Allied Telesis AT-8000S Cli User's Manual
  1. Manuals
  2. Brands
  3. Allied Telesis Manuals
  4. Software
  5. AT-8000S Series
  6. Cli user's manual

Allied Telesis AT-8000S Cli User's Manual

At-s94 management software cli user's guide for at-8000s series switches
Hide thumbs Also See for AT-8000S:
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
Table of Contents

Advertisement

Quick Links

See also: User Manual , Cli Reference Manual
CLI User's Guide
AT-8000S Series Stackable Gigabit Ethernet Switches
Version 2.0.0
613-001103 Rev. A
Management
Software
AT-S94

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the AT-8000S and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Allied Telesis AT-8000S

Summary of Contents for Allied Telesis AT-8000S

  • Page 1 Management Software AT-S94 CLI User’s Guide AT-8000S Series Stackable Gigabit Ethernet Switches Version 2.0.0 613-001103 Rev. A...
  • Page 2 Allied Telesis, Inc. reserves the right to make changes in specifications and other information contained in this document without prior written notice. The information provided herein is subject to change without notice. In no event shall Allied Telesis, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesis, Inc.

  • Page 3: Table Of Contents

    Table of Contents Preface ..........................14 Intended Audience......................... 15 Document Conventions ......................... 15 Contacting Allied Telesis ....................... 16 Chapter 1.Using the CLI ..................... 17 Overview ..............................17 CLI Command Modes........................17 Introduction ..............................17 User EXEC Mode ............................17 Privileged EXEC Mode ..........................17 Global Configuration Mode ........................18...
  • Page 4 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide ip http authentication ........................... 42 ip https authentication.......................... 43 show authentication methods ......................44 password ............................. 45 username............................. 45 aaa accounting login..........................46 aaa accounting dot1x .......................... 47 show users accounts ........................... 49 enable password ..........................
  • Page 5 sntp unicast client enable........................78 sntp unicast client poll ..........................79 sntp server ............................80 show clock............................81 show sntp configuration ........................82 show sntp status ..........................83 Chapter 6.Configuration and Image File Commands ............85 copy..............................85 dir .................................87 delete ..............................88 boot system............................89 show running-config ..........................89 show startup-config ..........................90 show bootvar............................91 Chapter 7.DHCP Snooping Commands ................
  • Page 6 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide show interfaces counters........................112 port storm-control include-multicast (IC).................... 115 port storm-control broadcast enable....................115 port storm-control broadcast rate ...................... 116 show ports storm-control ........................117 Chapter 9.GVRP Commands.................... 118 gvrp enable (Global) .......................... 118 gvrp enable (Interface) ........................
  • Page 7 Chapter 12.IPv6 Addressing Commands................ 147 ipv6 enable............................147 ipv6 address............................147 ipv6 address link-local........................148 ipv6 default-gateway ..........................149 show ipv6 interface ..........................150 ipv6 nd dad attempts..........................151 ipv6 host.............................152 ipv6 neighbor............................153 show ipv6 neighbors ..........................154 clear ipv6 neighbors ...........................155 Chapter 13.Line Commands .................... 156 line..............................156 speed ..............................156 autobaud ............................157...
  • Page 8 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide lldp tx-delay ............................178 lldp optional-tlv........................... 178 lldp management-address ......................... 179 lldp notifications ..........................180 lldp med enable ..........................180 lldp med network-policy (global) ......................181 lldp med network-policy (interface)....................182 lldp med location..........................182 clear lldp rx ............................
  • Page 9 power inline traps enable ........................211 show power inline..........................212 show power inline power-consumption ....................214 show power inline version ........................214 Chapter 24.QoS Commands .................... 216 qos ..............................216 show qos ............................216 priority-queue out num-of-queues ......................217 rate-limit .............................217 traffic-shape ............................218 show qos interface ..........................219 wrr-queue cos-map ..........................220 qos trust (Global)..........................221 qos map dscp-queue..........................221...
  • Page 10 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide snmp-server enable traps........................250 snmp-server filter..........................250 snmp-server host..........................251 snmp-server v3-host.......................... 253 snmp-server trap authentication ......................254 snmp-server contact .......................... 254 snmp-server location ......................... 255 snmp-server set..........................255 show snmp ............................256 show snmp engineid..........................
  • Page 11 ip ssh server............................291 crypto key generate dsa........................292 crypto key generate rsa........................292 ip ssh pubkey-auth ..........................293 crypto key pubkey-chain ssh......................294 user-key .............................295 key-string............................295 show ip ssh ............................296 show crypto key mypubkey ........................297 show crypto key pubkey-chain ssh ....................298 Chapter 30.Syslog Commands ..................300 logging on............................300 logging..............................300 logging console ..........................301...
  • Page 12 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide reload..............................325 resume............................... 326 hostname............................326 stack master ............................327 stack reload ............................328 stack change unit-id........................... 328 show stack............................329 show users ............................330 show sessions ........................... 331 show system............................332 show system id ..........................
  • Page 13 show vlan ............................357 show vlan internal usage........................357 show interfaces switchport .........................358 Chapter 36.Web Server Commands ................362 ip http server ............................362 ip http port ............................362 ip http exec-timeout..........................363 ip https server.............................363 ip https port ............................364 ip https exec-timeout ..........................365 crypto certificate generate........................365 crypto certificate request ........................366 crypto certificate import ........................368 ip https certificate ..........................369...
  • Page 14 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Page 13...

  • Page 15: Preface

    Preface Preface This guide describes how to configure an AT-8000S Series switch with AT-S94 V2.0.0 firmware using the command line interface. The commands are grouped by topic into the following chapters: • Chapter 1. "Using the CLI" — Describe the CLI basic structure and command usage.

  • Page 16: Intended Audience

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide • Chapter 25. "Radius Commands" — Specify the source IP address used for communication with Remote Authentication Dial-in User Service (RADIUS) servers, and display the RADIUS server settings. • Chapter 26. "RMON Commands" — Display the Remote Network Monitoring (RMON) Ethernet history statistics, alarms table and configuration.

  • Page 17: Contacting Allied Telesis

    Preface Contacting Allied Telesis Contacting Allied Telesis This section provides Allied Telesis contact information for technical support as well as sales or corporate information. . You can request technical support online by accessing the Allied Telesis Knowledge Base Online Support from the following web site: www.alliedtelesis.com/support.

  • Page 18: Chapter 1.Using The Cli

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 1. Using the CLI Overview This chapter describes how to start using the CLI and the CLI command editing features. CLI Command Modes Introduction To assist in configuring the device, the Command Line Interface (CLI) is divided into different command modes.

  • Page 19: Global Configuration Mode

    Using the CLI CLI Command Modes Enter the password and press <Enter>. The password is displayed as *. The Privileged EXEC mode prompt is displayed. The Privileged EXEC mode prompt consists of the device host name followed by #. Console# To return from the Privileged EXEC mode to the User EXEC mode, use the disable command.

  • Page 20: Interface Configuration And Specific Configuration Modes

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Interface Configuration and Specific Configuration Modes Interface Configuration mode commands modify specific interface operations. The following are the Interface Configuration modes: • Line Interface — Contains commands to configure the management connections. These include commands such as line timeout settings, etc.

  • Page 21: Starting The Cli

    Using the CLI Starting the CLI Starting the CLI The device can be managed over a direct connection to the device console RS-232 port or via a Telnet connection. The device is managed by entering command keywords and parameters at the prompt. Using the device Command Line Interface (CLI) is very similar to entering commands on a UNIX system.

  • Page 22: Terminal Command Buffer

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide To enter commands that require parameters, enter the required parameters after the command keyword. For example, to set a password for the administrator, enter: Console(config)# username admin password alansmith When working with the CLI, the command options are not displayed. The command is not selected from a menu, but is manually entered.

  • Page 23: Nomenclature

    Using the CLI Editing Features command is entered. If the characters already entered are not enough for the system to identify a single matching command, press ? to display the available commands matching the characters already entered. Nomenclature When referring to an Ethernet port in a CLI command, the following format is used: •...

  • Page 24: Copying And Pasting Text

    Ctrl+F4 Any combination keys pressed simultaneously on the keyboard. Indicates system messages and prompts appearing on the console. Screen Display When a parameter is required to define a range of ports or parameters and all is an option, the default for the command is all when no parameters are defined. For example, the command interface range port-channel has the option of either entering a range of channels, or selecting all.

  • Page 25: Chapter 2.Acl Commands

    ACL Commands Chapter 2. ACL Commands ip access-list The ip access-list Global Configuration mode command defines an IPv4 Access List and places the device in IPv4 Access List Configuration mode. Use the no form of this command to remove the Access List. Syntax ip access-list access-list-name no ip access-list access-list-name...
  • Page 26 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide permit-udp {any | { source source-wildcard}} {any | source-port} {any | {destination destination-wildcard}} {any | destination-port} [dscp number | ip-precedence number] Parameters • source — Source IP address of the packet. •...
  • Page 27 ACL Commands IP P r o t oco l A bb r ev ia t ed N am e P r o to co l N u m be r Internet Control Message Protocol icmp Internet Group Management Protocol igmp IP in IP (encapsulation) Protocol ipinip Transmission Control Protocol...

  • Page 28: Deny (Ip)

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide mobile-registration-request, mobile-registration-reply, domain-name-request, domain-name-reply, skip and photuris. (Range: 0-255) • icmp-code — Specifies an ICMP message code for filtering ICMP packets. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code. (Range: 0-255) •...
  • Page 29 ACL Commands Parameters • disable-port — The Ethernet interface is disabled if the condition is matched. • source — Source IP address of the packet. • source-wildcard — Wildcard bits to be applied to the source IP address. Use 1s in the bit position to be ignored.

  • Page 30: Ipv6 Access-List

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide IP P r o t oco l A bb r ev ia t ed N am e P r o to co l N u m be r General Routing Encapsulation Encapsulating Security Payload (50)

  • Page 31: Permit (Ipv6)

    ACL Commands Default Configuration No IPv6 access list is defined. Command Mode Global configuration User Guidelines • An IPv6 ACL has a unique name. An IPv6 ACL, IPv4 ACL and MAC ACL cannot share the same name. • Every IPv6 ACL has implicit permit icmp any any nd-ns any, permit icmp any any nd-na any and deny ipv6 any any statements as its last match conditions (The former two match conditions allow for ICMPv6 neighbor discovery).

  • Page 32: Default Configuration

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters • destination-port — Specifies the UDP/TCP destination port. (Range: 0- 65535) • destination-prefix/length — The destination IPv6 network or class of networks about which to set permit conditions. This argument must be in the form documented in RFC 3513, where the address is specified in hexadecimal using 16-bit values between colons.

  • Page 33: Deny (Ipv6)

    ACL Commands User Guidelines • IPv6 Syntax — The 128-bit IPv6 address format is divided into eight groups of four hexadecimal digits. Abbreviation of this format is done by replacing a group of zeros with double colons. The IPv6 address representation can be further simplified by suppressing the leading zeros.
  • Page 34 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters • destination-port — Specifies the UDP/TCP destination port. (Range: 0 - 65535) • destination-prefix/length — The destination IPv6 network or class of networks about which to set permit conditions. This argument must be in the form documented in RFC 3513, where the address is specified in hexadecimal using 16-bit values between colons.

  • Page 35: Mac Access-List

    ACL Commands User Guidelines • IPv6 Syntax — The 128-bit IPv6 address format is divided into eight groups of four hexadecimal digits. Abbreviation of this format is done by replacing a group of zeros with double colons. The IPv6 address representation can be further simplified by suppressing the leading zeros.

  • Page 36: Permit (Mac)

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example creates a MAC ACL. console(config)# mac access-list macl-acl1 console(config-mac-al)# permit (MAC) The permit MAC-Access List Configuration mode command sets permit conditions for a MAC-Access List. Syntax permit {any | {source source-wildcard} any | {destination destination-wildcard}} [vlan vlan-id] [cos cos cos-...

  • Page 37: Service-Acl

    ACL Commands Syntax deny [disable-port] {any|{source source- wildcard} {any|{ destination destination- wildcard}} [vlan vlan-id] [cos cos cos-wildcard] [ethtype eth-type] Parameters • disable-port — Indicates the Ethernet interface is disabled if the condition is matched. • source — Specifies source MAC address of the packet. •...

  • Page 38: Show Access-Lists

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax service-acl input acl-name no service-acl input Parameters • input — Applies the specified ACL to the input interface. Default Configuration This command has no default configuration. Command Mode Interface Configuration (Ethernet, Port-Channel) mode User Guidelines In advanced mode, when an ACL is bound to an interface, the port trust mode is set to trust 12-13 and not to 12.

  • Page 39: Show Interfaces Access-Lists

    ACL Commands Example The following example displays access lists. console# show access-lists IP access list ACL1 permit ip host 172.30.40.1 any permit rsvp host 172.30.8.8 any show interfaces access-lists The show interfaces access-lists Privileged EXEC mode command displays access lists applied on interfaces. Syntax show interfaces access-lists [ ethernet interface | vlan vlan-id | port-channel port-channel-number ] Parameters...

  • Page 40: Chapter 3.Aaa Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 3. AAA Commands aaa authentication login The aaa authentication login Global Configuration mode command defines login authentication. Use the no form of this command to return to the default configuration. Syntax aaa authentication login {default | list-name} method1 [method2...]...

  • Page 41: Aaa Authentication Enable

    AAA Commands User Guidelines • The default and optional list names created with the aaa authentication login command are used with the login authentication command. • Create a list by entering the aaa authentication login list-name method command for a particular protocol, where list-name is any character string used to name this list.

  • Page 42: Login Authentication

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines • The default and optional list names created with the aaa authentication enable command are used with the enable authentication command. • The additional methods of authentication are used only if the previous method returns an error, not if it fails.

  • Page 43: Enable Authentication

    AAA Commands enable authentication The enable authentication Line Configuration mode command specifies the authentication method list when accessing a higher privilege level from a remote telnet or console. Use the no form of this command to return to the default configuration specified by the aaa authentication enable command. Syntax enable authentication {default | list-name} no enable authentication...

  • Page 44: Ip Https Authentication

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication. Default Configuration The local user database is checked. This has the same effect as the command ip http authentication local.

  • Page 45: Show Authentication Methods

    AAA Commands User Guidelines The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.

  • Page 46: Password

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Line Login Method List Enable Method List -------------- ----------------- ------------------ Console Console_Login Console_Enable Telnet Default Default Default Default http: Radius, Local https: Radius, Local dot1x: Radius password The password Line Configuration mode command specifies a password on a line. Use the no form of this command to remove the password.

