ZyXEL Communications Dimension GS-3012 Cli Reference Manual
  1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Network Router
  5. Dimension GS-3012
  6. Cli reference manual

ZyXEL Communications Dimension GS-3012 Cli Reference Manual

Zyxel dimension gs-3012: reference guide
Hide thumbs Also See for Dimension GS-3012:
Table of Contents

Advertisement

Quick Links

See also: User Manual

Ethernet Switch

CLI Reference Guide

Version 3.80
9/2007
Edition 1
DEFAULT LOGIN
In-band IP Address
Out-of-band IP Address
User Name
Password
http://192.168.1.1
http://192.168.0.1
admin
1234
www.zyxel.com

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Dimension GS-3012 and is the answer not in the manual?

Questions and answers

Related Manuals for ZyXEL Communications Dimension GS-3012

Summary of Contents for ZyXEL Communications Dimension GS-3012

  • Page 1: Ethernet Switch

    Ethernet Switch CLI Reference Guide Version 3.80 9/2007 Edition 1 DEFAULT LOGIN In-band IP Address http://192.168.1.1 Out-of-band IP Address http://192.168.0.1 User Name admin Password 1234 www.zyxel.com...
  • Page 3 About This CLI Reference Guide Intended Audience This manual is intended for people who want to configure ZyXEL Switches via Command Line Interface (CLI). You should have at least a basic knowledge of TCP/IP networking concepts and topology. This guide is intended as a command reference for a series of products.

  • Page 4: Document Conventions

    Syntax Conventions This manual follows these general conventions: • ZyXEL’s switches (such as the ES-2024A, ES-2108, GS-3012, and so on) may be referred to as the “Switch”, the “device”, the “system” or the “product” in this Reference Guide. • Units of measurement may denote the “metric” value or the “scientific” value. For example, “k”...
  • Page 5 See on page 15 for more information on privilege levels. Ethernet Switch CLI Reference Guide DESCRIPTION Displays the status of all VLANs. Enters config-vlan mode for the specified VLAN. Creates the VLAN, if necessary.
  • Page 6 Document Conventions Icons Used in Figures Figures in this guide may use the following generic icons. The Switch icon is not an exact representation of your device. Switch Server Telephone Computer Notebook computer DSLAM Firewall Switch Router Ethernet Switch CLI Reference Guide...

  • Page 7: Table Of Contents

    Interface Route-domain Mode ... 101 IP Commands ... 103 IP Source Binding Commands ... 107 Logging Commands ... 109 Login Account Commands ...111 Loopguard Commands ...113 MAC Address Commands ...115 MAC Authentication Commands ...117 Ethernet Switch CLI Reference Guide Contents Overview Contents Overview...
  • Page 8 VLAN IP Commands ... 203 VLAN Port Isolation Commands ... 205 VLAN Stacking Commands ... 207 VLAN Trunking Commands ... 209 VRRP Commands ...211 Additional Commands ... 215 Appendices and Index of Commands ... 223 Ethernet Switch CLI Reference Guide...

  • Page 9: Introduction

    Introduction How to Access and Use the CLI (11) Privilege Level and Command Mode (15) Initial Setup (21)

  • Page 11: How To Access And Use The Cli

    3 Press [ENTER] to open the login screen. 1.1.2 Telnet 1 Connect your computer to one of the Ethernet ports. 2 Open a Telnet session to the Switch’s IP address. If this is your first login, use the default values. Table 3 Default Management IP Address...

  • Page 12: Using Shortcuts And Getting Help

    Chapter 1 How to Access and Use the CLI 1.1.3 SSH 1 Connect your computer to one of the Ethernet ports. 2 Use a SSH client program to access the Switch. If this is your first login, use the default values in Table 3 on page 11 address is in the same subnet, unless you are accessing the Switch through one or more routers.

  • Page 13: Saving Your Configuration

    1.4 Saving Your Configuration When you run a command, the Switch saves any changes to its run-time memory. The Switch loses these changes if it is turned off or loses power. Use the enable mode to save the current configuration permanently to non-volatile memory.
  • Page 14 Chapter 1 How to Access and Use the CLI Ethernet Switch CLI Reference Guide...

  • Page 15: Privilege Level And Command Mode

    • Using commands. Login accounts can be configured by the admin account or any login account with a privilege level of 14. See • Using vendor-specific attributes in an external authentication server. See the User’s Guide for more information. Ethernet Switch CLI Reference Guide Mode Reference A-G chapters on page 25.
  • Page 16 2.1.3 Privilege Levels for Sessions The session’s privilege level initially comes from the privilege level of the login account the user used to log in to the Switch. After logging in, the user can use the following commands to change the session’s privilege level.

  • Page 17: Command Modes

    Ethernet Switch CLI Reference Guide Chapter 2 Privilege Level and Command Mode Chapter 68 on page 215 COMMAND FUNCTIONS IN THIS MODE Display current configuration, diagnostics, maintenance. Configure features other than those below. Configure ports.

  • Page 18: Listing Available Commands

    <1~7> uplink-gateway <ip-address> 2.3 Listing Available Commands Use the help command to view the executable commands on the Switch. You must have the highest privilege level in order to view all the commands. Follow these steps to create a list of supported commands: 1 Log into the CLI.
  • Page 19 6 Copy and paste the results into a text editor of your choice. This creates a list of all the executable commands in config and the other submodes, for example, the config-vlan mode. Ethernet Switch CLI Reference Guide Chapter 2 Privilege Level and Command Mode vlan <1-4094>.
  • Page 20 Chapter 2 Privilege Level and Command Mode Ethernet Switch CLI Reference Guide...

  • Page 21: Initial Setup

    H A P T E R This chapter identifies tasks you might want to do when you first configure the Switch. 3.1 Changing the Administrator Password It is recommended you change the default administrator password. Use this command to change the administrator password.
  • Page 22 3.4 Changing the Management IP Address The Switch has a different IP address in each VLAN. By default, the Switch has VLAN 1 with IP address 192.168.1.1 and subnet mask 255.255.255.0. Use this command in config-vlan mode to change the management IP address in a specific VLAN.
  • Page 23 3.6 Looking at Basic System Information Use this command to look at general system information about the Switch. show system-information This is illustrated in the following example. sysname# show system-information System Name System Contact System Location Ethernet Address ZyNOS F/W Version...
  • Page 24 Chapter 3 Initial Setup Ethernet Switch CLI Reference Guide...

  • Page 25: Reference A-G

    Reference A-G AAA Commands (27) ARP Commands (29) ARP Inspection Commands (31) Bandwidth Commands (37) Broadcast Storm Commands (41) Classifier Commands (45) Cluster Commands (49) Date and Time Commands (53) DHCP Commands (57) DHCP Snooping & DHCP VLAN Commands (63) DiffServ Commands (67) DVMRP Commands (69) Ethernet OAM Commands (71)

  • Page 27: Aaa Commands

    Display the update period setting on the Switch for accounting sessions. Sets the update period (in minutes) for accounting sessions. This is the time the Switch waits to send an update to an accounting server after a session starts. Resets the accounting update interval to the default value.
  • Page 28 <radius|tacacs+> [broadcast] no aaa accounting system DESCRIPTION Disables accounting of command sessions on the Switch. Displays accounting settings for recording IEEE 802.1x session events. Enables accounting of IEEE 802.1x authentication sessions and specifies the mode and protocol method. Optionally, sends accounting information for IEEE 802.1x authentication...

  • Page 29: Arp Commands

    This field displays the MAC address of the device. This field displays the VLAN to which the device belongs. This field displays how long the entry remains valid. This field displays how the entry was learned. dynamic: The Switch learned this entry from ARP packets. Age(s) Type dynamic...
  • Page 30 Chapter 5 ARP Commands Ethernet Switch CLI Reference Guide...

  • Page 31: Arp Inspection Commands

    Ethernet Switch CLI Reference Guide DESCRIPTION Displays ARP inspection configuration details. Enables ARP inspection on the Switch. You still have to enable ARP inspection on specific VLAN and specify trusted ports. Disables ARP inspection on the Switch.
  • Page 32 ARP packets and not sent to the syslog server. If the number of log messages in the Switch exceeds this number, the Switch stops recording log messages and simply starts counting the number of entries that were dropped due to unavailable buffer.

