Extreme Networks ExtremeWare Command Reference Manual
  1. Manuals
  2. Brands
  3. Extreme Networks Manuals
  4. Software
  5. ExtremeWare Command
  6. Command reference manual
Extreme Networks ExtremeWare Command Reference Manual

Extreme Networks ExtremeWare Command Reference Manual

Version 7.0.0
Hide thumbs Also See for ExtremeWare:
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
Table of Contents

Advertisement

Quick Links

Download this manual See also: Command Reference Manual
ExtremeWare
Software
Command Reference Guide
Software Version 7.0.0
Extreme Networks, Inc.
3585 Monroe Street
Santa Clara, California 95051
(888) 257-3000
http://www.extremenetworks.com
Published: December 2002
Part number: 100115-00 rev 04

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the ExtremeWare and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Extreme Networks ExtremeWare

Summary of Contents for Extreme Networks ExtremeWare

  • Page 1 ™ ExtremeWare Software Command Reference Guide Software Version 7.0.0 Extreme Networks, Inc. 3585 Monroe Street Santa Clara, California 95051 (888) 257-3000 http://www.extremenetworks.com Published: December 2002 Part number: 100115-00 rev 04...
  • Page 2 Chassis, SummitLink, SummitGbX, SummitRPS and the Extreme Networks logo are trademarks of Extreme Networks, Inc., which may be registered or pending registration in certain jurisdictions. The Extreme Turbodrive logo is a service mark of Extreme Networks, which may be registered or pending registration in certain jurisdictions. Specifications are subject to change without notice.

  • Page 3: Table Of Contents

    Contents Preface Chapter 1 Command Reference Overview Chapter 2 Commands for Accessing the Switch clear session config account config banner config banner netlogin config dns-client add config dns-client add domain-suffix config dns-client add name-server config dns-client default-domain config dns-client delete config dns-client delete domain-suffix config dns-client delete name-server config idletimeouts...
  • Page 4 enable license history reboot show accounts pppuser show banner show dns-client show switch traceroute Chapter 3 Commands for Managing the Switch config snmp access-profile readonly config snmp access-profile readwrite config snmp add config snmp add community config snmp add trapreceiver config snmp community config snmp delete config snmp delete community...
  • Page 5 enable dhcp ports vlan enable snmp access enable snmp dot1dTpFdbTable enable snmp traps enable snmp traps port-up-down enable snmp traps mac-security enable sntp-client enable system-watchdog enable telnet enable web exit logout quit show management show odometer show session show sntp-client show vlan dhcp-address-allocation vlan show vlan dhcp-config vlan telnet...
  • Page 6 config ports link-detection-level config ports redundant config sharing address-based config slot disable edp ports disable flooding ports disable jumbo-frame ports disable lbdetect port disable learning ports disable mirroring disable ports disable sharing disable slot disable smartredundancy enable edp ports enable flooding ports enable jumbo-frame ports enable lbdetect port enable learning ports...
  • Page 7 show sharing address-based show slot unconfig ports display string unconfig ports redundant unconfig slot Chapter 5 VLAN Commands config dot1q ethertype config gvrp config mac-vlan add mac-address config mac-vlan delete config ports monitor vlan config protocol add config protocol delete config vlan add ports config vlan add ports loopback-vid config vlan delete port...
  • Page 8 unconfig ports monitor vlan unconfig vlan ipaddress Chapter 6 FDB Commands clear fdb config fdb agingtime create fdbentry vlan blackhole create fdbentry vlan dynamic create fdbentry vlan ports delete fdbentry run fdb-check show fdb Chapter 7 QoS Commands clear dlcs config diffserv examination code-point qosprofile ports config diffserv replacement priority config dot1p type...
  • Page 9 disable red ports enable diffserv examination ports enable diffserv replacement ports enable dlcs enable dot1p replacement ports enable isq vlan enable qosmonitor enable red ports show dlcs show dot1p show ports qosmonitor show qosprofile show qostype priority unconfig diffserv examination ports unconfig diffserv replacement ports unconfig qostype priority Chapter 8...
  • Page 10 config flow-redirect add next-hop config flow-redirect delete next-hop config flow-redirect service-check ftp config flow-redirect service-check http config flow-redirect service-check L4-port config flow-redirect service-check nntp config flow-redirect service-check ping config flow-redirect service-check pop3 config flow-redirect service-check smtp config flow-redirect service-check telnet config flow-redirect timer ping-check config flow-redirect timer service-check config flow-redirect timer tcp-port-check...
  • Page 11 config slb gogo-mode ping-check config slb gogo-mode service-check ftp config slb gogo-mode service-check http config slb gogo-mode service-check pop3 config slb gogo-mode service-check smtp config slb gogo-mode service-check telnet config slb gogo-mode service-check timer config slb gogo-mode tcp-port-check add config slb gogo-mode tcp-port-check delete config slb gogo-mode tcp-port-check timer config slb L4-port config slb node max-connections...
  • Page 12 delete slb pool delete slb vip disable flow-redirect disable slb disable slb 3dns disable slb failover disable slb failover manual-failback disable slb failover ping-check disable slb global synguard disable slb gogo-mode disable slb gogo-mode ping-check disable slb gogo-mode service-check disable slb gogo-mode tcp-port-check disable slb L4-port disable slb node disable slb node ping-check...
  • Page 13 enable slb L4-port enable slb node enable slb node ping-check enable slb node tcp-port-check enable slb proxy-client-persistence enable slb vip enable slb vip client-persistence enable slb vip service-check enable slb vip sticky-persistence enable slb vip svcdown-reset show flow-redirect show slb 3dns members show slb connections show slb esrp show slb failover...
  • Page 14 config flowstats source config flowstats timeout ports config log display config sys-health-check alarm-level config sys-health-check auto-recovery config syslog config syslog delete config sys-recovery-level disable cli-config-logging disable flowstats disable flowstats filter ports disable flowstats ping-check disable flowstats ports disable log display disable rmon disable sys-health-check disable syslog...
  • Page 15 show ports stats show ports txerrors show version unconfig flowstats filter unconfig flowstats ports Chapter 11 Security Commands config access-profile add config access-profile delete config access-profile mode config cpu-dos-protect config cpu-dos-protect trusted-ports config netlogin base-url config netlogin redirect-url config radius server config radius shared-secret config radius timeout config radius-accounting server...
  • Page 16 config tacacs-accounting timeout config vlan access-profile config vlan dhcp-address-range config vlan dhcp-lease-timer config vlan dhcp-options config vlan netlogin-lease-timer create access-list icmp destination source create access-list ip destination source ports create access-list tcp destination source ports create access-list udp destination source ports create access-profile create route-map delete access-list...
  • Page 17 enable netlogin session-refresh enable radius enable radius-accounting enable ssh2 enable tacacs enable tacacs-accounting enable tacacs-authorization scp2 scp2 configuration show access-list show access-list-fdb show access-list-monitor show access-profile show cpu-dos-protect show netlogin show netlogin ports show radius show radius-accounting show route-map show tacacs show tacacs-accounting ssh2 unconfig cpu-dos-protect...
  • Page 18 config eaps hellotime config eaps mode config eaps port config eaps name create eaps delete eaps disable eaps enable eaps show eaps show eaps summary unconfig eaps port Chapter 13 STP Commands config stpd add vlan config stpd delete vlan config stpd forwarddelay config stpd hellotime config stpd maxage...
  • Page 19 enable stpd rapid-root-failover enable stpd ports show stpd show stpd ports unconfig stpd Chapter 14 ESRP Commands config esrp port-mode ports config vlan add domain-member vlan config vlan add ports no-restart config vlan add ports restart config vlan add track-bgp config vlan add track-diagnostic config vlan add track-environment config vlan add track-iproute...
  • Page 20 enable esrp vlan show esrp show esrp-aware vlan show esrp vlan Chapter 15 VRRP Commands config vrrp add vlan config vrrp delete config vrrp vlan add config vrrp vlan authentication config vrrp vlan delete vrid config vrrp vlan vrid disable vrrp enable vrrp show vrrp show vrrp vlan stats...
  • Page 21 config iproute delete blackhole config iproute delete blackhole default config iproute delete default config iproute priority config iproute route-map config irdp config irdp config tcp-sync-rate config udp-profile add config udp-profile delete config vlan subvlan address range config vlan upd-profile config vlan secondary-ip config vlan subvlan create udp-profile delete udp-profile...
  • Page 22 disable ip-option use-router-alert disable iproute sharing disable irdp disable loopback-mode vlan disable multinetting disable subvlan-proxy-arp vlan disable udp-echo-server enable bootp vlan enable bootprelay enable icmp address-mask enable icmp parameter-problem enable icmp port-unreachables enable icmp redirects enable icmp time-exceeded enable icmp timestamp enable icmp unreachables enable icmp useredirects enable iparp checking...
  • Page 23 show iparp show iparp proxy show ipconfig show ipfdb show iproute show ipstats show udp-profile unconfig icmp unconfig iparp unconfig irdp unconfig udp-profile Chapter 17 IGP Commands clear isis adjacency clear isis lsdb config isis add area address config isis add vlan config isis area add domain-summary config isis area delete domain-summary config isis area domain-filter...
  • Page 24 config isis vlan priority config isis vlan timer config ospf cost config ospf priority config ospf virtual-link authentication password config ospf timer config ospf add virtual-link config ospf add vlan area config ospf add vlan area link-type config ospf area external-filter config ospf area interarea-filter config ospf area add range config ospf area delete range...
  • Page 25 config rip routetimeout config rip rxmode config rip txmode config rip updatetime config rip vlan cost config rip vlan export-filter config rip vlan import-filter config rip vlan trusted-gateway create isis area create ospf area delete isis area delete ospf area disable isis disable isis export disable isis ignore-attached-bit...
  • Page 26 enable ospf enable ospf capability opaque-lsa enable ospf export enable ospf export direct enable ospf export rip enable ospf export static enable ospf export vip enable ospf originate-default 1001 enable ospf originate-router-id 1002 enable rip 1003 enable rip aggregation 1004 enable rip export cost 1005 enable rip exportstatic...
  • Page 27 unconfig ospf 1029 unconfig rip 1030 Chapter 18 BGP Commands clear bgp neighbor counters 1033 clear bgp neighbor flap-statistics 1034 config bgp add aggregate-address 1036 config bgp add confederation-peer sub-AS-number 1038 config bgp add network 1039 config bgp AS-number 1040 config bgp cluster-id 1041 config bgp confederation-id...
  • Page 28 config bgp peer-group next-hop-self 1074 config bgp peer-group no-dampening 1076 config bgp peer-group route-reflector-client 1077 config bgp peer-group send-community 1078 config bgp peer-group as-path-filter 1079 config bgp peer-group nlri-filter 1080 config bgp peer-group password 1081 config bgp peer-group remote-AS-number 1082 config bgp peer-group route-map-filter 1083 config bgp peer-group soft-reset...
  • Page 29 enable bgp community format 1110 enable bgp export 1111 enable bgp neighbor 1113 enable bgp neighbor remove-private-AS-numbers 1114 enable bgp neighbor soft-in-reset 1115 enable bgp peer-group 1116 enable bgp synchronization 1117 show bgp 1118 show bgp neighbor 1119 show bgp peer-group 1121 show bgp routes 1122...
  • Page 30 config pim delete vlan 1148 config pim register-rate-limit-interval 1149 config pim register-suppress-interval register-probe-interval 1150 config pim register-checksum-to 1151 config pim spt-threshold 1152 config pim timer vlan 1153 config pim vlan trusted-gateway 1154 disable dvmrp 1155 disable dvmrp rxmode vlan 1156 disable dvmrp txmode vlan 1157 disable igmp...
  • Page 31 Chapter 20 IPX Commands config ipxmaxhops 1184 config ipxrip add vlan 1185 config ipxrip delete vlan 1186 config ipxrip vlan delay 1187 config ipxrip vlan export-filter 1188 config ipxrip vlan import-filter 1189 config ipxrip vlan max-packet-size 1190 config ipxrip vlan trusted-gateway 1191 config ipxrip vlan update-interval 1192...
  • Page 32 show ipxrip 1217 show ipxroute 1218 show ipxsap 1219 show ipxservice 1220 show ipxstats 1221 unconfig ipxrip 1222 unconfig ipxsap 1223 unconfig vlan xnetid 1224 xping 1225 Chapter 21 ARM Commands clear accounting counters 1229 config route-map set accounting-index 1 value 1230 config route-map set iphost-routing 1232...
  • Page 33 config aps delete 1258 config aps force 1259 config aps lockout 1260 config aps manual 1261 config aps timers 1262 config diffserv dscp-mapping ports 1263 config dot1q tagmapping ports 1265 config dot1q tagnesting ports 1267 config flowstats export add 1269 config flowstats export delete 1271 config flowstats filter ports...
  • Page 34 delete account pppuser 1301 delete aps 1302 disable aps 1303 disable red ports queue 1304 enable aps 1305 enable red ports queue 1306 show accounts pppuser 1307 show aps 1308 show flowstats 1310 show ppp 1312 show sonet 1314 unconfig aps 1315 unconfig diffserv dscp-mapping ports 1316...
  • Page 35 config ppp user 1340 config vlan add multilink 1341 config vlan delete multilink 1342 create account pppuser 1343 create multilink 1344 delete account pppuser 1345 delete multilink 1346 disable multilink 1347 disable ports loopback 1348 enable multilink 1349 enable ports loopback 1350 enable ports loopback remote 1351...
  • Page 36 config mpls delete tls-tunnel 1377 config mpls delete vlan 1378 config mpls ldp advertise 1379 config mpls ldp advertise vlan 1381 config mpls php 1382 config mpls propagate-ip-ttl 1383 config mpls qos-mapping 1385 config mpls rsvp-te add lsp 1387 config mpls rsvp-te add path 1388 config mpls rsvp-te add profile 1390...
  • Page 37 show mpls rsvp-te profile 1425 show mpls tls-tunnel 1426 unconfig mpls 1427 unconfig mpls 1428 unconfig mpls qos-mapping 1429 Appendix A Configuration and Image Commands config download server 1432 download bootrom 1433 download configuration 1434 download configuration cancel 1436 download configuration every 1437 download image 1438...
  • Page 38 config debug-trace bridge-learning 1468 config debug-trace bridging 1470 config debug-trace card-state-change 1472 config debug-trace dvmrp-cache 1473 config debug-trace dvmrp-hello 1475 config debug-trace dvmrp-message 1477 config debug-trace dvmrp-neighbor 1478 config debug-trace dvmrp-route 1479 config debug-trace dvmrp-timer 1481 config debug-trace eaps-system 1482 config debug-trace esrp-message 1484 config debug-trace esrp-state-change...
  • Page 39 config debug-trace ospf-hello 1522 config debug-trace ospf-lsa 1524 config debug-trace ospf-neighbor 1526 config debug-trace ospf-spf 1528 config debug-trace pim-cache 1531 config debug-trace pim-hello 1533 config debug-trace pim-message 1535 config debug-trace pim-neighbor 1537 config debug-trace pim-rp-mgmt 1539 config debug-trace rip-message 1541 config debug-trace rip-route-change 1542 config debug-trace rip-triggered-update...

  • Page 40: Index Of Commands

    show diagnostics slot fdb 1575 show system-dump 1576 show tech-support 1578 1580 unconfig system-dump 1585 upload system-dump 1586 Index of Commands 40 - Contents ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 41 ™ software running on either modular or stand-alone switches from Extreme Networks. This also includes commands that support specific modules such as the ARM, MPLS or PoS modules. This guide is intended for use as a reference by network administrators who are responsible for installing and setting up network equipment.

  • Page 42: Related Publications

    • ExtremeWare Software User Guide • ExtremeWare 7.0.0 Software Quick Reference Guide • Extreme Networks Consolidated Hardware Guide Documentation for Extreme Networks products is available on the World Wide Web at the following location: http://www.extremenetworks.com/ ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 43 ExtremeWare version 7.0.0. NOTE ExtremeWare 7.0.0 only supports Extreme Networks products that contain the “i” series chipset. For historical reasons, commands and command options supported in ExtremeWare 4.1 on switches based on the original Summit™ chipset are also included. This guide does not cover the Summit e-series switches.
  • Page 44 Command Reference Overview • Internet Packet Exchange (IPX) concepts • Server Load Balancing (SLB) concepts • Simple Network Management Protocol (SNMP) This guide also assumes that you have read the Installation and User Guide for your product. Structure of this Guide This guide documents each ExtremeWare command.

  • Page 45: Understanding The Command Syntax

    Understanding the Command Syntax Understanding the Command Syntax When entering a command at the prompt, ensure that you have the appropriate privilege level. Most configuration commands require you to have the administrator privilege level. You may see a variety of symbols shown as part of the command syntax. These symbols explain how to enter the command, and you do not type them as part of the command itself.

  • Page 46: Command Shortcuts

    Command Reference Overview Abbreviated Syntax Abbreviated syntax is the shortest unambiguous allowable abbreviation of a command or parameter. Typically, this is the first three letters of the command. If you do not enter enough letters to allow the switch to determine which command you mean, the syntax helper will provide a list of the options based on the portion of the command you have entered.
  • Page 47 Line-Editing Keys You can specify all ports on a particular slot. For example, port 3:* indicates all ports on slot 3. You can specify a range of slots and ports. For example, port 2:3-4:5 indicates slot 2, port 3 through slot 4, port 5. Stand-alone Switch Numerical Ranges Commands that require you to enter one or more port numbers on a stand-alone switch use the parameter...

  • Page 48: Command History

    Command Reference Overview Command History ExtremeWare “remembers” the last 49 commands you entered. You can display a list of these commands by using the following command: history ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 49 Commands for Accessing the Switch This chapter describes: • Commands used for accessing and configuring the switch including how to set up user accounts, passwords, date and time settings, and software licenses • Commands used for configuring the Domain Name Service (DNS) client •...

  • Page 50: Clear Session

    Commands for Accessing the Switch clear session clear session <number> Description Terminates a Telnet session from the switch. Syntax Description number Specifies a session number from show session output to terminate. Default N/A. Usage Guidelines An administrator-level account can disconnect a management session that has been established by way of a Telnet connection.

  • Page 51: Config Account

    config account config account config account <user account> {encrypted} {<password>} Description Configures a user account password. Syntax Description user account Specifies a user account name. encrypted This option is for use only by the switch when generating an ASCII configuration file. Specifies that the password should be encrypted when the configuration is uploaded to a file.
  • Page 52 Commands for Accessing the Switch Example The following command defines a new password for the account admin: config account admin The switch responds with a password prompt: password: Your keystrokes will not be echoed as you enter the new password. After you enter the password, the switch will then prompt you to reenter it.

  • Page 53: Config Banner

    config banner config banner config banner Description Configures the banner string that is displayed at the beginning of each login prompt of each session. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Press [Return] at the beginning of a line to terminate the command and apply the banner. To clear the banner, press [Return] at the beginning of the first line.

  • Page 54: Config Banner Netlogin

    Commands for Accessing the Switch config banner netlogin config banner netlogin Description Configures the network login banner that is displayed at the beginning of each login prompt of each session. Syntax Description This command has no arguments or variables. Default N/A.

  • Page 55: Config Dns-Client Add

    config dns-client add config dns-client add config dns-client add <ipaddress> Description Adds a DNS name server to the available server list for the DNS client. Syntax Description ipaddress Specifies an IP address. Default N/A. Usage Guidelines Up to three DNS name servers can be configured in ExtremeWare versions prior to 6.2.1. In ExtremeWare 6.2.1 and later, eight DNS name servers can be configured.

  • Page 56: Config Dns-Client Add Domain-Suffix

    Commands for Accessing the Switch config dns-client add domain-suffix config dns-client add domain-suffix <domain_name> Description Adds a domain name to the domain suffix list. Syntax Description domain_name Specifies a domain name. Default N/A. Usage Guidelines The domain suffix list can include up to six items. If the use of all previous names fails to resolve a name, the most recently added entry on the domain suffix list will be the last name used during name resolution.

  • Page 57: Config Dns-Client Add Name-Server

    config dns-client add name-server config dns-client add name-server config dns-client add name-server <ipaddress> Description Adds a DNS name server to the available server list for the DNS client. Syntax Description ipaddress Specifies an IP address. Default N/A. Usage Guidelines Up to three DNS name servers can be configured in ExtremeWare versions prior to 6.2.1. In ExtremeWare 6.2.1 and later, eight DNS name servers can be configured.

  • Page 58: Config Dns-Client Default-Domain

    Commands for Accessing the Switch config dns-client default-domain config dns-client default-domain <domain_name> Description Configures the domain that the DNS client uses if a fully qualified domain name is not entered. Syntax Description domain_name Specifies a default domain name. Default N/A. Usage Guidelines Sets the DNS client default domain name to .

  • Page 59: Config Dns-Client Delete

    config dns-client delete config dns-client delete config dns-client delete <ipaddress> Description Removes a DNS name server from the available server list for the DNS client. Syntax Description ipaddress Specifies an IP address. Default N/A. Usage Guidelines None Example The following command removes a DNS server from the list: config dns-client delete 10.1.2.1 History This command was first available in ExtremeWare 4.0.

  • Page 60: Config Dns-Client Delete Domain-Suffix

    Commands for Accessing the Switch config dns-client delete domain-suffix config dns-client delete domain-suffix <domain_name> Description Deletes a domain name from the domain suffix list. Syntax Description domain_name Specifies a domain name. Default N/A. Usage Guidelines This command randomly removes an entry from the domain suffix list. If the deleted item was not the last entry in the list, all items that had been added later are moved up in the list.

  • Page 61: Config Dns-Client Delete Name-Server

    config dns-client delete name-server config dns-client delete name-server config dns-client delete name-server <ipaddress> Description Removes a DNS name server from the available server list for the DNS client. Syntax Description ipaddress Specifies an IP address. Default N/A. Usage Guidelines None. Example The following command removes a DNS server from the list: config dns-client delete name-server 10.1.2.1...

  • Page 62: Config Idletimeouts

    Commands for Accessing the Switch config idletimeouts config idletimeouts <minutes> Description Configures the time-out for idle HTTP, console, and Telnet sessions. Syntax Description minutes Specifies the time-out interval, in minutes. Range is 1 to 240 (1 minute to 4 hours). Default Default time-out is 20 minutes.

  • Page 63: Config Time

    config time config time config time <date> <time> Description Configures the system date and time. Syntax Description date Specifies the date in mm/dd/yyyy format. time Specifies the time in hh:mm:ss format. Default N/A. Usage Guidelines The format for the system date and time is as follows: mm/dd/yyyy hh:mm:ss The time uses a 24-hour clock format.

  • Page 64: Config Timezone

    Commands for Accessing the Switch config timezone config timezone {name <std_timezone_ID>} <GMT_offset> {autodst {name <dst_timezone_ID>} {<dst_offset>} {begins [every <floatingday> | on <absoluteday>] {at <time_of_day>} {ends [every <floatingday> | on <absoluteday>] {at <time_of_day>}}} | noautodst} Description Configures the Greenwich Mean Time (GMT) offset and Daylight Saving Time (DST) preference. Syntax Description GMT_offset Specifies a Greenwich Mean Time (GMT) offset, in + or - minutes.
  • Page 65 config timezone Usage Guidelines Network Time Protocol (NTP) server updates are distributed using GMT time. To properly display the local time in logs and other timestamp information, the switch should be configured with the appropriate offset to GMT based on geographic location. is specified in +/- minutes from the GMT time.
  • Page 66 Commands for Accessing the Switch Table 5: Greenwich Mean Time Offsets (continued) GMT Offset GMT Offset in Hours in Minutes Common Time Zone References Cities -5:00 -300 EST - Eastern Standard Bogota, Columbia; Lima, Peru; New York, NY, Trevor City, MI USA -6:00 -360 CST - Central Standard...
  • Page 67 config timezone Example The following command configures GMT offset for Mexico City, Mexico and disables automatic DST: config timezone -360 noautodst The following four commands are equivalent, and configure the GMT offset and automatic DST adjustment for the US Eastern timezone, with an optional timezone ID of EST: config timezone name EST -300 autodst name EDT 60 begins every first sunday april at 2:00 ends every last sunday october at 2:00 config timezone name EST -300 autodst name EDT 60 begins every 1 1 4 at 2:00 ends...

  • Page 68: Create Account

    Commands for Accessing the Switch create account create account [admin | user] <username> {encrypted} {<password>} Description Creates a new user account. Syntax Description admin Specifies an access level for account type admin. user Specifies an access level for account type user. username Specifies a new user account name.
  • Page 69 create account For version 4.x and higher: • Admin-level users and users with RADIUS command authorization can use the create account command. For version 4.x: • User account name specifications are not available. • Passwords must have a minimum of 4 characters and can have a maximum of 12 characters. •...

  • Page 70: Delete Account

    Commands for Accessing the Switch delete account delete account <username> Description Deletes a specified user account. Syntax Description username Specifies a user account name. Default Usage Guidelines Use the command to determine which account you want to delete from the system. The show accounts show accounts output displays the following information in a tabular format: •...
  • Page 71 delete account Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 72: Disable Clipaging

    Commands for Accessing the Switch disable clipaging disable clipaging Description Disables pausing at the end of each show screen. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines The command line interface (CLI) is designed for use in a VT100 environment. Most command show output will pause when the display reaches the end of a page.

  • Page 73: Disable Idletimeouts

    disable idletimeouts disable idletimeouts disable idletimeouts Description Disables the timer that disconnects idle sessions from the switch. Syntax Description This command has no arguments or variables. Default Enabled. Timeout 20 minutes. Usage Guidelines When idle time-outs are disabled, console sessions remain open until the switch is rebooted or you logoff.

  • Page 74: Enable Clipaging

    Commands for Accessing the Switch enable clipaging enable clipaging Description Enables the pause mechanism and does not allow the display to print continuously to the screen. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines The command line interface (CLI) is designed for use in a VT100 environment. Most command show output will pause when the display reaches the end of a page.

  • Page 75: Enable Idletimeouts

    enable idletimeouts enable idletimeouts enable idletimeouts Description Enables a timer that disconnects Telnet and console sessions after 20 minutes of inactivity. Syntax Description This command has no arguments or variables. Default Enabled. Timeout 20 minutes. Usage Guidelines You can use this command to ensure that a Telnet, HTTP, or console session is disconnected if it has been idle for the required length of time.

  • Page 76: Enable License

    Commands for Accessing the Switch enable license enable license [basic_L3 | advanced_L3 | full_L3 ] <license_key> Description Enables a particular software feature license. Syntax Description basic_L3 Specifies a basic L3 license. (4.x only) advanced_L3 Specifies an advanced L3 license. (4.x only) full_L3 Specifies a full L3 license.

  • Page 77: History

    history history history Description Displays a list of the previous 49 commands entered on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines ExtremeWare “remembers” the last 49 commands you entered on the switch. Use the history command to display a list of these commands.

  • Page 78: Reboot

    Commands for Accessing the Switch reboot reboot {time <date> <time> | cancel} {slot <slot>} Description Reboots the switch or the module in the specified slot at a specified date and time. Syntax Description date Specifies a reboot date in mm/dd/yyyy format. time Specifies a reboot time in hh:mm:ss format.
  • Page 79 reboot Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 80: Show Accounts Pppuser

    Commands for Accessing the Switch show accounts pppuser show accounts pppuser Description Displays user account information for all users on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines You need to create a user account using the command before you can display user create account account information.
  • Page 81 show accounts pppuser Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 82: Show Banner

    Use this command to view the banner that is displayed before the login prompt. Example The following command displays the switch banner: show banner Output from this command looks similar to the following: Extreme Networks Summit48i Layer 3 Switch ######################################################### Unauthorized Access is strictly prohibited. Violators will be persecuted ######################################################### History This command was first available in ExtremeWare 2.0.

  • Page 83: Show Dns-Client

    show dns-client show dns-client show dns-client Description Displays the DNS configuration. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays the DNS configuration: show dns-client Output from this command looks similar to the following: Number of domain suffixes: 2 Domain Suffix 1: njudah.local...

  • Page 84: Show Switch

    Commands for Accessing the Switch show switch show switch Description Displays the current switch information. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Viewing statistics on a regular basis allows you to see how well your network is performing. If you keep simple daily records, you will see trends emerging and notice problems arising before they cause major network faults.
  • Page 85 Example The following command displays current switch information: show switch Output from this command looks similar to the following: SysName: Alpine3808 SysLocation: Extreme Networks HQ SysContact: Carlos_Beronio System MAC: 00:01:30:20:0A:00 License: Full L3 + Security System Mode: 802.1Q EtherType is 8100 (Hex).
  • Page 86 Commands for Accessing the Switch Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 87: Traceroute

    traceroute traceroute traceroute <host name/ip> {from <source IP address>} {ttl <number>} {port <port number>} Description Enables you to trace the routed path between the switch and a destination endstation. Syntax Description host name/ip Specifies the hostname or IP address of the destination endstation. from <source IP address>...
  • Page 88 Commands for Accessing the Switch ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 89 Commands for Managing the Switch This chapter describes: • Commands for configuring Simple Network Management Protocol (SNMP) parameters on the switch • Commands for managing the switch using Telnet and web access • Commands for configuring Simple Network Time Protocol (SNTP) parameters on the switch SNMP Any network manager running the Simple Network Management Protocol (SNMP) can manage the switch, if the Management Information Base (MIB) is installed correctly on the management station.

  • Page 90: Simple Network Time Protocol

    Commands for Managing the Switch • SNMP read access—The ability to read SNMP information can be restricted through the use of an access profile. An access profile permits or denies a named list of IP addresses and subnet masks. • SNMP read/write access—The ability to read and write SNMP information can be restricted through the use of an access profile.

  • Page 91: Config Snmp Access-Profile Readonly

    config snmp access-profile readonly config snmp access-profile readonly config snmp access-profile readonly [<access-profile> | none] Description Assigns an access profile that limits which stations have read-only access to the switch. Syntax Description access-profile Specifies a user defined access profile. none Cancels a previously configured access profile.
  • Page 92 Commands for Managing the Switch Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 93: Config Snmp Access-Profile Readwrite

    config snmp access-profile readwrite config snmp access-profile readwrite config snmp access-profile readwrite [<access-profile> | none] Description Assigns an access profile that limits which stations have read/write access to the switch. Syntax Description access-profile Specifies a user defined access profile. none Cancels a previously configured access profile.
  • Page 94 Commands for Managing the Switch Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 95: Config Snmp Add

    config snmp add config snmp add config snmp add <ipaddress> {<mask>} Description Adds the IP address or a set of IP addresses of an SNMP management station to the access list. Syntax Description ipaddress Specifies an IP address to be added to the access list. mask Specifies a subnet mask.
  • Page 96 Commands for Managing the Switch Platform Availability This command is available only on platforms based on the Summit chipset. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 97: Config Snmp Add Community

    config snmp add community config snmp add community config snmp add community [readonly | readwrite] {encrypted} <alphanumeric string> Description Adds an SNMP read or read/write community string. Syntax Description readonly Specifies read-only access to the system. readwrite Specifies read and write access to the system. encrypted Specifies encryption, for use only by the switch when uploading or downloading a configuration.
  • Page 98 Commands for Managing the Switch History This command was first available in ExtremeWare 6.2. Platform Availability This command is available on all “i”-series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 99: Config Snmp Add Trapreceiver

    config snmp add trapreceiver config snmp add trapreceiver config snmp add trapreceiver <ip address> {port <udp_port>} community <community string> {from <source ip address>} {mode [enhanced | standard]} Description Adds the IP address of a specified trap receiver to the trap receiver list. Syntax Description ip address Specifies an SNMP trap receiver IP address.
  • Page 100 Commands for Managing the Switch The following command adds the IP address 10.101.0.105 as a trap receiver with community string green, using port 3003: config snmp add trapreceiver 10.101.0.105 port 3003 community green The following command adds the IP address 10.101.0.105 as a trap receiver with community string blue, and IP address 10.101.0.25 as the source: config snmp add trapreceiver 10.101.0.105 community blue from 10.101.0.25 History...

  • Page 101: Config Snmp Community

    config snmp community config snmp community config snmp community [readonly | readwrite] {encrypted} <alphanumeric string> Description Configures the value of the default SNMP read or read/write community string. Syntax Description readonly Specifies read-only access to the system. readwrite Specifies read and write access to the system. encrypted Specifies encryption, for use only by the switch when uploading or downloading a configuration.
  • Page 102 Commands for Managing the Switch History This command was first available in ExtremeWare 1.0. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 103: Config Snmp Delete

    config snmp delete config snmp delete config snmp delete [<ip address> {<mask>} | all] Description Deletes an IP address or range of IP addresses of a specified SNMP management station or all SNMP management stations. Syntax Description ip address Specifies an SNMP management IP address. mask Specifies an optional subnet mask.

  • Page 104: Config Snmp Delete Community

    Commands for Managing the Switch config snmp delete community config snmp delete community [readonly | readwrite] {encrypted} [all | <alphanumeric string>] Description Deletes an SNMP read or read/write community string. Syntax Description readonly Specifies read-only access to the system. readwrite Specifies read and write access to the system.
  • Page 105 config snmp delete community Example The following command adds a read/write community string named extreme: config snmp add community readwrite extreme History This command was first available in ExtremeWare 2.0. Support for the parameter was discontinued in ExtremeWare 4.0. Platform Availability This command is available on all platforms.

  • Page 106: Config Snmp Delete Trapreceiver

    Commands for Managing the Switch config snmp delete trapreceiver config snmp delete trapreceiver [<ip address> {community <community string>} | all] Description Deletes a specified trap receiver or all authorized trap receivers. Syntax Description ip address Specifies an SNMP trap receiver IP address. community string Specifies an SNMP community string.

  • Page 107: Config Snmp Syscontact

    config snmp sysContact config snmp sysContact config snmp syscontact <alphanumeric string> Description Configures the name of the system contact. Syntax Description alphanumeric string Specifies a system contact name. Default N/A. Usage Guidelines The system contact is a text field that enables you to enter the name of the person(s) responsible for managing the switch.

  • Page 108: Config Snmp Syslocation

    Commands for Managing the Switch config snmp sysLocation config snmp syslocation <alphanumeric string> Description Configures the location of the switch. Syntax Description alphanumeric string Specifies the switch location. Default N/A. Usage Guidelines Use this command to indicate the location of the switch. A maximum of 255 characters is allowed. To view the location of the switch on the switch, use the command.

  • Page 109: Config Snmp Sysname

    config snmp sysName config snmp sysName config snmp sysname <alphanumeric string> Description Configures the name of the switch. Syntax Description alphanumeric string Specifies a device name. Default The default is the model name of the device (for example, sysname Summit1 Usage Guidelines You can use this command to change the name of the switch.

  • Page 110: Config Sntp-Client Server

    Commands for Managing the Switch config sntp-client server config sntp-client [primary | secondary] server [<ipaddress> | <host_name>] Description Configures an NTP server for the switch to obtain time information. Syntax Description primary Specifies a primary server name. secondary Specifies a secondary server name. ipaddress Specifies an IP address.

  • Page 111: Config Sntp-Client Update-Interval

    config sntp-client update-interval config sntp-client update-interval config sntp-client update-interval <seconds> Description Configures the interval between polls for time information from SNTP servers. Syntax Description seconds Specifies an interval in seconds. Default 64 seconds. Usage Guidelines None. Example The following command configures the interval timer: config sntp-client update-interval 30 History This command was first available in ExtremeWare 4.0.

  • Page 112: Config Web Login-Timeout

    Commands for Managing the Switch config web login-timeout config web login-timeout <seconds> Description Configures the timeout for user to enter username/password in the pop-up window. Syntax Description seconds Specifies an interval in seconds, where <seconds> can range from 30 secs to 10 mins ( 600 secs).

  • Page 113: Disable Snmp Access

    disable snmp access disable snmp access disable snmp access Description Disables SNMP on the switch. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines Disabling SNMP access does not affect the SNMP configuration (for example, community strings). However, if you disable SNMP access, you will be unable to access the switch using SNMP.

  • Page 114: Disable Snmp Dot1Dtpfdbtable

    Commands for Managing the Switch disable snmp dot1dTpFdbTable disable snmp dot1dtpfdbtable Description Disables SNMP GetNext responses for the dot1dTpFdbTable in the BRIDGE-MIB. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines SNMP Get responses are not affected by this command. To view the configuration of the dot1dTpFdb table on the switch, use the command.

  • Page 115: Disable Snmp Traps

    disable snmp traps disable snmp traps disable snmp traps Description Prevents SNMP traps from being sent from the switch. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines This command does not clear the SNMP trap receivers that have been configured. The command prevents SNMP traps from being sent from the switch even if trap receivers are configured.

  • Page 116: Disable Snmp Traps Port-Up-Down

    Commands for Managing the Switch disable snmp traps port-up-down disable snmp traps port-up-down ports [all | mgmt | <portlist>] Description Prevents SNMP port up/down traps (also known as link up and link down traps) from being sent from the switch for the indicated ports. Syntax Description Specifies that no link up/down traps should be sent for all ports.

  • Page 117: Disable Snmp Traps Mac-Security

    disable snmp traps mac-security disable snmp traps mac-security disable snmp traps mac-security Description Prevents SNMP mac-security traps from being sent from the switch for all ports. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines This command should be used in conjunction with the config ports <portlist> limit-learning command. That command configures a limit on the number of MAC addresses that can be learned on a port(s).

  • Page 118: Disable Sntp-Client

    Commands for Managing the Switch disable sntp-client disable sntp-client Description Disables the SNTP client. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines SNTP can be used by the switch to update and synchronize its internal clock from a Network Time Protocol (NTP) server.

  • Page 119: Disable System-Watchdog

    disable system-watchdog disable system-watchdog disable system-watchdog Description Disables the system watchdog timer. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines The watchdog timer reboots the switch if the CPU becomes trapped in a processing loop. If the watchdog timer is executed, the switch captures information on the cause of the reboot and posts it to the system log.

  • Page 120: Disable Telnet

    Commands for Managing the Switch disable telnet disable telnet Description Disables Telnet services on the system. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines You must be logged in as an administrator to enable or disable Telnet. Example With administrator privilege, the following command disables Telnet services on the switch: disable telnet...

  • Page 121: Disable Web

    disable web disable web disable web Description Disables web access to the switch. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines You must reboot the switch for the change to take effect. You can use this command to disable web access to the switch. If you are using ExtremeWare Vista for web access, you must create and configure an access profile before you can use this option.

