Download Print this page

Extreme Networks ExtremeWare XOS Command Reference Manual

Version 11.3

Hide thumbs Also See for ExtremeWare XOS:

Command reference manual (2024 pages)

,

Manual (698 pages)

,

Command reference manual (970 pages)

Table Of Contents

Table of Contents

Advertisement

Quick Links

Download this manual See also: Manual, Command Reference Manual

ExtremeWare XOS Command Reference Guide

Software Version 11.3

Extreme Networks, Inc.

3585 Monroe Street

Santa Clara, California 95051

(408) 579-2800

(888) 257-3000

http://www.extremenetworks.com

Published: September 2005

Part number: 100195-00 Rev 01

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the ExtremeWare XOS and is the answer not in the manual?

Questions and answers

Summary of Contents for Extreme Networks ExtremeWare XOS

Page 1 ExtremeWare XOS Command Reference Guide Software Version 11.3 Extreme Networks, Inc. 3585 Monroe Street Santa Clara, California 95051 (408) 579-2800 (888) 257-3000 http://www.extremenetworks.com Published: September 2005 Part number: 100195-00 Rev 01...
Page 2 Purple Extreme Solution Partners Logo, ServiceWatch, Summit, the Summit7i Logo, and the Color Purple, among others, are trademarks or registered trademarks of Extreme Networks, Inc. or its subsidiaries in the United States and other countries. Other names and marks may be the property of their respective owners.
Page 3: Table Of Contents
Contents Preface............................29 Chapter 1: Command Reference Overview..................31 Chapter 2: Commands for Accessing the Switch................39 clear account lockout ........................40 clear session..........................41 configure account ........................42 configure account password-policy char-validation................44 configure account password-policy history ...................46 configure account password-policy lockout-on-login-failures ............48 configure account password-policy max-age .................50 configure account password-policy min-length ................52 configure banner ........................54...
Page 4 Contents show switch..........................97 traceroute..........................100 Chapter 3: Commands for Managing the Switch ................103 configure node priority......................106 configure power supply ......................108 configure snmp add community....................111 configure snmp add trapreceiver....................113 configure snmp delete community ....................115 configure snmp delete trapreceiver ...................117 configure snmp sysContact.......................118 configure snmp sysLocation .....................119 configure snmp sysName ......................120 configure snmpv3 add access....................121...
Page 5 Contents disable watchdog ........................170 enable dhcp vlan........................171 enable snmp access ........................172 enable snmp traps........................174 enable sntp-client ........................175 enable telnet ..........................176 enable watchdog ........................178 exit ............................179 logout ............................180 quit ............................181 show dhcp-client state......................182 show checkpoint-data ......................183 show management ........................185 show node ..........................187 show odometers ........................189 show power ..........................192 show power budget........................195...
Page 6 Contents restart process ........................253 rm ............................255 show cpu-monitoring .......................257 show heartbeat process......................260 show memory..........................263 show memory process ......................267 show process ..........................269 start process ...........................275 terminate process........................277 Chapter 5: Commands for Configuring Slots and Ports on a Switch..........279 clear counters ports.........................281 clear lacp counters ........................282 clear counters edp........................283 clear slot ..........................284...
Page 7 Contents enable slot ..........................333 enable smartredundancy ......................335 restart ports..........................336 run msm-failover ........................337 show edp..........................339 show lacp ..........................341 show lacp lag..........................343 show lacp member-port ......................347 show mirroring ........................350 show ports collisions .......................352 show ports configuration ......................354 show ports information ......................357 show ports packet ........................361 show ports redundant ......................363 show ports sharing ........................364 show ports utilization.......................366...
Page 8 Contents unconfigure lldp........................410 Chapter 7: Power Over Ethernet Commands................... 411 clear inline-power stats ports....................412 configure inline-power budget slot ....................414 configure inline-power disconnect-precedence ................416 configure inline-power label ports .....................418 configure inline-power operator-limit ports.................420 configure inline-power priority ports ..................421 configure inline-power usage-threshold..................422 disable inline-power ........................423 disable inline-power legacy slot ....................425 disable inline-power ports ......................426...
Page 9 Contents configure sflow poll-interval .....................487 configure sflow ports sample-rate....................488 configure sflow sample-rate......................490 configure sys-health-check interval ...................491 configure sys-recovery-level ......................494 configure sys-recovery-level slot....................496 configure syslog add ........................499 configure syslog delete ......................501 create log filter ........................503 delete log filter ........................505 disable cli-config-logging ......................506 disable log debug-mode ......................507 disable log display........................508 disable log target ........................509...
Page 10 Contents unconfigure sflow........................576 unconfigure sflow agent ......................577 unconfigure sflow collector.......................578 unconfigure sflow ports......................580 upload log ..........................581 Chapter 9: VLAN Commands......................585 configure protocol add ......................586 configure protocol delete ......................588 configure vlan add ports ......................589 configure vlan delete ports .......................591 configure vlan ipaddress ......................592 configure vlan name ........................594 configure vlan protocol ......................595 configure vlan tag ........................597...
Page 11 Contents create fdbentry vlan ports ......................640 delete fdbentry ........................642 disable flooding port........................643 enable flooding port ........................645 show fdb ..........................647 Chapter 12: Policy Manager Commands ..................649 check policy ...........................650 check policy attribute ......................651 edit policy ..........................653 refresh policy..........................655 show policy ..........................656 Chapter 13: ACL Commands ......................
Page 12 Contents create qosprofile ........................707 delete qosprofile ........................709 disable diffserv examination port ....................710 disable diffserv replacement port ....................711 disable dot1p replacement ports....................712 enable diffserv examination port ....................713 enable diffserv replacement ports .....................714 enable dot1p replacement ports ....................716 show diffserv ..........................718 show dot1p ..........................720 show ports qosmonitor ......................722 show qosprofile ........................724 unconfigure diffserv ........................727...
Page 13 Contents disable ssh2 ...........................777 disable tacacs.........................778 disable tacacs-accounting ......................779 disable tacacs-authorization .....................780 disable web https ........................781 download ssl certificate ......................782 download ssl privkey........................784 enable dos-protect ........................786 enable dos-protect simulated ....................787 enable dhcp ports vlan ......................788 enable radius..........................789 enable radius-accounting ......................791 enable ssh2..........................793 enable tacacs .........................795 enable tacacs-accounting......................796...
Page 14 Contents configure netlogin local-user ....................843 configure netlogin move-fail-action ...................845 configure netlogin ports mode ....................846 configure netlogin redirect-page ....................850 configure netlogin vlan ......................851 configure vlan netlogin-lease-timer ...................852 create netlogin local-user ......................853 delete netlogin local-user ......................856 disable netlogin ........................857 disable netlogin dot1x guest-vlan ports..................858 disable netlogin logout-privilege ....................859 disable netlogin ports ......................860 disable netlogin session-refresh ....................861...
Page 15 Contents configure eaps shared-port link-id.....................910 configure eaps shared-port mode ....................911 configure eaps shared-port segment-timeout expiry-action............912 create eaps..........................914 create eaps shared-port ......................915 delete eaps..........................916 delete eaps shared-port ......................917 disable eaps ...........................918 enable eaps ..........................919 show eaps ..........................921 show eaps shared-port ......................925 show vlan eaps ........................930 unconfigure eaps shared-port link-id ..................932 unconfigure eaps shared-port mode ..................933...
Page 16 Contents unconfigure stpd ports link-type ....................980 Chapter 20: ESRP Commands....................... 981 clear esrp counters ........................983 clear esrp neighbor........................985 clear esrp sticky ........................986 configure esrp add elrp-poll ports .....................988 configure esrp add master......................989 configure esrp add member......................990 configure esrp add track-environment..................991 configure esrp add track-iproute ....................992 configure esrp add track-ping ....................993 configure esrp add track-vlan ....................994...
Page 17 Contents Chapter 21: VRRP Commands..................... 1041 clear counters vrrp ........................1043 configure vrrp vlan vrid add ipaddress ..................1044 configure vrrp vlan vrid add track-iproute.................1045 configure vrrp vlan vrid add track-ping ..................1046 configure vrrp vlan vrid add track-vlan..................1047 configure vrrp vlan vrid advertisement-interval .................1048 configure vrrp vlan vrid authentication..................1049 configure vrrp vlan vrid delete ipaddress..................1050 configure vrrp vlan vrid delete track-iproute ................1051...
Page 18 Contents configure irdp ........................1094 configure vlan add secondary-ipaddress...................1095 configure vlan delete secondary-ipaddress ................1096 configure vlan udp-profile ......................1097 disable bootp vlan .........................1099 disable bootprelay .........................1100 disable icmp address-mask ....................1101 disable icmp parameter-problem.....................1102 disable icmp port-unreachables ....................1103 disable icmp redirects ......................1104 disable icmp time-exceeded ....................1105 disable icmp timestamp......................1106 disable icmp unreachables.....................1107 disable icmp useredirects ......................1108...
Page 19 Contents show bootprelay ........................1142 show iparp..........................1143 show iparp proxy ........................1146 show ipconfig ........................1147 show iproute .........................1148 show iproute origin ........................1149 show ipstats .........................1150 show udp-profile ........................1153 unconfigure bootprelay dhcp-agent information check ..............1154 unconfigure bootprelay dhcp-agent information option ..............1155 unconfigure bootprelay dhcp-agent information policy ..............1156 unconfigure icmp ........................1157 unconfigure iparp........................1158 unconfigure irdp ........................1159...
Page 20 Contents disable router-discovery ......................1194 enable ipforwarding ipv6......................1195 enable router-discovery ......................1196 rtlookup ..........................1197 show ipconfig ipv6 ........................1198 show iproute ipv6........................1199 show iproute ipv6 origin......................1200 show ipstats ipv6 ........................1201 show neighbor-discovery cache ipv6..................1202 show router-discovery ......................1204 show tunnel..........................1206 unconfigure tunnel ........................1207 Chapter 24: RIP Commands......................1209 clear rip counters ........................1210 configure rip add vlan......................1211 configure rip delete vlan ......................1212...
Page 21 Contents show rip routes ........................1245 unconfigure rip ........................1246 Chapter 25: RIPng Commands ....................1247 clear ripng counters.......................1248 configure ripng add .......................1249 configure ripng delete......................1250 configure ripng garbagetime ....................1251 configure ripng import-policy....................1252 configure ripng routetimeout ....................1254 configure ripng updatetime ....................1255 configure ripng cost.......................1256 configure ripng route-policy....................1257 configure ripng trusted-gateway ....................1259 disable ripng ........................1261...
Page 22 Contents configure ospf area timer .......................1300 configure ospf ase-limit ......................1302 configure ospf ase-summary add.....................1303 configure ospf ase-summary delete ..................1304 configure ospf delete virtual-link.....................1305 configure ospf delete vlan ......................1306 configure ospf import-policy ....................1307 configure ospf lsa-batch-interval .....................1308 configure ospf metric-table ....................1309 configure ospf restart......................1310 configure ospf restart grace-period ..................1311 configure ospf restart-helper....................1312...
Page 23 Contents Chapter 27: OSPFv3 Commands ....................1351 clear ospfv3 counters ......................1352 configure ospfv3 add interface ....................1354 configure ospfv3 add interface all ...................1356 configure ospfv3 add virtual-link.....................1358 configure ospfv3 area add range .....................1359 configure ospfv3 area cost .....................1360 configure ospfv3 area delete range..................1361 configure ospfv3 area external-filter ..................1362 configure ospfv3 area interarea-filter..................1364 configure ospfv3 area normal ....................1366...
Page 24 Contents configure bgp add network .....................1418 configure bgp AS-number ......................1419 configure bgp cluster-id ......................1420 configure bgp confederation-id ....................1421 configure bgp delete aggregate-address ...................1422 configure bgp delete confederation-peer sub-AS-number............1423 configure bgp delete network....................1424 configure bgp export shutdown-priority ..................1425 configure bgp import-policy....................1427 configure bgp local-preference ....................1428 configure bgp med ........................1430 configure bgp neighbor dampening ..................1431...
Page 25 Contents disable bgp ..........................1479 disable bgp aggregation ......................1480 disable bgp always-compare-med....................1481 disable bgp community format ....................1482 disable bgp export.........................1483 disable bgp neighbor ......................1485 disable bgp neighbor capability ....................1486 disable bgp neighbor remove-private-AS-numbers..............1488 disable bgp neighbor soft-in-reset ...................1489 disable bgp neighbor use-ip-router-alert ..................1490 disable bgp peer-group ......................1491 disable bgp peer-group capability ...................1492 disable bgp peer-group remove-private-AS-numbers..............1493...
Page 26 Contents configure igmp snooping timer ....................1535 configure igmp snooping vlan ports add static group..............1536 configure igmp snooping vlan ports delete static group .............1538 configure igmp snooping vlan ports add static router ..............1539 configure igmp snooping vlan ports delete static router .............1540 configure igmp snooping vlan ports filter .................1541 configure pim add vlan ......................1543 configure pim cbsr ........................1544...
Page 27 Contents configure mld snooping flood-list ....................1593 configure mld snooping leave-timeout ..................1595 configure mld snooping timer ....................1596 disable mld ..........................1598 disable mld snooping......................1599 enable mld ...........................1601 enable mld snooping ......................1602 enable mld snooping with-proxy....................1604 show mld ..........................1605 show mld group ........................1607 show mld snooping........................1608 show mld snooping vlan static ....................1610 unconfigure mld........................1611...
Page 28 Contents show elrp ..........................1680 show platform ........................1682 show tech..........................1683 top ............................1685 unconfigure elrp-client ......................1687 Appendix C: CNA Agent Commands..................... 1689 clear cna-testplug counters ....................1690 configure cna-testplug scheduler ipaddress................1691 configure cna-testplug vlan ....................1693 disable cna-testplug ......................1694 enable cna-testplug .......................1695 show cna-testplug .........................1696 Appendix D: Added, Modified, and Deleted Commands ..............
Page 29: Preface
This guide is intended for use as a reference by network administrators who are responsible for installing and setting up network equipment. It assumes knowledge of Extreme Networks switch configuration. For conceptual information and guidance on configuring Extreme Networks switches, see the ExtremeWare XOS Concepts Guide for your version of the ExtremeWare XOS software.
Page 30: Text Conventions
ExtremeWare XOS release notes ● ExtremeWare XOS Concepts Guide ● Extreme Networks Consolidated XOS Hardware Installation Guide ● Documentation for Extreme Networks products is available on the World Wide Web at the following location: http://www.extremenetworks.com/ ExtremeWare XOS 11.3 Command Reference...
Page 31: Chapter 1: Command Reference Overview
This guide does not provide feature descriptions, explanations of the technologies, or configuration examples. For information about the various features and technologies supported by Extreme Networks switches, see the installation and user guides for your product. This guide does not replace the installation and user guides;...
Page 32: Platforms And Required Software Versions
Command Reference Overview Structure of this Guide This guide documents each ExtremeWare XOS command. Related commands are grouped together and organized into chapters based on their most common usage. The chapters reflect the organization of the ExtremeWare XOS Concepts Guide. If a specific command is relevant to a wide variety of functions and could be included in a number of different chapters, we have attempted to place the command in the most logical chapter.
Page 33 Software Licensing As all switches ship with Advanced Edge capabilities, two level of software licensing apply to ExtremeWare XOS 11.3: the Core and the Advanced Core license (refer to Table 3). Additionally, the U.S. government requires a security license to enable certain features. Table 3: Licensing requirements for ExtremeWare XOS version 11.3 BlackDiamond 8800 family License level...
Page 34: Upgrading On The Blackdiamond 10K Switch Only
Certain additional ExtremeWare XOS features, such as the use of SSH2 encryption, may be under United States export restriction control. Extreme Networks ships these security features in a disabled state. You can obtain information on enabling these features at no charge from Extreme Networks. Understanding the Command Syntax...
Page 35: Access Levels
Understanding the Command Syntax Access Levels When entering a command at the prompt, ensure that you have the appropriate privilege level. Most configuration commands require you to have the administrator privilege level. Syntax Symbols You may see a variety of symbols shown as part of the command syntax. These symbols explain how to enter the command, and you do not type them as part of the command itself.
Page 36: Command Shortcuts
Command Reference Overview Abbreviated Syntax Abbreviated syntax is the shortest unambiguous allowable abbreviation of a command or parameter. Typically, this is the first three letters of the command. If you do not enter enough letters to allow the switch to determine which command you mean, the syntax helper will provide a list of the options based on the portion of the command you have entered.
Page 37: Modular Switch Numerical Ranges
Port Numbering NOTE The keyword all acts on all possible ports; it continues on all ports even if one port in the sequence fails. Stand-alone Switch Numerical Ranges Commands that require you to enter one or more port numbers on a stand-alone switch, such as the Summit X450 switch, use the parameter in the syntax.
Page 38: Command History
Command Reference Overview Line-Editing Keys Table 5 describes the line-editing keys available using the CLI. Table 5: Line-editing keys Key(s) Description Left arrow or [Ctrl] + B Moves the cursor one character to the left. Right arrow or [Ctrl] + F Moves the cursor one character to the right.
Page 39: Chapter 2: Commands For Accessing The Switch
Commands for Accessing the Switch This chapter describes commands used for: Accessing and configuring the switch including how to set up user accounts, passwords, date and ● time settings, and software licenses Managing passwords ● Configuring the Domain Name Service (DNS) client ●...
Page 40: Clear Account Lockout
Commands for Accessing the Switch clear account lockout clear account [all | <name>] lockout Description Re-enables an account that has been locked out (disabled) for exceeding the permitted number failed login attempts, which was configured by using the configure account password-policy lockout- command.
Page 41: Clear Session
clear session clear session clear session [<sessId> | all] Description Terminates a Telnet and/or SSH2 sessions from the switch. Syntax Description sessId Specifies a session number from show session output to terminate. Terminates all sessions. Default N/A. Usage Guidelines An administrator-level account can disconnect a management session that has been established by way of a Telnet connection.
Page 42: Configure Account
Commands for Accessing the Switch configure account configure account <name> Description Configures a password for the specified account, either user account or administrative account. Syntax Description name Specifies an account name. Default N/A. Usage Guidelines You must create a user or administrative account before you can configure that account with a password.
Page 43 configure account History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 44: Configure Account Password-Policy Char-Validation
Commands for Accessing the Switch configure account password-policy char-validation configure account [all | <name>] password-policy char-validation [none | all-char-groups] Description Requires that the user include an upper-case letter, a lower-case letter, a digit, and a symbol in the password. Syntax Description Specifies all users (and future users).
Page 45 configure account password-policy char-validation History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 46: Configure Account Password-Policy History
Commands for Accessing the Switch configure account password-policy history configure account [all | <name>] password-policy history [<num_passwords> | none] Description Configures the switch to verify the specified number of previous passwords for the account. The user is prevented from changing the password on a user or administrative account to any of these previously saved passwords.
Page 47 configure account password-policy history Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 48: Configure Account Password-Policy Lockout-On-Login-Failures
Commands for Accessing the Switch configure account password-policy lockout-on-login- failures configure account [all | <name>] password-policy lockout-on-login-failures [on | off] Description Disables an account after the user has 3 consecutive failed login attempts. Syntax Description Specifies all users (and future users). name Specifies an account name.
Page 49 configure account password-policy lockout-on-login-failures History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 50: Configure Account Password-Policy Max-Age
Commands for Accessing the Switch configure account password-policy max-age configure account [all | <name>] password-policy max-age [<num_days> | none] Description Configures a time limit for the passwords for specified accounts. The passwords for the default admin account and the failsafe account do not age out. Syntax Description Specifies all accounts (and future users).
Page 51 configure account password-policy max-age Example The following command sets a 3-month time limit for the password for the account marketing: configure account marketing password-policy max-age 90 History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 52: Configure Account Password-Policy Min-Length
Commands for Accessing the Switch configure account password-policy min-length configure account [all | <name>] password-policy min-length [<num_characters> | none] Description Requires a minimum number of characters for passwords. Syntax Description Specifies all accounts (and future users). name Specifies an account name. num_characters Specifies the minimum number of characters required for the password.
Page 53 configure account password-policy min-length Example The following command requires a minimum of 8 letters for the password for the account management: configure account management password-policy min-length 8 History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 54: Configure Banner
Commands for Accessing the Switch configure banner configure banner Description Configures the banner string that is displayed at the beginning of each login prompt of each session. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Press [Return] at the beginning of a line to terminate the command and apply the banner.
Page 55: Configure Cli Max-Sessions
configure cli max-sessions configure cli max-sessions configure cli max-sessions <num-of-sessions> Description Limits number of simultaneous CLI sessions on the switch. Syntax Description num-of-sessions Specifies the maximum number of concurrent sessions permitted. The range is 1 to 16. Default The default is eight sessions. Usage Guidelines The value must be greater than 0;...
Page 56: Configure Cli Max-Failed-Logins
Commands for Accessing the Switch configure cli max-failed-logins configure cli max-failed-logins <num-of-logins> Description Establishes the maximum number of failed logins permitted before the session is terminated. Syntax Description num-of-logins Specifies the maximum number of failed logins permitted; the range is 1 to Default The default is three logins.
Page 57: Configure Dns-Client Add
configure dns-client add configure dns-client add configure dns-client add [domain-suffix <domain_name> | name-server <ip_address> {vr <vr_name>}] Description Adds a domain suffix to the domain suffix list or a name server to the available server list for the DNS client. Syntax Description domain-suffix Specifies adding a domain suffix.
Page 58 Commands for Accessing the Switch The following command specifies that the switch use the DNS server 10.1.2.1: configure dns-client add name-server 10.1.2.1 The following command on the BlackDiamond 10K switch specifies that the switch use the virtual router Management: configure dns-client add name-server 10.1.2.1 vr “VR-Management” History This command was first available in ExtremeWare XOS 10.1.
Page 59: Configure Dns-Client Default-Domain
configure dns-client default-domain configure dns-client default-domain configure dns-client default-domain <domain_name> Description Configures the domain that the DNS client uses if a fully qualified domain name is not entered. Syntax Description domain_name Specifies a default domain name. Default N/A. Usage Guidelines The default domain name will be used to create a fully qualified host name when a domain name is not specified.
Page 60: Configure Dns-Client Delete
Commands for Accessing the Switch configure dns-client delete configure dns-client delete [domain-suffix <domain_name> | name-server <ip_address> {vr <vr_name>}] Description Deletes a domain suffix from the domain suffix list or a name server from the available server list for the DNS client. Syntax Description domain-suffix Specifies deleting a domain suffix.
Page 61 configure dns-client delete History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 62: Configure Failsafe-Account
The failsafe account is immediately saved to NVRAM. NOTE The information that you use to configure the failsafe account cannot be recovered by Extreme Networks. Technical support cannot retrieve passwords or account names for this account. Protect this information carefully.
Page 63 configure failsafe-account From here, you have four command choices: Login—use this command to access the switch CLI. You will have full administrator capabilities. ● Reboot—use this command to reboot the current MSM (on modular switches). ● Help—use this command to display a short help text. ●...
Page 64: Configure Idletimeout
Commands for Accessing the Switch configure idletimeout configure idletimeout <minutes> Description Configures the time-out for idle console, SSH2, and Telnet sessions. Syntax Description minutes Specifies the time-out interval, in minutes. Range is 1 to 240 (1 minute to 4 hours). Default The default time-out is 20 minutes.
Page 65: Configure Safe-Default-Script
SNMP, Telnet, Web access, and enabled ports. Refer to “Safe Defaults Setup Method” on page 47 in the Extreme Networks XOS Concepts Guide for complete information on the safe default mode. Syntax Description This command has no arguments or variables.
Page 66 Commands for Accessing the Switch History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 67: Configure Time
configure time configure time configure time <month> <day> <year> <hour> <min> <sec> Description Configures the system date and time. Syntax Description month Specifies the month. The range is 1-12. Specifies the day of the month. The range is 1-31. year Specifies the year in the YYYY format.The range is 2003 to 2036.
Page 68: Configure Timezone
Commands for Accessing the Switch configure timezone configure timezone {name <tz_name>} <GMT_offset> {autodst {name <dst_timezone_ID>} {<dst_offset>} {begins [every <floatingday> | on <absoluteday>] {at <time_of_day>} {ends [every <floatingday> | on <absoluteday>] {at <time_of_day>}}} | noautodst} Description Configures the Greenwich Mean Time (GMT) offset and Daylight Saving Time (DST) preference. Syntax Description GMT_offset Specifies a Greenwich Mean Time (GMT) offset, in + or - minutes.
Page 69: Usage Guidelines
configure timezone Usage Guidelines Network Time Protocol (NTP) server updates are distributed using GMT time. To properly display the local time in logs and other timestamp information, the switch should be configured with the appropriate offset to GMT based on geographic location. is specified in +/- minutes from the GMT time.
Page 70 Commands for Accessing the Switch Table 6: Greenwich Mean Time offsets (Continued) GMT Offset GMT Offset in Hours in Minutes Common Time Zone References Cities -7:00 -420 MST - Mountain Standard Saskatchewan, Canada -8:00 -480 PST - Pacific Standard Los Angeles, CA, Cupertino, CA, Seattle, WA USA -9:00 -540...
Page 71 configure timezone The following four commands are equivalent, and configure the GMT offset and automatic DST adjustment for the US Eastern timezone, with an optional timezone ID of EST: configure timezone name EST -300 autodst name EDT 60 begins every first sunday april at 2:00 ends every last sunday october at 2:00 configure timezone name EST -300 autodst name EDT 60 begins every 1 1 4 at 2:00 ends every 5 1 10 at 2:00...
Page 72: Create Account
Commands for Accessing the Switch create account create account [admin | user] <account-name> {encrypted <password> } Description Creates a new user account. Syntax Description admin Specifies an access level for account type admin. user Specifies an access level for account type user. account-name Specifies a new user account name.
Page 73 create account NOTE On the BlackDiamond 8800 family of switches and the Summit X450 switch, if you do not want a password associated with the specified account, press Enter twice. Example The following command creates a new account named John2 with administrator privileges: create account admin John2 History This command was first available in ExtremeWare XOS 10.1.
Page 74: Delete Account
Commands for Accessing the Switch delete account delete account <name> Description Deletes a specified user account. Syntax Description name Specifies a user account name. Default N/A. Usage Guidelines Use the command to determine which account you want to delete from the system. The show accounts show accounts output displays the following information in a tabular format: The user name...
Page 75 delete account Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 76: Disable Cli Space-Completion
Commands for Accessing the Switch disable cli space-completion disable cli space-completion Description Disables the ExtremeWare XOS feature that completes a command automatically with the spacebar. If you disable this feature, The [Tab] key can still be used for auto-completion. Syntax Description This command has no arguments or variables.
Page 77: Disable Clipaging
disable clipaging disable clipaging disable clipaging Description Disables pausing at the end of each show screen. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines The command line interface (CLI) is designed for use in a VT100 environment. Most command show output will pause when the display reaches the end of a page.
Page 78: Disable Idletimeout
Commands for Accessing the Switch disable idletimeout disable idletimeout Description Disables the timer that disconnects idle sessions from the switch. Syntax Description This command has no arguments or variables. Default Enabled. Timeout 20 minutes. Usage Guidelines When idle time-outs are disabled, console sessions remain open until the switch is rebooted or until you logoff.
Page 79: Enable Cli Space-Completion
enable cli space-completion enable cli space-completion enable cli space-completion Description Enables the ExtremeWare XOS feature that completes a command automatically with the spacebar. The [Tab] key can also be used for auto-completion. Syntax Description This command has no arguments or variables. Default Disabled.
Page 80: Enable Clipaging
Commands for Accessing the Switch enable clipaging enable clipaging Description Enables the pause mechanism and does not allow the display to print continuously to the screen. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines The command line interface (CLI) is designed for use in a VT100 environment. Most command show output will pause when the display reaches the end of a page.
Page 81: Enable Idletimeout
enable idletimeout enable idletimeout enable idletimeout Description Enables a timer that disconnects Telnet, SSH2, and console sessions after a period of inactivity (20 minutes is default). Syntax Description This command has no arguments or variables. Default Enabled. Timeout 20 minutes. Usage Guidelines You can use this command to ensure that a Telnet, SSH2, or console session is disconnected if it has been idle for the required length of time.
Page 82: Enable License
You obtain the license key either by ordering it from the factory or by obtaining a license voucher from your Extreme Networks supplier. You can obtain a regular license; you cannot downgrade licenses. The voucher contains all the necessary information on the license level and on obtaining the software license key using the Extreme Network Support website at: http://www.extremenetworks.com...
Page 83 enable license Once you enable the license (or if you do not use the correct key, attempt to downgrade the license, or already installed the license) you see one of the following error messages: Enabled license successfully. Error: Unable to set license using supplied key. Error: Unable to set license - downgrade of licenses is not supported.
Page 84: History
Commands for Accessing the Switch history history Description Displays a list of all the commands entered on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines ExtremeWare XOS “remembers” all the commands you entered on the switch. Use the history command to display a list of these commands.
Page 85: Ping
ping ping ping {count <count> {start-size <start-size>} | continuous {start-size <start-size>} | {start-size <start-size> {end-size <end-size>}}} {udp} {dont-fragment} {ttl <ttl>} {tos <tos>} {interval <interval>} {vr <vrid>} {ipv4 <host> | ipv6 <host>} {from} {with record-route} Description Enables you to send User Datagram Protocol (UDP) or Internet Control Message Protocol (ICMP) echo messages or to a remote IP device.
Page 86 Commands for Accessing the Switch Usage Guidelines NOTE The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. command is used to test for connectivity to a specific host. ping You use the variable to ping an IPv6 host by generating an ICMPv6 echo request message and ipv6 sending the message to the specified address.
Page 87: Reboot
“A” and “R” holes on the MSM and applying slight pressure. Refer to Extreme Networks Consolidated XOS Hardware Installation Guide for information on the MSM. option on the BlackDiamond 8800 family of switches affects the entire module.
Page 88 Commands for Accessing the Switch History This command was first available in ExtremeWare XOS 10.1. The alternate BootROM image was added in ExtremeWare XOS 11.1. The warm keyword was added in ExtremeWare XOS 11.3. Platform Availability This command is available on all platforms. The alternate BootROM is available only on the BlackDiamond 8800 family of switches.
Page 89: Show Accounts
show accounts show accounts show accounts Description Displays user account information for all users on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines You need to create a user account using the command before you can display user create account account information.
Page 90 Commands for Accessing the Switch History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 91: Show Accounts Password-Policy
show accounts password-policy show accounts password-policy show accounts password-policy Description Displays password policy information for all users on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines To view the password management information, you must have administrator privileges. command displays the following information in a tabular show accounts password-policy format:...
Page 92 Commands for Accessing the Switch Output from this command looks similar to the following: --------------------------------------------------------------------------- Accounts global configuration(applied to new accounts on creation) --------------------------------------------------------------------------- Password Max. age : None Password History limit : None Password Min. length : None Password Character Validation : Disabled Accts.
Page 93: Show Banner
Use this command to view the banner that is displayed before the login prompt. Example The following command displays the switch banner: show banner Output from this command looks similar to the following: Extreme Networks Summit X450 Switch ######################################################### Unauthorized Access is strictly prohibited. Violators will be persecuted ######################################################### History This command was first available in ExtremeWare XOS 10.1.
Page 94: Show Dns-Client
Commands for Accessing the Switch show dns-client show dns-client Description Displays the DNS configuration. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays the DNS configuration: show dns-client Output from this command looks similar to the following: Number of domain suffixes: 2 Domain Suffix 1: njudah.local...
Page 95: Show Licenses
show licenses show licenses show licenses Description Displays current license level on your switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines The license levels that apply to ExtremeWare XOS version 11.3 are shown in Table Table 9: Licensing requirements for ExtremeWare XOS version 11.2 BlackDiamond 8800 family...
Page 96 Commands for Accessing the Switch History This command was first available in ExtremeWare XOS 11.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 97: Show Switch
show switch show switch show switch {detail} Description Displays the current switch information. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines command displays: show switch sysName, sysLocation, sysContact ● MAC address ● System health check ●...
Page 98 Commands for Accessing the Switch Output from this command on the BlackDiamons 10K switch looks similar to the following: SysName: BD-10808 SysLocation: SysContact: support@extremenetworks.com, +1 888 257 3000 System MAC: 00:30:48:41:ED:45 SysHealth check: Enabled Recovery Mode: None System Watchdog: Enabled Current Time: Wed May 19 11:04:32 2004 Timezone:...
Page 99 show switch Config Booted: primary.cfg primary.cfg Created by ExtremeWare XOS version 11.2.0.16 93463 bytes saved on Sat Feb 14 04:24:31 2004 command displays the same information shown above. show switch detail History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms.
Page 100: Traceroute
Commands for Accessing the Switch traceroute traceroute {vr <vrid>} {ipv4 <host>} {ipv6 <host>} {ttl <number>} {from <from>} {[port <port>] | icmp} Description Enables you to trace the routed path between the switch and a destination endstation. Syntax Description Specifies a virtual router. NOTE: User-created VRs are not available on the BlackDiamond 8800 family of switches or the Summit X450 switch.
