1. Manuals
  2. Brands
  3. Accton Technology Manuals
  4. Switch
  5. VS4512DC
  6. Management manual

Accton Technology VS4512DC Management Manual

Vdsl switch (with ac power connector) supporting 12 vdsl lines, with 2 slots for optional 1000base-sx, 1000base-lx, 1000base-t or 1000base-x gbic uplink modules
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
VDSL Switch-VS4512
VDSL Switch-VS4512DC
Management Guide

Advertisement

Table of Contents
loading

Related Manuals for Accton Technology VS4512DC

Summary of Contents for Accton Technology VS4512DC

  • Page 1 VDSL Switch-VS4512 VDSL Switch-VS4512DC Management Guide...
  • Page 3 Management Guide VDSL Switch-V4512 VDSL Switch (with AC power connector) supporting 12 VDSL lines, with 2 Slots for Optional 1000BASE-SX, 1000BASE-LX, 1000BASE-T or 1000BASE-X GBIC uplink modules VDSL Switch-VS4512DC VDSL Switch (with DC power connector) supporting 12 VDSL lines, with 2 Slots for Optional 1000BASE-SX, 1000BASE-LX, 1000BASE-T or 1000BASE-X GBIC uplink modules...
  • Page 4 Singapore 229594 Phone: +65 238 6556 Fax: +65 238 6466 Internet: www.acctontech.com Accton is a trademark of Accton Technology Corporation. Other trademarks or brand names mentioned herein are trademarks or registered trademarks of their respective companies. VS4512 VS4512DC F1.0.4.0 E122003-R02...

  • Page 5: Table Of Contents

    Contents Chapter 1: Introduction Key Features Description of Software Features System Defaults Chapter 2: Initial Configuration Connecting to the Switch Configuration Options Required Connections Remote Connections Basic Configuration Console Connection Setting Passwords Setting an IP Address Manual Configuration Dynamic Configuration Enabling SNMP Management Access Community Strings Trap Receivers...
  • Page 6 Contents Saving or Restoring Configuration Settings 3-16 Downloading Configuration Settings from a Server 3-16 Setting the Startup Configuration File 3-17 Copying the Running Configuration to a File 3-17 Resetting the System 3-18 Setting the System Clock 3-18 Configuring SNTP 3-18 Setting the Time Zone 3-19 Simple Network Management Protocol...
  • Page 7 Contents Address Table Settings 3-73 Setting Static Addresses 3-73 Displaying the Address Table 3-74 Changing the Aging Time 3-75 Spanning Tree Algorithm Configuration 3-76 Displaying Global Settings 3-77 Configuring Global Settings 3-79 Displaying Interface Settings 3-81 Configuring Interface Settings 3-84 VLAN Configuration 3-86 Overview...
  • Page 8 Contents Chapter 4: Command Line Interface Using the Command Line Interface Accessing the CLI Console Connection Telnet Connection Entering Commands Keywords and Arguments Minimum Abbreviation Command Completion Getting Help on Commands Showing Commands Partial Keyword Lookup Negating the Effect of Commands Using Command History Understanding Command Modes Exec Commands...
  • Page 9 Contents User Access Commands 4-24 username 4-24 enable password 4-25 IP Filter Commands 4-26 management 4-26 show management 4-27 Web Server Commands 4-28 ip http port 4-28 ip http server 4-28 ip http secure-server 4-29 ip http secure-port 4-30 ip telnet server 4-30 Secure Shell Commands 4-31...
  • Page 10 Contents System Status Commands 4-49 show startup-config 4-49 show running-config 4-51 show system 4-53 show users 4-53 show version 4-54 Flash/File Commands 4-55 copy 4-55 delete 4-57 4-58 whichboot 4-59 boot system 4-59 Authentication Commands 4-60 Authentication Sequence 4-60 authentication login 4-60 RADIUS Client 4-61...
  • Page 11 Contents SNMP Commands 4-76 snmp-server community 4-76 snmp-server contact 4-77 snmp-server location 4-77 snmp-server host 4-78 snmp-server enable traps 4-79 snmp ip filter 4-80 show snmp 4-81 DHCP Commands 4-82 DHCP Client 4-82 ip dhcp client-identifier 4-82 ip dhcp restart client 4-83 Interface Commands 4-84...
  • Page 12 Contents show controllers efm admin 4-112 show controllers efm profile 4-112 show controllers efm status 4-114 show controllers efm remote ethernet mode 4-115 show controllers efm-noise-margin 4-116 show controllers efm channel-performance 4-117 show controllers efm line-table 4-117 show controllers efm phy-table 4-118 show controllers efm channel-table 4-119...
  • Page 13 Contents Configuring Private VLANs 4-144 pvlan 4-144 show pvlan 4-145 Bridge Extension Commands 4-146 show bridge-ext 4-146 Priority Commands 4-147 Priority Commands (Layer 2) 4-147 switchport priority default 4-147 queue mode 4-148 queue bandwidth 4-149 queue cos-map 4-150 show queue mode 4-151 show queue bandwidth 4-151...
  • Page 14 Contents IP Interface Commands 4-166 Basic IP Configuration 4-166 ip address 4-167 ip default-gateway 4-168 show ip interface 4-168 show ip redirects 4-169 ping 4-169 Appendix A: Software Specifications Software Features Management Features Standards Management Information Bases Appendix B: Troubleshooting Glossary Index...

  • Page 15: Chapter 1: Introduction

    Chapter 1: Introduction The switch provides a broad range of features for Layer 2 switching. It includes a management agent that allows you to configure the features listed in this manual. The default configuration can be used for most of the features provided by this switch.

  • Page 16: Description Of Software Features

    Introduction Feature Description Virtual LANs Up to 255 using IEEE 802.1Q, port-based, or private VLANs Traffic Prioritization Default port priority, traffic class map, queue scheduling, IP Precedence, or Differentiated Services Code Point (DSCP) Multicast Filtering Supports IGMP snooping and query Description of Software Features The switch provides a wide range of advanced performance enhancing features.
  • Page 17 Description of Software Features Port Mirroring – The switch can unobtrusively mirror traffic from any port to a monitor port. You can then attach a protocol analyzer or RMON probe to this port to perform traffic analysis and verify connection integrity. Port Trunking –...
  • Page 18 Introduction Virtual LANs – The switch supports up to 255 VLANs. A Virtual LAN is a collection of network nodes that share the same collision domain regardless of their physical location or connection point in the network. The switch supports tagged VLANs based on the IEEE 802.1Q standard.

  • Page 19: System Defaults

    System Defaults System Defaults The switch’s system defaults are provided in the configuration file “Factory_Default_Config.cfg.” To reset the switch defaults, this file should be set as the startup configuration file (page 3-17). The following table lists some of the basic system defaults. Function Parameter Default...
  • Page 20 Introduction Function Parameter Default Web Management HTTP Server Enabled HTTP Port Number HTTP Secure Server Enabled HTTP Secure Port Number SNMP Community Strings “public” (read only) “private” (read/write) Traps Authentication traps: enabled Link-up-down events: enabled IP Filtering Disabled Port Configuration Admin Status Enabled Auto-negotiation Enabled...
  • Page 21 System Defaults Function Parameter Default Acceptable Frame Type Ingress Filtering Disabled Switchport Mode (Egress Hybrid: tagged/untagged frames Mode) Traffic Prioritization Ingress Port Priority Weighted Round Robin Queue: 0:1 2:16 3:64 IP Precedence Priority Disabled IP DSCP Priority Disabled IP Settings IP Address 0.0.0.0 Subnet Mask...
  • Page 22 Introduction...

  • Page 23: Chapter 2: Initial Configuration

    Chapter 2: Initial Configuration Connecting to the Switch Configuration Options The switch includes a built-in network management agent. The agent offers a variety of management options, including SNMP, RMON and a Web-based interface. A PC may also be connected directly to the switch for configuration and monitoring via a command line interface (CLI).

  • Page 24: Required Connections

    Initial Configuration • Globally set broadcast storm control • Display system information and statistics Required Connections The switch provides an RS-232 serial port that enables a connection to a PC or terminal for monitoring and configuring the switch. A null-modem console cable is provided with the switch.

  • Page 25: Remote Connections

    Basic Configuration Remote Connections Prior to accessing the switch’s onboard agent via a network connection, you must first configure it with a valid IP address, subnet mask, and default gateway using a console connection, DHCP or BOOTP protocol. The IP address for this switch is assigned by DHCP by default. To manually configure this address or enable dynamic address assignment via DHCP or BOOTP, see “Setting an IP Address”...

  • Page 26: Setting Passwords

    Initial Configuration Setting Passwords Note: If this is your first time to log into the CLI program, you should define new passwords for both default user names using the “username” command, record them and put them in a safe place. Passwords can consist of up to 8 alphanumeric characters and are case sensitive.

  • Page 27: Dynamic Configuration

    Basic Configuration Before you can assign an IP address to the switch, you must obtain the following information from your network administrator: • IP address for the switch • Default gateway for the network • Network mask for this network To assign an IP address to the switch, complete the following steps: From the Privileged Exec level global configuration mode prompt, type “interface vlan 1”...

  • Page 28: Enabling Snmp Management Access

    Initial Configuration Wait a few minutes, and then check the IP configuration settings by typing the “show ip interface” command. Press <Enter>. Then save your configuration changes by typing “copy running-config startup-config.” Enter the startup file name and press <Enter>. Console(config)#interface vlan 1 Console(config-if)#ip address dhcp Console(config-if)#end...

  • Page 29: Trap Receivers

    Basic Configuration To configure a community string, complete the following steps: From the Privileged Exec level global configuration mode prompt, type “snmp-server community string mode,” where “string” is the community access string and “mode” is rw (read/write) or ro (read only). Press <Enter>. (Note that the default mode is read only.) To remove an existing string, simply type “no snmp-server community string,”...

  • Page 30: Managing System Files

    Initial Configuration Managing System Files The switch’s flash memory supports three types of system files that can be managed by the CLI program, Web interface, or SNMP. The switch’s file system allows files to be uploaded and downloaded, copied, deleted, and set as a start-up file. The three types of files are: •...

  • Page 31: Chapter 3: Configuring The Switch

    Chapter 3: Configuring the Switch Using the Web Interface This switch provides an embedded HTTP Web agent. Using a Web browser you can configure the switch and view statistics to monitor network activity. The Web agent can be accessed by any computer on the network using a standard Web browser (Internet Explorer 5.0 or above, or Netscape Navigator 6.2 or above).

  • Page 32: Navigating The Web Browser Interface

    Configuring the Switch Navigating the Web Browser Interface To access the web-browser interface you must first enter a user name and password. The administrator has Read/Write access to all configuration parameters and statistics. The default user name and password for the administrator is “admin.” Home Page When your web browser connects with the switch’s web agent, the home page is displayed as shown below.

  • Page 33: Panel Display

    Navigating the Web Browser Interface Notes: 1. To ensure proper screen refresh, be sure that Internet Explorer 5.x is configured as follows: Under the menu “Tools / Internet Options / General / Temporary Internet Files / Settings,” the setting for item “Check for newer versions of stored pages”...
  • Page 34 Configuring the Switch Menu Description Page SNTP 3-18 Configuration Configures SNTP client settings, including broadcast mode or a 3-18 specified list of servers Clock Time Zone Sets the local time zone for the system clock 3-19 SNMP 3-20 Configuration Configures community strings and related trap functions 3-21 IP Filtering Sets IP addresses of clients allowed management access...
  • Page 35 Navigating the Web Browser Interface Menu Description Page Rate Limit 3-50 Input Port Configuration Sets the input rate limit for each port 3-50 Input Trunk Configuration Sets the input rate limit for each trunk 3-50 Output Port Configuration Sets the output rate limit for each port 3-50 Output Trunk Configuration Sets the output rate limit for each trunk 3-50...
  • Page 36 Configuring the Switch Menu Description Page VLAN 3-86 802.1Q VLAN 3-86 Basic Information Displays information on the VLAN type supported by this switch 3-88 Current Table Shows the current port members of each VLAN and whether or 3-89 not the port is tagged or untagged Static List Used to create or remove VLAN groups 3-91...

  • Page 37: Basic Configuration

    Basic Configuration Menu Description Page IGMP Snooping 3-109 IGMP Configuration Enables multicast filtering; configures parameters for multicast 3-110 query Multicast Router Displays the ports that are attached to a neighboring multicast 3-111 Port Information router for each VLAN ID Static Multicast Router Port Assigns ports that are attached to a neighboring multicast router 3-112 Configuration...
  • Page 38 Configuring the Switch Web – Click System, System Information. Specify the system name, location, and contact information for the system administrator, then click Apply. (This page also includes a Telnet button that allows access to the Command Line Interface via Telnet.) CLI –...

  • Page 39: Displaying Switch Hardware/Software Versions

    Basic Configuration Displaying Switch Hardware/Software Versions Use the Switch Information page to display hardware/firmware version numbers for the main board and management software, as well as the power status of the system. Field Attributes Main Board • Serial Number – The serial number of the switch. •...

  • Page 40: Displaying Bridge Extension Capabilities

    Configuring the Switch CLI – Use the following command to display version information. Console#show version 4-54 Unit1 Serial number Service tag Hardware version Module A type :not present Module B type :not present Number of ports Main power status Redundant power status : Agent(master) Unit id Loader version...

  • Page 41: Setting The Switch's Ip Address

    Basic Configuration Web – Click System, Bridge Extension. CLI – Enter the following command. Console#show bridge-ext 4-146 Max support vlan numbers: 255 Max support vlan ID: 4093 Extended multicast filtering services: No Static entry individual port: Yes VLAN learning: IVL Configurable PVID tagging: Yes Local VLAN capable: Yes Traffic classes: Enabled...

  • Page 42: Manual Configuration

    Configuring the Switch Command Attributes • Management VLAN – ID of the configured VLAN (1-4093, no leading zeroes). By default, all ports on the switch are members of VLAN 1. However, the management station can be attached to a port belonging to any VLAN, as long as that VLAN has been assigned an IP address.