  • Page 33: Command Examples

    ------------ -------------- DESCRIPTION This field displays how long the MAC address filters remain in the Switch after the Switch identifies an unauthorized ARP packet. The Switch automatically deletes the MAC address filter afterwards. This field displays the source MAC address in the MAC address filter.
  • Page 34 ARP packets and have not been sent to the syslog server yet. If the number of log messages in the Switch exceeds this number, the Switch stops recording log messages and simply starts counting the number of entries that were dropped due to unavailable buffer.
  • Page 35 For example, if the Rate is 15 pps and the burst interval is 1 second, then the switch accepts a maximum of 15 ARP packets in every one-second interval. If the burst interval is 5 seconds, then the...
  • Page 36 Chapter 6 ARP Inspection Commands Ethernet Switch CLI Reference Guide...

  • Page 37: Bandwidth Commands

    Use these commands to configure the maximum allowable bandwidth for incoming or outgoing traffic flows on a port. Bandwidth management implementation differs across Switch models. • Some models use a single command (bandwidth-limit ingress) to control the incoming rate of traffic on a port.
  • Page 38 DESCRIPTION Displays the current settings for interface bandwidth control. Enables bandwidth control on the Switch. Disables bandwidth control on the Switch. Enters subcommand mode for configuring the specified ports. C Enables bandwidth limits for incoming traffic on the port(s).
  • Page 39 This example displays the bandwidth limits configured on port 1. sysname# show running-config interface port-channel 1 bandwidth-limit Building configuration... Current configuration: interface port-channel 1 bandwidth-limit cir 4000 bandwidth-limit cir bandwidth-limit pir 5000 bandwidth-limit pir Ethernet Switch CLI Reference Guide Chapter 7 Bandwidth Commands...
  • Page 40 Chapter 7 Bandwidth Commands Ethernet Switch CLI Reference Guide...

  • Page 41: Broadcast Storm Commands

    Table 23 User-input Values: broadcast-limit, multicast-limit & dlf-limit COMMAND DESCRIPTION Specifies the maximum number of packets per second accepted by a Switch pkt/s port. The following section lists the commands for this feature. Table 24 Command Summary: storm-control, bmstorm-limit, and bstorm-control COMMAND show interfaces config <port-...
  • Page 42 8.3 Command Example: broadcast-limit, multicast-limit & dlf- limit This example enables broadcast storm control on the Switch, and configures port 1 to accept up to: • 128 broadcast packets per second, • 256 multicast packets per second,...
  • Page 43 256 sysname(config-interface)# dlf-limit sysname(config-interface)# dlf-limit 64 sysname(config)# exit sysname# show interfaces config 1 bstorm-control Broadcast Storm Control Enabled: Yes Port Broadcast|Enabled 128 pkt/s|Yes Ethernet Switch CLI Reference Guide Chapter 8 Broadcast Storm Commands Multicast|Enabled DLF-Limit|Enabled 256 pkt/s|Yes 64 pkt/s|Yes...
  • Page 44 Chapter 8 Broadcast Storm Commands Ethernet Switch CLI Reference Guide...

  • Page 45: Classifier Commands

    [mask-bits <mask-bits>]] [destination-socket <socket- num>] [inactive]> no classifier <name> no classifier <name> inactive Ethernet Switch CLI Reference Guide Classifier Commands 147) can be used to ensure that a traffic flow gets the DESCRIPTION Displays classifier configuration details. Configures a classifier. Specify the parameters to identify the...
  • Page 46 Table 28 Common TCP and UDP Port Numbers PROTOCOL NAME Telnet SMTP HTTP POP3 PROTOCOL NUMBER 0800 0801 0802 0803 0804 0805 0807 0BAD 5208 80D5 80F3 PROTOCOL NUMBER TCP/UDP PORT NUMBER Ethernet Switch CLI Reference Guide for a complete list.
  • Page 47 VLAN3. The policy command can use the name VLAN3 to apply policy rules to this traffic flow. sysname# config sysname(config)# classifier VLAN3 vlan 3 sysname(config)# exit sysname# show classifier Index Active Name 1 Yes VLAN3 Ethernet Switch CLI Reference Guide Chapter 9 Classifier Commands Rule VLAN = 3;...
  • Page 48 Chapter 9 Classifier Commands Ethernet Switch CLI Reference Guide...

  • Page 49: Cluster Commands

    Cluster Commands DESCRIPTION Displays cluster management status. Enables clustering in the specified VLAN group. Disables cluster management on the Switch. Sets a descriptive name for the cluster. <cluster name>: You may use up to 32 printable characters (spaces are allowed).
  • Page 50 Error: The member is connected but not accessible. For example, the member’s password has changed, or the member was set as the manager and so left the member list. This status also appears while the Switch finishes adding a new member to the cluster.
  • Page 51 This example logs in to the CLI of member 00:13:49:00:00:01, looks at the current firmware version on the member switch, logs out of the member’s CLI, and returns to the CLI of the manager. sysname# configure sysname(config)# cluster rcommand 00:13:49:00:00:01 Connected to 127.0.0.2...
  • Page 52 Chapter 10 Cluster Commands Ethernet Switch CLI Reference Guide...

  • Page 53: Date And Time Commands

    H A P T E R Date and Time Commands Use these commands to configure the date and time on the Switch. 11.1 Command Summary The following table describes user-input values available in multiple commands for this feature. Table 32 time User-input Values...
  • Page 54 Disables daylight saving on the Switch. Provides more information about the specified command. C DESCRIPTION Displays time server information. Sets the IP address of your time server. The Switch synchronizes with the time server in the following situations: • When the Switch starts up.
  • Page 55 :USE_DAYTIME DESCRIPTION This field displays the time zone. This field displays the time server protocol the Switch uses. It displays NO_TIMESERVICE if the time server is disabled. This field displays the IP address of the time server. This field displays the status of the connection with the time server.
  • Page 56 Chapter 11 Date and Time Commands Ethernet Switch CLI Reference Guide...

  • Page 57: Dhcp Commands

    • Use the dhcp smart-relay commands to configure DHCP relay for all broadcast domains. • Use the dhcp server commands to configure the Switch as a DHCP server. 12.1 Command Summary The following section lists the commands for this feature.
  • Page 58 Displays DHCP relay settings for the specified VLAN. Enables DHCP relay on the specified VLAN and sets the IP address of up to 3 DHCP servers. Optionally, sets the Switch to add relay agent information and system name. Note: You have to configure the VLAN before you configure a DHCP relay for the VLAN.
  • Page 59 <vlan-id> secondary-dns 12.2 Command Examples In this example, the Switch relays DHCP requests for the VLAN1 and VLAN2 domains. There is only one DHCP server for DHCP clients in both domains. Figure 1 Example: Global DHCP Relay DHCP Server: 192.168.1.100...
  • Page 60 2 helper-address 172.16.10.100 sysname(config)# exit In this example, the Switch is a DHCP server for clients on VLAN 1 and VLAN 2. The DHCP clients in VLAN 1 are assigned IP addresses in the range 192.168.1.100 to 192.168.1.200 and clients on VLAN 2 are assigned IP addresses in the range 172.16.1.30 to 172.16.1.130.
  • Page 61 1 starting-address 192.168.1.100 255.255.255.0 size-of-client-ip-pool 100 default-gateway 192.168.1.1 primary-dns 192.168.5.1 Ethernet Switch CLI Reference Guide DHCP Pool: 172.16.1.30-172.16.1.130 VLAN 1 61. It also provides the DHCP clients with the IP address of the Chapter 12 DHCP Commands...
  • Page 62 Chapter 12 DHCP Commands Ethernet Switch CLI Reference Guide...

