All clear ptp counters Resets PTP packet counters. Command mode: Privileged EXEC Use the following command to display Precision Time Protocol traffic statistics: show ptp counters Command mode: All Precision time protocol counters: ++ |Received Announce messages: 0| |Received Sync messages: 0| |Received FollowUp messages: 0| |Received DelayRequest messages: 0| |Received DelayResponse messages: 0| ++ |Sent Announce messages: 0| |Sent Sync messages: 0| |Sent FollowUp messages: 0| |Sent DelayRequest messages: 0| |Sent DelayResponse messages: 0| ++ PTP statistics include the following: Total number of Announce messages transmitted and received. ...
Statistics Dump The following command dumps switch statistics: show counters Use the dump command to dump all switch statistics (40K or more, depending on your configuration). This data can be used to tune or debug switch performance. If you want to capture dump data to a file, set your communication software on your workstation to capture session data prior to issuing the dump command. G8332 Command Reference for ENOS 8.4...
Page 334
Table 145. General Configuration Commands Command Syntax and Usage copy runningconfig startupconfig Copy the current (running) configuration from switch memory to the startupconfig partition. Command mode: Privileged EXEC copy runningconfig {ftp|tftp|sftp} [dataport|mgtport] Backs up the current (running) configuration to a file on the selected FTP/TFTP/SFTP server. Command mode: Privileged EXEC copy runningconfig tftp address <TFTP server IP address> filename <TFTP server filepath> [dataport|mgtport] Backs up the current (running) configuration to a file on the specified TFTP server. Command mode: Privileged EXEC copy runningconfig <TFTP server filepath> [dataport|mgtport] Backs up the current (running) configuration to a file on the specified TFTP server. For example: copy runningconfig tftp://10.72.97.135:/directory/config.txt mgtport Command mode: Privileged EXEC copy <TFTP server filepath> runningconfig [dataport|mgtport] Restores the current (running) configuration from a file on the specified TFTP server. For example: copy tftp://10.72.97.135:/directory/config.txt runningconfig mgtport Command mode: Privileged EXEC copy {ftp|tftp|sftp} runningconfig [dataport|mgtport] Restores current configuration from a FTP/TFTP/SFTP server. For details, see page 672. Command mode: Privileged EXEC copy {tftp|sftp} {cacert|hostkey|hostcert|publickey} Import interface used by NIST certified test laboratories for USGv6 (NIST SP 500‐267) certification purposes. Required for RSA digital signature authentication verification during IKEv2 interoperability testing. Uses TFTP or SFTP to import: cacert: Certificate Authority root certificate ...
Viewing and Saving Changes As you use the configuration commands to set switch parameters, the changes you make take effect immediately. You do not need to apply them. Configuration changes are lost the next time the switch boots, unless you save the changes. You can view all running configuration changes that have been applied but not saved to flash memory using the show runningconfig diff command in Privileged EXEC mode. Note: Some operations can override the settings of the Configuration commands. Therefore, settings you view using the Configuration commands (for example, port status) might differ from run‐time information that you view using the Information commands. The Information commands display current run‐time information of switch parameters. Saving the Configuration You must save configuration settings to flash memory, so the G8332 reloads the settings after a reboot. Note: If you do not save the changes, they will be lost the next time the system is rebooted. To save the new configuration, enter the following command: RS G8332# copy runningconfig startupconfig or: RS G8332# write Note: The write command doesn’t prompt the user for confirmation. When you save configuration changes, the changes are saved to the active configuration block. For instructions on selecting the configuration to run at the next system reboot, see “Selecting a Configuration Block” on page 697. G8332 Command Reference for ENOS 8.4...
Page 338
Table 146. System Configuration Options (continued) Command Syntax and Usage hostname <1‐64 characters> Enables displaying of the host name (system administrator’s name) in the Command Line Interface (CLI). Command mode: Global configuration no hostname Deletes the host name set by the system administrator and displays the default system host name in the CLI. Command mode: Global configuration line console length <0‐300> Configures the number of lines per screen displayed in the CLI by default for console sessions. Setting it to 0 disables paging. The default value is 28. Command mode: Global configuration no line console Sets line console length to the default value of 28. Command mode: Global configuration line vty length <0‐300> Sets the default number of lines per screen displayed for Telnet and SSH sessions. A value of 0 disables paging. The default value is 28. Command mode: Global configuration no line vty Sets line vty length to the default value of 28. Command mode: Global configuration [no] prompting Enables or disables CLI confirmation prompts. By default, this settings is enabled. Note: When disabled, the switch will choose the default answer. Command mode: Global configuration [no] system bootp Enables or disables the use of the Bootstrap Protocol (BOOTP). If you enable BOOTP, the switch will query its BOOTP server for all of the switch IP parameters. For more details, see page 594.
Page 340
Table 146. System Configuration Options (continued) Command Syntax and Usage system linkscan {fast|normal|slow} Configures the link scan interval used to poll the status of ports. The values for the different intervals are: fast ‐ 75 miliseconds normal ‐ 150 miliseconds slow ‐ 500 miliseconds Command mode: Global configuration system notice <maximum 2021 character multi‐line login notice> <ʹ.ʹ to end> [addline <notice text>] Displays a login notice immediately before the “Enter password:” prompt. This notice can contain up to 2021 characters and new lines. The addline option adds new lines of text to the existing login notice without replacing it. Command mode: Global configuration no system notice Deletes the login notice. Command mode: Global configuration [no] system packetlogging Enables or disables logging of packets that come to the CPU. The default setting is enabled. Command mode: Global configuration [no] system resetcontrol Enables or disables the reset control flag. When enabled, the switch continues to function after a crash of the main processor, using the last known Layer 2/3 information. The default setting is enabled. Command mode: Global configuration [no] system serverports port <port alias or number> Adds or removes the specified port to the list of server ports. For more details, see page 395. Command mode: Global configuration [no] system serviceled enable Enables (on) or disables (off) the Service Required LED on the front panel of ...
Page 342
Table 146. System Configuration Options (continued) Command Syntax and Usage ssl minimumversion {tls10|tls11|tls12} Configures the minimum accepted Transport Layer Security (TLS) version. tls10 ‐ TLS version 1.0 tls11 ‐ TLS version 1.1 tls12 ‐ TLS version 1.2 Command mode: Global configuration show boot strict Displays the current security strict mode status. Command mode: Global configuration show system Displays the current system parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Link Flap Dampening Configuration The Link Flap Dampening feature allows the switch to automatically disable a port if too many link flaps (link up/link down) are detected on the port during a specified time interval. The port remains in the error‐disabled state until it is re‐enabled manually or re‐enabled automatically by the switch after a timeout period has elapsed. Table 148. Link Flap Dampening Configuration Options Command Syntax and Usage [no] errdisable linkflap enable Enables or disables Link Flap Dampening. Command mode: Global configuration errdisable linkflap maxflaps <1‐100> Configures the maximum number of link flaps allowed in the configured time period. The default value is 5. Command mode: Global configuration errdisable linkflap time <5‐500> Configures the time period, in seconds. The default value is 30 seconds. Command mode: Global configuration show errdisable linkflap Displays the current Link Flap Dampening parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 346
Table 149. Host Log Configuration Options (continued) Command Syntax and Usage logging host <1‐2> facility <0‐7> This option sets the facility level of the first or second syslog host displayed. The default value is 0. Command mode: Global configuration logging host <1‐2> port <UDP port (1‐65535)> Configure the UDP server port used by the syslog host to receive logging messages from the switch. Command mode: Global configuration logging host <1‐2> severity <0‐7> This option sets the severity level of the first or second syslog host displayed. The default value is 7, which means log all severity levels. Command mode: Global configuration no logging host <1‐2> Deletes the specified syslog host. Command mode: Global configuration [no] logging log {all|<feature>} Enables or disables features for which syslog messages can be generated. You can choose to enable/disable syslog on all available features by using the option all or enable/disable specific features (such as vlans, stg or ssh). For a complete list of features, see page 348. Command mode: Global configuration [no] logging pdrop enable Enables or disables packet drop logging. By default, the switch generates these messages once every 2 minutes. Command mode: Global configuration logging pdrop interval <0‐30> Configures the packet drop logging interval, in minutes. The default value is 2 minutes. Command mode: Global configuration logging sourceinterface loopback <1‐5> Sets the loopback interface number for syslogs. Command mode: Global configuration no logging sourceinterface loopback Removes the loopback interface for syslogs.
SSH Server Configuration For the RackSwitch G8332, these commands enable Secure Shell access from any SSH client. Table 150. SSH Server Configuration Options Command Syntax and Usage [no] ssh enable Enables or disables the SSH server. Command mode: Global configuration ssh generatehostkey Generate the RSA host key. Command mode: Global configuration ssh maxauthattempts <1‐20> Sets the maximum number of SSH authentication attempts. The default value is 2. Command mode: Global configuration no ssh maxauthattempts Resets the maximum number of SSH authentication attempts to its default value of 2. Command mode: Global configuration ssh port <TCP port number (1‐65535)> Sets the SSH server port number. The default port number is 22. Command mode: Global configuration no ssh port Resets the SSH server port to the default port number ‐ 22. Command mode: Global configuration ssh publickey index <1‐100> {adduser|deluser} username <user name> Assigns another user name for existing public keys or removes a user name. Command mode: Global configuration [no] ssh scpenable Enables or disables the SCP apply and save. Command mode: Global configuration ssh scppassword Set the administration password for SCP access.
RADIUS Server Configuration The following table describes the RADIUS Server commands. Table 151. RADIUS Server Configuration Options Command Syntax and Usage [no] radiusserver backdoor Enables or disables the RADIUS backdoor for Telnet/SSH/HTTP/HTTPS. The default value is disabled. To obtain the RADIUS backdoor password for your switch, contact your Service and Support line. Command mode: Global configuration [no] radiusserver enable Enables or disables the RADIUS server. Command mode: Global configuration radiusserver port <UDP port number (1500‐3000)> Configures the RADIUS server port. Enter the number of the UDP port to be configured. The default port is 1645. Command mode: Global configuration default radiusserver port Resets the RADIUS server port to the default UDP port ‐ 1645. Command mode: Global configuration radiusserver primaryhost {<hostname>|<IP address>} key <1‐32 characters> Sets the primary RADIUS server address and the shared secret between the switch and the RADIUS server(s). Command mode: Global configuration radiusserver primaryhost {dataport|mgtport} Defines the primary interface port to use to send RADIUS server requests. Select the port to use for data transfer. Command mode: Global configuration no radiusserver primaryhost [key] Deletes the primary RADIUS server. The key option only deletes the shared secret between the switch and the RADIUS server. Command mode: Global configuration radiusserver retransmit <1‐3>...
TACACS+ Server Configuration TACACS (Terminal Access Controller Access Control system) is an authentication protocol that allows a remote access server to forward a userʹs logon password to an authentication server to determine whether access can be allowed to a given system. TACACS is not an encryption protocol and therefore less secure than TACACS+ and Remote Authentication Dial‐In User Service (RADIUS) protocols. Both TACACS and TACACS+ are described in RFC 1492. TACACS+ protocol is more reliable than RADIUS, as TACACS+ uses the Transmission Control Protocol (TCP) whereas RADIUS uses the User Datagram Protocol (UDP). Also, RADIUS combines authentication and authorization in a user profile, whereas TACACS+ separates the two operations. TACACS+ offers the following advantages over RADIUS as the authentication device: TACACS+ is TCP‐based, so it facilitates connection‐oriented traffic. It supports full‐packet encryption, as opposed to password‐only in authentication requests. It supports de‐coupled authentication, authorization and accounting. Table 152. TACACS+ Server Configuration Options Command Syntax and Usage [no] tacacsserver accountingenable Enables or disables TACACS+ accounting. Command mode: Global configuration tacacsserver attempts <1‐10> Sets the number of failed login attempts before disconnecting the user. The default is 2 attempts. Command mode: Global configuration no tacacsserver attempts Resets the number of failed login attempts to the default value of 2. Command mode: Global configuration [no] tacacsserver backdoor Enables or disables the TACACS+ back door for Telnet, SSH/SCP or ...
Page 356
Table 152. TACACS+ Server Configuration Options (continued) Command Syntax and Usage [no] tacacsserver passwordchange Enables or disables TACACS+ password change. The default value is disabled. Command mode: Global configuration tacacsserver port <TCP port number (1‐65000)> Enter the number of the TCP port to be configured. The default is 49. Command mode: Global configuration default tacacsserver port Resets the TACACS+ server port to the default port number ‐ 49. Command mode: Global configuration tacacsserver primaryhost {<hostname>|<IP address>} key <1‐32 characters> Sets the primary TACACS+ server address and the shared secret between the switch and the TACACS+ server(s). Command mode: Global configuration tacacsserver primaryhost {dataport|mgtport} Defines the primary interface port to use to send TACACS+ server requests. Select the port to use for data transfer. Command mode: Global configuration no tacacsserver primaryhost [key] Deletes the primary TACACS+ server. The key option only removes the shared secret between the switch and the TACACS+ server. Command mode: Global configuration [no] tacacsserver privilegemapping Enables or disables TACACS+ privilege‐level mapping. The default value is disabled. Command mode: Global configuration tacacsserver retransmit <1‐3> Sets the number of failed authentication requests before switching to a different TACACS+ server. The default is 3 requests. Command mode: Global configuration G8332 Command Reference for ENOS 8.4...
Page 358
Table 152. TACACS+ Server Configuration Options (continued) Command Syntax and Usage no ip tacacs sourceinterface loopback Deletes all TACACS+ source loopback interfaces. Command mode: Global configuration primarypassword Configures the password for the primary TACACS+ server. The CLI will prompt you for input. Command mode: Global configuration secondarypassword Configures the password for the secondary TACACS+ server. The CLI will prompt you for input. Command mode: Global configuration show tacacsserver Displays current TACACS+ configuration parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 360
Table 153. LDAP Server Configuration Options (continued) Command Syntax and Usage ldapserver attribute username <1‐128 characters> Configures a customized LDAP user search attribute. The default value is uid (unique identification number). Note: The user attribute needs to be set to cn (common name) if LDAP server is MS active directory. For example: cn=John Smith Command mode: Global configuration no ldapserver attribute username Resets the LDAP user search attribute to its default value of uid. Command mode: Global configuration no ldapserver attribute Resets the LDAP attributes to their default values. Command mode: Global configuration [no] ldapserver backdoor Enables or disables the LDAP back door for Telnet, SSH, SCP, HTTP, or HTTPS access. The default setting is disabled. Note: To obtain the LDAP back door password for your G8332, contact your Service and Support line. Command mode: Global configuration ldapserver basedn <1‐128 characters> Configure the Distinguished Name (DN) of the LDAP server. The DN consists of a sequence of different Relative Distinguished Names (RDN) connected by commas. An RDN is an attribute that has an associated value in the format ‘attribute=value’. For a list of typical RDNs, see page 365. Enter the full path for your organization. For example: ou=people,dc=mydomain,dc=com Note: This option is available only in LDAP enhanced mode. Command mode: Global configuration no ldapserver basedn Deletes the configured DN. Note: This option is available only in LDAP enhanced mode. Command mode: Global configuration G8332 Command Reference for ENOS 8.4...
Page 362
Table 153. LDAP Server Configuration Options (continued) Command Syntax and Usage [no] ldapserver enable Enables or disables the LDAP server. Command mode: Global configuration ldapserver groupfilter <LDAP groups> Configures a list of LDAP groups to be searched for login permissions. Multiple groups must be separated by commas. Note: This option is available only in LDAP enhanced mode. Command mode: Global configuration no ldapserver groupfilter Removes the list of LDAP groups searched for login permissions. Note: This option is available only in LDAP enhanced mode. Command mode: Global configuration ldapserver host <LDAP server number (1‐4)> <IP address or hostname> [port <UDP port number(1‐65535)>] [dataport|mgtport] Configures up to four external LDAP servers. The default UDP port used by LDAP is 389. Note: The IP address and port number of a LDAP server must be non‐zero. Note: This option is available only in LDAP enhanced mode. Command mode: Global configuration no ldapserver host <LDAP server number (1‐4)> Removes the specified external LDAP server. Note: This option is available only in LDAP enhanced mode. Command mode: Global configuration ldapserver port <UDP port number (1‐65000)> Enter the number of the UDP port to be configured. The default port is 389. Note: This option is available only in LDAP legacy mode. Command mode: Global configuration default ldapserver port Resets the LDAP server port to the default port number ‐ 389. Command mode: Global configuration ldapserver primaryhost <IPv4 address> [dataport|mgtport] Configures the primary LDAP server with an IPv4 address. Note: This option is available only in LDAP legacy mode.
Page 364
Table 153. LDAP Server Configuration Options (continued) Command Syntax and Usage ldapserver security starttls Configures LDAP to encrypt LDAP credentials (DN and password) using Start Transport Layer Security (StartTLS) when sending a bind request to the LDAP server. This requires the LDAP client to present a Certificate Authority (CA) root certificate. The CA root certificate can be downloaded from the LDAP server. For more details, see page 334. The LDAP client and LDAP server do not need to initiate a separate TLS session before any LDAP messages are exchanged. StartTLS encrypts a non‐encrypted LDAP connection by wrapping it with TLS at any time during or after the connection has been established. Thus, there is no need to use a separate port for encrypted LDAP communication. Note: This option is available only in LDAP enhanced mode. Command mode: Global configuration [no] ldapserver security mutual Enables or disables LDAP to request the LDAP server to also provide its own Certificate Authority (CA) root certificate for authentication by the LDAP client. The LDAP server and the LDAP client both compare the other’s CA root certificate against their own. If both certificates match, the authentication succeeds. If either certificate does not match, the authentication fails. Note: This option is available only in LDAP enhanced mode. Command mode: Global configuration [no] ldapserver srv Enables or disables the switch to look up LDAP server information by retrieving a Service (SRV) record associated with LDAP from the configured Domain Name System (DNS). For more details on DNS, see “Domain Name System Configuration” on page 592. Note: This option is available only in LDAP enhanced mode. Command mode: Global configuration ldapserver secondaryhost <IPv4 address> [dataport|mgtport] Configures the secondary LDAP server with an IPv4 address. Note: This option is available only in LDAP legacy mode. Command mode: Global configuration no ldapserver secondaryhost Deletes the secondary LDAP server.
NTP Server Configuration These commands allow you to synchronize the switch clock to a Network Time Protocol (NTP) server. By default, this option is disabled. Table 154. NTP Server Configuration Options Command Syntax and Usage [no] ntp enable Enables or disables the NTP synchronization service. Command mode: Global configuration ntp interval <5‐44640> Specifies the interval, that is, how often, in minutes, to re‐synchronize the switch clock with the NTP server. The default value is 1440. Command mode: Global configuration ntp ipv6 primaryserver {dataport|mgtport} Prompts for the port of the IPv6 primary NTP server to which you want to synchronize the switch clock. Command mode: Global configuration ntp ipv6 primaryserver <IPv6 address> [dataport|mgtport] Prompts for the IPv6 address of the primary NTP server to which you want to synchronize the switch clock. Command mode: Global configuration no ntp ipv6 primaryserver Deletes the IPv6 primary NTP server. Command mode: Global configuration ntp ipv6 secondaryserver {dataport|mgtport} Prompts for the port of the IPv6 secondary NTP server to which you want to synchronize the switch clock. Command mode: Global configuration ntp ipv6 secondaryserver <IPv6 address> [dataport|mgtport] Prompts for the IPv6 address of the secondary NTP server to which you want to synchronize the switch clock. Command mode: Global configuration no ntp ipv6 secondaryserver Deletes the IPv6 secondary NTP server.
Page 368
Table 154. NTP Server Configuration Options (continued) Command Syntax and Usage [no] ntp synclogs Enables or disables informational logs for NTP synchronization failures. Default setting is enabled. Command mode: Global configuration show ntp Displays the current NTP service settings. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 370
Table 155. System SNMP Options (continued) Command Syntax and Usage no snmpserver host <trap host IP address> Removes the trap host server. Command mode: Global configuration [no] snmpserver linktrap [port] <port alias or number> enable Enables or disables the sending of SNMP link up and link down traps for a specific system port. The default setting is disabled. Command mode: Global configuration snmpserver location <1‐64 characters> Configures the name of the system location. The location can have a maximum of 64 characters. Command mode: Global configuration no snmpserver location Deletes the name of the system location. Command mode: Global configuration snmpserver name <1‐64 characters> Configures the name for the system. The name can have a maximum of 64 characters. Command mode: Global configuration no snmpserver name Deletes the name of the system. Command mode: Global configuration snmpserver readcommunity <1‐32 characters> Configures the SNMP read community string. The read community string controls SNMP “get” access to the switch. It can have a maximum of 32 characters. The default read community string is public. Command mode: Global configuration [no] snmpserver readcommunityadditional <1‐32 characters> Adds or removes an additional SNMP read community string. Up to 7 additional read community strings are supported. Command mode: Global configuration snmpserver timeout <1‐30> Sets the timeout value for the SNMP state machine, in minutes.
SNMPv3 Configuration SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by supporting the following: a new SNMP message format security for messages access control remote configuration of SNMP parameters For more details on the SNMPv3 architecture please refer to RFC3411 to RFC3418. Table 156. SNMPv3 Configuration Options Command Syntax and Usage snmpserver access <1‐32> This command allows you to specify access rights. The View‐based Access Control Model defines a set of services that an application can use for checking access rights of the user. You need access control when you have to process retrieval or modification request from an SNMP entity. To view command options, see page 376. Command mode: Global configuration snmpserver community <1‐16> The community table contains objects for mapping community strings and version‐independent SNMP message parameters. To view command options, see page 378. Command mode: Global configuration snmpserver group <1‐17> A group maps the user name to the access group names and their access rights needed to access SNMP management objects. A group defines the access rights assigned to all names that belong to a particular group. To view command options, see page 377. Command mode: Global configuration snmpserver notify <1‐16>...
User Security Model Configuration You can make use of a defined set of user identities using this Security Model. An SNMP engine must have the knowledge of applicable attributes of a user. These commands help you create a user security model entry for an authorized user. You need to provide a security name to create the USM entry. Table 157. User Security Model Configuration Options Command Syntax and Usage snmpserver user <1‐17> authenticationprotocol {md5|sha|none} authenticationpassword This command allows you to configure the authentication protocol and password. The authentication protocol can be HMAC‐MD5‐96 or HMAC‐SHA‐96 for compatibility mode, HMAC‐SHA‐96 for security strict mode or none. The default algorithm is none. MD5 authentication protocol is not available in security strict mode if you do not select SNMPv3 account backward compatibility. When you configure an authentication algorithm, you must provide a password, otherwise you will get an error message during validation. This command allows you to create or change your password for authentication. Command mode: Global configuration snmpserver user <1‐17> name <1‐32 characters> This command allows you to configure a string that represents the name of the user. This is the login name that you need in order to access the switch. Command mode: Global configuration snmpserver user <1‐17> privacyprotocol {des|aes|none} privacypassword This command allows you to configure the type of privacy protocol and the privacy password. The privacy protocol protects messages from disclosure. The options are: des (CBC‐DES Symmetric Encryption Protocol) aes (AES‐128 Advanced Encryption Standard Protocol) ...
View-based Access Control Model Configuration The view‐based Access Control Model defines a set of services that an application can use for checking access rights of the user. Access control is needed when the user has to process SNMP retrieval or modification request from an SNMP entity. Table 159. View‐based Access Control Model Options Command Syntax and Usage snmpserver access <1‐32> level {noAuthNoPriv|authNoPriv| |authPriv} Defines the minimum level of security required to gain access rights. noAuthNoPriv means that the SNMP message will be sent without authentication and without using a privacy protocol. authNoPriv means that the SNMP message will be sent with authentication but without using a privacy protocol. authPriv means that the SNMP message will be sent both with authentication and using a privacy protocol. Command mode: Global configuration snmpserver access <1‐32> name <1‐32 characters> Defines the name of the group. Command mode: Global configuration snmpserver access <1‐32> notifyview <1‐32 characters> Defines a notify view name that allows you notify access to the MIB view. Command mode: Global configuration snmpserver access <1‐32> readview <1‐32 characters> Defines a read view name that allows you read access to a particular MIB view. If the value is empty or if there is no active MIB view having this value then no access is granted. Command mode: Global configuration snmpserver access <1‐32> security {usm|snmpv1|snmpv2} Allows you to select the security model to be used.
SNMPv3 Community Table Configuration These commands are used for configuring the community table entry. The configured entry is stored in the community table list in the SNMP engine. This table is used to configure community strings in the Local Configuration Datastore (LCD) of SNMP engine. Table 161. SNMPv3 Community Table Configuration Options Command Syntax and Usage snmpserver community <1‐16> index <1‐32 characters> Allows you to configure the unique index value of a row in this table. Command string: Global configuration snmpserver community <1‐16> name <1‐32 characters> Defines the user name as defined in the following command: snmpserver user <1‐17> name <1‐32 characters> on page 374. Command string: Global configuration snmpserver community <1‐16> tag <1‐255 characters> Allows you to configure a tag. This tag specifies a set of transport endpoints to which a command responder application sends an SNMP trap. Command mode: Global configuration snmpserver community <1‐16> username <1‐32 characters> Defines a readable string that represents the corresponding value of an SNMP community name in a security model. Command mode: Global configuration no snmpserver community <1‐16> Deletes the community table entry. Command mode: Global configuration show snmpserver v3 community <1‐16> Displays the community table configuration. Command mode: All G8332 Command Reference for ENOS 8.4...
Table 162. Target Address Table Configuration Options (continued) Command Syntax and Usage no snmpserver targetaddress <1‐16> Deletes the Target Address Table entry. Command mode: Global configuration show snmpserver v3 targetaddress <1‐16> Displays the current Target Address Table configuration. Command mode: All SNMPv3 Target Parameters Table Configuration You can configure the target parameters entry and store it in the target parameters table in the SNMP engine. This table contains parameters that are used to generate a message. The parameters include the message processing model (for example: SNMPv3, SNMPv2c, SNMPv1), the security model (for example: USM), the security name and the security level (noAuthnoPriv, authNoPriv or authPriv). Table 163. Target Parameters Table Configuration Options Command Syntax and Usage snmpserver targetparameters <1‐16> level {noAuthNoPriv| |authNoPriv|authPriv} Allows you to select the level of security to be used when generating the SNMP messages using this entry. noAuthNoPriv means that the SNMP message will be sent without authentication and without using a privacy protocol. authNoPriv means that the SNMP message will be sent with authentication but without using a privacy protocol.
System Access Configuration The following table describes the System Access commands. Table 165. System Access Configuration Options Command Syntax and Usage [no] access http enable Enables or disables HTTP (Web) access to the Browser‐Based Interface. The default settings is enabled. Command mode: Global configuration access http port <TCP port number (1‐65535)> Sets the switch port used for serving switch Web content. The default is HTTP port 80. Command mode: Global configuration default access http port Resets the HTTP port to the default port number ‐ 80. Command mode: Global configuration access snmp {readonly|readwrite} Enables read‐only/write‐read SNMP access. Command mode: Global configuration no access snmp Disables SNMP access. Command mode: Global configuration [no] access telnet enable Enables or disables Telnet access. The default setting is enabled. Command mode: Global configuration access telnet port <TCP port number (1‐65535)> Sets an optional Telnet server port number for cases where the server listens for Telnet sessions on a non‐standard port. Command mode: Global configuration default access telnet port Resets the Telnet server port to the default port number ‐ 23. Command mode: Global configuration access tftpport <TCP port number (1‐65535)> Sets the TFTP port for the switch.