  • Page 122: Enable Dhcp Ports Vlan

    Commands for Managing the Switch enable dhcp ports vlan enable dhcp ports <portlist> vlan <vlan name> Description Enables DHCP on a specified port in a VLAN. Syntax Description portlist Specifies the ports for which DHCP should be enabled. vlan_name Specifies the VLAN on whose ports DHCP should be enabled. Default N/A.

  • Page 123: Enable Snmp Access

    enable snmp access enable snmp access enable snmp access Description Turns on SNMP support for the switch. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines To have access to the SNMP agent residing in the switch, at least one VLAN must have an IP address assigned to it.

  • Page 124: Enable Snmp Dot1Dtpfdbtable

    Commands for Managing the Switch enable snmp dot1dTpFdbTable enable snmp dot1dtpfdbtable Description Enables SNMP GetNext responses for the dot1dTpFdbTable in the BRIDGE-MIB. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines SNMP Get responses are not affected by this command. To view the configuration of the dot1dTpFdb table on the switch, use the command.

  • Page 125: Enable Snmp Traps

    enable snmp traps enable snmp traps enable snmp traps Description Turns on SNMP trap support. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines An authorized trap receiver can be one or more network management stations on your network. The switch sends SNMP traps to all trap receivers.

  • Page 126: Enable Snmp Traps Port-Up-Down

    Commands for Managing the Switch enable snmp traps port-up-down enable snmp traps {port-up-down ports [all | mgmt | <portlist>]} Description Enables SNMP port up/down traps (also known as link up and link down traps) for the indicated ports. Syntax Description Specifies that link up/down traps should be sent for all ports.

  • Page 127: Enable Snmp Traps Mac-Security

    enable snmp traps mac-security enable snmp traps mac-security enable snmp traps mac-security Description Enables SNMP mac-security traps for all ports to be sent by the switch. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines This command should be used in conjunction with the config ports <portlist> limit-learning command. That command configures a limit on the number of MAC addresses that can be learned on a port(s).

  • Page 128: Enable Sntp-Client

    Commands for Managing the Switch enable sntp-client enable sntp-client Description Enables the SNTP client. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines SNTP can be used by the switch to update and synchronize its internal clock from a Network Time Protocol (NTP) server.

  • Page 129: Enable System-Watchdog

    enable system-watchdog enable system-watchdog enable system-watchdog Description Enables the system watchdog timer. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines The watchdog timer reboots the switch if the CPU becomes trapped in a processing loop. If the watchdog timer is executed, the switch captures information on the cause of the reboot and posts it to the system log.

  • Page 130: Enable Telnet

    Commands for Managing the Switch enable telnet enable telnet {access-profile [<access_profile> | none]} {port <tcp_port_number>} Description Enables Telnet access to the switch. Syntax Description access profile Specifies an access profile. (6.0, 6.1) none Cancels a previously configured access profile. (6.0, 6.1) port Specifies a TCP port number.
  • Page 131 enable telnet History This command was first available in ExtremeWare 2.0. Support for the , and parameters was introduced in ExtremeWare 6.0. access profile none port Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 132: Enable Web

    Commands for Managing the Switch enable web enable web {access-profile [<access_profile> | none]} {port <tcp_port_number>} Description Enables ExtremeWare Vista web access to the switch. Syntax Description access profile Specifies an access profile. (6.0, 6.1) none Cancels a previously configured access profile. (6.0, 6.1) port Specifies a TCP port number.

  • Page 133: Exit

    exit exit exit Description Logs out the session of a current user for CLI or Telnet. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Use this command to log out of a CLI or Telnet session. Example The following command logs out the session of a current user for CLI or Telnet: exit...

  • Page 134: Logout

    Commands for Managing the Switch logout logout Description Logs out the session of a current user for CLI or Telnet. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Use this command to log out of a CLI or Telnet session. Example The following command logs out the session of a current user for CLI or Telnet: logout...

  • Page 135: Quit

    quit quit quit Description Logs out the session of a current user for CLI or Telnet. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Use this command to log out of a CLI or Telnet session. Example The following command logs out the session of a current user for CLI or Telnet: quit...

  • Page 136: Show Management

    Commands for Managing the Switch show management show management Description Displays the SNMP settings configured on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines: The following show management output is displayed: • Enable/disable state for Telnet, SNMP, and web access •...
  • Page 137 show management CLI idle timeouts: disabled CLI Paging: enabled CLI configuration logging: enabled Telnet access: enabled tcp port: 23 Web access: enabled tcp port: 80 Web access login timeout : 30 secs SSH Access: key invalid, disabled tcp port: 22 UDP Echo Server: disabled udp port: 7 SNMP Access:...

  • Page 138: Show Odometer

    Commands for Managing the Switch show odometer show odometer Description Displays a counter for each component of a switch that shows how long it has been functioning since it was manufactured. Syntax Description This command has no arguments or variables. Default N/A.
  • Page 139 show odometer History This command was first available in ExtremeWare 6.2.1. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 140: Show Session

    Commands for Managing the Switch show session show session Description Displays the currently active Telnet, console, and web sessions communicating with the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines command displays the username and IP address of the incoming Telnet session, show session whether a console session is currently active, and the login time.
  • Page 141 show session History This command was first available in ExtremeWare 2.0. Support for the CLI Auth command field definition was introduced in ExtremeWare 6.0. Support for the Auth command field definition was introduced in ExtremeWare 4.0. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 142: Show Sntp-Client

    Commands for Managing the Switch show sntp-client show sntp-client Description Displays the DNS configuration. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Displays configuration and statistics information of SNTP client. Example The following command displays the DNS configuration: show sntp-client Following is the output from this command: SNTP client is enabled...
  • Page 143 show sntp-client Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 144: Show Vlan Dhcp-Address-Allocation Vlan

    Commands for Managing the Switch show vlan dhcp-address-allocation vlan show vlan dhcp-address-allocation vlan <vlan name> Description Displays DHCP address allocation information about VLANs. Syntax Description vlan name Specifies a VLAN name. Default Summary information for all VLANs on the device. Usage Guidelines Display the IP address, MAC address, and time assigned to each end device.

  • Page 145: Show Vlan Dhcp-Config Vlan

    show vlan dhcp-config vlan show vlan dhcp-config vlan show vlan dhcp-config vlan <vlan name> Description Displays DHCP configuration information about VLANs. Syntax Description vlan name Specifies a VLAN name. Default Summary information for all VLANs on the device. Usage Guidelines Displays the DHCP configuration, including the DHCP range, DHCP lease timer, network login lease timer, and DHCP-enabled ports.

  • Page 146: Telnet

    Commands for Managing the Switch telnet telnet [<ipaddress> | <hostname>] {<port_number>} Description Allows you to Telnet from the current command-line interface session to another host. Syntax Description ipaddress Specifies the IP address of the host. hostname Specifies the name of the host. (4.x and higher) port_number Specifies a TCP port number.
  • Page 147 telnet History This command was first available in ExtremeWare 2.0. This command was modified in ExtremeWare 4.x to support the hostname port number parameters. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 148: Unconfig Management

    Commands for Managing the Switch unconfig management unconfig management Description Restores default values to all SNMP-related entries. Syntax Description This command has no arguments or variables. Default Usage Guidelines None. Example The following command restores default values to all SNMP-related entries on the switch: unconfig management History This command was first available in ExtremeWare 2.0.
  • Page 149 Commands for Configuring Slots and Ports on a Switch This chapter describes: • Commands related to enabling, disabling, and configuring individual ports • Commands related to configuring port speed (Fast Ethernet ports only) and half- or full-duplex mode • Commands related to creating load-sharing groups on multiple ports •...
  • Page 150 Commands for Configuring Slots and Ports on a Switch Load sharing is most useful in cases where the traffic transmitted from the switch to the load-sharing group is sourced from an equal or greater number of ports on the switch. For example, traffic transmitted to a two-port load-sharing group should originate from a minimum of two other ports on the same switch.

  • Page 151: Clear Slot

    clear slot clear slot clear slot <slot> Description Clears a slot of a previously assigned module type. Syntax Description slot Specifies a modular switch slot number. Default N/A. Usage Guidelines All configuration information related to the slot and the ports on the module is erased. If a module is present when you issue this command, the module is reset to default settings.

  • Page 152: Config Ip-Mtu Vlan

    Commands for Configuring Slots and Ports on a Switch config ip-mtu vlan config ip-mtu <number> vlan <vlan name> Description Sets the maximum transmission unit (MTU) for the VLAN. Syntax Description IP MTU number Specifies the value. Range is from 1500 to 9194. vlan name Specifies a VLAN name.
  • Page 153 config ip-mtu vlan Platform Availability This command is available on “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 154: Config Jumbo-Frame Size

    Commands for Configuring Slots and Ports on a Switch config jumbo-frame size config jumbo-frame size <number> Description Sets the maximum jumbo frame size for the switch chassis. Syntax Description number Specifies a maximum transmission unit (MTU) size for a jumbo frame. Default The default setting is 9216.
  • Page 155 config jumbo-frame size History This command was first available in ExtremeWare 6.0. Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 156: Config Mirroring Add

    Commands for Configuring Slots and Ports on a Switch config mirroring add config mirroring add [<mac_address> | vlan <vlan name> {ports <port number>} | ports <portnumber> {vlan <vlan name>}] Description Adds a particular mirroring filter definition on the switch. Syntax Description mac_address Specifies a MAC address.
  • Page 157 config mirroring add For MAC mirroring to work correctly, the MAC address must already be present in the forwarding database (FDB). You need to enable and configure FDB for MAC mirroring to work correctly. See "FDB Commands" for more details. Example The following example sends all traffic coming into or out of a stand-alone switch on port 1 and the VLAN default to the mirror port:...

  • Page 158: Config Mirroring Delete

    Commands for Configuring Slots and Ports on a Switch config mirroring delete config mirroring delete [<mac_address> | vlan <vlan name> {ports <portnumber>} | ports <portnumber> {vlan <vlan name>}] Description Deletes a particular mirroring filter definition on the switch. Syntax Description mac_address Specifies a MAC address.

  • Page 159: Config Msm-Failover Link-Action

    config msm-failover link-action config msm-failover link-action config msm-failover link-action [keep-links-up | take-links-down] Description Configures external port response when MSM failover occurs. Syntax Description keep-links-up Configures the external ports to not be reset when MSM failover occurs. This option is available on the “i” series switches only. take-links-down Configures the external ports to be reset when MSM failover occurs.

  • Page 160: Config Ports

    Commands for Configuring Slots and Ports on a Switch config ports config ports [<portlist> vlan <vlan name> | all] [limit-learning <number> | lock-learning | unlimited-learning | unlock-learning] Description Configures virtual ports for limited or locked MAC address learning. Syntax Description portlist Specifies one or more ports or slots and ports.
  • Page 161 config ports • Broadcast traffic • EDP traffic Traffic from the permanent MAC and any other non-blackholed MACs will still flow from the virtual port. If you configure a MAC address limit on VLANS that have ESRP enabled, you should add an additional back-to-back link (that has no MAC address limit on these ports) between the ESRP-enabled switches.
  • Page 162 Commands for Configuring Slots and Ports on a Switch History This command was first available in ExtremeWare 6.2.1. Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 163: Config Ports Auto Off

    config ports auto off config ports auto off config ports [<portlist> | all | mgmt] auto off {speed [10 | 100 | 1000]} duplex [half | full] Description Manually configures port speed and duplex setting configuration on one or more ports on a switch. Syntax Description portlist Specifies one or more ports or slots and ports.
  • Page 164 Commands for Configuring Slots and Ports on a Switch For version 6.1: • The parameter specifies all ports on the switch. • The parameter specifies 1000 Mbps ports. 1000 Example The following example turns autonegotiation off for port 4 (a Gigabit Ethernet port) on a stand-alone switch: config ports 4 auto off duplex full The following example turns autonegotiation off for slot 2, port 1 on a modular switch:...

  • Page 165: Config Ports Auto On

    config ports auto on config ports auto on config ports [<portlist> | mgmt | all] auto on Description Enables autonegotiation for the particular port type. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.
  • Page 166 Commands for Configuring Slots and Ports on a Switch History This command was first available in ExtremeWare 2.0. This command was modified in ExtremeWare 6.1 to support the parameter. This command was modified in ExtremeWare 4.0 to support modular switches. Platform Availability This command is available on all platforms.

  • Page 167: Config Ports Display-String

    config ports display-string config ports display-string config ports [<portlist> | mgmt] display-string <alphanumeric string> Description Configures a user-defined string for a port or group of ports. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.
  • Page 168 Commands for Configuring Slots and Ports on a Switch Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 169: Config Port Interpacket-Gap

    10 Gigabit Ethernet interfaces drop packets when packets are transmitted using a value of 12. Thus, by increasing the Interpacket Gap, packet transmission is slowed and packet loss can be minimized or prevented. The Interpacket Gap value need not be modified when interconnecting Extreme Networks switches over 10 Gigabit Ethernet links.

  • Page 170: Config Ports Link-Detection-Level

    Commands for Configuring Slots and Ports on a Switch config ports link-detection-level config ports <portlist> link-detection-level <link-detection-level> Description Configures the link detection level. Syntax Description portlist Specifies one or more primary ports or slots and ports. On a modular switch, can be a list of slots and ports.

  • Page 171: Config Ports Redundant

    config ports redundant config ports redundant config ports [<portlist> | <portid> | mgmt] redundant [<portlist> | <portid>] Description Configures a software-controlled redundant port. Syntax Description portlist Specifies one or more primary ports or slots and ports. On a modular switch, can be a list of slots and ports.
  • Page 172 Commands for Configuring Slots and Ports on a Switch • Only one side of the link should be configured as redundant. For example, if ports 1 and 2 are connected between switches A and B, only switch A should be configured with redundant ports. •...

  • Page 173: Config Sharing Address-Based

    config sharing address-based config sharing address-based config sharing address-based [L2 | L2_L3 | L2_L3_L4] Description Configures the part of the packet examined by the switch when selecting the egress port for transmitting load-sharing data. Syntax Description Indicates that the switch should examine the MAC source and destination address.

  • Page 174: Config Slot

    Commands for Configuring Slots and Ports on a Switch config slot config slot <slot> module <module name> Description Configures a slot for a particular I/O module card in a modular switch. Syntax Description slot Specifies the slot number. module name Specifies the type of module for which the slot should be configured.
  • Page 175 config slot Default If a slot has not been configured for a particular type of I/O module, then any type of module is accepted in that slot, and a default port and VLAN configuration is automatically generated. Usage Guidelines command displays different module parameters depending on the type of modular config slot switch you are configuring and the version of ExtremeWare running on the switch.

  • Page 176: Disable Edp Ports

    Numerical Ranges” or “Stand-alone Switch Numerical Ranges” in Chapter 1. You can use the command to disable EDP on one or more ports when you no disable edp ports longer need to locate neighbor Extreme Networks switches. For version 6.1: • The parameter specifies all ports on the switch.
  • Page 177 disable edp ports History This command was first available in ExtremeWare 2.0. This command was modified in ExtremeWare 4.0 to support modular switches. This command was modified in ExtremeWare 6.1 to support the parameter. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 178: Disable Flooding Ports

    Commands for Configuring Slots and Ports on a Switch disable flooding ports disable flooding ports <portlist> Description Disables packet flooding on one or more ports. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.

  • Page 179: Disable Jumbo-Frame Ports

    disable jumbo-frame ports disable jumbo-frame ports disable jumbo-frame ports [<portlist> | all] Description Disables jumbo frame support on a port. For PoS modules, this command applies to PoS ports when disabling jumbo-frame support changes the negotiated maximum receive unit (MRU) size. Syntax Description portlist Specifies one or more ports or slots and ports.

  • Page 180: Disable Lbdetect Port

    Commands for Configuring Slots and Ports on a Switch disable lbdetect port disable lbdetect port <portlist> Description Disables the detection of loops between ports. Syntax Description portlist Specifies one or more ports or slots and ports to be grouped to the master port.

  • Page 181: Disable Learning Ports

    disable learning ports disable learning ports disable learning ports <portlist> Description Disables MAC address learning on one or more ports for security purposes. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.

  • Page 182: Disable Mirroring

    Commands for Configuring Slots and Ports on a Switch disable mirroring disable mirroring Description Disables port-mirroring. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines Use the command to stop configured copied traffic associated with one or more disable mirroring ports.

  • Page 183: Disable Ports

    disable ports disable ports disable ports [<portlist> | all] Description Disables one or more ports on the switch. For PoS modules, brings down the PPP link on the specified port and changes the port status LED to blinking green. Syntax Description portlist Specifies one or more ports or slots and ports.

  • Page 184: Disable Sharing

    Commands for Configuring Slots and Ports on a Switch disable sharing disable sharing [<port>] Description Disables a load-sharing group of ports. Syntax Description port Specifies the master port of a load-sharing group. On a modular switch, is a combination of the slot and port number, in the format <slot>:<port>. Default Disabled.

  • Page 185: Disable Slot

    disable slot disable slot disable slot [<slot number> | all] Description Disables one or all slots on a BlackDiamond or Alpine switch, and leaves the blade in a power down state. Syntax Description slot number Specifies the slot to be disabled. Species that all slots in the device should be disabled.

  • Page 186: Disable Smartredundancy

    For a detailed explanation of port specification, see “Modular Switch Numerical Ranges” or “Stand-alone Switch Numerical Ranges” in Chapter 1. Use with Extreme Networks switches that support privacy and backup uplinks. When smartredundancy is disabled, the switch changes the active link only when the current active link becomes inoperable.

  • Page 187: Enable Edp Ports

    EDP is useful when Extreme Networks switches are attached to a port. The EDP is used to locate neighbor Extreme Networks switches and exchange information about switch configuration. When running on a normal switch port, EDP is used to by the switches to exchange topology information with each other.
  • Page 188 Commands for Configuring Slots and Ports on a Switch History This command was first available in ExtremeWare 2.0. This command was modified in ExtremeWare 4.0 to support modular switches. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 189: Enable Flooding Ports

    enable flooding ports enable flooding ports enable flooding ports <portlist> Description Enables packet flooding on one or more ports. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports. On a stand-alone switch, can be one or more port numbers.

  • Page 190: Enable Jumbo-Frame Ports

    Commands for Configuring Slots and Ports on a Switch enable jumbo-frame ports enable jumbo-frame ports [<portlist> | all] Description Enables support on the physical ports that will carry jumbo frames. For PoS modules, enables jumbo-frame support to specific PoS ports when jumbo-frame support changes the negotiated maximum receive unit (MRU) size.

  • Page 191: Enable Lbdetect Port

    enable lbdetect port enable lbdetect port enable lbdetect port <portlist> [retry-timeout<seconds>] Description Enables the system to detect loops between ports. If a port is looped, it disables the port. Every N seconds, it re-enables the port and tries again, unless “none” is specified Syntax Description portlist Specifies one or more ports or slots and ports to be grouped to the master...

  • Page 192: Enable Learning Ports

    Commands for Configuring Slots and Ports on a Switch enable learning ports enable learning ports <portlist> Description Enables MAC address learning on one or more ports. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.

  • Page 193: Enable Mirroring To Port

    enable mirroring to port enable mirroring to port enable mirroring to port [<portlist>] [tagged | untagged] Description Dedicates a port on the switch to be the mirror output port. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.
  • Page 194 Commands for Configuring Slots and Ports on a Switch — MAC source address/destination address—All data sent to or received from a particular source or destination MAC address is copied to the monitor port. For MAC mirroring to work correctly, the MAC address must already be present in the forwarding database (FDB).

  • Page 195: Enable Ports

    enable ports enable ports enable ports [<portlist> | all] Description Enables a port. For PoS modules, enables the PPP link on the specified port, and changes the port status LED to solid green (if no other problems exist). Syntax Description portlist Specifies one or more ports or slots and ports.

  • Page 196: Enable Sharing Grouping

    Load sharing must be enabled on both ends of the link, or a network loop will result. While LACP is based on industry standard, this feature is supported between Extreme Networks switches only. However, it may be compatible with third-party “trunking” or sharing algorithms. Check with an Extreme Networks technical representative for more information.
  • Page 197 Additionally, you can choose the load-sharing algorithm used by the group. This feature is supported between Extreme Networks switches only, but may be compatible with third-party trunking or link-aggregation algorithms.
  • Page 198 Commands for Configuring Slots and Ports on a Switch History This command was first available in ExtremeWare 2.0. The command was modified in ExtremeWare 4.0 to support modular switches. The command was modified in ExtremeWare 6.0 to support the parameter. algorithm The command was modified in ExtremeWare 7.0.0 to support the parameter.

  • Page 199: Enable Slot

    enable slot enable slot enable slot [<slot number> | all] Description Enables one or all slots on a BlackDiamond or Alpine switch. Syntax Description slot number Specifies the slot to be enabled. Species that all slots in the device should be enabled. Default Enabled.

  • Page 200: Enable Smartredundancy

    Commands for Configuring Slots and Ports on a Switch enable smartredundancy enable smartredundancy <portlist> Description Enables the Smart Redundancy feature on the redundant Gigabit Ethernet port. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.

  • Page 201: Restart Ports

    restart ports restart ports restart ports [<portlist> Description Resets autonegotiation for one or more ports by resetting the physical link. For PoS modules, causes the PPP link to be renegotiated. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.

  • Page 202: Run Msm-Failover

    Commands for Configuring Slots and Ports on a Switch run msm-failover run msm-failover Description Causes a user-specified MSM failover. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command causes a user-specified MSM failover: run msm-failover History This command was first available in ExtremeWare 6.2.2.

  • Page 203: Show Edp

    This is most effective show edp with Extreme Networks switches. Example The following command displays the connectivity and configuration of neighboring Extreme Networks switches: show edp Following is the output from this command:...
  • Page 204 Commands for Configuring Slots and Ports on a Switch Remote-Vlans: Mgmt(4094, 10.45.208.226) Default(1) MacVlanDiscover(0) History This command was first available in ExtremeWare 2.0. This command was modified in ExtremeWare 4.0 to support modular switches. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 205: Show Mirroring

    show mirroring show mirroring show mirroring Description Displays the port-mirroring configuration on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines You must configure mirroring on the switch to display mirroring statistics. Use the show mirroring command to configure mirroring.

  • Page 206: Show Ports Collisions

    Commands for Configuring Slots and Ports on a Switch show ports collisions show ports {<portlist>} collisions Description Displays real-time collision statistics. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.
  • Page 207 show ports collisions ============================================================================== Link Status: A-Active R-Ready D-Disabled NP-Not Present LB-Loopback 0->Clear Counters U->page up D->page down ESC->exit History This command was first available in ExtremeWare 2.0. This command was modified in ExtremeWare 4.0 to support modular switches. Platform Availability This command is available on all platforms.

  • Page 208: Show Ports Configuration

    Commands for Configuring Slots and Ports on a Switch show ports configuration show ports {<portlist>} configuration Description Displays port configuration statistics. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.
  • Page 209 show ports configuration Following is the output from this command: Port Configuration Monitor Thu Oct 24 16:22:08 2002 Port Port Link Auto Speed Duplex Flow Ld Share Media State Status Neg Cfg Actual Cfg Actual Ctrl Master Pri ENABLED R AUTO 1000 AUTO FULL...

  • Page 210: Show Ports Info

    Commands for Configuring Slots and Ports on a Switch show ports info show ports {<portlist>} info {detail} Description Displays detailed system-related information. For PoS modules, displays port information that includes new DiffServ and RED configuration parameters. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.
  • Page 211 show ports info P e--m-------D ready 9216 P e--m-------D active 9216 P e--m-------D ready 9216 P e--m-------D ready 9216 P e--m-------D ready 9216 P e--m-------D ready 9216 P e--m-------D ready 9216 P e--m-------E ready 9216 P e--m-------E ready 9216 P e--m-------E ready 9216 P e--m-------E ready 9216...

  • Page 212: Show Ports Packet

    Commands for Configuring Slots and Ports on a Switch show ports packet show ports {<portlist>} packet Description Displays a histogram of packet statistics. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.
  • Page 213 show ports packet =============================================================================== Link Status: A-Active R-Ready D-Disabled NP-Not Present LB-Loopback 0->Clear Counters U->page up D->page down ESC->exit History This command was first available in ExtremeWare 2.0. This command was modified in ExtremeWare 4.0 to support modular switches. Platform Availability This command is available on all platforms.

  • Page 214: Show Ports Sharing

    Commands for Configuring Slots and Ports on a Switch show ports sharing show ports sharing Description Displays port loadsharing groups. Syntax Description This command has no arguments or variables. Default Usage Guidelines Example The following command displays the port loadsharing groups: show ports sharing Following is the output from this command: Load Sharing Monitor...

  • Page 215: Show Ports Utilization

    show ports utilization show ports utilization show ports {<portlist>} utilization Description Displays real-time port utilization information. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports. On a stand-alone switch, can be one or more port numbers.
  • Page 216 Commands for Configuring Slots and Ports on a Switch The following examples show the output from the show ports utilization command for all ports on the switch. The three displays show the information presented when you use the spacebar to toggle through the display types.
  • Page 217 show ports utilization History This command was first available in ExtremeWare 2.0. This command was modified in ExtremeWare 4.0 to support modular switches. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 218: Show Sharing Address-Based

    Commands for Configuring Slots and Ports on a Switch show sharing address-based show sharing address-based Description Displays the address-based load sharing configuration. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This feature is available using the address-based load-sharing algorithm only. The address-based load-sharing algorithm uses addressing information to determine which physical port in the load-sharing group to use for forwarding traffic out of the switch.

  • Page 219: Show Slot

    show slot show slot show slot <slot number> Description Displays the slot-specific information. For ARM, ATM, MPLS, PoS, and WAN modules, displays information that includes data about the software images loaded on the module, as well as status information on the module’s processors. Syntax Description slot number Specifies a slot on a modular switch.
  • Page 220 Commands for Configuring Slots and Ports on a Switch As the module progresses through its initialization, the command displays the show slot <slot> general purpose processor (GPP) subsystem change state to OPERATIONAL, and then each of the network processors will change state to OPERATIONAL. When the GPP subsystem completes its initialization cycle and the subsystem state is OPERATIONAL, use the command to check the results of the...
  • Page 221 show slot Link Active: Link Down: 01 02 03 04 05 06 07 08 09 10 11 12 Slot 4 information: State: Operational Network Processor 1 : Operational Network Processor 2 : Operational General Purpose Proc: Operational Serial number: 701039-04-0128F07843 HW Module Type: P12ci Optics: Single-mode Fiber...
  • Page 222 Commands for Configuring Slots and Ports on a Switch Configured Type: Not configured Slot 8 information: State: Empty HW Module Type: Empty Configured Type: Not configured History This command was first available in ExtremeWare 4.0. This command was modified in ExtremeWare 6.1 to support PoS modules. This command was modified in ExtremeWare 7.0.0 to support WAN modules.

  • Page 223: Unconfig Ports Display String

    unconfig ports display string unconfig ports display string unconfig ports <portlist> display-string Description Clears the user-defined display string from one or more ports. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.

  • Page 224: Unconfig Ports Redundant

    Commands for Configuring Slots and Ports on a Switch unconfig ports redundant unconfig ports [<portlist> | <port id> | mgmt] redundant Description Clears a previously configured software-controlled redundant port. Syntax Description portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.

  • Page 225: Unconfig Slot

    unconfig slot unconfig slot unconfig slot <slot number> Description Clears a slot of a previously assigned module type. Syntax Description slot number Specifies a slot on a modular switch. Default N/A. Usage Guidelines None. Example The following command clears slot 4 of a previously assigned module type: unconfig slots 4 History This command was first available in ExtremeWare 4.0.
  • Page 226 Commands for Configuring Slots and Ports on a Switch ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 227 VLAN Commands This chapter describes the following commands: • Commands for creating and deleting VLANs and performing basic VLAN configuration • Commands for defining protocol filters for use with VLANs • Commands for enabling or disabling the use of Generic VLAN Registration Protocol (GVRP) information on a switch and its ports VLANs can be created according to the following criteria: •...

  • Page 228: Config Dot1Q Ethertype

    Use this command if you need to communicate with a switch that supports 802.1Q, but uses an Ethertype value other than 8100. This feature is useful for VMAN tunneling. Extreme Networks recommends the use of IEEE registered ethertype 0x88a8 for deploying vMANs.

  • Page 229: Config Gvrp

    config gvrp config gvrp config gvrp {listen | send | both | none} port <portlist> Description Configures the sending and receiving of Generic VLAN Registration Protocol (GVRP) information on a port. Syntax Description listen Enables the receipt of GVRP packets on the specified port(s). send Enables sending of GVRP packets on the specified port(s).
  • Page 230 VLAN Commands Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 231: Config Mac-Vlan Add Mac-Address

    config mac-vlan add mac-address config mac-vlan add mac-address config mac-vlan add mac-address [any | <mac_address>] mac-group [any | <group_number>] vlan <vlan name> Description Adds a MAC address as a potential member of a MAC-based VLAN. Syntax Description mac_address The MAC address to be added to the specified VLAN. Specified in the form nn:nn:nn:nn:nn:nn.
  • Page 232 VLAN Commands History This command was first available in ExtremeWare 6.0. Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 233: Config Mac-Vlan Delete

    config mac-vlan delete config mac-vlan delete config mac-vlan delete [all | mac-address [<mac_address> | any]] Description Removes a MAC address from any MAC-based VLANs with which it was associated. Syntax Description Indicates that all MAC addresses should be removed from all VLANs. mac_address The MAC address to be removed.

  • Page 234: Config Ports Monitor Vlan

    VLAN Commands config ports monitor vlan config ports <portlist> monitor vlan <vlan name> Description Configures VLAN statistic monitoring on a per-port basis. Syntax Description portlist Specifies one or more ports. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8. vlan name Specifies a VLAN name.

  • Page 235: Config Protocol Add

    config protocol add config protocol add config protocol <protocol_name> add <protocol_type> <hex_value> {<protocol_type> <hex_value>} ... Description Configures a user-defined protocol filter. Syntax Description protocol_name Specifies a protocol filter name. protocol_type Specifies a protocol type. Supported protocol types include: • etype – IEEE Ethertype. •...

  • Page 236: Config Protocol Delete

    VLAN Commands config protocol delete config protocol <protocol_name> delete <protocol_type> <hex_value> {<protocol_type> <hex_value>} ... Description Deletes the specified protocol type from a protocol filter. Syntax Description protocol_name Specifies a protocol filter name. protocol_type Specifies a protocol type. Supported protocol types include: •...

  • Page 237: Config Vlan Add Ports

    config vlan add ports config vlan add ports config vlan <vlan name> add ports <portlist> {tagged | untagged} {nobroadcast} {soft-rate-limit} Description Adds one or more ports in a VLAN. Syntax Description vlan name Specifies a VLAN name. portlist Specifies a list of ports or slots and ports. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.
  • Page 238 VLAN Commands Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 239: Config Vlan Add Ports Loopback-Vid

    config vlan add ports loopback-vid config vlan add ports loopback-vid config vlan <vlan name> add ports <portlist> loopback-vid <vlan-id> Description Adds a loopback port to a VLAN. Syntax Description vlan name Specifies a VLAN name. port Specifies a loopback port for the VLAN. vlan-id Specifies a unique loopback VLAN tag.

  • Page 240: Config Vlan Delete Port

    VLAN Commands config vlan delete port config vlan <vlan name> delete port <portlist> Description Deletes one or more ports in a VLAN. Syntax Description vlan name Specifies a VLAN name. portlist A list of ports or slots and ports. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8. Default N/A.

  • Page 241: Config Vlan Ipaddress

    config vlan ipaddress config vlan ipaddress config vlan <vlan name> ipaddress <ipaddress> {<netmask> | <mask length>} Description Assigns an IP address and an optional subnet mask to the VLAN. Syntax Description vlan name Specifies a VLAN name. ipaddress Specifies an IP address. netmask Specifies a subnet mask in dotted-quad notation (e.g.

  • Page 242: Config Vlan Name

    VLAN Commands config vlan name config vlan <old_name> name <new_name> Description Renames a previously configured VLAN. Syntax Description old_name Specifies the current (old) VLAN name. new_name Specifies a new name for the VLAN. Default N/A. Usage Guidelines You cannot change the name of the default VLAN “Default” Example The following command renames VLAN vlan1 to engineering: config vlan vlan1 name engineering...

  • Page 243: Config Vlan Protocol

    config vlan protocol config vlan protocol config vlan <vlan name> protocol [<protocol_name> | any] Description Configures a VLAN to use a specific protocol filter. Syntax Description vlan name Specifies a VLAN name. protocol_name Specifies a protocol filter name. This can be the name of a predefined protocol filter, or one you have defined.

  • Page 244: Config Vlan Tag

    VLAN Commands config vlan tag config vlan <vlan name> tag <vlanid> Description Assigns a unique 802.1Q tag to the VLAN. Syntax Description vlan name Specifies a VLAN name. vlanid Specifies a VLANid to use as an 802.1Q tag. The valid range is from 2 to 4,095.

  • Page 245: Create Protocol

    create protocol create protocol create protocol <protocol_name> Description Creates a user-defined protocol filter. Syntax Description protocol_name Specifies a protocol filter name. The protocol filter name can have a maximum of 31 characters. Usage Guidelines Protocol-based VLANs enable you to define packet filters that the switch can use as the matching criteria to determine if a particular packet belongs to a particular VLAN.

  • Page 246: Create Vlan

    VLAN Commands create vlan create vlan <vlan name> Description Creates a named VLAN. Syntax Description vlan name Specifies a VLAN name (up to 32 characters). Default A VLAN named Default exists on all new or initialized Extreme switches: • It initially contains all ports on a new or initialized switch, except for the management port(s), if there are any.
  • Page 247 create vlan Example The following command creates a VLAN named accounting: create vlan accounting History This command was first available in ExtremeWare 1.0. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 248: Delete Protocol

    VLAN Commands delete protocol delete protocol <protocol_name> Description Deletes a user-defined protocol. Syntax Description protocol_name Specifies a protocol name. Default N/A. Usage Guidelines If you delete a protocol that is in use by a VLAN, the protocol associated with than VLAN will become “None.”...

  • Page 249: Delete Vlan

    delete vlan delete vlan delete vlan <vlan name> Description Deletes a VLAN. Syntax Description vlan name Specifies a VLAN name. Default N/A. Usage Guidelines If you delete a VLAN that has untagged port members, and you want those ports to be returned to the default VLAN, you must add them back explicitly using the command.

  • Page 250: Disable Gvrp

    VLAN Commands disable gvrp disable gvrp Description Disables the Generic VLAN Registration Protocol (GVRP). Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines This command globally disables GVRP functionality on the switch. It does not change the GVRP configuration of individual ports, but GVRP will no longer function on these ports.

  • Page 251: Disable Mac-Vlan Port

    disable mac-vlan port disable mac-vlan port disable mac-vlan port <portlist> Description Disables a port from using the MAC-based VLAN algorithm. Syntax Description portlist A list of ports or slots and ports. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8. Default N/A.

  • Page 252: Enable Gvrp

    VLAN Commands enable gvrp enable gvrp Description Enables the Generic VLAN Registration Protocol (GVRP). Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines The GVRP protocol allows switches to automatically discover some of the VLAN information that would otherwise have to be manually configured in each switch.

  • Page 253: Enable Mac-Vlan Mac-Group Port

    enable mac-vlan mac-group port enable mac-vlan mac-group port enable mac-vlan mac-group [any | <group_number>] port <portlist> Description Enables a port to use the MAC-based VLAN algorithm. Syntax Description group_number A group number that should be associated with a specific set of ports. Specified as an integer.

  • Page 254: Show Gvrp

    VLAN Commands show gvrp show gvrp Description Displays the current configuration and status of GVRP. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines GVRP is not supported in ExtremeWare version 6.1 or later. Example The following shows results of this command: GVRP running (866422): JoinTime 20 LeaveTime 200...

  • Page 255: Show Mac-Vlan

    show mac-vlan show mac-vlan show mac-vlan {configuration | database} Description Displays the MAC-based VLAN configuration and MAC address database content. Syntax Description configuration Specifies display of the MAC-based VLAN configuration only. database Specifies display of the MAC address database content only. Default Shows both configuration and database information.

  • Page 256: Show Protocol

    VLAN Commands show protocol show protocol {<protocol>} Description Displays protocol filter definitions. Syntax Description protocol Specifies a protocol filter name. Default Displays all protocol filters. Usage Guidelines Displays the defined protocol filter(s) with the types and values of its component protocols. Example The following is an example of the command:...

  • Page 257: Show Vlan

    show vlan show vlan show vlan {<vlan name> | detail | stats {vlan} <vlan name>} Description Displays information about VLANs. Syntax Description vlan name Specifies a VLAN name. detail Specifies that detailed information should be displayed for each VLAN. stats Specifies a real-time display of utilization statistics (packets transmitted and received) for a specific VLAN.
  • Page 258 VLAN Commands Example The following is an example of the command: show vlan MSM64:1 # show vlan Name Protocol Addr Flags Proto Ports Default 0.0.0.0 /BP -----T-------- ANY MacVlanDiscover 4095 ------------------ ------ Mgmt 4094 10.5.4.80 /24 -------------- ANY 4093 192.168.11.1 /24 ------f------- ANY 4092 192.168.12.1 /24 ------f------- ANY...

  • Page 259: Unconfig Ports Monitor Vlan

    unconfig ports monitor vlan unconfig ports monitor vlan unconfig ports <portlist> monitor vlan <vlan name> Description Removes port-based VLAN monitoring. Syntax Description portlist Specifies one or more ports. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8. vlan name Specifies a VLAN name.

  • Page 260: Unconfig Vlan Ipaddress

    VLAN Commands unconfig vlan ipaddress unconfig vlan <vlan name> ipaddress Description Removes the IP address of the VLAN. Syntax Description vlan name Specifies a VLAN name. ipaddress Specifies that the ipaddress association with this VLAN should be cleared. Default N/A. Usage Guidelines None.
  • Page 261 FDB Commands This chapter describes commands for: • Configuring FDB entries • Displaying FDB entries The switch maintains a database of all media access control (MAC) addresses received on all of its ports. It uses the information in this database to decide whether a frame should be forwarded or filtered.