  • Page 47: Aaa Accounting Login

    AAA Commands Syntax username name [password password] [level level] [encrypted] no username name Parameters • name — The name of the user (Range: 1- 20 characters). • password — The authentication password for the user (Range: 1-159 characters). • level — The user level (Range: 1-15). •...

  • Page 48: Aaa Accounting Dot1X

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Global Configuration mode. User Guidelines • This command enables the recording of device management sessions (Telnet, serial and Web, but not SNMP). • It records only users that were identified with a username (for example, a user logged in with a line password is not recorded).
  • Page 49 AAA Commands Parameters • radius — Accounting is performed by a RADIUS server. Default Configuration Disabled. Command Mode Global Configuration. User Guidelines • This command enables the recording of 802.1x sessions. • If accounting is activated, the device sends a Start/Stop message to a RADIUS server when a user logs in/logs out to the network, respectively.

  • Page 50: Show Users Accounts

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide show users accounts The show users accounts Privileged EXEC mode command displays information about the local user database. Syntax show users accounts Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration.

  • Page 51: Show Accounting

    AAA Commands no enable password [level level] Parameters • password — Password for this level. (Range: 1-159 characters) • level — Level for which the password applies. If not specified the level is 15. (Range: 1-15) • encrypted — Encrypted password entered, copied from another device configuration. (Range: 32 characters in hexadecimal) Default Configuration No enable password is defined.
  • Page 52 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example Console# show accounting Login: Radius 802.1x: Disabled Page 51 Not approved by Document Control. For review only.

  • Page 53: Chapter 4.Address Table Commands

    Address Table Commands Chapter 4. Address Table Commands bridge address The bridge address Interface Configuration (VLAN) mode command adds a MAC-layer station source address to the bridge table. Use the no form of this command to delete the MAC address. Syntax bridge address mac-address {ethernet interface | port-channel port-channel-number} [permanent permanent} | delete-on-reset delete-on-reset} | delete-on-timeout delete-on-timeout} | secure secure]...

  • Page 54: Bridge Multicast Address

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax bridge multicast filtering no bridge multicast filtering Parameters This command has no keywords or arguments. Default Configuration Bridge Multicast filtering is disabled. All Multicast addresses are flooded to all ports. Command Mode...

  • Page 55: Bridge Multicast Forbidden Address

    Address Table Commands Command Mode Interface configuration (VLAN) mode User Guidelines • If the command is executed without add or remove, the command only registers the group in the bridge database. • Static Multicast addresses can only be defined on static VLANs. Example The following example registers the MAC address: console(config)# interface vlan 8...

  • Page 56: Bridge Multicast Unregistered

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines Before defining forbidden ports, the Multicast group should be registered. Example The following example configures MAC address 0100.5e02.0203 to be forbidden on port 2/e9 within VLAN 8. console(config)# interface vlan 8 console(config-if)# bridge multicast address 0100.5e02.0203...

  • Page 57: Bridge Multicast Forbidden Forward-All

    Address Table Commands Syntax bridge multicast forward-all {add | remove} {ethernet interface-list | port-channel port-channel-number-list} no bridge multicast forward-all Parameters • add — Force forwarding all Multicast packets. • remove — Do not force forwarding all Multicast packets. • interface-list — Separate nonconsecutive Ethernet ports with a comma and no spaces; a hyphen is used to designate a range of ports.

  • Page 58: Bridge Aging-Time

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration This setting is disabled. Command Mode Interface Configuration (VLAN) mode User Guidelines • IGMP snooping dynamically discovers Multicast router ports. When a Multicast router port is discovered, all the Multicast packets are forwarded to it unconditionally.

  • Page 59: Clear Bridge

    Address Table Commands clear bridge The clear bridge Privileged EXEC mode command removes any learned entries from the forwarding database. Syntax clear bridge Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.

  • Page 60: Port Security Mode

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example forwards all packets from port 1/e1 without learning addresses of packets from unknown sources and sends traps every 100 seconds if a packet with an unknown source address is received.

  • Page 61: Port Security Routed Secure-Address

    Address Table Commands no port security max Parameters • max-addr— Maximum number of addresses that can be learned by the port. (Range: 1-128) Default Configuration The default setting is 1 address. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command is only relevant in dynamic learning modes.

  • Page 62: Show Bridge Address-Table

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example adds the MAC-layer address 66:66:66:66:66:66 to port 1/e1. console(config)# interface ethernet 1/e1 console(config-if)# port security routed secure-address 66:66:66:66:66:66 show bridge address-table The show bridge address-table Privileged EXEC mode command displays all entries in the bridge-forwarding database.

  • Page 63: Show Bridge Address-Table Static

    Address Table Commands show bridge address-table static The show bridge address-table static Privileged EXEC mode command displays statically created entries in the bridge-forwarding database. Syntax show bridge address-table static [vlan vlan] [ethernet interface | port-channel port-channel-number] Parameters • vlan — Specifies a valid VLAN, such as VLAN 1. •...
  • Page 64 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters • vlan — Specifies a valid VLAN, such as VLAN 1. • interface — A valid Ethernet port. • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration.

  • Page 65: Show Bridge Multicast Address-Table

    Address Table Commands show bridge multicast address-table The show bridge multicast address-table Privileged EXEC mode command displays the bridge Multicast Address Table information. Syntax show bridge multicast address-table [vlan vlan-id] [address mac-multicast-address | ip-multicast-address] [format ip | format mac] [source ip-address] Parameters •...
  • Page 66 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Examples The following examples display Multicast MAC address and IP Address Table information. console# show bridge multicast address-table Multicast address table for VLANs in MAC-GROUP bridging mode: Vlan MAC Address Type Ports...

  • Page 67: Show Bridge Multicast Address-Table Static

    Address Table Commands Note A Multicast MAC address maps to multiple IP addresses as shown above. show bridge multicast address-table static The show bridge multicast address-table static Privileged EXEC mode command displays statically configured Multicast addresses. Syntax show bridge multicast address-table static [vlan vlan-id] [address mac-multicast-address | Parameters •...
  • Page 68 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax show bridge multicast filtering vlan-id Parameters • vlan-id — VLAN ID value. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.

  • Page 69: Show Bridge Multicast Unregistered

    Address Table Commands show bridge multicast unregistered Use The show bridge multicast unregistered User EXEC mode command displays the unregistered multicast filtering configuration. Syntax show bridge multicast unregistered [ethernet interface | port-channel port-channel-number] Parameters • interface — Specify the required Ethernet port to display. •...

  • Page 70: Show Ports Security Addresses

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays classes of entries in the port-lock status: console# show ports security Port...
  • Page 71 Address Table Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Examples The following examples display dynamic addresses in currently locked ports. console# show ports security addresses Port Status Learning...

  • Page 72: Chapter 5.Clock Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 5. Clock Commands clock set The clock set Privileged EXEC mode command manually sets the system clock. To avoid an SNTP conflict, this command should only be used if there is no clock source set.

  • Page 73: Clock Timezone

    Clock Commands Default Configuration No external clock source Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures an external time source for the system clock. Console(config)# clock source sntp clock timezone The clock timezone Global Configuration mode command sets the time zone for display purposes.

  • Page 74: Clock Summer-Time

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide clock summer-time The clock summer-time Global Configuration mode command configures the system to automatically switch to summer time (daylight saving time). Use the no form of this command to configure the software not to automatically switch to summer time.

  • Page 75: Sntp Authentication-Key

    Clock Commands User Guidelines In both the date and recurring forms of the command, the first part of the command specifies when summer time begins, and the second part specifies when it ends. All times are relative to the local time zone. The start time is relative to standard time.

  • Page 76: Sntp Authenticate

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example defines the authentication key for SNTP. Console(config)# sntp authentication-key 8 md5 ClkKey sntp authenticate The sntp authenticate Global Configuration mode command grants authentication for received Simple Network Time Protocol (SNTP) traffic from servers. Use the no form of this command to disable the feature.

  • Page 77: Sntp Client Poll Timer

    Clock Commands Default Configuration No keys are trusted. Command Mode Global Configuration mode User Guidelines The command is relevant for both received Unicast and Broadcast. If there is at least 1 trusted key, then unauthenticated messages will be ignored. Example The following example authenticates key 8.

  • Page 78: Sntp Broadcast Client Enable

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide sntp broadcast client enable The sntp broadcast client enable Global Configuration mode command enables Simple Network Time Protocol (SNTP) Broadcast clients. Use the no form of this command to disable SNTP Broadcast clients.

  • Page 79: Sntp Client Enable (Interface)

    Clock Commands User Guidelines The sntp client poll timer Global Configuration mode command determines polling time. Use the sntp client enable (Interface) Interface Configuration mode command to enable the SNTP client on a specific interface. Example The following example enables SNTP Anycast clients. console(config)# sntp anycast client enable sntp client enable (Interface) The sntp client enable Interface Configuration (Ethernet, port-channel, VLAN) mode command enables the...

  • Page 80: Sntp Unicast Client Poll

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax sntp unicast client enable no sntp unicast client enable Parameters This command has no arguments or keywords. Default Configuration The SNTP Unicast client is disabled. Command Mode Global Configuration mode User Guidelines Use the sntp server Global Configuration mode command to define SNTP servers.

  • Page 81: Sntp Server

    Clock Commands Example The following example enables polling for Simple Network Time Protocol (SNTP) predefined Unicast clients. Console(config)# sntp unicast client poll sntp server The sntp server Global Configuration mode command configures the device to use the Simple Network Time Protocol (SNTP) to request and accept SNTP traffic from a specified server.

  • Page 82: Show Clock

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example configures the device to accept SNTP traffic from the server on 192.1.1.1. Console(config)# sntp server 192.1.1.1 show clock The show clock User EXEC mode command displays the time and date from the system clock.

  • Page 83: Show Sntp Configuration

    Clock Commands Time zone: Acronym is PST Offset is UTC-8 Summertime: Acronym is PDT Recurring every year. Begins at first Sunday of April at 2:00. Ends at last Sunday of October at 2:00. Offset is 60 minutes. show sntp configuration The show sntp configuration Privileged EXEC mode command shows the configuration of the Simple Network Time Protocol (SNTP).

  • Page 84: Show Sntp Status

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Server Polling Encryption Key ----------- ------- -------------- 176.1.1.8 Enabled 176.1.8.179 Disabled Disabled Broadcast Clients: Enabled Anycast Clients: Enabled Broadcast and Anycast Interfaces: 1/e1, 1/e3 show sntp status The show sntp status Privileged EXEC mode command shows the status of the Simple Network Time Protocol (SNTP).
  • Page 85 Clock Commands 176.1.8.179 Unknown 12:17.17.987 PDT Feb 19 2002 8.98 189.19 Anycast server: Server Interface Status Last response Offset Delay [mSec] [mSec] --------- ------- ----- ----------------------------- ------ ----- 176.1.11.8 VLAN 118 9:53:21.789 PDT Feb 19 2002 7.19 119.89 Broadcast: Interface Interface Last response ---------...

  • Page 86: Chapter 6.Configuration And Image File Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 6. Configuration and Image File Commands copy The copy Privileged EXEC mode command copies files from a source to a destination. Syntax copy source-url destination-url Parameters • source-url — The source file location URL or reserved keyword of the source file to be copied.
  • Page 87 Configuration and Image File Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines • Up to five backup configuration files are supported on the device. • The location of a file system dictates the format of the source or destination URL. •...

  • Page 88: Dir

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Copying a Configuration File from a Server to the Startup Configuration To copy a configuration file from a network server to the startup configuration file of the device, enter copy source- url startup-config. The startup configuration file is replaced by the copied configuration file.

  • Page 89: Delete

    Configuration and Image File Commands User Guidelines There are no user guidelines for this command. Example The following example displays the list of files on a flash file system. console# dir Directory of flash: File Name Permission FlashSize DataSize Modified ---------- ---------- ---------- ---------- ----------...

  • Page 90: Boot System

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines *.sys, *.prv, image-1 and image-2 files cannot be deleted. Example The following example deletes file test from flash memory.

  • Page 91: Show Startup-Config

    Configuration and Image File Commands Syntax show running-config Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the contents of the running configuration file.

  • Page 92: Show Bootvar

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the contents of the running configuration file.
  • Page 93 Configuration and Image File Commands User Guidelines There are no user guidelines for this command. Example The following example displays the active system image file that is loaded by the device at startup. console# show bootvar Images currently available on the FLASH image-1 active image-2...

  • Page 94: Chapter 7.Dhcp Snooping Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 7. DHCP Snooping Commands ip dhcp snooping The ip dhcp snooping Global Configuration mode command globally enables DHCP snooping. Use the no form of this command to return to the default setting.

  • Page 95: Ip Dhcp Snooping Trust

    DHCP Snooping Commands Command Mode Global Configuration mode User Guidelines DHCP snooping must be first globally enabled before enabling DHCP snooping on a VLAN. Example The following example configures DHCP snooping on a VLAN. console(config)# ip dhcp snooping vlan 1 ip dhcp snooping trust The ip dhcp snooping trust Interface Configuration mode command configures a port as trusted for DHCP snooping purposes.

  • Page 96: Ip Dhcp Snooping Information Option Allowed-Untrusted

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide ip dhcp snooping information option allowed-untrusted The ip dhcp snooping information option allowed-untrusted Global Configuration mode command configures a switch to accept DHCP packets with option-82 information from an untrusted port. Use the no form of this command to configure the switch to drop these packets from an untrusted port.

  • Page 97: Ip Dhcp Snooping Database

    DHCP Snooping Commands User Guidelines There are no user guidelines for this command. Example The following example configures the switch to verify on an untrusted port that the source MAC address in a DHCP packet matches the client hardware address console(config) #ip dhcp snooping verify ip dhcp snooping database The ip dhcp snooping database Global Configuration mode command configures the DHCP snooping binding...

  • Page 98: Ip Dhcp Snooping Binding

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters • seconds — Specify, in seconds, the update frequency (Range: 600 - 86400 ). Default Configuration 1200 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.

  • Page 99: Clear Ip Dhcp Snooping Database

    DHCP Snooping Commands The entry is displayed in the show commands as a ‘DHCP Snooping entry’. Example The following example configures the DHCP snooping binding database and adds binding entries to the database. console# ip dhcp snooping binding 0060.704c.73ff 3 10.1.8.1 ethernet 1/e21 clear ip dhcp snooping database The clear ip dhcp snooping database Privileged EXEC mode command clears the DHCP binding database.

