Page 2
Specifications are subject to change without notice. is a registered trademark of TP-LINK TECHNOLOGIES CO., LTD. Other brands and product names are trademarks or registered trademarks of their respective holders. No part of the specifications may be reproduced in any form or by any means or used to make any derivative such as translation, transformation, or adaptation without permission from TP-LINK TECHNOLOGIES CO., LTD.
CONTENTS Preface ......................1 Chapter 1 Using the CLI ..................4 1.1 Accessing the CLI......................4 1.1.1 Logon by a console port ..................4 1.1.2 Logon by Telnet .......................6 1.2 CLI Command Modes......................8 1.3 Security Levels ........................10 1.4 Conventions ........................10 1.4.1 Format Conventions ....................10 1.4.2 Special Characters ....................
Page 4
show protocol-vlan template....................22 show protocol-vlan vlan ......................22 show protocol-vlan interface....................22 Chapter 5 VLAN-VPN Commands..............24 vlan-vpn enable ........................24 vlan-vpn tpid ..........................24 vlan-vpn interface ........................25 vlan-vpn uplink ........................25 show vlan-vpn global ......................26 show vlan-vpn uplink ......................26 show vlan-vpn interface......................27 Chapter 6 Voice VLAN Commands ..............
Page 5
interface range link-aggregation ....................40 link-aggregation........................41 link-aggregation hash-algorithm ....................42 description ..........................42 show interface link-aggregation.....................43 Chapter 10 LACP Commands ................44 lacp system-priority .......................44 lacp (interface)........................44 lacp admin-key ........................45 lacp port-priority........................45 show lacp system-priority ......................46 show lacp interface........................46 Chapter 11 User Manage Commands..............48 user add ..........................48 user remove ..........................49 user modify status .........................49...
Page 6
dhcp-snooping trusted ......................61 dhcp-snooping mac-verify .....................62 dhcp-snooping rate-limit ......................62 dhcp-snooping decline......................63 show binding-table.........................63 show dhcp-snooping global ....................64 show dhcp-snooping information...................64 show dhcp-snooping interface....................65 Chapter 13 ARP Inspection Commands.............. 66 arp detection (global)......................66 arp detection trust-port ......................66 arp detection (interface)......................67 arp detection limit-rate ......................67 arp detection recover......................68 show arp detection global......................69 show arp detection interface....................69...
Page 7
dot1x port-method .........................80 radius authentication primary-ip ....................81 radius authentication secondary-ip ..................81 radius authentication port ......................82 radius authentication key.......................83 radius accounting enable.......................83 radius accounting primary-ip ....................84 radius accounting secondary-ip.....................84 radius accounting port ......................85 radius accounting key......................85 radius response-timeout ......................86 show dot1x global........................87 show dot1x interface ......................87 show radius authentication ....................87 show radius accounting ......................88...
Page 8
Chapter 20 Address Commands.................100 bridge address port-security ....................100 bridge address static ......................101 bridge aging-time.........................102 bridge address filtering ......................102 show bridge port-security ....................103 show bridge address ......................103 show bridge aging-time .......................104 Chapter 21 System Commands ................105 system-descript ........................105 system-time gmt ........................105 system-time manual ......................106 system-time dst ........................106 ip address..........................107...
Page 9
shutdown ..........................117 flow-control .......................... 118 negotiation........................... 118 storm-control ........................119 port rate-limit ........................120 port rate-limit disable ingress....................120 port rate-limit disable egress ....................121 show interface configuration....................121 show interface status......................122 show interface counters.......................122 show storm-control ethernet ....................123 show port rate-limit ......................123 Chapter 23 QoS Commands................124 qos ............................124 qos dot1p enable.........................124...
Interface). device mentioned this Guide stands TL-SG5428/TL-SG5412F JetStream L2 Managed Switch. Overview of this Guide Chapter 1: Using the CLI Provide information about how to use the CLI, CLI Command Modes, Security Levels and some Conventions. Chapter 2: User Interface Provide information about the commands used to switch between five CLI Command Modes.
Page 14
Chapter 12: Binding Table Commands Provide information about the commands used for binding the IP address, MAC address, VLAN and the connected Port number of the Host together. Chapter 13: ARP Inspection Commands Provide information about the commands used for protecting the switch from the ARP cheating or ARP Attack.
Page 15
Chapter 26: ACL Commands Provide information about the commands used for configuring the ACL (Access Control List). Chapter 27: MSTP Commands Provide information about the commands used for configuring the MSTP (Multiple Spanning Tree Protocol). Chapter 28: IGMP Commands Provide information about the commands used for configuring the IGMP Snooping (Internet Group Management Protocol Snooping).
Chapter 1 Using the CLI 1.1 Accessing the CLI You can log on to the switch and access the CLI by the following two methods: Log on to the switch by the console port on the switch. Log on to the switch remotely by a Telnet or SSH connection through an Ethernet port. 1.1.1 Logon by a console port To log on to the switch by the console port on the switch, please take the following steps: Connect the PCs or Terminals to the console port on the switch by a provided cable.
Page 17
Figure 1-2 Connection Description Select the port to connect in figure 1-3, and click OK. Figure 1-3 Select the port to connect Configure the port selected in the step above as the following figure1-4 shown. Configure Bits per second as 38400, Data bits as 8, Parity as None, Stop bits as 1, Flow control as None, and then click OK.
Type the User name and Password in the Hyper Terminal window, the factory default value for both of them is admin. The DOS prompt” TP-LINK>” will appear after pressing the Enter button as figure1-5 shown. It indicates that you can use the CLI now.
Page 19
Figure 1-6 Open the Run window Type cmd in the prompt Run window as figure 1-7 and click OK. Figure 1-7 Run Window Type telnet 192.168.0.1 in the command prompt shown as figure1-8, and press the Enter button. Figure 1-8 Connecting to the Switch...
Type the User name and Password (the factory default value for both of them is admin) and press the Enter button, then you can use the CLI now, which is shown as figure1-9. Figure 1-9 Log in the Switch 1.2 CLI Command Modes The CLI is divided into different command modes: User EXEC Mode, Privileged EXEC Mode, Global Configuration Mode, Interface Configuration Mode and VLAN Database (VLAN Configuration Mode).
Page 21
(except that the switch is User EXEC the switch. connected through the Console port). TP-LINK> Mode Use the enable command to access Privileged EXEC mode. enable Use the exit command to disconnect command to enter...
a). Interface Ethernet: Configure parameters for an Ethernet port, such as Duplex-mode, flow control status. b). Interface range Ethernet: The commands contained are the same as that of the Interface Ethernet. Configure parameters for several Ethernet ports. c). Interface link-aggregation: Configure parameters for a link-aggregation, such as broadcast storm.
Items in braces { } are required Alternative items are grouped in braces and separated by vertical bars. For example: speed {10 | 100 | 1000 } Bold indicates an unalterable keyword. For example: show logging Normal Font indicates a constant (several options are enumerated and only one can be ...
—— super password , which contains 16 characters at most, composing digits, English letters and underdashes only. By default, it is empty. Command Mode Global Configuration Mode Example Set the super password as admin to access Privileged EXEC Mode from User EXEC Mode: TP-LINK(config)# enable password admin...
EXEC Mode. Syntax disable Command Mode Privileged EXEC Mode Example Return to User EXEC Mode from Privileged EXEC Mode: TP-LINK# disable TP-LINK> configure Description The configure command is used to access Global Configuration Mode from Privileged EXEC Mode. Syntax configure...
Command Mode Any Configuration Mode Example Return to Global Configuration Mode from Interface Configuration Mode, and then return to Privileged EXEC Mode: TP-LINK(config-if)# exit TP-LINK(config)#exit TP-LINK# Description The end command is used to return to Privileged EXEC Mode. Syntax Command Mode...
