Download Print this page

Fujitsu PRIMERGY BX600 User Interface Description

Blade server systems intelligent blade panel module 30/12.
Hide thumbs

Advertisement

User Interface Description
English
PRIMERGY BX600 Blade Server Systems
Intelligent Blade Panel Module 30/12

Advertisement

   Also See for Fujitsu PRIMERGY BX600

   Summary of Contents for Fujitsu PRIMERGY BX600

  • Page 1

    User Interface Description English PRIMERGY BX600 Blade Server Systems Intelligent Blade Panel Module 30/12...

  • Page 2

    PRIMERGY BX600 Blade Server Systems Intelligent Blade Panel Module 30/12 Edition March 2008...

  • Page 3: Copyright And Trademarks

    Gesellschaft für Technik-Dokumentation mbH www.cognitas.de Copyright and Trademarks Copyright © Fujitsu Siemens Computers GmbH 2008. All rights reserved. Delivery subject to availability; right of technical modifications reserved. All hardware and software names used are trademarks of their respective manufacturers.

  • Page 4

    Important Notes Introduction Networking Planning Making Network Connection Configuration the IBP Web Base Command Interface Command Reference Using SNMP System Defaulting Troubleshooting and Tips Intelligent Blade Panel Module...

  • Page 5: Table Of Contents

    CONTENTS Important Notes ......................8 Information About Boards..................8 Compliance Statements..................9 Introduction........................12 Features of the IBP Module................13 2.1.1 MAC Address Supported Features..............13 2.1.2 Layer 2 Features ...................14 2.1.3 IBP Module Management Features...............16 2.1.4 Security Feature ....................18 Description of Hardware..................19 2.2.1 Ethernet Ports....................19 Features and Benefits ..................23 Notational Conventions..................25 T arget Group .......................26...

  • Page 6

    6.2.4 Extended Configuration Menu ..............100 Command Reference ....................131 CLI Command Format..................131 CLI Mode-based Topology................132 System Information and Statistics commands..........134 7.3.1 show arp ......................134 7.3.2 show calendar....................134 7.3.3 show eventlog ....................135 7.3.4 show running-config..................135 7.3.5 show sysinfo ....................136 7.3.6 show system ....................137 7.3.7 show hardware.....................137 7.3.8 show version ....................138 7.3.9 show loginsession..................139...

  • Page 7

    7.6.1 Show Commands ..................208 7.6.2 show logging buffered .................208 7.6.3 show logging traplog..................209 7.6.4 Configuration Commands................210 Script Management Commands ...............215 7.7.1 script apply ....................215 7.7.2 script delete ....................215 7.7.3 script list.......................216 7.7.4 script show....................216 User Account Management Commands............217 7.8.1 Show Commands ..................217 7.8.2 Configuration Commands................217 Security Commands ..................220...

  • Page 8

    7.11.15 quit.......................272 7.12 DHCP Commands ....................273 7.12.1 ip dhcp restart....................273 7.12.2 ip dhcp client-identifier.................273 Using SNMP ......................274 Supported MIBs....................275 Accessing MIB Objects..................277 Supported Traps ....................280 Default Settings .......................281 The overview system default settings ..............281 The default settings for all the configuration commands ........282 Troubleshooting and Tips..................286 10.1 Diagnosing IBP Indicators ................286...

  • Page 9: Important Notes

    Information About Boards Important Notes 1 Important Notes Store this manual close to the device. If you pass the device on to third parties, you should pass this manual on with it. Be sure to read this page carefully and note the information before you open the device.

  • Page 10: Compliance Statements

      Fujitsu Siemens Computers is not responsible for any radio or television interference caused by unauthorized modifications of this equipment or the substitution or attachment of connecting cables and equipment other than those specified by Fujitsu Siemens Computers. The correction of interferences caused by such unauthorized modification, substitution or attachment will be the responsibility of the user.

  • Page 11

    Compliance Statements Introduction Japan VCCI Class A CE Mark Declaration of Conformance for EMI and Safety (EEC) This information technology equipment complies with the requirements of the Council Directive 89/336/EEC on the Approximation of the laws of the Member States relating to Electromagnetic Compatibility and 73/23/EEC for electrical equipment used within certain voltage limits and the Amendment Directive 93/68/EEC.

  • Page 12

    Compliance Statements Introduction Taiwan BSMI Class A Australia AS/NZS 3548 (1995) - Class A Intelligent Blade Panel Module...

  • Page 13: Introduction

    Features of the IBP Module Introduction 2 Introduction The PRIMERGY BX600 Blade Server system is a modular server system that can integrates up to 10 server modules, four IBP Modules (one IBP will be included in the base enclosure, the other three are optional) and two Management Modules (MMB). The IBP Module provides networking connectivity to PRIMERGY BX600 Blade Server.

  • Page 14: Features Of The Ibp Module

    Features of the IBP Module Introduction 2.1 Features of the IBP Module The IBP provides a wide range of advanced performance-enhancing features. Multicast filtering provides support for real-time network applications. Flow control eliminates the loss of packets due to bottlenecks caused by port saturation. And broadcast storm suppression prevents broadcast traffic storms from engulfing the network.

  • Page 15: Layer 2 Features

    Features of the IBP Module Introduction from incoming frames. These user-defined entries are not subject to aging, and are preserved across resets and reboots. Self-Learning MAC Addresses The IBP Module enables automatic MAC address learning from incoming packets. The MAC addresses are stored in the Bridging Table.

  • Page 16

    Features of the IBP Module Introduction Uplink Set Support Uplink Sets are used to define the external connection. An “Uplink Set” is defined as a set of 1 to n external (uplink) ports, which is used in port group definitions to connect a group of server blades to the customer’s LAN.

  • Page 17: Ibp Module Management Features

    Features of the IBP Module Introduction configures, binds and monitors the port binding to aggregators within the system. BootP and DHCP Clients DHCP enables additional setup parameters to be received from a network server upon system startup. DHCP service is an on-going process. DHCP is an extension to BootP. For more information on DHCP, see "Defining DHCP IP Interface Parameters".

  • Page 18

    Features of the IBP Module Introduction Provision The Intelligent Blade Panel allows users to select the Configuration files to configure the system. There are two timings to configure system: Start-up and Run time. Start-up: Select the Configuration File for start-up purpose. Run time: Users can choose a new configuration file to reconfigure the system while system running, without rebooting the system.

  • Page 19: Security Feature

    Features of the IBP Module Introduction reference clock. The higher the stratum (where zero is the highest), the more accurate the clock. 2.1.4 Security Feature Secure Socket Layer (SSL) is an application-level protocol that enables secure transactions of data through privacy, authentication, and data integrity. It relies upon certificates and public and private keys.

  • Page 20: Description Of Hardware

    System LED There is one IBP Module system LED with dual functions, controlled by MMB for error status reporting and blade identification. Different flashing frequencies are used to indicate the different functions. There are two functions, identification and error reporting, with identification having a higher priority than error reporting.

  • Page 21

    Features of the IBP Module Introduction can be automatically set if this feature is also supported by the attached device. Otherwise, these items can be manually configured for any connection. Note – Auto-negotiation must be enabled for automatic MDI/MDI-X pin-out configuration. Internal Ports The IBP also includes 30 internal 1000BASE-X Gigabit Ethernet ports that connect to the server blades in the chassis.

  • Page 22

    Features of the IBP Module Introduction Intelligent Blade Panel Module...

  • Page 23

    Features of the IBP Module Introduction PRIMERGY GbE Switch Blade 30/12 Internal Ports List PRIMERGY BX620 I/O Switch Internal PRIMERGY BX620 I/O Switch Internal S4 Nic No. Blade Module. Ports Mapping S4 Nic No. Blade Module. Ports Mapping Blade No 1 Nic 1 Net 1 Port 1 Blade No 6 Nic 1...

  • Page 24: Features And Benefits

    Features of the IBP Module Introduction 2.2.2 Status of LEDs The front panel contains light emitting diodes (LED) that indicate the status of links, and IBP diagnostics. Port LEDs Each of uplink port has two LED indicators. One Gbe Port LED definition: Color Function LED-A...

  • Page 25

    Features of the IBP Module Introduction straight-through cable (with auto-negotiation enabled) Auto-negotiation enables each port to automatically select the optimum speed (10, 100 or 1000 Mbps) and communication mode (half or full duplex) if this feature is supported by the attached device; otherwise the port can be configured manually IEEE 802.3ab Gigabit...

  • Page 26: Notational Conventions

    Telnet, SNMP/RMON and Web-based interface Multicast Switching based on IGMP (Internet Group Management Protocol) Snooping and Multicast Filtering Broadcast storm suppression Link aggregaton Management access security provided with username/password, and SNMP community names Notational Conventions Introduction 2.4 Notational Conventions The meanings of the symbols and fonts used in this manual are as follows: Pay particular attention to texts marked with this symbol.

  • Page 27: Target Group

    T arget Group Introduction 2.5 Target Group This manual is intended for those responsible for installing and configuring network connections. This manual contains all the information required to configure the IBP. Intelligent Blade Panel Module...

  • Page 28: Technical Data

    Technical Data Introduction 2.6 Technical Data Electrical data Operating voltage +12 VDC @ 3 A max Maximum current 11 A max @ 3.3 VDC National and international standards Product safety IEC 60950 / EN 60950 / UL 1950, CSA 22.2 No. 950 Electromagnetic compatibility FCC class A Industry Canada class A...

  • Page 29

    Technical Data Introduction Environmental conditions Environment class 3K2 DIN IEC 721 part 3-3 Environment class 2K2 DIN IEC 721 part 3-2 Temperature: – Operating (3K2) 0 °C ..50 °C – Transport (2K2) -40 °C ..70 °C Humidity 10 ... 90% Condensation while operating must be avoided.

  • Page 30: Network Planning

    Introduction to IBP Network Planning 3 Network Planning 3.1 Introduction to IBP The Intelligent Blade Panel Module (IBP) provides a simple Ethernet interface option for connecting the PRIMERGY BX600 Blade Server systems to the network infrastructure. The administrative effort and network skills required to connect to the network are minimized. The number and type of configuration options on the IBP are restricted to reduce the initial setup complexity and to minimize the impact on upstream networking devices.

  • Page 31: Making Network Connections

    The IBP connects server boards installed inside the system to a common switch fabric, and also provides three external ports for uplinking to external IEEE 802.3ab compliant devices. For most applications, the external ports on the IBP will be connected to other switches in the network backbone.

  • Page 32: 1000base-t Cable Requirements

    1000BASE-T Cable Requirements Making Network Connections Do not plug a phone jack connector into any RJ-45 port. This may damage the IBP. Instead, use only twisted-pair cables with RJ-45 connectors that conform with FCC standards. For 1000 Mbps operation, all four wire pairs in the cable must be connected. When auto-negotiation is enabled, the 1000BASE-T ports support the auto MDI/MDI-X feature, which means that at any operating speed (10, 100, or 1000 Mbps), either straight-through or crossover cables can be used to connect to any server, workstation, or other network...

  • Page 33: 1000base-t Pin Assignments

    1000BASE-T Pin Assignments Making Network Connections 4.2.2 Adjusting Existing Category 5 Cabling for 1000BASE-T If your existing Category 5 installation does not meet one of the test parameters for 1000BASE-T, there are basically three measures that can be applied to try and correct the problem: Replace any Category 5 patch cables with high-performance Category 5e cables.