  • Page 43: Using Dhcp/Bootp

    Basic Configuration CLI – Specify the management interface, IP address and default gateway. Console#config Console(config)#interface vlan 1 4-84 Console(config-if)#ip address 192.168.1.254 255.255.255.0 4-167 Console(config-if)#exit Console(config)#ip default-gateway 192.168.1.253 4-168 Console(config)# Using DHCP/BOOTP If your network provides DHCP/BOOTP services, you can configure the switch to be dynamically configured by these services.

  • Page 44: Fan Status

    Configuring the Switch Renewing DCHP – DHCP may lease addresses to clients indefinitely or for a specific period of time. If the address expires or the switch is moved to another network segment, you will lose management access to the switch. In this case, you can reboot the switch or submit a client request to restart DHCP service via the CLI.

  • Page 45: Downloading System Software From A Server

    Basic Configuration Note: Up to two copies of the system software (i.e., the runtime firmware) can be stored in the file directory on the switch. The currently designated startup version of this file cannot be deleted. Downloading System Software from a Server When downloading runtime code, you can specify the destination file name to replace the current image, or first download the file using a different name from the current runtime code file, and then set the new file as the startup file.

  • Page 46: Saving Or Restoring Configuration Settings

    Configuring the Switch CLI – Enter the IP address of the TFTP server, select “config” or “opcode” file type, then enter the source and destination file names, set the new file to start up the system, and then restart the switch. Console#copy tftp file 4-55 TFTP server ip address: 10.1.0.19...

  • Page 47: Setting The Startup Configuration File

    Basic Configuration Setting the Startup Configuration File If you download to a new file name, select the new file from the drop-down list for Startup Configuration File, and press Apply Changes. To use the new settings, reboot the system via the System/Reset menu. CLI –...

  • Page 48: Resetting The System

    Configuring the Switch Resetting the System Web – Click System, Reset. Click the Reset button to restart the switch. CLI – Use the reload command to restart the switch. Console#reload 4-20 System will be restarted, continue <y/n>? Note: When restarting the system, it will always run the Power-On Self-Test. Setting the System Clock Simple Network Time Protocol (SNTP) allows the switch to set its internal clock based on periodic updates from a time server (SNTP or NTP).

  • Page 49: Setting The Time Zone

    Basic Configuration • SNTP Poll Interval – Sets the interval between sending requests for a time update from a time server when set to SNTP Client mode. (Range: 16-16284 seconds; Default: 16 seconds) • SNTP Server – In unicast mode, sets the IP address for up to three time servers.

  • Page 50: Simple Network Management Protocol

    Configuring the Switch Web – Select SNTP, Clock Time Zone. Set the offset for your time zone relative to the UTC, and click Apply. CLI - This example shows how to set the time zone for the system clock. Console(config)#clock timezone Dhaka hours 6 minute 0 after-UTC 4-48 Console# Simple Network Management Protocol...

  • Page 51: Setting Community Access Strings

    Simple Network Management Protocol Setting Community Access Strings You may configure up to five community strings authorized for management access. All community strings used for IP Trap Managers should be listed in this table. For security reasons, you should consider removing the default strings. Command Attributes •...

  • Page 52: Specifying Trap Managers And Trap Types

    Configuring the Switch Specifying Trap Managers and Trap Types Traps indicating status changes are issued by the switch to specified trap managers. You must specify trap managers so that key events are reported by this switch to your management station (using network management platforms such as HP OpenView.

  • Page 53: Filtering Addresses For Snmp Client Access

    Simple Network Management Protocol Filtering Addresses for SNMP Client Access The switch allows you to create a list of up to 16 IP addresses or IP address groups that are allowed access to the switch via SNMP management software. Command Usage •...

  • Page 54: User Authentication

    Configuring the Switch CLI – This example allows SNMP access for a specific client. Console(config)#snmp ip filter 10.1.2.3 255.255.255.255 4-80 Console(config)# User Authentication. Use the Passwords or RADIUS/TACACS+ menu to restrict management access based on specified user names and passwords. You can manually configure access rights on the switch (Passwords menu), or you can use a remote access authentication server based on the RADIUS/TACACS+ protocol.

  • Page 55: Configuring Local/Remote Logon Authentication

    User Authentication. CLI – Assign a user name to access-level 15 (i.e., administrator), then specify the password. Console(config)#username bob access-level 15 4-24 Console(config)#username bob password 0 smith Console(config)# Configuring Local/Remote Logon Authentication Use the Authentication Settings menu to restrict management access based on specified user names and passwords.
  • Page 56 Configuring the Switch Command Attributes • – Select the authentication, or authentication sequence Authentication required: - Local – User authentication is performed only locally by the switch. - Radius – User authentication is performed using a RADIUS server only. – User authentication is performed using a TACACS+ server only. TACACS –...
  • Page 57 User Authentication. Web – Click Security, Authentication Settings. To configure local or remote authentication preferences, specify the authentication sequence (i.e., one to three methods), fill in the parameters for RADIUS or TACACS+ authentication if selected, and click Apply. CLI – Specify all the required parameters to enable logon authentication. Console(config)#authentication login radius 4-60 Console(config)#radius-server host 192.168.1.25...

  • Page 58: Telnet Settings

    Configuring the Switch Telnet Settings Telnet access to the switch can be enabled via the Web or CLI. Web – Click Security, Telnet Settings, then check the checkbox to enable access via Telnet (i.e., a virtual terminal). CLI – This example enables Telnet access to the switch. Console#config 4-30 Console(config)#ip telnet server...

  • Page 59: Replacing The Default Secure-Site Certificate

    User Authentication. Command Attributes • – Allows you to enable/disable the HTTPS server feature on the HTTPS Status switch. (Default: Enabled) • – Specifies the UDP port number used for HTTPS/ Change HTTPS Port Number SSL connection to the switch’s web interface. (Default: Port 443) Web –...

  • Page 60: Configuring The Secure Shell

    Configuring the Switch Configuring the Secure Shell The Berkley-standard includes remote access tools originally designed for Unix systems. Some of these tools have also been implemented for Microsoft Windows and other environments. These tools, including commands such as, rsh (remote shell), and rexec (remote execute), are not secure from hostile attacks.

  • Page 61: Configuring Port Security

    User Authentication. CLI – This example enables SSH, sets the authentication parameters, and displays the current configuration. It shows that the administrator has made a connection via SHH, and then disabled this connection. Console(config)#ip ssh server 4-31 Console(config)#ip ssh timeout 100 4-35 Console(config)#ip ssh authentication-retries 5 4-33...
  • Page 62 Configuring the Switch Command Attributes • – Port number. Port • – The action to be taken when a port security violation is detected: Action* - None: No action should be taken. (This is the default.) - Trap: Send an SNMP trap message. - Shutdown: Disable the port.

  • Page 63: Configuring 802.1X Port Authentication

    User Authentication. Configuring 802.1x Port Authentication Network switches can provide open and easy access to network resources by simply attaching a client PC. Although this automatic configuration and access is a desirable feature, it also allows unauthorized personnel to easily intrude and possibly gain access to sensitive network data.

  • Page 64: Displaying 802.1X Global Settings

    Configuring the Switch Displaying 802.1x Global Settings The dot1x protocol includes global parameters that control the client authentication process that runs between the client and the switch (i.e., authenticator), as well as the client identity lookup process that runs between the switch and authentication server.
  • Page 65 User Authentication. CLI – This example shows the default protocol settings for 802.1x. For a description of the additional entries displayed in the CLI, See “show dot1x” on page 73. Console#show dot1x 4-73 Global 802.1X Parameters reauth-enabled: yes reauth-period: quiet-period: tx-period: supp-timeout: server-timeout: 30...

  • Page 66: Configuring 802.1X Global Settings

    Configuring the Switch Configuring 802.1x Global Settings The dot1x protocol includes global parameters that control the client authentication process that runs between the client and the switch (i.e., authenticator), as well as the client identity lookup process that runs between the switch and authentication server.

  • Page 67: Configuring Port Authorization Mode

    User Authentication. CLI – This enables re-authentication and sets all of the global parameters for 802.1x. Console(config)#dot1x re-authentication 4-71 Console(config)#dot1x max-req 5 4-69 Console(config)#dot1x timeout quiet-period 40 4-71 Console(config)#dot1x timeout re-auth 5 4-72 Console(config)#dot1x timeout tx-period 40 4-72 Console(config)#authentication dot1x default radius 4-69 Console(config)# Configuring Port Authorization Mode...

  • Page 68: Displaying 802.1X Statistics

    Configuring the Switch CLI – This example sets the authentication mode to enable 802.1x on port 2, and allows up to ten clients to connect to this port. Console(config)#interface ethernet 1/2 4-84 Console(config-if)#dot1x port-control auto 4-70 Console(config-if)#dot1x operation-mode multi-host max-count 10 4-70 Console(config-if)# Displaying 802.1x Statistics...

  • Page 69: Port Configuration

    Port Configuration CLI – This example displays the 802.1x statistics for port 4. Console#show dot1x statistics interface ethernet 1/4 4-73 Eth 1/4 Rx: EXPOL EAPOL EAPOL EAPOL Start Logoff Invalid Total Resp/Id Resp/Oth LenError 1007 Last Last EAPOLVer EAPOLSrc 00-00-E8-98-73-21 Tx: EAPOL Total Req/Id...
  • Page 70 Configuring the Switch • Max MAC Count – Shows the maximum number of MAC address that can be learned by a port. (0 - 20 addresses) • – Shows the current speed and duplex mode. Speed Duplex Status • – Indicates the type of flow control currently in use. Flow Control Status (IEEE 802.3x, Back-Pressure or None) •...
  • Page 71 Port Configuration - 10full - Supports 10 Mbps full-duplex operation - 100half - Supports 100 Mbps half-duplex operation - 100full - Supports 100 Mbps full-duplex operation - 1000full - Supports 1000 Mbps full-duplex operation - Sym - Transmits and receives pause frames for flow control - FC - Supports flow control •...

  • Page 72: Configuring Interface Connections

    Configuring the Switch CLI – This example shows the connection status for Port 5. Console#show interfaces status ethernet 1/5 4-91 Information of Eth 1/5 Basic information: Port type: 1000T Mac address: 00-30-f1-47-58-46 Configuration: Name: Port admin: Up Speed-duplex: Auto Capabilities: 10half, 10full, 100half, 100full, 1000full, Broadcast storm: Enabled Broadcast storm limit: 500 packets/second Flow control: Disabled...
  • Page 73 Port Configuration • – Allows auto-negotiation to be enabled/ Autonegotiation (Port Capabilities) disabled. When auto-negotiation is enabled, you need to specify the capabilities to be advertised. When auto-negotiation is disabled, you can force the settings for speed, mode, and flow control.The following capabilities are supported. - 10half - Supports 10 Mbps half-duplex operation - 10full - Supports 10 Mbps full-duplex operation - 100half - Supports 100 Mbps half-duplex operation...

  • Page 74: Creating Trunk Groups

    Configuring the Switch CLI – Select the interface, and then enter the required settings. Console(config)#interface ethernet 1/12 4-84 Console(config-if)#description RD SW#12 4-85 Console(config-if)#shutdown 4-89 Console(config-if)#no shutdown Console(config-if)#no negotiation 4-86 Console(config-if)#speed-duplex 100half 4-85 Console(config-if)#flowcontrol 4-88 Console(config-if)#negotiation Console(config-if)#capabilities 100half 4-87 Console(config-if)#capabilities 100full Console(config-if)#capabilities flowcontrol Console(config-if)#exit Creating Trunk Groups...

  • Page 75: Statically Configuring A Trunk

    Port Configuration Statically Configuring a Trunk Command Usage • When configuring static trunks, you may not statically be able to link switches of different types, configured depending on the manufacturer’s implementation. However, note that the static trunks on this switch are Cisco EtherChannel compatible.

  • Page 76: Enabling Lacp On Selected Ports

    Configuring the Switch CLI – This example creates trunk 2 with ports 13 and 14. Just connect these ports to two static trunk ports on another switch to form a trunk. Console(config)#interface port-channel 1 4-84 Console(config-if)#exit Console(config)#interface ethernet 1/13 4-84 Console(config-if)#channel-group 1 4-99 Console(config-if)#exit...
  • Page 77 Port Configuration Web – Click Port, LACP, Configuration. Select switch ports from the scroll-down port list and click Add. After you have completed adding ports to the member list, click Apply. CLI – The following example enables LACP for ports 13 and 14. Just connect these ports to LACP-enabled trunk ports on another switch to form a trunk.

  • Page 78: Setting Broadcast Storm Thresholds

    Configuring the Switch Setting Broadcast Storm Thresholds Broadcast storms may occur when a device on your network is malfunctioning, or if application programs are not well designed or properly configured. If there is too much broadcast traffic on your network, performance can be severely degraded or everything can come to complete halt.

  • Page 79: Configuring Port Mirroring

    Port Configuration CLI – Specify any interface, and then enter the threshold. The following disables broadcast storm control for port 1, and then sets broadcast suppression at 600 packets per second for port 2. This threshold will then apply to all ports with broadcast storm control enabled.

  • Page 80: Configuring Rate Limits

    Configuring the Switch Web – Click Port, Mirror. Specify the source port, the traffic type to be mirrored, and the target port, then click CLI – Use the interface command to select the monitor port, then use the port monitor command to specify the source port. Note that default mirroring under the CLI is for both received and transmitted packets.

  • Page 81: Showing Port Statistics

    Port Configuration Web - Click Rate Limit, Input/Output Port/Trunk Configuration. Set the Input Rate Limit Status or Output Rate Limit Status, then set the rate limit for the individual interfaces, and click Apply. CLI - This example sets the rate limit for input and output traffic passing through port 1 to 50 Mbps.