  • Page 100: Show Ip Dhcp Snooping Binding

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example displays the DHCP snooping configuration. show ip dhcp snooping binding The show ip dhcp snooping binding User EXEC mode command displays the DHCP snooping binding database and configuration information for all interfaces on a switch.

  • Page 101: Chapter 8.Ethernet Configuration Commands

    Ethernet Configuration Commands Chapter 8. Ethernet Configuration Commands interface ethernet The interface ethernet Global Configuration mode command enters the interface configuration mode to configure an Ethernet type interface. Syntax interface ethernet interface Parameters • interface — Valid Ethernet port. (Full syntax: unit/port) Default Configuration This command has no default configuration.

  • Page 102: Shutdown

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each active interface in the range. If the command returns an error on one of the active interfaces, it does not stop executing commands on other active interfaces.

  • Page 103: Description

    Ethernet Configuration Commands description The description Interface Configuration (Ethernet, port-channel) mode command adds a description to an interface. Use the no form of this command to remove the description. Syntax description string no description Parameters • string — Comment or a description of the port to enable the user to remember what is attached to the port. (Range: 1-64 characters) Default Configuration The interface does not have a description.

  • Page 104: Duplex

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines The no speed command in a port-channel context returns each port in the port-channel to its maximum capability. Example The following example configures the speed operation of Ethernet port 1/e5 to 100 Mbps operation.

  • Page 105: Negotiation

    Ethernet Configuration Commands Example The following example configures the duplex operation of Ethernet port 1/e5 to full duplex operation. console(config)# interface ethernet 1/e5 console(config-if)# duplex full negotiation The negotiation Interface Configuration (Ethernet, port-channel) mode command enables auto-negotiation operation for the speed and duplex parameters of a given interface. Use the no form of this command to disable auto-negotiation.

  • Page 106: Mdix

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters • on — Force flow control as enabled. • off — Force flow control as disabled. • auto — Enable AUTO flow control configuration. Default Configuration Flow control is off. Command Mode...

  • Page 107: Back-Pressure

    Ethernet Configuration Commands Example In the following example, automatic crossover is enabled on port 1/e5. console(config)# interface ethernet 1/e5 console(config-if)# mdix auto back-pressure The back-pressure Interface Configuration (Ethernet, port-channel) mode command enables back pressure on a given interface. Use the no form of this command to disable back pressure. Syntax back-pressure no back-pressure...

  • Page 108: Clear Counters

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example In the following example enable flow control on cascade ports.

  • Page 109: Show Interfaces Advertise

    Ethernet Configuration Commands Parameters • interface — Valid Ethernet port. (Full syntax: unit/port) • port-channel-number — Valid port-channel number. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command is used to activate interfaces that were configured to be active, but were shutdown by the system for some reason (e.g., port security).

  • Page 110: Show Interfaces Configuration

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide ---- ----------- ------- ------------------------------ 100M-Copper Enabled 100M-Copper Enabled 100M-Copper Enabled 100M-Copper Enabled 100M-Copper Enabled 100f, 100h, 10f, 10h 100M-Copper Enabled 100M-Copper Enabled 100M-Copper Enabled 100M-Copper Enabled 100M-Copper Enabled 100M-Copper Enabled 100M-Copper Enabled...

  • Page 111: Show Interfaces Status

    Ethernet Configuration Commands Example The following example displays the configuration of all configured interfaces: console# show interfaces configuration Port Type Duplex Speed Flow Link Back Mdix Ctrl State Pressure Mode ---- ----------- ------ ----- ------- ---- ----- -------- ---- 100M-Copper Full Enabled Disabled...

  • Page 112: Show Interfaces Description

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the status of all configured interfaces: console# show interfaces status Port Type...

  • Page 113: Show Interfaces Counters

    Ethernet Configuration Commands Parameters • interface — Valid Ethernet port. (Full syntax: unit/port) • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays descriptions of configured interfaces.
  • Page 114 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Modes User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays traffic seen by the physical interface. The following example displays counters for Ethernet port 1/e1.
  • Page 115 Ethernet Configuration Commands console# console# show interfaces counters ethernet 1/e1 Port InUcastPkts InMcastPkts InBcastPkts InOctets ------ ----------- -------------- ----------- ----------- 1/e1 Port OutUcastPkts OutMcastPkts OutBcastPkts OutOctets ------ ----------- -------------- ------------ ------------ 1/e1 FCS Errors: 0 Single Collision Frames: 0 Late Collisions: 0 Oversize Packets: 0 Internal MAC Rx Errors: 0 Received Pause Frames: 0...

  • Page 116: Port Storm-Control Include-Multicast (Ic)

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Late Collisions Number of times that a collision is detected later than one slotTime into the transmission of a packet. Oversize Packets Counted frames received that exceed the maximum permitted frame size.

  • Page 117: Port Storm-Control Broadcast Rate

    Ethernet Configuration Commands Syntax port storm-control broadcast enable no port storm-control broadcast enable Parameters This command has no arguments or keywords. Default Configuration Broadcast storm control is disabled. Command Modes Interface Configuration (Ethernet) mode User Guidelines Use the port storm-control broadcast rate Interface Configuration (Ethernet) mode command, to set the maximum allowable Broadcast rate.

  • Page 118: Show Ports Storm-Control

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines Use the port storm-control broadcast enable Interface Configuration mode command to enable Broadcast storm control. The software displays the actual rate since granularity depends on the requested rate. Example The following example configures the maximum storm control Broadcast rate at 900 Kbits/Sec.

  • Page 119: Chapter 9.Gvrp Commands

    GVRP Commands Chapter 9. GVRP Commands gvrp enable (Global) GARP VLAN Registration Protocol (GVRP) is an industry-standard protocol designed to propagate VLAN information from device to device. With GVRP, a single device is manually configured with all desired VLANs for the network, and all other devices on the network learn these VLANs dynamically.

  • Page 120: Garp Timer

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration GVRP is disabled on all interfaces. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines An access port does not dynamically join a VLAN because it is always a member in only one VLAN.

  • Page 121: Gvrp Vlan-Creation-Forbid

    GVRP Commands Set the same GARP timer values on all Layer 2-connected devices. If the GARP timers are set differently on Layer 2-connected devices, the GARP application will not operate successfully. Example The following example sets the leave timer for Ethernet port 1/e6 to 900 milliseconds. console(config)# interface ethernet 1/e6 console(config-if)# garp timer leave 900 gvrp vlan-creation-forbid...

  • Page 122: Clear Gvrp Statistics

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide no gvrp registration-forbid Default Configuration Dynamic registration of VLANs on the port is allowed. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example forbids dynamic registration of VLANs on Ethernet port 1/e6.

  • Page 123: Show Gvrp Statistics

    GVRP Commands Syntax show gvrp configuration [ethernet interface | port-channel port-channel-number] Parameters • interface — A valid Ethernet port. (Full syntax: unit/port) • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.

  • Page 124: Show Gvrp Error-Statistics

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax show gvrp statistics [ethernet interface | port-channel port-channel-number] Parameters • interface — A valid Ethernet port. (Full syntax: unit/port) • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration.
  • Page 125 GVRP Commands Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays GVRP statistical information. Console> show gvrp error-statistics GVRP Error Statistics: Legend: INVPROT : Invalid Protocol Id...

  • Page 126: Chapter 10.Igmp Snooping Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 10.IGMP Snooping Commands Note In order to enable IGMP snooping, the user must enable bridge Multicast filtering ip igmp snooping (Global) The ip igmp snooping Global Configuration mode command enables Internet Group Management Protocol (IGMP) snooping.

  • Page 127: Ip Igmp Snooping Mrouter Learn-Pim-Dvmrp

    IGMP Snooping Commands Parameters This command has no arguments or keywords. Default Configuration IGMP snooping is disabled . Command Mode Interface Configuration (VLAN) mode User Guidelines IGMP snooping can only be enabled on static VLANs. Example The following example enables IGMP snooping on VLAN 2. console(config)# interface vlan 2 console(config-if)# ip igmp snooping ip igmp snooping mrouter learn-pim-dvmrp...
  • Page 128 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example enables automatic learning of Multicast device ports on VLAN 2. console(config) # interface vlan 2 console(config-if)# ip igmp snooping mrouter learn-pim-dvmrp Page 127 Not approved by Document Control. For review only.

  • Page 129: Ip Igmp Snooping Host-Time-Out

    IGMP Snooping Commands ip igmp snooping host-time-out The ip igmp snooping host-time-out Interface Configuration (VLAN) mode command configures the host-time- out. If an IGMP report for a Multicast group was not received for a host-time-out period from a specific port, this port is deleted from the member list of that Multicast group.

  • Page 130: Ip Igmp Snooping Querier Address

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Interface Configuration (VLAN) mode User Guidelines IGMP snooping querier can be enabled on a VLAN only if IGMP snooping is enabled for that VLAN. No more then one switch can be configured as an IGMP Querier for a VLAN.

  • Page 131: Ip Igmp Snooping Querier Version

    IGMP Snooping Commands Example .The following example configures the source IP address that the IGMP Snooping querier uses. console(config)# interface vlan 2 console(config-if)# ip igmp snooping querier address 192.168.1.220 ip igmp snooping querier version The ip igmp snooping querier version Interface Configuration mode command configures the IGMP version of an IGMP querier on a specific VLAN.

  • Page 132: Ip Igmp Snooping Leave-Time-Out

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide no ip igmp snooping mrouter-time-out Parameters • time-out — Multicast device timeout in seconds (Range: 1 - 2147483647) Default Configuration The default value is 300 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command.

  • Page 133: Show Ip Igmp Snooping Mrouter

    IGMP Snooping Commands Use immediate leave only where there is just one host connected to a port. Example The following example configures the host leave-time-out to 60 seconds. console(config)# interface vlan 2 console(config-if)# ip igmp snooping leave-time-out 60 show ip igmp snooping mrouter The show ip igmp snooping mrouter User EXEC mode command displays information on dynamically learned Multicast device interfaces.
  • Page 134 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax show ip igmp snooping interface vlan-id Parameters • vlan-id — VLAN number. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.

  • Page 135: Show Ip Igmp Snooping Groups

    IGMP Snooping Commands show ip igmp snooping groups The show ip igmp snooping groups command displays the Multicast groups that was learned by the IGMP snooping Syntax show ip igmp snooping groups [vlan vlan-id] [ip-multicast-address ip-multicast-address] [ip-address ip- address] Parameters •...

  • Page 136: Chapter 11.Ip Addressing Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 11.IP Addressing Commands ip address The ip address Interface Configuration (Ethernet, VLAN, port-channel) mode command sets an IP address. Use the no form of this command to remove an IP address.

  • Page 137: Ip Default-Gateway

    IP Addressing Commands Parameters • host-name — Specifies the name of the host to be placed in the DHCP option 12 field. This name does not have to be the same as the host name specified in the hostname Global Configuration mode command. (Range: 1-20 characters) Default Configuration This command has no default configuration.

  • Page 138: Show Ip Interface

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration No default gateway is defined. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example defines default gateway 192.168.1.1. console(config)# ip default-gateway 192.168.1.1 show ip interface The show ip interface Privileged EXEC mode command displays the usability status of configured IP interfaces.

  • Page 139: Arp

    IP Addressing Commands IP Address Type ------------- --------- ------- 192.168.1.200/24 VLAN 1 Static console# The arp Global Configuration mode command adds a permanent entry in the Address Resolution Protocol (ARP) cache. Use the no form of this command to remove an entry from the ARP cache. Syntax arp ip_addr hw_addr {ethernet interface-number | vlan vlan-id | port-channel port-channel number } no arp ip_addr {ethernet interface-number | vlan vlan-id | port-channel port-channel number}...

  • Page 140: Clear Arp-Cache

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide no arp timeout Parameters • seconds — Time (in seconds) that an entry remains in the ARP cache. (Range: 1-40000000) Default Configuration The default timeout is 60000 seconds. Command Mode Global Configuration mode User Guidelines It is recommended not to set the timeout value to less than 3600.

  • Page 141: Show Arp

    IP Addressing Commands show arp The show arp Privileged EXEC mode command displays entries in the ARP table. Syntax show arp [ip-address ip-address] [mac-address mac-address] [ethernet interface | port-channel port-channel- number] Parameters • ip-address — Displays the ARP entry of a specific IP address. •...

  • Page 142: Ip Domain-Name

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide no ip domain-lookup Parameters This command has no arguments or keywords. Default Configuration The default configuration is set to enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.

  • Page 143: Ip Name-Server

    IP Addressing Commands Example The following example defines default domain name www.website.com. console(config)# ip domain-name www.website.com ip name-server The ip name-server Global Configuration mode command defines the available name servers. Use the no form of this command to remove a name server. Syntax ip name-server server-address [server-address2 …...

  • Page 144: Clear Host

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration No host is defined. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example The following example defines a static host name-to-address mapping in the host cache.

  • Page 145: Show Hosts

    IP Addressing Commands Parameters • name — Specifies the host entry to be removed. (Range: 1-158 characters • * — Removes all entries. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command deletes the host name-to-address mapping temporarily until the next renew of the IP address. Example The following example deletes all entries from the host name-to-address mapping.
  • Page 146 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Name/address lookup is enabled Name servers (Preference order): 176.16.1.18 176.16.1.19 Configured host name-to-address mapping: Host Addresses ---- --------- accounting.gm.com 176.16.8.8 176.16.8.9 (DHCP) Cache: TTL(Hours) Host Total Elapsed Type Addresses ---- ----- -------...
  • Page 147 IP Addressing Commands Page 146...

  • Page 148: Chapter 12.Ipv6 Addressing Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 12.IPv6 Addressing Commands ipv6 enable The ipv6 enable Interface Configuration mode command enables IPv6 processing on an interface. Use the no form of this command to disable IPv6 processing on an interface.

  • Page 149: Ipv6 Address Link-Local

    IPv6 Addressing Commands Parameters • ipv6-address — The IPv6 network assigned to the interface. The address is specified in hexadecimal using 16-bit values between colons. • prefix-length — The length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address).

  • Page 150: Ipv6 Default-Gateway

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Interface configuration (Ethernet, VLAN, Port-channel). Cannot be configured for a range of interfaces (range context). User Guidelines Using the no ipv6 address link-local command removes the manually configured link-local IPv6 address from an interface.

  • Page 151: Show Ipv6 Interface

    IPv6 Addressing Commands – physical-port-name — Designated port number, for example e1. • Configuring a new default gateway without deleting the previously configured information overwrites the previous configuration. • A configured default gateway has a higher precedence over one automatically advertised (via router advertisement message).

  • Page 152: Ipv6 Nd Dad Attempts

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide console# show ipv6 interface Vlan 15 Ipv6 is disabled console# show ipv6 interface Vlan 25 Number of ND DAD attempts: 20 IP addresses Type DAD State --------------- ---------- ---------- FE80::4 Link Local...

  • Page 153: Ipv6 Host

    IPv6 Addressing Commands User Guidelines • Duplicate address detection verifies the uniqueness of new Unicast IPv6 addresses before the addresses are assigned to interfaces (the new addresses remain in a tentative state while duplicate address detection is performed). Duplicate address detection uses neighbor solicitation messages to verify the uniqueness of Unicast IPv6 addresses.

  • Page 154: Ipv6 Neighbor

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Global Configuration mode. User Guidelines • The IPv6Z address format: <ipv6-link-local-address>%<interface-name> – interface-name — vlan<integer> | ch<integer> | isatap<integer> | <physical-port-name> | 0 – integer — <decimal-number> | <integer><decimal-number> –...

  • Page 155: Show Ipv6 Neighbors

    IPv6 Addressing Commands Example The following example configures a static entry in the IPv6 neighbor discovery cache. console(config)# ipv6 neighbor fe80::33 00:11:22:33:44:55 ethernet e5 show ipv6 neighbors The show ipv6 neighbors Privileged EXEC mode command displays IPv6 neighbor discovery cache information. Syntax show ipv6 neighbors {static | dynamic}[ipv6-address ipv6-address] [mac-address mac-address] [ethernet interface-number | vlan vlan-id | port-channel number]...

  • Page 156: Clear Ipv6 Neighbors

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide DELAY_FIRST_PROBE_TIME seconds. If no reachability confirmation is received within DELAY_FIRST_PROBE_TIME seconds of entering the DELAY state, a Neighbor Solicitation is sent and the state is changed to PROBE. – PROBE — A reachability confirmation is actively sought by retransmitting Neighbor Solicitations every RetransTimer milliseconds until a reachability confirmation is received.

  • Page 157: Chapter 13.Line Commands

    Line Commands Chapter 13.Line Commands line The line Global Configuration mode command identifies a specific line for configuration and enters the Line Configuration command mode. Syntax line {console | telnet | ssh} Parameters • console — Console terminal line. • telnet —...

  • Page 158: Autobaud

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration The default speed is 115200 bps. Command Mode Line Configuration (console) mode User Guidelines This command is available only on the line console. The configured speed is applied when Autobaud is disabled. This configuration applies only to the current session.

  • Page 159: Exec-Timeout

    Line Commands exec-timeout The exec-timeout Line Configuration mode command sets the interval that the system waits until user input is detected. Use the no form of this command to return to the default configuration. Syntax exec-timeout minutes [seconds] no exec-timeout Parameters •...

  • Page 160: History Size

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines This command enables the command history function for a specified line. To enable or disable the command history function for the current terminal session, use the terminal history user EXEC mode command.

  • Page 161: Terminal History Size

    Line Commands Parameters This command has no arguments or keywords. Default Configuration The default configuration for all terminal sessions is defined by the history line configuration command. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example disables the command history function for the current terminal session.

  • Page 162: Show Line

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example configures the command history buffer size to 20 commands for the current terminal session. console# terminal history size 20 show line The show line User EXEC mode command displays line parameters.
  • Page 163 Line Commands SSH configuration: Interactive timeout: 10 minutes 10 seconds History: 10 Page 162...

  • Page 164: Chapter 14.Dhcp Option 82 Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 14.DHCP Option 82 Commands ip dhcp information option The ip dhcp information option Global Configuration mode command enables Dynamic Host Configuration Protocol (DHCP) option-82 data insertion. Use the no form of this command to disable DHCP option-82 data insertion.
  • Page 165 DHCP Option 82 Commands Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command. Example The following example displays the DHCP option 82 configuration. console(config)# show ip dhcp information option Page 164...

  • Page 166: Chapter 15.Ip Dhcp Relay

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 15.IP DHCP Relay ip dhcp relay enable (global) The ip dhcp relay enable Global Configuration command enables Dynamic Host Configuration Protocol (DHCP) relay features on the router. Use the no form of this command to disable the relay agent features.

  • Page 167: Ip Dhcp Relay Address

    IP DHCP Relay Command Mode Interface Configuration mode (VLAN, Ethernet, Port-channel) User Guidelines DHCP relay must first be globally enabled before enabling DHCP snooping on an interface. Example The following example enables Dynamic Host Configuration Protocol (DHCP) relay features for an interface. console(config)# interface ethernet 1/e6 console(config-if)# ip dhcp relay enable ip dhcp relay address...
  • Page 168 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Examples The following example displays the server address on the DHCP relay.

  • Page 169: Chapter 16.Lacp Commands

    LACP Commands Chapter 16.LACP Commands lacp system-priority The lacp system-priority Global Configuration mode command configures the system priority. Use the no form of this command to return to the default configuration. Syntax lacp system-priority value no lacp system-priority Parameters • value —...

  • Page 170: Lacp Port-Priority

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide lacp port-priority The lacp port-priority Interface Configuration (Ethernet) mode command configures physical port priority. Use the no form of this command to return to the default configuration, use the no form of this command.

  • Page 171: Lacp Timeout

    LACP Commands lacp timeout The lacp timeout Interface Configuration (Ethernet) mode command assigns an administrative LACP timeout. Use the no form of this command to return to the default configuration. Syntax lacp timeout {long | short} no lacp timeout Parameters •...

  • Page 172: Show Lacp Ethernet

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide show lacp ethernet The show lacp ethernet Privileged EXEC mode command displays LACP information for Ethernet ports. Syntax show lacp ethernet interface [parameters | statistics | protocol-state] Parameters • interface — Valid Ethernet port. (Full syntax: unit/port) •...
  • Page 173 LACP Commands distributing: FALSE expired: FALSE Partner system priority: system mac addr: 00:00:00:00:00:00 port Admin key: port Oper key: port Oper number: port Admin priority: port Oper priority: port Oper timeout: LONG LACP Activity: PASSIVE Aggregation: AGGREGATABLE synchronization: FALSE collecting: FALSE distributing: FALSE...

  • Page 174: Show Lacp Port-Channel

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide show lacp port-channel The show lacp port-channel Privileged EXEC mode command displays LACP information for a port-channel. Syntax show lacp port-channel [port_channel_number] Parameters • port_channel_number — Valid port-channel number. Default Configuration This command has no default configuration.
  • Page 175 LACP Commands Page 174...

  • Page 176: Chapter 17.Lldp Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 17.LLDP Commands lldp enable (global) The lldp enable Global Configuration mode command enables the Link Layer Discovery Protocol (LLDP). Use the no form of this command to disable LLDP. Syntax lldp enable...

  • Page 177: Lldp Timer

    LLDP Commands Default Configuration Enabled in both modes. Command Modes Interface Configuration (Ethernet) mode. User Guidelines • LLDP manages LAG ports individually. LLDP sends separate advertisements on each port in a LAG. LLDP data received through LAG ports is stored individually per port. •...

  • Page 178: Lldp Hold-Multiplier

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide lldp hold-multiplier The lldp hold-multiplier Global Configuration mode command specifies the amount of time the receiving device should hold an LLDP packet before discarding it. Use the no form of this command to revert to the default setting.

  • Page 179: Lldp Tx-Delay

    LLDP Commands Command Mode Global Configuration mode. User Guidelines There are no user guidelines for this command. Example The following example specifies the minimum time an LLDP port waits before reinitializing LLDP transmissions to five seconds. console(config) # lldp reinit-delay 5 lldp tx-delay The lldp tx-delay Global Configuration mode command specifies the delay between successive LLDP frame transmissions initiated by value/status changes in the LLDP local systems MIB.

  • Page 180: Lldp Management-Address

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax lldp optional-tlv tlv1 [tlv2 … tlv5] no lldp optional-tlv Parameters • tlv — Specifies the TLV that should be included. Available optional TLVs are: port-desc, sys-name, sys-desc, sys-cap and 802.3-mac-phy. Default Configuration No optional TLV is transmitted.

  • Page 181: Lldp Notifications

    LLDP Commands User Guidelines • Each port can advertise one IP address. • Only static IP addresses can be advertised. • If multiple addresses exist they can be advertised, for example, where an IP is configured on a port, and the port is a member in a VLAN configured with IP.

  • Page 182: Lldp Med Network-Policy (Global)

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax lldp med enable [tlv1 … tlv3] no lldp med enable Parameters • tlv — Specifies the TLV that should be included. Available TLVs are: network-policy, location and poe-pse. The TLV capabilities are always included if LLDP MED is enabled.

  • Page 183: Lldp Med Network-Policy (Interface)

    LLDP Commands Command Mode Global Configuration mode. User Guidelines • Use the lldp med network-policy Interface Configuration command to attach a network policy to a port. • Up to 32 network policies can be defined. Example The following example defines LLDP MED network policy. console(config)# lldp med network-policy 1 voice vlan 2 vlan-type untagged lldp med network-policy (interface) The lldp med network-policy Interface Configuration (Ethernet) mode command attaches an LLDP MED...

  • Page 184: Clear Lldp Rx

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax lldp med location coordinate data no lldp med location coordinate lldp med location civic-address data no lldp med location civic-address lldp med location ecs-elin data no lldp med location ecs-elin Parameters •...

  • Page 185: Show Lldp Configuration

    LLDP Commands User Guidelines There are no user guidelines for this command. Example The following example restarts the LLDP RX state machine and clears the neighbors table. console(config)# clear lldp rx ethernet e15 show lldp configuration The show lldp configuration Privileged EXEC mode command displays the LLDP configuration. Syntax show lldp configuration [ethernet interface] Parameters...

  • Page 186: Show Lldp Med Configuration

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide The following table describes the significant fields shown in the example: Field Desc ription Timer Specifies how often the software sends LLDP updates. Hold multiplier Specifies the amount of time the receiving device should hold an LLDP packet before discarding it.

  • Page 187: Show Lldp Local

    LLDP Commands Example The following example displays the Link Layer Discovery Protocol (LLDP) Media Endpoint Discovery (MED) configuration. console# show lldp med configuration Network policy 1 ------------------- Application type: Voice VLAN ID: 2 tagged Layer 2 priority: 0 DSCP: 0 Port Capabilities Network policy...
  • Page 188 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example displays the Link Layer Discovery Protocol (LLDP) information that is advertised from the Ethernet interface. console# show lldp local ethernet 1/e1 Device ID: 0060.704C.73FF...

  • Page 189: Show Lldp Neighbors

    LLDP Commands show lldp neighbors The show lldp neighbors Privileged EXEC mode command displays information about neighboring devices discovered using LLDP. Syntax show lldp neighbors [ethernet interface] Parameters • interface — Ethernet interface. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command.
  • Page 190 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example displays information about neighboring devices discovered using Link Layer Discovery Protocol (LLDP). console# show lldp neighbors Port Device ID Port ID System Name Capabilities --------- ---------------- -------- ----------...
  • Page 191 LLDP Commands DSCP: 0 LLDP-MED Power over Ethernet Device Type: Power Device Power source: Primary power Power priority: High Power value: 9.6 Watts LLDP-MED Inventory Hardware revision: 2.1 Firmware revision: 2.3 Software revision: 2.7.1 Serial number: LM759846587 Manufacturer name: VP Model name: TR12 Asset ID: 9 The following table describes significant LLDP fields:...
  • Page 192 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Field Desc ription Auto-negotiation The speed/duplex/flow-control capabilities of the port that are advertised by the Advertised Capabilities auto-negotiation. Operational MAU type Indicates the MAU type of the port. LLDP MED Capabilities Defines the sender's LLDP-MED capabilities.
  • Page 193 LLDP Commands Page 192...

  • Page 194: Chapter 18.Login Banner Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 18.Login Banner Commands login_banner The login_banner Privileged EXEC mode command configures the login banner, which is a security message that is displayed above the Telnet login prompt prior to login. Syntax...
  • Page 195 Login Banner Commands Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example The following example displays the current login banner that is configured to be displayed before a telenet login prompt: console# show login_banner Login banner is: ATI console# Page 194...

  • Page 196: Chapter 19.Management Acl Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 19.Management ACL Commands management access-list The management access-list Global Configuration mode command configures a management Access List and enters the Management Access-list Configuration command mode. Use the no form of this command to delete an Access List.

  • Page 197: Permit (Management)

    Management ACL Commands Example The following example creates a management Access List called mlist, configures management Ethernet interfaces 1/e1 and 2/e9 and makes the new Access List the active list. console(config)# management access-list mlist console(config-macl)# permit ethernet 1/e1 console(config-macl)# permit ethernet 2/e9 console(config-macl)# exit console(config)# management access-class mlist The following example creates a management Access List called mlist, configures all interfaces to be...

  • Page 198: Deny (Management)

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines Rules with Ethernet, VLAN and port-channel parameters are valid only if an IP address is defined on the appropriate interface. The system supports up to 128 management access rules. Example The following example permits all ports in the mlist Access List.

  • Page 199: Management Access-Class

    Management ACL Commands Example The following example denies all ports in the Access List called mlist. console(config)# management access-list mlist console(config-macl)# deny management access-class The management access-class Global Configuration mode command restricts management connections by defining the active management Access List. Use the no form of this command to disable this restriction. Syntax management access-class {console-only | name} no management access-class...

  • Page 200: Show Management Access-Class

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the mlist management Access List. console# show management access-list mlist mlist -----...

  • Page 201: Chapter 20.Phy Diagnostics Commands

    PHY Diagnostics Commands Chapter 20.PHY Diagnostics Commands test copper-port tdr The test copper-port tdr Privileged EXEC mode command uses Time Domain Reflectometry (TDR) technology to diagnose the quality and characteristics of a copper cable attached to a port. Syntax test copper-port tdr interface Parameters •...

  • Page 202: Show Copper-Ports Cable-Length

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines The maximum length of the cable for the TDR test is 120 meter. Example The following example displays information on the last TDR test performed on all copper ports.