  • Page 63: Dhcp Snooping & Dhcp Vlan Commands

    H A P T E R DHCP Snooping & DHCP VLAN Use the dhcp snooping commands to configure the DHCP snooping on the Switch and the dhcp vlan commands to specify a DHCP VLAN on your network. DHCP snooping filters unauthorized DHCP packets on the network and builds the binding table dynamically.
  • Page 64 VLAN ID to DHCP requests that it broadcasts to the DHCP VLAN, if specified, or VLAN. Sets the Switch to not add the slot number, port number and VLAN ID to DHCP requests that it broadcasts to the DHCP VLAN, if specified, or VLAN.
  • Page 65 • Enables DHCP snooping on VLANs 1,2,3,200 and 300. • Sets the Switch to add the slot number, port number and VLAN ID to DHCP requests that it broadcasts to the DHCP VLAN. • Sets ports 1 - 5 as DHCP snooping trusted ports.
  • Page 66 Chapter 13 DHCP Snooping & DHCP VLAN Commands Ethernet Switch CLI Reference Guide...

  • Page 67: Diffserv Commands

    H A P T E R Use these commands to configure Differentiated Services (DiffServ) on the Switch. 14.1 Command Summary The following section lists the commands for this feature. Table 43 diffserv Command Summary COMMAND show diffserv diffserv no diffserv diffserv dscp <0-63>...
  • Page 68 Chapter 14 DiffServ Commands Ethernet Switch CLI Reference Guide...

  • Page 69: Dvmrp Commands

    H A P T E R This chapter explains how to use commands to activate the Distance Vector Multicast Routing Protocol (DVMRP) on the Switch. 15.1 DVMRP Overview DVMRP (Distance Vector Multicast Routing Protocol) is a protocol used for routing multicast data.
  • Page 70 In this example, the Switch is configured to exchange DVMRP information with other DVMRP enabled routers as shown next. The Switch is a DVMRP router (C). DVMRP is activated on IP routing domains 10.10.10.1/24 and 172.16.1.1/24 so that it can exchange DVMRP information with routers A and B.

  • Page 71: Ethernet Oam Commands

    OSI (Open Systems Interconnection Basic Reference) model, neither IP or SNMP are necessary to monitor or troubleshoot network connection problems. The Switch supports the following IEEE 802.3ah features: • Discovery - this identifies the devices on each end of the Ethernet link and their OAM configuration.
  • Page 72 Disables the remote loopback feature on the ports. Resets the OAM mode to the default value. : Active : Not supported : Not supported : Not supported : 1518 : Down : Forward : Active Send Local Ethernet Switch CLI Reference Guide...
  • Page 73 PDUs; may send event notification PDUs; and may respond to variable request PDUs or loopback control PDUs. The Switch might not support some types of PDUs, as indicated in the fields below. This field indicates whether or not the Switch can send information PDUs to transmit fault information when the receive path is non-operational.
  • Page 74 Fault: One of the devices is transmitting OAM PDUs with link fault information, or the interface is not operational. Active Send Local: The Switch is in active mode and is trying to see if the remote device supports OAM. Passive Wait: The Switch is in passive mode and is waiting for the remote device to begin OAM discovery.
  • Page 75 This field displays the number of OAM PDUs received requesting MIB objects on the Switch. This field displays the number of OAM PDUs sent by the Switch in response to requests. This field displays the number of OAM PDUs sent by the remote device in response to requests.
  • Page 76 Table 48 show ethernet oam summary (continued) LABEL Mode Config DESCRIPTION This field displays the operational state of the remote device. This field displays the capabilities of the Switch and remote device. THe capabilities are identified in the OAM Config section. Ethernet Switch CLI Reference Guide...

  • Page 77: Garp Commands

    Table 49 garp Command Summary COMMAND show garp garp join <100-65535> leave <200-65535> leaveall <200-65535> Ethernet Switch CLI Reference Guide GARP Commands DESCRIPTION Displays GARP information. Configures GARP time settings (in milliseconds), including the join, leave and leave all timers for each port. Leave Time must be at least two times larger than Join Timer, and Leave All Timer must be larger than Leave Timer.
  • Page 78 Chapter 17 GARP Commands 17.3 Command Examples In this example, the administrator looks at the Switch’s GARP timer settings and decides to change them. The administrator sets the Join Timer to 300 milliseconds, the Leave Timer to 800 milliseconds, and the Leave All Timer to 11000 milliseconds.

  • Page 79: Gvrp Commands

    <port- list> gvrp no gvrp 18.2 Command Examples This example shows the Switch’s GVRP settings. sysname# show vlan1q gvrp GVRP Support ----------------------- gvrpEnable = YES gvrpPortEnable: This example turns off GVRP on ports 1-5.
  • Page 80 Chapter 18 GVRP Commands Ethernet Switch CLI Reference Guide...

  • Page 81: Reference H-M

    Reference H-M HTTPS Server Commands (83) IEEE 802.1x Authentication Commands (87) IGMP and Multicasting Commands (89) IGMP Snooping Commands (91) IGMP Filtering Commands (95) Interface Commands (97) Interface Route-domain Mode (101) IP Commands (103) IP Source Binding Commands (107) Logging Commands (109) Login Account Commands (111) Loopguard Commands (113) MAC Address Commands (115)

  • Page 83: Https Server Commands

    H A P T E R HTTPS Server Commands Use these commands to configure the HTTPS server on the Switch. 19.1 Command Summary The following section lists the commands for this feature. Table 51 https Command Summary COMMAND show https show https certificate show https key <rsa|dsa>...
  • Page 84 This field displays how long entries remain in the cache table before they expire. This field displays the SSL or TLS cipher suites the Switch supports for HTTPS sessions. The cipher suites are identified by their OpenSSL equivalent names. If the name does not include the authentication used, assume RSA authentication.
  • Page 85 SSL connection parameters. This field displays the current number of items in cache. This field displays the number of times the Switch used cache to satisfy a request. This field displays the number of times the Switch could not use cache to satisfy a request.
  • Page 86 UNIX format) of the session. This field displays the timeout for the session. If the session is idle longer than this, the Switch automatically disconnects. This field displays the return code when an SSL client certificate is verified. Ethernet Switch CLI Reference Guide...

  • Page 87: Ieee 802.1X Authentication Commands

    <port-list> reauthenticate port-access-authenticator <port-list> reauth-period <1- 65535> 20.2 Command Examples This example configures the Switch in the following ways: Ethernet Switch CLI Reference Guide Commands DESCRIPTION Displays all port authentication settings. Displays port authentication settings on the specified port(s).
  • Page 88 1 Specifies RADIUS server 1 with IP address 10.10.10.1, port 1890 and the string secretKey as the password. 2 Specifies the timeout period of 30 seconds that the Switch will wait for a response from the RADIUS server. 3 Enables port authentication on the Switch.

  • Page 89: Igmp And Multicasting Commands

    IGMP and Multicasting This chapter explains how to use commands to configure the Internet Group Membership Protocol (IGMP) on the Switch. It also covers configuring the ports to remove the VLAN tag from outgoing multicast packets on the Switch. 21.1 IGMP Overview The Switch supports IGMP version 1 (IGMP-v1), version 2 (IGMP-v2) and IGMP version 3 (IGMP-v3).
  • Page 90 <vlan-id> no ipmc egress-untag-vlan 21.3 Command Examples This example configures IGMP on the Switch with the following settings: • Sets the Switch to flood unknown multicast frames. • Sets the Switch to non-querier mode. • Configures the IP interface 172.16.1.1 with subnet mask 255.255.255.0 to route IGMP version 3 packets.

  • Page 91: Igmp Snooping Commands

    H A P T E R IGMP Snooping Commands Use these commands to configure IGMP snooping on the Switch. Chapter 23 on page 95 22.1 Command Summary The following section lists the commands for this feature. Table 57 igmp-flush Command Summary...
  • Page 92 Disables the IGMP snooping querier on the Switch. DESCRIPTION Displays the VLANs on which IGMP snooping is enabled. Specifies how the VLANs on which the Switch snoops IGMP packets are selected. auto: The Switch learns multicast group membership on any VLAN.
  • Page 93 <auto|fixed|edge> 22.2 Command Examples This example enables IGMP snooping on the Switch, sets the values to 30 seconds, and sets the Switch to drop packets from unknown multicast timeout groups. sysname(config)# igmp-snooping sysname(config)# igmp-snooping host-timeout 30 sysname(config)# igmp-snooping leave-timeout 30 sysname(config)# igmp-snooping unknown-multicast-frame drop This example limits the number of multicast groups on port 1 to 5.
  • Page 94 The following table describes the labels in this screen. Table 61 show multicast LABEL Index Port Multicast Group Timeout This example shows the current multicast VLAN on the Switch. sysname# show multicast vlan Multicast Vlan Status Index ----- ---- DESCRIPTION This field displays an entry number for the VLAN.