Syntax vlan database Command Mode Global Configuration Mode Example Access VLAN Configuration Mode: TP-LINK(config)# vlan database TP-LINK(config-vlan)# vlan Description The vlan command is used to create IEEE 802.1Q VLAN. To delete the IEEE 802.1Q VLAN, please use no vlan command.
——VLAN ID, ranging from 1 to 4094. Command Mode Global Configuration Mode Example Configure the VLAN2: TP-LINK(config)# interface vlan 2 TP-LINK(config-if)# description Description The description command is used to assign a description string to a VLAN. To clear the description, please use no description command.
Example Specify the description string of the VLAN 2 as “vlan2”: TP-LINK(config)# interface vlan 2 TP-LINK(config-if)#description vlan2 switchport type Description The switchport type command is used to configure the Link Types for the ports. Syntax switchport type { access | trunk | general } Parameter access | trunk | general ——...
Example Add port 2 to IEEE 802.1Q VLAN: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# switchport allowed vlan add 2 switchport pvid Description The switchport pvid command is used to configure the PVID for the switch ports. Syntax switchport pvid vlan-id Parameter vlan-id ——...
Specify the egress-rule of port 2 in vlan 3 as tagged: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# switchport general egress-rule 3 tagged show vlan Description The show vlan command is used to display the information of IEEE 802.1Q VLAN . Syntax...
Global Configuration Mode Example Create a Protocol VLAN template named “arp” whose Ethernet protocol type is 0806 and delete the Protocol template whose number is 2: TP-LINK(config)# protocol-vlan template add arp 0806 TP-LINK(config)# protocol-vlan template remove 2 protocol-vlan vlan Description The protocol-vlan vlan command is used to create a Protocol VLAN entry.
Global Configuration Mode Example Create a Protocol VLAN entry, whose index is 1 and vid is 2. And then delete the Protocol VLAN entry whose number is 1: TP-LINK(config)# protocol-vlan vlan 2 template 1 TP-LINK(config)# no protocol-vlan vlan 1 protocol-vlan interface Description The protocol-vlan interface command is used to enable the Protocol VLAN feature for a specified port.
Command Mode Any Configuration Mode Example Display the information of the Protocol VLAN templates: TP-LINK(config)# show protocol-vlan template show protocol-vlan vlan Description The show protocol-vlan vlan command is used to display the information about Protocol VLAN entry.
Page 35
Example Display the configuration of the protocol-vlan interface: TP-LINK(config)# show protocol-vlan interface...
Command Mode Global Configuration Mode Example Enable the VLAN-VPN function globally: TP-LINK(config)# vlan-vpn enable vlan-vpn tpid Description The vlan-vpn tpid command is used to configure Global TPID of the VLAN-VPN. To restore to the default value, please use the no vlan-vpn tpid command.
Command Mode Global Configuration Mode Example Configure Global TPID of the VLAN-VPN as 8200: TP-LINK(config)# vlan-vpn tpid 8200 vlan-vpn interface Description The vlan-vpn interface command is used to enable the VLAN VPN feature for a specified port. To disable the VLAN VPN feature of this port, please use the no vlan-vpn interface command.
Command Mode Global Configuration Mode Example Configure the ports 1, 3-5, and 8-10 as the VPN Up-link ports: TP-LINK(config)# vlan-vpn uplink 1,3-5,8-10 show vlan-vpn global Description The show vlan-vpn global command is used to display the global configuration information of the VLAN VPN.
Example Display the configuration information of the VLAN VPN Up-link ports: TP-LINK(config)# show vlan-vpn uplink show vlan-vpn interface Description The show vlan-vpn interface command is used to display the VLAN VPN port enable state. Syntax show vlan-vpn interface Command Mode...
Command Mode Global Configuration Mode Example Enable the Voice VLAN function for VLAN 2: TP-LINK(config)# voice-vlan enable 2 voice-vlan aging-time Description The voice-vlan aging-time command is used to set the aging time for a voice VLAN. To restore to the default aging time for the Voice VLAN, please use no voice-vlan aging-time command.
By default, it is empty. Command Mode Global Configuration Mode Example Create a Voice VLAN OUI descripted as TP-LINK Phone with the MAC address 00:01:E3:00:00:01 and the mask address FF:FF:FF:00:00:00. And then delete the Voice VLAN OUI with the MAC address 00:00:00:11:00:01: TP-LINK(config)#...
Interface Configuration Mode(interface ethernet / interface range ethernet) Example Configure Ethernet port 2 to operate in the manual voice VLAN mode: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# switchport voice-vlan mode manual switchport voice-vlan security Description The switchport voice-vlan security command is used to configure the Voice VLAN security mode.
Command Mode Any Configuration Mode Example Display the configuration information of Voice VLAN globally: TP-LINK(config)# show voice-vlan global show voice-vlan oui Description The show voice-vlan oui command is used to display the configuration information of Voice VLAN OUI.
—— Ethernet port. By default, it will display the configuration information of all the ports in the Voice VLAN. Command Mode Any Configuration Mode Example Display the configuration information of all the ports in the Voice VLAN: TP-LINK(config)# show voice-vlan switchport...
Global Configuration Mode Example Create the Private VLAN as VLAN15 for primary VLAN and VLAN150 for secondary VLAN: TP-LINK(config)# private-vlan primary 15 secondary 150 switchport private-vlan Description The switchport private-vlan command is used to configure the private VLAN mode for the switchport. To remove the port from Private VLAN, please use no switchport private-vlan command.
Add promiscuous port10 in Private VLAN as VLAN15 for primary VLAN and VLAN150 for secondary VLAN: TP-LINK(config)# interface ethernet 10 TP-LINK(config-if)# switchport private-vlan promiscuous 15 150 show private-vlan Description The show private-vlan command is used to display the Private VLAN configured on the switch.
Page 47
Command Mode Any Configuration Mode Example Display the configuration information of all the ports in the Private VLAN: TP-LINK(config)# show private-vlan switchport...
Command Mode Global Configuration Mode Example Enable the GVRP function globally: TP-LINK(config)# gvrp gvrp (interface) Description The gvrp (interface) command is used to enable the GVRP function for the desired port. To disable the GVRP function of this port, please use no gvrp command.
Example Enable the GVRP function for ports 2-6: TP-LINK(config)# interface range ethernet 2-6 TP-LINK(config-if)# gvrp gvrp registration Description The gvrp registration command is used to configure the GVRP registration type on the desired port. To restore to the default value, please use no gvrp registration command.
Set the GARP leaveall timer of port 6 to 2000 centiseconds and restore to the join timer of it to the default value: TP-LINK(config)# interface ethernet 6 TP-LINK(config-if)# gvrp timer leaveall 2000 TP-LINK(config-if)# no gvrp timer join show gvrp global Description The show gvrp global command is used to display the global GVRP status.
TP-LINK(config)# show gvrp global show gvrp interface Description The show gvrp interface command is used to display the GVRP configuration information of the specified Ethernet ports. Syntax show gvrp interface [ethernet port-num] Parameter port-num ——The Ethernet port number. By default, the GVRP configuration information of all the Ethernet ports is displayed.
Command Mode Global Configuration Mode Example Access the Interface Link-aggregation Mode and configure the aggregation group 1: TP-LINK(config)# interface link-aggregation 1 TP-LINK(config-if)# interface range link-aggregation Description The interface range link-aggregation command is used to access the Interface range Link-aggregation Mode, and you can configure some aggregation groups at the same time.