Page 384
Table 166. Management Network Configuration Options Command Syntax and Usage no access managementnetwork {snmpro|snmprw} Clears the IPv4 SNMP read‐only or SNMP read/write access control list for management purposes. Command mode: Global configuration [no] access managementnetwork6 <mgmt network IPv6 address> <IPv6 prefix length> Adds or removes a defined network through which switch access is allowed via Telnet, SNMP or the Enterprise NOS browser‐based interface. A range of IPv6 addresses is produced when used with a prefix length. Specify an IPv6 address in hexadecimal format with colons. Note: If you configure the management network without including the switch interfaces, the configuration causes the Firewall Load Balancing health checks to fail and creates a “Network Down” state on the network. Command mode: Global configuration [no] access managementnetwork6 <mgmt network IPv6 address> <IPv6 prefix length> {snmpro|snmprw} Adds or removes a defined IPv6 network through which SNMP read‐only or SNMP read/write switch access is allowed. Command mode: Global configuration no access managementnetwork6 {snmpro|snmprw} Clears the IPv6 SNMP read‐only or SNMP read/write access control list for management purposes. Command mode: Global configuration show access managementnetwork Displays the current management network configuration. Command mode: Privileged EXEC clear access managementnetwork Removes all defined management networks. Command mode: Privileged EXEC G8332 Command Reference for ENOS 8.4...
User Access Control Configuration The following table describes user‐access control commands. Note: Passwords can be a maximum of 64 characters. Table 169. User Access Control Configuration Options Command Syntax and Usage access user <1‐20> Configures the User ID. For more command options, see page 387. Command mode: Global configuration [no] access user administratorenable Enables or disables the default administrator account. Command mode: Global configuration access user administratorpassword Sets the administrator (admin) password. The administrator has complete access to all menus, information and configuration commands on the G8332, including the ability to change both the user and administrator passwords. This command will prompt for required information: current admin password, new password (up to 64 characters) and confirmation of the new password. Access includes “oper” functions. Note: You cannot disable the administrator password. Command Mode: Global configuration access user eject {<user name>|sessionid <session ID>} Ejects the specified user from the G8332. Command mode: Global configuration access user operatorpassword Sets the operator (oper)password. The operator manages all functions of the switch. The operator can view all switch information and statistics and can reset ports. This command will prompt for required information: current admin password, new password (up to 64 characters) and confirmation of the new password. Note: To disable the operator account, set the password to null (no password). The default setting is disabled (no password).
Strong Password Configuration The following table describes the Strong Password commands. Table 171. Strong Password Configuration Options Command Syntax and Usage access user strongpassword clear local user {lockout|failattempts} {<username>|all} Enables locked out accounts or resets failed login counters for all users or for a specific user. Command mode: Global configuration [no] access user strongpassword enable Enables or disables Strong Password requirement. Command mode: Global configuration access user strongpassword expiry <1‐365> Configures the number of days allowed before the password must be changed. The default value is 60 days. Command mode: Global configuration access user strongpassword faillock <1‐10> Configures the number of failed login attempts that trigger the account lockout. The default value is 6 attempts. Command mode: Global configuration access user strongpassword faillog <1‐255> Configures the number of failed login attempts allowed before a security notification is logged. The default value is 3 login attempts. Command mode: Global configuration [no] access user strongpassword lockout Enables or disables account lockout after a specified number of failed login attempts. The default setting is disabled. Command mode: Global configuration G8332 Command Reference for ENOS 8.4...
Page 390
Table 172. HTTPS Access Configuration Options (continued) Command Syntax and Usage access https generatecsr Allows you to generate a CSR (Certificate Signing Request) to connect to the SSL to be used during the key exchange. A default certificate is created when HTTPS is enabled for the first time. The user can create a new certificate defining the information that they want to be used in the various fields. For example: Country Name (2 letter code): CA State or Province Name (full name): Ontario Locality Name (for example, city): Ottawa Organization Name (for example, company): Lenovo Organizational Unit Name (for example, section): Operations Common Name (for example, user’s name): Mr Smith Email (for example, email address): info@lenovo.com Unlike the generatecertificate command, this command will generate a certificate request that needs to be signed by a certificate authority (CA) recognized by both parties. Command mode: Global configuration access https savecertificate Allows the client or the Web browser to accept the certificate and save the certificate to Flash to be used when the switch is rebooted. Command mode: Global configuration access https deletecertificate Deletes the current certificate from the flash memory. Command mode: Global configuration access https port <TCP port number (1‐65535)> Defines the HTTPS Web server port number.
Custom Daylight Saving Time Configuration Use these commands to configure custom Daylight Saving Time. The DST is defined by two rules, the start rule and end rule. The rules specify the dates when the DST starts and finishes. These dates are represented as specific calendar dates or as relative offsets in a month (for example, ʹthe second Sunday of Septemberʹ). Relative offset example: 2070901 = Second Sunday of September, at 1:00 a.m. Calendar date example: 0070901 = September 7, at 1:00 a.m. Table 173. Custom DST Options Command Syntax and Usage [no] system customdst enable Enables or disables the Custom Daylight Saving Time settings. Command mode: Global configuration system customdst startrule <WDDMMhh> Configures the start date for custom DST, as follows: WDMMhh W = week (0‐5, where 0 means use the calendar date) D = day of the week (01‐07, where 01 is Monday) MM = month (1‐12) hh = hour (0‐23) Note: Week 5 is always considered to be the last week of the month. Command mode: Global configuration system customdst endrule <WDDMMhh> Configures the end date for custom DST, as follows: WDMMhh W = week (0‐5, where 0 means use the calendar date) D = day of the week (01‐07, where 01 is Monday) MM = month (1‐12) hh = hour (0‐23) Note: Week 5 is always considered to be the last week of the month. Command mode: Global configuration show customdst Displays the current Custom DST configuration.
sFlow Port Configuration Use the following commands to configure the sFlow port on the switch. Table 175. sFlow Port Configuration Options Command Syntax and Usage sflow polling <5‐60> Configures the sFlow polling interval, in seconds. The default setting is disabled. Command mode: Interface port no sflow polling Disables sFlow polling interval. Command mode: Interface port sflow sampling <256‐65536> Configures the sFlow sampling rate, in packets per sample. The default setting is disabled. Command mode: Interface port no sflow sampling Disables sFlow sampling rate. Command mode: Interface port G8332 Command Reference for ENOS 8.4...
Port Configuration Use the Port Configuration commands to configure settings for interface ports. Table 177. Port Configuration Options Command Syntax and Usage interface port <port alias or number> Enter Interface port mode. Command mode: Global configuration interface portchannel {<1‐104>|<105‐208>|lacp <1‐65535>} Enter Interface portchannel mode. These commands allow you to configure port parameters for all port members in the selected Link Aggregation Group (LAG). Command mode: Global configuration [no] openflow mgmtport <port alias or number> Enables or disables OpenFlow management state for the ports. Note: Supported in OpenFlow Only mode. Command mode: Global Configuration [no] bpduguard Enables or disables BPDU guard, to avoid Spanning‐Tree loops on ports configured as edge ports. Command mode: Interface port/Interface portchannel description <1‐64 characters> Sets a description for the port. The assigned port description appears next to the port number on some information and statistics screens. The default is set to the port number. Command mode: Interface port/Interface portchannel no description Removes the interface description. Command mode: Interface port/Interface portchannel dot1p <0‐7> Configures the port’s 802.1p priority level. Command mode: Interface port/Interface portchannel dot1x Configures 802.1X port‐based authentication. For more command options, see page 447.
Page 398
Table 177. Port Configuration Options (continued) Command Syntax and Usage [no] reflectiverelay force Enables or disables constraint to always keep reflective relay active. The default setting is disabled. Command mode: Interface port [no] rmon Enables or disables Remote Monitoring (RMON) on the current port. Command mode: Interface port/Interface portchannel shutdown Disables the port. (To temporarily disable a port without changing its configuration attributes, refer to “Temporarily Disabling a Port” on page 404.) Command mode: Interface port/Interface portchannel no shutdown Enables the port. Command mode: Interface port/Interface portchannel stormcontrol {broadcast|multicast|unicast} level rate <0‐2097151> Limits the available bandwidth for broadcast, multicast or unicast messages to the specified value. Command mode: Interface port/Interface portchannel no stormcontrol {broadcast|multicast|unicast} Sets the port to forward all broadcast, multicast or unicast packets. Command mode: Interface port/Interface portchannel [no] switchport Enables or disables routing on a port. Command mode: Interface port/Interface portchannel switchport access vlan <VLAN ID (1‐4094)> Configures the associated VLAN used in access mode. Default value is 1 for data ports and 4095 for the management port. Command mode: Interface port/Interface portchannel no switchport access vlan Resets the access VLAN to its default value. Command mode: Interface port/Interface portchannel G8332 Command Reference for ENOS 8.4...
Page 400
Table 177. Port Configuration Options (continued) Command Syntax and Usage switchport trunk allowed vlan {add|remove} <VLAN ID (1‐4094)> Updates the associated VLANs in trunk mode. add enables the VLAN range in addition to the current configuration. If any VLAN in the range does not exist, it will not be created and enabled automatically. If a new VLAN is created and it is part of the allowed VLAN range, the port will also be added to that VLAN. remove eliminates the VLAN range from the current configuration. If the Native‐VLAN is in the specified range, the smallest available VLAN from the remaining range will become the new Native‐VLAN. If the remaining range does not have any existing VLANs, the lowest‐numbered VLAN is created and becomes the Native‐VLAN. Note: The remaining VLAN range must contain at least one VLAN. Command mode: Interface port/Interface portchannel switchport trunk allowed vlan {all|none} Updates the associated VLANs in trunk mode. all associates the port to all existing regular VLANs and to any other VLAN that gets created afterwards. none removes the port from all currently associated VLANs and assigns the port to the default VLAN (VLAN 1 for data ports and VLAN 4095 for the management port). Command mode: Interface port/Interface portchannel no switchport trunk allowed vlan Assigns the port to all available data VLANs. Command mode: Interface port/Interface portchannel switchport trunk native vlan <VLAN ID (1‐4094)> Configures the Port VLAN ID (PVID) or Native‐VLAN used to carry untagged traffic in trunk mode. If the VLAN does not exist, it is automatically created. The VLAN must be present in the port’s allowed VLAN range. The default value is 1 for data ports and 4095 for the management port. Command mode: Interface port/Interface portchannel [no] tagpvidingress Enables or disables tagging the ingress frames with the port’s VLAN ID. When ...
Port Error Disable and Recovery Configuration The Error Disable and Recovery feature allows the switch to automatically disable a port if an error condition is detected on the port. The port remains in the error‐disabled state until it is re‐enabled manually, or re‐enabled automatically by the switch after a timeout period has elapsed. The error‐disabled state of a port does not persist across a system reboot. Table 178. Port Error Disable Options Command Syntax and Usage [no] errdisable recovery Enables or disables automatic error‐recovery for the port. The default setting is enabled. Note: Error‐recovery must be enabled globally before port‐level commands become active. Command mode: Interface port/Interface portchannel show interface port <port alias or number> errdisable Displays the specified port’s Error Disable parameters. Command mode: All Port Link Flap Dampening Configuration The following table describes the Port Link Flap Dampening commands. Table 179. Port Link Flap Dampening Configuration Options Command Syntax and Usage [no] errdisable linkflap enable Enables or disables Link Flap Dampening on the port. For more information, ...
Temporarily Disabling a Port To temporarily disable a port without changing its stored configuration attributes, enter the following command at any prompt: RS G8332(config)# interface port <port alias or number> shutdown Because this configuration sets a temporary state for the port, you do not need to use a save operation. The port state will revert to its original configuration when the RackSwitch G8332 is rebooted. See the “Operations Commands” on page 675 for other operations‐level commands. G8332 Command Reference for ENOS 8.4...
Port OAM Configuration Operation, Administration, and Maintenance (OAM) protocol allows the switch to detect faults on the physical port links. OAM is described in the IEEE 802.3ah standard. OAM Discovery commands are described in the following table. Table 182. Port OAM Configuration Options Command Syntax and Usage [no] oam Enables or disables OAM discovery on the current port. Command mode: Interface port [no] oam passive Enables or disables OAM discovery passive mode. In passive mode, the current port allows its peer link to initiate OAM discovery. If OAM determines that the port is in an anomalous condition, the port is disabled. Command mode: Interface port show interface port <port alias or number> oam Displays the specified port’s OAM parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Port WRED Configuration These commands allow you to configure Weighted Random Early Detection (WRED) parameters for a selected port. For global WRED configuration, see “Weighted Random Early Detection Configuration” on page 414. Table 184. Port WRED Options Command Syntax and Usage [no] randomdetect enable Enables or disables Random Detection and avoidance. Command mode: Interface port [no] randomdetect ecn enable Enables or disables Explicit Congestion Notification (ECN). When ECN is on, the switch marks the ECN bit of the packet (if applicable) instead of dropping the packet. ECN‐aware devices are notified of the congestion and those devices can take corrective actions. Note: ECN functions only on TCP traffic. Command mode: Interface port show interface port <port alias or number> randomdetect Displays current Random Detection and avoidance parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Quality of Service Configuration Quality of Service (QoS) commands configure the 802.1p priority value and DiffServ Code Point value of incoming packets. This allows you to differentiate between various types of traffic, and provide different priority levels. 802.1p Configuration This feature provides the G8332 the capability to filter IP packets based on the 802.1p bits in the packetʹs VLAN header. The 802.1p bits specify the priority that you should give to the packets while forwarding them. The packets with a higher (non‐zero) priority bits are given forwarding preference over packets with numerically lower priority bits value. Table 186. 802.1p Configuration Options Command Syntax and Usage qos transmitqueue mapping <priority (0‐7)> <COSq number (0‐7)> Maps the 802.1p priority to the Class of Service queue (COSq) priority. Enter the 802.1p priority value, followed by the Class of Service queue that handles the matching traffic. Command mode: Global configuration default qos transmitqueue mapping Resets the 802.1p packet priority mapping to its default values. Command mode: Global configuration qos transmitqueue weightcos <COSq number (0‐7)> <weight (0‐15)> Configures the weight of the selected Class of Service queue (COSq). Enter the queue number, followed by the scheduling weight. Command mode: Global configuration default qos transmitqueue weight Resets the weights of Class of Service queues to their default values. Command mode: Global configuration show qos transmitqueue Displays the current 802.1p parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Control Plane Protection These commands allow you to limit the number of selected protocol packets received by the control plane (CP) of the switch. These limits help protect the CP from receiving too many protocol packets in a given time period. Table 188. Control Plane Protection Options Command Syntax and Usage qos protocolpacketcontrol packetqueuemap <packet queue number (0‐43)> <packet type> Configures a packet type to associate with each packet queue number. Enter a queue number, followed by the packet type. You may map multiple packet types to a single queue. The following packet types are allowed: 802.1x (IEEE 802.1x packets) applicationcripackets (critical packets of applications) arpbcast (ARP broadcast packets) arpucast (ARP unicast reply packets) bgp (BGP packets) bpdu (Spanning Tree Protocol packets) ciscobpdu (Cisco STP packets) destunknown (packets with destination not yet learned) dhcp (DHCP packets) ecp (ECP packets) fips (FIPS packets) icmp (ICMP packets) ...
Weighted Random Early Detection Configuration Weighted Random Early Detection (WRED) provides congestion avoidance by pre‐emptively dropping packets before a queue becomes full. The G8332 implementation of WRED defines TCP and non‐TCP traffic profiles on a per‐port, per COS queue basis. For each port, you can define a transmit‐queue profile with thresholds that define packet‐drop probability. These commands allow you to configure global WRED parameters. For port WRED commands, see “Port WRED Configuration” on page 408. Table 189. WRED Configuration Options Command Syntax and Usage [no] qos randomdetect ecn enable Enables or disables Explicit Congestion Notification (ECN). When ECN is on, the switch marks the ECN bit of the packet (if applicable) instead of dropping the packet. ECN‐aware devices are notified of the congestion and those devices can take corrective actions. Note: ECN functions only on TCP traffic. Command mode: Global configuration [no] qos randomdetect enable Enables or disables Random Detection and avoidance. Command mode: Global configuration show qos randomdetect Displays current Random Detection and avoidance parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Access Control Configuration Use these commands to create Access Control Lists. ACLs define matching criteria used for IP filtering and Quality of Service functions. For information about assigning ACLs to ports, see “Port ACL Configuration” on page 407. Table 191. General ACL Configuration Options Command Syntax and Usage accesscontrol group <1‐256> Configures an ACL Group. To view command options, see page 435. Command mode: Global configuration accesscontrol list <1‐256> Configures an Access Control List. To view command options, see page 417. Command mode: Global configuration accesscontrol list6 <1‐128> Configures an IPv6 Access Control List. To view command options, see page 427. Command mode: Global configuration accesscontrol macl <1‐256> Configures an Access Control List. To view command options, see page 436. Command mode: Global configuration accesscontrol vmap <1‐128> Configures an ACL VLAN map. To view command options, see page 440. Command mode: Global configuration [no] accesscontrol vxlan innerpacket enable Enables or disables ACL to filter VxLAN (Virtual Extensible LAN) encapsulated packet. Command mode: Global configuration show accesscontrol Displays the current ACL parameters.
ACL Mirroring Configuration These commands allow you to define port mirroring for an ACL. Packets that match the ACL are mirrored to the destination interface. Table 193. ACL Port Mirroring Options Command Syntax and Usage accesscontrol list <1‐256> mirror port <port alias or number> Configures the destination to which packets that match this ACL are mirrored. Command mode: Global configuration no accesscontrol list <1‐256> mirror Removes all mirrored packets. Command mode: Global configuration show accesscontrol list <1‐256> mirror Displays the current port mirroring parameters for the ACL. Command mode: All Ethernet Filtering Configuration These commands allow you to define Ethernet matching criteria for an ACL. Table 194. Ethernet Filtering Configuration Options Command Syntax and Usage accesscontrol list <1‐256> ethernet destinationmacaddress <MAC address> [<MAC mask>] Defines the destination MAC address for this ACL. Command mode: Global configuration no accesscontrol list <1‐256> ethernet destinationmacaddress Removes the destination MAC address for this ACL. Command mode: Global configuration accesscontrol list <1‐256> ethernet ethernettype {arp|ip|ipv6|mpls|rarp|any|<other (0x600‐0xFFFF)>}...
IPv4 Filtering Configuration These commands allow you to define IPv4 matching criteria for an ACL. Table 195. IP version 4 Filtering Configuration Options Command Syntax and Usage accesscontrol list <1‐256> ipv4 destinationipaddress <IP address> [<IP mask>] Defines a destination IP address for the ACL. If defined, traffic with this destination IP address will match this ACL. Command mode: Global configuration no accesscontrol list <1‐256> ipv4 destinationipaddress Deletes the configured destination IP address for the specified ACL. Command mode: Global configuration accesscontrol list <1‐256> ipv4 protocol <0‐255> Defines an IP protocol for the ACL. If defined, traffic from the specified protocol matches this filter. Specify the protocol number. Listed below are some of the well‐known protocols. Number Name icmp igmp ospf vrrp Command mode: Global configuration no accesscontrol list <1‐256> ipv4 protocol Deletes the configured IP protocol for the specified ACL. Command mode: Global configuration accesscontrol list <1‐256> ipv4 sourceipaddress <IP address> [<IP mask>] Defines a source IP address for the ACL. If defined, traffic with this source IP address will match this ACL. Specify an IP address in dotted decimal notation. Command mode: Global configuration no accesscontrol list <1‐256> ipv4 sourceipaddress Deletes the configured source IP address for the specified ACL. Command mode: Global configuration accesscontrol list <1‐256> ipv4 typeofservice <0‐255>...
Page 422
Table 196. TCP/UDP Filtering Configuration Options Command Syntax and Usage accesscontrol list <1‐256> tcpudp destinationport <1‐65535> [<mask (0xFFFF)>] Defines a destination port for the ACL. If defined, traffic with the specified TCP or UDP destination port will match this ACL. Specify the port number, just as with sourceport. Command mode: Global configuration no accesscontrol list <1‐256> tcpudp destinationport Disables the configured destination port for the specified ACL. Command mode: Global configuration accesscontrol list <1‐256> tcpudp flags <value (0x0‐0x3f)> [<mask (0x0‐0x3f)>] Defines a TCP/UDP flag for the ACL. Command mode: Global configuration no accesscontrol list <1‐256> tcpudp flags Disables the configured TCP/UDP flag for the specified ACL. Command mode: Global configuration default accesscontrol list <1‐256> tcpudp Resets the TCP/UDP parameters for the ACL to their default values. Command mode: Global configuration show accesscontrol list <1‐256> tcpudp Displays the current TCP/UDP Filtering parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
ACL Metering Configuration These commands define the Access Control profile for the selected ACL. Table 198. ACL Metering Configuration Options Command Syntax and Usage accesscontrol list <1‐256> meter action {drop|pass} Configures the ACL Meter to either drop or pass out‐of‐profile traffic. Command mode: Global configuration accesscontrol list <1‐256> meter committedrate <64‐40000000> Configures the committed rate, in kilobits per second. The committed rate must be a multiple of 64. Command mode: Global configuration [no] accesscontrol list <1‐256> meter enable Enables or disables ACL Metering. Command mode: Global configuration accesscontrol list <1‐256> meter maximumburstsize <32‐4096> Configures the maximum burst size, in kilobits. Enter one of the following values for mbsize: 32, 64, 128, 256, 512, 1024, 2048, 4096. Command mode: Global configuration default accesscontrol list <1‐256> meter Sets the ACL meter configuration to its default values. Command mode: Global configuration no accesscontrol list <1‐256> meter Disables the selected ACL meter. Command mode: Global configuration show accesscontrol list <1‐256> meter Displays current ACL Metering parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Re-Marking Out-Profile Configuration The following table displays Re‐Marking Out‐Profile configuration commands: Table 201. ACL Re‐Marking Out‐of‐Profile Options Command Syntax and Usage accesscontrol list <1‐256> remark outprofile dscp <0‐63> Re‐marks the DSCP value on out‐of‐profile packets for the ACL. Command mode: Global configuration no accesscontrol list <1‐256> remark outprofile Disables re‐marking on out‐of‐profile traffic. Command mode: Global configuration ACL VxLAN Configuration The following table displays ACL Virtual Extensible LAN (VxLAN) configuration options. Table 202. ACL VxLAN Configuration Options Command Syntax and Usage accesscontrol list <1‐256> vxlan vnid <VNID (1‐16777215)> Configures the ACL VxLAN Virtual Network ID (VNID). Command mode: Global configuration no accesscontrol list <1‐256> vxlan vnid Removes the ACL VxLAN VNID. Command mode: Global configuration no accesscontrol list <1‐256> vxlan Deletes the ACL VxLAN configuration. Command mode: Global configuration default accesscontrol list <1‐256> vxlan Resets the ACL VxLAN configuration to its default value. Command mode: Global configuration show accesscontrol list <1‐256> vxlan Displays the current ACL VxLAN Filtering parameters. To view a sample ...
IPv6 Filtering Configuration These commands allow you to define IPv6 matching criteria for an ACL. Table 204. IP version 6 Filtering Options Command Syntax and Usage accesscontrol list6 <1‐128> ipv6 destinationaddress <IPv6 address> [<prefix length (1‐128)>] Defines a destination IPv6 address for the ACL. If defined, traffic with this destination address will match this ACL. Command mode: Global configuration no accesscontrol list6 <1‐128> ipv6 destinationaddress Deletes the configured destination IPv6 address for the specified ACL. Command mode: Global configuration accesscontrol list6 <1‐128> ipv6 flowlabel <0‐1048575> Defines the flow label for the ACL. If defined, traffic with this flow label will match this ACL. Command mode: Global configuration no accesscontrol list6 <1‐128> ipv6 flowlabel Deletes the configured flow label for the specified ACL. Command mode: Global configuration accesscontrol list6 <1‐128> ipv6 nextheader <0‐255> Defines the next header value for the ACL. If defined, traffic with this next header value will match this ACL. Command mode: Global configuration no accesscontrol list6 <1‐128> ipv6 nextheader Deletes the configured next header for the specified ACL. Command mode: Global configuration accesscontrol list6 <1‐128> ipv6 sourceaddress <IPv6 address> [<prefix length (1‐128)>] Defines a source IPv6 address for the ACL. If defined, traffic with this source address will match this ACL. Command mode: Global configuration no accesscontrol list6 <1‐128> ipv6 sourceaddress Deletes the configured source IPv6 address for the specified ACL. Command mode: Global configuration accesscontrol list6 <1‐128> ipv6 trafficclass <0‐255>...
Page 430
Table 205. IPv6 ACL TCP/UDP Filtering Options Command Syntax and Usage accesscontrol list6 <1‐128> tcpudp destinationport <destination port number (1‐65535)> [<mask (0xFFFF)>] Defines a destination port for the ACL. If defined, traffic with the specified TCP or UDP destination port will match this ACL. Specify the port number, just as with sourceport above. Command mode: Global configuration no accesscontrol list6 <1‐128> tcpudp destinationport Deletes the configured IPv6 destination‐port for the specified ACL. Command mode: Global configuration accesscontrol list6 <1‐128> tcpudp flags <value (0x0‐0x3f)> [<mask (0x0‐0x3f)>] Defines a TCP/UDP flag for the ACL. Command mode: Global configuration no accesscontrol list6 <1‐128> tcpudp flags Deletes the configured TCP/UDP flag for the specified ACL. Command mode: Global configuration default accesscontrol list6 <1‐128> tcpudp Resets the TCP/UDP parameters for the ACL to their default values. Command mode: Global configuration show accesscontrol list6 <1‐128> tcpudp Displays the current TCP/UDP Filtering parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 432
IPv6 Re-Marking Out-Profile Configuration The following table displays IPv6 Re‐Marking Out‐Profile configuration commands: Table 208. IPv6 ACL Re‐Marking Out‐of‐Profile Options Command Syntax and Usage accesscontrol list6 <1‐128> remark outprofile dscp <0‐63> Re‐marks the DSCP value on out‐of‐profile packets for the ACL. Command mode: Global configuration no accesscontrol list6 <1‐128> remark outprofile Disables re‐marking on out‐of‐profile traffic. Command mode: Global configuration show accesscontrol list6 <1‐128> remark Displays current re‐mark parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
ACL Log Configuration These commands allow you to define filtering criteria for each IPv6 Access Control List (ACL) log. Table 210. ACL Log Configuration Options Command Syntax and Usage [no] accesscontrol list <1‐256> log Enables or disables Access Control List logging. Command mode: Global configuration [no] accesscontrol list6 <1‐128> log Enables or disables IPv6 Access Control List logging. Command mode: Global configuration accesscontrol log interval <5‐600> Sets the filter log displaying interval in seconds. The default setting is 300 seconds. Command mode: Global configuration accesscontrol log ratelimit <1‐1000> Sets the filter log queue rate limit in packets per second (pps). The default settings is 10 pps. Command mode: Global configuration default accesscontrol log [interval|ratelimit] Resets the specified filter log parameters to their default values. Command mode: Global configuration show accesscontrol log Displays the current ACL log parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Management ACL Configuration These commands allow you to define filtering criteria for each management ACL (MACL). Note: Management ACLs (MACLs) are not supported on the management port, only on data ports. Table 212. MACL Configuration Options Command Syntax and Usage accesscontrol macl <1‐256> action {permit|deny| |setpriority <0‐7>} Configures a filter action for packets that match the MACL definitions. You can choose to permit (pass), deny (drop) packets or set the 802.1p priority level (0‐7). Command mode: Global configuration [no] accesscontrol macl <1‐256> enable Enables or disables the management ACL. Command mode: Global configuration [no] accesscontrol macl <1‐256> statistics Enables or disables the statistics collection for the MACL. Command mode: Global configuration show accesscontrol macl <1‐256> Displays the current MACL parameters. Command mode: All MACL IPv4 Filtering Configuration These commands allow you to define IPv4 matching criteria for an MACL. Table 213. IP version 4 Filtering Configuration Options Command Syntax and Usage accesscontrol macl <1‐256> ipv4 destinationipaddress <IP address> [<IP mask>] Defines a destination IP address for the MACL. If defined, traffic with this ...
