Table of Contents
Advertisement
Advertisement
Table of Contents
Related Manuals for Dahua DH-PFS6428-24T
Summary of Contents for Dahua DH-PFS6428-24T
-
Page 1: Cli Configuration Manual
L3 Manage Switch CLI Configuration Manual (Applicable to DH-PFS6428-24T) -
Page 2: Table Of Contents
Contents CLI Configuration Manual ........................1 1. System Status Commands ....................... 7 1.1 Mode Description ......................7 1.2 System information ......................8 Function Brief ........................8 1.2.1 show version ......................8 1.2.2 show clock ......................8 1.3 Log information ......................... 9 Function Brief ........................ - Page 3 3.2.1 rate-limit ........................ 23 3.3 Port mirroring ........................23 Function Brief ........................ 23 3.3.1 monitor........................23 3.4 Link aggregation ......................24 Function Brief ........................ 24 3.4.1 trunk ........................24 3.4.2 load-balance ......................25 3.4.3 lacp enable | disable ................... 25 3.4.4 lacp active | passive ...................
- Page 4 Function Brief ........................ 46 4.7.1 ip dhcpd ........................ 46 4.7.2 dhcp pool......................47 4.7.3 network ......................... 47 4.7.4 default-router ....................... 48 4.7.5 dns-server ......................48 4.7.6 static ........................48 4.7.7 lease ........................49 4.7.8 domain-name ...................... 50 4.7.9 nbns-server ......................50 4.7.10 example ......................
- Page 5 5.3.7 redistribute ......................73 5.3.8 default-information originate ................74 5.3.9 ip ospf ........................74 5.3.10 show ip ospf....................... 76 5.3.11 example ......................76 5.4 BGP config ........................78 Function Brief ........................ 78 5.4.1 router bgp ......................79 5.4.2 timers bgp ......................79 5.4.3 redistribute ......................
- Page 6 6.6 Port isolation ......................... 102 Function Brief ......................103 6.6.1 switchport protected ..................103 6.7 Storm control ......................... 103 Function Brief ......................103 6.7.1 storm-control broadcast pps ................104 6.7.2 storm-control multicast pps ................104 6.7.3 storm-control unicast pps ................105 6.8 ERPS-RING config ......................
-
Page 7: System Status Commands
System Status Commands Mode Description Command Description How to enter and exit each mode (the privilege mode, global mode, and interface mode) Parameter None Default None Command Mode Privileged mode Example username: admin password: admin(Hidden) switch# switch# exit press ENTER to get started username: // This command is used to enter the privileged mode, and the exit command is used to exit the privileged mode. -
Page 8: System Information
// This command is used to enter the vlan1 interface mode from the global mode, and the exit command is used to exit the vlan1 interface mode. System information Function Brief This module is used to display the device name, software version, hardware version, MAC address, compile time, run time, and current system time. -
Page 9: Log Information
This command is used to display the current system time. Parameter None Default None Command Mode Privileged mode Example switch# show clock Log information Function Brief This module is used to display system logs when the system is running, so that maintenance staff can conveniently analyze relevant problems. -
Page 10: Show Interface
1.4.1 show interface Command Description This command is used to display the packet statistics of one or more ports. Parameter <cr> It is used to display data statistics of all ports. G<1-24> It is used to display data statistics Default None Command Mode Privileged mode... -
Page 11: View Route
Global configuration mode Example switch(config)# lacp state View route Function Brief The function module is used to display switch routing information. 1.6.1 show ip route Command Description This command is used to display the router information. Parameter View the BGP routing information connected View the connected routing information ospf... -
Page 12: Erps-Ring Status
ERPS-RING status Function Brief The function module is used to display erps information. 1.7.1 show erps Command Description This command is used to display the erps information. Parameter None Default None Command Mode Privileged mode Example switch# show erps Power status Function Brief The function module is used to display power supply information. -
Page 13: System Setting Commands
System Setting Commands IP config IP address configuration commands include: ip address ip address dhcp ip address old_ip A.B.C.D/M new_ip A.B.C.D/M show ip interface notice:A.B.C.D/M,Example:192.168.1.1/24 Function Brief The IP configuration module is used to add, delete or display the interface IP information of a switch. 2.1.1 ip address Command Description... -
Page 14: Ip Address Old_Ip
//Disables the IP of the interface to access automatically. Parameter None Default Open port Command Mode Interface configuration mode Example switch(config)# interface vlanif1 switch(config-vlanif1)#ip address dhcp switch(config-vlanif1)#no ip address dhcp 2.1.3 ip address old_ip Command Description ip address old_ip A.B.C.D/M new_ip A.B.C.D/M Change the IP configuration of the interface (amend the old_ip to new_ip) Parameter... -
Page 15: User Config
Example switch(config)#show interface vlanif1 switch#show interface vlanif1 User config User configuration commands include: username name show user Note: name indicates the user name, which is a string of 1 to 32 characters. password indicates the password, which is a string of 1 - 32 characters.level indicates the user level, which ranges from 1 (lowest management rights) to 15 (highest management rights). -
Page 16: Show User
Default admin Command Mode Global configuration mode Example switch(config)#username test password test //Add a user "test", it is the default password is testing and rights: the guest. switch(config)#username test password test privilege admin //Modify user: test, password: test, permissions: admin. switch(config)#username test password test privilege guest //Modify user: the test management authority for the guest. -