Example Access the Interface range Link-aggregation Mode and configure the aggregation group 1, 4-6: TP-LINK(config)# interface range link-aggregation 1,4-6 TP-LINK(config-if)# link-aggregation Description The link-aggregation command is used to add the current Ethernet port to an aggregation group.
Command Mode Global Configuration Mode Example Configure the Aggregate Arithmetic for LAG as src_dst_mac: TP-LINK(config)# link-aggregation hash-algorithm src_dst_mac description Description The description command is used to set a description for an aggregation group. To remove the description of an aggregation group, please use no description command.
TP-LINK(config)# interface link-aggregation 1 TP-LINK(config-if)# description “movie server” show interface link-aggregation Description The show interface link-aggregation command is used to display the configuration information of the Aggregate Arithmetic and the aggregation groups. Syntax show interface link-aggregation [group-num] Parameter group-num ——The LAG number, ranging from1 to 14. By default, the LAG configuration information of all the Ethernet ports is displayed.
Command Mode Global Configuration Mode Example Set the system priority as1024: TP-LINK(config)# lacp system-priority 1024 lacp (interface) Description The lacp(interface) command is used to enable LACP protocol on the current port. To disable LACP protocol, please use no lacp command.
Command Mode Interface Configuration Mode(interface ethernet / interface range ethernet) Example Enable LACP protocol on the port 1: TP-LINK(config)# interface ethernet 1 TP-LINK(config-if)# lacp lacp admin-key Description The lacp admin-key command is used to configure the admin key. To restore to the default value, please use no lacp admin-key command.
Command Mode Interface Configuration Mode(interface ethernet / interface range ethernet) Example Set the port priority of port 1 to 1024: TP-LINK(config)# interface ethernet 1 TP-LINK(config-if)# lacp port-priority 1024 show lacp system-priority Description The show lacp system-priority command is used to display the global system priority value of LACP.
Page 59
Command Mode Any Configuration Mode Example Display the configuration information of all the Ethernet ports: TP-LINK(config)# show lacp interface...
Admin: edit, modify and view all the settings of different functions. disable | enable ——Enable/disable the user. Command Mode Global Configuration Mode Example Add and enable a new admin user named tplink, and of which the password is password: TP-LINK(config)#user add tplink password password confirm-password password admin enable...
The current user can't be modified by itself. Syntax user modify status user-name {disable | enable} Parameter user-name —— The existing user name. disable | enable ——Disable/enable the user. Command Mode Global Configuration Mode Example Enable the status of user “tp-link”: TP-LINK(config)# user modify status tplink enable...
| admin —— Access level. Guest: limited user; admin: manager. Command Mode Global Configuration Mode Example Change the access level of tplink to admin: TP-LINK(config)# user modify type tplink admin user modify password Description The user modify password command is used to modify the password for the existing user.
Example Modify the password of tplink as newpwd: TP-LINK(config)# user modify password tplink password newpwd newpwd user access-control disable Description The user access-control disable command is used to cancel the user access-control. Syntax user access-control disable Command Mode Global Configuration Mode...
00:00:13:0A:00:01: TP-LINK(config)# user access-control mac-based 00:00:13:0A:00:01 user access-control port-based Description The user access-control port-based command is used to limit the ports for login. Only the users connected to these ports you set here are allowed for login.
Example Enable the access-control of the ports 2, port4, port5, port6, and port10: TP-LINK(config)# user access-control port-based 2,4-6,10 user max-number Description The user max-number command is used to configure the number of the users logging on at the same time. To cancel the limit to the numbers of the users logging in, please use no user max-number command.
10. Command Mode Global Configuration Mode Example Configure the timeout time of the switch as 15 minutes: TP-LINK(config)# user idle-timeout 15 show user account-list Description The show user account-list command is used to display the information of the current users.
Page 67
Syntax show user configuration Command Mode Any Configuration Mode Example Display the security configuration information of the users: TP-LINK(config)# show user configuration...
Bind an ACL entry with the IP is 192.168.0.1, MAC is 00:00:00:00:00:01, VLAN ID is 2 and the Port number is 5 manually. And then enable the entry for the ARP detection and IP filter function: TP-LINK(config)# binding-table user-bind host1 192.168.0.1...
Command Mode Global Configuration Mode Example Delete the IP-MAC –VID-PORT entry with the index 5: TP-LINK(config)# binding-table remove index 5 dhcp-snooping Description The dhcp-snooping command is used to enable the DHCP-snooping function for the switch. To disable the DHCP-snooping function, please use no dhcp-snooping command.
5/10/15/20/25/30 (packet/second). By default, it is 5. Command Mode Global Configuration Mode Example Configure the Global Flow Control as 30pps, the Decline Threshold as 20 pps, and decline Flow Control as 20 pps for DHCP Snooping TP-LINK(config)# dhcp-snooping global global-rate 30 dec-threshold 20 dec-rate 20...
Command Mode Global Configuration Mode Example Enable the Option 82 function of DHCP Snooping: TP-LINK(config)# dhcp-snooping information enable dhcp-snooping information strategy Description The dhcp-snooping information strategy command is used to select the operation for the Option 82 field of the DHCP request packets from the Host. To restore to the default option, please use no dhcp-snooping information strategy command.
Example Replace the Option 82 field of the packets with the switch defined one and then send out: TP-LINK(config)# dhcp-snooping information strategy replace dhcp-snooping information user-defined Description The dhcp-snooping information user-defined command is used to permit users to define the Option 82. To disable the function, please use no dhcp-snooping information user-defined command.
Example Configure the sub-option Remote ID for the customized Option 82 as tplink: TP-LINK(config)# dhcp-snooping information remote-id tplink dhcp-snooping information circuit-id Description The dhcp-snooping information circuit-id command is used to configure the sub-option Circuit ID for the customized Option 82.
Example Configure the port 2 to be a Trusted Port: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# dhcp-snooping trusted dhcp-snooping mac-verify Description The dhcp-snooping mac-verify command is used to enable the MAC Verify feature. To disable the MAC Verify feature, please use no dhcp-snooping mac-verify command.
Command Mode Interface Configuration Mode(interface ethernet / interface range ethernet) Example Set the Flow Control of port 2 as 20 pps: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# dhcp-snooping rate-limit 20 dhcp-snooping decline Description The dhcp-snooping decline command is used to enable the Decline Protect feature.
Command Mode Any Configuration Mode Example Display the configuration of DHCP Snooping globally: TP-LINK(config)# show dhcp-snooping global show dhcp-snooping information Description The show dhcp-snooping information command is used to display the Option 82 configuration of DHCP Snooping.
Example Display the Option 82 configuration of DHCP Snooping: TP-LINK(config)# show dhcp-snooping information show dhcp-snooping interface Description The show dhcp-snooping interface command is used to display the interface configuration of DHCP Snooping. Syntax show dhcp snooping interface [ethernet port-num] Parameter port-num ——The number of the switch port.
Command Mode Global Configuration Mode Example Enable the ARP Detection function globally: TP-LINK(config)# arp detection arp detection trust-port Description The arp detection trust-port command is used to configure the port for which the ARP Detect function is unnecessary as the Trusted Port. To clear the Trusted Port list, please use no arp detection trust-port command .The...
Command Mode Global Configuration Mode Example Configure the ports 2-5, 11-15 as the Trusted Port: TP-LINK(config)# arp detection trust-port 2-5,11-15 arp detection (interface) Description The arp detection (interface) command is used to enable the ARP Defend function. To disable the arp detection function, please use no arp detection command.
Configure the maximum amount of the received ARP packets per second as 50 pps for the port 5: TP-LINK(config)# interface ethernet 5 TP-LINK(config-if)# arp detection limit-rate 50 arp detection recover Description The arp detection recover command is used to restore to the port to the ARP transmit status from the ARP filter status.