MACL TCP/UDP Filtering Configuration These commands allow you to define TCP/UDP matching criteria for an MACL. Table 214. TCP/UDP Filtering Configuration Options Command Syntax and Usage accesscontrol macl <1‐256> tcpudp sourceport <1‐65535> [<mask (0xFFFF)>] Defines a source port for the MACL. If defined, traffic with the specified TCP or UDP source port will match this MACL. Specify the port number. Listed below are some of the well‐known ports: Number Name ftpdata telnet smtp time name whois domain tftp gopher finger http Command mode: Global configuration no accesscontrol macl <1‐256> tcpudp sourceport Deletes the configured source port for the specified MACL. Command mode: Global configuration accesscontrol macl <1‐256> tcpudp destinationport <1‐65535> [<mask (0xFFFF)>] Defines a destination port for the MACL. If defined, traffic with the specified TCP or UDP destination port will match this MACL. Specify the port number, just as with sourceport above. Command mode: Global configuration no accesscontrol macl <1‐256> tcpudp destinationport Deletes the configured destination port for the specified MACL.
VMAP Configuration A VLAN Map is an Access Control List (ACL) that can be assigned to a VLAN or a VM group instead of a port. In a virtualized environment where Virtual Machines move between physical servers, VLAN Maps allow you to create traffic filtering and metering policies associated with a VM’s VLAN. For more information about VLAN Map configuration commands, see “Access Control List Configuration” on page 417. For more information about assigning VLAN Maps to a VLAN, see “VLAN Configuration” on page 493. For more information about assigning VLAN Maps to a VM group, see “VM Group Configuration” on page 639. The following table lists the general VMAP configuration commands. Table 215. VMAP Configuration Options Command Syntax and Usage accesscontrol vmap <1‐128> action {permit|deny|setpriority <0‐7>} Configures a filter action for packets that match the VMAP definitions. You can choose to permit (pass) or deny (drop) packets or set the 802.1p priority level. Command mode: Global configuration accesscontrol vmap <1‐128> action redirect {port <port alias or number>|portchannel <1‐208>} Configures the switch to redirect traffic that matches the VMAP definitions to a specific port or Link Aggregation Group (LAG). Command mode: Global configuration accesscontrol vmap <1‐128> egressport <port alias or number> Configures the VMAP to function on egress packets. Command mode: Global configuration no accesscontrol vmap <1‐128> egressport Disables the VMAP to function on egress packets. Command mode: Global configuration accesscontrol vmap <1‐128> ethernet destinationmacaddress <MAC address> [<MAC mask>] Defines the destination MAC address for the VMAP.
Page 442
Table 215. VMAP Configuration Options Command Syntax and Usage accesscontrol vmap <1‐128> ipv4 destinationipaddress <IPv4 address> [<IPv4 mask>] Enables filtering of VMAP statistics collection based on destination IP address. Command mode: Global configuration no accesscontrol vmap <1‐128> ipv4 destinationipaddress Disables filtering of VMAP statistics collection based on destiantion IP address. Command mode: Global configuration accesscontrol vmap <1‐128> ipv4 protocol <0‐255> Enables filtering of VMAP statistics collection based on protocol. Command mode: Global configuration no accesscontrol vmap <1‐128> ipv4 protocol Disables filtering of VMAP statistics collection based on protocol. Command mode: Global configuration accesscontrol vmap <1‐128> ipv4 sourceipaddress <IPv4 address> [<IPv4 mask>] Enables filtering of VMAP statistics collection based on source IP address. Command mode: Global configuration no accesscontrol vmap <1‐128> ipv4 sourceipaddress Disables filtering of VMAP statistics collection based on source IP address. Command mode: Global configuration accesscontrol vmap <1‐128> ipv4 typeofservice <0‐255> Enables filtering of VMAP statistics collection based on type of service. Command mode: Global configuration no accesscontrol vmap <1‐128> ipv4 typeofservice Disables filtering of VMAP statistics collection based on type of service. Command mode: Global configuration default accesscontrol vmap <1‐128> ipv4 Resets the IPv4 parameters for the VMAP to their default values. Command mode: Global configuration accesscontrol vmap <1‐128> meter action {drop|pass} Sets VMAP port metering to drop or pass out‐of‐profile traffic. Command mode: Global configuration accesscontrol vmap <1‐128> meter committedrate <64‐40000000>...
Page 444
Table 215. VMAP Configuration Options Command Syntax and Usage default accesscontrol vmap <1‐128> packetformat Resets the VMAP packet‐format configuration to its default values. Command mode: Global configuration accesscontrol vmap <1‐128> remark dot1p <0‐7> Sets the VMAP re‐mark configuration user update priority. Command mode: Global configuration no accesscontrol vmap <1‐128> remark dot1p Disables the use of dot1p for in‐profile traffic VMAP re‐mark configuration. Command mode: Global configuration accesscontrol vmap <1‐128> remark {inprofile|outprofile} dscp <0‐63> Sets the VMAP re‐mark configuration user update priority for in‐profile or out‐profile traffic. Command mode: Global configuration no accesscontrol vmap <1‐128> remark {inprofile| |outprofile} Removes all re‐mark in‐profile or out‐profile settings. Command mode: Global configuration no accesscontrol vmap <1‐128> remark inprofile dscp Disables the use of DSCP for in‐profile traffic. Command mode: Global configuration [no] accesscontrol vmap <1‐128> remark usetosprecedence Enables or disables the use of the TOS precedence for in‐profile traffic. Command mode: Global configuration default accesscontrol vmap <1‐128> remark Resets the VMAP re‐mark parameters to their default values. Command mode: Global configuration no accesscontrol vmap <1‐128> remark Disables re‐marking for the specified VMAP. Command mode: Global configuration [no] accesscontrol vmap <1‐128> statistics Enables or disables statistics for this access control list. Command mode: Global configuration G8332 Command Reference for ENOS 8.4...
Port Mirroring Port Mirroring is disabled by default. For more information about port mirroring on the G8332, see “Appendix A: Troubleshooting” in the Lenovo RackSwitch G8332 Application Guide for Lenovo Enterprise Network Operating System 8.4. Port Mirroring commands are used to configure, enable and disable the monitor port. When enabled, network packets being sent and/or received on a target port are duplicated and sent to a monitor port. By attaching a network analyzer to the monitor port, you can collect detailed information about your network performance and usage. Table 216. Port Mirroring Configuration Options Command Syntax and Usage [no] portmirroring enable Enables or disables port mirroring. Command mode: Global configuration show portmirroring Displays current settings of the mirrored and monitoring ports. Command mode: All Port-Mirroring Configuration The following table describes the Port Mirroring commands. Table 217. Port‐Based Port‐Mirroring Configuration Options Command Syntax and Usage portmirroring monitorport <port alias or number> mirroringport <port alias or number> {in|out|both} Adds the port to be mirrored. This command also allows you to enter the direction of the traffic. It is necessary to specify the direction because: If the source port of the frame matches the mirrored port and the mirrored direction is ingress or both (ingress and egress), the frame is sent to the monitoring port.
802.1X Global Configuration The global 802.1X commands allow you to configure parameters that affect all ports in the switch. Table 220. 802.1X Global Configuration Options Command Syntax and Usage dot1x maxrequest <1‐10> Sets the maximum number of times the authenticator retransmits an EAP‐Request packet to the supplicant (client). The default value is 2. Command mode: Global configuration dot1x mode {forceunauthorized|auto|forceauthorized} Sets the type of access control for all ports: forceunauthorized ‐ the port is unauthorized unconditionally. auto ‐ the port is unauthorized until it is successfully authorized by the RADIUS server. forceauthorized ‐ the port is authorized unconditionally, allowing all traffic. The default value is forceauthorized. Command mode: Global configuration dot1x quiettime <0‐65535> Sets the time, in seconds, the authenticator waits before transmitting an EAP‐Request/ Identity frame to the supplicant (client) after an authentication failure in the previous round of authentication. The default value is 60 seconds. Command mode: Global configuration [no] dot1x reauthenticate Sets the re‐authentication status to on or off. The default value is off. Command mode: Global configuration dot1x reauthenticationinterval <1‐604800> Sets the time, in seconds, the authenticator waits before re‐authenticating a ...
802.1X Guest VLAN Configuration The 802.1X Guest VLAN commands allow you to configure a Guest VLAN for unauthenticated ports. The Guest VLAN provides limited access to switch functions. Table 221. 802.1X Guest VLAN Configuration Options Command Syntax and Usage [no] dot1x guestvlan enable Enables or disables the 802.1X Guest VLAN. Command mode: Global configuration dot1x guestvlan vlan <VLAN ID (1‐4094)> Configures the Guest VLAN number. Command mode: Global configuration no dot1x guestvlan vlan Removes the Guest VLAN number. Command mode: Global configuration show dot1x Displays current 802.1X parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 452
Table 222. 802.1X Port Options (continued) Command Syntax and Usage dot1x servertimeout <1‐65535> Sets the time, in seconds, the authenticator waits for a response from the RADIUS server before declaring an authentication timeout. The default value is 30 seconds. The time interval between transmissions of the RADIUS Access‐Request packet containing the supplicant’s (client’s) EAP‐Response packet is determined by the current setting of the radiusserver timeout <1‐10> command. Command mode: Interface port dot1x supplicanttimeout <1‐65535> Sets the time, in seconds, the authenticator waits for an EAP‐Response packet from the supplicant (client) before retransmitting the EAP‐Request packet from the authentication server. The default value is 30 seconds. Command mode: Interface port dot1x transmitinterval <1‐65535> Sets the time, in seconds, the authenticator waits for an EAP‐Response/Identity frame from the supplicant (client) before retransmitting an EAP‐Request/Identity frame. The default value is 30 seconds. Command mode: Interface port [no] dot1x vlanassign Sets the dynamic VLAN assignment status to on or off. The default value is off. Command mode: Interface port default dot1x Resets the 802.1X port parameters to their default values. Command mode: Interface port show interface port <port alias or number> dot1x Displays current 802.1X port parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 454
Table 223. Spanning Tree Configuration Options (continued) Command Syntax and Usage spanningtree guard loop Enables STP loop guard. STP loop guard prevents the port from forwarding traffic if no BPDUs are received. The port is placed into a loop‐inconsistent blocking state until a BPDU is received. Command mode: Interface port/Interface portchannel spanningtree guard root Enables STP root guard. STP root guard enforces the position of the root bridge. If the bridge receives a superior BPDU, the port is placed into a root‐inconsistent state (listening). Command mode: Interface port/Interface portchannel spanningtree guard none Disables STP loop guard and root guard. Command mode: Interface port/Interface portchannel no spanningtree guard Sets the Spanning Tree guard parameters to their default values. Command mode: Interface port/Interface portchannel [no] spanningtree linktype {p2p|shared|auto} Defines the type of link connected to the port, as follows: auto: Configures the port to detect the link type, and automatically match its settings. p2p: Configures the port for Point‐To‐Point protocol. shared: Configures the port to connect to a shared medium (usually a hub). The default link type is auto. Command mode: Interface port/Interface portchannel [no] spanningtree portfast Enables or disables this port as portfast or edge port. An edge port is not connected to a bridge and can begin forwarding traffic as soon as the link is up. Configures server ports as edge ports (enabled). Note: After you configure the port as an edge port, you must disable the port and then re‐enable the port for the change to take effect.
MSTP Configuration Up to 32 Spanning Tree Groups can be configured in MSTP mode. MSTP is turned off by default and the default STP mode is PVRST. Note: When Multiple Spanning Tree is turned on, VLAN 4095 is moved from Spanning Tree Group 128 to the Common Internal Spanning Tree (CIST). When Multiple Spanning Tree is turned off, VLAN 4095 is moved back to Spanning Tree Group 128. Table 224. Multiple Spanning Tree Configuration Options Command Syntax and Usage spanningtree mst configuration Enables MSTP configuration mode. Command mode: Global configuration [no] spanningtree mst <0‐32> enable Enables or disables the specified MSTP instance. Command mode: Global configuration spanningtree mst <0‐32> priority <0‐65535> Configures the bridge priority for the specified MSTP instance. The bridge priority parameter controls which bridge on the network is the MSTP root bridge. To make this switch the root bridge, configure the bridge priority lower than all other switches and bridges on your network. The lower the value, the higher the bridge priority. The range is 0 to 65535, in steps of 4096 (0, 4096, 8192, 12288 ...) and the default value is 32768. Command mode: Global configuration no spanningtree mst <0‐32> priority Resets the bridge priority for the specified MSTP instance to the default value of 32768. Command mode: Global configuration spanningtree mst forwardtime <4‐30> Configures the forward delay time in seconds. The forward delay parameter specifies the amount of time that a bridge port has to wait before it changes from the discarding and learning states to the forwarding state. The default value is 15. Command mode: Global configuration spanningtree mst maxage <6‐40>...
Page 458
Table 224. Multiple Spanning Tree Configuration Options (continued) Command Syntax and Usage show spanningtree mst configuration Displays the current MSTP settings. Command mode: All show spanningtree mst <0‐32> information Displays current MST information for the specified instance. Command mode: All MSTP Port Configuration MSTP port parameters are used to modify MSTP operation on an individual port basis. MSTP parameters do not affect operation of RSTP/PVRST. For each port, RSTP/PVRST/MSTP is turned on by default. Table 225. MSTP Port Configuration Options Command Syntax and Usage spanningtree mst <0‐32> cost <0‐200000000> Configures the port path cost for the specified MSTP instance. The port path cost is used to help determine the designated port for a segment. Port path cost is based on the port speed, and is calculated as follows: 1Gbps = 20000 10Gbps = 2000 The default value of 0 (zero) indicates that the default path cost will be computed for an auto negotiated link speed. Command mode: Interface port/Interface portchannel [no] spanningtree mst <0‐32> enable Enables or disables the specified MSTP instance on the port. Command mode: Interface port/Interface portchannel spanningtree mst <0‐32> portpriority <0‐240>...
RSTP/PVRST Configuration The following table describes the commands used to configure the Rapid Spanning Tree (RSTP) and Per VLAN Rapid Spanning Tree Protocol (PVRST) protocols. Table 226. RSTP/PVRST Configuration Options Command Syntax and Usage boot spanningtree maxinstances {128|256} Configures the maximum number of Spanning Tree Groups (STGs) that can be used on the switch. The default value is 128. Note: The switch needs to be reloaded for the configuration to take effect. Command mode: Global configuration no boot spanningtree maxinstances Reset the maximum number of STGs available on the switch to the default value of 128. Note: The switch needs to be reloaded for the configuration to take effect. Command mode: Global configuration [no] spanningtree stp <1‐128> enable Globally enables or disables Spanning Tree Protocol. STG is turned on by default. Command mode: Global configuration spanningtree stp <1‐128> vlan <VLAN ID (1‐4094)> Associates a VLAN with a Spanning Tree Group and requires a VLAN ID as a parameter. If the VLAN does not exist, it will be created automatically, but it will not be enabled by default. Command mode: Global configuration no spanningtree stp <1‐128> vlan {<VLAN ID (1‐4094)>|all} Breaks the association between a specified VLAN or all VLANs and a Spanning Tree Group and requires a VLAN ID as a parameter. Command mode: Global configuration default spanningtree stp <1‐128> Restores a Spanning Tree instance to its default configuration. Command mode: Global configuration G8332 Command Reference for ENOS 8.4...
Page 462
Bridge RSTP/PVRST Configuration Spanning Tree bridge parameters affect the global STG operation of the switch. STG bridge parameters include: Bridge priority Bridge hello time Bridge maximum age Forwarding delay When configuring STG bridge parameters, the following formulas must be used: 2 × (forwarding delay ‐ 1) > bridge maximum age 2 × (bridge hello time + 1) < bridge maximum age Table 227. Bridge Spanning Tree Configuration Options Command Syntax and Usage spanningtree stp <1‐128> bridge forwarddelay <4‐30> Configures the bridge forward delay parameter. The forward delay parameter specifies the amount of time that a bridge port has to wait before it changes from the discarding and learning states to the forwarding state. The range is 4 to 30 seconds and the default is 15 seconds. Note: This command does not apply to MSTP. Command mode: Global configuration no spanningtree stp <1‐128> bridge forwarddelay Resets the bridge forward delay parameter to its default value of 15 seconds. Command mode: Global configuration spanningtree stp <1‐128> bridge hellotime <1‐10> Configures the bridge Hello time.The Hello time specifies how often the bridge transmits a configuration bridge protocol data unit (BPDU). Any bridge that is not the root bridge uses the root bridge Hello value. The range is 1 to 10 seconds and the default is 2 seconds. Note: This command does not apply to MSTP.
Page 464
RSTP/PVRST Port Configuration By default, Spanning Tree is turned off for management ports, and turned on for data ports. STG port parameters include: Port priority Port path cost Table 228. Spanning Tree Port Options Command Syntax and Usage [no] spanningtree stp <1‐128> enable Enables or disables STG on the port. Command mode: Interface port/Interface portchannel spanningtree stp <1‐128> pathcost <1‐200000000, 0 for default)> Configures the port path cost. The port path cost is used to help determine the designated port for a segment. Port path cost is based on the port speed, and is calculated as follows: 1Gbps = 20000 10Gbps = 2000 The default value of 0 (zero) indicates that the default path cost will be computed for an auto negotiated link speed. Command mode: Interface port/Interface portchannel spanningtree stp <1‐128> priority <0‐240> Configures the port priority. The port priority helps determine which bridge port becomes the designated port. In a network topology that has multiple bridge ports connected to a single segment, the port with the lowest port priority becomes the designated port for the segment. The default value is 128. RSTP/PVRST: The range is 0 to 240, in steps of 16 (0, 16, 32...). Command mode: Interface port/Interface portchannel default spanningtree stp <1‐128> Resets the STG configuration to its default settings. Command mode: Interface port/Interface portchannel show interface port <port alias or number> spanningtree stp <1‐128>...
Static Multicast MAC Configuration The following options are available to control the forwarding of known and unknown multicast packets: All multicast packets are flooded to the entire VLAN. This is the default switch behavior. Known multicast packets are forwarded only to those ports specified. Unknown multicast packets are flooded to the entire VLAN. To configure this option, define the Multicast MAC address for the VLAN and specify ports that are to receive multicast packets (macaddresstable multicast). Known multicast packets are forwarded only to those ports specified. Unknown multicast packets are dropped. To configure this option: Define the Multicast MAC address for the VLAN and specify ports that are to receive multicast packets (macaddresstable multicast). Enable Flood Blocking on ports that are not to receive multicast packets (interface port <port alias or number>) (floodblocking). Use the following commands to configure static Multicast MAC entries in the Forwarding Database (FDB). Table 230. Static Multicast MAC Configuration Options Command Syntax and Usage [no] macaddresstable multicast <MAC address> <VLAN ID (1‐4094)> <port alias or number> Adds or removes a static multicast entry. You can list ports separated by a comma ( , ) or enter a range of ports separated by a hyphen ( ). For example: macaddresstable multicast 01:00:00:23:3f:01 200 14 Command mode: Global configuration [no] macaddresstable multicast <MAC address> port <port alias or number> Adds or removes a static multicast entry for Network Load Balancing (NLB). ...
Page 468
Table 231. FDB Configuration Options Command Syntax and Usage no macaddresstable static <MAC address> <VLAN ID (1‐4094)> Deletes permanent FDB entries. Note: Available if routing is disabled on the port. Command mode: Global configuration no macaddresstable static all [mac <MAC address>| vlan <VLAN ID (1‐4094)>] Deletes all permanent FBD entries. mac deletes all permanent entries that use the specified MAC address vlan deletes all permanent entries that use the specified vlan Note: Available if routing is disabled on the port. Command mode: Global configuration no macaddresstable static all interface {port <port alias or number>|portchannel <1‐104>|adminkey <1‐65535>} Deletes all permanent FBD entries that use the specified port, Link Aggregation Group (LAG) or LACP admin key. Command mode: Global configuration show macaddresstable Display current FDB configuration. Command mode: All G8332 Command Reference for ENOS 8.4...
LLDP Configuration Use the following commands to configure Link Layer Detection Protocol (LLDP). Table 233. LLDP Configuration Options Command Syntax and Usage [no] lldp enable Globally enables or disables LLDP. The default setting is enabled. Command mode: Global configuration lldp holdtimemultiplier <2‐10> Configures the message hold time multiplier. The hold time is configured as a multiple of the message transmission interval. The default value is 4. Command mode: Global configuration no lldp holdtimemultiplier Resets the message hold time multiplier to its default value of 4. Command mode: Global configuration lldp refreshinterval <5‐32768> Configures the message transmission interval, in seconds. The default value is 30 seconds. Command mode: Global configuration no lldp refreshinterval Resets the message transmission interval to its default value of 30 seconds. Command mode: Global configuration lldp reinitdelay <1‐10> Configures the re‐initialization delay interval, in seconds. The re‐initialization delay allows the port LLDP information to stabilize before transmitting LLDP messages. The default value is 2 seconds. Command mode: Global configuration no lldp reinitdelay Resets the re‐initialization delay interval to its default value of 2 seconds. Command mode: Global configuration lldp transmissiondelay <1‐8192> Configures the transmission delay interval, in seconds. The transmit delay timer represents the minimum time permitted between successive LLDP ...
LLDP Optional TLV configuration Use the following commands to configure LLDP port TLV (Type, Length, Value) options for the selected port. Table 235. Optional TLV Options Command Syntax and Usage [no] lldp tlv all Enables or disables all optional TLV information types. Command mode: Interface port [no] lldp tlv dcbx Enables or disables the DCBX information type. Command mode: Interface port [no] lldp tlv framesz Enables or disables the Maximum Frame Size information type. Command mode: Interface port [no] lldp tlv linkaggr Enables or disables the Link Aggregation information type. Command mode: Interface port [no] lldp tlv macphy Enables or disables the MAC/Phy Configuration information type. Command mode: Interface port [no] lldp tlv mgmtaddr Enables or disables the Management Address information type. Command mode: Interface port [no] lldp tlv portdesc Enables or disables the Port Description information type. Command mode: Interface port [no] lldp tlv portprot Enables or disables the Port and VLAN Protocol ID information type. Command mode: Interface port [no] lldp tlv portvid Enables or disables the Port VLAN ID information type. Command mode: Interface port G8332 Command Reference for ENOS 8.4...
The two types of aggregation can be configured using the following portchannel ranges: static LAGs: 1‐104 LACP LAGs: 105‐208 Up to 104 static LAGs can be configured on the G8332, with the following restrictions: Any physical switch port can belong to no more than one LAG. Up to 32 ports can belong to the same LAG. You must configure all ports in a LAG with the same properties (speed, duplex, flow control, STG, VLAN and so on). ® Aggregation from non‐Lenovo devices must comply with Cisco ® EtherChannel technology. By default, each LAG is empty and disabled. Table 236. LAG Configuration Options Command Syntax and Usage [no] portchannel <1‐104> enable Enables or disables the current LAG. Command mode: Global configuration portchannel <1‐104> port <port alias or number> [enable] Adds a physical port or ports to the current LAG. You can add several ports, with each port separated by a comma ( , ) or a range of ports, separated by a dash ( ‐ ). The enable option also enables the current LAG. Command mode: Global configuration no portchannel <1‐104> port <port alias or number>...
Page 476
Table 237. LAG Hash Options Command Syntax and Usage [no] portchannel thash L4port Enables or disables use of Layer 4 service ports (TCP, UDP and so on) to compute the hash value. The default setting is disabled. Command mode: Global configuration show portchannel hash Display current LAG hash configuration. Command mode: All G8332 Command Reference for ENOS 8.4...
Layer 3 Link Aggregation Group (LAG) Hash Layer 3 Link Aggregation Group (LAG) hash parameters are set globally. You can enable one or both parameters, to configure any of the following valid combinations: SIP (source IP only) DIP (destination IP only) SIP and DIP Use the following commands to configure Layer 3 LAG hash parameters for the switch. Table 239. Layer 3 LAG Hash Options Command Syntax and Usage portchannel thash l3thash l3destinationipaddress Enables Layer 3 LAG hashing on the destination IP address. Command mode: Global configuration portchannel thash l3thash l3sourceipaddress Enables Layer 3 LAG hashing on the source IP address. Command mode: Global configuration portchannel thash l3thash l3sourcedestinationip Enables Layer 3 LAG hashing on both the source and the destination IP address. Command mode: Global configuration portchannel thash l3thash l3usel2hash Enables use of Layer 2 hash parameters only. When enabled, Layer 3 hashing parameters are cleared. Command mode: Global configuration show portchannel hash Displays the current LAG hash settings.