Page 17: Function Brief
Function Brief When enabled, this function can be used to automatically synchronize the switch time with the network time. 2.3.1 sntp enable|disable Command Description ntp: //This command is used to enable the NTP function. no ntp: //This command is used to disable the NTP function. Parameter None Default... -
Page 18: Sntp Auto-Sync Timer
2.3.3 sntp auto-sync timer Command Description This command is used to set the SNTP synchronization time interval. Parameter sntp auto-sync timer time,time Values range 5-65535s, 300s default value. Default 300s Command Mode Global configuration mode Example Switch(config)#sntp auto-sync timer 5 2.3.4 sntp connect Command Description... -
Page 19: Local-Time Date
Default Command Mode Global configuration mode Example switch(config)#sntp timezone set 32 / /Modify the time zone east eight area. 2.3.6 local-time date Command Description local-time date YYYY-MM-DD time HH:MM:SS //Set the local time year - month - day hours: minutes: seconds Parameter None Default... -
Page 20: Port Configuration Commands
Port configuration commands Port config Port configuration commands include: duplex speed flow-control shutdown description Function Brief This module is used to configure basic parameters related to ports of a switch. These basic parameters directly influence the port working mode. 3.1.1 duplex Command Description duplex {auto | full | half }... -
Page 21: Speed
3.1.2 speed Command Description speed {10 | 100 | 1000|10000|auto } no speed //It is used to set the port rate. Parameter parameter Parameters of the command mode 10,100,1000,10000 The port rate is set to 10M, 100M and 1000M. auto The port rate is set to Auto. -
Page 22: Shutdown
3.1.4 shutdown Command Description shutdown no shutdown //This command is port switch. Parameter None Default The port is enabled by default. Command Mode Interface configuration mode Example //This command is used to disable a port. switch(config)#interface G1 switch(config-G1)# shutdown 3.1.5 description Command Description This command is to configure the port description information,... -
Page 23: Rate-Limit
3.2.1 rate-limit Command Description rate-limit {1-10000000 } egress/ingress no rate-limit egress/ingress //Configure port egress / ingress speed limit function, use the no form, port restore default settings . Parameter 1-10000000 Port speed range is 1-10000000kbps Default Command Mode Interface configuration mode Example //The speed limit exports 10000 Kbps switch(config)#interface G1... -
Page 24: Link Aggregation
Port mirror number IFNAME port number,Example G1,T1 Default None Command Mode Global configuration mode Example //This command is to configure the session 1 source port for G1,G2, destination port for G3. switch(config)# monitor session 1 both destination G3 source G1 Link aggregation Static aggregation configuration commands include: Trunk... -
Page 25: Load-Balance
interface trunk [trunk ID] Configuration trunk trunk [trunk ID] Default None Command Mode Global configuration mode Example switch(config)# interface trunk 1 switch(config)# interface G1 switch(config-G1)# trunk 1 3.4.2 load-balance Command Description load-balance //This command is to set up static aggregation of load balance mode. Parameter both-mac Based on the source mesh MAC load balancing... -
Page 26: Lacp Active | Passive
None Default Disable Command Mode Interface configuration mode Example switch(config)#interface G1 switch(config-G1)# lacp disable 3.4.4 lacp active | passive Command Description lacp active lacp passive //This command is used to configure the role of an LACP port. //It specifies the role of a port, which is active or passive. Parameter None Default... -
Page 27: Lacp Port-Priority
auto: The key value is automatically negotiated. Default auto Command Mode Interface configuration mode Example switch(config)# interface G1 switch(config-G1)# lacp key 100 3.4.6 lacp port-priority Command Description lacp port-priority <1-32768> //This command is used to configure the priority of an LACP port. Parameter <1-32768>: It specifies the priority range. - Page 28 switch(config)# load-balance both-mac switch(config)# interface trunk 1 switch(config)# interface G1 switch(config-G1)# trunk 1 switch(config)# interface trunk 1 switch(config)# interface G2 switch(config-G1)# trunk 1 phenomenon: After aggregation, two links form one logical link and thus the bandwidth is doubled. Besides, the load is shared based on the source or destination MAC address.
-
Page 29: Advanced Configuration Commands
Advanced configuration commands VLAN config VLAN configuration commands include: switchport mode switchport pvid switchport trunk|hybrid| access show vlan Function Brief Ethernet is a shared communication media based on the Carrier Sense Multiple Access/Collision Detect (CSMA/CD) technology. A LAN built using the Ethernet technology is not only a collision domain, but also a broadcast domain. -
Page 30: Switchport Mode
4.1.1 switchport mode Command Description switchport mode {access | trunk | hybrid } //This command is to configure the port mode. Parameter Parameter Parameters of the command mode access Access mode trunk Trunk mode Hybrid Hybrid mode Default Access mode Command Mode Interface configuration mode A switch port supports the following modes:... -
Page 31: Switchport Trunk|Hybrid| Access
Example //The default vlan Settings for the port for vlan2. Switch(config)# interface T1 Switch(config-T1)# switchport pvid 2 4.1.3 switchport trunk|hybrid| access Command Description switchport trunk tag {vlan-id} switchport hybrid tag|untag|unpvid {vlan-id} switchport access {vlan-id} Parameter Parameter Parameters of the command mode. Vlan-id Vlan id,Value range:1-4094. -
Page 32: Example
None Command Mode Privileged mode Example //This command is to display all VLAN information. Switch#show vlan Vid Status Name Ports --------------------------------------------------------------- ------------------------------------ static vlan1 G1 G2 G3 G4 T1 T2 T3 T4 T5 T6 T7 T8 T9 T10 T11 T12 T13 T14 T15 T16 T17 T18 T19 T20 T21 T22 T23 T24 static vlan2 static vlan3... -
Page 33: Qinq Config