Command Mode Any Configuration Mode Example Display the ARP detection configuration globally: TP-LINK(config)# show arp detection global show arp detection interface Description The show arp detection interface command is used to display the interface configuration of ARP detection.
The show arp detection statistic reset command is used to clear the statistic of the illegal ARP packets received. Syntax show arp detection statistic reset Command Mode Global Configuration Mode Example Clear the statistic of the illegal ARP packets received: TP-LINK(config)# show arp detection statistic reset...
Enable the IP Source Guard function for the ports 5-10. Configure that only the packets with its source IP address, source MAC address and port number matched to the IP-MAC binding rules can be processed: TP-LINK(config)# interface range ethernet 5-10 TP-LINK(config-if)# ip source guard sip+mac...
Description The show ip source guard command is used to display the IP Source Guard configuration. Syntax show ip source guard [ethernet port] Command Mode Any Configuration Mode Example Display the IP Source Guard configuration: TP-LINK(config)# show ip source guard...
Command Mode Global Configuration Mode Example Enable the DoS defend function globally: TP-LINK(config)# dos-prevent dos-prevent type Description The dos-prevent type command is used to select the DoS Defend Type. To disable the corresponding Defend Type, please use no dos-prevent type command.
Global Configuration Mode Example Enable two DoS Defend Types named Xma Scan attack and Ping flooding attack: TP-LINK(config)# dos-prevent type xma-scan ping-flood show dos-prevent Description The show dos-prevent command is used to display the DoS information of the detected DoS attack, including enable/disable status, the DoS Defend Type, the count of the attack, etc.
Command Mode Global Configuration Mode Example Enable the IEEE 802.1X function: TP-LINK(config)# dot1x dot1x auth-method Description The dot1x auth-method command is used to configure the Authentication Method of IEEE 802.1X. To restore to the default 802.1x authentication method, please use no dot1x auth-method command.
Command Mode Global Configuration Mode Example Configure the Authentication Method of IEEE 802.1X as pap: TP-LINK(config)# dot1x auth-method pap dot1x guest-vlan Description The dot1x guest-vlan command is used to enable the Guest VLAN function globally. To disable the Guest VLAN function, please use no dot1x guest-vlan command.
Command Mode Global Configuration Mode Example Enable the quiet-period function: TP-LINK(config)# dot1x quiet-period dot1x timer Description The dot1x timer command is used to configure the Quiet Period and the SupplicantTimeout. To restore to the default, please use no dot1x timer command.
Example Configure the Quiet Period and the SupplicantTimeout as 12 seconds and 6 seconds: TP-LINK(config)# dot1x timer quiet-period 12 supp-timeout 6 dot1x retry Description The dot1x retry command is used to configure the maximum transfer times of the repeated authentication request. To restore to the default value, please use no dot1x retry command.
Command Mode Interface Configuration Mode(interface ethernet / interface range ethernet) Example Enable the IEEE 802.1X function for the port 1: TP-LINK(config)# interface ethernet 1 TP-LINK(config-if)# dot1x dot1x guest-vlan Description The dot1x guest-vlan command is used to enable the Guest VLAN function for a specified port.
Command Mode Interface Configuration Mode(interface ethernet / interface range ethernet) Example Configure the Control Mode for port 1 as authorized-force: TP-LINK(config)# interface ethernet 1 TP-LINK(config-if)# dot1x port-control authorized-force dot1x port-method Description The dot1x port-method command is used to configure the Control Type of IEEE 802.1X for the specified port.
Command Mode Global Configuration Mode Example Configure the IP of the authentication server as 10.20.1.100: TP-LINK(config)# radius authentication primary-ip 10.20.1.100 radius authentication secondary-ip Description The radius authentication secondary-ip command is used to configure the IP address of the alternate authentication server. To restore to the default...
Command Mode Global Configuration Mode Example Configure the IP address of the alternate authentication server as 10.20.1.101: TP-LINK(config)# radius authentication secondary-ip 10.20.1.101 radius authentication port Description The radius authentication port command is used to configure the authentication port of the alternate authentication server. To restore to the default value, please use no radius authentication port command.
Global Configuration Mode Example Configure the shared password for the switch and the authentication servers as tplink: TP-LINK(config)# radius authentication key tplink radius accounting enable Description The radius accounting enable command is used to enable the accounting feature. To disable the accounting feature, please use no radius accounting enable command.
Command Mode Global Configuration Mode Example Configure the IP address of the accounting server as 10.20.1.100: TP-LINK(config)# radius accounting primary-ip 10.20.1.100 radius accounting secondary-ip Description The radius accounting secondary-ip command is used to configure the IP address of the alternate accounting server. To restore to the default configuration, please use no radius accounting secondary-ip command.
Command Mode Global Configuration Mode Example Configure the IP address of the alternate accounting server as 10.20.1.101: TP-LINK(config)# radius accounting secondary-ip 10.20.1.101 radius accounting port Description The radius accounting port command is used to set the UDP port of accounting server(s). To restore to the default value, please use no radius accounting port.
Global Configuration Mode Example Configure the shared password for the switch and the accounting servers as tplink: TP-LINK(config)# radius accounting key tplink radius response-timeout Description The radius response-timeout command is used to configure the maximum time for the switch to wait for the response from the RADIUS authentication and the accounting server.
Syntax show dot1x global Command Mode Any configuration Mode Example Display the configuration of 801.X globally: TP-LINK(config)# show dot1x global show dot1x interface Description The show dot1x interface command is used to display the port configuration of 801.X. Syntax show dot1x interface [ ethernet port-num ] Parameter port-num ——The number of the Ethernet port.
Command Mode Any configuration Mode Example Display the configuration of the RADIUS authentication server: TP-LINK(config)# show radius authentication show radius accounting Description The show radius accounting command is used to display the configuration of the accounting server.
| enable —— Disable or enable the log buffer. By default, it is enabled. Command Mode Global Configuration Mode Example Enable the log buffer function and set the severity as 6: TP-LINK(config)# logging local buffer 6 enable logging local flash Description...
Command Mode Global Configuration Mode Example Enable the log file function and set the severity as 7: TP-LINK(config)# logging local flash 7 logging clear Description The logging clear command is used to clear the information in the log buffer and log file.
Global Configuration Mode Example Enable the log host 2 and set the IP address 192.168.0.148, the level 5: TP-LINK(config)# logging loghost index 2 192.168.0.148 5 enable show logging local-config Description The show logging local-config command is used to display the configuration...
Command Mode Any Configuration Mode Example Display the configuration of the log host 2: TP-LINK(config)# show logging loghost 2 show logging buffer Description The show logging buffer level command is used to display the log information in the log buffer according to the severity level.
Any Configuration Mode Example Display the log information from level 0 to level 5 in the log buffer: TP-LINK(config)# show logging buffer level 5 show logging flash Description The show logging flash level command is used to display the log information in the log file according to the severity level.
Command Mode Global Configuration Mode Example Enable the SSH function: TP-LINK(config)# ssh server enable ssh version Description The ssh version command is used to enable the SSH protocol version. To disable the protocol version, please use no ssh version command.
TP-LINK(config)# ssh version v2 ssh idle-timeout Description The ssh idle-timeout command is used to specify the idle-timeout time of SSH. To restore to the factory defaults, please use no ssh idle-timeout command. Syntax ssh idle-timeout value no ssh idle-timeout Parameter value ——...
Example Download a SSH-1 type key file named ssh-key from TFTP server with the IP Address 192.168.0.148: TP-LINK(config)# ssh download v1 ssh-key ip-address 192.168.0.148 show ssh Description The show ssh command is used to display the global configuration of SSH.
