Download Print this page

Sun Microsystems Sun Fire B1600 Administration Manual

Blade system chassis switch

Hide thumbs Also See for Sun Fire B1600:

Installation manual (98 pages)

,

Administration manual (170 pages)

,

Replacement manual (10 pages)

Table Of Contents

Table of Contents

Advertisement

Quick Links

Download this manual See also: Installation Manual

Sun Fire

B1600 Blade System

TM

Chassis Switch Administration

Guide

Sun Microsystems, Inc.

4150 Network Circle

Santa Clara, CA 95054 U.S.A.

650-960-1300

Part No. 817-2576-10

June 2003, Revision A

Send comments about this document to: docfeedback@sun.com

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the Sun Fire B1600 and is the answer not in the manual?

Questions and answers

Summary of Contents for Sun Microsystems Sun Fire B1600

Page 1 Sun Fire B1600 Blade System Chassis Switch Administration Guide Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 U.S.A. 650-960-1300 Part No. 817-2576-10 June 2003, Revision A Send comments about this document to: docfeedback@sun.com...
Page 2 LOOK GUIs and otherwise comply with Sun’s written license agreements. Use, duplication, or disclosure by the U.S. Government is subject to restrictions set forth in the Sun Microsystems, Inc. license agreements and as provided in DFARS 227.7202-1(a) and 227.7202-3(a) (1995), DFARS 252.227-7013(c)(1)(ii) (Oct. 1998), FAR 12.212(a) (1995), FAR 52.227-19, or FAR 52.227-14 (ALT III), as applicable.
Page 3 Cette distribution peut comprendre des composants développés pardes tierces parties. Sun, Sun Microsystems, le logo Sun, Java, Solaris, Sun Fire et le logo 100% Pure Java sont des marques de fabrique ou des marques déposées de Sun Microsystems, Inc. aux Etats-Unis et dans d’autres pays.
Page 5: Table Of Contents
Contents Introduction 1-1 Overview 1-2 1.1.1 Switch Architecture 1-2 1.1.2 Ways of Accessing the Switch Management Application 1-2 Description of Hardware 1-3 1.2.1 Ethernet Ports 1-3 1.2.1.1 Up-link Ports 1-3 1.2.1.2 Internal Ports 1-4 1.2.2 Status LEDs 1-5 Features of the Switch 1-6 Switch Default Settings 1-9 Initial Configuration 2-1 Connecting to the Switch Interface 2-2...
Page 6 General Management of the Switch 3-1 Using the Web Interface 3-2 3.1.1 Navigating the Web Browser Interface 3-3 3.1.1.1 Home Page 3-3 3.1.1.2 Configuration Options 3-4 3.1.2 Panel Display 3-4 3.1.3 Main Menu Basic Configuration 3-8 3.2.1 Displaying System Information 3-8 3.2.1.1 Web Interface: Displaying and Specifying Identification Details 3-8...
Page 7 3.2.6.2 Command-line Interface: Configuring User Authentication 3-32 3.2.6.3 MIB variables Associated With User Authentication 3-33 3.2.7 Configuring SNMP 3-33 3.2.7.1 Configuring SNMP Access 3-34 3.2.7.2 Specifying Trap Managers and Trap Types 3-36 Configuring Global Network Protocols 3-39 3.3.1 VLAN Configuration 3-39 3.3.1.1 Displaying Basic VLAN Information 3-41 3.3.1.2...
Page 8 3.3.5.5 Mapping IP Precedence 3-87 3.3.5.6 Mapping DSCP Priority 3-90 3.3.6 Address Table Settings 3-92 3.3.6.1 Displaying the Address Table 3-92 3.3.6.2 Changing the Aging Time 3-94 Port Configuration 3-96 3.4.1 Displaying Connection Status 3-96 3.4.2 Configuring Interface Connections 3-102 3.4.2.1 Web Interface: Configuring Interface Connections 3-103...
Page 9 3.4.6.1 Displaying the Current Interface Settings for STA 3-125 3.4.6.2 Configuring Interface Settings for STA 3-129 3.4.6.3 Checking the STA Protocol Status for Interfaces 3-132 3.4.7 Filtering Traffic From the Down Link Ports to the Management Port 3-134 3.4.7.1 Web Interface: Filtering Traffic to the Management Port 3-135 3.4.7.2 Command-line Interface: Filtering Traffic to the...
Page 10 3.5.4.3 MIB Variables Associated With Message Logs 3-159 Command-Line Reference 4-1 Using the Command-Line Interface 4-2 4.1.1 Accessing the CLI 4-2 4.1.1.1 Console Connection 4-2 4.1.1.2 Telnet Connection 4-3 4.1.2 Entering Commands 4-4 4.1.2.1 Keywords and Arguments 4-4 4.1.2.2 Minimum Abbreviation 4-5 4.1.2.3 Command Completion 4-5 4.1.2.4...
Page 11 4.3.1.7 exit 4-19 4.3.1.8 quit 4-19 4.3.2 Flash/File Commands 4-20 4.3.2.1 copy 4-20 4.3.2.2 delete 4-22 4.3.2.3 dir 4-23 4.3.2.4 whichboot 4-25 4.3.2.5 boot system 4-26 4.3.3 System Management Commands 4-27 4.3.3.1 hostname 4-28 4.3.3.2 username 4-29 4.3.3.3 enable password 4-30 4.3.3.4 ip http port 4-31 4.3.3.5...
Page 12 4.3.4.4 radius-server key 4-49 4.3.4.5 radius-server retransmit 4-50 4.3.4.6 radius-server timeout 4-50 4.3.4.7 show radius-server 4-51 4.3.4.8 tacacs-server host 4-52 4.3.4.9 tacacs-server port 4-52 4.3.4.10 tacacs-server key 4-53 4.3.4.11 show tacacs-server 4-54 4.3.5 SNMP Commands 4-54 4.3.5.1 snmp-server community 4-55 4.3.5.2 snmp-server contact 4-56 4.3.5.3...
Page 13 4.3.7.5 show ip interface 4-75 4.3.7.6 show ip redirects 4-75 4.3.7.7 ping 4-76 4.3.7.8 ip filter 4-77 4.3.7.9 show ip filter 4-81 4.3.8 Interface Commands 4-83 4.3.8.1 interface 4-83 4.3.8.2 description 4-84 4.3.8.3 speed-duplex 4-85 4.3.8.4 negotiation 4-86 4.3.8.5 capabilities 4-87 4.3.8.6 flowcontrol 4-89 4.3.8.7...
Page 14 4.3.11.2 spanning-tree mode 4-106 4.3.11.3 spanning-tree forward-time 4-107 4.3.11.4 spanning-tree hello-time 4-108 4.3.11.5 spanning-tree max-age 4-109 4.3.11.6 spanning-tree priority 4-110 4.3.11.7 spanning-tree pathcost method 4-111 4.3.11.8 spanning-tree transmission-limit 4-112 4.3.11.9 spanning-tree cost 4-112 4.3.11.10 spanning-tree port-priority 4-114 4.3.11.11 spanning-tree edge-port 4-115 4.3.11.12 spanning-tree protocol-migration 4-116 4.3.11.13 spanning-tree link-type 4-117 4.3.11.14 show spanning-tree 4-118...
Page 15 4.3.13.4 show garp timer 4-135 4.3.13.5 bridge-ext gvrp 4-135 4.3.13.6 show bridge-ext 4-136 4.3.14 IGMP Snooping Commands 4-138 4.3.14.1 ip igmp snooping 4-139 4.3.14.2 ip igmp snooping vlan static 4-140 4.3.14.3 ip igmp snooping version 4-141 4.3.14.4 show ip igmp snooping 4-142 4.3.14.5 show mac-address-table multicast 4-143 4.3.14.6...
Page 16 4.3.16 Mirror Port Commands 4-164 4.3.16.1 port monitor 4-164 4.3.16.2 show port monitor 4-165 4.3.17 Link Aggregation Commands 4-166 4.3.17.1 channel-group 4-167 4.3.17.2 lacp 4-168 A. Management Information Base A-1 Supported MIBs A-2 Supported Traps A-3 B. Troubleshooting B-1 Diagnosing Switch Indicators B-2 Diagnosing Port Connections B-2 Accessing the Management Interface B-2 Using System Logs B-4...
Page 17 Glossary Glossary-1 Index Index-1 Contents xvii...
Page 18 xviii Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 19: How This Book Is Organized
Preface This Sun Fire B1600 Blade System Chassis Switch Administration Guide provides information that enables you to understand and use the switch inside the Switch and System Controller (SSC) module in the system chassis. There are two interfaces to the switch: a command-line interface and a web interface. This manual describes both.
Page 20 Chapter 3 describes all of the key switch features and shows you how to configure these features through both the web interface and the console interface. It also provides a list of comparable MIB variables used by SNMP management applications. Chapter 4 provides a detailed listing of all the console interface commands and parameters.
Page 21: Typographic Conventions
Typographic Conventions Typeface Meaning Examples The names of commands and Display system files. AaBbCc123 files; on-screen computer output Use dir to list all files. What you type, when contrasted enable AaBbCc123 > with on-screen computer output Password: AaBbCc123 Book titles, new words or terms, Read Chapter 6 in the Sun Fire B1600 words to be emphasized.
Page 22 Contacting Sun Technical Support If you have technical questions about this product that are not answered in this document, go to: http://www.sun.com/service/contacting Sun Welcomes Your Comments Sun is interested in improving its documentation and welcomes your comments and suggestions. You can submit your comments by going to: http://www.sun.com/hwdocs/feedback Please include the title and part number of your document with your feedback: Sun Fire B1600 Blade System Chassis Switch Administration Guide, part number 816-...
Page 23: Introduction
C H A P T E R Introduction The Sun Fire B1600 blade system chassis includes two (Switch and System Controller (SSC) modules. The SSC includes a high-performance Gigabit Ethernet switch. The 16 internal full-duplex Gigabit ports on this switch provide high-capacity connectivity within the chassis, while the eight external full-duplex Gigabit ports connect to the wider network.
Page 24: Overview
Overview The switches provide Gigabit Ethernet connectivity for the Sun Fire B1600 blade system chassis. If a fault develops in one switch, operation continues without interruption on the second. All components in the chassis—blades, SSCs and power supply units (PSUs)—plug into a common midplane which provides all interconnection between the components.
Page 25: Description Of Hardware
When you connect through a web browser the switch provides HTTP management access with a graphical user interface. The information provided by SNMP can be displayed by an appropriately configured management application that is able to use SNMP. Description of Hardware The SSC includes the switch board, the SC, cooling fans, as well as midplane and rear panel connectors.
Page 26: Internal Ports
1.2.1.2 Internal Ports The switch also includes 16 internal 1000BASE-X Gigabit Ethernet ports that connect to the blades in the chassis. These ports are fixed at 1000 Mbit/sec, full duplex. The internal ports are named SNP0 to SNP15 in the configuration interface. The switch also includes an internal 10/100BASE-TX port called NETMGT, which is connected to the SC's network port and to the external management port on the SSC’s front panel through an internal hub.
Page 27: Status Leds
1.2.2 Status LEDs Switch level indicators are located on the SSC module. The 1000BASE-T up-link ports and the 10/100BASE-TX management port located on the rear panel of the SSC also include indicators for both Link and Speed. Ready to Remove Service Required Link Active...
Page 28: Features Of The Switch
Features of the Switch The switch provides a wide range of advanced performance-enhancing features. Multicast filtering provides support for real-time network applications. Port-based and tagged virtual local area networks (VLANs), plus support for automatic GARP VLAN Registration Protocol (GVRP) provides traffic security and efficient use of network bandwidth.
Page 29 can be dynamically learned through GVRP or ports can be manually assigned to a specific set of VLANs. This allows the switch to restrict traffic to the VLAN groups to which a user has been assigned. By segmenting your network into VLANs, you can: Eliminate broadcast storms, which severely degrade performance in a flat network.
Page 30 This switch also supports several common methods of prioritizing layer 3/4 traffic to meet application requirements. Traffic can be prioritized based on the priority bits in the IP frame’s Type of Service (ToS) octet. When these services are enabled, the priorities are mapped to a Class of Service value by the switch, and the traffic is then sent to the corresponding output queue.
Page 31: Switch Default Settings
Switch Default Settings Switch Default Settings TABLE 1-2 Function Default System Settings • Web Mgt. Enabled • Secure Web Mgt. Disabled • BOOTP Enabled • DHCP Enabled • SNMP Communities public: Read Only private: Read/Write • SNMP Traps Authentication traps: enabled Link up down events: enabled •...
Page 32 Switch Default Settings (Continued) TABLE 1-2 Function Default • Edge Port Enabled by default for SNP0-15, disabled for NETP0-7 (Fast Forwarding) Address Aging 300 seconds Virtual LANs • GVRP Disabled • Default VLAN PVID 1 (for untagged frames) • Management VLAN VLAN 2 (for the management port) •...
Page 33: Initial Configuration
C H A P T E R Initial Configuration For full information about performing the initial configuration of the switch, refer to the Sun Fire B1600 Blade System Chassis Software Setup Guide. This chapter contains the following sections: Section 2.1, “Connecting to the Switch Interface” on page 2-2 Section 2.2, “Enabling SNMP Management Access”...
Page 34: Connecting To The Switch Interface
Connecting to the Switch Interface 2.1.1 Configuration Options For management access, the switch module provides a command-line configuration interface (CLI). This program can be accessed by first connecting to the RJ-45 serial console port on the switch, and then logging into the switch’s CLI from the System Controller’s (SC) command prompt as shown below, where SSCn indicates either SSC0 or SSC1.
Page 35: Enabling Snmp Management Access
Web Interface – The switch also includes an embedded HTTP Web agent. This agent can be accessed using a standard Web browser from any computer on the management network. SNMP Software – The switch’s management agent is based on Simple Network Management Protocol (SNMP), supporting versions 1, 2c, and 3.
Page 36: Trap Receivers
The default strings are: public – With read-only access. Authorized management stations are only able to retrieve MIB objects. private – With read/write access. Authorized management stations are able to both retrieve and modify MIB objects. Note – If you do not intend to utilize SNMP, delete both of the default community strings.
Page 37 3. Save the configuration settings by following the instructions in the Sun Fire B1600 Blade System Chassis Software Setup Guide. Chapter 2 Initial Configuration...
Page 38 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 39: General Management Of The Switch
C H A P T E R General Management of the Switch This chapter describes how to perform basic configuration tasks and includes the following sections: Section 3.1, “Using the Web Interface” on page 3-2 Section 3.2, “Basic Configuration” on page 3-8 Section 3.3, “Configuring Global Network Protocols”...
Page 40: Using The Web Interface
Using the Web Interface The Sun Fire B1600 blade system chassis switch provides an embedded HTTP web agent. Using a web browser, you can configure the switch and view statistics to monitor network activity. The web agent can be accessed by any computer on the network using a standard web browser (Internet Explorer 5.0 or above or Netscape Navigator 6.2 or above).
Page 41: Navigating The Web Browser Interface
3.1.1 Navigating the Web Browser Interface To access the web-browser interface, you must first enter a user name and password. The administrator has read/write access to all configuration parameters and statistics. The default administrator user name and password is admin. 3.1.1.1 Home Page When your web browser connects with the switch’s web agent, the home page is...
Page 42: Configuration Options
3.1.1.2 Configuration Options Configurable parameters have a text field or a menu. Once a configuration change has been made on a page, click the Save button to confirm the new setting. The following table summarizes the web page configuration buttons. Web Page Configuration Buttons TABLE 3-1 Button...
Page 43: Main Menu
3.1.3 Main Menu Using the on-board web agent, you can define system parameters, manage and control the switch and all its ports, and monitor network conditions. The following table briefly describes the selections available from this program. Summary of Tasks You Can Perform Using the Web Agent TABLE 3-2 Menu Subordinate Menu...
Page 44 Summary of Tasks You Can Perform Using the Web Agent (Continued) TABLE 3-2 Menu Subordinate Menu Description See Page Class of Service Configures Class of Service 3-78 • Basic Traffic Prioritisation Configures default CoS priorities, maps CoS 3-78 priorities to output queues, and configures Weighted Round Robin queueing •...
Page 45 Summary of Tasks You Can Perform Using the Web Agent (Continued) TABLE 3-2 Menu Subordinate Menu Description See Page Static Addresses Displays or edits static entries in the Address 3-121 Table; enables and disables learning of permanent entries Spanning Tree Configures port settings for the global spanning 3-125 tree...
Page 46: Basic Configuration
Basic Configuration 3.2.1 Displaying System Information You can identify the system by providing a descriptive name, location, and contact information. When displaying system information using the web interface or CLI, the following parameters are displayed or can be configured: Host Name – The name assigned to the switch. Location –...
Page 47 Switch Setup ⇒ System Identity Window FIGURE 3-3 Chapter 3 General Management of the Switch...
Page 48: Command-Line Interface: Displaying And Specifying Identification Details
3.2.1.2 Command-line Interface: Displaying and Specifying Identification Details Console(config)#hostname R&D 5 Console(config)#snmp-server location WC 9 Console(config)#snmp-server contact Charles Console#show system System description: Sun Fire B1600 System OID string: 1.3.6.1.4.1.674.10895.4 System information System Up time: 0 days, 0 hours, 55 minutes, and 54.91 seconds System Name : [NONE] System Location...
Page 49: Mib Variables: Identification Details
3.2.1.3 MIB Variables: Identification Details SNMP MIB variables Corresponding to the Switch Setup ⇒ System Identity TABLE 3-3 Window Field Name MIB Variable Access Value Range Default Value System Name Read/write String (size(0-255)) MIB-II. (Host Name) system. sysName System Location MIB-II. Read/write String (size(0-255)) system.
Page 50: Setting The Ip Address
3.2.2 Setting the IP Address By default, the switch searches for its IP address, default gateway, and netmask using DHCP. You can manually configure a specific IP address or direct the device to obtain an address from a BOOTP or DHCP server. Valid IP addresses consist of four decimal numbers, 0 to 255, separated by periods.
Page 51: Manual Configuration
Text / Hex – Indicates whether the client ID has been entered as a text string (1-15 characters) or as a hexidecimal value. The data type used will depend on the requirements of your DHCP server. Note – The Client ID specified in this menu will be overwritten by the SC the next time the system, or the switch itself, is rebooted.
Page 52 ⇒ Open Switch Setup Network Identity Window FIGURE 3-5 Note – If you receive an error message saying that the data you have entered is invalid, confirm that you have specified each of the IP addresses correctly. 3-14 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 53 Command-line Interface: Specifying the Management VLAN and IP Details Specify the management interface, IP address, and default gateway: Console#config Console(config)#interface vlan 2 Console(config-if)#ip address 10.1.0.2 255.255.255.0 Console(config-if)#exit Console(config)#ip default-gateway 10.1.0.254 Console(config)# MIB Variables: Specifying the Management VLAN and IP Details MIB Variables for Specifying the Management VLAND and IP Details TABLE 3-4 Field Name...
Page 54: Using Dhcp/Bootp
3.2.2.2 Using DHCP/BOOTP By default, the switch uses DHCP/BOOTP services to find its IP configuration information. Web Interface: Using Dynamic IP Configuration Services ⇒ 1. Open Switch Setup Network Identity. 2. Specify the management VLAN interface. 3. Specify the IP Address Mode by selecting DHCP or BOOTP. By default, the System Controller in the chassis provides a client identifier to the switch.
Page 55 If the address assigned by DHCP is no longer functioning, you will not be able to renew the IP settings through the web interface. You can only restart the DHCP service through the web interface if the current address is still valid. Note –...
Page 56: Displaying Switch Software Versions
MIB variables: Using Dynamic IP Configuration Services MIB Variables Associated With Dynamic IP Configuration Services TABLE 3-5 Field Name MIB Variable Access Value Range Default Value Management Read/write Integer (1-4094) sun... VLAN switchMgt. switchManagementVlan IP Address Mode sun... Read/write user (1), dchp bootp (2), vlanMgt.
Page 57: Comand-Line Interface: Displaying Switch Software Version Information
⇒ Open Switch Setup Software Window (showing version information) FIGURE 3-7 3.2.3.2 Comand-line Interface: Displaying Switch Software Version Information Use the following command to display version information: Console#show version Unit1 Serial number Service tag Hardware version :R0B Number of ports Main power status Redundant power status :not present Agent(master)
Page 58: Mib Variables Associated With Software Version Information
3.2.3.3 MIB Variables Associated With Software Version Information MIB Versions Associated With Software Version Information TABLE 3-6 Field Name MIB Variable Access Value Range Default Value Switch Serial Read only Display string SUN. Number (size (0..80)) switchMgt. switchInfoTable. switchInfoEntry. swSerialNumber Switch Read only Display string...
Page 59: Managing Firmware
3.2.4 Managing Firmware You can upload and download firmware to and from a TFTP server. By saving runtime code to a file on a TFTP server, that file can later be downloaded to the switch to restore operation. You can also set the switch to use new firmware without overwriting the previous version.
Page 60 ⇒ The Switch Status Software Window (for downloading firmware) FIGURE 3-8 Note – If you receive an error message saying that the data you have entered is invalid, you might have typed an incorrect IP address or an incorrect file name, or you not might have the correct access permissions for TFTP transfer.
Page 61 3. Type the source and destination file names. 4. Set the new file to start up the system. 5. Restart the switch. Console#copy tftp file TFTP server ip address: 10.1.0.99 Choose file type: 1. config: 2. opcode: <1-2>: 2 Source file name: v10.bix Destination file name: V10000 \Write to FLASH Programming.
Page 62 MIB Variables Associated With Downloading Firmware (Continued) TABLE 3-7 Field Name MIB Variable Access Value Range TFTP Read/write String (size (0-127)) sun... Destination tftpMgt. File Name tftpDestFile TFTP Action Read/write notDownloading (1), sun... downloadToPROM (2), tftpMgt. downloadToRAM (3) (not tftpAction supported) upload (4) TFTP Status...
Page 63: Saving Or Restoring Configuration Settings
3.2.5 Saving or Restoring Configuration Settings You can upload and download configuration settings to and from a TFTP server. The configuration file can later be downloaded to restore the switch’s settings. When downloading configuration files, note the following points: The destination file name should not contain slashes (\ or /). The leading character of the file name should not be a period (.).
Page 64 The Switch Setup ⇒ Software Window (for downloading a configuration file) FIGURE 3-10 If you download to a new file name, select the new file from the pull-down menu and click Save. To use the new settings, reboot the system by clicking Save and Restart.
Page 65 4. Restart the switch. Console#copy tftp startup-config TFTP server ip address: 192.168.1.19 Source configuration file name: startup2.0 Startup configuration file name [startup] : startup2.0 \Write to FLASH Programming. -Write to FLASH finish. Success. Console#reload System will be restarted, continue <y/n>?y If you download the startup configuration file under a new file name, you can set this file as the startup file at a later time, and then restart the switch.
Page 66: Configuring User Authentication
MIB Variables Associated With Downloading Configuration Settings TABLE 3-8 Field Name MIB Variable Access Value Range TFTP Status Read/write tftpSuccess (1), sun... tftpStatusUnknown (2), tftpMgt. tfttpGeneralError (3), tftpStatus tftpNoResponseFromServer (4), tftpDownloadChecksumError (5), tftpDownloadIncompatibleImage (6), tftpTftpFileNotFound(7), tftpTftpAccessViolation(8) Restart Read/write Display string (size (0-127)) sun...
Page 67 RADIUS-aware or TACACS+-aware devices on the network. An authentication server contains a database of multiple user name/password pairs with associated privilege levels for each user that requires management access to a switch. Note – When setting up privilege levels on a RADIUS or TACACS+ server, remember that level 0 allows guest (Normal Exec) access to the switch.
Page 68: Web Interface: Configuring User Authentication
Timeout for reply – Number of seconds (between 1 and 65,535) the switch waits for a reply before resending a request. The default is 5. Local Access Authentication User Account – The name (between 1 and 8 characters) of the user. The maximum number of users is 5.
Page 69 The Switch Config ⇒ Security Window for Use With Authentication Servers FIGURE 3-12 To configure authentication parameters for local access: 1. Type a user name. 2. Select an access level, Normal or Privileged. 3. Type a password. 4. Click Add. Chapter 3 General Management of the Switch 3-31...
Page 70: Command-Line Interface: Configuring User Authentication
The Switch Config ⇒ Security Window Showing Locally Stored Logins FIGURE 3-13 3.2.6.2 Command-line Interface: Configuring User Authentication 1. Assign a user name and access level. Type 0 for Normal access and 15 for Privileged access. 2. Specify the password. 3.
Page 71: Mib Variables Associated With User Authentication
3.2.6.3 MIB variables Associated With User Authentication MIB Variables Associated With User Authentication TABLE 3-9 Default Field Name MIB Variable Access Value Range Value User Name Not Defined Password Not Defined Access Level Not Defined Authenticatio Not Defined n Sequence RADIUS Read/write IP address...
Page 72: Configuring Snmp Access
Equipment commonly managed with SNMP includes switches, routers, and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performance or detect potential problems. The blade system chassis switch includes an on-board SNMP agent that continuously monitors the status of its hardware and the traffic passing through its ports.
Page 73 The Switch Config ⇒ Communication Window for Adding and Removing FIGURE 3-14 Community Strings Command-line Interface: Adding and Removing Community Strings The following example adds the string blueberry with read/write access. Console(config)#snmp-server community blueberry rw Console(config)# MIB Variables Associated With Community Strings Note –...
Page 74: Specifying Trap Managers And Trap Types
3.2.7.2 Specifying Trap Managers and Trap Types Traps indicating status changes are issued by the switch to specified trap managers. You must specify trap managers so that key events are reported by this switch to your management station (using network management platforms such as Soltice Domain Manager).
Page 75 The Switch Config ⇒ Communication Window Listing the Stations That FIGURE 3-15 Receive Traps From the Switch Command-line Interface: Specifying Trap Management Stations This example adds a trap manager and enables link-up-down and authentication traps. Console(config)#snmp-server host 10.1.0.19 private version 1 Console(config)#snmp-server enable traps link-up-down Console(config)#snmp-server enable traps authentication Chapter 3 General Management of the Switch...
Page 76 MIB Variables Associated With Trap Management MIB Variables Associated With Trap Management TABLE 3-10 Default Field Name MIB Variable Access Value Range Value Trap No access IP address sun... Destination trapDestMgt. Address trapDestTable. trapDestEntry. trapDestAddress Trap Read/create String sun... Destination (size (0-127)) trapDestMgt.
Page 77: Configuring Global Network Protocols
Configuring Global Network Protocols This section describes how to configure global switch settings for virtual LANs, multicast service, Spanning Tree Algorithm, handling data based on specific class-of- service requirements, and displaying the address table or setting static addresses. 3.3.1 VLAN Configuration In conventional networks with routers, broadcast traffic is split up into separate domains.
Page 78 the connection supports VLANs. Then assign ports on the other VLAN-aware network devices along the path that will carry this traffic to the same VLAN(s), either manually or dynamically using GVRP. However, if you want a port on this switch to participate in one or more VLANs, but none of the intermediate network devices nor the host at the other end of the connection supports VLANs, then you should add this port to the VLAN as an untagged port.
Page 79: Displaying Basic Vlan Information
page 3-114.) You should also determine security boundaries in the network and disable GVRP on end-station ports where you need to prevent advertisements from being propagated, or forbid ports from joining restricted VLANs. Note – If you have host devices that do not support GVRP, you must configure static VLANs for the switch ports connected to these devices (as described in “Adding Static Members to VLANs”...
Page 80 Command-line Interface: Displaying Basic VLAN Information Type the following command: Console#show bridge-ext Max support vlan numbers: 32 Max support vlan ID: 4094 Extended multicast filtering services: No Static entry individual port: Yes VLAN learning: IVL Configurable PVID tagging: Yes Local VLAN capable: Yes Traffic classes: Enabled Global GVRP status: Disabled GMRP: Disabled...
Page 81 MIB Variables Associated With Basic VLAN Information MIB Variables Associated With Basic VLAN Information TABLE 3-11 Default Field Name MIB Variable Access Value Range Value VLAN Read only version1 (1) version1 MIB-II. Version dot1dBridge. Number qBridgeMIB. qBridgeMIBObjects dot1qBase. dot1qVlanVersion- Number Maximum Read only Integer...
Page 82 MIB Variables Associated With Basic VLAN Information (Continued) TABLE 3-11 Default Field Name MIB Variable Access Value Range Value Traffic MIB-II. Read/ true (1), true Classes dot1dBridge. write false (2) Enabled pBridgeMIB. pBridgeMIBObjects. dot1dExtBase. dot1dTrafficClasses- Enabled GMRP Status MIB-II. Read/ enabled (1), disabled dot1dBridge.
Page 83: Enabling Or Disabling Gvrp (Global Setting)
3.3.1.2 Enabling or Disabling GVRP (Global Setting) GARP VLAN Registration Protocol (GVRP) defines a way for switches to exchange VLAN information in order to register VLAN members on ports across the network. VLANs are dynamically configured based on join messages issued by host devices and propagated throughout the network.
Page 84: Configuring Vlans
MIB Variables Associated With GVRP MIB Variables Associated With GVRP TABLE 3-12 Default Field Name MIB Variable Access Value Range Value GVRP Status Read/write enabled (1), disabled MIB-II. disabled (2) dot1dBridge. qBridgeMIB. qBridgeMIBObjects dot1qBase. dot1qGvrpStatus 3.3.1.3 Configuring VLANs When configuring VLANs using the web interface or CLI, the following parameters are displayed or can be configured: ID –...
Page 85 2. Click Enable, Disable or Remove. To add interfaces to a VLAN: 1. Select an entry. 2. Click Membership. (See “Adding Static Members to VLANs” on page 3-50.) The Switch Config ⇒ VLANs Window With the Default VLAN Configuration FIGURE 3-17 Displayed Chapter 3 General Management of the Switch 3-47...
Page 86 Command-line Interface: VLAN Configuration The following sample commands create a new VLAN and display all VLAN information: Console(config)#vlan database Console(config-vlan)#vlan 3 name R&D media ethernet state active Console(config-vlan)# Console#show vlan VLAN Type Name Status Ports/Channel groups ---- ------- ---------------- --------- ---------------------------------------- Static DefaultVlan Active...
Page 87 MIB Variables Associated With VLAN Configuration MIB Variables Associated With VLAN Configuration TABLE 3-13 Default Field Name MIB Variable Access Value Range Value VLAN ID No access Integer MIB- II.dot1dBridge. qBridgeMIB. qBridgeMIBObjects dot1qVlan. dot1qVlanCurrentT able. dot1qVlanCurrentE ntry. dot1qVlanIndex VLAN Name Read/ Octet string MIB-...
Page 88: Adding Static Members To Vlans
MIB Variables Associated With VLAN Configuration (Continued) TABLE 3-13 Default Field Name MIB Variable Access Value Range Value VLAN Type Read only other(1), MIB- permanent(2), II.dot1dBridge. dynamicGvrp(3) qBridgeMIB. qBridgeMIBObjects dot1qVlan. dot1qVlanCurrentT able. dot1qVlanCurrentE ntry. dot1qVlanStatus VLAN Ports Read only Octet string MIB- (port list) II.dot1dBridge.
Page 89 Add Tagged: The interface is a member of the VLAN. All packets transmitted by the port on this VLAN will be tagged, that is, carry a tag and therefore carry VLAN or COS information. Add Untagged: The interface is a member of the VLAN. All packets transmitted by the port will be untagged, that is, not carry a tag and therefore not carry VLAN or COS information.
Page 90 The Switch Config ⇒ VLANs Window FIGURE 3-18 Command-line Interface: Adding Ports Manually to a VLAN The following example adds two ports to VLAN 3 (named R&D), forbids server blade port SNP13 from joining the VLAN dynamically (using GVRP), and finally displays the VLAN’s membership: Console(config)#interface ethernet NETP1 Console(config-if)#switchport allowed vlan add 3 tagged...
Page 91 MIB Variables Associated With Adding Ports to a VLAN MIB Variables Associated With Adding Ports to a VLAN TABLE 3-14 Field Name MIB Variable Access Value Range Default Value VLAN ID Index MIB-II. dot1dBridge. qBridgeMIB. qBridgeMIBObjects. dot1qVlan. dot1qVlanStaticTable. dot1qVlanStaticEntry. dot1qVlanIndex VLAN Name Read/create Octet string MIB-II.
Page 92: Multicast Configuration
MIB Variables Associated With Adding Ports to a VLAN (Continued) TABLE 3-14 Field Name MIB Variable Access Value Range Default Value VLAN Read/create Octet string MIB-II. Forbidden Ports (port list) dot1dBridge. qBridgeMIB. qBridgeMIBObjects. dot1qVlan. dot1qPortVlanTable. dot1qPortVlanEntry. dot1qVlanForbidden- EgressPorts Port Trunk Index Read only Integer sun...
Page 93: Configuring Igmp Snooping Parameters
The purpose of IP multicast filtering is to optimize a switched network’s performance, so that multicast packets will only be forwarded to those ports containing multicast group hosts or multicast routers/switches, instead of flooding traffic to all ports in the subnet (VLAN). 3.3.2.1 Configuring IGMP Snooping Parameters You can configure the switch to forward multicast traffic intelligently.
Page 94 Query Interval – The frequency (between 60 and 125 seconds) at which the switch sends IGMP host-query messages. The default is 125 seconds. Query Report Delay – The time (between 5 and 25 seconds) between receiving an IGMP Report for an IP multicast address on a port before the switch sends an IGMP Query out of that port and removes the entry from its list.
Page 95 The Switch Config ⇒ Broadcast & Multicast Window FIGURE 3-19 Chapter 3 General Management of the Switch 3-57...
Page 96: Current Status
Command-line Interface: Configuring IGMP Snooping Parameters This example modifies the settings for multicast filtering, and then displays the current status. Console(config)#ip igmp snooping Console(config)#ip igmp snooping querier Console(config)#ip igmp snooping query-count 10 Console(config)#ip igmp snooping query-interval 100 Console(config)#ip igmp snooping query-max-response-time 20 Console(config)#ip igmp router-port-expire-time 300 Console(config)#ip igmp snooping version 2 Console(config)#exit...
Page 97: Specifying Interfaces Connected To Multicast Routers
MIB Variables Associated With IGMP Parameters MIB Variables Associated With IGMP Parameters TABLE 3-15 Field Name MIB Variable Access Value Range Default Value Snooping Read/write enabled (1), enabled sun... Status disabled (2) igmpSnoopMgt. igmpSnoopStatus Snooping Read/write enabled (1), enabled sun... Querier disabled (2) igmpSnoopMgt.
Page 98 When specifying interfaces connected to multicast routers through the web interface or CLI, the following parameters are displayed or can be configured: All known ports in VLAN connected to multicast routers: VLAN – The VLAN on the switch. (The pull-down menu includes the VLAN ID and name.) Interface –...
Page 99 The Switch Config ⇒ Broadcast & Multicast Window (Multicast Router Ports FIGURE 3-20 selected) Chapter 3 General Management of the Switch 3-61...
Page 100 Command-line Interface: Specifying Interfaces Connected to Multicast Routers The following example configures port NETP0 as a multicast router port within VLAN 1 and then displays a confirmation of this configuration: Console(config)#ip igmp snooping vlan 1 mrouter ethernet NETP0 Console(config)#exit Console#show ip igmp snooping mrouter vlan 1 VLAN M'cast Router Port Type ---- ------------------ ------- NETP0 Static...
Page 101 MIB Variables Associated With Interfaces Connected to Multicast Routers TABLE 3-16 Field Name MIB Variable Access Value Range Snooping Read/create Octet string sun... Multicast Router (port list) igmpSnoopMgt. Static Ports igmpSnoopRouterStaticTable. igmpSnoopRouterStaticEntry. igmpSnoopRouterStaticPorts Snooping Read/create valid(1), sun... Multicast Router invalid(2) igmpSnoopMgt.
Page 102: Configuring Multicast Services
3.3.2.3 Configuring Multicast Services Multicast filtering can be dynamically configured using IGMP Snooping and IGMP Query messages as described in “Configuring IGMP Snooping Parameters” on page 3-55. For certain applications that require tighter control, you might need to manually assign a multicast service to a specific interface. First add all the ports connected to participating hosts to a common VLAN, and then assign the multicast service to that VLAN group.
Page 103 2. Type the IP address for the multicast service in the text field. 3. Click Add. The Switch Config ⇒ Broadcast & Multicast Window (Multicast Services FIGURE 3-21 selected) Note – If you receive an error message saying that the data you have entered is invalid, check that you have specified each of the IP addresses correctly.
Page 104 Command-line Interface: Configuring Multicast Services The following example assigns a multicast address to port NETP0 and then displays all the known multicast services supported on VLAN 1. Console(config)#ip igmp snooping vlan 1 static 224.0.0.12 ethernet NETP0 Console(config)#exit Console#show mac-address-table multicast vlan 1 VLAN M'cast IP addr.
Page 105: Broadcast Storm Control (Global Setting)
3.3.3 Broadcast Storm Control (Global Setting) Broadcast storms can occur when a device on your network is malfunctioning, or if application programs are not well designed or properly configured. If there is too much broadcast traffic on your network, performance can be severely degraded or everything can come to a complete halt.
Page 106: Command-Line Interface: Using Broadcast Storm Control
The Switch Config ⇒ Broadcast & Multicast Window (Broadcast Storms FIGURE 3-22 selected) 3.3.3.2 Command-line Interface: Using Broadcast Storm Control The following example shows how to set the broadcast threshold to 64 packets per second. 3-68 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 107: The Switch
Note – Note that the switchport broadcast command enables broadcast storm control on the specified interface and sets the broadcast threshold for every interface on the switch. Console(config)#interface ethernet NETP7 Console(config-if)#switchport broadcast packet-rate 64 Console(config-if)#end Console#show interfaces status ethernet NETP7 Information of NETP7 Basic information: Port type: 1000T...
Page 108: Spanning Tree Algorithm Configuration
3.3.4 Spanning Tree Algorithm Configuration The Spanning Tree Algorithm (STA) can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices (that is, an STA-compliant switch, bridge or router) in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link fails.
Page 109 The following global STA paramters are fixed and cannot be changed: Bridge ID – The priority and MAC address of the switch. Designated Root – The priority and MAC address of the device in the spanning tree that the switch has accepted as the root device. Root Port –...
Page 110 Maximum Age – The maximum time (in seconds) the switch can wait without receiving a configuration message before attempting to reconfigure. All switch ports (except for designated ports) receive configuration messages at regular intervals. Any port that ages out the STA information provided in the last configuration message it received becomes the designated port for the connected LAN.
Page 111 The Switch Config ⇒ Spanning Tree ⇒ Basic Configuration Window FIGURE 3-23 Note – If you receive an error saying that the data you have entered is invalid, check that the values you have given for Priority, Hello Time, Maximum Age, and Forward Delay are within the specified ranges for these parameters.
Page 112 Command-line Interface: Configuring Basic STA Settings The following command displays global STA settings, followed by settings for each port. Console#show spanning-tree Spanning-tree information -------------------------------------------------------------- Spanning tree mode :RSTP Spanning tree enable/disable :enable Priority :32768 Bridge Hello Time (sec.) Bridge Max Age (sec.) Bridge Forward Delay (sec.) Root Hello Time (sec.) Root Max Age (sec.)
Page 113 MIB Variables Associated With Basic STA Settings MIB Variables Associated With Basic STA Settings TABLE 3-19 Field Name MIB Variable Access Value Range Default Value STA System Read/write enabled (1), enabled sun...staMgt. Status disabled (2) staSystemStatus STA Protocol Read/write stp (1), rstp sun...staMgt.
Page 114: Configuring Advanced Sta Settings
MIB Variables Associated With Basic STA Settings (Continued) TABLE 3-19 Field Name MIB Variable Access Value Range Default Value Bridge Read/write Integer 2000 MIB-II. Maximum Age (600-4000) centiseconds dot1dStp. centiseconds dot1dStpBridgeMaxAge Bridge Read/write Integer 1500 MIB-II. Forward Delay (400-3000) centiseconds dot1dStp.
Page 115 The Switch Config ⇒ Spanning Tree ⇒ Advanced Configuration Window FIGURE 3-24 Note – If you receive an error saying that the data you have entered is invalid, check that you have specified a transmission limit within the specified range. Command-line Interface: Configuring Advanced STA Settings This example sets the spanning tree path cost method and transmission limit.
Page 116: Class Of Service Configuration
3.3.5 Class of Service Configuration Class of Service (COS) enables you to specify which data packets have greater precedence when traffic is buffered in the switch due to congestion. The switch supports COS with four priority queues for each port. Data packets in a port’s high- priority queue are transmitted before those in the low-priority queues.
Page 117 The Switch Config ⇒ Class of Service FIGURE 3-25 Command-line Interface: Configuring Class of Service This example assigns a default priority of 5 to port NETP1. Console(config)#interface ethernet NETP1 Console(config-if)#switchport priority default 5 Console#show interfaces switchport ethernet NETP1 Information of NETP1 Broadcast threshold: Enabled, 256 packets/second Lacp status: Disabled VLAN membership mode: Hybrid...
Page 118: Mapping Cos Values To Egress Queues
MIB Variables Associated With Class of Service MIB Variables Associated With Class of Service TABLE 3-21 Field Name MIB Variable Access Value Range Default Value Port Default Read/write Integer (0-7) MIB-II. User Priority dot1dBridge. pBridgeMIB. pBridgeMIBObjects. dot1dPriority. dot1dPortPriorityTable. dot1dPortPriorityEntry. dot1dPortDefault- UserPriority 3.3.5.2 Mapping COS Values to Egress Queues...
Page 119 The priority levels recommended in the IEEE 802.1p standard for various network applications are shown in the following table. However, you can map the priority levels to the switch’s output queues in any way that benefits application traffic for your own network. IEEE 802.1p Traffic Types TABLE 3-23 Priority Level...
Page 120 The Switch Config ⇒ Class of Service Window for Mapping COS Values to FIGURE 3-26 Traffic Classes Command-line Interface: Mapping COS Values to Traffic Classes The following example shows how to map COS values 0, 1 and 2 to COS priority queue 0, value 3 to COS priority queue 1, values 4 and 5 to COS priority queue 2, and values 6 and 7 to COS priority queue 3: Console(config)#interface ethernet NETP0...
Page 121 MIB Variables Associated With Mapping COS Values to Traffic Queues MIB Variables Associated With Mapping COS Values to Traffic Queues TABLE 3-24 Field Name MIB Variable Access Value Range Default Value Traffic Class Not- Integer (0-7) MIB-II. Priority accessible dot1dBridge. pBridgeMIB.
Page 122: Setting The Service Weight For Traffic Classes
3.3.5.3 Setting the Service Weight for Traffic Classes This switch uses the Weighted Round Robin (WRR) algorithm to determine the frequency at which it services each priority queue. As described in “Mapping COS Values to Egress Queues” on page 3-80, the traffic classes are mapped to one of the four egress queues provided for each port.
Page 123: Mapping Layer 3/4 Priorities To Cos Values
Command-line Interface: Setting the Service Weight for Traffic Classes The following example shows how to assign WRR weights of 1, 4, 16, and 64 to the COS priority queues 0, 1, 2 and 3. Console(config)#queue bandwidth 1 4 16 64 Console(config)#exit Console#show queue bandwidth Queue ID Weight...
Page 124 The precedence for priority mapping is IP Precedence or DSCP Priority, and then Default Port Priority. IP Precedence and DSCP Priority cannot both be enabled. Enabling one of these priority types automatically disables the other. When mapping layer 3/4 priorities to COS values through the web interface or CLI, the following parameters can be configured: Enable Priority Services –...
Page 125: Mapping Ip Precedence
To disable layer 3/4 traffic prioritization completely, use the following commands: Console(config)#no map ip precedence Console(config)#no map ip dscp MIB Variables Associated With Traffic Prioritisation MIB Variables Associated With Traffic Prioritization TABLE 3-26 Field Name MIB Variable Access Value Range Default Value IP Precedence/ Read/write disabled (1),...
Page 126 Class of Service Value – The COS value that is mapped to the selected IP Precedence value. Note that “0” represents low priority and “7” represents high priority. Web Interface: Mapping IP Precedence ⇒ ⇒ 1. Open Switch Config Class of Service Layer 3/4 Traffic Prioritisation.
Page 127 Command-line Interface: Mapping IP Precedence The following example maps IP Precedence value 1 to COS value 0 on port SNP5 and then displays all the IP Precedence settings for that port. Console(config)#interface ethernet SNP5 Console(config-if)#map ip precedence 1 cos 0 Console(config-if)#end Console#show map ip precedence ethernet SNP5 Precedence mapping status: disabled...
Page 128: Mapping Dscp Priority
3.3.5.6 Mapping DSCP Priority The DSCP is six bits wide, enabling coding for up to 64 different forwarding behaviors. The DSCP replaces the ToS bits, but it retains backward compatibility with the three precedence bits so that non-DSCP compliant, ToS-enabled devices, will not conflict with the DSCP mapping.
Page 129 The Switch Config ⇒ Class of Service Window for Mapping DSCP to COS FIGURE 3-30 Values Command-line Interface: Mapping DSCP Priority The following example maps DSCP value 0 to COS value 1 on port SNP5 , and then displays all the DSCP Priority settings for that port. Console(config)#interface ethernet SNP5 Console(config-if)#map ip dscp 0 cos 1 Console(config-if)#end...
Page 130: Address Table Settings
MIB Variables Associated With Mapping DSCP to CoS Values MIB Variables Associated With Mapping DSCP to COS Values TABLE 0-1 Field Name MIB Variable Access Value Range Default Value IP DSCP Value Not- Integer (0-63) sun... accessible priorityMgt. prioIpDscpTable. prioIpDscpEntry. prioIpDscpValue IP DSCP CoS Read/write Integer (0-7)
Page 131 Address Type – Whether an address was learned or statically configured. Web Interface: Viewing the Address Tables ⇒ 1. Open Switch Config Address Tables. 2. Specify an interface, VLAN, MAC address, or address type (any combination) for the search criteria. 3.
Page 132: Changing The Aging Time
MIB Variables Associated With the Address Tables MIB Variables Associated With the Address Tables TABLE 3-30 Field Name MIB Variable Access Value Range Interface Read only not learned (0), MIB-II. Port list (1-24) dot1dBridge.dot1dTp. dot1dTpFdbTable.dot1dTpFdbEntry. dot1dTpFdbPort MAC Address Read only MAC address MIB-II.
Page 133 The Switch Config ⇒ Address Tables Window (showing aging time option) FIGURE 3-32 Command-line Interface: Changing the Aging Time This example sets the aging time to 400 seconds. Console(config)#mac-address-table aging-time 400 Console(config)# MIB Variables Associated With Aging Time MIB Variables Associated With Aging Time TABLE 3-31 Field Name MIB Variable...
Page 134: Port Configuration
Port Configuration This section includes configuration menus for the down-link ports, up-link ports, and management port. Most of these menus apply to all port types. However, the management port only supports a few basic menus, and Packet Filtering (page 134) is only provided for the management port. Note –...
Page 135 Auto-negotiation – The configured state of auto-negotiation. Either enabled or disabled. Protect Status – The configured state of broadcast storm control on the interface. To set the threshold value, see “Broadcast Storm Control (Global Setting)” on page 3-67. MAC Address –...
Page 136 The Up Links ⇒ Connections Status Window FIGURE 3-33 3-98 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 137 Command-line Interface: Displaying the Connection Status of a Port This example shows the connection status for Port NETP7. Console#show interfaces status ethernet NETP7 Information of NETP7 Basic information: Port type: 1000T Mac address: 00-00-E8-66-66-83 Configuration: Name: External RJ-45 connector NET7 Port admin: Up Speed-duplex: Auto Capabilities: 10half, 10full, 100half, 100full, 1000full,...
Page 138 MIB Variables Associated With the Connection Status of Ports MIB Variables Associated With the Connection Status of Ports TABLE 3-32 Default Field Name MIB Variable Access Value Range Value Port Type Read only other(1), sun... hundredBaseTX(2), portMgt. hundredBaseFX(3), portTable. thousandBaseSX(4), portEntry.
Page 139 MIB Variables Associated With the Connection Status of Ports (Continued) TABLE 3-32 Default Field Name MIB Variable Access Value Range Value Port Speed Read only error(1), sun... Duplex Status halfDuplex10(2), portMgt. fullDuplex10(3), portTable.portEntry halfDuplex100(4), fullDuplex100(5), portSpeedDpxStatus halfDuplex1000(6), fullDuplex1000(7) Port Read/ Bits{ sun...
Page 140: Configuring Interface Connections
3.4.2 Configuring Interface Connections You can use the Port Setup page to enable/disable an interface, set auto-negotiation and the interface capabilities to advertise, or manually fix the speed, duplex mode, and flow control. When configuring interface connections through the web interface or CLI, the following parameters are displayed or can be configured: Port/s –...
Page 141: Web Interface: Configuring Interface Connections
Note – The integrated switches on the Sun Fire B1600 blade system chassis are each composed of two switch chips linked together. It is only possible to enable flow control between two ports that are on the same switch chip. The ports NETP0, NETP1, NETP4, NETP5, and SNP8 through SNP15 are on one switch chip.
Page 142 The Up Links ⇒ Status Window (showing attribues of NETP0) FIGURE 3-34 3-104 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 143: Command-Line Interface: Configuring Interface Connections
3.4.2.2 Command-line Interface: Configuring Interface Connections Select the interface, and then enter the required settings. Console#Console(config)#interface ethernet NETP1 Console(config-if)#description RD SW#17 Console(config-if)#shutdown Console(config-if)#no shutdown Console(config-if)#negotiation Console(config-if)#capabilities 1000full Console(config-if)#capabilities 1000full Console(config-if)#capabilities flowcontrol Console(config-if)#no negotiation Console(config-if)#speed-duplex 100half Console(config-if)#flowcontrol Console(config-if)# 3.4.2.3 MIB Variables Inspecting or Configuring Interface Connections MIB Variables for Interface Connections TABLE 3-33...
Page 144 MIB Variables for Interface Connections (Continued) TABLE 3-33 Default Field Name MIB Variable Access Value Range Value Port Read/write Bits{ sun... Capabilities portCap10half (0), portMgt. portCap10full (1), portTable.portEnt portCap100half (2), portCap100full (3), portCapabilities portCap1000half (4), portCap1000full (5), reserved6-13 (6-13), portCapSym (14), portCapFlowCtrl (15)} Port Speed...
Page 145: Configuring Aggregated Links
3.4.3 Configuring Aggregated Links You can create multiple links between devices that work as one virtual, aggregate link. An aggregated link offers a dramatic increase in bandwidth for network segments where bottlenecks exist, as well as providing a fault-tolerant link between two devices.
Page 146: Dynamically Configuring An Aggregated Link With Lacp
3.4.3.1 Dynamically Configuring an Aggregated Link with LACP Web Interface: Dynamic Aggregated Links (LACP) ⇒ 1. Click Up Links/Down Links Link Aggregation. 2. Locate the required port in the Link Aggregation table. 3. Click Enable LACP or Disable LACP. Note – The action buttons take immediate effect. To avoid creating a loop in the network, be sure you enable LACP before connecting the ports, and also disconnect the ports before disabling LACP.
Page 147 Command-line Interface: Dynamic Aggregated Links (LACP) The following example enables LACP for ports NETP0 and NETP1. These ports can be connected to two LACP-enabled ports on another switch to form an aggregated link. Console(config)#interface ethernet NETP0 Console(config-if)#lacp Console(config-if)#exit Console(config)#interface ethernet NETP1 Console(config-if)#lacp Console(config-if)#end Console#show interfaces status port-channel 1...
Page 148 MIB Variables Associated With Dynamic Aggregated Links MIB Variables Associated With Dynamic Aggregated Links TABLE 3-34 Default Field Name MIB Variable Access Value Range Value Trunk Maximum Read only Integer sun... trunkMgt. trunkMaxId Trunk Valid Read only Integer (1-6) sun... Number trunkMgt.
Page 149: Statically Configuring An Aggregated Link
3.4.3.2 Statically Configuring an Aggregated Link Web Interface: Statically Configuring an Aggregated Link ⇒ 1. Click Up Links / Down Links Link Aggregation. 2. Select a trunk from the Select Trunk menu. 3. Select the required port. 4. Click Add or Remove. Note –...
Page 150 Command-line Interface: Statically Configuring an Aggregated Link This example creates port-channel 2 using ports NETP2 and NETP3. These ports can be connected to two ports on another switch to form an aggregated link. Console(config)#interface port-channel 2 Console(config-if)#exit Console(config)#interface ethernet NETP2 Console(config-if)#channel-group 2 Console(config-if)#exit Console(config)#interface ethernet NETP3...
Page 151 MIB Variables Associated With Static Aggregated Links MIB Variables Associated With Static Aggregated Links TABLE 3-35 Default Field Name MIB Variable Access Value Range Value Trunk Maximum Read only Integer sun... trunkMgt.trunkMaxId Trunk Valid Read only Integer (1-6) sun... Number trunkMgt.
Page 152: Configuring Vlan Behavior For Interfaces
3.4.4 Configuring VLAN Behavior for Interfaces You can configure VLAN behavior for specific interfaces, including default VLAN identifier (PVID), accepted frame types, ingress filtering, GARP VLAN Registration Protocol (GVRP) status, and Group Address Registration Protocol (GARP) timers. Note the following points about GVRP and GARP: GVRP –...
Page 153: Web Interface: Configuring Vlan Behavior For Interfaces
Ingress filtering only affects tagged frames. If ingress filtering is disabled, the interface accepts any VLAN-tagged frame if the tag matches a VLAN known on the switch (except for those VLANs explicitly forbidden on the port). If ingress filtering is enabled, the interface discards incoming frames tagged for VLANs that do not include the ingress port in their member set.
Page 154 2. Modify the required settings for each interface. 3. Click Save. The Up Links ⇒ VLANs Window FIGURE 3-37 3-116 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 155: Command-Line Interface: Configuring Vlan Behavior For Interfaces
Scroll down to the VLAN membership table, and configure the VLANs required for the selected interface. The Up Links ⇒ VLANs Window (cont’d) FIGURE 3-38 3.4.4.2 Command-line Interface: Configuring VLAN Behavior for Interfaces This example sets port NETP4 to accept only tagged frames, assigns PVID 4 as the native VLAN ID, enables GVRP, sets the GARP timers, and then sets the switchport mode to hybrid.
Page 156: Mib Variables Associated With Vlan Behavior Of Interfaces
3.4.4.3 MIB Variables Associated With VLAN Behavior of Interfaces MIB Variables Associated With VLAN Behavior of Interfaces TABLE 3-36 Field Name MIB Variable Access Value Range Default Value Port PVID Read/write Integer (1-4094) MIB-II. dot1dBridge. qBridgeMIB. qBridgeMIBObjects. dot1qVlan. dot1qPortVlanTable dot1qPortVlanEntry dot1qPvid Port Read/write...
Page 157 MIB Variables Associated With VLAN Behavior of Interfaces (Continued) TABLE 3-36 Field Name MIB Variable Access Value Range Default Value Port GVRP Read/write enabled (1), disabled MIB-II. Status disabled (2) dot1dBridge. qBridgeMIB. qBridgeMIBObjects. dot1qVlan. dot1qPortVlanTable dot1qPortVlanEntry dot1qPortGVRPStatu GARP Join Read/write Integer (20- MIB-II.
Page 158 MIB Variables Associated With VLAN Behavior of Interfaces (Continued) TABLE 3-36 Field Name MIB Variable Access Value Range Default Value VLAN Static Read/ Octet string MIB-II. Name create (size (0-32)) dot1dBridge. qBridgeMIB. qBridgeMIBObjects. dot1qVlan. dot1qVlanStaticTab dot1qVlanStaticEnt dot1qVlanStaticNam VLAN Static Read/ enable (1), MIB-II.
Page 159: Configuring Static Addresses
3.4.5 Configuring Static Addresses You can use address filtering to set static addresses that are bound to a specific port and VLAN, or to enable port security that restricts all inbound traffic to the entries currently listed in the address table (including either dynamic or static addresses). Note the following points about static addresses and port security: Setting Static Addresses –...
Page 160: Web Interface: Configuring Static Addresses
Duration – The address can be set to the following type: Permanent – The assignment is permanent, and restored after the switch is reset. Delete on Reset – The assignment lasts until the switch is reset. 3.4.5.1 Web Interface: Configuring Static Addresses ⇒...
Page 161: Command-Line Interface: Configuring Static Addresses
3.4.5.2 Command-line Interface: Configuring Static Addresses This example adds the same items to the static address table: Console(config)#interface ethernet NETP4 Console(config-if)#port security Console(config-if)exit Console(config)#mac-address-table static 00-80-c8-00-00-01 interface ethernet NETP4 vlan 1 permanent Console(config)#mac-address-table static 00-80-c8-00-00-02 interface ethernet NETP4 vlan 1 delete-on-reset Console(config)#exit Console#show mac-address-table ethernet NETP4 Interface...
Page 162 MIB Variables Associated With Static Addresses (Continued) TABLE 3-37 Default Field Name MIB Variable Access Value Range Value VLAN Index Index Integer MIB-II. dot1dBridge. qBridgeMIB. qBridgeMIBObjects dot1qVlan. dot1qVlanStaticTa ble. dot1qVlanStaticEn try. dot1qVlanIndex Static Address Read/write MAC address MIB-II. dot1dBridge. dot1dStatic. dot1dStaticTable.
Page 163: Managing Interfaces For Spanning Tree Algorithm
3.4.6 Managing Interfaces for Spanning Tree Algorithm You can configure RSTP attributes for specific interfaces, including port priority, path cost, link type, and edge port. You can use a different priority or path cost for ports of same media type to indicate the preferred path, link type to indicate a point- to-point connection or shared-media connection, and edge port to indicate if the connected device can support fast forwarding.
Page 164 Link Type (Admin Link type ) – The link type connected to the interface. Point-to-Point – A connection to exactly one other bridge. Shared – A connection to two or more bridges. Auto – The switch automatically determines if the interface is connected to a point-to-point link or to shared media.
Page 165 The Up Links ⇒ Spanning Tree Window FIGURE 3-40 Command-line Interface: Displaying the Current Interface Settings for This example shows the STA attributes for port NETP4: Console#show spanning-tree ethernet NETP4 SNP0 information -------------------------------------------------------------- Admin status : enable Role : designate State : forwarding Path cost...
Page 166 MIB Variables Associated With a Port’s STA Settings MIB Variables Associated With a Port’s STA Settings TABLE 3-38 Default Field Name MIB Variable Access Value Range Value Port Index Interger (1-25) sun...xstMgt. mstInstancePortTable. mstInstancePortEntry STA Port State Read only discarding (1), sun...xstMgt.
Page 167: Configuring Interface Settings For Sta
MIB Variables Associated With a Port’s STA Settings (Continued) TABLE 3-38 Default Field Name MIB Variable Access Value Range Value STA Port Enable Read/write enabled (1), enabled sun...mstMgt. (Admin status) disabled (2) mstInstancePortTable. mstInstancePortEntry. mstInstancePortEnable STA Port Role Read only disabled (1), sun...mstMgt.
Page 168 The default values for Ethernet connections are 2,000,000 (half duplex), 1,000,000 (full duplex), and 500,000 (aggregated link). The default values for Fast Ethernet connections are 200,000 (half duplex), 100,000 (full duplex), and 50,000 (aggregated link). The default values for Gigabit Ethernet connections are 10,000 (full duplex) and 5000 (aggregated link).
Page 169 The Up Links ⇒ Spanning Tree Window for NETP4 FIGURE 3-41 Command-line Interface: Configuring STA Settings for a Port This example sets STP attributes for port NETP5. Console(config)#interface ethernet NETP5 Console(config-if)#spanning-tree port-priority 128 Console(config-if)#spanning-tree cost 19 Console(config-if)#spanning-tree link-type auto Console(config-if)#no spanning-tree edge-port Chapter 3 General Management of the Switch 3-131...
Page 170: Checking The Sta Protocol Status For Interfaces
MIB Variables for Configuring a Port’s STA Settings MIB Variables for Configuring a Port’s STA Settings TABLE 3-39 Default Field Name MIB Variable Access Value Range Value STA Port Read/write Integer (0-240) sun...mstMgt. Priority mstInstancePortTable. mstInstancePortEntry. mstInstancePortPriority STA Port Path Read/write Integer page...
Page 171 The Up Links ⇒ Spanning Tree Window (showing STA status) FIGURE 3-42 Command-line Interface: Checking the STA Protocol Status for an Interface This example uses the protocol migration command to verify the spanning tree message type (RSTP or STP-compatible) to send on this interface. Console(config)interface ethernet NETP4 Console(config-if)#spanning-tree protocol-migration Console(config-if)#...
Page 172: Filtering Traffic From The Down Link Ports To The Management Port
3.4.7 Filtering Traffic From the Down Link Ports to the Management Port You can configure the packet filtering to prevent specified IP traffic from reaching the internal management port (NETMGT) from the down-link ports. Note – Traffic is not allowed between up-link ports and the management port. The system default is to stop all IP packets from passing from the down-link ports to the management port (NETMGT).
Page 173: Web Interface: Filtering Traffic To The Management Port
Source – The frame’s TCP/UDP source address, netmask, and port range (between 0 and 65,535). Destination – The frame’s TCP/UDP destination address, netmask, and port range (between 0 and 65,535). Fragment – The rule will only match packets with the More Fragments (MF) bit set or with a fragment offset greater than zero.
Page 174: Command-Line Interface: Filtering Traffic To The Management Port
3.4.7.2 Command-line Interface: Filtering Traffic to the Management Port The following example allows all packets to pass through the filter by permitting any protocol type, and using a null address and network mask for both the source address and destination address. For a full list of examples, refer to Section 4.3.7.8, “ip filter”...
Page 175: Mib Variables Associated With Filtering Traffic To The Management Port
3.4.7.3 MIB Variables Associated With Filtering Traffic to the Management Port MIB Variables Associated With Filtering Traffic to the Management TABLE 3-41 Port Default Field Name MIB Variable Access Value Range Value Index No access Integer sun... (1-128) securityMgt. packetFilterUnitMgt. pfuRuleTable.
Page 176 MIB Variables Associated With Filtering Traffic to the Management TABLE 3-41 Port (Continued) Default Field Name MIB Variable Access Value Range Value Destination Read/create Integer sun... IP Port (1-65536) securityMgt. Range packetFilterUnitMgt. pfuRuleTable. pfuRuleEntry. pfuRuleDstPortRange1 & pfuRuleDstPortRange2 TCP Code Read/create Integer (0-63) sun...
Page 177: Monitoring Port And Management Traffic
Monitoring Port and Management Traffic This section describes switch monitoring functions, including those used to mirror traffic to a monitor port for analysis, display detailed network statistics for any port, or display key statistics on SNMP traffic passing through the management port. Note –...
Page 178: Command-Line Interface: Configuring Port Mirroring
The Monitoring ⇒ Port Mirroring Window FIGURE 3-44 3.5.1.2 Command-line Interface: Configuring Port Mirroring Use the interface command to select the monitor port, then use the port monitor command to specify the source port. Note that default mirroring under the CLI is for both received and transmitted packets.
Page 179: Mib Variables Associated With Port Mirroring
3.5.1.3 MIB Variables Associated With Port Mirroring MIB Variables Associated With Port Mirroring TABLE 3-42 Field Name MIB Variable Access Value Range Default Value Mirror Source Integer sun... Port accessible mirrorMgt. mirrorTable.mirrorE ntry. mirrorSourcePort Mirror Integer sun... Destination Port accessible mirrorMgt.
Page 180 Note – RMON groups 2, 3 and 9 can only be accessed using SNMP. Traffic Statistics TABLE 3-43 Statistic Description Interface Statistics • Received Octets The total number of octets received on the interface, including framing characters. • Received Unicast Packets The number of subnetwork-unicast packets delivered to a higher-layer protocol.
Page 181 Traffic Statistics (Continued) TABLE 3-43 Statistic Description • Transmit Discarded Packets The number of outbound packets which were chosen to be discarded even though no errors had been detected to prevent their being transmitted. One possible reason for discarding such a packet could be to free up buffer space. •...
Page 182 Traffic Statistics (Continued) TABLE 3-43 Statistic Description RMON Statistics • Drop Events The total number of events in which packets were dropped due to lack of resources. • Jabbers The total number of frames received that were longer than 1518 octets (excluding framing bits, but including FCS octets), and had either an FCS or alignment error.
Page 183: Web Interface: Viewing Port Statistics
3.5.2.1 Web Interface: Viewing Port Statistics ⇒ 1. Open Monitoring Statistics. 2. Select the required interface. 3. Click Select. You can also use the Refresh button at the bottom of the page to update the screen. The Monitoring ⇒ Port Statistics window FIGURE 3-45 Chapter 3 General Management of the Switch 3-145...
Page 184 Scroll down the page to view RMON statistics. The Monitoring ⇒ Port Statistics Window Showing RMON Statistics FIGURE 3-46 3-146 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 185: Command-Line Interface: Viewing Port Statistics
3.5.2.2 Command-line Interface: Viewing Port Statistics This example shows statistics for port SNP13. Console#show interfaces counters ethernet SNP13 Ethernet 13 Iftable stats: Octets input: 868453, Octets output: 3492122 Unicast input: 7315, Unicast output: 6658 Discard input: 0, Discard output: 0 Error input: 0, Error output: 0 Unknown protos input: 0, QLen output: 0 Extended iftable stats:...
Page 186: Mib Variables Associated With Port Statistics
3.5.2.3 MIB Variables Associated With Port Statistics MIB Variables Associated With Port Statistics TABLE 3-44 Field Name MIB Variable Access Range Interface Statistics • In Octets Read Integer MIB-II. only interfaces.ifNumber.ifTable.ifEnt ry.ifInOctets • In Unicast Packets Read Integer MIB-II. only interfaces.ifNumber.ifTable.ifEnt ry.
Page 187 MIB Variables Associated With Port Statistics (Continued) TABLE 3-44 Field Name MIB Variable Access Range • Out Discards Read Integer MIB-II. only interfaces.ifTable.ifEntry.ifOutD iscards • Out Errors Read Integer MIB-II. only interfaces.ifTable.ifEntry.ifOutE rrors Ether-like Statistics • Alignment Errors Read Integer MIB-II.
Page 188 MIB Variables Associated With Port Statistics (Continued) TABLE 3-44 Field Name MIB Variable Access Range • SQE Test Errors Read Integer MIB-II. Only transmission.dot3StatsTable.dot3S tatsEntry. dot3StatsSQETestErrors • Frames Too Long Read Integer MIB-II. only transmission.dot3StatsTable.dot3S tatsEntry. dot3StatsFrameTooLongs • Deferred Read Integer MIB-II.
Page 189 MIB Variables Associated With Port Statistics (Continued) TABLE 3-44 Field Name MIB Variable Access Range • Multicast Packets Read Integer MIB-II. only rmon.statistics.etherStatsTable.e therStatsEntry.etherStatsMulticas tPkts • CRC/Alignment Read Integer MIB-II. Errors only rmon.statistics.etherStatsTable.e therStatsEntry.etherStatsCRCAlign Errors • Undersize Packets Read Integer MIB-II.
Page 190: Showing Snmp Statistics
3.5.3 Showing SNMP Statistics You can display key statistics on SNMP traffic crossing the management port. This information can be used to debug SNMP errors, or to display the overall amount of SNMP traffic processed by the switch, as well as any illegal attempts to access the switch through SNMP.
Page 191: Web Interface: Viewing Snmp Statistics
SNMP Traffic Statistics (Continued) TABLE 3-45 Statistic Description SNMP packets output • SNMP packets output The total number of SNMP messages which were passed from the SNMP protocol entity to the transport service. • Too big errors The total number of SNMP PDUs delivered to the SNMP protocol entity for which the error-status is “tooBig.”...
Page 192 The Monitoring SNMP Statistics Window FIGURE 3-47 3-154 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 193: Command-Line Interface: Viewing Snmp Statistics
3.5.3.2 Command-line Interface: Viewing SNMP Statistics This example shows SNMP statistics for the switch. Console#show snmp SNMP traps: Authentication: enable Link-up-down: enable SNMP communities: 1. private, and the privilege is read/write 2. public, and the privilege is read-only 11 SNMP packets input 0 Bad SNMP version errors 0 Unknown community name 8 Illegal operation for community name supplied...
Page 194: Mib Variables Associated With Snmp Statistics
3.5.3.3 MIB Variables Associated With SNMP Statistics MIB Variables Associated With SNMP Statistics TABLE 3-46 Field Name MIB Variable Access Range SNMP packets input In Packets Read only Integer MIB-II.snmp.snmpInPkts In Bad Versions Read only Integer MIB-II.snmp.snmpInBadVersions In Bad Community Read only Integer MIB-...
Page 195: Web Interface: Configuring Message Logs
Enable Logging – The status of logging of debug or error messages to switch memory. The default is disabled. Logging Level – The error level (between 0 and 7) of system log messages saved to switch memory based on severity. Note that the messages saved include the selected level down to level 0.
Page 196: Command-Line Interface: Configuring Message Logs
The Monitoring ⇒ Logs Window FIGURE 3-48 3.5.4.2 Command-line Interface: Configuring Message Logs This example enables logging, sets the recorded messages for Flash memory to level 3 (that is “errors”), and then shows the log messages stored in Flash. Console(config)#logging on Console(config)#logging history flash 3 Console#show logging flash Syslog logging: Enable...
Page 197: Mib Variables Associated With Message Logs
3.5.4.3 MIB Variables Associated With Message Logs MIB Variables Associated With Message Logs TABLE 3-48 Field Name MIB Variable Access Value Range Default Value Log Status Read/write enabled (1), sun... disabled (2) sysLogMgt. sysLogStatus History Flash Read/write Integer (0-7) sun... Level sysLogMgt.
Page 198 3-160 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 199: Command-Line Reference
C H A P T E R Command-Line Reference This chapter describes how to use the command-line interface (CLI) and includes the following sections: Section 4.1, “Using the Command-Line Interface” on page 4-2 Section 4.2, “Command Groups” on page 4-11 Section 4.3, “Detailed Command Description”...
Page 200: Using The Command-Line Interface
Using the Command-Line Interface 4.1.1 Accessing the CLI When accessing the management interface for the switch over a direct connection to the switch’s console port, or through a Telnet connection, the switch can be managed by entering command keywords and parameters at the prompt. Using the switch's command-line interface (CLI) is very similar to entering commands on a UNIX system.
Page 201: Telnet Connection
4.1.1.2 Telnet Connection Telnet operates over the IP transport protocol. In this environment, your management station and any network device you want to manage over the network must have a valid IP address. Valid IP addresses consist of four numbers, 0 to 255, separated by periods.
Page 202: Entering Commands
After entering the Telnet command, the login screen displays: Username: admin Password: CLI session with the Sun Fire B1600 is opened. To end the CLI session, enter [Exit]. Vty-0# Note – You can open up to four sessions to the switch through Telnet. 4.1.2 Entering Commands This section describes how to enter CLI commands.
Page 203: Minimum Abbreviation
4.1.2.2 Minimum Abbreviation The CLI accepts a minimum number of characters that uniquely identify a command. For example, the command logging history can be entered as logging h. If an entry is ambiguous, the system prompts for further input. 4.1.2.3 Command Completion If you terminate input with a Tab key, the CLI prints the remaining characters of a partial keyword up to the point of ambiguity.
Page 204: Showing Commands
4.1.2.5 Showing Commands If you type a ? at the command prompt, the system displays the first level of keywords for the current command class (Normal Exec or Privileged Exec) or configuration class (Global, Interface, Line, or VLAN Database). You can also display a list of valid keywords for a specific command.
Page 205: Partial Keyword Lookup
4.1.2.6 Partial Keyword Lookup If you terminate a partial keyword with a question mark, alternatives that match the initial letters are provided. (Remember not to leave a space between the command and question mark.) For example s? shows all the keywords starting with “s.” Console#show s? snmp spanning-tree...
Page 206: Exec Commands
mark ? at the prompt to display a list of the commands available for the current mode. The command classes and associated modes are displayed in the following table: Command Modes TABLE 4-1 Class Mode Exec Normal Privileged Configuration Global Interface Line VLAN Database...
Page 207: Configuration Commands
Username: guest Password: guest login password CLI session with the Sun Fire B1600 is opened. To end the CLI session, enter [Exit]. Console>enable Password: privileged level password Console# 4.1.2.11 Configuration Commands Configuration commands are privileged level commands used to modify switch settings.
Page 208: Command-Line Processing
To enter the other modes, at the configuration prompt type one of the following commands. Use the exit command to return to Configuration mode or the end command to return to Privileged Exec mode. Configuration Modes TABLE 4-2 Mode Command Prompt See Page Interface...
Page 209: Command Groups
Command Groups The system commands can be broken down into the functional groups shown below. Command Groups TABLE 4-4 Command Group Description Page General Basic commands for entering privileged access mode, 4-13 restarting the system, or quitting the CLI Flash/File Manages code image or switch configuration files 4-20 System Management...
Page 210 Command Groups (Continued) TABLE 4-4 Command Group Description Page Priority Sets port priority for untagged frames, relative weight for 4-150 each priority queue, and the maximum number of queues enabled; also sets priority for IP precedence and DSCP Mirror Port Mirrors data to another port for analysis without affecting 4-164 the data passing through or the performance of the monitored...
Page 211: Detailed Command Description
Detailed Command Description 4.3.1 General Commands TABLE 0-2 Command Function Mode Page Activates privileged mode 4-13 enable Returns to normal mode from privileged mode 4-14 disable Activates global configuration mode 4-15 configure Restarts the system 4-17 reload Returns to Privileged Exec mode 4-18 Returns to the previous configuration mode, or exits 4-19...
Page 212: Disable
Default Setting Level 15 Command Mode Normal Exec Command Usage super is the default password required to change the command mode from Normal Exec to Privileged Exec. (To set this password, see the enable password command on page 4-30.) The # character is appended to the end of the prompt to indicate that the system is in privileged access mode.
Page 213: Configure
Command Mode Privileged Exec Command Usage The > character is appended to the end of the prompt to indicate that the system is in normal access mode. Example Console#disable Console> Related Commands (4-13) enable 4.3.1.3 configure Use this command to activate Global Configuration mode. You must enter this mode to modify any settings on the switch.
Page 214: Show History
Example Console#configure Console(config)# Related Commands (4-18) 4.3.1.4 show history Use this command to show the contents of the command history buffer. Default Setting None Command Mode Normal Exec, Privileged Exec Command Usage The history buffer size is fixed at 10 Execution commands and 10 Configuration commands.
Page 215: Reload
Example In this example, the show history command lists the contents of the command history buffer: Console#show history Execution command history: 2 config 1 show history Configuration command history: 4 interface vlan 1 3 exit 2 interface vlan 1 1 end Console# The ! command repeats commands from the Execution command history buffer when you are in Normal Exec or Privileged Exec Mode, and commands from the...
Page 216: End
Command Mode Privileged Exec Command Usage This command resets the entire system. Example This example shows how to reset the switch: Console#reload System will be restarted, continue <y/n>? y 4.3.1.6 Use this command to return to Privileged Exec mode. Default Setting None Command Mode Global Configuration, Interface Configuration, Line Configuration, VLAN...
Page 217: Exit
4.3.1.7 exit Use this command to return to the previous configuration mode or exit the configuration program. Default Setting None Command Mode Example This example shows how to return to the Privileged Exec mode from the Global Configuration mode, and then quit the CLI session: Console(config)#exit Console#exit Press ENTER to start session...
Page 218: Flash/File Commands
Command Usage The quit and exit commands can both exit the configuration program. Example This example shows how to quit a CLI session: Console#quit Press ENTER to start session User Access Verification Username: 4.3.2 Flash/File Commands These commands are used to manage the system code or configuration files. Command Function ModePage...
Page 219 Syntax copy file {file | running-config | startup-config | tftp} copy running-config {file | startup-config | tftp} copy startup-config {file | running-config | tftp} copy tftp {file | running-config | startup-config} copy tftp https-certificate file – Keyword that allows you to copy to/from a file. running-config –...
Page 220: Delete
Example The following example shows how to upload the configuration settings to a file on the TFTP server: Console#copy file tftp Choose file type: 1. config: 2. opcode: <1-2>: 1 Source file name: startup TFTP server ip address: 10.1.0.99 Destination file name: startup.01 TFTP completed.
Page 221: Dir
Syntax delete filename filename – Name of the configuration file or image name. Default Setting None Command Mode Privileged Exec Command Usage If the file type is boot-ROM or is used for system startup, then this file cannot be deleted. The file Factory_Default_Config.cfg cannot be deleted.
Page 222: Command Mode
The type of file or image to display includes: boot-rom – Boot ROM config – Configuration file opcode – Run-time operation code. filename – Name of the file to display. If this file exists but contains errors, information on the file cannot be displayed. Default Setting None Command Mode...
Page 223: Whichboot
Example The following example shows how to display all file information: Console#dir file name file type startup size (byte) -------------------------------- -------------- ------- ------- diag_0060 Boot-Rom image 111360 run_01642 Operation Code 1074304 run_0200 Operation Code 1083008 Factory_Default_Config.cfg Config File 2574 startup Config File 2710 --------------------------------------------------------------...
Page 224: Boot System
Example This example shows the information displayed by the whichboot command Console#whichboot file name file type startup size (byte) ----------------- -------------- ------- ----------- diag_0060 Boot-Rom image 111360 run_0200 Operation Code 1083008 startup Config File 2710 Console# 4.3.2.5 boot system Use this command to specify the file or image used to start up the system. Syntax boot system {boot-rom| config | opcode}: filename The type of file or image to set as a default includes:...
Page 225: System Management Commands
Example Console(config)#boot system config: startup Console(config)# Related Commands (4-23) (4-25) whichboot 4.3.3 System Management Commands These commands are used to control system logs, passwords, user names, browser configuration options, and display or configure a variety of other system information. System Management Commands TABLE 4-6 Command Function...
Page 226: Hostname
System Management Commands (Continued) TABLE 4-6 Command Function Mode Page System Status Commands Displays the contents of the configuration file (stored 4-38 show startup- in Flash memory) that is used to start up the system config Displays the configuration data currently in use 4-40 show running- config...
Page 227: Username
Example Console(config)#hostname Server_Chassis_35 Console(config)# 4.3.3.2 username Use this command to add named users, require authentication at login, specify or change a user's password (or specify that no password is required), or specify or change a user's access level. Use the no form to remove a user name. Syntax username name {access-level level | nopassword | password {0 | 7} password}...
Page 228: Enable Password
Command Mode Global Configuration Command Usage There is no need to specify encrypted passwords on the command line. The option 7 is used internally by the switch at system bootup time to enable the switch to read any encrypted passwords stored in the configuration file. Example This example shows how the set the access level and password for a user.
Page 229: Ip Http Port
Command Mode Global Configuration Command Usage You cannot set a null password. You have to enter a password to change the command mode from Normal Exec to Privileged Exec with the enable command (page 4-13). There is no need to specify encrypted passwords on the command line. The option 7 is used internally by the switch at system bootup time to enable the switch to read any encrypted passwords stored in the configuration file.
Page 230: Ip Http Server
Command Mode Global Configuration Example Console(config)#ip http port 769 Console(config)# Related Commands (4-32) ip http server 4.3.3.5 ip http server Use this command to allow the switch to be monitored or configured from a browser. Use the no form to disable this function. Syntax ip http server no ip http server...
Page 231: Jumbo Frame
Example Console(config)#ip http server Console(config)# Related Commands (4-31) ip http port 4.3.3.6 jumbo frame Use this command to enable support for jumbo frames. Use the no form to disable it. Syntax jumbo frame no jumbo frame Default Setting disabled Command Mode Global Configuration Command Usage The switch provides more efficient throughput for large sequential data...
Page 232: Logging On
Enabling jumbo frames limits the maximum threshold for broadcast storm control to 64 packets per second. (See the switchport broadcast command on page 4-91.) Example Console(config)#jumbo-frame Console(config)# 4.3.3.7 logging on Use this command to control logging of error messages. This command sends debug or error messages to switch memory.
Page 233: Logging History
Related Commands (4-35) logging history (4-36) clear logging 4.3.3.8 logging history Use this command to limit syslog messages saved to switch memory based on severity. The no form returns the logging of syslog messages to the default level. Syntax logging history {flash | ram} level no logging history {flash | ram} flash –...
Page 234: Clear Logging
Command Mode Global Configuration Command Usage The message level specified for Flash memory must be a higher priority (numerically lower) than that specified for RAM. Example Console(config)#logging history ram 0 Console(config)# 4.3.3.9 clear logging Use this command to clear messages from the log buffer. Syntax clear logging [flash | ram] flash –...
Page 235: Show Logging
Related Commands (4-37) show logging 4.3.3.10 show logging Use this command to display the current logging configuration, along with any system and event messages stored in memory. Syntax show logging {flash | ram} flash – Event history stored in Flash memory (permanent memory). ram –...
Page 236: Show Startup-Config
Example The following example shows that system logging is enabled, the message level for Flash memory is errors (default level 3 to 0), the message level for RAM is debugging (default level 7 to 0), and lists one sample error. Console#show logging flash Syslog logging: Enable History logging in FLASH: level errors...
Page 237 Command Usage Use this command in conjunction with the show running-config command to compare the information in running memory to the information stored in non-volatile memory. This command displays settings for key command modes. Each mode group is separated by ! symbols, and includes the configuration mode command, and corresponding commands.
Page 238: Show Running-Config
spanning-tree mst-configuration name XSTP REGION 0 interface ethernet SNP0 description Blade Slot 1 flowcontrol switchport allowed vlan add 1 untagged switchport native vlan 1 spanning-tree edge-port spanning-tree link-type auto interface vlan 2 ip address 0.0.0.0 255.0.0.0 no bridge-ext gvrp! authentication login local tacacs-server host 0.0.0.0 tacacs-server port 0 line console...
Page 239 Command Mode Privileged Exec Command Usage Use this command in conjunction with the show startup-config command to compare the information in running memory to the information stored in non-volatile memory. This command displays settings for key command modes. Each mode group is separated by ! symbols, and includes the configuration mode command, and corresponding commands.
Page 240: Show System
vlan database vlan 1 name DefaultVlan media ethernet state active vlan 2 name MgtVlan media ethernet state active spanning-tree mst-configuration interface ethernet SNP0 description Blade Slot 0 flowcontrol switchport allowed vlan add 1 untagged switchport native vlan 1 spanning-tree edge-port spanning-tree link-type auto interface vlan 2 ip address 0.0.0.0 255.0.0.0...
Page 241 Default Setting None Command Mode Normal Exec, Privileged Exec Command Usage For a description of the items shown by this command, refer to “Displaying System Information” on page 3-8. The POST results should all display PASS. If any POST test indicates FAIL, contact your distributor for assistance.
Page 242: Show Users
4.3.3.14 show users Shows all active console and Telnet sessions, including user name, idle time, and IP address of Telnet clients. Default Setting None Command Mode Normal Exec, Privileged Exec Command Usage The session used to execute this command is indicated by a * symbol next to the Line (session) index number.
Page 243: Authentication Commands
Default Setting None Command Mode Normal Exec, Privileged Exec Command Usage “Displaying Switch Software Versions” on page 3-18 for detailed information about the software items. The meaning of hardware items are as follows: Serial Number – The serial number of the main board. Service Tag –...
Page 244: Authentication Login
RADIUS and TACACS are logon authentication protocols that use software running on a central server to control access to RADIUS-aware or TACACS-aware devices on the network. An authentication server contains a database of multiple user name and password pairs with associated privilege levels for each user that requires management access to a switch.
Page 245 Authentication methods may be specified in any order. Default Setting None Command Mode Global Configuration Command Usage RADIUS uses UDP while TACACS uses TCP. UDP only offers best effort delivery, while TCP offers a connection-oriented transport. Also, note that RADIUS encrypts only the password in the access-request packet from the client to the server, while TACACS encrypts the entire body of the packet.
Page 246: Radius-Server Host
4.3.4.2 radius-server host Use this command to specify the RADIUS server. Use the no form to restore the default. Syntax radius-server host host_ip_address no radius-server host host_ip_address – The IP address of the server. Default Setting 10.11.12.13 Command Mode Global Configuration Example Console(config)#radius-server host 192.168.1.25 Console(config)#...
Page 247: Radius-Server Key
Default Setting 1812 Command Mode Global Configuration Example Console(config)#radius-server port 181 Console(config)# 4.3.4.4 radius-server key Use this command to set the RADIUS encryption key. Use the no form to restore the default. Syntax radius-server key key_string no radius-server key key_string – The encryption key used to authenticate logon access for the client. Do not use blank spaces in the string.
Page 248: Radius-Server Retransmit
4.3.4.5 radius-server retransmit Use this command to set the number of retries. Use the no form to restore the default. Syntax radius-server retransmit number_of_retries no radius-server retransmit number_of_retries – The number of times (between 1 and 30) the switch tries to authenticate logon access through the RADIUS server.
Page 249: Show Radius-Server
Default Setting Command Mode Global Configuration Example Console(config)#radius-server timeout 10 Console(config)# 4.3.4.7 show radius-server Use this command to display the current settings for the RADIUS server. Default Setting None Command Mode Privileged Exec Example Console#show radius-server Remote radius server configuration: Server IP address: 10.11.12.13 Communication key with radius server: green Server port number: 1812...
Page 250: Tacacs-Server Host
4.3.4.8 tacacs-server host Use this command to specify the TACACS server. Use the no form to restore the default. Syntax tacacs-server host host_ip_address no tacacs-server host host_ip_address – IP address of server. Default Setting None Command Mode Global Configuration Example Console(config)#tacacs-server host 192.168.1.25 Console(config)# 4.3.4.9...
Page 251: Tacacs-Server Key
Default Setting None Command Mode Global Configuration Example Console(config)#tacacs-server port 181 Console(config)# 4.3.4.10 tacacs-server key Use this command to set the TACACS encryption key. Use the no form to restore the default. Syntax tacacs-server key key_string no tacacs-server key key_string – The encryption key used to authenticate logon access for the client. Do not use blank spaces in the string.
Page 252: Show Tacacs-Server
4.3.4.11 show tacacs-server Use this command to display the current settings for the TACACS server. Default Setting None Command Mode Privileged Exec Example Console#show tacacs-server Remote TACACS server configuration: Server IP address: 10.11.12.13 Communication key with tacacs server: green Server port number: 1824 Console# 4.3.5 SNMP Commands...
Page 253: Snmp-Server Community
SNMP Commands TABLE 4-10 Command Function Mode Page Specifies the recipient of an SNMP notification 4-57 snmp-server host operation Enables the device to send SNMP traps (SNMP 4-59 snmp-server enable notifications) traps Displays the status of SNMP communications 4-60 show snmp 4.3.5.1 snmp-server community Use this command to define the community access string for the Simple Network...
Page 254: Snmp-Server Contact
Command Usage The first snmp-server community command you enter enables all versions of SNMP (SNMP v1 and SNMP v2c). The no snmp-server community command disables all versions of SNMP. Example Console(config)#snmp-server community alpha rw Console(config)# 4.3.5.2 snmp-server contact Use this command to set the system contact string. Use the no form to remove the system contact information.
Page 255: Snmp-Server Location
Related Commands (4-57) snmp-server location 4.3.5.3 snmp-server location Use this command to set the system location string. Use the no form to remove the location string. Syntax snmp-server location text no snmp-server location text – String that describes the system location. (Maximum length: 255 characters) Default Setting None...
Page 256 Syntax snmp-server host host-addr community-string version version-number no snmp-server host host-addr host-addr – Name or Internet address of the host (the targeted recipient). (Maximum host addresses: 5 trap destination IP address entries) community-string – Password-like community string sent with the notification operation.
Page 257: Snmp-Server Enable Traps
Related Commands (4-59) snmp-server enable traps 4.3.5.5 snmp-server enable traps Use this command to enable the switch to send Simple Network Management Protocol traps (SNMP notifications). Use the no form to disable SNMP notifications. Syntax snmp-server enable traps [authentication | link-up-down] no snmp-server enable traps [authentication | link-up-down] authentication –...
Page 258: Show Snmp
Example Console(config)#snmp-server enable traps link-up-down Console(config)# Related Commands (4-57) snmp-server host 4.3.5.6 show snmp Use this command to check the status of SNMP communications. Default Setting None Command Mode Normal Exec, Privileged Exec Command Usage This command provides information on the community access strings, counter information for SNMP input and output protocol data units, and whether or not SNMP logging has been enabled with the snmp-server enable traps command.
Page 259 Example Console#show snmp SNMP traps: Authentication: enable Link-up-down: enable SNMP communities: 1. private, and the privilege is read/write 2. public, and the privilege is read-only 0 SNMP packets input 0 Bad SNMP version errors 0 Unknown community name 0 Illegal operation for community name supplied 0 Encoding errors 0 Number of requested variables 0 Number of altered variables...
Page 260: Line Commands
4.3.6 Line Commands You can access the on-board configuration program by attaching a VT100 compatible device to the switch’s serial port. These commands are used to set communication parameters for the serial port or Telnet (a virtual terminal). Note – The connection parameters for the serial interface are fixed at 8 data bits, 1 stop bit, no parity, and 9600 bps.
Page 261: Login
Default Setting There is no default line. Command Mode Global Configuration Command Usage Telnet is considered a virtual terminal connection and will be shown as Vty in screen displays such as show users. Example To enter console line mode, enter the following command: Console(config)#line console Console(config-line)# Related Commands...
Page 262: Password
Default Setting login local Command Mode Line Configuration Command Usage There are three authentication modes provided by the switch itself at login: login selects authentication by a single global password as specified by the password line configuration command. When using this method, the management interface starts in Normal Exec (NE) mode.
Page 263 Syntax password {0 | 7} password no password {0 | 7} - 0 means input plain password, 7 means input encrypted password. password - Character string that specifies the line password. (Maximum length: 8 characters plain text, 32 encrypted, case sensitive) Default Setting No password is specified.
Page 264: Exec-Timeout
4.3.6.4 exec-timeout Use this command to set the interval that the system waits for user input before terminating the current session. Use the no form to restore the default. Syntax exec-timeout [seconds] no exec-timeout seconds - Integer that specifies the number of seconds. (Range: 0 - 65535 seconds;...
Page 265: Silent-Time
Syntax password-thresh threshold no password-thresh threshold – The number of allowed password attempts. (Range: 1-120; 0: no threshold) Default Setting The default value is three attempts. Command Mode Line Configuration Command Usage When the login attempt threshold is reached on the console port, the system interface becomes silent for a specified amount of time before allowing the next login attempt.
Page 266: Show Line
Syntax silent-time [seconds] no silent-time seconds – The number of seconds to disable console response. (Range: 0-65535; 0: no silent-time) Default Setting The default value is no silent-time. Command Mode Line Configuration Example To set the silent time to 60 seconds, enter this command: Console(config-line)#silent-time 60 Console(config-line)# Related Commands...
Page 267: Ip Commands
Default Setting Shows all lines Command Mode Normal Exec, Privileged Exec Example To show the connection settings for all lines, enter this command: Console#show line Console configuration: Password threshold: 3 times Interactive timeout: Disabled Silent time: Disabled Baudrate: 9600 Databits: 8 Parity: none Stopbits: 1 Vty configuration:...
Page 268: Ip Address
IP Commands TABLE 4-12 Command Function Mode Page Specifies the DHCP client identifier for the switch. 4-72 ip dhcp client- Note that the System Controller assigns the client identifier identifier for the switch each time either it or the switch boots. Therefore we do not recommend you specify a client identifier.
Page 269: Ip Dhcp Restart
Command Mode Interface Configuration (VLAN) Command Usage You can manually configure a specific IP address, or direct the device to obtain an address from a BOOTP or DHCP server. The factory default is to use DHCP. Valid IP addresses consist of four numbers, 0 to 255, separated by periods. Any other format will not be accepted by the software.
Page 270: Ip Dhcp Client-Identifier
Default Setting None Command Mode Privileged Exec Command Usage DHCP requires the server to reassign the client’s last address if available. If the BOOTP or DHCP server is moved to a different domain, the network portion of the address provided to the client is based on this new domain. Example In the following example, the device is reassigned the same address.
Page 271 Syntax ip dhcp client-identifier {text text | hex hex} no ip dhcp client-identifier text – A text string. (Range: 1-15 characters) hex – The hexidecimal value. Default Setting The DHCP client identifier is supplied by the System Controller in the SSC whenever the System Controller resets the switch.
Page 272: Ip Default-Gateway
4.3.7.4 ip default-gateway Use this command to a establish a static route between the switch and management stations that exist on another network segment. Use the no form to remove the static route. Syntax ip default-gateway gateway no ip default-gateway gateway –...
Page 273: Show Ip Interface
4.3.7.5 show ip interface Use this command to display the settings of an IP interface. Default Setting All interfaces Command Mode Privileged Exec Command Usage This switch can only be assigned one IP address. This address is used for managing the switch. Example Console#show ip interface IP address and netmask: 10.1.0.54 255.255.255.0 on VLAN 2,...
Page 274: Ping
Command Mode Privileged Exec Example Console#show ip redirects ip default gateway 10.1.0.254 Console# Related Commands (4-74) ip default-gateway 4.3.7.7 ping Use this command to send ICMP echo request packets to another node on the network. Syntax ping host [count count][size size] host –...
Page 275: Ip Filter
Command Usage Use the ping command to see if another site on the network can be reached. The following are some results of the ping command: Normal response – The normal response occurs in one to ten seconds, depending on network traffic. Destination does not respond –...
Page 276 Syntax ip filter [rule-number] action protocol {source source-bitmask} {destination destination-bitmask} [fragments] [log] The port number is not checked. The fragments option is allowed. ip filter [rule-number] action protocol {source source-bitmask} [source-port-range] {destination destination-bitmask} [destination-port-range] [log] The port number is checked; that is, if either source-port-range or destination- port-range is specified, the fragments option is not allowed.
Page 277 1 (fin) – Finish 2 (syn) – Synchronize 4 (rst) – Reset 8 (psh) – Push 16 (ack) – Acknowledgement 32 (urg) – Urgent pointer code-keyword-seq – The following code keywords can be specified, but must follow the indicated sequence: fin | syn | rst | psh | ack | urg (The code keyword must be ON if specified and OFF if not specified.) fragments –...
Page 278 SYN flag valid, use code 2 2 Both SYN and ACK valid, use code 18 18 SYN valid and ACK invalid, use code 2 18 Example Address filters – This example allows all packets to pass through the filter by permitting any protocol type, and using a null address and network mask for both the source address and destination address.
Page 279: Show Ip Filter
This also blocks all TCP packets from class C addresses 192.168.1.0 with SYN set. Console(config)#ip filter deny tcp 192.168.1.0 255.255.255.0 0.0.0.0 0.0.0.0 code 2 2 Console(config)# Example Checking for port numbers – This example allows TCP packets from class C addresses 192.168.1.0 to anywhere when set for destination port 80.
Page 280 Command Mode Privileged Exec Example In this example, the only specified rule permits packets within the subnet 10.1.0.x to pass between the management port and the down-link ports. Console#show ip filter Ip filter: Rule:1, Action: permit, Protocol: any, Log: disable, Fragments: disable Source: 10.1.0.0 255.255.255.0 any Destination: 10.1.0.0 255.255.255.0 any...
Page 281: Interface Commands
4.3.8 Interface Commands These commands are used to display or set communication parameters for an Ethernet port, aggregated link, or VLAN. Interface Commands TABLE 4-13 Command Function Mode Page Configures an interface type and enters interface 4-83 interface configuration mode Adds a description to an interface configuration 4-84 description...
Page 282: Description
ethernet port-name port-name – down link: SNP0-15; up link: NETP0-7; mgt: NETMGT port-channel channel-id (Range: 1 to 6) vlan vlan-id (Range: 1 to 4094) Default Setting None Command Mode Global Configuration Example To specify the first up-link port, enter the following command: Console(config)#interface ethernet NETP0 Console(config-if)# 4.3.8.2...
Page 283: Speed-Duplex
Command Mode Interface Configuration (Ethernet, Port Channel) Example The following example configures a description for down-link port SNP5. Console(config)#interface ethernet SNP5 Console(config-if)#description RD-SW#3 Console(config-if)# 4.3.8.3 speed-duplex Use this command to configure the speed and duplex mode of a given interface when auto-negotiation is disabled.
Page 284: Negotiation
Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage To force operation to the speed and duplex mode specified in a speed- duplex command, use the no negotiation command to disable auto- negotiation on the selected interface. However, note that auto-negotiation cannot be disabled on the down-link ports.
Page 285: Capabilities
Default Setting Enabled Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage Down-link ports SNP0-15 are fixed with auto-negotiation disabled. When auto-negotiation is enabled the switch will negotiate the best settings for a link based on the capabilites command. When auto-negotiation is disabled, you must manually specify the link attributes with the speed- duplex and flowcontrol commands.
Page 286 Syntax capabilities {1000full | 100full | 100half | 10full | 10half | flowcontrol | symmetric} no port-capabilities [1000full | 100full | 100half | 10full | 10half | flowcontrol | symmetric] 1000full – Supports 1000 Mbit/sec full-duplex operation 100full – Supports 100 Mbit/sec full-duplex operation 100half –...
Page 287: Flowcontrol
Example The following example configures port NETP5 capabilities to 100half, 100full and flowcontrol. Console(config)#interface ethernet NETP5 Console(config-if)#no capabilities 10half Console(config-if)#no capabilities 10hfull Console(config-if)#no capabilities 1000full Console(config-if)#capabilities 100half Console(config-if)#capabilities 100full Console(config-if)#capabilities flowcontrol Console(config-if)# Related Commands (4-86) negotiation (4-85) speed-duplex (4-89) flowcontrol 4.3.8.6 flowcontrol Use this command to enable flow control.
Page 288 Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage Flow control can eliminate frame loss by “blocking” traffic from end stations or segments connected directly to the switch when its buffers fill. When enabled, back pressure is used for half-duplex operation and IEEE 802.3x for full-duplex operation.
Page 289: Shutdown
4.3.8.7 shutdown Use this command to disable an interface. To restart a disabled interface, use the no form. Syntax shutdown no shutdown Default Setting All interfaces are enabled. Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage This command allows you to disable a port due to abnormal behavior (for example, excessive collisions), and then reenable it after the problem has been resolved.
Page 290 Syntax switchport broadcast packet-rate rate no switchport broadcast rate – The threshold level in packets per second. (Range: 16, 64, 128, 256) Default Setting Enabled for all ports 256 packets per second Command Mode Interface Configuration (Ethernet) Command Usage When broadcast traffic exceeds the specified threshold, packets above that threshold are dropped.
Page 291: Clear Counters
4.3.8.9 clear counters Use this command to clear statistics on an interface. Syntax clear counters interface interface – ethernet port-name port-name – down link: SNP0-15; up link: NETP0-7; mgt: NETMGT Default Setting None Command Mode Privileged Exec Command Usage Statistics are only initialized for a power reset. This command sets the base value for displayed statistics to zero for the current management session.
Page 292 Syntax show interfaces status [interface] interface ethernet port-name port-name – down link: SNP0-15; up link: NETP0-7; mgt: NETMGT port-channel channel-id (Range: 1-6) vlan vlan-id (Range: 1-4094) Default Setting Shows status for all interfaces. Command Mode Normal Exec, Privileged Exec Command Usage If no interface is specified, information on all interfaces is displayed.
Page 293: Show Interfaces Counters
Example Console#show interfaces status ethernet SNP11 Information of SNP11 Basic information: Port type: 1000SX Mac address: 00-00-e8-00-00-0a Configuration: Name: Blade Slot 11 Port admin status: Up Speed-duplex: Auto Capabilities: 1000full, Broadcast storm status: Enabled Broadcast storm limit: 256 packets/second Flow control status: Enabled Lacp status: Disabled Current status: Link status: Down...
Page 294: Show Interfaces Switchport
Command Usage If no interface is specified, information on all interfaces is displayed. For a description of the items displayed by this command, see “Showing Port Statistics” on page 3-141. Example Console#show interfaces counters ethernet NETP7 NETP7: Iftable stats: Octets input: 19648, Octets output: 714944 Unicast input: 0, Unicast output: 0 Discard input: 0, Discard output: 0 Error input: 0, Error output: 0...
Page 295 Syntax show interfaces switchport [interface] interface ethernet port-name port-name – down link: SNP0-15; up link: NETP0-7; mgt: NETMGT port-channel channel-id (Range: 1-6) Default Setting Shows all interfaces. Command Mode Normal Exec, Privileged Exec Command Usage If no interface is specified, information on all interfaces is displayed. The items displayed by this command include: Broadcast threshold –...
Page 296: Address Table Commands
Example This example shows the configuration setting for Ethernet port NETP7. Console#show interfaces switchport ethernet NETP7 Information of NETP7 Broadcast threshold: Enabled, 256 packets/second Lacp status: Enabled VLAN membership mode: Hybrid Ingress rule: Disabled Acceptable frame type: All frames Native VLAN: 1 Priority for untagged traffic: 0 Gvrp status: Enabled Allowed Vlan:...
Page 297: Mac-Address-Table Static
4.3.9.1 mac-address-table static Use this command to map a static address to a destination port. Use the no form to remove an address. Syntax mac-address-table static mac-address {interface interface} vlan vlan-id [action] no mac-address-table static mac-address vlan vlan-id mac-address – MAC address. interface ethernet port-name port-name –...
Page 298: Clear Mac-Address-Table Dynamic
A static address cannot be learned on another port until the address is removed with the no form of this command. Example Console(config)#mac-address-table static 00-e0-29-94-34-de interface ethernet SNP1 vlan 1 delete-on-reset Console(config)# 4.3.9.2 clear mac-address-table dynamic Use this command to remove any learned entries from the forwarding database and to clear the transmit and receive counts for any static or system configured entries.
Page 299: Mac-Address-Table Aging-Time
mask – Bits to ignore in the address. interface ethernet port-name port-name – down link: SNP0-15; up link: NETP0-7; mgt: NETMGT port-channel channel-id (Range: 1-6) vlan-id – VLAN ID (Range: 1-4094) sort – Sort by address, vlan or interface. Default Setting None Command Mode Privileged Exec...
Page 300: Show Mac-Address-Table Aging-Time
Syntax mac-address-table aging-time seconds no mac-address-table aging-time seconds – The time is the number of seconds (18 to 2184). Default Setting 300 seconds Command Mode Global Configuration Command Usage The aging time is used to age out dynamically learned forwarding information. Example Console(config)#mac-address-table aging-time 300 Console(config)#...
Page 301: Port Security Commands
Example Console#show mac-address-table aging-time Aging time: 300 sec. Console# 4.3.10 Port Security Commands These commands can be used to disable the learning function or manually specify secure addresses for a port. You might want to leave port security off for an initial training period (enable the learning function) to register all the current VLAN members on the selected port, and then enable port security to ensure that the port drops any incoming frames with a source MAC address that is unknown or has been...
Page 302 Command Mode Interface Configuration (Ethernet) Command Usage If you enable port security, the switch stops dynamically learning new addresses on the specified port. Only incoming traffic with source addresses already stored in the dynamic or static address table are accepted. To use port security, first allow the switch to dynamically learn the <source MAC address, VLAN>...
Page 303: Spanning Tree Commands
4.3.11 Spanning Tree Commands This section includes commands that configure the Spanning Tree Algorithm (STA) for the overall switch, and commands that configure STA for the selected interface. Spanning Tree Commands TABLE 4-16 Command Function Mode Page Enables the spanning tree protocol 4-105 spanning-tree spanning-tree mode Configures STP or RSTP mode...
Page 304: Spanning-Tree Mode
Syntax spanning-tree no spanning-tree Default Setting Spanning tree is enabled. Command Mode Global Configuration Command Usage The Spanning Tree Algorithm can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices (that is, an STA-compliant switch, bridge or router) in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically...
Page 305: Spanning-Tree Forward-Time
rstp – Rapid Spanning Tree Protocol (IEEE 802.1w) Default Setting rstp Command Mode Global Configuration Command Usage Rapid Spanning Tree Protocol RSTP supports connections to either STP or RSTP nodes by monitoring the incoming protocol messages and dynamically adjusting the type of protocol messages the RSTP node transmits, as described below: STP Mode –...
Page 306: Spanning-Tree Hello-Time
The minimum value is the higher of 4 or [(max-age / 2) + 1]. Default Setting 15 seconds Command Mode Global Configuration Command Usage This command sets the maximum time (in seconds) the root device will wait before changing states (that is, discarding to learning to forwarding). This delay is required because every device must receive information about topology changes before it starts to forward frames.
Page 307: Spanning-Tree Max-Age
Default Setting 2 seconds Command Mode Global Configuration Command Usage This command sets the time interval (in seconds) at which the root device transmits a configuration message. Example Console(config)#spanning-tree hello-time 5 Console(config)# 4.3.11.5 spanning-tree max-age Use this command to configure the spanning tree bridge maximum age globally for this switch.
Page 308: Spanning-Tree Priority
Command Mode Global Configuration Command Usage This command sets the maximum time (in seconds) a device can wait without receiving a configuration message before attempting to reconfigure. All device ports (except for designated ports) should receive configuration messages at regular intervals. Any port that ages out STA information (provided in the last configuration message) becomes the designated port for the attached LAN.
Page 309: Spanning-Tree Pathcost Method
Command Usage Bridge priority is used in selecting the root device, root port, and designated port. The device with the highest priority becomes the STA root device (0=highest, 61440=lowest). However, if all devices have the same priority, the device with the lowest MAC address will then become the root device.
Page 310: Spanning-Tree Transmission-Limit
Example Console(config)#spanning-tree pathcost method long Console(config)# 4.3.11.8 spanning-tree transmission-limit Use this command to configure the minimum interval between the transmission of consecutive RSTP BPDUs. Use the no form to restore the default. Syntax spanning-tree transmission-limit count no spanning-tree transmission-limit count – The transmission limit in seconds. (Range: 1-10) Default Setting Command Mode Global Configuration...
Page 311 Syntax spanning-tree cost cost no spanning-tree cost cost – The path cost for the interface. (Range – 1-200,000,000) The recommended range is - Ethernet: 200,000-20,000,000 Fast Ethernet: 20,000-2,000,000 Gigabit Ethernet: 2,000-200,000 Default Setting Ethernet – half duplex: 2,000,000; full duplex: 1,000,000; trunk: 500,000 Fast Ethernet –...
Page 312: Spanning-Tree Port-Priority
Related Commands (4-114) spanning-tree port-priority 4.3.11.10 spanning-tree port-priority Use this command to configure the priority for the specified interface. Use the no form to restore the default. Syntax spanning-tree port-priority priority no spanning-tree port-priority priority – The priority for an interface. (Range: 0-240, in steps of 16) Default Setting Command Mode Interface Configuration (Ethernet, Port Channel)
Page 313: Spanning-Tree Edge-Port
Related Commands (4-112) spanning-tree cost 4.3.11.11 spanning-tree edge-port Use this command to specify an interface as an edge port. Use the no form to restore the default. Syntax spanning-tree edge-port no spanning-tree edge-port Default Setting NETP0-7, NETMGT: Disabled SNP0-15: Enabled (fixed at this setting) Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage...
Page 314: Spanning-Tree Protocol-Migration
Example Console(config)#interface ethernet SNP5 Console(config-if)#spanning-tree edge-port Console(config-if)# 4.3.11.12 spanning-tree protocol-migration Use this command to re-check the appropriate BPDU format to send on the selected interface. Syntax spanning-tree protocol-migration interface interface ethernet port-name port-name – down link: SNP0-15; up link: NETP0-7; mgt: NETMGT port-channel channel-id (Range: 1-6) Command Mode Privileged Exec...
Page 315: Spanning-Tree Link-Type
4.3.11.13 spanning-tree link-type Use this command to configure the link type for Rapid Spanning Tree. Use the no form to restore the default. Syntax spanning-tree link-type {auto | point-to-point | shared} no spanning-tree link-type auto – Automatically derived from the duplex mode setting. point-to-point –...
Page 316: Show Spanning-Tree
4.3.11.14 show spanning-tree Use this command to show the configuration for the spanning tree. Syntax show spanning-tree [interface] interface ethernet port-name port-name – down link: SNP0-15; up link: NETP0-7; mgt: NETMGT port-channel channel-id (Range: 1-6) Default Setting None Command Mode Privileged Exec Command Usage Use the show spanning-tree command with no parameters to display the...
Page 317 Example Console#show spanning-tree Spanning tree information -------------------------------------------------------- Spanning tree mode :RSTP Spanning tree enable/disable :enable Priority :32768 Bridge Hello Time (sec.) Bridge Max Age (sec.) Bridge Forward Delay (sec.) Root Hello Time (sec.) Root Max Age (sec.) Root Forward Delay (sec.) Designated Root :8.0000E8666672 Current root port...
Page 318: Vlan Commands
4.3.12 VLAN Commands A VLAN is a group of ports that can be located anywhere in the network, but communicate as though they belong to the same physical segment. This section describes commands used to create VLAN groups, add port members, specify how VLAN tagging is used, and enable automatic VLAN registration for the selected interface.
Page 319: Vlan Database
4.3.12.1 vlan database Use this command to enter VLAN database mode. All commands in this mode will take effect immediately. Default Setting None Command Mode Global Configuration Command Usage Use the VLAN database command mode to add, change, and delete VLANs. After finishing configuration changes, you can display the VLAN settings by entering the show vlan command.
Page 320 Syntax vlan vlan-id [name vlan-name] media ethernet [state {active | suspend}] no vlan vlan-id [name | state] vlan-id – ID of configured VLAN. (Range: 1-4094, no leading zeroes) name – Keyword to be followed by the VLAN name. vlan-name – ASCII string from 1 to 15 characters. media ethernet –...
Page 321: Interface Vlan
Related Commands (4-130) show vlan 4.3.12.3 interface vlan Use this command to enter interface configuration mode for VLANs, and configure a physical interface. Syntax interface vlan vlan-id vlan-id – The ID of the configured VLAN. (Range: 1-4094, no leading zeroes) Default Setting None Command Mode...
Page 322: Switchport Acceptable-Frame-Types
Syntax switchport mode {trunk | hybrid} no switchport mode trunk – Specifies a port as an end-point for a VLAN trunk. A trunk is a direct link between two switches, so the port transmits tagged frames that identify the source VLAN. However, note that frames belonging to the port’s default VLAN (associated with the PVID) are sent untagged.
Page 323: Switchport Ingress-Filtering
Default Setting All frame types Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage When set to receive all frame types, any received frames that are untagged are assigned to the default VLAN. Example The following example shows how to restrict the traffic received on SNP1 to tagged frames: Console(config)#interface ethernet SNP1 Console(config-if)#switchport acceptable-frame-types tagged...
Page 324: Switchport Native Vlan
Command Usage Ingress filtering only affects tagged frames. If ingress filtering is disabled, the interface accepts any VLAN-tagged frame if the tag matches a VLAN known to the switch (except for VLANs explicitly forbidden on this port). If ingress filtering is enabled, incoming frames tagged for VLANs that do not include this ingress port in their member set are discarded.
Page 325: Switchport Allowed Vlan
Command Usage If an interface is not a member of VLAN 1 and you assign its PVID to this VLAN, the interface will automatically be added to VLAN 1 as an untagged member. For all other VLANs, an interface must first be configured as an untagged member before you can assign its PVID to that group.
Page 326 To restore the management port to its factory-default VLAN (VLAN 2) and remove it from any other VLANs you have added it to, type the following commands: Console(config)#interface ethernet NETMGT Console(config-if)#switchport allowed vlan add 2 Console(config-if)#switchport native vlan 2 Console(config-if)#switchport allowed vlan remove vlan id where vlan id is the number of a VLAN other than VLAN 2 to which you have added NETMGT.
Page 327: Switchport Forbidden Vlan
Example The following example shows how to add VLANs 1, 2, 5 and 6 to the allowed list as tagged VLANs for port SNP1: Console(config)#interface ethernet SNP1 Console(config-if)#switchport allowed vlan add 1 tagged Console(config-if)#switchport allowed vlan add 2 tagged Console(config-if)#switchport allowed vlan add 5 tagged Console(config-if)#switchport allowed vlan add 6 tagged Console(config-if)# 4.3.12.9...
Page 328: Show Vlan
Example The following example shows how to prevent port SNP1 from being added to VLAN 3: Console(config)#interface ethernet SNP1 Console(config-if)#switchport forbidden vlan add 3 Console(config-if)# 4.3.12.10 show vlan Use this command to show VLAN information. Syntax show vlan [id vlan-id | name vlan-name] id –...
Page 329: Gvrp And Bridge Extension Commands
Example The following example shows how to display information for VLAN 1: Console#show vlan id 1 VLAN Type Name Status Ports/Channel groups ---- ------- ---------------- --------- ---------------------- 1 Static DefaultVlan Active SNP0 SNP1 SNP2 SNP3 SNP4 SNP5 SNP6 SNP7 SNP8 SNP9 SNP10 SNP11...
Page 330: Switchport Gvrp
4.3.13.1 switchport gvrp Use this command to enable GVRP for a port. Use the no form to disable it. Syntax switchport gvrp no switchport gvrp Default Setting Enabled Command Mode Interface Configuration (Ethernet, Port Channel) Example Console(config)#interface ethernet SNP1 Console(config-if)#switchport gvrp Console(config-if)# 4.3.13.2 show gvrp configuration...
Page 331: Garp Timer
Default Setting Shows both global and interface-specific configuration. Command Mode Normal Exec, Privileged Exec Example Console#show gvrp configuration Whole system: GVRP configuration: Enabled SNP0: Gvrp configuration: Enabled SNP1: Gvrp configuration: Enabled 4.3.13.3 garp timer Use this command to set the values for the join, leave and leaveall timers. Use the no form to restore the timers' default values.
Page 332 Default Setting join: 20 centiseconds leave: 60 centiseconds leaveall: 1000 centiseconds Command Mode Interface Configuration (Ethernet, Port Channel) Command Usage Group Address Registration Protocol (GARP) is used by GVRP and GMRP to register or deregister client attributes for client services within a bridged LAN. The default values for the GARP timers are independent of the media access method or data rate.
Page 333: Show Garp Timer
4.3.13.4 show garp timer Use this command to show the GARP timers for the selected interface. Syntax show garp timer [interface] interface ethernet port-name port-name – down link: SNP0-15; up link: NETP0-7; mgt: NETMGT port-channel channel-id (Range: 1-6) Default Setting Shows all GARP timers.
Page 334: Show Bridge-Ext
Syntax bridge-ext gvrp no bridge-ext gvrp Default Setting Enabled Command Mode Global Configuration Command Usage GVRP defines a way for switches to exchange VLAN information in order to register VLAN members on ports across the network. This function should be enabled to permit automatic VLAN registration, and to support VLANs which extend beyond the local switch.
Page 335 Command Usage The meanings of items displayed by this command are as follows: Max support vlan numbers – The VLAN version used by the switch as specified in the IEEE 802.1Q standard. Max support vlan ID – Maximum VLAN ID recognized by the switch. Extended multicast filtering services –...
Page 336: Igmp Snooping Commands
Example Console#show bridge-ext Max support vlan numbers: 255 Max support vlan ID: 4094 Extended multicast filtering services: No Static entry individual port: Yes VLAN learning: IVL Configurable PVID tagging: Yes Local VLAN capable: Yes Traffic classes: Enabled Global GVRP status: Enabled GMRP: Disabled Console# 4.3.14...
Page 337: Ip Igmp Snooping
IGMP Snooping Commands (Continued) TABLE 4-19 Command Function Mode Page Configures the query interval 4-145 ip igmp snooping query-interval Configures the report delay 4-146 ip igmp snooping query-max-response- time Configures the query timeout 4-147 ip igmp snooping router-port-expire- time Shows the IGMP snooping configuration 4-142 show ip igmp snooping...
Page 338: Ip Igmp Snooping Vlan Static
Example The following example enables IGMP snooping. Console(config)#ip igmp snooping Console(config)# 4.3.14.2 ip igmp snooping vlan static Use this command to add a port to a multicast group. Use the no form to remove the port. Syntax ip igmp snooping vlan vlan-id static ip-address interface no ip igmp snooping vlan vlan-id static ip-address interface vlan-id - VLAN ID (Range: 1-4094) ip-address - IP address for multicast group...
Page 339: Ip Igmp Snooping Version
Example The following shows how to statically configure a multicast group on a port: Console(config)#ip igmp snooping vlan 1 static 224.0.0.12 ethernet SNP5 Console(config)# 4.3.14.3 ip igmp snooping version Use this command to configure the IGMP snooping version. Use the no form to restore the default.
Page 340: Show Ip Igmp Snooping
Example The following configures the switch to use IGMP Version 1: Console(config)#ip igmp snooping version 1 Console(config)# 4.3.14.4 show ip igmp snooping Use this command to show the IGMP snooping configuration. Default Setting None Command Mode Privileged Exec Command Usage “Configuring IGMP Snooping Parameters”...
Page 341: Show Mac-Address-Table Multicast
4.3.14.5 show mac-address-table multicast Use this command to show known multicast addresses. Syntax show mac-address-table multicast [vlan vlan-id] [user | igmp-snooping] vlan-id – VLAN ID (1 to 4094) user – Display only the user-configured multicast entries. igmp-snooping – Display only entries learned through IGMP snooping. Default Setting None Command Mode...
Page 342: Ip Igmp Snooping Querier
4.3.14.6 ip igmp snooping querier Use this command to enable the switch as an IGMP snooping querier. Use the no form to disable it. Syntax ip igmp snooping querier no ip igmp snooping querier Default Setting Disabled Command Mode Global Configuration Command Usage If enabled, the switch will serve as querier if elected.
Page 343: Ip Igmp Snooping Query-Interval
count - The maximum number of queries issued for which there has been no response before the querier takes action to drop a client from the multicast group. (Range: 2-10) Default Setting 2 times Command Mode Global Configuration Command Usage The query count defines how long the querier waits for a response from a multicast client before taking action.
Page 344: Ip Igmp Snooping Query-Max-Response-Time
Syntax ip igmp snooping query-interval seconds no ip igmp snooping query-interval seconds – The frequency at which the switch sends IGMP host-query messages. (Range: 60-125) Default Setting 125 seconds Command Mode Global Configuration Example The following shows how to configure the query interval to 100 seconds: Console(config)#ip igmp snooping query-interval 100 Console(config)# 4.3.14.9...
Page 345: Ip Igmp Snooping Router-Port-Expire-Time
Command Mode Global Configuration Command Usage The switch must be using IGMPv2 for this command to take effect. This command defines the time after a query, during which a response is expected from a multicast client. If a querier has sent a number of queries defined by the ip igmp snooping query-count, but a client has not responded, a countdown timer is started using an initial value set by this command.
Page 346: Ip Igmp Snooping Vlan Mrouter
Default Setting 300 seconds Command Mode Global Configuration Command Usage The switch must use IGMPv2 for this command to take effect. Example The following shows how to configure the timeout to 500 seconds: Console(config)#ip igmp snooping router-port-expire-time 500 Console(config)# Related Commands (4-141) ip igmp snooping version 4.3.14.11...
Page 347: Show Ip Igmp Snooping Mrouter
Default Setting No static multicast router ports are configured. Command Mode Global Configuration Command Usage Depending on your network connections, IGMP snooping may not always be able to locate the IGMP querier. Therefore, if the IGMP querier is a known multicast router/switch connected over the network to an interface (port or trunk) on your switch, you can manually configure that interface to join all the current multicast groups.
Page 348: Priority Commands
Command Mode Privileged Exec Command Usage Multicast router port types displayed include Static or Dynamic. Example The following shows the ports attached to multicast routers: Console#show ip igmp snooping mrouter VLAN M'cast Router Ports Type ---- ------------------- ------- NETP5 Static NETP6 Dynamic Console#...
Page 349: Switchport Priority Default
Priority Commands (Continued) TABLE 4-20 Command Function Mode Page Displays the administrative and operational status of 4-96 show interfaces an interface switchport Layer 3 and 4 Priority Commands Enables IP precedence class-of-service mapping 4-157 map ip precedence Maps IP precedence value to a class of service 4-158 map ip precedence Enables IP DSCP class-of-service mapping...
Page 350: Queue Bandwidth
Command Usage The precedence for priority mapping is IP Precedence or IP DSCP, and default switchport priority. The default priority applies for an untagged frame received on a port set to accept all frame types (i.e, receives both untagged and tagged frames). This priority does not apply to IEEE 802.1Q VLAN tagged frames.
Page 351: Queue Cos-Map
Command Mode Global Configuration Command Usage WRR allows bandwidth sharing at the egress port by defining scheduling weights. Example The following example shows how to assign WRR weights of 1, 3, 5 and 7 to the COS priority queues 0, 1, 2 and 3: Console(config)#queue bandwidth 1 3 5 7 Console(config)# Related Commands...
Page 352 Default Setting This switch supports Class of Service by using four priority queues, with Weighted Round Robin queuing for each port. Eight separate traffic classes are defined in IEEE 802.1p. The default priority levels are assigned according to recommendations in the IEEE 802.1p standard as shown in the following table. IEEE 802.1p Default Priority Recommendations TABLE 4-21 Queue...
Page 353: Show Queue Bandwidth
Example The following example shows how to map COS values 0, 1 and 2 to COS priority queue 0, value 3 to COS priority queue 1, values 4 and 5 to COS priority queue 2, and values 6 and 7 to COS priority queue 3: Console(config)#interface ethernet SNP1 Console(config-if)#queue cos-map 0 0 1 2 Console(config-if)#queue cos-map 1 3...
Page 354: Show Queue Cos-Map
Example Console#show queue bandwidth Queue ID Weight -------- ------ Console# 4.3.15.5 show queue cos-map Use this command to show the class-of-service priority map. Syntax show queue cos-map [interface] interface ethernet port-name port-name - down link: SNP0-15; up link: NETP0-7; mgt: NETMGT port-channel channel-id (Range: 1-6) Default Setting None...
Page 355: Map Ip Precedence (Global Configuration)
Example Console#show queue cos-map ethernet SNP11 Information of SNP11 Queue ID Traffic class -------- ------------- Console# 4.3.15.6 map ip precedence (Global Configuration) Use this command to enable IP precedence mapping (IP Type of Service). Use the no form to disable IP precedence mapping. Syntax map ip precedence no map ip precedence...
Page 356: Map Ip Precedence (Interface Configuration)
Example The following example shows how to enable IP precedence mapping globally: Console(config)#map ip precedence Console(config)# 4.3.15.7 map ip precedence (Interface Configuration) Use this command to set IP precedence priority (IP Type of Service priority). Use the no form to restore the default table. Syntax map ip precedence ip-precedence-value cos cos-value no map ip precedence...
Page 357: Map Ip Dscp (Global Configuration)
Example The following example shows how to map IP precedence value 1 to COS value 0: Console(config)#interface ethernet SNP5 Console(config-if)#map ip precedence 1 cos 0 Console(config-if)# 4.3.15.8 map ip dscp (Global Configuration) Use this command to enable IP DSCP mapping (Differentiated Services Code Point mapping).
Page 358: Map Ip Dscp (Interface Configuration)
4.3.15.9 map ip dscp (Interface Configuration) Use this command to set IP DSCP priority (Differentiated Services Code Point priority). Use the no form to restore the default table. Syntax map ip dscp dscp-value cos cos-value no map ip dscp dscp-value – 8-bit DSCP value. (Range: 0-255) cos-value –...
Page 359: Show Map Ip Precedence
DSCP priority values are mapped to default Class of Service values according to recommendations in the IEEE 802.1p standard, and then mapped to the queue defaults. Mapping specific values for DSCP is implemented as an interface configuration command, but any changes apply to all interfaces on the switch. Example The following example shows how to map IP DSCP value 1 to COS value 0: Console(config)#interface ethernet SNP5...
Page 360: Show Map Ip Dscp
Example Console#show map ip precedence ethernet SNP5 Precedence mapping status: disabled Port Precedence COS ----------- ---------- --- SNP5 SNP5 SNP5 SNP5 SNP5 SNP5 SNP5 SNP5 Console# Related Commands (4-157) map ip precedence (Global Configuration) (4-158) map ip precedence (Interface Configuration) 4.3.15.11 show map ip dscp Use this command to show the IP DSCP priority map.
Page 361: Related Commands
Command Mode Privileged Exec Example Console#show map ip dscp ethernet SNP1 DSCP mapping status: disabled Port DSCP COS ----------- ---- --- SNP1 SNP1 SNP1 SNP1 SNP1 SNP1 SNP1 Console# Related Commands (4-159) map ip dscp (Global Configuration) (4-160) map ip dscp (Interface Configuration) Chapter 4 Command-Line Reference 4-163...
Page 362: Mirror Port Commands
4.3.16 Mirror Port Commands This section describes how to mirror traffic from a source port to a target port. Mirror Port Commands TABLE 4-23 Command Function Mode Page Configures a mirror session 4-164 port monitor Shows the configuration for a mirror port 4-165 show port monitor 4.3.16.1...
Page 363: Show Port Monitor
Command Mode Interface Configuration (Ethernet, destination port) Command Usage You can mirror traffic from a source port to a destination port for real-time analysis. You can then attach a logic analyzer or RMON probe to the destination port and study the traffic crossing the source port in a completely unobtrusive manner.
Page 364: Link Aggregation Commands
Command Mode Privileged Exec Command Usage This command displays the currently configured source port, destination port, and mirror mode (RX, TX, RX/TX). Example The following shows mirroring configured from port SNP6 to port NETP2: Console(config)#interface ethernet NETP2 Console(config-if)#port monitor ethernet SNP6 Console(config-if)#end Console#show port monitor Port Mirroring...
Page 365: Channel-Group
aggregated links. For example, an aggregated link consisting of two 1000 Mbit/sec ports can support an aggregate bandwidth of 4 Gbit/sec when operating at full duplex. Link Aggregation Commands TABLE 4-24 Command Function Mode Page Manual Configuration Commands Configures an aggregated link and enters interface 4-83 interface port- configuration mode for the aggregated link...
Page 366: Lacp
Syntax channel-group channel-id no channel-group channel-id – The port-channel index (Range: 1-6) Default Setting The current port will be added to this aggregated link. Command Mode Interface Configuration (Ethernet) Command Usage When configuring static aggregated links, you can only link switches of the same type.
Page 367 Syntax lacp no lacp Default Setting Enabled Command Mode Interface Configuration (Ethernet) Command Usage The ports on both ends of an aggregated link must be configured for full duplex, either by forced mode or auto-negotiation. An aggregated link formed with another switch using LACP will automatically be assigned the next available port-channel ID.
Page 368 Example The following shows LACP enabled on ports NETP0 to NETP2. Because LACP has also been enabled on the ports at the other end of the links, the show interfaces status port-channel 1 command shows that port-channel 1 has been established. Console(config)#interface ethernet NETP0 Console(config-if)#lacp Console(config-if)#exit...
Page 369: Management Information Base
A P P E N D I X Management Information Base An SNMP management station can configure and monitor network devices by setting or reading device variables specified in the Management Information Base (MIB). The key MIB groups supported by the switch are listed in this appendix. Also, note that specific MIB variables used for each configuration task are listed in Chapter “General Management of the...
Page 370: Supported Mibs
Supported MIBs The standard MIBs are listed in the following table. Supported MIBs TABLE A-1 RFC No. Title Supported Groups 1213 MIB-II • system group • interfaces group • ip group • icmp group • tcp group • udp group •...
Page 371: Supported Traps
The Sun private enterprise MIB is listed below. Sun Private Enterprise MIB TABLE A-2 Title Version CSSP.MIB 01.00.00 Supported Traps SNMP traps supported include the following items: SNMP Traps TABLE A-3 RFC No. Title RFC 1215 • coldStart (SNMPv1), • linkDown RFC 1907 •...
Page 372 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 373: Troubleshooting
A P P E N D I X Troubleshooting If you are having problems connecting to the network, check your network cabling to ensure that the device in question is properly connected to the network. Then see “Diagnosing Switch Indicators” on page B-2 to verify that the corresponding port on the switch is functioning properly.
Page 374: Diagnosing Switch Indicators
Diagnosing Switch Indicators If you have a connected a device to a port on the switch, but the Link LED is off, then check the following items: Be sure the cable is plugged into both the switch and corresponding device. Verify that the proper cable type is used and its length does not exceed specified limits.
Page 375 Check that you have a valid network connection to the switch and that the port you are using has not been disabled. See “Port Configuration” on page 3-96. If there are only Layer 2 switches between the management station and system chassis, make sure that: The switch’s management VLAN is configured with a valid IP address and subnet mask.
Page 376: Using System Logs
Using System Logs If a fault does occur, refer to the other manuals for the system chassis to ensure that the problem you encountered is actually caused by the switch. If the problem appears to be caused by the switch, follow these steps: 1.
Page 377: Error Messages
Log Messages TABLE B-1 Message Description Level Trunk 1 link-down notification Aggregated link down VLAN XX link-up notification VLAN link up VLAN XX link-down notification VLAN link down Authentication failure notification SNMP access authentication failure STA root change notification STA root change STA topology change notification STA topology change RMON rising alarm notification...
Page 378: System Errors
B.5.2 System Errors The key error messages generated by the switch are listed in the following table. To control the message levels issued by the switch, see “logging history” on page 4-35. System Error Messages TABLE B-2 Message Description Level module create task fail.
Page 379 Command Line Error Messages (Continued) TABLE B-3 Message Description Failed to get string Show command failed. Failed to set string Configuration command failed. Certificate file has an error, private key file error Failed to write certificate (such as incorrect pass phrase), or private key does file to flash.
Page 380 Command Line Error Messages (Continued) TABLE B-3 Message Description Line mode (vty) can not use console parameter This command for console commands. only. Only one port can be added to an aggregated link This command is only valid with this command. for adding a single port to a an aggregated link.
Page 381: Web Interface Errors
B.5.4 Web Interface Errors The error messages generated by this switch for the Web interface are listed in the following table. Note that these messages are not written to the log file. Web Interface Error Messages TABLE B-4 Menu Message Description Switch Setup System Identity User privileges are not enough to...
Page 382 Web Interface Error Messages (Continued) TABLE B-4 Menu Message Description Data is invalid. General error. Illegal SNMP trap IP address. Illegal IP address format. Please select a Community String. Select a community string to remove. Please type a Community String. Type a community string to add.
Page 383 Web Interface Error Messages (Continued) TABLE B-4 Menu Message Description Data is invalid General error. User privileges are not enough to Privileges insufficient. perform this operation. Membership Data is invalid. General error. User privileges are not enough to Privileges insufficient. perform this operation.
Page 384 Web Interface Error Messages (Continued) TABLE B-4 Menu Message Description Advanced Data is invalid. General error. Configuration User privileges are not enough to Privileges insufficient. perform this operation. Class of Service Basic Traffic Cos Value is out of range. CoS Value is out of range. Prioritisation Data is invalid.
Page 385 Web Interface Error Messages (Continued) TABLE B-4 Menu Message Description Cannot set aggregated link status. Cannot enable LACP for a static member of an aggregated link. Data is invalid. General error. User privileges are not enough to Privileges insufficient. perform this operation. VLANs Data is invalid.
Page 386 Web Interface Error Messages (Continued) TABLE B-4 Menu Message Description Packet Filtering User privileges are not enough to Privileges insufficient. perform this operation. Monitoring Port Mirroring Data is invalid. General error. User privileges are not enough to Privileges insufficient. perform this operation. Logs Data is invalid.
Page 387: Specifications
A P P E N D I X Specifications This appendix contains the following sections: Section C.1, “Switch Architecture” on page C-2 Section C.2, “Management Features” on page C-3 Section C.3, “Physical” on page C-3 Section C.4, “Power” on page C-4 Section C.5, “Environmental”...
Page 388: Switch Architecture
Switch Architecture Switch Architecture TABLE C-1 Item Specifications Ports • Network up links - 8 1000BASE-T • Midplane - 16 Gigabit serialized down links (for server Blades) • Management channel - 1 10/100BASE-TX, 1 console port (serial RJ-45) Network Interface •...
Page 389: Management Features
Management Features Management Features TABLE C-2 Item Specifications In-Band Management Telnet, Web-based HTTP, or SNMP Out-of-Band RS-232 signaling over RJ-45 console port Management Software Loading TFTP in-band or XModem out-of-band MIB Support • SNMP v1/v2 (RFC 1215, 1907) • MIB II (RFC 2863) •...
Page 390: Power
Power Power Specifications TABLE C-4 Item Specifications Operating Voltage +12 VDC Maximum Current 5.2 A Power Consumption 62 Watts maximum Heat Dissipation 211 BTU/hr maximum Environmental Environmental Specifications TABLE C-5 Item Specifications Temperature • Operating: 5 to 45 ˚C (41 to 113 ˚F) •...
Page 391 Supported Standards (Continued) TABLE C-6 Standard Description IEEE 802.3x full-duplex flow control (ISO/IEC 8802-3) IEEE 802.3ad Link Aggregation Control Protocol RFC 1215, 1907 SNMP RFC 2819 RMON (groups 1,2,3,9) RFC 2863 MIB II RFC 1493 Bridge MIB RFC 1643, 2665 Etherlike MIB RFC 826 RFC 1112...
Page 392 Sun Fire B1600 Blade System Chassis Switch Administration Guide • June 2003...
Page 393 Glossary 10BASE-T IEEE 802.3 specification for 10 Mbit/sec Ethernet over two pairs of Category 3, 4, or 5 UTP cable. 100BASE-TX IEEE 802.3u specification for 100 Mbit/sec Fast Ethernet over two pairs of Category 5 UTP cable. IEEE 802.3ab specification for Gigabit Ethernet over two pairs of Category 5, 5e 1000BASE-T 100-ohm UTP cable.
Page 394 Dynamic Host Control Protocol (DHCP) Provides a framework for passing configuration information to hosts on a TCP/IP network. DHCP is based on the Bootstrap Protocol (BOOTP), adding the capability of automatic allocation of reusable network addresses and additional configuration options. End Station A workstation, server, or other device that does not act as a network interconnection.
Page 395 IEEE 802.1w An IEEE standard for the Rapid Spanning Tree Protocol (RSTP) which is designed to supersede IEEE 802.1D. RSTP provides considerably faster convergence for topology changes. IEEE 802.3 Defines carrier sense multiple access with collision detection (CSMA/CD) access method and physical layer specifications. IEEE 802.3ab Defines CSMA/CD access method and physical layer specifications for 1000BASE-T Fast Ethernet.
Page 396 Layer 2 Data Link layer in the ISO 7-Layer Data Communications Protocol. This is related directly to the hardware interface for network devices and passes on traffic based on MAC addresses. Layer 3 Network layer in the ISO 7-Layer Data Communications Protocol. This layer handles the routing functions for data moving from one open system to another.
Page 397 Shielded Twisted Pair (STP) Cable Twisted-pair wire covered with an external aluminum-foil or woven copper shield designed to reduce excessive noise pick up or radiation. Simple Network Management Protocol (SNMP) The application protocol in the Internet suite of protocols which offers network management services.
Page 398 Glossary-6 Sun Fire™ B1600 Blade System Chassis Switch Administration Guide • April 2003...
Page 399 Index acceptable frame types, 3-114, 4-124 DHCP, 3-16, 4-71 address table, 3-92, 4-100 client identiﬁer, 3-12, 4-72 aging time, 3-94, 4-101 Differentiated Services Code Point See DSCP aggregated links, 4-166 down-link ports, 1-4 aging time, 3-94, 4-101 downloading software, 3-21, 4-20 DSCP, 3-90, 4-159 BOOTP, 3-16, 4-71 broadcast storm...
Page 400 description, 3-40 MIB, A-1 global setting, 3-45, 4-135 supported MIBs, A-1 interface conﬁguration, 3-115, 4-132 mirror port, conﬁguring, 3-139, 4-164 multicast conﬁguring, 3-54, 4-138 router, 3-59, 4-148 IEEE 802.1D, 3-70, 4-106 IEEE 802.1w, 3-70, 4-107 IGMP, 3-54, 4-138 ingress ﬁltering, 3-114, 4-125 passwords, 4-30, 4-31, 4-65 Internet Group Management Protocol See IGMP passwords, setting, 3-28, 4-45...
Page 401 traps, supported, A-3 version, 2-3, 3-36, 4-58 upgrading software, 3-21, 4-20 software downloads, 3-21, 4-20 up-link ports, 1-3 software version, displaying, 3-18, 4-44 user names, setting, 3-28, 4-45 Spanning Tree Algorithm See STA Spanning Tree Protocol See STP speciﬁcations, C-1 SSC, 0-xix, 1-1, 1-3 STA, 3-70, 4-105, 4-106 VLAN, 3-39, 3-114, 4-120...
Page 402 Index-4 Sun Fire™ B1600 Blade System Chassis Switch Administration Guide • January 2003...