  • Page 95: Igmp Filtering Commands

    H A P T E R IGMP Filtering Commands Use these commands to configure IGMP filters and IGMP filtering on the Switch. 23.1 Command Summary The following section lists the commands for this feature. Table 62 igmp-filtering Command Summary COMMAND...
  • Page 96 This example restricts ports 1-4 to multicast IP addresses 224.255.255.0 through 225.255.255.255. sysname# configure sysname(config)# igmp-filtering sysname(config)# igmp-filtering profile example1 start-address --> 224.255.255.0 end-address 225.255.255.255 sysname(config)# interface port-channel 1-4 sysname(config-interface)# igmp-filtering profile example1 sysname(config-interface)# exit sysname(config)# exit Ethernet Switch CLI Reference Guide...

  • Page 97: Interface Commands

    Clears all statistics for the specified port. Displays current interface configuration. Enters config-interface mode for the specified port(s). Disables the specified port(s) on the Switch. Enables the port(s) on the Switch. Sets a name for the port(s). port-name-string: up to 64 English keyboard...
  • Page 98 RX CRC Runt :285034 65 to 127 :31914 128 to 255 :22277 256 to 511 :50546 512 to 1023 :1420 1024 to 1518 :4268 Giant DESCRIPTION This field displays the port number you are viewing. Ethernet Switch CLI Reference Guide...
  • Page 99 Error Packet RX CRC Runt Ethernet Switch CLI Reference Guide DESCRIPTION This field displays the speed (either 10M for 10 Mbps, 100M for 100 Mbps or 1000M for 1000 Mbps) and the duplex (F for full duplex or H for half duplex).
  • Page 100 This field shows the number of packets (including bad packets) received that were between 1024 and 1518 octets in length. This field shows the number of packets dropped because they were bigger than the maximum frame size. Ethernet Switch CLI Reference Guide...

  • Page 101: Interface Route-Domain Mode

    H A P T E R Interface Route-domain Mode In order to configure layer 3 routing features on the Switch, you must enter the interface routing domain mode in the CLI. 25.1 Command Summary The following section lists the commands for this feature.
  • Page 102 Chapter 25 Interface Route-domain Mode Ethernet Switch CLI Reference Guide...

  • Page 103: Ip Commands

    Sets the IP address of the MGMT port (for out-of-band management) on the Switch. Sets the default gateway for the out-of- band management interface on the Switch. Displays the IP address table. You can sort the table based on the IP address, VLAN ID or the port number.
  • Page 104 In particular, when the timeout algorithm is rsre(3), an object of this type has the semantics of the UBOUND quantity described in RFC 793. for an example. 4294967295 4025 Remote socket 172.16.5.15:1510 0.0.0.0:0 0.0.0.0:0 0.0.0.0:0 0.0.0.0:0 0.0.0.0:0 Ethernet Switch CLI Reference Guide...
  • Page 105 Ethernet Switch CLI Reference Guide DESCRIPTION This field displays the maximum number of TCP connections the Switch can support. If the maximum number is dynamic, this field displays -1. This field displays the number of times TCP connections have made a direct transition to the SYN-SENT state from the CLOSED state.
  • Page 106 This field displays the total number of UDP datagrams sent by the Switch. This field displays the process ID. This field displays the queue number of pending datagrams in this connection.

  • Page 107: Ip Source Binding Commands

    IpAddress Lease Ethernet Switch CLI Reference Guide DESCRIPTION Displays the bindings configured on the Switch, optionally based on the specified parameters. Provides more information about the specified command. Creates a static binding for ARP inspection. Removes the specified static binding.
  • Page 108 Type VLAN Port DESCRIPTION This field displays how the switch learned the binding. static: This binding was learned from information provided manually by an administrator. This field displays the source VLAN ID in the binding. This field displays the port number in the binding. If this field is blank, the binding applies to all ports.

  • Page 109: Logging Commands

    1 00:00:14 1970 PINI 11 Thu Jan 1 00:00:04 1970 PP05 -WARN 11 Thu Jan 1 00:00:04 1970 PP05 -WARN Clear Error Log (y/n): Ethernet Switch CLI Reference Guide Logging Commands DESCRIPTION Displays system logs. Clears system logs. SNMP TRAP 3: link up...
  • Page 110 Chapter 28 Logging Commands Ethernet Switch CLI Reference Guide...

  • Page 111: Login Account Commands

    H A P T E R Login Account Commands Use these commands to configure login accounts on the Switch. 29.1 Command Summary The following section lists the commands for this feature. Table 73 logins Command Summary COMMAND show logins logins username <name> password <password>...
  • Page 112 Chapter 29 Login Account Commands Ethernet Switch CLI Reference Guide...

  • Page 113: Loopguard Commands

    Loopguard Commands Use these commands to configure the Switch to guard against loops on the edge of your network. The Switch shuts down a port if the Switch detects that packets sent out on the port loop back to the Switch.
  • Page 114 Enable Disable DESCRIPTION This field displays whether or not loopguard is enabled on the Switch. This field displays the port number. This field displays whether or not the port is active. This field displays whether or not loopguard is enabled on the port.

  • Page 115: Mac Address Commands

    MAC Address Commands Use these commands to look at the MAC address table and to configure MAC address learning. The Switch uses the MAC address table to determine how to forward frames. 31.1 Command Summary The following section lists the commands for this feature.
  • Page 116 This is the VLAN group to which this frame belongs. This is the MAC address of the device from which this frame came. This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered using mac-forward commands, see 34 on page 121).

  • Page 117: Mac Authentication Commands

    Sets the password sent to the RADIUS server for clients using MAC authentication. The password can be up to 32 printable ASCII characters. Specifies the amount of time before the Switch allows a client MAC address that fails authentication to try and authenticate again.
  • Page 118 32.3 Command Examples This example enables MAC authentication on the Switch. Specifies the name prefix clientName and the MAC authentication password Lech89. Next, MAC authentication is activated on ports 1 - 5 and configuration details are displayed.

  • Page 119: Mac Filter Commands

    H A P T E R MAC Filter Commands Use these commands to filter traffic going through the Switch based on the MAC addresses and VLAN group (ID). Use the running configuration commands to look at the current MAC filter settings.

  • Page 120: Command Example

    The next example is for Switches that support the filtering of frames based on the source or destination MAC address only. This example creates a filter “sourcefilter” that drops packets originating from the MAC address af:af:01:01:ff:02 on VLAN 2. sysname(config)# mac-filter name sourcefilter mac af:af:01:01:ff:02 vlan 2 drop src Ethernet Switch CLI Reference Guide...

  • Page 121: Mac Forward Commands

    <interface-id> inactive no mac-forward mac <mac-addr> vlan <vlan-id> interface <interface-id> inactive Ethernet Switch CLI Reference Guide 115. DESCRIPTION Configures a static MAC address forwarding rule. Removes the specified MAC forwarding entry, belonging to a VLAN group forwarded through an interface.
  • Page 122 Chapter 34 MAC Forward Commands Ethernet Switch CLI Reference Guide...

  • Page 123: Mirror Commands

    Use the running configuration commands to look at the current mirror settings. Chapter 51 on page mirror-filter commands are not supported on all Switch models. 35.1 Command Summary The following section lists the commands for this feature.
  • Page 124 DESCRIPTION Specifies the source or destination MAC address that the Switch uses to decide whether or not to copy outgoing traffic to mirrored ports to the monitor port. all: Specifies that the Switch should copy all outgoing traffic from mirrored ports.

  • Page 125: Mrstp Commands

    H A P T E R Use these commands to configure MRSTP on the Switch. 36.1 MRSTP Overview The Switch allows you to configure multiple instances of Rapid Spanning Tree Protocol (RSTP) as defined in the following standard. • IEEE 802.1w Rapid Spanning Tree Protocol Chapter 53 on page 173 for information on MSTP commands.
  • Page 126 <port-list> 36.3 Command Examples This example configures MRSTP in the following way: • Enables MRSTP on the Switch. • Activates tree 1 and sets the bridge priority, Hello Time, Maximum Age and Forward Values for this RSTP configuration.