Page 101 traceroute NOTE You must specify the target’s IPv6 address to use this functionality. DNS for IPv6 is not supported, so the traceroute resolves to an IPv4 address if you specify a host name. Example The following command enables the traceroute function to a destination of 123.45.67.8: traceroute 123.45.67.8 History This command was first available in ExtremeWare XOS 10.1.
Page 102 Commands for Accessing the Switch ExtremeWare XOS 11.3 Command Reference...
Page 103: Chapter 3: Commands For Managing The Switch
Commands for Managing the Switch This chapter describes commands for: Configuring Simple Network Management Protocol (SNMP) parameters on the switch ● Managing the switch using Telnet ● Transferring files using the Trivial File Transfer Protocol (TFTP) ● Configuring system redundancy ●...
Page 104 SummitX450 switch supports an internal power supply with a range of 90V to 240V AC power as well as an external redundant power supply. The Extreme Networks External Power System (EPS) allows you to add a redundant power supply to the Summit X450 switch to protect against a power supply failure.
Page 105: Simple Network Time Protocol
Simple Network Time Protocol provides 100V to 240V AC power. Each EPS-160 power supply provides one-to-one redundancy to an attached SummitX450 switch. Simple Network Time Protocol ExtremeWare XOS supports the client portion of the Simple Network Time Protocol (SNTP) Version 3 based on RFC1769.
Page 106: Configure Node Priority
Commands for Managing the Switch configure node priority configure node slot <slot_id> priority <node_pri> Description Configures the priority of the node. Syntax Description slot_id Specifies the slot of the node. A is for the MSM installed in slot A. B is for the MSM installed in slot B.
Page 107 configure node priority History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available only on modular switches. ExtremeWare XOS 11.3 Command Reference...
Page 108: Configure Power Supply
Commands for Managing the Switch configure power supply configure power supply <ps_num> {auto | on} Description Configures a power supply for either automatic power management, or forced on, regardless of the impact to the total available system power. Syntax Description ps_num Specifies the slot number of the installed power supply unit (PSU) to which this command applies.
Page 109 configure power supply Table 10: PSU combinations where 110V PSUs are disabled (Continued) Number of PSUs with Number of PSUs with 220V AC Inputs 110V AC Inputs For all other combinations of 220V AC and 110V AC PSUs, ExtremeWare XOS maximizes system power by enabling all PSUs and budgeting each PSU at 110V AC.
Page 110 Commands for Managing the Switch History This command was first available in ExtremeWare XOS 11.3. Platform Availability This command is available only on modular switches. ExtremeWare XOS 11.3 Command Reference...
Page 111: Configure Snmp Add Community
An SNMP community string can contain up to 32 characters. Extreme Networks recommends that you change the defaults of the community strings. To change the value of the default read/write and read-only community strings, use the configure snmp delete command.
Page 112 Commands for Managing the Switch Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 113: Configure Snmp Add Trapreceiver
configure snmp add trapreceiver configure snmp add trapreceiver configure snmp add trapreceiver <ip_address> community [[hex <hex_community_name>] | <community_name>] {port <port_number>} {from <src_ip_address>} {mode <trap_mode> [enhanced | standard]} Description Adds the IP address of a trap receiver to the trap receiver list and specifies which SNMPv1/v2c traps are to be sent.
Page 114 Commands for Managing the Switch The following command adds the IP address 10.101.0.105 as a trap receiver with community string green, using port 3003: configure snmp add trapreceiver 10.101.0.105 community green port 3003 The following command adds the IP address 10.101.0.105 as a trap receiver with community string blue, and IP address 10.101.0.25 as the source: configure snmp add trapreceiver 10.101.0.105 community blue from 10.101.0.25 History...
Page 115: Configure Snmp Delete Community
SNMP community strings can contain up to 32 characters. For increased security, Extreme Networks recommends that you change the defaults of the read/write and read-only community strings. Use the commands to configure an authorized SNMP management station.
Page 116 Commands for Managing the Switch History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 117: Configure Snmp Delete Trapreceiver
configure snmp delete trapreceiver configure snmp delete trapreceiver configure snmp delete trapreceiver [{<ip_address> {<port_number>}} | {all}] Description Deletes a specified trap receiver or all authorized trap receivers. Syntax Description ip_address Specifies an SNMP trap receiver IP address. port_number Specifies the port associated with the receiver. Specifies all SNMP trap receiver IP addresses.
Page 118: Configure Snmp Syscontact
Commands for Managing the Switch configure snmp sysContact configure snmp syscontact <sysContact> Description Configures the name of the system contact. Syntax Description sysContact An alphanumeric string that specifies a system contact name. Default N/A. Usage Guidelines The system contact is a text field that enables you to enter the name of the person(s) responsible for managing the switch.
Page 119: Configure Snmp Syslocation
configure snmp sysLocation configure snmp sysLocation configure snmp syslocation <sysLocation> Description Configures the location of the switch. Syntax Description sysLocation An alphanumeric string that specifies the switch location. Default N/A. Usage Guidelines Use this command to indicate the location of the switch. A maximum of 255 characters is allowed. To view the location of the switch on the switch, use the command.
Page 120: Configure Snmp Sysname
Commands for Managing the Switch configure snmp sysName configure snmp sysname <sysName> Description Configures the name of the switch. Syntax Description sysName An alphanumeric string that specifies a device name. Default The default is the model name of the device (for example, sysname BlackDiamond10808 Usage Guidelines...
Page 121: Configure Snmpv3 Add Access
configure snmpv3 add access configure snmpv3 add access configure snmpv3 add access [[hex <hex_group_name>] | <group_name>] {sec- model [snmpv1 | snmpv2c | usm]} {sec-level [noauth | authnopriv | priv]} {read-view [[hex <hex_read_view_name>] | <read_view_name>]} {write-view [[hex <hex_write_view_name>]] | <write_view_name>]} {notify-view [[hex <hex_notify_view_name]] | <notify_view_name>]} {volatile} Description Creates (and modifies) a group and its access rights.
Page 122 Commands for Managing the Switch read view name—defaultUserView ● write view name— “” ● notify view name—defaultNotifyView ● non-volatile storage ● Usage Guidelines Use this command to configure access rights for a group. All access groups are created with a unique default context, “”, as that is the only supported context.
Page 123: Configure Snmpv3 Add Community
configure snmpv3 add community configure snmpv3 add community configure snmpv3 add community [[hex <hex_community_index>] | <community_index>] name [[hex <hex_community_name>] |<community_name>] user [[hex <hex_user_name>] | <user_name>] {tag [[hex <hex_transport_tag>] | <transport_tag>]} {volatile} Description Adds an SNMPv3 community entry. Syntax Description hex_community_index Specifies the row index in the snmpCommunity table as a hex value supplied as a colon separated string of hex octets.
Page 124 Commands for Managing the Switch The following command creates an entry with the community index (hex) of 12:0E, community name (hex) of EA:12:CD:CF:AB:11:3C, user (security) name v1v2c_user, using transport tag 34872 and volatile storage: configure snmpv3 add community hex 12:0E name hex EA:12:CD:CF:AB:11:3C user v1v2c_user tag 34872 volatile History This command was first available in ExtremeWare XOS.
Page 125: Configure Snmpv3 Add Filter
configure snmpv3 add filter configure snmpv3 add filter configure snmpv3 add filter [[hex <hex_profile_name>] | <profile_name>] subtree <object_identifier> {/<subtree_mask>} type [included | excluded] {volatile} Description Adds a filter to a filter profile. Syntax Description hex_profile_name Specifies the filter profile that the current filter is added to. The value is to be supplied as a colon separated string of hex octets.
Page 126 Commands for Managing the Switch History This command was first available in ExtremeWare XOS 10.1. parameter was added in ExtremeWare XOS 11.0. hex_profile_name Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 127: Configure Snmpv3 Add Filter-Profile
configure snmpv3 add filter-profile configure snmpv3 add filter-profile configure snmpv3 add filter-profile [[hex <hex_profile_name>] | <profile_name>] param [[hex <hex_param_name>]] | <param_name>] {volatile} Description Associates a filter profile with a parameter name. Syntax Description hex_profile_name Specifies the filter profile name. The value is to be supplied as a colon separated string of hex octets.
Page 128: Configure Snmpv3 Add Group User
Commands for Managing the Switch configure snmpv3 add group user configure snmpv3 add group [[hex <hex_group_name>] | <group_name>] user [[hex <hex_user_name>] | <user_name>] {sec-model [snmpv1| snmpv2c | usm]} {volatile} Description Adds a user name (security name) to a group. Syntax Description hex_group_name Specifies the group name to add or modify.
Page 129 configure snmpv3 add group user The following command associates the user userv3 with security model and storage type volatile to the access group defaultRoGroup: configure snmpv3 add group defaultRoGroup user userV3 volatile History This command was first available in ExtremeWare XOS 10.1. parameters were added in ExtremeWare XOS 11.0.
Page 130: Configure Snmpv3 Add Mib-View
Commands for Managing the Switch configure snmpv3 add mib-view configure snmpv3 add mib-view [[hex <hex_view_name>] | <view_name>] subtree <object_identifier> {/<subtree_mask>} {type [included | excluded]} {volatile} Description Adds (and modifies) a MIB view. Syntax Description hex_view_name Specifies the MIB view name to add or modify. The value is to be supplies as a colon separated string of hex octets.
Page 131 configure snmpv3 add mib-view The following command creates a view vrrpTrapNewMaster which excludes VRRP notification .1 and the entry is volatile: configure snmpv3 add mib-view vrrpTrapNewMaster 1.3.6.1.2.1.68.0.1/ff8 type excluded volatile History This command was first available in ExtremeWare XOS 10.1. parameter was added in ExtremeWare XOS 11.0.
Page 132: Configure Snmpv3 Add Notify
Commands for Managing the Switch configure snmpv3 add notify configure snmpv3 add notify [[hex <hex_notify_name>] | <notify_name>] tag [[hex <hex_tag>] | <tag>] {volatile} Description Adds an entry to the snmpNotifyTable. Syntax Description hex_notify_name Specifies the notify name to add. The value is to be supplied as a colon separated string of hex octets.
Page 133: Configure Snmpv3 Add Target-Addr
configure snmpv3 add target-addr configure snmpv3 add target-addr configure snmpv3 add target-addr [[hex <hex_addr_name] | <addr_name>] param [[hex <hex_param_name] | <param_name>] ipaddress [[<ip_address> {<netmask>}] | <ip_address>] {transport-port <port_number> {from <src_ip_address>} {tag-list <tag_list>} {volatile} Description Adds and configures an SNMPv3 target address and associates filtering, security, and notifications with that address.
Page 134 Commands for Managing the Switch Example The following command specifies a target address of 10.203.0.22 with the name A1, and associates it with the security parameters and target address parameter P1: configure snmpv3 add target-addr A1 param P1 ipaddress 10.203.0.22 The following command specifies a target address of 10.203.0.22 with the name A1, and associates it with the security parameters and target address parameter P1, and the notification tags type1 and type2: configure snmpv3 add target-addr A1 param P1 ipaddress 10.203.0.22 from 10.203.0.23...
Page 135: Configure Snmpv3 Add Target-Params
configure snmpv3 add target-params configure snmpv3 add target-params configure snmpv3 add target-params [[hex <hex_param_name>] | <param_name>] user [[hex <hex_user_name>] | <user_name>] mp-model [snmpv1 | snmpv2c | snmpv3] sec-model [snmpv1 | snmpv2c | usm] {sec-level [noauth | authnopriv | priv]} {volatile} Description Adds and configures SNMPv3 target parameters.
Page 136 Commands for Managing the Switch Example The following command specifies a target parameters entry named P1, a user name of guest, message processing and security model of SNMPv2c, and a security level of no authentication: configure snmpv3 add target-params P1 user guest mp-model snmpv2c sec-model snmpv2c sec-level noauth History This command was first available in ExtremeWare XOS 10.1.
Page 137: Configure Snmpv3 Add User
configure snmpv3 add user configure snmpv3 add user configure snmpv3 add user [[hex <hex_user_name>] | <user_name>] {authentication [md5 | sha] [hex <hex_auth_password> | <auth_password>]} {privacy [hex <hex_priv_password> | <priv_password>]} {volatile} Description Adds (and modifies) an SNMPv3 user. Syntax Description hex_user_name Specifies the user name to add or modify.
Page 138 Commands for Managing the Switch Example The following command configures the user guest on the local SNMP Engine with security level noauth (no authentication and no privacy): configure snmpv3 add user guest The following command configures the user authMD5 to use authentication with the password palertyu: configure snmpv3 add user authMD5 authentication md5...
Page 139: Configure Snmpv3 Add User Clone-From
configure snmpv3 add user clone-from configure snmpv3 add user clone-from configure snmpv3 add user [[hex <hex_user_name>] | <user_name>] clone-from [[hex <hex_user_name>] | <user_name>] Description Creates a new user by cloning from an existing SNMPv3 user. Syntax Description hex_user_name Specifies the user name to add or to clone from. The value is to be supplies as a colon separated string of hex octets.
Page 140: Configure Snmpv3 Delete Access
Commands for Managing the Switch configure snmpv3 delete access configure snmpv3 delete access [all-non-defaults | {[[hex <hex_group_name>] | <group_name>] {sec-model [snmpv1 | snmpv2c | usm] sec-level [noauth | authnopriv | priv]}}] Description Deletes access rights for a group. Syntax Description all-non-defaults Specifies that all non-default (non-permanent) security groups are to be deleted.
Page 141 configure snmpv3 delete access Example The following command deletes all entries with the group name userGroup: configure snmpv3 delete access userGroup The following command deletes the group userGroup with the security model and security level snmpv1 of authentication and no privacy ( authnopriv configure snmpv3 delete access userGroup sec-model snmpv1 sec-level authnopriv History...
Page 142: Configure Snmpv3 Delete Community
Commands for Managing the Switch configure snmpv3 delete community configure snmpv3 delete community [all-non-defaults | {[[hex <hex_community_index>] | <community_index>} | {name [[hex <hex_community_name>] | <community_name>}] Description Deletes an SNMPv3 community entry. Syntax Description all-non-defaults Specifies that all non-default community entries are to be removed. hex_community_index Specifies the row index in the snmpCommunityTable.
Page 143: Configure Snmpv3 Delete Filter
configure snmpv3 delete filter configure snmpv3 delete filter configure snmpv3 delete filter [all | [[hex <hex_profile_name>] | <profile_name>] {subtree <object_identifier>}]] Description Deletes a filter from a filter profile. Syntax Description Specifies all filters. hex_profile_name Specifies the filter profile of the filter to delete. The value is to be supplied as a colon separated string of hex octets.
Page 144: Configure Snmpv3 Delete Filter-Profile
Commands for Managing the Switch configure snmpv3 delete filter-profile configure snmpv3 delete filter-profile [all |[[hex <hex_profile_name>] | <profile_name>] {param [[hex <hex_param_name>] | <param_name>}]] Description Removes the association of a filter profile with a parameter name. Syntax Description Specifies all filter profiles. hex_profile_name Specifies the filter profile name to delete.
Page 145: Configure Snmpv3 Delete Group User
configure snmpv3 delete group user configure snmpv3 delete group user configure snmpv3 delete group {[[hex <hex_group_name>] | <group_name>]} user [all-non-defaults | {[[hex <hex_user_name>] | <user_name>] {sec-model [snmpv1|snmpv2c|usm]}}] Description Deletes a user name (security name) from a group. Syntax Description hex_group_name Specifies the group name to delete or modify.
Page 146 Commands for Managing the Switch Example The following command deletes the user guest from the group UserGroup for the security model snmpv2c configure snmpv3 delete group UserGroup user guest sec-model snmpv2c The following command deletes the user guest from the group userGroup with the security model configure snmpv3 delete group userGroup user guest History This command was first available in ExtremeWare XOS 10.1.
Page 147: Configure Snmpv3 Delete Mib-View
configure snmpv3 delete mib-view configure snmpv3 delete mib-view configure snmpv3 delete mib-view [all-non-defaults | {[[hex <hex_view_name>] | <view_name>] {subtree <object_identifier>}}] Description Deletes a MIB view. Syntax Description all-non-defaults Specifies that all non-default (non-permanent) MIB views are to be deleted. hex_view_name Specifies the MIB view to delete.
Page 148 Commands for Managing the Switch History This command was first available in ExtremeWare XOS 10.1. parameter was added in ExtremeWare XOS 11.0. hex_view_name Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 149: Configure Snmpv3 Delete Notify
configure snmpv3 delete notify configure snmpv3 delete notify configure snmpv3 delete notify [{[[hex <hex_notify_name>] | <notify_name>]} | all-non-defaults] Description Deletes an entry from the snmpNotifyTable. Syntax Description hex_notify_name Specifies the notify name to add. The value is to be supplied as a colon separated string of hex octets.
Page 150: Configure Snmpv3 Delete Target-Addr
Commands for Managing the Switch configure snmpv3 delete target-addr configure snmpv3 delete target-addr [{[[hex <hex_addr_name>] | <addr_name>]} | all] Description Deletes SNMPv3 target addresses. Syntax Description hex_addr_name Specifies an identifier for the target address. The value is to be supplied as a colon separated string of hex octets.
Page 151: Configure Snmpv3 Delete Target-Params
configure snmpv3 delete target-params configure snmpv3 delete target-params configure snmpv3 delete target-params [{[[hex <hex_param_name>] | <param_name>]} | all] Description Deletes SNMPv3 target parameters. Syntax Description hex_param_name Specifies the parameter name associated with the target. The value is to be supplied as a colon separated string of hex octets. param_name Specifies the parameter name associated with the target in ASCII format.
Page 152: Configure Snmpv3 Delete User
Commands for Managing the Switch configure snmpv3 delete user configure snmpv3 delete user [all-non-defaults | [[hex <hex_user_name>] | <user_name>]] Description Deletes an existing SNMPv3 user. Syntax Description all-non-defaults Specifies that all non-default (non-permanent) users are to be deleted. hex_user_name Specifies the user name to delete. The value is to be supplied as a colon separated string of hex octets.
Page 153 configure snmpv3 delete user Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 154: Configure Snmpv3 Engine-Boots
Commands for Managing the Switch configure snmpv3 engine-boots configure snmpv3 engine-boots <(1-2147483647)> Description Configures the SNMPv3 Engine Boots value. Syntax Description (1-2147483647) Specifies the value of engine boots. Default N/A. Usage Guidelines Use this command if the Engine Boots value needs to be explicitly configured. Engine Boots and Engine Time will be reset to zero if the Engine ID is changed.
Page 155: Configure Snmpv3 Engine-Id
Use this command if the needs to be explicitly configured. The first four octets of the ID snmpEngineID are fixed to 80:00:07:7C,which represents Extreme Networks Vendor ID. Once the snmpEngineID changed, default users will be reverted back to their original passwords/keys, while non-default users will be reset to the security level of no authorization, no privacy.
Page 156: Configure Sntp-Client
Commands for Managing the Switch configure sntp-client configure sntp-client [primary | secondary] <host-name-or-ip> {vr <vr_name>} Description Configures an NTP server for the switch to obtain time information. Syntax Description primary Specifies a primary server name. secondary Specifies a secondary server name. host-name-or-ip Specifies a host name or IP address.
Page 157 configure sntp-client History This command was first available in ExtremeWare XOS 10.1. option was added in ExtremeWare XOS 11.0. vr <vr_name> Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 158: Configure Sntp-Client Update-Interval
Commands for Managing the Switch configure sntp-client update-interval configure sntp-client update-interval <update-interval> Description Configures the interval between polls for time information from SNTP servers. Syntax Description update-interval Specifies an interval in seconds. Default 64 seconds. Usage Guidelines None. Example The following command configures the interval timer: configure sntp-client update-interval 30 History This command was first available in ExtremeWare XOS 10.1.
Page 159: Configure Telnet Access-Profile
configure telnet access-profile configure telnet access-profile configure telnet access-profile [<access_profile> | none] Description Configures Telnet to use an ACL policy for access control. Syntax Description access_profile Specifies an ACL policy. none Cancels a previously configured ACL policy. Default Telnet is enabled with no ACL policies and uses TCP port 23. Usage Guidelines You must be logged in as administrator to configure Telnet parameters.
Page 160 Commands for Managing the Switch Example This example assumes that you already created an ACL to apply to Telnet. The following command applies the ACL MyAccessProfile_2 to Telnet: configure telnet access-profile MyAccessProfile_2 History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms.
Page 161: Configure Telnet Port
configure telnet port configure telnet port configure telnet port [<portno> | default] Description Configures the TCP port used by Telnet for communication. Syntax Description portno Specifies a TCP port number. The default is 23. The range is 1 through 65535. The following TCP port numbers are reserved and cannot be used for Telnet connections: 22, 80, and 1023.
Page 162 Commands for Managing the Switch Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 163: Configure Telnet Vr
configure telnet vr configure telnet vr configure telnet vr [all | default | <vr_name>] Description Configures the virtual router used on the switch for listening for Telnet connections. Syntax Description Specifies to use all virtual routers for Telnet connections. default Specifies to use the default virtual router for Telnet connections.
Page 164 Commands for Managing the Switch History This command was first available in ExtremeWare XOS 11.0. Support for IPv6 was added in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 165: Disable Dhcp Vlan
disable dhcp vlan disable dhcp vlan disable dhcp vlan [<vlan_name> | all] Description Disables the generation and processing of DHCP packets on a VLAN to obtain an IP address for the VLAN from a DHCP server. Syntax Description vlan_name Specifies a VLAN name. Specifies all VLANs Default Disabled for all VLANs.
Page 166: Disable Snmp Access
Commands for Managing the Switch disable snmp access disable snmp access {snmp-v1v2c} Description Selectively disables SNMP on the switch. Syntax Description snmp-v1v2c Disables SNMPv1/v2c access only; does not affect SNMPv3 access. Default Enabled. Usage Guidelines Disabling SNMP access does not affect the SNMP configuration (for example, community strings). However, if you disable SNMP access, you will be unable to access the switch using SNMP.
Page 167: Disable Snmp Traps
disable snmp traps disable snmp traps disable snmp traps Description Prevents SNMP traps from being sent from the switch. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines This command does not clear the SNMP trap receivers that have been configured. The command prevents SNMP traps from being sent from the switch even if trap receivers are configured.
Page 168: Disable Sntp-Client
Commands for Managing the Switch disable sntp-client disable sntp-client Description Disables the SNTP client. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines SNTP can be used by the switch to update and synchronize its internal clock from a Network Time Protocol (NTP) server.
Page 169: Disable Telnet
disable telnet disable telnet disable telnet Description Disables Telnet services on the system. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines You must be logged in as an administrator to enable or disable Telnet. Example With administrator privilege, the following command disables Telnet services on the switch: disable telnet History...
Page 170: Disable Watchdog
Commands for Managing the Switch disable watchdog disable watchdog Description Disables the system watchdog timer. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines The watchdog timer monitors the health of the switch hardware and software events. For example, the watchdog timer reboots the switch if the system cannot reset the watchdog timer.
Page 171: Enable Dhcp Vlan
enable dhcp vlan enable dhcp vlan enable dhcp vlan [<vlan_name> | all] Description Enables the generation and processing of DHCP packets on a VLAN to obtain an IP address for the VLAN from a DHCP server. Syntax Description vlan_name Specifies a VLAN name. Specifies all VLANs.
Page 172: Enable Snmp Access
Commands for Managing the Switch enable snmp access enable snmp access Description Turns on SNMP support for SNMPv3 and v1/v2c on the switch. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines To have access to the SNMP agent residing in the switch, at least one VLAN must have an IP address assigned to it.
Page 173 enable snmp access * change your SNMP public and private strings * consider using SNMPv3 to secure network management traffic In addition, you can return to safe defaults mode by issuing the following commands: ● unconfigure switch ● configure safe-default-script If you return to safe defaults mode, you must answer the questions presented during the interactive script.
Page 174: Enable Snmp Traps
Commands for Managing the Switch enable snmp traps enable snmp traps Description Turns on SNMP trap support. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines An authorized trap receiver can be one or more network management stations on your network. The switch sends SNMP traps to all trap receivers.
Page 175: Enable Sntp-Client
enable sntp-client enable sntp-client enable sntp-client Description Enables the SNTP client. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines SNTP can be used by the switch to update and synchronize its internal clock from a Network Time Protocol (NTP) server.
Page 176: Enable Telnet
Commands for Managing the Switch enable telnet enable telnet Description Enables Telnet services on the system. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines You must be logged in as an administrator to enable or disable Telnet. ExtremeWare XOS 11.2 introduces the concept of safe defaults mode.
Page 177 enable telnet History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 178: Enable Watchdog
Commands for Managing the Switch enable watchdog enable watchdog Description Enables the system watchdog timer. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines The watchdog timer monitors the health of the switch hardware and software events. For example, the watchdog timer reboots the switch if the system cannot reset the watchdog timer.
Page 179: Exit
exit exit exit Description Logs out the session of a current user for CLI or Telnet. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Use this command to log out of a CLI or Telnet session. When you issue this command, you are asked to save your configuration changes to the current, active configuration.
Page 180: Logout
Commands for Managing the Switch logout logout Description Logs out the session of a current user for CLI or Telnet. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Use this command to log out of a CLI or Telnet session. When you issue this command, you are asked to save your configuration changes to the current, active configuration.
Page 181: Quit
quit quit quit Description Logs out the session of a current user for CLI or Telnet. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Use this command to log out of a CLI or Telnet session. When you issue this command, you are asked to save your configuration changes to the current, active configuration.
Page 182: Show Dhcp-Client State
Commands for Managing the Switch show dhcp-client state show dhcp-client state Description Displays the current DHCP/BOOTP client state for each vlan. Syntax Description This command has no arguments or variables. Default Displays the client state for all existing VLANs. Usage Guidelines None.
Page 183: Show Checkpoint-Data
show checkpoint-data show checkpoint-data show checkpoint-data {<process>} Description Displays the status of one or more processes being copied from the master MSM to the backup MSM. Syntax Description process Specifies the name of the processes being copied. Default N/A. Usage Guidelines This command displays, in percentages, the amount of internal state copying completed by each process and the traffic statistics between the process on both the master and the backup MSMs.
Page 184 Commands for Managing the Switch 100% ON 1 (000008D3) msgsrv 100% ON 1 (000008D3) eaps 0% ON 1 (000008D3) 0% ON 1 (000008D3) esrp 100% ON 1 (000008D3) polMgr 0% ON 1 (000008D3) mcmgr 100% ON 1 (000008D3) 100% ON 1 (000008D3) netLogin 0% ON...
Page 185: Show Management
show management show management show management Description Displays the SNMP settings configured on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines: The following management output is displayed: Enable/disable state for Telnet, and SNMP access ●...
Page 186 Commands for Managing the Switch Example The following command displays configured SNMP settings on the switch: show management The following is sample output from this command: CLI idle timeout : Disabled CLI max number of login attempts : 3 CLI max number of sessions CLI paging : Enabled (this session only) CLI space-completion...
Page 187: Show Node
show node show node show node {detail} Description Displays the status of the nodes in the system as well as the general health of the system. Syntax Description detail Displays the information on a per-node basis rather than in a tabular format. Default N/A.
Page 188 Commands for Managing the Switch Example The following command displays the status of the node, the priority of the node, and the general health of the system: show node The following is sample output from this command: Node State Priority SwHealth HwHealth -----------------------------------------------...
Page 189: Show Odometers
show odometers show odometers show odometers Description Displays a counter for each component of a switch that shows how long it has been functioning since it was manufactured. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines The output from this command displays how long individual components in the switch have been functioning since it was manufactured.
Page 190 Commands for Managing the Switch Example The following command displays how long each component of a switch has been functioning since its manufacture date: show odometers The following is sample output from a BlackDiamond 10K switch: Service First Recorded Field Replaceable Units Days Start Date -----------------------...
Page 191 show odometers History This command was first available in ExtremeWare XOS 10.1. Information about the power controller(s) for modular switches was added to the show odometers output in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 192: Show Power
Commands for Managing the Switch show power show power {<ps_num>} {detail} Description Displays the current status of the installed power supplies. Command Syntax ps_num Specifies the slot number of the installed power supply. detail The detail option is reserved for future use. Default N/A.
Page 193 show power Part number—A collection of numbers and letters that make up the part number of the power ■ supply. Summit X450 switch only: Internal Power Supply (PowerSupply 1 information)—The Summit X450 switch comes with one ■ power supply pre-installed at the factory. The Summit X450 power supply is not user-replaceable; therefore, the part information display indicates internal power supply.
Page 194 Commands for Managing the Switch If you choose to always enable a power supply, regardless of the affect on the total available power, you next to the state of the power supply, as shown in the sample truncated output: Configured ON PowerSupply 1 information: State: Powered On...
Page 195: Show Power Budget
show power budget show power budget show power budget Description Displays the power status and the amount of available and required power on a modular switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Use this command to view detailed information about the amount of power available on the switch. This status information may be useful if the command displays a state of Powered OFF for show slot...
Page 196 Commands for Managing the Switch Down: The module is installed, but the administrator has taken the module offline. ■ Power ON: There is sufficient system power to power up the module. ■ Powered OFF: There is insufficient system power to keep the module up and running, or there is ■...
Page 197 show power budget Slot-5 Empty Slot-6 Empty Slot-7 G60T Operational 225.00 220.00 5.00 Slot-8 Empty MSM-A MSM-1XL Operational 444.00 444.00 0.00 MSM-B MSM-1XL Operational 444.00 444.00 0.00 FanTray-1 Operational 126.00 126.00 0.00 FanTray-2 Operational 126.00 126.00 0.00 --------------------------------------------------------------------------- Power Required: 1365.00 1360.00 5.00...
Page 198 Commands for Managing the Switch Power over Ethernet (PoE) data (inline power) was added to the output in show power budget ExtremeWare XOS 11.1. PoE data is displayed when you install a G48P module in the BlackDiamond 8800 family of switches. Redundant (N+1) power information was added to the output in ExtremeWare show power budget...
Page 199: Show Power Controller
show power controller show power controller show power controller {<num>} Description Displays the current status of the installed power supply controllers. Command Syntax Specifies the slot number of the installed power supply controller. Default N/A. Usage Guidelines Use this command to view detailed information about the health of the power supply controllers. Power controllers collect data about the installed power supplies and report the results to the MSM This status information may be useful for your technical support representative if you have a network problem.
Page 200 Commands for Managing the Switch Example The following command displays the status of the installed power supply controllers: show power controller The following is sample output from this command: PSUCTRL-1 information: State: Present PartInfo: Mead 1 0410F-01217 7040255-00-05 Revision: FailureCode: Odometer: 3 days 8 minutes 10 seconds since May-21-2004 Temperature:...
Page 201: Show Session
show session show session show session {{detail} {<sessID>}} {history} Description Displays the currently active Telnet and console sessions communicating with the switch. Syntax Description detail Specifies more detailed session information. sessID Specifies a session ID number. history Displays a list of all sessions. Default N/A.
Page 202 Commands for Managing the Switch Example The following command displays the active sessions on the switch: show session The following is sample output from this command: Login Time User Type Auth Auth Location ================================================================================ Thu Apr 28 20:16:56 2005 admin console local serial Thu Apr 28 23:36:20 2005 admin...
Page 203: Show Snmpv3 Access
show snmpv3 access show snmpv3 access show snmpv3 access {[[hex <hex_group_name>] | <group_name>]} Description Displays SNMPv3 access rights. Syntax Description Specifies that the value to follow is to be supplied as a colon separated string of hex octets. group_name Specifies the name of the group to display. Default N/A.
Page 204 Commands for Managing the Switch Write View Notify View : defaultNotifyView Storage Type : Permanent Row Status : Active Group Name : v1v2c_ro Context Prefix Security Model : snmpv1 Security Level : No-Authentication No-Privacy Context Match : Exact Read View : defaultUserView Write View Notify View...
Page 205 show snmpv3 access History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 206: Show Snmpv3 Context
Commands for Managing the Switch show snmpv3 context show snmpv3 context Description Displays information about the SNMPv3 contexts on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines: This command displays the entries in the View-based Access Control Model (VACM) context table (VACMContextTable).
Page 207: Show Snmpv3 Counters
show snmpv3 counters show snmpv3 counters show snmpv3 counters Description Displays SNMPv3 counters. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines command displays the following SNMPv3 counters: show snmpv3 counters snmpUnknownSecurityModels ● snmpInvalidMessages ● snmpUnknownPDUHandlers ●...
Page 208 Commands for Managing the Switch usmStatsWrongDigests usmStatsDecryptionErrors History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 209: Show Snmpv3 Engine-Info
show snmpv3 engine-info show snmpv3 engine-info show snmpv3 engine-info Description Displays information about the SNMPv3 engine on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines: The following show engine-info output is displayed: Engine-ID—Either the ID auto generated from MAC address of switch, or the ID manually ●...
Page 210: Show Snmpv3 Filter
Commands for Managing the Switch show snmpv3 filter show snmpv3 filter {[[hex <hex_profile_name>] | <profile_name>] {{subtree} <object_identifier>} Description Displays the filters that belong a filter profile. Syntax Description hex_profile_name Specifies the filter profile to display. The value is to be supplied as a colon separated string of hex octets.
Page 211 show snmpv3 filter Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 212: Show Snmpv3 Filter-Profile
Commands for Managing the Switch show snmpv3 filter-profile show snmpv3 filter-profile {[[hex <hex_profile_name>] | <profile_name>]} {param [[hex <hex_param_name>] | <param_name>]} Description Displays the association between parameter names and filter profiles. Syntax Description hex_profile_name Specifies the filter profile name. The value is to be supplied as a colon separated string of hex octets.
Page 213 show snmpv3 filter-profile Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 214: Show Snmpv3 Group
Commands for Managing the Switch show snmpv3 group show snmpv3 group {[[hex <hex_group_name>] | <group_name>] {user [[hex <hex_user_name>] | <user_name>]}} Description Displays the user name (security name) and security model association with a group name. Syntax Description hex_group_name Specifies the group name to display. The value is to be supplied as a colon separated string of hex octets.
Page 215 show snmpv3 group Group Name : v1v2c_ro Security Name : v1v2c_ro Security Model : snmpv2c Storage Type : Permanent Row Status : Active Group Name : v1v2c_rw Security Name : v1v2c_rw Security Model : snmpv2c Storage Type : Permanent Row Status : Active Group Name : admin...
Page 216 Commands for Managing the Switch The following command shows information about the group testgroup and user name testuser: show snmpv3 group testgroup user testuser The following is sample output from this command: Group Name : testgroup Security Name : testuser Security Model : USM Storage Type...
Page 217: Show Snmpv3 Mib-View
show snmpv3 mib-view show snmpv3 mib-view show snmpv3 mib-view {[[hex <hex_view_name>] | <view_name>] {subtree <object_identifier>}} Description Displays a MIB view. Syntax Description hex_view_name Specifies the name of the MIB view to display. The value is to be supplied as a colon separated string of hex octets. view_name Specifies the name of the MIB view to display.
Page 218 Commands for Managing the Switch View Name : defaultUserView MIB Subtree : 1.3.6.1.6.3.18 View Type : Excluded Storage Type : Permanent Row Status : Active View Name : defaultUserView MIB Subtree : 1.3.6.1.6.3.15.1.2.2.1.4 View Type : Excluded Storage Type : Permanent Row Status : Active View Name...
Page 219: Show Snmpv3 Notify
show snmpv3 notify show snmpv3 notify show snmpv3 notify {[[hex <hex_notify_name>] | <notify_name>]} Description Displays the notifications that are set. This command displays the snmpNotifyTable. Syntax Description hex_notify_name Specifies the parameter name associated with the target. The value is to be supplied as a colon separated string of hex octets.
Page 220: Show Snmpv3 Target-Addr
Commands for Managing the Switch show snmpv3 target-addr show snmpv3 target-addr {[[hex <hex_addr_name>] | <addr_name>]} Description Displays information about SNMPv3 target addresses. Syntax Description hex_addr_name Specifies an identifier for the target address. The value is to be supplied as a colon separated string of hex octets.
Page 221 show snmpv3 target-addr History This command was first available in ExtremeWare XOS 10.1. This command was modified in ExtremeWare XOS 11.0 to display a list of tags if more than one was configured and to display the timeout value for the entry in the snmpTargetAddrTable. This command was also modified to support the parameter.
Page 222: Show Snmpv3 Extreme-Target-Addr-Ext
Commands for Managing the Switch show snmpv3 extreme-target-addr-ext show snmpv3 extreme-target-addr-ext [[hex <hex_addr_name>] | <addr_name>] Description Displays information about SNMPv3 target addresses enhanced or standard mode. Syntax Description hex_addr_name Specifies an identifier for the target address. The value is to be supplied as a colon separated string of hex octets.
Page 223: Show Snmpv3 Target-Params
show snmpv3 target-params show snmpv3 target-params show snmpv3 target-params {[[hex <hex_target_params>] | <target_params>]} Description Displays the information about the options associated with the parameter name. Syntax Description hex_target_params Specifies the parameter to display. The value is to be supplied as a colon separated string of hex octets.
Page 224 Commands for Managing the Switch Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 225: Show Snmpv3 User
show snmpv3 user show snmpv3 user show snmpv3 user {[[hex <hex_user_name>] | <user_name>]} Description Displays detailed information about the user. Syntax Description hex_user_name Specifies the user name to display. The value is to be supplied as a colon separated string of hex octets. user_name Specifies the user name to display.
Page 226 Commands for Managing the Switch Row Status : Active Engine-ID : 80:00:07:7c:03:00:04:96:1f:a2:60 'H' User Name : initialmd5 Security Name : initialmd5 Authentication : HMAC-MD5 Privacy : No-Privacy Storage Type : Permanent Row Status : Active Engine-ID : 80:00:07:7c:03:00:04:96:1f:a2:60 'H' User Name : initialsha Security Name : initialsha...
Page 227: Show Sntp-Client