  • Page 203: Show Fiber-Ports Optical-Transceiver

    PHY Diagnostics Commands Example The following example displays the estimated copper cable length attached to all ports. console> show copper-ports cable-length Port Length [meters] ---- --------------------- 1/e1 < 50 1/e2 Copper not active 1/e3 110-140 1/e4 Fiber show fiber-ports optical-transceiver Use The show fiber-ports optical-transceiver User EXEC mode command displays the optical transceiver diagnostics.
  • Page 204 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide 7/e3 Copper Temp – Internally measured transceiver temperature. Voltage - Internally measured supply voltage. Current – Measured TX bias current. Output Power – Measured TX output power. Input Power – Measured RX received power.

  • Page 205: Chapter 21.Port Channel Commands

    Port Channel Commands Chapter 21.Port Channel Commands interface port-channel The interface port-channel Global Configuration mode command enters the interface configuration mode to configure a specific port-channel. Syntax interface port-channel port-channel-number Parameters • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration.

  • Page 206: Channel-Group

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each interface in the range. Example The following example groups port-channels 1, 2 and 6 to receive the same command.
  • Page 207 Port Channel Commands Parameters • port-channel-number — Valid port-channel number. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays information on all port-channels. console# show interfaces port-channel Channel Ports...

  • Page 208: Chapter 22.Port Monitor Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 22.Port Monitor Commands port monitor The port monitor Interface Configuration mode command starts a port monitoring session. Use the no form of this command to stop a port monitoring session. Syntax...

  • Page 209: Show Ports Monitor

    Port Monitor Commands show ports monitor The show ports monitor User EXEC mode command displays the port monitoring status. Syntax show ports monitor Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example shows how the port monitoring status is displayed.

  • Page 210: Chapter 23.Power Over Ethernet Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 23.Power over Ethernet Commands power inline The port inline Interface Configuration (Ethernet) mode command configures the administrative mode of inline power on an interface. Syntax power inline {auto | never} Parameters •...

  • Page 211: Power Inline Priority

    Power over Ethernet Commands Default Configuration This command has no default configuration. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example configures a description to an IP-phone to a powered device connected to Ethernet interface 1/e1.

  • Page 212: Power Inline Usage-Threshold

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide power inline usage-threshold The power inline usage-threshold Global Configuration mode command configures the threshold for initiating inline power usage alarms. Use the no form of this command to return to the default configuration.

  • Page 213: Show Power Inline

    Power over Ethernet Commands User Guidelines There are no user guidelines for this command. Example The following example enables inline power traps to be sent when a power usage threshold is exceeded. console(config)# power inline traps enable show power inline The show power inline User EXEC mode command displays the information about inline power.
  • Page 214 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide 3/e1 Auto console# show power inline ethernet 4/e1 Port Powered State Status Priority Class Device ---- ------- ----------- ------------- ------------ -------- 4/e1 Auto class1 Overload Counter: Short Counter: Denied Counter: Absent Counter:...

  • Page 215: Show Power Inline Power-Consumption

    Power over Ethernet Commands show power inline power-consumption The show power inline power-consumption User EXEC mode command displays information about the inline power consumption. Syntax show power inline power-consumption [ethernet interface ] Parameters • interface — Valid Ethernet port. (Full syntax: unit/port) Default Configuration This command has no default configuration.
  • Page 216 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays information about inline power.

  • Page 217: Chapter 24.Qos Commands

    QoS Commands Chapter 24.QoS Commands The qos Global Configuration mode command enables quality of service (QoS) on the device. Use the no form of this command to disable QoS on the device. Syntax no qos Parameters This command has no arguments or keywords. Default Configuration QoS is disabled on the device.

  • Page 218: Priority-Queue Out Num-Of-Queues

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines There are no user guidelines for this command. Example The following example displays QoS attributes when QoS is disabled on the device. console> show qos Qos: disable Trust: dscp priority-queue out num-of-queues The priority-queue out num-of-queues Global Configuration mode command configures the number of expedite queues.

  • Page 219: Traffic-Shape

    QoS Commands Parameters • rate — Maximum kilobits per second of ingress traffic on a port. (Range: 1 - 1000000).) Default Configuration 1000 Kbits/Sec Command Mode Interface Configuration (Ethernet) mode User Guidelines The command can be enabled on a specific port only if port storm-control Broadcast enable interface configuration command is not enabled on that port.

  • Page 220: Show Qos Interface

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide show qos interface The show qos interface User EXEC mode command displays interface QoS information. Syntax show qos interface [buffers | queueing | policers | shapers | rate-limit] [ethernet interface-number | vlan vlan-...

  • Page 221: Wrr-Queue Cos-Map

    QoS Commands wrr-queue cos-map The wrr-queue cos-map Global Configuration mode command maps Class of Service (CoS) values to a specific egress queue. Use the no form of this command to return to the default configuration. Syntax wrr-queue cos-map queue-id cos1...cos8 no wrr-queue cos-map [queue-id] Parameters •...

  • Page 222: Qos Trust (Global)

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide qos trust (Global) The qos trust Global Configuration mode command configures the system to basic mode and the trust state. Use the no form to return untrusted state. Syntax qos trust {cos | dscp}...

  • Page 223: Qos Cos

    QoS Commands Parameters • dscp-list — Specifies up to 8 DSCP values separated by a space. (Range: 0 - 63) • queue-id — Specifies the queue number to which the DSCP values are mapped. (Range: 1 - 4 Default Configuration The following table describes the default map.

  • Page 224: Show Qos Map

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines If the port is trusted, the default CoS value of the port is used to assign a CoS value to all untagged packets entering the port. Example The following example configures port 1/e15 default CoS value to 3.
  • Page 225 QoS Commands The following table describes the significant fields shown above. Column Des cription Decimal Bit 1 of DSCP Decimal Bit 2 of DSCP 01 - 04 Queue numbers Page 224...

  • Page 226: Chapter 25.Radius Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 25.Radius Commands radius-server host The radius-server host Global Configuration mode command specifies a RADIUS server host. Use the no form of this command to delete the specified RADIUS host. Syntax radius-server host {ipv4-address | ipv6-address | hostname} [auth-port auth-port-number] [timeout timeout]...

  • Page 227: Radius-Server Key

    Radius Commands If no host-specific timeout, retries, deadtime or key-string values are specified, global values apply to each RADIUS server host. The address type of the source parameter must be the same as the ip-address parameter. Example The following example specifies a RADIUS server host with IP address 192.168.10.1, authentication request port number 20 and a 20-second timeout period.

  • Page 228: Radius-Server Source-Ip

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide no radius-server retransmit Parameters • retries — Specifies the retransmit value. (Range: 1 - 10) Default Configuration The software searches the list of RADIUS server hosts 3 times. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.

  • Page 229: Radius-Server Source-Ipv6

    Radius Commands Example The following example configures the source IP address used for communication with RADIUS servers to 10.1.1.1. console(config)# radius-server source-ip 10.1.1.1 radius-server source-ipv6 The radius-server source-ipv6 Global Configuration mode command specifies the source IP address used for IPv6 communication with the RADIUS servers. Use the no form of this command to return to the default configuration.

  • Page 230: Radius-Server Deadtime

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration The timeout value is 3 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures the timeout interval to 5 seconds.
  • Page 231 Radius Commands Syntax show radius-servers Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays RADIUS server settings. console# show radius-servers IP address Port...

  • Page 232: Chapter 26.Rmon Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 26.RMON Commands show rmon statistics The show rmon statistics User EXEC mode command displays RMON Ethernet statistics. Syntax show rmon statistics {ethernet interface number | port-channel port-channel-number} Parameters • interface number — Valid Ethernet port.
  • Page 233 RMON Commands The following table describes significant fields shown above: Field De scrip tio n Octets The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets). Packets The total number of packets (including bad packets, Broadcast packets, and Multicast packets) received.

  • Page 234: Rmon Collection History

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide rmon collection history The rmon collection history Interface Configuration (Ethernet, port-channel) mode command enables a Remote Monitoring (RMON) MIB history statistics group on an interface. Use the no form of this command to remove a specified RMON history statistics group.

  • Page 235: Show Rmon History

    RMON Commands Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays all RMON history group statistics. console> show rmon collection history Index Interface Interval...
  • Page 236 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Examples The following examples displays RMON Ethernet history statistics for index 1.
  • Page 237 RMON Commands console> show rmon history 1 other Sample Set: 1 Owner: Me Interface: 1/e1 Interval: 1800 Requested samples: 50 Granted samples: 50 Maximum table size: 500 Time Dropped Collisions -------------------- -------- ---------- Jan 18 2002 21:57:00 Jan 18 2002 21:57:30 The following table describes significant fields shown above: Field D escr ip tio n...

  • Page 238: Rmon Alarm

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Dropped The total number of events in which packets were dropped by the probe due to lack of resources during this sampling interval. This number is not necessarily the number of packets dropped, it is just the number of times this condition has been detected.

  • Page 239: Show Rmon Alarm-Table

    RMON Commands Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures the following alarm conditions: • Alarm index — 1000 • Variable identifier — ati • Sample interval — 360000 seconds •...

  • Page 240: Show Rmon Alarm

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide 1.3.6.1.2.1.2.2.1.10.1 1.3.6.1.2.1.2.2.1.10.1 Manager 1.3.6.1.2.1.2.2.1.10.9 The following table describes significant fields shown above: Field Desc ription Index An index that uniquely identifies the entry. Monitored variable OID. Owner The entity that configured this entry.
  • Page 241 RMON Commands Example The following example displays RMON 1 alarms. console> show rmon alarm 1 Alarm 1 ------- OID: 1.3.6.1.2.1.2.2.1.10.1 Last sample Value: 878128 Interval: 30 Sample Type: delta Startup Alarm: rising Rising Threshold: 8700000 Falling Threshold: 78 Rising Event: 1 Falling Event: 1 Owner: CLI The following table describes the significant fields shown in the display:...

  • Page 242: Rmon Event

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Falling Event The event index used when a falling threshold is crossed. Owner The entity that configured this entry. rmon event The rmon event Global Configuration mode command configures an event. Use the no form of this command to remove an event.

  • Page 243: Show Rmon Log

    RMON Commands Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the RMON event table. console>...

  • Page 244: Rmon Table-Size

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters • event — Specifies the event index. (Range: 0 - 65535) Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
  • Page 245 RMON Commands Syntax rmon table-size {history entries | log entries} no rmon table-size {history | log} Parameters • history entries — Maximum number of history table entries. (Range: 20 -32767) • log entries — Maximum number of log table entries. (Range: 20-32767) Default Configuration History table size is 270.

  • Page 246: Chapter 27.Snmp Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 27.SNMP Commands snmp-server community The snmp-server community Global Configuration mode command configures the community access string to permit access to the SNMP protocol. Use the no form of this command to remove the specified community string.

  • Page 247: Snmp-Server View

    SNMP Commands The internal security name for SNMPv1 and SNMPv2 security models is mapped to the group name. Example The following example defines community access string public to permit administrative access to SNMP protocol at an administrative station with IP address 192.168.1.20. console(config)# snmp-server community public su 192.168.1.20 snmp-server view The snmp-server view Global Configuration mode command creates or updates a Simple Network Management...

  • Page 248: Snmp-Server Group

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide snmp-server group The snmp-server group Global Configuration mode command configures a new Simple Management Protocol (SNMP) group or a table that maps SNMP users to SNMP views. Use the no form of this command to remove a specified SNMP group.

  • Page 249: Snmp-Server User

    SNMP Commands snmp-server user The snmp-server user Global Configuration mode command configures a new SNMP Version 3 user. Use the no form of this command to remove a user. Syntax snmp-server user username groupname [remote engineid-string] [ auth-md5 password | auth-sha password | auth-md5-key md5-des-keys | auth-sha-key sha-des-keys ] no snmp-server user username [remote engineid-string] Parameters...

  • Page 250: Snmp-Server Engineid Local

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example configures an SNMPv3 user John in group user-group. console(config)# snmp-server user John user-group snmp-server engineID local The snmp-server engineID local Global Configuration mode command specifies the Simple Network Management Protocol (SNMP) engineID on the local device.

  • Page 251: Snmp-Server Enable Traps

    SNMP Commands local engine ID. The user’s command line password is then destroyed, as required by RFC 2274. As a result, the security digests of SNMPv3 users become invalid if the local value of the engine ID change, and the users will have to be reconfigured.

  • Page 252: Snmp-Server Host

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax snmp-server filter filter-name oid-tree {included | excluded} no snmp-server filter filter-name [oid-tree] Parameters • filter-name — Specifies the label for the filter record that is being updated or created. The name is used to reference the record.
  • Page 253 SNMP Commands Parameters • ipv4-address — IPv4 address of the host (the targeted recipient). An out-of-band IP address can be specified as described in the usage guidelines. • ipv6-address — IPv6 address of the host (the targeted recipient). When the IPv6 address is a Link Local address (IPv6Z address), the outgoing interface name must be specified.

  • Page 254: Snmp-Server V3-Host

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide snmp-server v3-host The snmp-server v3-host Global Configuration mode command specifies the recipient of Simple Network Management Protocol Version 3 notifications. Use the no form of this command to remove the specified host.

  • Page 255: Snmp-Server Trap Authentication

    SNMP Commands Example The following example configures an SNMPv3 host. console(config)# snmp-server v3-host 192.168.0.20 john noauth snmp-server trap authentication The snmp-server trap authentication Global Configuration mode command enables the device to send SNMP traps when authentication fails. Use the no form of this command to disable SNMP failed authentication traps. Syntax snmp-server trap authentication no snmp-server trap authentication...

  • Page 256: Snmp-Server Location

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines Do not include spaces in the text string or place text that includes spaces inside quotation marks. Example The following example configures the system contact point called ATI_Technical_Support.

  • Page 257: Show Snmp

    SNMP Commands Parameters • variable-name — MIB variable name. • name value — List of name and value pairs. In the case of scalar MIBs, only a single pair of name values. In the case of an entry in a table, at least one pair of name and value followed by one or more fields. Default Configuration This command has no default configuration.
  • Page 258 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example displays the SNMP communications status. console# show snmp Community- Community- View name String Access address ---------- ---------- --------- -------- public read only user-view private read write Default 172.16.1.1...

  • Page 259: Show Snmp Engineid

    SNMP Commands IP Address Management station IP Address. Trap-Rec-Address Targeted Recipient Trap-Rec-Community Statistics sent with the notification operation. Version SNMP version for the sent trap 1 or 2. show snmp engineid The show snmp engineID Privileged EXEC mode command displays the ID of the local Simple Network Management Protocol (SNMP) engine.

  • Page 260: Show Snmp Groups

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the configuration of views. console# show snmp views Name OID Tree Type...