  • Page 34: Configuration The Ibp Module

    Overview Configuration the IBP Module 5 Configuration the IBP Module This section contains information about IBP unpacking, installation, and cable connections. 5.1 Overview The IBP Module is inserted in the PRIMERGY BX600 Blade Server which is a modular server system that can integrates up to 10 processor blades and four IBP Modules. Package Contents While unpacking the IBP Module, ensure that the following items are included: •...

  • Page 35: Connecting The Ibp Module

    Connecting the IBP Module Configuration the IBP Module 5.2 Connecting the IBP Module Before configuring the IBP Module, PRIMERGY BX600 Blade Server console port must be connected to the IBP Module. To connect PRIMERGY BX600 Blade Server console port to the IBP Module, perform the following: 1.

  • Page 36

    Connecting the IBP Module Configuration the IBP Module (5) Logout (6) Reboot Management Blade (7) System Information Dump Enter selection: 3 3. Select (3) Console Redirection. The Console Redirection Table is displayed. +-----------------------------------------------------------------------------+ Console Redirection Table +-----------------------------------------------------------------------------+ (1) Console Redirect Server Blade (2) Console Redirect Switch Blade (3) Set Return Hotkey , Ctrl+(a character) : Q Enter selection or type (0) to quit: 2...

  • Page 37: Start Up And Configuration The Ibp Module

    Start up and Configuration the IBP Module Configuration the IBP Module 5.3 Start up and Configuration the IBP Module It’s important to understand the IBP Module architecture when configuring the IBP Module. The IBP Module has two types of ports. One type is for interfacing the IBP Module with PRIMERGY BX600 Blade Server, and the other type are regular Ethernet ports used for connecting PRIMERGY BX600 Blade Server to the network.

  • Page 38: Configuring The Terminal

    Configuring the Terminal Configuration the IBP Module 5.4 Configuring the Terminal To configure the device, the station must be running terminal emulation software. Ensure that switch module is correctly mounted and is connected to the chassis serial port. Ensure that the terminal emulation software is set as follows: Connect PRIMERGY BX600 Blade Server serial port to the IBP Module.

  • Page 39: Booting Device

    Booting Device Configuration the IBP Module 2. Power up the Chassis and observe booting information (if Chassis is running press <Enter> few times to ensure that terminal connection is successful). 5.5 Booting Device • The device is delivered with a default configuration. •...

  • Page 40: Software Download

    Software Download Configuration the IBP Module the device. If it is not the latest version, download and install the latest version. For more information on downloading the latest version see the "Software Download" 5.6 Software Download 5.6.1 In BootROM Back Door CLI Software Download Using Xmodem Protocol The software download procedure is performed when a new version must be downloaded to replace the corrupted files, update or upgrade the system software (system and boot images).

  • Page 41: In Operation Code Cli

    Software Download Configuration the IBP Module 8. Enter the reset command. The following message is displayed: BootROM > reset Are you sure you want to reset the system (y/n)? y System Resetting... 9. Enter y. The device reboots. 5.6.2 In Operation Code CLI Software Download Through TFTP Server This section contains instructions for downloading device software through a TFTP server.

  • Page 42

    Software Download Configuration the IBP Module file name file type startup size (byte) -------------------------------- -------------- ------- ----------- PRIMERGY BX600-b-0.4.1214.biz Boot-Rom image 118206 default.cfg Config File 17336 PRIMERGY BX600-r-c-0.5.0110.biz Operation Code 40666365 5. Enter (vty-0) # copy tftp://{tftp address}/{file name} image {file name} command to copy a new system image to the device.

  • Page 43

    Software Download Configuration the IBP Module (vty-0) #reload Are you sure you would like to reset the system? (y/n) y System will now restart! 9. Enter y. The device reboots. Intelligent Blade Panel Module...

  • Page 44: Web-based Management Interface

    Overview Web-Based Management Interface 6 Web-Based Management Interface 6.1 Overview The BX600 Network IBP module provides a built-in browser software interface that lets you configure and manage it remotely using a standard Web browser such as Microsoft Internet Explorer or Netscape Navigator. This software interface also allows for system monitoring and management of the IBP module.

  • Page 45: Main Menu

    Main Menu Web-Based Management Interface 6.2 Main Menu 6.2.1 Groups Administration 6.2.1.1 Managing Uplink Sets 6.2.1.1.1. Configuring Uplink Set Configuration Page An "Uplink Set" is defined as a set of 1 to n external (uplink) ports, which is be used in port group definitions to connect a group of server blades to the customer's LAN.

  • Page 46: Groups Administration

    Groups Administration Web-Based Management Interface Submit – Update the IBP the values on this screen. If you want the IBP to retain the new values across a power cycle, you have to perform a save Delete – Delete the Uplink Set. You are not allowed to delete the "default" uplink set. 6.2.1.1.2.

  • Page 47

    Groups Administration Web-Based Management Interface 6.2.1.2 Managing Port Groups 6.2.1.2.1. Configuring Port Group Configuration Page The purpose of the port group configuration is to create port groups, and to modify the existing port groups. Only the internal ports could be defined to be the member of the port groups. The external connection is defined by specifying an Uplink Set.

  • Page 48

    Groups Administration Web-Based Management Interface Command Buttons Submit – Update the IBP the values on this screen. If you want the IBP to retain the new values across a power cycle, you have to perform a save. Delete - Delete the port group. You are not allowed to delete the "default" port group. Intelligent Blade Panel Module...

  • Page 49

    Groups Administration Web-Based Management Interface 6.2.1.2.2. Viewing Port Group Information Page This page displays the status of all currently configured port group. Non-Configurable Data Port Group Name – The group name of the port group. Internal Ports – List the internal port members. Uplink Set Name –The name of the uplink set.

  • Page 50

    Groups Administration Web-Based Management Interface 6.2.1.3 Managing VLAN Port Groups 6.2.1.3.1. Configuring VLAN Port Group Configuration Page The purpose of the VLAN port group configuration is to create groups based on the VLAN basis, and to modify the existing groups. Only the internal ports could be defined to be the member of the VLAN port groups.

  • Page 51

    Groups Administration Web-Based Management Interface 6.2.1.3.2. Viewing VLAN Port Group Information Page This page displays the status of all currently configured VLAN port group. Non-Configurable Data Intelligent Blade Panel Module...

  • Page 52

    Groups Administration Web-Based Management Interface VLAN Port Group Name – The group name of the VLAN port group. VLAN ID – The VLAN Identifier of the VLAN Port Group. Internal Ports – Internal interface, member of that VLAN Port Group. Uplink Set Name –...

  • Page 53

    Groups Administration Web-Based Management Interface 6.2.1.4 Managing Service LAN Groups 6.2.1.4.1. Configuring Service LAN Configuration Page Selection Criteria Service LAN Name – You can use this screen to configure an existing Service LAN, or to create a new one. Use this pulldown menu to select one of the existing Service LAN Groups, or select 'Create' to add a new one.

  • Page 54

    Groups Administration Web-Based Management Interface 6.2.1.4.2. Viewing Service LAN Information Page This page displays the status of all currently configured Service LAN. Non-Configurable Data Service LAN Name – The group name of the Service LAN. Intelligent Blade Panel Module...

  • Page 55

    Groups Administration Web-Based Management Interface Internal Ports – Internal interface, member of that Service LAN. Uplink Set Name – The Uplink Set for the external connection of that Service LAN. External Ports – External interface, member of the specified Uplink Set. Intelligent Blade Panel Module...

  • Page 56

    Groups Administration Web-Based Management Interface 6.2.1.5 Managing Service VLAN Groups 6.2.1.5.1. Configuring Service VLAN Configuration Page Selection Criteria Service VLAN Name - You can use this screen to reconfigure an existing Service VLAN, or to create a new one. Use this pull down menu to select one of the existing Service VLANs, or select 'Create' to add a new one.

  • Page 57

    Groups Administration Web-Based Management Interface 6.2.1.5.2. Viewing Service VLAN Information Page This page displays the status of all currently configured Service VLANs. Non-Configurable Data Intelligent Blade Panel Module...

  • Page 58

    Groups Administration Web-Based Management Interface Service VLAN Name – The group name of the Service VLAN. Service VLAN ID –The VLAN Identifier of the Service VLAN. Internal Ports – Internal interface, member of that Service VLAN. Uplink Set Name – The Uplink Set for the external connection of that Service VLAN. External Ports –...

  • Page 59

    Groups Administration Web-Based Management Interface 6.2.1.6 Managing Port Backup 6.2.1.6.1. Configuring Port Backup Configuration Page Two link aggregation groups are associated with one uplink set as the uplink set is created. Two link aggregation groups are defined as active and backup port internally. One of two link aggregation groups will be activated at a time.

  • Page 60

    Groups Administration Web-Based Management Interface 6.2.1.6.2. Viewing Port Backup Status Page The page displays the status of all currently configured port-backup. Non-Configurable Data Uplink Set Name – The name of the Uplink Set. External Active Ports – The configured external active ports. External Backup Ports –...

  • Page 61

    Groups Administration Web-Based Management Interface Intelligent Blade Panel Module...

  • Page 62: Panel Settings Menu

    Panel Settings Menu Web-Based Management Interface 6.2.2 Panel Settings Menu 6.2.2.1 Configuring Management Session and Network Parameters 6.2.2.1.1 Viewing Inventory Information Use this panel to display the IBP's Vital Product Data, stored in non-volatile memory at the factory. Non-Configurable Data System Description - The product name of this IBP module.

  • Page 63

    Panel Settings Menu Web-Based Management Interface Intelligent Blade Panel Module...

  • Page 64

    Panel Settings Menu Web-Based Management Interface 6.2.2.1.2 Viewing Panel Description Page Configurable Data System Name - Enter the name you want to use to identify this IBP module. You may use up to 31 alpha-numeric characters. The factory default is blank. System Location - Enter the location of this IBP module.

  • Page 65

    Panel Settings Menu Web-Based Management Interface 6.2.2.1.3 Configuring Inband Administration Page The network interface is the logical interface used for in-band connectivity with the IBP module via any of the IBP's front panel ports. The configuration parameters associated with the IBP's network interface do not affect the configuration of the front panel ports through which traffic is switched or routed.

  • Page 66

    Panel Settings Menu Web-Based Management Interface management access. By setting the interface to be granted, IBP will be allowed to access from this interface; on the other hand, if the interface is set to be denied, IBP will not be allowed to access from this interface.

  • Page 67

    Panel Settings Menu Web-Based Management Interface 6.2.2.1.4 Configuring Telnet Session Page Configurable Data Telnet Session Timeout (minutes) - Specify how many minutes of inactivity should occur on a telnet session before the session is logged off. You may enter any number from 1 to 160.

  • Page 68

    Panel Settings Menu Web-Based Management Interface 6.2.2.1.5 Configuring Outbound Telnet Client Configuration Page Configurable Data Admin Mode - Specifies if the Outbound Telnet service is Enabled or Disabled. Default value is Enabled. Maximum Sessions - Specifies the maximum number of Outbound Telnet Sessions allowed.

  • Page 69

    Panel Settings Menu Web-Based Management Interface 6.2.2.1.6 Configuring Serial Port Page Configurable Data Serial Port Login Timeout (minutes) - Specify how many minutes of inactivity should occur on a serial port connection before the IBP closes the connection. Enter a number between 0 and 160: the factory default is 5.

  • Page 70

    Panel Settings Menu Web-Based Management Interface 6.2.2.1.7 Defining User Accounts Page By default, two user accounts exist: admin, with 'Read/Write' privileges guest, with 'Read Only' privileges By default, the password for admin is “admin”, and password for guest is blank. The names are case insensitive.

