1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Switch
  5. xStack DES-3500 Series
  6. Cli manual

D-Link xStack DES-3500 Series Cli Manual

Layer 2 managed stackable fast ethernet switch
Hide thumbs Also See for xStack DES-3500 Series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Manual
CLI Manual
TM
DES-3500 Series
Product Model :
Layer 2 Managed Stackable Fast Ethernet Switch
Release 5

Advertisement

Table of Contents
loading

Related Manuals for D-Link xStack DES-3500 Series

Summary of Contents for D-Link xStack DES-3500 Series

  • Page 1 CLI Manual DES-3500 Series Product Model : Layer 2 Managed Stackable Fast Ethernet Switch Release 5...

  • Page 2: Table Of Contents

    Table of Contents INTRODUCTION ......................... 1 USING THE CONSOLE CLI ......................3 COMMAND SYNTAX ........................6 BASIC SWITCH COMMANDS ....................8 MODIFY BANNER AND PROMPT COMMANDS ..............20 SWITCH PORT COMMANDS ....................24 PORT SECURITY COMMANDS ....................27 NETWORK MANAGEMENT (SNMP) COMMANDS ..............31 SWITCH UTILITY COMMANDS....................
  • Page 3 ARP COMMANDS ........................199 ROUTING TABLE COMMANDS ..................... 203 MAC NOTIFICATION COMMANDS ..................205 ACCESS AUTHENTICATION CONTROL COMMANDS ............209 SSH COMMANDS ........................229 SSL COMMANDS ........................236 D-LINK SINGLE IP MANAGEMENT COMMANDS..............242 COMMAND HISTORY LIST ....................253 TECHNICAL SPECIFICATIONS .....................256...

  • Page 4: Introduction

    This manual provides a reference for all of the commands contained in the CLI for members of the xStack DES-3500 series, including the DES-3526, DES-3526DC, and the DES-3550. Examples present in this manual may refer to any member of the xStack DES-3500 series and may show different port counts, but are universal to this series of switches, unless otherwise stated.
  • Page 5 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Setting the Switch’s IP Address Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch’s default IP address is 10.90.90.90. Users can change the default Switch IP address to meet the specification of your networking address scheme.

  • Page 6: Using The Console Cli

    After the Switch reboots and users have logged in, the console looks like this: DES-3500 Fast Ethernet Switch Command Line Interface Firmware: Build 5.00-B25 Copyright(C) 2000-2004 D-Link Corporation. All rights reserved. username: Figure 2-1. Initial Console Screen after logging in Commands are entered at the command prompt, DES-3500:admin#.
  • Page 7 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual clear clear arptable clear counters clear fdb clear log clear port_security_entry port config 802.1p default_priority config 802.1p user_priority config 802.1x auth_mode config 802.1x auth_parameter ports config 802.1x auth_protocol config 802.1x capability ports config 802.1x guest_vlan ports config 802.1x init config 802.1x reauth...
  • Page 8 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual command (config account) at the command prompt. Now the appropriate username can be entered and the config account command re-executed. All commands in the CLI function in this way. In addition, the syntax of the help prompts are the same as presented in this manual −...

  • Page 9: Command Syntax

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual OMMAND YNTAX The following symbols are used to describe how command entries are made and values and arguments are specified in this manual. The online help contained in the CLI and available through the console interface uses the same syntax. Note: All commands are case-sensitive.
  • Page 10 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual {braces} however the effect of the system reset is dependent on which, if any, value is specified. Therefore, with this example there are three possible outcomes of performing a system reset. See the following chapter, Basic Commands for more details about the reset command.

  • Page 11: Basic Switch Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ASIC WITCH OMMANDS The basic switch commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create account [admin | operator | user] <username 15> config account <username 15>...
  • Page 12 Success. DES-3500:admin# NOTICE: In case of lost passwords or password corruption, please refer to the D-Link website and the White Paper entitled “Password Recovery Procedure”, which will guide you through the steps necessary to resolve this issue. config account Purpose...
  • Page 13 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Success. DES-3500:admin# show account Purpose Used to display user accounts. Syntax show account Description Displays all user accounts created on the Switch. Up to 8 user accounts can exist at one time. Parameters None.
  • Page 14 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display the accounts that have been created: DES-3500:admin#show account Command: show account Current Accounts: Username Access Level --------------- ------------ dlink Admin Total Entries: 1 DES-3500:admin# delete account Used to delete an existing user account. Purpose Syntax delete account [ <username>...
  • Page 15 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display the way that the users logged in: DES-3500:admin#show session Command: show session ID Login Time Live Time From Level Name ------------------------------ --------- ------------ ----- ----------- *8 00000 days 00:00:37 03:36:27 Serial Port Anonymous...
  • Page 16 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show serial_port Parameters None. None Restrictions Example usage: To display the serial port setting: DES-3500:admin#show serial_port Command: show serial_port Baud Rate : 9600 Data Bits Parity Bits : None Stop Bits Auto-Logout : 10 mins DES-3500:admin#...
  • Page 17 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable clipaging Syntax enable clipaging Description This command is used when issuing a command which causes the console screen to rapidly scroll through several pages. This command will cause the console to pause at the end of each page. The default setting is enabled.
  • Page 18 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable telnet the Telnet protocol is 23. Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To enable Telnet and configure port number: DES-3500:admin#enable telnet 23 Command: enable telnet 23 Success.
  • Page 19 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable web Purpose Used to enable the HTTP-based management software on the Switch. Syntax enable web <tcp_port_number 1-65535> Description This command is used to enable the Web-based management software on the Switch. The user can specify the TCP port number the Switch will use to listen for Telnet requests.
  • Page 20 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual save Purpose Used to save changes in the Switch’s configuration to non-volatile RAM. Syntax save Description This command is used to enter the current switch configuration into non-volatile RAM. The saved switch configuration will be loaded into the Switch’s memory each time the Switch is restarted.
  • Page 21 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#reboot force_agree Command: reboot force_agree Are users sure want to proceed with the system reboot? (y|n) Please wait, the switch is rebooting... reset Purpose Used to reset the Switch to the factory default settings. Syntax reset {[config | system]} Description...
  • Page 22 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#login Command: login UserName: logout Purpose Used to log out a user from the Switch’s console. Syntax logout Description This command terminates the current user’s session on the Switch’s console. Parameters None.

  • Page 23: Modify Banner And Prompt Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ODIFY ANNER AND ROMPT OMMANDS Administrator level users can modify the login banner (greeting message) and command prompt by using the commands described below. Command Parameters config command_ prompt [<string 16> | username | default] config greeting_message {default} show greeting_message...
  • Page 24 To modify the banner to read “Good evening Mr. Bond.”: DES-3500:admin# config greeting_message Command: config greeting_message Greeting Messages Editor ================================================================================ DES-3500 Fast Ethernet Switch Command Line Interface Firmware: Build 4.01-B19 Copyright(C) 2004-2007 D-Link Corporation. All rights reserved. ================================================================================ <Function Key> <Control Key> Ctrl+C Quit without save left/right/ Ctrl+W...
  • Page 25 DES-3500:admin#show greeting_message Command: show greeting_message ========================================================================= DES-3500 Gigabit Ethernet Switch Command Line Interface Firmware: Build 4.01.B19 Copyright(C) 2004-2005 D-Link Corporation. All rights reserved. ========================================================================= DES-3500:admin# enable greeting_message Purpose Used to enable viewing of the currently configured greeting message configured on the Switch.
  • Page 26 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable greeting_message Parameters None. Restrictions None. Example usage: To disable viewing of the currently configured greeting message: DES-3500:admin#disable greeting_message Command: disable greeting_message Success. DES-3500:admin#...

  • Page 27: Switch Port Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual WITCH OMMANDS The switch port commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config ports [<portlist | all>] {speed [auto | 10_half | 10_full |100_half | 100_full | 1000_full]} | flow_control [enable | disable] | learning [enable | disable] | state [enable | disable] | trap [enable | disable] | description <desc 32>} show ports...
  • Page 28 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show ports Purpose Used to display the current configuration of a range of ports. Syntax show ports [<portlist>] {description} {err_disabled} Description This command is used to display the current configuration of a range of ports.
  • Page 29 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display the configuration of all ports on a standalone switch, with description: DES-3500:admin#show ports description Command: show ports description Port Port Settings Connection Address Trap State Speed/Duplex/FlowCtrl Speed/Duplex/FlowCtrl Learning State ---- --------...

  • Page 30: Port Security Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ECURITY OMMANDS The Switch’s port security commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config port_security ports [<portlist> | all] {admin_state [enable| disable] | max_learning_addr <max_lock_no 0-64>...
  • Page 31 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To configure the port security: DES-3500:admin#config port_security ports 1-5 admin_state enable max_learning_addr 5 lock_address_mode DeleteOnReset Command: config port_security ports 1-5 admin_state enable max_learning_addr 5 lock_address_mode DeleteOnReset Success. DES-3500:admin# delete port_security_entry Purpose Used to delete a port security entry by MAC address, port number and VLAN ID.
  • Page 32 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual clear port_security_entry Purpose Used to clear MAC address entries learned from a specified port for the port security function. Syntax clear port_security_entry ports <portlist> Description This command is used to clear MAC address entries which were learned by the Switch by a specified port.
  • Page 33 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable port_security trap_log Purpose Used to enable the trap log for port security. Syntax enable port_security trap_log Description This command, along with the disable port_security trap_log, will enable and disable the sending of log messages to the Switch’s log and SNMP agent when the port security of the Switch has been triggered.

  • Page 34: Network Management (Snmp) Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual (SNMP) C ETWORK ANAGEMENT OMMANDS The DES-3500 Switch series supports the Simple Network Management Protocol (SNMP) versions 1, 2c, and 3. Users can specify which version of the SNMP users want to use to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device.
  • Page 35 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Command Parameters <auth_string 32> delete snmp host <ipaddr> show snmp host <ipaddr> create trusted_host <ipaddr>| network<network_address> delete trusted_host [all | ipaddr<ipaddr>| network<network_address>] show trusted_host enable snmp traps enable snmp authenticate traps show snmp traps disable snmp traps disable snmp authenticate traps...
  • Page 36 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create snmp user may be utilized by entering one of the following: • <auth password 8-16> - An alphanumeric sting of between 8 and 16 characters that will be used to authorize the agent to receive packets for the host.
  • Page 37 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To delete a previously entered SNMP user on the Switch: DES-3500:admin#delete snmp user dlink Command: delete snmp user dlink Success. DES-3500:admin# show snmp user Purpose Used to display information about each SNMP username in the SNMP group username table.
  • Page 38 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To create an SNMP view: DES-3500:admin#create snmp view dlinkview 1.3.6 view_type included Command: create snmp view dlinkview 1.3.6 view_type included Success. DES-3500:admin# delete snmp view Purpose Used to remove an SNMP view entry previously created on the Switch.
  • Page 39 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show snmp view Command: show snmp view Vacm View Table Settings View Name Subtree View Type -------------------- ------------------------- ---------- ReadView Included WriteView Included NotifyView 1.3.6 Included restricted 1.3.6.1.2.1.1 Included restricted 1.3.6.1.2.1.11 Included restricted 1.3.6.1.6.3.10.2.1...
  • Page 40 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#create snmp community dlink view ReadView read_write Command: create snmp community dlink view ReadView read_write Success. DES-3500:admin# delete snmp community Purpose Used to remove a specific SNMP community string from the Switch. Syntax delete snmp community <community_string 32>...
  • Page 41 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show snmp community Command: show snmp community SNMP Community Table Community Name View Name Access Right -------------------------------- ------------------------------- ------------ dlink ReadView read_write private CommunityView read_write public CommunityView read_only Total Entries: 3 DES-3500:admin# config snmp engineID Purpose...
  • Page 42 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin# create snmp group Purpose Used to create a new SNMP group, or a table that maps SNMP users to SNMP views. Syntax create snmp group <groupname 32> [v1 | v2c | v3 [noauth_nopriv | auth_nopriv | auth_priv]] {read_view <view_name 32>...
  • Page 43 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#create snmp group sg1 v3 noauth_nopriv read_view v1 write_view v1 notify_view v1 Command: create snmp group sg1 v3 noauth_nopriv read_view v1 write_view v1 notify_view v1 Success. DES-3500:admin# delete snmp group Purpose Used to remove an SNMP group from the Switch.
  • Page 44 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show snmp groups Command: show snmp groups Vacm Access Table Settings Group Name : Group3 ReadView Name : ReadView WriteView Name : WriteView Notify View Name : NotifyView Security Model : SNMPv3 Security Level : NoAuthNoPriv Group...
  • Page 45 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create snmp host supports both centralized and distributed network management strategies. It includes improvements in the Structure of Management Information (SMI) and adds some security features. v3 – Specifies that the SNMP version 3 will be used. SNMP v3 provides secure access to devices through a combination of authentication and encrypting packets over the network.
  • Page 46 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#delete snmp host 10.48.74.100 Command: delete snmp host 10.48.74.100 Success. DES-3500:admin# show snmp host Purpose Used to display the recipient of SNMP traps generated by the Switch’s SNMP agent. Syntax show snmp host {<ipaddr>} Description The show snmp host command is used to display the IP addresses and configuration information of remote SNMP managers that are...
  • Page 47 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To create the trusted host: DES-3500:admin#create trusted_host 10.62.32.1 Command: create trusted_host 10.62.32.1 Success. create trusted_host network Purpose Used to create the trusted host. Syntax create trusted_host network <network_address> Description The create trusted_host network command is used to create the trusted host.
  • Page 48 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete trusted_host ipaddr Purpose Used to delete a trusted host entry made using the create trusted_host command above. Syntax delete trusted host ipaddr<ipaddr> Description This command is used to delete a trusted host entry made using the create trusted_host command above.
  • Page 49 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To delete all trusted host entries: DES-3500: admin#delete trusted_host all Command: delete trusted_host all Success. enable snmp traps Purpose Used to enable SNMP trap support. Syntax enable snmp traps Description The enable snmp traps command is used to enable SNMP trap support on the Switch.
  • Page 50 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show snmp traps Syntax show snmp traps Description This command is used to view the SNMP trap support status currently configured on the Switch. Parameters None. Restrictions None. Example usage: To view the current SNMP trap support: DES-3500:admin#show snmp traps Command: show snmp traps SNMP Traps...
  • Page 51 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#disable snmp authenticate traps Command: disable snmp authenticate traps Success. DES-3500:admin# config snmp system_contact Purpose Used to enter the name of a contact person who is responsible for the Switch. Syntax config snmp system_contact{<sw_contact>} Description The config snmp system_contact command is used to enter the...
  • Page 52 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#config snmp system_location HQ 5F Command: config snmp system_location HQ 5F Success. DES-3500:admin# config snmp system_name Purpose Used to configure the name for the Switch. Syntax config snmp system_name {<sw_name>} Description The config snmp system_name command configures the name of the Switch.
  • Page 53 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable rmon Purpose Used to disable RMON on the Switch. Syntax disable rmon Description This command is used, in conjunction with the enable rmon command above, to enable and disable remote monitoring (RMON) on the Switch.

  • Page 54: Switch Utility Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual WITCH TILITY OMMANDS The switch utility commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters download [firmware_fromTFTP <ipaddr> <path_filename 64> {image_id <int 1-2>} | cfg_fromTFTP <ipaddr>...
  • Page 55 Download configuration....Done. DES-3500:admin# DES-3500:admin##------------------------------------------------------------------- DES-3500:admin## DES-3526 Configuration DES-3500:admin## DES-3500:admin## Firmware: Build 4.01-B19 DES-3500:admin## Copyright(C) 2000-2004 D-Link Corporation. All rights reserved. DES-3500:admin##------------------------------------------------------------------- DES-3500:admin# DES-3500:admin# DES-3500:admin## BASIC DES-3500:admin# DES-3500:admin#config serial_port baud_rate 9600 auto_logout 10_minutes Command: config serial_port baud_rate 9600 auto_logout 10_minutes The download configuration command will initiate the loading of the various settings in the order listed in the configuration file.
  • Page 56 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config firmware Restrictions Only administrator-level users can issue this command. Example usage: To configure firmware section 1 as a boot up section: DES-3500:admin# config firmware section_id 1 boot_up Command: config firmware section_id 1 boot_up Success.
  • Page 57 To view the current configuration settings: DES-3500:admin#show config current_config Command: show config current_config #------------------------------------------------------------------- DES-3526 Configuration Firmware: Build 4.01-B19 Copyright(C) 2000-2004 D-Link Corporation. All rights reserved. #------------------------------------------------------------------- # BASIC config serial_port baud_rate 9600 auto_logout 10_minutes enable telnet 23 enable web 80...
  • Page 58 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual upload Purpose Used to upload the current switch settings or the switch history log to a TFTP. Syntax upload [cfg_toTFTP | log_toTFTP] <ipaddr> <path_filename 64> Description This command is used to upload either the Switch’s current settings or the Switch’s history log to a TFTP server.
  • Page 59 Upon booting up the autoconfig process is initiated, the console screen will appear similar to the example below. The configuration settings will be loaded in normal order. DES-3526 Fast Ethernet Switch Command Line Interface Firmware: Build 4.01-B19 Copyright(C) 2000-2004 D-Link Corporation. All rights reserved. DES-3500:admin# DES-3500:admin# DES-3500:admin#download configuration 10.41.44.44 c:\cfg\setting.txt Command: download configuration 10.41.44.44 c:\cfg\setting.txt...
  • Page 60 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual NOTE: With autoconfig enabled, the Switch ipif settings now define the Switch as a DHCP client. Use the show switch command to display the new IP settings status. disable autoconfig Purpose Use this to deactivate autoconfiguration from DHCP.
  • Page 61 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ping Purpose Used to test the connectivity between network devices. Syntax ping <ipaddr> {times <value 1-255>} {timeout <sec 1-99>} Description The ping command sends Internet Control Message Protocol (ICMP) echo messages to a remote IP address. The remote IP address will then “echo”...

  • Page 62: Network Monitoring Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ETWORK ONITORING OMMANDS The network monitoring commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters show packet ports <portlist> show error ports <portlist>...
  • Page 63 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show packet port 2 Command: show packet port 2 Port number : 2 Frame Size Frame Counts Frame/sec Frame Type Total Total/sec ------------ ------------ ---------- ---------- ------- --------- 3275 RX Bytes 408973 1657 65-127 RX Frames...
  • Page 64 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show utilization Purpose Used to display real-time port and CPU utilization statistics. Syntax show utilization [cpu | ports {<portlist>}] Description This command will display the real-time port and CPU utilization statistics for the Switch. Parameters cpu –...
  • Page 65 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual clear counters Purpose Used to clear the Switch’s statistics counters. Syntax clear counters {ports <portlist>} Description This command will clear the counters used by the Switch to compile statistics. <portlist> − Specifies a port or range of ports to be displayed. Parameters Restrictions Only Administrator and Operator-level users can issue this...
  • Page 66 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To display the switch history log: DES-3500:admin#show log index 5 Command: show log index 5 Index Time Log Text ----- ------------------- ---------------------------------------------------- 00000 days 00:01:09 Successful login through Console (Username: Anonymous) 00000 days 00:00:14 System started up 00000 days 00:00:06...
  • Page 67 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#disable syslog Command: disable syslog Success. DES-3500:admin# show syslog Purpose Used to display the syslog protocol status as enabled or disabled. Syntax show syslog Description The show syslog command displays the syslog status as enabled or disabled.
  • Page 68 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create syslog host Numerical Facility Code kernel messages user-level messages mail system system daemons security/authorization messages messages generated internally by syslog line printer subsystem network news subsystem UUCP subsystem clock daemon security/authorization messages FTP daemon NTP subsystem...
  • Page 69 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#create syslog host 1 severity all facility local0 Command: create syslog host 1 severity all facility local0 Success. DES-3500:admin# config syslog host Purpose Used to configure the syslog protocol to send system log data to a remote host. Syntax config syslog host [all | <index 1-4>] {severity [informational | warning | all] | facility [local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7] | udp_port...
  • Page 70 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Parameters Numerical Facility Code kernel messages user-level messages mail system system daemons security/authorization messages messages generated internally by syslog line printer subsystem network news subsystem UUCP subsystem clock daemon security/authorization messages FTP daemon NTP subsystem log audit...
  • Page 71 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#config syslog host 1 severity all facility local0 Command: config syslog host all severity all facility local0 Success. DES-3500:admin# Example usage: To configure a syslog host for all hosts: DES-3500:admin#config syslog host all severity all facility local0 Command: config syslog host all severity all facility local0 Success.
  • Page 72 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show syslog host Command: show syslog host Syslog Global State: Disabled Host Id Host IP Address Severity Facility UDP port Status ------- --------------- -------------- -------- -------- -------- 10.1.1.2 Local0 Disabled 10.40.2.3 Local0 Disabled 10.21.13.1...
  • Page 73 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#config system_severity trap critical Command: config system_severity trap critical Success. DES-3500:admin# show system_severity Purpose To display system_severity level of an alert required for log entry or trap message. Syntax show system_severity Description This command is used to display system_severity level of an alert required for log entry or trap message.

  • Page 74: Multiple Spanning Tree Protocol (Mstp) Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual (MSTP) C ULTIPLE PANNING ROTOCOL OMMANDS This Switch supports three versions of the Spanning Tree Protocol; 802.1d STP, 802.1w Rapid STP and 802.1s MSTP. Multiple Spanning Tree Protocol, or MSTP, is a standard defined by the IEEE community that allows multiple VLANs to be mapped to a single spanning tree instance, which will provide multiple pathways across the network.
  • Page 75 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Command Parameters show stp instance {<value 0-4>} show stp mst_config id Each command is listed, in detail, in the following sections. enable stp Purpose Used to globally enable STP on the Switch. Syntax enable stp Description...
  • Page 76 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config stp version Protocol (MSTP) globally on the Switch. rstp - Selecting this parameter will set the Rapid Spanning Tree Protocol (RSTP) globally on the Switch. stp - Selecting this parameter will set the Spanning Tree Protocol (STP) globally on the Switch.
  • Page 77 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config stp txholdcount <1-10> - The maximum number of BPDU Hello packets transmitted per interval. Default value = 6. fbpdu [enable | disable] − Allows the forwarding of STP BPDU packets from other network devices when STP is disabled on the Switch.
  • Page 78 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config stp ports Purpose Used to setup STP on the port level. Syntax config stp ports <portlist> {externalCost [auto | <value 1-200000000>] | hellotime <value 1-2> | migrate [yes | no] | edge [true | false | auto] | restricted_tcn [true | false] | restricted_role [true | false] | p2p [true | false | auto] | state [enable | disable] | fbpdu [enable |disable]} Description...
  • Page 79 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual to operate as if the p2p value were false. The default setting for this parameter is auto. state [enable | disable] − Allows STP to be enabled or disabled for the ports specified in the port list.
  • Page 80 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To configure STP with path cost 19, hellotime set to 5 seconds, migration enable, and state enable for ports 1-5 of module 1. DES-3500:admin#config stp ports 1-5 externalCost 19 hellotime migrate yes state enable Command: config stp ports 1-5 externalCost 19 hellotime...
  • Page 81 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config stp instance_id add_vlan – Along with the vid_range <vidlist> parameter, this command will add VIDs to the previously configured STP instance_id. remove_vlan - Along with the vid_range <vidlist> parameter, this command will remove VIDs to the previously configured STP instance_id.
  • Page 82 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config stp priority Purpose Used to update the STP instance configuration Syntax config stp priority <value 0-61440> instance_id <value 0-4> Description This command is used to update the STP instance configuration settings on the Switch.
  • Page 83 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#config stp mst_config_id revision_level 10 name Trinity Command : config stp mst_config_id revision_level 10 name Trinity Success. DES-3500:admin# config stp mst_ports Purpose Used to update the port configuration for a MSTP instance. Syntax config stp mst_ports <portlist>...
  • Page 84 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show stp Purpose Used to display the Switch’s current STP configuration. Syntax show stp Description This command displays the Switch’s current STP configuration. Parameters None Restrictions None. Example usage: To display the status of STP on the Switch: Status 1: STP enabled with STP compatible version DES-3500:admin#show stp Command: show stp...
  • Page 85 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show stp ports Syntax show stp ports <portlist> Description This command displays the STP ports settings for a specified port or group of ports (one port at a time). <portlist> − Specifies a port or range of ports to be viewed. Information Parameters for a single port is displayed.
  • Page 86 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show stp instance 0 Command: show stp instance 0 STP Instance Settings --------------------------- Instance Type : CIST Instance Status : Enabled Instance Priority : 32768(bridge priority : 32768, sys ID ext : 0 ) STP Instance Operational Status -------------------------------- Designated Root Bridge : 32766/00-90-27-39-78-E2...

  • Page 87: Forwarding Database Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ORWARDING ATABASE OMMANDS The layer 2 forwarding database commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create fdb <vlan_name 32> <macaddr> port <port> create multicast_fdb <vlan_name 32>...
  • Page 88 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#create fdb default 00-00-00-00-01-02 port 5 Command: create fdb default 00-00-00-00-01-02 port 5 Success. DES-3500:admin# create multicast_fdb Purpose Used to create a static entry to the multicast MAC address forwarding table (database) Syntax create multicast_fdb <vlan_name 32>...
  • Page 89 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#config multicast_fdb default 01-00-00-00-00-01 add 1- Command: config multicast_fdb default 01-00-00-00-00-01 add 1-5 Success. DES-3500:admin#...
  • Page 90 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config fdb aging_time Purpose Used to set the aging time of the forwarding database. Syntax config fdb aging_time <sec 10-1000000> Description The aging time affects the learning process of the Switch. Dynamic forwarding table entries, which are made up of the source MAC addresses and their associated port numbers, are deleted from the table if they are not accessed within the aging time.
  • Page 91 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin# To delete a multicast FDB entry: DES-3500:admin#delete fdb default 01-00-00-00-01-02 Command: delete fdb default 01-00-00-00-01-02 Success. DES-3500:admin# clear fdb Purpose Used to clear the Switch’s forwarding database of all dynamically learned MAC addresses.
  • Page 92 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show multicast_fdb vlan default Command: show multicast_fdb vlan default VLAN Name : default MAC Address : 01-00-5E-00-00-00 Egress Ports : 1-5 Mode : Static Total Entries DES-3500:admin# show fdb Purpose Used to display the current unicast MAC address forwarding database. Syntax show fdb {port <port>...
  • Page 93 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual default 00-01-30-FA-5F-00 Dynamic default 00-02-3F-63-DD-68 Dynamic CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry a All config multicast port_filtering_mode Purpose Used to configure the multicast packet filtering mode on a port per port basis.
  • Page 94 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show multicast port_filtering_mode Command: show multicast port_filtering_mode Port Multicast Filter Mode ------ --------------------------- forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups forward_unregistered_groups CTRL+C ESC q Quit SPACE n Next Page p Previous Page r Refresh...

  • Page 95: Traffic Control Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual RAFFIC ONTROL OMMANDS On a computer network, packets such as Multicast packets and Broadcast packets continually flood the network as normal procedure. At times, this traffic may increase do to a malicious endstation on the network or a malfunctioning device, such as a faulty network card.
  • Page 96 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config traffic control Group 6 - Inclusive for ports 41-48 (DES-3550 only). Group 7 - Inclusive for Gigabit port 49 (DES-3550 only). Group 8 - Inclusive for Gigabit port 50 (DES-3550 only). all −...
  • Page 97 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin# config traffic control 1-12 broadcast enable action shutdown threshold 1 countdown 10 time_interval 10 Command: config traffic control 1-12 broadcast enable action shutdown threshold 1 countdown 10 time_interval 10 Traffic control port_list (shutdown mode) : 1 Warning! Shutdown mode is incompatible with drop mode in the same block(ex.
  • Page 98 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show traffic control separated by a dash. Restrictions None. Example usage: To display traffic control settings for ports 1-3: DES-3500:admin#show traffic control port 1-3 Command: show traffic control port 1-3 Traffic Storm Control Trap: None Port Broadcast / Multicast /...
  • Page 99 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To configure notifications to be sent when a packet storm control has been detected and cleared by the Switch. DES-3500:admin# config traffic control trap both Command: config traffic control trap both Success.

  • Page 100: Qos Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual OMMANDS The DES-3500 switch supports 802.1p priority queuing. The Switch has 4 priority queues. These priority queues are numbered from 3 (Class 3) — the highest priority queue — to 0 (Class 0) — the lowest priority queue. The eight priority tags specified in IEEE 802.1p (p0 to p7) are mapped to the Switch’s priority queues as follows: •...
  • Page 101 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config bandwidth_control above ports will be allowed to receive. tx_rate − Specifies that one of the parameters below (no_limit or <value 1-1000>) will be applied to the rate at which the above specified ports will be allowed to transmit packets.
  • Page 102 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config scheduling Purpose Used to configure the traffic scheduling mechanism for each COS queue. Syntax config scheduling <class_id 0-3> [max_packet <value 0-255> | max_latency <value 0-255>] Description The Switch contains 4 hardware priority queues. Incoming packets must be mapped to one of these four queues.
  • Page 103 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To configure the traffic scheduling mechanism for each queue: DES-3500:admin# config scheduling 0 max_packet 100 max_latency Command: config scheduling 0 max_packet 100 max_latency 150 Success. DES-3500:admin# show scheduling Purpose Used to display the currently configured traffic scheduling on the Switch. Syntax show scheduling Description...
  • Page 104 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config 802.1p user_priority Highest. This mapping scheme is based upon recommendations contained in IEEE 802.1D. Change this mapping by specifying the 802.1p user priority users want to map to the <class_id 0-3> (the number of the hardware queue).
  • Page 105 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config 802.1p default_priority Purpose Used to configure the 802.1p default priority settings on the Switch. If an untagged packet is received by the Switch, the priority configured with this command will be written to the packet’s priority field. Syntax config 802.1p default_priority [<portlist>...
  • Page 106 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin# show 802.1p default_priority Command: show 802.1p default_priority Port Priority ------- ----------- DES-3500:admin#...

  • Page 107: Port Mirroring Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual IRRORING OMMANDS The port mirroring commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config mirror port <port> [add | delete] source ports <portlist> [rx | tx | both] enable mirror disable mirror show mirror...
  • Page 108 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin# config mirror port 1 add source ports 2-7 both Command: config mirror port 1 add source ports 2-7 both Success. DES-3500:admin# Example usage: To delete the mirroring ports: DES-3500:admin#config mirror port 1 delete source port 2-4 Command: config mirror 1 delete source 2-4 Success.
  • Page 109 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#disable mirror Command: disable mirror Success. DES-3500:admin# show mirror Purpose Used to show the current port mirroring configuration on the Switch. Syntax show mirror Description This command displays the current port mirroring configuration on the Switch.

  • Page 110: Vlan Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual VLAN C OMMANDS The VLAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create vlan <vlan_name 32> {tag <vlanid 1-4094> | advertisement} delete vlan <vlan_name 32>...
  • Page 111 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete vlan Purpose Used to delete a previously configured VLAN on the Switch. Syntax delete vlan <vlan_name 32> Description This command will delete a previously configured VLAN on the Switch. <vlan_name 32> − The VLAN name of the VLAN to delete. Parameters Restrictions User Account Command Level –...
  • Page 112 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#config vlan v1 delete 6-8 Command: config vlan v1 delete 6-8 Success. DES-3500:admin# config gvrp Purpose Used to configure GVRP on the Switch. Syntax config gvrp [<portlist> | all] {state [enable | disable] | ingress_checking [enable | disable] | acceptable_frame [tagged_only | admit_all] | pvid <vlanid 1-4094>} Description...
  • Page 113 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To enable the generic VLAN Registration Protocol (GVRP): DES-3500:admin#enable gvrp Command: enable gvrp Success. DES-3500:admin# disable gvrp Purpose Used to disable GVRP on the Switch. Syntax disable gvrp Description This command, along with enable gvrp, is used to enable and disable GVRP on the Switch, without changing the GVRP configuration on the Switch.
  • Page 114 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show vlan Command: show vlan VLAN Name : default VLAN TYPE : static Advertisement : Enabled Member ports : 1,5-26 Static ports : 1,5-26 Current Untagged ports : 1,5-26 Static Untagged ports : 1,5-26 Forbidden ports : : 4094...

  • Page 115: Asymmetric Vlan Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual VLAN C SYMMETRIC OMMANDS The asymmetric VLAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters enable asymmetric_vlan disable asymmetric_vlan show asymmetric_vlan Each command is listed, in detail, in the following sections.
  • Page 116 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show asymmetric_vlan Purpose Used to view the asymmetric VLAN state on the Switch. Syntax show asymmetric_vlan Description This command displays the asymmetric VLAN state on the Switch. Parameters None. Restrictions None. Example usage: To display the asymmetric VLAN state currently set on the Switch: DES-3500:admin#show asymmetric_vlan...

  • Page 117: Link Aggregation Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual GGREGATION OMMANDS The link aggregation commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create link_aggregation group_id <value 1-6> {type [lacp | static]} delete link_aggregation group_id <value 1-6>...
  • Page 118 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete link_aggregation group_id Purpose Used to delete a previously configured link aggregation group. Syntax delete link_aggregation group_id <value 1-6> Description This command is used to delete a previously configured link aggregation group. <value 1-6>...
  • Page 119 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin# config link_aggregation algorithm Purpose Used to configure the link aggregation algorithm. Syntax config link_aggregation algorithm [mac_source | mac_destination | mac_source_dest | ip_source | ip_destination | ip_source_dest] Description This command configures the part of the packet examined by the Switch when selecting the egress port for transmitting load-sharing data.
  • Page 120 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show link_aggregation Command: show link_aggregation Link Aggregation Algorithm = MAC-source-dest Group ID Type : TRUNK Master Port Member Port : 5-7,9 Active Port Status : Disabled Flooding Port DES-3500:admin# config lacp_ports Purpose Used to configure settings for LACP compliant ports.
  • Page 121 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show lacp_port Purpose Used to display current LACP port mode settings. Syntax show lacp_port {<portlist>} Description This command will display the LACP mode settings as they are currently configured. Parameters <portlist> - Specifies a port or range of ports to be configured. If no parameter is specified, the system will display the current LACP status for all ports.

  • Page 122: Ip-Mac Binding

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual IP-MAC B INDING The IP network layer uses a four-byte address. The Ethernet link layer uses a six-byte MAC address. Binding these two address types together allows the transmission of data between the layers. The primary purpose of IP-MAC binding is to restrict the access to a switch to a number of authorized users.
  • Page 123 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Command Parameters create address_binding <ipaddr> mac_address <macaddr> {ports [<portlist> | all] | mode {arp | acl]} ip_mac ipaddress config address_binding <ipaddr> mac_address <macaddr> {ports [<portlist> | all] | mode {arp | acl]} ip_mac ipaddress config address_binding [<portlist>...
  • Page 124 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#create address_binding ip_mac ipaddress 10.1.1.3 mac_address 00-00-00-00-00-04 Command: create address_binding ip_mac ipaddress 10.1.1.3 mac_address 00-00-00-00-00-04 Success. DES-3500:admin# To create address binding on the Switch for ACL mode: DES-3500: admin#create address_binding ip_mac ipaddress 10.1.1.3 mac_address 00-00-00-00-00-04 mode acl Command: create address_binding ip_mac ipaddress 10.1.1.3 mac_address 00-00-00-00-00-04 mode acl...
  • Page 125 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config address_binding ip_mac ipaddress Purpose Used to configure an IP-MAC Binding entry. Syntax config address_binding ip_mac ipaddress <ipaddr> mac_address <macaddr> {ports [<portlist> | all] | mode {arp | acl]} Description This command will configure an IP-MAC Binding entry. Parameters <ipaddr>...
  • Page 126 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config address_binding ip_mac ports <portlist> − Specifies a port or range of ports. Parameters all – specifies all ports on the switch. state [enable | disable] – Enables or disables the specified range of ports. Restrictions User Account Command Level –...
  • Page 127 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show address_binding Purpose Used to display IP-MAC Binding entries. Syntax [ip_mac {[all | ipaddress <ipaddr> mac_address <macaddr>]} | blocked {[all | vlan_name <vlan_name> mac_address <macaddr>]} | ports] Description This command will display IP-MAC Binding entries. Three different kinds of information can be viewed.
  • Page 128 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete address_binding Purpose Used to delete IP-MAC Binding entries. Syntax delete address_binding ip-mac [ipaddress <ipaddr> mac_address <macaddr> | all] | blocked [all | vlan_name <vlan_name> mac_address <macaddr>]] Description This command will delete IP-MAC Binding entries. Two different kinds of information can be deleted.
  • Page 129 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable address_binding acl_mode Purpose Used to enable the ACL mode for an IP-MAC binding entry. Syntax enable address_binding acl_mode Description This command, along with the disable address_binding acl_mode will enable and disable the ACL mode for IP-MAC binding on the Switch, without altering previously set configurations.
  • Page 130 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To disable IP-MAC Binding ACL mode on the Switch: DES-3500:admin#disable address_binding acl_mode Command: disable address_binding acl_mode Success. DES-3500:admin# enable address_binding trap_log Purpose Used to enable the trap log for the IP-MAC binding function. Syntax enable address_binding trap_log Description...
  • Page 131 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To disable sending of IP-MAC Binding trap log messages on the Switch: DES-3500:admin#disable address_binding trap_log Command: disable address_binding trap_log Success. DES-3500:admin#...

  • Page 132: Limited Ip Multicast Address

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual IP M IMITED ULTICAST DDRESS The Limited IP Multicast command allows the administrator to permit or deny access to a port or range of ports by specifying a range of multicast addresses. The Limited IP Multicast Commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
  • Page 133 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete multicast_range Purpose Used to create delete a multicast address profile. Syntax delete multicast_range<range_name> Description The delete multicast_range command allows the user to delete a multicast range profile, which has been created by using create multicast_range command above.
  • Page 134 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config limited multicast address Purpose Used to configure limited IP multicast address range. Syntax config limited multicast address <portlist> {add [multicast_range] | delete [multicast_range] | access [permit | deny] | state [enable | disable]} Description The config limited multicast address command allows the user to configure the multicast address range, access level, and state.
  • Page 135 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual...

  • Page 136: Basic Ip Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual IP C ASIC OMMANDS The IP interface commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config ipif <ipif_name 12> [{ipaddress <network_address> | vlan <vlan_name 32>...
  • Page 137 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show ipif Purpose Used to display the configuration of an IP interface on the Switch. Syntax show ipif <ipif_name 12> Description This command will display the configuration of an IP interface on the Switch.
  • Page 138 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#enable autoconfig Command: enable autoconfig Success. DES-3500:admin# NOTE: More detailed information for this command and related commands can be found in the section titled Switch Utility Commands.

  • Page 139: Igmp Snooping Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual IGMP S NOOPING OMMANDS The IGMP Snooping commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config igmp_snooping [<vlan_name 32> | all] {host_timeout <sec 1-16711450> | router_timeout <sec 1-16711450>...
  • Page 140 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config igmp_snooping Switch receiving a host membership report. The default is 260 seconds. leave_timer <sec 0-16711450> − Specifies the amount of time a Multicast address will stay in the database before it is deleted, after it has sent out a leave group message.
  • Page 141 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config router_ports_forbidden Description This command allows designation of a port or range of ports as being forbidden to multicast-enabled routers. This will ensure that multicast packets will not be forwarded to this port − regardless of protocol, etc. <vlan_name 32>...
  • Page 142 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable igmp_snooping Parameters forward_mcrouter_only – Adding this parameter to this command will disable forwarding all multicast traffic to a multicast-enabled routers. The Switch will then forward all multicast traffic to any IP router. Entering this command without the parameter will disable igmp snooping on the Switch.
  • Page 143 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Route Timeout : 260 Leave Timer Querier State : Disabled Querier Router Behavior : Non-Querier State : Disabled VLAN Name : vlan2 Query Interval : 125 Max Response Time : 10 Robustness Value Last Member Query Interval Host Timeout...
  • Page 144 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Reports Port Member : 18,22 VLAN Name : default Multicast group: 239.255.255.250 MAC address : 01-00-5E-7F-FF-FA Reports Port Member : 9,19 VLAN Name : default Multicast group: 239.255.255.254 MAC address : 01-00-5E-7F-FF-FE Reports Port Member : 13,17...
  • Page 145 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show igmp_snooping forwarding Restrictions None. Example usage: To view the IGMP snooping forwarding table for VLAN “Trinity”: DES-3500:admin#show igmp_snooping forwarding vlan Trinity Command: show igmp_snooping forwarding vlan Trinity VLAN Name : Trinity Multicast group : 224.0.0.2 MAC address : 01-00-5E-00-00-02...
  • Page 146 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show igmp_snooping group Command: show igmp_snooping group VLAN Name : default Multicast group : 224.0.0.2 MAC address : 01-00-5E-00-00-02 Reports Port Member : 2,4 VLAN Name : default Multicast group : 224.0.0.9 MAC address : 01-00-5E-00-00-09 Reports...
  • Page 147 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#create igmp_snooping multicast_vlan trinity 2 Command: create igmp_snooping multicast_vlan trinity 2 Success. DES-3500:admin# config igmp_snooping multicast_vlan Purpose Used to configure a multicast VLAN previously created on the switch. Syntax config igmp_snooping multicast_vlan {<vlan_name 32>} {member_port <portlist>...
  • Page 148 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete igmp_snooping multicast_vlan Purpose Used to delete a multicast VLAN previously created on the switch. Syntax delete igmp_snooping multicast_vlan <vlan_name 32> Description This command will delete a multicast VLAN previously created on the switch.

  • Page 149: Dhcp Relay

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DHCP R ELAY The DHCP relay commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config dhcp_relay {hops <value 1-16> | time <sec 0-65535>} config dhcp_relay add ipif <ipif_name 12>...
  • Page 150 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To add an IP destination to the DHCP relay table: DES-3500:admin#config dhcp_relay add ipif System 10.58.44.6 Command: config dhcp_relay add ipif System 10.58.44.6 Success. DES-3500:admin# config dhcp_relay delete ipif Purpose Used to delete one or all IP destination addresses from the Switch's DHCP/BOOTP relay table.
  • Page 151 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config dhcp_relay option_82 state servers and clients, and the check and policy settings will have no effect. Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To configure DHCP relay option 82 state: DES-3500:admin#config dhcp_relay option_82 state enable Command: config dhcp_relay option_82 state enable Success.
  • Page 152 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config dhcp_relay option_82 policy Purpose Used to configure the reforwarding policy of relay agent information option 82 of the switch. Syntax config dhcp_relay option_82 policy [replace | drop | keep] Description This command is used to configure the reforwarding policy of DHCP relay agent information option 82 of the switch.
  • Page 153 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To show a single IP destination of the DHCP relay configuration: DES-3500:admin#show dhcp_relay ipif System Command: show dhcp_relay ipif System Interface Server 1 Server 2 Server 3 Server 4 ------------ --------------- --------------- --------------- -------------- System...

  • Page 154: Commands (Including Guest Vlans)

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual 802.1X C VLAN OMMANDS NCLUDING UEST The DES-3500 implements the server-side of the IEEE 802.1x Port-based and MAC-based Network Access Control. This mechanism is intended to allow only authorized users, or other network devices, access to network resources by establishing criteria for each port on the Switch that a user or network device must meet before allowing that port to forward or receive frames.
  • Page 155 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable 802.1x Parameters None. Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To enable 802.1x switch wide: DES-3500:admin#enable 802.1x Command: enable 802.1x Success. DES-3500:admin# disable 802.1x Purpose Used to disable the 802.1x server on the Switch.
  • Page 156 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show 802.1x auth_configuration Capability: Authenticator/None − Shows the capability of 802.1x functions on the port number displayed above. There are two 802.1x capabilities that can be set on the Switch: Authenticator and None. AdminCtlDir: Both / In −...
  • Page 157 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show 802.1x auth_state Purpose Used to display the current authentication state of the 802.1x server on the Switch. Syntax show 802.1x auth_state {ports <portlist>} Description The show 802.1x auth_state command is used to display the current authentication state of the 802.1x Port-based or MAC-based Network Access Control server application on the Switch.
  • Page 158 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show 802.1x auth_state Command: show 802.1x auth_state Port number : 1:1 Index MAC Address Auth PAE State Backend State Port Status ------ ------------------- ----------------------- --------------------- ----------------- 00-08-02-4E-DA-FA Authenticated Idle Authorized CTRL+C ESC q Quit SPACE n Next Page...
  • Page 159 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config 802.1x capability ports <portlist> − Specifies a port or range of ports to be configured. Parameters all − Specifies all of the ports on the Switch. authenticator − A user must pass the authentication process to gain access to the network.
  • Page 160 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config 802.1x auth_parameter supp_timeout <sec 1-65535> - Configures the time to wait for a response from a supplicant (user) for all EAP packets, except for the Request/Identity packets. server_timeout <sec 1-65535> - Configure the length of time to wait for a response from a RADIUS server.
  • Page 161 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config 802.1x init 802.1x functions on a specified range of ports or for specified MAC addresses operating from a specified range of ports. Parameters port_based – This instructs the Switch to initialize 802.1x functions based only on the port number.
  • Page 162 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config radius add Purpose Used to configure the settings the Switch will use to communicate with a RADIUS server. Syntax config radius add <server_index 1-3> <server_ip> key <passwd 32> [default | {auth_port <udp_port_number 1-65535> | acct_port <udp_port_number 1-65535>}] Description The config radius add command is used to configure the settings the...
  • Page 163 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#config radius delete 1 Command: config radius delete 1 Success. DES-3500:admin# config radius Purpose Used to configure the Switch’s RADIUS settings. Syntax config radius <server_index 1-3> {ipaddress <server_ip> | key <passwd 32> | auth_port <udp_port_number 1-65535> | acct_port <udp_port_number 1-65535>} Description The config radius command is used to configure the Switch’s...
  • Page 164 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show radius Restrictions None. Example usage: To display RADIUS settings on the Switch: DES-3500:admin#show radius Command: show radius Index IP Address Auth-Port Acct-Port Status Number Number ----- ------------------ --------- --------- ----------- ------------ 10.1.1.1 1812...
  • Page 165 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config 802.1x guest_vlan ports Description The config 802.1x guest_vlan ports command is used to configure ports to be enabled or disabled for the 802.1x guest VLAN. Parameters <portlist> - Specify a port or range of ports to be configured for the 802.1x Guest VLAN.
  • Page 166 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete 802.1x guest_vlan Purpose Used to delete a 802.1x Guest VLAN. Syntax delete 802.1x guest_vlan {<vlan_name 32>} Description The delete 802.1x guest_vlan command is used to delete an 802.1x Guest VLAN. Guest 802.1X VLAN clients are those who have not been authorized for 802.1x or they haven’t yet installed the necessary 802.1x software, yet would still like limited access rights on the Switch.

  • Page 167: Access Control List (Acl) Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual (ACL) C CCESS ONTROL OMMANDS The DES-3500 implements Access Control Lists that enable the Switch to deny network access to specific devices or device groups based on IP settings and MAC address. The access profile commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
  • Page 168 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Command Parameters <hex 0x0-0xffffffff>| offset 16-31 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | {offset 32-47 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | {offset 48-63 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>...
  • Page 169 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual We use the profile_id 1 which was specified when the access profile was created. The add parameter instructs the Switch to add the criteria that follows to the list of rules that are associated with access profile 1. For each rule entered into the access profile, users can assign an access_id that identifies the rule within the list of rules.
  • Page 170 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create access_profile <hex 0x0-0xffffffff> | offset_32-47 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0- 0xffffffff> <hex 0x0-0xffffffff> | offset_48-63 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_64-79 <hex 0x0-0xffffffff> <hex 0x0- 0xffffffff>...
  • Page 171 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create access_profile protocol_id <value 0-255> − Specifies that the Switch will examine the protocol field in each packet and if this field contains the value entered here, apply the following rules user_define_mask <hex 0x0-0xffffffff>...
  • Page 172 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin# delete access_profile profile_id 1 Command: delete access_profile profile_id 1 Success. DES-3500:admin# config access_profile Purpose Used to configure an access profile on the Switch and to define specific values that will be used to by the Switch to determine if a given packet should be forwarded or filtered.
  • Page 173 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config access_profile ip − Specifies that the Switch will look into the IP fields in each packet. Parameters vlan <vlan_name 32> − Specifies that the access profile will apply to only this VLAN. •...
  • Page 174 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config access_profile port <portlist> - Specifies the port number on the Switch to permit or deny access for the rule. Parameters permit - Specifies the rule permit access for incoming packets on the previously specified port. priority <value 0-7>...
  • Page 175 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display all of the currently configured access profiles on the Switch: DES-3500:admin#show access_profile Command: show access_profile Access Profile Table Access Profile ID : 1 Type : Ethernet =========================================================================== Owner : ACL Masks...
  • Page 176 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create cpu access_profile address. dscp − Specifies that the Switch will examine the DiffServ Code Point (DSCP) field in each • frame’s header. icmp − Specifies that the Switch will examine the Internet Control Message Protocol (ICMP) •...
  • Page 177 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete cpu access_profile Purpose Used to delete a previously created CPU access profile. Syntax delete cpu access_profile profile_id <value 1-5> Description The delete cpu access_profile command is used to delete a previously created CPU access profile.
  • Page 178 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config cpu access_profile access profile. The value is used to index the rule created. ethernet − Specifies that the Switch will look only into the layer 2 part of each packet. vlan <vlan_name 32>...
  • Page 179 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config cpu access_profile byte 15. • offset_16-31 - Enter a value in hex form to mask the packet from byte 16 to byte 31. • offset_32-47 - Enter a value in hex form to mask the packet from byte 32 to byte 47.
  • Page 180 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show cpu_access_profile Purpose Used to view the CPU access profile entry currently set in the Switch. Syntax show cpu_access_profile {profile_id <value 1-5> {access_id <value 1-65535>}} Description The show cpu_access_profile command is used view the current CPU interface filtering entries set on the Switch.
  • Page 181 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable cpu_interface_filtering Purpose Used to disable CPU interface filtering on the Switch. Syntax disable cpu_interface_filtering Description This command is used, in conjunction with the enable cpu_interface_filtering command above, to enable and disable CPU interface filtering on the Switch.
  • Page 182 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config flow_meter Parameters profile_id <value 1-255> − Enter an integer used to identify the access profile that will be configured with this command. This value is assigned to the access profile when it is created with the create access_profile command.
  • Page 183 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To show the ACL flow meter state on the Switch: DES-3500:admin#show flow_meter Command: show flow_meter Flow Metering Information Profile Id Access Id Metering Rate(Kbps) Rate Exceed Action ---------- --------- ------------------- ------------------- 1000 drop_packet Total Entries : 1...

  • Page 184: Safeguard Engine Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual AFEGUARD NGINE OMMANDS Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP Storm) or other methods. These attacks may increase the CPU utilization beyond its capability. To alleviate this problem, the Safeguard Engine function was added to the Switch’s software.
  • Page 185 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config safeguard_engine Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To configure the safeguard engine for the Switch: DES-3500:admin#config safeguard_engine state enable cpu_utilization rising_threshold 45 Command: config safeguard_engine state enable cpu_utilization rising_threshold 45 Success.

  • Page 186: Filter Commands (Dhcp/Netbios)

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual (DHCP/N BIOS) ILTER OMMANDS DHCP Server Screening Setting and DHCP Client Filtering Setting Due to this function allow you not only to restrict all DHCP Server packets but also to receive any specified DHCP server packet by any specified DHCP client, it is useful when one or more than one DHCP servers are present on the network and both provide DHCP services to different distinct groups of clients.
  • Page 187 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config filter dhcp_server Purpose DHCP server packets eccept those that have been IP/client MAC bound will be filtered. This command is used to configure the state of the function for filtering of DHCP server packet and to add/delete the DHCP server/client binding entry.
  • Page 188 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show filter dhcp_server Parameters None. Restrictions None. Example usage: To display the DHCP server/client filter list created on the switch: DES-3500:admin#show filter dhcp_server Command: show filter dhcp_server Enabled ports: 1-3 Filter DHCP Server/Client Table Server IP Address Client MAC address Port...
  • Page 189 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display the extensive NetBIOS filter status: DES-3500:admin#show filter netbios Command: show filter netbios Enabled ports 1-3 DES-3500:admin# config filter extensive_netbios Purpose Used to configure the switch to filter 802.3 frame NetBIOS packets from specified ports.
  • Page 190 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show filter extensive_netbios Command: show filter extensive_netbios Enabled ports 1-3 DES-3500admin#...

  • Page 191: Loopback Detection Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual OOPBACK ETECTION OMMANDS These commands are used to configure, conduct and display the results of loopback detection by the switch. The Loopback Detection commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
  • Page 192 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config loopdetect ports Purpose Used to configure loop-back detection on the switch. Syntax config loopdetect ports [<portlist> | all] | state [enable | disable] Description Used to configure loop-back detection on the switch. Parameters <portlist>...
  • Page 193 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#disable loopdetect Command: disable loopdetect Success DES-3500:admin# show loopdetect Purpose Used to display the current loop-back detection settings on the switch. Syntax show loopdetect Description Used to display the current loop-back detection settings on the switch Parameters none Restrictions...

  • Page 194: Traffic Segmentation Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual RAFFIC EGMENTATION OMMANDS Traffic segmentation allows users to further sub-divide VLANs into smaller groups of ports that will help to reduce traffic on the VLAN. The VLAN rules take precedence, and then the traffic segmentation rules are applied. Command Parameters config traffic_segmentation...
  • Page 195 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show traffic_segmentation same Switch. Example usage: To display the current traffic segmentation configuration on the Switch. DES-3500:admin#show traffic_segmentation Command: show traffic_segmentation Traffic Segmentation Table Port Forward Portlist ---- ---------------------------- 1-26 1-26 1-26 1-26 1-26...

  • Page 196: Time And Sntp Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual SNTP C IME AND OMMANDS The Simple Network Time Protocol (SNTP) (an adaptation of the Network Time Protocol (NTP)) commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters {primary <ipaddr>...
  • Page 197 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#config sntp primary 10.1.1.1 secondary 10.1.1.2 poll- interval 30 Command: config sntp primary 10.1.1.1 secondary 10.1.1.2 poll-interval 30 Success. DES-3500:admin# show sntp Purpose Used to display the SNTP information. Syntax show sntp Description This command will display SNTP settings information including the source IP address, time and poll interval.
  • Page 198 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable sntp Purpose To disable SNTP server support. Syntax disable sntp Description This will disable SNTP support. SNTP service must be separately configured (see config sntp). Parameters None. Restrictions Only Administrator and Operator-level users can issue this command.
  • Page 199 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config time_zone Purpose Used to determine the time zone used in order to adjust the system clock. Syntax config time_zone {operator [+ | -] | hour <gmt_hour 0-13> | min <minute 0-59>} Description This will adjust system clock settings according to the time zone.
  • Page 200 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config dst disable - Disable the DST seasonal time adjustment for the Switch. repeating - Using repeating mode will enable DST seasonal time adjustment. Repeating mode requires that the DST beginning and ending date be specified using a formula.
  • Page 201 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#config dst repeating s_week 2 s_day tue s_mth 4 s_time 15:00 e_week 2 e_day wed e_mth 10 e_time 15:30 offset 30 Command: config dst repeating s_week 2 s_day tue s_mth 4 s_time 15:00 e_week 2 e_day wed e_mth 10 e_time 15:30 offset 30 Success.

  • Page 202: Arp Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ARP C OMMANDS The ARP commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create arpentry <ipaddr> <macaddr> config arpentry <ipaddr>...
  • Page 203 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config arpentry command. Example Usage: To configure a static arp entry for the IP address 10.48.74.12 and MAC address 00:50:BA:00:07:36: DES-3500:admin#config arpentry 10.48.74.12 00-50-BA-00-07-36 Command: config arpentry 10.48.74.12 00-50-BA-00-07-36 Success. DES-3500:admin# delete arpentry Purpose Used to delete a static entry into the ARP table.
  • Page 204 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#config arp_aging time 30 Command: config arp_aging time 30 Success. DES-3500:admin# show arpentry Purpose Used to display the ARP table. Syntax show arpentry {ipif <ipif_name 12> | ipaddress <ipaddr> | [static | local]} Description This command is used to display the current contents of the Switch’s ARP table.
  • Page 205 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual clear arptable Purpose Used to remove all dynamic ARP table entries. Syntax clear arptable Description This command is used to remove dynamic ARP table entries from the Switch’s ARP table. Static ARP table entries are not affected. Parameters None.

  • Page 206: Routing Table Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual OUTING ABLE OMMANDS The routing table commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters create iproute [default] <ipaddr> {<metric 1-65535>} delete iproute [default] show iproute...
  • Page 207 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#delete iproute default 10.53.13.254 Command: delete iproute default 10.53.13.254 Success. DES-3500:admin# show iproute Purpose Used to display the Switch’s current IP routing table. Syntax show iproute Description This command will display the Switch’s current IP routing table. Parameters None.

  • Page 208: Mac Notification Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual MAC N OTIFICATION OMMANDS The MAC notification commands in the Command Line Interface (CLI) are listed, in the following table, along with their appropriate parameters. Command Parameters enable mac_notification disable mac_notification config mac_notification {interval <int 1-2147483647>...
  • Page 209 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config mac_notification Purpose Used to configure MAC address notification. Syntax config mac_notification {interval <int 1-2147483647> | historysize <int 1-500>} Description MAC address notification is used to monitor MAC addresses learned and entered into the FDB. Parameters interval <sec 1-2147483647>...
  • Page 210 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show mac_notification notification global settings. Parameters None. Restrictions None. Example usage: To view the Switch’s MAC address table notification global settings: DES-3500:admin#show mac_notification Command: show mac_notification Global Mac Notification Settings State : Enabled Interval History Size : 1...
  • Page 211 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual CTRL+C ESC q Quit SPACE n Next Page p Previous Page r Refresh...

  • Page 212: Access Authentication Control Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual CCESS UTHENTICATION ONTROL OMMANDS The TACACS / XTACACS / TACACS+ / RADIUS commands allows secure access to the Switch using the TACACS / XTACACS / TACACS+ / RADIUS protocols. When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password.
  • Page 213 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Command Parameters enable authen_policy disable authen_policy show authen_policy create authen_login <string 15> method_list_name config authen_login [default | method_list_name <string 15>] method {tacacs | xtacacs | tacacs+ | radius | server_group <string 15> | local | none} delete authen_login <string 15>...
  • Page 214 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable authen_policy Purpose Used to enable system access authentication policy. Syntax enable authen_policy Description This command will enable an administrator-defined authentication policy for users trying to access the Switch. When enabled, the device will check the method list and choose a technique for user authentication upon login.
  • Page 215 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To display the system access authentication policy: DES-3500:admin#show authen_policy Command: show authen_policy Authentication Policy: Enabled DES-3500:admin# create authen_login method_list_name Purpose Used to create a user defined method list of authentication methods for users logging on to the Switch.
  • Page 216 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen_login privilege only. If the user wishes to upgrade his or her status to the administrator level, the user must implement the enable admin command, followed by a previously configured password. (See the enable admin part of this section for more detailed information, concerning the enable admin command.) Parameters...
  • Page 217 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To configure the user defined method list “Trinity” with authentication methods TACACS, XTACACS and local, in that order. DES-3500:admin#config authen_login method_list_name Trinity method tacacs xtacacs local Command: config authen_login method_list_name Trinity method tacacs xtacacs local Success.
  • Page 218 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show authen_login for users logging on to the Switch. method_list_name <string 15> - Enter an alphanumeric string of up to 15 characters to define the given method list to view. all – Entering this parameter will display all the authentication login methods currently configured on the Switch.
  • Page 219 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Example usage: To create a user-defined method list, named “Permit” for promoting user privileges to Administrator privileges: DES-3500:admin#create authen_enable method_list_name Permit Command: show authen_login method_list_name Permit Success. DES-3500:admin# config authen_enable Purpose Used to configure a user-defined method list of authentication methods for promoting normal user level privileges to Administrator level privileges on the Switch.
  • Page 220 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen_enable local_enable - Adding this parameter will require the user to be authenticated using the local user account database on the Switch. none – Adding this parameter will require no authentication to access the Switch.
  • Page 221 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete authen_enable method_list_name Purpose Used to delete a user-defined method list of authentication methods for promoting normal user level privileges to Administrator level privileges on the Switch. Syntax delete authen_enable method_list_name <string 15> Description This command is used to delete a user-defined method list of authentication methods for promoting user level privileges to...
  • Page 222 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show authen_enable Restrictions User Account Command Level – Administrator. Example usage: To display all method lists for promoting user level privileges to administrator level privileges. DES-3500:admin#show authen_enable all Command: show authen_enable all Method List Name Priority Method Name Comment ---------------- --------...
  • Page 223 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen application Restrictions User Account Command Level – Administrator. Example usage: To configure the default method list for the web interface: DES-3500:admin#config authen application http login default Command: config authen application http login default Success.
  • Page 224 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual create authen server_host maximum supported number of server hosts is 16. Parameters server_host <ipaddr> - The IP address of the remote server host to add. protocol – The protocol used by the server host. The user may choose one of the following: tacacs –...
  • Page 225 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen server_host to the Switch. More than one authentication protocol can be run on the same physical server host but, remember that TACACS/XTACACS/TACACS+/RADIUS are separate entities and are not compatible with each other. The maximum supported number of server hosts is 16.
  • Page 226 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual delete authen server_host Parameters server_host <ipaddr> - The IP address of the remote server host to be deleted. protocol – The protocol used by the server host the user wishes to delete.
  • Page 227 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual IP Address Protocol Port Timeout Retransmit Key --------------- -------- ----- ------- --------------- ------------------ 10.53.13.94 TACACS No Use Total Entries : 1 DES-3500:admin# create authen server_group Purpose Used to create a user-defined authentication server group. Syntax create authen server_group <string 15>...
  • Page 228 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen server_group TACACS+ protocol may be added to this group. radius – Use this parameter to utilize the built-in RADIUS server protocol on the Switch. Only server hosts utilizing the RADIUS protocol may be added to this group.
  • Page 229 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show authen server_group Purpose Used to view authentication server groups on the Switch. Syntax show authen server_group <string 15> Description This command will display authentication server groups currently configured on the Switch. This command will display the following fields: Group Name: The name of the server group currently configured on the Switch, including built in groups and user defined groups.
  • Page 230 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config authen parameter attempt Purpose Used to configure the maximum number of times the Switch will accept authentication attempts. Syntax config authen parameter attempt <int 1-255> Description This command will configure the maximum number of times the Switch will accept authentication attempts.
  • Page 231 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable admin Purpose Used to promote user level privileges to administrator level privileges. Syntax enable admin Description This command is for users who have logged on to the Switch on the normal user level, to become promoted to the administrator level.

  • Page 232: Ssh Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual SSH C OMMANDS The steps required to use the Secure Shell (SSH) protocol for secure communication between a remote PC (the SSH Client) and the Switch (the SSH Server), are as follows: Create a user account with admin-level access using the create account admin <username>...
  • Page 233 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#enable ssh Command: enable ssh Success. DES-3500:admin# disable ssh Purpose Used to disable SSH. Syntax disable ssh Description This command allows users to disable SSH on the Switch. Parameters None. Restrictions Only Administrator and Operator-level users can issue this command.
  • Page 234 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#config ssh authmode password enable Command: config ssh authmode password enable Success. DES-3500:admin# show ssh authmode Purpose Used to display the SSH authentication mode setting. Syntax show ssh authmode Description This command will allow users to display the current SSH authentication set on the Switch.
  • Page 235 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Usage example: To configure the SSH server: DES-3500:admin# config ssh server maxsession 2 contimeout 300 authfail 2 Command: config ssh server maxsession 2 contimeout 300 authfail 2 Success. DES-3500:admin# show ssh server Purpose Used to display the SSH server setting.
  • Page 236 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config ssh user • hostname <domain_name> - Enter an alphanumeric string of up to 32 characters identifying the remote SSH user. • hostname_IP <domain_name> <ipaddr> - Enter the hostname and the corresponding IP address of the SSH user.
  • Page 237 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config ssh algorithm Purpose Used to configure the SSH algorithm. Syntax config ssh algorithm [3DES | AES128 | AES192 | AES256 | arcfour | blowfish | cast128 | twofish128 | twofish192 | twofish256 | MD5 | SHA1 | RSA | DSA] [enable | disable] Description This command allows users to configure the desired type of SSH algorithm...
  • Page 238 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Usage Example: To display SSH algorithms currently set on the Switch: DES-3500:admin#show ssh algorithm Command: show ssh algorithm Encryption Algorithm 3DES :Enabled AES128 :Enabled AES192 :Enabled AES256 :Enabled ARC4 :Enabled Blowfish :Enabled Cast128 :Enabled...

  • Page 239: Ssl Commands

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual SSL C OMMANDS Secure Sockets Layer or SSL is a security feature that will provide a secure communication path between a host and client through the use of authentication, digital signatures and encryption. These security functions are implemented through the use of a ciphersuite, which is a security string that determines the exact cryptographic parameters, specific encryption algorithms and key sizes to be used for an authentication session and consists of three levels: 1.
  • Page 240 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable ssl Purpose To enable the SSL function on the Switch. Syntax enable ssl {ciphersuite {RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA | DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5}} Description This command will enable SSL on the Switch by implementing any one or combination of listed ciphersuites on the Switch.
  • Page 241 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual disable ssl Purpose To disable the SSL function on the Switch. Syntax disable ssl {ciphersuite {RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA | DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5}} Description This command will disable SSL on the Switch and can be used to disable any one or combination of listed ciphersuites on the Switch.
  • Page 242 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config ssl cachetimeout timeout host, therefore speeding up the negotiation process. Parameters timeout <value 60-86400> - Enter a timeout value between 60 and 86400 seconds to specify the total time an SSL key exchange ID stays valid before the SSL module will require a new, full SSL negotiation for connection.
  • Page 243 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin#show ssl Command: show ssl SSL status Disabled RSA_WITH_RC4_128_MD5 0x0004 Enabled RSA_WITH_3DES_EDE_CBC_SHA 0x000A Enabled DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013 Enabled RSA_EXPORT_WITH_RC4_40_MD5 0x0003 Enabled DES-3500:admin# show ssl certificate Purpose Used to view the SSL certificate file status on the Switch. Syntax show ssl certificate Description...
  • Page 244 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin# DES-3500:admin#download certificate_fromTFTP 10.53.13.94 certfilename c:/cert.der keyfilename c:/pkey.der Command: download certificate_fromTFTP 10.53.13.94 certfilename c:/cert.der keyfilename c:/pkey.der Certificate Loaded Successfully! DES-3500:admin#...

  • Page 245: D-Link Single Ip Management Commands

    OMMANDS Simply put, D-Link Single IP Management is a concept that will stack switches together over Ethernet instead of using stacking ports or modules. Switches using D-Link Single IP Management (labeled here as SIM) must conform to the following rules: SIM is an optional feature on the Switch and can easily be enabled or disabled.
  • Page 246 CS, do not belong. The Upgrade to v1.6 To better improve SIM management, the xStack DES-3500 series switches have been upgraded to version 1.6 in this release. Many improvements have been made, including: The Commander Switch (CS) now has the capability to automatically rediscover member switches that have left the SIM group, either through a reboot or web malfunction.
  • Page 247 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual enable sim Purpose Used to enable Single IP Management (SIM) on the Switch Syntax enable sim Description This command will enable SIM globally on the Switch. SIM features and functions will not function properly unless this function is enabled.
  • Page 248 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual show sim the Switch. Firmware Version - Displays the current Firmware version on the Switch. Device Name - Displays the user-defined device name on the Switch. MAC Address - Displays the MAC Address of the Switch. Capabilities –...
  • Page 249 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To show the candidate information in summary, if the candidate ID is specified: DES-3500:admin#show sim candidates Command: show sim candidates ID MAC Address Platform / Hold Firmware Device Name Capability Time Version --- ----------------- ------------------------...
  • Page 250 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Port MAC Address Role ------ ------------------ --------- 00-35-26-00-11-99 Commander 00-35-26-00-11-91 Member 00-35-26-00-11-90 Candidate Total Entries: 3 DES-3500:admin#...
  • Page 251 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual reconfig Purpose Used to connect to a member switch, through the commander switch, using Telnet. Syntax reconfig {member_id <value 1-32 | exit} Description This command is used to reconnect to a member switch using Telnet. Parameters member_id <value 1-32>...
  • Page 252 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin# config sim delete 1 Command: config sim delete 1 Please wait for ACK... Success. DES-3500:admin# config sim Purpose Used to configure role parameters for the SIM protocol on the Switch. Syntax config sim [{[commander {group_name <groupname 64>...
  • Page 253 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin# config sim commander hold_time 120 Command: config sim commander hold_time 120 Success. DES-3500:admin# To transfer the CS (commander) to be a CaS (candidate): DES-3500:admin# config sim_role candidate Command: config sim_role candidate Success.
  • Page 254 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual download sim Restrictions Only administrator-level users can issue this command. Example usage: To download firmware: DES-3500:admin# download sim firmware 10.53.13.94 c:/des3526.had members Command: download sim firmware 10.53.13.94 c:/des3526.had members all This device is updating firmware. Please wait... Download Status : MAC Address Result...
  • Page 255 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual To upload configuration files to a TFTP server: DES-3500:admin# upload sim_ms configuration 10.55.47.1 D:\configuration.txt 1 Command: upload sim_ms configuration 10.55.47.1 D:\configuration.txt 1 Success. DES-3500:admin#...

  • Page 256: Command History List

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual OMMAND ISTORY The switch history commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Command Parameters config command_history <value 1-40> show command_history Each command is listed, in detail, in the following sections.
  • Page 257 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual DES-3500:admin# config stp Command:? config stp Command: config stp Usage: {maxage <value 6-40> | maxhops <value1-20> | hellotime <value 1- 10> | forwarddelay <value 4-30> | txholdcount <value 1-10> | fbpdu [enable | disable] | lbd [enable | disable] | lbd_recover_timer [0 | <value 60-1000000>]} Description: Used to update the STP Global Configuration.
  • Page 258 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual config command_history Purpose Used to configure the command history. Syntax config command_history <value 1-40> Description This command is used to configure the command history. <value 1-40> − The number of previously executed commands Parameters maintained in the buffer.

  • Page 259: Technical Specifications

    DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual ECHNICAL PECIFICATIONS General IEEE 802.3 Nway auto-negotiation Standards IEEE 802.3 10BASE-T Ethernet IEEE 802.3u 100BASE-TX Fast Ethernet IEEE 802.3ab 1000BASE-T Gigabit Ethernet IEEE 802.3z 1000BASE-T (SFP “Mini GBIC”) IEEE 802.1D Spanning Tree IEEE 802.1w Rapid Spanning Tree IEEE 802.1s Multiple Spanning Tree IEEE 802.1Q VLAN...
  • Page 260 DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual Physical and Environmental Internal power supply AC Input: 100 – 120; 200 – 240 VAC, 50/60 Hz DC 60W DC Power Input: 48V Output: 12V Power Consumption For DES-3526/ DES-3526DC, Max. 23 watts For DES-3550, Max.

Table of Contents