Command Mode Global Configuration Mode Example Enable the SSL function: TP-LINK(config)# ssl enable ssl download certificate Description The ssl download certificate command is used to download a certificate to the switch from TFTP server. Syntax...
Example Download a SSL Certificate named ssl-cert from TFTP server with the IP Address of 192.168.0.148: TP-LINK(config)# ssl download certificate ssl-cert ip-address 192.168.0.148 ssl download key Description The ssl download key command is used to download a SSL key to the switch from TFTP server.
Page 111
Example Display the global configuration of SSL: TP-LINK(config)# show ssl...
Chapter 20 Address Commands Address configuration can improve the network security by configuring the Port Security and maintaining the address information by managing the Address Table. bridge address port-security Description The bridge address port-security command is used to configure port security. To return to the default configuration, please use no bridge address port-security command.
—— The Port number of your desired entry. It ranges from 1 to 12. Command Mode Global Configuration Mode Example Add a static Mac address entry to bind the MAC address 00:02:58:4f:6c:23, VLAN1 and Port1 together: TP-LINK(config)# bridge address static mac 00:02:58:4f:6c:23 vid 1 port 1...
Command Mode Global Configuration Mode Example Configure the aging time as 500 seconds: TP-LINK(config)# bridge aging-time 500 bridge address filtering Description The bridge address filtering command is used to add the filtering address entry. To delete the corresponding entry, please use no bridge address filtering command.
Global Configuration Mode Example Add a filtering address entry whose VLAN ID is 1 and MAC address is 00:1e:4b:04:01:5d: TP-LINK(config)# bridge address filtering 00:1e:4b:04:01:5d 1 show bridge port-security Description The show bridge port-security command is used to configure the Port Security for each port, such as configure the Max number of MAC addressed that can be learned on the port and the Learn Mode.
Example Display the information of all Address entries: TP-LINK(config)# show bridge address all show bridge aging-time Description The show bridge aging-time command is used to display the Aging Time of the MAC address. Syntax show bridge aging-time Command Mode Any Configuration Mode...
—— Contact Information. It consists of 32 characters at most. By default, it is empty. Command Mode Global Configuration Mode Example Configure the System Contact as www.tp-link.com: TP-LINK(config)# system-descript contact-info www.tp-link.com system-time gmt Description The system-time gmt command is used to configure the time zone and the IP Address for the NTP Server.
Example Configure the system time mode as gmt, the time zone is -12, the primary ntp server is 133.100.9.2 and the secondary ntp server is 139.78.100.163: TP-LINK(config)# system-time gmt -12 133.100.9.2 139.78.100.163 system-time manual Description The system-time manual command is used to configure the system time manually.
Global Configuration Mode Example Configure the dst, dst is from April 1 00:00 to November 1 23:00. TP-LINK(config)# system-time dst 04/01 00:00 11/01 23:00 ip address Description The ip address command is used to configure the IP Address, Subnet Mask and Default Gateway.
Command Mode Global Configuration Mode Example Set the VLAN6 as IP management VLAN: TP-LINK(config)# ip management-vlan 6 ip dhcp-alloc Description The ip dhcp-alloc command is used to enable the DHCP Client function. When this function is enabled, the switch will obtain IP from DHCP Client server.
Command Mode Global Configuration Mode Example Enable the BOOTP Protocol to obtain IP address from BOOTP Server: TP-LINK(config)# ip bootp-alloc reset Description The reset command is used to reset the switch’s software. After resetting, all configuration of the switch will restore to the factory defaults and your current settings will be lost.
Privileged EXEC Mode Example Backup the configuration files by TFTP server with the IP 192.168.0.148 and name this file config.cfg: TP-LINK# user-config backup filename config.cfg ip-address 192.168.0.148 user-config load Description The user-config load command is used to download the configuration file to the switch by TFTP server.
TP-LINK# user-config load filename config.cfg ip-address 192.168.0.148 user-config save Description The user-config save command is used to save current settings. Syntax user-config save Command Mode Privileged EXEC Mode Example Save current settings: TP-LINK# user-config save firmware upgrade Description The firmware upgrade command is used to upgrade the switch system via the TFTP server.
192.168.0.131, please specify the count (-l) as 512 bytes and count (-i) as 1000 milliseconds. If there is not any response after 8 times’ Ping test, the connection between the switch and the network device is failed to establish: TP-LINK# ping 192.168.0.131 –n 8 –l 512 tracert Description The tracert command is used to test the connectivity of the gateways during its journey from the source to destination of the test data.
192.168.0.131. If the destination device has not been found after 20 maxHops, the connection between the switch and the destination device is failed to establish: TP-LINK# tracert 192.168.0.131 20 loopback Description The loopback command is used to test whether the port is available or not.
Syntax show ip address Command Mode Any Configuration Mode Example Display the IP Address of the system TP-LINK# show ip address show system-time Description The show system-time command is used to display the time information of the switch. Syntax show system-time...
Command Mode Any Configuration Mode Example Display the DST time information of the switch TP-LINK# show system-time dst show system-time source Description The show system-time source command is used to display the time source of the switch.
Command Mode Global Configuration Mode Example Enter the Interface Configuration Mode and configure Ethernet port2: TP-LINK(config)# interface ethernet 2 interface range ethernet Description The interface range ethernet command is used to enter the Interface Configuration Mode and configure multiple Ethernet ports at the same time.
Example Enter the Interface Configuration Mode, add ports 1-3, 6-9 to the port-list and configure them: TP-LINK(config)# interface range ethernet 1-3,6-9 description Description The description command is used to add a description to the Ethernet port. To clear the description of the corresponding port, please use no description command.
Command Mode Interface Configuration Mode(interface ethernet / interface range ethernet) Example Disable Ethernet port3: TP-LINK(config)# interface ethernet 3 TP-LINK(config-if)# shutdown flow-control Description The flow-control command is used to enable the flow-control function for a port. To disable the flow-control function for this corresponding port, please use no flow-control command.
Command Mode Interface Configuration Mode(interface ethernet / interface range ethernet) Example Configure the Negotiation Mode as 100M full-duplex for Ethernet port5: TP-LINK(config)# interface ethernet 5 TP-LINK(config-if)# negotiation 100f storm-control Description The storm-control command is used to configure the Storm Control function.
Interface Configuration Mode(interface ethernet / interface range ethernet) Example Configure the ingress-rate as 1Mbps and egress-rate as 10Mbps for port5: TP-LINK(config)# interface ethernet 5 TP-LINK(config-if)# port rate-limit ingress 1024 egress 10240 port rate-limit disable ingress Description The port rate-limit disable ingress command is used to disable the ingress-rate limit.
Interface Configuration Mode(interface ethernet / interface range ethernet) Example Disable the ingress-rate limit for port5: TP-LINK(config)# interface ethernet 5 TP-LINK(config-if)# port rate-limit disable ingress port rate-limit disable egress Description The port rate-limit disable egress command is used to disable the egress-rate limit.
Example Display the configurations of port5: TP-LINK# show interface configuration ethernet 5 show interface status Description The show interface status command is used to display the connective-status of an Ethernet port. Syntax show interface status ethernet [interface] Parameter Interface —— The port selected to display the connective-status. By default, the connective-status of all ports is displayed.
By default, the storm-control information of all ports is displayed. Command Mode Any Configuration Mode Example Display the storm-control information of all Ethernet ports: TP-LINK(config)# show storm-control ethernet show port rate-limit Description The show port rate-limit command is used to display the rate-limit information of an Ethernet port.