  • Page 71

    Panel Settings Menu Web-Based Management Interface Command Buttons Submit - Update the IBP module with the values on this screen. If you want the IBP module to retain the new values across a power cycle, you must perform a save. Delete - Delete the currently selected user account.

  • Page 72

    Panel Settings Menu Web-Based Management Interface 6.2.2.1.8 Defining DHCP Client Configuring DHCP Restart Page This command issues a BOOTP or DHCP client request for any IP interface that has been set to BOOTP or DHCP mode via the IP address command. DHCP requires the server to reassign the client's last address if available.

  • Page 73

    Panel Settings Menu Web-Based Management Interface 6.2.2.1.9 Defining SNMP Configuring SNMP Community Configuration Page By default, two SNMP Communities exist: private, with 'Read/Write' privileges and status set to enable public, with 'Read Only' privileges and status set to enable These are well-known communities, you can use this menu to change the defaults or to add other communities.

  • Page 74

    Panel Settings Menu Web-Based Management Interface new values across a power cycle, you must perform a save. Configuring SNMP Trap Receiver Configuration Page This menu will display an entry for every active Trap Receiver. Configurable Data SNMP Community Name - Enter the community string for the SNMP trap packet to be sent to the trap manager.

  • Page 75

    Panel Settings Menu Web-Based Management Interface Viewing SNMP supported MIBs Page This is a list of all the MIBs supported by the IBP module. Non-configurable Data Name - The RFC number if applicable and the name of the MIB. Description - The RFC title or MIB description. Command Buttons Refresh - Update the data.

  • Page 76

    Panel Settings Menu Web-Based Management Interface Intelligent Blade Panel Module...

  • Page 77

    Panel Settings Menu Web-Based Management Interface 6.2.2.1.10 Configuring SNTP Configuring SNTP Global Configuration Page Configurable Data Client Mode - Specifies the mode of operation of SNTP Client. An SNTP client may operate in one of the following modes. • Disable- SNTP is not operational. No SNTP requests are sent from the client nor are any received SNTP messages processed.

  • Page 78

    Panel Settings Menu Web-Based Management Interface Viewing SNTP Global Status Page Non-Configurable Data Version - Specifies the SNTP Version the client supports. Supported Mode - Specifies the SNTP modes the client supports. Multiple modes may be supported by a client. Last Update Time - Specifies the local date and time (UTC) the SNTP client last updated the system clock.

  • Page 79

    Panel Settings Menu Web-Based Management Interface Address Type - Specifies the address type of the SNTP Server address for the last received valid packet. Server Stratum - Specifies the claimed stratum of the server for the last received valid packet. Reference Clock Id - Specifies the reference clock identifier of the server for the last received valid packet.

  • Page 80

    Panel Settings Menu Web-Based Management Interface Allowed types are : • Unknown • IPV4 Default value is Unknown Port - Specifies the port on the server to which SNTP requests are to be sent. Allowed range is (1 to 65535). Default value is 123. Priority - Specifies the priority of this server entry in determining the sequence of servers to which SNTP requests will be sent.

  • Page 81

    Panel Settings Menu Web-Based Management Interface Last Attempt Time - Specifies the local date and time (UTC) that this SNTP server was last queried. Last Attempt Status - Specifies the status of the last SNTP request to this server. If no packet has been received from this server, a status of Other is displayed.

  • Page 82

    Panel Settings Menu Web-Based Management Interface 6.2.2.2 Configuring IBP Interface 6.2.2.2.1 Interface Configuration Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Configurable Data Physical Mode - Use the pulldown menu to select the port's speed and duplex mode. If you select auto the duplex mode and speed will be set by the auto-negotiation process.

  • Page 83

    Panel Settings Menu Web-Based Management Interface 6.2.2.2.2 Viewing Interface Configuration Page This screen displays the status for all ports in the box. Non-Configurable Port Status Data Slot/Port - Identifies the port Port Type - For normal ports this field will be blank. Otherwise the possible values are: Mon - this port is a monitoring port.

  • Page 84

    Panel Settings Menu Web-Based Management Interface Refresh – Refresh the configuration value again. Intelligent Blade Panel Module...

  • Page 85

    Panel Settings Menu Web-Based Management Interface 6.2.2.3 Managing System Utilities 6.2.2.3.1 Panel Reset Page Command Buttons Reset - Select this button to reboot the IBP. Any configuration changes you have made since the last time you issued a save will be lost. You will be shown a confirmation screen after you select the button.

  • Page 86

    Panel Settings Menu Web-Based Management Interface 6.2.2.3.4 Downloading Specific Files to Panel Page Use this menu to download a file to the Panel. Configurable Data File Type - Specify what type of file you want to download: Script - specify configuration script when you want to update the IBP’s script file. CLI Banner - Specify the banner that you want to display before user login to the IBP.

  • Page 87

    Panel Settings Menu Web-Based Management Interface 6.2.2.3.5 Uploading Specific Files from Panel Page Use this menu to upload a code, configuration, or log file from the IBP. Configurable Data File Type - Specify the type of file you want to upload. The available options are Script, Code, CLI Banner, Configuration, Error Log, Buffered Log, and Trap Log.

  • Page 88

    Panel Settings Menu Web-Based Management Interface 6.2.2.3.6 Defining Configuration and Runtime Startup File Page Specify the file used to start up the system. Configurable Data Configuration File - Configuration files. Runtime File - Run-time operation codes. Command Buttons Submit - Send the updated screen to the IBP and specify the file start-up. 6.2.2.3.7 Removing Specific File Page Delete files in flash.

  • Page 89

    Panel Settings Menu Web-Based Management Interface 6.2.2.3.8 Copying Running Configuration to Panel Page Use this menu to copy a start-up configuration file from the running configuration file on IBP. Configurable Data File Name - Enter the name you want to give the file being copied. You may enter up to 32 characters.

  • Page 90

    Panel Settings Menu Web-Based Management Interface Command Buttons Submit - This will initiate the ping. Intelligent Blade Panel Module...

  • Page 91: Security Menu

    Security Menu Web-Based Management Interface 6.2.3 Security Menu 6.2.3.1 Managing RADIUS 6.2.3.1.1 Configuring RADIUS Configuration Page Configurable Data Max Number of Retransmits - The value of the maximum number of times a request packet is retransmitted. The valid range is 1 - 15. Consideration to maximum delay time should be given when configuring RADIUS maxretransmit and RADIUS timeout.

  • Page 92

    Security Menu Web-Based Management Interface 6.2.3.1.2 Viewing Radius Statistics Page Non-Configurable Data Invalid Server Addresses - The number of RADIUS Access-Response packets received from unknown addresses. Command Buttons Refresh - Update the information on the page. 6.2.3.1.3 Configuring RADIUS Server Configuration Page Selection Criteria RADIUS Server IP Address - Selects the RADIUS server to be configured.

  • Page 93

    Security Menu Web-Based Management Interface Non-Configurable Data Current - Indicates if this server is currently in use as the authentication server. Secret Configured - Indicates if the shared secret for this server has been configured. Command Buttons Submit - Sends the updated screen to the IBP and causes the changes to take effect on the IBP but these changes will not be retained across a power cycle unless a save is performed.

  • Page 94

    Security Menu Web-Based Management Interface malformed access-responses. Bad Authenticators - The number of RADIUS Access-Response packets containing invalid authenticators or signature attributes received from this server. Pending Requests - The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response. Timeouts - The number of authentication timeouts to this server.

  • Page 95

    Security Menu Web-Based Management Interface Secret - Specifies the shared secret to use with the specified accounting server. This field is only displayed if the user has READWRITE access. Apply - The Secret will only be applied if this box is checked. If the box is not checked, anything entered in the Secret field will have no affect and will not be retained.

  • Page 96

    Security Menu Web-Based Management Interface that contained invalid authenticators received from this accounting server. Pending Requests - Displays the number of RADIUS Accounting-Request packets sent to this server that have not yet timed out or received a response. Timeouts - Displays the number of accounting timeouts to this server. Unknown Types - Displays the number of RADIUS packets of unknown type that were received from this server on the accounting port.

  • Page 97

    Security Menu Web-Based Management Interface 6.2.3.2 Defining TACACS Configuration 6.2.3.2.1 Configuring TACACS Configuration Page Use this menu to configure the parameters for TACACS+, which is used to verify the login user's authentication. Note that only a user with Read/Write access privileges may change the data on this screen.

  • Page 98

    Security Menu Web-Based Management Interface 6.2.3.3 Defining Secure HTTP Configuration 6.2.3.3.1 Secure HTTP Configuration Page Configurable Data Admin Mode - This field is used to enable or disable the Administrative Mode of Secure HTTP. The currently configured value is shown when the web page is displayed. The default value is disabled.

  • Page 99

    Security Menu Web-Based Management Interface 6.2.3.4 Defining Secure Shell Configuration 6.2.3.4.1 Configuring Secure Shell Configuration Page Configurable Data Admin Mode - This select field is used to Enable or Disable the administrative mode of SSH. The currently configured value is shown when the web page is displayed. The default value is Disable.

  • Page 100

    Security Menu Web-Based Management Interface Intelligent Blade Panel Module...

  • Page 101

    Extended Configuration Menu Web-Based Management Interface 6.2.4 Extended Configuration Menu 6.2.4.1 Viewing System Logs 6.2.4.1.1 Viewing Buffered Log Configuration Page This log stores messages in memory based upon the settings for message component and severity. On stackable systems, this log exists only on the top of stack platform. Other platforms in the stack forward their messages to the top of stack log.

  • Page 102

    Extended Configuration Menu Web-Based Management Interface Aug 24 05:34:05 by line 318 of file mstp_api.c. This is the 237th message logged. Messages logged to a collector or relay via syslog have an identical format to the above message. Note for buffered log Number of log messages displayed: For the buffered log, only the latest 128 entries are displayed on the webpage Command Buttons...

  • Page 103

    Extended Configuration Menu Web-Based Management Interface 6.2.4.1.4 Configuring Console Log Page This allows logging to any serial device attached to the host. Configurable Data Admin Status -A log that is "Disabled" shall not log messages. A log that is "Enabled" shall log messages.

  • Page 104

    Extended Configuration Menu Web-Based Management Interface events. After the event is logged and the updated log is saved in FLASH memory, the IBP module will be reset. The log can hold at least 2,000 entries (the actual number depends on the platform and OS), and the oldest one will be erased when an attempt is made to add an entry after it is full.

  • Page 105

    Extended Configuration Menu Web-Based Management Interface -Error (3): error conditions -Warning (4): warning conditions -Notice(5): normal but significant conditions -Informational(6): informational messages -Debug(7): debug-level messages Command Buttons Submit - Update the IBP with the values you entered. Refresh - Refetch the database and display it again starting with the first entry in the table.

  • Page 106

    Extended Configuration Menu Web-Based Management Interface Intelligent Blade Panel Module...

  • Page 107

    Extended Configuration Menu Web-Based Management Interface 6.2.4.1.8 Viewing Login Session Page Non-Configurable Data ID - Identifies the ID of this row. User Name - Shows the user name of user who made the session. Connection From - Shows the IP from which machine the user is connected. Idle Time - Shows the idle session time.

  • Page 108

    Extended Configuration Menu Web-Based Management Interface 6.2.4.2 Viewing Statistics 6.2.4.2.1 Viewing the Panel Detailed Statistics Page Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with the Processor of this IBP. Octets Received - The total number of octets of data received by the processor (excluding framing bits but including FCS octets).