show sntp-client show sntp-client show sntp-client Description Displays the DNS configuration. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Displays configuration and statistics information of SNTP client. Example The following command displays the SNTP configuration: show sntp-client The following is sample output from this command: SNTP client is enabled...
Page 228 Commands for Managing the Switch History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 229: Telnet
telnet telnet telnet {vr <vr_name>} [<host_name> | <remote_ip>] {<port>} Description Allows you to Telnet from the current command-line interface session to another host. Syntax Description Specifies use of a virtual router. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created virtual routers.
Page 230 Commands for Managing the Switch Numerals (0-9) ● Period ( . ) ● Dash ( - ) Permitted only for host names ● Underscore ( _ ) Permitted only for host names ● Colon ( : ) ● When naming or configuring an IP address for your network server, remember the requirements listed above.
Page 231: Telnet Msm
telnet msm telnet msm telnet msm [a | b] Description Allows you to Telnet to either the primary or the backup MSM regardless of which console port you are connected to. Syntax Description Specifies the MSM installed in slot A. Specifies the MSM installed in slot B.
Page 232 Commands for Managing the Switch History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available only on modular switches. ExtremeWare XOS 11.3 Command Reference...
Page 233: Tftp
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. NetASCII and mail file type formats are not supported. TFTP Server Requirements. Extreme Networks recommends using a TFTP server that supports blocksize negotiation (as described in RFC 2348, TFTP Blocksize Option), to enable faster file downloads and larger file downloads.
Page 234 Commands for Managing the Switch If your TFTP server does not support blocksize negotiation, the switch displays a message similar to the following when you attempt a get ( ) or put ( ) operation: Note: The blocksize option is not supported by the remote TFTP server. Without this option, the maximum file transfer size is limted to 32MB.
Page 235 BootROM. This command utilizes TFTP to transfer the download bootrom BootROM image file from your TFTP server to the switch. Only upgrade the BootROM when asked to do so by an Extreme Networks technical representative. For more information about this command, see “download bootrom” on page 1617.
Page 236 Commands for Managing the Switch ExtremeWare XOS 11.3 Command Reference...
Page 237: Chapter 4: Commands For Managing The Extremeware Xos Software
Monitoring the workload of the CPU allows you to troubleshoot and identify suspect processes. NOTE Filenames are case-sensitive. For information on filename restrictions, please refer to the specific command in the ExtremeWare XOS Command Reference Guide. ExtremeWare XOS 11.3 Command Reference...
Page 238: Clear Cpu-Monitoring
Commands for Managing the ExtremeWare XOS Software clear cpu-monitoring clear cpu-monitoring {process <name>} {slot <slotid>} Description Clears, resets the CPU utilization history and statistics stored in the switch. Syntax Description name Specifies the name of the process. slotid Specifies the slot number of the MSM module: •...
Page 239 clear cpu-monitoring Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 240 Commands for Managing the ExtremeWare XOS Software cp {memorycard} <old-name> {memorycard} <new-name> Description Copies an existing configuration or policy file in the system. Syntax Description memorycard Specifies the removable external compact flash memory card. NOTE: This parameter is available only on modular switches. old-name Specifies the name of the configuration or policy file that you want to copy.
Page 241 Case-sensitive Filenames. Filenames are case-sensitive. In this example, you have a configuration file named Test.cfg. If you attempt to copy the file with the incorrect case, for example test.cfg, the switch displays a message similar to the following: Error: cp: /config/test.cfg: No such file or directory Since the switch is unable to locate test.cfg, the file is not copied.
Page 242 Commands for Managing the ExtremeWare XOS Software Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 243: Disable Cpu-Monitoring
disable cpu-monitoring disable cpu-monitoring disable cpu-monitoring Description Disables CPU monitoring on the switch. Command Syntax This command has no arguments or variables. Default CPU monitoring is enabled and occurs every 20 seconds. Usage Guidelines Use this command to disable CPU monitoring on the switch. This command does not clear the monitoring interval.
Page 244: Disable Xml-Mode
Commands for Managing the ExtremeWare XOS Software disable xml-mode disable xml-mode Description Disables XML configuration mode on the switch. Command Syntax This command has no arguments or variables. Default Disabled. Usage Guidelines Use this command to disable the XML configuration mode on the switch. XML configuration mode is not supported for end users.
Page 245: Enable Cpu-Monitoring
CPU utilization for the process. In addition, if configured with the guidance of Extreme Networks Customer Support, the switch can save this information in a coredump or tracefile. To modify the CPU threshold level, use the keyword.
Page 246 Commands for Managing the ExtremeWare XOS Software Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 247: Enable Xml-Mode
This command enables the XML configuration mode on the switch, however XML configuration mode is not supported for end users, and Extreme Networks strongly cautions you not to enable this mode. Use this command only under the direction of Extreme Networks.
Page 248 Commands for Managing the ExtremeWare XOS Software ls {memorycard} Description Lists all current configuration and policy files in the system. Syntax Description memorycard Lists files on the removable compact flash memory card. NOTE: This parameter is available only on modular switches. Default N/A.
Page 249 Example The following command displays a list of all current configuration and policy files in the system: The following is sample output from this command: total 424 -rw-r--r-- 1 root root 50 Jul 30 14:19 hugh.pol -rw-r--r-- 1 root root 94256 Jul 23 14:26 hughtest.cfg -rw-r--r-- 1 root...
Page 250 Commands for Managing the ExtremeWare XOS Software mv {memorycard} <old-name> {memorycard} <new-name> Description Moves or renames an existing configuration or policy file in the system. Syntax Description memorycard Specifies the removable external compact flash card. NOTE: This parameter is available only on modular switches. old-name Specifies the current name of the configuration or policy file.
Page 251 Local Filename Character Restrictions. This section provides information about the characters supported by the switch for local filenames. When specifying a local filename, the switch permits only the following characters: Alphabetical letters, upper case and lower case (A-Z, a-z) ● Numerals (0-9) ●...
Page 252 Commands for Managing the ExtremeWare XOS Software option was added in ExtremeWare XOS 11.1. memorycard Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 253: Restart Process
restart process restart process restart process [class <cname> | <name> {msm <slot>}] Description Terminates and restarts the specified process during a software upgrade on the switch. Syntax Description cname Specifies the name process to restart. With this parameter, you can terminate and restart all instances of the process associated with a specific routing protocol on all VRs.
Page 254 Commands for Managing the ExtremeWare XOS Software To display the status of ExtremeWare XOS processes on the switch, including how many times a process has been restarted, use the show process {<name>} {detail} {description} {slot <slotid>} command. The following is a truncated sample of the show process command on the Summit X450 switch: Process Name Version...
Page 255 rm {memorycard} <file-name> Description Removes/deletes an existing configuration or policy file from the system. Syntax Description memorycard Specifies the removable external compact flash card. NOTE: This parameter is available only on modular switches. file-name Specifies the name of the configuration or policy file. Default N/A.
Page 256 Commands for Managing the ExtremeWare XOS Software Dash ( - ) ● Underscore ( _ ) ● When naming a local or remote file, remember the requirements listed above. Modular Switches Only. This command also replicates the action from the primary MSM to the backup MSM.
Page 257: Show Cpu-Monitoring
show cpu-monitoring show cpu-monitoring show cpu-monitoring {process <name>} {slot <slotid>} Description Displays the CPU utilization history of one or more processes. Command Syntax name Specifies the name of the process. slotid Specifies the slot number of the MSM module: • A specifies the MSM installed in slot A. •...
Page 258 Commands for Managing the ExtremeWare XOS Software Example The following command displays CPU utilization on the switch: show cpu-monitoring The following is sample truncated output from a modular switch: CPU Utilization Statistics - Monitored every 5 seconds ------------------------------------------------------------------------------- Card Process Total secs secs secs min mins mins hour...
Page 259 show cpu-monitoring 1.72 0.78 0.40 0.24 12.6 11.18 2.21 cfgmgr 39.8 4743.92 3575.79 0.59 0.42 devmgr 19.5 74.44 24.52 dirser dosprotect 0.12 eaps 36.40 15.41 11.1 10.92 3.97 elrp 0.49 0.44 1.19 1.29 30.7 48.74 32.93 esrp 0.82 0.45 etmon 30.5 4865.78 873.87 History...
Page 260: Show Heartbeat Process
Commands for Managing the ExtremeWare XOS Software show heartbeat process show heartbeat process {<name>} Description Displays the health of the ExtremeWare XOS processes. Command Syntax name Specifies the name of the process. Default N/A. Usage Guidelines The software monitors all of the XOS processes running on the switch. This process monitor creates and terminates XOS processes on demand (for example, when you log in or log out of the switch) and restarts processes if an abnormal termination occurs (for example, if your system crashes).
Page 261 show heartbeat process Example To display the health of all processes on your system, use the following command: show heartbeat process The following is sample output from a modular switch: Card Process Name Hello HelloAck Last Heartbeat Time --------------------------------------------------------------------------- MSM-A aaa 180324 Wed Dec 10 15:06:04 2003 MSM-A acl...
Page 262 Commands for Managing the ExtremeWare XOS Software The following is sample output from the Summit X450 switch: Process Name Hello HelloAck Last Heartbeat Time ---------------------------------------------------------------------- 50870 50870 Tue Feb 10 05:22:13 2004 History This command was first available in an ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms.
Page 263: Show Memory
show memory show memory show memory {slot [a | b]} Description Displays the current system memory information. Syntax Description slot a Specifies the MSM module installed in slot A. NOTE: This parameter is available only on modular switches. slot b Specifies the MSM module installed in slot B.
Page 264 If you observe a continuous decrease in the memory over an extended period of time, and you free have not altered your switch configuration, please contact Extreme Networks Technical Support. Example The following command displays current system memory information for the MSM installed in slot A...
Page 265 show memory MSM-A rtmgr 9748 MSM-A snmpMaster 6400 MSM-A snmpSubagent 8104 MSM-A 6896 MSM-A telnetd 3236 MSM-A tftpd 3080 MSM-A vlan 5816 MSM-A vrrp 6584 The following command displays current system memory information for the Summit X450 switch: show memory The following is sample output from this command: System Memory Information -------------------------...
Page 266 Commands for Managing the ExtremeWare XOS Software msgsrv 6960 netLogin 8924 netTools 11524 nettx nodemgr 9636 ospf 18124 ospfv3 15996 8936 polMgr 7576 17736 ripng rtmgr 16016 snmpMaster 15416 snmpSubagent 26428 10768 telnetd 8464 tftpd 7584 thttpd 11344 vlan 9660 vrrp 11184 xmld...
Page 267: Show Memory Process
show memory process show memory process show memory process <name> {slot <slotid>} Description Displays the current system memory and that of the specified process. Command Syntax name Specifies the name of the process. slotid Specifies the slot number of the MSM module: •...
Page 268 Commands for Managing the ExtremeWare XOS Software Example The following command displays system memory and VRRP memory usage: show memory process vrrp The following is sample output from a modular switch: System Memory Information ------------------------- MSM-A Total (KB): 512508 KB MSM-A Free (KB): 395796 KB...
Page 269: Show Process
show process show process show process {<name>} {detail} {description} {slot <slotid>} Description Displays the status of the ExtremeWare XOS processes. Command Syntax name Specifies the name of the process. detail Specifies more detailed process information. description Describes the name of all of the processes or the specified process running on the switch.
Page 270 Commands for Managing the ExtremeWare XOS Software Ready—The process is running. ■ Stopped—The process has been stopped. ■ Start Time—The current start time of the process. Options are: ● Day/Month/Date/Time/Year—The date and time the process began. If a process terminates and ■...
Page 271 show process MSM-A fdb 3.0.0.2 Ready Sat Dec 6 10:54:24 2003 ..The following is sample output from a Summit X450 switch: Process Name Version Restart State Start Time ------------------------------------------------------------------------- 3.0.0.2 Ready Thu Sep 1 17:00:52 2005 3.0.0.2 Ready Thu Sep 1 17:00:54 2005 Not Started 0 No license...
Page 272 Commands for Managing the ExtremeWare XOS Software vrrp 3.0.0.5 Ready Thu Sep 1 17:00:55 2005 xmld 1.0.0.0 Ready Thu Sep 1 17:00:56 2005 The following example specifies the process along with the keyword: detail show process aaa detail The following is sample output from this command: Name Path Type Link Date...
Page 273 show process The following example describes the name of all of the processes running on the switch: show process description The following is sample output from this command: Process Name Description --------------------------------------------------------------------------- Authentication, Authorization, and Accounting Server Access Control List Manager Border Gateway Protocol cfgmgr Configuration Manager...
Page 274 Commands for Managing the ExtremeWare XOS Software History This command was first available in an ExtremeWare XOS 10.1. keyword was added in ExtremeWare XOS 11.2. description Platform Availability This command is available on all available platforms. ExtremeWare XOS 11.3 Command Reference...
Page 275: Start Process
start process start process start process <name> {msm <slot>} Description Restarts the specified process on the switch. Syntax Description name Specifies the name of the process to start. You can start the following processes: • exsshd (only available if you have installed the SSH module) •...
Page 276 Commands for Managing the ExtremeWare XOS Software You can also use the command when upgrading a software modular package. For more start process information, see the section “Upgrading a Modular Software Package” Appendix “Software Upgrade and Boot Options” of the ExtremeWare XOS Concepts Guide. Example The following restarts the process tftpd: start process tftpd...
Page 277: Terminate Process
NOTE: This parameter is available only on modular switches. Default N/A. Usage Guidelines If recommended by Extreme Networks Technical Support personnel, you can stop a running process. option quickly terminates a process on demand. Unlike the option, the process forceful graceful is immediately shutdown without any of the normal process cleanup.
Page 278 Commands for Managing the ExtremeWare XOS Software To display the status of ExtremeWare XOS processes on the switch, including how many times a process has been restarted, use the show process {<name>} {detail} {description} {slot <slotid>} command. Depending on the software version running on your switch and the type of switch you have, you can terminate different or additional processes.
Page 279: Chapter 5: Commands For Configuring Slots And Ports On A Switch
Commands for Configuring Slots and Ports on a Switch This chapter describes commands related to: Enabling, disabling, and configuring individual ports ● Configuring port speed (Fast Ethernet ports only) and half- or full-duplex mode ● Creating link aggregation groups on multiple ports ●...
Page 280 Commands for Configuring Slots and Ports on a Switch information displays show real-time statistics, or you can configure the display to show a snapshot of real-time statistics (as in earlier versions of the software). Commands that require you to enter one or more port numbers use the parameter in the <port_list>...
Page 281: Clear Counters Ports
clear counters ports clear counters ports clear counters ports Description Clears the counters associated with the ports. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This command clears the counters for the ports, including the following: Statistics ●...
Page 282: Clear Lacp Counters
Commands for Configuring Slots and Ports on a Switch clear lacp counters clear lacp counters Description Clears the counters associated with Link Aggregations Control Protocol (LACP). Syntax Description This command has no parameters or variables. Default Usage Guidelines This command clears the following counters for LACP; it sets these counters back to 0 for every LACP port on the device: LACP PDUs dropped on non_LACP ports ●...
Page 283: Clear Counters Edp
clear counters edp clear counters edp clear counters edp {ports <ports>} Description Clears the counters associated with Extreme Discovery Protocol (EDP). Syntax Description ports Specifies one or more ports or slots and ports. Default If you do not specify a port, the EDP counters will be cleared for all ports. Usage Guidelines This command clears the following counters for EDP protocol data units (PDUs) sent and received per EDP port:...
Page 284: Clear Slot
Commands for Configuring Slots and Ports on a Switch clear slot clear slot <slot> Description Clears a slot of a previously assigned module type. Syntax Description slot Specifies the slot number. Default N/A. Usage Guidelines All configuration information related to the slot and the ports on the module is erased. If a module is present when you issue this command, the module is reset to default settings.
Page 285: Configure Edp Advertisement-Interval
The default setting for timer is 60 seconds, and for timeout is 180 seconds. Usage Guidelines Extreme Discover Protocol (EDP) is used to gather information about neighbor Extreme Networks switches. EDP-enabled ports advertise information about the Extreme switch to other switches on the interface and receive advertisements from other Extreme switches.
Page 286: Configure Ip-Mtu Vlan
Commands for Configuring Slots and Ports on a Switch configure ip-mtu vlan configure ip-mtu <mtu> vlan <vlan_name> Description Sets the maximum transmission unit (MTU) for the VLAN. Syntax Description IP maximum transmission unit (MTU) Specifies the value. Range is from 1500 to 9216.
Page 287 configure ip-mtu vlan History This command was available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 288: Configure Jumbo-Frame-Size
NOTE Extreme Networks recommends that you set the MTU size so that fragmentation does not occur. Some network interface cards (NICs) have a configured maximum MTU size that does not include the additional 4 bytes of CRC.
Page 289 configure jumbo-frame-size Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 290: Configure Mirroring Add
Commands for Configuring Slots and Ports on a Switch configure mirroring add configure mirroring add [vlan <name> {port <port>}| port <port> {vlan <name>}] {ingress | egress | ingress-and-egress} Description Adds a particular mirroring filter definition on the switch. Syntax Description vlan Specifies a VLAN.
Page 291 configure mirroring add Egress—Mirrors traffic sent from the port. ■ Ingress and egress—Mirrors all traffic forwarded by the port. ■ (If you omit the optional parameters, all traffic is forwarded; the default for port-based mirroring is ingress and egress). VLAN—All data to a particular VLAN, regardless of the physical port configuration, is copied to the ●...
Page 292: Configure Mirroring Delete
Commands for Configuring Slots and Ports on a Switch configure mirroring delete configure mirroring delete [all | port <port> {vlan <name>} |vlan <name> {port <port>}] Description Deletes a particular mirroring filter definition on the switch. Syntax Description Specifies all mirroring filter definitions. port Specifies a port or a slot and port.
Page 293 configure mirroring delete Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 294: Configure Ports Auto Off
Commands for Configuring Slots and Ports on a Switch configure ports auto off configure ports <port_list> auto off speed [10 | 100 | 1000 | 10000] duplex [half | full] Description Manually configures port speed and duplex setting configuration on one or more ports on a switch. Syntax Description port_list Specifies one or more ports or slots and ports.
Page 295 configure ports auto off History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 296: Configure Ports Auto On
Commands for Configuring Slots and Ports on a Switch configure ports auto on configure ports <port_list> auto on Description Enables autonegotiation for the particular port type. Syntax Description port_list Specifies one or more ports or slots and ports. Default Auto on for 1 Gbps ports. Auto off for 10 Gbps ports.
Page 297: Configure Ports Auto-Polarity
configure ports auto-polarity configure ports auto-polarity configure ports [<port_list> | all] auto-polarity [off | on] Description Configures the autopolarity detection feature on the specified Ethernet ports. Syntax Description port_list Specifies one or more ports on the switch. Specifies all of the ports on the switch. Disables the autopolarity detection feature on the specified ports.
Page 298: Configure Ports Display-String
Commands for Configuring Slots and Ports on a Switch configure ports display-string configure ports <port_list> display-string <string> Description Configures a user-defined string for a port or group of ports. Syntax Description port_list Specifies one or more ports or slots and ports. string Specifies a user-defined display string.
Page 299: Configure Ports Preferred-Medium
configure ports preferred-medium configure ports preferred-medium configure ports <port_list> preferred-medium [copper | fiber] {force} Description Configures the primary uplink port to use a preferred medium. Syntax Description port_list Specifies the port number. Valid port numbers are 1 to 4. copper Specifies that the switch should always use the 10/100/1000 BASE-T connection whenever a link is established even when a fiber link is also present.
Page 300 Commands for Configuring Slots and Ports on a Switch Platform Availability This command is available only on the Summit X450 switch. ExtremeWare XOS 11.3 Command Reference...
Page 301: Configure Ports Rate-Limit Flood
configure ports rate-limit flood configure ports rate-limit flood configure ports <port_list> rate-limit flood [broadcast | multicast | unknown-destmac] [no-limit | <pps>] Description Limits the amount of ingress flooded traffic; minimizes network impact of broadcast loops. Syntax Description port_list Specifies one primary port or slot and port. broadcast Specifies all broadcast packets.
Page 302: Configure Ports Redundant
Commands for Configuring Slots and Ports on a Switch configure ports redundant configure ports <primaryPort> redundant <secondaryPort> {link [on | off]} Description Configures a software-controlled redundant port. Syntax Description primaryPort Specifies one primary port or slot and port. redundantPort Specifies one or redundant port or slot and port. link Specifies state of link: •...
Page 303 configure ports redundant NOTE On the BlackDiamond 10K switch, 10 Gbps modules with a serial number lower than 804405-00-09 the software redundant port feature cover only those failures where both the TX and RX paths fail. If a single strand of fiber is pulled on these ports, the software redundant port cannot correctly recover from the failure.To display the serial number of the module, issue the show slot <slot_number>...
Page 304: Configure Sharing Add Ports
Commands for Configuring Slots and Ports on a Switch configure sharing add ports configure sharing <port> add ports <port_list> Description Adds ports to a load-sharing, or link aggregation, group. By using link aggregation, you use multiple ports as a single logical port. Link aggregation also provides redundancy because traffic is redistributed to the remaining ports in the LAG if one port in the group goes down.
Page 305 configure sharing add ports NOTE You cannot configure port-based load sharing algorithm on the BlackDiamond 8800 family of switches and the Summit X450 switch; you configure only address-based load-sharing algorithms. The available address-based parameters on the BlackDiamond 8800 family of switches and the Summit X450 switch are L2 for Layer 2 and L3 for Layer 3.
Page 306: Configure Sharing Address-Based
Commands for Configuring Slots and Ports on a Switch configure sharing address-based configure sharing address-based [L2 | L2_L3 | L2_L3_L4 |L2_L3_CHK_SUM | L2_L3_L4_CHK_SUM] Description Configures the part of the packet examined by the switch when selecting the egress port for transmitting link aggregation, or load-sharing, data.
Page 307 configure sharing address-based This command specifies the part of the packet header that the switch examines to select the egress port for address-based load-sharing trunks. The address-based load-sharing setting is global and applies to all load-sharing trunks, or LAGs, that are address-based. You change this setting by issuing the command again with a different option.
Page 308: Configure Sharing Delete Ports
Commands for Configuring Slots and Ports on a Switch configure sharing delete ports configure sharing <port> delete ports <port_list> Description Deletes ports from a link aggregation, or load-sharing, group. Syntax Description port Specifies the logical port for a load-sharing group or a link aggregation group (LAG).
Page 309: Configure Sharing Lacp System-Priority
configure sharing lacp system-priority configure sharing lacp system-priority configure sharing <port> lacp system-priority <priority> Description Configures the system priority used by LACP for each LAG to establish the station on which end assumes priority in determining those LAG ports moved to the collecting/distributing state of the protocol.
Page 310 Commands for Configuring Slots and Ports on a Switch Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 311: Configure Slot Module
configure slot module configure slot module configure slot <slot> module <module_type> Description Configures a slot for a particular I/O module card in a modular switch. Syntax Description slot Specifies the slot number. module_type Specifies the type of module for which the slot should be configured. The list of modules you can enter will vary depending on the type of switch and version of ExtremeWare XOS you are running.
Page 312 Commands for Configuring Slots and Ports on a Switch History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available only on modular switches. ExtremeWare XOS 11.3 Command Reference...
Page 313: Disable Edp Ports
EDP on one or more ports when you no disable edp ports longer need to locate neighbor Extreme Networks switches. Example The following command disables EDP on slot 1, ports 2 and 4 on a modular switch:...
Page 314: Disable Jumbo-Frame Ports
Commands for Configuring Slots and Ports on a Switch disable jumbo-frame ports disable jumbo-frame ports [all | <port_list>] Description Disables jumbo frame support on a port. Syntax Description Specifies all ports. port_list Specifies one or more ports or slots and ports. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch support only all ports;...
Page 315: Disable Learning Port
disable learning port disable learning port disable learning port [<port_list> | all] Description Disables MAC address learning on one or more ports for security purposes. Syntax Description port_list Specifies one or more ports or slots and ports. Specifies all ports and slots. Default Enabled.
Page 316: Disable Mirroring
Commands for Configuring Slots and Ports on a Switch disable mirroring disable mirroring Description Disables port mirroring. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines Use the command to stop all configured copied mirroring traffic. Use this disable mirroring command to unconfigure all the filters on the system.
Page 317: Disable Port
disable port disable port disable port [<port_list> | all] Description Disables one or more ports on the switch. Syntax Description port_list Specifies one or more ports or slots and ports. Specifies all ports on the switch. Default Enabled. Usage Guidelines Use this command for security, administration, and troubleshooting purposes.
Page 318: Disable Sharing
Commands for Configuring Slots and Ports on a Switch disable sharing disable sharing <port> Description Disables a load-sharing group of ports, also known as a link aggregation group (LAG). Syntax Description port Specifies the logical port of a load-sharing group or link aggregation group (LAG).
Page 319: Disable Slot
disable slot disable slot disable slot <slot> {offline} Description Disables slot and leaves that module in a power down state. Syntax Description slot Specifies the slot to be disabled. Offline Specifies that the slot be disabled offline. NOTE: This parameter available on the BlackDiamond 8800 family of switches (formerly known as Aspen) only.
Page 320 Commands for Configuring Slots and Ports on a Switch Example The following command disables slot 5 on the switch: disable slot 5 History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available only on modular switches. parameter is available only on the BlackDiamond 8800 family of switches.
Page 321: Disable Smartredundancy
disable smartredundancy disable smartredundancy disable smartredundancy <port_list> Description Disables the Smart Redundancy feature. Syntax Description port_list Specifies one or more ports or slots and ports. Default Enabled. Usage Guidelines The Smart Redundancy feature works in concert with the software-controlled redundant feature. When Smart Redundancy is disabled, the switch attempts only to reset the primary port to active if the redundant port fails.
Page 322: Enable Edp Ports
EDP is useful when Extreme Networks switches are attached to a port. The EDP is used to locate neighbor Extreme Networks switches and exchange information about switch configuration. When running on a normal switch port, EDP is used to by the switches to exchange topology information with each other.
Page 323 enable edp ports Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 324: Enable Jumbo-Frame Ports
Commands for Configuring Slots and Ports on a Switch enable jumbo-frame ports enable jumbo-frame ports [all | <port_list>] Description Enables support on the physical ports that will carry jumbo frames. Syntax Description Specifies ports. port_list Specifies one or more slots and ports. NOTE: The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch support only all ports;...
Page 325 enable jumbo-frame ports History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 326: Enable Learning Port
Commands for Configuring Slots and Ports on a Switch enable learning port enable learning port [all | <port_list>] Description Enables MAC address learning on one or more ports. Syntax Description Specifies all ports. port_list Specifies one or more ports or slots and ports. Default Enabled.
Page 327: Enable Mirroring To Port
enable mirroring to port enable mirroring to port enable mirroring to port [<port>] [tagged | untagged] Description Dedicates a port on the switch to be the mirror output port, or the monitor port. Syntax Description port Specifies the mirror output port. tagged Specifies the mirror output, or monitor, port is tagged.
Page 328 Commands for Configuring Slots and Ports on a Switch All traffic egressing the monitor port is tagged on the BlackDiamond 8800 family of switches and the Summit X450 switch. Even if some untagged ports send mirrored traffic to the monitor port, that traffic also egresses the monitor port tagged with the internal VLAN ID.
Page 329: Enable Port
enable port enable port enable port [<port_list> | all] Description Enables a port. Syntax Description port_list Specifies one or more ports or slots and ports. Specifies all ports on the switch. Default All ports are enabled. Usage Guidelines Use this command to enable the port(s) if you disabled the port(s) for security, administration, or troubleshooting purposes.
Page 330: Enable Sharing Grouping
Commands for Configuring Slots and Ports on a Switch enable sharing grouping enable sharing <port> grouping <port_list> {algorithm [port-based | address-based {L2|L3}]} {lacp} Description Enables the switch to configure port link aggregation, or load sharing. By using link aggregation, you use multiple ports as a single logical port.
Page 331 enable sharing grouping Link aggregation must be enabled on both ends of the link, or a network loop will result. NOTE See ExtremeWare XOS Concepts Guide for information on the interaction of port-based ACLs and LAGs of ports. Modular switch LAGs are defined according to the following rules: Although you can reference only the logical port of a LAG to a Spanning Tree Domain (STPD), all the ●...
Page 332 Commands for Configuring Slots and Ports on a Switch On the BlackDiamond 10K switch, if you do not explicitly select an algorithm, the port-based scheme is used. However, the address-based algorithm has a more even distribution and is the recommended choice.
Page 333: Enable Slot
enable slot enable slot enable slot <slot> Description Enables slots. Syntax Description slot Specifies the slot to be enabled. Default Enabled. Usage Guidelines NOTE On the BlackDiamond 8800 family of switches, this command only applies to the data, or I/O, ports on slots holding an MSM (slot 5 and possibly 6 on the BlackDiamond 8810;...
Page 334 Commands for Configuring Slots and Ports on a Switch Example The following command enables slot 5 on the switch: enable slot 5 History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available only on modular switches. ExtremeWare XOS 11.3 Command Reference...
Page 335: Enable Smartredundancy
enable smartredundancy enable smartredundancy enable smartredundancy <port_list> Description Enables the Smart Redundancy feature on the primary port. Syntax Description portlist Specifies one or more ports or slots and ports. Default Enabled. Usage Guidelines You must configure the software-controlled redundant port using the configure ports redundant command prior to enabling Smart Redundancy.
Page 336: Restart Ports
Commands for Configuring Slots and Ports on a Switch restart ports restart ports [all | <port_list> Description Resets autonegotiation for one or more ports by resetting the physical link. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports. Default N/A.
Page 337: Run Msm-Failover
run msm-failover run msm-failover run msm-failover {force} Description Causes a user-specified node failover. Syntax Description force Force failover to occur. Default N/A. Usage Guidelines Use this command to cause the primary MSM to failover to the backup MSM. Before you initiate failover, use the command to confirm that the nodes are in show switch {detail} sync and have identical software and switch configurations.
Page 338 Commands for Configuring Slots and Ports on a Switch Platform Availability This command is available only on modular switches. ExtremeWare XOS 11.3 Command Reference...
Page 339: Show Edp
{ports [all | <ports>] {detail}} Description Displays connectivity and configuration information for neighboring Extreme Networks switches. Syntax Description ports Specifies one or more ports or slots and ports. Specifies all ports. detail Show detailed information.
Page 340 Commands for Configuring Slots and Ports on a Switch The following command displays the connectivity and configuration of neighboring Extreme Networks switches: show edp ports 1:1 detail Following is sample output from this command: ============================================================================= Port 1:1: EDP is Enabled...
Page 341: Show Lacp
show lacp show lacp show lacp Description Displays LACP, or dynamic link aggregation, settings on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This command displays the following information about the LACP LAGs configured on the switch: Up or Down ●...
Page 342 Commands for Configuring Slots and Ports on a Switch If this number is lower than the number displayed for the Actor Key, the partner system is the ■ controlling partner in the LAG. Agg Count ● Identifies the number of ports added to the aggregator for that LAG. ■...
Page 343: Show Lacp Lag
show lacp lag show lacp lag show lacp lag <group-id> {detail} Description Displays LACP, or dynamic link aggregation, settings for the specified LAG. Syntax Description group-id Specifies the LAG group ID you want to display. This is the number of the port you configured as the logical port of the LAG.
Page 344 Commands for Configuring Slots and Ports on a Switch Rx State—Receiving state of the port ● Idle ■ Initialized ■ Current—Receiving LACP PDUs ■ Expired ■ Defaulted ■ Sel Logic—Selection state of the port ● Selected—Ports with a matching admin key on the remote end. ■...
Page 345 show lacp lag show lacp lag 1 The following is sample output from this command on a modular switch: Actor Actor Partner Partner Partner Sys-Pri Sys-Pri Count -------------------------------------------------------------------------------- 0x0fa5 00:01:30:f9:9c:30 0x1f47 Port list: Member Actor Partner Port State Logic State Flags Port --------------------------------------------------------------------------------...
Page 346 Commands for Configuring Slots and Ports on a Switch History This command was first available in ExtremeWare XOS 11.3. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 347: Show Lacp Member-Port
show lacp member-port show lacp member-port show lacp member-port <port> {detail} Description Displays LACP, or dynamic link aggregation, settings for the specified port that is a member of any LAG. Syntax Description port Specifies the port number. detail Show detailed information. Default N/A.
Page 348 Commands for Configuring Slots and Ports on a Switch G—Aggregation ■ S—Synchronization ■ C—Collecting ■ D—Distributing ■ F—Defaulted ■ E—Expired ■ Partner Port ● The operational value of the port number assigned to this link by partner. ■ Up or Down ●...
Page 349 show lacp member-port Current Selected Collect-Dist A-GSCD-- 1005 : Yes Enabled : Yes Link State : Up Ready_N : Yes Wait pending : No Ack pending : No LAG Id: S.pri:0 , S.id:00:04:96:1f:a5:2e, K:0x03ed, P.pri:0 , P.num:1005 T.pri:0 , T.id:00:04:96:1f:a5:76, L:0x03ed, Q.pri:0 , Q.num:1005 Stats: Rx - Accepted...
Page 350: Show Mirroring
Commands for Configuring Slots and Ports on a Switch show mirroring show mirroring Description Displays the port-mirroring configuration on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines You must enable mirroring on the switch prior to configuring mirroring, and you must configure mirroring to display mirroring statistics.
Page 351 show mirroring BlackDiamond 10K switch only. Following is sample output from this command on the BlackDiamond 10K switch that is configured for port-based mirroring: Mirror port: 1:5 is up tagged Number of Mirroring filters: 1 Mirror Port configuration: Port number 2:1 in all vlans History This command was first available in ExtremeWare XOS 10.1.
Page 352: Show Ports Collisions
Commands for Configuring Slots and Ports on a Switch show ports collisions show ports {mgmt | <port_list>} collisions {no-refresh} Description Displays real-time collision statistics. Syntax Description mgmt Specifies the management port. port_list Specifies one or more ports or slots and ports. no-refresh Specifies a static snapshot of data.
Page 353 show ports collisions History This command was first available in ExtremeWare XOS 10.1. variable was added in ExtremeWare XOS 11.2. Not Present variable was added in ExtremeWare XOS 11.3. no-refresh Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 354: Show Ports Configuration
Commands for Configuring Slots and Ports on a Switch show ports configuration show ports {mgmt | <port_list>} configuration {no-refresh} Description Displays port configuration statistics. Syntax Description mgmt Specifies the management port. port_list Specifies one or more ports or slots and ports. no-refresh Specifies a static snapshot of data.
Page 355 show ports configuration Example The following command displays the port configuration for all ports: show ports configuration Port Configuration Port Virtual Port Link Auto Speed Duplex Flow Load Media router State State Neg Cfg Actual Cfg Actual Cntrl Master Primary ================================================================================ VR-Default AUTO...
Page 356 Commands for Configuring Slots and Ports on a Switch History This command was first available in ExtremeWare XOS 10.1. variables were added in ExtremeWare XOS 11.2. Port not present Media variable was added in ExtremeWare XOS 11.3. no-refresh Platform Availability This command is available on all platforms.
Page 357: Show Ports Information
show ports information show ports information show ports {mgmt | <port_list>} information {detail} Description Displays detailed system-related information. Syntax Description mgmt Specifies the management port. port_list Specifies one or more ports of slots and ports. detail Specifies detailed port information. Default N/A.
Page 358 Commands for Configuring Slots and Ports on a Switch This status information may be useful for your technical support representative if you have a network problem. parameter is used to provided more specific port information. The data is called out with detail written explanations versus displayed in a table format.
Page 359 show ports information Name: Default, Internal Tag = 1 (MAC-Based), MAC-limit = No-limit STP cfg: s0(disable), Tag=(none), Mode=802.1D, State=FORWARDING Protocol: Name: Default Protocol: ANY Match all protocols. Trunking: Load sharing is not enabled. EDP: Enabled DLCS: Unsupported lbDetect: Unsupported Learning: Enabled Unicast Flooding: Enabled...
Page 360 Commands for Configuring Slots and Ports on a Switch DLCS: Unsupported lbDetect: Unsupported Learning: Enabled Unicast Flooding: Enabled Multicast Flooding: Enabled Broadcast Flooding: Enabled Jumbo: Disabled BG QoS monitor: Unsupported QoS Profile: None configured Queue: MinBw = 0% MaxBw = 100% Pri = 1 MinBw =...
Page 361: Show Ports Packet
show ports packet show ports packet show ports {mgmt | <port_list>} packet {no-refresh} Description Displays a histogram of packet statistics. Syntax Description mgmt Specifies the management port. port_list Specifies one or more ports or slots and ports. no-refresh Specifies a static snapshot of data. Default Real-time statistics.
Page 362 Commands for Configuring Slots and Ports on a Switch ================================================================================ Link Status: A-Active R-Ready, NP-Port not present History This command was first available in ExtremeWare XOS 10.1. variable was added in ExtremeWare XOS 11.2. Port Not Present variable was added in ExtremeWare XOS 11.3. no-refresh Platform Availability This command is available on all platforms.
Page 363: Show Ports Redundant