  • Page 262: Clear Fdb

    FDB Commands clear fdb clear fdb {<mac_address> | broadcast-mac | locked-mac <mac_address> | vlan <vlan name> | ports <portlist>} Description Clears dynamic FDB entries that match the filter. Syntax Description mac_address Specifies a MAC address, using colon-separated bytes. broadcast-mac Specifies the broadcast MAC address. May be used as an alternate to the colon-separated byte form of the address ff:ff:ff:ff:ff:ff.

  • Page 263: Config Fdb Agingtime

    config fdb agingtime config fdb agingtime config fdb agingtime <seconds> Description Configures the FDB aging time for dynamic entries. Syntax Description seconds Specifies the aging time in seconds. Range is 15 through 1,000,000. A value of 0 indicates that the entry should never be aged out. Default 300 seconds.

  • Page 264: Create Fdbentry Vlan Blackhole

    FDB Commands create fdbentry vlan blackhole create fdbentry <mac_address> vlan <vlan name> blackhole {source-mac | dest-mac | both} Description Creates a blackhole FDB entry. Syntax Description mac_address Specifies a device MAC address, using colon-separated bytes. vlan name Specifies a VLAN name associated with a MAC address. blackhole Configures the MAC address as a blackhole entry.
  • Page 265 create fdbentry vlan blackhole Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 266: Create Fdbentry Vlan Dynamic

    FDB Commands create fdbentry vlan dynamic create fdbentry [<mac_address> | broadcast-mac | any-mac] vlan <vlan name> dynamic [qosprofile <qosprofile> {ingress-qosprofile <inqosprofile>} | ingress-qosprofile <inqosprofile> {qosprofile <qosprofile>}] Description Creates a permanent dynamic FDB entry, and associates it with an ingress and/or egress QoS profile. Syntax Description mac_address Specifies a device MAC address, using colon separated bytes.
  • Page 267 create fdbentry vlan dynamic • A port goes down (link down). Using the keyword, you can enable traffic from a QoS VLAN to have higher priority than any-mac 802.1p traffic. Normally, an 802.1p packet has a higher priority over the VLAN classification. To use this feature, you must create a wildcard permanent FDB entry named and apply the QoS profile to any-mac...

  • Page 268: Create Fdbentry Vlan Ports

    FDB Commands create fdbentry vlan ports create fdbentry <mac_address> vlan <vlan name> ports [<portlist> | all] {qosprofile <qosprofile>} {ingress-qosprofile <inqosprofile>} Description Creates a permanent static FDB entry, and optionally associates it with an ingress and/or egress QoS profile. Syntax Description mac_address Specifies a device MAC address, using colon-separated bytes.
  • Page 269 create fdbentry vlan ports Permanent static entries are designated by “spm” in the flags field of the output. You can use show fdb command to display permanent FDB entries, including their QoS profile show fdb permanent associations. Example The following example adds a permanent, static entry to the FDB for MAC address is 00 E0 2B 12 34 56, in VLAN marketing on port 4: create fdbentry 00:E0:2B:12:34:56 vlan marketing port 4 History...

  • Page 270: Delete Fdbentry

    FDB Commands delete fdbentry delete fdbentry [[<mac_address> | broadcast-mac] vlan <vlan name> | all] Description Deletes one or all permanent FDB entries. Syntax Description mac_address Specifies a device MAC address, using colon-separated bytes. broadcast-mac Specifies the broadcast MAC address. May be used as an alternate to the colon-separated byte form of the address ff:ff:ff:ff:ff:ff.

  • Page 271: Run Fdb-Check

    run fdb-check run fdb-check run fdb-check [index <bucket> <entry> | [<mac_address> | broadcast-mac] {<vlan name>}] {extended} {detail} Description Checks MAC FDB entries for consistency. Syntax Description bucket Specifies the bucket portion of the FDB hash index. entry Specifies the entry portion of the FDB hash index. mac-address Specifies a MAC address (hex octet).
  • Page 272 FDB Commands History This command was first available in ExtremeWare 6.1.9 This command was modified in ExtremeWare 6.2.1 to support the keyword. broadcast-mac Platform Availability This command is available on all “i” series platforms. option is available on the Black Diamond 6800 chassis-based system only. extended ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 273: Show Fdb

    show fdb show fdb ow fdb {<mac_address> | broadcast-mac | vlan <vlan name> | <portlist> | permanent} Description Displays FDB entries. Syntax Description mac_address Specifies a MAC address, using colon-separated bytes, for which FDB entries should be displayed. broadcast-mac Specifies the broadcast MAC address. May be used as an alternate to the colon-separated byte form of the address ff:ff:ff:ff:ff:ff.
  • Page 274 FDB Commands Flags Flags that define the type of entry: • d - Dynamic • s - Static • p - Permanent • m - MAC • i - an entry also exists in the IP FDB • x - an entry also exists in the IPX FDB •...
  • Page 275 show fdb The following command displays information about the permanent entries in the FDB: show fdb permanent It produces output similar to the following: EQP IQP Index Vlan Flags Port List -------------------------------------------------------------------------------- QP3 QP2 ----- --- 00:10:E3:1D:00:05 anntest1(4094) ---- ---- QP3 QP2 4e610-206 00:01:03:2F:38:EE anntest1(4094) 0000 0000 spm...
  • Page 276 FDB Commands ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 277 QoS Commands This chapter describes the following commands: • Commands for configuring Quality of Service (QoS) profiles • Commands creating traffic groupings and assigning the groups to QoS profiles • Commands for configuring, enabling and disabling explicit class-of-service traffic groupings (802.1p and Diffserv) •...
  • Page 278 QoS Commands QoS profiles are assigned to traffic groupings to modify switch-forwarding behavior. When assigned to a traffic grouping, the combination of the traffic grouping and the QoS profile comprise an example of a single policy that is part of Policy-Based QoS. Extreme switch products support explicit Class of Service traffic groupings.

  • Page 279: Clear Dlcs

    clear dlcs clear dlcs clear dlcs Description Clears all learned DLCS data. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines If the IP address of an end-station changes, and the end-station is not immediately rebooted, the old host-to-IP mapping is not deleted.

  • Page 280: Config Diffserv Examination Code-Point Qosprofile Ports

    QoS Commands config diffserv examination code-point qosprofile ports config diffserv examination code-point <code_point> qosprofile <qosprofile> ports [<portlist> | all] {low-drop-probability | high-drop-probability} Description Configures the default ingress Diffserv code points (DSCP) to QoS profile mapping. Syntax Description code_point Specifies a DiffServ code point (a 6-bit value in the IP-TOS byte in the IP header).
  • Page 281 config diffserv examination code-point qosprofile ports supports two different drop probabilities; one for DSCPs designated as having low drop-probability and another for DSCPs designated as having high drop-probability. These keywords enable complete flexibility in assigning DSCPs to the two different drop-probability levels. Example The following command specifies that packets arriving on ports 5-8 that use code point 25 be assigned to qp2:...

  • Page 282: Config Diffserv Replacement Priority

    QoS Commands config diffserv replacement priority config diffserv replacement priority <value> code-point <code_point> ports [<portlist> | all] Description Configures the default egress Diffserv replacement mapping. Syntax Description value Specifies the 802.1p priority value. code_point Specifies a 6-bit value to be used as the replacement code point in the IP-TOS byte in the IP header.
  • Page 283 config diffserv replacement priority History This command was first available in ExtremeWare 6.0. Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 284: Config Dot1P Type

    QoS Commands config dot1p type config dot1p type <dot1p_priority> qosprofile <qosprofile> Description Configures the default QoS profile to 802.1p priority mapping. Syntax Description dot1p_priority Specifies the 802.1p priority value. The value is an integer between 0 and 7. qosprofile Specifies a QoS profile. Default N/A.

  • Page 285: Config Ipqos Add

    config ipqos add config ipqos add config ipqos add {tcp | udp | other | all} <dest_ipaddress>/<mask_length> {l4-dstport <tcp/udp_port_number>} {<ip_src_address>/<mask_length>} {l4-srcport <tcp/udp_port_number>} [qosprofile <qosname> | blackhole] Description Applies a set of destination IP addresses to an IPQoS traffic grouping by specifying a network address and subnet mask.
  • Page 286 QoS Commands A long form multicast and unicast entry (flow) has higher precedence over a matching short form multicast and unicast entry (non-flow). Within the IPQoS long form (flow), precedence is determined by the traffic grouping information provided. For example, an IP QoS policy that includes a specified source IP address has higher precedence than an IP QoS policy that includes a layer 4 source port (but no source IP address).

  • Page 287: Config Ipqos Delete

    config ipqos delete config ipqos delete config ipqos delete {tcp | udp | other | all} <dest_ipaddress>/<mask_length> {l4-dstport <tcp/udp_port_number>} {<ip_src_address>/<mask_length>} {l4-srcport <tcp/udp_port_number>} [qosprofile <qosname> | blackhole] Description Removes a set of destination IP addresses from an IPQoS traffic grouping. Syntax Description Specifies that the TCP protocol is to be used for this traffic grouping.
  • Page 288 QoS Commands Example The following short-form command removes a traffic grouping definition for traffic destined to the 10.1.2.X network: config ipqos delete 10.1.2.3/24 qosprofile qp2 The following long-form command removes the traffic group defined as all traffic to TCP destination port 80 destined for the 10.1.2.x network from 10.1.1.1 using TCP source port 20: config ipqos delete tcp 10.1.2.3/24 l4-dstport 80 10.1.1.1/32 l4-srcport 20 qosprofile History...

  • Page 289: Config Ports Qosprofile

    config ports qosprofile config ports qosprofile config ports <portlist> qosprofile <qosprofile> Description Configures one or more ports to use a particular QoS profile. Syntax Description portlist Specifies a list of ports or slots and ports. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

  • Page 290: Config Qosmode

    QoS Commands config qosmode config qosmode [ingress | egress] Description Changes the QoS mode to ingress mode or egress mode. Syntax Description ingress Specifies ingress mode. egress Specifies egress mode. Default Ingress. Usage Guidelines If you change the QoS mode setting from the default, you must save and reboot the switch in order for the changes to take effect.

  • Page 291: Config Qosprofile

    config qosprofile config qosprofile config qosprofile <qosprofile> minbw <min_percent> maxbw <max_percent> priority <level> {[minbuf <percent> maxbuf <number> [K | M] | maxbuff <number> [K | M] | <portlist>]} Description Modifies the default QoS profile parameters. Syntax Description qosprofile Specifies a QoS profile name. min_percent Specifies a minimum bandwidth percentage for this queue.
  • Page 292 QoS Commands For ExtremeWare 4.0: • Only four priority levels are available (low, normal, medium, and high). Example The following command configures the QoS profile parameters of QoS profile qp5 for specific ports on an “i” series switch: config qosprofile qp5 minbw 10% maxbw 80% priority highHi ports 5-7 The following command configures the buffer size for QoS profile qp5 on an “i”...

  • Page 293: Config Qostype Priority

    config qostype priority config qostype priority config qostype priority [source-mac | dest-mac | access-list | vlan | diffserv | dot1p] <priority> Description Configures the priority of the specified QoS traffic grouping. Syntax Description source-mac Specifies the priority of traffic groupings based on FDB source MAC addresses.
  • Page 294 QoS Commands Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 295: Config Red Drop-Probability

    config red drop-probability config red drop-probability config red drop-probability <percent> Description Configures the Random Early Detect (RED) drop-probability. Syntax Description percent Specifies the RED drop probability as a percentage. Range is 0 -100. Default N/A. Usage Guidelines When the switch detects that traffic is filling up in any of the eight hardware queues, it performs a random discard on subsequent packets, based on the configured RED drop-probability.

  • Page 296: Config Vlan Priority

    QoS Commands config vlan priority config vlan <vlan name> priority <priority> Description Configures the 802.1p priority value for traffic generated on the switch. Syntax Description vlan name Specifies a VLAN name. priority Specifies the 802.1p priority value. The value is an integer between 0 and 7. Default N/A.

  • Page 297: Config Vlan Qosprofile

    config vlan qosprofile config vlan qosprofile config vlan <vlan name> qosprofile <qosprofile> Description Configures a VLAN to use a particular QoS profile. Syntax Description vlan name Specifies a VLAN name. qosprofile Specifies a QoS profile. Default N/A. Usage Guidelines Extreme switches support eight QoS profiles (QP1 - QP8). Example The following command configures VLAN accounting to use QoS profile QP3: config vlan accounting qosprofile QP3...

  • Page 298: Create Qosprofile

    QoS Commands create qosprofile create qosprofile <qosprofile> Description Creates a QoS profile. Syntax Description qosprofile Specifies a QoS profile name. Default N/A. Usage Guidelines This command is not available in ExtremeWare v6.0 or later. Using this command, a new QoS profile is created with the following default values: •...

  • Page 299: Delete Qosprofile

    delete qosprofile delete qosprofile delete qosprofile <qosprofile> Description Deletes a QoS profile created in egress mode. Syntax Description qosprofile Specifies a QoS profile name. Default N/A. Usage Guidelines This command is not available in ExtremeWare v6.0 or later. The four default QoS profiles cannot be deleted. When a QoS profile is removed, all entries previously associated with the QoS profile are changed to use the settings of the default QoS profile named qp2.

  • Page 300: Disable Diffserv Examination Ports

    QoS Commands disable diffserv examination ports disable diffserv examination ports [<portlist> | all] Description Disables the examination of the Diffserv field in an IP packet. Syntax Description portlist Specifies a list of ports or slots and ports to which the parameters apply. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

  • Page 301: Disable Diffserv Replacement Ports

    disable diffserv replacement ports disable diffserv replacement ports disable diffserv replacement ports [<portlist> | all] Description Disables the replacement of diffserv code points in packets transmitted by the switch. Syntax Description portlist Specifies a list of ports or slots and ports to which the parameters apply. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

  • Page 302: Disable Dlcs

    QoS Commands disable dlcs disable dlcs {fast-ethernet-ports | ports [all | <port_number>]} Description This command disables WINS snooping for ports on this switch. Syntax Description fast-ethernet-ports Specifies that WINS packet snooping should be disabled on all Fast Ethernet ports. All specifies that WINS packet snooping should be disabled on all ports. port_number Specifies a port on which WINS packet snooping should be disabled.

  • Page 303: Disable Dot1P Replacement Ports

    disable dot1p replacement ports disable dot1p replacement ports disable dot1p replacement ports [<portlist> | all] Description Disables the ability to overwrite 802.1p priority values for a given set of ports. Syntax Description portlist Specifies a list of ports or slots and ports to which the parameters apply. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

  • Page 304: Disable Isq Vlan

    QoS Commands disable isq vlan disable isq vlan <vlan name> Description Disables Intra-subnet QoS (ISQ) on a VLAN. Syntax Description vlan name Specifies a VLAN name. Default Disabled. Usage Guidelines None. Example This command is not available in ExtremeWare v6.0 or later. The following command disables ISQ on a VLAN names accounting: disable isq vlan accounting History...

  • Page 305: Disable Qosmonitor

    disable qosmonitor disable qosmonitor disable qosmonitor Description Disables the QoS monitoring capability. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines None. Example The following command disables QoS monitoring: disable qosmonitor History This command was available in ExtremeWare 4.0. Platform Availability This command is available on all platforms.

  • Page 306: Disable Red Ports

    QoS Commands disable red ports disable red ports <portlist> Description Disables Random Early Detection (RED) on the specified ports. Syntax Description portlist Specifies the port number(s). May be in the form 1, 2, 3-5, 2:5, 2:6-2:8. Default Disabled. Usage Guidelines None.

  • Page 307: Enable Diffserv Examination Ports

    enable diffserv examination ports enable diffserv examination ports enable diffserv examination ports [<portlist> | all] Description Enables the Diffserv field of an ingress IP packet to be examined in order to select a QoS profile. Syntax Description portlist Specifies a list of ports or slots and ports to which the parameters apply. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

  • Page 308: Enable Diffserv Replacement Ports

    QoS Commands enable diffserv replacement ports enable diffserv replacement ports [<portlist> | all] Description Enables the diffserv code point to be overwritten in packets transmitted by the switch. Syntax Description portlist Specifies a list of ports or slots and ports to which the parameters apply. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

  • Page 309: Enable Dlcs

    enable dlcs enable dlcs enable dlcs {fast-ethernet-ports | ports [all | <port_number>]} Description This command enables WINS snooping for ports on the switch. Syntax Description fast-ethernet-ports Specifies that WINS packets should be snooped on all Fast Ethernet ports. Specifies that WINS packets should be snooped on all ports. port_number Specifies a port on which WINS packets are to be snooped.

  • Page 310: Enable Dot1P Replacement Ports

    QoS Commands enable dot1p replacement ports enable dot1p replacement ports [<portlist> | all] Description Allows the 802.1p priority field to be overwritten on egress according to the QoS profile to 802.1p priority mapping for a given set of ports. Syntax Description portlist Specifies a list of ports or slots and ports.
  • Page 311 enable dot1p replacement ports Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 312: Enable Isq Vlan

    QoS Commands enable isq vlan enable isq vlan <vlan name> Description Enables Intra-Subnet QoS (ISQ) on a per-VLAN basis. Syntax Description vlan name Specifies a VLAN name. Default Disabled. Usage Guidelines This command is not available in ExtremeWare v6.0 or later. ISQ allows the application of QoS commands to be effective within a subnet (VLAN) instead of only applying the QoS when traversing a routed subnet.

  • Page 313: Enable Qosmonitor

    enable qosmonitor enable qosmonitor enable qosmonitor {port <port>} Description Enables the QoS monitoring capability on the switch. Syntax Description port Specifies a port. Default Disabled. Usage Guidelines When no port is specified, the QoS monitor automatically samples all the ports and records the sampled results.

  • Page 314: Enable Red Ports

    QoS Commands enable red ports enable red ports [mgmt | <portlist>] Description Enables Random Early Detection (RED) on a port. Syntax Description mgmt Specifies the management port. portlist Specifies a list of ports or slots and ports. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

  • Page 315: Show Dlcs

    show dlcs show dlcs show dlcs Description Displays the status of DLCS (enabled or disabled) and the status of ports that are snooping WINS packets. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays DLCS status and data from the switch: show dlcs It produces output such as the following:...

  • Page 316: Show Dot1P

    QoS Commands show dot1p show dot1p Description Displays the 802.1p-to-QoS profile mappings. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays the current 802.1p-to-QoS mappings on the switch: show dot1p Following is the output from this command: 802.1p Priority Value QOS Profile...

  • Page 317: Show Ports Qosmonitor

    show ports qosmonitor show ports qosmonitor show ports {<portlist>} qosmonitor {egress | ingress} {discards} Description Displays real-time QoS statistics for egress packets on one or more ports. Syntax Description portlist Specifies a list of ports or slots and ports. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.
  • Page 318 QoS Commands History This command was available in ExtremeWare 2.0. This command was updated to support PoS in Extreme 6.2. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 319: Show Qosprofile

    show qosprofile show qosprofile show qosprofile {<qosprofile>} Description Displays QoS information on the switch. Syntax Description <qosprofile> Specifies a QoS profile name. Default Displays QoS information for all profiles. Usage Guidelines Information displayed includes: • QoS profile name • Minimum bandwidth •...

  • Page 320: Show Qostype Priority

    QoS Commands show qostype priority show qostype priority Description Displays QoS traffic grouping priority settings. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays the QoS traffic grouping priority settings for this switch: show qostype priority History This command was first available in ExtremeWare 6.2.

  • Page 321: Unconfig Diffserv Examination Ports

    unconfig diffserv examination ports unconfig diffserv examination ports unconfig diffserv examination ports [<portlist> | all] Description Removes the Diffserv examination code point from a port. Syntax Description portlist Specifies a list of ports or slots and ports. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

  • Page 322: Unconfig Diffserv Replacement Ports

    QoS Commands unconfig diffserv replacement ports unconfig diffserv replacement ports [<portlist> | all] Description Removes the diffserv replacement mapping from a port. Syntax Description portlist Specifies a list of ports or slots and ports. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

  • Page 323: Unconfig Qostype Priority

    unconfig qostype priority unconfig qostype priority unconfig qostype priority Description Resets all traffic grouping priority values to their defaults. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Resets the traffic grouping priorities to the following: access-list = 11 dest-mac = 8 source-mac = 7...
  • Page 324 QoS Commands ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 325 IP addresses, typically public Internet IP addresses. This conversion is done transparently by having a NAT device (any Extreme Networks switch using the “i” chipset) rewrite the source IP address and layer 4 port of the packets.

  • Page 326: Clear Nat

    NAT Commands clear nat clear nat [connections | stats} Description Clears NAT connections or statistics. Syntax Description connections Specifies the current NAT connections table. stats Specifies the statistics counter. Default N/A. Usage Guidelines None. Example The following command clears NAT connections: clear nat connections History This command was first available in ExtremeWare 6.2.

  • Page 327: Config Nat Add Vlan Map

    config nat add vlan map config nat add vlan map config nat add vlan <vlan name> map source [any | <source_ipaddress>/<mask>] {l4-port [any | <port> {- <port>}]} {destination <dest_ipaddress>/<mask> {l4-port [any | <port> {- <port>}]}} to <ip address> [/<mask> | - <ip address>] [tcp | udp | both] [portmap {<min>...
  • Page 328 NAT Commands Usage Guidelines Four different modes are used to determine how the outside IP addresses and layer 4 ports are assigned: • Static mapping Dynamic mapping • Port-mapping • • Auto-constraining When static mapping is used, each inside IP address uses a single outside IP address. The layer 4 ports are not changed, and only the IP address is rewritten.
  • Page 329 config nat add vlan map The addition of the optional keyword allows the NAT rule to be applied to only packets with a l4-port specific layer 4 source or destination port. If you use the layer 4-port command after the source IP/mask, the rule will only match if the port(s) specified are the source layer 4-ports.

  • Page 330: Config Nat Delete

    NAT Commands config nat delete config nat delete [all | vlan <vlan name> map source [any | <ip address>/<mask>] {l4-port [any | <port> {- <port>}]} {destination <ip address>/<mask> {l4-port [any | <port> {- <port>}]}} to <ip address> [/<mask> | - <ip address>] [tcp | udp | both] [portmap {<min>...
  • Page 331 config nat delete Example The following command deletes a portmap translation rule: config nat delete out_vlan_2 map source 192.168.2.128/25 to 216.52.8.64/28 tcp portmap 1024 - 8192 History This command was first available in ExtremeWare 6.2. Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 332: Config Nat Finrst-Timeout

    NAT Commands config nat finrst-timeout config nat finrst-timeout <seconds> Description Configures the timeout for a TCP session that has been torn down or reset. Syntax Description seconds Specifies the number of seconds to wait before the session table entry times out.

  • Page 333: Config Nat Icmp-Timeout

    config nat icmp-timeout config nat icmp-timeout config nat icmp-timeout <seconds> Description Configures the timeout for an ICMP packet. Syntax Description seconds Specifies the number of seconds to wait before the session table entry times out. Default Default timeout is 3 seconds. Usage Guidelines Setting the timeout to zero specifies that session table entries should not be timed-out.

  • Page 334: Config Nat Syn-Timeout

    NAT Commands config nat syn-timeout config nat syn-timeout <seconds> Description Configures the timeout for an entry with an unacknowledged TCP SYN state. Syntax Description seconds Specifies the number of seconds to wait before the session table entry times out. Default Default timeout is 60 seconds.

  • Page 335: Config Nat Tcp-Timeout

    config nat tcp-timeout config nat tcp-timeout config nat tcp-timeout <seconds> Description Configures the timeout for a fully setup TCP SYN session. Syntax Description seconds Specifies the number of seconds to wait before the session table entry times out. Default Default timeout is 120 seconds. Usage Guidelines Setting the timeout to zero specifies that session table entries should not be timed-out.

  • Page 336: Config Nat Timeout

    NAT Commands config nat timeout config nat timeout <seconds> Description Configures the timeout for any IP packet that is not TCP, UDP, or ICMP. Syntax Description seconds Specifies the number of seconds to wait before the session table entry times out.

  • Page 337: Config Nat Udp-Timeout

    config nat udp-timeout config nat udp-timeout config nat udp-timeout <seconds> Description Configures the timeout for a UDP session. Syntax Description seconds Specifies the number of seconds to wait before the session table entry times out. Default Default timeout is 120 seconds. Usage Guidelines Setting the timeout to zero specifies that session table entries should not be timed-out.

  • Page 338: Config Nat Vlan

    NAT Commands config nat vlan config nat vlan <vlan name> [inside | outside | none] Description Configures a VLAN to participate in NAT. Syntax Description vlan name Specifies a VLAN name. inside Specifies that the VLAN is an inside VLAN. outside Specifies that the VLAN is an outside VLAN.

  • Page 339: Disable Nat

    disable nat disable nat disable nat Description Disables network address translation on the switch. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines None. Example The following command disables NAT functionality on the switch: disable nat History This command was first available in ExtremeWare 6.2.

  • Page 340: Enable Nat

    NAT Commands enable nat enable nat Description Enables network address translation on the switch. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines None. Example The following command enables NAT functionality on the switch: enable nat History This command was first available in ExtremeWare 6.2.

  • Page 341: Show Nat

    show nat show nat show nat {timeout | stats | connections | rules {vlan <outside_vlan>}} Description Displays NAT settings. Syntax Description timeout Specifies the display of NAT timeout settings. stats Specifies the display of statistics for NAT traffic. connections Specifies the display of the current NAT connection table. rules Specifies the display of NAT rules, optionally for a specific VLAN.
  • Page 342 NAT Commands ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 343 SLB Commands This chapter discusses server load balancing (SLB) and flow redirect commands. SLB transparently distributes client requests among several servers. The main use for SLB is for web hosting (using redundant servers to increase the performance and reliability of busy websites). You can use SLB to manage and balance traffic for client equipment such as web servers, cache servers, routers, and proxy servers.

  • Page 344: Clear Slb Connections

    SLB Commands clear slb connections clear slb connections {ipaddress <ip address> : <port> | vip <vipname>} Description Clears all existing SLB connections. Syntax Description ip address Specifies an IP address. port Specifies a port. vipname Specifies a virtual server. Default N/A.

  • Page 345: Clear Slb Vip Persistence

    clear slb vip persistence clear slb vip persistence clear slb vip [<vipname> | all] persistence Description Clears the connection information in the persistence table. Syntax Description vipname Specifies a virtual server. Specifies all virtual servers. Default N/A. Usage Guidelines Use this command only during testing. Clearing persistence disables applications, such as shopping carts, that require persistence.

  • Page 346: Config Flow-Redirect Add Next-Hop

    SLB Commands config flow-redirect add next-hop config flow-redirect <flow redirect> add next-hop <ip address> Description Adds the next hop host (gateway) that is to receive the packets that match the flow redirect policy. Syntax Description flow redirect Specifies a flow redirect policy. ip address Specifies an IP address.

  • Page 347: Config Flow-Redirect Delete Next-Hop

    config flow-redirect delete next-hop config flow-redirect delete next-hop config flow-redirect <flow redirect> delete next-hop <ip address> Description Deletes the next hop host (gateway). Syntax Description flow redirect Specifies a flow redirect policy. ip address Specifies an IP address. Default N/A. Usage Guidelines None.

  • Page 348: Config Flow-Redirect Service-Check Ftp

    SLB Commands config flow-redirect service-check ftp config flow-redirect <flow redirect> service-check ftp user <user name> <password> Description Configures the flow redirect FTP check. Syntax Description flow redirect Specifies a flow redirect policy. user name Specifies the user name for logging in to the FTP service. password Specifies the password for logging in to the FTP service.

  • Page 349: Config Flow-Redirect Service-Check Http

    5000 bytes. Extreme Networks recommends that you create a specific URL dedicated to this check. Do not include “http://” in the URL. To check a URL beyond the root directory, include the path in the specified URL.

  • Page 350: Config Flow-Redirect Service-Check L4-Port

    SLB Commands config flow-redirect service-check L4-port config flow-redirect <flow redirect> service-check L4-port Description Configures the flow redirect layer 4 port check. Syntax Description flow redirect Specifies a flow redirect policy. Default N/A. Usage Guidelines This command automatically enables layer 4 port check. The layer 4 port check opens and closes the layer 4 port specified in the flow redirect policy.

  • Page 351: Config Flow-Redirect Service-Check Nntp

    config flow-redirect service-check nntp config flow-redirect service-check nntp config flow-redirect <flow redirect> service-check nntp <newsgroup> Description Configures the flow redirect NNTP check. Syntax Description flow redirect Specifies a flow redirect policy. newsgroup Specifies the news group to be checked. Default N/A.

  • Page 352: Config Flow-Redirect Service-Check Ping

    SLB Commands config flow-redirect service-check ping config flow-redirect <flow redirect> service-check ping Description Configures the flow redirect ping check. Syntax Description flow redirect Specifies a flow redirect policy. Default N/A. Usage Guidelines This command automatically enables ping check. Ping check is also automatically enabled when you add a next hop using the following command: config flow-redirect add next-hop In ExtremeWare 6.2.0 and prior, the frequency of the ping check is 10 seconds, the timeout of the ping check is 30 seconds, and you cannot configure these times.

  • Page 353: Config Flow-Redirect Service-Check Pop3

    config flow-redirect service-check pop3 config flow-redirect service-check pop3 config flow-redirect <flow redirect> service-check pop3 user <user name> <password> Description Configures the flow redirect POP3 check. Syntax Description flow redirect Specifies a flow redirect policy. user name Specifies the user name for logging in to the POP3 service. password Specifies the password for logging in to the POP3 service.

  • Page 354: Config Flow-Redirect Service-Check Smtp

    SLB Commands config flow-redirect service-check smtp config flow-redirect <flow redirect> service-check smtp <dns domain> Description Configures the flow redirect SMTP check. Syntax Description flow redirect Specifies a flow redirect policy. dns domain Specifies the DNS domain of the mail server. Default N/A.

  • Page 355: Config Flow-Redirect Service-Check Telnet

    config flow-redirect service-check telnet config flow-redirect service-check telnet config flow-redirect <flow redirect> service-check telnet user <user name> <password> Description Configures the flow redirect Telnet check. Syntax Description flow redirect Specifies a flow redirect policy. user name Specifies the user name for logging in to the telnet service. password Specifies the password for logging in to the telnet service.

  • Page 356: Config Flow-Redirect Timer Ping-Check

    SLB Commands config flow-redirect timer ping-check config flow-redirect timer ping-check frequency <seconds> timeout <seconds> Description Configures the flow redirect ping-check frequency and timeout. Syntax Description frequency Specifies the ping-check frequency. The range is 1 to 60. timeout Specifies the ping-check timeout. The range is 1 to 60. Default The default frequency is 10 seconds.

  • Page 357: Config Flow-Redirect Timer Service-Check

    config flow-redirect timer service-check config flow-redirect timer service-check config flow-redirect timer service-check frequency <seconds> timeout <seconds> Description Configures the flow redirect service-check frequency and timeout. Syntax Description frequency Specifies the service-check frequency. The range is 15 to 300. timeout Specifies the service-check timeout. The range is 15 to 300. Default The default frequency is 60 seconds.

  • Page 358: Config Flow-Redirect Timer Tcp-Port-Check

    SLB Commands config flow-redirect timer tcp-port-check config flow-redirect timer tcp-port-check frequency <seconds> timeout <seconds> Description Configures the flow redirect TCP port check frequency and timeout. Syntax Description frequency Specifies the tcp-port-check frequency. The range is 5 to 120. timeout Specifies the tcp-port-check timeout. The range is 5 to 300. Default The default frequency is 10 seconds.

  • Page 359: Config Slb Esrp Vlan

    To set the unit number of a virtual server, use the following command: config slb vip For simplicity, Extreme Networks recommends that you put client, server, and virtual server VLANs in the same ESRP group. Example The following command configures ESRP VLAN “servers”...

  • Page 360: Config Slb Failover Alive-Frequency

    The default timeout is 3 seconds. Usage Guidelines The frequency must be less than the timeout. Extreme Networks recommends that you set the timout greater than an even multiple of the frequency. To enable active-active operation, use the following command:...

  • Page 361: Config Slb Failover Dead-Frequency

    config slb failover dead-frequency config slb failover dead-frequency config slb failover dead-frequency <seconds> Description Configures the frequency at which the local switch attempts to re-establish communication with the unresponsive remote switch. Syntax Description dead-frequency The frequency at which the local switch attempts to re-establish communication with the unresponsive remote switch.

  • Page 362: Config Slb Failover Failback-Now

    SLB Commands config slb failover failback-now config slb failover failback-now Description Configures the local SLB to release the remote SLB resources if the remote SLB is alive. Syntax Description This command has no arguments or variables. Default Usage Guidelines When an active SLB unit fails and recovers, and manual failback is enabled, use this command to force the recovered SLB unit to become the active unit.

  • Page 363: Config Slb Failover Ping-Check

    config slb failover ping-check config slb failover ping-check config slb failover ping-check <ip address> {frequency <seconds> timeout <seconds>} Description Configures the SLB device to actively determine if a remote gateway is reachable by performing a ping. Syntax Description ip address Specifies the IP address of the remote gateway.

  • Page 364: Config Slb Failover Unit

    To enable active-active operation, use the following command: enable slb failover Extreme Networks recommends that you use a dedicated layer 2 VLAN to connect the two active-active switches. Example The following command configures the local SLB switch (with an IP address of 10.10.10.22) to direct unit 2 virtual servers to failover to the SLB switch with an IP address of 10.10.10.21:...

  • Page 365: Config Slb Global Connection-Block

    config slb global connection-block config slb global connection-block config slb global connection-block <number> Description Configures the number of SLB connections to allocate in memory, which improves performance. Syntax Description number Specifies the number of connection blocks. The range is 100 to 20,000. Default The default is 10,000.

  • Page 366: Config Slb Global Connection-Timeout

    SLB Commands config slb global connection-timeout config slb global connection-timeout <seconds> Description Configures the connection timeout for transparent and translation modes. Syntax Description seconds Specifies the number of seconds. The range is 1 to 180. Default The default is one second. Usage Guidelines None.

  • Page 367: Config Slb Global Ftp

    The default value for user and password is anonymous. Usage Guidelines If you do not enter a password, you are prompted for the password twice. Extreme Networks recommends that you use a password. The FTP service check provides a more thorough check than ping check, because the FTP service check logs into the service.

  • Page 368: Config Slb Global Http

    The HTTP service check provides a more thorough check than ping check, because the HTTP service check connects to a specific URL and checks for a specific text string. Extreme Networks recommends that you create a specific URL dedicated to this check.
  • Page 369 config slb global http Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 370: Config Slb Global Nntp

    SLB Commands config slb global nntp config slb global nntp <newsgroup> Description Configures the default parameters for layer 7 NNTP service checking. Syntax Description newsgroup Specifies a newsgroup. Default The default newsgroup is ebusiness. Usage Guidelines The NNTP service check provides a more thorough check than ping check, because the NNTP service check logs into the service.

  • Page 371: Config Slb Global Persistence-Level

    config slb global persistence-level config slb global persistence-level config slb global persistence-level [same-vip-same-port | same-vip-any-port | any-vip] Description Configures the persistence level globally. Syntax Description same-vip-same-port Specifies that an entry must match both virtual server and port for persistence. same-vip-any-port Specifies that an entry must match virtual server, and can be any port.

  • Page 372: Config Slb Global Persistence-Method

    SLB Commands config slb global persistence-method config slb global persistence-method [per-packet | per-session] Description Configures the behavior of the persistence timer. Syntax Description per-packet Resets the persistence timer at the receipt of each packet. per-session Resets the persistence timer at the beginning of the session. When the timer expires, persistence for the session ends.

  • Page 373: Config Slb Global Ping-Check

    config slb global ping-check config slb global ping-check config slb global ping-check frequency <seconds> timeout <seconds> Description Configures default health checking frequency and timeout period using layer 3-based pinging of the physical node. Syntax Description frequency Specifies the frequency of the ping check. The range is 1 to 60 seconds. timeout Specifies the timeout of the ping check.

  • Page 374: Config Slb Global Pop3

    The default value for user and password is anonymous. Usage Guidelines If you do not enter a password, you are prompted for the password twice. Extreme Networks recommends that you use a password. The POP3 service check provides a more thorough check than ping check, because the POP3 service check logs into the service.

  • Page 375: Config Slb Global Service-Check

    config slb global service-check config slb global service-check config slb global service-check frequency <seconds> timeout <seconds> Description Configures default health checking frequency and timeout period using layer 7-based application-dependent checking. Syntax Description frequency Specifies the frequency of the service check. The range is 15 to 300 seconds. timeout Specifies the timeout of the service check.

  • Page 376: Config Slb Global Smtp

    SLB Commands config slb global smtp config slb global smtp <dns domain> Description Configures the default parameters for layer 7 SMTP service checking. Syntax Description dns domain Specifies the domain to check. Default The default value for is the switch’s domain. If the switch does not have a DNS domain dns domain configured, the value is “mydomain.com”.

  • Page 377: Config Slb Global Synguard

    config slb global synguard config slb global synguard config slb global synguard max-unacknowledged-SYNs <number> Description Configures the the SYN-guard feature. Syntax Description max-unacknowledged-SYNs Specifies the number of half-open connections that the switch allows. The range is 10 to 4000. Default The default value is 50.

  • Page 378: Config Slb Global Tcp-Port-Check

    SLB Commands config slb global tcp-port-check config slb global tcp-port-check frequency <seconds> timeout <seconds> Description Configures default health checking frequency and timeout period using layer 4-based TCP port testing. Syntax Description frequency Specifies the frequency of the TCP port check. The range is 5 to 120 seconds. timeout Specifies the timeout of the TCP port check.

  • Page 379: Config Slb Global Telnet

    The default value for user and password is anonymous. Usage Guidelines If you do not enter a password, you are prompted for the password twice. Extreme Networks recommends that you use a password. The telnet service check provides a more thorough check than ping check, because the telnet service check logs into the service.

  • Page 380: Config Slb Gogo-Mode Health-Check

    SLB Commands config slb gogo-mode health-check config slb gogo-mode <port number> health-check <ip address> Description Configures the health checker with the common IP addresses of the GoGo mode servers in this group. Syntax Description port number Specifies the GoGo mode master port. ip address Specifies an IP address.

  • Page 381: Config Slb Gogo-Mode Ping-Check

    config slb gogo-mode ping-check config slb gogo-mode ping-check config slb gogo-mode <port number> ping-check frequency <seconds> timeout <seconds> Description Overrides the global default ping-check frequency and timeout values for this GoGo mode group. Syntax Description port number Specifies the GoGo mode master port. frequency Specifies the frequency of the ping check.
  • Page 382 SLB Commands Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 383: Config Slb Gogo-Mode Service-Check Ftp

    config slb gogo-mode service-check ftp config slb gogo-mode service-check ftp config slb gogo-mode <port number> service-check ftp {<L4-port>} {user <user> | password {encrypted} <password>} Description Configures the FTP service check parameters for a GoGo mode group. Syntax Description port number Specifies the GoGo mode master port.

  • Page 384: Config Slb Gogo-Mode Service-Check Http

    This command accesses the specified URL and checks for the specified alphanumeric string in the first 1000 bytes. Extreme Networks recommends that you create a specific URL dedicated to this check. Do not include “http://” in the URL. To check a URL beyond the root directory, include the path in the specified URL.
  • Page 385 config slb gogo-mode service-check http History This command was first available in ExtremeWare 6.1.5. Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 386: Config Slb Gogo-Mode Service-Check Pop3

    SLB Commands config slb gogo-mode service-check pop3 config slb gogo-mode <port number> service-check pop3 {<L4-port>} {userid <userid> | password {encrypted} <password>} Description Configures the service check parameters for a GoGo mode group. Syntax Description port number Specifies the GoGo mode master port. L4-port Specifies a layer 4 port.

  • Page 387: Config Slb Gogo-Mode Service-Check Smtp

    config slb gogo-mode service-check smtp config slb gogo-mode service-check smtp config slb gogo-mode <port number> service-check smtp {<L4-port>} {<dns domain>} Description Configures the service check parameters for a GoGo mode group. Syntax Description port number Specifies the GoGo mode master port. L4-port Specifies a layer 4 port.

  • Page 388: Config Slb Gogo-Mode Service-Check Telnet

    SLB Commands config slb gogo-mode service-check telnet config slb gogo-mode <port number> service-check telnet {<L4-port>} {user <user name> | password {encrypted} <password>} Description Configures the service check parameters for a GoGo mode group. Syntax Description port number Specifies the GoGo mode master port. L4-port Specifies a layer 4 port.

  • Page 389: Config Slb Gogo-Mode Service-Check Timer

    config slb gogo-mode service-check timer config slb gogo-mode service-check timer config slb gogo-mode <port number> service-check timer [all | ftp | http | telnet | smtp | nntp | pop3 | <TCP port number>] frequency <seconds> timeout <seconds> Description Overrides the global service-check frequency and timeout values. Syntax Description port number Specifies the GoGo mode master port.

  • Page 390: Config Slb Gogo-Mode Tcp-Port-Check Add

    SLB Commands config slb gogo-mode tcp-port-check add config slb gogo-mode <port number> tcp-port-check add [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP port number>] Description Adds the specified layer 4 port.
  • Page 391 config slb gogo-mode tcp-port-check add Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 392: Config Slb Gogo-Mode Tcp-Port-Check Delete

    SLB Commands config slb gogo-mode tcp-port-check delete config slb gogo-mode <port number> tcp-port-check delete [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP port number>] Description Deletes the specified layer 4 port.
  • Page 393 config slb gogo-mode tcp-port-check delete Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 394: Config Slb Gogo-Mode Tcp-Port-Check Timer

    SLB Commands config slb gogo-mode tcp-port-check timer config slb gogo-mode <port number> tcp-port-check timer [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP port number>] frequency <seconds>...
  • Page 395 config slb gogo-mode tcp-port-check timer config slb gogo-mode 29 tcp-port-check timer ftp frequency 15 timeout 45 History This command was first available in ExtremeWare 6.1.5. Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 396: Config Slb L4-Port

    SLB Commands config slb L4-port config slb L4-port [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>] [treaper-timeout <seconds> } udp-idle-timeout <seconds>] Description Configures the inactive period for TCP or UDP before the connection is aged out.
  • Page 397 config slb L4-port History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 398: Config Slb Node Max-Connections

    SLB Commands config slb node max-connections config slb node <ip address>:[ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>] max-connections <number>...
  • Page 399 config slb node max-connections Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 400: Config Slb Node Ping-Check

    SLB Commands config slb node ping-check config slb node <ip address> ping-check frequency <seconds> timeout <seconds> Description Overrides the global default frequency and timeout values for this node. Syntax Description ip address Specifies the IP address of the node. frequency Specifies the frequency of the ping check.

  • Page 401: Config Slb Node Tcp-Port-Check

    config slb node tcp-port-check config slb node tcp-port-check config slb node <ip address>:[ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>] tcp-port-check frequency <seconds>...
  • Page 402 SLB Commands History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 403: Config Slb Pool Add

    config slb pool add config slb pool add config slb pool <pool name> add <ip address>:[ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>] {ratio <number>...
  • Page 404 SLB Commands To configure a pool to use the ratio load balancing method, use the following command: config slb pool <pool name> lb-method ratio Higher priority numbers indicate higher priority. To configure a pool to use the priority load balancing method, use the following command: config slb pool <pool name>...

  • Page 405: Config Slb Pool Delete

    config slb pool delete config slb pool delete config slb pool <pool name> delete <ip address>:[ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>] Description Deletes a node from a pool.
  • Page 406 SLB Commands Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 407: Config Slb Pool Lb-Method

    config slb pool lb-method config slb pool lb-method config slb pool <pool name> lb-method [round-robin | ratio | priority | least-connections] Description Configures the SLB load balancing method. Syntax Description pool name Specifies a pool. round-robin Specifies the round robin load balancing method. ratio Specifies the ratio load balancing method.

  • Page 408: Config Slb Pool Member

    SLB Commands config slb pool member config slb pool <pool name> member <ip address>:[ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>] [ratio <number>...
  • Page 409 config slb pool member History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 410: Config Slb Proxy-Client-Persistence

    SLB Commands config slb proxy-client-persistence config slb proxy-client-persistence [add | delete] <ip address>/<netmask> Description Configures a client subnet that should be treated as one persistent entity. Syntax Description ip address/netmask Specifies an IP address and netmask. Default N/A. Usage Guidelines Use this command to force all clients from the specified proxy array to connect to the same physical server.

  • Page 411: Config Slb Vip

    config slb vip config slb vip config slb vip <vip name> unit [number] Description Configures the unit number for active-active failover. Syntax Description vip name Specifies a virtual server. unit Specifies a unit identifier on a virtual server. The range is 1 to 16. Default The default unit is 1.

  • Page 412: Config Slb Vip Client-Persistence-Timeout

    The default is 3600. client-persistence-timeout Usage Guidelines Extreme Networks recommends that you specify a short client persistence timeout, because longer timeout values consume more memory. Example The following command configures the virtual server “ftp” with a client persistence timeout of 3000...

  • Page 413: Config Slb Vip Max-Connections

    config slb vip max-connections config slb vip max-connections config slb vip <vip name> max-connections <number> Description Configures the maximum connections allowed to a particular virtual server. Syntax Description vip name Specifies a virtual server. max-connections Specifies the maximum number of connections allowed to a virtual server. The range is 0 to 999,999,999.

  • Page 414: Config Slb Vip Service-Check Frequency

    SLB Commands config slb vip service-check frequency config slb vip <vip name> service-check frequency <seconds> timeout <seconds> Description Configures the layer 7 service check frequency and timeout for a particular virtual server. Syntax Description vip name Specifies a virtual server. frequency Specifies the frequency of the service check.

  • Page 415: Config Slb Vip Service-Check Ftp

    Usage Guidelines This command automatically enables service checking. If you do not enter a password, you are prompted for the password twice. Extreme Networks recommends that you use a password. The FTP service check provides a more thorough check than ping check, because the FTP service check logs into the service.

  • Page 416: Config Slb Vip Service-Check Http

    The HTTP service check provides a more thorough check than ping check, because the HTTP service check connects to a specific URL and checks for a specific text string. Extreme Networks recommends that you create a specific URL dedicated to this check.
  • Page 417 config slb vip service-check http Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 418: Config Slb Vip Service-Check Nntp

    SLB Commands config slb vip service-check nntp config slb vip <vip name> service-check nntp <newsgroup> Description Configures layer 7 NNTP service checking for a specific virtual server. Syntax Description vip name Specifies a virtual server. newsgroup Specifies a newsgroup. Default N/A.

  • Page 419: Config Slb Vip Service-Check Pop3

    Usage Guidelines This command automatically enables service checking. If you do not enter a password, you are prompted for the password twice. Extreme Networks recommends that you use a password. The POP3 service check provides a more thorough check than ping check, because the POP3 service check logs into the service.

  • Page 420: Config Slb Vip Service-Check Smtp

    SLB Commands config slb vip service-check smtp config slb vip <vip name> service-check smtp {<dns domain>} Description Configures layer 7 SMTP service checking for a specific virtual server. Syntax Description vip name Specifies a virtual server. dns domain Specifies the domain to check. Default N/A.

  • Page 421: Config Slb Vip Service-Check Telnet

    Usage Guidelines This command automatically enables service checking. If you do not enter a password, you are prompted for the password twice. Extreme Networks recommends that you use a password. The telnet service check provides a more thorough check than ping check, because the telnet service check logs into the service.

  • Page 422: Config Vlan Slb-Type

    SLB Commands config vlan slb-type config vlan <vlan name> slb-type [server | client | both | none] Description Marks a VLAN as either a server VLAN or a client VLAN. Syntax Description server Configures the VLAN as a server VLAN. client Configures the VLAN as a client VLAN.

  • Page 423: Create Flow-Redirect

    create flow-redirect create flow-redirect create flow-redirect <flow redirect> [any | tcp | tup | udp] destination [<ip address> / <mask> | any] ip-port [<port> | any] source [<ip address> / <mask> | any] Description Creates a flow redirect policy. Syntax Description flow redirect Specifies a flow redirect policy.

  • Page 424: Create Slb Pool

    SLB Commands create slb pool create slb pool <pool name> {lb-method [least-connections | priority | ratio | round-robin]} Description Creates a server pool and optionally assigns a load-balancing method to the pool. Syntax Description pool name Specifies a pool. lb-method Specifies the load-balancing method.

  • Page 425: Create Slb Vip

    create slb vip create slb vip create slb vip <vip name> pool <pool name> mode [transparent | translation | port-translation] <ip address> {- <upper range>} : <L4 port> {unit <number>} Description Creates one or more new virtual servers. Syntax Description vip name Specifies a virtual server.

  • Page 426: Delete Flow-Redirect

    SLB Commands delete flow-redirect delete flow-redirect <flow redirect> Description Deletes a flow redirect policy. Syntax Description flow redirect Specifies a flow redirect policy. Default N/A. Usage Guidelines To rename or modify a flow redirect policy, you must delete and recreate the flow redirect policy. Example The following command deletes a flow redirect policy named “http”: delete flow-redirect http...

  • Page 427: Delete Slb Pool

    delete slb pool delete slb pool delete slb pool [<pool name> | all] Description Deletes a server pool. Syntax Description pool name Specifies a pool. Specifies all pools. Default N/A. Usage Guidelines You must first delete all virtual servers before deleting the pool. To delete a virtual server, use the following command: delete slb vip Example...

  • Page 428: Delete Slb Vip

    SLB Commands delete slb vip delete slb vip [<vip name> | all] Description Deletes one or all virtual servers. Syntax Description vip name Specifies a virtual server. Specifies all virtual servers. Default N/A. Usage Guidelines You must use this command to delete all virtual servers from a pool before deleting the pool. Example The following command the virtual server named “http_vip”: delete slb pool http_vip...

  • Page 429: Disable Flow-Redirect

    disable flow-redirect disable flow-redirect disable flow-redirect [all | <flow redirect>] Description Disables flow redirect. Syntax Description Specifies all flow policies. flow redirect Specifies a single flow redirect policy. Default The default parameter is all. Flow redirect is disabled by default. Usage Guidelines When you create a new flow redirect policy, flow redirect is automatically enabled.

  • Page 430: Disable Slb

    SLB Commands disable slb disable slb Description Disables SLB processing. Syntax Description This command has no arguments or variables. Default SLB is disabled by default. Usage Guidelines Disabling SLB causes the following to occur: • Closes all connections. • Withdraws virtual server routes or routes that do not respond with proxy ARP responses of virtual server addresses.

  • Page 431: Disable Slb 3Dns

    disable slb 3dns disable slb 3dns disable slb 3dns iquery-client Description Disables 3DNS support. Syntax Description This command has no arguments or variables. Default 3DNS is disabled by default. Usage Guidelines To enable 3DNS, use the following command: enable slb 3dns iquery-client Example The following command disables 3DNS: disable slb 3dns iquery-client...

  • Page 432: Disable Slb Failover

    SLB Commands disable slb failover disable slb failover Description Disables the SLB failover mechanism. Syntax Description This command has no arguments or variables. Default SLB failover is disabled by default. Usage Guidelines To enable SLB failover, use the following command: enable slb failover Example The following command disables SLB failover:...

  • Page 433: Disable Slb Failover Manual-Failback

    disable slb failover manual-failback disable slb failover manual-failback disable slb failover manual-failback Description Disables manual failback. Syntax Description This command has no arguments or variables. Default Manual failback is disabled by default. Usage Guidelines To enable manual failback, use the following command: enable slb failover manual-failback Example The following command disables manual failback:...

  • Page 434: Disable Slb Failover Ping-Check

    SLB Commands disable slb failover ping-check disable slb failover ping-check Description Disables ping-check to an external gateway. Syntax Description This command has no arguments or variables. Default Ping-check is disabled by default. Usage Guidelines To enable ping-check, use the following command: enable slb failover ping-check Example The following command disables ping-check:...

  • Page 435: Disable Slb Global Synguard

    disable slb global synguard disable slb global synguard disable slb global synguard Description Disables the TCP SYN-guard feature. Syntax Description This command has no arguments or variables. Default SYN-guard is disabled by default. Usage Guidelines To enable SYN-guard, use the following command: enable slb global synguard Example The following command disables SYN-guard:...

  • Page 436: Disable Slb Gogo-Mode

    SLB Commands disable slb gogo-mode disable slb gogo-mode <port number> Description Disables GoGo mode processing. Syntax Description port number Specifies the GoGo mode master port. Default GoGo mode is disabled by default. Usage Guidelines Before you disable GoGo mode, disconnect the servers, as they all have identical MAC and IP addresses, which can cause VLAN conflicts.

  • Page 437: Disable Slb Gogo-Mode Ping-Check

    disable slb gogo-mode ping-check disable slb gogo-mode ping-check disable slb gogo-mode <port number> ping-check Description Disables layer-3 ping-check to this GoGo mode group. Syntax Description port number Specifies the GoGo mode master port. Default GoGo mode ping check is disabled by default. Usage Guidelines To enable ping-check for a GoGo mode group, use the following command: enable slb gogo-mode <port number>...

  • Page 438: Disable Slb Gogo-Mode Service-Check

    SLB Commands disable slb gogo-mode service-check disable slb gogo-mode <port number> service-check [all | ftp | http | nntp | pop3 | smtp | telnet | <TCP port number>] Description Disables layer 7 service check to this GoGo mode group. Syntax Description port number Specifies the GoGo mode master port.

  • Page 439: Disable Slb Gogo-Mode Tcp-Port-Check

    disable slb gogo-mode tcp-port-check disable slb gogo-mode tcp-port-check disable slb gogo-mode <port number> tcp-port-check [all | ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP port number>] Description Disables layer 4 TCP-port-check to this GoGo mode group.
  • Page 440 SLB Commands Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 441: Disable Slb L4-Port

    disable slb L4-port disable slb L4-port disable slb L4-port [all | ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>] Description Disables one or all SLB ports.

  • Page 442: Disable Slb Node

    SLB Commands disable slb node disable slb node [all | <ip address> : [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>]] {close-connections-now} Description Disables one or all nodes.
  • Page 443 disable slb node disable slb node all close-connections-now History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 444: Disable Slb Node Ping-Check

    SLB Commands disable slb node ping-check disable slb node [all | <ip address>] ping-check Description Disables layer 3 ping-check. Syntax Description Specifies all nodes. ip address Specifies the IP address of the node. Default Ping-check is disabled by default. Usage Guidelines Ping-check is automatically enabled when a node is added to a pool.

  • Page 445: Disable Slb Node Tcp-Port-Check

    disable slb node tcp-port-check disable slb node tcp-port-check disable slb node [all | <ip address> : [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>]] tcp-port-check Description Disables layer 4 TCP-port-checking.
  • Page 446 SLB Commands Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 447: Disable Slb Proxy-Client-Persistence

    disable slb proxy-client-persistence disable slb proxy-client-persistence disable slb proxy-client-persistence Description Disables proxy client persistence. Syntax Description This command has no arguments or variables. Default Proxy client persistence is disabled by default. Usage Guidelines To enable proxy client persistence, use the following command: enable slb proxy-client-persistence Example The following command disables proxy client persistence:...

  • Page 448: Disable Slb Vip

    SLB Commands disable slb vip disable slb vip [all | <vip name> | ipaddress <ip address> : [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>]] {close-connections-now} Description Disables one or all virtual servers.
  • Page 449 disable slb vip History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 450: Disable Slb Vip Client-Persistence

    SLB Commands disable slb vip client-persistence disable slb vip [all | <vip name>] client-persistence Description Disables client persistence. Syntax Description Specifies all virtual servers. vip name Specifies a virtual server. Default Client persistence is disabled by default. Usage Guidelines To enable client persistence, use the following command: enable slb vip client-persistence Example The following command disables client persistence for the virtual server “ftp_vip”:...

  • Page 451: Disable Slb Vip Service-Check

    disable slb vip service-check disable slb vip service-check disable slb vip [all | <vip name>] service-check Description Disables layer 7 service-check. Syntax Description Specifies all virtual servers. vip name Specifies a virtual server. Default Service-check is disabled by default. Usage Guidelines To enable service-check, use the following command: enable slb vip service-check Example...

  • Page 452: Disable Slb Vip Sticky-Persistence

    SLB Commands disable slb vip sticky-persistence disable slb vip [all | <vip name>] sticky-persistence Description Disables sticky persistence. Syntax Description Specifies all virtual servers. vip name Specifies a virtual server. Default Sticky persistence is disabled by default. Usage Guidelines To enable sticky persistence, use the following command: enable slb vip sticky-persistence Example The following command disables sticky persistence for the virtual server “ftp_vip”:...

  • Page 453: Disable Slb Vip Svcdown-Reset

    disable slb vip svcdown-reset disable slb vip svcdown-reset disable slb vip [all | <vip name>] svcdown-reset Description Disables svcdown-reset. Syntax Description Specifies all virtual servers. vip name Specifies a virtual server. Default The svcdown-reset feature is disabled by default. Usage Guidelines To enable svcdown-reset, use the following command: enable slb vip svcdown-reset Example...

  • Page 454: Enable Flow-Redirect

    SLB Commands enable flow-redirect enable flow-redirect [all | <flow redirect>] Description Enables flow redirect. Syntax Description Specifies all flow policies. flow redirect Specifies a single flow redirect policy. Default The default parameter is all. Flow redirection is disabled by default. Usage Guidelines When you create a new flow redirect policy, flow redirect is automatically enabled.

  • Page 455: Enable Slb

    enable slb enable slb enable slb Description Enables SLB processing. Syntax Description This command has no arguments or variables. Default SLB is disabled by default. Usage Guidelines This command activates the following functions for transparent, translational, and port translation modes: •...

  • Page 456: Enable Slb 3Dns

    SLB Commands enable slb 3dns enable slb 3dns iquery-client Description Enables 3DNS support. Syntax Description This command has no arguments or variables. Default 3DNS is disabled by default. Usage Guidelines The following 3DNS global balance modes are supported: • completion •...

  • Page 457: Enable Slb Failover

    enable slb failover enable slb failover enable slb failover Description Enables SLB failover. Syntax Description This command has no arguments or variables. Default Failover is disabled by default. Usage Guidelines When SLB failover is enabled, the primary SLB switch automatically resumes primary status when it becomes active.

  • Page 458: Enable Slb Failover Manual-Failback

    SLB Commands enable slb failover manual-failback enable slb failover manual-failback Description Enables manual failback. Syntax Description This command has no arguments or variables. Default Manual failback is disabled by default. Usage Guidelines When manual failback is enabled, the primary SLB switch does not automatically resume primary status until you use the following command: config slb failover failback-now To disable manual failback, use the following command:...

  • Page 459: Enable Slb Failover Ping-Check

    enable slb failover ping-check enable slb failover ping-check enable slb failover ping-check Description Enables ping-check. Syntax Description This command has no arguments or variables. Default Ping-check is disabled by default. Usage Guidelines To disable ping-check, use the following command: disable slb failover ping-check Example The following command enables ping-check: enable slb failover ping-check...

  • Page 460: Enable Slb Global Synguard

    SLB Commands enable slb global synguard enable slb global synguard Description Enables the TCP SYN-guard feature. Syntax Description This command has no arguments or variables. Default SYN-guard is disabled by default. Usage Guidelines To disable SYN-guard, use the following command: disable slb global synguard Example The following command enables SYN-guard:...

  • Page 461: Enable Slb Gogo-Mode

    enable slb gogo-mode enable slb gogo-mode enable slb gogo-mode <port number> grouping <port list> Description Enables GoGo mode processing for a group of ports. Syntax Description port number Specifies the GoGo mode master port. port list Specifies a range or list of ports assigned to the group. Default GoGo mode is disabled by default.

  • Page 462: Enable Slb Gogo-Mode Ping-Check

    SLB Commands enable slb gogo-mode ping-check enable slb gogo-mode <port number> ping-check <ip address> Description Enables layer-3 ping-check for the GoGo mode group. Syntax Description port number Specifies the GoGo mode master port. ip address Specifies an IP address to be pinged. Default GoGo mode ping check is disabled by default.

  • Page 463: Enable Slb Gogo-Mode Service-Check

    enable slb gogo-mode service-check enable slb gogo-mode service-check enable slb gogo-mode <port number> service-check [all | ftp | http | nntp | pop3 | smtp | telnet | <TCP port number>] Description Enables layer 7 service checking for the GoGo mode group. Syntax Description port number Specifies the GoGo mode master port.

  • Page 464: Enable Slb Gogo-Mode Tcp-Port-Check

    SLB Commands enable slb gogo-mode tcp-port-check enable slb gogo-mode <port number> tcp-port-check [all | ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP port number>] Description Enables layer 4 TCP-port-check for the GoGo mode group.
  • Page 465 enable slb gogo-mode tcp-port-check Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 466: Enable Slb L4-Port

    SLB Commands enable slb L4-port enable slb L4-port [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>] Description Enables an SLB port.

  • Page 467: Enable Slb Node

    enable slb node enable slb node enable slb node [all | <ip address> : [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>]] Description Enables one or all nodes.
  • Page 468 SLB Commands History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 469: Enable Slb Node Ping-Check

    enable slb node ping-check enable slb node ping-check enable slb node [all | <ip address>] ping-check Description Enables layer 3 ping-check. Syntax Description Specifies all nodes. ip address Specifies the IP address of the node. Default Ping-check is enabled by default. Usage Guidelines Ping-check is automatically enabled when a node is added to a pool.

  • Page 470: Enable Slb Node Tcp-Port-Check

    SLB Commands enable slb node tcp-port-check enable slb node [all | <ip address> : [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>]] tcp-port-check Description Enables layer 4 TCP-port-check.
  • Page 471 enable slb node tcp-port-check Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 472: Enable Slb Proxy-Client-Persistence

    SLB Commands enable slb proxy-client-persistence enable slb proxy-client-persistence Description Enables proxy client persistence. Syntax Description This command has no arguments or variables. Default Proxy client persistence is disabled by default. Usage Guidelines To disable proxy client persistence, use the following command: disable slb proxy-client-persistence Example The following command enables proxy client persistence:...

  • Page 473: Enable Slb Vip

    enable slb vip enable slb vip enable slb vip [all | <vip name> | ipaddress <ip address> : [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>]] Description Enables one or all virtual servers.
  • Page 474 SLB Commands Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 475: Enable Slb Vip Client-Persistence

    enable slb vip client-persistence enable slb vip client-persistence enable slb vip [all | <vip name>] client-persistence {netmask <netmask>} Description Enables client persistence. Syntax Description Specifies all virtual servers. vip name Specifies a virtual server. netmask Specifies a netmask. Default The default is disabled. Usage Guidelines To disable client persistence, use the following command: disable slb vip client-persistence...

  • Page 476: Enable Slb Vip Service-Check

    SLB Commands enable slb vip service-check enable slb vip [all | <vip name>] service-check Description Enables layer 7 service check. Syntax Description Specifies all virtual servers. vip name Specifies a virtual server. Default Service-check is disabled by default. Usage Guidelines The service checks are based on the following information: •...

  • Page 477: Enable Slb Vip Sticky-Persistence

    enable slb vip sticky-persistence enable slb vip sticky-persistence config slb vip [all | <vip name>] sticky-persistence {netmask <netmask>} Description Enables the sticky persistence feature and specifies the client address mask. Syntax Description Specifies all virtual servers. vip name Specifies a virtual server. netmask Specifies a netmask.

  • Page 478: Enable Slb Vip Svcdown-Reset

    SLB Commands enable slb vip svcdown-reset enable slb vip [all | <vipname>] svcdown-reset Description Enables svcdown-reset. Syntax Description Specifies all virtual servers. vip name Specifies a virtual server. Default The svcdown-reset feature is disabled by default. Usage Guidelines The svcdown-reset feature configures the switch to send TCP RST packets to both the clients and the virtual server if the virtual server fails a health-check.

  • Page 479: Show Flow-Redirect

    show flow-redirect show flow-redirect show flow-redirect <flow redirect> Description Displays the current flow redirect configuration and statistics. Syntax Description flow redirect Specifies a flow redirect policy. Default N/A. Usage Guidelines If you do not specify a flow redirect policy, configuration and statistics for all flow redirect policies are displayed.
  • Page 480 SLB Commands Service Checking: Displays the configured service check type. • • http • L4-port • nntp • ping • pop3 • smtp • telnet IP Address Displays the IP address of the next hop. State Displays the status of the next hop, either up or down. Flow Info Displays hardware mapping information.

  • Page 481: Show Slb 3Dns Members

    show slb 3dns members show slb 3dns members show slb 3dns members Description Displays the current connection information between the switch and the 3DNS querier. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays the current 3DNS information: show slb 3dns members History...

  • Page 482: Show Slb Connections

    SLB Commands show slb connections show slb connections [ipaddress <ip address>: [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>] | vip <vip name>] Description Displays information on current connections.

  • Page 483: Show Slb Esrp

    show slb esrp show slb esrp show slb esrp Description Displays SLB configuration for ESRP. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays the current ESRP configuration: show slb esrp Following is the output from this command: VLAN Name SLB Unit Status SLB Unit(s)

  • Page 484: Show Slb Failover

    SLB Commands show slb failover show slb failover Description Displays SLB failover configuration and status. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines command also displays SLB failover configuration and status. show slb global Example The following command displays the current SLB failover configuration and status: show slb failover Following is the output from this command:...
  • Page 485 show slb failover History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 486: Show Slb Global

    SLB Commands show slb global show slb global Description Displays the current SLB global configuration information. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Displays the following: • Global enable/disable mode • Global modes • Default settings for health checker •...
  • Page 487 show slb global Password: (not shown) SMTPDomain: "mydomain.com" NNTP Newsgroup: "ebusiness" User: anonymous Password: (not shown) POP3User: anonymous Password: (not shown) SLB Failover Configuration: Failover: Enabled Local unit ID: 1 Local IP address: 10.1.1.1 Remote IP address: 10.1.1.2 TCP port number: 1028 Remote Alive frequency: 1 Remote Dead frequency: 2 Keepalive Timeout: 3...

  • Page 488: Show Slb Gogo-Mode

    SLB Commands show slb gogo-mode show slb gogo-mode <port number> {configuration} Description Displays GoGo mode ping-check, TCP-port-check, and service-check status. Syntax Description port number Specifies the GoGo mode master port. configuration Displays configuration instead of status. Default N/A. Usage Guidelines If you do not specify a master port, status for all GoGo mode groups with health checks configured is displayed.

  • Page 489: Show Slb L4-Port

    show slb L4-port show slb L4-port show slb L4-port [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>] Description Displays the SLB configuration for the active layer 4 ports.

  • Page 490: Show Slb Node

    SLB Commands show slb node show slb node {<ip address> [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>]} Description Displays node configuration and status.
  • Page 491 show slb node Following is the output from this command: Freq/ TCP/UDP Frequency/Max Node IP Address Flags Timeout Port Flags Timeout#PoolsConns 1.111.1.1 E--H-- 10/30 E--- 30/90 2(no limit) 1.111.1.2 E--H-- 10/30 E--- 30/90 2(no limit) 1.111.1.3 E--H-- 10/30 E--- 30/90 2(no limit) Flags: E - Enable, U - Up, R - IP Route Up,...

  • Page 492: Show Slb Persistence

    SLB Commands show slb persistence show slb persistence Description Displays persistence status of existing clients. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays the current persistence status: show slb persistence History This command was first available in ExtremeWare 6.1.

  • Page 493: Show Slb Pool

    show slb pool show slb pool show slb pool <pool name> Description Displays the current SLB pool configuration and status. Syntax Description pool name Specifies a pool. Default N/A. Usage Guidelines If you do not specify a pool, configuration and status for all pools is displayed. Example The following command displays the current pool configuration and statistics for all pools, currently “rr_pool”...
  • Page 494 SLB Commands Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 495: Show Slb Stats

    show slb stats show slb stats show slb stats [pool <pool name> | vip <vip name>] Description Displays the current SLB pool connection status. Syntax Description pool name Specifies a pool. vip name Specifies a virtual server. Default N/A. Usage Guidelines If you specify but do not specify a specific pool, status for all pools is displayed.

  • Page 496: Show Slb Vip

    SLB Commands show slb vip show slb vip [<vip name> | ipaddress <ip address> : [ftp | http | https | imap4 | ldap | nntp | pop3 | smtp | socks | telnet | tftp | web | www | <TCP or UDP port number>]] {detail} Description Displays the current virtual server configuration and statistics.
  • Page 497 show slb vip Following is the output from this command: Unit Export # Servers Name IP Address Port -- Mode -- FlagsPool Up/Defined ratio_vip 4.1.1.100 EUA-----ratio_po0/3 rr_vip 10.1.1.10 EUA----!rr_pool0/3 Modes: TP - Transparent, TL - Translational, PT - Port Translational Automatically Exported via: PA - Proxy Arp, HR - Host Route, SR - Subnet Route Flags: E - Enable, U - Up,...

  • Page 498: Unconfig Slb All

    SLB Commands unconfig slb all unconfig slb all Description Resets SLB global defaults and clears the SLB configuration. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This command does not delete nodes, pools, or virtual servers. To delete all nodes and pools, use the following command: delete slb pool all To delete all virtual servers, use the following command:...

  • Page 499: Unconfig Slb Gogo-Mode Health-Check

    unconfig slb gogo-mode health-check unconfig slb gogo-mode health-check unconfig slb gogo-mode <port number> health-check Description Disables and deletes all the ping-check, TCP-port-check, and service-check configurations for this GoGo mode group. Syntax Description port number Specifies the GoGo mode master port. Default N/A.

  • Page 500: Unconfig Slb Gogo-Mode Service-Check

    SLB Commands unconfig slb gogo-mode service-check unconfig slb gogo-mode <port number> service-check [all | ftp | http | nntp | pop3 | smtp | telnet | <TCP port number>] Description Disables and deletes the GoGo mode service-check configuration. Syntax Description port number Specifies the GoGo mode master port.

  • Page 501: Unconfig Slb Vip Service-Check

    unconfig slb vip service-check unconfig slb vip service-check unconfig slb vip [all | <vip name>] service-check Description Disables and deletes the service check configuration. Syntax Description Specifies all virtual servers. vip name Specifies a virtual server. Default N/A. Usage Guidelines None.
  • Page 502 SLB Commands ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 503 Commands for Status Monitoring and Statistics This chapter describes: • Commands for configuring and managing the syslog • Commands for enabling and disabling the syslog • Commands for enabling and disabling NetFlow flow statistics collection • Commands for configuring flow-collection port and filtering options •...
  • Page 504 Commands for Status Monitoring and Statistics — VLAN: VLAN-related configuration information. — Port: Port management-related configuration. Examples include port statistics and errors. • Message: The message contains the log information with text that is specific to the problem. The switch maintains 1,000 messages in its internal log. You can display a snapshot of the log at any time.

  • Page 505: Clear Counters

    clear counters clear counters clear counters Description Clears all switch statistics and port counters, including port packet statistics, bridging statistics, IP statistics, and MPLS statistics. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines You should view the switch statistics and port counters before you clear them. Use the show switch command to view switch statistics.

  • Page 506: Clear Log

    Commands for Status Monitoring and Statistics clear log clear log {diag-status | static} Description Clears the log database. Syntax Description diag-status Diagnostic status level static If static is specified, the warning and critical messages are also cleared, and the ERR LED on the master MSM64i is cleared. Default N/A.

  • Page 507: Config Flowstats Export Add Port

    config flowstats export add port config flowstats export add port config flowstats export <group#> add [<ipaddress> | <hostname>] <udp_port> Description Adds a flow-collector device to an export group to which NetFlow datagrams are exported. Syntax Description group# Specifies the export group to which the specified flow-collector device should be added.

  • Page 508: Config Flowstats Export Delete Port

    Commands for Status Monitoring and Statistics config flowstats export delete port config flowstats export <group#> delete [<ipaddress> | <hostname>] <udp_port> Description Removes a flow-collector device from an export group to which NetFlow datagrams are exported. Syntax Description group# Specifies the export group to which the specified flow-collector device belongs. The group number is an integer in the range of 1-32.

  • Page 509: Config Flowstats Filter Ports

    config flowstats filter ports config flowstats filter ports config flowstats filter <filter#> {aggregation} {export <group#>} ports <portlist> [ingress | egress] <filterspec> Description Configures a flow record filter for the specified ports. Syntax Description filter# The filter# parameter is an integer in the range from 1 to 8 that identifies the filter being defined.
  • Page 510 Commands for Status Monitoring and Statistics Each Ethernet port supports eight filters for ingress flows. Conceptually, the filters work by ANDing the contents of each of the five components of a forwarded flow with the associated masks from the first defined filter (filter #1). Statistics are maintained if the results of the AND operations match the configured filter values for all fields of the sequence.

  • Page 511: Config Flowstats Source

    config flowstats source config flowstats source config flowstats source ipaddress <ipaddress> Description Configures the IP address that is to be used as the source IP address for NetFlow datagrams to be exported. Syntax Description ipaddress Specifies the IP address of a VLAN to be used as the source address for the Net FL ow datagrams.

  • Page 512: Config Flowstats Timeout Ports

    Commands for Status Monitoring and Statistics config flowstats timeout ports config flowstats timeout <minutes> ports [<portlist> | all] Description Configures the timeout value for flow records on the specified ports. Syntax Description minutes Specifies the number of minutes to use in deciding when to export flow records.

  • Page 513: Config Log Display

    config log display config log display config log display {<severity>} Description Configures the real-time log display. Syntax Description severity Specifies a message severity. Severities include emergency, alert, critical, error, warning, info, notice, and debug. Default If not specified, only critical, alert, and emergency severity messages are sent to the syslog host. Usage Guidelines You must enable the log display before you can configure the log display.

  • Page 514: Config Sys-Health-Check Alarm-Level

    Commands for Status Monitoring and Statistics config sys-health-check alarm-level config sys-health-check alarm-level [log | system-down | traps | auto-recovery <number of tries> [online | offline]] Description Configures the system health checker. Syntax Description Posts a CRIT message to the log. system-down Posts a CRIT message to the log, sends a trap, and turns off the system.
  • Page 515 config sys-health-check alarm-level In ExtremeWare versions prior to 6.2, you cannot use both mirroring and the system health checker at the same time. If you configure mirroring with the system health checker enabled, the health checker will indicate that it has been disabled by sending a message to the syslog. In ExtremeWare 6.2 or later, this restriction does not apply.
  • Page 516 Commands for Status Monitoring and Statistics Example The following command configures the system health checker to post a CRIT message to the log and send a trap: config sys-health-check alarm-level traps History This command was first available in ExtremeWare 6.1.9. The system health check functionality was modified in ExtremeWare 6.2.1 to support packet memory defect detection and mapping on selected I/O modules.

  • Page 517: Config Sys-Health-Check Auto-Recovery

    config sys-health-check auto-recovery config sys-health-check auto-recovery config sys-health-check auto-recovery <number of tries> [offline | online] Description Configures the system health checker. Syntax Description number of tries Specifies the number of times that the health checker attempts to auto-recover a faulty module. The range is from 0 through 255 times. Default is 3 times. offline Specifies that a faulty module is taken offline and kept offline if one of the following occurs:...
  • Page 518 Commands for Status Monitoring and Statistics option configures the number of times the system health checker attempts to auto-recovery automatically reset a faulty module and bring it online. If the system health checker fails more than the configured number of attempts, it sets the module to card-down. In ExtremeWare 6.2.1 or later, when auto-recovery is configured, the occurrence of three consecutive checksum errors will cause the packet memory (PM) defect detection program to be run against the I/O module.
  • Page 519 config sys-health-check auto-recovery If the faulty module is a master MSM64i and there is no slave MSM64i, the system continues operation in a “limited commands” mode. In the “limited commands” mode, the I/O slots are not initialized, and only commands that do no affect the switch hardware configuration are allowed. If the faulty module is a slave MSM64i, the fault is recorded in the slave’s MSM64i’s NVRAM and the slave MSM64i is taken offline.

  • Page 520: Config Syslog

    Commands for Status Monitoring and Statistics config syslog config syslog {add} [<hostname> | <ip_address>] <facility> {<severity>} Description Configures the syslog host address, and filters messages to be sent to the syslog host. Syntax Description hostname Species the hostname of the syslog host. ip_address Specifies an IP address of the syslog host.
  • Page 521 config syslog Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 522: Config Syslog Delete

    Commands for Status Monitoring and Statistics config syslog delete config syslog delete [<hostname> | <ip_address>] <facility> {<severity>} Description Deletes a syslog host address. Syntax Description hostname Species the hostname of the syslog host. ip_address Specifies an IP address of the syslog host. facility Specifies a syslog facility level.

  • Page 523: Config Sys-Recovery-Level

    config sys-recovery-level config sys-recovery-level config sys-recovery-level [none | [critical | all] [shutdown | reboot | msm-failover | system-dump [shutdown | reboot | msm-failover | maintenance-mode]]] Description Configures a recovery option for instances where an exception occurs in ExtremeWare. Syntax Description none Configures the level to no recovery.
  • Page 524 Commands for Status Monitoring and Statistics For version 6.2.2 or later, if is specified on a BlackDiamond switch and there is a msm-failover software exception on the master MSM64i, the interrupt handler triggers the slave MSM64i to take over control of the switch. Example The following command configures a switch to reboot after a critical task exception occurs: config sys-recovery-level critical reboot...

  • Page 525: Disable Cli-Config-Logging

    disable cli-config-logging disable cli-config-logging disable cli-config-logging Description Disables the logging of CLI configuration commands to the switch Syslog. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines command discontinues the recording of all switch configuration disable cli-config-logging changes and their sources that are made using the CLI via Telnet or the local console.

  • Page 526: Disable Flowstats

    Commands for Status Monitoring and Statistics disable flowstats disable flowstats Description Disables the flow statistics feature on the switch. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines When this feature is disabled, no flow records are exported. Example The following command disables the NetFlow statistics feature on this switch: disable flowstats...

  • Page 527: Disable Flowstats Filter Ports

    disable flowstats filter ports disable flowstats filter ports disable flowstats filter <filter#> ports <portlist> {ingress | egress} Description Disables a specified flow record filter for the specified ports. Syntax Description filter# Specifies the flow record filter that should be disabled. portlist Specifies a list of ports or slots and ports for which the filter should be disabled.
  • Page 528 Commands for Status Monitoring and Statistics Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 529: Disable Flowstats Ping-Check

    disable flowstats ping-check disable flowstats ping-check disable flowstats ping-check {<group#>} Description Disables the flow statistics ping-check function for a specified group of collector devices. Syntax Description group# Specifies the export group for which the ping-check function should be disabled. Default Disabled.

  • Page 530: Disable Flowstats Ports

    Commands for Status Monitoring and Statistics disable flowstats ports disable flowstats ports <portlist> Description Disables the flow statistics function on the specified ports. Syntax Description portlist Specifies a list of ports or slots and ports for which the flowstats function should be disabled.

  • Page 531: Disable Log Display

    disable log display disable log display disable log display Description Disables the log display. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines If the log display is disabled, log information is no longer written to the serial console. Example The following command disables the log display: disable log display...

  • Page 532: Disable Rmon

    Commands for Status Monitoring and Statistics disable rmon disable rmon Description Disables the collection of RMON statistics on the switch. Syntax Description This command has no arguments or variables. Default By default, RMON is disabled. However, even in the disabled state, the switch responds to RMON queries and sets for alarms and events.

  • Page 533: Disable Sys-Health-Check

    disable sys-health-check disable sys-health-check disable sys-health-check Description Disables the BlackDiamond system health checker. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines If the system health checker is disabled, it does not test I/O modules, MSM64i modules, and the backplane for system faults.

  • Page 534: Disable Syslog

    Commands for Status Monitoring and Statistics disable syslog disable syslog Description Disables logging to a remote syslog host. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines Disables logging to a remote syslog host, not to the switch syslog. Example The following command disables logging to a remote syslog host: disable syslog...

  • Page 535: Enable Cli-Config-Logging

    enable cli-config-logging enable cli-config-logging enable cli-config-logging Description Enables the logging of CLI configuration commands to the Syslog for auditing purposes. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines ExtremeWare allows you to record all configuration changes and their sources that are made using the CLI by way of Telnet or the local console.

  • Page 536: Enable Flowstats

    Commands for Status Monitoring and Statistics enable flowstats enable flowstats Description Enables the flow statistics feature on the switch. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines None. Example The following command enables NetFlow statistics feature on this switch: enable flowstats History This command was first available in ExtremeWare 6.2.

  • Page 537: Enable Flowstats Filter Ports

    enable flowstats filter ports enable flowstats filter ports enable flowstats filter <filter#> ports <portlist> {ingress | egress} Description Enables a specified flow record filter for the specified ports. Syntax Description filter# Specifies the flow record filter that should be enabled. portlist Specifies the ports or slots and ports for which the filter should be enabled.

  • Page 538: Enable Flowstats Ping-Check

    Commands for Status Monitoring and Statistics enable flowstats ping-check enable flowstats ping-check {<group#>} Description Enables the flow statistics ping-check function for a specified group of collector devices. Syntax Description group# Specifies the export group for which the ping-check function should be enabled.

  • Page 539: Enable Flowstats Ports

    enable flowstats ports enable flowstats ports enable flowstats ports <portlist> Description Enables the flow statistics function on the specified ports. Syntax Description portlist Specifies a list of ports or slots and ports for which the flowstats function should be enabled. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8. Default Disabled.

  • Page 540: Enable Log Display

    Commands for Status Monitoring and Statistics enable log display enable log display Description Configures the system to maintain a running real-time display of log messages on the console. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines If you enable the log display on a terminal connected to the console port, your settings will remain in effect even after your console session is ended (unless you explicitly disable the log display).

  • Page 541: Enable Rmon

    enable rmon enable rmon enable rmon Description Enables the collection of RMON statistics on the switch. Syntax Description This command has no arguments or variables. Default By default, RMON is disabled. However, even in the disabled state, the switch responds to RMON queries and sets for alarms and events.
  • Page 542 Commands for Status Monitoring and Statistics To view the status of RMON polling on the switch, use the command. The show management show command displays information about the switch including the enable/disable state for management RMON polling. Example The following command enables the collection of RMON statistics on the switch: enable rmon History This command was first available in ExtremeWare 4.1.

  • Page 543: Enable Sys-Backplane-Diag

    enable sys-backplane-diag enable sys-backplane-diag enable sys-backplane-diag Description Enables system run time backplane diagnostics, which is done by periodically sending diagnostic packets between MSM and I/O modules while the system is running. Syntax Description This command has no arguments or variables. Default Enabled.

  • Page 544: Enable Sys-Health-Check

    Commands for Status Monitoring and Statistics enable sys-health-check enable sys-health-check Description Enables the BlackDiamond system health checker. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines The system health checker tests I/O modules, MSM64i modules, and the backplane by forwarding packets every 4 seconds.
  • Page 545 enable sys-health-check Platform Availability This command is available on BlackDiamond switches only. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 546: Enable Syslog

    Commands for Status Monitoring and Statistics enable syslog enable syslog Description Enables logging to a remote syslog host. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines In order to enable remote logging, you must do the following: •...

  • Page 547: Show Flowstats

    show flowstats show flowstats show flowstats {<portlist> | export {<group#>}} Description Displays status information for the flow statistics function. Syntax Description portlist Use this optional parameter to specify one or more ports or slots and ports for which status information is to be displayed. group# Use this optional parameter with the group keyword to display status information for a specific export group.
  • Page 548 Commands for Status Monitoring and Statistics Example command with no options, for a switch with NetFlow statistics enabled on ports show flowstats 1, 40, and 43, displays output similar to the following: Summit48i: show flowstats Flowstats enabled Port Filter proto timeout group OverflowPkts...

  • Page 549: Show Flowstats Export

    show flowstats export show flowstats export show flowstats export [ detail |{<group number> detail} ] Description Displays configuration information an export group. Syntax Description group number Specifies a group number for which configuration information should be displayed. Default N/A. Usage Guidelines The information displayed by this command is displayed in a format similar to the config flowstats command.

  • Page 550: Show Flowstats

    Commands for Status Monitoring and Statistics show flowstats show flowstats <portlistr> Description Displays status information for the flow statistics function. Syntax Description portlistr Specifies a list of ports or slots and ports for which flow statistics should be displayed. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8. Default N/A.
  • Page 551 show flowstats History This command was first available in ExtremeWare 6.2. Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 552: Show Log

    Commands for Status Monitoring and Statistics show log show log {chronological} {<priority>} Description Displays the current snapshot of the log. Syntax Description chronological Specifies to show log entries in ascending chronological order. priority Specifies a message priority. These can be one of the following: alert, critical, debug, emergency, error, info, notice, or warning.
  • Page 553 show log • Subsystem—The subsystem refers to the specific functional area to which the error refers. Table 14 describes the subsystems. Table 14: Fault Log Subsystems Subsystem Description Syst General system-related information. Examples include memory, power supply, security violations, fan failure, overheat condition, and configuration mode. STP information.

  • Page 554: Show Log Config

    Commands for Status Monitoring and Statistics show log config show log config Description Displays the log configuration. Syntax Description This command has no arguments or variables. Default Usage Guidelines command displays the log configuration including the syslog host IP address, show log config the priority level of messages being logged locally and whether the console log is enabled or disabled, and the priority level of messages being sent to the syslog host and whether the syslog is enabled or...

  • Page 555: Show Memory

    show memory show memory show memory {detail} Description Displays the current system memory information. Syntax Description detail Specifies task-specific memory usage. Default N/A. Usage Guidelines Your BlackDiamond or Summit switch must have 32MB of DRAM to support the features in ExtremeWare version 4.0 and above.
  • Page 556 Commands for Status Monitoring and Statistics History This command was first available in ExtremeWare 2.0. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 557: Show Ports Rxerrors

    show ports rxerrors show ports rxerrors show ports {<portlist>} rxerrors Description Displays real-time receive error statistics. For PoS modules, displays the information for the PoS ports. Only a subset of the statistics rxerror displayed by this command are applicable to PoS ports. The fields that do not apply to PoS ports are displayed with values of all zeroes.
  • Page 558 Commands for Status Monitoring and Statistics • Receive Alignment Errors (RX Align)—The total number of frames received by the port that occurs if a frame has a CRC error and does not contain an integral number of octets. • Receive Frames Lost (RX Lost)—The total number of frames received by the port that were lost because of buffer overflow in the switch.

  • Page 559: Show Ports Stats

    show ports stats show ports stats show ports {<portlist>} stats Description Displays real-time port statistics. Syntax Description portlist Specifies a list of ports or slots and ports to which the parameters apply. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8. Default N/A.
  • Page 560 Commands for Status Monitoring and Statistics For version 2.0 and 4.0 • Disabled and Not Present are not available as link status indicators. • Chassis is available as a link status indicator. If chassis is listed, the link is connected to a Summit Virtual Chassis.

  • Page 561: Show Ports Txerrors

    show ports txerrors show ports txerrors show ports {<portlist>} txerrors Description Displays real-time transmit error statistics. For PoS modules, displays the information for the PoS ports. txerror Syntax Description portlist Specifies a list of ports or slots and ports to which the parameters apply. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.
  • Page 562 Commands for Status Monitoring and Statistics For version 2.0 and 4.0 • Disabled and Not Present are not available as link status indicators. Example The following command displays transmit error statistics for ports 1 through 3 on a stand-alone switch: show ports 1-3 txerrors The following command displays transmit error statistics for slot 1, ports 1 through 3 on a modular switch:...

  • Page 563: Show Version

    show version show version show version {detail} Description Displays the hardware serial numbers and versions, and software versions currently running on the switch, and (if applicable) the modules.. Syntax Description detail Specifies display of slot board name and chassis or platform name. Default N/A.
  • Page 564 Commands for Status Monitoring and Statistics Example The following command displays the hardware and software versions currently running on the switch: show version On a stackable switch, this command produces output similar to the following: System Serial Number: 800078-11-0035M02442 CPU Serial Number: 700027-11 0034M-01445 CPLD Rev 04 Daughtercard Serial Number: 703015-02 0029M-02701 CPLD Rev ÿ...
  • Page 565 show version Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 566: Unconfig Flowstats Filter

    Commands for Status Monitoring and Statistics unconfig flowstats filter unconfig flowstats filter <filter#> Description Removes the filter specification for the specified filter. Syntax Description filter# Specifies the filter specification that should be removed. Default N/A. Usage Guidelines By unconfiguring the filter specification, this effectively disables this filter on all ports for which it was configured.

  • Page 567: Unconfig Flowstats Ports

    unconfig flowstats ports unconfig flowstats ports unconfig flowstats {filter <filter#> ports <portlist>} {ports [<portlist> | all]} Description Resets the flow statistics configuration parameters for the specified ports to their default values. Syntax Description filter# Specifies the filter specification that should be removed. portlist Specifies a set of ports or slots and ports that should be reset.
  • Page 568 Commands for Status Monitoring and Statistics ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 569: Security Commands

    Security Commands This chapter describes: • Commands for creating and configuring routing access policies • Commands for creating and configuring IP access lists • Commands for creating and configuring route maps • Commands for managing the switch using SSH2 • Commands related to switch user authentication through a RADIUS client •...

  • Page 570: User Authentication

    Security Commands Route maps are used to modify or filter routes redistributed between two routing domains. They are also used to modify or filter the routing information exchanged between the domains. To use route maps, follow these steps: 1 Create a route map. 2 Add entries to the route map.

  • Page 571: Denial Of Service

    Denial of Service same port for authentication. Campus mode requires a DHCP server and a RADIUS server configured for Extreme network login. • ISP mode, used when the port and VLAN used will remain constant. All network settings are configured for that VLAN. A DHCP server is included to support Network Login functionality.

  • Page 572: Config Access-Profile Add

    Security Commands config access-profile add config access-profile <access_profile> add {<seq_number>} {permit | deny} [ipaddress <ip address> <mask> {exact} | as-path <path-expression> | bgp-community [internet | no-export | no-advertise | no-export-subconfed | <as_no:number> | number <community>] | ipxnet <netid> <netid mask> | ipxsap <sap_type>...
  • Page 573 config access-profile add Usage Guidelines You can specify the sequence number for each access profile entry. If you do not specify a sequence number, entries are sequenced in the order they are added. Each entry is assigned a value of 5 more than the sequence number of the last entry.
  • Page 574 Security Commands History This form of the command was available in ExtremeWare 6.1. Support for IPX NetID and IPX SAP matching was first available in ExtremeWare 6.2. A limited version of this command was first available in ExtremeWare 4.0. Platform Availability This command is available on “i”...

  • Page 575: Config Access-Profile Delete

    config access-profile delete config access-profile delete config access-profile <access_profile> delete <seq_number> Description Deletes an access profile entry using the sequence number. Syntax Description access_profile Specifies an access profile name. seq-number Specifies the order of the entry within the access profile. If no sequence number is specified, the new entry is added to the end of the access-profile and is automatically assigned a value of 5 more than the sequence number of the last entry.

  • Page 576: Config Access-Profile Mode

    Security Commands config access-profile mode config access-profile <access_profile> mode [permit | deny | none] Description Configures the access profile mode to permit or deny access, or to require per-entry access control. Syntax Description access_profile Specifies an access profile name. permit Allows the addresses that match the access profile description.

  • Page 577: Config Cpu-Dos-Protect

    • filter-precedence—10 • filter-type-allowed—destination Usage Guidelines This command configures denial of service protection for Extreme Networks switches. When heavy traffic reaches the alert threshold, a hardware ACL is created that blocks the traffic for the timeout number of seconds. NOTE If you set the filter-precedence to 0, the ACLs created by DoS protection will be overwritten by the default VLAN QoS profile.
  • Page 578 Security Commands Example The following command configures denial of service protection to be invoked when 3000 or more packets per second are received by a port on the switch. This command configures logging to occur when the number of packets per second that the switch receives is 2000, the timeout is 15 seconds, and messages are on: config cpu-dos-protect alert-threshold 3000 notice-threshold 2000 timeout 15 messages on filter-precedence 10...

  • Page 579: Config Cpu-Dos-Protect Trusted-Ports

    config cpu-dos-protect trusted-ports config cpu-dos-protect trusted-ports config cpu-dos-protect trusted-ports [add <port number> | delete <port number> | all | none] Description Configures ports as trusted, so that denial of service protection is not applied to port. Syntax Description port number Specifies a port.

  • Page 580: Config Netlogin Base-Url

    Security Commands config netlogin base-url config netlogin base-url <url> Description Configures the base URL for Network Login. Syntax Description Specifies the base URL for Network Login. Default The base URL default value is “network-access.net”. Usage Guidelines When you login using a web browser, you are redirected to the specified base URL, which is the DNS name for the switch.

  • Page 581: Config Netlogin Redirect-Url

    config netlogin redirect-url config netlogin redirect-url config netlogin redirect-url <url> Description Configures the redirect URL for Network Login. Syntax Description Specifies the redirect URL for Network Login. Default The redirect URL default value is “http://www.extremenetworks.com”. Usage Guidelines In ISP mode, you can configure netlogin to be redirected to a base page after successful login using this command.

  • Page 582: Config Radius Server

    Security Commands config radius server config radius [primary | secondary] server [<ipaddress> | <hostname>] {<udp_port>} client-ip [<ipaddress>] Description Configures the primary and secondary RADIUS authentication server. Syntax Description primary Configures the primary RADIUS authentication server. secondary Configures the secondary RADIUS authentication server. ipaddress The IP address of the server being configured.

  • Page 583: Config Radius Shared-Secret

    config radius shared-secret config radius shared-secret config radius [primary | secondary] shared-secret {encrypted} [<string>] Description Configures the authentication string used to communicate with the RADIUS authentication server. Syntax Description primary Configures the authentication string for the primary RADIUS server. secondary Configures the authentication string for the secondary RADIUS server.

  • Page 584: Config Radius Timeout

    Security Commands config radius timeout config radius timeout <seconds> Description Configures the timeout interval for RADIUS authentication requests. Syntax Description seconds Specifies the number of seconds for authentication requests. Range is 3 to 120 seconds Default The default is 3 seconds. Usage Guidelines This command configures the timeout interval for RADIUS authentication requests.

  • Page 585: Config Radius-Accounting Server

    config radius-accounting server config radius-accounting server config radius-accounting [primary | secondary] server [<ipaddress> | <hostname>] {<udp_port>} client-ip [<ipaddress>] Description Configures the RADIUS accounting server. Syntax Description primary Configure the primary RADIUS accounting server. secondary Configure the secondary RADIUS accounting server. ipaddress The IP address of the accounting server being configured.

  • Page 586: Config Radius-Accounting Shared-Secret

    Security Commands config radius-accounting shared-secret config radius-accounting [primary | secondary] shared-secret {encrypted} [<string>] Description Configures the authentication string used to communicate with the RADIUS accounting server. Syntax Description primary Configures the authentication string for the primary RADIUS accounting server. secondary Configures the authentication string for the secondary RADIUS accounting server.

  • Page 587: Config Radius-Accounting Timeout

    config radius-accounting timeout config radius-accounting timeout config radius-accounting timeout <seconds> Description Configures the timeout interval for RADIUS-Accounting authentication requests. Syntax Description seconds Specifies the number of seconds for authentication requests. Range is 3 to 120 seconds Default The default is 3 seconds. Usage Guidelines This command configures the timeout interval for RADIUS-Accounting authentication requests.

  • Page 588: Config Route-Map Add

    Security Commands config route-map add config route-map <route-map> add <seq_number> [permit | deny] {match-one | match-all} {set lpm-routing | set iphost-routing} Description Adds an entry in the route map with the specified sequence number and action. Syntax Description route-map The name of the route map to which this entry should be added. seq-number Specifies a sequence number that uniquely identifies the entry, and determines the position of the entry in the route map.
  • Page 589 config route-map add The following command adds an entry to the route-map named bgp-out that will be evaluated after the previous entry, and that permits all matching routes: config route-map bgp-out add 20 permit History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on the “i”...

  • Page 590: Config Route-Map Add Goto

    Security Commands config route-map add goto config route-map <route_map> <seq_number> add goto <new_route_map> Description Configures a route map statement to transfer evaluation to another route map. goto Syntax Description route-map The name of the route map to which this statement should be added. seq-number Specifies the sequence number of the entry in the route map to which this statement should be added.

  • Page 591: Config Route-Map Add Match

    config route-map add match config route-map add match config route-map <route-map> <seq_number> add match [nlri-list <nlri_access_profile> | as-path [access-profile <as_access_profile> | <as_number>] | community [access-profile <com_access_profile> | <as_number>:<number> | number <community> | no-advertise | no-export | no-export-subconfed] | next-hop <ip address> | med <number> | tag <number> | origin [igp | egp | incomplete]] Description Configures a route map...
  • Page 592 Security Commands Usage Guidelines A match operation specifies a criteria that must be matched in order for the route to be successful. If there are multiple statements in a route table entry, match statements are evaluated before set or goto statements.

  • Page 593: Config Route-Map Add Set

    config route-map add set config route-map add set config route-map <route-map> <seq_number> add set [as-path <as_number> | community [[access-profile <access-profile> | <as_number>:<number> | number <community> | no-advertise | no-export | no-export-subconfed] | remove | [add | delete] [access-profile <access-profile> | <as no> : <number> | number <community>...
  • Page 594 Security Commands remove Removes the MED attribute, if present. add | delete <med_number> Adds or deletes the specified value to or from the MED that is received. The final result is bound by 0 and 2147483647. local-preference <number> Sets the local preference in the path attribute to the specified local preference number.

  • Page 595: Config Route-Map Delete

    config route-map delete config route-map delete config route-map <route_map> delete <seq_number> Description Deletes an entry from the route map. Syntax Description route-map The name of the route map to which this entry should be added. seq-number Specifies a sequence number that uniquely identifies the entry, and determines the position of the entry in the route map.

  • Page 596: Config Route-Map Delete Goto

    Security Commands config route-map delete goto config route-map <route_map> <seq_number> delete goto <new_route_map> Description Deletes a route map statement. goto Syntax Description route-map The name of the route map from which this statement should be deleted. seq-number The sequence number of the entry in the route map from which this statement should be deleted.

  • Page 597: Config Route-Map Delete Match

    config route-map delete match config route-map delete match config route-map <route-map> <seq_number> delete match [nlri-list <access-profile> | as-path [access-profile <access-profile> | <as_number>] | community [access-profile <access-profile> | <as_number>:<number> | number <community> | no-advertise | no-export | no-export-subconfed] | next-hop <ip address> | med <number> | tag <number> | origin [igp | egp | incomplete]] Description Deletes a route map...
  • Page 598 Security Commands History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 599: Config Route-Map Delete Set

    config route-map delete set config route-map delete set config route-map <route-map> <seq_number> delete set [as-path <as_number> | community [[access-profile <access-profile> | <as_number>:<number> | number <community> | no-advertise | no-export | no-export-subconfed] | remove | [add | delete] [access-profile <access-profile> | <as_number>:<number> | number <community>...
  • Page 600 Security Commands origin [igp | egp | incomplete] Specifies the origin. tag <tag_number> Specifies the tag in the route to the specified number. accounting index Specifies the index number of an accounting index to be set. <index_number> value <value_number> Specifies a value for the accounting index. cost <number>...

  • Page 601: Config Ssh2

    Secure Copy Protocol (SCP) or the Secure File Transfer Protocol (SFTP). Before you can enable SSH2, you must first obtain a security license from Extreme Networks. After you receive the license, you must enable SSH2 and generate a host key. To enable SSH2, use the enable command.
  • Page 602 Security Commands Example The following command generates an authentication key for the SSH2 session: config ssh2 key The command responds with the following messages: WARNING: Generating new server host key This will take approximately 10 minutes and cannot be canceled. Continue? (y/n) If you respond yes, the command prompts as follows: Enter some random characters.

  • Page 603: Config Tacacs Server

    config tacacs server config tacacs server config tacacs [primary | secondary] server [<ipaddress> | <hostname>] {<tcp_port>} client-ip <ipaddress> Description Configures the server information for a TACACS+ authentication server. Syntax Description primary Configures the primary TACACS+ server. secondary Configures the secondary TACACS+ server. ipaddress The IP address of the TACACS+ server being configured.

  • Page 604: Config Tacacs Shared-Secret

    Security Commands config tacacs shared-secret config tacacs [primary | secondary] shared-secret {encrypted} <string> Description Configures the shared secret string used to communicate with the TACACS+ authentication server. Syntax Description primary Configures the authentication string for the primary TACACS+ server. secondary Configures the authentication string for the secondary TACACS+ server.

  • Page 605: Config Tacacs Timeout

    config tacacs timeout config tacacs timeout config tacacs timeout <seconds> Description Configures the timeout interval for TACAS+ authentication requests. Syntax Description seconds Specifies the number of seconds for authentication requests. Range is 3 to 120 seconds Default The default is 3 seconds. Usage Guidelines This command configures the timeout interval for TACACS+ authentication requests.

  • Page 606: Config Tacacs-Accounting Server

    Security Commands config tacacs-accounting server config tacacs-accounting [primary | secondary] server [<ipaddress> | <hostname>] {<udp_port>} client-ip <ipaddress> Description Configures the TACACS+ accounting server. Syntax Description primary Configures the primary TACACS+ accounting server. secondary Configures the secondary TACACS+ accounting server. ipaddress The IP address of the TACACS+ accounting server being configured.

  • Page 607: Config Tacacs-Accounting Shared-Secret

    config tacacs-accounting shared-secret config tacacs-accounting shared-secret config tacacs-accounting [primary | secondary] shared-secret {encrypted} <string> Description Configures the shared secret string used to communicate with the TACACS+ accounting server. Syntax Description primary Configures the authentication string for the primary TACACS+ accounting server.

  • Page 608: Config Tacacs-Accounting Timeout

    Security Commands config tacacs-accounting timeout config tacacs-accounting timeout <seconds> Description Configures the timeout interval for TACACS+ accounting authentication requests. Syntax Description seconds Specifies the number of seconds for authentication requests. Range is 3 to 120 seconds Default The default is 3 seconds. Usage Guidelines This command configures the timeout interval for TACACS+ accounting authentication requests.

  • Page 609: Config Vlan Access-Profile

    config vlan access-profile config vlan access-profile config vlan <vlan name> access-profile [<access_profile> | none] Description Configures a BlackDiamond 6800 running ExtremeWare 4.1 to control the routing of traffic between VLANs. Syntax Description vlan name Specifies the name of an egress VLAN. access_profile Specifies an access profile that contains a list of ingress VLANs.

  • Page 610: Config Vlan Dhcp-Address-Range

    Security Commands config vlan dhcp-address-range config vlan <name> dhcp-address-range <ipaddress1> - <ipaddress2> Description Configures a set of DHCP addresses for a VLAN. Syntax Description name Specifies the VLAN on whose ports netlogin should be disabled. ipaddress1 Specifies the first IP address in the DHCP address range to be assigned to this VLAN.

  • Page 611: Config Vlan Dhcp-Lease-Timer

    config vlan dhcp-lease-timer config vlan dhcp-lease-timer config vlan <name> dhcp-lease-timer <lease-timer> Description Configures the timer value in seconds returned as part of the DHCP response. Syntax Description name Specifies the VLAN on whose ports netlogin should be disabled. lease-timer Specifies the timer value, in seconds. Default N/A.

  • Page 612: Config Vlan Dhcp-Options

    Security Commands config vlan dhcp-options config vlan <name> dhcp-options [default-gateway | dns-server | wins-server] <ipaddress> Description Configures the DHCP options returned as part of the DHCP response by a switch configured as a DHCP server. Syntax Description name Specifies a VLAN name. default-gateway Specifies the router option.

  • Page 613: Config Vlan Netlogin-Lease-Timer

    config vlan netlogin-lease-timer config vlan netlogin-lease-timer config vlan <vlan_name> netlogin-lease-timer <lease-timer> Description Configures the timer value returned as part of the DHCP response for clients attached to Network-Login enabled ports. Syntax Description vlan_name Specifies the VLAN to which this timer value applies. lease-timer Specifies the timer value, in seconds.

  • Page 614: Create Access-List Icmp Destination Source

    Security Commands create access-list icmp destination source create access-list <name> icmp destination [<dest_ipaddress>/<mask> | any] source [<src_ipaddress>/<source_mask> | any] type <icmp_type> code <icmp_code> [permit | deny] {<portlist>} {precedence <number>} Description Creates a named IP access list that applies to ICMP traffic. Syntax Description name Specifies the access list name.
  • Page 615 create access-list icmp destination source Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 616: Create Access-List Ip Destination Source Ports

    Security Commands create access-list ip destination source ports create access-list <name> ip destination [<dest_ipaddress>/<mask> | any] source [<src_ipaddress>/<src_mask> | any] [permit {<qosprofile>} | deny] ports [<portlist> | any] {precedence <prec_number>} Description Creates a named IP access list that applies to all IP traffic. Syntax Description name Specifies the access list name.
  • Page 617 create access-list ip destination source ports Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 618: Create Access-List Tcp Destination Source Ports

    Security Commands create access-list tcp destination source ports create access-list <name> tcp destination [<dest_ipaddress>/<mask> | any] ip-port [<dst_port> | range <dst_port_min> <dst_port_max> | any] source [<src_ipaddress>/<src_mask> | any] ip-port [<src_port> | range <src_port_min> <src_port_max> | any] [permit <qosprofile> | permit-established | deny] ports [<portlist> | any] {precedence <precedence_num>} Description Creates a named IP access list that applies to TCP traffic.
  • Page 619 create access-list tcp destination source ports Usage Guidelines The access list is applied to all ingress packets. Example The following command defines an access-list rule named allow10_23 with precedence 30 that permits TCP port 23 traffic destined for other 10.x.x.x networks, and assigns QoS profile Qp4: create access-list allow10_23 tcp dest 10.0.0.0/8 ip-port 23 source any ip-port any permit qosprofile qp4 ports any precedence 30 History...

  • Page 620: Create Access-List Udp Destination Source Ports

    Security Commands create access-list udp destination source ports create access-list <name> udp destination [<dest_ipaddress>/<mask> | any] ip-port [<dst_port> | range <dst_port_min> <dst_port_max> | any] source [<src_ipaddress>/<src_mask> | any] ip-port [<src_port> | range <src_port_min> <src_port_max> | any] [permit <qosprofile> | deny] ports [<portlist>...
  • Page 621 create access-list udp destination source ports Example The following command defines an access-list rule named allow10_35 with precedence 70 that permits udp port 35 traffic destined for other 10.X.X.X networks, and assigns QoS profile Qp2: create access-list allow10_35 udp dest 10.0.0.0/8 ip-port 35 source any ip-port any permit qosprofile qp2 ports any precedence 70 History This command was first available in ExtremeWare 6.0.

  • Page 622: Create Access-Profile

    Security Commands create access-profile create access-profile <access_profile> type [ipaddress | ipx-node | ipx-net | ipx-sap | as-path | bgp-community | vlan] Description Creates an access profile. Syntax Description access_profile Specifies an access profile name. ipaddress Specifies that the profile entries will be a list of IP address/mask pairs. ipx-node Specifies that the profile entries will be a list of IPX node addresses.
  • Page 623 create access-profile History This form of the command was available in ExtremeWare 6.1. Support for the IPX node, NetID and SAP advertisement types was added in ExtremeWare 6.2. A limited version of this command was first available in ExtremeWare 4.0. Platform Availability This command is available on “i”...

  • Page 624: Create Route-Map

    Security Commands create route-map create route-map <route_map> Description Creates a route map statement. Syntax Description route_map Specifies a route map name. Default N/A. Usage Guidelines Route maps are a mechanism that can be used to conditionally control the redistribution of routes between two routing domains, and to modify the routing information that is redistributed.

  • Page 625: Delete Access-List

    delete access-list delete access-list delete access-list [<name> | all] Description Deletes an access list. Syntax Description name Specifies the name of the access list to be deleted. Specifies that all access lists should be deleted. Default N/A. Usage Guidelines None. Example The following command deletes access list allow102: delete access-list allow102...

  • Page 626: Delete Access-Profile

    Security Commands delete access-profile delete access-profile <access_profile> Description Deletes an access profile. Syntax Description access_profile Specifies an access profile name. Default N/A. Usage Guidelines None. Example The following command deletes an access profile named nosales: delete access-profile nosales History This command was first available in ExtremeWare 4.0. Platform Availability This command is available on all platforms.

  • Page 627: Delete Route-Map

    delete route-map delete route-map delete route-map <route_map> Description Deletes a route map statement from the route map. Syntax Description route_map Specifies a route map name. Default N/A. Usage Guidelines None. Example The following command deletes a route-map named bgp-out: delete route-map bgp-out History This command was first available in ExtremeWare 6.1.

  • Page 628: Disable Access-List

    Security Commands disable access-list disable access-list <name> [counter | log] Description Disables message logging or the collection of access-list statistics. Syntax Description name Specifies the name of the access list. counter Specifies that access-list statistics collection should be disable. Specifies that message logging to the Syslog facility for each packet that matches the access-list description should be disabled.

  • Page 629: Disable Cpu-Dos-Protect

    disable cpu-dos-protect disable cpu-dos-protect disable cpu-dos-protect Description Disables denial of service protection. Syntax Description There are no arguments or variables for this command. Default Default is disabled. Usage Guidelines None. Example The following command disables denial of service protection. disable cpu-dos-protect History This command was first available in ExtremeWare 6.2.2 Platform Availability...

  • Page 630: Disable Dhcp Ports Vlan

    Security Commands disable dhcp ports vlan disable dhcp ports <portlist> vlan <name> Description Disables DHCP on a specified port in a VLAN. Syntax Description portlist Specifies the ports for which DHCP should be disabled. vlan_name Specifies the VLAN on whose ports DHCP should be disabled. Default N/A.

  • Page 631: Disable Netlogin Logout-Privilege

    disable netlogin logout-privilege disable netlogin logout-privilege disable netlogin logout-privilege Description Disables network login logout privilege. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines This command turns the privilege for netlogin users to logout by popping up (or not popping up) the logout window on or off.

  • Page 632: Disable Netlogin

    Security Commands disable netlogin disable netlogin Description Disables network login. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines Example The following command disables network login: disable netlogin History This command was first available in ExtremeWare 7.0.0. Platform Availability This command is available on the “i”...

  • Page 633: Disable Netlogin Ports

    disable netlogin ports disable netlogin ports disable netlogin ports <portlist> vlan <vlan_name> Description Disables network login on a specified port in a VLAN. Syntax Description portlist Specifies the ports for which netlogin should be disabled. vlan_name Specifies the VLAN on whose ports netlogin should be disabled. Default N/A.

  • Page 634: Disable Netlogin Session-Refresh

    Security Commands disable netlogin session-refresh disable netlogin session-refresh Description Disables Network Login session refresh. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines Network Login sessions can refresh themselves after a configured timeout. After the user has been logged in successfully, a logout window opens which can be used to close the connection by clicking on the LogOut link.

  • Page 635: Disable Radius

    disable radius disable radius disable radius Description Disables the RADIUS client. Syntax Description This command has no arguments or variables. Default RADIUS authentication is disabled by default. Usage Guidelines None. Example The following command disables RADIUS authentication for the switch: disable radius History This command was first available in ExtremeWare 4.1.

  • Page 636: Disable Radius-Accounting

    Security Commands disable radius-accounting disable radius-accounting Description Disables RADIUS accounting. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command disables RADIUS accounting for the switch: disable radius-accounting History This command was first available in ExtremeWare 4.1. Platform Availability This command is available on all platforms.

  • Page 637: Disable Ssh2

    disable ssh2 disable ssh2 disable ssh2 Description Enables incoming SSH2 Telnet sessions. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines SSH2 session options (access profile and non-default port setting) are not saved when SSH2 is disabled. To view the status of SSH2 Telnet sessions on the switch, use the command.

  • Page 638: Disable Tacacs

    Security Commands disable tacacs disable tacacs Description Disables TACACS+ for authentication and authorization. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command disables TACACS+ authentication and authorization for the switch: disable tacacs History This command was first available in ExtremeWare 6.1.

  • Page 639: Disable Tacacs-Accounting

    disable tacacs-accounting disable tacacs-accounting disable tacacs-accounting Description Disables TACACS+ accounting. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command disables TACACS+ accounting: disable tacacs-accounting History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on the “i”...

  • Page 640: Disable Tacacs-Authorization

    Security Commands disable tacacs-authorization disable tacacs-authorization Description Disables CLI command authorization. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This disable CLI command authorization but leaves user authentication enabled. Example The following command disables TACACS+ CLI command authorization: disable tacacs-authorization History This command was first available in ExtremeWare 6.1.

  • Page 641: Enable Access-List

    enable access-list enable access-list enable access-list <name> [counter | log] Description Enables message logging or the collection of access-list statistics. Syntax Description name Specifies the name of the access list. counter Specifies that access-list statistics should be collected. Specifies that a message should be logged to the Syslog facility for each packet that matches the access-list description.

  • Page 642: Enable Cpu-Dos-Protect

    Security Commands enable cpu-dos-protect enable cpu-dos-protect Description Enables denial of service protection. Syntax Description There are no arguments or variables for this command. Default Default is disabled. Usage Guidelines None. Example The following command enables denial of service protection. enable cpu-dos-protect History This command was first available in ExtremeWare 6.2.2 Platform Availability...

  • Page 643: Enable Cpu-Dos-Protect Simulated

    enable cpu-dos-protect simulated enable cpu-dos-protect simulated enable cpu-dos-protect simulated Description Enables simulated denial of service protection. Syntax Description There are no arguments or variables for this command. Default Default is disabled. Usage Guidelines When simulated denial of service protection is enabled, no ACLs are created. This mode is useful to gather information about normal traffic levels on a switch.

  • Page 644: Enable Netlogin

    Security Commands enable netlogin enable netlogin Description Enables network login. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines None. Example The following command enables network login: enable netlogin History This command was first available in ExtremeWare 7.0.0. Platform Availability This command is available on the “i”...

  • Page 645: Enable Netlogin Logout-Privilege

    enable netlogin logout-privilege enable netlogin logout-privilege enable netlogin logout-privilege Description Enables network login logout privilege. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines This command turns the privilege for netlogin users to logout by popping up (or not popping up) the logout window on or off.

  • Page 646: Enable Netlogin Ports

    Security Commands enable netlogin ports enable netlogin ports <portlist> vlan <vlan_name> Description Enables network login on a specified port in a VLAN. Syntax Description portlist Specifies the ports for which netlogin should be enabled. vlan_name Specifies the VLAN on whose ports netlogin should be enabled. Default N/A.

  • Page 647: Enable Netlogin Session-Refresh

    enable netlogin session-refresh enable netlogin session-refresh enable netlogin session-refresh <minutes> Description Disables Network Login session refresh. Syntax Description minutes Specifies the session refresh time for Network Login in minutes. Default Enabled. Usage Guidelines Network Login sessions can refresh themselves after a configured timeout. After the user has been logged in successfully, a logout window opens which can be used to close the connection by clicking on the LogOut link.

  • Page 648: Enable Radius

    Security Commands enable radius enable radius Description Enables the RADIUS client on the switch. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines When enabled, all web and CLI logins are sent to the RADIUS servers for authentication. When used with a RADIUS server that supports ExtremeWare CLI authorization, each CLI command is sent to the RADIUS server for authorization before it is executed.

  • Page 649: Enable Radius-Accounting

    enable radius-accounting enable radius-accounting enable radius-accounting Description Enables RADIUS accounting. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines The RADIUS client must also be enabled. Example The following command enables RADIUS accounting for the switch: enable radius-accounting History This command was first available in ExtremeWare 4.1.

  • Page 650: Enable Ssh2

    SSH2 Telnet, and you must obtain and enter a Security License Key to enable the SSH2 feature. To obtain a Security License Key, access the Extreme Networks website. You can specify a list of predefined clients that are allowed SSH2 access to the switch. To do this, you must create an access profile that contains a list of allowed IP addresses.
  • Page 651 enable ssh2 Platform Availability This command is available on all “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 652: Enable Tacacs

    Security Commands enable tacacs enable tacacs Description Enables TACACS+. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines After they have been enabled, all web and CLI logins are sent to one of the two TACACS+ servers for login name authentication and accounting.

  • Page 653: Enable Tacacs-Accounting

    enable tacacs-accounting enable tacacs-accounting enable tacacs-accounting Description Enables TACACS+ accounting. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines If accounting is used, the TACACS+ client must also be enabled. Example The following command enables TACACS+ accounting for the switch: enable tacacs-accounting History This command was first available in ExtremeWare 6.1.

  • Page 654: Enable Tacacs-Authorization

    Security Commands enable tacacs-authorization enable tacacs-authorization Description Enables CLI command authorization. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines When enabled, each command is transmitted to the remote TACACS+ server for authorization before the command is executed. Example The following command enables TACACS+ command authorization for the switch: enable tacacs-authorization...

  • Page 655: Scp2

    scp2 scp2 scp2 {cipher [3des | blowfish]} {port <portnum>} {debug <debug_level>} <user>@ [<hostname> | <ipaddress>] :<remote_file> [configuration {incremental} | image [primary | secondary] | bootrom] Description Copies a file from a remote system to the switch using SCP2. Syntax Description 3des Specifies that the 3des cipher should be used for encryption.
  • Page 656 Security Commands CAUTION You can download a configuration to an Extreme Networks switch using SCP. If you do this, you cannot save this configuration. If you save this configuration and reboot the switch, the configuration will be corrupted. Example The following command copies a configuration file from the file configpart1.save on host system1 to the switch as an incremental configuration: scp2 admin@system1:configpart1.save configuration incremental...

  • Page 657: Scp2 Configuration

    scp2 configuration scp2 configuration scp2 {cipher [3des | blowfish]} {port <portnum>} {debug <debug_level>} configuration <user>@ [<hostname> | <ipaddress>]:<remote_file> Description Copies the configuration file from the switch to a remote system using SCP2. Syntax Description 3des Specifies that the 3des cipher should be used for encryption. This is the default.

  • Page 658: Show Access-List

    Security Commands show access-list show access-list {<name> | port <portlist>} Description Displays access list information and real-time statistics. Syntax Description name Specifies the name of an access list to be displayed. portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.
  • Page 659 show access-list The command generates output similar to the following: test1 Protocol: ip Action: permit qp1 Destination: 0.0.0.0/0 Source: Precedence: 0 Rule Number: 0 Hit Count: 4566 Flags: ac Ports: History This command was first available in ExtremeWare 6.0. Platform Availability This command is available on the “i”...

  • Page 660: Show Access-List-Fdb

    Security Commands show access-list-fdb show access-list-fdb Description Displays the hardware access control list mapping. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays the hardware access control list mapping: show access-list-fdb History This command was first available in ExtremeWare 6.0.

  • Page 661: Show Access-List-Monitor

    show access-list-monitor show access-list-monitor show access-list-monitor Description Initiates the access-list information display, and refreshes it until discontinued. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This command initiates a display of real-time access list information. Use the keys as shown in Table 16 to change the view of the data.

  • Page 662: Show Access-Profile

    Security Commands show access-profile show access-profile {<access_profile>} Description Displays access-profile related information for the switch. Syntax Description access_profile Specifies an access profile. Default Shows all access profile information for the switch. Usage Guidelines None. Example The following command displays access-profile related information for access profile nosales: show access-profile nosales History This command was first available in ExtremeWare 4.0.

  • Page 663: Show Cpu-Dos-Protect

    show cpu-dos-protect show cpu-dos-protect show cpu-dos-protect Description Displays the status of denial of service protection. Syntax Description There are no arguments or variables for this command. Default N/A. Usage Guidelines None. Example The following command displays the status of denial of service protection. show cpu-dos-protect Following is the output from this command: Denial-of-service protection to CPU is ENABLED...

  • Page 664: Show Netlogin

    Security Commands show netlogin show netlogin Description Shows all network login parameters. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines The information reported by this command is the following: • Whether netlogin is enabled or disabled. •...

  • Page 665: Show Netlogin Ports

    show netlogin ports show netlogin ports show netlogin ports <portlist> vlan <vlan_name> Description Shows network login information on a specified port in a VLAN. Syntax Description portlist Specifies the ports for which netlogin should be disabled. vlan_name Specifies the VLAN on whose ports netlogin should be disabled. Default N/A.

  • Page 666: Show Radius

    Security Commands show radius show radius Description Displays the current RADIUS client configuration and statistics. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines The output from this command displays the status of the RADIUS and RADIUS accounting (enabled or disabled) and the primary and secondary servers for RADIUS and RADIUS accounting: Example The following command displays the current RADIUS client configuration and statistics:...
  • Page 667 show radius Primary radius accounting server: Server name: 172.17.1.104 Client address: 172.17.1.221 Shared secret: lf|nki Secondary radius accounting server: Server name: 172.17.1.123 Client address: 172.17.1.221 Shared secret: lf|nki History This command was first available in ExtremeWare 4.1. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 668: Show Radius-Accounting

    Security Commands show radius-accounting show radius-accounting Description Displays the current RADIUS accounting client configuration and statistics. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines The output from this command displays information about the status and configuration of RADIUS accounting Example The following command displays RADIUS accounting client configuration and statistics:...

  • Page 669: Show Route-Map

    show route-map show route-map show route-map <route map> Description Displays route map information. Syntax Description route map Specifies a route map name. Default N/A. Usage Guidelines If you do not specify a route map name, information for all the route maps will be displayed. Example The following command displays the route-map named bgp-out: show route-map bgp-out...

  • Page 670: Show Tacacs

    Security Commands show tacacs show tacacs Description Displays the current TACACS+ configuration and statistics. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command displays TACACS+ client configuration and statistics: show tacacs Following is the output from this command: TACACS+: enabled TACACS+ Authorization: enabled...
  • Page 671 show tacacs History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 672: Show Tacacs-Accounting

    Security Commands show tacacs-accounting show tacacs-accounting Description Displays the current TACACS+ accounting client configuration and statistics. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None: Example The following command displays TACACS+ accounting client configuration and statistics: show tacacs-accounting Following is the output from this command: TACACS+ Accounting: enabled...

  • Page 673: Ssh2

    When you terminate the remote session, commands will then resume being executed on the original switch. The remote command option cannot be used with Extreme Networks switches. If you include a remote command, you will receive an error message.
  • Page 674 Security Commands Example The following command establishes an SSH2 session on switch engineering1: ssh2 admin@engineering1 The following command establishes an SSH2 session with the switch summit48i over TCP port 2050 with compression enabled: ssh2 port 2050 compression on admin@summit48i History This command was first available in ExtremeWare 6.2.1 Platform Availability This command is available on all “i”...

  • Page 675: Unconfig Cpu-Dos-Protect

    unconfig cpu-dos-protect unconfig cpu-dos-protect unconfig cpu-dos-protect Description Resets denial of service protection configuration to default values. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines The default values for the denial of service protection parameters are as follows: •...

  • Page 676: Unconfig Radius

    Security Commands unconfig radius unconfig radius {server [primary | secondary]} Description Unconfigures the RADIUS client configuration. Syntax Description primary Unconfigures the primary RADIUS server. secondary Unconfigures the secondary RADIUS server. Default Unconfigures both primary and secondary servers. Usage Guidelines None. Example The following command unconfigures the secondary RADIUS server for the client: unconfig radius server secondary...

  • Page 677: Unconfig Radius-Accounting

    unconfig radius-accounting unconfig radius-accounting unconfig radius-accounting {server [primary | secondary]} Description Unconfigures the RADIUS accounting client configuration. Syntax Description primary Unconfigures the primary RADIUS accounting server. secondary Unconfigures the secondary RADIUS accounting server. Default Unconfigures both the primary and secondary accounting servers. Usage Guidelines None.

  • Page 678: Unconfig Tacacs

    Security Commands unconfig tacacs unconfig tacacs {server [primary | secondary]} Description Unconfigures the TACACS+ client configuration. Syntax Description primary Unconfigures the primary TACACS+ server. secondary Unconfigures the secondary TACACS+ server. Default Unconfigures both the primary and secondary TACACS+ servers. Usage Guidelines None.

  • Page 679: Unconfig Tacacs-Accounting

    unconfig tacacs-accounting unconfig tacacs-accounting unconfig tacacs-accounting {server [primary | secondary]} Description Unconfigures the TACACS+ accounting client configuration. Syntax Description primary Unconfigures the primary TACACS+ accounting server. secondary Unconfigures the secondary TACACS+ accounting server. Default Unconfigures both the primary and secondary TACACS+ accounting servers. Usage Guidelines None.
  • Page 680 Security Commands ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 681 EAPS Commands This chapter describes the following commands: • Commands for configuring and monitoring Ethernet Automatic Protection Switching (EAPS) To use EAPS, you must enable EDP on the switch and the EAPS ring ports. The EAPS protocol provides fast protection switching to layer 2 switches interconnected in an Ethernet ring topology, such as a metropolitan area network (MAN) or large campuses.

  • Page 682: Config Eaps Add Control Vlan

    EAPS Commands config eaps add control vlan config eaps <name> add control vlan <vlan_name> Description Adds the specified control VLAN to the specified EAPS domain. Syntax Description name Specifies the name of an EAPS domain. vlan_name Specifies the name of the control VLAN. Default N/A.

  • Page 683: Config Eaps Add Protect Vlan

    config eaps add protect vlan config eaps add protect vlan config eaps <name> add protect vlan <vlan_name> Description Adds the specified protected VLAN to the specified EAPS domain. Syntax Description name Specifies the name of an EAPS domain. vlan_name Specifies the name of the protected VLAN. Default N/A.

  • Page 684: Config Eaps Delete Control Vlan

    EAPS Commands config eaps delete control vlan config eaps <name> delete control vlan <vlan_name> Description Deletes the specified control VLAN from the specified EAPS domain. Syntax Description name Specifies the name of an EAPS domain. vlan_name Specifies the name of the control VLAN. Default N/A.

  • Page 685: Config Eaps Delete Protect Vlan

    config eaps delete protect vlan config eaps delete protect vlan config eaps <name> delete protect vlan <vlan_name> Description Deletes the specified protected VLAN from the specified EAPS domain. Syntax Description name Specifies the name of an EAPS domain. vlan_name Specifies the name of the protected VLAN. Default N/A.

  • Page 686: Config Eaps Failtime

    EAPS Commands config eaps failtime config eaps <name> failtime <seconds> Description Configures the value of the fail timer the master node used for the EAPS health-check packet. Syntax Description name Specifies the name of an EAPS domain. seconds Specifies the number of seconds to wait between transmission of the health-check packets on the control VLAN.

  • Page 687: Config Eaps Hellotime

    config eaps hellotime config eaps hellotime config eaps <name> hellotime <seconds> Description Configures the value of the hello timer the master node used for the EAPS health-check packet. Syntax Description name Specifies the name of an EAPS domain. seconds Specifies the number of seconds to wait between transmission of the health-check packets on the control VLAN.

  • Page 688: Config Eaps Mode

    EAPS Commands config eaps mode config eaps <name> mode [master | transit] Description Configures the switch as either the EAPS master node or as an EAPS transit node for the specified domain. Syntax Description name Specifies the name of an EAPS domain. master Specifies that this switch should be the master node for the named EAPS domain.

  • Page 689: Config Eaps Port

    config eaps port config eaps port config eaps <name> [primary | secondary] port <port number> Description Configures a node port as the primary or secondary port for the specified EAPS domain. Syntax Description name Specifies the name of an EAPS domain. primary Specifies that the port is to be configured as the primary port.

  • Page 690: Config Eaps Name

    EAPS Commands config eaps name config eaps <old_name> name <new_name> Description Renames an existing EAPS domain. Syntax Description old_name Specifies the current name of an EAPS domain. new_name Specifies a new name for the EAPS domain. Default N/A. Usage Guidelines None.

  • Page 691: Create Eaps

    create eaps create eaps create eaps <name> Description Creates an EAPS domain with the specified name. Syntax Description name Specifies the name of an EAPS domain to be created. May be up to 32 characters in length. Default N/A. Usage Guidelines parameter is a character string of up to 32 characters that identifies the EAPS domain to be name created.

  • Page 692: Delete Eaps

    EAPS Commands delete eaps delete eaps <name> Description Deletes the EAPS domain with the specified name. Syntax Description name Specifies the name of an EAPS domain to be deleted. Default N/A. Usage Guidelines None. Example The following command deletes EAPS domain eaps_1: delete eaps eaps-1 History This command was first available in ExtremeWare 6.2.

  • Page 693: Disable Eaps

    disable eaps disable eaps disable eaps {<name>} Description Disables the EAPS function for a named domain or for an entire switch. Syntax Description name Specifies the name of an EAPS domain. Default Disabled for the entire switch. Usage Guidelines None. Example The following command disables the EAPS function for entire switch: disable eaps...

  • Page 694: Enable Eaps

    EAPS Commands enable eaps enable eaps {<name>} Description Enables the EAPS function for a named domain or for an entire switch. Syntax Description name Specifies the name of an EAPS domain. Default Disabled. Default command enables for the entire switch. Usage Guidelines EDP must be enabled on the switch and EAPS ring ports.

  • Page 695: Show Eaps

    show eaps show eaps show eaps {<name>} {detail} Description Displays EAPS status information. Syntax Description name Specifies the name of an EAPS domain. detail Specifies all available detail for each domain. Default N/A. Usage Guidelines If you enter the command without a keyword, the command displays less than with the show eaps keyword.
  • Page 696 EAPS Commands State: On a transit node, the command displays one of the following states: • Idle—The EAPS domain has been enabled, but the configuration is not complete. • Links-Up—This EAPS domain is running, and both its ports are up and in the FORWARDING state.
  • Page 697 show eaps Example The following command displays detailed EAPS information for domain “eaps2”: show eaps eaps2 detail The results for domain “eaps2” on a master node are shown as follows: Name: “eaps2” (instance=0) State: Complete [Running: Yes] Enabled: Yes Mode: Master Primary port: 14 Port status: Up Tag status: Tagged...
  • Page 698 EAPS Commands Hello Timer interval: 1 sec Fail Timer interval: 3 sec Preforwarding Timer interval: 6 sec Last update: From Master Id 00:01:30:B5:72:F0, at Fri Jun 7 23:13:09 2002 EAPS Domain has following Controller Vlan: Vlan Name QosProfile "cv2" 4002 Number of Protected Vlans: 2 The following command displays summary EAPS information: show eaps summary...

  • Page 699: Show Eaps Summary

    show eaps summary show eaps summary show eaps summary Description Displays summary information on one or more EAPS domains. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines Displays EAPS domains and associated info such as Domain Name, Domain State, EAPS Mode, Enabled State, Control VLAN and VLAN ID and the Number of Protect VLANs in the domain.

  • Page 700: Unconfig Eaps Port

    EAPS Commands unconfig eaps port unconfig eaps <name> [primary | secondary] port Description Sets the specified port’s internal configuration state to INVALID. Syntax Description name Specifies the name of an EAPS domain. primary Specifies that the primary port should be unconfigured. secondary Specifies that the secondary port should be unconfigured.

  • Page 701: Spanning Tree Domains

    STP Commands This chapter describes: • Commands related to creating, configuring, enabling, and disabling Spanning Tree Protocol (STP) on the switch • Commands related to displaying and resetting STP settings on the switch The Spanning Tree Protocol (STP) is a bridge-based mechanism for providing fault tolerance on networks.
  • Page 702 STP Commands All STP parameters default to the IEEE 802.1D values, as appropriate. Port Modes An STP port has three modes of operation: • 802.1D mode This mode is used for backward compatibility with previous STP versions and for compatibility with third-party switches using IEEE standard 802.1D.

  • Page 703: Config Stpd Add Vlan

    config stpd add vlan config stpd add vlan config stpd <spanning tree name> add vlan <vlan name> {ports <portlist> [dot1d | emistp | pvst-plus] Description Adds one or more VLANs, or a list of ports within a VLAN, to a specified STPD. Syntax Description spanning tree name Specifies an STPD name on the switch.
  • Page 704 STP Commands —This mode implements PVST+ in compatibility with third-party switches running this • pvst-plus version of STP. The STPDs running in this mode have a one-to-one relationship with VLANs, and send and process packets in PVST+ format. An StpdID is used to identify each STP domain. You assign the StpdID when configuring the domain, and that VLAN cannot belong to another STPD.

  • Page 705: Config Stpd Delete Vlan

    config stpd delete vlan config stpd delete vlan config stpd <spanning tree name> delete vlan <vlan name> {ports <portlist> Description Deletes one or more ports in the specified VLAN from an STPD. Syntax Description spanning tree name Specifies an STPD name on the switch. vlan name Specifies a VLAN name.

  • Page 706: Config Stpd Forwarddelay

    STP Commands config stpd forwarddelay config stpd <spanning tree name> forwarddelay <seconds> Description Specifies the time (in seconds) that the ports in this STPD spend in the listening and learning states when the switch is the Root Bridge. Syntax Description spanning tree name Specifies an STPD name on the switch.

  • Page 707: Config Stpd Hellotime

    config stpd hellotime config stpd hellotime config stpd <spanning tree name> hellotime <seconds> Description Specifies the time delay (in seconds) between the transmission of Bridge Protocol Data Units (BPDUs) from this STPD when it is the Root Bridge. Syntax Description spanning tree name Specifies an STPD name on the switch.

  • Page 708: Config Stpd Maxage

    STP Commands config stpd maxage config stpd <spanning tree name> maxage <seconds> Description Specifies the maximum age of a BPDU in the specified STPD. Syntax Description spanning tree name Specifies an STPD name on the switch. seconds Specifies the maxage time in seconds. Default 20 seconds.

  • Page 709: Config Stpd Ports Cost

    config stpd ports cost config stpd ports cost config stpd <spanning tree name> ports cost <cost> [<portlist>] Description Specifies the path cost of the port in the specified STPD. Syntax Description spanning tree name Specifies an STPD name on the switch. cost Specifies a numerical port cost value.
  • Page 710 STP Commands Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 711: Config Stpd Ports Mode

    config stpd ports mode config stpd ports mode config stpd <spanning tree name> ports mode {dot1d | emistp | pvst-plus} [<portlist>] Description Configures the STP mode of operation for the specified port list. Syntax Description spanning tree name Specifies an STPD name on the switch. dot1d Specifies IEEE 802.1d-compliant packet formatting.

  • Page 712: Config Stpd Ports Priority

    STP Commands config stpd ports priority config stpd <spanning tree name> ports priority <priority> [<portlist>] Description Specifies the port priority of the port in the specified STPD. Syntax Description spanning tree name Specifies an STPD name on the switch. priority Specifies a numerical port priority value.
  • Page 713 config stpd ports priority History This command was first available in ExtremeWare 2.0. This command was modified in ExtremeWare 6.1 to update the parameter. priority This command was modified in ExtremeWare 4.0 to support modular switches. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 714: Config Stpd Priority

    STP Commands config stpd priority config stpd <spanning tree name> priority <priority> Description Specifies the bridge priority of the STPD. Syntax Description spanning tree name Specifies an STPD name on the switch. priority Specifies the bridge priority of the STPD. Default 32,768.

  • Page 715: Config Stpd Tag

    config stpd tag config stpd tag config stpd <spanning tree name> tag <vlan tag> Description Assigns an StpdID to an STPD. Syntax Description spanning tree name Specifies an STPD name on the switch. vlan tag Specifies the VLANid of a VLAN that is owned by the STPD. Default N/A.

  • Page 716: Config Vlan Add Ports Stpd

    STP Commands config vlan add ports stpd config vlan <vlan name> add ports <portlist> stpd <spanning tree name> [dot1d | emistp | pvst-plus] Description Adds a list of ports within a VLAN to a specified STPD. Syntax Description vlan name Specifies a VLAN name.
  • Page 717 config vlan add ports stpd History This command was first available in ExtremeWare 6.2. Platform Availability This command is available on all “i”-series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 718: Create Stpd

    STP Commands create stpd create stpd <name> Description Creates a user-defined STPD. Syntax Description name Specifies a user-defined STPD name. Default The default device configuration contains a single STPD called s0. When an STPD is created, the STPD has the following default parameters: •...

  • Page 719: Delete Stpd

    delete stpd delete stpd delete stpd <spanning tree name> Description Removes a user-defined STPD from the switch. Syntax Description spanning tree name Specifies a user-defined STPD name on the switch. Default N/A. Usage Guidelines If you remove an STPD, the VLANs that were members of that STPD are also deleted. An STPD can only be removed if all VLANs have been deleted from it.

  • Page 720: Disable Ignore-Bpdu Vlan

    STP Commands disable ignore-bpdu vlan disable ignore-bpdu vlan <vlan name> Description Allows the switch to recognize STP BDUs. Syntax Description vlan name Specifies a VLAN name. Default Disabled. Usage Guidelines You can configure ExtremeWare to allow a BPDU to traverse a VLAN without being processed by STP, even if STP is enabled on the port.

  • Page 721: Disable Ignore-Stp Vlan

    disable ignore-stp vlan disable ignore-stp vlan disable ignore-stp vlan <vlan name> Description Allows a VLAN to use STP port information. Syntax Description vlan name Specifies a VLAN name. Default Disabled. Usage Guidelines keyword is optional. vlan Example The following command disables the ignore-stp option on the VLAN accounting: disable ignore-stp accounting History This command was first available in ExtremeWare 6.1.

  • Page 722: Disable Stpd

    STP Commands disable stpd disable stpd {<spanning tree name>} Description Disables the STP mechanism on a particular STPD or for all STPDs. Syntax Description spanning tree name Specifies an STPD name on the switch. Default Disabled. Usage Guidelines All VLANs belong to an STPD. If you do not want to run STP on a VLAN, you must add the VLAN to an STPD that is disabled.

  • Page 723: Disable Stpd Ports

    disable stpd ports disable stpd ports disable stpd <spanning tree name> ports [<portlist>] Description Disables STP on one or more ports. Syntax Description spanning tree name Specifies an STPD name on the switch. portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.

  • Page 724: Disable Stpd Rapid-Root-Failover

    STP Commands disable stpd rapid-root-failover disable stpd <spanning tree name> rapid-root-failover Description Disables rapid root failover for STP recovery times. Syntax Description spanning tree name Specifies an STPD name on the switch. Default Disabled. Usage Guidelines To view the status of rapid root failover on the switch, use the command.

  • Page 725: Enable Ignore-Bpdu Vlan

    enable ignore-bpdu vlan enable ignore-bpdu vlan enable ignore-bpdu vlan <vlan name> Description Configures the switch to ignore the STP BPDUs, which prevents ports in the VLAN from becoming part of an STPD. Syntax Description vlan name Specifies a VLAN name. Default Disabled.

  • Page 726: Enable Ignore-Stp Vlan

    STP Commands enable ignore-stp vlan enable ignore-stp vlan <vlan name> Description Configures the switch to ignore the STP protocol and not block traffic for the VLAN(s). Syntax Description vlan name Specifies a VLAN name. Default Disabled. Usage Guidelines This command is useful when multiple VLANs share the same physical ports, but only some of the VLANs require STP protection.

  • Page 727: Enable Stpd

    enable stpd enable stpd enable stpd {<spanning tree name>} Description Enables the STP protocol for one or all STPDs. Syntax Description spanning tree name Specifies an STPD name on the switch. Default Disabled. Usage Guidelines You must create one or more STP domains and configure an STPD before you can use the enable stpd command.

  • Page 728: Enable Stpd Rapid-Root-Failover

    STP Commands enable stpd rapid-root-failover enable stpd <spanning tree name> rapid-root-failover Description Enables rapid root failover for faster STP recovery times. Syntax Description spanning tree name Specifies an STPD name on the switch. Default Disabled. Usage Guidelines To view the status of rapid root failover on the switch, use the command.

  • Page 729: Enable Stpd Ports

    enable stpd ports enable stpd ports enable stpd <spanning tree name> ports <portlist> Description Enables the STP protocol on one or more ports. Syntax Description spanning tree name Specifies an STPD on the switch. portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.

  • Page 730: Show Stpd

    STP Commands show stpd show stpd {detail | <spanning tree name>} Description Displays STPD settings on the switch. Syntax Description detail Specifies that STPD settings should be shown for each STPD. (Version 6.2) spanning tree name Specifies an STPD on the switch. Default N/A.

  • Page 731: Show Stpd Ports

    show stpd ports show stpd ports show stpd <spanning tree name> ports [<portlist> | all] {detail} Description Displays the STP state of a port. Syntax Description spanning tree name Specifies an STPD name. portlist Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports.
  • Page 732 STP Commands History This command was first available in ExtremeWare 2.0. Support for modular switches was introduced in ExtremeWare 4.0. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 733: Unconfig Stpd

    unconfig stpd unconfig stpd unconfig stpd {<spanning tree name> | all} Description Restores default STP values to a particular STPD or all STPDs. Syntax Description spanning tree name Specifies an STPD name on the switch. Specifies all STPDs on the switch. (2.0) Default N/A.
  • Page 734 STP Commands ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 735 ESRP Commands This chapter describes the following commands: • Commands for enabling and disabling ESRP • Commands for performing basic ESRP configuration • Commands for enabling and disabling port restart and failure tracking for ESRP ESRP is a feature of ExtremeWare that allows multiple switches to provide redundant layer 3 routing services to users.

  • Page 736: Config Esrp Port-Mode Ports

    ESRP Commands config esrp port-mode ports config esrp port-mode [host | normal] ports <portlist> {don’t-count} Description Configures the ESRP port mode for ESRP host attach. Syntax Description host Specifies that the ports should be configured as host ports. normal Specifies that the ports should be configured as normal ports. portlist Specifies the list of ports that should be configured.
  • Page 737 config esrp port-mode ports Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 738: Config Vlan Add Domain-Member Vlan

    ESRP Commands config vlan add domain-member vlan config vlan <super_esrp_vlan> add domain-member vlan <sub_esrp_vlan> Description Adds a VLAN to an ESRP domain. Syntax Description super_esrp_vlan Specifies the name of an ESRP-enabled super-VLAN. sub_esrp_vlan Specifies the name of a sub-VLAN. Default N/A.

  • Page 739: Config Vlan Add Ports No-Restart

    config vlan add ports no-restart config vlan add ports no-restart config vlan <vlan name> add ports [<portlist> | all] no-restart Description Disables port restart for a port. Syntax Description vlan name Specifies an ESRP-enabled VLAN name. portlist Specifies list of ports or slots and ports. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

  • Page 740: Config Vlan Add Ports Restart

    ESRP Commands config vlan add ports restart config vlan <vlan name> add ports [<portlist> | all] restart Description Configures ESRP to restart ports if there is a state change and the downstream switch is from another vendor. Syntax Description vlan name Specifies an ESRP-enabled VLAN name.

  • Page 741: Config Vlan Add Track-Bgp

    config vlan add track-bgp config vlan add track-bgp config vlan <vlan name> add track-bgp failover <priority> Description Configures an ESRP-enabled VLAN to track any available BGP route. Syntax Description vlan name Specifies an ESRP-enabled VLAN name. priority Specifies a number between 0 and 254. Default No BGP route tracking.

  • Page 742: Config Vlan Add Track-Diagnostic

    ESRP Commands config vlan add track-diagnostic config vlan <vlan name> add track-diagnostic failover <priority> Description Configures backplane diagnostics failure tracking for an ESRP-enabled VLAN. Syntax Description vlan name Specifies a VLAN name. priority Specifies a number between 0 and 255. Default No diagnostic tracking.

  • Page 743: Config Vlan Add Track-Environment

    config vlan add track-environment config vlan add track-environment config vlan <vlan name> add track-environment failover <priority> Description Configures an ESRP-enabled VLAN to track environmental failures. Syntax Description vlan name Specifies a VLAN name. priority Specifies a number between 0 and 255. Default No environmental tracking.

  • Page 744: Config Vlan Add Track-Iproute

    ESRP Commands config vlan add track-iproute config vlan <vlan name> add track-iproute <ipaddress>/<masklength> Description Configures an ESRP-enabled VLAN or a VRRP VLAN to track a route entry in the kernel route table. Syntax Description vlan name Specifies an ESRP-enabled or VRRP VLAN name. ipaddress Specifies the IP address of the route entry to be tracked.

  • Page 745: Config Vlan Add Track-Ospf

    config vlan add track-ospf config vlan add track-ospf config vlan <vlan name> add track-ospf failover <priority> Description Configures an ESRP-enabled VLAN to track any available OSPF route. Syntax Description vlan name Specifies an ESRP-enabled VLAN name. priority Specifies a number between 0 and 255. Default No OSPF route tracking.

  • Page 746: Config Vlan Add Track-Ping

    ESRP Commands config vlan add track-ping config vlan <vlan name> add track-ping <ipaddress> frequency <seconds> miss <number> Description Configures an ESRP-enabled VLAN or VRRP VLAN to track an external gateway using ping. Syntax Description vlan name Specifies an ESRP-enabled or VRRP VLAN name. ipaddress Specifies the IP address of the external gateway.

  • Page 747: Config Vlan Add Track-Rip

    config vlan add track-rip config vlan add track-rip config vlan <vlan name> add track-rip failover <priority> Description Configures an ESRP-enabled VLAN to track any available RIP route. Syntax Description vlan name Specifies an ESRP-enabled VLAN name. priority Specifies a number between 0 and 254. Default No RIP route tracking.

  • Page 748: Config Vlan Add Track-Vlan

    ESRP Commands config vlan add track-vlan config vlan <vlan name> add track-vlan <vlan_tracked> Description Configures an ESRP-enabled VLAN or a VRRP VLAN to track port connectivity to a specified VLAN. Syntax Description vlan name Specifies an ESRP-enabled or VRRP VLAN name. vlan_tracked Specifies the VLAN to be tracked.

  • Page 749: Config Vlan Delete Domain-Member Vlan

    config vlan delete domain-member vlan config vlan delete domain-member vlan config vlan <super_esrp_vlan> delete domain-member vlan <sub_esrp_vlan> Description Deletes a VLAN from an ESRP domain. Syntax Description super_esrp_vlan Specifies a VLAN name. sub_esrp_vlan Specifies a number in seconds. Default N/A. Usage Guidelines The domain master does not need to have all the ports as the domain members.

  • Page 750: Config Vlan Delete Track-Bgp

    ESRP Commands config vlan delete track-bgp config vlan <vlan name> delete track-bgp Description Disables BGP route tracking for an ESRP-enabled VLAN. Syntax Description vlan name Specifies an ESRP-enabled VLAN name. Default N/A. Usage Guidelines None. Example The following command disables BGP tracking for VLAN esrp-1: config vlan esrp-1 delete track-bgp History This command was first available in ExtremeWare 6.2.

  • Page 751: Config Vlan Delete Track-Diagnostic

    config vlan delete track-diagnostic config vlan delete track-diagnostic config vlan <vlan name> delete track-diagnostic Description Disables diagnostics failure tracking for an ESRP-enabled VLAN. Syntax Description vlan name Specifies a VLAN name. Default N/A. Usage Guidelines None. Example The following command disables diagnostic failure tracking for VLAN esrp-1: config vlan esrp-1 delete track-diagnostic History This command was first available in ExtremeWare 6.1.5.

  • Page 752: Config Vlan Delete Track-Environment

    ESRP Commands config vlan delete track-environment config vlan <vlan name> delete track-environment Description Disables environmental failure tracking. Syntax Description vlan name Specifies a VLAN name. Default N/A. Usage Guidelines None. Example The following command disables environmental failure tracking for VLAN esrp-1: config vlan esrp-1 delete track-environment History This command was first available in ExtremeWare 6.1.5.

  • Page 753: Config Vlan Delete Track-Iproute

    config vlan delete track-iproute config vlan delete track-iproute config vlan <vlan name> delete track-iproute <ipaddress>/<masklength> Description Disables route table entry tracking for an ESRP-enabled VLAN or a VRRP VLAN. Syntax Description vlan name Specifies an ESRP-enabled or VRRP VLAN name. ipaddress Specifies the IP address of the route entry to be tracked.

  • Page 754: Config Vlan Delete Track-Ospf

    ESRP Commands config vlan delete track-ospf config vlan <vlan name> delete track-ospf Description Disables OSPF route tracking for an ESRP-enabled VLAN. Syntax Description vlan name Specifies an ESRP-enabled VLAN name. Default N/A. Usage Guidelines None. Example The following command disables OSPF route tracking for VLAN esrp-1: config vlan esrp-1 delete track-ospf History This command was first available in ExtremeWare 6.2.

  • Page 755: Config Vlan Delete Track-Ping

    config vlan delete track-ping config vlan delete track-ping config vlan <vlan name> delete track-ping <ipaddress> Description Disables the tracking of an external gateway using ping. Syntax Description vlan name Specifies an ESRP-enabled or VRRP VLAN name. ipaddress Specifies the IP address of the external gateway. Default N/A.

  • Page 756: Config Vlan Delete Track-Rip

    ESRP Commands config vlan delete track-rip config vlan <vlan name> delete track-rip Description Disables RIP route tracking for an ESRP-enabled VLAN. Syntax Description vlan name Specifies an ESRP-enabled VLAN name. Default No RIP route tracking. Usage Guidelines None. Example The following command disables RIP route failure tracking for VLAN esrp-1: config vlan esrp-1 delete track-rip History This command was first available in ExtremeWare 6.2.

  • Page 757: Config Vlan Delete Track-Vlan

    config vlan delete track-vlan config vlan delete track-vlan config vlan <vlan name> delete track-vlan <vlan_tracked> Description Disables the tracking of port connectivity to a specified VLAN. Syntax Description vlan name Specifies an ESRP-enabled or VRRP VLAN name. vlan_tracked Specifies the VLAN to be tracked. Default N/A.

  • Page 758: Config Vlan Esrp Esrp-Election

    ESRP Commands config vlan esrp esrp-election config vlan <vlan name> esrp esrp-election [ports-track-priority | ports-track-priority-mac | track-ports-priority | track-ports-priority-mac | priority-ports-track-mac | priority-track-ports-mac | priority-mac-only] Description Configures the election algorithm on the switch. Syntax Description vlan name Specifies a VLAN name. ports-track-priority Specifies that this VLAN should consider election factors in the following order: Active ports, tracking information, ESRP priority.
  • Page 759 config vlan esrp esrp-election If a switch is master, it actively provides layer 3 routing services to other VLANs, and layer 2 switching between all the ports of that VLAN. Additionally, the switch exchanges ESRP packets with other switches that are in standby mode. If a switch is in standby mode, it exchanges ESRP packets with other switches on that same VLAN.

  • Page 760: Config Vlan Esrp Esrp-Neutral-Timout

    CAUTION Configure the neutral state timeout only with guidance from Extreme Networks personnel. Misconfiguration can severely degrade the performance of ESRP and your switch. Example The following command configures the neutral timeout to 6 seconds for the VLAN...

  • Page 761: Config Vlan Esrp Priority

    config vlan esrp priority config vlan esrp priority config vlan <vlan name> esrp priority <value> Description Configures the ESRP priority. Syntax Description vlan name Specifies a VLAN name. value Specifies a number between 0 and 255. Default Priority = 0. Usage Guidelines The ESRP priority is one of the factors used by the ESRP election algorithm in determining which switch is the Master switch.

  • Page 762: Config Vlan Esrp Timer

    ESRP Commands config vlan esrp timer config vlan <vlan name> esrp timer <timervalue> {esrp-nbr-timeout <timeoutvalue>} Description Configures the ESRP timer values. Syntax Description vlan name Specifies a VLAN name. The range is 1 timervalue Specifies the number of seconds between keep-alive packets. to 255 seconds.
  • Page 763 config vlan esrp timer History This command was first available in ExtremeWare 4.0. This command was modified to include the option in ExtremeWare 6.2.2. esrp-nbr-timeout Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 764: Config Vlan Esrp Group

    ESRP Commands config vlan esrp group config vlan <vlan name> esrp group <group_number> Description Configures the group number to be used for the ESRP VLAN. Syntax Description vlan name Specifies a VLAN name. group_number Specifies the ESRP group to which this VLAN should be added. Default The default group number is 0.

  • Page 765: Disable Esrp Vlan

    disable esrp vlan disable esrp vlan disable esrp vlan <vlan name> Description Disables ESRP on a VLAN. Syntax Description vlan name Specifies an ESRP-enabled VLAN name. Default Disabled. Usage Guidelines None. Example The following command disables ESRP on the VLAN accounting: disable esrp vlan accounting History This command was first available in ExtremeWare 4.0.

  • Page 766: Enable Esrp Vlan

    ESRP Commands enable esrp vlan enable esrp vlan <vlan name> Description Enables ESRP on a VLAN. Syntax Description vlan name Specifies a VLAN name. Default Disabled. Usage Guidelines EDP must be enabled on all ports participating in ESRP. ESRP cannot be enabled on the VLAN default. Example The following command enables ESRP on the VLAN esrp-1: enable esrp vlan esrp-1...

  • Page 767: Show Esrp

    show esrp show esrp show esrp {detail} Description Displays ESRP configuration information. Syntax Description detail Specifies detail for each switch in the ESRP VLAN. Default Shows summary ESRP information. Usage Guidelines This command shows information about the state of an ESRP VLAN and its neighbors. This includes: •...
  • Page 768 ESRP Commands State Trans Counters: ToMaster:(0) ToSlave:(1) Host ports(*=no-count): None Restart Ports: None Tracked VLANs: None Tracked Ip Routes: None Tracked Pings/Freq/N_miss: None Neighbours: Nbr Active Ports: Nbr Tracked Rt/Ping: Nbr Tracked Ports: Nbr Priority: Nbr MacID: 00:01:30:33:28:00 Nbr HelloTimer: Nbr ESRP State: Master Host (Direct-attach, *=no-count) Ports on System:...

  • Page 769: Show Esrp-Aware Vlan

    show esrp-aware vlan show esrp-aware vlan show esrp-aware vlan <vlan name> Description Displays ESRP-aware information for a specific VLAN. Syntax Description vlan name Specifies an ESRP-enabled VLAN name. Default Displays summary information for the VLAN. Usage Guidelines The display includes the group number, MAC address for the master of the group, and age of the information.

  • Page 770: Show Esrp Vlan

    ESRP Commands show esrp vlan show esrp vlan <vlan name> {counters} Description Displays ESRP configuration information for a specific VLAN. Syntax Description vlan name Specifies an ESRP-enabled VLAN name. counters Displays ESRP counters. Default Displays summary information for the VLAN. Usage Guidelines None.
  • Page 771 show esrp vlan Nbr MacID: 00:01:30:33:28:00 Nbr HelloTimer: Nbr ESRP State: Master History This command was first available in ExtremeWare 6.0. Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...
  • Page 772 ESRP Commands ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 773: Vrrp Commands

    The virtual router is identified by a virtual router identifier (VRID) and an IP address. All of the VRRP routers that participate in the virtual router are assigned the same VRID. Extreme Networks’ VRRP implementation is compliant with RFC 2338, Virtual Router Redundancy Protocol.
  • Page 774 VRRP Commands If the master router becomes unavailable, the election process provides dynamic failover and the backup router that has the highest priority assumes the role of master. A new master is elected when one of the following things happen: •...

  • Page 775: Config Vrrp Add Vlan

    config vrrp add vlan config vrrp add vlan config vrrp add vlan <vlan name> Description Enables VRRP on a particular VLAN. Syntax Description vlan name Specifies a VLAN name. Default N/A. Usage Guidelines None. Example The following enables VRRP on VLAN vrrp-1: config vrrp add vlan vrrp-1 History This command was first available in ExtremeWare 6.2...

  • Page 776: Config Vrrp Delete

    VRRP Commands config vrrp delete config vrrp delete [vlan <vlan name> | all] Description Disables VRRP on one or all VLANs. Syntax Description vlan name Specifies the name of a VLAN on which to disable VRRP. Specifies that VRRP should be disabled on all VLANs on this device. Default N/A.

  • Page 777: Config Vrrp Vlan Add

    config vrrp vlan add config vrrp vlan add config vrrp vlan <vlan name> add [master | backup] vrid <number> <ip address> Description Configures the VRID instance on the VRRP VLAN as master or backup. Syntax Description vlan name Specifies the name of a VRRP VLAN. master Specifies that this device is the master router for the virtual router.

  • Page 778: Config Vrrp Vlan Authentication

    VRRP Commands config vrrp vlan authentication config vrrp vlan <vlan name> authentication [none | simple-password <simple password>] Description Configures VRRP authentication. Syntax Description vlan name Specifies the name of a VRRP VLAN. none Specifies that no password is required. simple password Specifies the password for VRRP authentication.

  • Page 779: Config Vrrp Vlan Delete Vrid

    config vrrp vlan delete vrid config vrrp vlan delete vrid config vrrp vlan <vlan name> delete vrid [<number> | all] Description Deletes one or all VRIDs. Syntax Description vlan name Specifies the name of a VRRP VLAN. number Specifies a Virtual Router ID (VRID). Value can be in the range of 1-255. Specifies that all virtual routers should be deleted for this VLAN on this device.

  • Page 780: Config Vrrp Vlan Vrid

    VRRP Commands config vrrp vlan vrid config vrrp vlan <vlan name> vrid <number> [priority <priority_number> | advertisement-interval <ad_interval_number> | dont_preempt | preempt] Description Configures VRRP parameters. Syntax Description vlan name Specifies the name of a VRRP VLAN. number Specifies a Virtual Router ID (VRID). Value can be in the range of 1-255. priority_number Specifies the priority value to be used by this VRRP router in the master election process.
  • Page 781 config vrrp vlan vrid History This command was first available in ExtremeWare 6.2. Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 782: Disable Vrrp

    VRRP Commands disable vrrp disable vrrp Description Disables VRRP on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines This disables VRRP on the device. All virtual routers defined on this device will also be disabled. Example The following command disables VRRP on the device: disable vrrp...

  • Page 783: Enable Vrrp

    enable vrrp enable vrrp enable vrrp Description Enables VRRP on the switch. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines IGMP snooping must be enabled for VRRP to operate correctly. Use the following command to enable IGMP snooping: enable igmp snooping Example...

  • Page 784: Show Vrrp

    VRRP Commands show vrrp show vrrp [vlan <vlan name> | all] {detail} Description Displays VRRP configuration information for one or all VLANs. Syntax Description vlan name Specifies the name of a VRRP VLAN. Specifies that information should be displayed for all VLANs. detail Specifies detail information.
  • Page 785 show vrrp Transition Counters: ToMaster:1 ToBackup:1 Skew:0.609375 Master-Dn-Int:3.60938 History This command was first available in ExtremeWare 6.2. Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 786: Show Vrrp Vlan Stats

    VRRP Commands show vrrp vlan stats show vrrp vlan <vlan name> stats Description Displays VRRP statistics for a particular VLAN. Syntax Description vlan name Specifies the name of a VRRP VLAN. Default N/A. Usage Guidelines None. Example The following command displays statistics for VLAN vrrp-1: show vrrp vlan vrrp-1 stats History This command was first available in ExtremeWare 6.2.
  • Page 787 Each IP address and mask assigned to a VLAN must represent a unique IP subnet. You cannot configure the same IP subnet on different VLANs. The Extreme Networks switch maintains an IP routing table for network routes and host routes. The table is populated from the following sources: •...
  • Page 788 IP Unicast Commands A static route must be associated with a valid IP subnet. An IP subnet is associated with a single VLAN by its IP address and subnet mask. If the VLAN is subsequently deleted, the static route entries using that subnet must be deleted manually.
  • Page 789 Proxy Address Resolution Protocol (ARP) was first developed so that ARP-capable devices could respond to ARP Request packets on behalf of ARP-incapable devices. Proxy ARP can also be used to achieve router redundancy and simplify IP client configuration. The Extreme Networks switch supports proxy ARP for this type of network configuration.

  • Page 790: Clear Iparp

    IP Unicast Commands clear iparp clear iparp {<ip address> | vlan <vlan name>} Description Removes dynamic entries in the IP ARP table. Syntax Description ip address Specifies an IP address. vlan name Specifies a VLAN name. Default N/A. Usage Guidelines Permanent IP ARP entries are not affected.

  • Page 791: Clear Ipfdb

    clear ipfdb clear ipfdb clear ipfdb {<ip address> <netmask>| vlan <vlan name>} Description Removes the dynamic entries in the IP forwarding database. Syntax Description ip address Specifies an IP address. netmask Specifies a subnet mask. vlan name Specifies a VLAN name. Default N/A.

  • Page 792: Config Bootprelay Add

    IP Unicast Commands config bootprelay add config bootprelay add <ip address> Description Configures the addresses to which BOOTP requests should be directed. Syntax Description ip address Specifies an IP address. Default N/A. Usage Guidelines After IP unicast routing has been configured, you can configure the switch to forward Dynamic Host Configuration Protocol (DHCP) or BOOTP requests coming from clients on subnets being serviced by the switch and going to hosts on different subnets.

  • Page 793: Config Bootprelay Delete

    config bootprelay delete config bootprelay delete config bootprelay delete [<ip address> | all] Description Removes one or all IP destination addresses for forwarding BOOTP packets. Syntax Description ip address Specifies an IP address. Specifies all IP address entries. Default N/A. Usage Guidelines After IP unicast routing has been configured, you can configure the switch to forward Dynamic Host Configuration Protocol (DHCP) or BOOTP requests coming from clients on subnets being serviced by...

  • Page 794: Config Iparp Add

    IP Unicast Commands config iparp add config iparp add <ip address> <mac_address> Description Adds a permanent entry to the ARP table. Specify the IP address and MAC address of the entry. Syntax Description ip address Specifies an IP address. mac_address Specifies a MAC address.

  • Page 795: Config Iparp Add Proxy

    config iparp add proxy config iparp add proxy config iparp add proxy <ip address> {<mask>} {<mac_address>} {always} Description Configures the switch to respond to ARP Requests on behalf of devices that are incapable of doing so. Up to 64 proxy ARP entries can be configured. Syntax Description ip address Specifies an IP address.

  • Page 796: Config Iparp Delete

    IP Unicast Commands config iparp delete config iparp delete <ip address> Description Deletes an entry from the ARP table. Specify the IP address of the entry. Syntax Description ip address Specifies an IP address. Default N/A. Usage Guidelines Removes any IP ARP entry (dynamic or permanent) from the table. The is used to match ip address the IP interface address to locate a suitable interface.

  • Page 797: Config Iparp Delete Proxy

    config iparp delete proxy config iparp delete proxy config iparp delete proxy [<ip address> {<mask>} | all] Description Deletes one or all proxy ARP entries. Syntax Description ip address Specifies an IP address. mask Specifies a subnet mask. Specifies all ARP entries. Default Not Always.

  • Page 798: Config Iparp Max-Entries

    IP Unicast Commands config iparp max-entries config iparp max-entries <number> Description Configures the maximum allowed IP ARP entries. Syntax Description number Specifies a number of maximum IP ARP entries. Default 4096. Usage Guidelines Range: 1 - 20480. The maximum IP ARP entries include dynamic, static, and incomplete IP ARP entries.

  • Page 799: Config Iparp Max-Pending-Entries

    config iparp max-pending-entries config iparp max-pending-entries config iparp max-pending-entries <number> Description Configures the maximum allowed incomplete IP ARP entries. Syntax Description number Specifies a number of maximum IP ARP entries. Default 256. Usage Guidelines Range: 1 - 20480, but cannot be greater than the configured IP ARP max-entries value. Example The following command sets the maximum IP ARP entries to 500 entries: config iparp max-pending-entries 500...

  • Page 800: Config Iparp Timeout

    IP Unicast Commands config iparp timeout config iparp timeout <minutes> Description Configures the IP ARP timeout period. Syntax Description minutes Specifies a time in minutes. Default 20 minutes. Usage Guidelines A setting of 0 disables ARP aging. Example The following command sets the IP ARP timeout period to 10 minutes: config iparp timeout 10 History This command was first available in ExtremeWare 4.0.

  • Page 801: Config Ip-Down-Vlan-Action

    config ip-down-vlan-action config ip-down-vlan-action config ip-down-vlan-action [consume | drop | forward] Description Configures the forwarding functionality destined to nonworking IP interfaces. Syntax Description consume Specifies the consume function. drop Specifies the drop function. forward Specifies the forwarding function. Default N/A. Usage Guidelines None.

  • Page 802: Config Iproute Add

    IP Unicast Commands config iproute add config iproute add <ip address> <mask> <gateway> <metric> Description Adds a static address to the routing table. Syntax Description ip address Specifies an IP address. mask Specifies a subnet mask. gateway Specifies a VLAN gateway. metric Specifies a cost metric.

  • Page 803: Config Iproute Add Blackhole

    config iproute add blackhole config iproute add blackhole config iproute add blackhole <ip address> <mask> Description Adds a blackhole address to the routing table. All traffic destined for a configured blackhole IP address is silently dropped, and no Internet Control Message Protocol (ICMP) message is generated. Syntax Description ip address Specifies an IP address.

  • Page 804: Config Iproute Add Blackhole Default

    IP Unicast Commands config iproute add blackhole default config iproute add blackhole default Description Adds a default blackhole route to the routing table. All traffic destined for an unknown IP destination is silently dropped, and no Internet Control Message Protocol (ICMP) message is generated. Syntax Description This command has no arguments or variables.

  • Page 805: Config Iproute Add Default

    config iproute add default config iproute add default config iproute add default <gateway> {<metric>} Description Adds a default gateway to the routing table. Syntax Description gateway Specifies a VLAN gateway metric Specifies a cost metric. If no metric is specified, the default of 1 is used. Default If no metric is specified, the default metric of 1 is used.

  • Page 806: Config Iproute Delete

    IP Unicast Commands config iproute delete config iproute delete <ip address> <mask> <gateway> Description Deletes a static address from the routing table. Syntax Description ip address Specifies an IP address. mask Specifies a subnet mask. gateway Specifies a VLAN gateway. Default N/A.

  • Page 807: Config Iproute Delete Blackhole

    config iproute delete blackhole config iproute delete blackhole config iproute delete blackhole <ip address> <mask> Description Deletes a blackhole address from the routing table. Syntax Description ip address Specifies an IP address. mask Specifies a subnet mask. Default N/A. Usage Guidelines None.

  • Page 808: Config Iproute Delete Blackhole Default

    IP Unicast Commands config iproute delete blackhole default config iproute delete blackhole default Description Deletes a default blackhole route from the routing table. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command deletes a blackhole default route from the routing table: config iproute delete blackhole default History This command was first available in ExtremeWare 6.2.2.

  • Page 809: Config Iproute Delete Default

    config iproute delete default config iproute delete default config iproute delete default <gateway> Description Deletes a default gateway from the routing table. Syntax Description gateway Specifies a VLAN gateway. Default N/A. Usage Guidelines Default routes are used when the router has no other dynamic or static route to the requested destination.

  • Page 810: Config Iproute Priority

    IP Unicast Commands config iproute priority config iproute priority [rip | bootp | icmp | static | ospf-intra | ospf-inter | ospf-as-external | ospf-extern1 | ospf-extern2] <priority> Description Changes the priority for all routes from a particular route origin. Syntax Description Specifies RIP.
  • Page 811 config iproute priority Example The following command sets IP route priority for static routing to 1200: config iproute priority static 1200 History This command was first available in ExtremeWare 4.0. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 812: Config Iproute Route-Map

    IP Unicast Commands config iproute route-map config iproute route-map [bgp | direct | e-bgp | i-bgp | ospf | ospf-extern1 | ospf-extern2 | ospf-inter | ospf-intra | rip | static] [<route map> | none] Description Configures the contents of the IP routing table. Syntax Description Specifies BGP routing.
  • Page 813 config iproute route-map History This command was first available in ExtremeWare 6.1.5. This command was modified in an ExtremeWare IP Technology Services Release based on ExtremeWare v6.1.8b12 to support MPLS modules. Platform Availability This command is available on “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 814: Config Irdp

    IP Unicast Commands config irdp config irdp [multicast | broadcast] Description Configures the destination address of the router advertisement messages. Syntax Description multicast Specifies multicast setting. broadcast Specifies broadcast setting. Default Multicast (224.0.0.1). Usage Guidelines None. Example The following command sets the address of the router advertiser messages to multicast: config irdp multicast History This command was first available in ExtremeWare 4.0.

  • Page 815: Config Irdp

    config irdp config irdp config irdp <mininterval> <maxinterval> <lifetime> <preference> Description Configures the router advertisement message timers, using seconds. Syntax Description mininterval Specifies the minimum amount of time between router advertisements in seconds. The default setting is 450 seconds. maxinterval Specifies the maximum amount of time between router advertisements in seconds.

  • Page 816: Config Tcp-Sync-Rate

    IP Unicast Commands config tcp-sync-rate config tcp-sync-rate <number_sync_per_sec> Description Configures a limit for the switch to process TCP connection requests. Syntax Description number_sync_per_sec Specifies a time in seconds. Default Usage Guidelines If the connection request rate is higher than the specified rater, or the total number of outstanding connection requests exceed the system limit, the system ages out incomplete connection requests at a faster rate.

  • Page 817: Config Udp-Profile Add

    config udp-profile add config udp-profile add config udp-profile <profile_name> add <udp_port> [vlan <vlan name> | ip address <dest_ipaddress>] Description Configures a UDP-forwarding profile. Syntax Description profile_name Specifies a UDP profile name. udp_port Specifies a UDP port number. vlan name Specifies a VLAN name. dest_ipaddress Specifies an IP address.

  • Page 818: Config Udp-Profile Delete

    IP Unicast Commands config udp-profile delete config udp-profile <profile_name> delete <udp_port> [vlan <vlan name> | ip address <dest_ipaddress>] Description Deletes a forwarding entry from the specified UDP-profile. Syntax Description profile_name Specifies a UDP profile name. udp_port Specifies a UDP port number. vlan name Specifies a VLAN name.

  • Page 819: Config Vlan Subvlan Address Range

    config vlan subvlan address range config vlan subvlan address range config vlan <vlan name> subvlan-address-range <ip address1> - <ip address2> Description Configures sub-VLAN address ranges on each sub-VLAN to prohibit the entry of IP addresses from hosts outside of the configured range. Syntax Description vlan name Specifies a super-VLAN name.

  • Page 820: Config Vlan Upd-Profile

    IP Unicast Commands config vlan upd-profile config vlan <vlan name> udp-profile <profile_name> Description Assigns a UDP-forwarding profile to the source VLAN. Syntax Description vlan name Specifies a VLAN name. profile_name Specifies a UDP profile name. Default N/A. Usage Guidelines After the UDP profile has been associated with the VLAN, the switch picks up any broadcast UDP packets that match the user-configured UDP port number, and forwards those packets to the user-defined destination.

  • Page 821: Config Vlan Secondary-Ip

    config vlan secondary-ip config vlan secondary-ip config vlan <super-vlan name> [add | delete] secondary-ip <ip address> {<mask>} Description Adds or deletes a secondary IP address to the super-VLAN for responding to ICMP ping requests. Syntax Description super-vlan name Specifies a super-VLAN name. Specifies to add a secondary IP address.
  • Page 822 IP Unicast Commands Platform Availability This command is available on “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 823: Config Vlan Subvlan

    config vlan subvlan config vlan subvlan config vlan <super-vlan name> [add | delete] subvlan <sub-vlan name> Description Adds or deletes a sub-VLAN to a super-VLAN. Syntax Description super-vlan name Specifies a super-VLAN name Specifies to add the sub-VLAN to the super-VLAN delete Specifies to delete the sub-VLAN from the super-VLAN sub-vlan name...

  • Page 824: Create Udp-Profile

    IP Unicast Commands create udp-profile create udp-profile <profile_name> Description Creates a UDP-forwarding destination profile that describes the types of UDP packets (by port number) that are used, and where they are to be forwarded. Syntax Description profile_name Specifies a UDP profile name. Default N/A.

  • Page 825: Delete Udp-Profile

    delete udp-profile delete udp-profile delete udp-profile <profile_name> Description Deletes a UDP-forwarding profile. Syntax Description profile_name Specifies a UDP profile name. Default N/A. Usage Guidelines None. Example The following command deletes a UPD profile named backbone: delete udp-profile backbone History This command was first available in ExtremeWare 4.0. Platform Availability This command is available on all platforms.

  • Page 826: Disable Bootp Vlan

    IP Unicast Commands disable bootp vlan disable bootp vlan [<vlan name> | all] Description Disables the generation and processing of BOOTP packets on a VLAN to obtain an IP address for the VLAN from a BOOTP server. Syntax Description vlan name Specifies a VLAN name.

  • Page 827: Disable Bootprelay

    disable bootprelay disable bootprelay disable bootprelay Description Disables the BOOTP relay function. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines After IP unicast routing has been configured, you can configure the switch to forward Dynamic Host Configuration Protocol (DHCP) or BOOTP requests coming from clients on subnets being serviced by the switch and going to hosts on different subnets.

  • Page 828: Disable Icmp Address-Mask

    IP Unicast Commands disable icmp address-mask disable icmp address-mask {vlan <vlan name>} Description Disables the generation of an ICMP address-mask reply on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines Disables the generation of an ICMP address-mask reply (type 18, code 0) when an ICMP address mask request is received.

  • Page 829: Disable Icmp Parameter-Problem

    disable icmp parameter-problem disable icmp parameter-problem disable icmp parameter-problem {vlan <vlan name>} Description Disables the generation of an ICMP parameter-problem message on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines Disables the generation of an ICMP parameter-problem message (type 12) when the switch cannot properly process the IP header or IP option information.

  • Page 830: Disable Icmp Port-Unreachables

    IP Unicast Commands disable icmp port-unreachables disable icmp port-unreachables {vlan <vlan name>} Description Disables the generation of ICMP port unreachable messages on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines Disables the generation of ICMP port unreachable messages (type 3, code 3) when a TPC or UDP request is made to the switch, and no application is waiting for the request, or access policy denies the request.

  • Page 831: Disable Icmp Redirects

    disable icmp redirects disable icmp redirects disable icmp redirects {vlan <vlan name>} Description Disables generation of ICMP redirect messages on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines This option only applies to the switch when the switch is not in routing mode. Example The following command disables ICMP redirects from VLAN accounting: disable icmp redirects vlan accounting...

  • Page 832: Disable Icmp Time-Exceeded

    IP Unicast Commands disable icmp time-exceeded disable icmp time-exceeded {vlan <vlan name>} Description Disables the generation of ICMP time exceeded messages on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines Disables the generation of an ICMP time exceeded message (type 11) when the TTL field expires during forwarding.

  • Page 833: Disable Icmp Timestamp

    disable icmp timestamp disable icmp timestamp disable icmp timestamp {vlan <vlan name>} Description Disables the generation of an ICMP timestamp response on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines Disables the generation of an ICMP timestamp response (type 14, code 0) when an ICMP timestamp request is received.

  • Page 834: Disable Icmp Unreachables

    IP Unicast Commands disable icmp unreachables disable icmp unreachables {vlan <vlan name>} Description Disables the generation of ICMP unreachable messages on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines None. Example The following command disables the generation of ICMP unreachable messages on all VLANs: disable icmp unreachables History This command was available in ExtremeWare 2.0.

  • Page 835: Disable Icmp Useredirects

    disable icmp useredirects disable icmp useredirects disable icmp useredirects Description Disables the modification of route table information when an ICMP redirect message is received. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines This option only applies to the switch when the switch is not in routing mode. Example The following command disables the changing of routing table information: disable icmp useredirects...

  • Page 836: Disable Iparp Checking

    IP Unicast Commands disable iparp checking disable iparp checking Description Disable checking if the ARP Request source IP address is within the range of the local interface or VLAN domain. Syntax Description This command has no arguments or variables. Default Enabled.

  • Page 837: Disable Iparp Refresh

    disable iparp refresh disable iparp refresh disable iparp refresh Description Disables IP ARP to refresh its IP ARP entries before timing out. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines IP ARP refresh can only be disabled if IP forwarding is disabled. The purpose of disabling ARP refresh is to reduce ARP traffic in a high node count layer 2 switching only environment.

  • Page 838: Disable Ipforwarding

    IP Unicast Commands disable ipforwarding disable ipforwarding {[broadcast | fast-direct-broadcast | ignore-broadcast]} {vlan <vlan name>} Description Disables routing (or routing of broadcasts) for one or all VLANs. If no argument is provided, disables routing for all VLANs. Syntax Description broadcast Specifies broadcast IP forwarding.

  • Page 839: Disable Ipforwarding Lpm-Routing

    disable ipforwarding lpm-routing disable ipforwarding lpm-routing disable ipforwarding lpm-routing {vlan <vlan name>} Description Disables Longest Prefix Match (LPM) routing for the specified VLAN. If no argument is provided, disables LPM routing for all VLANs except the management VLAN. Syntax Description vlan name Specifies a VLAN name.

  • Page 840: Disable Ip-Option Loose-Source-Route

    IP Unicast Commands disable ip-option loose-source-route disable ip-option loose-source-route Description Disables the loose source route IP option. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines None. Example The following command disables the loose source route IP option: disable ip-option loose-source-route History This command was first available in ExtremeWare 6.0.

  • Page 841: Disable Ip-Option Record-Route

    disable ip-option record-route disable ip-option record-route disable ip-option record-route Description Disables the record route IP option. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines None. Example The following command disables the record route IP option: disable ip-option record-route History This command was first available in ExtremeWare 6.0.

  • Page 842: Disable Ip-Option Record-Timestamp

    IP Unicast Commands disable ip-option record-timestamp disable ip-option record-timestamp Description Disables the record timestamp IP option. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines None. Example The following command disables the record timestamp IP option: disable ip-option record-timestamp History This command was first available in ExtremeWare 6.0.

  • Page 843: Disable Ip-Option Strict-Source-Route

    disable ip-option strict-source-route disable ip-option strict-source-route disable ip-option strict-source-route Description Disables the strict source route IP option. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines None. Example The following command disables the strict source route IP option: disable ip-option strict-source-route History This command was first available in ExtremeWare 6.0.

  • Page 844: Disable Ip-Option Use-Router-Alert

    IP Unicast Commands disable ip-option use-router-alert disable ip-option use-router-alert Description Disables the generation of the router alert IP option. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines None. Example The following command disables generation of the router alert IP option: disable ip-option use-router-alert History This command was first available in ExtremeWare 6.0.

  • Page 845: Disable Iproute Sharing

    disable iproute sharing disable iproute sharing disable iproute sharing Description Disables load sharing if multiple routes to the same destination are available. When multiple routes to the same destination are available, load sharing can be enabled to distribute the traffic to multiple destination gateways.

  • Page 846: Disable Irdp

    IP Unicast Commands disable irdp disable irdp {vlan <vlan name>} Description Disables the generation of ICMP router advertisement messages on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines If no optional argument is specified, all the IP interfaces are affected. Example The following command disables IRDP on VLAN accounting: disable irdp vlan accounting...

  • Page 847: Disable Loopback-Mode Vlan

    disable loopback-mode vlan disable loopback-mode vlan disable loopback-mode vlan [<vlan name> | all] Description Disallows a VLAN to be placed in the UP state without an external active port. This allows (disallows) the VLANs routing interface to become active. Syntax Description vlan name Specifies a VLAN name.

  • Page 848: Disable Multinetting

    IP Unicast Commands disable multinetting disable multinetting Description Disables IP multinetting on the system. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines The multinetting features requires the user to change the MAC FDB aging timer to be at least 3000 seconds on the switch.

  • Page 849: Disable Subvlan-Proxy-Arp Vlan

    disable subvlan-proxy-arp vlan disable subvlan-proxy-arp vlan disable subvlan-proxy-arp vlan [<super-vlan name> | all] Description Disables the automatic entry of sub-VLAN information in the proxy ARP table. Syntax Description super-vlan name Specifies a super-VLAN name. Specifies all VLANs. Default Enabled. Usage Guidelines To facilitate communication between sub-VLANs, by default, an entry is made in the IP ARP table of the super-VLAN that performs a proxy ARP function.

  • Page 850: Disable Udp-Echo-Server

    IP Unicast Commands disable udp-echo-server disable udp-echo-server Description Disables UDP echo server support. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines UDP Echo packets are used to measure the transit time for data between the transmitting and receiving end.

  • Page 851: Enable Bootp Vlan

    enable bootp vlan enable bootp vlan enable bootp vlan [<vlan name> | all] Description Enables the generation and processing of BOOTP packets on a VLAN to obtain an IP address for the VLAN from a BOOTP server. Syntax Description vlan name Specifies a VLAN name.

  • Page 852: Enable Bootprelay

    IP Unicast Commands enable bootprelay enable bootprelay Description Enables the BOOTP relay function. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines After IP unicast routing has been configured, you can configure the switch to forward Dynamic Host Configuration Protocol (DHCP) or BOOTP requests coming from clients on subnets being serviced by the switch and going to hosts on different subnets.

  • Page 853: Enable Icmp Address-Mask

    enable icmp address-mask enable icmp address-mask enable icmp address-mask {vlan <vlan name>} Description Enables the generation of an ICMP address-mask reply on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines Enables the generation of an ICMP address-mask reply (type 18, code 0) when an ICMP address mask request is received.The default setting is enabled.

  • Page 854: Enable Icmp Parameter-Problem

    IP Unicast Commands enable icmp parameter-problem enable icmp parameter-problem {vlan <vlan name>} Description Enables the generation of an ICMP parameter-problem message on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines Enables the generation of an ICMP parameter-problem message (type 12) when the switch cannot properly process the IP header or IP option information.

  • Page 855: Enable Icmp Port-Unreachables

    enable icmp port-unreachables enable icmp port-unreachables enable icmp port-unreachables {vlan <vlan name>} Description Enables the generation of ICMP port unreachable messages on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines Enables the generation of ICMP port unreachable messages (type 3, code 3) when a TPC or UDP request is made to the switch, and no application is waiting for the request, or access policy denies the request.

  • Page 856: Enable Icmp Redirects

    IP Unicast Commands enable icmp redirects enable icmp redirects {vlan <vlan name>} Description Enables generation of ICMP redirect messages on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines This option only applies to the switch when the switch is not in routing mode. Example The following command enables the generation of ICMP redirect messages on all VLANs: enable icmp redirects...

  • Page 857: Enable Icmp Time-Exceeded

    enable icmp time-exceeded enable icmp time-exceeded enable icmp time-exceeded {vlan <vlan name>} Description Enables the generation of ICMP time exceeded messages on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines Enables the generation of an ICMP time exceeded message (type 11) when the TTL field expires during forwarding.

  • Page 858: Enable Icmp Timestamp

    IP Unicast Commands enable icmp timestamp enable icmp timestamp {vlan <vlan name>} Description Enables the generation of an ICMP timestamp response on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines Enables the generation of an ICMP timestamp response (type 14, code 0) when an ICMP timestamp request is received.

  • Page 859: Enable Icmp Unreachables

    enable icmp unreachables enable icmp unreachables enable icmp unreachables {vlan <vlan name>} Description Enables the generation of ICMP unreachable messages on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines None. Example The following command enables the generation of ICMP unreachable messages on all VLANs: enable icmp unreachables History This command was available in ExtremeWare 2.0.

  • Page 860: Enable Icmp Useredirects

    IP Unicast Commands enable icmp useredirects enable icmp useredirects Description Enables the modification of route table information when an ICMP redirect message is received. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines This option only applies to the switch when the switch is not in routing mode. Example The following command enables the modification of route table information: enable icmp useredirects...

  • Page 861: Enable Iparp Checking

    enable iparp checking enable iparp checking enable iparp checking Description Enables checking if the ARP Request source IP address is within the range of the local interface or VLAN domain. Syntax Description This command has no arguments or variables. Default Enabled.

  • Page 862: Enable Iparp Refresh

    IP Unicast Commands enable iparp refresh enable iparp refreshenable iparp refresh Description Enables IP ARP to refresh its IP ARP entries before timing out. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines IP ARP refresh can only be disabled if IP forwarding is disabled. The purpose of disabling ARP refresh is to reduce ARP traffic in a high node count layer 2 switching only environment.

  • Page 863: Enable Ipforwarding

    enable ipforwarding enable ipforwarding enable ipforwarding {[broadcast | fast-direct-broadcast | ignore-broadcast]} {vlan <vlan name>} Description Enables IP routing or IP broadcast forwarding for one or all VLANs. If no argument is provided, enables IP routing for all VLANs that have been configured with an IP address. Syntax Description broadcast Specifies broadcast IP forwarding.

  • Page 864: Enable Ipforwarding Lpm-Routing

    IP Unicast Commands enable ipforwarding lpm-routing enable ipforwarding lpm-routing {vlan <vlan name>} Description Enables Longest Prefix Match (LPM) routing for the specified VLAN. If no argument is provided, enables LPM routing for all VLANs except the management VLAN. Syntax Description vlan name Specifies a VLAN name.

  • Page 865: Enable Ip-Option Loose-Source-Route

    enable ip-option loose-source-route enable ip-option loose-source-route enable ip-option loose-source-route Description Enables the loose source route IP option. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines None. Example The following command enables the loose source route IP option: enable ip-option loose-source-route History This command was first available in ExtremeWare 6.0.

  • Page 866: Enable Ip-Option Record-Route

    IP Unicast Commands enable ip-option record-route enable ip-option record-route Description Enables the record route IP option. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines None. Example The following command enables the record route IP option: enable ip-option record-route History This command was first available in ExtremeWare 6.0.

  • Page 867: Enable Ip-Option Record-Timestamp

    enable ip-option record-timestamp enable ip-option record-timestamp enable ip-option record-timestamp Description Enables the record timestamp IP option. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines None. Example The following command enables the record timestamp IP option: enable ip-option record-timestamp History This command was first available in ExtremeWare 6.0.

  • Page 868: Enable Ip-Option Strict-Source-Route

    IP Unicast Commands enable ip-option strict-source-route enable ip-option strict-source-route Description Enables the strict source route IP option. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines None. Example The following command enables the strict source route IP option: enable ip-option strict-source-route History This command was first available in ExtremeWare 6.0.

  • Page 869: Enable Ip-Option Use-Router-Alert

    enable ip-option use-router-alert enable ip-option use-router-alert enable ip-option use-router-alert Description Enables the generation of the router alert IP option. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines None. Example The following command enables generation of the router alert IP option: enable ip-option use-router-alert History This command was first available in ExtremeWare 6.0.

  • Page 870: Enable Iproute Sharing

    IP Unicast Commands enable iproute sharing enable iproute sharing Description Enables load sharing if multiple routes to the same destination are available. When multiple routes to the same destination are available, load sharing can be enabled to distribute the traffic to multiple destination gateways.

  • Page 871: Enable Irdp

    enable irdp enable irdp enable irdp {vlan <vlan name>} Description Enables the generation of ICMP router advertisement messages on one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Default Enabled. Usage Guidelines If no optional argument is specified, all the IP interfaces are affected. Example The following command enables IRDP on VLAN accounting: enable irdp vlan accounting...

  • Page 872: Enable Loopback-Mode Vlan

    IP Unicast Commands enable loopback-mode vlan enable loopback-mode vlan [<vlan name> | all] Description Allows a VLAN to be placed in the UP state without an external active port. This allows (disallows) the VLANs routing interface to become active. Syntax Description vlan name Specifies a VLAN name.

  • Page 873: Enable Multinetting

    enable multinetting enable multinetting enable multinetting Description Enables IP multinetting on the system. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines The multinetting features requires the user to change the MAC FDB aging timer to be at least 3000 seconds on the switch.

  • Page 874: Enable Subvlan-Proxy-Arp Vlan

    IP Unicast Commands enable subvlan-proxy-arp vlan enable subvlan-proxy-arp vlan [<super-vlan name> | all] Description Enables the automatic entry of sub-VLAN information in the proxy ARP table. Syntax Description super-vlan name Specifies a super-VLAN name. Specifies all VLANs. Default Enabled. Usage Guidelines To facilitate communication between sub-VLANs, by default, an entry is made in the IP ARP table of the super-VLAN that performs a proxy ARP function.

  • Page 875: Enable Udp-Echo-Server

    enable udp-echo-server enable udp-echo-server enable udp-echo-server Description Enables UDP echo server support. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines UDP Echo packets are used to measure the transit time for data between the transmitting and receiving end.

  • Page 876: Rtlookup

    IP Unicast Commands rtlookup rtlookup [<ip address> | <hostname>] Description Performs a look-up in the route table to determine the best route to reach an IP address or host. Syntax Description hostname Specifies a hostname. ip address Specifies an IP address. Default N/A.

  • Page 877: Run Ipfdb-Check

    run ipfdb-check run ipfdb-check run ipfdb-check [index <bucket> <entry> | <ip-address> {<ip-address>}] {extended} {detail} Description Checks IP FDB entries for consistency. Syntax Description bucket Specifies the bucket portion of the FDB hash index. entry Specifies the entry portion of the FDB hash index. ip-address Specifies an IP address.

  • Page 878: Show Iparp

    IP Unicast Commands show iparp show iparp {<ip address> | <mac_address> | vlan <vlan name> | permanent} Description Displays the IP Address Resolution Protocol (ARP) table. You can filter the display by IP address, MAC address, VLAN, or permanent entries. Syntax Description ip address Specifies an IP address.

  • Page 879: Show Iparp Proxy

    show iparp proxy show iparp proxy show iparp proxy {<ip address> {<mask>}} Description Displays the proxy ARP table. Syntax Description ip address Specifies an IP address. mask Specifies a subnet mask. Default N/A. Usage Guidelines If no argument is specified, then all proxy ARP entries are displayed. Example The following command displays the proxy ARP table: show iparp proxy 10.1.1.5/24...

  • Page 880: Show Ipconfig

    IP Unicast Commands show ipconfig show ipconfig {vlan <vlan name>} {detail} Description Displays configuration information for one or more VLANs. Syntax Description vlan name Specifies a VLAN name. detail Specifies to display global IP configuration information in the detailed format. Default N/A.

  • Page 881: Show Ipfdb

    show ipfdb show ipfdb show ipfdb {<ip address> <netmask> | vlan <vlan name>} Description Displays the contents of the IP forwarding database (FDB) table. Used for technical support purposes. If no option is specified, all IP FDB entries are displayed. Syntax Description ip address Specifies an IP address.
  • Page 882 IP Unicast Commands 10.205.0.202 07C7.0 4646.0 0000 00:10:E3:1D:00:1E 4000 1 10.205.4.193 08C3.0 9C32.0 0000 00:E0:2B:04:DA:00 4000 1 10.205.4.192 09C3.0 9C32.0 0000 00:E0:2B:04:DA:00 4000 1 History This command was available in ExtremeWare 2.0. Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 883: Show Iproute

    show iproute show iproute show iproute {priority | vlan <vlan name> | permanent | <ip address> <netmask> | route-map |origin [direct | static | blackhole | rip | bootp | icmp | ospf-intra | ospf-inter | ospf-as-external | ospf-extern1 | ospf-extern2]} {mpls} {sorted} Description Displays the contents of the IP routing table or the route origin priority.
  • Page 884 IP Unicast Commands keyword only applies to some of the options available on the show iproute command. The mpls s keyword is ignored when specified in conjunction with the following options: • priority • route-map • summary Example The following command displays detailed information about all IP routing: show iproute detail Following is the output from this command: Destination: 10.10.121.111/30...

  • Page 885: Show Ipstats

    show ipstats show ipstats show ipstats {vlan <vlan name>} Description Displays IP statistics for the CPU for the switch or for a particular VLAN. Syntax Description vlan name Specifies a VLAN name. Default N/A. Usage Guidelines This command only shows statistics of the CPU-handled packets. Not all packets are handled by the CPU.
  • Page 886 IP Unicast Commands Table 19: Global IP Statistics Field Definitions (continued) Field Definition NoFwding Aggregate number of IP packets not forwarded due to errors. Redirects IP packets forwarded on the same network. No route Not used. Bad TTL IP packets with a bad time-to-live. Bad MC TTL IP packets with a bad multicast time-to-live.
  • Page 887 show ipstats Table 22: DHCP/BOOTP Statistics Field Definitions Field Definition Received to server Number of DHCP packets forwarded to server. Received to client Number of DHCP packets received by clients. Requests relayed Number of DHCP request packets relayed. Responses relayed Number of DHCP response packets relayed.

  • Page 888: Show Udp-Profile

    IP Unicast Commands show udp-profile show udp-profile {<profile_name>} Description Displays the UDP profile information. Syntax Description profile_name Specifies a UDP profile name. Default N/A. Usage Guidelines Displays the following information: • Profile names • Input rules of UDP port, destination IP address, or VLAN •...

  • Page 889: Unconfig Icmp

    unconfig icmp unconfig icmp unconfig icmp Description Resets all ICMP settings to the default values. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command resets all ICMP settings to the default values. unconfig icmp History This command was available in ExtremeWare 2.0.

  • Page 890: Unconfig Iparp

    IP Unicast Commands unconfig iparp unconfig iparp Description Resets IP ARP timeout, IP ARP max-entries, and IP ARP max-pending-entries to their default values. Syntax Description This command has no arguments or variables. Default Usage Guidelines None. Example The following command resets all IP ARP related settings to the default values: unconfig iparp History This command was first available in ExtremeWare 6.2.

  • Page 891: Unconfig Irdp

    unconfig irdp unconfig irdp unconfig irdp Description Resets all router advertisement settings to the default values. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command resets all router advertisement settings to the default values. unconfig irdp History This command was available in ExtremeWare 2.0.

  • Page 892: Unconfig Udp-Profile

    IP Unicast Commands unconfig udp-profile unconfig udp-profile vlan [<vlan name> | all] Description Removes the UDP-forwarding profile configuration for one or all VLANs. Syntax Description vlan name Specifies a VLAN name. Specifies all UDP profiles. Default N/A. Usage Guidelines None. Example The following command removes the UDP profile configuration from the VLAN accounting: unconfig udp-profile vlan accounting...
  • Page 893 IGP Commands This chapter documents commands used for the following interior gateway protocols: • OSPF • Integrated IS-IS • RIP OSPF is a link-state protocol that distributes routing information between routers belonging to a single IP domain, also known as an autonomous system (AS). In a link-state routing protocol, each router maintains a database describing the topology of the autonomous system.
  • Page 894 IGP Commands The Intermediate System to Intermediate System (IS-IS) routing protocol is a link-state protocol that is very similar to OSPF. ExtremeWare Integrated IS-IS support allows switches to act as IP-only IS-IS routers. The IS-IS routing protocol provides transport-independent routing. IS-IS partitions the network into “routing domains.”...

  • Page 895: Clear Isis Adjacency

    clear isis adjacency clear isis adjacency clear isis adjacency {level-1 | level-2 | level-1-2 | point-to-point} {vlan <vlan name>} Description Clear the IS-IS adjacencies currently present. Syntax Description level-1 Specifies IS-IS level 1 adjacencies. level-2 Specifies IS-IS level 2 adjacencies. level-1-2 Specifies IS-IS level 1 and level 2 adjacencies.

  • Page 896: Clear Isis Lsdb

    IGP Commands clear isis lsdb clear isis lsdb {level-2 | area <isis area identifier>} {system-identifier <system identifier> | sysName <alphanumeric string>} {type [non-pseudonode | pseudonode {circuit-identifier <number(1-255)>}]} {lsp-number <number(0-255)>} Description Clears the IS-IS LSDB of the level 2 subdomain or a level 1 area. Syntax Description level-2 Specifies the level 2 subdomain.

  • Page 897: Config Isis Add Area Address

    config isis add area address config isis add area address config isis [level-2 | area <isis area identifier>] add <area address> Description Adds an IS-IS area address for a level 2 subdomain or a level 1 area. Syntax Description level-2 Specifies level 2.

  • Page 898: Config Isis Add Vlan

    IGP Commands config isis add vlan config isis add vlan [<vlan name> | all] [[level-1 | level-1-2] area <isis area identifier> | level-2-only] Description Enables IS-IS routing on a routing interface. Syntax Description vlan name Specifies the name of a VLAN. Specifies all VLANs.

  • Page 899: Config Isis Area Add Domain-Summary

    config isis area add domain-summary config isis area add domain-summary config isis area <isis area identifier> add domain-summary <ip address> /<netmask> [advertise {cost <cost(0-4261412864)>} | noadvert] Description Adds a summary address to be applied on the IP reachability information from this level 1 area, which will be included in the level 2 LSP.

  • Page 900: Config Isis Area Delete Domain-Summary

    IGP Commands config isis area delete domain-summary config isis area <isis area identifier> delete domain-summary <ip address> /<netmask> Description Deletes a summary address to be applied on the IP reachability information from this level 1 area, which will be included in the level 2 LSP. Syntax Description isis area identifier Specifies an area identifier.

  • Page 901: Config Isis Area Domain-Filter

    config isis area domain-filter config isis area domain-filter config isis area <isis area identifier> domain-filter [<access profile> | none] Description Configures an access profile to filter the IP reachability information from this level 1 area that will be included in the level 2 LSP: Syntax Description isis area identifier Specifies an area identifier.

  • Page 902: Config Isis Authentication

    IGP Commands config isis authentication config isis [level-2 | area <isis area identifier>] authentication [simple-password <isis simple password> {no-check} | hmac-md5 <hmac-md5> {no-check} | none] Description Configures authentication for a level 2 subdomain or a level 1 area. Syntax Description level-2 Specifies to configure authentication for a level 2 subdomain.

  • Page 903: Config Isis Delete Area-Address

    config isis delete area-address config isis delete area-address config isis [level-2 | area <isis area identifier>] delete <area address> Description Deletes an IS-IS area address for a level 2 subdomain or a level 1 area. Syntax Description isis area identifier Specifies the area identifier.

  • Page 904: Config Isis Delete Vlan

    IGP Commands config isis delete vlan config isis delete vlan [<vlan name> | all] Description Disables IS-IS routing on a routing interface. Syntax Description vlan name Specifies the name of a VLAN. Specifies all VLANs. Default By default, IS-IS is not enabled on an interface. Usage Guidelines None.

  • Page 905: Config Isis External-Filter

    config isis external-filter config isis external-filter config isis [level-2 | area <isis area identifier>] external-filter [<access profile> | none] Description Configures an access profile to filter routes being redistributed in to the level 1 area or level 2 subdomain. Syntax Description isis area identifier Specifies an area identifier.

  • Page 906: Config Isis Lsp Holddown Interval

    IGP Commands config isis lsp holddown interval config isis lsp-holddown-interval <seconds> Description Configures the LSP hold down interval. Syntax Description seconds Specifies the LSP hold down interval in seconds. Default 10 seconds. Usage Guidelines The LSP hold down interval range is from 3 to 120 seconds. Example The following command configures the LSP hold down interval: config isis lsp-holddown-interval 20...

  • Page 907: Config Isis Lsp Lifetime

    config isis lsp lifetime config isis lsp lifetime config isis lsp-lifetime <seconds> Description Configures the LSP lifetime. Syntax Description seconds Specifies the LSP lifetime in seconds. Default 1200 seconds. Usage Guidelines You can only use this command when IS-IS is disabled. The LSP lifetime range is from 400 to 65,535 seconds.

  • Page 908: Config Isis Lsp Refresh Interval

    IGP Commands config isis lsp refresh interval config isis lsp-refresh-interval <seconds> Description Configures the LSP refresh interval. Syntax Description seconds Specifies the LSP refresh interval in seconds. Default 900 seconds. Usage Guidelines You can only use this command when IS-IS is disabled. The LSP refresh interval range is from 100 to 65,235 seconds.

  • Page 909: Config Isis Metric-Size

    config isis metric-size config isis metric-size config isis [level-2 | area <isis area identifier>] metric-size [regular | wide | both] Description Configures the size of the metric originated in the LSP for the level 2 subdomain or level 1 area. Syntax Description isis area identifier Specifies an area identifier.

  • Page 910: Config Isis Spf Hold Time

    IGP Commands config isis spf hold time config isis spf-hold-time <seconds> Description Configures the shortest-path-first hold time. Syntax Description seconds Specifies the SPF hold time in seconds. Default 3 seconds. Usage Guidelines The SPF hold time range is from 1 to 300 seconds. Example The following command configures the IS-IS shortest-path-first hold time: config isis spf-hold-time 7...

  • Page 911: Config Isis System-Identifier

    config isis system-identifier config isis system-identifier config isis system-identifier <system identifier> Description Configures a 6 hex octet system identifier for IS-IS routing. Syntax Description system identifier Specifies the 6 hex octet system identifier. The format is xxxx.xxxx.xxxx where x represents a hexidecimal digit. Default By default, the system identifier is set to the switch’s MAC address.

  • Page 912: Config Isis Vlan

    IGP Commands config isis vlan config isis [vlan <vlan name> | all] [level-1| level-2 | level-1-2] [passive | non-passive] Description Configures the different IS-IS levels on a routing interface as passive or non-passive. Syntax Description vlan name Specifies the name of a VLAN. Specifies all VLANs.

  • Page 913: Config Isis Vlan Authentication

    config isis vlan authentication config isis vlan authentication config isis vlan <vlan name> [level-1 | level-2 | level-1-2] authentication [simple-password <isis simple password> {no-check} | hmac-md5 <hmac-md5> {no-check} | none] Description Configures authentication on a VLAN for the IS-IS levels on a routing interface: Syntax Description vlan name Specifies the name of a VLAN.

  • Page 914: Config Isis Vlan Cost

    The default cost value is 10. Usage Guidelines Extreme Networks recommends that you configure metrics on all interfaces. If you do not, the IS-IS metrics are similar to hop-count metrics. is specified, the metric is applied to all the routing interfaces in the system.

  • Page 915: Config Isis Vlan Hello-Multiplier

    config isis vlan hello-multiplier config isis vlan hello-multiplier config isis [vlan <vlan name> | all] [level-1| level-2 | level-1-2] hello-multiplier <number(3-1000)> Description Configures the number of IS-IS Hello packets an IS-IS neighbor at a particular level on this routing interface must miss before the it declares that the adjacency with this system is down. Syntax Description vlan name Specifies the name of a VLAN.

  • Page 916: Config Isis Vlan Priority

    IGP Commands config isis vlan priority config isis [vlan <vlan name> | all] [level-1| level-2 | level-1-2] priority <priority> Description Configures the IS-IS priority for the IS-IS levels of a routing interface. Syntax Description vlan name Specifies the name of a VLAN. Specifies all VLANs.

  • Page 917: Config Isis Vlan Timer

    config isis vlan timer config isis vlan timer config isis [vlan <vlan name> | all] [level-1| level-2 | level-1-2] timer [csnp <seconds>| hellotime <seconds>] Description Configures the IS-IS timer interval for the different levels of a routing interface. Syntax Description vlan name Specifies the name of a VLAN.
  • Page 918 IGP Commands Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 919: Config Ospf Cost

    config ospf cost config ospf cost config ospf [area <area identifier> | vlan [<vlan name> | all]] cost [automatic | <number>] Description Configures the cost metric of one or all interface(s). Syntax Description area identifier Specifies an OSPF area. vlan name Specifies a VLAN name.

  • Page 920: Config Ospf Priority

    IGP Commands config ospf priority config ospf [area <area identifier> | vlan [<vlan name> | all]] priority <priority> Description Configures the priority used in the designated router-election algorithm for one or all OSPF interface(s) for all the interfaces within the area. Syntax Description area identifier Specifies an OSPF area.

  • Page 921: Config Ospf Virtual-Link Authentication Password

    config ospf virtual-link authentication password config ospf virtual-link authentication password config ospf [vlan <vlan name> | area <area identifier> | virtual-link <routerid> <area identifier>] authentication [simple-password <password> | md5 <md5_key_id> <md5_key>| none | encrypted [simple-password <password> | md5 <md5_key_id> <md5_key>] Description Specifies the authentication password (up to eight characters) or Message Digest 5 (MD5) key for one or all interfaces in an area.

  • Page 922: Config Ospf Timer

    IGP Commands config ospf timer config ospf [vlan <vlan name> | area <area identifier> | virtual-link <routerid> <area identifier>] timer <retransmit interval> <transit delay> <hello interval> <dead interval> {<wait timer interval>} Description Configures the timers for one interface or all interfaces in the same OSPF area. Syntax Description vlan name Specifies a VLAN name.
  • Page 923 config ospf timer Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 924: Config Ospf Add Virtual-Link

    IGP Commands config ospf add virtual-link config ospf add virtual-link <routerid> <area identifier> Description Adds a virtual link connected to another ABR. Syntax Description routerid Specifies an IP address that identifies the router. area identifier Specifies an OSPF area. Default N/A.

  • Page 925: Config Ospf Add Vlan Area

    config ospf add vlan area config ospf add vlan area config ospf add vlan [<vlan name> | all] area <area identifier> {passive} Description Enables OSPF on one or all VLANs (router interfaces). Syntax Description vlan name Specifies a VLAN name. Specifies all VLANs.
  • Page 926 IGP Commands Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 927: Config Ospf Add Vlan Area Link-Type

    config ospf add vlan area link-type config ospf add vlan area link-type config ospf add vlan [<vlan name> | all] area <area identifier> link-type [auto | broadcast | point-to-point] {passive} Description Configures the OSPF link type. Syntax Description vlan name Specifies a VLAN name.

  • Page 928: Config Ospf Area External-Filter

    IGP Commands config ospf area external-filter config ospf area <area_id> external-filter [<access_profile> |none] Description Configures an external filter policy. Syntax Description area_id Specifies the OSPF target area. access_profile Specifies an access profile. none Specifies not to apply an external filter. Default N/A.

  • Page 929: Config Ospf Area Interarea-Filter

    config ospf area interarea-filter config ospf area interarea-filter config ospf area <area_id> interarea-filter [<access_profile> | none] Description Configures a global inter-area filter policy. Syntax Description area_id Specifies the OSPF target area. access_profile Specifies an access profile. none Specifies not to apply an interarea filter. Default N/A.

  • Page 930: Config Ospf Area Add Range

    IGP Commands config ospf area add range config ospf area <area identifier> add range <ipaddress> <mask> [advertise | noadvertise] {type-3 | type-7} Description Configures a range of IP addresses in an OSPF area to be aggregated. Syntax Description area identifier Specifies an OSPF area.

  • Page 931: Config Ospf Area Delete Range

    config ospf area delete range config ospf area delete range config ospf area <area identifier> delete range <ipaddress> <mask> Description Deletes a range of aggregated IP addresses in an OSPF area. Syntax Description area identifier Specifies an OSPF area. ipaddress Specifies an IP address.

  • Page 932: Config Ospf Area Normal

    IGP Commands config ospf area normal config ospf area <area identifier> normal Description Configures an OSFP area as a normal area. Syntax Description area identifier Specifies an OSPF area. Default Normal. Usage Guidelines A normal area is an area that is not any of the following: •...

  • Page 933: Config Ospf Area Nssa Stub-Default-Cost

    config ospf area nssa stub-default-cost config ospf area nssa stub-default-cost config ospf area <area identifier> nssa [summary | nosummary] stub-default-cost <cost> {translate} Description Configures an OSPF area as an NSSA. Syntax Description area identifier Specifies an OSPF area. summary Specifies that type-3 can be propagated into the area. nosummary Specifies that type-3 cannot be propagated into the area.

  • Page 934: Config Ospf Area Stub Stub-Default-Cost

    IGP Commands config ospf area stub stub-default-cost config ospf area <area identifier> stub [summary | nosummary] stub-default-cost <cost> Description Configures an OSPF area as a stub area. Syntax Description area identifier Specifies an OSPF area. summary Specifies that type-3 can be propagated into the area. nosummary Specifies that type-3 cannot be propagated into the area.

  • Page 935: Config Ospf Asbr-Filter

    config ospf asbr-filter config ospf asbr-filter config ospf asbr-filter [<access profile> | none] Description Configures a route filter for all ASBR routers. Syntax Description access profile Specifies an access profile. none Specifies not to apply an ASBR filter. Default N/A. Usage Guidelines For switches configured to support RIP, BGP, VIP and static route re-distribution into OSPF, an access profile can be used to limit the routes that are advertised into OSPF for the switch as a whole.

  • Page 936: Config Ospf Ase-Limit

    IGP Commands config ospf ase-limit config ospf ase-limit <number> {timeout <seconds>} Description Configures the AS-external LSA limit and overflow duration associated with OSPF database overflow handling. Syntax Description number Specifies the number of external routes that can be held on a link-state database.

  • Page 937: Config Ospf Ase-Summary Add

    config ospf ase-summary add config ospf ase-summary add config ospf ase-summary add <ip address> <mask> cost <cost> {<tag_number>} Description Aggregates AS-external routes in a specified address range. Syntax Description ipaddress Specifies an IP address. mask Specifies a subnet mask. cost Specifies a metric that will be given to the summarized route.

  • Page 938: Config Ospf Ase-Summary Delete

    IGP Commands config ospf ase-summary delete config ospf ase-summary delete <ipaddress> <mask> Description Deletes an aggregated OSPF external route. Syntax Description ipaddress Specifies an IP address. mask Specifies a subnet mask. Default N/A. Usage Guidelines This command is only valid on an ASBR. Example The following command deletes the aggregated AS-external route: config ospf ase-summary delete 175.1.0.0/16...

  • Page 939: Config Ospf Delete Virtual-Link

    config ospf delete virtual-link config ospf delete virtual-link config ospf delete virtual-link <routerid> <area identifier> Description Removes a virtual link. Syntax Description routerid Specifies a router interface number. area identifier Specifies an OSPF area. Default N/A. Usage Guidelines None. Example The following command deletes a virtual link: config ospf delete virtual-link 10.1.2.1 10.1.0.0 History...

  • Page 940: Config Ospf Delete Vlan

    IGP Commands config ospf delete vlan config ospf delete vlan [<vlan name> | all] Description Disables OSPF on one or all VLANs (router interfaces). Syntax Description vlan name Specifies a VLAN name. Specifies all VLANs. Default N/A. Usage Guidelines None. Example The following command disables OSPF on VLAN accounting: config ospf delete vlan accounting...

  • Page 941: Config Ospf Direct-Filter

    config ospf direct-filter config ospf direct-filter config ospf direct-filter [<access_profile> | none] Description Configures a route filter for direct routes. Syntax Description access_profile Specifies an access profile. none Specifies not to apply a direct filter. Default N/A. Usage Guidelines If none is specified, all direct routes are exported if ospf export direct is enabled. In versions of ExtremeWare before release 6.0, direct routes corresponding to the interfaces on which RIP was enabled were exported into OSPF as part of RIP routes, using the command enable ospf export rip.

  • Page 942: Config Ospf Lsa-Batching-Timer

    IGP Commands config ospf lsa-batching-timer config ospf lsa-batching-timer <timer_value> Description Configures the OSPF LSA batching interval. Syntax Description timer_value Specifies a time in seconds. Default The default setting is 30 seconds. Usage Guidelines The range is between 0 (disabled) and 600 seconds, using multiples of 5 seconds. The LSAs added to the LSDB during the interval are batched together for refresh or timeout.

  • Page 943: Config Ospf Metric-Table

    config ospf metric-table config ospf metric-table config ospf metric-table 10M <cost> 100M <cost> 1G <cost> {10G <cost>} Description Configures the automatic interface costs for 10 Mbps, 100 Mbps, 1 Gbps, and 10 Gbps interfaces. Syntax Description cost Specifies the interface cost for the indicated interfaces. Default •...

  • Page 944: Config Ospf Routerid

    IGP Commands config ospf routerid config ospf routerid [automatic | <routerid>] Description Configures the OSPF router ID. If automatic is specified, the switch uses the largest IP interface address as the OSPF router ID. Syntax Description automatic Specifies to use automatic addressing. routerid Specifies a router address.
  • Page 945 config ospf routerid Platform Availability This command is available on all platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 946: Config Ospf Spf-Hold-Time

    IGP Commands config ospf spf-hold-time config ospf spf-hold-time <seconds> Description Configures the minimum number of seconds between Shortest Path First (SPF) recalculations. Syntax Description seconds Specifies a time in seconds. Default 3 seconds. Usage Guidelines None. Example The following command configures the minimum number of seconds between Shortest Path First (SPF) recalculations: config ospf spf-hold-time 6 History...

  • Page 947: Config Ospf Vlan Area

    config ospf vlan area config ospf vlan area config ospf [all | vlan <vlan name>] area <area identifier> Description Associates a VLAN (router interface) with an OSPF area. By default, all router interfaces are associated with area 0.0.0.0. Syntax Description Specifies all VLANs.

  • Page 948: Config Ospf Vlan Neighbor Add

    IGP Commands config ospf vlan neighbor add config ospf vlan <vlan name> neighbor add <ipaddress> Description Configures the IP address of a point-to-point neighbor. Syntax Description vlan name Specifies a VLAN name. ipaddress Specifies an IP address. Default N/A. Usage Guidelines None.

  • Page 949: Config Ospf Vlan Neighbor Delete

    config ospf vlan neighbor delete config ospf vlan neighbor delete config ospf vlan <vlan name> neighbor delete <ipaddress> Description Deletes the IP address of a point-to-point neighbor. Syntax Description vlan name Specifies a VLAN name. ipaddress Specifies an IP address. Default N/A.

  • Page 950: Config Ospf Vlan Timer

    IGP Commands config ospf vlan timer config ospf vlan <vlan name> timer <retransmit tinterval> <transmit delay> <hello interval [1-655191]> <dead interval> {<wait timer interval>} Description Configures the OSPF wait interval. Syntax Description vlan name Specifies a VLAN name. retransmit interval Specifies the length of time that the router waits before retransmitting an LSA that is not acknowledged.
  • Page 951 config ospf vlan timer History This command was first available in ExtremeWare 6.2. This command was modified in ExtremWare 6.22. Platform Availability This command is available on “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 952: Config Rip Add Vlan

    IGP Commands config rip add vlan config rip add vlan [<vlan name> | all] Description Configures RIP on an IP interface. Syntax Description vlan name Specifies a VLAN name. Specifies all VLANs. Default All. If no VLAN is specified, then all is assumed. Usage Guidelines When an IP interface is created, RIP configuration is disabled on the interface by default.

  • Page 953: Config Rip Delete Vlan

    config rip delete vlan config rip delete vlan config rip delete vlan [<vlan name> | all] Description Disables RIP on an IP interface. Syntax Description vlan name Specifies a VLAN name. Specifies all VLANs. Default All. If no VLAN is specified, then all is assumed. Usage Guidelines When an IP interface is created, RIP configuration is disabled on the interface by default.

  • Page 954: Config Rip Garbagetime

    IGP Commands config rip garbagetime config rip garbagetime {<seconds>} Description Configures the RIP garbage time. Syntax Description seconds Specifies a time in seconds. Default 120 seconds. Usage Guidelines None. Example The following command configures the RIP garbage time to have a 60-second delay: config rip garbagetime 60 History This command was available in ExtremeWare 2.0.

  • Page 955: Config Rip Routetimeout

    config rip routetimeout config rip routetimeout config rip routetimeout {<seconds>} Description Configures the route timeout period. Syntax Description seconds Specifies a time in seconds. Default 180 seconds. Usage Guidelines If a router does not receive an update message from its neighbor within the route timeout period (180 seconds by default), the router assumes the connection between it and its neighbor is no longer available.

  • Page 956: Config Rip Rxmode

    IGP Commands config rip rxmode config rip rxmode [none | v1only | v2only | any] {vlan <vlan name>} Description Changes the RIP receive mode for one or more VLANs. Syntax Description none Specifies to drop all received RIP packets. v1only Specifies to accept only RIP version 1 format packets.

  • Page 957: Config Rip Txmode

    config rip txmode config rip txmode config rip txmode [none | v1only | v1comp | v2only] {vlan <vlan name>} Description Changes the RIP transmission mode for one or more VLANs. Syntax Description none Specifies to not transmit any packets on this interface. v1only Specifies to transmit RIP version 1 format packets to the broadcast address.

  • Page 958: Config Rip Updatetime

    IGP Commands config rip updatetime config rip updatetime {<seconds>} Description Specifies the time interval in seconds within which RIP sends update packets. Syntax Description seconds Specifies a time in seconds. Default 30 seconds. Usage Guidelines The router exchanges an update message with each neighbor every 30 seconds (default value), or if there is a change to the overall routed topology (also called triggered updates).

  • Page 959: Config Rip Vlan Cost

    config rip vlan cost config rip vlan cost config rip vlan [<vlan name> | all] cost <cost> Description Configures the cost (metric) of the interface. Syntax Description vlan name Specifies a VLAN name. Specifies all VLANs. cost Specifies a cost metric. Default The default setting is 1.

  • Page 960: Config Rip Vlan Export-Filter

    IGP Commands config rip vlan export-filter config rip vlan [<vlan name> | all] export-filter [<access_profile> | none] Description Configures RIP to suppress certain routes when performing route advertisements. Syntax Description vlan name Specifies a VLAN name. Specifies all VLANs. access_profile Specifies an access-profile name.

  • Page 961: Config Rip Vlan Import-Filter

    config rip vlan import-filter config rip vlan import-filter config rip vlan [<vlan name> | all] import-filter [<access_profile> | none] Description Configures RIP to ignore certain routes received from its neighbor. Syntax Description vlan name Specifies a VLAN name. Specifies all VLANs. access_profile Specifies an access-profile name.

  • Page 962: Config Rip Vlan Trusted-Gateway

    IGP Commands config rip vlan trusted-gateway config rip vlan [<vlan name> | all] trusted-gateway [<access_profile> | none] Description Configures a trusted neighbor policy, which uses an access profile to determine trusted RIP router neighbors for the VLAN on the switch running RIP. Syntax Description vlan name Specifies a VLAN name.

  • Page 963: Create Isis Area

    create isis area create isis area create isis area <name> Description Creates an IS-IS level 1 area. Syntax Description name Specifies the area identifier. Default N/A. Usage Guidelines Currently, only one level 1 area can be created. The maximum length for an area identifier is 32 characters. The identifier must begin with one alphabetic character followed by up to 31 alphabetic or numeric characters.

  • Page 964: Create Ospf Area

    IGP Commands create ospf area create ospf area <area identifier> Description Creates an OSPF area. Syntax Description area identifier Specifies an OSPF area. Default Area 0.0.0.0 Usage Guidelines Area 0.0.0.0 does not need to be created. It exists by default. Example The following command creates an OSPF area: create ospf area 1.2.3.4...

  • Page 965: Delete Isis Area

    delete isis area delete isis area delete isis area [<isis area identifier> | all] Description Deletes an IS-IS level 1 area. Syntax Description isis area identifier Specifies the area identifier. Default N/A. Usage Guidelines Currently, only one level 1 area can be created. The maximum length for an area identifier is 32 characters.

  • Page 966: Delete Ospf Area

    IGP Commands delete ospf area delete ospf area [<area identifier> | all] Description Deletes an OSPF area. Syntax Description area identifier Specifies an OSPF area. Specifies all areas. Default N/A. Usage Guidelines An OSPF area cannot be deleted if it has an associated interface. Example The following command deletes an OSPF area: delete ospf area 1.2.3.4...

  • Page 967: Disable Isis

    disable isis disable isis disable isis Description Disables IS-IS routing. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines To enable IS-IS routing, use the following command: enable isis Example The following command disables IS-IS routing: disable isis History This command was first available in ExtremeWare v6.1.8 IS-IS tech release and subsequently...

  • Page 968: Disable Isis Export

    IGP Commands disable isis export disable isis [level-2 | area <isis area identifier>] export [bgp | i-bgp | e-bgp | direct | rip | static | vip | ospf | ospf-intra | ospf-inter | ospf-extern1 | ospf-extern2] Description Disables the redistribution of non-IS-IS routes from the kernel routing table into a IS-IS level 2 subdomain or level 1 area: Syntax Description level-2...
  • Page 969 disable isis export Platform Availability This command is available on the “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 970: Disable Isis Ignore-Attached-Bit

    IGP Commands disable isis ignore-attached-bit disable isis ignore-attached-bit Description Disables ignoring the attached bit. Syntax Description This command has no arguments or variables. Default The default setting is disabled. Usage Guidelines This command can only be applied to a level 1 only switch. It specifies that the level 1 only switch will not ignore the attached bit (ATT bit) from level 1/2 switches.

  • Page 971: Disable Isis Originate-Default

    disable isis originate-default disable isis originate-default disable isis [level-2 | area <isis area identifier>] originate-default Description Disables the origination of an IS-IS default route from a system into the level 1 area or level 2 subdomain. Syntax Description level-2 Specifies the level 2 subdomain. area identifier Specifies a level 1 area identifier.

  • Page 972: Disable Isis Overload

    IGP Commands disable isis overload disable isis [level-2 | area <isis area identifier>] overload {at-startup} Description Disables the setting of the overload bit in the LSP originated by the system in the level 2 subdomain or level 1 area. Syntax Description level-2 Specifies the level 2 subdomain.

  • Page 973: Disable Ospf

    disable ospf disable ospf disable ospf Description Disables the OSPF process for the router. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command disables the OSPF process for the router: disable ospf History This command was available in ExtremeWare 2.0.

  • Page 974: Disable Ospf Capability Opaque-Lsa

    IGP Commands disable ospf capability opaque-lsa disable ospf capability opaque-lsa Description Disables opaque LSAs across the entire system. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines Opaque LSAs are a generic OSPF mechanism used to carry auxiliary information in the OSPF database. Opaque LSAs are most commonly used to support OSPF traffic engineering.

  • Page 975: Disable Ospf Export

    disable ospf export disable ospf export disable ospf export [bgp | direct | e-bgp | i-bgp | isis | isis-level-1 | isis-level-1-external | isis-level-2 | isis-level-2-external | rip | static | vip] Description Disables redistribution of routes to OSPF. Syntax Description Specifies BGP routing.

  • Page 976: Disable Ospf Originate-Router-Id

    IGP Commands disable ospf originate-router-id disable ospf originate-router-id Description Disables distribution of a route for the OSPF router ID in the router LSA. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines When this function is enabled, OSPF includes a link with the router ID IP address and a mask of 255.255.255.255 in the router LSA.

  • Page 977: Disable Rip

    disable rip disable rip disable rip Description Disables RIP for the whole router. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines RIP has a number of limitations that can cause problems in large networks, including: •...

  • Page 978: Disable Rip Aggregation

    IGP Commands disable rip aggregation disable rip aggregation Description Disables the RIP aggregation of subnet information on a RIP version 2 (RIPv2) interface. Syntax Description This command has no arguments or variables. Default RIP aggregation is enabled by default. Usage Guidelines The disable RIP aggregation command disables the RIP aggregation of subnet information on an interface configured to send RIPv2-compatible traffic.

  • Page 979: Disable Rip Export

    disable rip export disable rip export disable rip export [direct | isis | isis-level-1 | isis-level-1-external | isis-level-2 | isis-level-2-external | ospf | ospf-extern1 | ospf-extern2 | ospf-inter | ospf-intra | static | vip] Description Disables RIP from redistributing routes from other routing protocols. Syntax Description static Specifies static routes.

  • Page 980: Disable Rip Exportstatic

    IGP Commands disable rip exportstatic disable rip exportstatic Description Enables the redistribution of static routes. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines Static routes are manually entered into the routing table. Static routes are used to reach networks not advertised by routers.

  • Page 981: Disable Rip Originate-Default

    disable rip originate-default disable rip originate-default disable rip originate-default Description Unconfigures a default route to be advertised by RIP if no other default route is advertised. If always is specified, RIP always advertises the default route to its neighbors. If always is not specified, RIP adds a default route if a reachable default route is not in the route table.

  • Page 982: Disable Rip Poisonreverse

    IGP Commands disable rip poisonreverse disable rip poisonreverse Description Disables poison reverse algorithm for RIP. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines Like split horizon, poison reverse is a scheme for eliminating the possibility of loops in the routed topology.

  • Page 983: Disable Rip Splithorizon

    disable rip splithorizon disable rip splithorizon disable rip splithorizon Description Disables the split horizon algorithm for RIP. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines Split horizon is a scheme for avoiding problems caused by including routes in updates sent to the router from which the route was learned.

  • Page 984: Disable Rip Triggerupdate

    IGP Commands disable rip triggerupdate disable rip triggerupdate Description Disables the trigger update mechanism. Triggered updates are a mechanism for immediately notifying a router’s neighbors when the router adds or deletes routes or changes their metric. Syntax Description This command has no arguments or variables. Default Enabled.

  • Page 985: Enable Isis

    enable isis enable isis enable isis Description Enables IS-IS routing. Syntax Description This command has no arguments or variables. Default Disabled. Usage Guidelines To enable IS-IS routing, use the following command: enable isis Example The following command enables IS-IS routing: enable isis History This command was first available in ExtremeWare v6.1.8 IS-IS tech release and subsequently...

  • Page 986: Enable Isis Export

    IGP Commands enable isis export enable isis [level-2 | area <isis area identifier>] export [bgp | i-bgp | e-bgp | direct | rip | static | vip | ospf | ospf-intra | ospf-inter | ospf-extern1 | ospf-extern2] [cost <cost(0-4261412864)> type [internal | external] | <route map>] Description Enables the redistribution of non-IS-IS routes from the kernel routing table into a IS-IS level 2...
  • Page 987 enable isis export Example The following command enables redistribution of direct routes to the level 1 area a1 with the route map enable isis area a1 export direct rm History This command was first available in ExtremeWare v6.1.8 IS-IS tech release and subsequently incorporated into ExtremeWare 7.0.0.

  • Page 988: Enable Isis Ignore-Attached-Bit

    IGP Commands enable isis ignore-attached-bit enable isis ignore-attached-bit Description Enables ignoring the attached bit. Syntax Description This command has no arguments or variables. Default The default setting is disabled. Usage Guidelines This command can only be applied to a level 1 only switch. It specifies that the level 1 only switch will ignore the attached bit (ATT bit) from level 1/2 switches.

  • Page 989: Enable Isis Originate-Default

    enable isis originate-default enable isis originate-default enable isis [level-2 | area <isis area identifier>] originate-default {always} cost <cost(0-4261412864)> type [internal | external] Description Enables the origination of a default route from a system into the level 1 area or level 2 subdomain. Syntax Description level-2 Specifies the level 2 subdomain.

  • Page 990: Enable Isis Overload

    IGP Commands enable isis overload enable isis [level-2 | area <isis area identifier>] overload {at-startup} {<seconds(1-86400)>} Description Enables the setting of the overload bit in the LSP originated by the system in the level 2 subdomain or level 1 area. Syntax Description level-2 Specifies the level 2 subdomain.

  • Page 991: Enable Ospf

    enable ospf enable ospf enable ospf Description Enables the OSPF process for the router. Syntax Description This command has no arguments or variables. Default N/A. Usage Guidelines None. Example The following command enables the OSPF process for the router: enable ospf History This command was available in ExtremeWare 2.0.

  • Page 992: Enable Ospf Capability Opaque-Lsa

    IGP Commands enable ospf capability opaque-lsa enable ospf capability opaque-lsa Description Enables opaque LSAs across the entire system. Syntax Description This command has no arguments or variables. Default Enabled. Usage Guidelines Opaque LSAs are a generic OSPF mechanism used to carry auxiliary information in the OSPF database. Opaque LSAs are most commonly used to support OSPF traffic engineering.

  • Page 993: Enable Ospf Export

    enable ospf export enable ospf export enable ospf export [bgp | e-bgp | i-bgp | isis | isis-level-1 | isis-level-1-external | isis-level-2 | isis-level-2-external] [cost <number> [ase-type-1 | ase-type-2] {tag <number>} | <route_map>] Description Enables redistribution of routes to OSPF. Syntax Description Specifies BGP routing.
  • Page 994 IGP Commands Example The following command enables OSPF to export BGP-related routes using LSAs to other OSPF routers: enable ospf export bgp cost 1 ase-type-1 tag 0 History This command was first available in ExtremeWare 6.1. Platform Availability This command is available on “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 995: Enable Ospf Export Direct

    enable ospf export direct enable ospf export direct enable ospf export direct [cost <metric> [ase-type-1 | ase-type-2] {tag <number>} | <route_map>] Description Enables the redistribution of local interface (direct) routes into the OSPF domain. This will not export the loopback address of 127.0.0.1. Syntax Description metric Specifies a cost metric.
  • Page 996 IGP Commands History This command was first available in ExtremeWare 6.1. This command was modified in an ExtremeWare IP Technology Services Release based on ExtremeWare v6.1.8b12 to support MPLS modules. Platform Availability This command is available on “i” series platforms. ExtremeWare Software 7.0.0 Command Reference Guide...

  • Page 997: Enable Ospf Export Rip

    enable ospf export rip enable ospf export rip enable ospf export rip [cost <metric> [ase-type-1 | ase-type-2] {tag <number>} | <route map>] Description Enables the redistribution of RIP to OSPF. Syntax Description metric Specifies a cost metric. ase-type-1 Specifies AS-external type 1 routes. ase-type-2 Specifies AS-external type 2 routes.

  • Page 998: Enable Ospf Export Static

    IGP Commands enable ospf export static enable ospf export static [cost <metric> [ase-type-1 | ase-type-2] {tag <number>} | <route_map>] Description Enables the redistribution of static routes to OSPF. Syntax Description metric Specifies a cost metric. ase-type-1 Specifies AS-external type 1 routes. ase-type-2 Specifies AS-external type 2 routes.

  • Page 999: Enable Ospf Export Vip

    enable ospf export vip enable ospf export vip enable ospf export vip [cost <metric> [ase-type-1 | ase-type-2] {tag <number>} | <route_map>] Description Enables the redistribution of virtual IP addresses into the OSPF domain. Syntax Description metric Specifies a cost metric. ase-type-1 Specifies AS-external type 1 routes.
  • Page 1000 IGP Commands Platform Availability This command is available on “i” series platforms. 1000 ExtremeWare Software 7.0.0 Command Reference Guide...

This manual is also suitable for:

Extremeware 7.0.0

Table of Contents