QinQ config Qinq configuration commands include: Qinq Qinq otpid Function Brief QinQ technology through the stacked two 802.1Q in the Ethernet frame header, effectively expanded the number of VLAN, make the number of vlans up to 4094x4094. 4.2.1 qinq Command Description Enable qinq //no qinq express disable qinq function. -
Page 34: Mac Config
<0x0000-0x9999> Tag QinQ layer protocol type Default 0x8100 Command Mode Interface configuration mode Example switch(config)# qinq otpid 0x88a8 MAC config MAC configuration commands include: mac-address aging-time show mac-addres Function Brief The switch is able to send packets directly to the destination node instead of sending packets to all nodes as a hub,the key technology is that the switch can identify the network card MAC address of the node, then put them in a place called MAC address table. -
Page 35: Show Mac-Address
None Command Mode Global configuration mode Example //Set the MAC address aging time to 100s. switch(config)# mac-address aging-time 100 //Set the MAC address aging time to 300s. switch(config)# no mac-address aging-time 4.3.2 show mac-address Command Description show mac-addres{ aging-time} Parameter None Default None... -
Page 36: Show Arp
host and modify the aging time of ARP entries. 4.4.1 show arp Command Description show arp //This command to display the ARP. Parameter None Default None Command Mode Global configuration mode Example //This command to display the ARP. switch(config)# show arp 4.4.2 arp static Command Description... -
Page 37: Mstp Config
arp timeout seconds //This command is used to set the aging time. no arp timeout //This command is used to cancel time Settings. Parameter Parameter Parameters of the command mode seconds Unit second, value range:60-86400. Default None Command Mode Interface configuration mode Example //This command is to set up the ARP aging time for 3000 seconds. -
Page 38: Spanning-Tree
same packets. Protocol packets used by STP are Bridge Protocol Data Units (BPDUs), which are also called configuration messages. A BPDU contains sufficient information to ensure that a device can complete the spanning tree computation process. STP transfers BPDUs between devices to determine the network topology. -
Page 39: Spanning-Tree Max-Age
Global configuration mode Example switch(config)# spanning-tree mode rstp //Set the STP version to RSTP. 4.5.3 spanning-tree max-age Command Description spanning-tree max-age {6-40} Parameter BPDU biggest survival time.Value range:6-40s. seconds Default Command Mode Global configuration mode Example //This command configure the STP the largest survival time for 24 seconds. switch(config)# spanning-tree max-age 24 4.5.4 spanning-tree hello-time... -
Page 40: Spanning-Tree Max-Hop
Parameter time Forwarding delay ,Value range:4-30s. Default 15 seconds Command Mode Global configuration mode Example switch(config)# spanning-tree forward-delay 20 //This command configure the STP forwarding delay for 20 seconds. 4.5.6 spanning-tree max-hop Command Description spanning-tree max-hop{1-40} Parameter BPDU max-hop, Value range:1-40. Default Command Mode Global configuration mode... -
Page 41: Spanning-Tree Mstp Name
switch(config)# spanning-tree instance 44 vid 4 4.5.8 spanning-tree mstp name Command Description spanning-tree mstp name //This command is to configure the MSTP domain name. Parameter None Default None Command Mode Global configuration mode Example switch(config)# spanning-tree mstp name 2 4.5.9 spanning-tree mstp revision Command Description spanning-tree mstp revision... -
Page 42: Show Spanning-Tree Interface Brief
Command Mode Global configuration mode and Privileged mode Example //Display the STP configuration. switch# show spanning-tree Spanning-tree is disable: max age bridge forward delay 20 forward delay 15 max hops hello time 2 orce protocol version mstp 4.5.11 show spanning-tree interface brief Command Description show spanning-tree interface brief Parameter... -
Page 43: Function Brief
show igmp-snooping group Function Brief Internet Group Management Protocol Snooping, shorted as IGMP Snooping, is a multicast restriction mechanism running on a L2 device to manage and control multicast groups. The L2 device on which IGMP Snooping runs analyzes the received IGMP packets, create a mapping relationship between ports and MAC multicast addresses and forwards multicast data according to the mapping relationship 4.6.1... -
Page 44: Igmp-Snooping Fast-Leave
Example //This command will configure a old time of 200s: switch(config)# igmp-snooping host-age-time 200 4.6.3 igmp-snooping fast-leave Command Description ip igmp-snooping fast-leave: //This command is used to enable the immediate leave function of a port. no ip igmp-snooping fast-leave: //This command is used to disable the immediate leave function of a port. Parameter None Default... -
Page 45: Show Igmp-Snooping Group
4.6.5 show igmp-snooping group Command Description show igmp-snooping group Parameter None Default None Command Mode Privileged mode Example //This command is to display multicast group information: switch# show igmp-snooping group VID SOURCE GROUP interFACE ----------------------------------------------- ----------------------- 0.0.0.0 233.45.18.88 0.0.0.0 239.255.255.250 G4 G2 0.0.0.0 224.0.0.252... -
Page 46: Dhcp Server
switch(config-G3)# igmp-snooping static-group 233.2.2.2 vlan 1 phenomenon: PC2/PC3 can receive video streams from the multicast source, but PC4 cannot. DHCP server DHCP server configuration commands include: ip dhcpd dhcp pool network default-router dns-server static lease domain-name netbios-name-server Function Brief DHCP server refers to a computer that manages DHCP standards on a specific network. -
Page 47: Dhcp Pool
//This command is used to globally enable the DHCP server. switch(config)# ip dhcpd enable 4.7.2 dhcp pool Command Description dhcp pool <word>: // This command is used to add a DHCP address pool. No dhcp pool <word>: // This command is used to delete a DHCP address pool with the specified name. Parameter Parameter Parameters of the command mode... -
Page 48: Default-Router
switch(config-dhcp)#Network 192.168.1.0/24 vlanif1 //Set the DHCP from vlan1 distributed address segment is 192.168.1.0/24 4.7.4 default-router Command Description Default-router <A.B.C.D>: //This command is used to configure the default gateway of the address pool. Parameter Parameter Parameters of the command mode A.B.C.D Default-router Default None... -