show ports redundant show ports redundant show ports redundant Description Displays detailed information about redundant ports. Syntax This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays information on software-controlled redundant ports on the switch: show ports redundant Following is sample output from this command: Primary: *1:1...
Page 364: Show Ports Sharing
Commands for Configuring Slots and Ports on a Switch show ports sharing show ports sharing Description Displays port load-sharing groups, or link aggregation groups (LAGs). Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Output from this command displays the following information: Config Master—The port that is configured as the master logical port of the link aggregation group ●...
Page 365 show ports sharing Static =========================================================================== Link Status: A-Active, D-Disabled, R-Ready, NP-Port not present Load Sharing Algorithm: (L2) Layer 2 address based, (L3) Layer 3 address based Default algorithm: L2 Number of load sharing trunks: 2 History This command was first available in ExtremeWare XOS 10.1. The LACP (dynamic link aggregation) feature was added in ExtremeWare XOS 11.3.
Page 366: Show Ports Utilization
Commands for Configuring Slots and Ports on a Switch show ports utilization show ports {mgmt | <port_list>} utilization {bandwidth | bytes | packets} Description Displays real-time port utilization information. The total utilization displays as real-time information, constantly refreshing, and the parameter displays show a snapshot of the activity on the port when you issue the command.
Page 367 show ports utilization ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present Spacebar->toggle screen U->page up D->page down ESC->exit The following example shows sample output from the show ports utilization bandwidth command: Port Link Link Receive Peak Rx Transmit Peak Transmit Status Speed % bandwidth...
Page 368 Commands for Configuring Slots and Ports on a Switch Status bytes/sec bytes/sec bytes/sec bytes/sec ================================================================================ ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present The following example shows sample output of the command: show ports utilization packets Port Link Receive Peak Rx Transmit Peak Transmit...
Page 369 show ports utilization ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present History This command was first available in ExtremeWare XOS 11.3. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 370: Show Slot
Commands for Configuring Slots and Ports on a Switch show slot show slot {<slot> {detail} | detail } Description Displays the slot-specific information. Syntax Description slot Specifies a slot on a modular switch. detail Specifies detailed port information. Default N/A. Usage Guidelines command displays the following information: show slot...
Page 371 show slot Example You see slightly different displays, depending on the platform. BlackDiamond 8800 family of switches (formerly known as Aspen) only. The following example displays module information for all slots: Slots Type Configured State Ports Flags ------------------------------------------------------------------------------- Slot-1 Empty Slot-2 G24X G24X...
Page 372 Commands for Configuring Slots and Ports on a Switch Slot-6 Empty Slot-7 G60T Operational Slot-8 Empty MSM-A MSM-1XL Operational MSM-B MSM-1XL Present Flags : M - Backplane link to Master MSM is Active B - Backplane link to Backup MSM is also Active D - Slot Disabled, S - Slot Secured I - Insufficient Power (refer to "show power budget") E - Errors on slot will be ignored (no corrective action initiated)
Page 373 show slot Slot-3 information: State: Empty Flags: Serial number: Hw Module Type: Configured Type: Ports available: Slot-4 information: State: Empty Flags: Serial number: Hw Module Type: Configured Type: Ports available: Slot-5 information: State: Empty Flags: Serial number: Hw Module Type: Configured Type: Ports available: Slot-6 information:...
Page 374 Commands for Configuring Slots and Ports on a Switch Serial number: 804301-00-02 ENGSN00017 Hw Module Type: MSM-1XL Configured Type: Ports available: MSM-B information: State: Present Download %: Flags: Serial number: 804301-00-02 ENGSN00029 Hw Module Type: MSM-1XL Configured Type: Ports available: Flags : M - Backplane link to Master MSM is Active B - Backplane link to Backup MSM is also Active D - Slot Disabled, S - Slot Secured...
Page 375: Unconfigure Ports Display String
unconfigure ports display string unconfigure ports display string unconfigure ports <port_list> display-string Description Clears the user-defined display string from one or more ports. Syntax Description port_list Specifies one or more ports or slots and ports. Default N/A. Usage Guidelines This command removes the display string that you configured using the configure ports display- command.
Page 376: Unconfigure Ports Redundant
Commands for Configuring Slots and Ports on a Switch unconfigure ports redundant unconfigure ports <port_list> redundant Description Clears a previously configured software-controlled redundant port. Syntax Description port_list This refers to the primary port of the redundant pair and specifies one or more ports or slots and ports.
Page 377: Unconfigure Slot
unconfigure slot unconfigure slot unconfigure slot <slot> Description Clears a slot of a previously assigned module type. Syntax Description slot Specifies a slot on a modular switch. Default N/A. Usage Guidelines If you issue the command on a slot containing a module with any ports configured unconfigure slot for software-controlled redundancy, this command wipes away all software-controlled redundancy on both ports;...
Page 378 Commands for Configuring Slots and Ports on a Switch ExtremeWare XOS 11.3 Command Reference...
Page 379: Chapter 6: Lldp Commands
LLDP Commands Beginning with ExtremeWare XOS version 11.2, the software supports the Link Layer Discovery Protocol (LLDP). LLDP provides a standard method of discovering and representing the physical network connections of a given network management domain. LLDP works together with Extreme Discovery Protocol (EDP).
Page 380: Configure Lldp Ports Management-Address
LLDP Commands configure lldp ports management-address configure lldp ports [all | <port_list>] [advertise | no-advertise] management-address Description Configures the LLDP port to advertise or not to advertise management address information to its neighbors. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports.
Page 381: Configure Lldp Ports Port-Description
configure lldp ports port-description configure lldp ports port-description configure lldp ports [all | <port_list>] [advertise | no-advertise] port- description Description Configures the LLDP port to advertise or not advertise port description information to its neighbors. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports.
Page 382: Configure Lldp Ports System-Capabilities
LLDP Commands configure lldp ports system-capabilities configure lldp ports [all | <port_list>] [advertise | no-advertise] system- capabilities Description Configures the LLDP port to advertise or not to advertise its system capabilities to its neighbors. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports.
Page 383: Configure Lldp Ports System-Description
configure lldp ports system-description configure lldp ports system-description configure lldp ports [all | <port_list>] [advertise | no-advertise] system- description Description Configures the LLDP port to advertise or not to advertise its system description to its neighbors. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports.
Page 384: Configure Lldp Ports System-Name
LLDP Commands configure lldp ports system-name configure lldp ports [all | <port_list>] [advertise | no-advertise] system- name Description Configures the LLDP port to advertise or not to advertise its system name to its neighbors. Syntax Description Specifies all ports on the switch. Specifies one or more ports or slots and ports.
Page 385: Configure Lldp Ports Vendor-Specific Dot1 Port-Vlan-Id
configure lldp ports vendor-specific dot1 port-vlan-ID configure lldp ports vendor-specific dot1 port-vlan-ID configure lldp ports [all | <port_list>] [advertise | no-advertise] vendor- specific dot1 port-vlan-ID Description Configures the LLDP port to advertise or not advertise port vlan ID information to its neighbors. This allows a VLAN bridge port to advertise the port VLAN identifier that is associated with untagged or priority-tagged frames.
Page 386: Configure Lldp Ports Vendor-Specific Dot1 Port-Protocol-Vlan-Id
This TLV does not send information on the type of protocol that the VLAN has enabled; it just says whether the port is enabled or disabled for protocol-based VLANs. As Extreme Networks devices are always capable of supporting protocol-based VLANs, once you configure this TLV, the system always advertises support these VLANs.
Page 387 configure lldp ports vendor-specific dot1 port-protocol-vlan-ID Example The following command configures all ports to advertise port and protocol VLAN information to neighbors for all VLANs on all ports: configure lldp ports all advertise vendor-specific dot1 port-protocol-vlan-id History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms.
Page 388: Configure Lldp Ports Vendor-Specific Dot1 Vlan-Name
LLDP Commands configure lldp ports vendor-specific dot1 vlan-name configure lldp ports [all | <port_list>] [advertise | dont-advertise] vendor-specific dot1 vlan-name {vlan [all | <vlan_name>]} Description Configures the LLDP port to advertise or not advertise VLAN name information to its neighbors. Use this TLV to advertise information for the tagged VLANs you want to specify on the port.
Page 389 configure lldp ports vendor-specific dot1 vlan-name Example The following command configures all ports to not advertise VLAN name information to neighbors: configure lldp ports all no-advertise vendor-specific dot1 vlan-name History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms.
Page 390: Configure Lldp Ports Vendor-Specific Dot3 Link-Aggregation
LLDP Commands configure lldp ports vendor-specific dot3 link- aggregation configure lldp ports [all | <port_list>] [advertise | no-advertise] vendor- specific dot3 link-aggregation Description Configures the LLDP port to advertise or not advertise link-aggregation capabilities to its neighbors. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports.
Page 391: Configure Lldp Ports Vendor-Specific Dot3 Mac-Phy
configure lldp ports vendor-specific dot3 mac-phy configure lldp ports vendor-specific dot3 mac-phy configure lldp ports [all | <port_list>] [advertise | no-advertise] vendor- specific dot3 mac-phy Description Configures the LLDP port to advertise or not advertise MAC and physical layer capabilities to its neighbors.
Page 392: Configure Lldp Ports Vendor-Specific Dot3 Max-Frame-Size
LLDP Commands configure lldp ports vendor-specific dot3 max-frame- size configure lldp ports [all | <port_list>] [advertise | no-advertise] vendor- specific dot3 max-frame-size Description Configures the LLDP port to advertise or not advertise its maximum frame size to its neighbors. Syntax Description Specifies all ports on the switch.
Page 393: Configure Lldp Ports Vendor-Specific Dot3 Power-Via-Mdi
Specifies not to send the information to neighbors. Default No advertise. Usage Guidelines When configured, the system includes this TLV. Extreme Networks recommends enabling this TLV only on PoE-capable ports. The following information is transmitted for LLDP ports with this TLV: Support PoE or not ●...
Page 394 LLDP Commands Example The following command configures all ports to advertise power capabilities to neighbors: configure lldp ports all advertise vendor-specific dot3 power-via-mdi History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 395: Configure Lldp Reinitialize-Delay
configure lldp reinitialize-delay configure lldp reinitialize-delay configure lldp reinitialize-delay <seconds> Description Configures the delay before the receive state machine is reinstalled once the LLDP transmit mode has been disabled. Syntax Description seconds Specifies the delay that applies to the reinitialization attempt. The range is 1 to 10 seconds.
Page 396: Configure Lldp Snmp-Notification-Interval
LLDP Commands configure lldp snmp-notification-interval configure lldp snmp-notification-interval <seconds> Description Configures the allowed interval at which Simple Network Management Protocol (SNMP) notifications are sent. Syntax Description seconds Specifies the interval at which LLDP SNMP notifications are sent. The range is 5 to 3600 seconds.
Page 397: Configure Lldp Transmit-Delay
configure lldp transmit-delay configure lldp transmit-delay configure lldp transmit-delay [ auto | <seconds>] Description Configures the delay time between successive frame transmissions initiated by a value change or status change in any of the LLDP local systems Management Information Base (MIB). The option uses a auto formula (0.25 * transmit-interval) to calculate the number of seconds.
Page 398: Configure Lldp Transmit-Hold
LLDP Commands configure lldp transmit-hold configure lldp transmit-hold <hold> Description Calculates the actual time-to-live (TTL) value used in the LLDPDU messages. The formula is transmit- ; by default the TTL value is (30*4) 120 seconds. interval * transmit-hold Syntax Description hold Used to calculate the TTL value;...
Page 399: Configure Lldp Transmit-Interval
configure lldp transmit-interval configure lldp transmit-interval configure lldp transmit-interval <seconds> Description Configures the periodic transmittal interval for LLDPDUs. Syntax Description seconds Specifies the time between LLDPDU transmissions. The range is 5 to 32768. Default 30 seconds. Usage Guidelines N/A. Example The following command configures a transmittal interval of 20 seconds for LLDPDUs.
Page 400: Disable Lldp Ports
LLDP Commands disable lldp ports disable lldp ports [all | <port_list>] {receive-only | transmit-only} Description Disables LLDP transmit mode, receive mode, or transmit and receive mode on the specified port or ports. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports.
Page 401: Disable Snmp Traps Lldp
disable snmp traps lldp disable snmp traps lldp disable snmp traps lldp {ports [all | <port_list>]} Description Disables the sending of LLDP-specific SNMP traps on the specified port or ports. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports. Default Disabled.
Page 402: Enable Lldp Ports
LLDP Commands enable lldp ports enable lldp ports [all | <port_list>] {receive-only | transmit-only} Description Enables LLDP transmit mode, receive mode, or transmit and receive mode. If the transmit or receive option is not specified, both transmit and receive modes are enabled. Syntax Description Specifies all ports on the switch.
Page 403: Enable Snmp Traps Lldp
enable snmp traps lldp enable snmp traps lldp enable snmp traps lldp {ports [all | <port_list>]} Description Enables the transmission of LLDP SNMP trap notifications. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports. Default Disabled.
Page 404: Show Lldp
LLDP Commands show lldp show lldp {port [all | <port_list>]} {detailed} Description Displays LLDP configuration information for the specified port or ports. Use the keyword to detailed display the configured VLANs on the port and the enabled VLAN-specific TLVs. Syntax Description Specifies all ports on the switch.
Page 405 show lldp The following example includes detailed information on the LLDP configuration for port 1: # show lldp port 1 detailed LLDP transmit interval : 30 seconds LLDP transmit hold multiplier (used TTL = 120 seconds) LLDP transmit delay : 2 seconds LLDP SNMP notification interval : 5 seconds LLDP reinitialize delay : 2 seconds...
Page 406: Show Lldp Neighbors
LLDP Commands show lldp neighbors show lldp {port [all | <port_list>]} neighbors {detailed} Description Displays the information related to the LLDP neighbors detected on the specified port or ports. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports. detailed Shows detailed information on the neighbors.
Page 407 show lldp neighbors Neighbor: 00:30:48:42:F3:12/1:1, age 1 seconds - Chassis ID type: MAC address (4) Chassis ID : 00:30:48:42:F3:12 - Port ID type: ifName (5) Port ID : "1:1" - Time To Live: 120 seconds - Port Description: Port-2-Internet - System Name: CoreSwitch01 - System Description: "ExtremeWare X0S version 11.2.0.0 branch-shasta7_v\ 1111b7 by eelco on Tue Dec 14 09:51:30 CET 2004"...
Page 408: Show Lldp Statistics
LLDP Commands show lldp statistics show lldp {port [all | <port_list>]} statistics Description Displays statistical counters related to the specified port or ports. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports. Default N/A.
Page 409 show lldp statistics Example The following example lists statistical counters for all ports on the switch: # show lldp port all statistics Last table change time : Fri Dec 17 10:42:33 2004 Number of Table Inserts Number of Table Deletes Number of Table Drops Number of Table Age Outs : 0 Port...
Page 410: Unconfigure Lldp
LLDP Commands unconfigure lldp unconfigure lldp {port [all | <port_list>]} Description Leaves LLDP enabled and configured; restores the LLDP timer default values. Syntax Description Specifies all ports on the switch. port_list Specifies one or more ports or slots and ports. Default N/A.
Page 411: Chapter 7: Power Over Ethernet Commands
Power Over Ethernet Commands Power over Ethernet (PoE) is an effective method of supplying 48 VDC power to certain types of powered devices (PDs) through Category 5 or Category 3 twisted pair Ethernet cables. PDs include wireless access points, IP telephones, laptop computers, web cameras, and other devices. With PoE, a single Ethernet cable supplies power and the data connection, reducing costs associated with separate power cabling and supply.
Page 412: Clear Inline-Power Stats Ports
Power Over Ethernet Commands clear inline-power stats ports clear inline-power stats ports [all | <port_list>] Description Clears the inline statistics for the selected port to zero. Syntax Description Specifies all ports. port_list Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.
Page 413 clear inline-power stats ports Platform Availability This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches. ExtremeWare XOS 11.3 Command Reference...
Page 414: Configure Inline-Power Budget Slot
Power Over Ethernet Commands configure inline-power budget slot configure inline-power budget <num_watts> slot <slot> Description Sets the reserved power on the specified slot to the specified watts. Syntax Description num_watts Specifies the number of watts to reserve for specified slot for inline power. Enter an integer.
Page 415 configure inline-power budget slot Example The following command sets the power for slot 4 to 150 W: configure inline-power budget 150 slot 4 History This command was first available in ExtremeWare XOS 11.1. Platform Availability This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.
Page 416: Configure Inline-Power Disconnect-Precedence
Power Over Ethernet Commands configure inline-power disconnect-precedence configure inline-power disconnect-precedence [deny-port | lowest-priority] Description Configures the disconnect precedence priority for the switch when a new PD is detected and the measured inline power for that slot is within 19 W or the slot’s PoE power budget. Syntax Description deny-port Specifies power be denied to PD requesting power, regardless of priority.
Page 417 configure inline-power disconnect-precedence History This command was first available in ExtremeWare XOS 11.1. Platform Availability This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches. ExtremeWare XOS 11.3 Command Reference...
Page 418: Configure Inline-Power Label Ports
Power Over Ethernet Commands configure inline-power label ports configure inline-power label <string> ports <port_list> Description Lets you create your own label for a specified PoE port or group of PoE ports. Syntax Description string Specifies a name up to 15 characters in length to identify the specified power port(s).
Page 419 configure inline-power label ports Platform Availability This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches. ExtremeWare XOS 11.3 Command Reference...
Page 420: Configure Inline-Power Operator-Limit Ports
Power Over Ethernet Commands configure inline-power operator-limit ports configure inline-power operator-limit <milliwatts> ports [all |<port_list>] Description Sets the power limit allowed for PDs connected to the specified ports. Syntax Description milliwatts An integer specifying the maximum allowed power in milliwatts; the range is 3000 to 16800 mW.
Page 421: Configure Inline-Power Priority Ports
configure inline-power priority ports configure inline-power priority ports configure inline-power priority [critical | high | low] ports <port_list> Description Sets the PoE priority on the specified ports. Syntax Description critical | high | low Sets the PoE priority for the specified ports. port_list Specifies one or more slots and ports.
Page 422: Configure Inline-Power Usage-Threshold
Power Over Ethernet Commands configure inline-power usage-threshold configure inline-power usage-threshold <threshold> Description Sets the inline power usage SNMP event threshold. Syntax Description threshold Specifies the percentage of budgeted power used on any PoE module that causes the system to send an SNMP event and create a log message. The range 1 to 99; the default value is 70.
Page 423: Disable Inline-Power
disable inline-power disable inline-power disable inline-power Description Shuts down PoE power currently provided on all ports on all slots. Syntax Description This command has no arguments or variables Default Enable. Usage Guidelines You can control whether inline power is provided to the system by using the disable inline-power command and the command.
Page 424 Power Over Ethernet Commands Platform Availability This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches. ExtremeWare XOS 11.3 Command Reference...
Page 425: Disable Inline-Power Legacy Slot
disable inline-power legacy slot disable inline-power legacy slot disable inline-power legacy slot <slot> Description Disables the non-standard (or capacitance) power detection mechanism for the specified slot. Syntax Description slot Disables non-standard power detection for specified slot. Default Disable. Usage Guidelines This command disables the non-standard power-detection mechanism on the specified slot.
Page 426: Disable Inline-Power Ports
Power Over Ethernet Commands disable inline-power ports disable inline-power ports [all | <port_list>] Description Shuts down PoE power currently provided to all ports or to specified ports. Syntax Description Disables inline power to all ports on the switch. port_list Disables inline power to the specified ports. Default Enable.
Page 427: Disable Inline-Power Slot
disable inline-power slot disable inline-power slot disable inline-power slot <slot> Description Shuts down PoE power currently provided to the specified slot. Syntax Description slot Disables inline power to specified slot. Default Enable. Usage Guidelines Disabling inline power to a slot immediately removes power to any connected PDs. By default, the capability to provide inline power to a slot is enabled.
Page 428: Enable Inline-Power
Power Over Ethernet Commands enable inline-power enable inline-power Description Enables PoE power to all ports on all slots. Syntax Description This command has no arguments or variables. Default Enable. Usage Guidelines You can control whether inline power is provided to the system by using the disable inline-power command and the command.
Page 429 enable inline-power Example The following command enables inline power currently provided to all ports and all slots: enable inline-power History This command was first available in ExtremeWare XOS 11.1. Platform Availability This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.
Page 430: Enable Inline-Power Legacy Slot
Power Over Ethernet Commands enable inline-power legacy slot enable inline-power legacy slot <slot> Description Enables non-standard (or capacitance) power detection mechanism for the specified slot. Syntax Description slot Enables non-standard power detection for specified slot. Default Disable. Usage Guidelines This command enables the non-standard power-detection mechanism on the specified slot. Legacy PDs do not conform to the IEEE 802.3af standard but may be detected by the switch through a capacitance measurement.
Page 431: Enable Inline-Power Ports
enable inline-power ports enable inline-power ports enable inline-power ports [all | <port_list>] Description Enables PoE power currently provided to all ports or to specified ports. Syntax Description Enables inline power to all ports on the switch. port_list Enables inline power to the specified ports. Default Enable.
Page 432 Power Over Ethernet Commands Platform Availability This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches. ExtremeWare XOS 11.3 Command Reference...
Page 433: Enable Inline-Power Slot
enable inline-power slot enable inline-power slot enable inline-power slot <slot> Description Enables PoE power to the specified slot. Syntax Description slot Enables inline power to specified slot. Default Enable. Usage Guidelines Disabling inline power to a slot immediately removes power to any connected PDs. By default, inline power provided to all slots is enabled.
Page 434 Power Over Ethernet Commands Platform Availability This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches. ExtremeWare XOS 11.3 Command Reference...
Page 435: Reset Inline-Power Ports
reset inline-power ports reset inline-power ports reset inline-power ports <port_list> Description Power cycles the specified ports. Syntax Description portlist Specifies one or more slots and ports for which power is to be reset. May be in the form 2:*, 2:5, 2:6-2:8. Default N/A.
Page 436: Show Inline-Power
Power Over Ethernet Commands show inline-power show inline-power Description Displays inline power status information for the system. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines The output indicates the following inline power status information for the system: Configured inline power status—The status of the inline power for the switch: enabled or disabled.
Page 437 show inline-power NOTE For additional information on inline power parameters, refer to the command. show power budget To reduce the chances of ports fluctuating between powered and non-powered states, newly inserted PDs are not powered when the actual delivered power for the module is within approximately 19 W of the configured inline power budget for that slot.
Page 438 Power Over Ethernet Commands Slot-6 G48T Operational 0.00 0.00 0.00 Slot-7 G48P Operational 111.00 110.00 1.00 Inline Power (budgeted + 2% loss) 51.00 51.00 0.00 Slot-8 Empty Slot-9 Empty Slot-10 Empty MSM-A MSM-G8X Operational 151.00 150.00 1.00 MSM-B Empty 151.00 150.00 1.00 FanTray...
Page 439: Show Inline-Power Configuration Ports
show inline-power configuration ports show inline-power configuration ports show inline-power configuration ports <port_list> Description Displays inline power configuration information for the specified ports. Syntax Description port_list Specifies one or more ports. May be in the form 2:*, 2:5, 2:6-2:8. Default N/A.
Page 440 Power Over Ethernet Commands Enabled 15000 mW 3:10 Enabled 15000 mW History This command was first available in ExtremeWare XOS 11.1 Platform Availability This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches. ExtremeWare XOS 11.3 Command Reference...
Page 441: Show Inline-Power Info Ports
show inline-power info ports show inline-power info ports show inline-power info {detail} ports <port_list> Description Displays inline power information for the specified ports. Syntax Description port_list Specifies one or more ports. May be in the form 2:*, 2:5, 2:6-2:8. Default N/A.
Page 442 Power Over Ethernet Commands Curr—Displays the measured current, in milliamperes, drawn by the PD. ● Power—Displays the measured power, in watts, supplied to the PD. ● Fault—Displays the fault value: ● None ■ UV/OV fault ■ UV/OV spike ■ Over current ■...
Page 443 show inline-power info ports Detailed Status ● Priority—Displays the port’s configured PoE priority value, as follows: ● Critical ■ High ■ ■ Example The following command displays summary inline power information for ports 1 to 3 on slot 3: show inline-power info ports 3:1-3 Following is sample output from this command: Port State...
Page 444: Show Inline-Power Slot
Power Over Ethernet Commands show inline-power slot show inline-power slot <slot> Description Displays inline power information for the specified slot. Syntax Description slot Specifies the slot. Default N/A. Usage Guidelines The output indicates the following inline power status information for each slot: Inline power status—The status of inline power.
Page 445 show inline-power slot History This command was first available in ExtremeWare XOS 11.1. Platform Availability This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches. ExtremeWare XOS 11.3 Command Reference...
Page 446: Show Inline-Power Stats Ports
Power Over Ethernet Commands show inline-power stats ports show inline-power stats ports <port_list> Description Displays inline power statistics for the specified ports. Syntax Description port_list Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8. Default N/A.
Page 447 show inline-power stats ports Example The following command displays inline power configuration information for ports 1 to 10 in slot 3: show inline-power stats ports 3:1-10 Following is sample output from this command: STATISTICS COUNTERS Port State Class Absent InvSig Denied OverCurrent Short...
Page 448: Show Inline-Power Stats Slot
Power Over Ethernet Commands show inline-power stats slot show inline-power stats slot <slot> Description Displays inline power statistics for the specified slot. Syntax Description slot Specifies the slot. Default N/A. Usage Guidelines Use this command to produce a report that shows the firmware status and version plus how many ports are currently faulted, powered, and waiting for power for the selected slots.
Page 449 show inline-power stats slot Platform Availability This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches. ExtremeWare XOS 11.3 Command Reference...
Page 450: Unconfigure Inline-Power Budget Slot
Power Over Ethernet Commands unconfigure inline-power budget slot unconfigure inline-power budget slot <slot> Description Unconfigures the inline reserved power on the specified slot and returns the power budget on that slot to the default value of 50 W. Syntax Description slot Specifies the slot.
Page 451: Unconfigure Inline-Power Disconnect-Precedence
unconfigure inline-power disconnect-precedence unconfigure inline-power disconnect-precedence unconfigure inline-power disconnect-precedence Description Unconfigures the disconnect precedence setting and returns the switch to the default disconnect precedence value of deny port. Syntax Description This command has no arguments or variables. Default Deny-port. Usage Guidelines You configure this parameter for the entire switch;...
Page 452: Unconfigure Inline-Power Operator-Limit Ports
Power Over Ethernet Commands unconfigure inline-power operator-limit ports unconfigure inline-power operator-limit ports [all |<port_list>] Description Unconfigures the PoE operator limit setting and resets the power limit allowed for PDs connected to the specified ports to the default value of 15400 mW. Syntax Description Specifies all ports.
Page 453: Unconfigure Inline-Power Priority Ports
unconfigure inline-power priority ports unconfigure inline-power priority ports unconfigure inline-power priority ports [all | <port_list>] Description Unconfigures the PoE priority on the specified ports, and returns the ports to the default PoE port priority value of low. Syntax Description Specifies all ports. port_list Specifies one or more slots and ports.
Page 454: Unconfigure Inline-Power Usage-Threshold
Power Over Ethernet Commands unconfigure inline-power usage-threshold unconfigure inline-power usage-threshold Description Unconfigures the inline power usage alarm threshold and returns threshold to the default value of 70%. Syntax Description This command has no arguments or variables. Default Usage Guidelines This command unconfigures the PoE usage threshold setting for initiating SNMP event and EMS messages and returns the switch’s inline power usage threshold for to 70%.
Page 455: Chapter 8: Commands For Status Monitoring And Statistics
Commands for Status Monitoring and Statistics This chapter describes commands for: Configuring and managing the Event Management System/Logging ● Configuring and monitoring system health and statistics ● Enabling and disabling the collection of remote monitoring (RMON) statistics on the switch ●...
Page 456 Commands for Status Monitoring and Statistics sFlow Statistics ® sFlow is a technology for monitoring traffic in data networks containing switches and routers. It relies on statistical sampling of packets from high-speed networks, plus periodic gathering of the statistics. A User Datagram Protocol (UDP) datagram format is defined to send the information to an external entity for analysis.
Page 457: Clear Counters
Please refer to clear counters stp the specific chapter in the ExtremeWare XOS Command Reference Guide for more detailed information about those commands. Viewing and maintaining statistics on a regular basis allows you to see how well your network is performing.
Page 458: Clear Log
Commands for Status Monitoring and Statistics clear log clear log {error-led | static | messages [memory-buffer | nvram]} Description Clears the log messages in memory and NVRAM, and clears the ERR LED on the MSM. Syntax Description error-led Clears the ERR LED on the MSM. static Specifies that the messages in the NVRAM and memory-buffer targets are cleared, and the ERR LED on the MSM is cleared.
Page 459: Clear Log Counters
clear log counters clear log counters clear log counters {<event-condition> | [all | <event-component>] {severity <severity> {only}}} Description Clears the incident counters for events. Syntax Description event-condition Specifies the event condition counter to clear. Specifies that all events counters are to be cleared. event-component Specifies that all the event counters associated with a particular component should be cleared.
Page 460 Commands for Status Monitoring and Statistics History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 461: Configure Log Display
configure log display configure log display configure log display <severity> {only} Description Configures the real-time log-level message to display. Syntax Description severity Specifies a message severity. Severities include critical, error, warning, notice, info, debug-summary, debug-verbose, and debug-data. only Specifies only log messages of the specified severity level. Default If not specified, messages of all severities are displayed on the console display.
Page 462 Commands for Status Monitoring and Statistics History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 463: Configure Log Filter Events
configure log filter events configure log filter events configure log filter <name> [add | delete] {exclude} events [<event- condition> | [all | <event-component>] {severity <severity> {only}}] Description Configures a log filter to add or delete detailed feature messages based on a specified set of events. Syntax Description name Specifies the filter to configure.
Page 464 Commands for Status Monitoring and Statistics keyword was used. Subsequent filter items on the list are compared if necessary. If the list exclude of filter items has been exhausted with no match, the incident is excluded. Events, Components, and Subcomponents. As mentioned, a single event can be included or excluded by specifying the event’s name.
Page 465 configure log filter events More Information. See the command on page 532 for more information about severity levels. show log To get a listing of the components present in the system, use the following command: show log components To get a listing of event condition definitions, use the following command: show log events To see the current configuration of a filter, use the following command: show log configuration filter {<filter name>}...
Page 466: Configure Log Filter Events Match
Commands for Status Monitoring and Statistics configure log filter events match configure log filter <name> [add | delete] {exclude} events [<event- condition> | [all | <event-component>] {severity <severity> {only}}] [match | strict-match] <type> <value> Description Configures a log filter to add or delete detailed feature messages based on a specified set of events and match parameter values.
Page 467 configure log filter events match Types and Values. Each event in ExtremeWare XOS is defined with a message format and zero or more parameter types. The command on page 549 can be used to display event definitions show log events (the event text and parameter types).
Page 468 Commands for Status Monitoring and Statistics To configure a scoped IPv6 address with any VLAN, use the following command: configure log filter myFilter add events all match ipaddress 3ffe::/16%* To configure any scoped IPv6 address with a specific VLAN, use the following command: configure log filter myFilter add events all match ipaddress ::/0%Default NOTE In the previous example, if you specify the VLAN name, it must be a full match;...
Page 469 configure log filter events match Example By default, all log targets are associated with the built-in filter, DefaultFilter. Therefore, the most straightforward way to send additional messages to a log target is to modify DefaultFilter. In the following example, the command modifies the built-in filter to allow incidents in the STP component, and all subcomponents of STP, of severity critical, error, warning, notice and info.
Page 470: Configure Log Target Filter
Commands for Status Monitoring and Statistics configure log target filter configure log target [console | memory-buffer | primary-msm | backup-msm | nvram | session | syslog [all | <ipaddress> | <ipPort> {vr <vr_name>} [local0 ... local7]]] filter <filter-name> {severity <severity> {only}} Description Associates a filter to a target.
Page 471 configure log target filter This command associates the specified filter and severity with the specified target. A filter limits messages sent to a target. Although each target can be configured with its own filter, by default, all targets are associated with the built-in filter, DefaultFilter.
Page 472 Commands for Status Monitoring and Statistics Example The following command sends log messages to the previously syslog host at 10.31.8.25, port 8993, and facility , that pass the filter myFilter and are of severity and above: local3 warning configure log target syslog 10.31.8.25:8993 local3 filter myFilter severity warning The following command sends log messages to the current session, that pass the filter myFilter and are of severity and above:...
Page 473: Configure Log Target Format
configure log target format configure log target format configure log target [console | memory-buffer | nvram | session | syslog [all | <ipaddress> | <ipPort>] {vr <vr_name>} {local0 ... local7}]] format [timestamp [seconds | hundredths | none] | date [dd-mm-yyyy | dd-Mmm-yyyy | mm-dd-yyyy | Mmm-dd | yyyy-mm-dd | none] | severity | event-name [component | condition | none | subcomponent] | host-name...
Page 474 Commands for Status Monitoring and Statistics Default The following defaults apply to console display, memory buffer, NVRAM, and session targets: timestamp—hundredths ● date—mm-dd-yyyy ● severity—on ● event-name—condition ● host-name—off ● priority—off ● process-name—off ● process-slot—off (modular switches only) ● source-line—off ●...
Page 475 configure log target format Timestamps. Timestamps refer to the time an event occurred, and can be output in either seconds as described in RFC 3164 (for example, “13:42:56”), hundredths of a second (for example, “13:42:56.98”), or suppressed altogether. To display timestamps as hh:mm:ss, use the keyword, to display as seconds hh:mm:ss.HH, use the...
Page 476 Commands for Status Monitoring and Statistics Example In the following example, the switch generates the identical event from the component SNTP, using three different formats. Using the default format for the session target, an example log message might appear as: 05/29/2005 12:15:25.00 <Warn:SNTP.RslvSrvrFail>...
Page 477: Configure Log Target Match
configure log target match configure log target match configure log target [console | memory-buffer | nvram | primary-msm | backup-msm | session | syslog [all | <ipaddress> | <ipPort> {vr <vr_name>} [local0 ... local7]]] match [any |<match-expression>] Description Associates a match expression to a target. Syntax Description console Specifies the console display.
Page 478 Commands for Status Monitoring and Statistics associated filter, the message is at least as severe as the configured severity level, and the message output matches the regular expression specified. See the command on page 532 for a detailed description of simple regular expressions. By show log default, targets do not have a match expression.
Page 479: Configure Log Target Severity
configure log target severity configure log target severity configure log target [console | memory-buffer | nvram | primary-msm | backup-msm | session | syslog [all | <ipaddress> | <ipPort> {vr <vr_name>} [local0 ... local7]]] {severity <severity> {only}} Description Sets the severity level of messages sent to the target. Syntax Description console Specifies the console display.
Page 480 Commands for Status Monitoring and Statistics Usage Guidelines NOTE The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. This command configures the specified target with a severity level. The filter associated with the target is not affected.
Page 481: Configure Log Target Syslog
configure log target syslog configure log target syslog configure log target syslog [all | <ipaddress> | <ipPort>] {vr <vr_name>} {local0 ... local7} from <source-ip-address> Description Configures the syslog server’s IP address for one or all syslog targets. Syntax Description syslog Specifies a syslog target.
Page 482 Commands for Status Monitoring and Statistics If you do not configure a source IP address for the syslog target, the switch uses the IP address in the configured VR that has the closed route to the destination. Example The following command configures the IP address for the specified syslog target named orange: configure log target syslog orange from 10.234.56.78 History This command was first available in ExtremeWare XOS 10.1.
Page 483: Configure Sflow Agent Ipaddress
configure sflow agent ipaddress configure sflow agent ipaddress configure sflow agent {ipaddress} <ip-address> Description Configures the sFlow agent’s IP address. Syntax Description ip-address Specifies the IP address from which sFlow data is sent on the switch. Default The default configured IP address is 0.0.0.0, but the effective IP address is the management port IP address.
Page 484: Configure Sflow Collector Ipaddress
Commands for Status Monitoring and Statistics configure sflow collector ipaddress configure sflow collector {ipaddress} <ip-address> {port <udp-port-number>} {vr <vrname>} Description Configures the sFlow collector IP address. Syntax Description ip-address Specifies the IP address to send the sFlow data. udp-port-number Specifies the UDP port to send the sFlow data. vrname Specifies from which virtual router to send the sFlow data.
Page 485 configure sflow collector ipaddress History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 486: Configure Sflow Max-Cpu-Sample-Limit
Commands for Status Monitoring and Statistics configure sflow max-cpu-sample-limit configure sflow max-cpu-sample-limit <rate> Description Configures the maximum number of sFlow samples handled by the CPU per second. Syntax Description rate Specifies the maximum sFlow samples per second. Default The default value is 2000 samples per second. Usage Guidelines This command configures the maximum number of samples sent to the CPU per second.