Page 480
Table 240. vLAG Configuration Options Command Syntax and Usage [no] vlag portchannel <1‐104> enable Enables or disables vLAG on the selected LAG. Command mode: Global configuration vlag priority <0‐65535> Configures the vLAG priority for the switch, used for election of Primary and Secondary vLAG switches. The switch with lower priority is elected to the role of Primary vLAG switch. Command mode: Global configuration no vlag priority Resets the vLAG priority of the switch to its default value of 0. Command mode: Global configuration vlag startupdelay <0‐3600> Sets, in seconds, the vLAG startup delay interval. The default value is 120 seconds. Command mode: Global configuration no vlag startupdelay Sets the vLAG startup‐delay timer to the default 120 seconds duration. Command mode: Global configuration vlag tierid <1‐512> Sets the vLAG peer ID. Command mode: Global configuration no vlag tierid Resets the vLAG peer ID to its default value of 0. Command mode: Global configuration [no] vlag vrrp active Enables or disables vLAG VRRP active mode. Note: If active mode is disabled, the switch will be in passive mode. In active mode, Layer 3 traffic is forwarded in all vLAG related VRRP domains. In passive mode, Layer 3 traffic is forwarded in a vLAG related VRRP domain only if either the switch or its peer virtual router is the VRRP master. Command mode: Global configuration show vlag Displays current vLAG parameters.
vLAG ISL Configuration These commands allow you to configure a dedicated inter‐switch link (ISL) for synchronization between vLAG peers. Table 242. vLAG ISL Configuration Options Command Syntax and Usage vlag isl adminkey <1‐65535> Enables vLAG Inter‐Switch Link (ISL) on the selected LACP admin key. LACP Link Aggregation Groups (LAGs) formed with this admin key will be included in the ISL. Command mode: Global configuration no vlag isl adminkey Disables vLAG Inter‐Switch Link (ISL) for LACP admin keys. Command mode: Global configuration vlag isl portchannel <1‐104> Enables vLAG Inter‐Switch Link (ISL) on the selected LAG. Command mode: Global configuration no vlag isl portchannel Disables vLAG Inter‐Switch Link (ISL) for LAGs. Command mode: Global configuration show vlag isl Displays current vLAG Inter‐Switch Link (ISL) parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Table 243. Link Aggregation Control Protocol Options Command Syntax and Usage no lacp <1‐65535> Deletes a selected LACP LAG, based on its admin key. This command is equivalent to disabling LACP on each of the ports configured with the same admin key. Command mode: Global configuration show lacp Display current LACP configuration. Command mode: All LACP Port Configuration Use the following commands to configure Link Aggregation Control Protocol (LACP) for the selected port. Table 244. LACP Port Options Command Syntax and Usage lacp key <1‐65535> Set the admin key for this port. Only ports with the same admin key and oper key (operational state generated internally) can form a LACP LAG group. Command mode: Interface port/Interface portchannel default lacp key Resets the LACP admin key of the port to the default value. Command mode: Interface port/Interface portchannel lacp mode {off|active|passive} Set the LACP mode for this port, as follows: off turns LACP off for this port. You can use this port to manually configure a static LAG. active turns LACP on and set this port to active. Active ports initiate ...
Layer 2 Failover Configuration Use these commands to configure Layer 2 Failover. For more information about Layer 2 Failover, see “High Availability” in the Lenovo RackSwitch G8332 Application Guide for Lenovo Enterprise Network Operating System 8.4. Table 245. Layer 2 Failover Configuration Options Command Syntax and Usage [no] failover enable Globally enables or disables Layer 2 Failover. Command mode: Global configuration show failover trigger Displays current Layer 2 Failover parameters. Command mode: All Failover Trigger Configuration The following table describes the Failover Trigger commands. Table 246. Failover Trigger Configuration Options Command Syntax and Usage [no] failover trigger <1‐8> enable Enables or disables the Failover trigger. Command mode: Global configuration failover trigger <1‐8> limit <0‐1024> Configures the minimum number of operational links allowed within each trigger before the trigger initiates a failover event. If you enter a value of zero (0), the switch triggers a failover event only when no links in the trigger are operational. Command mode: Global configuration no failover trigger <1‐8>...
Failover Manual Monitor Control Configuration Use these commands to define the port link(s) to control. The Manual Monitor Control configuration accepts any non‐management port. Table 248. Failover Manual Monitor Control Options Command Syntax and Usage [no] failover trigger <1‐8> mmon control adminkey <1‐65535> Adds or removes an LACP admin key to the Manual Monitor Control configuration. LACP Link Aggregation Groups (LAGs) formed with this admin key will be included in the Manual Monitor Control configuration. Command mode: Global configuration [no] failover trigger <1‐8> mmon control member <port alias or number> Adds or removes the selected port to the Manual Monitor Control configuration. Command mode: Global configuration [no] failover trigger <1‐8> mmon control portchannel <1‐104> Adds or removes the selected LAG to the Manual Monitor Control configuration. Command mode: Global configuration show failover trigger <1‐8> Displays the current Failover settings. Command mode: All G8332 Command Reference for ENOS 8.4...
Hot Links Trigger Configuration The following table describes the Hot Links Trigger commands. Table 250. Hot Links Trigger Configuration Options Command Syntax and Usage [no] hotlinks trigger <1‐25> enable Enables or disables the Hot Links trigger. Command mode: Global configuration hotlinks trigger <1‐25> forwarddelay <0‐3600> Configures the Forward Delay interval, in seconds. The default value is 1 second. Command mode: Global configuration hotlinks trigger <1‐25> name <1‐32 characters> Defines a name for the Hot Links trigger. Command mode: Global configuration no hotlinks trigger <1‐25> name Removes the name of the specified Hot Links trigger. Command mode: Global configuration [no] hotlinks trigger <1‐25> preemption Enables or disables pre‐emption, which allows the Master interface to transition to the Active state whenever it becomes available. The default setting is enabled. Command mode: Global configuration no hotlinks trigger <1‐25> Deletes the Hot Links trigger. Command mode: Global configuration show hotlinks trigger <1‐25> Displays the current Hot Links trigger settings. Command mode: All G8332 Command Reference for ENOS 8.4...
Hot Links Backup Configuration Use the following commands to configure the Hot Links Backup interface. Table 252. Hot Links Backup Configuration Options Command Syntax and Usage hotlinks trigger <1‐25> backup adminkey <1‐65535> Adds an LACP admin key to the Hot Links Backup interface. LACP Link Aggregation Groups (LAGs) formed with this admin key will be included in the Hot Links Backup interface. Command mode: Global configuration no hotlinks trigger <1‐25> backup adminkey Clears all LACP admin keys on the Hot Links Backup interface. Command mode: Global configuration hotlinks trigger <1‐25> backup port <port alias or number> Adds the selected port to the Hot Links Backup interface. Command mode: Global configuration no hotlinks trigger <1‐25> backup port Clears all ports added to the Hot Links Backup interface. Command mode: Global configuration hotlinks trigger <1‐25> backup portchannel <1‐104> Adds the selected LAG to the Hot Links Backup interface. Command mode: Global configuration no hotlinks trigger <1‐25> backup portchannel Clears all LAGs added to the Hot Links Backup interface. Command mode: Global configuration show hotlinks trigger <1‐25> Displays the current Hot Links trigger settings. Command mode: All G8332 Command Reference for ENOS 8.4...
Table 253. VLAN Configuration Options Command Syntax and Usage [no] vmap <1‐128> [serverports|nonserverports] Adds or removes a VLAN Map to the VLAN membership. You can choose to limit operation of the VLAN Map to server ports only or non‐server ports only. If you do not select a port type, the VMAP is applied to the entire VLAN. Command mode: VLAN no vlan <VLAN ID (1‐4094)> Deletes the specified VLAN. Command mode: Global configuration show vlan information Displays the current VLAN configuration. Command mode: All Note: All ports must belong to at least one VLAN. Any port which is removed from a VLAN and which is not a member of any other VLAN is automatically added to default VLAN 1. You cannot remove a port from VLAN 1 if the port has no membership in any other VLAN. Also, you cannot add a port to more than one VLAN unless the port has VLAN tagging turned on. Protocol-Based VLAN Configuration Use the following commands to configure Protocol‐based VLAN for the selected VLAN. Table 254. Protocol VLAN Configuration Options Command Syntax and Usage [no] protocolvlan <protocol number (1‐8)> enable Enables or disables the selected protocol on the VLAN. Command mode: VLAN protocolvlan <protocol number (1‐8)> frametype {ether2|llc|snap} <ethernet type>...
Private VLAN Configuration Use the following commands to configure Private VLANs. Table 255. Private VLAN Options Command Syntax and Usage privatevlan association [add|remove] <secondary VLAN list> Configures Private VLAN mapping between a primary VLAN and secondary VLANs. If no optional parameter is specified, the list of secondary VLANs, replaces the currently associated secondary VLANs. Otherwise: add appends the secondary VLANs to the ones currently associated remove excludes the secondary VLANs from the ones currently associated Command mode: VLAN [no] privatevlan community Enables or disables the VLAN type as a community VLAN. Community VLANs carry upstream traffic from host ports. A Private VLAN may have multiple community VLANs. Command mode: VLAN [no] privatevlan isolated Enables or disables the VLAN type as an isolated VLAN. The isolated VLAN carries unidirectional traffic from host ports. A Private VLAN may have only one isolated VLAN. Command mode: VLAN [no] privatevlan primary Enables or disables the VLAN type as a Primary VLAN. A Private VLAN must have only one primary VLAN. The primary VLAN carries unidirectional traffic to ports on the isolated VLAN or to community VLAN. Command mode: VLAN show vlan privatevlan [type] Displays current parameters for the selected Private VLAN(s). type lists only the VLAN type for each private VLAN: community, isolated, or primary Command mode: All G8332 Command Reference for ENOS 8.4...
Layer 3 Configuration The following table describes basic Layer 3 Configuration commands. The following sections provide more detailed information and commands Table 257. Layer 3 Configuration Commands Command Syntax and Usage interface ip <1‐128> Configures the IP Interface. The G8332 supports up to 128 IP interfaces. To view command options, see page 500. Command mode: Global configuration ip pim component <1‐2> Enters Protocol Independent Multicast (PIM) component configuration mode. To view command options, see page 608. Command mode: Global configuration ip routerid <IP address> Sets the router ID. Command mode: Global configuration no ip routerid Removes the router ID. Command mode: Global configuration routemap <1‐255> Enters IP Route Map mode. To view command options, see page 519. Command mode: Global configuration router bgp Enters Border Gateway Protocol (BGP) configuration mode. To view command options, see page 557. Command mode: Global configuration router ospf Enters OSPF configuration mode. To view command options, see page 530.
IP Interface Configuration The G8332 supports up to 128 IP interfaces. Each IP interface represents the G8332 on an IP subnet on your network. Interface 127 and interface 128 are reserved for switch management. The interface option is disabled by default. Table 258. IP Interface Configuration Options Command Syntax and Usage interface ip <1‐128> Enter IP interface mode. Command mode: Global configuration [no] enable Enables or disables this IP interface. Command mode: Interface IP ip address <IP address> [<IP netmask>] [enable] Configures the IP address of the switch interface, using dotted decimal notation. The enable option also enables the IP interface. Command mode: Interface IP ip netmask <IP netmask> Configures the IP subnet address mask for the interface, using dotted decimal notation. Command mode: Interface IP ipv6 address <IPv6 address> [<IPv6 prefix length> [anycast]] [enable] Configures the IPv6 address of the switch interface, using hexadecimal format with colons. The anycast option configures the IPv6 address as an IPv6 anycast address. The enable option also enables the IP interface. Command mode: Interface IP ipv6 prefixlen <IPv6 prefix length (1‐128)> Configures the subnet IPv6 prefix length. The default value is 0 (zero). Command mode: Interface IP ipv6 secaddr6 address <IPv6 address> <IPv6 prefix length> [anycast] Configures the secondary IPv6 address of the switch interface, using hexadecimal format with colons. The anycast option configures the secondary IPv6 address as an IPv6 anycast address. Command mode: Interface IP no ipv6 secaddr6 address Removes the secondary IPv6 address.
Page 502
Table 258. IP Interface Configuration Options (continued) Command Syntax and Usage vlan <VLAN ID (1‐4094)> Configures the VLAN number for this interface. Each interface can belong to one VLAN. IPv4: Each VLAN can contain multiple IPv4 interfaces. IPv6: Each VLAN can contain only one IPv6 interface. Command mode: Interface IP no interface ip <1‐128> Removes this IP interface. Command mode: Global configuration show ip tenant [<1‐30>] Displays tenant information. Command mode: All show ip tenant info [<1‐30>] Displays tenant dynamic ACLs, including next‐hops. Command mode: All show interface ip [<1‐128>] Displays the current interface settings. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 504
Table 259. IPv6 Neighbor Discovery Configuration Options (continued) Command Syntax and Usage ipv6 nd rainterval <4‐1800> Configures the Router Advertisement maximum interval. The default value is 600 seconds. Note: Set the maximum RA interval to a value greater than or equal to 4/3 of the minimum RA interval. Command mode: Interface IP no ipv6 nd rainterval Resets the IPv6 Router Advertisement maximum interval to its default value of 600 seconds. Command mode: Interface IP ipv6 nd raintervalmin <3‐1350> Configures the Router Advertisement minimum interval. The default value is 198 seconds. Note: Set the minimum RA interval to a value less than or equal to 0.75 of the maximum RA interval. Command mode: Interface IP no ipv6 nd raintervalmin Resets the IPv6 Router Advertisement minimum interval to its default value of 198 seconds. Command mode: Interface IP ipv6 nd ralifetime <0‐9000> Configures the IPv6 Router Advertisement lifetime interval. The RA lifetime interval must be greater than or equal to the RA maximum interval (advint). The default value is 1800 seconds. Command mode: Interface IP no ipv6 nd ralifetime Resets the IPv6 Router Advertisement lifetime interval to its default value of 1800 seconds. Command mode: Interface IP ipv6 nd reachabletime <1‐3600> ipv6 nd reachabletime <1‐3600000> ms Configures the advertised reachability time, in seconds or milliseconds (ms). The default value is 30 seconds. Command mode: Interface IP no ipv6 nd reachabletime Resets the advertised reachability time to its default value of 30 seconds.
Default Gateway Configuration The switch can be configured with up to four IPv4 gateways, as follows: Gateway 1 and 2: data traffic Gateway 3: management traffic for interface 127 Gateway 4: management traffic for interface 128 This option is disabled by default. Table 260. IPv4 Default Gateway Options Command Syntax and Usage ip gateway <1‐4> address <IP address> [enable] Configures the IP address of the default IP gateway using dotted decimal notation. The enable option also enables the IP gateway. Command mode: Global configuration [no] ip gateway <1‐4> arphealthcheck Enables or disables Address Resolution Protocol (ARP) health checks. The default setting is disabled. Note: The arp option does not apply to management gateways. Command mode: Global configuration [no] ip gateway <1‐4> enable Enables or disables the gateway for use. Command mode: Global configuration ip gateway <1‐4> interval <0‐60> The switch pings the default gateway to verify that it’s up. This command sets the time between health checks. The range is from 0 to 60 seconds and the default is 2 seconds. Command mode: Global configuration ip gateway <1‐4> retry <1‐120> Sets the number of failed health check attempts required before declaring this default gateway inoperative. The range is from 1 to 120 attempts and the default is 8 attempts. Command mode: Global configuration no ip gateway <1‐4>...
Page 508
Table 261. IPv4 Static Route Configuration Options (continued) Command Syntax and Usage no ip route gateway <IP address> Clears all IP static routes that use this gateway. Command mode: Global configuration no ip route interface <IP interface number> Clears all IP static routes that use the specified IP interface. Command mode: Global configuration no ip route port <port alias or number> Clears all IP static routes that use the specified port. Command mode: Global configuration show ip route static Displays the current IP static routes. Command mode: All G8332 Command Reference for ENOS 8.4...
ARP Configuration Address Resolution Protocol (ARP) is a protocol used by the Internet Protocol (IP), specifically IPv4. ARP resolves a physical address from an IP address. ARP queries machines on the local network for their physical addresses. ARP also maintains IP to physical address pairs in its cache memory. In any IP communication, the ARP cache is consulted to see if the IP address of the computer or the router is present in the ARP cache. Then the corresponding physical address is used to send a packet. Table 263. ARP Configuration Options Command Syntax and Usage ip arp rearp <2‐120> Defines re‐ARP period, in minutes, for entries in the switch arp table. When ARP entries reach this value the switch will re‐ARP for the address to attempt to refresh the ARP cache. The default value is 5 minutes. Command mode: Global configuration show [ip] arp Displays the current ARP configurations. Command mode: All ARP Local Proxy Configuration By using ARP local proxy feature, the router mediates the ARP traffic performed within a subnet. Each ARP request is received by the router. In response, the router sends its own MAC address. Any traffic between hosts is forwarded via the routerʹs layer 3 interface. Note: For a routed interface, enabling ARP local proxy feature requires disabling all ICMP redirects. Table 264. ARP Local Proxy Configuration Options Command Syntax and Usage [no] ip localproxyarp Enables or disables the ARP local proxy.
Dynamic ARP Inspection Configuration Dynamic ARP Inspection (DAI) is a security feature that enables the device to intercept and examine all ARP request and response packets in a subnet and discard those packets with invalid IP to MAC address bindings. DAI uses information gathered by DHCP Snooping to validate ARP information that travels through ports marked as being not trusted. Table 266. Dynamic ARP Inspection Configuration Options Command Syntax and Usage [no] ip arp inspection vlan <VLAN ID (1‐4094)> Enables or disables DAI on the selected VLANs. Command mode: Global configuration [no] ip arp inspection trust Configures the current port to be a DAI trusted port. On a DAI trusted port, all ARP packets skip the security check. The default settings is untrusted. Note: Configuring trusted interfaces as being untrusted can result in a loss of connectivity. Command mode: Interface port [no] logging log arpinspection Enables or disables logging for DAI. The default setting is enabled. Command mode: Global configuration show ip arp inspection Displays the current DAI configuration settings. For mode details, see page Command mode: All G8332 Command Reference for ENOS 8.4...
Network Address Translation Configuration Network Address Translation (NAT) is a mechanism through which IP addresses are mapped from one realm to another in order to provide transparent routing to hosts. For more information about NAT, please refer to Lenovo RackSwitch G8332 Application Guide for Lenovo Enterprise Network Operating System 8.4. Table 268. NAT Configuration Options Command Syntax and Usage [no] ip nat enable Enables or disables NAT feature. The default setting is disabled. Command mode: Global configuration [no] ip nat inside destination static <outside local IP address> <outside global IP address> [oneway] Configures one‐to‐one translations of the outside local address to the outside global address. The oneway option restricts the NAT process to only translating local IP addresses to global IP addresses. Command mode: Global configuration [no] ip nat inside destination static {tcp|udp} <outside local IP address> <local TCP/UDP port number> <outside global IP address> <global TCP/UDP port number> [oneway] Configures one‐to‐one translations of the outside local address and local TCP/UDP port number to the outside global address and global TCP/UDP port number. The oneway option restricts the NAT process to only translating local IP addresses to global IP addresses. Command mode: Global configuration [no] ip nat inside source pool <pool name> pool <translation pool name> [overload] [oneway] Configures a mapping of multiple inside local IP addresses to multiple inside global IP addresses. The overload option maps multiple local IP addresses to a single global IP address. The oneway option restricts the NAT process to only translating local IP addresses to global IP addresses. Command mode: Global configuration [no] ip nat inside source static <inside local IP address>...
Page 516
Table 268. NAT Configuration Options Command Syntax and Usage [no] ip nat outside source static {tcp|udp} <outside global IP address> <global TCP/UDP port number> <outside local IP address> <local TCP/UDP port number> [oneway] Configures one‐to‐one translations of the outside global address and global TCP/UDP port number to the outside local address and local TCP/UDP port number. The oneway option restricts the NAT process to only translating global IP addresses to local IP addresses. Command mode: Global configuration ip nat pool <pool name> <start IP address> <end IP address> netmask <IP netmask> [portrange <start port> <end port>] Configures a NAT pool. A maximum number of 1000 pools can be configured. Command mode: Global configuration no ip nat pool <pool name> Deletes the specified NAT pool. Command mode: Global configuration no ip nat pools Deletes all NAT pools. Command mode: Global configuration [no] ip nat proxyarp enable Enables or disables NAT proxy arp. Command mode: Global configuration ip nat translation timeout <0‐4294967> Configures a timeout period for dynamic NAT translations. The default value is 300 seconds. Command mode: Global configuration no ip nat translation timeout Resets the timeout period for dynamic NAT translations to its default value of 300 seconds. Command mode: Global configuration no ip nat {all|static|dynamic} Deletes an entire category of configured translations. Command mode: Global configuration [no] ip nat {inside|outside} Configures a specific IP interface to be part of inside/outside realm.
Network Filter Configuration The following table describes the Network Filter commands. Table 269. IP Network Filter Configuration Options Command Syntax and Usage ip matchaddress <1‐256> <IP address> <IP netmask> Sets the starting IP address and IP Netmask for this filter to define the range of IP addresses that will be accepted by the peer when the filter is enabled. The default address is 0.0.0.0 0.0.0.0. Command mode: Global configuration. [no] ip matchaddress <1‐256> enable Enables or disables the Network Filter configuration. Command mode: Global configuration no ip matchaddress <1‐256> Deletes the Network Filter configuration. Command mode: Global configuration show ip matchaddress [<1‐256>] Displays the current the Network Filter configuration. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 520
Table 270. Routing Map Configuration Options (continued) Command Syntax and Usage no metric Removes the configured metric of the current route map. Command mode: Route map metrictype {1|2} Assigns the type of OSPF metric. Type 1—External routes are calculated using both internal and external metrics. Type 2—External routes are calculated using only the external metrics. Type 1 routes are preffered over Type 2. The default is Type 1. Command mode: Route map no metrictype Removes the OSPF metric of the current route map. Command mode: Route map precedence <1‐255> Sets the precedence of the route map. The smaller the value, the higher the precedence. The default value is 10. Command mode: Route map set community [<community string>|none] Sets the BGP community attribute. Enter up to 32 communities strings using the format, aa:nn. For example, 12:34. Valid strings are from 0:0 to 65535:65535. The none option removes the community attribute from prefix that passed the route‐map. Command mode: Route map no set community Removes the BGP community attribute from the route map configuration. Command mode: Route map weight <0‐65534> Sets the weight of the route map. Command mode: Route map no weight Deletes the weight of the current route map.
IP Access List Configuration Use the following commands to configure an access list statement on the current route‐map. Note: The access list number (1‐32) represents the IP access list you wish to configure. Table 271. IP Access List Configuration Options Command Syntax and Usage accesslist <1‐32> action {permit|deny} Permits or denies action for the access list. Command mode: Route map [no] accesslist <1‐32> enable Enables or disables the access list. Command mode: Route map [no] accesslist <1‐32> matchaccesscontrol <1‐256> Sets the network filter number. Command mode: Route map [no] accesslist <1‐32> matchaddress <1‐256> Sets the network filter number. See “Network Filter Configuration” on page 518 for details. Command mode: Route map accesslist <1‐32> metric <1‐4294967294> Sets the metric value in the AS‐External (ASE) LSA. Command mode: Route map no accesslist <1‐32> metric Removes the current metric value for the specified access list. Command mode: Route map no accesslist <1‐32> Deletes the access list. Command mode: Route map show routemap <1‐255> accesslist <1‐32> Displays the current Access List configuration.
Page 524
Table 272. IP Next Hop Configuration Options Command Syntax and Usage [no] ip policy routemap <1‐255> Applies the route map to an IP interface that has a VLAN configured. Command mode: Interface IP show routemap <1‐255> Displays the current route map configuration. Command mode: All show routemap <1‐255> accesslist <1‐32> Displays the current Access List configuration. Command mode: All show ip policy Displays the current routing policy information. Command mode: All show ip policy statistics Displays statistics for the current routing policy. Command mode: All G8332 Command Reference for ENOS 8.4...
Routing Information Protocol Configuration RIP commands are used for configuring Routing Information Protocol parameters. This option is turned off by default. Table 274. Routing Information Protocol Options Command Syntax and Usage router rip Enter Router RIP configuration mode. Command mode: Global configuration [no] enable Globally enables or disables RIP. Command mode: Router RIP [no] redistribute {ebgp|eospf|fixed|ibgp|ospf|static} Configures RIP route distribution. To view command options, see page 529. Command mode: Router RIP timers update <1‐120> Configures the time interval for sending for RIP table updates, in seconds. The default value is 30 seconds. Command mode: Router RIP show ip rip Displays the current RIP configuration. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 528
Table 275. RIP Interface Options (continued) Command Syntax and Usage ip rip metric <1‐15> Configures the route metric, which indicates the relative distance to the destination. The default value is 1. Command mode: Interface IP [no] ip rip multicastupdates Enables or disables multicast updates of the routing table (using address 224.0.0.9). The default value is enabled. Command mode: Interface IP [no] ip rip poison When enabled, the switch uses split horizon with poisoned reverse. When disabled, the switch uses only split horizon. The default value is disabled. Command mode: Interface IP [no] ip rip splithorizon Enables or disables split horizon. The default value is enabled. Command mode: Interface IP [no] ip rip supply When enabled, the switch supplies routes to other routers. The default value is enabled. Command mode: Interface IP [no] ip rip triggered Enables or disables Triggered Updates. Triggered Updates are used to speed convergence. When enabled, Triggered Updates force a router to send update messages immediately, even if it is not yet time for the update message. The default value is enabled. Command mode: Interface IP ip rip version {1|2|both} Configures the RIP version used by this IP interface. The default value is version 2. Command mode: Interface IP show interface ip <1‐128> rip Displays the current settings for the RIP interface.
Open Shortest Path First Configuration The following table describes the OSPF commands. Table 277. OSPF Configuration Options Command Syntax and Usage router ospf Enter Router OSPF configuration mode. Command mode: Global configuration area <0‐19> Configures OSPF area index. See page 531 to view command options. Command mode: Router OSPF arearange <1‐16> Configures summary routes for up to 16 IP addresses. See page 533 to view command options. Command mode: Router OSPF areavirtuallink <1‐3> Configures the Virtual Links used to configure OSPF for a Virtual Link. See page 536 to view command options. Command mode: Router OSPF defaultinformation <1‐16777214> <AS external metric type (1‐2)> Sets one default route among multiple choices in an area. Command mode: Router OSPF no defaultinformation Removes the default route information. Command mode: Router OSPF [no] enable Enables or disables OSPF on the G8332. Command mode: Router OSPF host <1‐128> Configures OSPF for the host routes. Up to 128 host routes can be configured. ...
Page 532
Table 278. Area Index Configuration Options (continued) Command Syntax and Usage area <0‐19> spfinterval <1‐255> Configures the minimum time interval, in seconds, between two successive SPF (shortest path first) calculations of the shortest path tree using the Dijkstra’s algorithm. The default value is 10 seconds. Command mode: Router OSPF area <0‐19> stubmetric <1‐65535> Configures a stub area to send a numeric metric value. All routes received via that stub area carry the configured metric to potentially influencing routing decisions. Metric value assigns the priority for choosing the switch for default route. Command mode: Router OSPF area <0‐19> type {transit|stub|nssa} Defines the type of area. For example, when a virtual link has to be established with the backbone, the area type must be defined as transit. transit area: allows area summary information to be exchanged between routing devices. Any area that is not a stub area or NSSA is considered to be transit area. stub area: is an area where external routing information is not distributed. Typically, a stub area is connected to only one other area. nssa: Not‐So‐Stubby Area (NSSA) is similar to stub area with additional capabilities. For example, routes originating from within the NSSA can be propagated to adjacent transit and backbone areas. Command mode: Router OSPF no area <0‐19> Deletes the OSPF area. Command mode: Router OSPF show ip ospf area <0‐19> Displays the current OSPF configuration. Command mode: All G8332 Command Reference for ENOS 8.4...