Page 49: Lease
static A.B.C.D MAC //This command is used to static binding IP and MAC. no static A.B.C.D //This command is used to delete static binding. Parameter Paramet Parameters of the command mode A.B.C.D Static binding IP Static binding MAC Default None Command Mode Address pool configuration mode Example... -
Page 50: Domain-Name
Domain-name,Example:www.dahua.com Default None Command Mode Address pool configuration mode Example switch(config)# dhcp pool 1 switch(config-dhcp)# domain-name www.dahua.com //This command is used to configure the DNS server domain name at www.dahua.com. 4.7.9 nbns-server Command Description nbns-server A.B.C.B //This command is used to configure the secondary DNS server. -
Page 51: Dhcp Relay
switch# configure terminal switch(config)# ip dhcpd enable switch(config)# dhcp pool a switch(config-dhcp)# default-router 192.168.1.1 switch(config-dhcp)#dns-server 8.8.8.8 switch(config-dhcp)# lease 1000 switch(config-dhcp)# network 192.168.1.0/24 vlanif1 phenomenon: Clients including PC1-PC100 can obtain correct IP addresses from the DHCP server (SW 1). Note: An L3 interface of the same VLAN shall be configured for the DHCP server in the VLAN, so that the DHCP server can distribute IP addresses to clients in the VLAN. -
Page 52: Dhcp Snooping
no ip helper-address A.B.C.D //This command is used to disable the DHCP relay. Parameter None Default Disable Command Mode Interface configuration mode Example //This command is used to open the DHCP relay in vlan 1 switch(config)#interface vlanif1 switch(config-vlanif1)# ip helper-address 192.168.1.1 DHCP snooping DHCP snooping configuration commands include: ip dhcp-snooping... -
Page 53: Ip Dhcp-Snooping Trust
//This command is used to disable the DHCP snooping configuration mode. Parameter None Default Disable Command Mode Global configuration mode Example None 4.9.2 ip dhcp-snooping trust Command Description ip dhcp-snooping trust: //This command is used to configure the DHCP snooping trust mode. no ip dhcp-snooping trust: //This command is used to configure the DHCP snooping non-trust mode. -
Page 54: Qos Config
Privileged mode Example switch# show ip dhcp-snooping lease 4.10 QoS config QoS configuration commands include: remark cos default trust cos map dscp map scheduler police Function Brief QoS(Quality of Service) refers to a network can use a variety of basic technology and provid better service capabilities for designated network communications. -
Page 55: Cos Default
switch(config)# interface G1 switch(config-G1)# qos remask dscp 4.10.2 cos default Command Description cos default<0-7> Parameter None Default Command Mode Interface configuration mode Example //This command is to modify the G1 qos trust mode to COS port. switch(config)# interface G1 switch(config-G1)# cos default 6 4.10.3 trust Command Description... -
Page 56: Cos Map
4.10.4 cos map Command Description cos map Set the mapping relationship between COS priority and queue. Parameter None Default Priority and queue one-to-one mapping Command Mode Global configuration mode Example //Map the cos priority 0 to the queue 3 switch(config)# cos map 0 3 4.10.5 dscp map Command Description... -
Page 57: Scheduler Policy
4.10.6 scheduler policy Command Description scheduler police //Set Qos scheduling algorithm. Parameter Strict priority mode: First in the queue with the highest priority service, until the priority is empty and service for the next high priority queue, and so on. Weighted round robin scheduling algorithm: To support different bandwidth requirements, it can allocate different proportion of output bandwidth for different queues. - Page 58 switch(config)#interface G20 switch(config-G20)cos default 6 switch(config-G20)no qos trust b、 Set the destination address of the Ixia1-2 port to the source MAC address of the Ixia3 port. c、1-2 ports start sending data packets after learning MAC addresss. (二)Test result Conclusion:pass Observe the source MAC address of the packets which capture in port 3 ,you can find that the received data packets from port 11.
-
Page 59: Vrrp
4.11 VRRP configuration commands include: vrrp advertisement vrrp IP vrrp preempt vrrp preempt time vrrp priority Function Brief Virtual Router Redundancy Protocol,or VRRPfor short, it is proposed by IETF to solve the routing protocol of single point of failure in the local area network configuration.It has introduced a standard RFC2338 protocol in 1998. -
Page 60: Vrrp Ip
None Command Mode Interface configuration mode Example //Modify notification time of group1 is 5 seconds. switch(config)# interface vlanif1 switch(config-vlanif1)# vrrp 1 advertisement 5 4.11.2 vrrp ip Command Description vrrp<group> ip A.B.C.D //This command is to set up virtual routing IP address. Parameter None Default... -
Page 61: Vrrp Preempt Time
switch(config)#interface vlanif1 switch(config-vlanif1)#no vrrp 1 preempt 4.11.4 vrrp preempt time Command Description vrrp<group> preempt time< 0-1000s> //This command is to set the current VRRP group delay. Parameter Time: Time range 0-1000s,Default 0s Default Command Mode Interface configuration mode Example //This command is to set up 3 seconds after the preemption. switch(config)#interface vlanif1 switch(config-vlanif1)# vrrp 1 preempt 3 4.11.5... -
Page 62: Example
4.11.6 example a, Network diagram as shown in Figure: Sw1: switch(config)# interface vlan1 switch(config-vlanif2)# ip address 192.168.1.11/24 switch(config-vlanif2)#exit switch(config)# interface vlan2 switch(config-vlanif2)# ip address 192.168.2.11/24 switch(config-vlanif2)#exit switch(config)# interface g2 switch(config-G2)# switchport mode access switch(config-G2)# switchport pvid 2 switch(config)# interface vlanif1 switch(config-vlanif1)# vrrp 1 ip 192.168.1.100 switch(config-vlanif1)#vrrp 1 priority 120 switch(config)# interface vlanif2... - Page 63 switch(config)# interface vlan2 switch(config-vlanif2)# ip address 192.168.2.22/24 switch(config-vlanif2)#exit switch(config)# interface g2 switch(config-G2)# switchport mode access switch(config-G2)# switchport pvid 2 switch(config)# interface vlanif1 switch(config-vlanif1)# vrrp 1 ip 192.168.1.100 switch(config)# interface vlanif2 switch(config-vlanif2)# vrrp 2 ip 192.168.2.100 Phenomena: b, PC1 continued to ping PC2(you can capture data packets and find that the packets forwarded by SW2)...