Page 487: Configure Sflow Poll-Interval
configure sflow poll-interval configure sflow poll-interval configure sflow poll-interval <seconds> Description Configures the sFlow counter polling interval. Syntax Description seconds Specifies the number of seconds between polling each counter. The value can range from 0 to 3600 seconds. Default The default polling interval is 20 seconds. Usage Guidelines Each sFlow statistics counter is polled at regular intervals, and this data is then sent to the sFlow collector.
Page 488: Configure Sflow Ports Sample-Rate
Commands for Status Monitoring and Statistics configure sflow ports sample-rate configure sflow ports <portlist> sample-rate <number> Description Configures the sFlow per-port sampling rate. Syntax Description portlist Specifies a list of ports. number Specifies the fraction (1/number) of packets to be sampled. Default The default number is 8192, unless modified by the command.
Page 489 configure sflow ports sample-rate Example The following command sets the sample rate for the ports 4:6 to 4:10 to one packet out of every 16384: configure sflow ports 4:6-4:10 sample-rate 16384 History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms.
Page 490: Configure Sflow Sample-Rate
Commands for Status Monitoring and Statistics configure sflow sample-rate configure sflow sample-rate <number> Description Configures the sFlow default sampling rate. Syntax Description number Specifies the fraction (1/number) of packets to be sampled. Default The default number is 8192. Usage Guidelines This command configures the default sampling rate.
Page 491: Configure Sys-Health-Check Interval
■ Usage Guidelines Use this command with the guidance of Extreme Networks Technical Support personnel. The system health checker tests I/O modules and the backplane by forwarding backplane diagnostic packets. On the BlackDiamond 10K switch, additional checking for the validity of these packets is completed by performing a checksum.
Page 492 NOTE Extreme Networks does not recommend configuring an interval of less than the default interval. Doing this can cause excessive CPU utilization. BlackDiamond 10K Switch Only. If backplane diagnostic packets are disabled, you can use this command to configure the global polling interval on the switch.
Page 493 configure sys-health-check interval Example The following examples assume that you enabled backplane diagnostic packets on a specific I/O slot. On the BlackDiamond 10K switch, the following command configures the backplane diagnostic packet interval to 8 seconds and the polling interval to 80 seconds: configure sys-health-check interval 8 On the BlackDiamond 8800 family of switches, the following command configures the backplane diagnostic packet interval to 8 seconds:...
Page 494: Configure Sys-Recovery-Level
The system will always reboot after a task exception when the system recovery level is specified as all. Extreme Networks recommends using the default setting. Displaying the System Recovery Setting. To display the system recovery setting on the switch, use the...
Page 495 configure sys-recovery-level Example The following command configures a switch to not take an action when any task exception occurs: configure sys-recovery-level none History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 496: Configure Sys-Recovery-Level Slot
—Specifies that the offending MSM or I/O module be reset upon fault detection. ● reset To get the most from module recovery, Extreme Networks recommends using the default settings for both system recovery and module recovery. The default setting for system recovery is , and the default setting for module recovery is .
Page 497 I/O module to ensure that you are not experiencing a hardware issue. If the module continues to enter the failed state, please contact Extreme Networks Technical Support. If you experience an MSM failure, please contact Extreme Networks Technical Support.
Page 498 Commands for Status Monitoring and Statistics Example The following command configures a switch to not take an action when any task exception occurs: configure sys-recovery-level none History This command was first available in ExtremeWare XOS 11.3. Platform Availability This command is available only on modular switches. ExtremeWare XOS 11.3 Command Reference...
Page 499: Configure Syslog Add
configure syslog add configure syslog add configure syslog {add} [<ipaddress> | <ipPort>] {vr <vr_name>} [local0 ... local7] {<severity>} Description Configures the remote syslog server host address, and filters messages to be sent to the remote syslog target. Syntax Description ipaddress Specifies the remote syslog server IP address.
Page 500 Commands for Status Monitoring and Statistics command must be issued in order for messages to be sent to the remote syslog enable syslog server(s). Syslog is disabled by default. A total of four syslog servers can be configured at one time. When a syslog server is added, it is associated with the filter DefaultFilter.
Page 501: Configure Syslog Delete
configure syslog delete configure syslog delete configure syslog delete [all | <ipaddress> | <ipPort>] {vr <vr_name>} {local0 ... local7} configure syslog delete <host name/ip> {: <udp-port>} [local0 ... local7] Description Deletes a remote syslog server address. Syntax Description Specifies all remote syslog servers. ipaddress Specifies the remote syslog server IP address.
Page 502 Commands for Status Monitoring and Statistics Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 503: Create Log Filter
create log filter create log filter create log filter <name> {copy <filter name>} Description Creates a log filter with the specified name. Syntax Description name Specifies the name of the filter to create. copy Specifies that the new filter is to be copied from an existing one. filter name Specifies the existing filter to copy.
Page 504 Commands for Status Monitoring and Statistics History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 505: Delete Log Filter
delete log filter delete log filter delete log filter [<filter name> | all] Description Deletes a log filter with the specified name. Syntax Description filter name Specifies the filter to delete. Specifies that all filters, except DefaultFilter, are to be deleted Default N/A.
Page 506: Disable Cli-Config-Logging
Commands for Status Monitoring and Statistics disable cli-config-logging disable cli-config-logging Description Disables the logging of CLI configuration commands to the switch Syslog. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines Every command is displayed in the log window which allows you to view every command executed on the switch.
Page 507: Disable Log Debug-Mode
disable log debug-mode disable log debug-mode disable log debug-mode Description Disables debug mode. The switch stops logging events of severity debug-summary, debug-verbose, and debug-data. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines This command disables debug mode. Debug mode must be enabled prior to logging debug messages, which can severely degrade performance.
Page 508: Disable Log Display
Commands for Status Monitoring and Statistics disable log display disable log display Description Disables the sending of messages to the console display. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines If the log display is disabled, log information is no longer written to the serial console. This command setting is saved to FLASH and determines the initial setting of the console display at boot up.
Page 509: Disable Log Target
disable log target disable log target disable log target [console | memory-buffer | nvram | primary-msm | backup- msm | session | syslog [all | <ipaddress> | <ipPort>] {vr <vr_name>} [local0 ... local7]]] Description Stops sending log messages to the specified target. Syntax Description console Specifies the console display.
Page 510 Commands for Status Monitoring and Statistics Configuration changes to the target are in effect only for the duration of the console display or session telnet session, and are not saved in FLASH. Changes to the other targets are saved to FLASH. You can also use the following command to disable displaying the log on the console: disable log display command is equivalent to...
Page 511: Disable Rmon
disable rmon disable rmon disable rmon Description Disables the collection of RMON statistics on the switch. Syntax Description This command has no arguments or variables. Default By default, RMON is disabled. However, even in the disabled state, the switch responds to RMON queries and sets for alarms and events.
Page 512: Disable Sflow
Commands for Status Monitoring and Statistics disable sflow disable sflow Description Globally disables sFlow statistical packet sampling. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines This command disables sFlow globally on the switch. Example The following command disables sFlow sampling globally: disable sflow History This command was first available in ExtremeWare XOS 11.0.
Page 513: Disable Sflow Ports
disable sflow ports disable sflow ports disable sflow ports <portlist> Description Disables sFlow statistical packet sampling and statistics gathering on a particular list of ports. Syntax Description portlist Specifies a list of ports. Default Disabled. Usage Guidelines This command disables sFlow on a particular list of ports. Once sFlow is disabled on a port, sampling and polling will stops.
Page 514: Disable Sys-Health-Check
Commands for Status Monitoring and Statistics disable sys-health-check disable sys-health-check slot <slot> Description Discontinues sending backplane diagnostic packets. Syntax Description slot Specifies the slot to disable sending backplane diagnostic packets. Default Polling is enabled, backplane diagnostic packets are disabled. Depending upon your platform, when disabling backplane diagnostic packets, the following defaults apply: BlackDiamond 10K switch—By default, the system health checker discontinues sending backplane ●...
Page 515 disable sys-health-check Example On the BlackDiamond 10K switch, the following example assumes that you did not modify the option in the command. interval configure sys-health-check interval <interval> The following command disables backplane diagnostic packets on slot 3 and returns the polling frequency on slot 3 to 60 seconds: disable sys-health-check slot 3 On the BlackDiamond 8800 family of switches, the following example assumes that you did not modify...
Page 516: Disable Syslog
Commands for Status Monitoring and Statistics disable syslog disable syslog Description Disables logging to all remote syslog server targets. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines Disables logging to all remote syslog server targets, not to the switch targets. This setting is saved in FLASH, and will be in effect upon boot up.
Page 517: Enable Cli-Config-Logging
enable cli-config-logging enable cli-config-logging enable cli-config-logging Description Enables the logging of CLI configuration commands to the Syslog for auditing purposes. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines ExtremeWare XOS allows you to record all configuration changes and their sources that are made using the CLI by way of Telnet or the local console.
Page 518: Enable Log Debug-Mode
Commands for Status Monitoring and Statistics enable log debug-mode enable log debug-mode Description Enables debug mode. The switch allows debug events included in log filters to be logged. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines This command enables debug mode.
Page 519: Enable Log Display
enable log display enable log display enable log display Description Enables a running real-time display of log messages on the console display. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines If you enable the log display on a terminal connected to the console port, your settings will remain in effect even after your console session is ended (unless you explicitly disable the log display).
Page 520: Enable Log Target
Commands for Status Monitoring and Statistics enable log target enable log target [console | memory-buffer | nvram | primary-msm | backup- msm | session | syslog [all | <ipaddress> | <ipPort>] {vr <vr_name>} [local0 ... local7]]] Description Starts sending log messages to the specified target. Syntax Description console Specifies the console display.
Page 521 enable log target You can also use the following command to enable displaying the log on the console: enable log display command is equivalent to the enable log display enable log target console-display command. Modular Switches Only. Note that the target is only active on the primary MSM, and the backup-msm target is only active on the backup MSM.
Page 522: Enable Rmon
Commands for Status Monitoring and Statistics enable rmon enable rmon Description Enables the collection of RMON statistics on the switch. Syntax Description This command has no arguments or variables. Default By default, RMON is disabled. However, even in the disabled state, the switch responds to RMON queries and sets for alarms and events.
Page 523 RMON requires one probe per LAN segment, and standalone RMON probes have traditionally been expensive. Therefore, the approach taken by Extreme Networks has been to build an inexpensive RMON probe into the agent of each system. This allows RMON to be widely deployed around the network without costing more than traditional network management.
Page 524: Enable Sflow
Commands for Status Monitoring and Statistics enable sflow enable sflow Description Globally enables sFlow statistical packet sampling. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines This command enables sFlow globally on the switch. NOTE On the BlackDiamond 8800 family of switches, sFlow and mirroring are mutually exclusive. You can enable either sFlow, or mirroring, but not both.
Page 525: Enable Sflow Ports
enable sflow ports enable sflow ports enable sflow ports <port_list> Description Enables sFlow statistical packet sampling on a particular list of ports. Syntax Description port_list Specifies a list of ports. Default Disabled. Usage Guidelines This command enables sFlow on a particular list of ports. You will also need to enable sFlow globally in order to gather statistics and send the data to the collector.
Page 526: Enable Sys-Health-Check
System health check errors are reported to the syslog. Syslog output includes the slot number where the problem occurred, the loopback packet ID number, and a notification that the MSM did not receive the last packet. If you see an error, please contact Extreme Networks Technical Support. NOTE Enabling backplane diagnostic packets increases CPU utilization and competes with network traffic for resources.
Page 527 enable sys-health-check slot. For example, if the frequency of sending backplane diagnostic packets is 7 seconds, the polling value is 7 seconds. Example The following command enables backplane diagnostic packets on slot 6: enable sys-health-check slot 6 History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available only on modular switches.
Page 528: Enable Syslog
Commands for Status Monitoring and Statistics enable syslog enable syslog Description Enables logging to all remote syslog host targets. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines To enable remote logging, you must do the following: Configure the syslog host to accept and log messages.
Page 529: Show Fans
show fans show fans show fans {detail} Description Displays the status of the fans in the system. Syntax Description detail The detail option is reserved for future use. Default N/A. Usage Guidelines Use this command to view detailed information about the health of the fans. This status information may be useful for your technical support representative if you have a network problem.
Page 530 Commands for Status Monitoring and Statistics Example The following command displays the status of the installed fans. If a fan is not installed, the state of the fan is Empty show fans The following is sample output from a BlackDiamond 10K switch: Right(Rear-facing) FanTray 1 information: State: Operational...
Page 531 show fans Information about the location of the fan tray for the BlackDiamond 10K switch (right or left fan tray) was added to the output in ExtremeWare XOS 11.0. show fans Information about the location of the fan tray for the BlackDiamond 8810 switch (upper-left, middle left, lower-left, upper-center, center, lower-center, upper-right, middle-right, and lower-right) was added to output in ExtremeWare XOS 11.1.
Page 532: Show Log
Commands for Status Monitoring and Statistics show log show log {messages [memory-buffer | nvram]} {events {<event-condition> | <event-component>]} {<severity> {only}} {starting [date <date> time <time> | date <date> | time <time>]} {ending [date <date> time <time> | date <date> | time <time>]} {match <regex>} {chronological} Description Displays the current log messages.
Page 533 show log Usage Guidelines Switch configuration and fault information is filtered and saved to target logs, in a memory buffer, and in NVRAM. Each entry in the log contains the following information: Timestamp—records the month and day of the event, along with the time (hours, minutes, seconds, ●...
Page 534 Commands for Status Monitoring and Statistics Info—Info ● Debug-Summary—Summ ● Debug-Verbose—Verb ● Debug-Data—Data ● The three severity levels for extended debugging, , and debug-summary debug-verbose debug-data require that debug mode be enabled (which may cause a performance degradation). See the command on page 518.
Page 535 show log 11/12/2004 00:36:23.77 <Warn:dm.Warn> MSM-A: Slot-7 being Powered OFF due to insuf ficient power A total of 83 log messages were displayed. The following command displays messages containing the string “slot 2”: show log match "slot 2" History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms.
Page 536: Show Log Components
Commands for Status Monitoring and Statistics show log components show log components {<event component>} {version} Description Displays the name, description and default severity for all components. Syntax Description event component Specifies the component to display. version Specifies the version number of the component. Default N/A.
Page 537 show log components bootp BOOTP, DHCP Component Error relay BOOTP Relay trace component Error server DHCP Server subcomponent Info Command Line Interface Info shell CLI configuration shell. Error subagent CLI application subagent Error Configuration Manager Warning file CM file operation events Warning CM system events Warning...
Page 538 Commands for Status Monitoring and Statistics routeradv IPv6 Router Advertisements Warning sntp Sntp client Warning Network Login Info dot1x 802.1x-based Network Login Warning MAC-based Network Login Warning Web-based Network Login Warning Node Manager Info ospf open shortest path first Error event ospf events Info...
Page 539 show log components Spanning-Tree Protocol Error InBPDU STP In Bridge Protocol Data Unit Warning OutBPDU STP Out Bridge Protocol Data Unit Warning System STP System Error System XOS system related log messages Info telnetd telnet server Info tftpd tftp server Info thttpd thttp server...
Page 540: Show Log Configuration
Commands for Status Monitoring and Statistics show log configuration show log configuration Description Displays the log configuration for switch log settings, and for certain targets. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This command displays the log configuration for all targets. The state of the target, enabled or disabled is displayed.
Page 541 show log configuration Filter Name : DefaultFilter Match regex : Any Severity : Info (through Critical) Format : MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit ion> Log Filter Name: DefaultFilter Severity Comp. Sub-comp. Condition CEWNISVD ------- ----------- ----------------------- -------- -------- Log Filter Name: myFilter Severity Comp.
Page 542: Show Log Configuration Filter
Commands for Status Monitoring and Statistics show log configuration filter show log configuration filter {<filter name>} Description Displays the log configuration for the specified filter. Syntax Description filter name Specifies the filter to display. Default If no options are specified, the command displays the configuration for all filters. Usage Guidelines This command displays the configuration for filters.
Page 543 show log configuration filter Strict Match : Y - every match parameter entered must be present in the event N - match parameters need not be present in the event History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms.
Page 544: Show Log Configuration Target
Commands for Status Monitoring and Statistics show log configuration target show log configuration target {console | memory-buffer | nvram | primary- msm | backup-msm | session | syslog {<ipaddress> | <ipPort> | vr <vr_name>} [local0 ... local7]} Description Displays the log configuration for the specified target. Syntax Description console Show the log configuration for the console display.
Page 545 show log configuration target Example The following command displays the log configuration: show log configuration target The following is sample output from this command: Log Target : memory-buffer Enabled ? : yes Filter Name : DefaultFilter Match regex : Any Severity : Debug-Data (through Critical) Format...
Page 546 Commands for Status Monitoring and Statistics Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 547: Show Log Counters
show log counters show log counters show log counters {<event condition> | [all | <event component>]} {include | notified | occurred} {severity <severity> {only}}} Description Displays the incident counters for events. Syntax Description event condition Specifies the event condition to display. Specifies that all events are to be displayed.
Page 548 Commands for Status Monitoring and Statistics To get a listing of the components present in the system, use the following command: show log components Example The following command displays the event counters for event conditions of severity debug-summary or greater in the component STP.InBPDU: show log counters stp.inbpdu severity debug-summary The following is sample output from this command: Comp...
Page 549: Show Log Events
show log events show log events show log events [<event condition> | [all | <event component>] {severity <severity> {only}}] {details} Description Displays information about the individual events (conditions) that can be logged. Syntax Description event condition Specifies the event condition to display. Specifies that all events are to be displayed.
Page 550 Commands for Status Monitoring and Statistics The following is sample output from this command: Comp SubComp Condition Severity Parameters ------- ----------- ----------------------- ------------- ---------- InBPDU Drop Error 2 total InBPDU Debug-Summary 2 total InBPDU Mismatch Warning 2 total The following command displays the details of the event condition PDUTrace in the component STP.InBPDU: show log events stp.inbpdu.pdutrace details The following is sample output from this command:...
Page 551: Show Ports Rxerrors
show ports rxerrors show ports rxerrors show ports {<port_list>} rxerrors {no-refresh} Description Displays real-time receive error statistics. The switch automatically refreshes the output unless otherwise specified. Syntax Description port_list Specifies one or more ports or slots and ports. no-refresh Specifies that auto-refresh is disabled. The output provides a real-time snapshot of the receive errors at the time the command is issued.
Page 552 Commands for Status Monitoring and Statistics Receive Undersize Frames (RX Under)—The total number of frames received by the port that were ● less than 64 bytes long. Receive Fragmented Frames (RX Frag)—The total number of frames received by the port were of ●...
Page 553 show ports rxerrors ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present 0->Clear Counters U->page up D->page down ESC->exit History This command was first available in ExtremeWare XOS 10.1. The link status information was updated to include in ExtremeWare XOS 11.2. NP-Port not present Support for the auto-refresh functionality and the parameter were added in ExtremeWare...
Page 554: Show Ports Statistics
Commands for Status Monitoring and Statistics show ports statistics show ports {<port_list>} statistics {no-refresh} Description Displays real-time port statistic information. The switch automatically refreshes the output unless otherwise specified. Syntax Description port_list Specifies one or more ports or slots and ports. no-refresh Specifies that auto-refresh is disabled.
Page 555 show ports statistics Received Packet Count (Rx Pkt Count)—The total number of good packets that have been received ● by the port. Received Byte Count (RX Byte Count)—The total number of bytes that were received by the port, ● including bad or lost frames. This number includes bytes contained in the Frame Check Sequence (FCS), but excludes bytes in the preamble.
Page 556 Commands for Status Monitoring and Statistics The following is sample truncated output from this command: Port Statistics Tue Jul 5 14:18:34 UTC 2005 Port Link Tx Pkt Tx Byte Rx Pkt Rx Byte Status Count Count Count Count Bcast Mcast ================================================================================ ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present...
Page 557: Show Ports Txerrors
show ports txerrors show ports txerrors show ports {<port_list>} txerrors {no-refresh} Description Displays real-time transmit error statistics. The switch automatically refreshes the output unless otherwise specified. Syntax Description port_list Specifies one or more ports or slots and ports. no-refresh Specifies that auto-refresh is disabled. The output provides a real-time snapshot of the transmit errors at the time the command is issued.
Page 558 Commands for Status Monitoring and Statistics Transmit Deferred Frames (TX Deferred)—The total number of frames that were transmitted by the ● port after the first transmission attempt was deferred by other network traffic. Transmit Errored Frames (TX Errors)—The total number of frames that were not completely ●...
Page 559 show ports txerrors ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present 0->Clear Counters U->page up D->page down ESC->exitPort Tx Error History This command was first available in ExtremeWare XOS 10.1. The link status information was updated to include in ExtremeWare XOS 11.2. NP-Port not present Support for the auto-refresh functionality and the parameter were added in ExtremeWare...
Page 560: Show Rmon Memory
Commands for Status Monitoring and Statistics show rmon memory show rmon memory {detail | <memoryType>} Description Displays RMON specific memory usage and statistics. Syntax Description detail Displays detailed information. memoryType Specifies the type of memory usage and statistics to display. Default N/A.
Page 561 show rmon memory rmonOwner 1555 rmonHisc 1244 rmonHist 63444 rmonAlarm rmonLogDescription rmonLog rmonEvent rmonEventDescription rmonEventCommunity rmonCommunity rmonDs rmonDbx 2490 rmonOid rmonMdbIndexOid rmonMdbString The following command displays RMON event statistics: show rmon memory rmonEvent ExtremeWare XOS 11.3 Command Reference...
Page 562 Commands for Status Monitoring and Statistics The following is sample output from this command: RMON Memory Information ---------------------- Bytes Allocated: 14298032 AllocFailed: 0 Current Memory Utilization Level: GREEN Memory Utilization Statistics ----------------------------- Memory Statistics for rmonEvent -------------------------------- Size 1024 2048 4096 8192 16384...
Page 563: Show Sflow Configuration
show sflow configuration show sflow configuration show sflow {configuration} Description Displays the current sFlow configuration. Syntax Description This command has no arguments or variables Default N/A. Usage Guidelines This command displays the sFlow configuration of your system. The following fields are displayed: Global Status—sFlow is globally enabled or disabled ●...
Page 564 Commands for Status Monitoring and Statistics Collector IP 10.201.6.250, Port 6343, VR "VR-Mgmt" SFLOW Port Configuration Port Status Sample-rate Subsampling Config / Actual factor 1:41 enabled 8192 / 8192 2:40 enabled 1024 / 1024 2:58 enabled 8192 / 8192 2:59 enabled 8192 / 8192...
Page 565: Show Sflow Statistics
show sflow statistics show sflow statistics show sflow statistics Description Displays sFlow statistics. Syntax Description This command has no arguments or variables Default N/A. Usage Guidelines This command displays sFlow statistics for your system. The following fields are displayed: Received frames—Number of frames received on sFlow enabled ports ●...
Page 566 Commands for Status Monitoring and Statistics Platform Availability This command is available on all available platforms. ExtremeWare XOS 11.3 Command Reference...
Page 567: Show Temperature
show temperature show temperature show temperature Description Depending on the platform, this command displays the current temperature of the I/O modules, management modules, power supply controllers, XGM-2xn card, and the switch. Syntax Description This command has no arguments or variables Default N/A.
Page 568 Commands for Status Monitoring and Statistics To view the temperature of the fan trays installed in the BlackDiamond 10K switch, use the following command: show fans {detail} Example Depending on the platform, the following command displays the temperature of various switch components: show temperature The following is sample output from a modular switch:...
Page 569: Show Version
For information about the physical location of the serial number on your switch, refer to the section that describes your specific switch model in the Extreme Networks Consolidated XOS Hardware Guide. Image—The ExtremeWare XOS software version currently running on the switch. If you have two ●...
Page 570 Commands for Status Monitoring and Statistics If you use the option, you will see the following information about the processes running on process the switch: Card—The location (MSM) where the process is running on a modular switch. ● Process Name—The name of the process. ●...
Page 571 show version MSM-A cli 3.0.0.22 release-manager Thu Mar 31 09:23:34 PST 2005 MSM-A devmgr 3.0.0.2 release-manager Thu Mar 31 09:23:22 PST 2005 MSM-A dirser 3.0.0.2 release-manager Thu Mar 31 09:24:02 PST 2005 MSM-A eaps 3.0.0.8 release-manager Thu Mar 31 09:26:34 PST 2005 MSM-A edp 3.0.0.2 release-manager...
Page 572 Commands for Status Monitoring and Statistics Switch secondary Wed Jan 21 06:50:42 UTC 2004 11.2.0.10 summitx450-11.2.0.10-ssh.x mod v1120b10 Switch secondary Wed Jan 21 06:51:13 UTC 2004 11.2.0.10 summitx450-11.2.0.10-cna.x mod v1120b10 If you specify the option, only images on the specified partition is shown. partition History This command was first available in ExtremeWare XOS 10.1.
Page 573: Unconfigure Log Filter
unconfigure log filter unconfigure log filter unconfigure log filter <filter name> Description Resets the log filter to its default values; removes all filter items. Syntax Description filter name Specifies the log filter to unconfigure. Default N/A. Usage Guidelines If the filter name specified is DefaultFilter, this command restores the configuration of DefaultFilter back to its original settings.
Page 574: Unconfigure Log Target Format
Commands for Status Monitoring and Statistics unconfigure log target format unconfigure log target [console | memory-buffer | nvram | session | syslog [all | <ipaddress> | <ipPort> {vr <vr_name>} [local0 ... local7]]] format Description Resets the log target format to its default values. Syntax Description console Specifies the console display format.
Page 575 unconfigure log target format severity—on ● event-name—none ● host-name—off ● sequence-number—off ● process-name—off ● process-slot—on (modular switches only) ● process-id—off ● source-line—off ● Usage Guidelines NOTE The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. Use this command to reset the target format to the default format.
Page 576: Unconfigure Sflow
Commands for Status Monitoring and Statistics unconfigure sflow unconfigure sflow Description Resets all the sFlow values to the default values. Syntax Description This command has no arguments or variables Default The default values for sFlow are as follows: sFlow agent IP address—0.0.0.0 ●...
Page 577: Unconfigure Sflow Agent
unconfigure sflow agent unconfigure sflow agent unconfigure sflow agent Description Resets the sFlow agent’s IP address to the default value. Syntax Description This command has no arguments or variables. Default The default IP address is 0.0.0.0. Usage Guidelines This command resets the sFlow agent IP address to its default value. Example The following command resets the agent IP back to the management IP address: unconfigure sflow agent...
Page 578: Unconfigure Sflow Collector
Commands for Status Monitoring and Statistics unconfigure sflow collector unconfigure sflow collector {ipaddress} <ip-address> {port <udp-port- number>} {vr <vrname>} Description Unconfigures the sFlow collector. Syntax Description ip-address Specifies the IP address of the collector to reset. udp-port-number Specifies the UDP port. vrname Specifies which virtual router.
Page 579 unconfigure sflow collector Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 580: Unconfigure Sflow Ports
Commands for Status Monitoring and Statistics unconfigure sflow ports unconfigure sflow ports <port_list> Description Removes the specified ports from the sFlow configuration, and stops sampling them. Syntax Description port_list Specifies one or more ports or slots and ports. Default N/A. Usage Guidelines This command removes the specified ports from the sFlow configuration, and stops sampling them.
Page 581: Upload Log
upload log upload log upload log <ipaddress> {vr <vr_name>} <filename> {messages [memory-buffer | nvram] {events {<event-condition> | <event_component>}}} {<severity> {only}} {match <regex>} {chronological} Description Uploads the current log messages to a TFTP server. Syntax Description ipaddress Specifies the ipaddress of the TFTP server. vr_name Specifies the virtual router that can reach the TFTP server.
Page 582 Commands for Status Monitoring and Statistics This command is similar to the command, but instead of displaying the log contents on the show log command line, this command saves the log to a file on the TFTP server you specify. For more details on most of the options of this command, see the command on page 532.
Page 583 upload log Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 584 Commands for Status Monitoring and Statistics ExtremeWare XOS 11.3 Command Reference...
Page 585: Chapter 9: Vlan Commands
VLAN Commands This chapter describes commands for: Creating and deleting VLANs and performing basic VLAN configuration ● Defining protocol filters for use with VLANs ● Creating and deleting VMANs and performing basic VMAN configuration ● VLANs can be created according to the following criteria: Physical port—A port-based VLAN consists of a group of one or more ports on the switch.
Page 586: Configure Protocol Add
VLAN Commands configure protocol add configure protocol <name> add [etype | llc | snap] <hex> {[etype | llc | snap] <hex>} ... Description Configures a user-defined protocol filter. Syntax Description name Specifies a protocol filter name. Specifies a four-digit hexadecimal number between 0 and FFFF that represents: •...
Page 587 configure protocol add Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 588: Configure Protocol Delete
VLAN Commands configure protocol delete configure protocol <name> delete [etype | llc | snap] <hex> {[etype | llc | snap] <hex>} ... Description Deletes the specified protocol type from a protocol filter. Syntax Description name Specifies a protocol filter name. Specifies a four-digit hexadecimal number between 0 and FFFF that represents: •...
Page 589: Configure Vlan Add Ports
configure vlan add ports configure vlan add ports configure vlan <vlan_name> add [ports <port_list> | all] {tagged | untagged} {stpd <stpd_name> {dot1d | emistp | pvst-plus}} {nobroadcast} Description Adds one or more ports in a VLAN. Syntax Description vlan_name Specifies a VLAN name. port_list Specifies a list of ports or slots and ports.
Page 590 NOTE If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.
Page 591: Configure Vlan Delete Ports
configure vlan delete ports configure vlan delete ports configure vlan <vlan_name> delete ports [all | <port_list>] Description Deletes one or more ports in a VLAN. Syntax Description vlan_name Specifies a VLAN name. Specifies all ports. port_list A list of ports or slots and ports. Default N/A.
Page 592: Configure Vlan Ipaddress
VLAN Commands configure vlan ipaddress configure vlan <vlan_name> ipaddress [<ipaddress> {<ipNetmask>} | ipv6-link-local | {eui64} <ipv6_address_mask>] Description Assigns an IPv4 address and an optional subnet mask or an IPv6 address to the VLAN. Beginning with ExtremeWare XOS version 11.2, you can specify IPv6 addresses. You can assign either an IPv4 address, and IPv6 address, or both to the VLAN.
Page 593 configure vlan ipaddress NOTE Chapter IP Unicast Commands, for information on adding secondary IP addresses to VLANs. Beginning with ExtremeWare XOS software version 11.2, you can specify IPv6 addresses. See Chapter IPv6 Unicast Commands, for information on IPv6 addresses. BlackDiamond 8800 family of switches and Summit X450 switch only. Beginning with ExtremeWare XOS software version 11.3, you can assign an IP address (including IPv6 addresses) to a VMAN.
Page 594: Configure Vlan Name
NOTE If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.
Page 595: Configure Vlan Protocol
configure vlan protocol configure vlan protocol configure vlan <vlan_name> protocol <protocol_name> Description Configures a VLAN to use a specific protocol filter. Syntax Description vlan_name Specifies a VLAN name. protocol_name Specifies a protocol filter name. This can be the name of a predefined protocol filter, or one you have defined.
Page 596 VLAN Commands History This command was first available in ExtremeWare XOS 10.1. The IPv6 parameter was added in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 597: Configure Vlan Tag
configure vlan tag configure vlan tag configure vlan <vlan_name> tag <tag> Description Assigns a unique 802.1Q tag to the VLAN. Syntax Description vlan_name Specifies a VLAN name. Specifies a value to use as an 802.1Q tag. The valid range is from 2 to 4095. Default The default VLAN uses an 802.1Q tag (and an internal VLANid) of 1.
Page 598: Configure Vman Add Ports
VLAN Commands configure vman add ports configure vman <vman-name> add ports [ all | <port_list> ] {untagged | tagged | nobroadcast } Description Adds one or more ports in a VMAN. Syntax Description vman-ame Specifies a VMAN name. Specifies all ports. port_list Specifies a list of ports or slots and ports.
Page 599 NOTE If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.
Page 600: Configure Vman Delete Ports
VLAN Commands configure vman delete ports configure vman <vman-name> delete ports [ all | <port_list> ] Description Deletes one or more ports in a VMAN. Syntax Description vlan_name Specifies a VMAN name. Specifies all ports. port_list Specifies a list of ports or slots and ports. Default N/A.
Page 601: Configure Vman Ethertype
The default VMAN Ethernet type on Extreme devices is 0x88a8. If your VMAN transits a third-party device (other than an Extreme Networks device), you must configure the EtherType for the VMAN tag as the Ethernet type that the third-party device uses.
Page 602: Configure Vman Tag
VLAN Commands configure vman tag configure vman <vman-name> tag <tag> Description Assigns a unique 802.1Q tag to the VMAN. Syntax Description vlan_name Specifies a VMAN name. Specifies a value to use as VMAN tag 802.1Q tag. The valid range is from 2 to 4094.
Page 603: Create Protocol
create protocol create protocol create protocol <name> Description Creates a user-defined protocol filter. Syntax Description name Specifies a protocol filter name. The protocol filter name can have a maximum of 31 characters. Usage Guidelines Protocol-based VLANs enable you to define packet filters that the switch can use as the matching criteria to determine if a particular packet belongs to a particular VLAN.
Page 604: Create Vlan
VLAN Commands create vlan create vlan <vlan_name> {vr <vr-name>} Description Creates a named VLAN. Syntax Description vlan_name Specifies a VLAN name (up to 32 characters). Specifies a virtual router. vr-name Specifies in which virtual router to create the VLAN. NOTE: On the BlackDiamond 8800 family of switches and the Summit X450 switch, all VLANs are created in VR-Default and cannot be moved.
Page 605 NOTE If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.
Page 606: Create Vman
VLAN Commands create vman create vman <vman-name> {vr <vr_name>} Description Creates a VMAN, which allows you to create a "tunnel" through the public network. Syntax Description vman-ame Specifies a VMAN name. Up to 32 characters. Specifies a virtual router. vr_name Specifies the virtual router.
Page 607 You must configure the VMAN tunnel egress, or trunk, port as untagged so that the VMAN header is stripped from the frame. The Extreme Networks default Ethernet type for VMAN is 088a8. You must use mutually exclusive names for: VLANs ●...
Page 608: Delete Protocol
VLAN Commands delete protocol delete protocol <name> Description Deletes a user-defined protocol. Syntax Description name Specifies a protocol name. Default N/A. Usage Guidelines If you delete a protocol that is in use by a VLAN, the protocol associated with than VLAN will become none Example The following command deletes a protocol named fred:...
Page 609: Delete Vlan
delete vlan delete vlan delete vlan <vlan_name> Description Deletes a VLAN. Syntax Description vlan_name Specifies a VLAN name. Default N/A. Usage Guidelines If you delete a VLAN that has untagged port members and you want those ports to be returned to the default VLAN, you must add them back explicitly using the command.
Page 610: Delete Vman
VLAN Commands delete vman delete vman <vman-name> Description Deletes a previously created VMAN. Syntax Description vman-name Specifies a VMAN name. Default N/A. Usage Guidelines None. Example The following command deletes the VMAN accounting: delete vman accounting History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms.
Page 611: Disable Dot1P Examination Inner-Tag Port
disable dot1p examination inner-tag port disable dot1p examination inner-tag port disable dot1p examination inner-tag port [all | <port_list>] Description Used with VMANs, and instructs the switch to examine the 802.1p value of the outer tag, or added VMAN header, to determine the correct egress queue on the egress port. Syntax Description Specifies all ports.
Page 612: Disable Loopback-Mode Vlan
VLAN Commands disable loopback-mode vlan disable loopback-mode vlan <vlan_name> Description Disallows a VLAN to be placed in the UP state without an external active port. This allows (disallows) the VLANs routing interface to become active. Syntax Description vlan_name Specifies a VLAN name. Default N/A.
Page 613: Enable Dot1P Examination Inner-Tag Port
enable dot1p examination inner-tag port enable dot1p examination inner-tag port enable dot1p examination inner-tag port [all | <port_list>] Description Used with VMANs, and instructs the switch to examine the 802.1p value of the inner tag, or header of the original packet, to determine the correct egress queue on the egress port. Syntax Description Specifies all ports.
Page 614: Enable Loopback-Mode Vlan
VLAN Commands enable loopback-mode vlan enable loopback-mode vlan <vlan_name> Description Allows a VLAN to be placed in the UP state without an external active port. This allows (disallows) the VLANs routing interface to become active. Syntax Description vlan_name Specifies a VLAN name. Default N/A.