OSPF Interface Configuration The following table describes the OSPF Interface commands. Table 280. OSPF Interface Configuration Options Command Syntax and Usage ip ospf area <0‐19> Configures the OSPF area index. Command mode: Interface IP ip ospf cost <1‐65535> Configures cost set for the selected path—preferred or backup. Usually the cost is inversely proportional to the bandwidth of the interface. Low cost indicates high bandwidth. Command mode: Interface IP ip ospf deadinterval <1‐65535> ip ospf deadinterval <1000‐65535 ms> Configures the health parameters of a hello packet, in seconds or milliseconds, before declaring a silent router to be down. Command mode: Interface IP [no] ip ospf enable Enables or disables the OSPF interface. Command mode: Interface IP ip ospf hellointerval <1‐65535> ip ospf hellointerval <50‐65535 ms> Configures the interval, in seconds or milliseconds, between the hello packets for the interfaces. Command mode: Interface IP ip ospf key <key string> Sets the authentication key to clear the password. Command mode: Interface IP no ip ospf key Removes the authentification key to clear the password. Command mode: Interface IP ip ospf messagedigestkey <1‐255> Assigns an MD5 key to the interface. Command mode: Interface IP no ip ospf messagedigestkey Removes the MD5 key form the interface.
OSPF Virtual Link Configuration The following table describes the OSPF Virtual Link commands. Table 281. OSPF Virtual Link Configuration Options Command Syntax and Usage areavirtuallink <1‐3> area <0‐19> Configures the OSPF area index for the virtual link. Command mode: Router OSPF areavirtuallink <1‐3> deadinterval <1‐65535> areavirtuallink <1‐3> deadinterval <1000‐65535 ms> Configures the health parameters of a hello packet, in seconds or milliseconds. The default value is 40 seconds. Command mode: Router OSPF [no] areavirtuallink <1‐3> enable Enables or disables OSPF virtual link. Command mode: Router OSPF areavirtuallink <1‐3> hellointerval <1‐65535> areavirtuallink <1‐3> hellointerval <50‐65535 ms> Configures the authentication parameters of a hello packet, in seconds or milliseconds. The default value is 10 seconds. Command mode: Router OSPF areavirtuallink <1‐3> key <password> Configures the password (up to eight characters) for each virtual link. The default setting is none. Command mode: Router OSPF no areavirtuallink <1‐3> key Removes the authentification key. Command mode: Router OSPF areavirtuallink <1‐3> messagedigestkey <1‐255> Sets MD5 key ID for each virtual link. The default setting is none. Command mode: Router OSPF no areavirtuallink <1‐3> messagedigestkey Removes the MD5 key ID for the specified virtual link.
OSPF Host Entry Configuration The following table describes the OSPF Host Entry commands. Table 282. OSPF Host Entry Configuration Options Command Syntax and Usage host <1‐128> address <IP address> Configures the base IP address for the host entry. Command mode: Router OSPF host <1‐128> area <0‐19> Configures the area index of the host. Command mode: Router OSPF host <1‐128> cost <1‐65535> Configures the cost value of the host. Command mode: Router OSPF [no] host <1‐128> enable Enables or disables the OSPF host entry. Command mode: Router OSPF no host <1‐128> Deletes OSPF host entry. Command mode: Router OSPF show ip ospf host <1‐128> Displays the current OSPF host entries. Command mode: All G8332 Command Reference for ENOS 8.4...
Open Shortest Path First Version 3 Configuration The following table describes the OSPFv3 commands. Table 285. OSPFv3 Configuration Options Command Syntax and Usage [no] ipv6 router ospf Enter OSPFv3 configuration mode. Command mode: Global configuration abrtype [standard|cisco|ibm] Configures the Area Border Router (ABR) type, as follows: Standard Cisco The default setting is standard. Command mode: Router OSPF3 no abrtype Resets the Area Border Router (ABR) type to its default value ‐ standard. Command mode: Router OSPF3 asexternal lsdblimit <LSDB limit (0‐2147483647, ‐1 for no limit)> Sets the link state database limit. The default value is 1. Command mode: Router OSPF3 [no] enable Enables or disables OSPFv3 on the switch. Command mode: Router OSPF3 exitoverflowinterval <0‐4294967295> Configures the number of seconds that a router takes to exit Overflow State. The default value is 0. Command mode: Router OSPF3 G8332 Command Reference for ENOS 8.4...
Table 285. OSPFv3 Configuration Options (continued) Command Syntax and Usage timers spf <SPF delay (0‐65535)> <SPF hold time (0‐65535)> Configures the number of seconds that SPF calculation is delayed after a topology change message is received. The default value is 5 seconds. Configures the number of seconds between SPF calculations. The default value is 10 seconds. Command mode: Router OSPF3 no timers spf Resets the SPF timers to their default values ‐ SPF delay to 5 seconds and SPF hold time to 10 seconds. Command mode: Router OSPF3 show ipv6 ospf Displays the current OSPF configuration settings. Command mode: All OSPFv3 Area Index Configuration The following table describes the OSPFv3 Area Index commands. Table 286. OSPFv3 Area Index Configuration Options Command Syntax and Usage area <0‐2> areaid <IP address> Defines the IP address of the OSPFv3 area number. Command mode: Router OSPF3 area <0‐2> defaultmetric <metric value (1‐16777215)> Configures the cost for the default summary route in a stub area or NSSA. Command mode: Router OSPF3 area <0‐2> defaultmetric type <1‐3> Configures the default metric type applied to the route.
Page 544
Table 286. OSPFv3 Area Index Configuration Options (continued) Command Syntax and Usage no area <0‐2> Deletes the OSPF area. Command mode: Router OSPF3 show ipv6 ospf {areas|area <0‐2>} Displays the current OSPFv3 area configuration. Command mode: All G8332 Command Reference for ENOS 8.4...
OSPFv3 AS-External Range Configuration The following table describes the OSPFv3 AS‐External Range commands. Table 288. OSPFv3 AS_External Range Configuration Options Command Syntax and Usage summaryprefix <1‐16> address <IPv6 address> <IPv6 prefix length (1‐128)> Configures the base IPv6 address and the subnet prefix length for the range. Command mode: Router OSPF3 summaryprefix <1‐16> aggregationeffect {allowAll|denyAll| |advertise|notadvertise} Configures the aggregation effect, as follows: allowAll: If the area ID is 0.0.0.0, aggregated Type‐5 LSAs are generated. Aggregated Type‐7 LSAs are generated in all the attached NSSAs for the range. denyAll: Type‐5 and Type‐7 LSAs are not generated. advertise: If the area ID is 0.0.0.0, aggregated Type‐5 LSAs are generated. For other area IDs, aggregated Type‐7 LSAs are generated in the NSSA area. notadvertise: If the area ID is 0.0.0.0, Type‐5 LSAs are not generated, while all NSSA LSAs within the range are cleared and aggregated Type‐7 LSAs are generated for all NSSAs. For other area IDs, aggregated Type‐7 LSAs are not generated in the NSSA area. Command mode: Router OSPF3 summaryprefix <1‐16> area <area index (0‐2)> Configures the area index used by the switch. Command mode: Router OSPF3 [no] summaryprefix <1‐16> translation When enabled, the P‐bit is set in the generated Type‐7 LSA. When disabled, the P‐bit is cleared. The default setting is disabled. Command mode: Router OSPF3 [no] summaryprefix <1‐16> enable Enables or disables the OSPFv3 AS‐external range.
Page 548
Table 289. OSPFv3 Interface Configuration Options (continued) Command Syntax and Usage [no] ipv6 ospf linklsasuppress Enables or disables Link LSA suppression. When suppressed, no Link LSAs are originated. The default setting is disabled. Command mode: Interface IP ipv6 ospf network {broadcast|nonbroadcast| |pointtomultipoint|pointtopoint} Configures the network type for the OSPFv3 interface: broadcast: network where all routers use the broadcast capability nonbroadcast: non‐broadcast multiple access (NBMA) network supporting pseudo‐broadcast (multicast and broadcast traffic is configured manually) pointtomultipoint: network where multiple point‐to‐point links are set up on the same interface pointtopoint: network that joins a single pair of routers The default value is broadcast. Command mode: Interface IP [no] ipv6 ospf passiveinterface Enables or disables the passive setting on the interface. On a passive interface, OSPFv3 protocol packets are suppressed. Command mode: Interface IP ipv6 ospf pollinterval <0‐4294967295> Configures the poll interval in seconds for neighbors in NBMA networks. The default value is 120 seconds. Command mode: Interface IP no ipv6 ospf pollinterval Configures the poll interval in seconds for neighbors in NBMA and point‐to‐multipoint networks to its default 120 seconds value. Command mode: Interface IP ipv6 ospf priority <priority value (0‐255)>...
OSPFv3 Virtual Link Configuration The following table describes the OSPFv3 Virtual Link commands. Table 291. OSPFv3 Virtual Link Configuration Options Command Syntax and Usage areavirtuallink <1‐3> area <0‐2> Configures the OSPF area index. Command mode: Router OSPF3 areavirtuallink <1‐3> deadinterval <1‐65535> Configures the time period, in seconds, for which the router waits for hello packet from the neighbor before declaring this neighbor down. Command mode: Router OSPF3 [no] areavirtuallink <1‐3> enable Enables or disables OSPF virtual link. Command mode: Router OSPF3 areavirtuallink <1‐3> hellointerval <1‐65535)> Configures the indicated interval, in seconds, between the hello packets, that the router sends on the interface. Command mode: Router OSPF3 areavirtuallink <1‐3> neighborrouter <NBR router ID (IP address)> Configures the router ID of the virtual neighbor. The default setting is 0.0.0.0. Command mode: Router OSPF3 areavirtuallink <1‐3> retransmitinterval <1‐3600> Configures the interval, in seconds, between link‐state advertisement (LSA) retransmissions for adjacencies belonging to the OSPFv3 virtual link interface. The default value is 5 seconds. Command mode: Router OSPF3 areavirtuallink <1‐3> transmitdelay <1‐3600> Configures the estimated time, in seconds, taken to transmit LS update packet over this interface. Command mode: Router OSPF3 no areavirtuallink <1‐3> Deletes OSPF virtual link.
Table 292. Layer 3 IPsec Configuration Options (continued) Command Syntax and Usage no areavirtuallink <1‐3> encryption ipsec spi <256‐4294967295> Disables the specified Encapsulating Security Payload (ESP) SPI. Command mode: Router OSPF3 areavirtuallink <1‐3> encryption ipsec default Resets the IPsec encryption configuration to its default values. Command mode: Router OSPF3 show ipv6 ospf areavirtuallink Displays the current OSPFv3 virtual link settings. Command mode: All OSPFv3 Host Entry Configuration The following table describes the OSPFv3 Host Entry commands. Table 293. OSPFv3 Host Entry Configuration Options Command Syntax and Usage host <1‐128> address <IPv6 address> <prefix length (1‐128)> Configures the base IPv6 address and the subnet prefix length for the host entry. Command mode: Router OSPF3 host <1‐128> area <0‐2> Configures the area index of the host. Command mode: Router OSPF3 host <1‐128> cost <1‐65535> Configures the cost value of the host. Command mode: Router OSPF3 [no] host <1‐128> enable Enables or disables the host entry.
OSPFv3 Redistribute Configuration The following table describes the OSPFv3 Redistribute commands. Table 295. OSPFv3 Redistribute Configuration Options Command Syntax and Usage redistribute {connected|static} export <metric value (1‐16777215)> <metric type (1‐2)> [<tag (0‐4294967295)>] Exports the routes of this protocol as external OSPFv3 AS‐external LSAs in which the metric, metric type, and route tag are specified. Command mode: Router OSPF3 no redistribute {connected|static} export Stops exporting the routes of the protocol. Command mode: Router OSPF3 show ipv6 ospf Displays the current OSPFv3 route redistribution settings. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 558
Table 296. Border Gateway Protocol Options (continued) Command Syntax and Usage clusterid <IP address> Specifies the router’s Cluster ID used when operating as a route reflector. Route reflectors that are part of the same cluster (assigned to the same group of clients) must use identical Cluster IDs. Command mode: Router BGP no clusterid Removes the router’s Cluster ID. Command mode: Router BGP dscp <0‐63> Set the DSCP marking value. Command mode: Router BGP [no] enable Globally enables or disables BGP. Command mode: Router BGP localpreference <0‐4294967294> Sets the local preference. The path with the higher value is preferred. When multiple peers advertise the same route, use the route with the shortest AS path as the preferred route if you are using eBGP, or use the local preference if you are using iBGP. Command mode: Router BGP maximumpaths [ibgp] <1‐32> Set maximum paths allowed for an external route. ibgp will set the maximum paths allowed for an internal route. By default, BGP will install only one path to the IP routing table. Command mode: Router BGP no maximumpaths [ibgp] Resets the maximum paths allowed for an external route to its default value of 1. The ibgp option resets the maximum paths allowed for an internal route. Command mode: Router BGP neighbor {<peer number (1‐96)>|group <1‐8>} Configures each BGP peer. Each border router, within an autonomous system, exchanges routing information with routers on other external networks. To view command options, see page 559.
Page 560
Table 297. BGP Peer Configuration Options (continued) Command Syntax and Usage neighbor <1‐96> redistribute Configures BGP neighbor redistribution. To view command options, see page 563. Command mode: Router BGP neighbor <1‐96> remoteaddress <IP address> Defines the IP address for the specified peer (border router), using dotted decimal notation. The default address is 0.0.0.0. Command mode: Router BGP neighbor <1‐96> remoteas <1‐65535> Sets the remote autonomous system number for the specified peer. Command mode: Router BGP neighbor <1‐96> retryinterval <1‐65535> Sets connection retry interval, in seconds. The default value is 120 seconds. Command mode: Router BGP neighbor <1‐96> routemap {in|out} <1‐255> Adds route map into in‐route or out‐route map list. Command mode: Router BGP no neighbor <1‐96> routemap {in|out} {<1‐255>|all} Removes all route maps or a specific route map from in‐route or out‐route map list. Command mode: Router BGP neighbor <1‐96> routeoriginationinterval <1‐65535> Sets the minimum time between route originations, in seconds. The default value is 15 seconds. Command mode: Router BGP [no] neighbor <1‐96> routereflectorclient Enables or disables the peer as a route reflector client. Configuring route reflector clients, implicitly sets up the local router as a route reflector. Command mode: Router BGP [no] neighbor <1‐96> sendcommunity Enables or disables sending a community attribute to a BGP neighbor.
Table 297. BGP Peer Configuration Options (continued) Command Syntax and Usage no neighbor <1‐96> ttlsecurity hops Disables the TTL security feature. Command mode: Router BGP neighbor <1‐96> updatesource {<interface number (1‐126)>| |loopback <1‐5>} Sets the source interface number for this peer. Command mode: Router BGP no neighbor <1‐96> Deletes this peer configuration. Command mode: Router BGP show ip bgp neighbor [<1‐192>] Displays the current BGP peer configuration. Command mode: All BGP Aggregation Configuration These commands enable you to configure BGP aggregation to specify the routes/range of IP destinations a peer router accepts from other peers. All matched routes are aggregated to one route, in order to reduce the size of the routing table. By default, the first aggregation number is enabled and the rest are disabled. Table 298. BGP Aggregation Configuration Options Command Syntax and Usage aggregateaddress <1‐16> <IP address> <IP netmask> Defines the starting subnet IP address for this aggregation, using dotted decimal notation. The default address is 0.0.0.0. Command mode: Router BGP [no] aggregateaddress <1‐16> enable Enables or disables this BGP aggregation.
BGP Peering Group Configuration These commands enable you to configure BGP peering for a group of remote neighbors defined by a range of IP addresses. Each range can be configured as a subnet IP address. After a subnet range is configured for a BGP peer group and a TCP session is established for an IP address in that subnet range, a new BGP neighbor is dynamically created as a member of that group and inherits the configuration from the peer group. Table 300. BGP Peering Group Configuration Options Command Syntax and Usage neighbor group <1‐8> advertisementinterval <minimum advertisement time (1‐65535)> Sets time, in seconds, between advertisements. The default value is 60 seconds. Command mode: Router BGP neighbor group <1‐8> listen limit <group limit (1‐96)> Sets the maximum number of BGP dynamic peers. Command mode: Router BGP neighbor group <1‐8> listen range <IPv4 address> <IPv4 subnet mask> Defines the range of IP addresses that will be accepted for the group. Command mode: Router BGP neighbor group <1‐8> name <1‐32 characters> Sets the name for the group. Command mode: Router BGP no neighbor group <1‐8> name Deletes the name for the group. Command mode: Router BGP [no] neighbor group <1‐8> nexthopself Enables or disables enforcing the use the router’s own IP address as next‐hop attribute when sending BGP updates to the peering group. Applicable only for EBGP routes. Command mode: Router BGP neighbor group <1‐8> password <1‐16 characters> Configures the BGP peer group password.
Page 566
Table 300. BGP Peering Group Configuration Options (continued) Command Syntax and Usage neighbor group <1‐8> timetolive <number of router hops (1‐255)> Time‐to‐live (TTL) is a value in an IP packet that tells a network router whether or not the packet has been in the network too long and must be discarded. TTL specifies a certain time span in seconds that, when exhausted, would cause the packet to be discarded. The TTL is determined by the number of router hops the packet is allowed before it must be discarded. This command specifies the number of router hops that the IP packet can make. This value is used to restrict the number of “hops” the advertisement makes. It is also used to support multi‐hops, which allow BGP peering groups to talk across a routed network. The default number is set at 1. Note: The TTL value is significant only to eBGP peering groups; for iBGP peering groups the TTL value in the IP packets is always 255 (regardless of the configured value). Command mode: Router BGP no neighbor group <1‐8> timetolive <1‐255> Disables the TTL feature. Command mode: Router BGP neighbor group <1‐8> timers holdtime <hold time (0, 3‐65535)> Sets the period of time, in seconds, that will elapse before the peering group session is torn down because the switch hasn’t received a “keep alive” message from the peer. The default value is 180 seconds. Command mode: Router BGP neighbor group <1‐8> timers keepalive <keepalive time (0‐21845)> Sets the keep‐alive time for the specified peering group in seconds. The default value is 60 seconds. Command mode: Router BGP neighbor group <1‐8> ttlsecurity hops <1‐254> Sets the minimum number of time‐to‐live (TTL) router hops an IP packet must have to not be discarded. Command mode: Router BGP no neighbor group <1‐8> ttlsecurity hops Disables the TTL security feature.
BGP Neighbor Group Redistribution Configuration This menu enables you to redistribute routes learned from various routing information sources into BGP. Table 301. BGP Neighbor Redistribution Configuration Options Command Syntax and Usage neighbor group <1‐8> redistribute defaultaction {import|originate|redistribute} Sets default route action. Defaults routes can be configured as follows: import: Import these routes. originate: The switch sends a default route to peers if it does not have any default routes in its routing table. redistribute: Default routes are either configured through default gateway or learned through other protocols and redistributed to peer. If the routes are learned from default gateway configuration, you have to enable static routes since the routes from default gateway are static routes. Similarly, if the routes are learned from a certain routing protocol, you have to enable that protocol. Command mode: Router BGP no neighbor group <1‐8> redistribute defaultaction Disables the default route action configuration. Command mode: Router BGP neighbor group <1‐8> redistribute defaultmetric <1‐4294967294> Sets default metric of advertised routes. Command mode: Router BGP no neighbor group <1‐8> redistribute defaultmetric Disables the default metric configuration for advertised routes. Command mode: Router BGP [no] neighbor group <1‐8> redistribute {fixed|ospf|rip| |static} Enables or disables advertising fixed, OSPF, RIP or static routes.
Page 570
MLD Interface Configuration The following table describes the commands used to configure MLD parameters for an interface. Table 303. MLD Interface Configuration Commands Command Syntax and Usage [no] ipv6 mld dmrtr enable Enables or disables dynamic Mrouter learning on the interface. The default setting is disabled. Command mode: Interface IP [no] ipv6 mld enable Enables or disables the selected MLD interface. Command mode: Interface IP ipv6 mld llistnr <1‐32> Configures the Last Listener query interval, in seconds. The default value is 1 second. Command mode: Interface IP no ipv6 mld llistnr Resets the Last Listener query interval to its default value of 1 second. Command mode: Interface IP ipv6 mld qintrval <2‐65535> Configures the interval for MLD Query Reports, in seconds. The default value is 125 seconds. Command mode: Interface IP no ipv6 mld qintrval Resets the interval for MLD Query Reports to its default value of 125 seconds. Command mode: Interface IP ipv6 mld qri <1000‐65535> Configures the interval for MLD Query Response Reports, in miliseconds. The default value is 10,000 milliseconds. Command mode: Interface IP no ipv6 mld qri Resets the interval for MLD Query Response Reports to its default value of 10,000 milliseconds. Command mode: Interface IP G8332 Command Reference for ENOS 8.4...
IGMP Configuration The following table describes the commands used to configure basic IGMP parameters. Table 304. IGMP Configuration Options Command Syntax and Usage [no] ip igmp aggregate Enables or disables IGMP Membership Report aggregation. Command mode: Global configuration [no] ip igmp enable Globally enables or disables IGMP. Command mode: Global configuration show ip igmp Displays the current IGMP configuration parameters. Command mode: All The following sections describe the IGMP configuration options. “IGMP Snooping Configuration” on page 573 “IGMP Relay Configuration” on page 575 “IGMP Relay Multicast Router Configuration” on page 576 “IGMP Static Multicast Router Configuration” on page 577 “IGMP Filtering Configuration” on page 578 “IGMP Advanced Configuration” on page 580 “IGMP Querier Configuration” on page 581 G8332 Command Reference for ENOS 8.4...
IGMPv3 Configuration The following table describes the commands used to configure IGMP version 3. Table 306. IGMP Version 3 Configuration Options Command Syntax and Usage [no] ip igmp snoop igmpv3 enable Enables or disables IGMP version 3. The default value is disabled. Command mode: Global configuration [no] ip igmp snoop igmpv3 exclude Enables or disables snooping on IGMPv3 Exclude Reports. When disabled, the switch ignores Exclude Reports. The default value is enabled. Command mode: Global configuration ip igmp snoop igmpv3 sources <1‐64> Configures the maximum number of IGMP multicast sources to snoop from within the group record. Use this command to limit the number of IGMP sources to provide more refined control. The default value is 8. Command mode: Global configuration no ip igmp snoop igmpv3 sources Resets the maximum number of IGMP multicast sources to snoop from within the group record to its default value of 8. Command mode: Global configuration [no] ip igmp snoop igmpv3 v1v2 Enables or disables snooping on IGMP version 1 and version 2 reports. When disabled, the switch drops IGMPv1 and IGMPv2 reports. The default value is enabled. Command mode: Global configuration show ip igmp snoop igmpv3 Displays the current IGMP v3 Snooping configuration. Command mode: All G8332 Command Reference for ENOS 8.4...
IGMP Relay Multicast Router Configuration The following table describes the commands used to configure multicast routers for IGMP Relay. Table 308. IGMP Relay Mrouter Configuration Options Command Syntax and Usage ip igmp relay mrouter <1‐2> address <IP address> Configures the IP address of the IGMP multicast router used for IGMP Relay. Command mode: Global configuration ip igmp relay mrouter <1‐2> attempt <1‐128> Configures the number of successful ping attempts required before the switch declares this Mrouter is up. The default value is 5. Command mode: Global configuration [no] ip igmp relay mrouter <1‐2> enable Enables or disables the multicast router. Command mode: Global configuration ip igmp relay mrouter <1‐2> interval <1‐60> Configures the time interval between ping attempts to the upstream Mrouters, in seconds. The default value is 2. Command mode: Global configuration ip igmp relay mrouter <1‐2> retry <1‐120> Configures the number of failed ping attempts required before the switch declares this Mrouter is down. The default value is 4. Command mode: Global configuration ip igmp relay mrouter <1‐2> version <1‐2> Configures the IGMP version (1 or 2) of the multicast router. Command mode: Global configuration no ip igmp relay mrouter <1‐2> Deletes the multicast router from IGMP Relay. Command mode: Global configuration show ip igmp relay Displays the current IGMP Relay configuration.
IGMP Filtering Configuration The following table describes the commands used to configure an IGMP filter. Table 310. IGMP Filtering Configuration Options Command Syntax and Usage ip igmp profile <1‐16> Configures the IGMP filter. To view command options, see page 578. Command mode: Global configuration [no] ip igmp filtering Enables or disables IGMP filtering globally. Command mode: Global configuration show ip igmp filtering Displays the current IGMP Filtering parameters. Command mode: All IGMP Filter Definition The following table describes the commands used to define an IGMP filter. Table 311. IGMP Filter Definition Options Command Syntax and Usage ip igmp profile <1‐16> action {allow|deny} Allows or denies multicast traffic for the IP multicast addresses specified. The default action is deny. Command mode: Global configuration [no] ip igmp profile <1‐16> enable Enables or disables this IGMP filter. Command mode: Global configuration ip igmp profile <1‐16> range <IP address 1> <IP address 2> Configures the range of IP multicast addresses for this filter.
IGMP Advanced Configuration The following table describes the commands used to configure advanced IGMP parameters. Table 313. IGMP Advanced Configuration Options Command Syntax and Usage [no] ip igmp fastleave {<VLAN ID (1‐4094)>|port <port alias or number>} Enables or disables Fastleave processing. Fastleave allows the switch to immediately remove a VLAN from the IGMP VLAN list or a port from the IGMP port list, if the host sends a Leave message, and the proper conditions are met. This command is disabled by default. Command mode: Global configuration ip igmp queryinterval <1‐600> Sets the IGMP router query interval, in seconds. The default value is 125 seconds. Command mode: Global configuration no ip igmp queryinterval Resets the IGMP router query interval to its default value of 125 seconds. Command mode: Global configuration ip igmp robust <1‐10> Configures the IGMP Robustness variable, which allows you to tune the switch for expected packet loss on the subnet. If the subnet is expected to be lossy (high rate of packet loss), increase the value. The default value is 2. Command mode: Global configuration no ip igmp robust Resets the IGMP Robustness variable to its default value of 2. Command mode: Global configuration [no] ip igmp rtralert Enables or disables the Router Alert option in IGMP messages. Command mode: Global configuration G8332 Command Reference for ENOS 8.4...
Page 582
Table 314. IGMP Querier Configuration Options (continued) Command Syntax and Usage ip igmp querier vlan <VLAN ID (1‐4094)> maxresponse <1‐256> Configures the maximum time, in tenths of a second, allowed before responding to a Membership Query message. The default value is 100. By varying the Query Response Interval, an administrator may tune the burstiness of IGMP messages on the subnet; larger values make the traffic less bursty, as host responses are spread out over a larger interval. Command mode: Global configuration no ip igmp querier vlan <VLAN ID (1‐4094)> maxresponse Resets the maximum time allowed before responding to a Membership Query message to its default value of 100. Command mode: Global configuration ip igmp querier vlan <VLAN ID (1‐4094)> queryinterval <1‐608> Configures the interval between IGMP Query broadcasts. The default value is 125 seconds. Command mode: Global configuration no ip igmp querier vlan <VLAN ID (1‐4094)> queryinterval Resets the interval between IGMP Query broadcasts to its default value of 125 seconds. Command mode: Global configuration ip igmp querier vlan <VLAN ID (1‐4094)> robustness <1‐10> Configures the IGMP Robustness variable, which is the number of times that the switch sends each IGMP message. The default value is 2. Command mode: Global configuration no ip igmp querier vlan <VLAN ID (1‐4094)> robustness Resets the IGMP Robustness variable to its default value of 2. Command mode: Global configuration ip igmp querier vlan <VLAN ID (1‐4094)> sourceip <IP address> Configures the IGMP source IP address for the selected VLAN. Command mode: Global configuration no ip igmp querier vlan <VLAN ID (1‐4094)> sourceip Removes the configured IGMP source IP address for the specified VLAN. Command mode: Global configuration G8332 Command Reference for ENOS 8.4...
IKEv2 Configuration The following table describes the commands used to configure IKEv2. Table 315. IKEv2 Options Command Syntax and Usage [no] ikev2 cookie Enables or disables cookie notification. Command mode: Global configuration ikev2 retransmitinterval <1‐20> Sets the interval, in seconds, the timeout value in case a packet is not received by the peer and needs to be retransmitted. The default value is 20 seconds. Command mode: Global configuration show ikev2 Displays the current IKEv2 settings. Command mode: All IKEv2 Preshare Key Configuration The following table describes the commands used to configure IKEv2 preshare keys. Table 316. IKEv2 Preshare Key Options Command Syntax and Usage ikev2 presharekey local <1‐256 characters> Configures the local preshare key. The default value is ibm123. Command mode: Global configuration ikev2 presharekey remote <1‐256 characters> <IPv6 address> Configures the remote preshare key for the IPv6 address. Command mode: Global configuration show ikev2 presharekey Displays the current IKEv2 Preshare key settings.
IKEv2 Identification Configuration The following table describes the commands used to configure IKEv2 identification. Table 318. IKEv2 Identification Options Command Syntax and Usage ikev2 identity local address Configures the switch to use the supplied IPv6 address as identification. Command mode: Global configuration ikev2 identity local fqdn <1‐32 characters> Configures the switch to use the fully‐qualified domain name (such as “example.com”) as identification. Command mode: Global configuration ikev2 identity local email <1‐32 characters> Configures the switch to use the supplied email address (such as “xyz@example.com”) as identification. Command mode: Global configuration show ikev2 identity Displays the current IKEv2 identification settings. Command mode: All G8332 Command Reference for ENOS 8.4...
Table 320. IPsec Transform Set Options (continued) Command Syntax and Usage no ipsec transform <1‐10> Deletes the transform set. Command mode: Global configuration show ipsec transformset <1‐10> Displays the current IPsec Transform Set settings. Command mode: All IPsec Traffic Selector Configuration The following table describes the commands used to configure an IPsec traffic selector. Table 321. IPsec Traffic Selector Options Command Syntax and Usage ipsec trafficselector <1‐10> {permit|deny} {any|icmp [<ICMPv6 type (0‐255)>]|tcp} {<IPV6 address>|any} Sets the traffic‐selector to permit or deny the specified type of traffic. Command mode: Global configuration no ipsec trafficselector <1‐10> Resets the specified traffic selector to its default values. Command mode: Global configuration show ipsec trafficselector [<1‐10>] Displays IPsec traffic selector information. Command mode: All G8332 Command Reference for ENOS 8.4...
IPsec Manual Policy Configuration The following table describes the commands used to configure an IPsec manual policy. Table 323. IPsec Manual Policy Options Command Syntax and Usage ipsec manualpolicy <1‐10> Enter IPsec manual policy mode. Command mode: Global configuration inah authkey <key code (hexadecimal)> Sets inbound Authentication Header (AH) authenticator key. Note: For manual policies, when peering with a third‐party device, key lengths are fixed to 20 characters for SHA1. Command mode: IPsec manual policy inah spi <256‐4294967295> Sets the inbound Authentication Header (AH) Security Parameter Index (SPI). Note: For manual policies, when peering with a third‐party device, key lengths are fixed to 20 characters for SHA1. Command mode: IPsec manual policy inesp {authkey|cipherkey} <key code (hexadecimal)> Sets the inbound Encapsulating Security Payload (ESP) authenticator key or cipher key. Note: For manual policies, when peering with a third‐party device, key lengths are fixed to 8 characters for DES and to 24 characters for 3DES and AES‐CBC encryption. Command mode: IPsec manual policy inesp spi <256‐4294967295> Sets the inbound Encapsulating Security Payload (ESP) Security Parameter Index (SPI). Note: For manual policies, when peering with a third‐party device, key lengths are fixed to 20 characters for SHA1. Command mode: IPsec manual policy outah authkey <key code (hexadecimal)> Sets the outbound Authentication Header (AH) authenticator key.
Domain Name System Configuration The Domain Name System (DNS) commands are used for defining the primary and secondary DNS servers on your local network, and for setting the default domain name served by the switch services. DNS parameters must be configured prior to using hostname parameters with the ping, traceroute, and tftp commands. Table 324. Domain Name Service Options Command Syntax and Usage ip dns domainname <1‐191 characters> Sets the default domain name used by the switch. For example: mycompany.com Command mode: Global configuration no ip dns domainname Removes the domain name used by the switch. Command mode: Global configuration ip dns primaryserver <IPv4 address> [dataport|mgtport] You are prompted to set the IPv4 address for your primary DNS server, using dotted decimal notation. Command mode: Global configuration no ip dns primaryserver Removes the IPv4 primary DNS server. Command mode: Global configuration ip dns secondaryserver <IPv4 address> [dataport|mgtport] You are prompted to set the IPv4 address for your secondary DNS server, using dotted decimal notation. If the primary DNS server fails, the configured secondary will be used instead. Command mode: Global configuration no ip dns secondaryserver Removes the IPv4 secondary DNS server. Command mode: Global configuration ip dns ipv6 primaryserver [<IPv6 address>] [dataport| |mgtport] You are prompted to set the IPv6 address for your primary DNS server, using ...
Bootstrap Protocol Relay Configuration The Bootstrap Protocol (BOOTP) Relay commands are used to allow hosts to obtain their configurations from a Dynamic Host Configuration Protocol (DHCP) server. The BOOTP configuration enables the switch to forward a client request for an IP address to DHCP/BOOTP servers with IP addresses that have been configured on the G8332. BOOTP relay is turned off by default. Table 325. Global BOOTP Relay Configuration Options Command Syntax and Usage [no] ip bootprelay enable Globally enables or disables BOOTP relay. Command mode: Global configuration ip bootprelay server <1‐5> address <IP address> Sets the IP address of the selected global BOOTP server. Command mode: Global configuration no ip bootprelay server <1‐5> Removes the specified BOOTP server. Command mode: Global configuration BOOTP Relay Broadcast Domain Configuration This menu allows you to configure a BOOTP server for a specific broadcast domain, based on its associated VLAN. Table 326. BOOTP Relay Broadcast Domain Configuration Options Command Syntax and Usage [no] ip bootprelay bcastdomain <1‐10> enable Enables or disables BOOTP Relay for the broadcast domain.
VRRP Configuration Virtual Router Redundancy Protocol (VRRP) support on the G8332 provides redundancy between routers in a LAN. This is accomplished by configuring the same virtual router IP address and ID number on each participating VRRP‐capable routing device. One of the virtual routers is then elected as the master, based on a number of priority criteria, and assumes control of the shared virtual router IP address. If the master fails, one of the backup virtual routers will assume routing authority and take control of the virtual router IP address. By default, VRRP is disabled. Enterprise NOS has extended VRRP to include virtual servers as well, allowing for full active/active redundancy between switches. For more information on VRRP, see the “High Availability” chapter in the Lenovo RackSwitch G8332 Application Guide for Lenovo Enterprise Network Operating System 8.4. Table 328. Virtual Router Redundancy Protocol Options Command Syntax and Usage router vrrp Enter Router VRRP configuration mode. Command mode: Global configuration [no] enable Globally enables or disables VRRP on this switch. Command mode: Router VRRP group Configures VRRP virtual routers groups. To view command options, see page 602. Command mode: Router VRRP holdoff <0‐255> Globally sets the time, in seconds, that VRRP waits from when the master switch goes down until elevating a new switch to be the master switch. To disable VRRP hold off set the time to 0. Note: Setting a new time value will take effect only when the switch is not in a hold off state. Command mode: Router VRRP interface <1‐126>...
Virtual Router Configuration These commands are used for configuring virtual routers for this switch. A virtual router is defined by its virtual router ID and an IP address. On each VRRP‐capable routing device participating in redundancy for this virtual router, a virtual router will be configured to share the same virtual router ID and IP address. Virtual routers are disabled by default. Table 329. VRRP Virtual Router Configuration Options Command Syntax and Usage virtualrouter <1‐128> address <IP address> Defines the IP address for this virtual router using dotted decimal notation. This is used in conjunction with the preceding VRID to configure the same virtual router on each participating VRRP device. The default address is 0.0.0.0. Command mode: Router VRRP [no] virtualrouter <1‐128> enable Enables or disables this virtual router. Command mode: Router VRRP [no] virtualrouter <1‐128> fastadvertise Enables or disables Fast Advertisements. When enabled, the VRRP master advertisements interval is calculated in units of centiseconds, instead of seconds. For example, if adver is set to 1 and fadver is enabled, master advertisements are sent every 10 miliseconds. When you disable fast advertisement, the advertisement interval is set to the default value of 1 second. To support Fast Advertisements, set the interval between 20‐100 centiseconds. Command mode: Router VRRP virtualrouter <1‐128> interface <IP interface number> Selects a switch IP interface. If the IP interface has the same IP address as the address option, this switch is considered the “owner” of the defined virtual router. An owner has a special priority of 255 (highest) and will always assume the role of master router, even if it must pre‐empt another virtual router which has assumed master routing authority. This pre‐emption occurs even if the preem option below is disabled. The default value is 1.
Page 600
Table 329. VRRP Virtual Router Configuration Options (continued) Command Syntax and Usage virtualrouter <1‐128> timers preemptdelaytime <0‐255> Configures the preempt delay interval (in seconds). This timer is configured on the virtual router and prevents the switch from transitioning back to Master state until the preempt delay interval has expired. Ensure that the interval is long enough for OSPF or other routing protocols to converge. The default is 0 seconds. Command mode: Router VRRP virtualrouter <1‐128> track Enables the priority system used when electing the master router from a pool of virtual routers. To view command options, see page 601. Command mode: Router VRRP virtualrouter <1‐128> virtualrouterid <1‐128> Defines the virtual router ID (VRID). This is used in conjunction with the [no] virtualrouter <VRID> address <IP address> command below to define a virtual router on this switch. To create a pool of VRRP‐enabled routing devices which can provide redundancy to each other, each participating VRRP device must be configured with the same virtual router. The VRID for standard virtual routers (where the virtual router IP address is not the same as any virtual server) can be any integer between 1 and 128. The default value is 1. Note: All VRID values must be unique within the VLAN to which the virtual router’s IP interface belongs. Command mode: Router VRRP no virtualrouter <1‐128> Deletes this virtual router from the switch configuration. Command mode: Router VRRP show ip vrrp virtualrouter <1‐128> Displays the current configuration information for this virtual router. Command mode: All G8332 Command Reference for ENOS 8.4...
Table 330. VRRP Priority Tracking Configuration Options Command Syntax and Usage [no] virtualrouter <1‐128> track virtualrouters When enabled, the priority for this virtual router will be increased for each virtual router in master mode on this switch. This is useful for making sure that traffic for any particular client/server pairing are handled by the same switch, increasing routing and load balancing efficiency. This command is disabled by default. Command mode: Router VRRP show ip vrrp virtualrouter <1‐128> track Displays the current configuration for priority tracking for this virtual router. Command mode: All Virtual Router Group Configuration Virtual Router Group commands are used for associating all virtual routers into a single logical virtual router, which forces all virtual routers on the G8332 to either be master or backup as a group. A virtual router is defined by its virtual router ID and an IP address. On each VRRP‐capable routing device participating in redundancy for this virtual router, a virtual router will be configured to share the same virtual router ID and IP address. Note: This option is required to be configured only when using at least two G8332s in a hot‐standby failover configuration, where only one switch is active at any time. Table 331. VRRP Virtual Router Group Configuration Options Command Syntax and Usage group advertisement <1‐255> Defines the time interval between VRRP master advertisements. This can be any integer between 1 and 255 seconds. The default is 1.
Page 604
Table 331. VRRP Virtual Router Group Configuration Options (continued) Command Syntax and Usage group track Enables the priority system used when electing the master router from a pool of virtual router groups. To view command options, see page 605. Command mode: Router VRRP group virtualrouterid <1‐255> Defines the virtual router ID (VRID). The VRID for standard virtual routers (where the virtual router IP address is not the same as any virtual server) can be any integer between 1 and 128. All VRID values must be unique within the VLAN to which the virtual router’s IP interface (see interface) belongs. The default virtual router ID is 1. Command mode: Router VRRP no group Deletes the virtual router group from the switch configuration. Command mode: Router VRRP show ip vrrp group Displays the current configuration information for the virtual router group. Command mode: All G8332 Command Reference for ENOS 8.4...
VRRP Interface Configuration These commands are used for configuring VRRP authentication parameters for the IP interfaces used with the virtual routers. Note: The interface represents the IP interface on which authentication parameters must be configured. Table 333. VRRP Interface Options Command Syntax and Usage interface <1‐126> authentication {password|none} Defines the type of authentication that will be used: none (no authentication) password (password authentication). Command mode: Router VRRP interface <1‐126> password <password> Defines a plain text password up to eight characters long. This password will be added to each VRRP packet transmitted by this interface when password authentication is chosen (see interface authentication above). Command mode: Router VRRP no interface <1‐126> password Resets the configured password to its default value. Command mode: Router VRRP no interface <1‐126> Clears the authentication configuration parameters for this IP interface. The IP interface itself is not deleted. Command mode: Router VRRP show ip vrrp interface <1‐126> Displays the current configuration for this IP interface’s authentication parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Protocol Independent Multicast Configuration The following table describes the PIM commands. Table 335. PIM Configuration Options Command Syntax and Usage ip pim component <1‐2> Enter PIM component mode. Command mode: Global configuration no ip pim component <2> Deletes the PIM component. Command mode: Global configuration [no] ip pim enable Globally enables or disables PIM. Command mode: Global configuration [no] ip pim pmbr enable Enables or disables PIM border router. The default setting is disabled. Command mode: Global configuration ip pim regstopratelimitperiod <0‐2147483647> Configures the register stop rate limit, in seconds. The default value is 5 seconds. Command mode: Global configuration default ip pim regstopratelimitperiod Reset the register stop rate limit to its default value of 5 seconds. Command mode: Global configuration no ip pim regstopratelimitperiod Disables the register stop rate limit. Command mode: Global configuration [no] ip pim staticrp enable Enables or disables static RP configuration. The default setting is disabled. Command mode: Global configuration G8332 Command Reference for ENOS 8.4...
RP Candidate Configuration Use these commands to configure a PIM router Rendezvous Point (RP) candidate. Table 337. RP Candidate Configuration Options Command Syntax and Usage rpcandidate holdtime <0‐255> Configures the hold time of the RP candidate, in seconds. Command mode: PIM Component no rpcandidate holdtime Resets the hold time of the RP candidate to its default value of 0 seconds. Command mode: PIM Component [no] rpcandidate rpaddress <group multicast address> <group subnet mask> <IP address> Adds or removes an RP candidate. Command mode: PIM Component RP Static Configuration Use these commands to configure a static PIM router Rendezvous Point (RP). Table 338. RP Static Configuration Options Command Syntax and Usage rpstatic rpaddress <group multicast address> <group subnet mask> <IP address> Adds a static RP. Command mode: PIM Component no rpstatic rpaddress <group multicast address> <group subnet mask> Removes the specified static RP. Command mode: PIM Component G8332 Command Reference for ENOS 8.4...
Page 612
Table 339. PIM Interface Configuration Options (continued) Command Syntax and Usage ip pim helloholdtime <1‐65535> Configures the time period in seconds for which a neighbor is to consider this switch to be operative (up). The default value is 105 seconds. Command mode: Interface IP [default|no] ip pim helloholdtime Resets the PIM Hello packets hold time to its default value of 105 seconds. Command mode: Interface IP ip pim hellointerval <0‐65535> Configures the time interval, in seconds, between PIM Hello packets. The default value is 30 seconds. Command mode: Interface IP [default|no] ip pim hellointerval Resets the time interval between PIM Hello packets to its default value of 30 seconds. Command mode: Interface IP ip pim joinpruneinterval <0‐65535> Configures the interval between Join Prune messages, in seconds. The default value is 60 seconds. Command mode: Interface IP [default|no] ip pim joinpruneinterval Resets the interval between Join Prune messages to its default value of 60 seconds. Command mode: Interface IP ip pim landelay <0‐32767> Configures the LAN delay value for the router interface, in seconds. Command mode: Interface IP [default|no] ip pim landelay Resets the LAN delay for the router interface to its default value. Command mode: Interface IP [no] ip pim lanprunedelay Enables or disables LAN delay advertisements on the interface. The default setting is disabled. Command mode: Interface IP G8332 Command Reference for ENOS 8.4...
IPv6 Default Gateway Configuration The switch supports IPv6 default gateways, as follows: Gateway 1: data traffic Gateway 4: management port The following table describes the IPv6 Default Gateway Configuration commands. Table 340. IPv6 Default Gateway Configuration Options Command Syntax and Usage ip gateway6 {1|4} address <IPv6 address> [enable] Configures the IPv6 address of the default gateway, in hexadecimal format with colons (such as 3001:0:0:0:0:0:abcd:12). The enable option also enables the gateway. Command mode: Global configuration [no] ip gateway6 {1|4} enable Enables or disables the default gateway. Command mode: Global configuration no ip gateway6 {1|4} Deletes the default gateway. Command mode: Global configuration show ipv6 gateway6 {1|4} Displays the current IPv6 default gateway configuration. Command mode: All G8332 Command Reference for ENOS 8.4...
IPv6 Path MTU Configuration The following table describes the configuration options for Path MTU (Maximum Transmission Unit). The Path MTU cache can consume system memory and affect performance. These commands allow you to manage the Path MTU cache. Table 343. IPv6 Path MTU Options Command Syntax and Usage ip pmtu6 timeout {0|<10‐100>} Sets the timeout value for Path MTU cache entries, in minutes. Enter 0 (zero) to set the timeout to infinity (no timeout). The default value is 10 minutes. Command mode: Global configuration clear ipv6 pmtu Clears all entries in the Path MTU cache. Command mode: Privileged EXEC show ipv6 pmtu Displays the current Path MTU configuration. Command mode: All IPv6 Neighbor Discovery Prefix Configuration The following table describes the Neighbor Discovery prefix configuration options. These commands allow you to define a list of prefixes to be placed in Prefix Information options in Router Advertisement messages sent from an interface. Table 344. IPv6 Neighbor Discovery Prefix Options Command Syntax and Usage interface ip <1‐128>...
IPv6 Prefix Policy Table Configuration The following table describes the configuration options for the IPv6 Prefix Policy Table. The Prefix Policy Table allows you to override the default address selection criteria. Table 345. IPv6 Prefix Policy Table Options Command Syntax and Usage [no] ip prefixpolicy <IPv6 prefix> <IPv6 prefix length> <precedence (0‐100)> <label (0‐100)> Adds or removes a Prefix Policy Table entry. Enter the following parameters: IPv6 address prefix Prefix length Precedence: The precedence is used to sort destination addresses. Prefixes with a higher precedence are sorted before those with a lower precedence. Label: The label allows you to select prefixes based on matching labels. Source prefixes are coupled with destination prefixes if their labels match. Command mode: Global configuration show ip prefixpolicy Displays the current Prefix Policy Table configuration. Command mode: All G8332 Command Reference for ENOS 8.4...
DHCP Snooping DHCP Snooping provides security by filtering untrusted DHCP packets and by maintaining a binding table of trusted interfaces. Table 347. DHCP Snooping Options Command Syntax and Usage [no] ip dhcp snooping Enables or disables DHCP Snooping. Command mode: Global configuration ip dhcp snooping binding <MAC address> vlan <VLAN ID (1‐4094)> <IP address> port <port alias or number> expiry <1‐4294967295> Adds a manual entry to the binding table. Command mode: Global configuration no ip dhcp snooping binding {<MAC address>|all [interface port <port alias or number>|vlan <VLAN ID (1‐4094)>]} Removes an entry from the binding table. Command mode: Global configuration [no] ip dhcp snooping information optioninsert Enables or disables option 82 support for DHCP Snooping. When enabled, DHCP Snooping performs the following functions: if a DHCP packet from a client contains option 82 information, the information is retained. when DHCP Snooping forwards a DHCP packet from a client, option 82 information is added to the packet. when DHCP snooping forward a DHCP packet from a server, option 82 information is removed from the packet. Command mode: Global configuration [no] ip dhcp snooping vlan <VLAN ID (1‐4094)> Adds or removes the selected VLAN to DHCP Snooping. Member ports participate in DHCP Snooping. Command mode: Global configuration show ip dhcp snooping Displays the current DHCP Snooping parameters.
ETS Global Configuration Enhanced Transmission Selection (ETS) allows you to allocate bandwidth to different traffic types, based on 802.1p priority. Note: ETS configuration supersedes the QoS 802.1p menu and commands. When ETS is enabled, you cannot configure the 802.1p options. ETS Global Priority Group Configuration The following table describes the global ETS Priority Group configuration options. Table 349. Global ETS Priority Group Options Command Syntax and Usage cee global ets prioritygroup pgid <0‐7, 15> bandwidth <bandwidth percentage (0, 10‐100)> Allows you to configure the link bandwidth percentage allocated to the Priority Group. Note: Priority Group 15 is a strict priority group and does not need bandwidth assigned to it. Command mode: Global configuration cee global ets prioritygroup pgid <0‐7, 15> description <1‐31 characters> Enter text that describes this Priority Group. Command mode: Global configuration no cee global ets prioritygroup <0‐7, 15> description Deletes the Priority Group description. Command mode: Global configuration cee global ets prioritygroup pgid <0‐7, 15> priority <802.1p priority (0‐7)> Allows you to assign one or more 802.1p values to the Priority Group. Command mode: Global configuration show cee global ets Displays the current global ETS parameters.
802.1p PFC Configuration The following table describes the 802.1p Priority Flow Control (PFC) configuration options. Table 351. PFC 802.1p Configuration Options Command Syntax and Usage [no] cee port <port alias or number> pfc enable Enables or disables Priority Flow Control on the specified port. Command mode: Global configuration [no] cee port <port alias or number> pfc priority <0‐7> enable Enables or disables Priority Flow Control on the selected 802.1p priority. Note: PFC can be enabled on 802.1p priority 3 and one other priority only. Command mode: Global configuration cee port <port alias or number> pfc priority <0‐7> description <1‐31 characters> Enter text to describe the priority value. Command mode: Global configuration no cee port <port alias or number> pfc priority <0‐7> description Deletes the description for the specified priority value. Command mode: Global configuration show cee port <port alias or number> pfc Displays the current 802.1p Priority Flow Control configuration on the specified port or ports. Command mode: All show cee port <port alias or number> pfc priority <0‐7> Displays the current 802.1p Priority Flow Control parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
FCoE Initialization Protocol Snooping Configuration Fibre Channel over Ethernet (FCoE) transports Fibre Channel frames over an Ethernet fabric. The CEE features and FCoE features allow you to create a lossless Ethernet transport mechanism. The following table describes the FCoE configuration options. Table 353. FCoE Configuration Options Command Syntax and Usage [no] fcoe fips automaticvlan Enables or disables automatic VLAN creation, based on response received from the connected device. Command mode: Global configuration [no] fcoe fips enable Globally enables or disables FIP Snooping. Command mode: Global configuration [no] fcoe fips timeoutacl Enables or disables ACL time‐out removal. When enabled, ACLs associated with expired FCFs and FCoE connections are removed from the system. Command mode: Global configuration show fcoe information Displays the current FCoE parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
FCoE Forwarder Configuration Use the following commands to configure FCoE Forwarder (FCF) parameters. The following table describes the FCF configuration options. Table 355. FCoE Configuration Options Command Syntax and Usage fcf areasize <256‐4096> vlan <VLAN ID (2‐4094)> Configures area width. Command mode: Global configuration fcf concurrentlogin <1‐2048> Configures the maximum number of concurrent FLOGI/FDISC for this FCF. The default setting is 16. Command mode: VLAN no fcf concurrentlogin Sets the maximum number of concurrent FLOGI/FDISC for this FCF to 0. Command mode: VLAN [no] fcf enable Enables or disables the VLAN as Fibre Channel Forwarding VLAN. The default setting is disabled. Command mode: VLAN show fcf Displays FCF information. For details, see Chapter 2, “FCoE Forwarder Information. Command mode: All G8332 Command Reference for ENOS 8.4...
Zone Configuration Use the following commands to configure FCF zones. Table 357. Fibre Channel Zone Configuration Commands Command Syntax and Usage zone clone <selected zone name> <new zone name> vlan <VLAN ID (2‐4094)> Creates a new zone with the attributes of the selected zone. Command mode: Global configuration [no] zone defaultzone permit vlan <VLAN ID (2‐4094)> Permits or denies traffic flow to default zone members. Command mode: Global configuration [no] zone name <1‐64 characters> vlan <VLAN ID (2‐4094)> Enter FC Zone configuration mode for the specified zone. If the zone doesn’t exist, it is created. The no form of the command erases the zone. Command mode: Global configuration zone rename <current name> <new name> vlan <VLAN ID (2‐4094)> Renames the FC zone. Command mode: Global configuration [no] member {pwwn <pwwn>|fcalias <alias ID>} Adds or removes zone members based on: pwwn: Port World Wide Number. fcalias: Alias name of the FC device. Command mode: FC Zone configuration G8332 Command Reference for ENOS 8.4...
FC Alias Configuration Use the following commands to configure FC aliases. Table 359. FC Alias Configuration Commands Command Syntax and Usage [no] fcalias name <pwwn alias> vlan <VLAN ID (2‐4094)> Creates or deletes a port alias specific to a VLAN. Command mode: Global configuration fcalias rename <old pwwn alias> <new pwwn alias> vlan <VLAN ID (2‐4094)> Renames a port alias specific to a VLAN. Command mode: Global configuration [no] member fcalias <pwwn alias> Adds or removes a port alias associated with a zone. Command mode: FC Zone Configuration [no] member pwwn <pwwn alias> Adds or removes a member associated with a pwwn alias. Command mode: FC Alias Configuration G8332 Command Reference for ENOS 8.4...
Table 360. RMON History Configuration Options Command Syntax and Usage no rmon history <1‐65535> Deletes the selected History index. Command mode: Global configuration show rmon history Displays the current RMON History parameters. Command mode: All RMON Event Configuration The following table describes the RMON Event commands. Table 361. RMON Event Configuration Options Command Syntax and Usage rmon event <1‐65535> description <1‐127 characters> Enter a text string to describe the event. Command mode: Global configuration no rmon event <1‐65535> description Deletes the description of the specified event index. Command mode: Global configuration rmon event <1‐65535> owner <1‐127 characters> Enter a text string that identifies the person or entity that uses this Event index. Command mode: Global configuration no rmon event <1‐65535> owner Deletes the identification information for the specified Event index. Command mode: Global configuration rmon event <1‐65535> type {log|trap|both} Selects the type of notification provided for this event. For log events, an entry is made in the log table and sent to the configured syslog host. For trap events, an SNMP trap is sent to the management station. Command mode: Global configuration no rmon event <1‐65535> type Removes notification provided for this event.