  • Page 127: Mstp Commands

    BPDU (Bridge Protocol Data Units) configuration message generations by the root switch. maximum-age: The maximum time (in seconds) the Switch can wait without receiving a BPDU before attempting to reconfigure. forward-delay: The maximum time (in seconds) the Switch will wait before changing states.
  • Page 128 Sets the priority for the specified ports. Priority decides which port should be disabled when more than one port forms a loop in a Switch. Ports with a higher priority numeric value are disabled first. (seconds)
  • Page 129 MSTID BridgeID TimeSinceTopoChange TopoChangeCount Ethernet Switch CLI Reference Guide DESCRIPTION This field displays the maximum number of BPDUs that can be transmitted in the interval specified by BridgeHelloTime. This field indicates whether BPDUs are RSTP (a value less than 3) or MSTP (a value greater than or equal to 3).
  • Page 130 This field displays the unique identifier for the root bridge, consisting of bridge priority plus MAC address. This field displays the path cost from the root port on this Switch to the root switch. This field displays the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree.

  • Page 131: Multiple Login Commands

    H A P T E R Multiple Login Commands Use these commands to configure multiple administrator logins on the Switch. 38.1 Command Summary The following section lists the commands for this feature. Table 89 multi-login Command Summary COMMAND show multi-login...
  • Page 132 Chapter 38 Multiple Login Commands Ethernet Switch CLI Reference Guide...

  • Page 133: Mvr Commands

    <port-list> group <name> start-address <ip> end-address <ip> no group no group <name-str> no mvr <vlan-id> Ethernet Switch CLI Reference Guide MVR Commands DESCRIPTION Shows the MVR status. Shows the detailed MVR status and MVR group configuration for a VLAN.
  • Page 134 5 Configures MVR multicast group addresses 224.0.0.1 through 224.0.0.255 by the name of ipgroup. 6 Exits MVR mode. sysname(config)# mvr 3 sysname(config-mvr)# name multivlan sysname(config-mvr)# source-port 2,3,5 sysname(config-mvr)# receiver-port 6-8 sysname(config-mvr)# mode dynamic sysname(config-mvr)# group ipgroup start-address 224.0.0.1 end-address --> 224.0.0.255 sysname(config-mvr)# exit Ethernet Switch CLI Reference Guide...

  • Page 135: Reference N-S

    Reference N-S OSPF Commands (137) Password Commands (141) PoE Commands (143) Policy Commands (147) Port Security Commands (151) Port-based VLAN Commands (153) Protocol-based VLAN Commands (155) Queuing Commands (157) RADIUS Commands (161) Remote Management Commands (163) RIP Commands (165) Running Configuration Commands (167) SNMP Server Commands (169) STP and RSTP Commands (173) SSH Commands (177)

  • Page 137: Ospf Commands

    H A P T E R This chapter explains how to use commands to configure the Open Shortest Path First (OSPF) routing protocol on the Switch. 40.1 OSPF Overview OSPF (Open Shortest Path First) is a link-state protocol designed to distribute routing information within an autonomous system (AS).
  • Page 138 Resets the authentication settings on this virtual link. Sets the virtual link to use the same authentication method as the area. Resets the authentication settings on this virtual area. Ethernet Switch CLI Reference Guide...
  • Page 139 <ip-addr/bits> no router ospf 40.3 Command Examples In this example, the Switch (A) is an Area Border Router (ABR) in an OSPF network. Figure 5 OSPF Network Example Area 1 Ethernet Switch CLI Reference Guide Chapter 40 OSPF Commands...
  • Page 140 Chapter 40 OSPF Commands This example enables OSPF on the Switch, sets the router ID to 172.16.1.1, configures an OSPF area ID as 0.0.0.0 (backbone) and enables simple authentication. sysname(config)# router ospf 172.16.1.1 sysname(config-ospf)# area 0.0.0.0 sysname(config-ospf)# area 0.0.0.0 authentication sysname(config-ospf)# area 0.0.0.0 name backbone...

  • Page 141: Password Commands

    H A P T E R Password Commands Use these commands to configure passwords for specific privilege levels on the Switch. 41.1 Command Summary The following section lists the commands for this feature. Table 93 password Command Summary COMMAND admin-password <pw-string>...
  • Page 142 Chapter 41 Password Commands Ethernet Switch CLI Reference Guide...

  • Page 143: Poe Commands

    Switch. Only available on models with the PoE feature. Enables PoE (Power over Ethernet) on the specified port(s). Sets the PD priority on a port to allow the Switch to allocate power to higher priority ports when the remaining power is less than the consumed power.
  • Page 144 3: 6.49~12.95 W When the total power requested by the PDs exceeds the total PoE power budget on the Switch, the Switch uses the PD priority to provide power to ports with higher priority. This field displays the amount of power the Switch is currently supplying to the PoE-enabled devices connected to this port.
  • Page 145 This field displays the total amount of power the Switch has reserved for PoE after negotiating with the PoE device(s). This field displays the amount of power the Switch can still provide for PoE. Note: The Switch must have at least 16 W of remaining power in order to supply power to a PoE device, even if the PoE device requested less than 16 W.
  • Page 146 Chapter 42 PoE Commands Ethernet Switch CLI Reference Guide...

  • Page 147: Policy Commands

    The following section lists the commands for this feature. Table 96 policy Command Summary COMMAND show policy show policy <name> Ethernet Switch CLI Reference Guide Policy Commands DESCRIPTION Displays all policy related information. Displays the specified policy related information. Chapter 9 on page 45...
  • Page 148 DSCP number for out-of-profile traffic. Specifies the actions for this policy: • queue-action: tells the Switch to: - set the IEEE 802.1p priority you specified in the priority parameter (prio-set) - send the packet to priority queue (prio-queue) - replace the IEEE 802.1p priority field with the tos...
  • Page 149 Egress Port = 1; Outgoing packet format = tagged; Bandwidth = 0; Out-of-profile DSCP = 0; Action: Replace the 802.1 priority field with the IP TOS value; Ethernet Switch CLI Reference Guide Chapter 43 Policy Commands Chapter 9 on page 45). This policy replaces the IEEE...
  • Page 150 Chapter 43 Policy Commands Ethernet Switch CLI Reference Guide...

  • Page 151: Port Security Commands

    Use these commands to allow only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the Switch. For maximum port security, enable port security, disable MAC address learning and configure static MAC address(es) for a port.
  • Page 152 1 sysname(config)# no port-security 1 learn inactive sysname(config)# port-security 1 address-limit 5 sysname(config)# exit sysname# show port-security 1 Port Security Active : YES Port Active Address Learning Limited Number of Learned MAC Address Ethernet Switch CLI Reference Guide...

  • Page 153: Port-Based Vlan Commands

    This example looks at the ports to which incoming traffic from ports 1 and 2 can be forwarded. sysname# show interfaces config 1-2 egress Port 1: Enabled egress ports cpu, eg1 Port 2: Enabled egress ports cpu, eg1-eg4 Ethernet Switch CLI Reference Guide DESCRIPTION Displays outgoing port information. Specifies the VLAN type.
  • Page 154 Chapter 45 Port-based VLAN Commands Ethernet Switch CLI Reference Guide...

  • Page 155: Protocol-Based Vlan Commands

    H A P T E R Protocol-based VLAN Use these commands to configure protocol based VLANs on the Switch. 46.1 Protocol-based VLAN Overview Protocol-based VLANs allow you to group traffic based on the Ethernet protocol you specify. This allows you to assign priority to traffic of the same protocol.
  • Page 156 IPX is 8137. Note: Protocols in the hexadecimal number range 0x0000 to 0x05ff are not allowed. priority - specify the IEEE 802.1p priority that the Switch assigns to frames belonging to this VLAN. Disables protocol based VLAN of the specified protocol on the port.