  • Page 261: Show Snmp Filters

    SNMP Commands user-group priv Default "" "" managers-group priv Default Default "" managers-group priv Default "" "" The following table describes significant fields shown above. Field Description Name Name of the group. Security Model SNMP model in use (v1, v2 or v3). Security Level Authentication of a packet with encryption.

  • Page 262: Show Snmp Users

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example displays the configuration of filters. console# show snmp filters Name OID Tree Type ----------- ----------------------- --------- user-filter 1.3.6.1.2.1.1 Included user-filter 1.3.6.1.2.1.1.7 Excluded user-filter 1.3.6.1.2.1.2.2.1.*.1 Included show snmp users The show snmp users Privileged EXEC mode command displays the configuration of users.

  • Page 263: Chapter 28.Spanning-Tree Commands

    Spanning-Tree Commands Chapter 28.Spanning-Tree Commands spanning-tree The spanning-tree Global Configuration mode command enables spanning-tree functionality. Use the no form of this command to disable spanning-tree functionality. Syntax spanning-tree no spanning-tree Parameters This command has no arguments or keywords. Default Configuration Spanning-tree is enabled.

  • Page 264: Spanning-Tree Forward-Time

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration STP is enabled. Command Modes Global Configuration mode User Guidelines In RSTP mode, the device uses STP when the neighbor device uses STP. In MSTP mode, the device uses RSTP when the neighbor device uses RSTP and uses STP when the neighbor device uses STP.

  • Page 265: Spanning-Tree Hello-Time

    Spanning-Tree Commands spanning-tree hello-time The spanning-tree hello-time Global Configuration mode command configures the spanning tree bridge hello time, which is how often the device Broadcasts hello messages to other devices. Use the no form of this command to return to the default configuration. Syntax spanning-tree hello-time seconds no spanning-tree hello-time...

  • Page 266: Spanning-Tree Priority

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines When configuring the maximum age, the following relationships should be kept: 2*(Forward-Time - 1) >= Max-Age Max-Age >= 2*(Hello-Time + 1) Example The following example configures the spanning tree bridge maximum-age to 10 seconds.

  • Page 267: Spanning-Tree Cost

    Spanning-Tree Commands Parameters This command has no arguments or keywords. Default Configuration Spanning tree is enabled on all ports. Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example disables spanning-tree on Ethernet port 1/e5. console(config)# interface ethernet 1/e5 console(config-if)# spanning-tree disable spanning-tree cost...

  • Page 268: Spanning-Tree Port-Priority

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines The path cost method is configured using the spanning-tree pathcost method Global Configuration mode command. Example The following example configures the spanning-tree cost on Ethernet port 1/e15 to 35000. console(config)# interface ethernet 1/e15...

  • Page 269: Spanning-Tree Link-Type

    Spanning-Tree Commands Parameters This command has no arguments or keywords. Default Configuration PortFast mode is disabled. Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines This feature should be used only with interfaces connected to end stations. Otherwise, an accidental topology loop could cause a data packet loop and disrupt device and network operations.

  • Page 270: Spanning-Tree Pathcost Method

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example enables shared spanning-tree on Ethernet port 1/e5 console(config)# interface ethernet 1/e15 console(config-if)# spanning-tree link-type shared spanning-tree pathcost method The spanning-tree pathcost method Global Configuration mode command sets the default path cost method.

  • Page 271: Spanning-Tree Guard Root

    Spanning-Tree Commands Default Configuration The default setting is flooding. Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example defines BPDU packet flooding when the spanning-tree is disabled on an interface console(config)# spanning-tree bpdu flooding spanning-tree guard root The spanning-tree guard root Interface Configuration (Ethernet, port-channel) mode command enables root...

  • Page 272: Spanning-Tree Bpduguard

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide spanning-tree bpduguard The spanning-tree bpduguard Interface Configuration (Ethernet, port-channel) mode command shuts down an interface when it receives a bridge protocol data unit (BPDU). Use the no form of this command to restore the default configuration.

  • Page 273: Spanning-Tree Mst Priority

    Spanning-Tree Commands Command Modes Privileged EXEC mode User Guidelines This feature should be used only when working in RSTP or MSTP mode. Example The following example restarts the protocol migration process on Ethernet port 1/e11. console# clear spanning-tree detected-protocols ethernet 1/e11 spanning-tree mst priority The spanning-tree mst priority Global Configuration mode command configures the device priority for the specified spanning-tree instance.

  • Page 274: Spanning-Tree Mst Port-Priority

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide no spanning-tree mst max-hops Parameters • hop-count—Number of hops in an MST region before the BDPU is discarded .(Range: 1-40) Default Configuration The default number of hops is 20. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.

  • Page 275: Spanning-Tree Mst Cost

    Spanning-Tree Commands Example The following example configures the port priority of port e1 to 142. console(config)# interface ethernet e1 console(config-if)# spanning-tree mst 1 port-priority 142 spanning-tree mst cost The spanning-tree mst cost Interface Configuration mode command configures the path cost for multiple spanning tree (MST) calculations.

  • Page 276: Instance (Mst)

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax spanning-tree mst configuration Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines All devices in an MST region must have the same VLAN mapping, configuration revision number and name.

  • Page 277: Name (Mst)

    Spanning-Tree Commands For two or more devices to be in the same MST region, they must have the same VLAN mapping, the same configuration revision number, and the same name. Example The following example maps VLANs 10-20 to MST instance 1. console(config)# spanning-tree mst configuration console(config-mst)# instance 1 add vlan 10-20 name (mst)

  • Page 278: Show (Mst)

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters • value—Configuration revision number (Range: 0-65535). Default Configuration The default configuration revision number is 0. Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets the configuration revision to 1.

  • Page 279: Exit (Mst)

    Spanning-Tree Commands Instance Vlans Mapped State -------- ------------ ------- 1-9,21-4094 Enabled 10-20 Enabled exit (mst) The exit MST Configuration mode command exits the MST configuration mode and applies all configuration changes. Syntax exit Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration.

  • Page 280: Show Spanning-Tree

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command. Example The following example exits the MST configuration mode without saving changes. console(config) # spanning-tree mst configuration...
  • Page 281 Spanning-Tree Commands Examples The following examples displays spanning-tree information. console# show spanning-tree Spanning tree enabled mode RSTP Default port cost method: long Root ID Priority 32768 Address 00:01:42:97:e0:00 Path Cost 20000 Root Port 1 (1/e1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority...
  • Page 282 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide ---- ------- -------- ----- ---- -------- ---------- 1/e1 Enabled 128.1 20000 Desg P2p (RSTP) 1/e2 Enabled 128.2 20000 Desg Shared (STP) 1/e3 Disabled 128.3 20000 1/e4 Enabled 128.4 20000 Desg Shared (STP)
  • Page 283 Spanning-Tree Commands console# show spanning-tree active Spanning tree enabled mode RSTP Default port cost method: long Root ID Priority 32768 Address 00:01:42:97:e0:00 Path Cost 20000 Root Port 1 (1/e1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 36864...
  • Page 284 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Name State Prio.Nbr Cost Role PortFast Type ---- ------- -------- ----- ---- -------- ---------- 1/e4 Enabled 128.4 ALTN Shared (STP) console# show spanning-tree detail Spanning tree enabled mode RSTP Default port cost method: long...
  • Page 285 Spanning-Tree Commands Number of transitions to forwarding state: 1 BPDU: sent 2, received 170638 Port 3 (1/e3) disabled State: N/A Role: N/A Port id: 128.3 Port cost: 20000 Type: N/A (configured: auto) Port Fast: N/A (configured:no) Designated bridge Priority: N/A Address: N/A Designated port id: N/A Designated path cost: N/A...
  • Page 286 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide console# show spanning-tree ethernet 1/e1 Port 1 (1/e1) enabled State: Forwarding Role: Root Port id: 128.1 Port cost: 20000 Type: P2p (configured: auto) RSTP Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:01:42:97:e0:00 Designated port id: 128.25...
  • Page 287 Spanning-Tree Commands Name State Prio.Nbr Cost Role PortFast Type ---- ------- -------- ----- ---- -------- ---------- 1/e1 Enabled 128.1 20000 Root P2p Bound (RSTP) 1/e2 Enabled 128.2 20000 Desg Shared Bound (STP) 1/e3 Enabled 128.3 20000 Desg 1/e4 Enabled 128.4 20000 Desg ###### MST 1 Vlans Mapped: 10-20...
  • Page 288 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec IST Master ID Priority 32768 Address 00:02:4b:29:7a:00 This switch is the IST master. Hello Time 2 sec Max Age 20 sec...
  • Page 289 Spanning-Tree Commands Port 4 (1/e4) enabled State: Forwarding Role: Designated Port id: 128.4 Port cost: 20000 Type: Shared (configured: auto) Internal Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:7a:00 Designated port id: 128.2 Designated cost: 20000 Guard Root: Disabled BPDU Guard: Disabled Number of transitions to forwarding state: 1 BPDU: sent 2, received 170638...
  • Page 290 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Designated port id: 128.2 Designated cost: 20000 Guard Root: Disabled BPDU Guard: Disabled Number of transitions to forwarding state: 1 BPDU: sent 2, received 170638 Port 3 (1/e3) disabled State: Blocking Role: Alternate Port id: 128.3...
  • Page 291 Spanning-Tree Commands Address 00:02:4b:19:7a:00 Path Cost 10000 Rem hops Bridge ID Priority 32768 Address 00:02:4b:29:7a:00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Max hops console# show spanning-tree Spanning tree enabled mode MSTP Default port cost method: long ###### MST 0 Vlans Mapped: 1-9 CST Root ID Priority...

  • Page 292: Chapter 29.Ssh Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 29.SSH Commands ip ssh port The ip ssh port Global Configuration mode command specifies the port to be used by the SSH server. Use the no form of this command to return to the default configuration.

  • Page 293: Crypto Key Generate Dsa

    SSH Commands Command Mode Global Configuration mode User Guidelines If encryption keys are not generated, the SSH server is in standby until the keys are generated. To generate SSH server keys, use the crypto key generate dsa, and crypto key generate rsa Global Configuration mode commands.

  • Page 294: Ip Ssh Pubkey-Auth

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax crypto key generate rsa Parameters This command has no arguments or keywords. Default Configuration RSA key pairs do not exist. Command Mode Global Configuration mode User Guidelines RSA keys are generated in pairs: one public RSA key and one private RSA key. If the device already has RSA keys, a warning and prompt to replace the existing keys with new keys are displayed.

  • Page 295: Crypto Key Pubkey-Chain Ssh

    SSH Commands Example The following example enables public key authentication for incoming SSH sessions. console(config)# ip ssh pubkey-auth crypto key pubkey-chain ssh The crypto key pubkey-chain ssh Global Configuration mode command enters the SSH Public Key-chain Configuration mode. The mode is used to manually specify other device public keys such as SSH client public keys.

  • Page 296: User-Key

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide user-key The user-key SSH Public Key-string Configuration mode command specifies which SSH public key is manually configured. Use the no form of this command to remove an SSH public key. Syntax user-key username {rsa | dsa}...

  • Page 297: Show Ip Ssh

    SSH Commands Default Configuration No keys exist. Command Mode SSH Public Key-string Configuration mode User Guidelines Use the key-string SSH Public Key-string Configuration mode command to specify which SSH public key is to be interactively configured next. To complete the command, you must enter a row with no characters. Use the key-string row SSH Public Key-string Configuration mode command to specify the SSH public key row by row.

  • Page 298: Show Crypto Key Mypubkey

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the SSH server configuration.

  • Page 299: Show Crypto Key Pubkey-Chain Ssh

    SSH Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the SSH public RSA keys on the device. console# show crypto key mypubkey rsa RSA key data: 005C300D 06092A86 4886F70D 01010105 00034B00 30480241 00C5E23B 55D6AB22 04AEF1BA A54028A6 9ACC01C5 129D99E4 64CAB820 847EDAD9 DF0B4E4C 73A05DD2...
  • Page 300 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example displays SSH public keys stored on the device. console# show crypto key pubkey-chain ssh Username Fingerprint -------- ----------------------------------------------- 9A:CC:01:C5:78:39:27:86:79:CC:23:C5:98:59:F1:86 john 98:F7:6E:28:F2:79:87:C8:18:F8:88:CC:F8:89:87:C8 console# show crypto key pubkey-chain ssh username bob...

  • Page 301: Chapter 30.Syslog Commands

    Syslog Commands Chapter 30.Syslog Commands logging on The logging on Global Configuration mode command controls error message logging. This command sends debug or error messages to a logging process, which logs messages to designated locations asynchronously to the process that generated the messages. Use the no form of this command to disable the logging process. Syntax logging on no logging on...

  • Page 302: Logging Console

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters • ipv4-address — Specifies the IPv4 address of the host to be used as a syslog server. • Ipv6-address — Specifies the IPv6 address of the host to be used as a syslog server.

  • Page 303: Logging Buffered

    Syslog Commands Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example limits logging messages displayed on the console to severity level errors. console(config)# logging console errors logging buffered The logging buffered Global Configuration mode command limits syslog messages displayed from an internal buffer based on severity.

  • Page 304: Clear Logging

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax logging buffered size number no logging buffered size Parameters • number — Specifies the maximum number of messages stored in the history table. (Range: 20 - 400) Default Configuration The default number of messages is 200.

  • Page 305: Logging File

    Syslog Commands logging file The logging file Global Configuration mode command limits syslog messages sent to the logging file based on severity. Use the no form of this command to cancel using the logging file. Syntax logging file level no logging file Parameters •...

  • Page 306: Aaa Logging

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example clears messages from the logging file. console# clear logging file Clear Logging File [y/n] aaa logging The aaa logging Global Configuration mode command enables logging AAA login events. Use the no form of this command to disable logging AAA login events.

  • Page 307: Management Logging

    Syslog Commands Parameters • copy — Indicates logging messages related to file copy operations. • delete-rename — Indicates logging messages related to file deletion and renaming operations. Default Configuration Logging file system events is enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.

  • Page 308: Show Logging

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide show logging The show logging Privileged EXEC mode command displays the state of logging and the syslog messages stored in the internal buffer. Syntax show logging Parameters This command has no arguments or keywords.