  • Page 109

    Extended Configuration Menu Web-Based Management Interface to a higher-layer protocol. A possible reason for discarding a packet could be to free up buffer space. Most Address Entries Ever Used - The highest number of Forwarding Database Address Table entries that have been learned by this IBP since the most recent reboot. Address Entries in Use - The number of Learned and static entries in the Forwarding Database Address Table for this IBP.

  • Page 110

    Extended Configuration Menu Web-Based Management Interface Broadcast Packets Received - The total number of packets received that were directed to the broadcast address. Note that this does not include multicast packets. Packets Received with Errors - The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol.

  • Page 111

    Extended Configuration Menu Web-Based Management Interface ifIndex - This object indicates the ifIndex of the interface table entry associated with this port on an adapter. Packets RX and TX 64 Octets - The total number of packets (including bad packets) received or transmitted that were 64 octets in length (excluding framing bits but including FCS octets).

  • Page 112

    Extended Configuration Menu Web-Based Management Interface Packets Received 65-127 Octets - The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 128-255 Octets - The total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).

  • Page 113

    Extended Configuration Menu Web-Based Management Interface Alignment Errors - The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad Frame Check Sequence (FCS) with a non-integral number of octets. Rx FCS Errors - The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad Frame Check Sequence (FCS) with an integral number of octets...

  • Page 114

    Extended Configuration Menu Web-Based Management Interface Maximum Frame Size - The maximum ethernet frame size the interface supports or is configured, including ethernet header, CRC, and payload. (1518 to 9216). The default maximum frame size is 1518 . Total Packets Transmitted Successfully - The number of frames that have been transmitted by this port to its segment.

  • Page 115

    Extended Configuration Menu Web-Based Management Interface Intelligent Blade Panel Module...

  • Page 116

    Extended Configuration Menu Web-Based Management Interface Intelligent Blade Panel Module...

  • Page 117

    CLI Command Format Command Reference 6.2.4.2.4 Viewing Each Port Summary Statistics Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with this port on an adapter.

  • Page 118

    Extended Configuration Menu Web-Based Management Interface 6.2.4.3 Managing Access Control (802.1x) 6.2.4.3.1 Defining Access Control Page Configurable Data Administrative Mode - This selector lists the two options for administrative mode: enable and disable. The default value is disabled. Command Buttons Submit - Sends the updated screen to the IBP and causes the changes to take effect on the IBP but these changes will not be retained across a power cycle unless a save is performed.

  • Page 119

    Extended Configuration Menu Web-Based Management Interface EAP Request/Identity frame to the supplicant. The transmit period must be a number in the range of 1 to 65535. The default value is 30. Changing the value will not change the configuration until the Submit button is pressed. Supplicant Timeout - This input field allows the user to enter the supplicant timeout for the selected port.

  • Page 120

    Extended Configuration Menu Web-Based Management Interface 6.2.4.3.3 Viewing each Port Access Control Configuration Information Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid.

  • Page 121

    Extended Configuration Menu Web-Based Management Interface Server Timeout - This field displays the configured server timeout for the selected port. The server timeout is the value, in seconds, of the timer used by the authenticator on this port to timeout the authentication server. The server timeout is a value in the range of 1 to 65535.

  • Page 122

    Extended Configuration Menu Web-Based Management Interface "Timeout" "Initialize" "Idle" Command Buttons Refresh - Update the information on the page. 6.2.4.3.4 Viewing Access Control Summary Page Non-Configurable Data Port - Specifies the port whose settings are displayed in the current table row. Control Mode - This field indicates the configured control mode for the port.

  • Page 123

    Extended Configuration Menu Web-Based Management Interface Reauthentication Enabled - This field shows whether reauthentication of the supplicant for the specified port is allowed. The possible values are 'true' and 'false'. If the value is 'true' reauthentication will occur. Otherwise, reauthentication will not be allowed. Port Status - This field shows the authorization status of the specified port.

  • Page 124

    Extended Configuration Menu Web-Based Management Interface 6.2.4.3.5 Viewing each Port Access Control Statistics Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid.

  • Page 125

    Extended Configuration Menu Web-Based Management Interface 6.2.4.3.6 Defining Access Control User Login Page Selection Criteria Users - Selects the user name that will use the selected login list for 802.1x port security. Configurable Data Login - Selects the login to apply to the specified user. All configured logins are displayed. Command Buttons Submit - Sends the updated screen to the IBP and causes the changes to take effect on the IBP but these changes will not be retained across a power cycle unless a save is...

  • Page 126

    Extended Configuration Menu Web-Based Management Interface 6.2.4.3.7 Defining Each Port Access Privileges Page Selection Criteria Port - Selects the port to configure. Configurable Data Users - Selects the users that have access to the specified port or ports. Command Buttons Submit - Sends the updated screen to the IBP and causes the changes to take effect on the IBP but these changes will not be retained across a power cycle unless a save is performed.

  • Page 127

    Extended Configuration Menu Web-Based Management Interface Intelligent Blade Panel Module...

  • Page 128

    Extended Configuration Menu Web-Based Management Interface 6.2.4.4 Managing IP Filter 6.2.4.4.1 IP Filter Configuration Page Management IP filter designates stations that are allowed to make configuration changes to the IBP. Select up to five management stations used to manage the IBP. If you choose to define one or more designated management stations, only the chosen stations, as defined by IP address, will be allowed management privilege through the web manager, Telnet session, Secure Shell (SSH) or Secure Socket Layer (SSL) for secure HTTP.

  • Page 129

    Extended Configuration Menu Web-Based Management Interface 6.2.4.5 Managing Authentication Configuration 6.2.4.5.1 Defining Authentication List Configuration Page You use this screen to configure login lists. A login list specifies the authentication method(s) you want used to validate IBP or port access for the users associated with the list. The pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList, which you may not delete.

  • Page 130

    Extended Configuration Menu Web-Based Management Interface perform a save. 6.2.4.5.2 Viewing Authentication List Summary Page Non-Configurable Data Authentication List - Identifies the authentication login list summarized in this row. Method List - The ordered list of methods configured for this login list. Login Users - The users you assigned to this login list on the User Login Configuration screen.

  • Page 131

    Extended Configuration Menu Web-Based Management Interface User Login Configuration screen. If you need to create a new login list for the user, you would do so on the Login Configuration screen. The pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList, which you may not delete.

  • Page 132: Command Reference

    CLI Command Format Command Reference Command Reference The Command Line Interface (CLI) syntax, conventions, and terminology are described in this section. Each CLI command is illustrated using the structure outlined below. 7.1 CLI Command Format Commands are followed by values, parameters, or both. Example 1 ip address <ipaddr>...

  • Page 133: Cli Mode-based Topology

    CLI Mode-based Topology Command Reference 7.2 CLI Mode-based Topology Parameters Parameters are order dependent. The text in bold italics should be replaced with a name or number. To use spaces as part of a name parameter, enclose it in double quotes like this: "System Name with Spaces". Parameters may be mandatory values, optional values, choices, or a combination.

  • Page 134

    CLI Mode-based Topology Command Reference Conventions Network addresses are used to define a link to a remote host, workstation, or network. Network addresses are shown using the following syntax: Table 5-1. Network Address Syntax Address Type Format Range 0.0.0.0 to 255.255.255.255 IPAddr A.B.C.D YY:YY:YY:YY:YY:YY...

  • Page 135: System Information And Statistics Commands

    System Information and Statistics commands Command Reference 7.3 System Information and Statistics commands 7.3.1 show arp This command displays connectivity between the IBP and other devices. The Address Resolution Protocol (ARP) cache identifies the MAC addresses of the IP stations communicating with the IBP.

  • Page 136: Show Eventlog

    System Information and Statistics commands Command Reference Privileged Exec Display Message Current Time displays system time 7.3.3 show eventlog This command displays the event log, which contains error messages from the system, in the Primary Management System . The event log is not cleared on a system reset. Syntax show eventlog Default Setting...

  • Page 137: Show Sysinfo

    System Information and Statistics commands Command Reference name extension of “.scr”, the output will be redirected to a script file. Syntax show running-config [all] [<scriptname>] [all] - enable the display/capture of all commands with settings/configurations that include values that are same as the default values. <scriptname>...

  • Page 138: Show System

    System Information and Statistics commands Command Reference 7.3.6 show system This command displays IBP system information. Syntax show system Default Setting None Command Mode Privileged Exec Display Message System Description: Text used to identify this IBP. System Object ID: The manufacturing ID System Information System Up Time: The time in days, hours and minutes since the last IBP reboot.

  • Page 139: Show Version

    System Information and Statistics commands Command Reference Privileged Exec Display Message System Description: Text used to identify the product name of this IBP. Machine Type: Specifies the machine model as defined by the Vital Product Data. Machine Model: Specifies the machine model as defined by the Vital Product Data. Serial Number: The unique box serial number for this IBP.

  • Page 140: Show Loginsession

    System Information and Statistics commands Command Reference running on the IBP. For example, if the major version was 2 and the minor version was 4, the format would be '2.4'. Operating Code Version: The release version maintenance number of the code currently running on the IBP.

  • Page 141: Device Configuration Commands

    Device Configuration Commands Command Reference 7.4 Device Configuration Commands 7.4.1 Interface 7.4.1.1 show interface status This command displays the Port monitoring information for the system. Syntax show interface status {<slot/port> | all} <slot/port> - is the desired interface number. all - This parameter displays information for all interfaces. Default Setting None Command Mode...

  • Page 142

    Device Configuration Commands Command Reference 7.4.1.2 show interface This command displays the Port monitoring information for the system. Syntax show interface <slot/port> <slot/port> - is the desired interface number. Default Setting None Command Mode Privileged Exec Display Message Intf: The physical slot and physical port. Type: If not blank, this field indicates that this port is a special type of port.

  • Page 143

    Device Configuration Commands Command Reference all - This command displays statistics information for all interfaces. Default Setting None Command Mode Privileged Exec Display Message The display parameters when the argument is '<slot/port>' are as follows: Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received by the processor.

  • Page 144

    Device Configuration Commands Command Reference Syntax show interface counters detailed {<slot/port> | switchport} <slot/port> - is the desired interface number. switchport - This parameter specifies whole IBP or all interfaces. Default Setting None Command Mode Privileged Exec Display Message The display parameters when the argument is ' <slot/port>' are as follows: Total Packets Received (Octets): The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets).

  • Page 145

    Device Configuration Commands Command Reference received that were between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets). Packets RX and TX 512-1023 Octets: The total number of packets (including bad packets) received that were between 512 and 1023 octets in length inclusive (excluding framing bits but including FCS octets).

  • Page 146

    Device Configuration Commands Command Reference Packets Transmitted 65-127 Octets: The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). Packets Transmitted 128-255 Octets: The total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).

  • Page 147

    Device Configuration Commands Command Reference seconds since the statistics for this port were last cleared. The display parameters when the argument is ‘switchport’ are as follows: Total Packets Received (Octets): The total number of octets of data received by the processor (excluding framing bits but including FCS octets).

  • Page 148

    Device Configuration Commands Command Reference 7.4.1.4 show interface IBP This command displays a summary of statistics for all CPU traffic. Syntax show interface switch Default Setting None Command Mode Privileged Exec Display Message Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received by the processor.