Page 636
Table 362. RMON Alarm Configuration Options (continued) Command Syntax and Usage rmon alarm <1‐65535> owner <1‐127 characters> Enter a text string that identifies the person or entity that uses this alarm index. Command mode: Global configuration no rmon alarm <1‐65535> owner Deletes the identification information for the specified Alarm index. Command mode: Global configuration rmon alarm <1‐65535> risingcrossingindex <0‐65535> Configures the rising alarm event index that is triggered when a rising threshold is crossed. Command mode: Global configuration rmon alarm <1‐65535> risinglimit <‐2147483647 ‐ 2147483647> Configures the rising threshold for the sampled statistic. When the current sampled value is greater than or equal to this threshold, and the value at the last sampling interval was less than this threshold, a single event is generated. Command mode: Global configuration rmon alarm <1‐65535> sample {abs|delta} Configures the method of sampling the selected variable and calculating the value to be compared against the thresholds, as follows: abs ‐ absolute value, the value of the selected variable is compared directly with the thresholds at the end of the sampling interval. delta ‐ delta value, the value of the selected variable at the last sample is subtracted from the current value, and the difference compared with the thresholds. Command mode: Global configuration no rmon alarm <1‐65535> Deletes the selected RMON Alarm index. Command mode: Global configuration show rmon alarm Displays the current RMON Alarm parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Page 638
Table 364. VM Bandwidth Management Options (continued) Command Syntax and Usage virt vmpolicy vmbwidth {<MAC address>|<UUID>|<name>| |<IP address>|<index number>} txrate <0‐40000000> <max. burst (0‐4096)> [<ACL number>] The first value configures Committed Rate—the amount of bandwidth available to traffic transmitted from the VM to the switch, in kilobits per second. Enter the value in multiples of 64. The second values configures the maximum burst size, in kilobits. Enter one of the following values: 0, 32, 64, 128, 256, 512, 1024, 2048 or 4096. The third value represents the ACL assigned to the transmission rate. The ACL is added automatically, in sequential order, if not specified by the user. If there are no available ACLs, the TXrate cannot be configured. Each TXrate configuration reduces the number of available ACLs by one. Command mode: Global configuration no virt vmpolicy vmbwidth {<MAC address>|<UUID>|<name>| |<IP address>|<index number>} Deletes the bandwidth management settings from this VM policy. Command mode: Global configuration show virt vmpolicy vmbwidth [<MAC address>|<UUID>|<name>| |<IP address>|<index number>|<index range>] [|{include|exclude| |section|begin}] Displays the current VM bandwidth management parameters for all virtual machines or only for a certain VM by specifying its MAC address, UUID, name, IP address or index number. | displays the VM bandwidth management parameters matching one of the following filters: • include displays parameters matching the specified expression • exclude displays parameters not matching the specified expression • section displays parameters matching the specified section • begin displays parameters beginning from the first parameter that matches the specified expression Command mode: All G8332 Command Reference for ENOS 8.4...
Page 640
Table 365. VM Group Configuration Options (continued) Command Syntax and Usage virt vmgroup <1‐4096> stg <1‐128> Assigns the VM group to a Spanning Tree Group (STG). Command mode: Global configuration [no] virt vmgroup <1‐4096> tag Enables or disables VLAN tagging on ports in this VM group. Command mode: Global configuration virt vmgroup <1‐4096> validate {basic|advanced} Enables MAC address spoof prevention for the specified VM group. basic validation ensures lightweight port‐based protection by cross‐checking the VM MAC address, switch port and switch ID between the switch and the hypervisor. Applicable for “trusted” hypervisors, which are not susceptible to duplicating or reusing MAC addresses on virtual machines. advanced validation ensures heavyweight VM‐based protection by cross‐checking the VM MAC address, VM UUID, switch port and switch ID between the switch and the hypervisor. Applicable for “untrusted” hypervisors, which are susceptible to duplicating or reusing MAC addresses on virtual machines. The default setting is disabled. Command mode: Global configuration no virt vmgroup <1‐4096> validate Disables MAC address spoof prevention for the specified VM group. Command mode: Global configuration virt vmgroup <1‐4096> vlan <VLAN ID (1‐4094)> Assigns a VLAN to this VM group. If you do not assign a VLAN to the VM group, the switch automatically assigns the first unused VLAN when adding a port or a VM to the VM Group. Note: If you add a VM profile to this group, the group will use the VLAN assigned to the profile. Command mode: Global configuration [no] virt vmgroup <1‐4096> vm {<VM MAC address index (0‐4095)>| |<MAC address>|<UUID>|<name>|<IP address>} Adds or removes a VM to/from the VM group. Enter a unique identifier to ...
VM Check Configuration The following table describes the VM Check validation options used for MAC address spoof prevention. Table 366. VM Check Configuration Options Command Syntax and Usage virt vmcheck acls max <1‐256> Configures the maximum number of ACLs that can be set up for MAC address spoofing prevention in advanced validation mode. The default value is 50. Command mode: Global configuration default virt vmcheck acls Sets to default maximum number of ACLs that can be set up for MAC address spoofing prevention in advanced validation mode. Command mode: Global configuration no virt vmcheck acls Disables ACL‐based MAC address spoofing prevention in advanced validation mode. Command mode: Global configuration virt vmcheck action advanced {acl|link|log} Sets up action taken when detecting MAC address spoofing in advanced validation mode: acl registers a syslog entry and installs an ACL to drop traffic incoming on the corresponding switch port originating from the spoofed MAC address link registers a syslog entry and disables the corresponding switch port log registers a syslog entry The default setting is acl. Command mode: Global configuration virt vmcheck action basic {link|log} Sets up action taken when detecting MAC address spoofing in basic validation mode: link registers a syslog entry and disables the corresponding switch port ...
Page 644
Table 367. VM Profile Configuration Options Command Syntax and Usage virt vmprofile edit <profile name (1‐39 characters)> shaping <average (1‐1000000000)> <burst (1‐1000000000)> <peak (1‐1000000000)> Configures traffic shaping parameters implemented in the hypervisor, as follows: Average traffic, in kilobits per second. Maximum burst size, in kilobits. Peak traffic, in kilobits per second. Delete traffic shaping parameters. Command mode: Global configuration no virt vmprofile <profile name (1‐39 characters)> shaping Deletes the traffic shaping parameters for the specified VM profile. Command mode: Global configuration virt vmprofile edit <profile name (1‐39 characters)> vlan <VLAN ID (1‐4094)> Assigns a VLAN to the VM profile. Command mode: Global configuration show virt vmprofile [<profile name>] Displays the current VM Profile parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Table 368. VM Ware Configuration Options Command Syntax and Usage virt vmware vcspec <IP address> <username> [noauth] Defines the Virtual Center credentials on the switch. Once you configure the Virtual Center, VM Agent functionality is enabled across the system. You are prompted for the following information: IP address of the Virtual Center User name and password for the Virtual Center Whether to authenticate the SSL security certificate (yes or no) Command mode: Global configuration no virt vmware vcspec Deletes the Virtual Center credentials on the switch. Command mode: Global configuration show virt vmware Displays the current VMware parameters. Command mode: All Miscellaneous VMReady Configuration You can pre‐configure MAC addresses as VM Organization Unique Identifiers (OUIs). These configuration commands are only available using the Enterprise NOS CLI and the Miscellaneous VMReady Configuration Menu. The following table describes the VMReady configuration options. Table 369. VMReady Configuration Options Command Syntax and Usage [no] virt vmrmisc lmac Enables or disables the switch to treat locally administered MAC addresses as VMs.
Edge Virtual Bridge VSI Type Database Configuration The following table describes the EVB VSI Type Database configuration options. Table 371. Edge Virtual Bridge VSI Type Database Configuration Options Command Syntax and Usage virt evb vsidb <VSIDB number> Enter Virtual Station Interface Database configuration mode. Command mode: Global configuration filename <file name> Sets the Virtual Station Interface Type database document name. Command mode: VSI Database no filename Deletes the Virtual Station Interface Type database document name. Command mode: VSI Database filepath <file path> Sets the Virtual Station Interface Type database document path. Command mode: VSI Database no filepath Deletes the Virtual Station Interface Type database document path. Command mode: VSI Database host <IP address> [mgtport|dataport] Sets the Virtual Station Interface Type database manager IP address and the port used for the connection. By default, the management port is used. Command mode: VSI Database port <1‐65534> Sets the Virtual Station Interface Type database manager port. Command mode: VSI Database protocol {http|https} Sets the Virtual Station Interface Type database transport protocol. The default setting is HTTP.
Edge Virtual Bridge VSI Type Profile Configuration The following table describes the Virtual Station Interface Type profile configuration options. Table 372. Edge Virtual Bridge VSI Type Profile Configuration Options Command Syntax and Usage virt evb profile <profile number> Enter Virtual Station Interface type profile configuration mode. Command mode: Global configuration [no] reflectiverelay Enables or disables VEPA mode (Reflective Relay capability). Command mode: EVB Profile [no] vsidiscovery Enables or disables VSI Discovery (ECP and VDP). Command mode: EVB Profile no virt evb profile <profile number> Deletes the specified EVB profile. Command mode: Global configuration evb profile <1‐16> Applies the specified EVB profile for the port. Automatically enables LLDP EVB TLV on the corresponding port. Command mode: Interface port no evb profile Resets EVB profile for the port. Automatically disables LLDP EVB TLV on the corresponding port. Command mode: Interface port show virt evb profile [<1‐16>] Displays the current EVB profile parameters. Command mode: All show virt evb profile ports Displays all EVB profile parameters including ports.
OpenFlow Configuration OpenFlow is an open interface used to control the forwarding plane in compatible switches and routers remotely, from an external controller. The RackSwitch G8332 can function as either a Hybrid or OpenFlow‐only switch: In Hybrid mode (default), an OpenFlow pipeline can be set up to run in parallel to the normal Ethernet switching pipeline. The two pipelines are completely separate, each with its own dedicated ports and confined packet flows. In OpenFlow‐only mode, the normal Ethernet switching capabilities are disabled, and the RackSwitch G8332 behaves as a pure OpenFlow switch. The following table describes the OpenFlow configuration options. Table 374. OpenFlow Configuration Options Command Syntax and Usage boot openflow {v1|v13} Switches between OpenFlow version 1.0 and OpenFlow version 1.3 on reboot. The default setting is v1. Command mode: Global configuration boot profile default Starts the switch in Hybrid mode on reboot. This is the default setting. Command mode: Global configuration boot profile openflow Starts the switch in OpenFlow‐only mode on reboot. Command mode: Global configuration [no] openflow enable Enables or disables OpenFlow. Note: Features involving TCAM resources are not supported on all ports. Command mode: Global configuration openflow fdbpriority <1‐65535> Configures a priority value to map flows with matching priority to FDB entries, if the flow uses destination MAC address and VLAN as the matching qualifier and single port as the action. The default value is 1000. Note: When you issue this command, all registered flow entries are cleared.
Page 654
Table 374. OpenFlow Configuration Options (continued) Command Syntax and Usage [no] buffer Enables or disables buffering support for OpenFlow packets. The default setting is disabled. Command mode: OpenFlow Instance connectretry <1‐8> Configures the maximum number of attempts to establish connection to a controller, before assuming the controller is down. The default value is 4. Command mode: OpenFlow Instance no connectretry Resets the connectretry value to 4. Command mode: OpenFlow Instance controller <1‐4> address <IP address> [dataport|mgtport] Configures the IP address of the OpenFlow Controller. You may specify the port to use for data transfer: data port (dataport) or management port (mgtport). By default, the system uses the management port. Command mode: OpenFlow Instance controller <1‐4> port < TCP port number ( 1‐65535)> Configures the TCP port used for communication with the Controller. The default port is 6633. Command mode: OpenFlow Instance no controller <1‐4> Deletes the selected controller from the specified instance ID. Command mode: OpenFlow Instance dpid <hex string> Applies an 8 byte Datapath ID to the instance, which uniquely identifies an OpenFlow instance in an OpenFlow environment. The default value is the instance ID followed by the switch MAC. Note: The Datapath ID must be unique among the switches controlled by a single OpenFlow controller. Command mode: OpenFlow Instance no dpid Resets the instance’s Datapath ID to the default value (instance ID followed by ...
Page 656
Table 374. OpenFlow Configuration Options (continued) Command Syntax and Usage emergency [timeout <0‐3600>] Forces the instance in emergency mode. The timeout parameter configures the duration in seconds after which the emergency mode expires. The default value is 30 seconds. Note: Supported only in OpenFlow 1.0. Command mode: OpenFlow Instance no emergency [timeout] Brings the instance out of emergency mode. The timeout parameter resets the emergency mode duration to the default value of 30 seconds. Note: Supported only in OpenFlow 1.0. Command mode: OpenFlow Instance [no] enable Enables or disables the instance. Note: When disabling an instance, its flow tables and statistics are cleared. Command mode: OpenFlow Instance maxflowacl <0‐1500> maxflowacl <0‐2000> Enables or disables the maximum flow ACL option, which ensures a dedicated maximum number of ACL flows are available for the instance. The maximum number of entries is 1500 in Hybrid mode and 2000 in OpenFlow Only mode. The total number of 1500/2000 entries is shared between instances. By default, maxflowacl is set to 0, allowing instances to dynamically access the available ACL flow slots until depletion. Note: Setting maxflowacl manually limits the number of ACL flow slots available for other instances by the corresponding value. Command mode: OpenFlow Instance no maxflowacl Sets the instance’s maximum number of ACL based flows to the default value of 0 (dynamic allocation). Command mode: OpenFlow Instance G8332 Command Reference for ENOS 8.4...
Page 658
Table 374. OpenFlow Configuration Options (continued) Command Syntax and Usage no maxflowmplspush Sets the instance’s maximum number of MPLS label push flows to the default value of 0 (dynamic allocation). Note: Supported only in OpenFlow 1.3. Command mode: OpenFlow Instance maxflowucastfdb <0‐123904> Enables or disables the maximum flow unicast FDB option, which ensures a dedicated maximum number of FDB unicast flows available for the instance. The total number of entries is shared between instances. By default, maxflowucastfdb is set to 0, allowing instances to dynamically access the available FDB unicast flow slots until depletion. Note: Setting maxflowucastfdb manually limits the number of FDB unicast flow slots available for other instances by the corresponding value. Command mode: OpenFlow Instance no maxflowucastfdb Sets the instance’s maximum number of FDB based unicast flows to the default value of 0 (dynamic allocation). Command mode: OpenFlow Instance [no] member <port alias or number> Enables or disables port usage by the OpenFlow instance for data traffic. Command mode: OpenFlow Instance [no] member portchannel <1‐208> Enables or disables static portchannel or LACP usage by the OpenFlow instance for data traffic. Note: Static portchannels and LACPs are supported only in OpenFlow 1.3. Command mode: OpenFlow Instance minflowtimeout <1‐300> Sets the minimum number of seconds after which a flow can be cleared from the instance’s tables. The default value is 0, meaning controller provided values are used instead. Command mode: OpenFlow Instance no minflowtimeout Sets the number of seconds after which a flow can be cleared from the instance’s tables to the default value of 0 (controller provided values).
Page 660
Table 374. OpenFlow Configuration Options (continued) Command Syntax and Usage [no] tablemiss controller Sets or disables the tablemiss flow entry to send packets unmatched by any flow entries to the controller. The default value is disabled, meaning packets unmatched by flow entries are dropped. Note: Supported only in OpenFlow 1.3. Command mode: OpenFlow Instance [no] openflow fdbaging Enables or disables periodical clearing of dynamically learned FDB entries on a specific port. The default value is disabled on OpenFlow edge ports. Command mode: Interface port/Interface portchannel [no] openflow staticstationmove Enables or disables forwarding frames that have source MAC addresses conflicting with entries in the static FDB table. This enables equal cost multi‐path routing and use cases where IPS and Firewall devices forward packets without changing the source MAC address. The default value is disabled. Command mode: Interface port/Interface portchannel clear openflow {group|table [basic|emergency|dynamic| |static]} Clears OpenFlow data for all instances: The group option clears the OpenFlow 1.3 group table. The table option clears all basic and emergency OpenFlow tables in OpenFlow 1.0. In OpenFlow 1.3, clears the dynamic and static flow tables. • The basic option clears only the basic OpenFlow tables. • The emergency option clears only the emergency OpenFlow tables. • The dynamic option clears only the dynamic OpenFlow tables. •...
Static Flows Configuration Static flows are ACL OpenFlow entries set up manually from the CLI by the administrator. Static flows cannot be deleted/modified by OpenFlow controllers and will continue to function when the switch goes into emergency mode. Even if they qualify as FDB entries based on their settings, static flows are always stored as ACL entries. A total of maximum 1000 static flows pool is shared between all OpenFlow instances. The following table describes the static flow configuration options: Table 375. Static FlowsConfiguration Options Command Syntax and Usage statictable add index <1‐1000> match <matching qualifier> actions <matching qualifier> [options <matching qualifier>] priority <0‐65535> Adds a static flow entry to the instance. Command mode: OpenFlow Instance statictable modify index <1‐1000> match <matching qualifier> actions <matching qualifier> [options <matching qualifier>] priority <0‐65535> Overwrites a static flow entry. Command mode: OpenFlow Instance statictable remove index <1‐1000> Deletes a static flow entry. Command mode: OpenFlow Instance clear openflow table static Deletes all static flow entries. Command mode: Privileged EXEC G8332 Command Reference for ENOS 8.4...
Page 664
Table 377. Static Flow Matching Qualifiers in OpenFlow 1.3 Qualifier Value udp‐src UDP source port (0‐65535) udp‐dst UDP destination port (0‐65535) icmpv4‐type ICMPv4 type icmpv4‐code ICMPv4 code eth‐type ʺarpʺ/ʺ0806ʺ or ʺipʺ/ʺ0800ʺ or (hex‐value < =65535) ip‐proto ʺtcpʺ or ʺudpʺ or 0‐255 ip‐dscp IP DSCP (6 bits in ToS field) arp‐op ʺrequestʺ or ʺreplyʺ (can be set only if eth‐type is ARP) mpls‐label MPLS label all qualifiers or any qualifier The following table describes the available actions: Table 378. Static Flow Actions in OpenFlow 1.0 Action Value output ʺallʺ,ʺin‐portʺ,ʺcontrollerʺ or a valid port set‐src‐mac Change source MAC address set‐dst‐mac Change destination MAC address strip‐vlan‐id Remove VLAN identifier set‐vlan‐priority Set 802.1p priority code point value (0‐7) set‐nw‐tos Set IP Type of Service (0‐255) drop...
Precision Time Protocol Configuration Precision Time Protocol (PTP) allows high accuracy clock synchronization between a networked master clock and compliant network hosts. The Lenovo RackSwitch G8332 supports two PTP modes: Ordinary slave clock ‐ Synchronizes the Real Time Clock (RTC) with PTP master clocks detected on the network. End‐to‐End transparent clock ‐ Allows PTP traffic to pass through without affecting the RTC, while updating the correction fields for event packets. Table 380. Precision Time Protocol Configuration Options Command Syntax and Usage [no] ptp ordinary enable Enables or disables PTP ordinary slave clock mode. In this mode, if a PTP master clock is detected on the network, the RTC is synchronized with it. If no master clock is detected, the RTC is not affected. The default setting is disabled. Note: Enabling PTP ordinary slave clock mode disables NTP settings and system time clock manual settings. Command mode: Global configuration [no] ptp transparent enable Enables or disables PTP End‐to‐End transparent clock mode. In this mode, incoming PTP packets are forwarded based on routing rules currently in place for the PTP domain’s multicast address (within the 224.0.1.129 ‐ 224.0.1.132 range). On egress, PTP packet timestamps are updated based on the time spent between ingress and egress. The default setting is disabled. Command mode: Global configuration ip ptp sourceinterface loopback <1‐5> Loopback interface used as source IP address for delay‐request packets sent during synchronization with the master clock in ordinary slave mode. By default, the interface with the lowest index from the master clock’s VLAN is ...
Microburst Detection Microbursts are short peaks in data traffic that manifest as a sudden increase in the number of data packets transmitted over a specific millisecond‐level time frame, potentially overwhelming network buffers. Microburst detection allows users to analyze and mitigate microburst‐related incidents, thus preventing network congestion. Table 381. Microburst Detection Configuration Options Command Syntax and Usage [no] microburst enable Enables or disables microburst detection. The default setting is disabled. Command mode: Global configuration microburst interval <2‐10000> Configures microburst detection interval granularity in milliseconds. The default setting is 5 miliseconds. Command mode: Global configuration microburst portthreshold <port alias or number> <1‐60628> Configures the number of memory cells a port is allowed to access from the shared service pool. There is no dedicated number of memory cells for a port. If this threshold is reached, it means the port is congested and needs to access additional memory from the shared service pool. The default value is 60628. Command mode: Global configuration show microburst microburststatus Displays microburst state and, if applicable, bursting time for each port. Command mode: All show microburst pktstats Displays memory cell usage for egress unicast and multicast packets, broken down by port and QoS queue. Command mode: All show microburst portlog Displays memory cell allocation and usage for ingress packets on each port. Command mode: All G8332 Command Reference for ENOS 8.4...
Configuration Dump The dump program writes the current switch configuration to the terminal screen. To start the dump program, at the prompt, enter: RS G8332# show runningconfig The configuration is displayed with parameters that have been changed from the default values. The screen display can be captured, edited, and placed in a script file, which can be used to configure other switches through a Telnet connection. When using Telnet to configure a new switch, paste the configuration commands from the script file at the command line prompt of the switch. The active configuration can also be saved or loaded via SFTP/FTP/TFTP, as described on page 671. G8332 Command Reference for ENOS 8.4...
Restoring the Active Switch Configuration When the copy runningconfig command is used, the active configuration will be replaced with the commands found in the specified configuration file. The file can contain a full switch configuration or a partial switch configuration. To start the switch configuration download, at the prompt, enter: RS G8332# copy ftp runningconfig or: RS G8332# copy sftp runningconfig or: RS G8332# copy tftp runningconfig The switch prompts you for the server address and filename. G8332 Command Reference for ENOS 8.4...
Operations-Level Port Commands Operations‐level port options are used for temporarily disabling or enabling a port, and for re‐setting the port. Table 384. Port Operations Command Syntax and Usage interface port <port alias or number> dot1x init Reinitializes 802.1x access control on the port. Command Mode: Privileged EXEC interface port <port alias or number> dot1x reauthenticate Immediately starts reauthentication on the port. Command Mode: Privileged EXEC [no] interface port <port alias or number> rmon Temporarily enables or disables remote monitoring of the port. The port will be returned to its configured operation mode when the switch is rebooted. Command Mode: Privileged EXEC interface port <port alias or number> shutdown Temporarily disables the port. The port will be returned to its configured operation mode when the switch is rebooted. Command Mode: Privileged EXEC no interface port <port alias or number> shutdown Temporarily enables the port. The port will be returned to its configured operation mode when the switch is rebooted. Command Mode: Privileged EXEC show interface port <port alias or number> operation Displays the port interface operational state. Command Mode: All G8332 Command Reference for ENOS 8.4...
VMware Operations Use these commands to perform minor adjustments to the VMware operation. Use these commands to perform Virtual Switch operations directly from the switch. Note that these commands require the configuration of Virtual Center access information (virt vmware vcspec). Table 388. VMware Operations Command Syntax and Usage virt vmware export <VM profile name> <VMware host ID> <Virtual Switch name> Exports a VM Profile to a VMware host. Use one of the following identifiers to specify each host: UUID IP address Host name You may enter a Virtual Switch name, or enter a new name to create a new Virtual Switch. Command Mode: All virt vmware pg <Port Group name> <host ID> <VSwitch name> <VLAN ID (0‐4094)> <shaping‐enabled> [<average‐Kbps> <burst‐KB> <peak‐Kbps>] Adds a Port Group to a VMware host. You are prompted for the following information: Port Group name VMware host ID (Use host UUID, host IP address, or host name.) Virtual Switch name VLAN ID of the Port Group Whether to enable the traffic‐shaping profile (1 or 0). If you choose 1 (yes), ...
VMware Distributed Virtual Switch Operations Use these commands to administer a VMware Distributed Virtual Switch (dvSwitch). Table 389. VMware dvSwitch Operations (/oper/virt/vmware/dvswitch) Command Syntax and Usage virt vmware dvswitch add <datacenter name> <dvSwitch name> [<dvSwitch version>] Adds the specified dvSwitch to the specified DataCenter. Command Mode: All virt vmware dvswitch addhost <dvSwitch name> {<host UUID| |host IP address|host name>} Adds the specified host to the specified dvSwitch. Use one of the following identifiers to specify the host: UUID IP address Host name Command Mode: All virt vmware dvswitch adduplink <dvSwitch name> {<host UUID| |host IP address|host name>} <uplink name> Adds the specified physical NIC to the specified dvSwitch uplink ports. Command Mode: All virt vmware dvswitch del <datacenter name> <dvSwitch name> Removes the specified dvSwitch from the specified DataCenter. Command Mode: All virt vmware dvswitch remhost <dvSwitch name> {<host UUID| |host IP address|host name>} Removes the specified host from the specified dvSwitch. Use one of the following identifiers to specify the host: UUID ...
Scheduled Reboot of the Switch This feature allows the switch administrator to schedule a reboot to occur at a particular time in future. This feature is particularly helpful if the user needs to perform switch upgrades during off‐peak hours. You can set the reboot time, cancel a previously scheduled reboot, and check the time of the current reboot schedule. Table 392. Scheduled Reboot Options Command Syntax and Usage boot schedule <day> <time (hh:mm)> Configures the switch reboot time. The following options are valid for the day value: monday tuesday wednesday thursday friday saturday sunday Command mode: Global configuration no boot schedule Cancels the switch reboot time. Command mode: Global configuration show boot Displays the current switch reboot schedule. Command mode: All G8332 Command Reference for ENOS 8.4...
Security Policy Configuration The switch can be configured to use two different security modes: Legacy policy mode Secure policy mode Legacy Policy mode allows the switch to use all communication protocols with no regards to the security level of the protocol.The switch will be able to use both protocols that encrypt and do not encrypt their communication across the network. Secure Policy mode allows the switch to use only secure communication protocols. Protocols that are regarded as being insecure are disabled and cannot be run on the switch. The commands associated with such protocols are unavailable. The following protocols are disabled and are not available on the switch if Secure Policy mode is enabled: HTTP LDAP Client SNMPv1 and SNMPv2 Telnet Client and Telnet Server Telnet IPv6 Client and Telnet IPv6 Server FTP Client and FTP Server Radius Client TACACS+ Client Syslog Server The following protocols are enabled and available on the switch if Secure Policy mode is enabled: DHCP Client DHCPv6 Client ...