  • Page 309: Show Logging File

    Syslog Commands 29-Nov-2007 17:46:02 :%LINK-I-Up: 2/e16 29-Nov-2007 17:46:02 :%LINK-I-Up: Vlan 1 29-Nov-2007 17:45:59 :%LINK-W-Down: 3/e14 29-Nov-2007 17:45:59 :%LINK-W-Down: Vlan 1 29-Nov-2007 17:36:58 :%AAA-I-CONNECT: New http connection for user Admin, source 192.168.1.96 destination 192.168.1.25 ACCEPTED 29-Nov-2007 17:36:36 :%AAA-W-REJECT: New http connection for user manager, sourc e 192.168.1.96 destination 192.168.1.25 REJECTED console#...

  • Page 310: Show Syslog-Servers

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example displays the logging state and the syslog messages stored in the logging file console# show logging file Logging is enabled. Console Logging: Level info. Console Messages: 226 Dropped.
  • Page 311 Syslog Commands Example The following example displays the settings of the syslog servers. console# show syslog-servers Device Configuration IP address Port Severity Facility Description ------------ ---- ------------- -------- ----------- 192.180.2.27 Informational local7 192.180.2.28 Warning local7 Page 310...

  • Page 312: Chapter 31.Tacacs+ Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 31.TACACS+ Commands tacacs-server host The tacacs-server host Global Configuration mode command specifies a TACACS+ host. Use the no form of this command to delete the specified name or address. Syntax tacacs-server host {ip-address | hostname} [single-connection] [port port-number] [timeout timeout] [key key-...

  • Page 313: Tacacs-Server Key

    TACACS+ Commands Example The following example specifies a TACACS+ host. console(config)# tacacs-server host 172.16.1.1 tacacs-server key The tacacs-server key Global Configuration mode command sets the authentication encryption key used for all TACACS+ communications between the device and the TACACS+ daemon. Use the no form of this command to disable the key.

  • Page 314: Tacacs-Server Source-Ip

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration 5 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets the timeout value to 30. console(config)# tacacs-server timeout 30...
  • Page 315 TACACS+ Commands Syntax show tacacs [ip-address] Parameters • ip-address — Name or IP address of the TACACS+ server. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays configuration and statistical information about a TACACS+ server.

  • Page 316: Chapter 32.Tunnel Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 32.Tunnel Commands interface tunnel The interface tunnel Global Configuration mode command enters tunnel interface configuration mode. Syntax interface tunnel number Parameters • number — Tunnel index. Default Configuration This command has no default configuration.

  • Page 317: Tunnel Isatap Router

    Tunnel Commands Command Mode Interface Tunnel Configuration mode. User Guidelines • The system can be enabled to an ISATAP tunnel. When enabled, an automatic tunnel interface is created on each interface that is assigned with an IPv4 address. Note On a specific interface (that is port/ VLAN), both native IPv6 and transition mechanisms can coexist. The host implementation chooses the egress interface according to the scope of the destination IP address (for example ISATAP/ Native IPv6).

  • Page 318: Tunnel Source

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example configures a global string Dell_Tunnel_Router to represent a specific automatic tunnel router domain name: console(config)# interface tunnel 1 console(config-tunnel)# tunnel isatap router Dell_Tunnel_Router tunnel source The tunnel source Interface Tunnel Configuration mode command sets the local (source) tunnel interface IPv4 address.

  • Page 319: Tunnel Isatap Solicitation-Interval

    Tunnel Commands no tunnel isatap query-interval Parameters • seconds — Specifies the number of seconds between DNS Queries. (Range: 10 - 3600) Default Configuration 10 seconds. Command Mode Global Configuration mode. User Guidelines • This command determines the interval of DNS queries before the IP address of the ISATAP router is known. When the IP address is known, the robustness level that is set by the tunnel isatap robustness global configuration command determines the refresh rate.

  • Page 320: Tunnel Isatap Robustness

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example configures the interval between ISATAP router solicitations messages to 60 seconds. console(config)# tunnel isatap solicitation-interval 60 tunnel isatap robustness The tunnel isatap robustness Global Configuration mode command configures the number of DNS Query/Router Solicitation refresh messages that the device sends.
  • Page 321 Tunnel Commands Default Configuration This command has no default setting. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example The following example displays information on the ISATAP tunnel: console> show ipv6 tunnel Router DNS name: ISATAP Router IPv4 address: 172.16.1.1 DNS Query interval: 10 seconds Min DNS Query interval: 0 seconds...

  • Page 322: Chapter 33.System Management Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 33.System Management Commands ping The ping User EXEC mode command sends ICMP echo request packets to another node on the network. Syntax ping {ipv4-address | hostname } [size packet_size] [count packet_count] [timeout time_out]...

  • Page 323: Telnet

    System Management Commands – physical-port-name = Product specific. • When using the ping ipv6 command to check network connectivity of a directly attached host using its link local address, the egress interface must be specified as defined in RFC 4007. Example The following example displays pinging results: console>...
  • Page 324 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters • ip-address — IP address of the destination host. An out-of-band IP address can be specified as described in the usage guidelines (Must be a valid IP address). • hostname — Host name of the destination host (Range 1-158 characters - Max. label size:63).
  • Page 325 System Management Commands Several concurrent Telnet sessions can be opened and switched. To open a subsequent session, the current connection has to be suspended by pressing the escape sequence keys (Ctrl-shift-6) and x to return to the system command prompt. Then open a new connection with the Telnet User EXEC mode command. Table 2: Keywords Table Op tio n...

  • Page 326: Reload

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Table 3: Ports Table Key wo rd Des cription Por t n um ber pop2 Post Office Protocol v2 pop3 Post Office Protocol v3 smtp Simple Mail Transport Protocol sunpc Sun Remote Procedure Call...

  • Page 327: Resume

    System Management Commands resume Syntax resume [connection] Default Configuration The default connection number is that of the most recent connection. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following command switches to open Telnet session number 1. console>...

  • Page 328: Stack Master

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example specifies the device host name. console(config)# hostname stack stack(config)# no hostname console(config)# stack master The stack master Global Configuration mode command enables forcing the selection of a stack master. Use the no form of this command to return to the default configuration.

  • Page 329: Stack Reload

    System Management Commands stack reload Note This command is operational in the AT-S94/24, AT-S94/24POE, AT-S94/48 and AT-S94/48POE devices. The stack reload Privileged EXEC mode command reloads stack members. Syntax stack reload [unit unit] Parameters • unit— Number of the unit to be reloaded (Range: 1-6) Default Configuration All units are reloaded.

  • Page 330: Show Stack

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration The automatically configured unit number is assigned. Command Modes Global Configuration mode User Guidelines This command is not relevant to standalone devices. The command takes effect only after resetting the device.

  • Page 331: Show Users

    System Management Commands ---- ----------------- -------- -------- ------ -------- ------ 10:20:30:40:50:60 v1.1.0.29 Forced master 00:00:00:00:48:05 v1.1.0.29 Enabled backup 00:00:f4:48:01:00 v1.1.0.29 Disabled slave 00:15:77:37:33:e0 v1.1.0.29 Disabled slave 00:30:00:00:30:00 v1.1.0.29 Disabled slave 00:00:f4:48:0a:00 v1.1.0.29 Disabled slave Topology is Ring Unit Unit Id After Reset ------------- ---- console#...

  • Page 332: Show Sessions

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays information about the active users.

  • Page 333: Show System

    System Management Commands Example The following example lists open Telnet sessions. console> show sessions Connection Host Address Port Byte ---------- ------------- ---------- ----- ---- Remote device 172.16.1.1 172.16.1.2 172.16.1.2 The following table describes significant fields shown above. Field D escr ip tio n Connection Connection number.

  • Page 334: Show System Id

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Unit Type ---- -------------- AT 8000GS/24 AT 8000GS/48 Unit Main Power Supply Redundant Power Supply ---- ---------------- ----------------------- Unit Up time ---- -------------- 00,03:38:12 00,03:34:44 Serial number ---------- console# show system unit 2...

  • Page 335: Show Version

    System Management Commands Parameters • unit unit — Unit number. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the system information console>...
  • Page 336 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example displays system version information (only for demonstration purposes). console> show version Unit SW version Boot version HW version ---- ---------- ------------ ---------- v1.1.0.29 1.0.1.06 01.00.00 v1.1.0.29 1.0.1.06 01.00.00 v1.1.0.29...

  • Page 337: Chapter 34.User Interface Commands

    User Interface Commands Chapter 34.User Interface Commands The do command executes an EXEC-level command from Global Configuration mode or any configuration submode. Syntax do command Parameters • command — Specifies the EXEC-level command to execute. Default Configuration This command has no default configuration. Command Mode All Configuration modes User Guidelines...

  • Page 338: Enable

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide enable The enable User EXEC mode command enters the Privileged EXEC mode. Syntax enable [privilege-level] Parameters • privilege-level — Privilege level to enter the system. (Range: 1 - 15) Default Configuration The default privilege level is 15.

  • Page 339: Login

    User Interface Commands Example The following example returns to Users EXEC mode. console# disable console> login The login User EXEC mode command changes a login username. Syntax login Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines...

  • Page 340: Exit (Configuration)

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example enters Global Configuration mode. console# configure console(config)# exit (Configuration) The exit command exits any configuration mode to the next highest mode in the CLI mode hierarchy.

  • Page 341: End

    User Interface Commands Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command. Example The following example closes an active terminal session. console>...

  • Page 342: Terminal Datadump

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax help Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode All command modes User Guidelines There are no user guidelines for this command.

  • Page 343: Show History

    User Interface Commands Command Mode User EXEC mode User Guidelines By default, a More prompt is displayed when the output contains more lines than can be displayed on the screen. Pressing the Enter key displays the next line; pressing the Spacebar displays the next screen of output. The data- dump command enables dumping all output immediately after entering the show command.

  • Page 344: Show Privilege

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide console# show history show version show clock show history 3 commands were logged (buffer size is 10) show privilege The show privilege Privileged/User EXEC mode command displays the current privilege level. Syntax...

  • Page 345: Chapter 35.Vlan Commands

    VLAN Commands Chapter 35.VLAN Commands vlan database The vlan database Global Configuration mode command enters the VLAN Configuration mode. Syntax vlan database Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.

  • Page 346: Interface Vlan

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode VLAN Configuration mode User Guidelines There are no user guidelines for this command. Example The following example VLAN number 1972 is created. console(config)# vlan database console(config-vlan)# vlan 1972 console(config-vlan)# interface vlan The interface vlan Global Configuration mode command enters the Interface Configuration (VLAN) mode.

  • Page 347: Interface Range Vlan

    VLAN Commands interface range vlan The interface range vlan Global Configuration mode command enables simultaneously configuring multiple VLANs. Syntax interface range vlan {vlan-range | all} Parameters • vlan-range — Specifies a list of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma and no spaces;...

  • Page 348: Switchport Protected

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Interface Configuration (VLAN) mode. Cannot be configured for a range of interfaces (range context). User Guidelines There are no user guidelines for this command. Example The following example gives VLAN number 19 the name Marketing.

  • Page 349: Switchport Mode

    VLAN Commands Example This example configures ethernet port 1/e8 as a protected port, so that all traffic is sent to its uplink (ethernet port 1/e9). console(config)# interface ethernet 1/e8 console(config-if)# switchport forbidden vlan add 234-256 console(config-if)# exit console(config)# interface ethernet 1/e9 console(config-if)# switchport protected ethernet 1/e1 switchport mode The switchport mode Interface Configuration mode command configures the VLAN membership mode of a port.

  • Page 350: Switchport Access Vlan

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide switchport access vlan The switchport access vlan Interface Configuration mode command configures the VLAN ID when the interface is in access mode. Use the no form of this command to return to the default configuration.

  • Page 351: Switchport Trunk Native Vlan

    VLAN Commands Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example adds VLANs 1, 2, 5 to 6 to the allowed list of Ethernet port 1/e16. console(config)# interface ethernet 1/e16 console(config-if)# switchport trunk allowed vlan add 1-2,5-6 switchport trunk native vlan The switchport trunk native vlan Interface Configuration mode command defines the native VLAN when the...

  • Page 352: Switchport General Pvid

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax switchport general allowed vlan add vlan-list [tagged | untagged] switchport general allowed vlan remove vlan-list Parameters • add vlan-list — Specifies the list of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma and no spaces.

  • Page 353: Switchport General Ingress-Filtering Disable

    VLAN Commands User Guidelines There are no user guidelines for this command. Example The following example configures the PVID for Ethernet port 1/e16, when the interface is in general mode. console(config)# interface ethernet 1/e16 console(config-if)# switchport general pvid 234 switchport general ingress-filtering disable The switchport general ingress-filtering disable Interface Configuration mode command disables the ingress filtering of a port.

  • Page 354: Switchport General Map Macs-Group Vlan

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Default Configuration All frame types are accepted at ingress. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example configures Ethernet port 1/e16 to discard untagged frames at ingress.

  • Page 355: Map Mac Macs-Group

    VLAN Commands Example The following example sets a mac-based classification rule. console(config)# vlan database console(config-vlan)# map mac 00:08:78:32:98:78 9 macs-group 1 interface ethernet e17 console(config-vlan)# exit console(config)# interface ethernet 1/e17 console(config-if)# switchport mode general console(config-if)# switchport general map macs-group 1 vlan 2 map mac macs-group The map mac macs-group VLAN Configuration mode command maps a MAC address or a range of MAC addresses to a group of MAC addresses.

  • Page 356: Switchport Forbidden Vlan

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example...

  • Page 357: Ip Internal-Usage-Vlan

    VLAN Commands Example The following example forbids adding VLAN IDs 234 to 256 to Ethernet port 1/e16. console(config)# interface ethernet 1/e16 console(config-if)# switchport forbidden vlan add 234-256 ip internal-usage-vlan The ip internal-usage-vlan Interface Configuration mode command reserves a VLAN as the internal usage VLAN of an interface.

  • Page 358: Show Vlan

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide show vlan The show vlan Privileged EXEC mode command displays VLAN information. Syntax show vlan [tag vlan-id | name vlan-name ] Parameters • vlan-id — specifies a VLAN ID • vlan-name — Specifies a VLAN name string. (Range: 1 - 32 characters) Default Configuration This command has no default configuration.

  • Page 359: Show Interfaces Switchport

    VLAN Commands Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays VLANs used internally by the device. console# show vlan internal usage VLAN Usage...
  • Page 360 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example displays the switchport configuration for Ethernet port 1/e1. console# show interface switchport ethernet 1/e1 Port 1/e1: VLAN Membership mode: General Operating parameters: PVID: 1 (default) Ingress Filtering: Enabled...
  • Page 361 VLAN Commands console# show interface switchport ethernet 1/e2 Port 1/e2: VLAN Membership mode: General Operating parameters: PVID: 4095 (discard vlan) Ingress Filtering: Enabled Acceptable Frame Type: All Port 1/e1 is member in: Vlan Name Egress rule Type ---- ------------ ----------- ------ IP Telephony tagged...
  • Page 362 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Acceptable Frame Type: Untagged GVRP status: Disabled Page 361 Not approved by Document Control. For review only.