  • Page 149

    Device Configuration Commands Command Reference 7.4.1.5 interface This command is used to enter Interface configuration mode. Syntax interface <slot/port> <slot/port> - is the desired interface number. Default Setting None Command Mode Global Config 7.4.1.6 interface range This command is used to enter Interface range configuration mode. Syntax interface range {<slot/port>...

  • Page 150

    Device Configuration Commands Command Reference 7.4.1.7 speed-duplex This command is used to set the speed and duplex mode for the interface. Syntax speed-duplex {10 | 100} {full-duplex | half-duplex} 100 - 100BASE-T 10 - 10BASE-T full-duplex - Full duplex half-duplex - Half duplex Default Setting None Command Mode...

  • Page 151

    Device Configuration Commands Command Reference 7.4.1.8 negotiate This command enables automatic negotiation on a port. The default value is enabled. Syntax negotiate no negotiate no - This command disables automatic negotiation on a port. Default Setting Enable Command Mode Interface Config This command enables automatic negotiation on all interfaces.

  • Page 152

    Device Configuration Commands Command Reference 7.4.1.9 capabilities This command is used to set the capabilities on specific interface. Syntax capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex } no capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex } 10 - 10BASE-T 100 - 100BASE-T 1000 - 1000BASE-T...

  • Page 153

    Device Configuration Commands Command Reference 7.4.1.10 description This command is used to add a description for the interface. Syntax description <string> <dtring> - Up to 64 characters describing this interface. Default Setting None Command Mode Interface Config 7.4.1.11 storm-control flowcontrol This command enables 802.3x flow control for all interfaces on the IBP.

  • Page 154: L2 Mac Address And Multicast Forwarding Database Tables

    Device Configuration Commands Command Reference Syntax storm-control flowcontrol no storm-control flowcontrol no - This command disables 802.3x flow control for the specific interface. Default Setting Disabled Command Mode Interface Config 7.4.2 L2 MAC Address and Multicast Forwarding Database Tables 7.4.2.1 show mac-addr-table This command displays the forwarding database entries.

  • Page 155

    Device Configuration Commands Command Reference information. The format is 6 or 8 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB. In an IVL system the MAC address will be displayed as 8 bytes. In an SVL system, the MAC address will be displayed as 6 bytes. Note: This software version only supports IVL systems.

  • Page 156

    Device Configuration Commands Command Reference 7.4.2.3 show mac-address-table multicast This command displays the MFDB information. If the command is entered with no parameter, the entire table is displayed. This is the same as entering the all parameter. The user can display the table entry for one MAC Address by specifying the MAC address as an optional parameter.

  • Page 157

    Device Configuration Commands Command Reference 7.4.2.4 show mac-address-table stats This command displays the MFDB statistics. Syntax show mac-address-table stats Default Setting None Command Mode Privileged Exec Display Message Max MFDB Table Entries: This displays the total number of entries that can possibly be in the MFDB.

  • Page 158: Igmp Snooping

    Device Configuration Commands Command Reference 7.4.2.6 mac-address-table aging-time This command configures the forwarding database address aging timeout in seconds. Syntax mac-address-table aging-time <10-1000000> no mac-address-table aging-time <10-1000000> <10-1000000> - aging-time (Range: 10-1000000) in seconds no - This command sets the forwarding database address aging timeout to 300 seconds. Default Setting Command Mode Global Config...

  • Page 159: Port Channel

    Device Configuration Commands Command Reference 7.4.3.2 Configuration Commands 7.4.3.2.1 igmpsnooping This command enables IGMP Snooping on a Uplink Set. The default value is enabled. Syntax igmpsnooping <uplinkSetName> no igmpsnooping <uplinkSetName> <uplinkSetName> - The name of a uplink set which the IGMP snooping to be enabled or disabled.

  • Page 160: Uplink Sets

    Device Configuration Commands Command Reference 7.4.4.2 show lacp This command enables Link Aggregation Control Protocol (LACP) on a uplink set. Syntax show lacp [<uplinkSetName>] <uplinkSetName> - The name of a uplink set which the LACP to be enabled or disabled. Default Setting Disable Command Mode...

  • Page 161: Port Group

    Device Configuration Commands Command Reference Port Backup: The status of port backup for the uplink set. IGMP snooping: The status of the IGMP snooping for the uplink set. LACP: The status of the LACP for the uplink set. 7.4.5.2 Configuration Commands 7.4.5.2.1 uplink-set This command is used to create or delete an uplink set.

  • Page 162

    Device Configuration Commands Command Reference 7.4.6.1 Show Commands This command display the port group information. Syntax show port-group [<portGroupName>] <portGroupName> - The name of a port group which user want to display. Default Setting None Command Mode Privileged Exec Display Message Port Group Name: This indicates the name of port group.

  • Page 163: Port Backup

    Device Configuration Commands Command Reference Syntax port-group <portGroupName> no port-group <portGroupName> <portGroupName> - A string associated with port group as a convenience. It should be an existing port group. no - This command remove a port from a port group. Default Setting None Command Mode...

  • Page 164

    Device Configuration Commands Command Reference 7.4.7.2 Configuration Commands 7.4.7.2.1 port-backup This command is used to enable or disable port backup for a uplink set Syntax port-backup <uplinkSetName> no port-backup <uplinkSetName> <uplinkSetName> - A string associated with uplink set as a convenience. It should be an existing uplink set.

  • Page 165: Link State

    Device Configuration Commands Command Reference no - This command move the port to active-port list. Restriction: users are not allowed to move the last member of active port to backup port. Default Setting None Command Mode Interface Config 7.4.8 Link State 7.4.8.1 Show Commands This command display the linkstate information.

  • Page 166: Vlan Port Groups

    Device Configuration Commands Command Reference linkstate <uplinkSetName> no linkstate <uplinkSetName> <uplinkSetName> - A string associated with uplink set as a convenience. It should be an existing uplink set. no - This command disable linkstate for an existing uplink set. Default Setting None Command Mode Global Config...

  • Page 167

    Device Configuration Commands Command Reference 7.4.9.2 Configuration Commands 7.4.9.2.1 vlan-group This command is used to create or destroy a vlan port group. Syntax vlan-group <vlanGroupName> <1-4094> <uplinkSetName> no vlan-group <vlanGroupName> <vlanGroupName> - A string associated with vlan port group as a convenience. <1-4094>...

  • Page 168

    Device Configuration Commands Command Reference <vlanGroupName> - A string associated with vlan port group as a convenience. no - This command set the native VLAN option back to default value.. Default Setting Disable Command Mode Global Config Intelligent Blade Panel Module...

  • Page 169: Service Lan

    Device Configuration Commands Command Reference 7.4.10 Service LAN 7.4.10.1 Show Commands This command display the Service LAN information. Syntax show svc-lan [<svcLanName>] <svcLanName> - The name of Service LAN which user want to display. Default Setting None Command Mode Privileged Exec Display Message Service LAN name: This indicates the name of Service LAN VLAN ID: The VLAN Identifier of the Service LAN.

  • Page 170

    Device Configuration Commands Command Reference no - This command destroy the specified Service LAN. Default Setting None Command Mode Global Config This command is used to add/remove a port to/from Service LAN. Syntax svc-lan <svcLanName> no svc-lan <svcLanName> <svcLanName> - A string associated with Service LAN as a convenience. no - This command remove a port from the specified Service LAN.

  • Page 171: Service Vlan

    Device Configuration Commands Command Reference 7.4.11 Service VLAN 7.4.11.1 Show Commands This command display the Service VLAN information. Syntax show svc-vlan [<svcVlanName>] <svcVlanName> - The name of Service VLAN which user want to display. Default Setting None Command Mode Privileged Exec Display Message Service VLAN name: This indicates the name of Service VLAN VLAN ID: The VLAN Identifier of the Service VLAN.

  • Page 172

    Device Configuration Commands Command Reference no - This command destroy the existing Service VLAN. Default Setting None Command Mode Global Config This command is used to add/remove a port to/from Service VLAN. Syntax svc-vlan <svcVlanName> no svc-vlan <svcVlanName> <svcVlanName> - A string associated with Service VLAN as a convenience. no - This command remove a port from the specified Service VLAN.

  • Page 173: Management Commands

    Management Commands Command Reference Management Commands 7.5.1 Network Commands 7.5.1.1 show ip interface This command displays configuration settings associated with the IBP's network interface. The network interface is the logical interface used for in-band connectivity with the IBP via any of the IBP's front panel ports.

  • Page 174

    Management Commands Command Reference Display Message IP default gateway: The default gateway for this IP interface. The factory default value is 0.0.0.0 7.5.1.3 show ip filter This command displays management IP filter status and all designated management stations. Syntax show ip filter Default Setting None Command Mode...

  • Page 175

    Management Commands Command Reference 1518 Command Mode Interface Config 7.5.1.5 ip address This command sets the IP Address, and subnet mask. The IP Address and the gateway must be on the same subnet. Syntax ip address <ipaddr> <netmask> [<vlan-id>] no ip address <ipaddr>...

  • Page 176

    Management Commands Command Reference < gateway > - IP address of the default gateway no - Restore the default IP address of the default gateway Default Setting IP address: 0.0.0.0 Command Mode Global Config 7.5.1.7 ip address protocol This command specifies the network configuration protocol to be used. If you modify this value, the change is effective immediately.

  • Page 177

    Management Commands Command Reference Syntax ip address mgmt-vlan <vlanID> <vlanID> - VLAN ID (Range: 1 – 4094). Default Setting VLAN ID: 1. Command Mode Global Config 7.5.1.9 ip filter This command is used to enable the IP filter function. Syntax ip filter no ip filter no –...

  • Page 178: Serial Interface Commands

    Management Commands Command Reference Syntax ip filter <ipaddr> no ip filter <ipaddr> <ipaddr> - Configure a IP address to be a filter. No - Remove this filter IP address. Default Setting None Command Mode Global Config 7.5.2 Serial Interface Commands 7.5.2.1 show line console This command displays serial communication settings for the IBP.

  • Page 179

    Management Commands Command Reference Control is always disabled. Stop Bits: The number of Stop bits per character. The number of Stop bits is always 1. Parity: The Parity Method used on the Serial Port. The Parity Method is always None. Password Threshold: When the logon attempt threshold is reached on the console port, the system interface becomes silent for a specified amount of time before allowing the next logon attempt.

  • Page 180

    Management Commands Command Reference 7.5.2.4 exec-timeout This command specifies the maximum connect time (in minutes) without console activity. A value of 0 indicates that a console can be connected indefinitely. The time range is 0 to 160. Syntax exec-timeout <0-160> <0-160>...

  • Page 181: Telnet Session Commands

    Management Commands Command Reference 7.5.2.6 silent-time This command uses to set the amount of time the management console is inaccessible after the number of unsuccessful logon tries exceeds the threshold value. Syntax Silent-time <0-65535> <0-65535> - silent time (Range: 0 - 65535) in seconds. no - This command sets the maximum value to the default.

  • Page 182

    Management Commands Command Reference Default Setting None Command Mode Privileged Exec 7.5.3.2 show line vty This command displays telnet settings. Syntax show line vty Default Setting None Command Mode Privileged Exec Display Message Remote Connection Login Timeout (minutes): This object indicates the number of minutes a remote connection session is allowed to remain inactive before being logged off.

  • Page 183

    Management Commands Command Reference Default Setting None Command Mode Global Config 7.5.3.4 exec-timeout This command sets the remote connection session timeout value, in minutes. A session is active as long as the session has been idle for the value set. A value of 0 indicates that a session remains active indefinitely.