CoS value of the ingress port and the mapping relation between the CoS and TC in IEEE 802.1P. Example Configure the priority of port 5 as 3: TP-LINK(config)# interface ethernet 5 TP-LINK(config-if)# qos 3 qos dot1p enable Description The qos dot1p enable command is used to enable the mapping relation between IEEE 802.1P Priority and Egress Queue.
Command Mode Global Configuration Mode Example Enable the mapping relation between IEEE 802.1P Priority and Egress Queue: TP-LINK(config)# qos dot1p enable qos dot1p config Description The qos dot1p config command is used to configure the mapping relation between IEEE 802.1P Priority and Egress Queue. To return to the default configuration, please use no qos dot1p config command.
Example Map tag value 0 to TC3: TP-LINK(config)# qos dot1p config 0 3 qos dscp enable Description The qos dscp enable command is used to enable the mapping relation between DSCP Priority and Egress Queue. To disable the mapping relation, please use no qos dscp enable command.
Among the priority levels TC0-TC3, the bigger value, the higher priority. Example Map DSCP values 10,11,15 to TC0: TP-LINK(config)# qos dscp config 10,11,15 0 qos scheduler Description The qos scheduler command is used to configure the Schedule Mode. To return to the default configuration, please use no qos scheduler command.
[interface-num] Parameter interface-num —— The Ethernet port selected to display the configuration. By default, information of all the ports is displayed. Command Mode Any Configuration Mode Example Display the configuration of QoS for port 5: TP-LINK# show qos port-based 5...
Syntax show qos dot1p Command Mode Any Configuration Mode Example Display the configuration of IEEE 802.1P Priority: TP-LINK# show qos dot1p show qos dscp Description The show qos dscp command is used to display the configuration of DSCP Priority. Syntax...
Page 142
Example Display the schedule rule of the egress queues: TP-LINK# show qos scheduler...
Chapter 24 Port Mirror Commands Port Mirror refers to the process of forwarding copies of packets from one port to a mirroring port. Usually, the mirroring port is connected to data diagnose device, which is used to analyze the mirrored packets for monitoring and troubleshooting the network. mirror add Description The mirror add command is used to configure Port Mirror function, to create a...
TP-LINK(config)# mirror add 2,5-7,9 10 ingress 1 mirror remove mirrored Description The mirror remove mirrored command is used to remove mirrored ports from a mirror group. Syntax mirror remove mirrored port-list group-num Parameter port-list —— List of mirrored port.
Description The show mirror command is used to display the configuration of port monitoring. Syntax show mirror [group-num] Command Mode Any Configuration Mode Example Display current port monitoring configuration: TP-LINK# show mirror...
Command Mode Interface Configuration Mode Example Configure port 1 and port 2 can only forward packets to port 6 and port 13: TP-LINK(config)# interface range ethernet 1-2 TP-LINK(config-if)# port isolation 6,13 show port isolation Description The show port isolation command is used to display the forward portlist of a port.
Page 147
Example Display the forward-list of port 6: TP-LINK# show port isolation 6...
Chapter 26 ACL Commands ACL (Access Control List) is used to filter data packets by configuring a series of match conditions, operations and time ranges. It provides a flexible and secured access control policy and facilitates you to control the network security. acl time-segment Description The acl time-segment command is used to add Time-Range.
Command Mode Global Configuration Mode Example Add a time-range named tSeg1, with time from 8:30 to 12:00 at working day: TP-LINK(config)# acl time-segment tSeg1 start-time 08:30 end-time 12:00 week-day working-day acl edit time-segment Description The acl edit time-segment command is used to edit Time-Range.
TP-LINK(config)# acl edit time-segment tSeg1 start-time 08:30 end-time 12:00 week-day working-day acl holiday Description The acl holiday command is used to create holiday in Holiday Mode in the acl time-segment command. To delete the corresponding holiday, please use no acl holiday command.
Command Mode Global Configuration Mode Example Create a MAC ACL whose ID is 20: TP-LINK(config)# acl create 20 acl rule mac-acl Description The acl rule mac-acl command is used to add MAC ACL rule. To delete the corresponding rule, please use no acl rule mac-acl command. MAC ACLs...
TP-LINK(config)# acl create 20 TP-LINK(config)# acl rule mac-acl 20 10 op permit smac 00:01:3F:48:16:23 smask 11:11:11:11:11:00 vid 2 pri 5 tseg tSeg1 acl edit rule mac-acl Description The acl edit rule mac-acl command is used to edit MAC ACL rule.
11:11:11:11:11:00, VLAN ID is 2, the user priority is 5, the time-range for the rule to take effect is tSeg1, and the packets match this rule will be forwarded by the switch: TP-LINK(config)# acl edit rule mac-acl 20 10 op permit smac 00:01:3F:48:16:23 smask 11:11:11:11:11:00 vid 2 pri 5 tseg tSeg1 acl rule std-acl Description The acl rule std-acl command is used to add Standard-IP ACL rule.
255.255.255.0, the time-range for the rule to take effect is tSeg1, and the packets match this rule will be forwarded by the switch: TP-LINK(config)# acl create 120 TP-LINK(config)# acl rule std-acl 120 10 op permit dip 192.168.0.100 dmask 255.255.255.0 tseg tSeg1 acl edit rule std-acl Description The acl rule std-acl command is used to edit Standard-IP ACL rule.
255.255.255.0, the time-range for the rule to take effect is tSeg1, and the packets match this rule will be forwarded by the switch: TP-LINK(config)# acl edit rule std-acl 120 10 op permit dip 192.168.0.100 dmask 255.255.255.0 tseg tSeg1 acl policy policy-add Description The acl policy policy-add command is used to add Policy.
Command Mode Global Configuration Mode Example Add a Policy named policy1: TP-LINK(config)# acl policy policy-add policy1 acl policy action-add Description The acl policy action-add command is used to add ACLs and create actions for the policy. To delete the corresponding actions, please use no acl policy action-add command.
Command Mode Global Configuration Mode Example Bind policy1 to Port 1: TP-LINK(config)# acl bind to-port policy1 1 acl bind to-vlan Description The acl bind to-vlan command is used to bind a policy to a VLAN. To cancel the bind relation, please use no policy to-vlan command.
Syntax show acl config acl-id Parameter acl-id —— The ID of the ACL selected to display the configuration. Command Mode Any Configuration Mode Example Display the configuration of the MAC ACL whose ID is 20: TP-LINK> show acl config 20...
Description The show acl bind command is used to display the configuration of Policy bind. Syntax show acl bind Command Mode Any Configuration Mode Example Display the configuration of Policy bind: TP-LINK> show acl bind...
Chapter 27 MSTP Commands MSTP (Multiple Spanning Tree Protocol), compatible with both STP and RSTP and subject to IEEE 802.1s, can disbranch a ring network. STP is to block redundant links and backup links as well as optimize paths. spanning-tree global Description The spanning-tree global command is used to configure STP globally.
4096, Hello Time as 4 seconds, Max Age as 10 seconds, Forward Delay as 10 seconds, TxHold Count as 8pps and Max Hops as 15 hops: TP-LINK(config)# spanning-tree global status enable mode mstp cist 4096 htime 4 mage 10 delay 10 hcount 8 mhop 15...
Enable the STP function of port 1, and configure the Port Priority as 64, ExtPath Cost as 100, IntPath Cost as 100, and then enable Edge Port: TP-LINK(config)# interface ethernet 1 TP-LINK(config-if)# spanning-tree common-config status enable pri 64 expath 100 inpath 100 edge enable spanning-tree region Description The spanning-tree region command is used to configure the region of MSTP.
Command Mode Global Configuration Mode Example Configure the region name of MSTP as r1, and the revision level as 100: TP-LINK(config)# spanning-tree region r1 100 spanning-tree msti Description The spanning-tree msti command is used to configure MSTP Instance. To return to the default configuration of the corresponding Instance, please use no spanning-tree msti command.
Example Enable Instance 1, add VLAN 2, 3, 4, 5, 8 for it, and configure MSTI Priority as 4096: TP-LINK(config)# spanning-tree msti 1 status enable pri 4096 mapped 2-5,8 spanning-tree msti Description The spanning-tree msti command is used to configure MSTP Instance Port. To return to the default configuration of the corresponding Instance Port, please use no spanning-tree msti command.
Command Mode Global Configuration Mode Example Configure TC Threshold as 30 packets, and TC Protect Cycle as 10 seconds: TP-LINK(config)# spanning-tree tc-defend threshold 30 period 10 spanning-tree security Description The spanning-tree security command is used to configure MSTP Port Protect.
Example Enable Loop Protect, Root Protect, TC Protect, BPDU Protect, and BPDU Filter for port 2: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# spanning-tree security loop enable root enable TC enable defend enable hold enable spanning-tree mcheck Description The spanning-tree mcheck command is used to enable MCheck.
Command Mode Any Configuration Mode Example Display the current status of Spanning Tree: TP-LINK# show spanning-tree global-info show spanning-tree global-config Description The show spanning-tree global-config command is used to display the global configuration of Spanning Tree. Syntax...
Command Mode Any Configuration Mode Example Display the configuration of port 5: TP-LINK(config)# show spanning-tree port-config 5 show spanning-tree region Description The show spanning-tree region command is used to display the Region configuration of MSTP.
Command Mode Any Configuration Mode Example Display the configuration of port 5 in Instance 1: TP-LINK(config)# show spanning-tree msti port 1 5 show spanning-tree security tc-defend Description The show spanning-tree security tc-defend command is used to display TC Threshold and TC Protect Cycle of Spanning Tree.
—— The port selected to display the configuration. By default, the Port Protect configuration of all ports is displayed. Command Mode Any Configuration Mode Example Display the Port Protect configuration of port 2: TP-LINK(config)# show spanning-tree security port-defend 2...
Command Mode Global Configuration Mode Example Enable IGMP Snooping function, and specify the operation to process unknown multicast as discard: TP-LINK(config)# igmp-snooping global status enable unknown-packet discard igmp-snooping config Description The igmp-snooping config status command is used to configure IGMP Snooping and Fast Leave function for port.
Interface Configuration Mode(interface ethernet / interface range ethernet) Example Enable IGMP Snooping and Fast Leave function for port 5: TP-LINK(config)# interface ethernet 5 TP-LINK(config-if)# igmp-snooping config status enable fast-leave enable igmp-snooping vlan-config-add Description The igmp-snooping vlan-config-add command is used to configure IGMP Snooping parameters for individual VLANs.
Enable IGMP Snooping for VLAN 1, and configure Router Port Time as 200 seconds, Member Port Time as 100 seconds, Leave time as 10 seconds and Static Router Port as port 1: TP-LINK(config)# igmp-snooping vlan-config-add 1 rtime 200 mtime 100 ltime 10 rport 1 igmp-snooping vlan-config...
Example Modify Router Port Time as 300 seconds, Member Port Time as 200 seconds, and Leave time as 15 seconds for VLAN 1: TP-LINK(config)# igmp-snooping vlan-config 1 rtime 300 mtime 200 ltime 15 igmp-snooping multi-vlan-config Description The igmp-snooping multi-vlan-config command is used to create Multicast VLAN.
Example Enable Multicast VLAN, and configure Router Port Time as 300 seconds, Member Port Time as 200 seconds, and Leave time as 15 seconds for VLAN 2: TP-LINK(config)# igmp-snooping multi-vlan-config enable 2 rtime 300 mtime 200 ltime 15 igmp-snooping static-entry-add...
Example Add static multicast IP address 225.0.0.1, which correspond to VLAN 2, and configure the forward port as port 1: TP-LINK(config)# igmp-snooping static-entry-add 225.0.0.1 2 1 igmp-snooping filter-add Description The igmp-snooping filter-add command is used to configure the multicast IP-range desired to filter. To delete the corresponding IP-range, please use no igmp-snooping filter-add command.
Command Mode Global Configuration Mode Example Modify the multicast IP-range whose ID is 20 as 225.0.0.10~225.0.0.12: TP-LINK(config)# igmp-snooping filter-config 20 225.0.0.10 225.0.0.12 igmp-snooping filter Description The igmp-snooping filter command is used to configure Port Filter. To return to the default configuration, please use no igmp-snooping filter command. When...
IP-range 2, 3, 4, and specify the maximum number of multicast groups for port 5 to join in as 128: TP-LINK(config)# interface ethernet 5 TP-LINK(config-if)# igmp-snooping filter status enable mode accept addr-id 2-4 maxgroup 128 show igmp-snooping global-config Description The show igmp-snooping global-config command is used to display the global configuration of IGMP.
Command Mode Any Configuration Mode Example Display the IGMP configuration of port 2: TP-LINK> show igmp-snooping port-config 2 show igmp-snooping vlan-config Description The show igmp-snooping vlan-config command is used to display the VLAN configuration of IGMP. Syntax show igmp-snooping vlan-config...
Syntax show igmp-snooping multi-ip-list Command Mode Any Configuration Mode Example Display the Multicast IP table: TP-LINK> show igmp-snooping multi-ip-list show igmp-snooping filter-ip-addr Description The show igmp-snooping filter-ip-addr command is used to display the Multicast Filter IP-Range table. Syntax show igmp-snooping filter-ip-addr...
By default, the configuration of all ports is displayed. Command Mode Any Configuration Mode Example Display the Multicast Filter configuration of port 5: TP-LINK> show igmp-snooping port-filter 5 show igmp-snooping packet-stat Description The show igmp-snooping packet-stat command is used to display the Packet Statistics information of all ports.
64 hexadecimal characters, which must be even number meanwhile. Command Mode Global Configuration Mode Example Enable the SNMP function, and specify the Local Engine ID as 1234567890, the Remote Engine ID as 123456abcdef: TP-LINK(config)# snmp global status enable engine-id 1234567890 remote-id 123456abcdef...
Example Add a View named view1, configuring the OID as 1.3.6.1.6.3.20, and this OID can be managed by the SNMP management station: TP-LINK(config)# snmp view-add view1 1.3.6.1.6.3.20 include snmp group-add Description The snmp group-add command is used to manage and configure the SNMP group.
Page 185
Add group 1, configure its Security Model as SNMP v2c, view1 can be read and edited by group member, and the trap messages sent by view2 can be received by Management station: TP-LINK(config)# snmp group-add group1 smode v2c ro view1 wo view1 notify view2...
snmp user-add Description The snmp user-add command is used to add User. To delete the corresponding User, please use no snmp user-add command. The User in a SNMP Group can manage the switch via the management station software. The User and its Group have the same security level and access right. Syntax snmp user-add {name} { local | remote } {group-name} [smode { v1 | v2c | v3 }] [slev { noAuthNoPriv | authNoPriv | authPriv }] [cmode { none | MD5 | SHA }]...
MD5, the Authentication Password as 11111, the Privacy Mode as DES, and the Privacy Password as 22222: TP-LINK(config)# snmp user-add admin local group2 smode v3 slev authPriv cmode MD5 cpwd 11111 emode DES epwd 22222 snmp community-add Description The snmp community-add command is used to add Community.
snmp notify-add Description The snmp notify-add command is used to add Notification. To delete the corresponding Notification, please use no snmp notify-add command. With the Notification function enabled, the switch can initiatively report to the management station about the important events that occur on the Views, which allows the management station to monitor and process the events in time.
Security Model of the management station as v2c, the type of the notifications as inform, the maximum time for the switch to wait as 1000 seconds, and the resending time as 100: TP-LINK(config)# snmp notify-add 192.168.0.1 162 admin smode v2c type inform resend 100 timeout 1000 snmp-rmon history sample-cfg...
TP-LINK(config)# snmp-rmon history sample-cfg 1-3 1 100 snmp-rmon history owner Description The snmp-rmon history owner command is used to configure the owner of the history sample entry. To return to the default configuration, please use no snmp-rmon history owner command.
Command Mode Global Configuration Mode Example Configure the user name of entry 1 as user1: TP-LINK(config)# snmp-rmon event user 1 user1 snmp-rmon event description Description The snmp-rmon event description command is used to configure the description of SNMP-RMON Event. To return to the default configuration, please...
Command Mode Global Configuration Mode Example Configure the description of entry 1 as description1: TP-LINK(config)# snmp-rmon event description 1 description1 snmp-rmon event type Description The snmp-rmon event type command is used to configure the type of SNMP-RMON Event. To return to the default configuration, please use no snmp-rmon event type command.
Command Mode Global Configuration Mode Example Configure the owner of entry 1 as owner1: TP-LINK(config)# snmp-rmon event owner 1 owner1 snmp-rmon event enable Description The snmp-rmon event enable command is used to enable SNMP-RMON Event entry. To disable the corresponding entry, please use no snmp-rmon event enable command.
Example Enable the SNMP-RMON Event entries 1,2,3,4 and 8: TP-LINK(config)# snmp-rmon event enable 1-4,8 snmp-rmon alarm config Description The snmp-rmon alarm config command is used to configure SNMP-RMON Alarm Management. To return to the default configuration, please use no snmp-rmon alarm config command. Alarm Group is one of the commonly used RMON Groups.
Global Configuration Mode Example Configure the alarm interval time of the entries 1, 2, 3 and 6 as 1000 seconds: TP-LINK(config)# snmp-rmon alarm config 1-3,6 interval 1000 snmp-rmon alarm owner Description The snmp-rmon alarm owner command is used to configure the owner of the Alarm Management entry.
Example Configure the owner of entry 1 as owner1: TP-LINK(config)# snmp-rmon alarm owner 1 owner1 snmp-rmon alarm enable Description The snmp-rmon alarm enable command is used to enable SNMP-RMON Alarm Management entry. To disable the corresponding entry, please use no snmp-rmon alarm enable command.
Syntax show snmp view Command Mode Any Configuration Mode Example Display the View table: TP-LINK> show snmp view show snmp group Description The show snmp group command is used to display the Group table. Syntax show snmp group Command Mode...
TP-LINK> show snmp user show snmp community Description The show snmp community command is used to display the Community table. Syntax show snmp community Command Mode Any Configuration Mode Example Display the Community table: TP-LINK> show snmp community show snmp destination-host...
Command Mode Any Configuration Mode Example Display the Event configuration of entry 2: TP-LINK> show snmp-rmon event 2 show snmp-rmon alarm Description The show snmp-rmon alarm command is used to display the configuration of the Alarm Management entry.
Page 200
1 to 12. You can only select one entry for each command. By default, the configuration of all entries is displayed. Command Mode Any Configuration Mode Example Display the configuration of all Alarm Management entries: TP-LINK> show snmp-rmon alarm...
Time ranges from 5 to 254 in seconds. By default, it is 60. Command Mode Global Configuration Mode Example Enable NDP function globally, and configure Aging Time as 120 seconds, Hello Time as 50 seconds: TP-LINK(config)# cluster ndp status enable aging-timer 120 hello-timer 50...
Enable NTDP function globally, and specify NTDP Interval Time as 20 minutes, NTDP Hops as 5, NTDP Hop Delay as 300 milliseconds, and NTDP Port Delay as 50 milliseconds: TP-LINK(config)# cluster ntdp status enable interval 20 hop 5 hop-delay 300 port-delay 50...
—— Enable/ Disable NTDP function for the port. By default, it is enabled. Command Mode Interface Configuration Mode(interface ethernet / interface range ethernet) Example Enable NDP and NTDP function for port 5: TP-LINK(config)# interface ethernet 5 TP-LINK(config-if)# cluster ndp enable ntdp enable...
Example Specify the current switch as commander switch, create cluster c1, and configure the cluster IP address pool as 10.90.90.1~10.90.90.254: TP-LINK(config)# cluster create c1 10.90.90.10 255.255.255.0 cluster manage config Description The cluster manage config command is used to configure Cluster.
Global Configuration Mode Example Specify the Hold Time and Interval Time of cluster c1 as 50 seconds: TP-LINK(config)# cluster manage config c1 50 50 cluster manage member Description The cluster manage member command is used to add member switch. To delete the corresponding member, please use no cluster manage member command.
Command Mode Global Configuration Mode Example Change the role of the current switch to Commander Switch: TP-LINK(config)# cluster manage role-change candidate show cluster ndp global Description The show cluster ndp global command is used to display the global configuration of NDP.
Command Mode Any Configuration Mode Example Display the NDP configuration of port 2: TP-LINK> show cluster ndp port-status 2 show cluster neighbour Description The show cluster neighbour command is used to display the cluster neighbor information.
Command Mode Any Configuration Mode Example Display the NTDP configuration of port 2: TP-LINK> show cluster ntdp port-status 2 show cluster ntdp device Description The show cluster ntdp device command is used to display the device table of NTDP.
Command Mode Any Configuration Mode Example Display the global configuration of Cluster: TP-LINK> show cluster manage config show cluster manage member Description The show cluster manage member command is used to display the member information. Syntax...
Command Mode Global Configuration Mode Example Enable lldp function globally: TP-LINK(config)# lldp enable lldp hold-multiplier Description The lldp hold-multiplier command is used to configure the Hold Multiplier parameter. The aging time of the local information in the neighbor device is determined by the actual TTL value used in the sending LLDPDU.
Command Mode Global Configuration Mode Example Specify Hold Multiplier as 5: TP-LINK(config)# lldp hold-multiplier 5 lldp timer Description The lldp timer command is used to configure the parameters about transmission. To return to the default configuration, please use no lldp timer command.
Global Configuration Mode Example Specify the Transmit Interval of LLDPDU as 45 seconds and Trap message to NMS as 120 seconds: TP-LINK(config)# lldp timer tx-interval 45 TP-LINK(config)# lldp timer notify-interval 120 lldp admin-status Description The lldp admin-status command is used to configure the port’s LLDP operating mode.
Command Mode Interface Configuration Mode(interface ethernet / interface range ethernet) Example Enable the ports' SNMP notification for port8: TP-LINK(config)# interface ethernet 8 TP-LINK(config-if)# lldp snmp-trap lldp tlv-select Description The lldp tlv-select command is used to configure TLVs to be included in outgoing LLDPDU.
TP-LINK(config)# interface ethernet 8 TP-LINK(config-if)# no lldp tlv-select management-address port-vlan-id show lldp global Description The show lldp global command is used to display the global configuration of LLDP. Syntax show lldp global Command Mode Any Configuration Mode Example Display the global configuration of LLDP: TP-LINK>...
—— The port selected to display the information of LLDP. Command Mode Any Configuration Mode Example Display the LLDP information of port 8: TP-LINK> show lldp local-information 8 show lldp neighbor-information Description The show lldp neighbor-information command is used to display the neighbor information of the certain port.
Page 216
Syntax show lldp statistics [port] Parameter port —— The port selected to display the neighbor information. Command Mode Any Configuration Mode Example Display the LLDP statistic information of port 8: TP-LINK> show lldp statistics 8...