  • Page 157: Queuing Commands

    • Strictly Priority Queuing (SPQ) - services queues based on priority only. As traffic comes into the Switch, traffic on the highest priority queue, Q7 is transmitted first. When that queue empties, traffic on the next highest-priority queue, Q6 is transmitted until Q6 empties, and then traffic is transmitted on Q5 and so on.
  • Page 158 • Hybrid Mode: WRR & SPQ or WFQ & SPQ - some switch models allow you to configure higher priority queues to use SPQ and use WRR or WFQ for the lower level queues.
  • Page 159 <q0|q1| ... |q7> weight <wt1> <wt2> ... <wt8> Assigns a weight value to each physical queue on the Switch. 47.3 Command Examples: Port by Port Configuration This example configures WFQ on ports 1-5 and assigns weight values (1,2,3,4,12,13,14,15) to the physical queues (Q0 to Q8).
  • Page 160 1-5 sysname(config-interface)# weight 1 2 3 4 12 13 14 15 This example configures the Switch to use WRR as a queueing method but configures the Gigabit ports 9-12 to use SPQ for queues 5, 6 and 7.

  • Page 161: Radius Commands

    RADIUS server. round-robin: The Switch alternates between RADIUS servers that it sends authentication requests to. Specify the amount of time (in seconds) that the Switch waits for an authentication request response from the RADIUS server. In index-priority mode, the timeout is divided by the number of servers you configure.
  • Page 162 Specifies the IP address of the RADIUS accounting server. Optionally, sets the port number and key of the external RADIUS accounting server. index: 1 or 2. key-string: 1-32 alphanumeric characters. Resets the specified RADIUS accounting server to its default values. Ethernet Switch CLI Reference Guide...

  • Page 163: Remote Management Commands

    H A P T E R Use these commands to specify a group of one or more “trusted computers” from which an administrator may use one or more services to manage the Switch and to decide what services you may use to access the Switch.
  • Page 164 49.2 Command Examples This example allows computers in subnet 172.16.37.0/24 to access the Switch through any service except SNMP, allows the computer at 192.168.10.1 to access the Switch only through SNMP, and prevents other computers from accessing the Switch at all.

  • Page 165: Rip Commands

    RIP is a protocol used for exchanging routing information between routers on a network. Information is exchanged by routers periodically advertising a routing table. The Switch can be configured to receive and incorporate routing table information sent from other routers, to only send routing information to other routers, both send and receive routing information, or to neither send nor receive routing information to or from other routers on the network.
  • Page 166 Chapter 50 RIP Commands • Sets the RIP direction in this routing domain to Both and the version to 2 with subnet broadcasting (v2b); the Switch will send and receive RIP packets in this routing domain. sysname(config)# router rip sysname(config-rip)# exit sysname(config)# interface route-domain 172.16.1.1/24...

  • Page 167: Running Configuration Commands

    Switch called running-config. You can perform the following with a configuration file: • Back up Switch configuration once the Switch is set up to work in your network. • Restore a previously-saved Switch configuration.
  • Page 168 [<attribute> [<...>]] erase running-config help 51.3 Command Examples This example resets the Switch to the factory default settings. sysname# erase running-config sysname# write memory This example copies all attributes of port 1 to port 2 and copies selected attributes (active,...

  • Page 169: Snmp Server Commands

    H A P T E R SNMP Server Commands Use these commands to configure SNMP on the Switch. 52.1 Command Summary The following table describes user-input values available in multiple commands for this feature. Table 110 snmp-server User-input Values COMMAND...
  • Page 170 Enables sending SNMP traps to a manager. Disables sending of SNMP traps to a manager. Sends all AAA traps to the specified manager. Prevents the Switch from sending any AAA traps to the specified manager. Sends the specified AAA traps to the specified manager.
  • Page 171 Chapter 52 SNMP Server Commands DESCRIPTION Sends the specified IP traps to the specified manager. Prevents the Switch from sending the specified IP traps to the specified manager. Sends all switch traps to the specified manager. Prevents the Switch from sending any switch traps to the specified manager.
  • Page 172 Chapter 52 SNMP Server Commands Ethernet Switch CLI Reference Guide...

  • Page 173: Stp And Rstp Commands

    <RSTP|MRSTP|MSTP> spanning-tree no spanning-tree spanning-tree hello-time <1-10> maximum-age <6-40> forward-delay <4-30> spanning-tree priority <0-61440> Sets the bridge priority of the Switch. The lower the numeric spanning-tree <port-list> no spanning-tree <port-list> spanning-tree <port-list> path- cost <1-65535> Ethernet Switch CLI Reference Guide...
  • Page 174 Sets the priority for the specified ports. Priority decides which port should be disabled when more than one port forms a loop in a Switch. Ports with a higher priority numeric value are disabled first. Provides more information about the specified command.
  • Page 175 This field displays the unique identifier for the root bridge, consisting of bridge priority plus MAC address. This field displays the path cost from the root port on this Switch to the root switch. This field displays the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree.
  • Page 176 Chapter 53 STP and RSTP Commands Ethernet Switch CLI Reference Guide...

  • Page 177: Ssh Commands

    DESCRIPTION Displays general SSH settings. Displays current SSH session(s). Displays known SSH hosts information. Adds a remote host to which the Switch can access using SSH service. Removes the specified remote hosts from the list of all known hosts. Removes the specified remote hosts with the specified public key (1024-bit RSA1, RSA or DSA).
  • Page 178 This field indicates whether or not the SSH server is enabled. This field displays the port number the SSH server uses. This field displays the number of bits in the Switch’s host key. This field displays the number of bits in the SSH server’s public key.

  • Page 179: Static Route Commands

    H A P T E R Static Route Commands Use these commands to tell the Switch how to forward IP traffic. IP static routes are used by layer-2 Switches to ensure they can respond to management stations not reachable via the default gateway and to proactively send traffic, for example when sending SNMP traps or conducting IP connectivity tests using ping.
  • Page 180 IP addresses to which this entry applies. This field is reserved. This field displays the IP address to which the Switch forwards packets whose destination IP address is in the range defined by Dest and Len.
  • Page 181 You can create an active static route that routes traffic for 192.168.10.1/24 to 172.16.37.254. sysname# configure sysname(config)# ip route 192.168.10.1 255.255.255.0 172.16.37.254 sysname(config)# exit sysname# show ip route static Idx Active Name Dest. Addr. Subnet Mask Gateway Addr. Metric static 192.168.10.1 255.255.255.0 172.16.37.254 Ethernet Switch CLI Reference Guide...
  • Page 182 Chapter 55 Static Route Commands Ethernet Switch CLI Reference Guide...

  • Page 183: Subnet-Based Vlan Commands

    Displays subnet based VLAN settings on the Switch. Enables subnet based VLAN on the Switch. Sets the Switch to force the DHCP clients to obtain their IP addresses through the DHCP VLAN. Specifies the name, IP address, subnet mask, VLAN ID of the...
  • Page 184 Name ----------- ----------- subnet1VLAN 172.16.37.1 DESCRIPTION Removes the specified subnet from the subnet-based VLAN configuration. Disables the DHCP VLAN override setting for subnet-based VLAN(s). Src IP Mask-Bits Vlan Priority --------- ---- -------- Ethernet Switch CLI Reference Guide Entry Active ------------...

  • Page 185: Syslog Commands

    <ip-address> inactive Table 123 syslog type Command Summary COMMAND syslog type <type> syslog type <type> facility <0- 7> no syslog type <type> Ethernet Switch CLI Reference Guide Syslog Commands system interface switch DESCRIPTION Enables syslog logging. Disables syslog logging.
  • Page 186 Chapter 57 Syslog Commands Ethernet Switch CLI Reference Guide...

  • Page 187: Reference T-Z

    Reference T-Z TACACS+ Commands (189) TFTP Commands (191) Trunk Commands (193) trTCM Commands (197) VLAN Commands (199) VLAN IP Commands (203) VLAN Port Isolation Commands (205) VLAN Stacking Commands (207) VLAN Trunking Commands (209) VRRP Commands (211) Additional Commands (215)

  • Page 189: Tacacs+ Commands

    1000> tacacs-accounting host <index> <ip> [acct-port <socket-number>] [key <key-string>] no tacacs-accounting <index> Ethernet Switch CLI Reference Guide DESCRIPTION Displays TACACS+ server settings. Specifies the TACACS+ server timeout value. Specifies the mode for TACACS+ server selection. Specifies the IP address of the specified TACACS+ server.
  • Page 190 Chapter 58 TACACS+ Commands Ethernet Switch CLI Reference Guide...