  • Page 184

    Management Commands Command Reference password-threshold <0-120> no password-threshold <threshold> - max threshold (Range: 0 - 120). no - This command sets the maximum value to the default. Default Setting Command Mode Telnet Config 7.5.3.6 maxsessions This command specifies the maximum number of remote connection sessions that can be established.

  • Page 185

    Management Commands Command Reference Syntax sessions no sessions no - This command disables telnet sessions. If sessions are disabled, no new telnet sessions are established. Default Setting Enabled Command Mode Telnet Config 7.5.3.8 telnet sessions This command regulates new outbound telnet connections. If enabled, new outbound telnet sessions can be established until it reaches the maximum number of simultaneous outbound telnet sessions allowed.

  • Page 186

    Management Commands Command Reference This command specifies the maximum number of simultaneous outbound telnet sessions. A value of 0 indicates that no outbound telnet session can be established. Syntax telnet maxsessions <0-5> no maxsessions <0-5> - max sessions (Range: 0 - 5). no - This command sets the maximum value to be 5.

  • Page 187: Snmp Server Commands

    Management Commands Command Reference Global Config 7.5.3.11 show telnet This command displays the current outbound telnet settings. Syntax show telnet Default Setting None Command Mode User Exec, Privileged Exec Display Message Outbound Telnet Login Timeout (in minutes) Indicates the number of minutes an outbound telnet session is allowed to remain inactive before being logged off.

  • Page 188

    Management Commands Command Reference SNMP community parameters). Syntax show snmp Default Setting None Command Mode Privileged Exec Display Message SNMP Community Name: The community string to which this entry grants access. A valid entry is a case-sensitive alphanumeric string of up to 16 characters. Each row of this table must contain a unique community name.

  • Page 189

    Management Commands Command Reference Command Mode Privileged Exec Display Message Authentication Flag: May be enabled or disabled. The factory default is enabled. Indicates whether authentication failure traps will be sent. Link Up/Down Flag: May be enabled or disabled. The factory default is enabled. Indicates whether link status traps will be sent.

  • Page 190

    Management Commands Command Reference Default Setting None Command Mode Global Config 7.5.4.5 snmp-server contact This command sets the organization responsible for the network. The range for contact is from 1 to 31 alphanumeric characters. Syntax snmp-server contact <con> <con> - Range is from 1 to 31 alphanumeric characters. Default Setting None Command Mode...

  • Page 191

    Management Commands Command Reference <name> - community name (up to 16 case-sensitive characters). no - This command removes this community name from the table. The name is the community name to be deleted. Default Setting Two default community names: public and private. You can replace these default community names with unique identifiers for each community.

  • Page 192

    Management Commands Command Reference This command sets a client IP mask for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP address value to denote a range of IP addresses from which SNMP clients may use that community to access the device.

  • Page 193

    Management Commands Command Reference Command Mode Global Config 7.5.4.7 snmp-server host This command sets a client IP address for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP mask value to denote a range of IP addresses from which SNMP clients may use that community to access the device.

  • Page 194

    Management Commands Command Reference Default Setting Enabled Command Mode Global Config This command enables Link Up/Down traps for the entire IBP. When enabled, link traps are sent only if the Link Trap flag setting associated with the port is enabled (see ‘snmp trap link-status’...

  • Page 195: Snmp Trap Commands

    Management Commands Command Reference Enabled Command Mode Global Config 7.5.5 SNMP Trap Commands 7.5.5.1 show snmptrap This command displays SNMP trap receivers. Trap messages are sent across a network to an SNMP Network Manager. These messages alert the manager to events occurring within the IBP or on the network.

  • Page 196

    Management Commands Command Reference 7.5.5.2 snmp trap link-status This command enables link status traps by interface. Note: This command is valid only when the Link Up/Down Flag is enabled. See ‘snmpserver enable traps linkmode’ command. Syntax snmp trap link-status no snmp trap link-status no - This command disables link status traps by interface.

  • Page 197

    Management Commands Command Reference Default Setting Disabled Command Mode Global Config 7.5.5.3 snmptrap <name> <ipaddr> This command adds an SNMP trap name. The maximum length of the name is 16 case-sensitive alphanumeric characters. Syntax snmptrap <name> <ipaddr> no snmptrap <name> <ipaddr> <name>...

  • Page 198: Http Commands

    Management Commands Command Reference snmptrap ipaddr <name> <ipaddr> <ipaddrnew> <name> - SNMP trap name. <ipaddr> - an original IP address. <ipaddrnew> - a new IP address. Default Setting None Command Mode Global Config 7.5.5.5 snmptrap mode This command activates or deactivates an SNMP trap. Enabled trap receivers are active (able to receive traps).

  • Page 199

    Management Commands Command Reference This command displays the http settings for the IBP. Syntax show ip http Default Setting None Command Mode Privileged Exec Display Message HTTP Mode (Unsecure): This field indicates whether the HTTP mode is enabled or disabled. HTTP Port: This field specifies the port configured for HTTP.

  • Page 200

    Management Commands Command Reference 7.5.6.3 ip http port This command is used to set the http port where port can be 1-65535 and the default is port 80. Syntax ip http port <1-65535> no ip http port <1-65535> - HTTP Port value. no - This command is used to reset the http port to the default value.

  • Page 201

    Management Commands Command Reference Command Mode Global Config 7.5.6.5 ip http secure-port This command is used to set the SSLT port where port can be 1-65535 and the default is port 443. Syntax ip http secure-port <portid> no ip http secure-port <portid>...

  • Page 202: Secure Shell (ssh) Commands

    Management Commands Command Reference Global Config 7.5.6.7 ip http secure-protocol This command is used to set protocol levels (versions). The protocol level can be set to TLS1, SSL3 or to both TLS1 and SSL3. Syntax ip http secure-protocol <protocollevel1> [protocollevel2] no ip http secure-protocol <protocollevel1>...

  • Page 203

    Management Commands Command Reference Display Message Administrative Mode: This field indicates whether the administrative mode of SSH is enabled or disabled. Protocol Levels: The protocol level may have the values of version 1, version 2, or both versions. SSH Sessions Currently Active: This field specifies the current number of SSH connections.

  • Page 204

    Management Commands Command Reference Default Setting SSH1 and SSH2 Command Mode Global Config 7.5.7.4 ip ssh maxsessions This command specifies the maximum number of SSH connection sessions that can be established. A value of 0 indicates that no ssh connection can be established. The range is 0 to Syntax ip ssh maxsessions <0-5>...

  • Page 205: Dhcp Client Commands

    Management Commands Command Reference Syntax ip ssh timeout <1-160> no ip ssh timeout <1-160> - timeout interval in seconds. no - This command sets the SSH connection session timeout value, in minutes, to the default. Changing the timeout value for active sessions does not become effective until the session is reaccessed.

  • Page 206

    Management Commands Command Reference Syntax ip dhcp client-identifier {text <text> | hex <hex>} no ip dhcp client-identifier <text> - A text string. (Range: 1-15 characters). <hex> - The hexadecimal value (00:00:00:00:00:00). no - This command is used to restore to default value. Default Setting System Burned In MAC Address Command Mode...

  • Page 207: Lock Commands

    Management Commands Command Reference 7.5.9 LOCK Commands 7.5.9.1 lock This command locks the http access to the IBP and registers the passed “lock_identifier” with this lock. When the lock is set, the Web-GUI presents a message that access to this IBP is currently not possible, bcause it is managed by another application.

  • Page 208

    Management Commands Command Reference If you want to remove this lock, this Blade server must not be managed by any Virtual IO Manager. In order to release the lock without using the Virtual IO Manager issue the command "no lock <lock_identifier>" for each lock identifier that is registered.” Command Mode Global Config 7.5.9.3 lock_reset...

  • Page 209: System Log Management Commands

    System Log Management Commands Command Reference System Log Management Commands 7.6.1 Show Commands 7.6.1.1 show logging This command displays logging. Syntax Show logging Default Setting None Command Mode Privileged Exec Display Message Logging Client Local Port The port on the collector/relay to which syslog messages are sent CLI Command Logging The mode for CLI command logging.

  • Page 210: Show Logging Traplog

    System Log Management Commands Command Reference Default Setting None Command Mode Privileged Exec Display Message Message: The message that has been logged. Note: Message log information is not retained across a system reset. 7.6.3 show logging traplog This command displays the trap log maintained by the IBP. The trap log contains a maximum of 256 entries that wrap.

  • Page 211: Configuration Commands

    System Log Management Commands Command Reference Syntax Show logging hosts Default Setting None Command Mode Privileged Exec Display Message Index (used for deleting) IP Address IP Address of the configured server. Severity The minimum severity to log to the specified address. Port Server Port Number.This is the port on the local host from which syslog messages are sent.

  • Page 212

    System Log Management Commands Command Reference This command enables wrapping of in-memory logging when full capacity reached. Otherwise when full capacity is reached, logging stops. Syntax logging buffered wrap no logging buffered wrap no - This command disables wrapping of in-memory logging when full capacity reached. Default Setting None Command Mode...

  • Page 213

    System Log Management Commands Command Reference 7.6.4.3 logging host This command enables logging to a host where up to eight hosts can be configured. Syntax logging host <hostaddress> [ <port>] [[<severitylevel> | <0-7>]] <hostaddress> - IP address of the log server. <port>...

  • Page 214

    System Log Management Commands Command Reference This command reconfigures the IP address of the log server. Syntax logging host reconfigure <hostindex> <hostaddress> < hostindex > - Index of the log server. <hostaddress> - New IP address of the log server. Default Setting None Command Mode...

  • Page 215

    System Log Management Commands Command Reference Syntax logging syslog port <portid> no logging syslog port no - Resets the local logging port to the default. Default Setting None Command Mode Privileged Exec 7.6.4.5 clear logging buffered This command clears all in-memory log. Syntax clear logging buffered Default Setting...

  • Page 216: Script Management Commands

    Script Management Commands Command Reference Script Management Commands 7.7.1 script apply This command applies the commands in the configuration script to the IBP. The apply command backs up the running configuration and then starts applying the commands in the script file. Application of the commands stops at the first failure of a command. Syntax script apply <scriptname>...

  • Page 217: Script List

    Script Management Commands Command Reference 7.7.3 script list This command lists all scripts present on the IBP as well as the total number of files present. Syntax script list Default Setting None Command Mode Privileged Exec 7.7.4 script show This command displays the content of a script file. Syntax script show <scriptname>...

  • Page 218: User Account Management Commands

    User Account Management Commands Command Reference User Account Management Commands 7.8.1 Show Commands 7.8.1.1 show users This command displays the configured user names and their settings. This command is only available for users with readwrite privileges. The SNMPv3 fields will only be displayed if SNMP is available on the system.

  • Page 219

    User Account Management Commands Command Reference This command adds a new user (account) if space permits. The account <username> can be up to eight characters in length. The name may be comprised of alphanumeric characters as well as the dash (‘-’) and underscore (‘_’). The <username> is not case-sensitive. Six user names can be defined.

  • Page 220

    User Account Management Commands Command Reference <username> - is the login user name. md5 - md5 authentication method. sha - sha authentication method. none - no use authentication method. no - This command sets the authentication protocol to be used for the specified login user to none.

  • Page 221: Security Commands

    Security Commands Command Reference Security Commands 7.9.1 Show Commands 7.9.1.1 show users authentication This command displays all users and all authentication login information. It also displays the authentication login list assigned to the default user. Syntax show users authentication Default Setting None Command Mode Privileged Exec...