Page 615: Show Protocol
show protocol show protocol show protocol {<name>} Description Displays protocol filter definitions. Syntax Description name Specifies a protocol filter name. Default Displays all protocol filters. Usage Guidelines Displays the defined protocol filter(s) with the types and values of its component protocols. Example The following is an example of the command:...
Page 616: Show Vlan
VLAN Commands show vlan show vlan {detail |<vlan_name> {stpd}} Description Displays information about VLANs. Syntax Description detail Specifies that detailed information should be displayed for each VLAN. vlan_name Specifies a VLAN name. stpd Specifies that STP domains displays for each VLAN. Default Summary information for all VLANs on the device.
Page 617 show vlan When an IPv6 address is configured for the VLAN, the system may display one of the following two address types in parentheses after the IPv6 address: Tentative ● Duplicate ● NOTE See the ExtremeWare XOS Concepts Guide for information on IPv6 address types. You can display additional useful information on VLANs configured with IPv6 addresses by issuing the .
Page 618 VLAN Commands Secondary IPs: 12.0.0.5/8 IPv6: None STPD: s0(Disabled,Auto-bind) Protocol: Match all unfiltered protocols Loopback: Disable NetLogIn: Enabled Rate Shape: Disable QosProfile: Ports: 771. (Number of active ports=0) Untag: 3:2, 4:1, 4:2, 5:1, 5:2, 5:3, 5:4, 5:5, 5:6, 5:7, 5:8, 5:9, 5:10, 5:11,...
Page 619 show vlan Platform Availability This command is available on all platforms. Information on MAC-based ports is available only on the Summit X450 switch and the BlackDiamond 8800 family of switches. ExtremeWare XOS 11.3 Command Reference...
Page 620: Show Vman
VLAN Commands show vman show vman {<vlan_name> | etherType | detail} Description Displays VMAN information including configuration and Ethertype. Syntax Description vlan_name Specifies information is displayed for particular VMAN. etherType Specifies that Ethertype information is displayed for each VMAN. detail Specifies all information is displayed for each VMAN.
Page 621 show vman IPv6: NONE STPD: None Protocol: Match all unfiltered protocols Loopback: Disable NetLogIn: Enabled Rate Shape: Disable QosProfile: Ports: (Number of active ports=2) Flags: (*) Active, (!) Disabled (g) Load Sharing port Untag: *3:1 Tag: *3:2 The following is an example of the display from the command: show vman etherType vMan EtherType: 0x88a8...
Page 622: Unconfigure Vlan Ipaddress
VLAN Commands unconfigure vlan ipaddress unconfigure vlan <vlan_name> ipaddress {<ipv6_address_mask>} Description Removes the IP address of the VLAN or a VMAN. With no parameters, the command removes the primary IPv4 address on the specified VLAN. Using the IPv6 parameters, you can remove specified IPv6 addresses from the specified VLAN.
Page 623 unconfigure vlan ipaddress Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 624 VLAN Commands ExtremeWare XOS 11.3 Command Reference...
Page 625: Chapter 10: Commands For Virtual Routers
Commands for Virtual Routers This chapter describes commands for: Creating and deleting virtual routers ● Configuring and managing virtual routers ● Displaying information about virtual routers ● Virtual Routers ExtremeWare XOS supports virtual routers. This capability allows a single physical switch to be split into multiple virtual routers.
Page 626: Create Virtual-Router
Commands for Virtual Routers create virtual-router create virtual-router <vr-name> Description Creates a user virtual router. Syntax Description vr-name Specifies the name of the user virtual router. Default N/A. Usage Guidelines This command creates a new user virtual router. The three default system virtual routers, VR-Mgmt, VR-Control, and VR-Default always exist and cannot be deleted or renamed.
Page 627: Configure Vr Add Protocol
configure vr add protocol configure vr add protocol configure vr <vr-name> add protocol <protocol-name> Description Starts the Layer 3 protocol on a virtual router. Syntax Description vr-name Specifies the name of the virtual router. protocol-name Specifies the layer 3 protocol. Default N/A.
Page 628: Configure Vr Add Ports
Commands for Virtual Routers configure vr add ports configure vr <vr-name> add ports <portlist> Description Assigns a list of ports to the virtual router specified. Syntax Description vr-name Specifies the name of the virtual router. portlist Specifies the ports to add to the virtual router. Default By default, all ports are assigned to the virtual router, VR-Default.
Page 629: Configure Vr Delete Protocol
configure vr delete protocol configure vr delete protocol configure vr <vr-name> delete protocol <protocol-name> Description Stops and removes the layer 3 protocol on a virtual router. Syntax Description vr-name Specifies the name of the virtual router. protocol-name Specifies the layer 3 protocol. Default N/A.
Page 630: Configure Vr Delete Ports
Commands for Virtual Routers configure vr delete ports configure vr <vr-name> delete ports <portlist> Description Removes a list of ports from the virtual router specified. Syntax Description vr-name Specifies the name of the virtual router. portlist Specifies the ports to remove from the virtual router. Default By default, all ports are assigned to the virtual router, VR-Default.
Page 631: Delete Virtual-Router
delete virtual-router delete virtual-router delete virtual-router <vr-name> Description Deletes a virtual router. Syntax Description vr-name Specifies the name of the virtual router. Default N/A. Usage Guidelines Only user virtual routers can be deleted. When a virtual router gets deleted, all of the VLANs in the virtual router will be deleted.
Page 632: Show Virtual-Router
Commands for Virtual Routers show virtual-router show virtual-router {<vr-name>} Description Displays information about the virtual routers. Syntax Description vr-name Specifies the name of the virtual router. Default N/A. Usage Guidelines During system boot up, ExtremeWare XOS creates three system virtual routers: VR-Mgmt, VR-Control, and VR-Default (previous to release 11.0 these virtual routers were named VR-0, VR-1, and VR-2, respectively).
Page 633 show virtual-router Example The following command displays the virtual router configurations on the switch: show virtual-router The following is sample output from this command: --------------------------------------------------------- Virtual Router Number of Number of Flags Vlans Ports --------------------------------------------------------- VR-Control ---- VR-Default bopr VR-Mgmt ---- --------------------------------------------------------- Flags : Routing protocols configured on the virtual router...
Page 634: Virtual-Router
Commands for Virtual Routers virtual-router virtual-router {<vr-name>} Description Changes the virtual router domain context. Syntax Description vr-name Specifies the name of the virtual router. Default N/A. Usage Guidelines Use this command to change the virtual router context for subsequent commands. When you issue the command, the prompt changes to reflect the virtual router domain.
Page 635 virtual-router show igmp snooping show igmp group show igmp snooping cache * means that other commands are available with these listed. The virtual router configuration domain simplifies configuration because you do not have to specify the virtual router for each individual protocol configuration command. The current configuration domain is indicated in the command line interface (CLI) prompt.
Page 636 Commands for Virtual Routers ExtremeWare XOS 11.3 Command Reference...
Page 637: Chapter 11: Fdb Commands
FDB Commands This chapter describes commands for: Configuring FDB entries ● Displaying FDB entries ● The switch maintains a database of all media access control (MAC) addresses received on all of its ports. It uses the information in this database to decide whether a frame should be forwarded or filtered. Each FDB entry consists of the MAC address of the device, an identifier for the port on which it was received, and an identifier for the VLAN to which the device belongs.
Page 638: Clear Fdb
FDB Commands clear fdb clear fdb {<mac_addr> | ports <port_list> | <vlan_name> | blackhole} Description Clears dynamic FDB entries that match the filter. Syntax Description mac_addr Specifies a MAC address, using colon-separated bytes. port_list Specifies one or more ports or slots and ports. vlan_name Specifies a VLAN name.
Page 639: Configure Fdb Agingtime
configure fdb agingtime configure fdb agingtime configure fdb agingtime <seconds> Description Configures the FDB aging time for dynamic entries. Syntax Description seconds Specifies the aging time in seconds. Range is 15 through 1,000,000. A value of 0 indicates that the entry should never be aged out. Default 300 seconds.
Page 640: Create Fdbentry Vlan Ports
FDB Commands create fdbentry vlan ports create fdbentry <mac_addr> vlan <vlan_name> ports <port_list> Description Creates a permanent static FDB entry, and optionally associates it with an ingress and/or egress QoS profile. Syntax Description mac_addr Specifies a device MAC address, using colon-separated bytes. vlan_name Specifies a VLAN name associated with a MAC address.
Page 641 create fdbentry vlan ports IGMP snooping rules take precedence over static multicast MAC addresses in the IP multicast range ● (01:00:5e:xx:xx:xx) unless IGMP snooping is disabled. Example The following command adds a permanent, static entry to the FDB for MAC address is 00 E0 2B 12 34 56, in VLAN marketing on slot 2, port 4 on a modular switch: create fdbentry 00:E0:2B:12:34:56 vlan marketing port 2:4 The following example creates a multicast FDB entry, in VLAN black, on slot 1, ports 1, 2, and 4, on the...
Page 642: Delete Fdbentry
FDB Commands delete fdbentry delete fdbentry [all | <mac_address> [vlan <vlan name>] Description Deletes one or all permanent FDB entries. Syntax Description Specifies all FDB entries. mac_address Specifies a device MAC address, using colon-separated bytes. vlan Specifies a VLAN. vlan_name Specifies the specific VLAN name.
Page 643: Disable Flooding Port
disable flooding port disable flooding port disable flooding [all_cast | broadcast | multicast | unicast] port [<port_list> | all] Description Disables egress flooding on one or more ports. With the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch, you can further identify the type of packets to block flooding on the specified ports.
Page 644 FDB Commands The following guidelines apply to enabling and disabling egress flooding: Disabling multicasting egress flooding does not affect those packets within an IGMP membership ● group at all; those packets are still forwarded out. If IGMP snooping is disabled, multicast packets are not flooded.
Page 645: Enable Flooding Port
enable flooding port enable flooding port enable flooding [all_cast | broadcast | multicast | unicast] port [<port_list> | all] Description Enables egress flooding on one or more ports. With the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch, you can further identify the type of packets to flood on the specified ports.
Page 646 FDB Commands Egress flooding can be disabled on ports that are in a load-sharing group. If that is the situation, the ● ports in the group take on the egress flooding state of the master port; each member port of the load- sharing group has the same state as the master port.
Page 647: Show Fdb
show fdb show fdb show fdb {<mac_addr> {netlogin [all | mac-based]}| permanent {netlogin [all | mac-based]} | ports <port_list> {netlogin [all | mac-based]}| vlan <vlan_name> {netlogin [all | mac-based]} | stats | netlogin {all | mac- based]}} Description Displays FDB entries. Syntax Description mac_addr Specifies a MAC address, using colon-separated bytes, for which FDB entries...
Page 648 FDB Commands Flags Flags that define the type of entry: • B - Egress Blackhole • b - Ingress Blackhole • d - Dynamic • s - Static • p - Permanent • m - MAC • n - NetLogin (only on the Summit X450 switch and the BlackDiamond 8800 family of switches) •...
Page 649: Chapter 12: Policy Manager Commands
Policy Manager Commands This chapter describes commands for: Creating and configuring policy files for IP access lists (ACLs) ● Creating and configuring policy files for routing policies ● Policies are a generalized category of features that impact forwarding and route forwarding decisions. Access policies are used primarily for security and quality of service (QoS) purposes.
Page 650: Check Policy
Policy Manager Commands check policy check policy <policy-name> Description Checks the syntax of the specified policy. Syntax Description policy-name Specifies the policy to check. Default N/A. Usage Guidelines Use this command to check the policy syntax before applying it. If any errors are found, the line number and a description of the syntax error are displayed.
Page 651: Check Policy Attribute
check policy attribute check policy attribute check policy attribute {<attr>} Description Displays the syntax of the specified policy attribute. Syntax Description attr Specifies the attribute check. Default N/A. Usage Guidelines Use this command to display the syntax of policy attributes. The command displays any additional keywords to use with this attribute, and the types of values expected.
Page 652 Policy Manager Commands The following is sample output for this command: ( match ) ( ACL ) icmp-type <uint32 val> History This command was first available in ExtremeWare XOS 11.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 653: Edit Policy
edit policy edit policy edit policy <filename> Description Edits a policy text file. Syntax Description filename Specifies the filename of the policy text file. Default N/A. Usage Guidelines This command edits policy text files that are on the switch. All policy files use “ ”...
Page 654 Policy Manager Commands policy, the text file is read, the syntax is checked, the policy information is added to the policy manager database, and the policy then takes effect. Use the following command to refresh a policy: refresh policy <policy-name> If you just want to check to be sure the policy contains no syntax errors, use the following command: check policy <policy-name>...
Page 655: Refresh Policy
refresh policy refresh policy refresh policy <policy-name> Description Refreshes the specified policy. Syntax Description policy-name Specifies the policy to refresh. Default N/A. Usage Guidelines Use this command when a new policy file for a currently active policy has been downloaded to the switch, or when the policy file for an active policy has been edited.
Page 656: Show Policy
Policy Manager Commands show policy show policy {<policy-name> | detail} Description Displays the specified policy. Syntax Description policy-name Specifies the policy to display. detail Show the policy in detail. Default If no policy name is specified, all policies are shown Usage Guidelines Use this command to display which clients are using the specified policy.
Page 657: Chapter 13: Acl Commands
ACL Commands This chapter describes commands for: Creating and configuring IP access lists (ACLs) ● IP access lists (also referred to as Access Lists or ACLs) consist of IP access rules and are used to perform packet filtering and forwarding decisions on traffic traversing the switch. Each packet on an interface is compared to the access list in sequential order and is either forwarded to a specified QoS profile or dropped.
Page 658: Clear Access-List Counter
ACL Commands clear access-list counter clear access-list {dynamic} counter {<countername>} {any | ports <portlist> | vlan <vlanname>} {ingress | egress} Description Clears the specified access list counters. Syntax Description dynamic Specifies that the counter is from a dynamic ACL. countername Specifies the ACL counter to clear.
Page 659 clear access-list counter Platform Availability This command is available on all platforms. The egress option is available on BlackDiamond 10K switches only. ExtremeWare XOS 11.3 Command Reference...
Page 660: Clear Access-List Meter
ACL Commands clear access-list meter clear access-list meter {<metername>} [any | ports <portlist> | vlan <vlanname>] Description Clears the specified access list meters. Syntax Description metername Specifies the ACL meter to clear. portlist Specifies to clear the counters on these ports. vlanname Specifies to clear the counters on the VLAN.
Page 661: Configure Access-List
configure access-list configure access-list configure access-list <aclname> [any | ports <portlist> | vlan <vlanname>] {ingress | egress} Description Configures an access list to the specified interface. Syntax Description aclname Specifies the ACL name. The name can be from 1-32 characters long. Specifies that this ACL is applied to all interfaces as the lowest precedence ACL.
Page 662 ACL Commands History This command was available in ExtremeWare XOS 10.1. The VLAN option was first available in ExtremeWare XOS 11.0 The egress options was first available in ExtremeWare XOS 11.3 Platform Availability This command is available on all platforms. The egress option is available on BlackDiamond 10K switches only.
Page 663: Configure Access-List Add
configure access-list add configure access-list add configure access-list add <dynamic_rule> [after <rule> | before <rule> | first | last][any | ports <portlist> | vlan <vlanname>] {ingress | egress} Description Configures a dynamic ACL rule to the specified interface. Syntax Description dynamic_rule Specifies a dynamic ACL rule.
Page 664 ACL Commands configure access-list add icmp-echo first ports 1:2 The following command applies the dynamic ACL udpdacl to port 1:2, with a higher precedence than rule icmp-echo: configure access-list add udpacl before icmp-echo ports 1:2 History This command was first available in ExtremeWare XOS 11.3. Platform Availability This command is available on all platforms.
Page 665: Configure Access-List Delete
configure access-list delete configure access-list delete configure access-list delete <ruleName> [all | any | ports <portlist> | vlan <vlanname>] {ingress | egress} Description Removes a dynamic ACL rule from the specified interface. Syntax Description ruleName Specifies a dynamic ACL rule. Delete this ACL from all interfaces.
Page 666: Configure Ipv6Acl Address-Mask
ACL Commands configure ipv6acl address-mask configure ipv6acl address-mask [destination <ipv6_address> | source <ipv6_address>] Description Configures an address mask for IPv6 ACL matching. Syntax Description destination <ipv6_address> Specifies the destination address mask. Mask must ignore 32 bits of the address. source <ipv6_address> Specifies the source address mask.Mask must ignore 32 bits of the address.
Page 667: Configure Meter
configure meter configure meter configure meter <metername> {max-burst-size <burst-size> [Gb | Kb | Mb]} {committed-rate <cir-rate> [Gbps | Mbps | Kbps]} {out-actions [drop | set- drop-precedence {dscp [none | <dscp-value>]}} Description Configures an ACL meter. Syntax Description metername Specifies the ACL meter name. max-burst-size Specifies the maximum burst size.
Page 668 ACL Commands Example The following command configures the ACL meter maximum_bandwidth, assigns it a rate of 10 Mbps, and sets the out of profile action to drop configure meter maximum_bandwidth committed-rate 10 Mbps out-action drop History This command was available in ExtremeWare XOS 11.1. Platform Availability This command is available only on the BlackDiamond 8800 family and Summit X450 switches.
Page 669: Create Access-List
create access-list create access-list create access-list <dynamic-rule> <conditions> <actions> Description Creates a dynamic ACL Syntax Description dynamic-rule Specifies the dynamic ACL name. The name can be from 1-32 characters long. conditions Specifies the match conditions for the dynamic ACL. actions Specifies the actions for the dynamic ACLs.
Page 670 ACL Commands The following command creates a dynamic ACL that accepts all the UDP packets from the 10.203.134.0/ 24 subnet that are destined for the host 140.158.18.16, with source port 190 and a destination port in the range of 1200 to 1250: create access-list udpacl “source-address 10.203.134.0/24;destination-address 140.158.18.16/32;protocol udp;source-port 190;destination-port...
Page 671: Create Meter
create meter create meter create meter <metername> Description Creates an ACL meter to limit the rate of packet flow associated with an ACL rule. Syntax Description metername Specifies the ACL meter name. Default N/A. Usage Guidelines The ACL meter created with this command will be associated with an ACL by specifying the meter name in the action modifier field of the ACL entry.
Page 672: Delete Access-List
ACL Commands delete access-list delete access-list <dynamic-rule> Description Deletes a dynamic ACL Syntax Description dynamic-rule Specifies the dynamic ACL name. Default N/A. Usage Guidelines This command deletes a dynamic ACL rule. Before you delete a dynamic ACL, it must be removed from any interfaces it is applied to.
Page 673: Delete Meter
delete meter delete meter delete meter <metername> Description Deletes an ACL meter. Syntax Description metername Specifies the ACL meter name. Default N/A. Usage Guidelines None. Example The following command deletes the ACL meter maximum_bandwidth: delete meter maximum_bandwidth History This command was available in ExtremeWare XOS 11.1. Platform Availability This command is available only on the BlackDiamond 8800 family and Summit X450 switches.
Page 674: Disable Access-List Refresh Blackhole
ACL Commands disable access-list refresh blackhole disable access-list refresh blackhole Description Disables blackholing of packets during ACL refresh. Syntax Description This command has no arguments or variables. Default The feature is enabled. Usage Guidelines When access control lists (ACLs) are refreshed, this feature provides that any packets arriving during the refresh will be blackholed.
Page 675: Enable Access-List Refresh Blackhole
enable access-list refresh blackhole enable access-list refresh blackhole enable access-list refresh blackhole Description Enables blackholing of packets during ACL refresh. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines When access control lists (ACLs) are refreshed, this command provides that any packets arriving during the refresh will be blackholed.
Page 676: Show Access-List
ACL Commands show access-list show access-list {any | ports <portlist> | vlan <vlanname>} {ingress | egress} Description Displays the ACLs configured on an interface. Syntax Description aclname Specifies the ACL name. The name can be from 1-32 characters long. Specifies the wildcard ACL. portlist Specifies which ports’...
Page 677 show access-list firewall1 ingress The following command displays the ingress access list entries configured on the VLAN v1006: show access-list v1006 ingress The output from this command is similar to the following: # RuleNo 1 entry dacl13 { #Dynamic Entry if match all { ethernet-destination-address 00:01:05:00:00:00 ;...
Page 678: Show Access-List Configuration
ACL Commands show access-list configuration show access-list configuration Description Displays the ACL configuration. Currently only the state of refresh blackhole is displayed. Syntax Description There are no arguments or variables for this command. Default N/A. Usage Guidelines This command displays the state of the ACL refresh blackhole, set by the enable access-list command.
Page 679: Show Access-List Counter
show access-list counter show access-list counter show access-list counter {<countername>} {any | ports <portlist> | vlan <vlanname>} {ingress | egress} Description Displays the specified access list counters. Syntax Description countername Specifies the ACL counter to display. portlist Specifies to display the counters on these ports. vlanname Specifies to display the counters on the VLAN.
Page 680 ACL Commands tcpflags-syn qos_hongkong ingress qp2cnt qp4cnt qp5cnt ingress PERMIT_SYN_ACK 3759119344 2217044928 The following example displays all the counters for the ACL on port 2:1 show access-list counter port 2:1 The output of this command is similar to the following: Policy Name Vlan Name Port...
Page 681: Show Access-List Dynamic
show access-list dynamic show access-list dynamic show access-list dynamic Description Displays the names of existing dynamic ACLs and a count of how many times each is used. Syntax Description There are no arguments or variables for this command. Default N/A. Usage Guidelines This command displays the names of existing dynamic ACLs, and how many times the ACL is used (bound to an interface).
Page 682: Show Access-List Dynamic Counter
ACL Commands show access-list dynamic counter show access-list dynamic counter {{<countername>} any | {<countername>} ports <portlist> | {<countername>} vlan <vlanname>} {ingress | egress} Description Displays the dynamic ACL counters. Syntax Description countername Display the counter. Specifies the wildcard ACL. portlist Specifies which ports’...
Page 683: Show Access-List Dynamic Rule
show access-list dynamic rule show access-list dynamic rule show access-list dynamic rule <rule> Description Displays the syntax of a dynamic ACL. Syntax Description rule Specifies the rule to display. Default N/A. Usage Guidelines None. Example The following command displays the syntax of the dynamic ACL udpacl: show access-list dynamic rule updacl The output of the command is similar to the following: entry udpacl {...
Page 684: Show Access-List Meter
ACL Commands show access-list meter show access-list counter {<metername>} [any | ports <portlist> | vlan <vlanname>] Description Displays the specified access list meter statistics and configurations. Syntax Description metername Specifies the ACL meter to display. portlist Specifies to display the meters on these ports. vlanname Specifies to display the meters on the VLAN.
Page 685: Unconfigure Access-List
unconfigure access-list unconfigure access-list unconfigure access-list {any | ports <portlist> | vlan <vlanname>} {ingress | egress} Description Removes a policy file ACL from the specified interface. Syntax Description aclname Specifies the ACL name. The name can be from 1-32 characters long. portlist Specifies the ports on which this ACL is applied.
Page 686 ACL Commands History This command was available in ExtremeWare XOS 10.1. The VLAN option was first available in ExtremeWare XOS 11.0 The egress options was first available in ExtremeWare XOS 11.3 Platform Availability This command is available on all platforms. The egress option is available on BlackDiamond 10K switches only.
Page 687: Chapter 14: Qos Commands
QoS Commands This chapter describes commands for: Configuring Quality of Service (QoS) profiles ● Configuring and displaying bidirectional rate-shaping ● Creating traffic groupings and assigning the groups to QoS profiles ● Configuring, enabling and disabling explicit class-of-service traffic groupings (802.1p and DiffServ) ●...
Page 688 QoS Commands Extreme switch products support explicit Class of Service traffic groupings. This category of traffic groupings describes what is sometimes referred to as explicit packet marking, and includes: IP DiffServ code points, formerly known as IP TOS bits ● Prioritization bits used in IEEE 802.1p packets ●...
Page 689: Configure Diffserv Examination Code-Point
configure diffserv examination code-point configure diffserv examination code-point configure diffserv examination code-point <code-point> {qosprofile} <qosprofile> Description Configures the default ingress DiffServ code points (DSCP) to QoS profile mapping. Syntax Description code-point Specifies a DiffServ code point (a 6-bit value in the IP-TOS byte in the IP header).
Page 690 QoS Commands Example The following command specifies that code point 25 be assigned to QP2: configure diffserv examination code-point 25 qosprofile qp2 History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 691: Configure Diffserv Replacement
N/A. Usage Guidelines NOTE Extreme Networks recommends that you use the qosprofile <qosprofile> value to configure this parameter. The default QoS profile to 802.1p priority value to code point mapping is shown in Table Table 20: Default QoS profile-to-802.1p priority value-to-code point...
Page 692 QoS Commands BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the DiffServ replacement feature. The default VLAN DiffServ examination mappings apply on ports in more than one VR. If you attempt to configure replacing DiffServ information on a port that is in more than one virtual router, the system returns the following message: Warning: Port belongs to more than one VR.
Page 693: Configure Dot1P Type
configure dot1p type configure dot1p type configure dot1p type <dot1p_priority> {qosprofile} <qosprofile> Description Configures the default QoS profile to 802.1p priority mapping. Syntax Description dot1p_priority Specifies the 802.1p priority value. The value is an integer between 0 and 7. qosprofile Specifies a specific QoS profile.
Page 694 QoS Commands Example The following commands reassign (from the default) the QoS profiles associated with 802.1p priority values 1 and 2: configure dot1p type 2 qosprofile qp2 configure dot1p type 1 qosprofile qp3 History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms.
Page 695: Configure Ports Qosprofile
configure ports qosprofile configure ports qosprofile configure ports <port_list> {qosprofile} <qosprofile> Description Configures one or more ports to use a particular egress QoS profile. Syntax Description port_list Specifies a list of ports or slots and ports. qosprofile Specifies a QoS profile. Default All ports have the default qosprofile of QP1.
Page 696 QoS Commands Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 697: Configure Ports Rate-Limit Egress
configure ports rate-limit egress configure ports rate-limit egress configure ports <port_list> rate-limit egress [no-limit | <cir-rate> [Kbps | Mbps | Gbps] {max-burst-size <burst-size> [Kb | Mb]}] Description Configures an egress traffic rate limit for a port or groups of ports. Syntax Description port_list Specifies one or more ports or slots and ports.
Page 698 QoS Commands History This command was available in ExtremeWare XOS 11.1. Platform Availability This command is available only on the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch. ExtremeWare XOS 11.3 Command Reference...
Page 699: Configure Qosprofile Ingress Ports
configure qosprofile ingress ports configure qosprofile ingress ports configure qosprofile ingress <iqp> [{committed_rate <committed_bps> [k | m]} {maxbw <maxbw_number>} {minbw <minbw_number>} {peak_rate <peak_bps> [k | m} {priority [<priority> | <priority_number]}] ports [<port_list> | all] Description Sets the ingress rate shaping parameters, which is an ingress QoS profile. Syntax Description Specifies an ingress QoS profile: •...
Page 700 QoS Commands Priority—By default, each qosprofile is assigned a different priority level, which varies by I/O ● module: 1G I/O module: ■ IQP1 - 1, Low ■ IQP2 - 2, LowHi ■ 10G I/O module: ■ IQP1 - 1, Low ■...
Page 701: Configure Qosprofile Ports
configure qosprofile ports configure qosprofile ports configure qosprofile {egress} <qosprofile> [{committed_rate <committed_bps> [k | m]} {maxbw <maxbw_number>} {minbw <minbw_number>} {peak_rate <peak_bps> [k | m} {priority [<priority> | <priority_number]}] ports [<port_list> | all] Description Modifies the default egress QoS profile parameters. Syntax Description qosprofile Specifies a QoS profile name.
Page 702 QoS Commands QP2 - 2, LowHi ■ QP3 - 3, Normal ■ QP4 - 4, NormalHi ■ QP5 - 5, Medium ■ QP6 - 6, MediumHi ■ QP7 - 7, High ■ QP8 - 8, HighHi (highest priority) ■ Usage Guidelines None.
Page 703: Configure Qosprofile Weight
configure qosprofile weight configure qosprofile weight configure qosprofile <qosprofile> {maxbuffer <percent>} {weight <value>} Description Modifies the parameters for the default QoS profiles (QP1 and QP8) and defines the parameters for any user-created QoS profiles (QP2, QP3, QP4, QP5, QP6, and/or QP7). Syntax Description qosprofile Specifies a QoS profile name.
Page 704 QoS Commands Example The following command configures the QoS profile parameters of QoS profile QP1: configure qosprofile qp1 maxbuffer 75 weight 4 History This command was first available in ExtremeWare XOS 11.1. Platform Availability This command is available only on the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch.
Page 705: Configure Qosscheduler
configure qosscheduler configure qosscheduler configure qosscheduler [strict-priority | weighted-round-robin] Description Specifies the method the switch uses to service QoS profiles. Syntax Description strict-priority Specifies the switch services the higher-priority QoS profiles first. weighted-round-robin Specifies the switch services all QoS profiles based on the configured weighting for each QoS profile.
Page 706: Configure Vlan Qosprofile
QoS Commands configure vlan qosprofile configure vlan <vlan_name> {qosprofile} <qosprofile> Description Configures a VLAN to use a particular QoS profile. Syntax Description vlan_name Specifies a VLAN name. qosprofile Specifies a QoS profile. NOTE: None is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch.
Page 707: Create Qosprofile
create qosprofile create qosprofile create qosprofile [QP2| QP3 | QP4 | QP5 | QP6 | QP7] Description Creates a QoS profile. Syntax Description QP1..QP7 Specifies the QoS profile you want to create. Default N/A. Usage Guidelines The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch allow dynamic creation and deletion of QoS queues, with Q1 and Q8 always available, rather than the 8 fixed queues on the BlackDiamond 10K switch.
Page 708 QoS Commands Platform Availability This command is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch. ExtremeWare XOS 11.3 Command Reference...
Page 709: Delete Qosprofile
delete qosprofile delete qosprofile delete qosprofile [QP2| QP3 | QP4 | QP5 | QP6 | QP7] Description Deletes a user-created QoS profile. Syntax Description QP1..QP7 Specifies the user-created QoS profile you want to delete. Default N/A. Usage Guidelines You cannot delete the default QoS profiles of QP1 and QP8. If you attempt to delete these QoS profiles, the system returns an error.
Page 710: Disable Diffserv Examination Port
QoS Commands disable diffserv examination port disable diffserv examination port [<port_list> | all] Description Disables the examination of the DiffServ field in an IP packet. Syntax Description port_list Specifies a list of ports or slots and ports to which the parameters apply. Specifies that DiffServ examination should be disabled for all ports.
Page 711: Disable Diffserv Replacement Port
disable diffserv replacement port disable diffserv replacement port disable diffserv replacement port [<port_list> | all] Description Disables the replacement of DiffServ code points in packets transmitted by the switch. Syntax Description port_list Specifies a list of ports or slots and ports to which the parameters apply. \ Specifies that DiffServ replacement should be disabled for all ports.
Page 712: Disable Dot1P Replacement Ports
QoS Commands disable dot1p replacement ports disable dot1p replacement ports [<port_list> | all] Description Disables the ability to overwrite 802.1p priority values for a given set of ports. Syntax Description port_list Specifies a list of ports or slots and ports to which the parameters apply. Specifies that 802.1p replacement should be disabled for all ports.
Page 713: Enable Diffserv Examination Port
Usage Guidelines The diffserv examination feature is disabled by default. If you are using DiffServ for QoS parameters, Extreme Networks recommends that you also configure 802.1p or port-based QoS parameters to ensure that high-priority traffic is not dropped prior to reaching the MSM on modular switches.
Page 714: Enable Diffserv Replacement Ports
Eight user-defined DiffServ code points can be configured on each port. The QoS profile is used to select one of the eight code points. If you are using DiffServ for QoS parameters, Extreme Networks recommends that you also configure 802.1p or port-based QoS parameters to ensure that high-priority traffic is not dropped prior to reaching the MSM on modular switches.
Page 715 enable diffserv replacement ports Example The following command enables DiffServ replacement on selected ports: enable diffserv replacement ports 5:3,5:5,6:2 History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 716: Enable Dot1P Replacement Ports
QoS Commands enable dot1p replacement ports enable dot1p replacement ports [<port_list> | all] Description Allows the 802.1p priority field to be overwritten on egress according to the QoS profile to 802.1p priority mapping for a given set of ports. Syntax Description port_list Specifies a list of ports or slots and ports.
Page 717 enable dot1p replacement ports Example The following command enables dot1p replacement on all ports: enable dot1p replacement ports all History This command was available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 718: Show Diffserv
QoS Commands show diffserv show diffserv [examination | replacement] Description Displays the DiffServ-to-QoS profile mapping. Syntax Description examination Specifies to display currently configured mapping for each DiffServ code point to QoS profile. replacement Specifies to display currently configured code point replacement value. Default N/A.
Page 719 show diffserv Following is sample output from the command on the BlackDiamond show diffserv replacement 8810 switch: QOSProfile->CodePoint mapping: QP1->00 QP8->56 BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the DiffServ feature.
Page 720: Show Dot1P
QoS Commands show dot1p show dot1p Description Displays the 802.1p-to-QoS profile mappings. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays the current 802.1p-to-QoS mappings on the switch: show dot1p Because the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch have 2 default QoS profiles and the BlackDiamond 10K switch has 8 default QoS profiles you see different displays depending on the platform.
Page 721 show dot1p Following is sample output from the command on the BlackDiamond 10K switch: show dot1p 802.1p Priority Value QOS Profile History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 722: Show Ports Qosmonitor
QoS Commands show ports qosmonitor show ports <port_list> qosmonitor {ingress | egress} {no-refresh} Description Displays real-time ingress rate shaping statistics in addition to QoS statistics for egress packets on one or more ports. Syntax Description port_list Specifies one or more slots and ports. egress Specifies to display statistics in egress.
Page 723 show ports qosmonitor Following is sample output from this command: Port Statistics Port IQP1 IQP2 IQP3 IQP4 IQP5 IQP6 IQP7 IQP8 Xmts Xmts Xmts Xmts Xmts Xmts Xmts Xmts ================================================================================ ================================================================================ History This command was first available in ExtremeWare XOS 10.1. The ingress information was added in ExtremeWare XOS 11.0 Also, you must specify the ports in ExtremeWare XOS 11.0.
Page 724: Show Qosprofile
QoS Commands show qosprofile show qosprofile {ingress | egress} {ports [ all | <port_list>]} Description Displays QoS information on the switch. Syntax Description Ingress Specifies ingress queues. NOTE: This parameter is available only on the BlackDiamond 10K switch. egress Specifies egress queues; this is the default value. NOTE: This parameter is available only on the BlackDiamond 10K switch.
Page 725 show qosprofile Example The display varies depending on your platform. BlackDiamond 8800 family of switches and Summit X450 switch only. No arguments are available on the BlackDiamond 8800 family of switches or the Summit X450 switch for this command. Following is sample output from the command: show qosprofile...
Page 726 QoS Commands Platform Availability This command is available on all platforms. The parameters ingress, egress, and ports are available only on the BlackDiamond 10K switch. ExtremeWare XOS 11.3 Command Reference...
Page 727: Unconfigure Diffserv
unconfigure diffserv unconfigure diffserv unconfigure diffserv [examination | replacement] Description Uses the default DiffServ examination code point or uses the default DiffServ replacement mapping. Syntax Description examination Specifies to unconfigure the DiffServ examination point. replacement Specifies to unconfigure the DiffServ replacement mapping. Default N/A.
Page 728: Unconfigure Qosprofile
QoS Commands unconfigure qosprofile unconfigure qosprofile {ingress | egress} {ports [<port_list>|all]} Description Returns the ingress rate shaping parameters, which is an ingress QoS profile, or the egressing QoS values to default values. Syntax Description ingress Specifies all ingress QoS profiles for specified ports. The default ingress values are as follows: •...
Page 729 unconfigure qosprofile family of switches and the Summit X450 switch are shown in this section; the BlackDiamond 8800 family of switches and the Summit X450 switch do not support ingressing QoS profiles. Weight—1 ● Maximum buffer—100% ● BlackDiamond 10K switch only. the default values for egressing QoS profiles and ingressing QoS profiles on the BlackDiamond 10K switch are shown in this section.
Page 730 QoS Commands Usage Guidelines BlackDiamond 10K switch only. The number of ingress queues per port varies between the 1G I/O module and the 10G module. On the 1G module, you have two ingress queues per port. The priority values of 1 to 4 map to the first queue, and the priority values of 5 to 8 map to the second queue. On the 10G module, you have eight ingress queues per port.
Page 731: Chapter 15: Security Commands
Security Commands This chapter describes commands for: Managing the switch using SSH2 ● Configuring switch user authentication through a RADIUS client ● Configuring switch user authentication through TACACS+ ● Protecting the switch from Denial of Service attacks ● Secure Shell 2 (SSH2) is a feature of ExtremeWare XOS that allows you to encrypt session data between a network administrator using SSH2 client software and the switch.
Page 732: Clear Vlan Dhcp-Address-Allocation
Security Commands clear vlan dhcp-address-allocation clear vlan <vlan_name> dhcp-address-allocation [[all {offered | assigned | declined | expired}] | <ipaddress>] Description Removes addresses from the DHCP allocation table. Syntax Description vlan_name Specifies the VLAN of the DHCP server. Specifies all IP addresses, or all IP addresses in a particular state. offered Specifies IP addresses offered to clients.
Page 733: Configure Dos-Protect Acl-Expire
configure dos-protect acl-expire configure dos-protect acl-expire configure dos-protect acl-expire <seconds> Description Configures the denial of service protection ACL expiration time. Syntax Description seconds Specifies how long the ACL is in place. Default The default is 5 seconds. Usage Guidelines This command configures how long the DoS protection ACL remains in place. Example This example sets the ACL expiration time to 15 seconds: configure dos-protect acl-expire 15...
Page 734: Configure Dos-Protect Interval
Security Commands configure dos-protect interval configure dos-protect interval <seconds> Description Configures the denial of service protection interval. Syntax Description seconds Specifies how often the DoS protection counter is monitored. Default The default is one second. Usage Guidelines This command configures how often the DoS protection counter is monitored. Example This example sets the interval to 5 seconds: configure dos-protect interval 5...
Page 735: Configure Dos-Protect Trusted Ports
configure dos-protect trusted ports configure dos-protect trusted ports configure dos-protect trusted-ports [ports [<ports> | all] | add-ports [<ports-to-add> | all] | delete-ports [<ports-to-delete> | all] Description Configures the list of trusted ports. Syntax Description ports Specifies the trusted ports list. ports-to-add Specifies the ports to add to the trusted ports list.
Page 736 Security Commands Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 737: Configure Dos-Protect Type L3-Protect Alert-Threshold
configure dos-protect type l3-protect alert-threshold configure dos-protect type l3-protect alert-threshold configure dos-protect type l3-protect alert-threshold <packets> Description Configures the denial of service protection alert threshold. Syntax Description packets Specifies how many packets in an interval will cause an alert. Default The default is 4000 packets.
Page 738: Configure Dos-Protect Type L3-Protect Notify-Threshold
Security Commands configure dos-protect type l3-protect notify-threshold configure dos-protect type l3-protect notify-threshold <packets> Description Configures the denial of service protection notification threshold. Syntax Description packets Specifies how many packets in an interval will cause a notification. Default The default is 3500 packets. Usage Guidelines This command configures how many packets received in an interval will cause a DoS protection notification.
Page 739: Configure Ports Limit-Learning Lock-Learning
configure ports limit-learning lock-learning configure ports limit-learning lock-learning configure ports <portlist> vlan <vlan name> [limit-learning <number> | lock-learning | unlimited-learning | unlock-learning] Description Configures virtual ports for limited or locked MAC address learning. Syntax Description portlist Specifies one or more ports or slots and ports. vlan name Specifies the name of the VLAN.
Page 740 Security Commands For ports that have a learning limit in place, the following traffic still flows to the port: Packets destined for permanent MACs and other non-blackholed MACs ● Broadcast traffic ● EDP traffic ● Traffic from the permanent MAC and any other non-blackholed MACs will still flow from the virtual port.
Page 741 configure ports limit-learning lock-learning The following command removes the learning limit from the specified ports: configure ports 1, 2, vlan accounting unlimited-learning The following command unlocks the FDB entries for the specified ports: configure ports 4,5 vlan accounting unlock-learning History This command was first available in ExtremeWare XOS 11.1.
Page 742: Configure Radius Server
Security Commands configure radius server configure radius {mgmt-access | netlogin} [primary | secondary] server [<ipaddress> | <hostname>] {<udp_port>} client-ip [<ipaddress>] {vr <vr_name>} Description Configures the primary and secondary RADIUS authentication server. Syntax Description mgmt-access Specifies the RADIUS authentication server for switch management. netlogin Specifies the RADIUS authentication server for network login.
Page 743 configure radius server Beginning with ExtremeWare XOS 11.2, you can specify one pair of RADIUS authentication servers for switch management and another pair for network login. To specify RADIUS authentication servers for switch management (Telnet, SSH, and console sessions), use the keyword.
Page 744: Configure Radius Shared-Secret
Security Commands configure radius shared-secret configure radius {mgmt-access | netlogin} [primary | secondary] shared- secret {encrypted} <string> Description Configures the authentication string used to communicate with the RADIUS authentication server. Syntax Description mgmt-access Specifies the switch management RADIUS authentication server. netlogin Specifies the network login RADIUS authentication server.
Page 745 configure radius shared-secret History This command was first available in ExtremeWare XOS 10.1. keyword was added in ExtremeWare XOS 11.0. encrypted keywords were added in ExtremeWare XOS 11.2. mgmt-access netlogin Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 746: Configure Radius Timeout
Security Commands configure radius timeout configure radius {mgmt-access | netlogin} timeout <seconds> Description Configures the timeout interval for RADIUS authentication requests. Syntax Description mgmt-access Specifies the switch management RADIUS authentication server. netlogin Specifies the network login RADIUS authentication server. seconds Specifies the number of seconds for authentication requests.
Page 747 configure radius timeout Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 748: Configure Radius-Accounting Server
Security Commands configure radius-accounting server configure radius-accounting {mgmt-access | netlogin} [primary | secondary] server [<ipaddress> | <hostname>] {<tcp_port>} client-ip [<ipaddress>] {vr <vr_name>} Description Configures the RADIUS accounting server. Syntax Description mgmt-access Specifies the RADIUS accounting server for switch management. netlogin Specifies the RADIUS accounting server for network login.
Page 749 configure radius-accounting server switch management (Telnet, SSH, and console sessions), use the keyword. To specify mgmt-access RADIUS accounting servers for network login, use the keyword. If you do not specify a netlogin keyword, switch management and network login use the same pair of RADIUS accounting servers. If you are running ExtremeWare XOS 11.1 or earlier and upgrade to ExtremeWare XOS 11.2, you do not loose your existing RADIUS accounting server configuration.
Page 750: Configure Radius-Accounting Shared-Secret
Security Commands configure radius-accounting shared-secret configure radius-accounting {mgmt-access | netlogin} [primary | secondary] shared-secret {encrypted} <string> Description Configures the authentication string used to communicate with the RADIUS accounting server. Syntax Description mgmt-access Specifies the switch management RADIUS accounting server. netlogin Specifies the network login RADIUS accounting server.
Page 751 configure radius-accounting shared-secret History This command was first available in ExtremeWare XOS 10.1. keyword was added in ExtremeWare XOS 11.0. encrypted keywords were added in ExtremeWare XOS 11.2. mgmt-access netlogin Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 752: Configure Radius-Accounting Timeout
Security Commands configure radius-accounting timeout configure radius-accounting {mgmt-access | netlogin} timeout <seconds> Description Configures the timeout interval for RADIUS-Accounting authentication requests. Syntax Description mgmt-access Specifies the switch management RADIUS accounting server. netlogin Specifies the network login RADIUS accounting server. seconds Specifies the number of seconds for accounting requests.
Page 753: Configure Ssh2 Key
configure ssh2 key configure ssh2 key configure ssh2 key {pregenerated} Description Generates the Secure Shell 2 (SSH2) host key. Syntax Description pregenerated Indicates that the SSH2 authentication key has already been generated. The user will be prompted to enter the existing key. Default The switch generates a key for each SSH2 session.
Page 754 Security Commands The key generation process generates the SSH2 private host key. The SSH2 public host key is derived from the private host key, and is automatically transmitted to the SSH2 client at the beginning of an SSH2 session. To view the status of SSH2 on the switch, use the command.
Page 755: Configure Ssl Certificate Pregenerated
Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL.
Page 756 Security Commands Example The following command obtains the pre-generated certificate from the user: configure ssl certificate pregenerated Next, you open the certificate and then copy and paste the certificate into the console/Telnet session, followed by a blank line to end the command. History This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module.
Page 757: Configure Ssl Certificate Privkeylen
Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL.
Page 758 Security Commands History This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 759: Configure Ssl Privkey Pregenerated
Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL.
Page 760 Security Commands History This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 761: Configure Tacacs Server
configure tacacs server configure tacacs server configure tacacs [primary | secondary] server [<ipaddress> | <hostname>] {<tcp_port>} client-ip <ipaddress> {vr <vr_name>} Description Configures the server information for a TACACS+ authentication server. Syntax Description primary Configures the primary TACACS+ server. secondary Configures the secondary TACACS+ server. ipaddress The IP address of the TACACS+ server being configured.
Page 762 Security Commands History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 763: Configure Tacacs Shared-Secret
configure tacacs shared-secret configure tacacs shared-secret configure tacacs [primary | secondary] shared-secret {encrypted} <string> Description Configures the shared secret string used to communicate with the TACACS+ authentication server. Syntax Description primary Configures the authentication string for the primary TACACS+ server. secondary Configures the authentication string for the secondary TACACS+ server.
Page 764: Configure Tacacs Timeout
Security Commands configure tacacs timeout configure tacacs timeout <seconds> Description Configures the timeout interval for TACAS+ authentication requests. Syntax Description seconds Specifies the number of seconds for authentication requests. Range is 3 to 120 seconds. Default The default is 3 seconds. Usage Guidelines Use this command to configure the timeout interval for TACACS+ authentication requests.
Page 765: Configure Tacacs-Accounting Server
configure tacacs-accounting server configure tacacs-accounting server configure tacacs-accounting [primary | secondary] server [<ipaddress> | <hostname>] {<udp_port>} client-ip <ipaddress> {vr <vr_name>} Description Configures the TACACS+ accounting server. Syntax Description primary Configures the primary TACACS+ accounting server. secondary Configures the secondary TACACS+ accounting server. ipaddress The IP address of the TACACS+ accounting server being configured.
Page 766 Security Commands History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 767: Configure Tacacs-Accounting Shared-Secret
configure tacacs-accounting shared-secret configure tacacs-accounting shared-secret configure tacacs-accounting [primary | secondary] shared-secret {encrypted} <string> Description Configures the shared secret string used to communicate with the TACACS+ accounting server. Syntax Description primary Configures the authentication string for the primary TACACS+ accounting server.
Page 768: Configure Tacacs-Accounting Timeout
Security Commands configure tacacs-accounting timeout configure tacacs-accounting timeout <seconds> Description Configures the timeout interval for TACACS+ accounting authentication requests. Syntax Description seconds Specifies the number of seconds for accounting requests. Range is 3 to 120 seconds Default The default is 3 seconds. Usage Guidelines This command configures the timeout interval for TACACS+ accounting authentication requests.
Page 769: Configure Vlan Dhcp-Address-Range
configure vlan dhcp-address-range configure vlan dhcp-address-range configure vlan <vlan_name> dhcp-address-range <ipaddress1> - <ipaddress2> Description Configures a set of DHCP addresses for a VLAN. Syntax Description vlan_name Specifies the VLAN on whose ports DHCP will be enabled. ipaddress1 Specifies the first IP address in the DHCP address range to be assigned to this VLAN.
Page 770: Configure Vlan Dhcp-Lease-Timer
Security Commands configure vlan dhcp-lease-timer configure vlan <vlan_name> dhcp-lease-timer <lease-timer> Description Configures the timer value in seconds returned as part of the DHCP response. Syntax Description name Specifies the VLAN on whose ports netlogin should be disabled. lease-timer Specifies the timer value, in seconds. Default N/A.
Page 771: Configure Vlan Dhcp-Options
configure vlan dhcp-options configure vlan dhcp-options configure vlan <vlan_name> dhcp-options [default-gateway | dns-server | wins-server] <ipaddress> Description Configures the DHCP options returned as part of the DHCP response by a switch configured as a DHCP server. Syntax Description name Specifies a VLAN name. default-gateway Specifies the router option.
Page 772 Security Commands Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 773: Disable Dos-Protect
disable dos-protect disable dos-protect disable dos-protect Description Disables denial of service protection. Syntax Description There are no arguments or variables for this command. Default Default is disabled. Usage Guidelines None. Example The following command disables denial of service protection. disable dos-protect History This command was first available in ExtremeWare XOS 11.1.
Page 774: Disable Dhcp Ports Vlan
Security Commands disable dhcp ports vlan disable dhcp ports <portlist> vlan <vlan name> Description Disables DHCP on a specified port in a VLAN. Syntax Description portlist Specifies the ports for which DHCP should be disabled. vlan name Specifies the VLAN on whose ports DHCP should be disabled. Default N/A.
Page 775: Disable Radius
disable radius disable radius disable radius {mgmt-access | netlogin} Description Disables the RADIUS client. Syntax Description mgmt-access Specifies the switch management RADIUS authentication server. netlogin Specifies the network login RADIUS authentication server. Default RADIUS authentication is disabled for both switch management and network login by default. Usage Guidelines Use the keyword to disable RADIUS authentication for switch management functions.
Page 776: Disable Radius-Accounting
Security Commands disable radius-accounting disable radius-accounting {mgmt-access | netlogin} Description Disables RADIUS accounting. Syntax Description mgmt-access Specifies the switch management RADIUS accounting server. netlogin Specifies the network login RADIUS accounting server. Default RADIUS accounting is disabled for both switch management and network login by default. Usage Guidelines Use the keyword to disable RADIUS accounting for switch management functions.
Page 777: Disable Ssh2
disable ssh2 disable ssh2 disable ssh2 Description Disables the SSH2 server for incoming SSH2 sessions to switch. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines SSH2 options (non-default port setting) are not saved when SSH2 is disabled. To view the status of SSH2 on the switch, use the command.
Page 778: Disable Tacacs
Security Commands disable tacacs disable tacacs Description Disables TACACS+ authentication. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command disables TACACS+ authentication for the switch: disable tacacs History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms.
Page 779: Disable Tacacs-Accounting
disable tacacs-accounting disable tacacs-accounting disable tacacs-accounting Description Disables TACACS+ accounting. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command disables TACACS+ accounting: disable tacacs-accounting History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms.
Page 780: Disable Tacacs-Authorization
Security Commands disable tacacs-authorization disable tacacs-authorization Description Disables TACACS+ authorization. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This disables CLI command authorization but leaves user authentication enabled. Example The following command disables TACACS+ CLI command authorization: disable tacacs-authorization History This command was first available in ExtremeWare XOS 10.1.
Page 781: Disable Web Https
Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL.
Page 782: Download Ssl Certificate
Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL.
Page 783 download ssl certificate Period ( . ) ● Colon ( : ) ● When configuring an IP address for your network server, remember the requirements listed above. Remote Filename Character Restrictions. This section provides information about the characters supported by the switch for remote filenames. When specifying a remote filename, the switch permits only the following characters: Alphabetical letters, upper case and lower case (A-Z, a-z) ●...
Page 784: Download Ssl Privkey
Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL.
Page 785 download ssl privkey Period ( . ) ● Colon ( : ) ● When configuring an IP address for your network server, remember the requirements listed above. Remote Filename Character Restrictions. This section provides information about the characters supported by the switch for remote filenames. When specifying a remote filename, the switch permits only the following characters: Alphabetical letters, upper case and lower case (A-Z, a-z) ●...
Page 786: Enable Dos-Protect
Security Commands enable dos-protect enable dos-protect Description Enables denial of service protection. Syntax Description This command has no arguments or variables. Default The default is disabled. Usage Guidelines None. Example The following command enables denial of service protection. enable dos-protect History This command was first available in ExtremeWare XOS 11.1 Platform Availability...
Page 787: Enable Dos-Protect Simulated
enable dos-protect simulated enable dos-protect simulated enable dos-protect simulated Description Enables simulated denial of service protection. Syntax Description This command has no arguments or variables. Default The default is disabled. Usage Guidelines If simulated denial of service is enabled, no ACLs are created. This mode is useful to gather information about normal traffic levels on the switch.
Page 788: Enable Dhcp Ports Vlan
Security Commands enable dhcp ports vlan enable dhcp ports <portlist> vlan <vlan_name> Description Enables DHCP on a specified port in a VLAN. Syntax Description portlist Specifies the ports for which DHCP should be disabled. vlan_name Specifies the VLAN on whose ports DHCP should be disabled. Default N/A.
Page 789: Enable Radius
enable radius enable radius enable radius {mgmt-access | netlogin} Description Enables the RADIUS client on the switch. Syntax Description mgmt-access Specifies the switch management RADIUS authentication server. netlogin Specifies the network login RADIUS authentication server. Default RADIUS authentication is disabled for both switch management and network login by default. Usage Guidelines Before you enable RADIUS on the switch, you must configure the servers used for authentication and configure the authentication string (shared secret) used to communicate with the RADIUS...
Page 790 Security Commands History This command was first available in ExtremeWare XOS 10.1. keywords were added in ExtremeWare XOS 11.2. mgmt-access netlogin Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 791: Enable Radius-Accounting
enable radius-accounting enable radius-accounting enable radius-accounting {mgmt-access | netlogin} Description Enables RADIUS accounting. Syntax Description mgmt-access Specifies the switch management RADIUS accounting server. netlogin Specifies the network login RADIUS accounting server. Default RADIUS accounting is disabled for both switch management and network login by default. Usage Guidelines The RADIUS client must also be enabled.
Page 792 Security Commands History This command was first available in ExtremeWare XOS 10.1. keywords were added in ExtremeWare XOS 11.2. mgmt-access netlogin Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 793: Enable Ssh2
enable ssh2 enable ssh2 enable ssh2 {access-profile [<access_profile> | none]} {port <tcp_port_number>} {vr [<vr_name> | all | default]} Description Enables SSH2 server to accept incoming sessions from SSH2 clients. Syntax Description access_profile Specifies an ACL policy. none Cancels a previously configured ACL policy. port Specifies a TCP port number.
Page 794 Security Commands option. If the ACL policy file does not exist on the switch, the switch returns an access-profile error message indicating that the file does not exist. Use the option to cancel a previously configured ACL. none Creating an ACL Policy File. To create an ACL policy file, use the command.
Page 795: Enable Tacacs
enable tacacs enable tacacs enable tacacs Description Enables TACACS+ authentication. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines After they have been enabled, all web and Telnet logins are sent to one of the two TACACS+ servers for login name authentication.
Page 796: Enable Tacacs-Accounting
Security Commands enable tacacs-accounting enable tacacs-accounting Description Enables TACACS+ accounting. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines If accounting is used, the TACACS+ client must also be enabled. Example The following command enables TACACS+ accounting for the switch: enable tacacs-accounting History This command was first available in ExtremeWare XOS 10.1.
Page 797: Enable Tacacs-Authorization
enable tacacs-authorization enable tacacs-authorization enable tacacs-authorization Description Enables CLI command authorization. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines When enabled, each command is transmitted to the remote TACACS+ server for authorization before the command is executed. TACACS+ authentication must also be enabled to use TACACS+ authorization.
Page 798: Enable Web Https
Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL.
Page 799 enable web https Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 800: Scp2
Security Commands scp2 scp2 {cipher [3des | blowfish]} {port <portnum>} {debug <debug_level>} <user>@ [<hostname> | <ipaddress>]:<remote_file> <local_file> {vr <vr_name>} scp2 {cipher [3des | blowfish]} {port <portnum>} {debug <debug_level>} <local_file> <user>@ [<hostname> | <ipaddress>]:<remote_file> {vr <vr_name>} Description The first command initiates an SCP2 client session to a remote SCP2 server and copies a configuration or policy file from the remote system to the switch.
Page 801 scp2 Usage Guidelines NOTE The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. You must be running the SSH2 module (ssh.xmod), which is under Export Control, in order to use the SCP2 command. SSH2 does not need to be enabled on the switch in order to use this command.
Page 802 Security Commands The following command copies the configuration file engineering.cfg from the switch to host system1: scp2 engineering.cfg admin@system1:/config/engineering.cfg History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 803: Show Dhcp-Server
show dhcp-server show dhcp-server show dhcp-server {vlan <vlan_name>} Description Displays the DHCP server’s configuration and address allocation on a specified VLAN. Syntax Description vlan_name Specifies the VLAN of the DHCP server of interest. Default N/A. Usage Guidelines If no VLAN is specified, the configuration and address allocation for the servers on all the VLANs is displayed.
Page 804: Show Dos-Protect
Security Commands show dos-protect show dos-protect {detail} Description Displays DoS protection configuration and state. Syntax Description detail Specifies to display statistics in addition to configuration and state. Default N/A. Usage Guidelines Use this command to display the DoS protection settings. Using the option will also display the detail following cumulative statistics:...
Page 805 show dos-protect The following command displays detailed DoS protection settings for the switch: show dos-protect detail The following is sample output from this command: dos-protect is enabled dos-protect settings: interval: (measurement interval secs) acl expire time: (secs) trusted ports: type L3-Protect: notify threshold: 3500 (level to log a message)
Page 806: Show Radius
Security Commands show radius show radius {mgmt-access | netlogin} Description Displays the current RADIUS client configuration and statistics. Syntax Description mgmt-access Specifies configuration and statistics for the switch management RADIUS authentication server. netlogin Specifies configuration and statistics for the network login RADIUS authentication server.
Page 807 show radius IP address 10.100.1.100 Server IP Port: 1812 Client address: 10.116.3.101 (VR-Mgmt) Shared secret : g~`#uovpkkpvi~` Access Requests Access Accepts Access Rejects Access Challenges : Access Retransmits: Client timeouts Bad authenticators: Unknown types Round Trip Time Secondary Switch Management Radius server: Server name IP address 10.100.1.101...
Page 808 Security Commands Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 809: Show Radius-Accounting
show radius-accounting show radius-accounting show radius-accounting {mgmt-access | netlogin} Description Displays the current RADIUS accounting client configuration and statistics. Syntax Description mgmt-access Specifies configuration and statistics for the switch management RADIUS accounting server. netlogin Specifies configuration and statistics for the network login RADIUS accounting server.
Page 810 Security Commands Shared secret : g~`#uovpkkpvi~` Acct Requests Acct Responses Acct Retransmits Timeouts Secondary Switch Management Accounting server: Server name IP address 10.100.1.101 Server IP Port: 1813 Client address: 10.116.3.101 (VR-Mgmt) Shared secret : g~`#uovpkkpvi~` Acct Requests Acct Responses Acct Retransmits Timeouts Primary Netlogin Accounting server: Server name...
Page 811: Show Ssl
Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL.
Page 812 Security Commands RSA Key Length: 1024 Certificate: Data: Version: 1 (0x0) Serial Number: 6 (0x6) Signature Algorithm: md5WithRSAEncryption Issuer: C=AU, O=CryptSoft Pty Ltd, CN=Test CA (1024 bit) Validity Not Before: Oct 16 22:31:03 2000 GMT Not After : Jan 14 22:31:03 2003 GMT Subject: C=AU, O=CryptSoft Pty Ltd, CN=Server test cert (512 bit) History This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module.
Page 813: Show Tacacs
show tacacs show tacacs show tacacs Description Displays the current TACACS+ configuration and statistics. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines The output of this command displays the following information: TACACS+—The current state of TACACS+, enabled or disabled. ●...
Page 814 Security Commands The following is sample output from this command: TACACS+: enabled TACACS+ Authorization: enabled TACACS+ Accounting : enabled TACACS+ Server Connect Timeout sec: 3 Primary TACACS+ Server: Server name IP address 10.201.31.238 Server IP Port: Client address: 10.201.31.65 (VR-Default) Shared secret : qijxou Secondary TACACS+ Server:...
Page 815: Show Tacacs-Accounting
show tacacs-accounting show tacacs-accounting show tacacs-accounting Description Displays the current TACACS+ accounting client configuration and statistics. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines The output of this command displays the following information: TACACS+ Accounting—The current state of TACACS+ accounting, enabled or disabled. ●...
Page 816 Security Commands History This command was first available in ExtremeWare XOS 10.1. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 817: Show Vlan Dhcp-Address-Allocation
show vlan dhcp-address-allocation show vlan dhcp-address-allocation show vlan <vlan_name> dhcp-address-allocation Description Displays the DHCP server’s address allocation on a specified VLAN. Syntax Description vlan_name Specifies the VLAN of the DHCP server of interest. Default N/A. Usage Guidelines None. Example The following command displays the configuration of the DHCP for the VLAN corp: show vlan corp dhcp-address-allocation The following is sample output from this command: ============================================================================...
Page 818: Show Vlan Dhcp-Config
Security Commands show vlan dhcp-config show vlan <vlan_name> dhcp-config Description Displays the DHCP server's configuration for the specified VLAN. Syntax Description vlan_name Specifies the VLAN of the DHCP server of interest. Default N/A. Usage Guidelines None. Example The following command displays the configuration of the DHCP server for the VLAN corp: show vlan corp dhcp-config The following is sample output from this command: DHCP Address Range...
Page 819: Ssh2
ssh2 ssh2 ssh2 {cipher [3des | blowfish]} {port <portnum>} {compression [on | off]} {user <username>} {debug <debug_level>} {<username>@} [<host> | <ipaddress>] {<remote command>} {vr <vr_name>} Description Initiates an SSH2 client session to a remote SSH2 server. Syntax Description 3des Specifies that the 3des cipher should be used for encryption. This is the default. blowfish Specifies that the blowfish cipher should be used for encryption.
Page 820 Security Commands You must be running the SSH2 module (ssh.xmod), which is under Export Control, in order to use the SSH2 client command. SSH2 does not need to be enabled on the switch in order to use this command. Typically, this command is used to establish a secure session to a remote switch. You are prompted for your password.
Page 821 ssh2 History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms with the SSH2 module installed. ExtremeWare XOS 11.3 Command Reference...
Page 822: Unconfigure Radius
Security Commands unconfigure radius unconfigure radius {mgmt-access | netlogin} {server [primary | secondary]} Description Unconfigures the RADIUS client configuration. Syntax Description mgmt-access Specifies the switch management RADIUS authentication server. netlogin Specifies the network login RADIUS authentication server. primary Unconfigures the primary RADIUS server. secondary Unconfigures the secondary RADIUS server.
Page 823 unconfigure radius History This command was first available in ExtremeWare XOS 10.1. keywords were added in ExtremeWare XOS 11.2. mgmt-access netlogin Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 824: Unconfigure Radius-Accounting
Security Commands unconfigure radius-accounting unconfigure radius-accounting {mgmt-access | netlogin} {server [primary | secondary]} Description Unconfigures the RADIUS accounting server configuration. Syntax Description mgmt-access Specifies the switch management RADIUS accounting server. netlogin Specifies the network login RADIUS accounting server. primary Unconfigures the primary RADIUS accounting server. secondary Unconfigures the secondary RADIUS accounting server.
Page 825 unconfigure radius-accounting History This command was first available in ExtremeWare XOS 10.1. keywords were added in ExtremeWare XOS 11.2. mgmt-access netlogin Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 826: Unconfigure Tacacs
Security Commands unconfigure tacacs unconfigure tacacs {server [primary | secondary]} Description Unconfigures the TACACS+ server configuration. Syntax Description primary Unconfigures the primary TACACS+ server. secondary Unconfigures the secondary TACACS+ server. Default Unconfigures both the primary and secondary TACACS+ servers. Usage Guidelines None.
Page 827: Unconfigure Tacacs-Accounting
unconfigure tacacs-accounting unconfigure tacacs-accounting unconfigure tacacs-accounting {server [primary | secondary]} Description Unconfigures the TACACS+ accounting server configuration. Syntax Description primary Unconfigures the primary TACACS+ accounting server. secondary Unconfigures the secondary TACACS+ accounting server. Default Unconfigures both the primary and secondary TACACS+ accounting servers. Usage Guidelines None.
Page 828: Unconfigure Vlan Dhcp
Security Commands unconfigure vlan dhcp unconfigure vlan <vlan_name> dhcp Description Unconfigure all the DHCP configuration information for the specified VLAN. Syntax Description vlan_name Specifies the VLAN on which to unconfigure DHCP. Default N/A. Usage Guidelines None. Example The following command unconfigures the DHCP server for the VLAN temporary: unconfigure temporary dhcp History This command was first available in ExtremeWare XOS 11.0.
Page 829: Unconfigure Vlan Dhcp-Address-Range
unconfigure vlan dhcp-address-range unconfigure vlan dhcp-address-range unconfigure vlan <vlan_name> dhcp-address-range Description Unconfigure the DHCP address range information for the specified VLAN. Syntax Description vlan_name Specifies the VLAN on which to unconfigure DHCP. Default N/A. Usage Guidelines None. Example The following command unconfigures the DHCP address range for the VLAN temporary: unconfigure temporary dhcp-address-range History This command was first available in ExtremeWare XOS 11.0.
Page 830: Unconfigure Vlan Dhcp-Options
Security Commands unconfigure vlan dhcp-options unconfigure vlan <vlan_name> dhcp-options Description Unconfigure the DHCP option information for the specified VLAN. Syntax Description vlan_name Specifies the VLAN on which to unconfigure DHCP. Default N/A. Usage Guidelines None. Example The following command unconfigures the DHCP options for the VLAN temporary: unconfigure temporary dhcp-options History This command was first available in ExtremeWare XOS 11.0.
Page 831: Chapter 16: Network Login Commands
Network Login Commands This chapter describes commands for configuring network login. Network login is a feature designed to control the admission of user packets into a network by giving network access only to users that have been properly authenticated. Network login is controlled by an administrator on a per port, per VLAN basis and uses an integration of DHCP, user authentication over the web interface, user authentication by MAC address, or 802.1x client software, and a RADIUS server to provide a user database or specific configuration details.
Page 832: Clear Netlogin State
Network Login Commands clear netlogin state clear netlogin state [{port <portlist>} {vlan <vlan name>}] Description Clears and initializes the Network Login sessions on a VLAN port. Syntax Description portlist Specifies the ports to clear. vlan name Specifies a VLAN to clear. Default None.
Page 833: Clear Netlogin State Mac-Address
clear netlogin state mac-address clear netlogin state mac-address clear netlogin state mac-address <mac> Description Initialize/Reset the Network Login sessions for a specified supplicant. Syntax Description Specifies the MAC address of the supplicant. Default N/A. Usage Guidelines This command is essentially equivalent to a particular supplicant logging out. The MAC address will be cleared from the FDB, the port is put back to its original VLAN (for Campus mode), and the port state is set to unauthenticated, if this was the last authenticated MAC on this port.
Page 834: Configure Netlogin Add Mac-List
Network Login Commands configure netlogin add mac-list configure netlogin add mac-list [<mac> {<mask>} | default] {encrypted} {<password>} {ports <port_list>} Description Adds an entry to the MAC address list for MAC-based Network Login. Syntax Description Specifies the MAC address to add. mask Specifies the number of bits to use for the mask.
Page 835 configure netlogin add mac-list Example The following example adds the MAC address 10:20:30:40:50:60 with the password foo to the list: configure netlogin add mac-list 10:20:30:40:50:60 password foo The following example associates MAC address 10:20:30:40:50:70 with ports 2:2 and 2:3. This means authentication requests from MAC address 10:20:30:40:50:70 are only accepted on ports 2:2 and 2:3: configure netlogin add mac-list mac 10:20:30:40:50:70 ports 2:2-2:3 History...
Page 836: Configure Netlogin Banner
Specifies the HTML code for the banner. Default The default banner is the Extreme Networks logo. Usage Guidelines The banner is a quoted, HTML string, that will be displayed on the Network Login page. The string is limited to 1024 characters.
Page 837: Configure Netlogin Base-Url
configure netlogin base-url configure netlogin base-url configure netlogin base-url <url> Description Configures the base URL for Network Login. Syntax Description Specifies the base URL for Network Login. Default The base URL default value is “network-access.net”. Usage Guidelines When you login using a web browser, you are redirected to the specified base URL, which is the DNS name for the switch.
Page 838: Configure Netlogin Delete Mac-List
Network Login Commands configure netlogin delete mac-list configure netlogin delete mac-list [<mac> {<mask>} | default] Description Deletes an entry from the MAC address list for MAC-based Network Login. Syntax Description Specifies the MAC address to delete. mask Specifies the number of bits to use for the mask. default Specifies the default entry.
Page 839: Configure Netlogin Dot1X Eapol-Transmit-Version
configure netlogin dot1x eapol-transmit-version configure netlogin dot1x eapol-transmit-version configure netlogin dot1x eapol-transmit-version <eapol-version> Description Configures the default EAPOL version sent in transmitted packets for Network Login. Syntax Description eapol-version Specifies the EAPOL version. Choices are "v1" or "v2". Default The default is "v1". Usage Guidelines Although ExtremeWare XOS supports EAPOL version 2, some clients do not yet accept the version 2 EAPOL packets.
Page 840: Configure Netlogin Dot1X Guest-Vlan
Network Login Commands configure netlogin dot1x guest-vlan configure netlogin dot1x guest-vlan <vlan_name> Description Configures a guest VLAN for 802.1x. Syntax Description vlan_name Specifies the name of the guest VLAN. Default N/A. Usage Guidelines This command configures the guest VLAN for 802.1x on the current virtual router (VR). A guest VLAN provides limited or restricted network access if a supplicant does not respond to the 802.1x authentication requests sent by the switch.
Page 841 configure netlogin dot1x guest-vlan Example The following example creates a guest VLAN for 802.1x named guest: configure netlogin dot1x guest-vlan guest History This command was first available in ExtremeWare XOS 11.2. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 842: Configure Netlogin Dot1X Timers
Network Login Commands configure netlogin dot1x timers configure netlogin dot1x timers [{server-timeout <server_timeout>} {quiet- period <quiet_period>} {reauth-period <reauth_period>} {supp-resp-timeout <supp_resp_timeout>}] Description Configures the 802.1x timers for Network Login. Syntax Description server-timeout Specifies the timeout period for a response from the RADIUS server. quiet-period Specifies the time for which the switch will not attempt to communicate with the supplicant after authentication has failed.
Page 843: Configure Netlogin Local-User
configure netlogin local-user configure netlogin local-user configure netlogin local-user <user-name> {vlan-vsa [[{tagged | untagged} [<vlan_name>] | <vlan_tag>]] | none]} Description Configures an existing local netlogin account. Syntax Description user-name Specifies the name of an existing local netlogin account. tagged Specifies that the client be added as tagged. untagged Specifies that the client be added as untagged.
Page 844 Network Login Commands You might be attempting to modify a local netlogin account that is not present or the switch, or you might have incorrectly entered the account name. To confirm the names of the local netlogin accounts on your switch, use the following command: show netlogin local-users Additional Requirements.
Page 845: Configure Netlogin Move-Fail-Action
configure netlogin move-fail-action configure netlogin move-fail-action configure netlogin move-fail-action [authenticate | deny] Description Configures the action network login takes if a VLAN move fails. This can occur if two clients attempt to move to an untagged VLAN on the same port. Syntax Description authenticate Specifies that the client is authenticated.
Page 846: Configure Netlogin Ports Mode
Network Login Commands configure netlogin ports mode configure netlogin ports [all | <port_list>] mode [mac-based-vlans | port- based-vlans] Description Configures the netlogin port’s mode of operation. Syntax Description Specifies all netlogin ports. port_list Specifies one or more netlogin ports. mac-based-vlans Allows more than one untagged VLAN.
Page 847 configure netlogin ports mode 10 Gigabit Ethernet ports such as those on the 10G4X I/O module and the uplink ports on the ● Summit X450 switch do not support netlogin MAC-based VLANs. If you attempt to configure netlogin MAC-based VLANs on 10 Gigabit Ethernet ports, the switch displays an error message similar to the following: ERROR: The following ports do not support the MAC-Based VLAN mode;...
Page 848 Network Login Commands Software redundant port: Disabled auto-polarity: Enabled The added output displays information about the mode of operation for the netlogin port. —The term MAC-based appears next to the tag number. ● VLAN cfg —This output was added to display the port mode of operation. Mac based ●...
Page 849 configure netlogin ports mode Platform Availability This command is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch. ExtremeWare XOS 11.3 Command Reference...
Page 850: Configure Netlogin Redirect-Page
You must configure a complete URL starting with http:// https:// To support https, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. For more information about SSH2, see Chapter 16, “Security”...
Page 851: Configure Netlogin Vlan
configure netlogin vlan configure netlogin vlan configure netlogin vlan <vlan_name> Description Configures the VLAN for Network Login. Syntax Description vlan Specifies the VLAN for Network Login. Default N/A. Usage Guidelines This command will configure the VLAN used for unauthenticated clients. One VLAN needs to be configured per VR.
Page 852: Configure Vlan Netlogin-Lease-Timer
Network Login Commands configure vlan netlogin-lease-timer configure vlan <vlan name> netlogin-lease-timer <seconds> Description Configures the timer value returned as part of the DHCP response for clients attached to network login- enabled ports. Syntax Description vlan name Specifies the VLAN to which this timer value applies. seconds Specifies the timer value, in seconds.
Page 853: Create Netlogin Local-User
create netlogin local-user create netlogin local-user create netlogin local-user <user-name> {encrypted <password>} {vlan-vsa [[{tagged | untagged} [<vlan_name>] | <vlan_tag>]]} Description Creates a local netlogin user name and password. Syntax Description user-name Specifies a new local netlogin user name. User names must have a minimum of 1 character and a maximum of 32 characters.
Page 854 32 characters. Passwords must have a minimum of 0 characters and a maximum of 32 characters. If you use RADIUS for authentication, Extreme Networks recommends that you use the same user name and password for both local authentication and RADIUS authentication.
Page 855 create netlogin local-user History This command was first available in ExtremeWare XOS 11.2. parameter and associated options were added in ExtremeWare XOS 11.3. vlan-vsa Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 856: Delete Netlogin Local-User
Network Login Commands delete netlogin local-user delete netlogin local-user <user-name> Description Deletes a specified local netlogin user name and its associated password. Syntax Description user-name Specifies a local netlogin user name. Default N/A. Usage Guidelines Use the command to determine which local netlogin user name you show netlogin local-users want to delete from the system.
Page 857: Disable Netlogin
disable netlogin disable netlogin disable netlogin [{dot1x} {mac} {web-based}] Description Disables Network Login modes. Syntax Description dot1x Specifies 802.1x authentication. Specifies MAC-based authentication. web-based Specifies web-based authentication. Default All types of authentication are disabled. Usage Guidelines Any combination of authentication types can be disabled on the same switch. To enable an authentication mode, use the following command: enable netlogin [{dot1x} {mac} {web-based}] Example...
Page 858: Disable Netlogin Dot1X Guest-Vlan Ports
Network Login Commands disable netlogin dot1x guest-vlan ports disable netlogin dot1x guest-vlan ports [all | <portlist>] Description Disables the guest VLAN on the specified 802.1x netlogin ports. Syntax Description Specifies all ports included in the guest VLAN. portlist Specifies one or more ports included in the guest VLAN. Default Disabled.
Page 859: Disable Netlogin Logout-Privilege
disable netlogin logout-privilege disable netlogin logout-privilege disable netlogin logout-privilege Description Disables Network Login logout window pop-up. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines This command controls the logout window pop-up on the web-based network client. This command applies only to the web-based authentication mode of network login.
Page 860: Disable Netlogin Ports
Network Login Commands disable netlogin ports disable netlogin ports <portlist> [{dot1x} {mac} {web-based}] Description Disables Network Login on a specified port for a particular method. Syntax Description portlist Specifies the ports for which netlogin should be disabled. dot1x Specifies 802.1x authentication. Specifies MAC-based authentication.
Page 861: Disable Netlogin Session-Refresh
disable netlogin session-refresh disable netlogin session-refresh disable netlogin session-refresh Description Disables Network Login session refresh. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines Network Login sessions can refresh themselves after a configured timeout. After the user has been logged in successfully, a logout window opens which can be used to close the connection by clicking on the LogOut link.
Page 862: Enable Netlogin
Network Login Commands enable netlogin enable netlogin [{dot1x} {mac} {web-based}] Description Enables Network Login authentication modes. Syntax Description dot1x Specifies 802.1x authentication. Specifies mac-based authentication. web-based Specifies web-based authentication. Default All types of authentication are disabled. Usage Guidelines Any combination of types of authentication can be enabled on the same switch. At least one of the authentication types must be specified on the command line.
Page 863: Enable Netlogin Dot1X Guest-Vlan Ports
enable netlogin dot1x guest-vlan ports enable netlogin dot1x guest-vlan ports enable netlogin dot1x guest-vlan ports [all | <ports>] Description Enables the guest VLAN on the specified 802.1x netlogin ports. Syntax Description Specifies all ports included in the guest VLAN. ports Specifies one or more ports included in the guest VLAN.
Page 864 Network Login Commands Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 865: Enable Netlogin Logout-Privilege
enable netlogin logout-privilege enable netlogin logout-privilege enable netlogin logout-privilege Description Enables network login logout pop-up window. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines This command controls the logout window pop-up on the web-based network client. This command applies only to the web-based authentication mode of network login.
Page 866: Enable Netlogin Ports
Network Login Commands enable netlogin ports enable netlogin ports <portlist> [{dot1x} {mac} {web-based}] Description Enables network login on a specified port for a particular authentication method. Syntax Description portlist Specifies the ports for which netlogin should be disabled. dot1x Specifies 802.1x authentication. Specifies MAC-based authentication.
Page 867 enable netlogin ports Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 868: Enable Netlogin Session-Refresh
Network Login Commands enable netlogin session-refresh enable netlogin session-refresh {<minutes>} Description Disables network login session refresh. Syntax Description minutes Specifies the session refresh time for network login in minutes. Default Disabled, with a value of three minutes for session refresh. Usage Guidelines Network Login sessions can refresh themselves after a configured timeout.
Page 869: Show Banner Netlogin
show banner netlogin show banner netlogin show banner netlogin Description Displays the user-configured banner string for network login. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Use this command to view the banner that is displayed on the network login page. Example The following command displays the network login banner: show banner netlogin...
Page 870: Show Netlogin
Network Login Commands show netlogin show netlogin {port <portlist> vlan <vlan_name>} {dot1x {detail}} {mac} {web-based} Description Shows status information for Network Login. Syntax Description portlist Specifies one or more ports or slots and ports. vlan_name Specifies the name of a VLAN. dot1x Specifies 802.1x information.
Page 871 show netlogin The following is sample output from this command: NetLogin Authentication Mode : web-based DISABLED; 802.1x ENABLED; mac-based ENABLED NetLogin VLAN : "nl" NetLogin move-fail-action : Deny NetLogin Client Aging Time : 5 minutes ------------------------------------------------ Web-based Mode Global Configuration ------------------------------------------------ Base-URL : network-access.com...
Page 872 Network Login Commands ----------------------------------------------- Port: 5:3, Vlan: Default, State: Enabled, Authentication: mac-based, Guest Vlan: Disabled IP address Auth Type ReAuth-Timer User ----------------------------------------------- Port: 5:4, Vlan: Default, State: Enabled, Authentication: mac-based, Guest Vlan: Disabled IP address Auth Type ReAuth-Timer User ----------------------------------------------- Port: 5:5, Vlan: Default, State: Enabled,...
Page 873 show netlogin The following is sample output from this command: Port: 2:1 Vlan: Default Authentication: Web-Based, 802.1x Port State: Unauthenticated Guest VLAN: Not Enabled DHCP: Not Enabled IP address Auth Type ReAuth-Timer User 00:0C:F1:E8:4E:13 0.0.0.0 802.1x Unknown 00:01:30:F3:EA:A0 10.0.0.1 802.1x testUser The following command shows the details of the 802.1x mode: show netlogin dot1x detail...
Page 874 Network Login Commands Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 875: Show Netlogin Local-Users
show netlogin local-users show netlogin local-users show netlogin local-users Description Displays the local netlogin users configured on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Use this command to display the list of local netlogin users and associated VLANs. If you associated a VLAN with a local netlogin user, the output displays the name of the VLAN.
Page 876 Network Login Commands History This command was first available in ExtremeWare XOS 11.2. The output was modified to include VLAN information in ExtremeWare XOS 11.3. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 877: Show Netlogin Mac-List
show netlogin mac-list show netlogin mac-list show netlogin mac-list Description Displays the MAC address list for MAC-based network login. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Use this command to display the MAC address list used for MAC-based network login. MAC-based authentication is VR aware, so there is one MAC list per VR.
Page 878: Unconfigure Netlogin Dot1X Guest-Vlan
Network Login Commands unconfigure netlogin dot1x guest-vlan unconfigure netlogin dot1x guest-vlan Description Unconfigures a guest VLAN for 802.1x. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Use this command to unconfigure the guest VLAN for 802.1x authentication on the current VR. Example The following example unconfigures the guest VLAN for 802.1x: unconfigure netlogin dot1x guest-vlan...
Page 879: Unconfigure Netlogin Vlan
unconfigure netlogin vlan unconfigure netlogin vlan unconfigure netlogin vlan Description Unconfigures the VLAN for network login. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This command unconfigures the VLAN used for unauthenticated clients. One VLAN needs to be configured per VR.
Page 880 Network Login Commands ExtremeWare XOS 11.3 Command Reference...
Page 881: Chapter 17: Clear-Flow Commands
CLEAR-Flow Commands This chapter describes commands for: Enabling and disabling CLEAR-Flow ● Displaying CLEAR-Flow rules ● Displaying triggered CLEAR-Flow rules ● CLEAR-Flow is a broad framework for implementing security, monitoring, and anomaly detection in ExtremeWare XOS software. Instead of simply looking at the source and destination of traffic, CLEAR- Flow allows you to specify certain types of traffic that require more attention.
Page 882: Disable Clear-Flow
CLEAR-Flow Commands disable clear-flow disable clear-flow Description Disable the CLEAR-Flow agent. Syntax Description This command has no arguments or variables. Default CLEAR-Flow is disabled by default. Usage Guidelines When the CLEAR-Flow agent is disabled, sampling stops and the and all rules are left in the current state.
Page 883: Enable Clear-Flow
enable clear-flow enable clear-flow enable clear-flow Description Enable the CLEAR-Flow agent. Syntax Description This command has no arguments or variables. Default CLEAR-Flow is disabled by default. Usage Guidelines When the CLEAR-Flow agent is enabled, sampling begins and actions are taken based on the CLEAR- Flow rules that are configured on the switch.
Page 884: Show Clear-Flow
CLEAR-Flow Commands show clear-flow show clear-flow Description Displays the status of the CLEAR-Flow agent, any CLEAR-Flow policies on each interface, and the number of CLEAR-Flow rules. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following display shows output for the command show clear-flow...
Page 885: Show Clear-Flow Acl-Modified
show clear-flow acl-modified show clear-flow acl-modified show clear-flow acl-modified Description Displays the ACLs modified by CLEAR-Flow actions. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This command displays the ACLs that have been modified by CLEAR-Flow rules that have been triggered.
Page 886: Show Clear-Flow Rule
CLEAR-Flow Commands show clear-flow rule show clear-flow [port <port> | vlan <vlanname> | any] {rule <rulename>} {detail} Description Displays the CLEAR-Flow rules, values, and configuration. Syntax Description port Specifies the port. vlanname Specifies the VLAN. Specifies the wildcard interface. rulename Specifies the entry name of a CLEAR-Flow rule.
Page 887 show clear-flow rule The following display shows output for the command show clear-flow port 2:6 rule rule-delta detail Rule Name: rule-delta Sample Period: 30 Hysteresis: 20 ================================================================================ DELTA(counter1) = 0 sampled at 24 seconds ago Expression evaluation is currently FALSE if (DELTA(counter1) >...
Page 888: Show Clear-Flow Rule-All
CLEAR-Flow Commands show clear-flow rule-all show clear-flow rule-all Description Displays all the CLEAR-Flow rules on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following display shows output for the command show clear-flow rule-all Policy Name Vlan Name...
Page 889 show clear-flow rule-all History This command was first available in ExtremeWare XOS 11.1. Platform Availability This command is available on the BlackDiamond 10K platform only. ExtremeWare XOS 11.3 Command Reference...
Page 890: Show Clear-Flow Rule-Triggered
CLEAR-Flow Commands show clear-flow rule-triggered show clear-flow rule-triggered Description Displays the triggered CLEAR-Flow rules. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This command displays the rules that have been triggered; in other words, the rule threshold has been reached.
Page 891: Chapter 18: Eaps Commands
EAPS Commands This chapter describes commands for configuring and monitoring Ethernet Automatic Protection Switching (EAPS). The EAPS protocol provides fast protection switching to layer 2 switches interconnected in an Ethernet ring topology, such as a metropolitan area network (MAN) or large campuses. EAPS protection switching is similar to what can be achieved with the Spanning Tree Protocol (STP), but offers the advantage of converging in less than a second when a link in the ring breaks.
Page 892 EAPS Commands The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch ship with an Advanced Edge license. To use the complete EAPS functionality, including running two or more EAPS rings, having a switch belonging to multiple EAPS rings, or configuring shared-ports that allow multiple EAPS domains to share a common link, you must have a Core software license.
Page 893: Configure Eaps Add Control Vlan
● NOTE Extreme Networks recommends assigning the control VLAN a QoS profile of Qp8 with the QoS profile priority setting of HighHi to ensure that EAPS control VLAN traffic is serviced prior to other traffic and reaches its intended destination.
Page 894 EAPS Commands Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 895: Configure Eaps Add Protect Vlan
configure eaps add protect vlan configure eaps add protect vlan configure eaps <name> add protect vlan <vlan_name> Description Adds the specified protected VLAN to the specified EAPS domain. Syntax Description name Specifies the name of an EAPS domain. vlan_name Specifies the name of the protected VLAN. Default N/A.
Page 896: Configure Eaps Delete Control Vlan
EAPS Commands configure eaps delete control vlan configure eaps <name> delete control vlan <vlan_name> Description Deletes the specified control VLAN from the specified EAPS domain. Syntax Description name Specifies the name of an EAPS domain. vlan_name Specifies the name of the control VLAN. Default N/A.
Page 897: Configure Eaps Delete Protect Vlan
configure eaps delete protect vlan configure eaps delete protect vlan configure eaps <name> delete protect vlan <vlan_name> Description Deletes the specified protected VLAN from the specified EAPS domain. Syntax Description name Specifies the name of an EAPS domain. vlan_name Specifies the name of the protected VLAN. Default N/A.
Page 898: Configure Eaps Failtime
EAPS Commands configure eaps failtime configure eaps <name> failtime <seconds> Description Configures the value of the failtimer the master node uses for EAPS health-check packets. Syntax Description name Specifies the name of an EAPS domain. seconds Specifies the number of seconds the master node waits to receive a health- check packet before the failtimer expires.
Page 899 configure eaps failtime Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 900: Configure Eaps Failtime Expiry-Action
EAPS Commands configure eaps failtime expiry-action configure eaps <name> failtime expiry-action [open-secondary-port | send- alert] Description Configures the action taken when the failtimer expires. Syntax Description name Specifies the name of an EAPS domain. open-secondary-port Specifies to open the secondary port when the failtimer expires. send-alert Specifies that a critical message is sent to the syslog when the failtimer expires.
Page 901 configure eaps failtime expiry-action Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 902: Configure Eaps Fast-Convergence
EAPS Commands configure eaps fast-convergence configure eaps fast-convergence [off | on] Description Enables EAPS to converge more quickly. Syntax Description Turns fast-convergence off. Default is off. Turns fast-convergence on. Default Default is off. Usage Guidelines This command acts on the switch, not per domain. In certain environments to keep packet loss to a minimum when the ring is broken, configure EAPS with fast-convergence turned on.
Page 903 configure eaps fast-convergence History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 904: Configure Eaps Hellotime
EAPS Commands configure eaps hellotime configure eaps <name> hellotime <seconds> Description Configures the value of the hello timer the master node uses for the EAPS health-check packet. Syntax Description name Specifies the name of an EAPS domain. seconds Specifies the number of seconds to wait between transmission of the health- check packets on the control VLAN.
Page 905 configure eaps hellotime Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 906: Configure Eaps Mode
EAPS Commands configure eaps mode configure eaps <name> mode [master | transit] Description Configures the switch as either the EAPS master node or as an EAPS transit node for the specified domain. Syntax Description name Specifies the name of an EAPS domain. master Specifies that this switch should be the master node for the named EAPS domain.
Page 907: Configure Eaps Name
N/A. Usage Guidelines If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.
Page 908: Configure Eaps Port
EAPS Commands configure eaps port configure eaps <name> [primary | secondary] port <ports> Description Configures a node port as the primary or secondary port for the specified EAPS domain. Syntax Description name Specifies the name of an EAPS domain. primary Specifies that the port is to be configured as the primary port.
Page 909 configure eaps port History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 910: Configure Eaps Shared-Port Link-Id
EAPS Commands configure eaps shared-port link-id configure eaps shared-port <ports> link-id <id> Description Configures the link ID of the shared port. Syntax Description ports Specifies the port number of the common link port. Specifies the link ID of the port. Default N/A.
Page 911: Configure Eaps Shared-Port Mode
configure eaps shared-port mode configure eaps shared-port mode configure eaps shared-port <ports> mode <controller | partner> Description Configures the mode of the shared port. Syntax Description ports Specifies the port number of the shared port. controller Specifies the controller mode. The controller is the end of the common link responsible for blocking ports when the common link fails thereby preventing the superloop.
Page 912: Configure Eaps Shared-Port Segment-Timeout Expiry-Action
Opening a blocked port in this situation would create a loop. The following describes some general recommendations for using this command: When you configure your Extreme Networks switches as the partner and controller, respectively, ● make sure that their segment timer configurations are identical.
Page 913 If you have a network containing non-Extreme Networks switches, set the segment-timeout expiry ● action to segment-down The following events may cause a ring segment failure: There is a hardware failure.
Page 914: Create Eaps
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.
Page 915: Create Eaps Shared-Port
create eaps shared-port create eaps shared-port create eaps shared-port <ports> Description Creates an EAPS shared port on the switch. Syntax Description ports Specifies the port number of the common link port. Default N/A. Usage Guidelines To configure a common link, you must create a shared port on each switch on either end of the common link.
Page 916: Delete Eaps
EAPS Commands delete eaps delete eaps <name> Description Deletes the EAPS domain with the specified name. Syntax Description name Specifies the name of an EAPS domain to be deleted. Default N/A. Usage Guidelines None. Example The following command deletes EAPS domain eaps_1: delete eaps eaps_1 History This command was first available in ExtremeWare XOS 11.0.
Page 917: Delete Eaps Shared-Port
delete eaps shared-port delete eaps shared-port delete eaps shared-port <ports> Description Deletes an EAPS shared port on a switch. Syntax Description ports Specifies the port number of the Common Link port. Default N/A. Usage Guidelines None. Example The following command deletes shared port 1:1. delete eaps shared-port 1:1 History This command was first available in ExtremeWare XOS 11.1.
Page 918: Disable Eaps
EAPS Commands disable eaps disable eaps {<name>} Description Disables the EAPS function for a named domain or for an entire switch. Syntax Description name Specifies the name of an EAPS domain. Default Disabled for the entire switch. Usage Guidelines None. Example The following command disables the EAPS function for entire switch: disable eaps...
Page 919: Enable Eaps
enable eaps enable eaps enable eaps {<name>} Description Enables the EAPS function for a named domain or for an entire switch. Syntax Description name Specifies the name of an EAPS domain. Default Disabled. Default command enables EAPS for the entire switch. Usage Guidelines NOTE If you use the same name across categories (for example, STPD and EAPS names), you must specify the identifying...
Page 920 EAPS Commands Example The following command enables the EAPS function for entire switch: enable eaps The following command enables the EAPS function for the domain “eaps-1”: enable eaps eaps-1 History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms.
Page 921: Show Eaps
show eaps show eaps show eaps {<eapsDomain>} {detail} Description Displays EAPS status information. Syntax Description eapsDomain Specifies the name of an EAPS domain. detail Specifies all available detail for each domain. Default N/A. Usage Guidelines If you enter the command without a keyword, the command displays less than with the show eaps keyword.
Page 922 EAPS Commands State: On a transit node, the command displays one of the following states: • Idle—The EAPS domain has been enabled, but the configuration is not complete. • Links-Up—This EAPS domain is running, and both its ports are up and in the FORWARDING state.
Page 923 show eaps Hello Timer interval: The configured value of the timer in seconds, specifying the time that the master node waits between transmissions of health check packets. Fail Timer interval: The configured value of the timer in seconds, specifying the time that the master node waits before the failtimer expires.
Page 924 EAPS Commands p_10 p_11 p_12 p_13 p_14 p_15 p_16 p_17 p_18 p_19 p_20 p_21 p_22 p_23 p_24 p_25 p_26 p_27 p_28 p_29 p_30 NOTE You may see a slightly different display, depending on whether you display the master node or the transit node. The display from the command shows all the information shown in the show eaps detail...
Page 925: Show Eaps Shared-Port
show eaps shared-port show eaps shared-port show eaps shared-port {<port>} {detail} Description Displays shared-port information for one or more EAPS domains. Syntax Description port Specifies a shared-port. detail Specifies to display the status of all segments and VLANs. Default N/A. Usage Guidelines If you enter the command without the...
Page 926 EAPS Commands The following table describes the significant fields and values in the display output of the show eaps commands: shared-port {<port>} {detail} Field Description Shared Port Displays the port number of the shared port. Mode Indicates whether the switch on either end of the common link is a controller or partner.
Page 927 show eaps shared-port Field Description Segment Timer expiry action • Segment down—Specifies that if the controller or partner switch detect a down segment, that segment stays down and a query is not sent through the ring. The switch marks the segment status as "Down."...
Page 928 EAPS Commands Example The following command displays shared-port information for an EAPS shared port instance configured as a partner while it is in the ready state: show eaps shared-port EAPS shared-port count: 1 -------------------------------------------------------------------------------- Link Domain Vlan Shared-port Mode Up State count count Nbr State --------------------------------------------------------------------------------...
Page 929 show eaps shared-port Vlan: p_1, Vlan-port count: 2, Active Open: None Segment Port Virtual-port Status Blocked 2:11 Open History This command was first available in ExtremeWare XOS 11.1. Platform Availability This command is available on all platforms with a Core or an Advanced Core license. ExtremeWare XOS 11.3 Command Reference...
Page 930: Show Vlan Eaps
EAPS Commands show vlan eaps show vlan <vlan_name> eaps Description Displays the EAPS configuration (control, partner, or not added to an EAPS domain) of a specific VLAN. Syntax Description vlan_name Specifies a VLAN name. Default N/A. Usage Guidelines Use this command to see if the specified VLAN is associated with an EAPS domain. The output of this command displays whether the VLAN is a control or partner VLAN for an EAPS domain.
Page 931 show vlan eaps The following command displays information about the VLAN default not participating in EAPS: show vlan default eaps The following is sample output from this command: Vlan has not been added to any EAPS domain History This command was first available in ExtremeWare XOS 11.0 Platform Availability This command is available on all platforms.
Page 932: Unconfigure Eaps Shared-Port Link-Id
EAPS Commands unconfigure eaps shared-port link-id unconfigure eaps shared-port <ports> link-id Description Unconfigures an EAPS link ID on a shared port on the switch. Syntax Description ports Specifies the port number of the Common Link port. Default N/A. Usage Guidelines None.
Page 933: Unconfigure Eaps Shared-Port Mode
unconfigure eaps shared-port mode unconfigure eaps shared-port mode unconfigure eaps shared-port <ports> mode Description Unconfigures the EAPS shared port mode. Syntax Description ports Specifies the port number of the Common Link port. Default N/A. Usage Guidelines None. Example The following command unconfigures the shared port mode on port 1:1. unconfigure eaps shared-port 1:1 mode History This command was first available in ExtremeWare XOS 11.1.
Page 934: Unconfigure Eaps Port
EAPS Commands unconfigure eaps port unconfigure eaps <name> [primary | secondary] port Description Sets the specified port’s internal configuration state to INVALID. Syntax Description name Specifies the name of an EAPS domain. primary Specifies that the primary port should be unconfigured. secondary Specifies that the secondary port should be unconfigured.
Page 935: Chapter 19: Stp Commands
STP Commands This chapter describes commands for: Creating, configuring, enabling, and disabling Spanning Tree Protocol (STP) on the switch ● Enabling and disabling Rapid Spanning Tree Protocol (RSTP) on the switch ● Displaying and resetting STP settings on the switch ●...
Page 936: Encapsulation Modes
STP Commands Member VLANs When you add a VLAN to an STPD, that VLAN becomes a member of the STPD. The two types of member VLANs in an STPD are: Carrier ● Protected ● Carrier VLAN. A carrier VLAN defines the scope of the STPD, which includes the physical and logical ports that belong to the STPD and the 802.1Q tag used to transport Extreme Multiple Instance Spanning Tree Protocol (EMISTP) or Per VLAN Spanning Tree (PVST+) encapsulated Bridge Protocol Data Units (BPDUs).
Page 937: Stp Rules And Restrictions
Extreme Multiple Instance Spanning Tree Protocol (EMISTP) mode ● EMISTP mode is proprietary to Extreme Networks and is an extension of STP that allows a physical port to belong to multiple STPDs by assigning the port to multiple VLANs. EMISTP adds significant flexibility to STP network design.
Page 938: Clear Counters Stp
STP Commands clear counters stp clear counters stp {[all | diagnostics | domains | ports]} Description Clears, resets all STP statistics and counters. Syntax Description Specifies all STP domain, port, and diagnostics counters. diagnostics Specifies STP diagnostics counters. domains Specifies STP domain counters. ports Specifies STP port counters.
Page 939 clear counters stp Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 940: Configure Stpd Add Vlan
STP Commands configure stpd add vlan configure stpd <stpd_name> add vlan <vlan_name> ports [all | <port_list>] {[dot1d | emistp | pvst-plus]} Description Adds all ports or a list of ports within a VLAN to a specified STPD. Syntax Description stpd_name Specifies an STPD name on the switch.
Page 941 Naming Conventions. If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keywords are optional.
Page 942 STP Commands Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 943: Configure Stpd Default-Encapsulation
Naming Conventions. If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword is optional.
Page 944 STP Commands NOTE These encapsulation modes are for STP ports, not for physical ports. When a physical port belongs to multiple STPDs, it is associated with multiple STP ports. It is possible for the physical port to run in different modes for different domains for which it belongs.
Page 945: Configure Stpd Delete Vlan
N/A. Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keywords are optional.
Page 946: Configure Stpd Forwarddelay
The default forward delay time is 15 seconds. Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword is optional.
Page 947: Configure Stpd Hellotime
The default hello time is 2 seconds. Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword is optional.
Page 948: Configure Stpd Maxage
The default maximum age of a BPDU is 20 seconds. Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword is optional.
Page 949: Configure Stpd Mode
The STPD operates in 802.1d mode. Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword is optional.
Page 950: Configure Stpd Ports Cost
The default port cost for trunked ports is dynamically calculated based on the available bandwidth. Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword is optional.
Page 951 configure stpd ports cost Example The following command configures a cost of 100 to slot 2, ports 1 through 5 in STPD s0: configure stpd s0 ports cost 100 2:1-2:5 History This command was available in ExtremeWare XOS 10.1. option was added in ExtremeWare XOS 11.0. auto Platform Availability This command is available on all platforms.
Page 952: Configure Stpd Ports Link-Type
All ports are broadcast link types. Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword is optional.
Page 953 configure stpd ports link-type between several switches operating in 802.1w mode with auto links, the non-STP switch may negotiate full-duplex even though the broadcast domain extends over several STP devices. If the switch operates in 802.1D mode, any configured port link type will behave the same as the broadcast link type.
Page 954: Configure Stpd Ports Mode
Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword is optional.
Page 955 configure stpd ports mode Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 956: Configure Stpd Ports Priority
The default setting is 16. Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword is optional.
Page 957: Configure Stpd Priority
The default priority is 32,768. Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword is optional.
Page 958: Configure Stpd Tag
N/A. Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword is optional.
Page 959: Configure Vlan Add Ports Stpd
configure vlan add ports stpd configure vlan add ports stpd configure vlan <vlan_name> add ports [all | <port_list>] {tagged | untagged} {nobroadcast} stpd <stpd_name> {[dot1d | emistp | pvst-plus]} Description Adds one or more ports in a VLAN to a specified STPD. Syntax Description vlan_name Specifies a VLAN name.
Page 960 Naming Conventions. If your VLAN has the same name as another component, for example an STPD, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your VLAN has a name unique only to that VLAN, the keywords are optional.
Page 961: Create Stpd
You can, however, re-use names across multiple categories of switch configuration. For example, you can use the name Test for an STPD and a VLAN. If you use the same name, Extreme Networks recommends that you specify the appropriate keyword when configuring the STPD. If you do not...
Page 962 STP Commands To view the names of the STPDs on the switch, enter and press [Tab]. Scroll to the end of the configure output to view the names. Each STPD has its own Root Bridge and active path. After the STPD is created, one or more VLANs can be assigned to it.
Page 963: Delete Stpd
N/A. Usage Guidelines If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If you do not specify the keyword, an error message similar to the following is displayed:...
Page 964: Disable Stpd
STP Commands disable stpd disable stpd {<stpd_name>} Description Disables the STP protocol on a particular STPD or for all STPDs. Syntax Description stpd_name Specifies an STPD name on the switch. Default Disabled. Usage Guidelines After you have created the STPD with a unique name, the keyword is optional.
Page 965: Disable Stpd Auto-Bind
disable stpd auto-bind disable stpd auto-bind disable stpd <stpd_name> auto-bind vlan <vlan_name> Description Disables the ability to automatically add ports to an STPD when they are added to a member VLAN. Syntax Description stpd_name Specifies an STPD name on the switch. vlan_name Specifies the name of a member VLAN with autobind enabled.
Page 966: Disable Stpd Ports
STP Commands disable stpd ports disable stpd <stpd_name> ports [all | <port_list>] Description Disables STP on one or more ports for a given STPD. Syntax Description stpd_name Specifies an STPD name on the switch. Specifies all ports for a given STPD. port_list Specifies one or more ports or slots and ports.
Page 967: Disable Stpd Rapid-Root-Failover
disable stpd rapid-root-failover disable stpd rapid-root-failover disable stpd <stpd_name> rapid-root-failover Description Disables rapid root failover for STP recovery times. Syntax Description stpd_name Specifies an STPD name on the switch. Default Disabled. Usage Guidelines After you have created the STPD with a unique name, the keyword is optional.
Page 968: Enable Stpd
STP Commands enable stpd enable stpd {<stpd_name>} Description Enables the STP protocol for one or all STPDs. Syntax Description stpd_name Specifies an STPD name on the switch. Default Disabled. Usage Guidelines If you want to enable the STP protocol for all STPDs, do not specify an STPD name. Example The following command enables an STPD named Backbone_st: enable stpd backbone_st...
Page 969: Enable Stpd Auto-Bind
enable stpd auto-bind enable stpd auto-bind enable stpd <stpd_name> auto-bind vlan <vlan_name> Description Automatically adds ports to an STPD when ports are added to a member VLAN. Syntax Description stpd_name Specifies an STPD name on the switch. vlan_name Specifies the name of the VLAN to have autobind enabled. Default The autobind feature is disabled on user-created STPDs.
Page 970 STP Commands To view STP configuration status of the ports on a VLAN, use the following command: show vlan <vlan_name> stpd Example To automatically add ports to an STPD and expand the boundary of the STPD, you must complete the following tasks: Create the carrier VLAN.
Page 971: Enable Stpd Ports
enable stpd ports enable stpd ports enable stpd <stpd_name> ports [all | <port_list>] Description Enables the STP protocol on one or more ports. Syntax Description stpd_name Specifies an STPD on the switch. Specifies all ports for a given STPD. port_list Specifies one or more ports or slots and ports.
Page 972: Enable Stpd Rapid-Root-Failover
STP Commands enable stpd rapid-root-failover enable stpd <stpd_name> rapid-root-failover Description Enables rapid root failover for faster STP recovery times. Syntax Description stpd_name Specifies an STPD name on the switch. Default Disabled. Usage Guidelines If you create an STPD with a unique name, the keyword is optional.
Page 973: Show Stpd
STP parameters are adequate for most networks. If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If you do not specify the...
Page 974 STP Commands If your STPD has a name unique only to that STPD, the keyword is optional. stpd Example The following command displays STPD settings on an STPD named Backbone_st: show stpd backbone_st The following is sample output from this command: Stpd: backbone_st Stp: ENABLED Number of Ports: 51 Rapid Root Failover:...
Page 975: Show Stpd Ports
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If you do not specify the...
Page 976 STP Commands Example The following command displays the state of slot 3, ports 1 through 3 on an STPD named s0: show stpd S0 ports 3:1-3:3 The following is sample output from this command: Port Mode State Cost Flags Priority Port ID Designated Bridge 802.1D FORWARDING 100 e------- 16 16641...
Page 977: Show Vlan Stpd
Operational port link type ● If your VLAN has the same name as another component, for example an STPD, Extreme Networks recommends that you specify the identifying keyword as well as the name. If you do not specify the keyword, the switch displays an error message similar to the following:...
Page 978 STP Commands If your VLAN has a name unique only to that VLAN, the keyword is optional. vlan Example The following command displays the spanning tree configurations for the vlan Default: show vlan default stpd The following is sample output from this command: s0(enabled) Tag: (none) Ports: 8 Root/P/C: 80:00:00:01:30:94:79:00/-----/0...
Page 979: Unconfigure Stpd
unconfigure stpd unconfigure stpd unconfigure stpd {<stpd_name>} Description Restores default STP values to a particular STPD or all STPDs. Syntax Description stpd_name Specifies an STPD name on the switch. Default N/A. Usage Guidelines If you create an STPD with a unique name, the keyword is optional.
Page 980: Unconfigure Stpd Ports Link-Type
STP Commands unconfigure stpd ports link-type unconfigure stpd <stpd_name> ports link-type <port_list> Description Returns the specified port to the factory default setting of broadcast link. Syntax Description stpd_name Specifies an STPD name on the switch. port_list Specifies one or more ports or slots and ports. Default All ports are broadcast link types.
Page 981: Chapter 20: Esrp Commands
ID. As previously described, the domain ID must be identical on all switches participating in ESRP for that particular domain. Extreme Networks recommends that all switches participating in ESRP run the same version of ExtremeWare XOS. Not all ESRP features are available in all ExtremeWare XOS software releases.
Page 982: Esrp Modes Of Operation
ExtremeWare XOS operates in extended mode. ESRP-Aware Switches Extreme Networks switches that are not actively participating in ESRP but are connected on a network that has other Extreme Networks switches running ESRP are ESRP-aware. When ESRP-aware switches are attached to ESRP-enabled switches, the ESRP-aware switches reliably perform failover and failback scenarios in the prescribed recovery times.
Page 983: Clear Esrp Counters
clear esrp counters clear esrp counters clear esrp counters Description Clears the statistics gathered by ESRP for all ESRP domains on the switch. Syntax Description This command has no arguments or variables. Default None. Usage Guidelines Use this command to clear the state transition and the protocol packet counters gathered by ESRP. The state transition count displays the number of times the ESRP domain entered the following states: Aware—An Extreme switch that does not participate in ESRP elections but is capable of listening to ●...
Page 984 ESRP Commands Example The following command clears the statistics gathered by ESRP: clear esrp counters History This command was first available in ExtremeWare XOS 11.0. Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 985: Clear Esrp Neighbor
clear esrp neighbor clear esrp neighbor clear esrp <esrpDomain> neighbor Description Clears the neighbor information for the specified ESRP domain. Syntax Description esrpDomain Specifies the name of an ESRP domain. Default N/A. Usage Guidelines If you add a new switch to your ESRP domain, use this command to clear the existing neighbor information for the ESRP domain.
Page 986: Clear Esrp Sticky
ESRP Commands clear esrp sticky clear esrp <esrpDomain> sticky Description Clears the stickiness in the ESRP domain and forces the election of the ESRP master switch. Syntax Description esrpDomain Specifies the name of an ESRP domain. Default N/A. Usage Guidelines Use the command to force the election of the ESRP master switch.
Page 987 clear esrp sticky Platform Availability This command is available on all platforms. ExtremeWare XOS 11.3 Command Reference...
Page 988: Configure Esrp Add Elrp-Poll Ports
ESRP Commands configure esrp add elrp-poll ports configure esrp <esrpDomain> add elrp-poll ports [<ports> | all] Description Configures the ports of an ESRP domain where ELRP packet transmission is requested by ESRP. Syntax Description esrpDomain Specifies an ESRP domain name. ports Specifies list of slots and ports.
Page 989: Configure Esrp Add Master
configure esrp add master configure esrp add master configure esrp <esrpDomain> add master <vlan_name> Description Adds a master VLAN to an ESRP domain. Syntax Description esrpDomain Specifies the name of an ESRP domain. vlan_name Specifies the name of the master VLAN. Default N/A.
Page 990: Configure Esrp Add Member
ESRP Commands configure esrp add member configure esrp <esrpDomain> add member <vlan_name> Description Adds a member VLAN to an ESRP domain. Syntax Description esrpDomain Specifies the name of an ESRP domain. vlan_name Specifies the name of the member VLAN. Default N/A.
Page 991: Configure Esrp Add Track-Environment
configure esrp add track-environment configure esrp add track-environment configure esrp <esrpDomain> add track-environment failover <priority> Description Configures an ESRP domain to track environmental failures. Syntax Description esrpDomain Specifies an ESRP domain name. priority Specifies a number between 0 and 254. The default priority is 255. See the following "Usage Guidelines"...
Page 992: Configure Esrp Add Track-Iproute
ESRP Commands configure esrp add track-iproute configure esrp <esrpDomain> add track-iproute <ipaddress>/<masklength> Description Configures an ESRP domain to track a route entry in the system’s routing table. Syntax Description esrpDomain Specifies an ESRP domain name. ipaddress Specifies the IP address of the route entry to be tracked. masklength Specifies the subnet of the route entry to be tracked.
Page 993: Configure Esrp Add Track-Ping
configure esrp add track-ping configure esrp add track-ping configure esrp <esrpDomain> add track-ping <ipaddress> frequency <seconds> miss <misses> Description Configures an ESRP domain to track an external gateway using ping. Syntax Description esrpDomain Specifies an ESRP domain name. ipaddress Specifies the IP address of the external gateway. seconds Specifies the interval in seconds between ping requests.
Page 994: Configure Esrp Add Track-Vlan
ESRP Commands configure esrp add track-vlan configure esrp <esrpDomain> add track-vlan <vlan_name> Description Configures an ESRP domain to track port connectivity to a specified VLAN. Syntax Description esrpDomain Specifies an ESRP domain name. vlan_name Specifies the VLAN to be tracked. Default Disabled.
Page 995: Configure Esrp Delete Elrp-Poll Ports
configure esrp delete elrp-poll ports configure esrp delete elrp-poll ports configure esrp <esrpDomain> delete elrp-poll ports [<ports> | all] Description Disables ELRP packet transmission on ports of an ESRP domain. Syntax Description esrpDomain Specifies an ESRP domain name. ports Specifies list of slots and ports in the ESRP domain. Specifies all ports in the ESRP domain.
Page 996: Configure Esrp Delete Master
ESRP Commands configure esrp delete master configure esrp <esrpDomain> delete master <vlan_name> Description Deletes the specifies master VLAN from the specified ESRP domain. Syntax Description esrpDomain Specifies the name of an ESRP domain. vlan_name Specifies the name of the master VLAN. Default N/A.
Page 997: Configure Esrp Delete Member
configure esrp delete member configure esrp delete member configure esrp <esrpDomain> delete member <vlan_name> Description Deletes a member VLAN from the specified ESRP domain. Syntax Description esrpDomain Specifies the name of an ESRP domain. vlan_name Specifies the name of the member VLAN. Default N/A.
Page 998: Configure Esrp Delete Track-Environment
ESRP Commands configure esrp delete track-environment configure esrp <esrpDomain> delete track-environment Description Disables environmental failure tracking for an ESRP domain. Syntax Description esrpDomain Specifies an ESRP domain name. Default No environmental tracking. Usage Guidelines None. Example The following command disables environmental failure tracking for ESRP domain esrp1: configure esrp esrp1 delete track-environment History This command was first available in ExtremeWare XOS 11.0.
Page 999: Configure Esrp Delete Track-Iproute
configure esrp delete track-iproute configure esrp delete track-iproute configure esrp <esrpDomain> delete track-iproute <ipaddress>/<masklength> Description Disables route entry tracking for an ESRP domain. Syntax Description esrpDomain Specifies an ESRP domain name. ipaddress Specifies the IP address of the route entry to be tracked. masklength Specifies the subnet of the route entry to be tracked.
Page 1000: Configure Esrp Delete Track-Ping
ESRP Commands configure esrp delete track-ping configure esrp <esrpDomain> delete track-ping <ipaddress> Description Disables the tracking of an external gateway using ping. Syntax Description esrpDomain Specifies an ESRP domain name. ipaddress Specifies the IP address of the external gateway. Default No ping tracking.

This manual is also suitable for:

Extremeware xos 11.3