  • Page 191: Tftp Commands

    <ip> <remote- file> copy tftp config <index> <ip> <remote-file> copy running-config tftp <ip> <remote-file> Ethernet Switch CLI Reference Guide TFTP Commands DESCRIPTION Restores firmware via TFTP. Restores configuration with the specified filename from the specified TFTP server.
  • Page 192 Chapter 59 TFTP Commands Ethernet Switch CLI Reference Guide...

  • Page 193: Trunk Commands

    H A P T E R Use these commands to logically aggregate physical links to form one logical, higher- bandwidth link. The Switch adheres to the IEEE 802.3ad standard for static and dynamic (Link Aggregate Control Protocol, LACP) port trunking.
  • Page 194 LACP: The ports joined the trunk via LACP. This field shows the number of ports in the trunk. This field is displayed if there are ports in the trunk. This field displays the member port(s) in the trunk. Ethernet Switch CLI Reference Guide...
  • Page 195 [(0000,00-00-00-00-00- 00,0000,00,0000)] LINKS SYNCS Ethernet Switch CLI Reference Guide DESCRIPTION This field displays the trunk ID to identify a trunk group, that is, one logical link containing multiple ports. This field displays the system priority, MAC address, key, port priority, and port number.
  • Page 196 Chapter 60 Trunk Commands Ethernet Switch CLI Reference Guide...

  • Page 197: Trtcm Commands

    • yellow - if the packet is below the PIR, but exceeds the CIR • green - if the packet is below the CIR The colors reflect the packet’s loss priority and the Switch changes the packet’s DiffServ Code Point (DSCP) value based on the color.
  • Page 198 61.3 Command Examples This example activates trTCM on the Switch with the following settings: • Sets the Switch to inspect the DSCP value of the packets (color-aware mode). • Enables trTCM on ports 1-5. • Sets the Committed Information Rate (CIR) to 4000 Kbps.

  • Page 199: Vlan Commands

    VLAN is unidirectional; it only governs outgoing traffic. 62.2 VLAN Configuration Overview 1 Use the vlan <vlan-id> command to configure or create a VLAN on the Switch. The Switch automatically enters config-vlan mode. Use the exit command when you are finished configuring the VLAN.
  • Page 200 <vlan-id> The following section lists the commands for the ingress checking feature VLAN ingress checking implementation differs across Switch models. • Some models enable or disable VLAN ingress checking on all the ports via the vlan1q ingress-check command.
  • Page 201 Ethernet Switch CLI Reference Guide DESCRIPTION Displays ingress check settings on the Switch. Enables ingress checking on the Switch. The Switch discards incoming frames on a port for VLANs that do not include this port in its member set. Disables ingress checking on the Switch.
  • Page 202 This field displays an entry number for each VLAN. This field displays the VLAN identification number. This field displays how this VLAN was added to the Switch. Dynamic: The VLAN was added via GVRP. Static: The VLAN was added as a permanent entry Other: The VLAN was added in another way, such as Multicast VLAN Registration (MVR).

  • Page 203: Vlan Ip Commands

    Use these commands to configure the default gateway device and add IP domains for VLAN. 63.1 IP Interfaces Overview The Switch needs an IP address for it to be managed over the network. The factory default IP address is 192.168.1.1. The subnet mask specifies the network number portion of an IP address.
  • Page 204 Table 136 vlan ip address Command Summary (continued) COMMAND ip address default-gateway <ip-address> no ip address default- gateway 63.3 Command Examples Section 3.4 on page DESCRIPTION Sets a default gateway IP address for this VLAN. Deletes the default gateway from this VLAN. Ethernet Switch CLI Reference Guide...

  • Page 205: Vlan Port Isolation Commands

    H A P T E R VLAN Port Isolation Commands Use these commands to configure VLAN port isolation on the Switch. VLAN port isolation allows each port to communicate only with the CPU management port and the uplink ports, but not to communicate with each other.
  • Page 206 Chapter 64 VLAN Port Isolation Commands Ethernet Switch CLI Reference Guide...

  • Page 207: Vlan Stacking Commands

    The Switch ignores frames received (or transmitted) on this port with VLAN stacking tags. access: the Switch adds the SP TPID tag to all incoming frames received on this port. tunnel: (available for Gigabit and faster ports only) for egress ports at the edge of the service provider's network.
  • Page 208 VLAN 24 Customer B This example shows how to configure ports 1 and 2 on the Switch to tag incoming frames with the service provider’s VID of 37 (ports are connected to customer A network). This example also shows how to set the priority for ports 1 and 2 to 3.

  • Page 209: Vlan Trunking Commands

    H A P T E R VLAN Trunking Commands Use these commands to decide what the Switch should do with frames that belong to unknown VLAN groups. 66.1 Command Summary The following section lists the commands for this feature. Table 139 vlan-trunking Command Summary COMMAND interface port-channel <port-...
  • Page 210 Chapter 66 VLAN Trunking Commands Ethernet Switch CLI Reference Guide...

  • Page 211: Vrrp Commands

    H A P T E R This chapter explains how to use commands to configure the Virtual Router Redundancy Protocol (VRRP) on the Switch. 67.1 VRRP Overview VRRP is a protocol that allows you to configure redundant router connections. The protocol reduces downtime in case of a single link failure.
  • Page 212 VR1 to ensure the link between the host X and the uplink gateway G. Host X is configured to use VR1 (192.168.1.254) as the default gateway. Switch A has a higher priority, so it is the master router. Switch B, having a lower priority, is the backup router.
  • Page 213 This example shows how to create the IP routing domains and configure the Switch to act as router A in the topology shown in sysname# config sysname(config)# vlan 100 sysname(config-vlan)# fixed 1-4 sysname(config-vlan)# untagged 1-4 sysname(config-vlan)# ip address 10.10.1.252 255.255.255.0...
  • Page 214 Chapter 67 VRRP Commands This example shows how to create the IP routing domains and configure the Switch to act as router B in the topology shown in sysname# config sysname(config)# vlan 100 sysname(config-vlan)# fixed 1-4 sysname(config-vlan)# untagged 1-4 sysname(config-vlan)# ip address 10.10.1.253 255.255.255.0...

  • Page 215: Additional Commands

    H A P T E R Additional Commands Use these commands to configure or perform additional features on the Switch. 68.1 Command Summary The following section lists the commands for this feature. Table 141 Command Summary: Changing Modes or Privileges...
  • Page 216 Switch is currently using. DESCRIPTION Enables Bridge Control Protocol (BCP) transparency on the Switch. Sets which traffic flow (in-band or out-of-band) the Switch sends packets or originating from itself (such as SNMP traps, ping Sets the Switch’s name for identification purposes.
  • Page 217 This field displays the maximum round trip time to ping the specified IP address. This field displays the minimum round trip time to ping the specified IP address. This field displays the IP address from which the Switch received the ICMP response. Chapter 68 Additional Commands reply from 172.16.37.254...
  • Page 218 Chapter 68 Additional Commands This example shows the current status of the various alarms in the Switch. sysname# show alarm-status name ----------------- VOLTAGE TEMPERATURE POE OVER LOAD POE SHORT CIRCUIT POE POWERBOX The following table describes the labels in this screen.
  • Page 219 Normal: The current temperature is below the threshold. Error: The current temperature is above the threshold. This field displays the fans in the Switch. Each fan has a sensor that is capable of detecting and reporting when the fan speed falls below the threshold.
  • Page 220 : 0.0 : 185.0 DESCRIPTION This field displays the total power the Switch can provide to PoE-enabled devices. This field displays the amount of power the Switch is currently supplying to the PoE-enabled devices. Switch Ethernet Switch CLI Reference Guide...
  • Page 221 DESCRIPTION This field displays the system name (or hostname) of the Switch. This field displays the name of the person in charge of this Switch. Use the snmp-server command to configure this. See This field displays the geographic location of this Switch. Use the snmp- server command to configure this.
  • Page 222 This example displays route information to an Ethernet device with IP address 192.168.1.100 sysname> traceroute 192.168.1.100 traceroute to 192.168.1.100, 30 hops max, 40 byte packet 1:192.168.1.100 (10 ms) (10 ms) (0 ms) traceroute done: sysname> Ethernet Switch CLI Reference Guide...

  • Page 223: Appendices And Index Of Commands

    Appendices and Index of Commands Default Values (225) Legal Information (227) Customer Support (231) Index of Commands (237)

  • Page 225: Default Values

    <index> no radius-accounting <index> Ethernet Switch CLI Reference Guide Default Values DEFAULT VALUE Method 1: enable Method 2: none Method 3: none Method 1: local Method 2: none...
  • Page 226 Appendix A Default Values Ethernet Switch CLI Reference Guide...

  • Page 227: Legal Information

    Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others.

  • Page 228: Zyxel Limited Warranty

    3 Select the certification you wish to view from this page. ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During...
  • Page 229 Any replacement will consist of a new or re-manufactured functionally equivalent product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product has been modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.
  • Page 230 Appendix B Legal Information Ethernet Switch CLI Reference Guide...

  • Page 231: Customer Support

    • Sales E-mail: sales@zyxel.co.cr • Telephone: +506-2017878 • Fax: +506-2015098 • Web: www.zyxel.co.cr • FTP: ftp.zyxel.co.cr • Regular Mail: ZyXEL Costa Rica, Plaza Roble Escazú, Etapa El Patio, Tercer Piso, San José, Costa Rica Czech Republic • E-mail: info@cz.zyxel.com • Telephone: +420-241-091-350 •...
  • Page 232 • E-mail: info@zyxel.fr • Telephone: +33-4-72-52-97-97 • Fax: +33-4-72-52-19-20 • Web: www.zyxel.fr • Regular Mail: ZyXEL France, 1 rue des Vergers, Bat. 1 / C, 69760 Limonest, France Germany • Support E-mail: support@zyxel.de • Sales E-mail: sales@zyxel.de • Telephone: +49-2405-6909-69 •...
  • Page 233 • Sales E-mail: sales@zyxel.in • Telephone: +91-11-30888144 to +91-11-30888153 • Fax: +91-11-30888149, +91-11-26810715 • Web: http://www.zyxel.in • Regular Mail: India - ZyXEL Technology India Pvt Ltd., II-Floor, F2/9 Okhla Phase -1, New Delhi 110020, India Japan • Support E-mail: support@zyxel.co.jp •...
  • Page 234 • Support E-mail: support@zyxel.com.sg • Sales E-mail: sales@zyxel.com.sg • Telephone: +65-6899-6678 • Fax: +65-6899-8887 • Web: http://www.zyxel.com.sg • Regular Mail: ZyXEL Singapore Pte Ltd., No. 2 International Business Park, The Strategy #03-28, Singapore 609930 Spain • Support E-mail: support@zyxel.es • Sales E-mail: sales@zyxel.es •...
  • Page 235 • Support E-mail: support@zyxel.co.th • Sales E-mail: sales@zyxel.co.th • Telephone: +662-831-5315 • Fax: +662-831-5395 • Web: http://www.zyxel.co.th • Regular Mail: ZyXEL Thailand Co., Ltd., 1/1 Moo 2, Ratchaphruk Road, Bangrak-Noi, Muang, Nonthaburi 11000, Thailand. Ukraine • Support E-mail: support@ua.zyxel.com • Sales E-mail: sales@ua.zyxel.com •...
  • Page 236 Appendix C Customer Support Ethernet Switch CLI Reference Guide...

  • Page 237: Index Of Commands

    <1|2|3|4|5> ... 215 bcp-transparency ... 216 bmstorm-limit <rate> ... 42 bmstorm-limit ... 41 boot config ... 215 broadcast-limit <pkt/s> ... 42 broadcast-limit ... 42 Ethernet Switch CLI Reference Guide Index of Commands authentication-key <key> ... 138 Index of Commands...
  • Page 238 <0-63> priority <0-7> ... 67 diffserv ... 67 diffserv ... 67 disable ... 215 dlf-limit <pkt/s> ... 42 dlf-limit ... 42 egress set <port-list> ... 153 enable <0-14> ... 215 enable ... 215 erase running-config help ... 168 Ethernet Switch CLI Reference Guide...
  • Page 239 <port-list> ... 155 interface port-channel <port-list> ... 158 interface port-channel <port-list> ... 160 interface port-channel <port-list> ... 197 interface port-channel <port-list> ... 201 interface port-channel <port-list> ... 207 interface port-channel <port-list> ... 209 Ethernet Switch CLI Reference Guide...
  • Page 240 <name> privilege <0-14> ... 111 logout ... 215 loopguard ... 113 loopguard ... 113 mac-aging-time <10-3000> ... 115 mac-authentication nameprefix <name-string> ... 117 mac-authentication password <name-string> ... 117 mac-authentication timeout <1-3000> ... 117 Ethernet Switch CLI Reference Guide...
  • Page 241 ... 225 no aaa authentication login ... 27 no area <area-id> authentication ... 138 no area <area-id> default-cost ... 138 no area <area-id> stub no-summary ... 138 no area <area-id> stub ... 138 Ethernet Switch CLI Reference Guide...
  • Page 242 ... 67 no diffserv ... 67 no dlf-limit ... 42 no egress set <port-list> ... 153 no ethernet oam mode ... 72 no ethernet oam remote-loopback supported ... 72 no ethernet oam ... 71 Ethernet Switch CLI Reference Guide...
  • Page 243 <tree-index> ... 126 no mstp instance <0-16> interface port-channel <port-list> ... 128 no mstp instance <0-16> vlan <1-4094> ... 128 no mstp instance <0-16> ... 127 no mstp ... 127 no multicast-limit ... 42 Ethernet Switch CLI Reference Guide...
  • Page 244 <ip> enable traps ip <options> ... 171 no snmp-server trap-destination <ip> enable traps ip ... 170 no snmp-server trap-destination <ip> enable traps switch <options> ... 171 no snmp-server trap-destination <ip> enable traps switch ... 171 no snmp-server trap-destination <ip> enable traps system <options> ... 171 no snmp-server trap-destination <ip>...
  • Page 245 <vlan-id> priority <0-7> ... 156 pvid <1-4094> ... 97 pwr interface <port-list> priority <critical|high|low> ... 143 pwr interface <port-list> ... 143 pwr mibtrap ... 143 pwr usagethreshold <1-99> ... 143 Ethernet Switch CLI Reference Guide Index of Commands...
  • Page 246 ... 49 show cpu-utilization ... 216 show dhcp relay <vlan-id> ... 58 show dhcp relay <vlan-id> ... 58 show dhcp smart-relay ... 57 show dhcp snooping binding ... 63 show dhcp snooping database detail ... 63 Ethernet Switch CLI Reference Guide...
  • Page 247 ... 115 show mac address-table vlan <vlan-id> [<sort>] ... 115 show mac-aging-time ... 115 show mac-authentication config ... 117 show mac-authentication ... 117 show mrstp <tree-index> ... 125 show mstp instance <0-16> ... 127 Ethernet Switch CLI Reference Guide...
  • Page 248 <ip> enable traps aaa ... 170 snmp-server trap-destination <ip> enable traps interface <options> ... 170 snmp-server trap-destination <ip> enable traps interface ... 170 snmp-server trap-destination <ip> enable traps ip <options> ... 171 snmp-server trap-destination <ip> enable traps ip ... 170 Ethernet Switch CLI Reference Guide...
  • Page 249 <ip> enable traps switch <options> ... 171 snmp-server trap-destination <ip> enable traps switch ... 171 snmp-server trap-destination <ip> enable traps system <options> ... 171 snmp-server trap-destination <ip> enable traps system ... 171 snmp-server trap-destination <ip> enable traps ... 170 snmp-server username <name>...
  • Page 250 <802.1q|port-based> ... 153 vlan-type <802.1q|port-based> ... 200 weight <wt1> <wt2> ... <wt8> ... 159 weight <wt1> <wt2> ... <wt8> ... 160 wfq ... 159 wfq ... 159 write memory ... 216 wrr ... 159 wrr ... 159 Ethernet Switch CLI Reference Guide...

This manual is also suitable for:

Gs2200

Table of Contents

Save PDF