  • Page 363: Chapter 36.Web Server Commands

    Web Server Commands Chapter 36.Web Server Commands ip http server The ip http server Global Configuration mode command enables configuring the device from a browser. Use the no form of this command to disable this function. Syntax ip http server no ip http server Parameters This command has no arguments or keywords.

  • Page 364: Ip Http Exec-Timeout

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate. Specifying 0 as the port number effectively disables HTTP access to the device.

  • Page 365: Ip Https Port

    Web Server Commands Syntax ip https server no ip https server Parameters This command has no arguments or keywords. Default Configuration Disabled. Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate. Example The following example enables configuring the device from a secured browser.

  • Page 366: Ip Https Exec-Timeout

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example configures the https port number to 100. console(config)# ip https port 100 ip https exec-timeout The ip https exec-timeout Global Configuration mode command sets the interval for the system wait for user input in https sessions, before automatic logoff.

  • Page 367: Crypto Certificate Request

    Web Server Commands Parameters • number — Specifies the certificate number. (Range: 1 - 2) • key-generate — Regenerate the SSL RSA key. • length — Specifies the SSL RSA key length. (Range: 512 - 2048) • string — Passphrase used for exporting the certificate in PKCS12 file format. If unspecified the certificate is not exportable.
  • Page 368 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax crypto certificate number request [cn common- name ] [ou organization-unit] [or organization] [loc location] [st state] [cu country] Parameters • number — Specifies the certificate number. (Range: 1 - 2) •...

  • Page 369: Crypto Certificate Import

    Web Server Commands Example The following example generates and displays a certificate request for HTTPS. console# crypto certificate 1 request -----BEGIN CERTIFICATE REQUEST----- MIwTCCASoCAQAwYjELMAkGA1UEBhMCUFAxCzAJBgNVBAgTAkNDMQswCQYDVQQH EwRDEMMAoGA1UEChMDZGxkMQwwCgYDVQQLEwNkbGQxCzAJBgNVBAMTAmxkMRAw DgKoZIhvcNAQkBFgFsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8ecwQ HdML0831i0fh/F0MV/Kib6Sz5p+3nUUenbfHp/igVPmFM+1nbqTDekb2ymCu6K aKvEbVLF9F2LmM7VPjDBb9bb4jnxkvwW/wzDLvW2rsy5NPmH1QVl+8Ubx3GyCm /oW93BSOFwxwEsP58kf+sPYPy+/8wwmoNtDwIDAQABoB8wHQYJKoZIhvcNAQkH MRDjEyMwgICCAgICAICAgIMA0GCSqGSIb3DQEBBAUAA4GBAGb8UgIx7rB05m+2 m5ZZPhIwl8ARSPXwhVdJexFjbnmvcacqjPG8pIiRV6LkxryGF2bVU3jKEipcZa g+uNpyTkDt3ZVU72pjz/fa8TF0n3 -----END CERTIFICATE REQUEST----- CN= router.gm.com 0= General Motors C= US crypto certificate import The crypto certificate import Global Configuration mode command imports a certificate signed by the...

  • Page 370: Ip Https Certificate

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example imports a certificate signed by Certification Authority for HTTPS. console(config)# crypto certificate 1 import -----BEGIN CERTIFICATE----- dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAp4HS nnH/xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0kmfhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYeBABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFAf4MT9BRD47 ZvKBAEL9Ggp+6MIIBNgYDVR0fBIIBLTCCASkwgdKggc+ggcyGgclsZGFwOi8v L0VByb3h5JTIwU29mdHdhcmUlMjBSb290JTIwQ2VydGlmaWVyLENOPXNlcnZl -----END CERTIFICATE----- Certificate imported successfully. Issued to: router.gm.com Issued by: www.verisign.com...

  • Page 371: Show Crypto Certificate Mycertificate

    Web Server Commands show crypto certificate mycertificate The show crypto certificate mycertificate Privileged EXEC mode command displays the SSH certificates of the device. Syntax show crypto certificate mycertificate [number] Parameters • number — Specifies the certificate number. (Range: 1- 2) Default Configuration This command has no default configuration.

  • Page 372: Show Ip Https

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the HTTP server configuration.
  • Page 373 Web Server Commands Certificate 1 is active Issued by: www.verisign.com Valid from: 8/9/2004 to 8/9/2005 Subject: CN= router.gm.com, 0= General Motors, C= US Finger print: DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by: self-signed Valid from: 8/9/2004 to 8/9/2005 Subject: CN= router.gm.com, 0= General Motors, C= US Finger print: 1873B936 88DC3411 BC8932EF 782134BA Page 372...

  • Page 374: Chapter 37. 802.1X Commands

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Chapter 37. 802.1x Commands aaa authentication dot1x The aaa authentication dot1x Global Configuration mode command specifies one or more authentication, authorization, and accounting (AAA) methods for use on interfaces running IEEE 802.1X. Use the no form of this command to return to the default configuration.

  • Page 375: Dot1X Port-Control

    802.1x Commands no dot1x system-auth-control Parameters This command has no arguments or keywords. Default Configuration 802.1x is disabled globally. Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables 802.1x globally. console(config)# dot1x system-auth-control dot1x port-control The dot1x port-control Interface Configuration mode command enables manually controlling the authorization...

  • Page 376: Dot1X Re-Authentication

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide User Guidelines It is recommended to disable spanning tree or to enable spanning-tree PortFast mode on 802.1x edge ports (ports in auto state that are connected to end stations), in order to get immediately to the forwarding state after successful authentication.

  • Page 377: Dot1X Re-Authenticate

    802.1x Commands Parameters • seconds — Number of seconds between re-authentication attempts. (Range: 300 - 4294967295) Default Configuration Re-authentication period is 3600 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example sets the number of seconds between re-authentication attempts, to 300.

  • Page 378: Dot1X Timeout Quiet-Period

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide dot1x timeout quiet-period The dot1x timeout quiet-period Interface Configuration mode command sets the number of seconds that the device remains in the quiet state following a failed authentication exchange (for example, the client provided an invalid password).

  • Page 379: Dot1X Max-Req

    802.1x Commands Default Configuration Timeout period is 30 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines The default value of this command should be changed only to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients. and authentication servers Example The following command sets the number of seconds that the device waits for a response to an EAP-request/ identity frame, to 3600 seconds.

  • Page 380: Dot1X Timeout Supp-Timeout

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example sets the number of times that the device sends an EAP-request/identity frame to 6 . console(config)# interface ethernet 1/e16 console(config-if)# dot1x max-req 6 dot1x timeout supp-timeout The dot1x timeout supp-timeout Interface Configuration mode command sets the time for the retransmission of an Extensible Authentication Protocol (EAP)-request frame to the client.

  • Page 381: Show Dot1X

    802.1x Commands Parameters • seconds — Time in seconds that the device waits for a response from the authentication server. (Range: 1-65535 seconds) Default Configuration The timeout period is 30 seconds. Command Mode Interface configuration (Ethernet) mode User Guidelines The actual timeout can be determined by comparing the dot1x timeout server-timeout value and the result of multiplying the radius-server retransmit value with the radius-server timeout value and selecting the lower of the two values.
  • Page 382 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide 802.1x is disabled Port Admin Mode Oper Mode Reauth Reauth Username Control Period ---- ---------- --------- ------- ------ -------- 1/e1 Auto Authorized Enabled 3600 1/e2 Auto Authorized Enabled 3600 John 1/e3 Auto...

  • Page 383: Show Dot1X Users

    802.1x Commands Authentication success: 0 Authentication fails: 0 The following table describes significant fields shown above: Field Description Port The port number. Admin mode The port admin mode. Possible values: Force-auth, Force-unauth, Auto. Oper mode The port oper mode. Possible values: Authorized, Unauthorized or Down. Reauth Control Reauthentication control.
  • Page 384 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax show dot1x users [username username] Parameters • username — Supplicant username (Range: 1-160 characters) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.

  • Page 385: Show Dot1X Statistics

    802.1x Commands show dot1x statistics The show dot1x statistics Privileged EXEC mode command displays 802.1X statistics for the specified interface. Syntax show dot1x statistics ethernet interface Parameters • interface — Valid Ethernet port. (Full syntax: unit/port) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines...

  • Page 386: Dot1X Auth-Not-Req

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide The following table describes the significant fields shown in the display: Field Description EapolFramesRx The number of valid EAPOL frames of any type that have been received by this Authenticator. EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator.

  • Page 387: Dot1X Guest-Vlan

    802.1x Commands Command Mode Interface Configuration (VLAN) mode User Guidelines An access port cannot be a member in an unauthenticated VLAN. The native VLAN of a trunk port cannot be an unauthenticated VLAN. For a general port, the PVID can be an unauthenticated VLAN (although only tagged packets would be accepted in the unauthorized state.) Example The following example enables access to the VLAN to unauthorized devices.

  • Page 388: Dot1X Single-Host-Violation

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Example The following example defines VLAN 2 as a guest VLAN. console# console# configure console(config)# vlan database console(config-vlan)# vlan 2 console(config-vlan)# exit console(config)# interface vlan 2 console(config-if)# dot1x guest-vlan dot1x single-host-violation The dot1x single-host-violation Interface Configuration (Ethernet) mode command configures the action to be taken, when a station whose MAC address is not the supplicant MAC address, attempts to access the interface.

  • Page 389: Dot1X Mac-Authentication

    802.1x Commands Example The following example forwards frames with source addresses that are not the supplicant address and sends consecutive traps at intervals of 100 seconds. console(config)# interface ethernet 1/16 console(config-if)# dot1x single-host-violation forward trap 100 dot1x mac-authentication The mac-authentication Interface Configuration mode command enables authentication based on the station's MAC address.
  • Page 390 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Syntax show dot1x advanced interface Parameters • interface — Ethernet interface. Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command.

  • Page 391: Dot1X Guest-Vlan Enable

    802.1x Commands Violation action: Discard Trap: Enabled Trap frequency: 100 Status: Single-host locked Violations since last trap: 9 dot1x guest-vlan enable The dot1x guest-vlan enable Interface Configuration mode command enables unauthorized users on the interface access to the Guest VLAN. Use the no form of this command to disable access. Syntax dot1x guest-vlan enable no dot1x guest-vlan enable...

  • Page 392: Dot1X Radius-Attributes Vlan

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Parameters • sec — Specify the timeout in seconds. (Range: 30 – 180) Default Configuration The guest VLAN is applied immediately. Command Mode Global Configuration mode. User Guidelines This command is relevant if the guest VLAN is enabled on the port. Configuring the timeout adds delay from enabling 802.1X (or port up) to the time the switch puts the port in the guest VLAN...
  • Page 393 802.1x Commands After successful authentication the port remains as a member in the unauthenticated VLANs and in the Guest VLAN. Other static VLAN configurations are not applied on the port. If the supplicant VLAN does not exist on the switch, the supplicant is rejected. Examples The following example enables user-based VLAN assignment.

  • Page 394: Index

    Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide Index aaa accounting dot1x 47 aaa accounting login 46 aaa authentication dot1x 373 aaa authentication dot1x default 373 aaa authentication enable 40 aaa authentication login 39 aaa logging 305 abort (mst) 278...
  • Page 395 Index Command Completion 21 configure 338 Contacting Allied Telesis 16 copy 85, 93, 163 crypto certificate generate 365 crypto certificate import 368 crypto certificate request 366 crypto key generate dsa 292 crypto key generate rsa 292 crypto key pubkey-chain ssh 294...
  • Page 396 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide exit (Configuration) 339 exit (mst) 278 file-system logging 305 flowcontrol 104 garp timer 119 Global Configuration Mode 18 gvrp enable (Global) 118 gvrp enable (Interface) 118 gvrp registration-forbid 120 gvrp vlan-creation-forbid 120...
  • Page 397 Index ip https port 365 ip https server 363 ip igmp snooping (Global) 125 ip igmp snooping (Interface) 125 ip igmp snooping host-time-out 128, 129, 130 ip igmp snooping leave-time-out 131 ip igmp snooping mrouter learn-pim-dvmrp 126 ip igmp snooping mrouter-time-out 130 ip internal-usage-vlan 356 ip ssh port 291 ip ssh pubkey-auth 293...
  • Page 398 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide logging console 301 logging file 304 logging on 300 login 338 login authentication 41 login banner 193 management access-class 198 management access-list 195 management logging 306 map mac macs-group 354 mdix 105...
  • Page 399 Index qos trust (Global) 222 radius-server deadtime 229 radius-server host 225 radius-server key 226 radius-server retransmit 226 radius-server source-ip 227 radius-server source-ipv6 228 radius-server timeout 228 rate-limit 217 reload 325, 326 revision (mst) 276 rmon alarm 237 rmon collection history 233 rmon event 241 rmon table-size 243 set interface active 107...
  • Page 400 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide show history 342 show interfaces advertise 108 show interfaces counters 112 show interfaces description 111 show interfaces port-channel 205 show interfaces status 110 show interfaces switchport 358 show ip dhcp relay 166...
  • Page 401 Index show rmon events 241 show rmon history 234 show rmon log 242 show rmon statistics 231 show running-config 89, 95 show sessions 331 show snmp 256 show snmp engineID 258 show snmp filters 260 show snmp groups 259 show snmp users 261 show snmp views 258 show sntp configuration 82 show sntp status 83...
  • Page 402 Allied Telesis AT-8000S-S94-3.0 Command Line Interface User’s Guide sntp authentication-key 74 sntp broadcast client enable 77 sntp client enable (Interface) 78 sntp client poll timer 76 sntp server 80 sntp trusted-key 75 sntp unicast client enable 78 sntp unicast client poll 79...
  • Page 403 Index tacacs-server host 311 tacacs-server key 312 tacacs-server source-ip 313 tacacs-server timeout 312 telnet 322 Terminal Command Buffer 21 terminal history 159 terminal history size 160 test copper-port tdr 200 traffic-shape 218 tunnel isatap query-interval 317 tunnel isatap robustness 319 tunnel isatap router 316 tunnel isatap solicitation-interval 318 tunnel mode ipv6ip 315...

This manual is also suitable for:

At-s94

Table of Contents

Save PDF