  • Page 82: Statistical Values

    Configuring the Switch Statistical Values Parameter Description Interface Statistics Received Octets The total number of octets received on the interface, including framing characters. Received Unicast Packets The number of subnetwork-unicast packets delivered to a higher-layer protocol. Received Multicast Packets The number of packets, delivered by this sub-layer to a higher (sub-)layer, which were addressed to a multicast address at this sub-layer.
  • Page 83 Port Configuration Parameter Description Single Collision Frames The number of successfully transmitted frames for which transmission is inhibited by exactly one collision. Internal MAC Transmit Errors A count of frames for which transmission on a particular interface fails due to an internal MAC sublayer transmit error. Multiple Collision Frames A count of successfully transmitted frames for which transmission is inhibited by more than one collision.
  • Page 84 Configuring the Switch Parameter Description 64 Bytes Frames The total number of frames (including bad packets) received and transmitted that were 64 octets in length (excluding framing bits but including FCS octets). 65-127 Byte Frames The total number of frames (including bad packets) received and transmitted where the number of octets fall within the specified range 128-255 Byte Frames (excluding framing bits but including FCS octets).
  • Page 85 Port Configuration CLI – This example shows statistics for port 12. 4-92 Console#show interfaces counters ethernet 1/12 Ethernet 1/12 Iftable stats: Octets input: 868453, Octets output: 3492122 Unicast input: 7315, Unitcast output: 6658 Discard input: 0, Discard output: 0 Error input: 0, Error output: 0 Unknown protos input: 0, QLen output: 0 Extended iftable stats: Multi-cast input: 0, Multi-cast output: 17027...

  • Page 86: Vdsl Configuration

    Configuring the Switch VDSL Configuration You can configure and display communication parameters for VDSL and Ethernet ports on the switch and connected CPEs. VDSL Global Configuration This Web page assigns the same profile to each VDSL switch port. Details of these profiles are given in the table below.
  • Page 87 VDSL Configuration 4. The maximum distances for VDSL links using the recommended profiles are: Upstream Downstream Mode Max. Range 16 Mbps 16 Mbps Symmetric 600m (1970 ft) 11 Mbps 34 Mbps Asymetric 610m (2000 ft) 5. Type-1 26 AWG (100 ohm)/0.4 mm, or Type-2 24 AWG (100 ohm)/0.5 mm cable may be installed to achieve the maximum distance.

  • Page 88: Vdsl Port Configuration

    Configuring the Switch VDSL Port Configuration You can enable/disable a selected port, enable/disable Remote Digital Loopback (RDL), set the optimal transmission rate, and configure a profile for the selected port. Command Attributes • Active Status – Check this box to enable the selected port. •...
  • Page 89 VDSL Configuration Profile Name Theoretical Minimum Signal-to-Noise Ratio (dB) A5-50-7 A6-22-3A A7-40-5A Not Used A8-46-7A TLAN Max-Rate Noise margins should be configured to a level appropriate to the actual noise level of the environment. A noisier environment requires a higher noise margin to ensure a stable link.
  • Page 90 Configuring the Switch Web – Click VDSL, Port Configuration. Select a port from the drop-down list, and click Select. CLI – The following examples show how these features are configured in the CLI. Examples The following example disables VDSL port 1. Console(config)#interface ethernet 1/1 4-84 Console(config-if)#efm shutdown...

  • Page 91: Vdsl Port Link Status

    VDSL Configuration The following example shows rate adaption enabled for port 1. Console#config Console(config)#interface ethernet 1/1 4-84 Console(config-if)#efm rate-adapt 4-108 Console(config-if)#end Console# The following example configures VDSL port 1 with an upstream noise margin of 6, and a downstream noise margin of 6. Console#config Console(config)#interface ethernet 1/1 4-84...
  • Page 92 Configuring the Switch - PBO – Indicates the status of the power back-off mechanism (on/off). If PBO is enabled, the power of transmission from the port will automatically be adjusted to ensure that the signal successfully reaches the receive port. - Rate Adaptation –...
  • Page 93 VDSL Configuration CLI –The following examples show how VDSL link current values are displayed in the CLI. Examples The following example displays VDSL link current values on VDSL switch port 2. Console#show controller efm Ethernet 1/2 actual dsrserrs 4-111 Downstream Reed-Solomon errors: 0 Console#show controller efm Ethernet 1/2 actual link Link status: Down Console#show controller efm Ethernet 1/2 actual rxpower...

  • Page 94: Displaying Vdsl Port Ethernet Statistics

    Configuring the Switch Displaying VDSL Port Ethernet Statistics VDSL Port Ethernet Statistics display key statistics for an interface. Web – Click VDSL, VDSL Port Ethernet Statistics. 3-64...

  • Page 95: Vdsl Line Configuration

    VDSL Configuration CLI – Use the show interfaces counters command. Example Console#show interfaces counters ethernet 1/11 4-92 Ethernet 1/11 Iftable stats: Octets input: 19648, Octets output: 714944 Unitcast input: 0, Unitcast output: 0 Discard input: 0, Discard output: 0 Error input: 0, Error output: 0 Unknown protos input: 0, QLen output: 0 Extended iftable stats: Multi-cast input: 0, Multi-cast output: 10524...

  • Page 96: Displaying Vdsl Interface Information

    Configuring the Switch • Config Profile – In this version, only “DEFVAL” is displayed. In future versions, a drop-down list of all configurable VDSL profiles will be displayed in this field. • Alarm Config Profile – The alarm profile is pre-configured to send trap messages via SNMP protocol to register errors on the VDSL line.
  • Page 97 VDSL Configuration • Physical Interfaces Information - Serial Number – A number given by the manufacturer to the item produced. This only displays on the CPE side. - Vendor ID – The name of the manufacturer of this switch. - Version Number – The number of the current hardware. - Current Signal to Noise Ratio Margin –...
  • Page 98 Configuring the Switch Web – Click VDSL, Interface Information. Select Line and Channel from the drop-down lists, and click Query. CLI – The following examples show how these parameters are displayed in the CLI. Examples The following example displays physical interface information for VDSL port 1.

  • Page 99: Vdsl Performance Monitor Information

    VDSL Configuration VDSL Performance Monitor Information This screen displays line and channel performance data information since the switch was last reset, during the current 15 minute interval, and during the current day. Command Attributes • Line – Select the VDSL line from the drop-down list. •...
  • Page 100 Configuring the Switch Web – Click VDSL, Performance Monitor Information. 3-70...
  • Page 101 VDSL Configuration CLI – Use the show controllers efm current-performance command. Example Console#show controllers efm current-performance vtu-c 1/1 4-120 VDSL_PERF_DATA_ENTRY : Ethernet 1/1 Loss of Framing Ethernet 1/1 Loss of Signal Ethernet 1/1 Loss of Power Ethernet 1/1 Loss of Link Ethernet 1/1 Errored Seconds Ethernet 1/1...

  • Page 102: Monitoring Vdsl Performance History

    Configuring the Switch Monitoring VDSL Performance History This page displays line and channel performance data information during selected 15 minute intervals over the last 24 hours of switch operation, and during selected 1-day intervals from the current day to 30 days ago. Command Attributes •...

  • Page 103: Address Table Settings

    VDSL Configuration Web – Click VDSL, Performance Monitor History. Note: The parameters described above are not displayed in the CLI for periods before the current 15 minute, or 24 hour interval. To display these parameters during the current 15 minute, or 24 hour period see “VDSL Performance Monitor Information” on page 3-69.

  • Page 104: Displaying The Address Table

    Configuring the Switch Web – Click Address Table, Static Addresses. Specify the interface, the MAC address and VLAN, then click Add Static Address. CLI – This example adds an address to the static address table, but sets it to be deleted when the switch is reset.

  • Page 105: Changing The Aging Time

    VDSL Configuration Web – Click Address Table, Dynamic Addresses. Specify the search type (i.e., mark the Interface, MAC Address, or VLAN checkbox), select the method of sorting the displayed addresses, and then click Query CLI – This example also displays the address table entries for port 1. Console#show mac-address-table interface ethernet 1/1 4-123 Interface Mac Address...

  • Page 106: Spanning Tree Algorithm Configuration

    Configuring the Switch Web – Click Address Table, Address Aging. Specify the new aging time, click Apply CLI – This example sets the aging time to 400 seconds. Console(config)#mac-address-table aging-time 400 4-124 Console(config)# Spanning Tree Algorithm Configuration The Spanning Tree Algorithm (STA) can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers.

  • Page 107: Displaying Global Settings

    Spanning Tree Algorithm Configuration If a bridge does not get a Hello BPDU after a predefined interval (Maximum Age), the bridge assumes that the link to the Root Bridge is down. This bridge will then initiate negotiations with other bridges to reconfigure the network to reestablish a valid network topology.
  • Page 108 Configuring the Switch • Configuration Changes – The number of times the Spanning Tree has been reconfigured. • Last Topology Change – Time since the Spanning Tree was last reconfigured. These additional parameters are only displayed for the CLI: • Spanning tree mode – Specifies the type of spanning tree used on this switch: - STP: Spanning Tree Protocol (IEEE 802.1D) - RSTP: Rapid Spanning Tree (IEEE 802.1w) •...

  • Page 109: Configuring Global Settings

    Spanning Tree Algorithm Configuration CLI – This command displays global STA settings, followed by settings for each port. Console#show spanning-tree 4-135 Spanning-tree information --------------------------------------------------------------- Spanning tree mode :RSTP Spanning tree enable/disable :enable Priority :32768 Bridge Hello Time (sec.) Bridge Max Age (sec.) Bridge Forward Delay (sec.) Root Hello Time (sec.) Root Max Age (sec.)
  • Page 110 Configuring the Switch • Priority – Bridge priority is used in selecting the root device, root port, and designated port. The device with the highest priority becomes the STA root device. However, if all devices have the same priority, the device with the lowest MAC address will then become the root device.

  • Page 111: Displaying Interface Settings

    Spanning Tree Algorithm Configuration Web – Click Spanning Tree, STA, Configuration. Modify the required attributes, and click Apply. CLI – This example enables Spanning Tree Protocol, and then configures the STA parameters. Console(config)#spanning-tree 4-126 Console(config)#spanning-tree priority 40000 4-129 Console(config)#spanning-tree hello-time 5 4-128 Console(config)#spanning-tree forward-time 20 4-127...
  • Page 112 Configuring the Switch The rules defining port status are: - A port on a network segment with no other STA compliant bridging device is always forwarding. - If two ports of a switch are connected to the same segment and there is no other STA device attached to this segment, the port with the smaller ID forwards packets and the other is discarding.
  • Page 113 Spanning Tree Algorithm Configuration Backup port receives more useful BPDUs from the same bridge and is therefore not selected as the designated port. These additional parameters are only displayed for the CLI: • Admin status – Shows if this interface is enabled. •...

  • Page 114: Configuring Interface Settings

    Configuring the Switch Web – Click Spanning Tree, STA, Port Information or STA Trunk Information. CLI – This example shows the STA attributes for port 5. Console#show spanning-tree ethernet 1/5 4-135 1/ 5 information ------------------------------------------------------------- Admin status : enable Role : disable State : discarding...
  • Page 115 Spanning Tree Algorithm Configuration • Trunk – Indicates if a port is a member of a trunk. (STA Port Configuration only) The following interface attributes can be configured: • Priority – Defines the priority used for this port in the Spanning Tree Protocol. If the path cost for all ports on a switch are the same, the port with the highest priority (i.e., lowest value) will be configured as an active link in the Spanning Tree.

  • Page 116: Vlan Configuration

    Configuring the Switch • Migration – If at any time the switch detects STP BPDUs, including Configuration or Topology Change Notification BPDUs, it will automatically set the selected interface to forced STP-compatible mode. However, you can also use the Protocol Migration button to manually re-check the appropriate BPDU format (RSTP or STP-compatible) to send on the selected interfaces.

  • Page 117: Assigning Ports To Vlans

    VLAN Configuration VLANs provide greater network efficiency by reducing broadcast traffic, and allow you to make network changes without having to update IP addresses or IP subnets. VLANs inherently provide a high level of network security since traffic must pass through a configured Layer 3 link to reach a different VLAN.

  • Page 118: Forwarding Tagged/Untagged Frames

    Configuring the Switch Port Overlapping – Port overlapping can be used to allow access to commonly shared network resources among different VLAN groups, such as file servers or printers. Note that if you implement VLANs which do not overlap, but still need to communicate, you can connect them by enabled routing on this switch.

  • Page 119: Displaying Current Vlans

    VLAN Configuration CLI – Enter the following command. Console#show bridge-ext 4-146 Max support vlan numbers: 255 Max support vlan ID: 4093 Extended multicast filtering services: No Static entry individual port: Yes VLAN learning: IVL Configurable PVID tagging: Yes Local VLAN capable: No Traffic classes: Enabled GMRP: Disabled Console#...
  • Page 120 Configuring the Switch Web – Click VLAN, 802.1Q VLAN, Current Table. Select any ID from the scroll-down list. Command Attributes (CLI) • VLAN – ID of configured VLAN (1-4094, no leading zeroes) • Type – Shows how this VLAN was added to the switch - Dynamic: Automatically learned via GVRP* - Static: Added as a static entry * Not supported in the current version...

  • Page 121: Creating Vlans

    VLAN Configuration Creating VLANs Use the VLAN Static List to create or remove VLAN groups. To propagate information about VLAN groups used on this switch to external network devices, you must specify a VLAN ID for each of these groups. Command Attributes •...

  • Page 122: Adding Static Members To Vlans (Vlan Index)

    Configuring the Switch Adding Static Members to VLANs (VLAN Index) Use the VLAN Static Table to configure port members for the selected Notes: 1. VLAN index. Assign ports as tagged if they are connected to 802.1Q VLAN compliant devices, or untagged they are not connected to any VLAN-aware devices.

  • Page 123: Adding Static Members To Vlans (Port Index)

    VLAN Configuration Web – Click VLAN, 802.1Q VLAN, Static Table. Select a VLAN ID from the scroll-down list. Modify the VLAN name and status if required. Select the membership type by marking the appropriate radio button in the list of ports or trunks.

  • Page 124: Configuring Vlan Behavior For Interfaces

    Configuring the Switch Web – Open VLAN, 802.1Q VLAN, Static Membership. Select an interface from the scroll-down box (Port or Trunk). Click Query to display membership information for the interface. Select a VLAN ID, and then click Add to add the interface as a tagged member, or click Remove to remove the interface.
  • Page 125 VLAN Configuration • Ingress Filtering – Determines how to process frames tagged for VLANs for which the ingress port is not a member. (Default: Disabled) - Ingress filtering only affects tagged frames. - If ingress filtering is disabled and a port receives frames tagged for VLANs for which it is not a member, these frames will be flooded to all other ports (except for those VLANs explicitly forbidden on this port).

  • Page 126: Configuring Private Vlans

    Configuring the Switch Web – Click VLAN, 802.1Q VLAN, Port Configuration or VLAN Trunk Configuration. Fill in the required settings for each interface, click Apply. CLI – This example sets port 3 to accept only tagged frames, assigns PVID 3 as the native VLAN ID, sets the GARP timers, and then sets the switchport mode to hybrid.

  • Page 127: Enabling Private Vlans

    VLAN Configuration Enabling Private VLANs Use the Private VLAN Status page to enable/disable the Private VLAN function. Web – Click VLAN, Private VLAN, Status. Select Enable or Disable from the scroll-down box, and click Apply. CLI – This example enables private VLANs. Console(config)#pvlan 4-144 Console(config)#...

  • Page 128: Class Of Service Configuration

    Configuring the Switch CLI – This example configures ports 13 and 14 as uplink ports and ports 1-8 as downlink ports. Console(config)#Console(config)#pvlan up-link ethernet 1/13-14 down-link ethernet 1/1-8 4-144 Console(config)#end Console#show pvlan Private VLAN status: Enabled Up-link port: Ethernet 1/13 Ethernet 1/14 Down-link port: Ethernet 1/1...

  • Page 129: Each Port

    Class of Service Configuration Command Attributes • Default Priority* – The priority that is assigned to untagged frames received on the specified interface. (Range: 0 - 7, Default: 0) • Number of Egress Traffic Classes – The number of queue buffers provided for each port.

  • Page 130: Mapping Cos Values To Egress Queues

    Configuring the Switch Mapping CoS Values to Egress Queues This switch processes Class of Service (CoS) priority tagged traffic by using four priority queues for each port, with service schedules based on strict or Weighted Round Robin (WRR). Up to eight separate traffic priorities are defined in IEEE 802.1p.

  • Page 131: Selecting The Queue Mode

    Class of Service Configuration Web – Click Priority, Traffic Classes. Mark an interface and click Select to display the current mapping of CoS values to output queues. Assign priorities to the traffic classes (i.e., output queues) for the selected interface, then click Apply. CLI –...

  • Page 132: Setting The Service Weight For Traffic Classes

    Configuring the Switch CLI – The following sets the queue mode to strict priority service mode. Console(config)#queue mode strict 4-151 Console(config)#exit Console#show queue mode 4-151 Queue mode: strict Console# Setting the Service Weight for Traffic Classes This switch uses the Weighted Round Robin (WRR) algorithm to determine the frequency at which it services each priority queue.

  • Page 133: Mapping Layer 3/4 Priorities To Cos Values

    Class of Service Configuration CLI – The following example shows how to assign WRR weights to each of the priority queues. Console(config)#queue bandwidth 2 8 16 128 4-149 Console(config)#exit Console#show queue bandwidth 4-151 Queue ID Weight -------- ------ Console# Mapping Layer 3/4 Priorities to CoS Values This switch supports several common methods of prioritizing layer 3/4 traffic to meet application requirements.

  • Page 134: Mapping Ip Precedence

    Configuring the Switch CLI – The following example enables IP Precedence service on the switch. Console(config)#map ip precedence 4-152 Console(config)# Mapping IP Precedence The Type of Service (ToS) octet in the IPv4 header includes three precedence bits defining eight different priority levels ranging from highest priority for network control packets to lowest priority for routine traffic.

  • Page 135: Mapping Dscp Priority

    Class of Service Configuration CLI – The following example globally enables IP Precedence service on the switch, maps IP Precedence value 1 to CoS value 0 (on port 1), and then displays the IP Precedence settings. Console(config)#map ip precedence 4-152 Console(config)#interface ethernet 1/1 4-84 Console(config-if)#map ip precedence 1 cos 0...
  • Page 136 Configuring the Switch Web – Click Priority, IP DSCP Priority. Select an entry from the DSCP table, enter a value in the Class of Service Value field, then click Apply. CLI – The following example globally enables DSCP Priority service on the switch, maps DSCP value 0 to CoS value 1 (on port 1), and then displays the DSCP Priority settings.

  • Page 137: Mapping Ip Port Priority

    Class of Service Configuration Mapping IP Port Priority In the IP Port Priority page, for each switch port or trunk, you can map IP ports (TCP/UDP ports) to the switch’s 4 traffic class queues. Command Attributes • Current IP Port Table – displays a list of IP ports with their mapped class of service queues.

  • Page 138: Copy Priority Settings

    Configuring the Switch CLI – The following example shows IP Port 80 mapped to CoS value 0 for ethernet port 1. Console(config)#map ip port 4-155 Console(config)#interface ethernet 1/5 Console(config-if)#map ip port 80 cos 0 4-155 Console(config-if)#end Console# show map ip port ethernet 1/5 4-157 TCP port mapping status: enabled Port...

  • Page 139: Multicast Filtering

    Multicast Filtering Multicast Filtering Multicasting is used to support real-time applications such Unicast as videoconferencing or streaming audio. A multicast Flow server does not have to establish a separate connection with each client. It merely broadcasts its service to the network, and any hosts that want to receive the multicast register with their local multicast switch/router.

  • Page 140: Configuring Igmp Snooping And Query Parameters

    Configuring the Switch Configuring IGMP Snooping and Query Parameters You can configure the switch to forward multicast traffic intelligently. Based on the IGMP query and report messages, the switch forwards traffic only to the ports that request multicast traffic. This prevents the switch from broadcasting the traffic to all ports and possibly disrupting network performance.

  • Page 141: Displaying Interfaces Attached To A Multicast Router

    Multicast Filtering Web – Click IGMP Snooping, IGMP Configuration. Adjust the IGMP settings as required, and then click Apply. (The default settings are shown below.) CLI – This example modifies the settings for multicast filtering, and then displays the current status. Console(config)#ip igmp snooping 4-158 Console(config)#ip igmp snooping querier...

  • Page 142: Specifying Static Interfaces For A Multicast Router

    Configuring the Switch Web – Click IGMP Snooping, Multicast Router Port Information. Select the required VLAN ID from the scroll-down list to display the associated multicast routers. CLI – This example shows that Port 11 has been statically configured as a port attached to a multicast router.

  • Page 143: Displaying Port Members Of Multicast Services

    Multicast Filtering Web – Click IGMP Snooping, Static Multicast Router Port Configuration. Specify the interfaces attached to a multicast router, indicate the VLAN which will forward all the corresponding multicast traffic, and then click Add. After you have finished adding interfaces to the list, click Apply.

  • Page 144: Assigning Ports To Multicast Services

    Configuring the Switch Web – Click IGMP Snooping, IP Multicast Registration Table. Select a VLAN ID and the IP address for a multicast service from the scroll-down lists. The switch will display all the interfaces that are propagating this multicast service. CLI –...
  • Page 145 Multicast Filtering Web – Click IGMP Snooping, IGMP Member Port Table. Specify the interface attached to a multicast service (via an IGMP-enabled switch or multicast router), indicate the VLAN that will propagate the multicast service, specify the multicast IP address, and click Add. After you have completed adding ports to the member list, click Apply.
  • Page 146 Configuring the Switch 3-116...

  • Page 147: Chapter 4: Command Line Interface

    Chapter 4: Command Line Interface This chapter describes how to use the Command Line Interface (CLI). Using the Command Line Interface Accessing the CLI When accessing the management interface for the switch over a direct connection to the server’s console port, or via a Telnet connection, the switch can be managed by entering command keywords and parameters at the prompt.
  • Page 148 Command Line Interface To access the switch through a Telnet session, you must first set the IP address for the switch, and set the default gateway if you are managing the switch from a different IP subnet. For example, Console(config)#interface vlan 1 4-84 Console(config-if)#ip address 10.1.0.254 255.255.255.0 Console(config-if)#exit...

  • Page 149: Entering Commands

    Entering Commands Entering Commands This section describes how to enter CLI commands. Keywords and Arguments A CLI command is a series of keywords and arguments. Keywords identify a command, and arguments specify configuration parameters. For example, in the command “show interfaces status ethernet 1/5,” show interfaces and status are keywords, ethernet is an argument that specifies the interface type, and 1/5 specifies the unit/port.

  • Page 150: Showing Commands

    Command Line Interface Showing Commands If you enter a “?” at the command prompt, the system will display the first level of keywords for the current command class (Normal Exec or Privileged Exec) or configuration class (Global, ACL, Interface, Line, VLAN Database, or MSTP). You can also display a list of valid keywords for a specific command.

  • Page 151: Negating The Effect Of Commands

    Entering Commands Negating the Effect of Commands For many configuration commands you can enter the prefix keyword “no” to cancel the effect of a command or reset the configuration to the default value. For example, the logging command will log system messages to a host server. To disable logging, specify the no logging command.

  • Page 152: Configuration Commands

    Command Line Interface The system will now display the “Console#” command prompt. You can also enter Privileged Exec mode from within Normal Exec mode, by entering the enable command, followed by the privileged level password “super” (page 4-25). To enter Privileged Exec mode, enter the following user names and passwords: Username: admin Password: [admin login password] CLI session with the switch is opened.

  • Page 153: Command Line Processing

    Entering Commands To enter the other modes, at the configuration prompt type one of the following commands. Use the exit or end command to return to the Privileged Exec mode. Mode Command Prompt Page Line line {console | vty} Console(config-line)# Interface interface {ethernet port | port-channel id| vlan id} Console(config-if)# 4-91...

  • Page 154: Command Groups

    Command Line Interface Command Groups The system commands can be broken down into the functional groups shown below Command Group Description Page Line Sets communication parameters for the serial port and Telnet, including baud rate and console time-out General Basic commands for entering privileged access mode, restarting the 4-17 system, or quitting the CLI System Management...

  • Page 155: Line Commands

    Line Commands Line Commands You can access the onboard configuration program by attaching a VT100 compatible device to the server’s serial port. These commands are used to set communication parameters for the serial port or Telnet (i.e., a virtual terminal). Command Function Mode...

  • Page 156: Login

    Command Line Interface Command Usage Telnet is considered a virtual terminal connection and will be shown as “Vty” in screen displays such as show users. However, the serial communication parameters (e.g., databits) do not affect Telnet connections. Example To enter console line mode, enter the following command: Console(config)#line console Console(config-line)# Related Commands...

  • Page 157: Password

    Line Commands Example Console(config-line)#login local Console(config-line)# Related Commands username (4-24) password (4-11) password This command specifies the password for a line. Use the no form to remove the password. Syntax password {0 | 7} password no password • {0 | 7} - 0 means plain password, 7 means encrypted password •...

  • Page 158: Exec-Timeout

    Command Line Interface exec-timeout This command sets the interval that the system waits until user input is detected. Use the no form to restore the default. Syntax exec-timeout [seconds] no exec-timeout seconds - Integer that specifies the number of seconds. (Range: 0 - 65535 seconds;...

  • Page 159: Silent-Time

    Line Commands Command Usage • When the logon attempt threshold is reached, the system interface becomes silent for a specified amount of time before allowing the next logon attempt. (Use the silent-time command to set this interval.) When this threshold is reached for Telnet, the Telnet logon interface shuts down.

  • Page 160: Databits

    Command Line Interface databits This command sets the number of data bits per character that are interpreted and generated by the console port. Use the no form to restore the default value. Syntax databits {7 | 8} no databits • 7 - Seven data bits per character.

  • Page 161: Speed

    Line Commands Command Mode Line Configuration Command Usage Communication protocols provided by devices such as terminals and modems often require a specific parity bit setting. Example To specify no parity, enter this command: Console(config-line)#parity none Console(config-line)# speed This command sets the terminal line’s baud rate. This command sets both the transmit (to terminal) and receive (from terminal) speeds.

  • Page 162: Stopbits

    Command Line Interface stopbits This command sets the number of the stop bits transmitted per byte. Use the no form to restore the default setting. Syntax stopbits {1 | 2} • 1 - One stop bit • 2 - Two stop bits Default Setting 1 stop bit Command Mode...

  • Page 163: Show Line

    General Commands show line This command displays the terminal line’s parameters. Syntax show line [console | vty] • console - Console terminal line. • vty - Virtual terminal for remote console access (i.e., Telnet). Default Setting Shows all lines Command Mode Normal Exec, Privileged Exec Example To show all lines, enter this command:...

  • Page 164: Enable

    Command Line Interface enable This command activates Privileged Exec mode. In privileged mode, additional commands are available, and certain commands display additional information. See “Understanding Command Modes” on page 4-5. Syntax enable level level - Privilege level to log into the device. The device has two predefined privilege levels: 0: Normal Exec, 15: Privileged Exec.

  • Page 165: Configure

    General Commands Command Usage The “>” character is appended to the end of the prompt to indicate that the system is in normal access mode. Example Console#disable Console> Related Commands enable (4-18) configure This command activates Global Configuration mode. You must enter this mode to modify any settings on the switch.

  • Page 166: Reload

    Command Line Interface Example In this example, the show history command lists the contents of the command history buffer: Console#show history Execution command history: 2 config 1 show history Configuration command history: 4 interface vlan 1 3 exit 2 interface vlan 1 1 end Console# The ! command repeats commands from the Execution command history buffer...

  • Page 167: End

    General Commands This command returns to Privileged Exec mode. Default Setting None Command Mode Global Configuration, Interface Configuration, Line Configuration, VLAN Database Configuration, and Multiple Spanning Tree Configuration. Example This example shows how to return to the Privileged Exec mode from the Interface Configuration mode: Console(config-if)#end Console#...

  • Page 168: System Management Commands

    Command Line Interface Command Usage The quit and exit commands can both exit the configuration program. Example This example shows how to quit a CLI session: Console#quit Press ENTER to start session User Access Verification Username: System Management Commands These commands are used to control system logs, passwords, user names, browser configuration options, and display or configure a variety of other system information.

  • Page 169: Prompt

    System Management Commands prompt This command customizes the CLI prompt. Use the no form to restore the default prompt. Syntax prompt string no prompt string - Any alphanumeric string to use for the CLI prompt. (Maximum length: 255 characters) Default Setting Console Command Mode Global Configuration...

  • Page 170: User Access Commands

    Command Line Interface User Access Commands The basic commands required for management access are listed in this section. This switch also includes other options for password checking via the console or a Telnet connection (page 4-9), user authentication via a remote authentication server (page 4-60), and host access authentication for specific ports (page 4-68).

  • Page 171: Enable Password

    System Management Commands Example This example shows how the set the access level and password for a user. Console(config)#username bob access-level 15 Console(config)#username bob password 0 smith Console(config)# enable password After initially logging onto the system, you should set the Privileged Exec password. Remember to record it in a safe place.

  • Page 172: Ip Filter Commands

    Command Line Interface IP Filter Commands Command Function Mode management Configures IP addresses that are allowed management access GC 4-26 show management Displays the switch to be monitored or configured from a 4-27 browser management This command specifies the client IP addresses that are allowed management access to the switch through various protocols.

  • Page 173: Show Management

    System Management Commands Example This example restricts management access to the indicated addresses. Console(config)#management all-client 192.168.1.19 Console(config)#management all-client 192.168.1.25 192.168.1.30 Console# show management This command displays the client IP addresses that are allowed management access to the switch through various protocols. Syntax show management {all-client | http-client | snmp-client | telnet-client} •...

  • Page 174: Web Server Commands

    Command Line Interface Web Server Commands Command Function Mode ip http port Specifies the port to be used by the Web browser interface 4-28 ip http server Allows the switch to be monitored or configured from a browser GC 4-28 ip http secure-server Enables HTTPS/SSL for encrypted communications 4-29...

  • Page 175: Ip Http Secure-Server

    System Management Commands Command Mode Global Configuration Example Console(config)#ip http server Console(config)# Related Commands ip http port (4-28) ip http secure-server This command enables the secure hypertext transfer protocol (HTTPS) over the Secure Socket Layer (SSL), providing secure access (i.e., an encrypted connection) to the switch’s Web interface.

  • Page 176: Ip Http Secure-Port

    Command Line Interface Example Console(config)#ip http secure-server Console(config)# Related Commands ip http secure-port (4-30) copy tftp https-certificate (4-55) ip http secure-port This command specifies the UDP port number used for HTTPS/SSL connection to the switch’s Web interface. Use the no form to restore the default port. Syntax ip http secure-port port_number no ip http secure-port...

  • Page 177: Secure Shell Commands

    System Management Commands Command Mode Global Configuration Example Console#config Console(config)#ip telnet server Console(config-line)# Secure Shell Commands The Berkley-standard includes remote access tools originally designed for Unix systems. Some of these tools have also been implemented for Microsoft Windows and other environments. These tools, including commands such as rsh (remote shell), and rexec (remote execute), are not secure from hostile attacks.

  • Page 178: Ip Ssh Timeout

    Command Line Interface Default Setting Disabled Command Mode Global Configuration Command Usage • The SSH server supports up to four client sessions. The maximum number of client sessions includes both current Telnet sessions and SSH sessions. • The SSH server uses DSA or RSA for key exchange when the client first establishes a connection with the switch, and then negotiates with the client to select either DES (56-bit) or 3DES (168-bit) for data encryption.

  • Page 179: Ip Ssh Authentication-Retries

    System Management Commands Example Console(config)#ip ssh timeout 60 Console(config)# Related Commands exec-timeout (4-12) show ip ssh (4-34) ip ssh authentication-retries Use this command to configure the number of times the SSH server attempts to reauthenticate a user. Use the no form to restore the default setting. Syntax ip ssh authentication-retries count no ip ssh authentication-retries...

  • Page 180: Show Ip Ssh

    Command Line Interface Example Console#disconnect ssh 0 Console# show ip ssh Use this command to display the connection settings used when authenticating client access to the SSH server. Command Mode Privileged Exec Example Console#show ip ssh Information of secure shell SSH status: enable SSH authentication timeout: 120 SSH authentication retries: 3...

  • Page 181: Event Logging Commands

    System Management Commands Event Logging Commands Command Function Mode logging on Controls logging of error messages 4-35 logging history Limits syslog messages saved to switch memory based on 4-36 severity logging host Adds a syslog server host IP address that will receive logging 4-37 messages logging facility...

  • Page 182: Logging History

    Command Line Interface logging history This command limits syslog messages saved to switch memory based on severity. The no form returns the logging of syslog messages to the default level. Syntax logging history {flash | ram} level no logging history {flash | ram} •...

  • Page 183: Logging Host

    System Management Commands logging host This command adds a syslog server host IP address that will receive logging messages. Use the no form to remove a syslog server host. Syntax [no] logging host host_ip_address host_ip_address - The IP address of a syslog server. Default Setting None Command Mode...

  • Page 184: Logging Trap

    Command Line Interface Example Console(config)#logging facility 19 Console(config)# logging trap This command limits syslog messages saved to a remote server based on severity. Use the no form to return the remote logging of syslog messages to the default level. Syntax [no] logging trap level level - One of the level arguments listed below.

  • Page 185: Show Logging

    System Management Commands show logging This command displays the logging configuration, along with any system and event messages stored in memory. Syntax show logging {flash | ram | sendmail | trap} • flash - Event history stored in flash memory (i.e., permanent memory). •...

  • Page 186: Smtp Alert Commands

    Command Line Interface The following example displays settings for the trap function. Console#show logging trap Syslog logging: Enable REMOTELOG status: disable REMOTELOG facility type: local use 7 REMOTELOG level type: Debugging messages REMOTELOG server IP address: 1.2.3.4 REMOTELOG server IP address: 0.0.0.0 REMOTELOG server IP address: 0.0.0.0 REMOTELOG server IP address: 0.0.0.0 REMOTELOG server IP address: 0.0.0.0...

  • Page 187: Logging Sendmail Host

    System Management Commands logging sendmail host This command specifies SMTP servers that will be sent alert messages. Use the no form to remove an SMTP server. Syntax [no] logging sendmail host ip_address ip_address - IP address of an SMTP server that will be sent alert messages for event handling.

  • Page 188: Logging Sendmail Source-Email

    Command Line Interface Command Usage The specified level indicates an event threshold. All events at this level or higher will be sent to the configured email recipients. (For example, using Level 7 will report all events from level 7 to level 0.) Example This example will send email alerts for system errors from level 3 through 0.

  • Page 189: Logging Sendmail

    System Management Commands Command Mode Global Configuration Command Usage You can specify up to five recipients for alert messages. However, you must enter a separate command to specify each recipient. Example Console(config)#logging sendmail destination-email ted@this-company.com Console(config)# logging sendmail This command enables SMTP event handling. Use the no form to disable this function.

  • Page 190: Time Commands

    Command Line Interface Example Console#show logging sendmail SMTP servers ----------------------------------------------- 192.168.1.19 SMTP minimum severity level: 7 SMTP destination email addresses ----------------------------------------------- ted@this-company.com SMTP source email address: bill@this-company.com SMTP status: Enable Console# Time Commands The system clock can be dynamically set by polling a set of specified time servers (NTP or SNTP), or by using information broadcast by local time servers.

  • Page 191: Sntp Server

    System Management Commands Command Usage • The time acquired from time servers is used to record accurate dates and times for log events. Without SNTP, the switch only records the time starting from the factory default set at the last bootup (e.g., 00:00:00, Jan.

  • Page 192: Sntp Poll

    Command Line Interface Command Usage This command specifies time servers from which the switch will poll for time updates when set to SNTP client mode. The client will poll the time servers in the order specified until a response is received. It issues time synchronization requests based on the interval set via the sntp poll command.

  • Page 193: Sntp Broadcast Client

    System Management Commands sntp broadcast client This command synchronizes the switch’s clock based on time broadcast from time servers (using the multicast address 224.0.1.1). Use the no form to disable SNTP broadcast client mode. Syntax [no] sntp broadcast client Default Setting Disabled Command Mode Global Configuration...

  • Page 194: Clock Timezone

    Command Line Interface clock timezone This command sets the time zone for the switch’s internal clock. Syntax clock timezone name hour hours minute minutes {before-utc | after-utc} • name - Name of time zone, usually an acronym. (Range: 1-29 characters) •...

  • Page 195: Show Calendar

    System Management Commands Default Setting None Command Mode Privileged Exec Example This example shows how to set the system clock to 15:12:34, February 1st, 2002. Console#calendar set 15:12:34 1 February 2002 Console# show calendar This command displays the system clock. Default Setting None Command Mode...
  • Page 196 Command Line Interface Command Mode Privileged Exec Command Usage • Use this command in conjunction with the show running-config command to compare the information in running memory to the information stored in non-volatile memory. • This command displays settings for key command modes. Each mode group is separated by “!”...

  • Page 197: Show Running-Config

    System Management Commands Example Console#show startup-config building startup-config, please wait..username admin access-level 15 username admin password 0 admin username guest access-level 0 username guest password 0 guest enable password level 15 0 super snmp-server community public ro snmp-server community private rw vlan database vlan 1 name DefaultVlan media ethernet state active spanning-tree mst-configuration...
  • Page 198 Command Line Interface Command Usage • Use this command in conjunction with the show startup-config command to compare the information in running memory to the information stored in non-volatile memory. • This command displays settings for key command modes. Each mode group is separated by “!”...

  • Page 199: Show System

    System Management Commands Related Commands show startup-config (4-49) show system This command displays system information. Default Setting None Command Mode Normal Exec, Privileged Exec Command Usage • For a description of the items shown by this command, refer to “Displaying System Information”...

  • Page 200: Show Version

    Command Line Interface Command Mode Normal Exec, Privileged Exec Command Usage The session used to execute this command is indicated by a “*” symbol next to the Line (i.e., session) index number. Example Console#show users Username accounts: Username Privilege Public-Key -------- --------- ---------- admin None...

  • Page 201: Flash/File Commands

    Flash/File Commands Flash/File Commands These commands are used to manage the system code or configuration files. Command Function Mode Page copy Copies a code image or a switch configuration to or from flash 4-55 memory or a TFTP server delete Deletes a file or code image 4-57 Displays a list of files in flash memory...
  • Page 202 Command Line Interface Command Usage • The system prompts for data required to complete the copy command. • The destination file name should not contain slashes (\ or /), the leading letter of the file name should not be a period (.), and the maximum length for file names on the TFTP server is 127 characters or 31 characters for files on the switch.

  • Page 203: Delete

    Flash/File Commands The following example shows how to download a configuration file: Console#copy tftp startup-config TFTP server ip address: 10.1.0.99 Source configuration file name: startup.01 Startup configuration file name [startup]: Write to FLASH Programming. \Write to FLASH finish. Success. Console# This example shows how to copy a secure-site certificate from an TFTP server.

  • Page 204: Dir

    Command Line Interface This command displays a list of files in flash memory. Syntax dir [boot-rom | config | opcode [:filename]] The type of file or image to display includes: • boot-rom - Boot ROM (or diagnostic) image file. • config - Switch configuration file.

  • Page 205: Whichboot

    Flash/File Commands whichboot This command displays which files were booted when the system powered up. Default Setting None Command Mode Privileged Exec Example This example shows the information displayed by the whichboot command. See the table under the dir command for a description of the file information displayed by this command.

  • Page 206: Authentication Commands

    Command Line Interface Related Commands dir (4-58) whichboot (4-59) Authentication Commands You can configure this switch to authenticate users logging into the system for management access using local or RADIUS authentication methods. You can also enable port-based authentication for network client access using IEEE 802.1x. Command Group Function Page...

  • Page 207: Radius Client

    Authentication Commands • RADIUS and TACACS+ logon authentication assigns a specific privilege level for each user name and password pair. The user name, password, and privilege level must be configured on the authentication server. • You can specify three authentication methods in a single command to indicate the authentication sequence.

  • Page 208: Radius-Server Port

    Command Line Interface Command Mode Global Configuration Example Console(config)#radius-server host 192.168.1.25 Console(config)# radius-server port This command sets the RADIUS server network port. Use the no form to restore the default. Syntax radius-server port port_number no radius-server port port_number - RADIUS server UDP port used for authentication messages. (Range: 1-65535) Default Setting 1812...

  • Page 209: Radius-Server Retransmit

    Authentication Commands Example Console(config)#radius-server key green Console(config)# radius-server retransmit This command sets the number of retries. Use the no form to restore the default. Syntax radius-server retransmit number_of_retries no radius-server retransmit number_of_retries - Number of times the switch will try to authenticate logon access via the RADIUS server.

  • Page 210: Show Radius-Server

    Command Line Interface show radius-server This command displays the current settings for the RADIUS server. Default Setting None Command Mode Privileged Exec Example Console#show radius-server Server IP address: 10.1.0.1 Communication key with radius server: Server port number: 1812 Retransmit times: 2 Request timeout: 5 Console# TACACS+ Client...

  • Page 211: Tacacs-Server Port

    Authentication Commands Example Console(config)#tacacs-server host 192.168.1.25 Console(config)# tacacs-server port This command specifies the TACACS+ server network port. Use the no form to restore the default. Syntax tacacs-server port port_number no tacacs-server port port_number - TACACS+ server TCP port used for authentication messages.

  • Page 212: Show Tacacs-Server

    Command Line Interface Example Console(config)#tacacs-server key green Console(config)# show tacacs-server This command displays the current settings for the TACACS+ server. Default Setting None Command Mode Privileged Exec Example Console#show tacacs-server Remote TACACS server configuration: Server IP address: 10.11.12.13 Communication key with radius server: green Server port number: 49 Console# Port Security Commands...

  • Page 213: Port Security

    Authentication Commands port security This command enables or configures port security. Use the no form without any keywords to disable port security. Use the no form with the appropriate keyword to restore the default settings for a response to security violation or for the maximum number of allowed addresses.

  • Page 214: 802.1X Port Authentication

    Command Line Interface Example The following example enables port security for port 5, and sets the response to a security violation to issue a trap message: Console(config)#interface ethernet 1/5 Console(config-if)#port security action trap Related Commands shutdown (4-89) mac-address-table static (4-122) show mac-address-table (4-123) 802.1x Port Authentication The switch supports IEEE 802.1x (dot1x) port-based access control that prevents...

  • Page 215: Dot1X Default

    Authentication Commands Default Setting RADIUS Command Mode Global Configuration Example Console(config)#authentication dot1x default radius Console(config)# dot1x default This command sets all configurable dot1x global and port settings to their default values. Syntax dot1x default Command Mode Global Configuration Example Console(config)#dot1x default Console(config)# dot1x max-req This command sets the maximum number of times the switch port will retransmit an...

  • Page 216: Dot1X Port-Control

    Command Line Interface dot1x port-control This command sets the dot1x mode on a port interface. Use the no form to restore the default. Syntax dot1x port-control {auto | force-authorized | force-unauthorized} no dot1x port-control • auto – Requires a dot1x-aware connected client to be authorized by the RADIUS server.

  • Page 217: Dot1X Re-Authenticate

    Authentication Commands Example Console(config)#interface eth 1/2 Console(config-if)#dot1x operation-mode multi-host max-count 10 Console(config-if)# dot1x re-authenticate This command forces re-authentication on all ports or a specific interface. Syntax dot1x re-authenticate interface interface • ethernet unit/port - unit - This is device 1. - port - Port number.

  • Page 218: Dot1X Timeout Re-Authperiod

    Command Line Interface Default 60 seconds Command Mode Global Configuration Example Console(config)#dot1x timeout quiet-period 350 Console(config)# dot1x timeout re-authperiod This command sets the time period after which a connected client must be re-authenticated. Syntax dot1x timeout re-authperiod seconds no dot1x timeout re-authperiod seconds - The number of seconds.

  • Page 219: Show Dot1X

    Authentication Commands Example Console(config)#dot1x timeout tx-period 300 Console(config)# show dot1x This command shows general port authentication related settings on the switch or a specific interface. Syntax show dot1x [statistics] [interface interface] interface • ethernet unit/port - unit - This is device 1. - port - Port number.
  • Page 220 Command Line Interface • Authenticator State Machine - State– Current state (including initialize, disconnected, connecting, authenticating, authenticated, aborting, held, force_authorized, force_unauthorized). - Reauth Count– Number of times connecting state is re-entered. • Backend State Machine - State – Current state (including request, response, success, fail, timeout, idle, initialize).
  • Page 221 Authentication Commands Example Console#show dot1x Global 802.1X Parameters reauth-enabled: yes reauth-period: quiet-period: tx-period: supp-timeout: server-timeout: 30 reauth-max: max-req: 802.1X Port Summary Port Name Status Mode Authorized disabled ForceAuthorized disabled ForceAuthorized disabled ForceAuthorized enabled Auto 802.1X Port Details 802.1X is disabled on port 1 802.1X is enabled on port 26 Max request Quiet period...

  • Page 222: Snmp Commands

    Command Line Interface SNMP Commands SNMP Commands control access to this switch from management stations using the Simple Network Management Protocol (SNMP), as well as the error types sent to trap managers. Command Function Mode Page snmp-server community Sets up the community access string to permit access to 4-76 SNMP commands snmp-server contact...

  • Page 223: Snmp-Server Contact

    SNMP Commands Example Console(config)#snmp-server community alpha rw Console(config)# snmp-server contact This command sets the system contact string. Use the no form to remove the system contact information. Syntax snmp-server contact string no snmp-server contact string - String that describes the system contact information. (Maximum length: 255 characters) Default Setting None...

  • Page 224: Snmp-Server Host

    Command Line Interface Example Console(config)#snmp-server location WC-19 Console(config)# Related Commands snmp-server contact (4-77) snmp-server host This command specifies the recipient of a Simple Network Management Protocol notification operation. Use the no form to remove the specified host. Syntax snmp-server host host-addr community-string [version {1 | 2c}] no snmp-server host host-addr •...

  • Page 225: Snmp-Server Enable Traps

    SNMP Commands Example Console(config)#snmp-server host 10.1.19.23 batman Console(config)# Related Commands snmp-server enable traps (4-79) snmp-server enable traps This command enables this device to send Simple Network Management Protocol traps (SNMP notifications). Use the no form to disable SNMP notifications. Syntax [no] snmp-server enable traps [authentication | link-up-down] •...

  • Page 226: Snmp Ip Filter

    Command Line Interface snmp ip filter This command sets the IP addresses of clients that are allowed management access to the switch via SNMP. Use the no form the remove an IP address. Syntax [no] snmp ip filter ip_address subnet_mask •...

  • Page 227: Show Snmp

    SNMP Commands show snmp This command checks the status of SNMP communications. Default Setting None Command Mode Normal Exec, Privileged Exec Command Usage This command provides information on the community access strings, counter information for SNMP input and output protocol data units, and whether or not SNMP logging has been enabled with the snmp-server enable traps command.

  • Page 228: Dhcp Commands

    Command Line Interface DHCP Commands These commands are used to configure Dynamic Host Configuration Protocol (DHCP) client. You can configure any VLAN interface to be automatically assigned an IP address via DHCP. DHCP Client Command Function ip dhcp client-identifier Specifies the DHCP client identifier for this switch 4-82 ip dhcp restart client Submits a BOOTP or DHCP client request...

  • Page 229: Ip Dhcp Restart Client

    DHCP Commands ip dhcp restart client This command submits a BOOTP or DHCP client request. Default Setting None Command Mode Privileged Exec Command Usage • This command issues a BOOTP or DHCP client request for any IP interface that has been set to BOOTP or DHCP mode via the ip address command. •...

  • Page 230: Interface Commands

    Command Line Interface Interface Commands These commands are used to display or set communication parameters for an Ethernet port, aggregated link, or VLAN. Command Function Mode Page interface Configures an interface type and enters interface configuration 4-84 mode description Adds a description to an interface configuration 4-85 speed-duplex Configures the speed and duplex operation of a given interface...

  • Page 231: Description

    Interface Commands Command Mode Global Configuration Example To specify port 24, enter the following command: Console(config)#interface ethernet 1/24 Console(config-if)# description This command adds a description to an interface. Use the no form to remove the description. Syntax description string no description string - Comment or a description to help you remember what is attached to this interface.

  • Page 232: Negotiation

    Command Line Interface Default Setting • Auto-negotiation is enabled by default. • When auto-negotiation is disabled, the default speed-duplex setting is 100half for 100BASE-TX ports and 1000full for Gigabit Ethernet ports. Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage •...

  • Page 233: Capabilities

    Interface Commands Command Usage • When auto-negotiation is enabled the switch will negotiate the best settings for a link based on the capabilities command. When auto-negotiation is disabled, you must manually specify the link attributes with the speed-duplex and flowcontrol commands. •...

  • Page 234: Flowcontrol

    Command Line Interface Command Usage When auto-negotiation is enabled with the negotiation command, the switch will negotiate the best settings for a link based on the capabilities command. When auto-negotiation is disabled, you must manually specify the link attributes with the speed-duplex and flowcontrol commands. Example The following example configures Ethernet port 5 capabilities to 100half, 100full and flow control.

  • Page 235: Shutdown

    Interface Commands Example The following example enables flow control on port 5. Console(config)#interface ethernet 1/5 Console(config-if)#flowcontrol Console(config-if)#no negotiation Console(config-if)# Related Commands negotiation (4-86) capabilities (4-87) shutdown This command disables an interface. To restart a disabled interface, use the no form. Syntax [no] shutdown Default Setting...

  • Page 236: Clear Counters

    Command Line Interface Default Setting Enabled for all ports Packet-rate limit: 500 packets per second Command Mode Interface Configuration (Ethernet) Command Usage • When broadcast traffic exceeds the specified threshold, packets above that threshold are dropped. • This command can enable or disable broadcast storm control for the selected interface.

  • Page 237: Show Interfaces Status

    Interface Commands Example The following example clears statistics on port 5. Console#clear counters ethernet 1/5 Console# show interfaces status This command displays the status for an interface. Syntax show interfaces status [interface] interface • ethernet unit/port - unit - This is device 1. - port - Port number.

  • Page 238: Show Interfaces Counters

    Command Line Interface Example Console#show interfaces status ethernet 1/1 Information of Eth 1/1 Basic information: Port type: 100TX-EFM Mac address: 00-01-00-02-00-04 Configuration: Name: Port admin: Up Speed-duplex: Auto Capabilities: 10half, 10full, 100half, 100full, Broadcast storm: Enabled Broadcast storm limit: 650 packets/second Flow control: Disabled Lacp: Disabled Port security: Disabled...

  • Page 239: Show Interfaces Switchport

    Interface Commands Example Ethernet 1/ 1 Iftable stats: Octets input: 113404, Octets output: 742007 Unicast input: 739, Unicast output: 836 Discard input: 0, Discard output: 0 Error input: 0, Error output: 0 Unknown protos input: 0, QLen output: 0 Extended iftable stats: Multi-cast input: 482, Multi-cast output: 9 Broadcast input: 38, Broadcast output: 0 Ether-like stats:...
  • Page 240 Command Line Interface Command Usage If no interface is specified, information on all interfaces is displayed. Example This example shows the configuration setting for port 2. Console#show interfaces switchport ethernet 1/2 Information of Eth 1/2 Broadcast threshold: Enabled, 650 packets/second Lacp status: Disabled Ingress rate limit: disable,100M bits per second Egress rate limit: disable,100M bits per second...

  • Page 241: Mirror Port Commands

    Mirror Port Commands Mirror Port Commands This section describes how to mirror traffic from a source port to a target port. Command Function Mode Page port monitor Configures a mirror session 4-95 show port monitor Shows the configuration for a mirror port 4-96 port monitor This command configures a mirror session.

  • Page 242: Show Port Monitor

    Command Line Interface Example The following example configures the switch to mirror all packets from port 6 to 11: Console(config)#interface ethernet 1/11 Console(config-if)#port monitor ethernet 1/6 both Console(config-if)# show port monitor This command displays mirror information. Syntax show port monitor [interface] interface - ethernet unit/port (source port) •...

  • Page 243: Rate Limit Commands

    Rate Limit Commands Rate Limit Commands This function allows the network manager to control the maximum rate for traffic transmitted or received on an interface. Rate limiting is configured on interfaces at the edge of a network to limit traffic into or out of the network. Traffic that falls within the rate limit is transmitted, while packets that exceed the acceptable amount of traffic are dropped.

  • Page 244: Link Aggregation Commands

    Command Line Interface Link Aggregation Commands Ports can be statically grouped into an aggregate link (i.e., trunk) to increase the bandwidth of a network connection or to ensure fault recovery. Or you can use the Link Aggregation Control Protocol (LACP) to automatically negotiate a trunk link between this switch and another network device.

  • Page 245: Channel-Group

    Link Aggregation Commands • However, if the port channel admin key is set, then the port admin key must be set to the same value for a port to be allowed to join a channel group. • If a link goes down, LACP port priority is used to select the backup link. channel-group This command adds a port to a trunk.
  • Page 246 Command Line Interface Command Usage • The ports on both ends of an LACP trunk must be configured for full duplex, either by forced mode or auto-negotiation. • A trunk formed with another switch using LACP will automatically be assigned the next available port-channel ID.

  • Page 247: Vdsl Commands

    VDSL Commands VDSL Commands These commands are used to to configure and display communication parameters for VDSL and Ethernet ports on the switch and connected CPEs. Command Function Page efm profile global Batch assigns profiles for speed to all the VDSL ports on the 4-102 switch efm profile...

  • Page 248: Efm Profile Global

    Command Line Interface efm profile global Use this command to batch assign profiles for speed to all the VDSL ports on the switch. Syntax efm profile global profile name profile name - Name of the profile. Default Setting Default Profile Command Mode Global Configuration Command Usage...

  • Page 249: Efm Profile

    VDSL Commands 2. A suffix of “A” in the profile name (e.g., S2-16-16A) indicates that this profile is for both VDSL and ADSL lines in a bundle. Profiles without a suffix of “A” in the profile name (e.g., S1-16-16) are for VDSL lines only. 3.

  • Page 250: Efm Reset

    Command Line Interface Example The following example assigns EFM profile S1-16-16 to VDSL port 1. Console#config Console(config)#interface ethernet 1/1 Console(config-if)#efm profile S1-16-16 Console(config-if)# Related Commands efm profile global (4-102) efm reset Use this command to reset the switch VDSL chipset or, if a CPE is connected, the CPE VDSL chipset.

  • Page 251: Efm Rdl

    VDSL Commands Command Mode Interface Configuration Command Usage Use this command to disable the VDSL chipset transmitter of a VDSL port that is not connected to a working CPE. In some unusual circumstances, the power emitted by VDSL ports can affect other VDSL ports. It is recommended that ports that are not wired to CPEs be shut down in this way.

  • Page 252: Efm Interleave

    Command Line Interface efm interleave This command sets the interleave parameters for the selected VDSL port. Syntax efm interleave [downstream M value] [upstream M value] [downstream I value] [upstream I value] no efm interleave • M value – M is the interleaving depth index. Range: 0-64 •...

  • Page 253: Efm Noise-Margin

    VDSL Commands efm noise-margin This command sets the noise margin of the selected VDSL port. Use the no form of this command to disable this feature. Syntax efm noise-margin [downstream noise margin] [upstream noise margin] no efm noise-margin • downstream noise margin - A measure of the amount of noise that the downstream VDSL line can tolerate before the signal is affected.

  • Page 254: Efm Rate-Adapt

    Command Line Interface Profile Name Theoretical Minimum Signal-to-Noise Ratio (dB) A6-22-3A A7-40-5A Not Used A8-46-7A TLAN Max-Rate Example The following example configures VDSL port 1 with an upstream noise margin of 6, and a downstream noise margin of 6. Console(config)#interface ethernet 1/1 Console(config-if)#efm noise-margin 6 6 Console(config-if)#end Related Commands...

  • Page 255: Efm Pbo

    VDSL Commands efm pbo This command enables and disables power back-off on the selected VDSL port. Syntax [no] efm pbo Default Setting Enabled Command Mode Interface Configuration Command Usage If PBO is enabled, the power of transmission from the port will automatically be adjusted to ensure that the signal successfully reaches the receive port.

  • Page 256: Related Commands

    Command Line Interface Example Console#show controllers ethernet-controller ethernet 1/2 Ethernet 1/2 : EFM PHY on Switch: Transmit 9671624 Bytes Transmitted 8487 Frames Transmitted 0 Pause frames 0 Single Collision Frames 0 Multiple collisions 0 Late collisions 0 Excessive collisions 0 Deferred frames 0 Carrier sense errors Receive 1406434 Bytes Received...

  • Page 257: Show Controllers Efm Actual

    VDSL Commands show controllers efm actual Use this command to display the current values of the VDSL link on a specific VDSL port. Syntax show controllers efm interface-id actual {dsrserrs | usrserrs | txpower | rxpower | snr | link} •...

  • Page 258: Show Controllers Efm Admin

    Command Line Interface Related Commands show controllers efm admin (4-112) show controllers efm profile (4-112) show controllers efm admin Use this command to display the actual values of the VDSL link on a specific VDSL port. Syntax show controllers efm interface-id admin {dsrate | usrate} •...

  • Page 259: Privileged Exec

    VDSL Commands Command Mode Privileged EXEC Command Usage See efm profile global (4-102) for the VDSL profiles shipped with the switch, and for the their upstream and downstream data rates. Examples This example displays VDSL profiles and link status for the switch’s VDSL ports. Console#show controllers efm profile mapping Interface Port Profile...

  • Page 260: Show Controllers Efm Status

    Command Line Interface show controllers efm status Use this command to display the VDSL link statistics and profile information on a specific VDSL port including link state, link duration, data rates, power levels, signal-to-noise ratio, and Reed-Solomon errors. Syntax show controllers efm status {link | profile} interface-id •...

  • Page 261: Show Controllers Efm Remote Ethernet Mode

    VDSL Commands This example displays the link status, uptime, profile name, downstream and upstream rates, and the number of link failures for the switch’s VDSL ports. Interface Link Uptime Profile Name DSRate USRate Fail ------------- ---- -------- -------------------- ------ ------ ---- Ethernet 1/1 0:38:30...

  • Page 262: Show Controllers Efm-Noise-Margin

    Command Line Interface show controllers efm-noise-margin This command displays the noise margin for the switch’s VDSL ports. Syntax show controllers efm noise-margin Default Setting Default: 0 dBm Command Mode Privileged EXEC Example This example displays the downstream (DS) and upstream (US) noise-margin for the switch’s VDSL ports.

  • Page 263: Show Controllers Efm Channel-Performance

    VDSL Commands show controllers efm channel-performance This command displays the channel performance for the channels in a VDSL line. For details see “Displaying VDSL Interface Information” on page 3-66. Syntax show controllers efm channel-performance {vtu-r | vtu-c} [fast | slow] [interface] {15-minutes | 1-day} •...

  • Page 264: Show Controllers Efm Phy-Table

    Command Line Interface Example Console#show controllers efm line-table VDSL_LINE_ENTRY : Ethernet 1/1 Line Coding Ethernet 1/1 Line Type Ethernet 1/1 Line Config Profile DEFVAL Ethernet 1/1 Line Alarm Config Profile DEFVAL VDSL_LINE_ENTRY : Ethernet 1/12 Line Coding Ethernet 1/12 Line Type Ethernet 1/12 Line Config Profile DEFVAL...

  • Page 265: Show Controllers Efm Channel-Table

    VDSL Commands Command Mode Privileged EXEC Example Console#show controllers efm phy-table vtu-c 1/1 VDSL_PHYS_ENTRY : Ethernet 1/1 Serial Number Ethernet 1/1 Vendor ID ACCTON Ethernet 1/1 Version Number Ethernet 1/1 Current Signal to Noise Ratio Margin Ethernet 1/1 Current Attenuation Ethernet 1/1 Current Status Ethernet 1/1...

  • Page 266: Show Controllers Efm Current-Performance

    Command Line Interface show controllers efm current-performance Use this command to display line and channel performance data information for the current 15 minute interval, and for the current day. Syntax show controllers efm current-performance {vtu-r | vtu-c} [interface] • vtu-r – VTU (VDSL Transceiver Unit) at the remote end of the line •...
  • Page 267 VDSL Commands Example Console#show controllers efm current-performance vtu-c 1/1 VDSL_PERF_DATA_ENTRY : Ethernet 1/1 Loss of Framing Ethernet 1/1 Loss of Signal Ethernet 1/1 Loss of Power Ethernet 1/1 Loss of Link Ethernet 1/1 Errored Seconds Ethernet 1/1 Severely Errored Seconds Ethernet 1/1 Unavailable Seconds Ethernet 1/1...

  • Page 268: Address Table Commands

    Command Line Interface Address Table Commands These commands are used to configure the address table for filtering specified addresses, displaying current entries, clearing the table, or setting the aging time. Command Function Mode Page mac-address-table static Maps a static address to a port in a VLAN 4-122 clear mac-address-table Removes any learned entries from the forwarding database PE...

  • Page 269: Clear Mac-Address-Table Dynamic

    Address Table Commands • Static addresses are bound to the assigned interface and will not be moved. When a static address is seen on another interface, the address will be ignored and will not be written to the address table. •...

  • Page 270: Mac-Address-Table Aging-Time

    Command Line Interface Command Usage • The MAC Address Table contains the MAC addresses associated with each interface. Note that the Type field may include the following types: • Learned - Dynamic address entries • Permanent - Static entry • Delete-on-reset - Static entry to be deleted when system is reset •...

  • Page 271: Show Mac-Address-Table Aging-Time

    Spanning Tree Commands show mac-address-table aging-time This command shows the aging time for entries in the address table. Default Setting None Command Mode Privileged Exec Example Console#show mac-address-table aging-time Aging time: 300 sec. Console# Spanning Tree Commands This section includes commands that configure the Spanning Tree Algorithm (STA) globally for the switch, and commands that configure STA for the selected interface.

  • Page 272: Spanning-Tree

    Command Line Interface spanning-tree This command enables the Spanning Tree Algorithm globally for the switch. Use the no form to disable it. Syntax [no] spanning-tree Default Setting Spanning tree is enabled. Command Mode Global Configuration Command Usage The Spanning Tree Algorithm (STA) can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers.

  • Page 273: Spanning-Tree Forward-Time

    Spanning Tree Commands • Rapid Spanning Tree Protocol RSTP supports connections to either STP or RSTP nodes by monitoring the incoming protocol messages and dynamically adjusting the type of protocol messages the RSTP node transmits, as described below: - STP Mode – If the switch receives an 802.1D BPDU after a port’s migration delay timer expires, the switch assumes it is connected to an 802.1D bridge and starts using only 802.1D BPDUs.

  • Page 274: Spanning-Tree Hello-Time

    Command Line Interface Example Console(config)#spanning-tree forward-time 20 Console(config)# spanning-tree hello-time This command configures the spanning tree bridge hello time globally for this switch. Use the no form to restore the default. Syntax spanning-tree hello-time time no spanning-tree hello-time time - Time in seconds. (Range: 1-10 seconds). The maximum value is the lower of 10 or [(max-age / 2) -1].

  • Page 275: Spanning-Tree Priority

    Spanning Tree Commands Command Usage This command sets the maximum time (in seconds) a device can wait without receiving a configuration message before attempting to reconfigure. All device ports (except for designated ports) should receive configuration messages at regular intervals. Any port that ages out STA information (provided in the last configuration message) becomes the designated port for the attached LAN.

  • Page 276: Spanning-Tree Pathcost Method

    Command Line Interface spanning-tree pathcost method This command configures the path cost method used for Rapid Spanning Tree. Use the no form to restore the default. Syntax spanning-tree pathcost method {long | short} no spanning-tree pathcost method • long - Specifies 32-bit based values that range from 1-200,000,000. •...

  • Page 277: Spanning-Tree Cost

    Spanning Tree Commands Example Console(config)#spanning-tree transmission-limit 4 Console(config)# spanning-tree cost This command configures the spanning tree path cost for the specified interface. Use the no form to restore the default. Syntax spanning-tree cost cost no spanning-tree cost cost - The path cost for the port. (Range: 1-200,000,000)) The recommended range is: •...

  • Page 278: Spanning-Tree Port-Priority

    Command Line Interface spanning-tree port-priority This command configures the priority for the specified interface. Use the no form to restore the default. Syntax spanning-tree port-priority priority no spanning-tree port-priority priority - The priority for a port. (Range: 0-240, in steps of 16) Default Setting Command Mode Interface Configuration (Ethernet, Port Channel)

  • Page 279: Spanning-Tree Portfast

    Spanning Tree Commands Command Usage • You can enable this option if an interface is attached to a LAN segment that is at the end of a bridged LAN or to an end node. Since end nodes cannot cause forwarding loops, they can pass directly through to the spanning tree forwarding state.

  • Page 280: Spanning-Tree Link-Type

    Command Line Interface Example Console(config)#interface ethernet 1/5 Console(config-if)#bridge-group 1 portfast Console(config-if)# Related Commands spanning-tree edge-port (4-132) spanning-tree link-type This command configures the link type for Rapid Spanning Tree. Use the no form to restore the default. Syntax spanning-tree link-type {auto | point-to-point | shared} no spanning-tree link-type •...

  • Page 281: Spanning-Tree Protocol-Migration

    Spanning Tree Commands spanning-tree protocol-migration This command re-checks the appropriate BPDU format to send on the selected interface. Syntax spanning-tree protocol-migration interface interface • ethernet unit/port - unit - This is device 1. - port - Port number. • port-channel channel-id (Value: 1) Command Mode Privileged Exec Command Usage...
  • Page 282 Command Line Interface Command Usage • Use the show spanning-tree command with no parameters to display the spanning tree configuration for the switch and for every interface in the tree. • Use the show spanning-tree interface command to display the spanning tree configuration for an interface.

  • Page 283: Vlan Commands

    VLAN Commands VLAN Commands A VLAN is a group of ports that can be located anywhere in the network, but communicate as though they belong to the same physical segment. This section describes commands used to create VLAN groups, add port members, specify how VLAN tagging is used, and enable automatic VLAN registration for the selected interface.

  • Page 284: Vlan

    Command Line Interface Example Console(config)#vlan database Console(config-vlan)# Related Commands show vlan (4-143) vlan This command configures a VLAN. Use the no form to restore the default settings or delete a VLAN. Syntax vlan vlan-id [name vlan-name] media ethernet [state {active | suspend}] no vlan vlan-id [name | state] •...

  • Page 285: Configuring Vlan Interfaces

    VLAN Commands Configuring VLAN Interfaces Command Function Mode Page interface vlan Enters interface configuration mode for a specified VLAN 4-139 switchport mode Configures VLAN membership mode for an interface 4-140 switchport Configures frame types to be accepted by an interface 4-140 acceptable-frame-types switchport ingress-filtering...

  • Page 286: Switchport Mode

    Command Line Interface switchport mode This command configures the VLAN membership mode for a port. Use the no form to restore the default. Syntax switchport mode {trunk | hybrid} no switchport mode • trunk - Specifies a port as an end-point for a VLAN trunk. A trunk is a direct link between two switches, so the port transmits tagged frames that identify the source VLAN.

  • Page 287: Switchport Ingress-Filtering

    VLAN Commands Command Usage When set to receive all frame types, any received frames that are untagged are assigned to the default VLAN. Example The following example shows how to restrict the traffic received on port 1 to tagged frames: Console(config)#interface ethernet 1/1 Console(config-if)#switchport acceptable-frame-types tagged Console(config-if)#...

  • Page 288: Switchport Native Vlan

    Command Line Interface switchport native vlan This command configures the PVID (i.e., default VLAN ID) for a port. Use the no form to restore the default. Syntax switchport native vlan vlan-id no switchport native vlan vlan-id - Default VLAN ID for a port. (Range: 1-4093, no leading zeroes) Default Setting VLAN 1 Command Mode...

  • Page 289: Displaying Vlan Information

    VLAN Commands Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage • A port, or a trunk with switchport mode set to hybrid, must be assigned to at least one VLAN as untagged. • If a trunk has switchport mode set to trunk (i.e., 1Q Trunk), then you can only assign an interface to VLAN groups as a tagged member.

  • Page 290: Configuring Private Vlans

    Command Line Interface Default Setting Shows all VLANs. Command Mode Normal Exec, Privileged Exec Example The following example shows how to display information for VLAN 1: Console#show vlan id 1 VLAN Type Name Status Ports/Channel groups ---- ------- ---------------- --------- ---------------------------------- Static DefaultVlan Active Eth1/ 1 Eth1/ 2 Eth1/ 3 Eth1/ 4 Eth1/ 5...

  • Page 291: Show Pvlan

    Configuring Private VLANs Command Usage A Private VLAN allows modification of the default VLAN to provide port-based security and isolation between ports within the VLAN. Data traffic on the downlink ports can only be forwarded to, and from, the uplink port. Private VLANs and normal VLANs can exist simultaneously within the same switch.

  • Page 292: Bridge Extension Commands

    Command Line Interface Bridge Extension Commands This section describes how to display default configuration settings for the Bridge Extension MIB. Command Function Mode show bridge-ext Shows the global bridge extension configuration 4-146 show bridge-ext This command shows the configuration for bridge extension commands. Default Setting None Command Mode...

  • Page 293: Priority Commands

    Priority Commands Priority Commands The commands described in this section allow you to specify which data packets have greater precedence when traffic is buffered in the switch due to congestion. This switch supports CoS with four priority queues for each port. Data packets in a port’s high-priority queue will be transmitted before those in the lower-priority queues.

  • Page 294: Queue Mode

    Command Line Interface Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage • The precedence for priority mapping is IP Port, IP Precedence or IP DSCP, and default switchport priority. • The default priority applies for an untagged frame received on a port set to accept all frame types (i.e, receives both untagged and tagged frames).

  • Page 295: Queue Bandwidth

    Priority Commands Command Usage You can set the switch to service the queues based on a strict rule that requires all traffic in a higher priority queue to be processed before lower priority queues are serviced, or use Weighted Round-Robin (WRR) queuing that specifies a relative weight of each queue.

  • Page 296: Queue Cos-Map

    Command Line Interface queue cos-map This command assigns class of service (CoS) values to the priority queues (i.e., hardware output queues 0 - 3). Use the no form set the CoS map to the default values. Syntax queue cos-map queue_id [cos1 ... cosn] no queue cos-map •...

  • Page 297: Show Queue Mode

    Priority Commands show queue mode This command shows the current queue mode. Default Setting None Command Mode Privileged Exec Example Console#sh queue mode Wrr status: Enabled Console# show queue bandwidth This command displays the weighted round-robin (WRR) bandwidth allocation for the eight priority queues.

  • Page 298: Priority Commands (Layer 3 And 4)

    Command Line Interface Command Mode Privileged Exec Example Console#show queue cos-map ethernet 1/1 Information of Eth 1/1 Traffic Class : 0 1 2 3 4 5 6 7 Priority Queue: 0 0 0 1 1 2 3 2 Console# Priority Commands (Layer 3 and 4) Command Function Mode...

  • Page 299: Map Ip Precedence (Interface Configuration)

    Priority Commands map ip precedence (Interface Configuration) This command sets IP precedence priority (i.e., IP Type of Service priority). Use the no form to restore the default table. Syntax map ip precedence ip-precedence-value cos cos-value no map ip precedence • precedence-value - 3-bit precedence value.

  • Page 300: Map Ip Dscp (Interface Configuration)

    Command Line Interface Command Usage • The precedence for priority mapping is IP Port, IP Precedence or IP DSCP, and default switchport priority. • IP Precedence and IP DSCP cannot both be enabled. Enabling one of these priority types will automatically disable the other type. Example The following example shows how to enable IP DSCP mapping globally: Console(config)#map ip dscp...

  • Page 301: Map Ip Port (Global Configuration)

    Priority Commands Example The following example shows how to map IP DSCP value 1 to CoS value 0: Console(config)#interface ethernet 1/5 Console(config-if)#map ip dscp 1 cos 0 Console(config-if)# map ip port (Global Configuration) Use this command to enable IP port mapping (i.e., class of service mapping for TCP/UDP sockets).

  • Page 302: Show Map Ip Precedence

    Command Line Interface show map ip precedence This command shows the IP precedence priority map. Syntax show map ip precedence interface interface • ethernet unit/port - unit - This is device 1. - port - Port number. • port-channel channel-id (Value: 1) Default Setting None Command Mode...

  • Page 303: Show Map Ip Port

    Priority Commands Default Setting None Command Mode Privileged Exec Example Console#show map ip dscp ethernet 1/1 DSCP mapping status: disabled Port DSCP COS --------- ---- --- Eth 1/ 1 Eth 1/ 1 Eth 1/ 1 Eth 1/ 1 Eth 1/ 1 Eth 1/ 1 Eth 1/ 1 Console#...

  • Page 304: Multicast Filtering Commands

    Command Line Interface Example The following shows that HTTP traffic has been mapped to CoS value 0: Console#show map ip port TCP port mapping status: disabled Port Port no. COS --------- -------- --- Eth 1/ 5 Console# Related Commands map ip port (Interface Configuration) (4-155) Multicast Filtering Commands This switch uses IGMP (Internet Group Management Protocol) to query for any attached hosts that want to receive a specific multicast service.

  • Page 305: Ip Igmp Snooping Vlan Static

    Multicast Filtering Commands Default Setting Enabled Command Mode Global Configuration Example The following example enables IGMP snooping. Console(config)#ip igmp snooping Console(config)# ip igmp snooping vlan static This command adds a port to a multicast group. Use the no form to remove the port. Syntax [no] ip igmp snooping vlan vlan-id static ip-address interface •...

  • Page 306: Show Ip Igmp Snooping

    Command Line Interface Default Setting IGMP Version 2 Command Mode Global Configuration Command Usage All systems on the subnet must support the same version. If there are legacy devices in your network that only support Version 1, you will also have to configure this switch to use Version 1.

  • Page 307: Show Mac-Address-Table Multicast

    Multicast Filtering Commands show mac-address-table multicast This command shows known multicast addresses. Syntax show mac-address-table multicast [vlan vlan-id] [user | igmp-snooping] • vlan-id - VLAN ID (1 to 4094) • user - Display only the user-configured multicast entries. • igmp-snooping - Display only entries learned through IGMP snooping. Default Setting None Command Mode...

  • Page 308: Ip Igmp Snooping Querier

    Command Line Interface ip igmp snooping querier This command enables the switch as an IGMP querier. Use the no form to disable it. Syntax [no] ip igmp snooping querier Default Setting Enabled Command Mode Global Configuration Command Usage If enabled, the switch will serve as querier if elected. The querier is responsible for asking hosts if they want to receive multicast traffic.

  • Page 309: Ip Igmp Snooping Query-Interval

    Multicast Filtering Commands Example The following shows how to configure the query count to 10: Console(config)#ip igmp snooping query-count 10 Console(config)# Related Commands ip igmp snooping query-max-response-time (4-163) ip igmp snooping query-interval This command configures the query interval. Use the no form to restore the default. Syntax ip igmp snooping query-interval seconds no ip igmp snooping query-interval...

  • Page 310: Ip Igmp Snooping Router-Port-Expire-Time

    Command Line Interface Command Usage • The switch must be using IGMPv2 for this command to take effect. • This command defines the time after a query, during which a response is expected from a multicast client. If a querier has sent a number of queries defined by the ip igmp snooping query-count, but a client has not responded, a countdown timer is started using an initial value set by this command.

  • Page 311: Static Multicast Routing Commands

    Multicast Filtering Commands Related Commands ip igmp snooping version (4-159) Static Multicast Routing Commands Command Function Mode ip igmp snooping vlan Adds a multicast router port 4-165 mrouter show ip igmp snooping Shows multicast router ports 4-166 mrouter ip igmp snooping vlan mrouter This command statically configures a multicast router port.

  • Page 312: Show Ip Igmp Snooping Mrouter

    Command Line Interface show ip igmp snooping mrouter This command displays information on statically configured and dynamically learned multicast router ports. Syntax show ip igmp snooping mrouter [vlan vlan-id] vlan-id - VLAN ID (Range: 1-4093) Default Setting Displays multicast router ports for all configured VLANs. Command Mode Privileged Exec Command Usage...

  • Page 313: Ip Address

    IP Interface Commands ip address This command sets the IP address for the currently selected VLAN interface. Use the no form to restore the default IP address. Syntax ip address {ip-address netmask | bootp | dhcp} no ip address • ip-address - IP address •...

  • Page 314: Ip Default-Gateway

    Command Line Interface ip default-gateway This command establishes a static route between this switch and devices that exist on another network segment. Use the no form to remove the static route. Syntax ip default-gateway gateway no ip default-gateway gateway - IP address of the default gateway Default Setting No static route is established.

  • Page 315: Show Ip Redirects

    IP Interface Commands show ip redirects This command shows the default gateway configured for this device. Default Setting None Command Mode Privileged Exec Example Console#show ip redirects ip default gateway 10.1.0.254 Console# Related Commands ip default-gateway (4-168) ping This command sends ICMP echo request packets to another node on the network. Syntax ping host [count count][size size] •...
  • Page 316 Command Line Interface Example Console#ping 10.1.0.9 Type ESC to abort. PING to 10.1.0.9, by 5 32-byte payload ICMP packets, timeout is 5 seconds response time: 10 ms response time: 10 ms response time: 10 ms response time: 10 ms response time: 0 ms Ping statistics for 10.1.0.9: 5 packets transmitted, 5 packets received (100%), 0 packets lost (0%) Approximate round trip times:...

  • Page 317: Appendix A: Software Specifications

    Appendix A: Software Specifications Software Features Authentication Local, RADIUS, TACACS, Port (802.1x), HTTPS, SSH, Port Security DHCP Client Port Configuration 1000BASE-T: 10/100/1000 Mbps, half/full duplex 1000BASE-SX/LX: 1000 Mbps, full duplex Flow Control Full Duplex: IEEE 802.3x Half Duplex: Back pressure Broadcast Storm Control Traffic throttled above a critical threshold Port Mirroring...

  • Page 318: Management Features

    Software Specifications Management Features In-Band Management Telnet, Web-based HTTP or HTTPS, SNMP manager, or Secure Shell Out-of-Band Management RS-232 DB-9 console port Software Loading TFTP in-band or XModem out-of-band SNMP Management access via MIB database Trap management to specified hosts RMON Groups 1, 2, 3, 9 (Statistics, History, Alarm, Event) Standards...

  • Page 319: Management Information Bases

    Management Information Bases Management Information Bases Bridge MIB (RFC 1493) Entity MIB (RFC 2737) Ethernet MIB (RFC 2665) Ether-like MIB (RFC 1643) Extended Bridge MIB (RFC 2674) Extensible SNMP Agents MIB (RFC 2742) Forwarding Table MIB (RFC 2096) IGMP MIB (RFC 2933) Interface Group MIB (RFC 2233) Interfaces Evolution MIB (RFC 2863) IP Multicasting related MIBs...
  • Page 320 Software Specifications...

  • Page 321: Appendix B: Troubleshooting

    Appendix B: Troubleshooting Troubleshooting Chart Symptom Action Cannot connect using Telnet, • Be sure you have configured the agent with a valid IP address, subnet Web browser, or SNMP mask and default gateway. software • If you are trying to connect to the agent via the IP address for a tagged VLAN group, your management station must include the appropriate tag in its transmitted frames.
  • Page 322 Troubleshooting...

  • Page 323: Glossary

    Glossary Boot Protocol (BOOTP) used to provide bootup information for network devices, including IP BOOTP is address information, the address of the TFTP server that contains the devices system files, and the name of the boot file. Class of Service (CoS) CoS is supported by prioritizing packets based on the required level of service, and then placing them in the appropriate output queue.
  • Page 324 Glossary GARP VLAN Registration Protocol (GVRP) Defines a way for switches to exchange VLAN information in order to register necessary VLAN members on ports along the Spanning Tree so that VLANs defined in each switch can work automatically over a Spanning Tree network. Generic Attribute Registration Protocol (GARP) GARP is a protocol that can be used by endstations and switches to register and propagate multicast group membership information in a switched environment so...
  • Page 325 Glossary IEEE 802.3x Defines Ethernet frame start/stop requests and timers used for flow control on full-duplex links. IGMP Snooping Listening to IGMP Query and IGMP Report packets transferred between IP Multicast Routers and IP Multicast host groups to identify IP Multicast group members. IGMP Query On each subnetwork, one IGMP-capable device will act as the querier —...
  • Page 326 Glossary Management Information Base (MIB) An acronym for Management Information Base. It is a set of database objects that contains information about a specific device. Multicast Switching A process whereby the switch filters incoming multicast frames for services for which no attached host has registered, or forwards them to all ports contained within the designated multicast VLAN group.
  • Page 327 Glossary Remote Authentication Dial-in User Service (RADIUS) is a logon authentication protocol that uses software running on a central RADIUS server to control access to RADIUS-compliant devices on the network. Remote Monitoring (RMON) RMON provides comprehensive network monitoring capabilities. It eliminates the polling required in standard SNMP, and can set alarms on a variety of traffic conditions, including specific error types.
  • Page 328 Glossary Transmission Control Protocol/Internet Protocol (TCP/IP) Protocol suite that includes TCP as the primary transport protocol, and IP as the network layer protocol. Trivial File Transfer Protocol (TFTP) A TCP/IP protocol commonly used for software downloads. User Datagram Protocol (UDP) provides a datagram mode for packet-switched communications.

  • Page 329: Index

    Index Dynamic Host Configuration Protocol Numerics See DHCP 802.1x, port authentication 3-33, 4-68 edge port, STA 3-83, 3-85, 4-132 acceptable frame type 3-94, 4-140 event logging 4-35 address table 3-73, 4-122 aging time 3-75, 4-125 firmware displaying version 3-9, 4-54 BOOTP 3-13, 4-167 upgrading 3-15, 4-55 BPDU 3-76...
  • Page 330 Index logon authentication 3-24, 4-60 priority, default port ingress 3-98, RADIUS client 4-61 4-147 problems, troubleshooting C-1 RADIUS server 4-61 protocol migration 3-86, 4-135 TACACS+ client 3-25, 4-64 TACACS+ server 3-25, 4-64 logon authentication, sequence 3-26, queue weights 3-102, 4-149 4-60 RADIUS, logon authentication 4-61 main menu 3-3...
  • Page 331 Index startup files creating 3-16, 4-55 upgrading software 3-15, 4-55 displaying 3-15, 4-49 user password 3-24, 4-24, 4-25 setting 3-15, 4-59 static addresses, setting 3-73, 4-122 VLANs 3-86–3-97, 4-137–?? statistics adding static members 3-92, 3-93, port 3-51, 4-92 4-142 STP 3-79, 4-126 creating 3-91, 4-138 STP Also see STA description 3-86...
  • Page 332 Index Index-4...
  • Page 334 VS4512 VS4512DC E122003-R02 150000041800A...

This manual is also suitable for:

Vs4512Vdsl switch-vs4512Vdsl switch-vs4512dc

Table of Contents