  • Page 222

    Security Commands Command Reference Authentication Login List: This displays the authentication login listname. Method 1: This displays the first method in the specified authentication login list, if any. Method 2: This displays the second method in the specified authentication login list, if any. Method 3: This displays the third method in the specified authentication login list, if any.

  • Page 223

    Security Commands Command Reference Privileged Exec Display Message Administrative mode: Indicates whether authentication control on the IBP is enabled or disabled. 7.9.1.5 show dot1x detail This command is used to show a summary of the global dot1x configuration and the detailed dot1x configuration for a specified port.

  • Page 224

    Security Commands Command Reference this port will retransmit an EAPOL EAP Request/Identity before timing out the supplicant. The value will be in the range of 1 to 10. Reauthentication Period: The timer used by the authenticator state machine on this port to determine when reauthentication of the supplicant takes place.

  • Page 225

    Security Commands Command Reference EAP Response Frames Received: The number of valid EAP response frames (other than resp/id frames) that have been received by this authenticator. EAP Request/Id Frames Transmitted: The number of EAP request/identity frames that have been transmitted by this authenticator. EAP Request Frames Transmitted: The number of EAP request frames (other than request/identity frames) that have been transmitted by this authenticator.

  • Page 226

    Security Commands Command Reference Syntax show dot1x users <slot/port> <slot/port> - is the desired interface number. Default Setting None Command Mode Privileged Exec Display Message User: Users configured locally to have access to the specified port. 7.9.1.9 show radius-servers This command is used to display items of the configured RADIUS servers. Syntax show radius-servers Default Setting...

  • Page 227

    Security Commands Command Reference Syntax show radius Default Setting None Command Mode Privileged Exec Display Message Current Server IP Address: Indicates the configured server currently in use for authentication Number of configured servers: The configured IP address of the authentication server Number of retransmits: The configured value of the maximum number of times a request packet is retransmitted Timeout Duration: The configured timeout value, in seconds, for request re-transmissions...

  • Page 228

    Security Commands Command Reference Secret Configured: Yes or No If the optional token 'statistics <ipaddr>' is included, the statistics for the configured RADIUS accounting server are displayed. The IP address parameter must match that of a previously configured RADIUS accounting server. The following information regarding the statistics of the RADIUS accounting server is displayed.

  • Page 229

    Security Commands Command Reference Privileged Exec Display Message If an IP address is not specified then only the Invalid Server Addresses field is displayed. Otherwise, the other listed fields are displayed. Invalid Server Addresses: The number of RADIUS Access-Response packets received from unknown addresses.

  • Page 230

    Security Commands Command Reference Privileged Exec Display Message Admin Mode: Displays TACACS administration mode. Server 1 Port: TACACS packet port number Server 1 Key: Secret Key between TACACS server and client Server 1 IP: First TACACS Server IP address Server 1 Timeout (sec): Timeout value in seconds while TACACS server has no response Server 1 Retry: Retry count if TACACS server has no response Server 1 Mode: Current TACACS server admin mode (disable, master or slave) Server 2 Port: TACACS packet port number...

  • Page 231

    Security Commands Command Reference Privileged Exec Display Message Port Security Administration Mode: Port lock mode for the entire system. This command shows the port-security settings for a particular interface or all interfaces. Syntax show port-security { <slot/port> | all } Default Setting None Command Mode...

  • Page 232: Configuration Commands

    Security Commands Command Reference Syntax show port-security static <slot/port> Default Setting None Command Mode Privileged Exec Display Message MAC address Statically locked MAC address. This command displays the source MAC address of the last packet that was discarded on a locked port.

  • Page 233

    Security Commands Command Reference list of methods are set in the authentication login list. If the authentication login list does not exist, a new authentication login list is first created and then the authentication methods are set in the authentication login list. The maximum number of authentication login methods is three. The possible method values are local, radius, reject, and tacacs.

  • Page 234

    Security Commands Command Reference Syntax username defaultlogin <listname> <listname> - an authentication login list. Default Setting None Command Mode Global Config 7.9.2.3 username login This command assigns the specified authentication login list to the specified user for system login. The <username> must be a configured <username> and the <listname> must be a configured login list.

  • Page 235: Dot1x Configuration Commands

    Security Commands Command Reference 7.9.3 Dot1x Configuration Commands 7.9.3.1 dot1x initialize This command begins the initialization sequence on the specified port. This command is only valid if the control mode for the specified port is 'auto'. If the control mode is not 'auto' an error will be returned.

  • Page 236

    Security Commands Command Reference 7.9.3.3 dot1x login This command assigns the specified authentication login list to the specified user for 802.1x port security. The <user> parameter must be a configured user and the <listname> parameter must be a configured authentication login list. Syntax dot1x login <user>...

  • Page 237

    Security Commands Command Reference 7.9.3.5 dot1x user This command adds the specified user to the list of users with access to the specified port or all ports. The <username> parameter must be a configured user. Syntax dot1x user <user> {<slot/port> | all} no dot1x user <user>...

  • Page 238

    Security Commands Command Reference no - This command sets the authentication mode to be used on all ports to 'auto'. Default Setting auto Command Mode Global Config This command sets the authentication mode to be used on the specified port. The control mode may be one of the following.

  • Page 239

    Security Commands Command Reference dot1x max-req <1-10> no dot1x max-req <1-10> - maximum number of times (Range: 1 – 10). no - This command sets the maximum number of times the authenticator state machine on this port will transmit an EAPOL EAP Request/Identity frame before timing out the supplicant to the default value, that is, 2.

  • Page 240

    Security Commands Command Reference Syntax dot1x re-authenticate <slot/port> <slot/port> - is the desired interface number. Default Setting None Command Mode Privileged Exec 7.9.3.10 dot1x timeout This command sets the value, in seconds, of the timer used by the authenticator state machine on this port.

  • Page 241: Radius Configuration Commands

    Security Commands Command Reference <seconds> no dot1x timeout {quiet-period | reauth-period | server-timeout | supp-timeout | tx-period} <seconds> - Value in the range 0 – 65535. no - This command sets the value, in seconds, of the timer used by the authenticator state machine on this port to the default values.

  • Page 242

    Security Commands Command Reference 7.9.4.2 radius-server host This command is used to configure the RADIUS authentication and accounting server. If the 'auth' token is used, the command configures the IP address to use to connect to a RADIUS authentication server. Up to 3 servers can be configured per RADIUS client. If the maximum number of configured servers is reached, the command will fail until one of the servers is removed by executing the no form of the command.

  • Page 243

    Security Commands Command Reference This command is used to configure the shared secret between the RADIUS client and the RADIUS accounting / authentication server. Depending on whether the 'auth' or 'acct' token is used, the shared secret will be configured for the RADIUS authentication or RADIUS accounting server.

  • Page 244

    Security Commands Command Reference 7.9.4.5 radius-server timeout This command sets the timeout value (in seconds) after which a request must be retransmitted to the RADIUS server if no response is received. The timeout value is an integer in the range of 1 to 30.

  • Page 245: Tacacs Configuration Commands

    Security Commands Command Reference 7.9.4.7 radius-server primary This command is used to configure the primary RADIUS authentication server for this RADIUS client. The primary server is the one that is used by default for handling RADIUS requests. The remaining configured servers are only used if the primary server cannot be reached. A maximum of three servers can be configured on each client.

  • Page 246

    Security Commands Command Reference Disabled Command Mode Global Config 7.9.5.2 tacacs mode This command is used to enable/select/disable the TACACS server administrative mode Syntax tacacs mode <1-3> {master | slave} no tacacs mode <1-3> <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to disable it.

  • Page 247

    Security Commands Command Reference Default Setting IP 0.0.0.0 Command Mode Global Config 7.9.5.4 tacacs port This command is used to configure the TACACS server’s service port. Syntax tacacs port <1-3> <1-65535> no tacacs port <1-3> <1-65535> - service port (Range: 1 to 65535). <1-3>...

  • Page 248

    Security Commands Command Reference no - This command is used to remove the TACACS server secret key. Default Setting None Command Mode Global Config 7.9.5.6 tacacs retry This command is used to configure the TACACS packet retransmit times. Syntax tacacs retry <1-3> <1-9> no tacacs retry <1-3>...

  • Page 249: Port Security Configuration Commands

    Security Commands Command Reference <1-255> - max timeout (Range: 1 to 255). <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to reset the timeout value to the default value. Default Setting Command Mode Global Config 7.9.6...

  • Page 250

    Security Commands Command Reference Syntax port-security max-dynamic [<0-600>] no port-security max-dynamic no - This command resets the maximum of dynamically locked MAC addresses allowed on a specific port to its default value. Default Setting Command Mode Interface Config 7.9.6.3 port-security max-static This command sets the maximum number of statically locked MAC addresses allowed on a specific port.

  • Page 251

    Security Commands Command Reference 7.9.6.4 port-security mac-address This command adds a MAC address to the list of statically locked MAC addresses. Syntax port-security mac-address <mac-addr> <1-3965> no port-security mac-address <mac-addr> <1-3965> <1-3965> VLAN ID <mac-addr> no - This command removes a MAC address from the list of statically locked MAC addresses.

  • Page 252: Sntp Commands

    SNTP Commands Command Reference 7.10 SNTP Commands 7.10.1 Show Commands 7.10.1.1 show sntp This command displays the current time and configuration settings for the SNTP client, and indicates whether the local time has been properly updated. Syntax show sntp Default Setting None Command Mode Privileged Exec...

  • Page 253: Configuration Commands

    SNTP Commands Command Reference Display Message Client Supported Modes Supported SNTP Modes (Broadcast, Unicast, or Multicast). SNTP Version The highest SNTP version the client supports. Port SNTP Client Port Client Mode: Configured SNTP Client Mode. Unicast Poll Interval Poll interval value for SNTP clients in seconds as a power of two. Poll Timeout (Seconds) Poll timeout value in seconds for SNTP clients.

  • Page 254

    SNTP Commands Command Reference 7.10.2.1 sntp broadcast client poll-interval This command will set the poll interval for SNTP broadcast clients in seconds as a power of two where <poll-interval> can be a value from 6 to 16. Syntax sntp broadcast client poll-interval <6-10> no sntp broadcast client poll-interval <6-10>...

  • Page 255

    SNTP Commands Command Reference Command Mode Global Config 7.10.2.3 sntp client port This command will set the SNTP client port id and polling interval in seconds. Syntax sntp client port <portid> [<6-10>] no sntp client port <portid> - SNTP client port id. <6-10>...

  • Page 256

    SNTP Commands Command Reference Default Setting The default value is 6. Command Mode Global Config 7.10.2.5 sntp unicast client poll-timeout This command will set the poll timeout for SNTP unicast clients in seconds. Syntax sntp unicast client poll-timeout <poll-timeout> no sntp unicast client poll-timeout <...

  • Page 257

    SNTP Commands Command Reference < poll-retry> - Polling retry in seconds. The range is 0 to 10. no - This command will reset the poll retry for SNTP unicast clients to its default value. Default Setting The default value is 1. Command Mode Global Config 7.10.2.7...

  • Page 258: System Utilities

    System Utilities Command Reference 7.10.2.9 This command sets the time zone for the IBP’s internal clock. Syntax sntp clock timezone <name> <0-12> <0-59> {before-utc | after-utc} <name> - Name of the time zone, usually an acronym. (Range: 1-15 characters) <0-12> - Number of hours before/after UTC. (Range: 0-12 hours) <0-59>...