-
Page 64: Routing Configuration Commands
Routing configuration commands Interface config Interface configuration commands include: interface shutdown ip address show interface Function Brief Based on the switch L3 routing principle, the virtual interface is established for each Vlan to set up the L3 address information of each Vlan. 5.1.1 interface Command Description... -
Page 65: Ip Address
Command Mode Interface configuration mode Example switch(config-vlanif1)# shutdown switch(config-vlanif1)# no shutdown 5.1.3 ip address Command Description ip address { A.B.C.D/M} no ip address{ A.B.C.D/M} Parameter Parameter Parameters of the command mode A.B.C.D/M Ipv4 address Default 192.168.255.1 Command Mode Interface configuration mode Example //This command is to add or delete an IP address. -
Page 66: Static Routing
Static routing Static routing configuration commands include: ip route show ip route Function Brief Static routing is a routing information that is manually configured by a user or network administrator. When the topology of the network or the state of the link changes, the network administrator needs to manually modify the routing table in the relevant static routing information.Static routing information is private by default and will not be passed to other routers.Of course, the network administrator can also be set to make the router to be... -
Page 67: Show Ip Route
//This command is to add or delete the static routing. switch(config)# ip route 0.0.0.0/8 0.0.0.0 1 switch(config)# no ip route 0.0.0.0/8 0.0.0.0 1 switch(config)# ip route 10.0.0.2 10.255.255.255.0 10.0.0.1 1 switch(config)# no ip route 10.0.0.2 10.255.255.255.0 10.0.0.1 1 5.2.2 show ip route Command Description show ip route: //This command is used to display the static routes. - Page 68 switch(config)# interface vlan2 switch(config-vlanif2)# ip address 192.168.2.1/24 switch(config-vlanif2)# exit switch(config)# interface G2 switch(config-G2)# switchport mode access switch(config-G2)# switchport pvid 2 switch(config-G2)#exit switch(config)# ip route 192.168.3.0/24 192.168.2.2 2 sw2: switch# configure terminal switch(config)# interface vlan1 switch(config-vlanif1)# ip address 192.168.3.1/24 switch(config-vlanif1)# exit switch(config)# interface vlan2 switch(config-vlanif2)# ip address 192.168.2.2/24 switch(config)# interface G2...
- Page 69 pc2 ping pc1...
-
Page 70: Ospf Config
OSPF config OSPF configuration commands include: router OSPF network address wildmask area area-ID router-id A.B.C.D timers throttle spf default-metric passive-interface redistribute rip|static|connected default-information originate ip ospf Show ip ospf Function Brief OSPF is a link state routing protocol that uses bandwidth based metrics.OSPF uses the SPF algorithm to calculate the route,no routing loop is guaranteed from the algorithm,maintain route through neighbor relationship,Avoid periodic updates on bandwidth consumption.OSPF routing update rate is high, and... -
Page 71: Network
5.3.2 network Command Description network A.B.C.D/M area area-id //Declaration of OSPF network and regional. no network A.B.C.D/M area area-id //Delete the declaration of OSPF network and regional. Parameter Parameter Parameters of the command mode A.B.C.D/M Ip address and mask area-id area,range: <0-4294967295>... -
Page 72: Timers Throttle Spf
5.3.4 timers throttle spf Command Description timers throttle spf TIME1 TIME2 TIME3 no timers throttle spf //Configure the throttle SPF timer, use the no form of the command, the throttle SPF timer value is returned to the default value. Parameter Parameter Parameters of the command mode TIME1... -
Page 73: Passive-Interface Default
switch(config-ospf)#default-metric 111 //This command is to configure OSPF default-metric for 111. 5.3.6 passive-interface default Command Description passive-interface default //This command is to configure OSPF passive-interface default. no passive-interface default //This command is disable the OSPF passive-interface default. passive-interface IFNAME //This command is enable OSPF passive ports. no passive-interface IFNAME //This command is disable OSPF passive ports. -
Page 74: Default-Information Originate
//This command is to set the OSPF redistribution RIP. switch(config-ospf)#redistribute RIP //This command is to set the OSPF redistribution static. switch(config-ospf)#redistribute static //This command is to set the OSPF redistribution connected. switch(config-ospf)#redistribute connected 5.3.8 default-information originate Command Description default-information originate [always] [metric] [metric-type] [route-map] no default-information originate [always] [metric] [metric-type] [route-map] //default-information originate command is used to configure the local router to generate a default OSPF routing and related parameters, and to notify the neighbors. - Page 75 //This command is set OSPF network attribute Parameter cost Cost value,you increase measure value of this interface to go out. network Network type:point-to-point ,broadcast,non-broad cast priority Interface priority, broadcast multi access network to make it a DR hello-interval Valid time interval dead-interval Invalid time interval authentication...
-
Page 76: Show Ip Ospf
switch(config-vlanif2)# ip ospf authentication message-digest switch(config-vlanif2)# ip ospf authentication-key abc 5.3.10 show ip ospf Command Description //This command is used to display the OSPF show ip ospf border-routers/database/interface/neighbor/route Parameter border-routers Boundary router, which is used to display the border router. database Link state... - Page 77 sw1: switch(config)#interface vlanif1 switch(config-vlanif1)# ip address 192.168.222.1/24 switch(config)#interface vlanif2 switch(config-vlanif2)# ip address 192.168.2.1/24 switch(config-vlanif2)#exit switch(config)#interface G22 switch(config-G22)# switchport mode access switch(config-G22)# switchport pvid 2 switch(config)# router ospf switch(config-ospf)# ospf router-id 1.1.1.1 switch(config-ospf)# network 192.168.2.0/24 area 0 switch(config-ospf)# network 192.168.222.0/24 area 0 sw1: switch(config)#interface vlanif3 switch(config-vlanif3)# ip address 192.168.3.1/24...
-
Page 78: Bgp Config
phenomenon: //Display OSPF route SW1: SW2: PC1 ping PC2 BGP config BGP configuration commands include: router bgp timers bgp redistribute neighbor Network Function Brief The border gateway protocol (BGP) is a routing protocol that runs on TCP,which is a kind of autonomous system. BGP is the only protocol that is used to... -
Page 79: 5.4.1 Router Bgp
deal with the network size of the Internet, and is the only protocol that can properly handle the multi connection between the routing domain.BGP is built on the experience of EGP.The main function of the BGP system is to exchange network reachability information with other BGP systems.The network reachability information includes information of the autonomous system (AS) listed.These information effectively construct the topology of AS interconnection and thus clears... -
Page 80: 5.4.3 Redistribute
switch(config-bgp)# timers bgp 50 150 5.4.3 redistribute Command Description redistribute //This command is to set the BGP redistribution. Parameter None Default None Command Mode Interface configuration mode Example //This command is to set the BGP redistribution OSPF. switch(config-bgp)# redistribute ospf 5.4.4 neighbor Command Description neighbor... -
Page 81: 5.4.6 Example
Default None Command Mode Interface configuration mode Example //Declare the 192.168.3.0 network to BGP routing. switch(config)# router bgp 1 switch(config-bgp)# network 192.168.3.0/24 5.4.6 example sw1: switch(config)# interface vlan1 switch(config-vlanif1)# ip address 192.168.222.1/24 switch(config)# interface vlan2 switch(config-vlanif2)# ip address 192.168.2.1/24 switch(config)# interface G2 switch(config-G2)# switchport pvid 2 switch(config)# router bgp 1 switch(config-bgp)# network 192.168.2.0... -
Page 82: 5.5 Rip Config
switch(config-bgp)# neighbor 192.168.2.1 remote-as 1 phenomenon: sw1: Sw2: PC1 ping PC2 5.5 RIP config RIP configuration commands include: default-information default-metric distance exit/quit network offset-list passive-interface redistribute... -
Page 83: Function Brief
timers version Function Brief RIP is Interior Gateway Protocol that more common used and used earlier.It is suitable for small and similar network,and it is a typical distance vector protocol.RIP exchange routing information through broadcast UDP messages,and it is send routing information update every 30 seconds.RIP provides count Hop (hop count) as a scale to measure routing distance.The hop count is the number of routers that a packet must pass to reach the target.If the same target has two different speed or... -
Page 84: 5.5.3 Distance
Command Mode Interface configuration mode Example //This command is to set the default-metric to 5. switch(config)# router rip switch(config-rip)# default-metric 5 5.5.3 distance Command Description distance XX Parameter Parameter Parameters of the command mode Range 1-255. Default 120 Default Command Mode Interface configuration mode Example //This command is to change administrative distance to 110. -
Page 85: 5.5.5 Exit/Quit
5.5.5 exit/quit Command Description Exit/quit Parameter None Default None Command Mode Interface configuration mode Example switch(config)# router rip switch(config-rip)# exit 5.5.6 network Command Description Network A.B.C.D/M Network WORD //Set the rip operating segments. Parameter Parameter Parameters of the command mode A.B.C.D/M 192.168.1.0/24 WORD... -
Page 86: 5.5.8 Passive-Interface
offset-list <acl-name> {in | out} <metric> [<if-name>] No offset-list <acl-name> {in | out} <metric> [<if-name>] Parameter Parameter Parameters of the command mode acl-name Call access control list name In| out Call ACL application direction Metric Set offset by default 1, range 1-16 If-name Application rules... -
Page 87: 5.5.9 Redistribute
5.5.9 redistribute Command Description redistribute <protocol> [metric <metric>] [route-map <route-map>] no redistribute <protocol> [metric <metric>] [route-map <route-map>] Parameter Parameter Parameters of the command mode protocol The routing protocols that need to be introduced into the RIP, such as IS-IS, OSPF, BGP, static, connect, etc., are introduced. -
Page 88: 5.5.11 Version
update-interval RIP packet update interval , default 30S dead-interval RIP packet dead interval ,default 180S garbage-interval RIP packet garbage interval,default 120S. Default None Command Mode Interface configuration mode Example //The periodic update time of the configuration RIP protocol is 20 seconds, the death time is 100 seconds, garbage collection time is 60 seconds. - Page 89 sw1: switch(config)#interface vlanif1 switch(config-vlanif1)# ip address 192.168.222.1/24 switch(config)#interface vlanif2 switch(config-vlanif2)# ip address 192.168.2.1/24 switch(config-vlanif2)#exit switch(config)#interface G22 switch(config-G22)# switchport mode access switch(config-G22)# switchport pvid 2 switch(config)# router rip switch(config-rip)# network 192.168.2.0/24 switch(config-rip)# network 192.168.222.0/24 sw2: switch(config)#interface vlanif3 switch(config-vlanif3)# ip address 192.168.3.1/24 switch(config-vlanif3)#exit switch(config)#interface G23 switch(config-G23)# switchport mode access...
- Page 90 PC1 ping PC2...
-
Page 91: Network Security Commands
Network security commands Anti-attack Anti-attack configuration commands include: system ignore icmp-echo system protection syn-ack system rate-limit Function Brief Anti attack configuration is used to ignore the ICMP request for the purpose of this device, The defense equipment TCP SYN attack and control CPU data receiving threshold. -
Page 92: System Rate-Limit
configuration. system protection syn-ack no system ignore icmp-echo Parameter None Default None Command Mode Global configuration mode Example //Configur defense against this device SYN TCP attack. switch(config)# system protection syn-ack 6.1.3 system rate-limit Command Description system rate-limit value no system rate-limit //If you want to control the CPU of the received data value, you can use this command to configure. -
Page 93: Mac-Address Static
mac-address static 6.2.1 mac-address static Command Description mac-address static mac-addr vlan vlan-id interface interface-id //This command is used to add a static MAC address. no mac-address static mac-addr vlan vlan-id // This command is used to delete a static MAC address. Parameter Parameter Parameters of the command mode... -
Page 94: Ip-Mac Bind
6.3.1 ip-mac bind Command Description //This command is used to enable the ip-mac banding. ip-mac bind enable //This command is used to disable the ip-mac banding. ip-mac bind disable //This command is used to enacble IP - MAC banding on the interface. ip-mac bind enable port interface-id //This command is used to disable IP - MAC banding on the interface. -
Page 95: Show Ip-Mac Bind
switch(config)# ip-mac bind add G2 192.168.1.1 50-46-5D-E2-D5-50 6.3.2 show ip-mac bind Command Description //This command is used to display a IP ip-mac binding. show ip-mac bind ip-addr //This command is used to display the ip-mac configuration. show ip-mac bind config //This command is used to display the ip-mac bind. -
Page 96: Mac Acl
redirection, or port shutdown. 6.4.1 mac acl Command Description mac acl <1-99> //This command is used to add an Mac-acl entry. no mac acl <1-99> //This command is used to delete an Mac-acl entry. Parameter Parameter Parameters of the command mode <1-99>... -
Page 97: Rule
6.4.3 rule Command Description rule <1-127> deny/permit <source mac> <destination mac> cos <0-7>/vlan <1-4094>/eth_type ETHTYPE rule <1-127> deny/permit icmp/igmp/tcp/udp/ip <source ip> <destination ip> ip_pri<0-7> / tos_pri<0-15>/ dscp_pri<0-63> //This command is used to add an ACL ACE entry. no rulel <1-127> //This command is used to delete an ACL ACE entry. -
Page 98: Config
Parameter Parameters of the command mode <100-999> ip acl group ID,range:100-999 <1-99> mac acl group ID,range:1-99 Default None Command Mode Interface configuration mode Example switch(config-G1)# ip access-group <100-999> 802.1X config 802.1X configuration commands include: dot1x dot1x auth-server dot1x auth-server-type dot1x acct-server dot1x timer dot1x auth-mode authorized-force/ auto/ unauthorized-force dot1x controlled-mode based-on-mac/ based-on-port... -
Page 99: Dot1X Auth-Server
Parameter None Default Disable Command Mode Global configuration mode Example switch(config)#dot1x 6.5.2 dot1x auth-server Command Description dot1x auth-server ip A.B.C.D secondary-ip A.B.C.D port<PORT> shared-secret< SECRET > //The configuration of the authentication server IP address and IP address of the secret key and the standby server. -
Page 100: Dot1X Acct-Sever
Command Mode Global configuration mode Example switch(config)#dot1x auth-server-type local switch(config)#dot1x auth-server-type remote 6.5.4 dot1x acct-sever Command Description dot1x acct-sever ip A.B.C.D secondary-ip A.B.C.D port<PORT> shared-secret< SECRET > //Configure the billing server IP address and the standby server IP address and secret key. -
Page 101: Dot1X Auth-Mode
Command Mode Global configuration mode Example //This command is to reauth-period is 2400s. switch(config)#Dot1x timer reauth-period 2400 switch(config)#Dot1x timer quient-period 20 6.5.6 dot1x auth-mode Command Description dot1x auth-mode authorized-force/ auto/ unauthorized-force //Modify port Dot1x authentication after forced through / Auto / force no option. Parameter authorized-force forced authenticating successfully... -
Page 102: Dot1X Auth
Example //port 1 based on mac authentication . switch(config)#interface G1 switch(config-G1)# dot1x controlled-mode based-on-mac 6.5.8 dot1x auth Command Description dot1x auth hold-time value<0-65535> Parameter value Unit: second, range: 0-65535 hold-time Certification aging time Default 300S Command Mode Global configuration mode Example //The certification aging time changed to 50 seconds. -
Page 103: Function Brief
switchport protected Function Brief The port isolation function can be used to isolate ports in the same VLAN from each other. You only need to add ports to an isolation group to implement isolation of L2 data communication of different ports in the same isolation group. -
Page 104: Storm-Control Broadcast Pps
network. 6.7.1 storm-control broadcast pps Command Description storm-control broadcast pps vlaue //This command is used to enable the broadcast storm control function. no storm-control broadcast //This command is used to disable the broadcast storm control function. Parameter Parameter Parameters of the command mode Value Range:0-1000000 unit:pps,Default: 0 Default... -
Page 105: Storm-Control Unicast Pps
switch(config)# interface G1 switch(config-G1)# storm-control multicast pps 1000 6.7.3 storm-control unicast pps Command Description storm-control unicast pps vlaue //This command is used to enable the unicast storm control function. no storm-control unicast //This command is used to disable the unicast storm control function. Parameter Parameter Parameters of the command mode... -
Page 106: Loop-Protection Tx-Time
//This command is used to enable the loop protection function. no loop-protection //This command is used to disable the loop protection function. Parameter None Default enable Command Mode Global configuration mode and interface configuration mode Example switch(config)# loop-protection switch(config)# interface G1 switch(config-G1)# loop-protection 6.8.2 loop-protection tx-time... -
Page 107: Show Loop-Protection
Disable Command Mode Interface configuration mode Example switch(config)# interface G1 switch(config-G1)# loop-protection transmit 6.8.4 show loop-protection Command Description show loop-protection status show loop-protection interface [NAME] Parameter None Default None Command Mode privilege mode Example switch# show loop-protection status 6.8.5 example Three devices form a ring network (SW2 is a switch without the management function), and PC1 can communicate with PC2 normally. - Page 108 //This command is used to globally enable the loop protection function and configure the interval. switch(config)# interface G1 switch(config-G1)# loop-protection switch(config-G1)# loop-protection transmit switch(config-G1)#exit //This command is used to enable the loop protection and loop-protect transmit for Port G1. switch(config)# interface G2 switch(config-G2)# loop-protection Switch(config-G2)# loop-protection transmit //This command is used to enable the loop protection and loop-protect...
-
Page 109: Erps-E Config
Note: Among ports forming the ring network, the Tx mode of at least one port shall be enabled. When the loop protection function is enabled to form a ring network, devices without the management function can be added into the ring network. When a ring network is formed, blocked ports are located on the devices where loop protection is enabled. -
Page 110: Erps
number of nodes on the ring network. 6.9.1 erps Command Description erps erps xx(1-24) Parameter None Default disable Command Mode Global configuration mode Example Switch(config)# erps 6.9.2 erps xx Command Description erps xx erps groupprimary PORT(A) slave PORT(B) role master vid VLAN wtr-time TIME guard-time GUARD-TIME Parameter Parameter... -
Page 111: Show Erps
Global configuration mode Example //Configure the G1-G2 port to the ERPs group 3, and the use of vlan3001 communication protocol packet WTR time is 1min, the warning time is 500s switch(config)# erps 3 primary G1 slave G2 role master vid 3001 wtr-time 1 guard-time 500 6.9.3 show erps... - Page 112 sw1: switch(config)#erps 1 primary G1 slave G2 role master vid 3001 wtr-time 1 guard-time 500 sw2/sw3: switch(config)#erps 1 primary G1 slave G2 role transit vid 3001 wtr-time 1 guard-time 500 phenomenon: G1 of SW1 is blocked. pc1(192.168.222.107) ping pc2(192.168.222.95) When any of the other links except for the link in which the blocked port is located is disconnected manually, fast switching is implemented without interrupting the ping process.
-
Page 113: Ip Source Guard
6.10 IP source guard IP source guard commands include: ip source-guard ip source-guard trust<0/1/2/3> ip dhcp-snooping binding Function Brief The IP source guard function can be used to filter packets forwarded by a port, thus preventing invalid packets from passing through the port, restricting unauthorized use of network resources (for example, unauthorized hosts may access the network by forging IP addresses of authorized users), and improving the port security. -
Page 114: Ip Source-Guard Trust
6.10.2 ip source-guard trust Command Description ip source-guard trust<0/1/2/3> no ip ip source-guard trust Parameter Parameter Parameters of the command mode 0/1/2/3 It specifies the number of dynamic clients. The value ranges from 0 to 2. Default Unlimited Command Mode Interface configuration mode Example switch(config)# interface G1... -
Page 115: Show Ip Source-Guard
ip 192.168.1.1 mask 255.255.255.0 interface G1 6.10.4 show ip source-guard Command Description show ip source-guard leases Parameter none Default none Command Mode Privilege mode and global mode Example switch# show ip source-guard leases... -
Page 116: Network Management Commands
Network management commands HTTP config HTTP configuration commands include: ip http-server http ip http-server https Function Brief Describe the HTTP configuration command. This command can configure the switch to accept the HTTP/HTTPS service request at the specified port, processing the request and return the results to the browser. 7.1.1 ip http-server http Command Description... -
Page 117: Snmp Config
//This command is used to disable the HTTP service on the switch. After this command is executed, the switch cannot be managed in HTTP mode. Parameter None Default None Command Mode Global configuration mode Example //Enable the HTTP service. switch(config)# ip http-server https SNMP config SNMP configuration commands include: community... -
Page 118: Snmp-Server Trap2Sink
Parameter None Default Enable Command Mode Global configuration mode Example //Enable the SNMP function of the switch. switch(config)# snmp 7.2.2 snmp-server trap2sink Command Description snmp-server trap2sink ip //This command is used to configure the SNMP version. snmp-server trapsink ip //This command is used to restore the default SNMP version. Parameter None Default... -
Page 119: Snmp-Server Community
Global configuration mode Example switch(config)# snmp-server trap 7.2.4 snmp-server community Command Description community // The command is used to configure the authentication name and permission. Parameter ro: read only rw: read and write Default public Command Mode Global configuration mode Example //This command is used to configure a switch. -
Page 120: Example
snmp-server Parameter None Default None Command Mode Global configuration mode Example switch(config)#snmp-server user ro 111 7.2.7 example SNMP is enabled on the switch and PC1 is installed with MIB Browser to obtain the switch node information. switch(config)# snmp-server switch(config)#snmp-server community ro 123 switch(config)#snmp-server community rw 123 // This command is used to configure the SNMP version and read/write community. - Page 121 pc:Open MIB Browser on the PC and add the switch IP address and corresponding community name. Right-click iso.org.dod.internet, and choose Work, as shown in the following figure. Related information is displayed. Click Trap Receiver under Tools to display uploaded trap information.
-
Page 122: System Maintenance Commands
System maintenance commands Reboot Function Brief This chapter describes the device restart commands.Please pay attention to the configuration save operation Before using this command. 8.1.1 reboot Command Description reboot // This command is used to restart the equipment. Parameter None Default None Command Mode... -
Page 123: Default Configure
8.2.1 default configure Command Description default configure //This command is used to restore factory settings of the switch. After this command is executed, the equipment automatically restarts and the factory settings are successfully restored. Parameter None Default None Command Mode Privileged mode Example //Restore factory settings, and the factory settings take effect after the... -
Page 124: Ping Test
//Save the switch configuration. switch# write PING test Function Brief Like the ping command on a common PC, the PING diagnose function is used to test connectivity between two nodes on the network. The difference between the ping command and PING diagnose is as follows: The ping command executed between two common PCs is used to check whether the physical connection between the two PCs is normal.