Configuring the Number of Spanning Tree Groups The maximum number of Spanning Tree Groups (STGs) available on the switch can be configured to be either 128 or 256. Table 395. Configuring the Maximum Number of STGs Command Options Command Syntax and Usage boot spanningtree maxinstances {128|256} Configures the maximum number of Spanning Tree Groups (STGs) that can be used on the switch. The default value is 128. Note: The switch needs to be reloaded for the configuration to take effect. Command mode: Global configuration no boot spanningtree maxinstances Reset the maximum number of STGs available on the switch to the default value of 128. Note: The switch needs to be reloaded for the configuration to take effect. Command mode: Global configuration show boot spanningtree Displays the maximum number of currently available STGs on the switch and the maximum number of available STGs after the switch reloads. Command mode: All The following command displays the current maximum limit of STGs on the switch and the maximum limit configured after the switch reloads: show boot spanningtree Command mode: All Bootup Max PVRST Instances: 128 Saved Max PVRST Instances: 256 NOTE: A Reboot is required for the new settings to take effect. When switching from 256 to 128 STP instances, please remove any extra configuration for STP instance 128 and above, then save the configuration; otherwise, all STP instance configuration may be lost after reload.
QSFP Port Configuration The following table displays the QSFP Port configuration commands. Table 397. QSFP Port Options Command Syntax and Usage [no] boot qsfp40gports <port alias or number> Enables or disables 40GbE mode on the selected QSFP+ ports. When enabled, each QSFP+ port is set as a single 40GbE port. When disabled, each QSFP+ port is configured to breakout into four 10GbE ports. Note: You must reboot the switch for this change to take effect. Command mode: Global configuration show boot qsfpportmodes Displays the current QSFP parameters. Command mode: All G8332 Command Reference for ENOS 8.4...
Updating the Switch Software Image The switch software image is the executable code running on the RackSwitch G8332. A version of the image ships with the switch and comes pre‐installed on the device. As new versions of the image are released, you can upgrade the software running on your switch. Use the following command to determine the current software version: show boot Command mode: All Upgrading the software image on your switch requires the following: Loading the new image onto a SFTP, FTP, or TFTP server on your network Transferring the new image from the SFTP, FTP, or TFTP server to your switch Selecting the new software image to be loaded into switch memory the next time the switch is rebooted G8332 Command Reference for ENOS 8.4...
Selecting a Software Image to Run You can select which software image (image1 or image2) you want to run in switch memory for the next reboot. 1. In Global Configuration mode, enter: RS G8332(config)# boot image {image1|image2} 2. Enter the name of the image you want the switch to use upon the next boot. The system informs you of which image set to be loaded at the next reboot: Next boot will use switch software image1 instead of image2. Uploading a Software Image from Your Switch You can upload a software image from the switch to a SFTP, FTP or TFTP server. 1. In Privileged EXEC mode, enter: RS G8332# copy {image1|image2|bootimage} {ftp|tftp|sftp} 2. Select a port type to use for uploading the image. Port type [DATA|MGT]: 3. Enter the name or the IP address of the SFTP, FTP or TFTP server: <IP address or hostname> Address or name of remote host: 4. Enter the name of the file into which the image will be uploaded on the SFTP, FTP or TFTP server: <filename> Destination file name: 5.
Setting an Entitlement Serial Number To improve customer technical support, your customer support representative can assign your switch an Entitlement Serial Number (ESN) at the time you request support. The ESN can be conveniently stored on the switch using the following command: RS G8332(config)# boot esn <Entitlement Serial Number> The ESN helps to locate your switch’s identifying information when you call technical support for help in future. G8332 Command Reference for ENOS 8.4...
Changing the Switch Profile The Enterprise NOS software for the G8332 can be configured to operate in different modes for different deployment scenarios. The deployment profile changes some of the basic switch behavior, shifting switch resources to optimize capacity levels to meet the needs of different types of networks. For more information about deployment profiles, see the Lenovo RackSwitch G8332 Application Guide for Lenovo Enterprise Network Operating System 8.4. To change the deployment profile, select the new profile and reboot the G8332. Use the following command to select a new profile: RS G8332(config)# boot profile {acl|default|ipmcopt|openflow} The following list describes the boot profile options: acl ‐ deployment profile with maximum Access Control Lists (ACLs) default ‐ deployment profile with balanced resources ipmcopt ‐ deployment profile with different IPMC entries and ACLs: aclsnone ‐ 1792 IPMC entries and no ACLs acls128 ‐ 1536 IPMC entries and 128 ACLs acls256 ‐ 1280 IPMC entries and 256 ACLs acls384 ‐ 1024 IPMC entries and 384 ACLs openflow ‐ OpenFlow Only deployment profile G8332 Command Reference for ENOS 8.4...
Boot Recovery Mode The Boot Recovery Mode allows you to recover from a failed software or boot image upgrade using TFTP or XModem download. To enter Boot Recovery Mode you must select “Boot in recovery mode” option from the Boot Management Menu by pressing R. Entering Rescue Mode. Please select one of the following options: T) Configure networking and tftp download an image X) Use xmodem 1K to serial download an image P) Physical presence (low security mode) R) Reboot E) Exit Option? : The Boot Recovery Mode menu allows you to perform the following actions: To recover from a failed software or boot image upgrade using TFTP, press T and follow the screen prompts. For more details, see “Recover from a Failed Image Upgrade using TFTP” on page 703. To recover from a failed software or boot image upgrade using XModem download, press X and follow the screen prompts. For more details, see “Recovering from a Failed Image Upgrade using XModem Download” on page 705. To enable the loading of an unofficial image, press P and follow the screen prompts. For more details, see “Physical Presence” on page 707. To restart the boot process from the beginning, press R. To exit Boot Recovery Mode menu, press E. The boot process continues. G8332 Command Reference for ENOS 8.4...
Page 704
Below is an example of a successful recovery procedure using TFTP: Entering Rescue Mode. Please select one of the following options: T) Configure networking and tftp download an image X) Use xmodem 1K to serial download an image P) Physical presence (low security mode) R) Reboot E) Exit Option? : t Performing TFTP rescue. Please answer the following questions (enter 'q' to quit): IP addr :10.241.6.4 Netmask :255.255.255.128 Gateway :10.241.6.66 Server addr:10.72.97.135 Image Filename: G83328.4.1.0_OS.img Netmask : 255.255.255.128 Gateway : 10.241.6.66 Configuring management port....... Installing image G83328.4.1.0_OS.img from TFTP server 10.72.97.135 Extracting images ... Do *NOT* power cycle the switch. Installing Application: Image signature verified. Install image as image 1 or 2 (hit return to just boot image): 2 Installing image as image2: 100% Image2 updated succeeded Updating install log. File G83328.4.1.0_OS.img installed from 10.72.97.135 at 15:29:30 on 1232015 Please select one of the following options: T) Configure networking and tftp download an image X) Use xmodem 1K to serial download an image P) Physical presence (low security mode) R) Reboot E) Exit Option? : G8332 Command Reference for ENOS 8.4...
Page 706
The image install will begin. After the procedure is complete, the Recovery Mode menu will be re‐displayed. Extracting images ... Do *NOT* power cycle the switch. Installing Root Filesystem: Image signature verified. 100% Installing Kernel: Image signature verified. 100% Installing Device Tree: Image signature verified. 100% Installing Boot Loader: 100% Updating install log. File image installed from xmodem at 18:06:02 on 1332015 Please select one of the following options: T) Configure networking and tftp download an image X) Use xmodem 1K to serial download an image P) Physical presence (low security mode) R) Reboot E) Exit Option? : Boot image recovery is complete. G8332 Command Reference for ENOS 8.4...
Page 710
Table 398. General Maintenance Commands (continued) Command Syntax and Usage copy backuptechsupport tftp address <hostname or server IP address> filename <TFTP server filepath> {dataport|mgtport} Uploads the technical support information saved before a switch reboot (backup‐tech‐support) to an external TFTP server. Note: Technical support information is stored in a compressed format. Command mode: Privileged EXEC clear flashdump Clears dump information from flash memory. Command mode: Privileged EXEC clear logging Clears the system log file (SYSLOG). Command mode: Privileged EXEC show techsupport [fcoe|l2|l3|link|port] Dumps all G8332 information, statistics and configuration. You can log the output (tsdmp) into a file. To filter the information, use the following options: fcoe displays only FCoE‐related information l2 displays only Layer 2‐related information l3 displays only Layer 3‐related information link displays only link status‐related information port displays only port‐related information Command mode: All except User EXEC G8332 Command Reference for ENOS 8.4...
Debugging Commands The Miscellaneous Debug Commands display trace buffer information about events that can be helpful in understanding switch operation. You can view the following information using the debug commands: Events traced by the Management Processor (MP) Events traced to a buffer area when a reboot occurs If the switch reboots for any reason, the MP trace buffer is saved into the snap trace buffer area. The output from these commands can be interpreted by Technical Support personnel. Table 400. Miscellaneous Debug Options Command Syntax and Usage debug debugflags This command sets the flags that are used for debugging purposes. Command mode: Privileged EXEC debug dumpbt Displays the backtrace log. Command mode: Privileged EXEC [no] debug lacp packet {receive|transmit|both} port <port alias or number> Enables or disables debugging for Link Aggregation Control Protocol (LACP) packets on selected ports running LACP. The following parameters are available: receive filters only LACP packets received transmit filters only LACP packets sent both filters LACP packets either sent or received port filters LACP packets sent/received on specific ports By default, LACP debugging is disabled. Command mode: Privileged EXEC debug mpsnap Displays the Management Processor snap (or post‐mortem) trace buffer. This ...
SSH Debugging The following table describes the SSH debugging commands. Table 401. SSH Debugging Options Command Syntax and Usage [no] debug ssh client all Enables or disables all SSH Client debug messages. Command mode: Privileged EXEC [no] debug ssh client state Enables or disables SSH Client state debug messages. Command mode: Privileged EXEC [no] debug ssh server all Enables or disables all SSH Server debug messages. Command mode: Privileged EXEC [no] debug ssh server disconnect Enables or disables SSH Server disconnect debug messages. Command mode: Privileged EXEC [no] debug ssh server msg Enables or disables SSH Server type and protocol debug messages. Command mode: Privileged EXEC [no] debug ssh server packet Enables or disables SSH Server type, protocol and packet debug messages. Command mode: Privileged EXEC [no] debug ssh server state Enables or disables SSH Server state debug messages. Command mode: Privileged EXEC G8332 Command Reference for ENOS 8.4...
BGP Maintenance The following table describes the BGP information commands. Table 405. Border Gateway Protocol Maintenance Options Command Syntax and Usage show ip bgp debugging [last] Displays all BGP debugging entries. If the last option is specified, displays the results starting with the last entry first. Command mode: All show ip bgp debugging <IP address> [last] Displays all BGP debugging entries for the specified neighbor. If the last option is specified, displays the results starting with the last entry first. Command mode: All show ip bgp debugging <IP address> ignored [last] Displays BGP information for routers that have been ignored by the specified neighbor. If the last option is specified, displays the results starting with the last entry first. Command mode: All show ip bgp debugging <IP address> {in|out} [last] Displays inbound or outbound BGP debugging updates for the specified neighbor. If the last option is specified, displays the results starting with the last entry first. Command mode: All show ip bgp debugging ignored [last] Shows all BGP information for routers that have been ignored. If the last option is specified, displays the results starting with the last entry first. Command mode: All show ip bgp debugging {in|out} [last] Displays inbound or outbound BGP debugging updates. If the last option is specified, displays the results starting with the last entry first. Command mode: All show ip bgp information Displays the BGP routing table. Command mode: All show ip bgp information <IP address> <mask> Displays the BGP information related to the specified route.
LLDP Cache Manipulation The following table describes the LLDP cache manipulation commands. Table 407. LLDP Cache Manipulation Options Command Syntax and Usage show lldp [information] Displays all LLDP information. Command mode: All show lldp port <port alias or number> Displays Link Layer Discovery Protocol (LLDP) port information. Command mode: All show lldp port <port alias or number> tlv evb Displays Edge Virtual Bridge (EVB) type‐length‐value (TLV) information for the specified port. Command mode: All show lldp receive Displays information about the LLDP receive state machine. Command mode: All show lldp transmit Displays information about the LLDP transmit state machine. Command mode: All show lldp remotedevice [<1‐256>|detail|port <port alias or number>] Displays information received from LLDP ‐capable devices. For more information, see page Command mode: All clear lldp Clears the LLDP cache. Command mode: Privileged EXEC G8332 Command Reference for ENOS 8.4...
IP Route Manipulation The following table describes the IP route manipulation commands. Table 409. IP Route Manipulation Options Command Syntax and Usage debug routemap pbr Enables policy‐based routing debugging. Command mode: Privileged EXEC show ip route Shows all routes. Command mode: All show ip route address <IP address> Shows a single route by destination IP address. Command mode: All show ip route gateway <IP address> Shows routes to a default gateway. Command mode: All show ip route interface <1‐128> Shows routes on a single interface. Command mode: All show ip route tag {address|bgp|broadcast|fixed|martian| |multicast|ospf|rip|static} Shows routes of a single tag. For a description of IP routing tags, see Table 40 on page Command mode: All show ip route type {broadcast|direct|indirect|local| |martian|multicast} Shows routes of a single type. For a description of IP routing types, see Table 39 on page Command mode: All clear ip route Clears the route table from switch memory. Command mode: Privileged EXEC Note: To display all routes, you can also refer to “IP Routing Information” on ...
IGMP Multicast Routers Maintenance The following table describes the maintenance commands for IGMP multicast routers (Mrouters). Table 411. IGMP Multicast Router Maintenance Commands Command Syntax and Usage show ip igmp mrouter [dynamic|interface|portchannel|static] Displays information for all Mrouters, all dynamic/static Mrouter ports installed or Mrouter ports specific to a specified interface/portchannel. Command mode: All show ip igmp mrouter information Displays IGMP snooping information for all Mrouters. Command mode: All show ip igmp mrouter vlan <VLAN ID (1‐4094)> Displays IGMP Mrouter information for a single VLAN. Command mode: All show ip igmp querier vlan <VLAN ID (1‐4094)> Displays IGMP querier information for a single VLAN. Command mode: All show ip igmp relay Displays IGMP relay information. Command mode: All show ip igmp snoop igmpv3 Displays IGMPv3 snooping information. Command mode: All clear ip igmp mrouter Clears the dynamic IGMP Mrouter port table. Command mode: Privileged EXEC G8332 Command Reference for ENOS 8.4...
IPv6 Neighbor Cache Manipulation The following table describes the IPv6 Neighbor Cache manipulation commands. Table 413. IPv6 Neighbor Cache Manipulation Options Command Syntax and Usage show ipv6 neighbors Shows all IPv6 Neighbor Cache entries. Command mode: All show ipv6 neighbors find <IPv6 address> Shows a single IPv6 Neighbor Cache entry by IP address. Command mode: All show ipv6 neighbors interface port <port alias or number> Shows IPv6 Neighbor Cache entries on a single port. Command mode: All show ipv6 neighbors static Shows static IPv6 Neighbor Cache entries. Command mode: All show ipv6 neighbors vlan <VLAN ID (1‐4094)> Shows IPv6 Neighbor Cache entries on a single VLAN. Command mode: All clear ipv6 neighbors Clears all IPv6 Neighbor Cache entries from switch memory. Command mode: Privileged EXEC G8332 Command Reference for ENOS 8.4...
FCoE Forwarder Maintenance The following table describes the FCoE Forwarder (FCF) maintenance commands: Table 415. FCF Maintenance Options Command Syntax and Usage show fcf buffers Displays FCF buffers details. Command mode: All show fcf hardware {route|zone} vlan <VLAN ID (2‐4094)> Displays routing or zoning information. Command mode: All show fcf ports Displays fabric ports information. Command mode: All show fcf trace [vlan <VLAN ID (2‐4094)>] Displays debug traces information. The vlan option displays debug traces information for a specified VLAN. Command mode: All show fcf trace <FCF module> [vlan <VLAN ID (2‐4094)>] Displays debug traces information for a selected module. The vlan option displays debug traces information for a specified VLAN. Command mode: All clear fcf stats vlan <VLAN ID (2‐4094)> Clears FCF statistics for a specified VLAN. Command mode: Privileged EXEC G8332 Command Reference for ENOS 8.4...
Clearing Dump Information To clear dump information from flash memory, enter: RS G8332# clear flashdump The switch clears the dump region of flash memory and displays the following message: FLASH dump region cleared. If the flash dump region is already clear, the switch displays the following message: FLASH dump region is already clear. G8332 Command Reference for ENOS 8.4...
Page 736
Thread LOG_ALERT Message (continued) OSPF Interface IP <IP address>, Interface State {Down|Loopback| Waiting|P To P|DR|BackupDR|DR Other}: Interface down detached OSPF LS Database full: likely incorrect/missing routes or failed neighbors OSPF Neighbor Router ID <router ID>, Neighbor State {Down| Attempt|Init|2 Way|ExStart|Exchange|Loading|Full| Loopback|Waiting|P To P|DR|BackupDR|DR Other} OSPF OSPF Route table full: likely incorrect/missing routes CIST new root bridge CIST topology change detected CIST, interface port <port> [moved into|leave from] loop‐inconsistent state CIST, interface port <port> [moved into|leave from] root‐inconsistent state STG <STG>, interface port <port> [moved into|leave from] loop‐inconsistent state STG <STG>, interface port <port> [moved into|leave from] root‐inconsistent state STG <STG>, new root bridge STG <STG>, topology change detected Too many BPDUs flooded in VLAN <VLAN>. Some of them will be discarded! SYSTEM LACP trunk <trunk ID> and <trunk ID> formed with admin key ...
LOG_CRIT Thread LOG_CRIT Message canʹt allocate memory in load_MP_INT() currently not enough resource for loading RSA {private|public key} SYSTEM System memory is at <n> percent G8332 Command Reference for ENOS 8.4...
Page 740
Thread LOG_ERR Message (continued) SYSTEM I2C device <ID> <description> set to access state <state> [from CLI] SYSTEM Not enough memory! G8332 Command Reference for ENOS 8.4...
Page 742
Thread LOG_INFO Message (continued) MGMT Flash Write Error. Failed to allocate buffer. Quitting MGMT Flash Write Error. Trying again MGMT image1|2 download completed. Now writing to flash. MGMT image1|2 downloaded {from host <hostname>|via browser}, filename too long to be displayed, software version <version> MGMT image1|2 downloaded from host <hostname>, file ʹ<filename>ʹ, software version <version> MGMT Incorrect image being loaded MGMT Invalid diff track address. Continuing with apply() MGMT Invalid image being loaded for this switch type MGMT invalid image download completed. Now writing to flash. MGMT invalid image downloaded {from host <hostname>|via browser}, filename too long to be displayed, software version <version> MGMT invalid image downloaded from host <hostname>, file ʹ<filename>ʹ, software version <version> MGMT New config set MGMT new configuration applied [from BBI|EM|SCP|SNMP] MGMT new configuration saved from {BBI|ISCLI|SNMP} MGMT scp<username>(<user type>) {logout|ejected|idle timeout| connection closed} from {Console|Telnet/SSH} MGMT scp<username>(<user type>) login {on Console|from host ...
Page 748
Thread LOG_NOTICE Message (continued) SYSTEM rebooted (<reason>)[, administrator logged in] Reason: Boot watchdog reset reset from console console PANIC command reset from EM console RESET KEY reset from Telnet/SSH hard reset by SNMP scheduled reboot hard reset by WEB‐UI SMS‐64 found an over‐voltage hard reset from console SMS‐64 found an under‐voltage hard reset from Telnet software ASSERT low memory software PANIC MM Cycled Power Domain software VERIFY ...
Page 752
Start the process of determining a solution to your problem by making the pertinent information available to the service technicians. The IBM service technicians can start working on your solution as soon as you have completed and submitted an Electronic Service Request. You can solve many problems without outside assistance by following the troubleshooting procedures that Lenovo provides in the online help or in the Lenovo product documentation. The Lenovo product documentation also describes the diagnostic tests that you can perform. The documentation for most systems, operating systems, and programs contains troubleshooting procedures and explanations of error messages and error codes. If you suspect a software problem, see the documentation for the operating system or program. G8332 Command Reference for ENOS 8.4...
Page 754
Any performance data contained herein was determined in a controlled environment. Therefore, the result obtained in other operating environments may vary significantly. Some measurements may have been made on development‐level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurements may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment. G8332 Command Reference for ENOS 8.4...
Important Notes Processor speed indicates the internal clock speed of the microprocessor; other factors also affect application performance. CD or DVD drive speed is the variable read rate. Actual speeds vary and are often less than the possible maximum. When referring to processor storage, real and virtual storage, or channel volume, KB stands for 1 024 bytes, MB stands for 1 048 576 bytes, and GB stands for 1 073 741 824 bytes. When referring to hard disk drive capacity or communications volume, MB stands for 1 000 000 bytes, and GB stands for 1 000 000 000 bytes. Total user‐accessible capacity can vary depending on operating environments. Maximum internal hard disk drive capacities assume the replacement of any standard hard disk drives and population of all hard‐disk‐drive bays with the largest currently supported drives that are available from Lenovo. Maximum memory might require replacement of the standard memory with an optional memory module. Each solid‐state memory cell has an intrinsic, finite number of write cycles that the cell can incur. Therefore, a solid‐state device has a maximum number of write cycles that it can be subjected to, expressed as total bytes written (TBW). A device that has exceeded this limit might fail to respond to system‐generated commands or might be incapable of being written to. Lenovo is not responsible for replacement of a device that has exceeded its maximum guaranteed number of program/erase cycles, as documented in the Official Published Specifications for the device. Lenovo makes no representations or warranties with respect to non‐Lenovo products. Support (if any) for the non‐Lenovo products is provided by the third party, not Lenovo. Some software might differ from its retail version (if available) and might not include user manuals or all program functionality. G8332 Command Reference for ENOS 8.4...
Particulate Contamination Attention: Airborne particulates (including metal flakes or particles) and reactive gases acting alone or in combination with other environmental factors such as humidity or temperature might pose a risk to the device that is described in this document. Risks that are posed by the presence of excessive particulate levels or concentrations of harmful gases include damage that might cause the device to malfunction or cease functioning altogether. This specification sets forth limits for particulates and gases that are intended to avoid such damage. The limits must not be viewed or used as definitive limits, because numerous other factors, such as temperature or moisture content of the air, can influence the impact of particulates or environmental corrosives and gaseous contaminant transfer. In the absence of specific limits that are set forth in this document, you must implement practices that maintain particulate and gas levels that are consistent with the protection of human health and safety. If Lenovo determines that the levels of particulates or gases in your environment have caused damage to the device, Lenovo may condition provision of repair or replacement of devices or parts on implementation of appropriate remedial measures to mitigate such environmental contamination. Implementation of such remedial measures is a customer responsibility.. Contaminant Limits Particulate • The room air must be continuously filtered with 40% atmospheric dust spot efficiency (MERV 9) according to ASHRAE Standard 52.2 • Air that enters a data center must be filtered to 99.97% efficiency or greater, using high‐efficiency particulate air (HEPA) filters that meet MIL‐STD‐282. • The deliquescent relative humidity of the particulate contamination must be more than 60% • The room must be free of conductive contamination such as zinc whis‐ kers. Gaseous • Copper: Class G1 as per ANSI/ISA 71.04‐1985 • Silver: Corrosion rate of less than 300 Å in 30 days 1 ...
Federal Communications Commission (FCC) Statement Note: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case the user will be required to correct the interference at his own expense. Properly shielded and grounded cables and connectors must be used to meet FCC emission limits. Lenovo is not responsible for any radio or television interference caused by using other than recommended cables and connectors or by unauthorized changes or modifications to this equipment. Unauthorized changes or modifications could void the user’s authority to operate the equipment. This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that might cause undesired operation. Industry Canada Class A Emission Compliance Statement This Class A digital apparatus complies with Canadian ICES‐003. Avis de Conformité à la Réglementation d'Industrie Canada Cet appareil numérique de la classe A est conforme à la norme NMB‐003 du ...
Dieses Gerät ist berechtigt, in Übereinstimmung mit dem Deutschen EMVG das EG‐Konformitätszeichen ‐ CE ‐ zu führen. Verantwortlich für die Konformitätserklärung nach Paragraf 5 des EMVG ist die Lenovo (Deutschland) GmbH, Meitnerstr. 9, D‐70563 Stuttgart. Informationen in Hinsicht EMVG Paragraf 4 Abs. (1) 4: Das Gerät erfüllt die Schutzanforderungen nach EN 55024 und EN 55022 Klasse Nach der EN 55022: ʺDies ist eine Einrichtung der Klasse A. Diese Einrichtung kann im Wohnbereich Funkstörungen verursachen; in diesem Fall kann vom Betreiber verlangt werden, angemessene Maßnahmen durchzuführen und dafür aufzukommen.ʺ Nach dem EMVG: ʺGeräte dürfen an Orten, für die sie nicht ausreichend entstört sind, nur mit besonderer Genehmigung des Bundesministers für Post und Telekommunikation oder des Bundesamtes für Post und Telekommunikation betrieben werden. Die Genehmigung wird erteilt, wenn keine elektromagnetischen Störungen zu erwarten sind.ʺ (Auszug aus dem EMVG, Paragraph 3, Abs. 4). Dieses Genehmigungsverfahrenist nach Paragraph 9 EMVG in Verbindung mit der entsprechenden Kostenverordnung (Amtsblatt 14/93) kostenpflichtig. Anmerkung: Um die Einhaltung des EMVG sicherzustellen sind die Geräte, wie in den Handbüchern angegeben, zu installieren und zu betreiben. Japan VCCI Class A Statement This is a Class A product based on the standard of the Voluntary Control Council for Interference (VCCI). If this equipment is used in a domestic environment, radio interference may occur, in which case the user may be required to take corrective actions. Japan Electronics and Information Technology Industries Association (JEITA) Statement Japan Electronics and Information Technology Industries Association (JEITA) Confirmed Harmonics Guidelines (products less than or equal to 20 A per phase) Japan Electronics and Information Technology Industries Association (JEITA) ...
Page 768
clear counters for all interfaces and queues 210 daylight savings time 339 CPU use statistics 207 DCB Capability Exchange Protocol 625 dump information 730 DCBX FDB statistics 231 configuration 625 hot links statistics 231 information 188 IPv4 statistics 244 debugging 709 IPv6 statistics 244 default gateway LACP statistics 231 information 84 MP‐related statistics 207 default gateway, interval (for health checks) 506 port statistics 207 default password 30 statistics for all ports 210 delete trunk group statistics 229 counters for all interfaces and queues 210...
Page 770
IP address ARP information 90 Japan Class A electronic emission statement 762 invalid 223 Japan Electronics and Information Technology Indus‐ invalid (IPv4) 247 tries Association statement 762 invalid (IPv6) 250 JEITA statement 762 IP forwarding directed broadcasts 513 information 84 IP information 84 Korea Class A electronic emission statement 763 IP interface 88 active 605 address of default gateway 506 configuration mode 22 LACP configuring address 500 clear statistics 231 configuring VLANs 502 configuration 483...
Page 772
OSPFv3 configuration 446 configuration 540 number 164 configuration mode 23 operations‐level options 676 dead, declaring a silent router to be down 547 priority 72 dead, health parameter of a hello packet 552 speed 33 hello, authentication parameter of a hello packet 552 states 58 interface configuration 547 trunking link state database 540 configuration 474 Not‐So‐Stubby Area 543 description 474 stub area 543 VLAN ID 33 transit area 543 WRED configuration 408 type 543 preemption...