  • Page 259

    System Utilities Command Reference Command Mode Privileged Exec 7.11.1.2 clear traplog This command clears the trap log. Syntax clear traplog Default Setting None Command Mode Privileged Exec 7.11.1.3 clear eventlog This command is used to clear the event log, which contains error messages from the system. Syntax clear eventlog Default Setting...

  • Page 260

    System Utilities Command Reference Syntax clear logging buffered Default Setting None Command Mode Privileged Exec 7.11.1.5 clear config This command resets the configuration to the factory defaults without powering off the IBP. The IBP is automatically reset when this command is processed. You are prompted to confirm that the reset should proceed.

  • Page 261

    System Utilities Command Reference Default Setting None Command Mode Privileged Exec 7.11.1.7 clear mac address table This command clear all dynamic mac address from the mac address table of IBP. Syntax clear mac-addr-table dynamic Default Setting None Command Mode Privileged Exec 7.11.1.8 clear counters This command clears the stats for a specified <slot/port>...

  • Page 262

    System Utilities Command Reference 7.11.1.9 clear port-group This command resets port group configuration parameters and management VLAN parameters to the factory defaults. Syntax clear port-group Default Setting None Command Mode Privileged Exec 7.11.1.10 enable passwd This command changes Privileged EXEC password. Syntax enable passwd Default Setting...

  • Page 263

    System Utilities Command Reference Command Mode Privileged Exec 7.11.1.12 clear ip filter This command is used to clear all ip filter entries. Syntax clear ip filter Default Setting None Command Mode Privileged Exec 7.11.1.13 clear dot1x statistics This command resets the 802.1x statistics for the specified port or for all ports. Syntax clear dot1x statistics {all | <slot/port>} <slot/port>...

  • Page 264: Copy

    System Utilities Command Reference 7.11.1.14 clear radius statistics This command is used to clear all RADIUS statistics. Syntax clear radius statistics Default Setting None Command Mode Privileged Exec 7.11.1.15 clear tacacs This command is used to clear TACACS configuration. Syntax clear tacacs Default Setting None...

  • Page 265

    System Utilities Command Reference The command can also be used to download ssh key files as sshkey-rsa, sshkey-rsa2, and sshkey-dsa and http secure-server certificates as sslpem-root, sslpem- server, sslpem-dhweak, and sslpem-dhstrong. Files upload to PC Syntax copy startup-config <sourcefilename> <url> copy {errorlog | log | traplog} <url>...

  • Page 266

    System Utilities Command Reference <destfilename> - name of the image file or the script file. <url> - xmodem or tftp://ipaddr/path/file. sshkey-rsa1 - SSH RSA1 Key file. sshkey-rsa2 - SSH RSA2 Key file. sshkey-dsa - SSH DSA Key file. sslpem-root - Secure Root PEM file. sslpem-server - Secure Server PEM file.

  • Page 267: Delete

    System Utilities Command Reference This command upload or download the pre-login banner file Syntax copy clibanner <url> copy <url> clibanner no clibanner <url> - xmodem or tftp://ipaddr/path/file. no - Delete CLI banner. Default Setting None Command Mode Privileged Exec 7.11.3 delete This command is used to delete a configuration or image file.

  • Page 268: Whichboot

    System Utilities Command Reference Syntax dir [boot-rom | config | opcode [<filename>] ] <filename> - name of the configuration or image file. boot-rom - bootrom. config - configuration file. opcode - run time operation code. Default Setting None Command Mode Privileged Exec Display Message Column Heading...

  • Page 269: Ping

    System Utilities Command Reference This command is used to specify the file or image used to start up the system. Syntax boot-system {boot-rom | config | opcode} <filename> <filename> - name of the configuration or image file. boot-rom - bootrom. config - configuration file.

  • Page 270: Traceroute

    System Utilities Command Reference Ping on changing parameter value Syntax ping <host> count <0-20000000> [size <32-512>] ping <host> size <32-512> [count <0-20000000>] <ipaddr> - an IP address. <0-20000000> - number of pings (Range: 0 - 20000000). Note that 0 means infinite. <size>...

  • Page 271: Logging Cli-command

    System Utilities Command Reference Privileged Exec 7.11.9 logging cli-command This command enables the CLI command Logging feature. The Command Logging component enables the IBP to log all Command Line Interface (CLI) commands issued on the system. Syntax Logging cli-command Default Setting None Command Mode Global Config...

  • Page 272: Reload

    System Utilities Command Reference 7.11.11 reload This command resets the IBP without powering it off. Reset means that all network connections are terminated and the boot code executes. The IBP uses the stored configuration to initialize the system. You are prompted to confirm that the reset should proceed. A successful reset is indicated by the LEDs on the IBP.

  • Page 273: Hostname

    System Utilities Command Reference <0-11> - telnet session ID. all - all telnet sessions. Default Setting None Command Mode Privileged Exec 7.11.14 hostname This command is used to set the prompt string. Syntax hostname <prompt_string> < prompt_string > - Prompt string. Default Setting vty-0 Command Mode...

  • Page 274: Dhcp Commands

    DHCP Commands Command Reference 7.12 DHCP Commands 7.12.1 ip dhcp restart Submit a DHCP client request. Syntax ip dhcp restart Default Setting None Command Mode Global Config 7.12.2 ip dhcp client-identifier This commands specifies the DHCP client identifier for the IBP. Syntax ip dhcp client-identifier {text <text>...

  • Page 275: Using Snmp

    Supported MIBs Using SNMP 8 Using SNMP SNMP (Simple Network Management Protocol) is a communication protocol designed specifically for managing devices or other elements on a network. Equipment commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performance or detect potential problems.

  • Page 276: Supported Mibs

    Supported MIBs Using SNMP 8.1 Supported MIBs The standard MIBs are listed in the following table. Public MIB NAME MIB FIles Specifications IEEE 802.1x IEEE8021-PAE-MIB dot1x.my IEEE 802.3ad LAG-MIB dot3ad.my RFC 1213 RFC1213-MIB mib-2.my RFC 2011 RFC2011 ip-icmp.my IP-MIB RFC 1493 BRIDGE-MIB bridge.my RFC 1643...

  • Page 277

    Supported MIBs Using SNMP RFC 3814 MPLS-FTN-MIB mpls_ftn.my RFC 2932 IPMROUTE-STD-MIB ipmroute.my RFC 1354 IP-FORWARD-MIB ipforward.my RFC 2213 INTEGRATED-SERVICES-MIB intserv.my RFC 3291 INET-ADDRESS-MIB inetaddress.my RFC 2933 and RFC 3019 MGMD-STD-MIB igmp.my RFC 1573 IANAifType-MIB iftype.my RFC 2677 IANA-ADDRESS-FAMILY-NUMBERS-MIB ianaaddr.my The private enterprise MIB is listed below. MIB files Private MIB names FSC-SWITCH-MIB...

  • Page 278: Accessing Mib Objects

    Accessing MIB Objects Using SNMP 8.2 Accessing MIB Objects MIB objects represent features of the IBP that an SNMP application can control and manage. One example is the RFC-2233 IF-MIB group which you can use to get or set the port configuration by reading or writing to different variables in this MIB group.

  • Page 279

    Accessing MIB Objects Using SNMP ifOutOctets ifOutUcastPkts ifOutNUcastPkts ifOutDiscards ifOutErrors ifOutQLen ifSpecific ifXTable Index: ifIndex ifName ifInMulticastPkts ifInBroadcastPkts ifOutMulticastPkts ifOutBroadcastPkts ifHCInOctets ifHCInUcastPkts ifHCInMulticastPkts ifHCInBroadcastPkts ifHCOutOctets ifHCOutUcastPkts ifHCOutMulticastPkts ifHCOutBroadcastPkts ifLinkUpDownTrapEnable ifHighSpeed ifPromiscuousMode ifConnectorPresent ifAlias ifCounterDiscontinuityTime Intelligent Blade Panel Module...

  • Page 280

    Accessing MIB Objects Using SNMP ifStackTable Indicies: ifStackHigherLayer ifStackLowerLayer ifStackStatus ifRcvAddressTable Indicies: ifIndex ifRcvAddressAddress ifRcvAddressStatus ifRcvAddressType ifTestTable Index: ifTestId ifTestStatus ifTestType ifTestResult ifTestCode ifTestOwner Intelligent Blade Panel Module...

  • Page 281: Supported Traps

    Supported Traps Using SNMP 8.3 Supported Traps SNMP traps supported include the following items: RFC No. Title RFC 1215 coldStar warmStart linkDown linkUp authenticationFailure RFC 1493 newRoot topologyChange RFC 2819 risingAlarm fallingAlarm Intelligent Blade Panel Module...

  • Page 282: Default Settings

    The overview system default settings Default Settings 9 Default Settings 9.1 The overview system default settings The default settings for the system module are shown in the following table. Management serial port / telnet / ssh HTTP Java Applet / SSL3.0 , TLS 1.0 SNMP v1/v2c/v3 Enterprise MIBs / Standard MIBs / RMON System...

  • Page 283: The Default Settings For All The Configuration Commands

    The default settings for all the configuration commands Default Settings HTTP Mode (Secure): Disabled Secure Port: 443 Secure Protocol Level(s): TLS1 SSL3 802.1X Port Authent. disable RADIUS Client disable IGMP Snooping disable 802.3ad enable SNTP Client disable TACACS disable StormControl enable Link State disable...

  • Page 284

    The default settings for all the configuration commands Default Settings ip javamode ip dhcp client-identifier text Default (system clear config : ip dhcp client-identifier hex <MAC address>) no ip http secure-server ip http secure-protocol TLS1 SSL3 ip http secure-port 443 ip http server no ip ssh ip ssh maxsessions 5...

  • Page 285

    The default settings for all the configuration commands Default Settings tacacs no tacacs tacacs port 1 49 no tacacs key 1 no tacacs server-ip 1 tacacs timeout 1 3 tacacs retry 1 5 no tacacs mode 1 tacacs port 2 49 no tacacs key 2 no tacacs server-ip 2 tacacs timeout 2 3...

  • Page 286

    The default settings for all the configuration commands Default Settings lacp no lacp dot1x dot1x port-control auto no dot1x re-authentication dot1x timeout quiet-period 60 dot1x timeout reauth-period 3600 dot1x timeout supp-timeout 30 dot1x timeout tx-period 30 dot1x timeout server-timeout 30 dot1x max-req 2 storm-control no storm-control flowcontrol...

  • Page 287: Troubleshooting And Tips

    Diagnosing IBP Indicators Troubleshooting and Tips 10 Troubleshooting and Tips If you are having problems connecting to the network, check your network cabling to ensure that the device in question is properly connected to the network. Then refer to verify that the corresponding port on the IBP is functioning properly.

  • Page 288: Accessing The Management Interface

    Accessing the Management Interface Troubleshooting and Tips 10.2 Accessing the Management Interface You can access the management interface for the IBP from anywhere within the attached network using Telnet, a Web browser, or any SNMP-based network management software. If you are having trouble accessing the management interface, then refer to the troubleshooting information displayed in the following table.

  • Page 289

    Information on this document On April 1, 2009, Fujitsu became the sole owner of Fujitsu Siemens Compu- ters. This new subsidiary of Fujitsu has been renamed Fujitsu Technology So- lutions. This document from the document archive refers to a product version which was released a considerable time ago or which is no longer marketed.

Comments to this Manuals

Symbols: 0
Latest comments: