Page 1 M4100 Series ProSAFE Managed Switches CLI Com man d Reference M an ual Sof tware Version 1 0.0.2 April 2015 202-11166-04 350 East Plumeria Drive San Jose, CA 95134...
Page 2 For regulatory compliance information, visit http://www.netgear.com/about/regulatory. See the regulatory compliance document before connecting the power supply. Trademarks © NETGEAR, Inc. NETGEAR and the NETGEAR Logo are trademarks of NETGEAR, Inc. Any non-NETGEAR trademarks are used for reference purposes only. Revision History...
Page 3: Table Of Contents
Contents Chapter 1 Using the Command-Line Interface Command Syntax ........... . 8 Command Conventions .
Page 4 M4100 Series ProSAFE Managed Switches IGMP Snooping Configuration Commands ......154 IGMP Snooping Querier Commands........164 MLD Snooping Commands.
Page 5 M4100 Series ProSAFE Managed Switches Logging Commands..........353 Email Alerting and Mail Server Commands .
Page 6 M4100 Series ProSAFE Managed Switches Technologies............554 O/S Support .
Page 7: Chapter 1 Using The Command-Line Interface
Note: Firmware updates with new features and bug fixes are made available from time to time at downloadcenter.netgear.com. Some products can regularly check the site and download new firmware, or you can check for and download new firmware manually. If the features or behavior of your product does not match what is described in this guide, you might need to update your firmware.
Page 8: Command Syntax
M4100 Series ProSAFE Managed Switches Command Syntax A command is one or more words that might be followed by one or more parameters. Parameters can be required or optional values. Some commands, such as show network and clear vlan, do not require parameters.
Page 9: Common Parameter Values
M4100 Series ProSAFE Managed Switches Table 1. Parameter Conventions (continued) Symbol Example Description Indicates that you must select a parameter from the { } curly braces {choice1 | choice2} list of choices. Separates the mutually exclusive choices. | Vertical bars choice1 | choice2 Indicates a choice within an optional element.
Page 10: Slot/Port Naming Convention
M4100 Series ProSAFE Managed Switches Slot/Port Naming Convention Managed switch software references physical entities such as cards and ports by using a slot/port naming convention. The software also uses this convention to identify certain logical entities, such as port-channel interfaces.
Page 11: Managed Switch Modules
M4100 Series ProSAFE Managed Switches command without the keyword no to reenable a disabled feature or to enable a feature that is disabled by default. Only the configuration commands are available in the no form. Managed Switch Modules Managed switch software consists of flexible modules that can be applied in various combinations to develop advanced Layer 2/3/4+ products.
Page 12 M4100 Series ProSAFE Managed Switches Table 5. CLI Command Modes (continued) Command Mode Prompt Mode Description Global Config Groups general setup commands and Switch (Config)# permits you to make modifications to the running configuration. VLAN Config Groups all the VLAN commands.
Page 13 M4100 Series ProSAFE Managed Switches Table 6. CLI Mode Access and Exit (continued) Command Mode Access Method Exit or Access Previous Mode Global Config From the Privileged EXEC mode, To exit to the Privileged EXEC mode, enter exit, or enter configure.
Page 14: Command Completion And Abbreviation
M4100 Series ProSAFE Managed Switches Command Completion and Abbreviation Command completion finishes spelling the command when you type enough letters of a command to uniquely identify the command keyword. Once you have entered enough letters, press the SPACEBAR or TAB key to complete the word.
Page 15: Using Cli Help
M4100 Series ProSAFE Managed Switches Table 8. CLI Editing Conventions (continued) Key Sequence Description Ctrl-D Delete current character Ctrl-U, X Delete to beginning of line Ctrl-K Delete to end of line Ctrl-W Delete previous word Ctrl-T Transpose previous character Ctrl-P...
Page 16: Accessing The Cli
M4100 Series ProSAFE Managed Switches Enter a question mark (?) after each word you enter to display available command keywords or parameters. (NETGEAR Switch) #network ? javamode Enable/Disable. mgmt_vlan Configure the Management VLAN ID of the switch. parms Configure Network Parameters of the router.
Page 17: Chapter 2 Switching Commands
Switching Commands This chapter describes the switching commands available in the managed switch CLI. The chapter contains the following sections: • Port Configuration Commands • Loopback Interface Commands • Spanning Tree Protocol (STP) Commands • VLAN Commands • Switch Port Commands •...
Page 18 M4100 Series ProSAFE Managed Switches • MLD Snooping Querier Commands • Port Security Commands • LLDP (802.1AB) Commands • LLDP-MED Commands • Denial of Service Commands • MAC Database Commands • ISDP Commands The commands in this chapter are in three functional groups: •...
Page 19: Port Configuration Commands
M4100 Series ProSAFE Managed Switches Port Configuration Commands This section describes the commands you use to view and configure port settings. interface This command gives you access to the Interface Config mode, which allows you to enable or modify the operation of an interface (port).
Page 20: Auto-Negotiate All
M4100 Series ProSAFE Managed Switches no auto-negotiate This command disables automatic negotiation on a port. Note: Automatic sensing is disabled when automatic negotiation is disabled. auto-negotiate all This command enables automatic negotiation on all ports. Default enabled Format auto-negotiate all...
Page 21: Shutdown All
M4100 Series ProSAFE Managed Switches Default 1518 (untagged) Format mtu <1518-9216> Mode Interface Config no mtu This command sets the default MTU size (in bytes) for the interface. Format no mtu Mode Interface Config shutdown This command disables a port.
Page 22: Speed All
M4100 Series ProSAFE Managed Switches Format shutdown all Mode Global Config no shutdown all This command enables all ports. Format no shutdown all Mode Global Config speed This command sets the speed and duplex setting for the interface. Format speed [auto] [{<100 | 10 | 10G> {<half-duplex | full-duplex>}}]...
Page 23: Show Port Advertise
M4100 Series ProSAFE Managed Switches Acceptable Definition Values 10BASE-T full duplex 10Gh 10GBase-T full duplex 10Gf 10Gbase-T half duplex show port advertise Use this command to display the local administrative link advertisement configuration, local operational link advertisement, and the link partner advertisement for an interface. It also displays priority Resolution for speed and duplex as per 802.3 Annex 28B.3.
Page 24: Show Port
M4100 Series ProSAFE Managed Switches (NETGEAR Switch)#show port advertise Port Type Operational Link Advertisement --------- ------------------------------ ----------- ------------------------------ Gigabit - Level Enabled 1000f, 100f, 100h, 10f, 10h Gigabit - Level Enabled 1000f, 100f, 100h, 10f, 10h Gigabit - Level Enabled...
Page 25: Show Port Description
M4100 Series ProSAFE Managed Switches Term Definition Group Name The group name of an entry in the Protocol-based VLAN table. Group ID The group identifier of the protocol group. Protocol(s) The type of protocol(s) for this group. VLAN The VLAN associated with this Protocol Group.
Page 26: Loopback Interface Commands
M4100 Series ProSAFE Managed Switches Loopback Interface Commands The commands in this section describe how to create, delete, and manage loopback interfaces. A loopback interface is always expected to be up. This interface can provide the source address for sent packets and can receive both local and remote packets. The loopback interface is typically used by routing protocols.
Page 27: Spanning Tree Protocol (Stp) Commands
M4100 Series ProSAFE Managed Switches If you specify a loopback ID, the following information appears: Term Definition Interface Link Shows whether the link is up or down. Status IP Address The IPv4 address of the interface. IPv6 is enabled Shows whether IPv6 is enabled on the interface.
Page 28: Spanning-Tree Bpdufilter
M4100 Series ProSAFE Managed Switches no spanning-tree auto-edge This command disables auto-edge on the interface or range of interfaces. Format no spanning-tree auto-edge Mode Interface Config spanning-tree bpdufilter Use this command to enable BPDU Filter on an interface or range of interfaces.
Page 29: Spanning-Tree Bpduflood
M4100 Series ProSAFE Managed Switches spanning-tree bpduflood Use this command to enable BPDU Flood on the interface. Default disabled Format spanning-tree bpduflood Mode Interface Config no spanning-tree bpduflood Use this command to disable BPDU Flood on the interface. Format no spanning-tree bpduflood...
Page 30: Spanning-Tree Configuration Name
M4100 Series ProSAFE Managed Switches spanning-tree configuration name This command sets the Configuration Identifier Name for use in identifying the configuration that this switch is currently using. The <name> is a string of up to 32 characters. Default base MAC address in hexadecimal notation Format spanning-tree configuration name <name>...
Page 31: Spanning-Tree Forceversion
M4100 Series ProSAFE Managed Switches no spanning-tree edgeport This command specifies that this port is not an Edge Port within the Common and Internal Spanning Tree. Format no spanning-tree edgeport Mode Interface Config spanning-tree forceversion This command sets the Force Protocol Version parameter to a new value.
Page 32: Spanning-Tree Guard
M4100 Series ProSAFE Managed Switches no spanning-tree forward-time This command sets the Bridge Forward Delay parameter for the Common and Internal Spanning Tree to the default value. Format no spanning-tree forward-time Mode Global Config spanning-tree guard This command selects whether loop guard or root guard is enabled on an interface. If neither is enabled, the port operates in accordance with the multiple spanning tree protocol.
Page 33: Spanning-Tree Max-Age
M4100 Series ProSAFE Managed Switches spanning-tree max-age This command sets the Bridge Max Age parameter to a new value for the Common and Internal Spanning Tree. The max-age value is in seconds within a range of 6–40, with the value being less than or equal to 2 x (Bridge Forward Delay - 1).
Page 34 M4100 Series ProSAFE Managed Switches the <mstid> parameter. You can set the path cost as a number in the range of 1–200000000 or auto. If you select auto the path cost value is set based on Link Speed. If you specify the external-cost option, this command sets the external-path cost for MST instance 0 that is, CIST instance.
Page 35: Spanning-Tree Mst Instance
M4100 Series ProSAFE Managed Switches spanning-tree mst instance This command adds a multiple spanning tree instance to the switch. The parameter <mstid> is a number within a range of 1–4094, that corresponds to the new instance ID to be added. The maximum number of multiple instances supported by the switch is 4.
Page 36: Spanning-Tree Mst Vlan
M4100 Series ProSAFE Managed Switches If 0 (defined as the default CIST ID) is passed as the <mstid>, this command sets the Bridge Priority parameter for the Common and Internal Spanning Tree to the default value. Format no spanning-tree mst priority <mstid>...
Page 37: Spanning-Tree Port Mode All
M4100 Series ProSAFE Managed Switches spanning-tree port mode all This command sets the Administrative Switch Port State for all ports to enabled. Default enabled Format spanning-tree port mode all Mode Global Config no spanning-tree port mode all This command sets the Administrative Switch Port State for all ports to disabled.
Page 38: Show Spanning-Tree
M4100 Series ProSAFE Managed Switches no spanning-tree bpduforwarding This command will cause the STP BPDU packets received from the network to be dropped if STP is disabled. Format no spanning-tree bpduforwarding Mode Global Config show spanning-tree This command displays spanning tree settings for the Common and Internal Spanning Tree.
Page 39: Show Spanning-Tree Brief
M4100 Series ProSAFE Managed Switches Term Definition Bridge Hold Time Minimum time between transmission of Configuration Bridge Protocol Data Units (BPDUs). Bridge Max Hops Bridge max-hops count for the device. CST Regional Bridge Identifier of the CST Regional Root. It is made up using the bridge priority and the Root base MAC address of the bridge.
Page 40: Show Spanning-Tree Interface
M4100 Series ProSAFE Managed Switches show spanning-tree interface This command displays the settings and parameters for a specific switch port within the Common and Internal Spanning Tree. The <slot/port> is the desired switch port. The following details are displayed on execution of the command.
Page 41: Show Spanning-Tree Mst Port Detailed
M4100 Series ProSAFE Managed Switches show spanning-tree mst port detailed This command displays the detailed settings and parameters for a specific switch port within a particular multiple spanning tree instance. The parameter <mstid> is a number that corresponds to the desired existing multiple spanning tree instance. The <slot/port> is the desired switch port.
Page 42 M4100 Series ProSAFE Managed Switches Term Definition Transitions Into The number of times this interface has transitioned into loop inconsistent state. Loop Inconsistent State Transitions Out The number of times this interface has transitioned out of loop inconsistent state. of Loop...
Page 43: Show Spanning-Tree Mst Port Summary
M4100 Series ProSAFE Managed Switches Term Definition Edge Port Status The derived value of the edge port status. True if operating as an edge port; false otherwise. Point To Point Derived value indicating if this port is part of a point to point link.
Page 44: Show Spanning-Tree Mst Port Summary Active
M4100 Series ProSAFE Managed Switches Term Definition Port Role The role of the specified port within the spanning tree. Desc Indicates whether the port is in loop inconsistent state or not. This field is blank if the loop guard feature is not available.
Page 45: Show Spanning-Tree Summary
M4100 Series ProSAFE Managed Switches Term Definition MST Instance ID List of multiple spanning trees IDs currently configured. List For each MSTID: • Associated • List of forwarding database identifiers associated with this instance. FIDs • List of VLAN IDs associated with this instance.
Page 46: Vlan Commands
M4100 Series ProSAFE Managed Switches show spanning-tree vlan This command displays the association between a VLAN and a multiple spanning tree instance. The <vlanid> corresponds to an existing VLAN ID. Format show spanning-tree vlan <vlanid> Mode • Privileged EXEC •...
Page 47: Vlan Acceptframe
M4100 Series ProSAFE Managed Switches vlan This command creates a new VLAN and assigns it an ID. The ID is a valid VLAN identification number (ID 1 is reserved for the default VLAN). The vlan-list contains VlanId's in range <1-4093>. Separate non-consecutive IDs with ',' and no spaces and no zeros in between the range;...
Page 48: Vlan Ingressfilter
M4100 Series ProSAFE Managed Switches vlan ingressfilter This command enables ingress filtering. If ingress filtering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN.
Page 49: Vlan Participation
M4100 Series ProSAFE Managed Switches vlan participation This command configures the degree of participation for a specific interface in a VLAN. The ID is a valid VLAN identification number, and the interface is a valid interface number. Format vlan participation {exclude | include | auto} <1-4093>...
Page 50: Vlan Port Acceptframe All
M4100 Series ProSAFE Managed Switches vlan port acceptframe all This command sets the frame acceptance mode for all interfaces. Default Format vlan port acceptframe all {vlanonly | all} Mode Global Config The modes defined as follows: Mode Definition VLAN Only Untagged frames or priority frames received on this interface are discarded.
Page 51: Vlan Port Pvid All
M4100 Series ProSAFE Managed Switches no vlan port ingressfilter all This command disables ingress filtering for all ports. If ingress filtering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN.
Page 52: Vlan Protocol Group
M4100 Series ProSAFE Managed Switches vlan protocol group This command adds protocol-based VLAN groups to the system. When it is created, the protocol group will be assigned a unique number (1-128) that will be used to identify the group in subsequent commands.
Page 53: Protocol Group
M4100 Series ProSAFE Managed Switches no vlan protocol group add protocol This command removes the <protocol> from this protocol-based VLAN group that is identified by this <groupid>. The possible values for protocol are ip, arp, and ipx. Format no vlan protocol group add protocol <groupid> <ethertype>...
Page 54: Protocol Vlan Group All
M4100 Series ProSAFE Managed Switches no protocol vlan group This command removes the interface from this protocol-based VLAN group that is identified by this <groupid>. Format no protocol vlan group <groupid> Mode Interface Config protocol vlan group all This command adds all physical interfaces to the protocol-based VLAN identified by <groupid>.
Page 55: Vlan Tagging
M4100 Series ProSAFE Managed Switches vlan tagging This command configures the tagging behavior for a specific interface in a VLAN to enabled. If tagging is enabled, traffic is transmitted as tagged frames. If tagging is disabled, traffic is transmitted as untagged frames. The vlan-list contains VlanId's in range <1-4093>. Separate non-consecutive IDs with ',' and no spaces and no zeros in between the range;...
Page 56: Show Vlan
M4100 Series ProSAFE Managed Switches no vlan association mac This command removes the association of a MAC address to a VLAN. Format no vlan association mac <macaddr> Mode VLAN database remote-span This command identifies the VLAN as the RSPAN VLAN.
Page 57: Show Vlan Brief
M4100 Series ProSAFE Managed Switches If you enter the optional <vlanid> parameter, the command output also displays detailed information, including interface information, for a specific VLAN. The ID is a valid VLAN identification number. Term Definition Interface Valid slot and port number separated by forward slashes. It is possible to set the parameters for all ports by using the selectors on the top line.
Page 58: Show Vlan Association Subnet
M4100 Series ProSAFE Managed Switches Term Definition Interface Valid slot and port number separated by forward slashes. It is possible to set the parameters for all ports by using the selectors on the top line. Port VLAN ID The VLAN ID that this port will assign to untagged frames or priority tagged frames received on this port.
Page 59: Switch Port Commands
M4100 Series ProSAFE Managed Switches Term Definition MAC Address A MAC address for which the switch has forwarding and or filtering information. The format is 6 or 8 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB. In an IVL system the MAC address will be displayed as 8 bytes.
Page 60: Switchport Trunk Allowed Vlan
M4100 Series ProSAFE Managed Switches no switchport mode This command resets the switch port mode to its default value. Format no switchport mode Mode Interface Config switchport trunk allowed vlan Use this command to configure the list of allowed VLANs that can receive and send traffic on this interface in tagged format when in trunking mode.
Page 61: Switchport Access Vlan
M4100 Series ProSAFE Managed Switches The native VLAN must be in the allowed VLAN list for tagging of received untagged packets. Otherwise, untagged packets are discarded. Packets marked with the native VLAN are transmitted untagged from the trunk port. The default ID is 1, the default VLAN.
Page 62 Trunking Mode Native VLAN: 1 (default) Trunking Mode Native VLAN tagging: Disable Trunking Mode VLANs Enabled: All Protected Port: False Command example: (NETGEAR Switch) #show interfaces switchport access 1/0 Intf PVID --------- ---- Command example: (NETGEAR Switch) #show interfaces switchport trunk 1/6...
Page 63: Double Vlan Commands
M4100 Series ProSAFE Managed Switches Command example: (NETGEAR Switch) #show interfaces switchport general Intf PVID Ingress Acceptable Untagged Tagged Forbidden Dynamic Filtering Frame Type Vlans Vlans Vlans Vlans --------- ----- ---------- ----------- --------- --------- --------- --------- 1/0/1 Enabled Admit All...
Page 64: Mode Dvlan-Tunnel
M4100 Series ProSAFE Managed Switches mode dvlan-tunnel Use this command to enable Double VLAN Tunneling on the specified interface. Note: When you use the mode dvlan-tunnel command on an interface, it becomes a service provider port. Ports that do not have double VLAN tunneling enabled are customer ports.
Page 65: Voice Vlan Commands
M4100 Series ProSAFE Managed Switches show dvlan-tunnel Use this command without the optional parameters to display all interfaces enabled for Double VLAN Tunneling. Use the optional parameters to display detailed information about Double VLAN Tunneling for the specified interface or all interfaces.
Page 66: Voice Vlan (Interface Config)
M4100 Series ProSAFE Managed Switches no voice vlan (Global Config) Use this command to disable the Voice VLAN capability on the switch. Format no voice vlan Mode Global Config voice vlan (Interface Config) Use this command to enable the Voice VLAN capability on the interface.
Page 67: Provisioning (Ieee 802.1P) Commands
M4100 Series ProSAFE Managed Switches show voice vlan Format show voice vlan [interface {<slot/port> | all}] Mode Privileged EXEC When the interface parameter is not specified, only the global mode of the Voice VLAN is displayed. Term Definition Administrative The Global Voice VLAN mode.
Page 68: Protected Ports Commands
M4100 Series ProSAFE Managed Switches vlan priority This command configures the default 802.1p port priority assigned for untagged packets for a specific interface. The range for the priority is 0–7. Default Format vlan priority <priority> Mode Interface Config Protected Ports Commands This section describes commands you use to configure and view protected ports on a switch.
Page 69: Switchport Protected (Interface Config)
M4100 Series ProSAFE Managed Switches no switchport protected (Global Config) Use this command to remove a protected port group. The <groupid> parameter identifies the set of protected ports. Use the name keyword to remove the name from the group. Format NO switchport protected <groupid>...
Page 70: Private Vlan Commands
M4100 Series ProSAFE Managed Switches Term Definition Group ID The number that identifies the protected port group. Name An optional name of the protected port group. The name can be up to 32 alphanumeric characters long, including blanks. The default is blank.
Page 71: Switchport Private-Vlan
M4100 Series ProSAFE Managed Switches Three types of port designations exist within a private VLAN: • Promiscuous Ports—An endpoint connected to a promiscuous port is allowed to communicate with any endpoint within the private VLAN. Multiple promiscuous ports can be defined for a single private VLAN domain.
Page 72: Switchport Mode Private-Vlan
M4100 Series ProSAFE Managed Switches switchport mode private-vlan This command is used to configure a port as a promiscuous or host private VLAN port. Note that the properties of each mode can be configured even when the switch is not in that mode.
Page 73: Vlan (Private Vlan)
M4100 Series ProSAFE Managed Switches no private-vlan This command is used to restore normal VLAN configuration. Format no private-vlan {association} Mode VLAN Config vlan (Private VLAN) Use this command to enter the private vlan configuration. The VLAN range is 1-4094.
Page 74: Garp Commands
M4100 Series ProSAFE Managed Switches Term Definition Private-vlan host-association Displays VLAN association for the private-VLAN host ports. Private-vlan mapping Displays VLAN mapping for the private-VLAN promiscuous ports GARP Commands This section describes the commands you use to configure Generic Attribute Registration Protocol (GARP) and view GARP status.
Page 75: Set Garp Timer Leaveall
M4100 Series ProSAFE Managed Switches Default Format set garp timer leave <20-600> Mode • Interface Config • Global Config no set garp timer leave This command sets the GVRP leave time on all ports or a single port to the default and only has an effect when GVRP is enabled.
Page 76: Gvrp Commands
M4100 Series ProSAFE Managed Switches show garp This command displays GARP information. Format show garp Mode • Privileged EXEC • User EXEC Term Definition GMRP Admin Mode The administrative mode of GARP Multicast Registration Protocol (GMRP) for the system. GVRP Admin Mode The administrative mode of GARP VLAN Registration Protocol (GVRP) for the system.
Page 77: Set Gvrp Interfacemode
M4100 Series ProSAFE Managed Switches set gvrp interfacemode This command enables GVRP on a single port (Interface Config mode) or all ports (Global Config mode). Default disabled Format set gvrp interfacemode Mode • Interface Config • Global Config no set gvrp interfacemode This command disables GVRP on a single port (Interface Config mode) or all ports (Global Config mode).
Page 78: Gmrp Commands
M4100 Series ProSAFE Managed Switches Term Definition LeaveAll Timer This Leave All Time controls how frequently LeaveAll PDUs are generated. A LeaveAll PDU indicates that all registrations will shortly be deregistered. Participants will need to rejoin in order to maintain registration. There is an instance of this timer on a per-Port, per-GARP participant basis.
Page 79: Show Gmrp Configuration
M4100 Series ProSAFE Managed Switches disabled and port-channel (LAG) membership is removed from an interface that has GARP enabled. Default disabled Format set gmrp interfacemode Mode • Interface Config • Global Config no set gmrp interfacemode This command disables GARP Multicast Registration Protocol on a single interface or all interfaces.
Page 80: Port-Based Network Access Control Commands
M4100 Series ProSAFE Managed Switches Term Definition LeaveAll Timer This Leave All Time controls how frequently LeaveAll PDUs are generated. A LeaveAll PDU indicates that all registrations will shortly be deregistered. Participants will need to rejoin in order to maintain registration. There is an instance of this timer on a per-Port, per-GARP participant basis.
Page 81: Clear Radius Statistics
M4100 Series ProSAFE Managed Switches clear radius statistics This command is used to clear all RADIUS statistics. Format clear radius statistics Mode Privileged EXEC dot1x eapolflood Use this command to enable EAPOL flood support on the switch. Default Disabled Format...
Page 82: Dot1X Initialize
M4100 Series ProSAFE Managed Switches dot1x initialize This command begins the initialization sequence on the specified port. This command is only valid if the control mode for the specified port is “auto” or “mac-based”. If the control mode is not “auto” or “mac-based,” an error is returned.
Page 83: Dot1X Max-Users
M4100 Series ProSAFE Managed Switches dot1x max-users Use this command to set the maximum number of clients supported on the port when MAC-based dot1x authentication is enabled on the port. The maximum users supported per port is dependent on the product. The <count> value is in the range 1 - 48.
Page 84: Dot1X Re-Authenticate
M4100 Series ProSAFE Managed Switches authenticator PAE sets the controlled port mode to reflect the outcome of the authentication exchanges between the supplicant, authenticator, and the authentication server. If the mac-based option is specified, MAC-based dot1x authentication is enabled on the port.
Page 85: Dot1X System-Auth-Control
M4100 Series ProSAFE Managed Switches dot1x system-auth-control Use this command to enable the dot1x authentication support on the switch. While disabled, the dot1x configuration is retained and can be changed, but is not activated. Default disabled Format dot1x system-auth-control Mode...
Page 86: Dot1X Unauthenticated-Vlan
M4100 Series ProSAFE Managed Switches Tokens Definition quiet-period The value, in seconds, of the timer used by the authenticator state machine on this port to define periods of time in which it will not attempt to acquire a supplicant. The quiet-period must be a value in the range 0 - 65535.
Page 87: Dot1X User
M4100 Series ProSAFE Managed Switches dot1x user This command adds the specified user to the list of users with access to the specified port or all ports. The <user> parameter must be a configured user. Format dot1x user <user> {<slot/port> | all}...
Page 88: Dot1X System-Auth-Control Monitor
M4100 Series ProSAFE Managed Switches dot1x system-auth-control monitor Use this command to enable the 802.1X monitor mode on the switch. The purpose of Monitor mode is to help troubleshoot port-based authentication configuration issues without disrupting network access for hosts connected to the switch. In Monitor mode, a host is granted network access to an 802.1X-enabled port even if it fails the authentication process.
Page 89: Show Authentication Methods
M4100 Series ProSAFE Managed Switches show authentication methods This command displays information about the authentication methods. Format show authentication methods Mode Privileged EXEC Command example: Login Authentication Method Lists ________________________________ Console_Default: None Network_Default:Local Enable Authentication Lists _____________________ Console_Default: Enable None...
Page 90 M4100 Series ProSAFE Managed Switches Term Definition Dynamic VLAN Indicates whether the switch can dynamically create a RADIUS-assigned VLAN if it does Creation Mode not currently exist on the switch. Monitor Mode Indicates whether the Dot1x Monitor mode on the switch is enabled or disabled.
Page 91 M4100 Series ProSAFE Managed Switches Term Definition Transmit Period The timer used by the authenticator state machine on the specified port to determine when to send an EAPOL EAP Request/Identity frame to the supplicant. The value is expressed in seconds and will be in the range of 1 and 65535.
Page 92 M4100 Series ProSAFE Managed Switches The show dot1x detail <slot/port> command displays the following MAC-based dot1x fields if the port-control mode for that specific port is MAC-based. For each client authenticated on the port, the show dot1x detail <slot/port> command displays the following MAC-based dot1x parameters if the port-control mode for that specific port is MAC-based.
Page 93: Show Dot1X Clients
M4100 Series ProSAFE Managed Switches Term Definition EAP Response The number of valid EAP response frames (other than resp/id frames) that have been Frames received by this authenticator. Received EAP Request/Id The number of EAP request/identity frames that have been transmitted by this Frames authenticator.
Page 94: 802.1X Supplicant Commands
M4100 Series ProSAFE Managed Switches Term Definition VLAN Assigned The reason the VLAN identified in the VLAN ID field has been assigned to the port. Possible values are RADIUS, Unauthenticated VLAN, or Default. When the VLAN Assigned reason is Default, it means that the VLAN was assigned to the port because the PVID of the port was that VLAN ID.
Page 95: Dot1X Supplicant Max-Start
M4100 Series ProSAFE Managed Switches Format dot1x supplicant port-control {auto | force-authorized | force_unauthorized} Mode Interface Config Parameter Description The port is in the Unauthorized state until it presents its user name and auto password credentials to an authenticator. If the authenticator authorizes the port, then it is placed in the Authorized state.
Page 96: Dot1X Supplicant Timeout Start-Period
M4100 Series ProSAFE Managed Switches dot1x supplicant timeout start-period Use this command to configure the start period timer interval in seconds to wait for the EAP identity request from the authenticator. Default 30 seconds Format dot1x supplicant timeout start-period <1-65535>...
Page 97: Storm-Control Commands
M4100 Series ProSAFE Managed Switches no dot1x supplicant timeout auth-period Use this command to set the auth-period value to the default value. Format no dot1x supplicant timeout auth-period Mode Interface Config dot1x supplicant user Use this command to map the user to the port.
Page 98: Storm-Control Broadcast (Interface Config)
M4100 Series ProSAFE Managed Switches storm-control broadcast (Interface Config) Use this command to enable broadcast storm recovery mode for a specific interface. If the mode is enabled, broadcast storm recovery is active and, if the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold, the traffic is dropped.
Page 99: Storm-Control Broadcast Rate (Interface Config)
M4100 Series ProSAFE Managed Switches storm-control broadcast rate (Interface Config) Use this command to configure the broadcast storm recovery threshold for an interface in packets per second. If the mode is enabled, broadcast storm recovery is active, and if the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold, the traffic is dropped.
Page 100: Storm-Control Broadcast Rate (Global Config)
M4100 Series ProSAFE Managed Switches the rate of broadcast traffic will be limited to the configured threshold. This command also enables broadcast storm recovery mode for all interfaces. If the ‘shutdown’ option is selected, and the broadcast traffic increases beyond the threshold, the interface shuts down instead of dropping packets.
Page 101: Storm-Control Multicast (Interface Config)
M4100 Series ProSAFE Managed Switches storm-control multicast (Interface Config) This command enables multicast storm recovery mode for an interface. If the mode is enabled, multicast storm recovery is active, and if the rate of L2 multicast traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped. Therefore, the rate of multicast traffic will be limited to the configured threshold.
Page 102: Storm-Control Multicast (Global Config)
M4100 Series ProSAFE Managed Switches Default Format storm-control multicast rate <0-14880000> Mode Interface Config no storm-control multicast rate This command sets the multicast storm recovery threshold to the default value for an interface and disables multicast storm recovery. Format no storm-control multicast rate...
Page 103: Storm-Control Multicast Rate (Global Config)
M4100 Series ProSAFE Managed Switches no storm-control multicast level This command sets the multicast storm recovery threshold to the default value for all interfaces and disables multicast storm recovery. Format no storm-control multicast level Mode Global Config storm-control multicast rate (Global Config) Use this command to configure the multicast storm recovery threshold for all interfaces in packets per second.
Page 104: Storm-Control Unicast Level (Interface Config)
M4100 Series ProSAFE Managed Switches no storm-control unicast This command disables unicast storm recovery mode for an interface. Format no storm-control unicast Mode Interface Config storm-control unicast level (Interface Config) This command configures the unicast storm recovery threshold for an interface as a percentage of link speed, and enables unicast storm recovery.
Page 105: Storm-Control Unicast (Global Config)
M4100 Series ProSAFE Managed Switches no storm-control unicast rate This command sets the unicast storm recovery threshold to the default value for an interface and disables unicast storm recovery. Format no storm-control unicast rate Mode Interface Config storm-control unicast (Global Config) This command enables unicast storm recovery mode for all interfaces.
Page 106: Storm-Control Unicast Rate (Global Config)
M4100 Series ProSAFE Managed Switches no storm-control unicast level This command sets the unicast storm recovery threshold to the default value and disables unicast storm recovery for all interfaces. Format no storm-control unicast level Mode Global Config storm-control unicast rate (Global Config) Use this command to configure the unicast storm recovery threshold for all interfaces in packets per second.
Page 107: Flow Control Commands
M4100 Series ProSAFE Managed Switches Use the all keyword to display the per-port configuration parameters for all interfaces, or specify the slot/port to display information about a specific interface. Format show storm-control [all | <slot/port>] Mode Privileged EXEC Term Definition Bcast Mode Shows whether the broadcast storm control mode is enabled or disabled.
Page 108: Show Flowcontrol
M4100 Series ProSAFE Managed Switches no flowcontrol Format no flowcontrol Mode • Global Config • Interface Config show flowcontrol Use this command to display the IEEE 802.3 Annex 31B flow control settings and status for a specific interface or all interfaces. It also displays 802.3 Tx and Rx pause counts. Priority Flow Control frames counts are not displayed.
Page 109: Port-Channel/Lag (802.3Ad) Commands
M4100 Series ProSAFE Managed Switches Port-Channel/LAG (802.3ad) Commands This section describes the commands you use to configure port-channels, which are also known as link aggregation groups (LAGs). Link aggregation allows you to combine multiple full-duplex Ethernet links into a single logical link. Network devices treat the aggregation as if it were a single link, which increases fault tolerance and provides load sharing.
Page 110: Deleteport (Global Config)
M4100 Series ProSAFE Managed Switches deleteport (Global Config) This command deletes all configured ports from the port-channel (LAG). The interface is a logical slot/port number of a configured port-channel. To clear the port channels, see clear port-channel on page 368 Format deleteport <logical slot/port>...
Page 111: Lacp Actor Admin Key
M4100 Series ProSAFE Managed Switches no lacp collector max delay Use this command to configure the default port-channel collector max delay. Format no lacp collector max-delay Mode Interface Config lacp actor admin key Use this command to configure the administrative value of the LACP actor admin key. The valid range for <key>...
Page 112: Lacp Actor Admin State Longtimeout
M4100 Series ProSAFE Managed Switches lacp actor admin state longtimeout Use this command to set LACP actor admin state to longtimeout. Format lacp actor admin state longtimeout Mode Interface Config Note: This command is only applicable to physical interfaces. no lacp actor admin state longtimeout Use this command to set the LACP actor admin state to short timeout.
Page 113: Lacp Actor Port Priority
M4100 Series ProSAFE Managed Switches lacp actor port priority Use this command to configure the priority value assigned to the Aggregation Port. The valid range for <priority> is 0–255. Default 0x80 Format lacp actor port priority <priority> Mode Interface Config Note: This command is only applicable to physical interfaces.
Page 114: Lacp Partner Admin Key
M4100 Series ProSAFE Managed Switches lacp partner admin key Use this command to configure the administrative value of the key for the protocol partner. The valid range for <key> is 0–65535. Default Format lacp partner admin key <key> Mode Interface Config Note: This command is only applicable to physical interfaces.
Page 115: Lacp Partner Admin State Longtimeout
M4100 Series ProSAFE Managed Switches lacp partner admin state longtimeout Use this command to set LACP partner admin state to longtimeout. Format lacp partner admin state longtimeout Mode Interface Config Note: This command is only applicable to physical interfaces. no lacp partner admin state longtimeout Use this command to set the LACP partner admin state to short timeout.
Page 116: Lacp Partner Port Id
M4100 Series ProSAFE Managed Switches lacp partner port id Use this command to configure the LACP partner port id. The valid range for <port-id> is 0–65535. Default 0x80 Format lacp partner portid <port-id> Mode Interface Config Note: This command is only applicable to physical interfaces.
Page 117: Lacp Partner System Id
M4100 Series ProSAFE Managed Switches lacp partner system id Use this command to configure the 6-octet MAC Address value representing the administrative value of the Aggregation Port’s protocol Partner’s System ID. The valid range of <system-id> is 00:00:00:00:00:00 - FF:FF:FF:FF:FF.
Page 118: Port-Channel Local-Preference
M4100 Series ProSAFE Managed Switches port-channel local-preference This command enables the local-preference mode on a port-channel (LAG) interface or range of interfaces. By default, the local-preference mode for a port-channel is disabled. This command can be used only on port-channel interfaces.
Page 119: Port Lacpmode Enable All
M4100 Series ProSAFE Managed Switches no port lacpmode This command disables Link Aggregation Control Protocol (LACP) on a port. Format no port lacpmode Mode Interface Config port lacpmode enable all This command enables Link Aggregation Control Protocol (LACP) on all ports.
Page 120: Port Lacptimeout (Global Config)
M4100 Series ProSAFE Managed Switches port lacptimeout (Global Config) This command sets the timeout for all interfaces of a particular device type (actor or partner) to either long or short time-out. Default long Format port lacptimeout {actor | partner} {long | short}...
Page 121: Port-Channel Load-Balance
M4100 Series ProSAFE Managed Switches Default enabled Format port-channel linktrap {<slot/port> | lag <lag-group-id> | all} Mode Global Config no port-channel linktrap This command disables link trap notifications for the port-channel (LAG). The interface is a logical slot and port for a configured port-channel. The option all disables link trap notifications for all the configured port-channels.
Page 122: Port-Channel Name
M4100 Series ProSAFE Managed Switches Parameter Definition Source MAC, VLAN, EtherType, and incoming port associated with the packet Destination MAC, VLAN, EtherType, and incoming port associated with the packet Source/Destination MAC, VLAN, EtherType, and incoming port associated with the packet...
Page 123: Show Lacp Actor
M4100 Series ProSAFE Managed Switches no port-channel system priority Use this command to configure the default port-channel system priority value. Format no port-channel system priority Mode Global Config show lacp actor Use this command to display LACP actor attributes. The interface is a logical <slot/port> for a configured port-channel. The option all displays the configuration for all the configured port-channels.
Page 124: Show Port-Channel Brief
M4100 Series ProSAFE Managed Switches The following output parameters are displayed. Term Description System Priority The administrative value of priority associated with the Partner’s System ID. System ID The value representing the administrative value of the Aggregation Port’s protocol Partner’s System ID.
Page 125: Port Mirroring Commands
M4100 Series ProSAFE Managed Switches Term Definition Logical Interface Valid slot and port number separated by forward slashes. Port-Channel The name of this port-channel (LAG). You may enter any string of up to 15 alphanumeric Name characters. Link State Indicates whether the Link is up or down.
Page 126 M4100 Series ProSAFE Managed Switches A VLAN can be configured as the source to a session (all member ports of that VLAN are monitored). Remote port mirroring is configured by adding the RSPAN VLAN ID. At the source switch, the destination is configured as the RSPAN VLAN and at the destination switch, the source is configured as the RSPAN VLAN.
Page 127: Show Monitor Session
Note: Because the current version of NETGEAR Managed Switch SMB software only supports one session, if you do not supply optional parameters, the behavior of this command is similar to the behavior of the no monitor command.
Page 128: Show Vlan Remote-Span
M4100 Series ProSAFE Managed Switches Format show monitor session <session-id> Mode Privileged EXEC Term Definition Session ID An integer value used to identify the session. Its value can be anything between 1 and the maximum number of mirroring sessions allowed on the platform.
Page 129: Static Mac Filtering Commands
M4100 Series ProSAFE Managed Switches Static MAC Filtering Commands The commands in this section describe how to configure static MAC filtering. Static MAC filtering allows you to configure destination ports for a static multicast MAC filter irrespective of the platform.
Page 130: Macfilter Adddest
M4100 Series ProSAFE Managed Switches macfilter adddest Use this command to add the interface to the destination filter set for the MAC filter with the <macaddr> and VLAN of <vlanid>. The <macaddr> parameter must be specified as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6. The <vlanid> parameter must identify a valid VLAN.
Page 131: Macfilter Addsrc
M4100 Series ProSAFE Managed Switches Format no macfilter adddest all <macaddr> <vlanid> Mode Global Config macfilter addsrc This command adds the interface to the source filter set for the MAC filter with the MAC address of <macaddr> and VLAN of <vlanid>. The <macaddr> parameter must be specified as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6.
Page 132: Show Mac-Address-Table Static
M4100 Series ProSAFE Managed Switches show mac-address-table static This command displays the static MAC filtering information for all static MAC filters. If you select all, all the static MAC filters in the system are displayed. If you supply a value for <macaddr>, you must also enter a value for <vlanid>, and the system displays static...
Page 133: Dhcp L2 Relay Agent Commands
M4100 Series ProSAFE Managed Switches DHCP L2 Relay Agent Commands You can enable the switch to operate as a DHCP Layer 2 relay agent to relay DHCP requests from clients to a Layer 3 relay agent or server. The Circuit ID and Remote ID can be added to DHCP requests relayed from clients to a DHCP server.
Page 134: Dhcp L2Relay Remote-Id Vlan
M4100 Series ProSAFE Managed Switches dhcp l2relay remote-id vlan Use this parameter to set the DHCP Option-82 Remote ID for a VLAN and subscribed service (based on subscription-name). The vlan–list range is 1–4093. Separate non-consecutive IDs with a comma (,), and do not insert spaces or zeros between the range. Use a dash (–) for the range.
Page 135: Show Dhcp L2Relay All
Use this command to display DHCP L2 relay configuration specific to interfaces. Format show dhcp l2relay interface {all | <slot/port>} Mode Privileged EXEC Command example: (NETGEAR Switch) #show dhcp l2relay interface all DHCP L2 Relay is Enabled. Interface L2RelayMode TrustMode ----------...
Page 136 Use this command to display statistics specific to DHCP L2 Relay configured interface. Format show dhcp l2relay stats interface {all | <slot/port>} Mode Privileged EXEC Command example: (NETGEAR Switch) #show dhcp l2relay stats interface all DHCP L2 Relay is Enabled. Interface UntrustedServer UntrustedClient TrustedServer...
Page 137: Dhcp Client Commands
M4100 Series ProSAFE Managed Switches DHCP Client Commands DHCP Client can include vendor and configuration information in DHCP client requests relayed to a DHCP server. This information is included in DHCP Option 60, Vendor Class Identifier. The information is a string of 128 octets.
Page 138: Dhcp Snooping Configuration Commands
M4100 Series ProSAFE Managed Switches show dhcp client vendor-id-option Use this command to display the configured administration mode of the vendor-id-option and the vendor-id string to be included in Option-43 in DHCP requests. Format show dhcp client vendor-id-option Mode Privileged EXEC...
Page 139: Ip Dhcp Snooping Verify Mac-Address
M4100 Series ProSAFE Managed Switches no ip dhcp snooping vlan Use this command to disable DHCP Snooping on VLANs. Format no ip dhcp snooping vlan <vlan-list> Mode Global Config ip dhcp snooping verify mac-address Use this command to enable verification of the source MAC address with the client hardware address in the received DCHP message.
Page 140: Ip Dhcp Snooping Binding
M4100 Series ProSAFE Managed Switches no ip dhcp snooping database write-delay Use this command to set the write delay value to the default value. Format no ip dhcp snooping database write-delay Mode Global Config ip dhcp snooping binding Use this command to configure static DHCP Snooping binding.
Page 141: Ip Dhcp Snooping Limit
M4100 Series ProSAFE Managed Switches ip dhcp snooping limit Use this command to control the rate at which the DHCP Snooping messages come. The default rate is 15 pps with a range from 0 to 30 pps. The default burst level is 1 second with a range of 1–15 seconds.
Page 142: Ip Verify Source
M4100 Series ProSAFE Managed Switches no ip dhcp snooping trust Use this command to configure the port as untrusted. Format no ip dhcp snooping trust Mode Interface Config ip verify source Use this command to configure the IPSG source ID attribute to filter the data traffic in the hardware.
Page 143: Show Ip Dhcp Snooping Binding
M4100 Series ProSAFE Managed Switches Command example: (NETGEAR Switch) #show ip dhcp snooping DHCP snooping is Disabled DHCP snooping source MAC verification is enabled DHCP snooping is enabled on the following VLANs: 11 - 30, 40 Interface Trusted Log Invalid Pkts...
Page 144: Show Ip Dhcp Snooping Database
M4100 Series ProSAFE Managed Switches Command example: (NETGEAR Switch) #show ip dhcp snooping binding Total number of bindings: 2 MAC Address IP Address VLAN Interface Type Lease (Secs) ------------------ ------------ ---- --------- ---- ------------- 00:02:B3:06:60:80 210.1.1.3 86400 00:0F:FE:00:13:04 210.1.1.4 86400...
Page 145 Represents the number of DHCP release and Deny messages received on the different Mismatch ports than learned previously. DHCP Server Represents the number of DHCP server messages received on Untrusted ports. Msgs Rec’d Command example: (NETGEAR Switch) #show ip dhcp snooping statistics Interface MAC Verify Client Ifc DHCP Server Failures Mismatch...
Page 146: Clear Ip Dhcp Snooping Binding
M4100 Series ProSAFE Managed Switches clear ip dhcp snooping binding Use this command to clear all DHCP Snooping bindings on all interfaces or on a specific interface. Format clear ip dhcp snooping binding [interface <slot/port>] Mode • Privileged EXEC •...
Page 147: Dynamic Arp Inspection Commands
M4100 Series ProSAFE Managed Switches show ip source binding This command displays the IPSG bindings. Format show ip source binding [static | dynamic] [interface <slot/port>] [<vlan id>] Mode • Privileged EXEC • User EXEC Term Definition MAC Address The MAC address for the entry that is added.
Page 148: Ip Arp Inspection Vlan
M4100 Series ProSAFE Managed Switches ip arp inspection vlan Use this command to enable Dynamic ARP Inspection on a list of comma-separated VLAN ranges. Default disabled Format ip arp inspection vlan <vlan-list> Mode Global Config no ip arp inspection vlan Use this command to disable Dynamic ARP Inspection on a list of comma-separated VLAN ranges.
Page 149: Ip Arp Inspection Trust
M4100 Series ProSAFE Managed Switches no ip arp inspection vlan logging Use this command to disable logging of invalid ARP packets on a list of comma-separated VLAN ranges. Format no ip arp inspection vlan <vlan-list> logging Mode Global Config ip arp inspection trust Use this command to configure an interface as trusted for Dynamic ARP Inspection.
Page 150: Ip Arp Inspection Filter
M4100 Series ProSAFE Managed Switches no ip arp inspection limit Use this command to set the rate limit and burst interval values for an interface to the default values of 15 pps and 1 second, respectively. Format no ip arp inspection limit...
Page 151: Permit Ip Host Mac Host
M4100 Series ProSAFE Managed Switches permit ip host mac host Use this command to configure a rule for a valid IP address and MAC address combination used in ARP packet validation. Format permit ip host <sender-ip> mac host <sender-mac> Mode...
Page 152: Show Ip Arp Inspection Statistics
M4100 Series ProSAFE Managed Switches Command example: (NETGEAR Switch) #show ip arp inspection vlan 10-12 Source Mac Validation : Disabled Destination Mac Validation : Disabled IP Address Validation : Disabled Vlan Configuration Log Invalid ACL Name Static flag ---- -------------...
Page 153: Clear Ip Arp Inspection Statistics
ARP packets on all DAI-enabled VLANs. VLAN Forwarded Dropped ---- --------- ------- Command example: (NETGEAR Switch) #show ip arp inspection statistics vlan <vlan-list> VLAN DHCP DHCP Bad Src Bad Dest Invalid Drops Drops...
Page 154: Igmp Snooping Configuration Commands
Term Definition Rate Limit The configured rate limit value in packets per second. Burst Interval The configured burst interval value in seconds. Command example: (NETGEAR Switch) #show ip arp inspection interfaces Interface Trust State Rate Limit Burst Interval (pps) (seconds)
Page 155: Set Igmp
M4100 Series ProSAFE Managed Switches set igmp This command enables IGMP Snooping on the system (Global Config Mode) or an interface (Interface Config Mode). This command also enables IGMP snooping on a particular VLAN (VLAN Config Mode) and can enable IGMP snooping on all interfaces participating in a VLAN.
Page 156: Set Igmp Fast-Leave
M4100 Series ProSAFE Managed Switches Default disabled Format set igmp interfacemode Mode Global Config no set igmp interfacemode This command disables IGMP Snooping on all interfaces. Format no set igmp interfacemode Mode Global Config set igmp fast-leave This command enables or disables IGMP Snooping fast-leave admin mode on a selected interface or VLAN.
Page 157: Set Igmp Groupmembership-Interval
M4100 Series ProSAFE Managed Switches set igmp groupmembership-interval This command sets the IGMP Group Membership Interval time on a VLAN, one interface, or all interfaces. The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry.
Page 158: Set Igmp Mcrtrexpiretime
M4100 Series ProSAFE Managed Switches no set igmp maxresponse This command sets the max response time (on the interface or VLAN) to the default value. Format no set igmp maxresponse Mode • Global Config • Interface Config Format no set igmp maxresponse <vlan id>...
Page 159: Set Igmp Mrouter
M4100 Series ProSAFE Managed Switches set igmp mrouter This command configures the VLAN ID (<vlan id>) for which the multicast router mode enabled. Format set igmp mrouter <vlan id> Mode Interface Config no set igmp mrouter This command disables multicast router mode for a particular VLAN ID (<vlan id>).
Page 160: Set Igmp Header-Validation
M4100 Series ProSAFE Managed Switches no set igmp report-suppression Use this command to restore the system default. Format no set igmp report-suppression Mode VLAN Config set igmp header-validation If IGMP IP header validation is enabled, then 3 fields TTL (Time To Live), ToS (Type of Service), and Router Alert options are checked.
Page 161: Mac Address-Table Multicast Forward-Unregistered Vlan
M4100 Series ProSAFE Managed Switches mac address-table multicast forward-unregistered vlan Use this command to enable forwarding unregistered multicast address (in other words, unknown multicast traffic) on a VLAN. Format mac address-table multicast forward-unregistered vlan <1-4093> Mode Global Config mac address-table multicast forward-all vlan Use this command to enable forwarding of all multicast packets on a VLAN.
Page 162: Show Igmpsnooping Mrouter Interface
M4100 Series ProSAFE Managed Switches If you specify the <slot/port> values, the command displays the information that is described in the following table. Term Definition IGMP Snooping Indicates whether IGMP Snooping is active on the interface. Admin Mode Fast Leave Indicates whether IGMP Snooping Fast-leave is active on the interface.
Page 163: Show Igmpsnooping Mrouter Vlan
Use this command to display the multicast filtering details for a VLAN. Format show mac address-table multicast filtering <vlan-id> Mode Privileged EXEC Field Description A valid VLAN ID <vlan id> mode The filtering mode Command example: (NETGEAR Switch) #show mac address-table multicast filtering 1 VLAN-ID..1 Mode..Forward-Forbidden-Unregistered Switching Commands...
Page 164: Igmp Snooping Querier Commands
M4100 Series ProSAFE Managed Switches IGMP Snooping Querier Commands IGMP Snooping requires that one central switch or router periodically query all end-devices on the network to announce their multicast memberships. This central device is the “IGMP Querier”. The IGMP query responses, known as IGMP reports, keep the switch updated with the current multicast group membership on a port-by-port basis.
Page 165: Set Igmp Querier Query-Interval
M4100 Series ProSAFE Managed Switches set igmp querier query-interval Use this command to set the IGMP Querier Query Interval time. It is the amount of time in seconds that the switch waits before sending another general query. Default disabled Format set igmp querier query-interval <1-18000>...
Page 166: Set Igmp Querier Election Participate
M4100 Series ProSAFE Managed Switches no set igmp querier version Use this command to set the IGMP Querier version to its default value. Format no set igmp querier version Mode Global Config set igmp querier election participate Use this command to enable the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN.
Page 167 M4100 Series ProSAFE Managed Switches Term Description Querier Address The IP Address which will be used in the IPv4 header while sending out IGMP queries. It can be configured using the appropriate command. Query Interval The amount of time in seconds that a Snooping Querier waits before sending out the periodic general query.
Page 168: Mld Snooping Commands
M4100 Series ProSAFE Managed Switches MLD Snooping Commands This section describes commands used for MLD Snooping. In IPv4, Layer 2 switches can use IGMP Snooping to limit the flooding of multicast traffic by dynamically configuring Layer 2 interfaces so that multicast traffic is forwarded only to those interfaces associated with IP multicast addresses.
Page 169: Set Mld Interfacemode
M4100 Series ProSAFE Managed Switches set mld interfacemode Use this command to enable MLD Snooping on all interfaces. If an interface has MLD Snooping enabled and you enable this interface for routing or enlist it as a member of a port-channel (LAG), MLD Snooping functionality is disabled on that interface.
Page 170: Set Mld Groupmembership-Interval
M4100 Series ProSAFE Managed Switches no set mld fast-leave Use this command to disable MLD Snooping fast-leave admin mode on a selected interface. Format no set mld fast-leave <vlan-id> Mode • Interface Config • VLAN Mode set mld groupmembership-interval Use this command to set the MLD Group Membership Interval time on a VLAN, one interface or all interfaces.
Page 171: Set Mld Mcrtexpiretime
M4100 Series ProSAFE Managed Switches no set mld maxresponse Use this command to set the max response time (on the interface or VLAN) to the default value. Format no set mld maxresponse Mode • Global Config • Interface Config •...
Page 172: Set Mld Mrouter Interface
M4100 Series ProSAFE Managed Switches no set mld mrouter Use this command to disable multicast router attached mode for a VLAN with a particular VLAN ID. Format no set mld mrouter <vlan-id> Mode Interface Config set mld mrouter interface Use this command to configure the interface as a multicast router-attached interface. When configured as a multicast router interface, the interface is treated as a multicast router-attached interface in all VLANs.
Page 173: Show Mldsnooping Mrouter Interface
M4100 Series ProSAFE Managed Switches Term Definition MLD Control Displays the number of MLD Control frames that are processed by the CPU. Frame Count VLANs Enabled VLANs on which MLD Snooping is enabled. for MLD Snooping When you specify the <slot/port> values, the command output displays the information that is shown in the following table.
Page 174: Show Mldsnooping Mrouter Vlan
M4100 Series ProSAFE Managed Switches Term Definition Interface Shows the interface on which multicast router information is being displayed. Multicast Router Indicates whether multicast router is statically enabled on the interface. Attached VLAN ID Displays the list of VLANs of which the interface is a member.
Page 175: Mld Snooping Querier Commands
M4100 Series ProSAFE Managed Switches MLD Snooping Querier Commands In an IPv6 environment, MLD Snooping requires that one central switch or router periodically query all end-devices on the network to announce their multicast memberships. This central device is the MLD Querier. The MLD query responses, known as MLD reports, keep the switch updated with the current multicast group membership on a port-by-port basis.
Page 176: Set Mld Querier Query_Interval
M4100 Series ProSAFE Managed Switches set mld querier query_interval Use this command to set the MLD Querier Query Interval time. This is the amount of time in seconds that the switch waits before sending another general query. Default disabled Format set mld querier query_interval <1-18000>...
Page 177: Show Mldsnooping Querier
M4100 Series ProSAFE Managed Switches no set mld querier election participate Use this command to set the snooping querier not to participate in querier election, but go into a non-querier mode as soon as it discovers the presence of another querier in the same VLAN.
Page 178: Port Security Commands
M4100 Series ProSAFE Managed Switches Term Description Querier Election Indicates whether the MLD Snooping Querier participates in querier election if it Participate discovers the presence of a querier in the VLAN. Querier VLAN The IP address will be used in the IPv6 header while sending out MLD queries on this Address VLAN.
Page 179: Port-Security Max-Dynamic
M4100 Series ProSAFE Managed Switches no port-security This command disables port locking for one (Interface Config) or all (Global Config) ports. Format no port-security Mode • Global Config • Interface Config port-security max-dynamic This command sets the maximum number of dynamically locked MAC addresses allowed on a specific port.
Page 180: Port-Security Mac-Address
M4100 Series ProSAFE Managed Switches port-security mac-address This command adds a MAC address to the list of statically locked MAC addresses. The <vid> is the VLAN ID. Format port-security mac-address <mac-address> <vid> Mode Interface Config no port-security mac-address This command removes a MAC address from the list of statically locked MAC addresses.
Page 181: Show Port-Security
M4100 Series ProSAFE Managed Switches no port-security mac-address sticky The no form removes the sticky mode. The sticky MAC address can be deleted by using the command no port-security mac-address <mac-address> <vid>. Format no port-security mac-address sticky [<mac-address> <vid>] Modes •...
Page 182: Lldp (802.1Ab) Commands
M4100 Series ProSAFE Managed Switches show port-security static This command displays the statically locked MAC addresses for port. Format show port-security static [lag <lag-intf-num> | <slot/port>] Mode Privileged EXEC Term Definition MAC Address MAC Address of statically locked MAC. show port-security violation This command displays the source MAC address of the last packet discarded on a locked port.
Page 183: Lldp Receive
M4100 Series ProSAFE Managed Switches lldp receive Use this command to enable the LLDP receive capability. Default enabled Format lldp receive Mode Interface Config no lldp receive Use this command to return the reception of LLDPDUs to the default value.
Page 184: Lldp Transmit-Mgmt
M4100 Series ProSAFE Managed Switches Use port-desc to transmit the port description TLV. To configure the port description, see description on page 20 Default all optional TLVs are included Format lldp transmit-tlv [sys-desc] [sys-name] [sys-cap] [port-desc] Mode Interface Config no lldp transmit-tlv Use this command to remove an optional TLV from the LLDPDUs.
Page 185: Lldp Notification-Interval
M4100 Series ProSAFE Managed Switches no lldp notification Use this command to disable notifications. Default disabled Format no lldp notification Mode Interface Config lldp notification-interval Use this command to configure how frequently the system sends remote data change notifications. The <interval> parameter is the number of seconds to wait between sending notifications.
Page 186: Show Lldp
M4100 Series ProSAFE Managed Switches show lldp Use this command to display a summary of the current LLDP configuration. Format show lldp Mode Privileged Exec Term Definition Transmit Interval How frequently the system transmits local data LLDPDUs, in seconds. Transmit Hold The multiplier on the transmit interval that sets the TTL in local data LLDPDUs.
Page 187: Show Lldp Statistics
M4100 Series ProSAFE Managed Switches show lldp statistics Use this command to display the current LLDP traffic and remote table statistics for a specific interface or for all interfaces. Format show lldp statistics {<slot/port> | all} Mode Privileged Exec Term...
Page 188 M4100 Series ProSAFE Managed Switches show lldp remote-device Use this command to display summary information about remote devices that transmit current LLDP data to the system. You can show information about LLDP remote data received on all ports or on a specific port.
Page 189: Show Lldp Remote-Device Detail
Time To Live The amount of time (in seconds) the remote device's information received in the LLDPDU should be treated as valid information. Command example: (NETGEAR Switch) #show lldp remote-device detail 0/7 LLDP Remote Device Detail Local Interface: 0/7 Remote Identifier: 2...
Page 190: Show Lldp Local-Device
M4100 Series ProSAFE Managed Switches Chassis ID: 00:FC:E3:90:01:0F Port ID Subtype: MAC Address Port ID: 00:FC:E3:90:01:11 System Name: System Description: Port Description: System Capabilities Supported: System Capabilities Enabled: Time to Live: 24 seconds show lldp local-device Use this command to display summary information about the advertised LLDP local data.
Page 191: Lldp-Med Commands
M4100 Series ProSAFE Managed Switches Term Definition System Describes the local system by identifying the system name and versions of hardware, Description operating system, and networking software supported in the device. Port Description Describes the port in an alpha-numeric format.
Page 192: Lldp Med Confignotification
M4100 Series ProSAFE Managed Switches lldp med confignotification Use this command to configure all the ports to send the topology change notification. Default enabled Format lldp med confignotification Mode Interface Config no ldp med confignotification Use this command to disable notifications.
Page 193: Lldp Med All
M4100 Series ProSAFE Managed Switches no lldp med transmit-tlv Use this command to remove a TLV. Format no lldp med transmit-tlv [capabilities] [network-policy] [ex-pse] [ex-pd] [location] [inventory] Mode Interface Config lldp med all Use this command to configure LLDP-MED on all the ports.
Page 194: Lldp Med Transmit-Tlv All
M4100 Series ProSAFE Managed Switches no lldp med faststartrepeatcount Use this command to return to the factory default value. Format no lldp med faststartrepeatcount Mode Global Config lldp med transmit-tlv all Use this command to specify which optional Type Length Values (TLVs) in the LLDP MED set will be transmitted in the Link Layer Discovery Protocol Data Units (LLDPDUs).
Page 195: Show Lldp Med Interface
Shows whether the interface sends optional TLVs in the LLDPDUs. The TLV codes can be 0 (Capabilities), 1 (Network Policy), 2 (Location), 3 (Extended PSE), 4 (Extended Pd), or 5 (Inventory). Command example: (NETGEAR Switch) #show lldp med interface all Interface Link configMED operMED...
Page 196: Show Lldp Med Local-Device Detail
Disabled Disabled TLV Codes: 0- Capabilities, 1- Network Policy 2- Location, 3- Extended PSE 4- Extended Pd, 5- Inventory Command example: (NETGEAR Switch) #show lldp med interface 0/2 Interface Link configMED operMED ConfigNotify TLVsTx --------- ------ --------- -------- ------------ -----------...
Page 197 Mfg Name Shows the manufacture name. Model Name Shows the model name. Command example: (NETGEAR Switch) #show lldp med local-device detail 0/8 LLDP MED Local Device Detail Interface: 0/8 Network Policies Media Policy Application Type : voice Vlan ID: 10...
Page 198: Show Lldp Med Remote-Device
Telephone etc]). The fourth device is Network Connectivity Device, which is typically a LAN Switch/Router, IEEE 802.1 Bridge, IEEE 802.11 Wireless Access Point etc. Command example: (NETGEAR Switch) #show lldp med remote-device all LLDP MED Remote Device Summary Local Interface...
Page 199: Show Lldp Med Remote-Device Detail
M4100 Series ProSAFE Managed Switches Not Defined 0/10 Class II 0/11 Class III 0/12 Network Con show lldp med remote-device detail Use this command to display detailed information about remote devices that transmit current LLDP MED data to an interface on the system.
Page 200 Source Shows the remote port’s PD power source. Priority Shows the remote port’s PD power priority. Command example: (NETGEAR Switch) #show lldp med remote-device detail 0/8 LLDP MED Remote Device Detail Local Interface: 0/8 Remote Identifier: 18 Capabilities MED Capabilities Supported: capabilities, networkpolicy, location, extendedpse...
Page 201: Denial Of Service Commands
M4100 Series ProSAFE Managed Switches Inventory Hardware Rev: xxx xxx xxx Firmware Rev: xxx xxx xxx Software Rev: xxx xxx xxx Serial Num: xxx xxx xxx Mfg Name: xxx xxx xxx Model Name: xxx xxx xxx Asset ID: xxx xxx xxx...
Page 202: Dos-Control All
M4100 Series ProSAFE Managed Switches • UDP Port: Source UDP Port = Destination UDP Port. • TCP Flag & Sequence: TCP Flag SYN set and Source Port < 1024 or TCP Control Flags = 0 and TCP Sequence Number = 0 or TCP Flags FIN, URG, and PSH set and TCP Sequence Number = 0 or TCP Flags SYN and FIN set.
Page 203: Dos-Control Firstfrag
M4100 Series ProSAFE Managed Switches no dos-control sipdip This command disables Source IP address = Destination IP address (SIP=DIP) Denial of Service prevention. Format no dos-control sipdip Mode Global Config dos-control firstfrag This command enables Minimum TCP Header Size Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack.
Page 204: Dos-Control Tcpflag
M4100 Series ProSAFE Managed Switches dos-control tcpflag This command enables TCP Flag Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attacks. If packets ingress having TCP Flag SYN set and a source port less than 1024 or having TCP Control Flags set to 0 and TCP...
Page 205: Dos-Control Icmp
M4100 Series ProSAFE Managed Switches no dos-control l4port This command disables L4 Port Denial of Service protections. Format no dos-control l4port Mode Global Config dos-control icmp This command enables Maximum ICMP Packet Size Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attack. If ICMP Echo Request (PING) packets ingress having a size greater than the configured value, the packets will be dropped if the mode is enabled.
Page 206: Dos-Control Tcpport
M4100 Series ProSAFE Managed Switches dos-control tcpport This command enables TCP L4 source = destination port number (Source TCP Port = Destination TCP Port) Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress with Source TCP Port = Destination TCP Port, the packets will be dropped if the mode is enabled.
Page 207: Dos-Control Tcpoffset
M4100 Series ProSAFE Managed Switches TCP Sequence Number set to 0 or having TCP Flags SYN and FIN both set, the packets will be dropped if the mode is enabled. Default disabled Format dos-control tcpflagseq Mode Global Config no dos-control tcpflagseq This command sets disables TCP Flag and Sequence Denial of Service protection.
Page 208: Dos-Control Tcpsynfin
M4100 Series ProSAFE Managed Switches no dos-control tcpsyn This command sets disables TCP SYN and L4 source = 0-1023 Denial of Service protection. Format no dos-control tcpsyn Mode Global Config dos-control tcpsynfin This command enables TCP SYN and FIN Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack.
Page 209: Dos-Control Icmpv
M4100 Series ProSAFE Managed Switches dos-control icmpv4 This command enables Maximum ICMPv4 Packet Size Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attack. If ICMPv4 Echo Request (PING) packets ingress having a size greater than the configured value, the packets will be dropped if the mode is enabled.
Page 210: Show Dos-Control
M4100 Series ProSAFE Managed Switches Default disabled Format dos-control icmpfrag Mode Global Config no dos-control icmpfrag This command disabled ICMP Fragment Denial of Service protection. Format no dos-control icmpfrag Mode Global Config show dos-control This command displays Denial of Service configuration information.
Page 211: Mac Database Commands
M4100 Series ProSAFE Managed Switches Term Definition SMACDMAC May be enabled or disabled. The factory default is disabled. Mode TCP Flag Mode May be enabled or disabled. The factory default is disabled. TCP FIN&URG& May be enabled or disabled. The factory default is disabled.
Page 212: Show Forwardingdb Agetime
M4100 Series ProSAFE Managed Switches show forwardingdb agetime This command displays the timeout for address aging. Default 300s Format show forwardingdb agetime Mode Privileged EXEC Term Definition Address Aging This parameter displays the address aging timeout for the associated forwarding Timeout database.
Page 213: Isdp Commands
M4100 Series ProSAFE Managed Switches Term Definition Max MFDB The total number of entries that can possibly be in the Multicast Forwarding Database Table Entries table. Most MFDB The largest number of entries that have been present in the Multicast Forwarding Entries Since Database table.
Page 214: Isdp Timer
M4100 Series ProSAFE Managed Switches isdp timer This command sets the period of time between sending new ISDP packets. You must enter the range in seconds. Default 30 seconds Format isdp timer <5-254> Mode Global Config isdp advertise-v2 This command enables the sending of ISDP version 2 packets from the device.
Page 215: Clear Isdp Counters
M4100 Series ProSAFE Managed Switches clear isdp counters This command clears ISDP counters. Format clear isdp counters Mode Privileged EXEC clear isdp table This command clears entries in the ISDP table. Format clear isdp table Mode Privileged EXEC show isdp This command displays global ISDP settings.
Page 216: Show Isdp Interface
M4100 Series ProSAFE Managed Switches show isdp interface This command displays ISDP settings for the specified interface. Format show isdp interface {all | <slot/port>} Mode Privileged EXEC Term Definition Mode ISDP mode enabled/disabled status for the interface(s). show isdp entry This command displays ISDP entries.
Page 217: Show Isdp Traffic
M4100 Series ProSAFE Managed Switches Term Definition Device ID The device ID associated with the neighbor which advertised the information. IP Addresses The IP addresses associated with the neighbor. Capability ISDP functional capabilities advertised by the neighbor. Platform The hardware platform advertised by the neighbor.
Page 218: Debug Isdp Packet
M4100 Series ProSAFE Managed Switches Term Definition ISDPv1 Packets Received Total number of ISDPv1 packets received ISDPv1 Packets Transmitted Total number of ISDPv1 packets transmitted ISDPv2 Packets Received Total number of ISDPv2 packets received ISDPv2 Packets Transmitted Total number of ISDPv2 packets transmitted...
Page 219: Chapter 3 Multicast Vlan Registration Commands
Multicast VLAN Registration Commands This chapter contains the following sections: • About MVR • MVR Commands...
Page 220: About Mvr
M4100 Series ProSAFE Managed Switches About MVR Internet Group Management Protocol (IGMP) Layer 3 is widely used for IPv4 network multicasting. In Layer 2 networks, IGMP uses resources inefficiently. For example, a Layer 2 switch sends multicast frames to all ports, even if there are receivers connected to only a few ports.
Page 221: Mvr Mode
M4100 Series ProSAFE Managed Switches no mvr group This command removes the MVR membership group. Format no mvr group <A.B.C.D> [count] Mode Global Config mvr mode This command changes the MVR mode type. If the mode is set to compatible, the switch does not learn multicast groups;...
Page 222: Mvr Vlan
M4100 Series ProSAFE Managed Switches mvr vlan This command sets the MVR multicast VLAN. Default Format mvr vlan <1-4094> Mode Global Config no mvr vlan This command sets the MVR multicast VLAN to the default value. Format no mvr vlan...
Page 223: Mvr Type
M4100 Series ProSAFE Managed Switches mvr type This command sets the MVR port type. When a port is set as source, it is the port to which the multicast traffic flows using the multicast VLAN. When a port is set to receiver, it is the port where a listening host is connected to the switch.
Page 224: Show Mvr Members
M4100 Series ProSAFE Managed Switches The following table explains the output parameters. Term Definition MVR Running MVR running state. It can be enabled or disabled. MVR multicast VLAN Current MVR multicast VLAN. It can be in the range from 1 to 4094.
Page 225: Show Mvr Interface
(NETGEAR Switch)#show mvr interface 0/9 Type: RECEIVER Status: ACTIVE Immediate Leave: DISABLED Command example: (NETGEAR Switch)#show mvr interface 0/23 members 235.0.0.1 STATIC ACTIVE Command example: (NETGEAR Switch)#show mvr interface 0/23 members vlan 12 235.0.0.1 STATIC ACTIVE 235.1.1.1 STATIC ACTIVE Multicast VLAN Registration Commands...
Page 226: Show Mvr Traffic
M4100 Series ProSAFE Managed Switches show mvr traffic This command displays global MVR statistics. Format show mvr traffic Mode Privileged EXEC The following table explains the output parameters. Term Definition IGMP Query Received Number of received IGMP queries IGMP Report V1 Received...
Page 227: Chapter 4 Routing Commands
Routing Commands This chapter describes the routing commands. The chapter contains the following sections: • Address Resolution Protocol (ARP) Commands • IP Routing Commands • Virtual LAN Routing Commands • DHCP and BOOTP Relay Commands • IP Helper Commands • ICMP Throttling Commands The commands in this chapter are in three functional groups: •...
Page 228: Address Resolution Protocol (Arp) Commands
M4100 Series ProSAFE Managed Switches Address Resolution Protocol (ARP) Commands This section describes the commands you use to configure ARP and to view ARP information about the switch. ARP associates IP addresses with MAC addresses and stores the information as ARP entries in the ARP cache.
Page 229: Ip Proxy-Arp
M4100 Series ProSAFE Managed Switches ip proxy-arp This command enables proxy ARP on a router interface. Without proxy ARP, a device only responds to an ARP request if the target IP address is an address configured on the interface where the ARP request arrived. With proxy ARP, the device might also respond if the target IP address is reachable.
Page 230: Arp Purge
M4100 Series ProSAFE Managed Switches no arp dynamicrenew This command prevents dynamic ARP entries from renewing when they age out. Format no arp dynamicrenew Mode Privileged EXEC arp purge This command causes the specified IP address to be removed from the ARP cache. Only entries of type dynamic or gateway are affected by this command.
Page 231: Arp Timeout
M4100 Series ProSAFE Managed Switches no arp retries This command configures the default ARP count of maximum request for retries. Format no arp retries Mode Global Config arp timeout This command configures the ARP entry ageout time. The value for <seconds> is a valid positive integer, which represents the IP ARP entry ageout time in seconds.
Page 232: Show Arp
M4100 Series ProSAFE Managed Switches show arp This command displays the Address Resolution Protocol (ARP) cache. The displayed results are not the total ARP entries. To view the total ARP entries, the operator should view the show arp results with the show arp switch results.
Page 233: Show Arp Switch (Address Resolution Protocol Commands)
M4100 Series ProSAFE Managed Switches Term Definition Age Time The time it takes for an ARP entry to age out. This value is configurable. Age time is (seconds) measured in seconds. Response Time The time it takes for an ARP request timeout. This value is configurable. Response time (seconds) is measured in seconds.
Page 234: Ip Routing Commands
M4100 Series ProSAFE Managed Switches IP Routing Commands This section describes the commands you use to enable and configure IP routing on the switch. routing This command enables IPv4 and IPv6 routing for an interface. You can view the current value for this function with the show ip brief command.
Page 235: Ip Address Dhcp
M4100 Series ProSAFE Managed Switches Note: The 31-bit subnet mask is only supported on routing interface. This feature is not supported on a network port because it acts as a host, not a router, on the management interface. Format ip address <ipaddr> {<subnetmask> | /<prefix-length>} [secondary]...
Page 236: Ip Default-Gateway
M4100 Series ProSAFE Managed Switches no ip address dhcp Use this command to release a leased address and disable DHCPv4 on an interface. Format no ip address dhcp Mode Interface Config ip default-gateway Use this command to manually configure a default gateway for the switch. Only one default gateway can be configured.
Page 237: Show Dhcp Lease
M4100 Series ProSAFE Managed Switches show dhcp lease Use this command to display a list of IPv4 addresses currently leased from a DHCP server on a specific in-band interface or all in-band interfaces. This command does not apply to service or network ports.
Page 238: Ip Route Default
M4100 Series ProSAFE Managed Switches Default preference—1 Format ip route <ipaddr> <subnetmask> [<nexthopip> | Null0] [<preference>] Mode Global Config no ip route This command deletes a single next hop to a destination static route. If you use the <nexthopip> parameter, the next hop is deleted. If you use the <preference> value, the preference value of the static route is reset to its default.
Page 239: Ip Netdirbcast
M4100 Series ProSAFE Managed Switches Default Format ip route distance <1-255> Mode Global Config no ip route distance This command sets the default static route preference value in the router. Lower route preference values are preferred when determining the best route.
Page 240: Clear Ip Route All
M4100 Series ProSAFE Managed Switches OSPF advertises the IP MTU in the Database Description packets it sends to its neighbors during database exchange. If two OSPF neighbors advertise different IP MTUs, they will not form an adjacency. (unless OSPF has been instructed to ignore differences in IP MTU with the ip ospf mtu-ignore command.)
Page 241: Clear Ip Route Counters
M4100 Series ProSAFE Managed Switches Protocol Tells which protocol added the specified route. The possibilities are: local, static, OSPF, or RIP. Total Number The total number of routes. of Routes clear ip route counters This command resets to zero the IPv4 routing table counters reported in the output of the show ip route summary command.
Page 242: Show Ip Interface
M4100 Series ProSAFE Managed Switches Command example: (NETGEAR Switch) #show ip brief Default Time to Live......64 Routing Mode........Disabled Maximum Next Hops......4 Maximum Routes......... 6000 ICMP Rate Limit Interval....... 1000 msec ICMP Rate Limit Burst Size..... 100 messages ICMP Echo Replies......
Page 243: Show Ip Interface Brief
M4100 Series ProSAFE Managed Switches Term Definition Link Speed Data An integer representing the physical link data rate of the specified interface. This is Rate measured in Megabits per second (Mbps). MAC Address The burned in physical address of the specified interface. The format is 6 two-digit hexadecimal numbers that are separated by colons.
Page 244: Show Ip Protocols
M4100 Series ProSAFE Managed Switches Term Definition Interface Valid slot and port number separated by forward slashes. State Routing operational state of the interface. IP Address The IP address of the routing interface in 32-bit dotted decimal format. IP Mask The IP mask of the routing interface in 32-bit dotted decimal format.
Page 245: Show Ip Route
M4100 Series ProSAFE Managed Switches Parameter Description Metric Type The metric type to advertise for redistributed routes of this type Subnets Whether OSPF redistributes subnets of classful addresses, or only classful prefixes Dist List A distribute list used to filter routes of this type. Only routes that pass the distribute...
Page 246 M4100 Series ProSAFE Managed Switches Note: If you use the connected keyword for <protocol>, the all option is not available because there are no best or non-best connected routes. Format show ip route [{<ip-address> [<protocol>] | {<ip-address> <mask> [longer-prefixes] [<protocol>] | <protocol>} [all] | all}] Modes •...
Page 247 M4100 Series ProSAFE Managed Switches Command example: (NETGEAR Switch) #show ip route Route Codes: R - RIP Derived, O - OSPF Derived, C - Connected, S - Static B - BGP Derived, IA - OSPF Inter Area E1 - OSPF External Type 1, E2 - OSPF External Type 2 N1 - OSPF NSSA External Type 1, N2 - OSPF NSSA External Type 2 C 1.1.1.0/24 [0/1] directly connected, 0/11...
Page 248: Show Ip Route Summary
M4100 Series ProSAFE Managed Switches show ip route summary Use this command to display the routing table summary. Use the optional all parameter to show the number of all routes, including best and non-best routes. To include only the number of best routes, do not use the optional parameter.
Page 249 M4100 Series ProSAFE Managed Switches Term Definition Unique Next The number of distinct next hops used among all routes currently in the routing table. Hops These include local interfaces for local routes and neighbors for indirect routes. Unique Next The highest count of unique next hops since the counters were last cleared.
Page 250: Show Ip Route Preferences
M4100 Series ProSAFE Managed Switches ECMP Groups (High)......2 (3) ECMP Routes........1001 Truncated ECMP Routes......0 ECMP Retries........0 Routes with 1 Next Hop......31 Routes with 2 Next Hops......1 Routes with 4 Next Hops......1000 show ip route preferences This command displays detailed information about the route preferences.
Page 251: Virtual Lan Routing Commands
M4100 Series ProSAFE Managed Switches show routing heap summary This command displays a summary of the memory allocation from the routing heap. The routing heap is a chunk of memory set aside when the system boots for use by the routing applications.
Page 252: Dhcp And Bootp Relay Commands
M4100 Series ProSAFE Managed Switches no vlan routing This command deletes routing on a VLAN. The <vlanid> value has a range from 1 to 4093. Format no vlan routing <vlan-id> Mode VLAN Config show ip vlan This command displays the VLAN routing information for all VLANs with routing enabled.
Page 253: Bootpdhcprelay Maxhopcount
M4100 Series ProSAFE Managed Switches no bootpdhcprelay cidoptmode This command disables the circuit ID option mode for BootP/DHCP Relay on the system. Format no bootpdhcprelay cidoptmode Mode Global Config bootpdhcprelay maxhopcount This command configures the maximum allowable relay agent hops for BootP/DHCP Relay on the system.
Page 254: Ip Helper Commands
M4100 Series ProSAFE Managed Switches show bootpdhcprelay This command displays the BootP/DHCP Relay information. Format show bootpdhcprelay Modes • Privileged EXEC • User EXEC Term Definition Maximum Hop The maximum allowable relay agent hops. Count Minimum Wait The minimum wait time.
Page 255: Ip Helper-Address (Global Config)
M4100 Series ProSAFE Managed Switches ip helper-address (Global Config) Use the Global Configuration ip helper-address command to have the switch forward User Datagram Protocol (UDP) broadcasts received on an interface. To disable the forwarding of broadcast packets to specific addresses, use the no form of this command.
Page 256: Ip Helper Enable
M4100 Series ProSAFE Managed Switches no ip helper-address (Global Config) Use this command to remove the IP address from the previously configured list. The no command without an <ip-address> argument removes the entire list of helper addresses on that interface.
Page 257: Ip Helper-Address Discard
M4100 Series ProSAFE Managed Switches Parameter Description The IPv4 unicast or directed broadcast address to which relayed UDP broadcast <ip-address> packets are sent. The IP address cannot be in a subnet on the interface where the relay entry is configured, and cannot be an IP address configured on any interface of the local router.
Page 258: Show Ip Helper-Address
M4100 Series ProSAFE Managed Switches Parameter Description A destination UDP port number from 0 to 65535. <dest-udp-port> port name options The destination UDP port may be optionally specified by its name. Whether a port is specified by its number or its name has no effect on behavior. The names recognized are as follows: •...
Page 259: Show Ip Helper Statistics
M4100 Series ProSAFE Managed Switches show ip helper statistics Use this command to display the number of DHCP and other UDP packets processed and relayed by the UDP relay agent. Format show ip helper statistics Mode Privileged EXEC Term Definition DHCP client The number of valid messages received from a DHCP client.
Page 260: Icmp Throttling Commands
M4100 Series ProSAFE Managed Switches ICMP Throttling Commands This section describes the commands you use to configure options for the transmission of various types of ICMP messages. ip unreachables Use this command to enable the generation of ICMP Destination Unreachable messages. By default, the generation of ICMP Destination Unreachable messages is enabled.
Page 261: Ip Icmp Echo-Reply
M4100 Series ProSAFE Managed Switches ip icmp echo-reply Use this command to enable the generation of ICMP Echo Reply messages by the router. By default, the generation of ICMP Echo Reply messages is enabled. Default enabled Format ip icmp echo-reply...
Page 262: Chapter 5 Quality Of Service Commands
Quality of Service Commands This chapter describes the Quality of Service (QoS) commands available in the managed switch CLI. The chapter contains the following sections: • Class of Service (CoS) Commands • Differentiated Services (DiffServ) Commands • DiffServ Class Commands •...
Page 263: Class Of Service (Cos) Commands
M4100 Series ProSAFE Managed Switches Class of Service (CoS) Commands This section describes the commands you use to configure and view Class of Service (CoS) settings for the switch. The commands in this section allow you to control the priority and transmission rate of traffic.
Page 264: Classofservice Trust
M4100 Series ProSAFE Managed Switches no classofservice ip-dscp-mapping This command maps each IP DSCP value to its default internal traffic class value. Format no classofservice ip-dscp-mapping Modes Global Config classofservice trust This command sets the Class of Service trust mode of an interface. You can set the mode to trust one of the Dot1p (802.1p), IP DSCP, or IP Precedence packet markings.
Page 265: Cos-Queue Strict
M4100 Series ProSAFE Managed Switches no cos-queue min-bandwidth This command restores the default for each queue's minimum bandwidth value. Format no cos-queue min-bandwidth Modes • Global Config • Interface Config cos-queue strict This command activates the strict priority scheduler mode for each specified queue.
Page 266: Random-Detect Exponential Weighting-Constant
M4100 Series ProSAFE Managed Switches no cos-queue random-detect Use this command to disable WRED and restore the default tail drop operation for the specified queues on all interfaces or one interface. Format no cos-queue random-detect <queue-id-1> [<queue-id-2> … <queue-id-n>] Modes •...
Page 267: Show Classofservice Dot1P-Mapping
M4100 Series ProSAFE Managed Switches Format random-detect queue-parms <queue-id-1> [<queue-id-2> … <queue-id-n>] minthresh <thresh-prec-1> … <thresh-prec-n> max-thresh <thresh-prec-1> … <threshprec-n> drop-probability <prob-prec-1> … <prob-prec-n> Modes • Global Config • Interface Config no random-detect queue-parms Use this command to set the WRED configuration back to the default.
Page 268: Show Classofservice Ip-Precedence-Mapping
M4100 Series ProSAFE Managed Switches Format show classofservice dot1p-mapping [<slot/port>] Mode Privileged EXEC The following information is repeated for each user priority. Term Definition User Priority The 802.1p user priority value. Traffic Class The traffic class internal queue identifier to which the user priority value is mapped.
Page 269: Show Classofservice Trust
M4100 Series ProSAFE Managed Switches show classofservice trust This command displays the current trust mode setting for a specific interface. The <slot/port> parameter is optional and is only valid on platforms that support independent per-port Class of Service mappings. If you specify an interface, the command displays the port trust mode of the interface.
Page 270: Differentiated Services (Diffserv) Commands
M4100 Series ProSAFE Managed Switches If you specify the interface, the command also displays the following information. Term Definition Interface The slot/port of the interface. If displaying the global configuration, this output line is replaced with a Global Config indication.
Page 271 M4100 Series ProSAFE Managed Switches Policy a. Creating and deleting policies b. Associating classes with a policy c. Defining policy statements for a policy/class combination Service a. Adding and removing a policy to/from an inbound or outbound interface The DiffServ class defines the packet filtering criteria. The attributes of a DiffServ policy define the way the switch processes packets.
Page 272: Diffserv Class Commands
M4100 Series ProSAFE Managed Switches no diffserv This command sets the DiffServ operational mode to inactive. While disabled, the DiffServ configuration is retained and can be changed, but it is not activated. When enabled, DiffServ services are activated. Format no diffserv...
Page 273: Class-Map Rename
M4100 Series ProSAFE Managed Switches Note: The optional keywords [ipv4 | ipv6] specify the Layer 3 protocol for this class. If not specified, this parameter defaults to ipv4. This maintains backward compatibility for configurations defined on systems before IPv6 match items were supported.
Page 274: Match Any
M4100 Series ProSAFE Managed Switches Format match ethertype {<keyword> | custom <range>} Mode • Class-Map Config • Ipv6-Class-Map Config match any This command adds to the specified class definition a match condition whereby all packets are considered to belong to the class.
Page 275: Match Cos
M4100 Series ProSAFE Managed Switches no match class-map This command removes from the specified class definition the set of match conditions defined for another class. The <refclassname> is the name of an existing DiffServ class whose match conditions are being referenced by the specified class definition.
Page 276: Match Dstip
M4100 Series ProSAFE Managed Switches 00:11:22:dd:ee:ff). The <macmask> parameter is a layer 2 MAC address bit mask, which need not to be contiguous, and is formatted as six, two-digit hexadecimal numbers separated by colons (for example, ff:07:23:ff:fe:dc). Default none Format match destination-address mac <macaddr>...
Page 277: Match Ip Dscp
M4100 Series ProSAFE Managed Switches match ip dscp This command adds to the specified class definition a match condition based on the value of the IP DiffServ Code Point (DSCP) field in a packet, which is defined as the high-order six bits of the Service Type octet in the IP header (the low-order two bits are not checked).
Page 278: Match Protocol
M4100 Series ProSAFE Managed Switches denotes the bit positions in <tosbits> that are used for comparison against the IP TOS field in a packet. For example, to check for an IP TOS value having bits 7 and 5 set and bit 1 clear, where bit 7 is most significant, use a <tosbits>...
Page 279: Match Source-Address Mac
M4100 Series ProSAFE Managed Switches match source-address mac This command adds to the specified class definition a match condition based on the source MAC address of a packet. The <address> parameter is any layer 2 MAC address formatted as six, two-digit hexadecimal numbers separated by colons (for example, 00:11:22:dd:ee:ff).
Page 280: Diffserv Policy Commands
M4100 Series ProSAFE Managed Switches Default none Format match srcl4port {<portkey> | <0-65535>} Mode • Class-Map Config • Ipv6-Class-Map Config match vlan This command adds to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field (the 802.1Q tag of a VLAN tagged packet). The VLAN is an integer from 0 to 4095.
Page 281 M4100 Series ProSAFE Managed Switches Note: The only way to remove an individual policy attribute from a class instance within a policy is to remove the class instance and re-add it to the policy. The values associated with an existing policy attribute can be changed without removing the class instance.
Page 282 M4100 Series ProSAFE Managed Switches redirect This command specifies that all incoming packets for the associated traffic stream are redirected to a specific egress interface (physical port or port-channel). Format redirect <slot/port> Mode Policy-Class-Map Config Incompatibilities Drop, Mirror conform-color Use this command to enable color-aware traffic policing and define the conform-color class map.
Page 283: Mark Cos
M4100 Series ProSAFE Managed Switches no class This command deletes the instance of a particular class and its defined treatment from the specified policy. <classname> is the names of an existing DiffServ class. Note: This command removes the reference to the class definition for the specified policy.
Page 284: Mark Ip-Precedence
M4100 Series ProSAFE Managed Switches Format mark ip-dscp <dscpval> Mode Policy-Class-Map Config Incompatibilities Drop, Mark CoS, Mark IP Precedence, Police mark ip-precedence This command marks all packets for the associated traffic stream with the specified IP Precedence value. The IP Precedence value is an integer from 0 to 7.
Page 285 M4100 Series ProSAFE Managed Switches Format police-simple {<1-4294967295> <1-128> conform-action {drop | set-prec-transmit <0-7> | set-dscp-transmit <0-63> | set-cos-transmit <0-7> | transmit} [violate-action {drop | set-prec-transmit <0-7> | set-dscp-transmit <0-63> | set-cos-transmit <0-7> | transmit}]} Mode Policy-Class-Map Config Incompatibilities Drop, Mark (all forms)
Page 286: Diffserv Service Commands
M4100 Series ProSAFE Managed Switches no policy-map This command eliminates an existing DiffServ policy. The <policyname> parameter is the name of an existing DiffServ policy. This command might be issued at any time. If the policy is referenced by one or more interface service attachments, this delete attempt fails.
Page 287: Diffserv Show Commands
M4100 Series ProSAFE Managed Switches Note: This command fails if any attributes within the policy definition exceed the capabilities of the interface. Once a policy is successfully attached to an interface, any attempt to change the policy definition, that would result in a violation of the interface capabilities, causes the policy change attempt to fail.
Page 288: Show Class-Map
M4100 Series ProSAFE Managed Switches show class-map This command displays all configuration information for the specified class. The <class-name> is the name of an existing DiffServ class. Format show class-map <class-name> Modes • Privileged EXEC • User EXEC If the class-name is specified, the fields that are shown in the following table are displayed.
Page 289: Show Diffserv
M4100 Series ProSAFE Managed Switches show diffserv This command displays the DiffServ General Status Group information, which includes the current administrative mode setting as well as the current and maximum number of rows in each of the main DiffServ private MIB tables. This command provides no options.
Page 290 M4100 Series ProSAFE Managed Switches The information that is shown in the following table is repeated for each class that is associated with this policy (only the policy attributes that are configured are displayed). Term Definition Assign Queue Directs traffic stream to the specified QoS queue. This allows a traffic classifier to specify which one of the supported hardware queues are used for handling packets belonging to the class.
Page 291: Show Diffserv Service
M4100 Series ProSAFE Managed Switches Term Definition Policing Style The style of policing, if any, used (simple). Redirect Forces a classified traffic stream to a specified egress port (physical or LAG). This can occur in addition to any marking or policing action. It might also be specified along with a QoS queue assignment.
Page 292: Show Policy-Map Interface
M4100 Series ProSAFE Managed Switches Term Definition DiffServ Admin The current setting of the DiffServ administrative mode. An attached policy is only active Mode on an interface while DiffServ is in an enabled mode. The information that is shown in the following table is repeated for each interface and direction (only those interfaces configured with an attached policy are shown).
Page 293: Mac Access Control List (Acl) Commands
M4100 Series ProSAFE Managed Switches show service-policy This command displays a summary of policy-oriented statistics information for all interfaces in the specified direction. Format show service-policy {in | out} Mode Privileged EXEC The information that is shown in the following table is repeated for each interface and direction (only those interfaces configured with an attached policy are shown).
Page 294: Mac Access-List Extended Rename
M4100 Series ProSAFE Managed Switches Format mac access-list extended <name> Mode Global Config no mac access-list extended This command deletes a MAC ACL identified by <name> from the system. Format no mac access-list extended <name> Mode Global Config mac access-list extended rename This command changes the name of a MAC access control list (ACL).
Page 295 M4100 Series ProSAFE Managed Switches ibmsna, ipv4, ipv6, ipx, mplsmcast, mplsucast, netbios, novell, pppoe, and rarp. Each of these translates into its equivalent Ethertype value or values. The time-range parameter allows imposing time limitation on the MAC ACL rule as defined by the parameter <time-range-name>.
Page 296: Mac Access-Group
M4100 Series ProSAFE Managed Switches Format {deny | permit} {<srcmac> | any} {<dstmac> | any} [<ethertypekey> | <0x0600-0xFFFF>] [vlan {eq <0-4095>}] [cos <0-7>] [[log] [time-range <time-range-name>] [assign-queue <queue-id>]] [{mirror | redirect} <slot/port>] Mode Mac-Access-List Config mac access-group This command either attaches a specific MAC access control list (ACL) identified by <name>...
Page 297: Ip Access Control List (Acl) Commands
M4100 Series ProSAFE Managed Switches show mac access-lists This command displays a MAC access list and all of the rules that are defined for the MAC ACL. Use the [<name>] parameter to identify a specific MAC ACL to display. Format show mac access-lists [<name>]...
Page 298 M4100 Series ProSAFE Managed Switches • Wildcard masking for ACLs operates differently from a subnet mask. A wildcard mask is in essence the inverse of a subnet mask. With a subnet mask, the mask has ones (1's) in the bit positions that are used for the network address, and has zeros (0's) for the bit positions that are not used.
Page 299 M4100 Series ProSAFE Managed Switches Parameter Description Note: This option is available only if the protocol is tcp or udp. eq {<portkey> | <0-65535>} When eq is specified, an IP ACL rule matches only if the Layer 4 port number is equal to the specified port number or port key.
Page 300: Ip Access-List
M4100 Series ProSAFE Managed Switches ip access-list This command creates an extended IP access control list (ACL) identified by <name>, consisting of classification fields defined for the IP header of an IPv4 frame. The <name> parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IP access list.
Page 301 M4100 Series ProSAFE Managed Switches Note: An implicit deny all IP rule always terminates the access list. Note: The mirror parameter allows traffic matching this rule to be copied to the specified <slot/port>, while the redirect parameter allows traffic matching this rule to be forwarded to the specified <slot/port>.
Page 302 M4100 Series ProSAFE Managed Switches Parameter Description Specifies whether the IP ACL rule permits or denies the {deny | permit} matching traffic. Match every packet. every Specifies the protocol to match for the IP ACL rule. {icmp | igmp | ip | tcp | udp | <number>}...
Page 303: Ip Access-Group
M4100 Series ProSAFE Managed Switches Parameter Description Specifies the assign-queue, which is the queue identifier to assign-queue <queue-id> which packets matching this rule are assigned. Specifies the mirror or redirect interface which is the [{mirror | redirect} [lag <lag-group-id> or <slot/port> to which packets <lag-group-id>...
Page 304: Show Ip Access-Lists
M4100 Series ProSAFE Managed Switches no acl-trapflags This command disables the ACL trap mode. Format no acl-trapflags Mode Global Config show ip access-lists This command displays an IP ACL <accesslistnumber> is the number used to identify the IP ACL. Format show ip access-lists <accesslistnumber>...
Page 305: Ipv6 Access Control List (Acl) Commands
M4100 Series ProSAFE Managed Switches Term Definition Displays when you enable logging for the rule. Assign Queue The queue identifier to which packets matching this rule are assigned. Mirror Interface The slot/port to which packets matching this rule are copied.
Page 306: Ipv6 Access-List
M4100 Series ProSAFE Managed Switches ipv6 access-list This command creates an IPv6 access control list (ACL) identified by <name>, consisting of classification fields defined for the IP header of an IPv6 frame. The <name> parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access list.
Page 307: Ipv6 Traffic-Filter
M4100 Series ProSAFE Managed Switches Note: An implicit deny all IPv6 rule always terminates the access list. A rule might either deny or permit traffic according to the specified classification fields. At a minimum, either the every keyword or the protocol, source address, and destination address values must be specified.
Page 308: Show Ipv6 Access-Lists
M4100 Series ProSAFE Managed Switches Global Config mode. The Interface Config mode command is only available on platforms that support independent per-port Class of Service queue configuration. Format ipv6 traffic-filter <name> {in | {vlan <vlan-id> in}} [sequence <1-4294967295>] Modes •...
Page 309: Time Range Commands For Time-Based Acls
M4100 Series ProSAFE Managed Switches Term Definition Displays when you enable logging for the rule. Assign Queue The queue identifier to which packets matching this rule are assigned. Mirror Interface The slot/port to which packets matching this rule are copied.
Page 310 M4100 Series ProSAFE Managed Switches absolute Use this command to add an absolute time entry to a time range. Only one absolute time entry is allowed per time-range. The <time> parameters are based on the currently configured time zone. The [start <time> <date>] parameters indicate the time and date at which the configuration that referenced the time range starts going into effect.
Page 311: Periodic Time
M4100 Series ProSAFE Managed Switches Format periodic <frequency> {<days-of-the-week> <time>} to {[<days-of-the-week>] <time>} Mode Time-Range Config no periodic Use this command to delete a periodic time entry from a time range. Format no periodic <frequency> {<days-of-the-week> <time>} to {[<days-of-the-week>] <time>}...
Page 312: Autovoip Commands
M4100 Series ProSAFE Managed Switches AutoVoIP Commands AutoVoIP detects the VoIP streams and put the VoIP streams in the specific VLAN (auto-voip VLAN) and provides higher Class of Service to the VoIP streams automatically (both data and signaling). It detects the VoIP streams in two modes.
Page 313: Auto-Voip Oui
M4100 Series ProSAFE Managed Switches auto-voip oui This command is used to configure an OUI for Auto VoIP. The traffic from the configured OUI will get the highest priority over the other traffic. Default A list of known OUIs is present Format auto-voip oui <oui-prefix>...
Page 314: Auto-Voip Protocol-Based
M4100 Series ProSAFE Managed Switches no auto-voip oui-based priority This command is used to set the priority to the default value. Format no auto-voip oui-based priority <priority-value> Mode Global Config auto-voip protocol-based This command is used to configure the global protocol based auto-VoIP remarking priority/traffic-class.
Page 315 The 802.1p priority. This field is valid for OUI auto VoIP. AutoVoIPMode The Auto VoIP mode on the interface. Command example: (NETGEAR Switch)# show auto-voip protocol-based interface all VoIP VLAN Id........2 Prioritization Type......traffic-class Class Value........7 Interface Auto VoIP...
Page 316: Show Auto-Voip Oui-Table
M4100 Series ProSAFE Managed Switches show auto-voip oui-table This command lists all of the configured OUIs. Format show auto-voip oui-table Mode • Privileged EXEC • User EXEC Term Definition OUI of the source MAC address Status Default or Configured entry.
Page 317: Chapter 6 Power Over Ethernet Commands
Power over Ethernet Commands This chapter contains the following sections: • About PoE • PoE Commands...
Page 318: About Poe
M4100 Series ProSAFE Managed Switches About PoE Power over Ethernet (PoE) describes a technology to pass electrical power safely along with data on existing Ethernet cabling. The PSE or power supply equipment is the device or switch that delivers electrical power, and the PD or powered device is the end device that powers up through the power delivered along the Ethernet cable.
Page 319: Poe Detection
M4100 Series ProSAFE Managed Switches poe detection Use this command to configure the detection type on a global basis or per interface. It is used to configure which types of PDs will be detected and powered by the switch. There are three options: •...
Page 320: Poe Power Limit
M4100 Series ProSAFE Managed Switches no poe high-power Use this command to disable the high-power mode. The port will support only IEEE 902.3af devices. This command works on a global basis or per interface. Format no poe high-power Mode Interface Config poe power limit Use this command to configure the type of power limit for a port.
Page 321: Poe Priority
M4100 Series ProSAFE Managed Switches Static and dynamic modes differ in how the available power is calculated, as follows: • Static Power Management Available power = power limit of the source - total allocated power where total allocated power is calculated as the power limit configured on the port.
Page 322: Poe Reset
M4100 Series ProSAFE Managed Switches Default Format poe priority {crit | high | low} Mode • Global Config • Interface Config no poe priority Use this command to set the priority to the default. Format no poe priority Mode •...
Page 323: Poe Usagethreshold
M4100 Series ProSAFE Managed Switches no poe timer schedule name Use this command to detach the schedule from the port. Format no poe timer schedule Mode Interface Config poe usagethreshold Use this command to set a threshold (as a percentage) for the total amount of power that can be delivered by the switch.
Page 324: Show Poe
M4100 Series ProSAFE Managed Switches no poe traps Use this command to disable logging the PoE traps. Format no poe traps Mode Global Config show poe Use this command to get global information regarding the PoE status. Format show poe Mode •...
Page 325: Show Poe Port Configuration
Format show poe port configuration [<port> | all] Mode • Privileged EXEC • User EXEC Command example: (NETGEAR Switch) #show poe port configuration all Admin Power Power Limit High Power Detection Intf Mode Priority...
Page 326: Show Poe Port Info
Other Fault—The port has experienced problems other than compliance issues. When a port begins to deliver power, there is a trap indicating so. When a port stops delivering power, there is a trap indicating so. Command example: (NETGEAR Switch) #show poe port info all High Output Output...
Page 327: Show Poe Pd
M4100 Series ProSAFE Managed Switches Command example: (NETGEAR Switch) #show poe port info 0/33 High Output Output Intf Power Power Class Power Current Voltage Status Fault (mA) (volt) Status ------ ------- ----- ------- ------ ------- ------- ------------------ -------- 0/33 18.0 04.400...
Page 328: Chapter 7 Utility Commands
Utility Commands This chapter describes the utility commands available in the CLI. The chapter contains the following sections: • Auto Install Commands • Dual Image Commands • System Information and Statistics Commands • Logging Commands • Email Alerting and Mail Server Commands •...
Page 329: Auto Install Commands
M4100 Series ProSAFE Managed Switches Auto Install Commands This section describes the Auto Install Commands. Auto Install is a software feature which provides for the configuration of a switch automatically when the device is initialized and no configuration file is found on the switch. The Auto Install process requires DHCP to be enabled by default in order for it to be completed.
Page 330: Boot Host Auto-Save
M4100 Series ProSAFE Managed Switches boot host auto-save This command is used to enable automatically saving the downloaded configuration on the switch. Default Disabled Format boot host auto-save Mode Privileged EXEC no boot host auto-save This command is used to disable automatically saving the downloaded configuration on the switch.
Page 331: Dual Image Commands
M4100 Series ProSAFE Managed Switches no boot host retry-count This command is used to reset the number to the default. The default number is 3. Format no boot host retry-count Mode Privileged EXEC boot host dhcp This command is used to enable AutoInstall on the switch for the next reboot cycle. The command does not change the current behavior of AutoInstall and saves the command to NVRAM.
Page 332: Boot System
M4100 Series ProSAFE Managed Switches delete This command deletes the supplied image file from the permanent storage. The image to be deleted must be a backup image. If this image is the active image, or if this image is activated, an error message displays. The optional <unit> parameter is valid only on Stacks.
Page 333: System Information And Statistics Commands
M4100 Series ProSAFE Managed Switches update bootcode This command updates the bootcode (boot loader) on the switch. The bootcode is read from the active-image for subsequent reboots. The optional <unit> parameter is valid only on Stacks. Error will be returned, if this parameter is provided, on Standalone systems. For Stacking, the <unit>...
Page 334: Show Hardware
M4100 Series ProSAFE Managed Switches Term Definition File The file in which the event originated. Line The line number of the event. Task Id The task ID of the event. Code The event code. Time The time this event occurred.
Page 335: Show Interface
M4100 Series ProSAFE Managed Switches Term Definition Switch Text used to identify the product name of this switch. Description Machine Type The machine model as defined by the Vital Product Data. Machine Model The machine model as defined by the Vital Product Data Serial Number The unique box serial number for this switch.
Page 336: Show Interface Counters
M4100 Series ProSAFE Managed Switches Parameters Definition Collisions The best estimate of the total number of collisions on this Ethernet segment. Frames Time Since The elapsed time, in days, hours, minutes, and seconds since the statistics for this port Counters Last were last cleared.
Page 337: Show Interface Ethernet
M4100 Series ProSAFE Managed Switches Command example: (Routing) #show interface counters Port InOctets InUcastPkts InMcastPkts InBcastPkts --------- ---------------- ---------------- ---------------- ---------------- 15098 0/10 0/11 show interface ethernet This command displays detailed statistics for a specific interface or for all CPU traffic based upon the argument.
Page 338 M4100 Series ProSAFE Managed Switches Term Definition (continued) • Packets Received 512–1023 Octets - The total number of packets (including bad packets) received that were from 512 through 1023 octets in length inclusive (excluding framing bits but including FCS octets).
Page 339 M4100 Series ProSAFE Managed Switches Term Definition Receive Packets The number of inbound packets which were chosen to be discarded even though no errors had Discarded been detected to prevent their being deliverable to a higher-layer protocol. One possible reason for discarding such a packet could be to free up buffer space.
Page 340 M4100 Series ProSAFE Managed Switches Term Definition Packets • Total Packets Transmitted (Octets) - The total number of octets of data (including those Transmitted Octets in bad packets) received on the network (excluding framing bits but including FCS octets). This object can be used as a reasonable estimate of Ethernet utilization. If greater precision is desired, the etherStatsPkts and etherStatsOctets objects should be sampled before and after a common interval.
Page 341 M4100 Series ProSAFE Managed Switches Term Definition Transmit Discards • Total Transmit Packets Discards - The sum of single collision frames discarded, multiple collision frames discarded, and excessive frames discarded. • Single Collision Frames - A count of the number of successfully transmitted frames on a particular interface for which transmission is inhibited by exactly one collision.
Page 342 M4100 Series ProSAFE Managed Switches When you specify switchport, the command output displays the information that is shown in the following table. Term Definition Octets Received The total number of octets of data received by the processor (excluding framing bits but including FCS octets).
Page 343: Show Fiber-Ports Optics
M4100 Series ProSAFE Managed Switches Term Definition VLAN Deletes The number of VLANs on this switch that have been created and then deleted since the last reboot. Time Since The elapsed time, in days, hours, minutes, and seconds since the statistics for this switch were Counters Last last cleared.
Page 344: Show Fiber-Ports Optics-Info
M4100 Series ProSAFE Managed Switches show fiber-ports optics-info This command displays the SFP vendor related information such as vendor name, serial number of the SFP, part number of the SFP. The values are derived from the SFP’s A0 table using the I C interface.
Page 345: Show Mac-Addr-Table
M4100 Series ProSAFE Managed Switches Field Description BR, nominal The nominal bit (signaling) rate (BR, nominal) is specified in units of 100 MBd, rounded off to the nearest 100 MBd. The bit rate includes those bits necessary to encode and delimit the signal as well as those bits carrying data information.
Page 346 M4100 Series ProSAFE Managed Switches The information that is shown in the following table displays if you do not enter a parameter, the keyword all, or the MAC address and VLAN ID. If you enter vlan <vlan-id>, only the Mac Address, Interface, and Status fields display.
Page 347: Process Cpu Threshold
M4100 Series ProSAFE Managed Switches Term Definition Total MAC Number of MAC addresses currently in the forwarding database. Addresses in use Total MAC Number of MAC addresses the forwarding database can handle. Addresses available process cpu threshold Use this command to configure the CPU utilization thresholds. The Rising and Falling thresholds are specified as a percentage of CPU resources.
Page 348: Show Mbuf Total
M4100 Series ProSAFE Managed Switches Note: It is not necessarily the traffic to the CPU, but different tasks that keep the CPU busy. Format show process cpu Mode Privileged EXEC Command example: (NETGEAR Switch) #show process cpu Memory Utilization Report...
Page 349: Show Running-Config
M4100 Series ProSAFE Managed Switches Total Rx High Alloc Attempts 384555 Total Tx Alloc Attempts 2478536 Total Rx Norm Alloc Failures Total Rx Mid2 Alloc Failures Total Rx Mid1 Alloc Failures Total Rx High Alloc Failures Total Tx Alloc Failures...
Page 350: Show Running-Config Interface
M4100 Series ProSAFE Managed Switches • If some, but not all, of the flags in that group are enabled, the command displays trapflags groupname flag-name. Format show running-config [all | <scriptname>] Mode Privileged EXEC show running-config interface This command shows the current configuration on a particular interface. The interface could be a physical port or a virtual port—like a LAG or VLAN.
Page 351: Terminal Length
M4100 Series ProSAFE Managed Switches • show version • show sysinfo • show port all • show isdp neighbors • show logging • show event log • show logging buffered • show trap log Format show tech-support Mode Privileged EXEC...
Page 352: Show Terminal Length
M4100 Series ProSAFE Managed Switches Format terminal length <number> Mode Privileged EXEC no terminal length Use this command to set the terminal length to the default value of 24 lines. Format no terminal length Mode Privileged EXEC show terminal length Use this command to display the value of the user-configured terminal length size.
Page 353: Logging Commands
M4100 Series ProSAFE Managed Switches Logging Commands This section describes the commands you use to configure system logging, and to view logs and the logging settings. logging buffered This command enables logging to an in-memory log that keeps up to 128 logs.
Page 354: Logging Cli-Command
M4100 Series ProSAFE Managed Switches logging cli-command This command enables the CLI command logging feature, which enables logging of all CLI commands issued on the system. Default enabled Format logging cli-command Mode Global Config no logging cli-command This command disables the CLI command Logging feature.
Page 355: Logging Host Remove
M4100 Series ProSAFE Managed Switches Parameter Description The IP address or name of the logging host. <ipaddress> | <hostname> Indicates the type of address (IPv4, IPv6, or DNS). You can configure either an IPv4 <addresstype> or IPv6 address or a host name for a syslog collector among the list of servers.
Page 356: Show Logging
M4100 Series ProSAFE Managed Switches Format logging syslog source-interface {<slot/port> | {loopback <loopback-id>} | {vlan <vlan-id>}} Mode Global Config Parameter Description VLAN or port-based routing interface. <slot/port> Configures the loopback interface to use as the source IP address. The range of loopback the loopback ID is 0 to 7.
Page 357: Show Logging Buffered
M4100 Series ProSAFE Managed Switches show logging buffered This command displays buffered logging (system startup and system operation logs). Format show logging buffered Mode Privileged EXEC Term Definition Buffered Shows whether the In-Memory log is enabled or disabled. (In-Memory) Logging Buffered Logging The behavior of the In Memory log when faced with a log full situation.
Page 358: Email Alerting And Mail Server Commands
M4100 Series ProSAFE Managed Switches Term Definition Number of Traps The number of traps since the last boot. Since Last Reset Trap Log The number of traps the system can retain. Capacity Number of Traps The number of new traps since the command was last executed.
Page 359: Logging Email Urgent
M4100 Series ProSAFE Managed Switches Default Disabled; when enabled, log messages at or above severity warning (4) are emailed Format logging email [<severitylevel>] Mode Global Config no logging email This command disables email alerting. Format no logging email Mode Global Config...
Page 360: Logging Email From-Addr
M4100 Series ProSAFE Managed Switches no logging email message-type to-addr This command removes the configured to-addr field of email. Format no logging email message-type {urgent |non-urgent |both} to-addr <to-email-addr> Mode Global Config logging email from-addr This command configures the email address of the sender (that is, the switch).
Page 361: Logging Email Logtime
M4100 Series ProSAFE Managed Switches logging email logtime This command configures how frequently non-urgent email messages are sent. Non-urgent messages are collected and sent in a batch email at the specified interval. The valid range is every 30- 440 minutes.
Page 362: Show Logging Email Config
M4100 Series ProSAFE Managed Switches show logging email config This command displays information about the email alert configuration. Format show logging email config Mode Privileged EXEC Term Definition Email Alert Logging The administrative status of the feature: enabled or disabled Email Alert From Address The email address of the sender (the switch).
Page 363: Clear Logging Email Statistics
M4100 Series ProSAFE Managed Switches Term Definition No of Email Sent The number of email messages that were sent from the switch since the counter was cleared. Time Since Last Email The amount of time that has passed since the last email was sent from the Sent switch.
Page 364: Port (Mail Server Config)
M4100 Series ProSAFE Managed Switches port (Mail Server Config) Use this command to configure the TCP port to use for communication with the SMTP server. For <portid>, you enter any nonstandard port in the range 1–65535. For TLSv1, the recommended port is number 465. If you do not use security, the recommended port is number 25.
Page 365: System Utility And Clear Commands
M4100 Series ProSAFE Managed Switches Term Definition Email Alert The security protocol (TLS or none) the switch uses to authenticate with the SMTP Security Protocol server. Email Alert The username the switch uses to authenticate with the SMTP server. Username Email Alert The password the switch uses to authenticate with the SMTP server.
Page 366 <slot/port> | loopback <0-7>}] Command example: The traceroute succeeds: (NETGEAR Switch) # traceroute 10.240.10.115 initTtl 1 maxTtl 4 maxFail 0 interval 1 count 3 port 33434 size 43 Traceroute to 10.240.10.115 ,4 hops max 43 byte packets: 1 10.240.4.1...
Page 367: Traceroute Ipv
M4100 Series ProSAFE Managed Switches traceroute ipv6 Use the traceroute command to discover the routes that packets actually take when traveling to their destination through the network on a hop-by-hop basis. The IPv6 address or host name must be a valid. The optional <port> parameter is the UDP port used as the destination of packets sent as part of the traceroute.
Page 368: Clear Counters
M4100 Series ProSAFE Managed Switches clear counters This command clears the statistics for a specified <slot/port>, for all the ports, or for the entire switch based upon the argument. Format clear counters {<slot/port> | all} Mode Privileged EXEC clear igmpsnooping This command clears the tables managed by the IGMP Snooping function and attempts to delete these entries from the Multicast Forwarding Database.
Page 369: Enable Password
M4100 Series ProSAFE Managed Switches enable password This command prompts you to change the Privileged EXEC password. Passwords are a maximum of 64 alphanumeric characters. The password is case-sensitive. The encrypted option allows you to transfer the enable password between devices without needing to know the password.
Page 370 (msec) min/avg/max = 274/279/276 Command example: The ping fails because the destination is unreachable: (NETGEAR Switch) # ping 192.168.254.222 count 3 interval 1 size 255 Pinging 192.168.254.222 with 255 bytes of data: Received Response: Unreachable Destination Received Response :Unreachable Destination Received Response :Unreachable Destination ----192.168.254.222...
Page 371 M4100 Series ProSAFE Managed Switches quit This command closes the current telnet connection or resets the current serial connection. The system asks you whether to save configuration changes before quitting. Format quit Modes • Privileged EXEC • User EXEC reload This command resets the switch without powering it off.
Page 372 M4100 Series ProSAFE Managed Switches You can use the copy command with the following options: copy {<url> | image1 | image2 | nvram:backup-config | nvram:clibanner | nvram:cpu-pkt-capture.pcap | nvram:errorlog | nvram:factory-defaults | nvram:log | nvram:script | nvram:startup-config | nvram:tech-support | nvram:traplog | system:running-config} {<url>...
Page 373 M4100 Series ProSAFE Managed Switches Parameters for the copy command are listed in the following table. Parameters for the copy command Table 1. Source Destination Description Uploads the Technical Support file. nvram:techsupport <url> Copies the backup configuration to the nvram:backup-config nvram:startup-config startup configuration.
Page 374: Write Memory
M4100 Series ProSAFE Managed Switches Parameters for the copy command Table 1. (continued) Source Destination Description Downloads an HTTP secure-server <url> nvram:sslpem-dhweak certificate. Downloads an HTTP secure-server <url> nvram:sslpem-dhstrong certificate. Downloads an HTTP secure-server <url> nvram:sslpem-root certificate. For more information, see...
Page 375: Simple Network Time Protocol (Sntp) Commands
M4100 Series ProSAFE Managed Switches Simple Network Time Protocol (SNTP) Commands This section describes the commands you use to automatically configure the system time and date by using SNTP. sntp broadcast client poll-interval This command sets the poll interval for SNTP broadcast clients in seconds as a power of two where <poll-interval>...
Page 376: Sntp Client Port
M4100 Series ProSAFE Managed Switches sntp client port This command sets the SNTP client port id to a value from 1-65,535. Default Format sntp client port <portid> Mode Global Config no sntp client port This command resets the SNTP client port back to its default value.
Page 377: Sntp Unicast Client Poll-Retry
M4100 Series ProSAFE Managed Switches no sntp unicast client poll-timeout This command will reset the poll timeout for SNTP unicast clients to its default value. Format no sntp unicast client poll-timeout Mode Global Config sntp unicast client poll-retry This command will set the poll retry for SNTP unicast clients to a value from 0 to 10.
Page 378: Clock Timezone
M4100 Series ProSAFE Managed Switches clock timezone When using SNTP/NTP time servers to update the switch’s clock, the time data received from the server is based on Coordinated Universal Time (UTC) which is the same as Greenwich Mean Time (GMT). This might not be the time zone in which the switch is located.
Page 379: Clock Summer-Time Date
(Range: Up to four characters) Format clock summer-time date {<day> <month> <year> <hh:mm> <day> <month> <year> <hh:mm>} [offset <offset>] [zone <acronym>] Mode Global Config Command example: (NETGEAR Switch)(config)# clock summer-time date 1 Apr 2007 02:00 28 Oct 2007 offset 90 zone EST Utility Commands...
Page 380: No Clock Summer-Time
M4100 Series ProSAFE Managed Switches no clock summer-time Use this command to reset the summertime offset. Format no clock summer-time Mode Global Config Command example: (NETGEAR Switch)(config)#no clock summer-time show sntp This command is used to display SNTP settings and status.
Page 381: Show Sntp Server
M4100 Series ProSAFE Managed Switches Term Definition Port SNTP Client Port. Client Mode Configured SNTP Client Mode. show sntp server This command is used to display SNTP server settings and configured servers. Format show sntp server Mode Privileged EXEC Term...
Page 382: Dhcp Server Commands
M4100 Series ProSAFE Managed Switches Term Definition Total Unicast Number of requests to the server. Requests Failed Unicast Number of failed requests from server. Requests show clock Use the show clock command in Privileged EXEC or User EXEC mode to display the time and date from the system clock.
Page 383 M4100 Series ProSAFE Managed Switches no ip dhcp pool This command removes the DHCP address pool. The name should be previously configured pool name. Format no ip dhcp pool <name> Mode Global Config client-identifier This command specifies the unique identifier for a DHCP client. Unique-identifier is a valid notation in hexadecimal format.
Page 384 M4100 Series ProSAFE Managed Switches no client-name This command removes the client name. no client-name Format Mode DHCP Pool Config default-router This command specifies the default router list for a DHCP client. <address1> and <address2>…<address8> must be valid IP addresses, each made up of four decimal bytes ranging from 0 to 255.
Page 385 M4100 Series ProSAFE Managed Switches hardware-address This command specifies the hardware address of a DHCP client. Hardware-address is the MAC address of the hardware platform of the client consisting of 6 bytes in dotted hexadecimal format. Type indicates the protocol of the hardware platform. It is 1 for 10 MB Ethernet and 6 for IEEE 802.
Page 386: Network (Dhcp Pool Config)
M4100 Series ProSAFE Managed Switches Default 1 (day) Format lease [{<days> [<hours>] [<minutes>] | infinite}] Mode DHCP Pool Config no lease This command restores the default value of the lease time for DHCP Server. Format no lease Mode DHCP Pool Config...
Page 387: Domain-Name (Dhcp Pool Config)
M4100 Series ProSAFE Managed Switches no bootfile This command deletes the boot image name. Format no bootfile Mode DHCP Pool Config domain-name (DHCP Pool Config) This command specifies the domain name for a DHCP client. The <domain> argument specifies the domain name string of the client.
Page 388 M4100 Series ProSAFE Managed Switches netbios-node-type The command configures the NetBIOS node type for Microsoft Dynamic Host Configuration Protocol (DHCP) clients. The <type> parameter specifies the NetBIOS node type. Valid types are: • b-node—Broadcast • p-node—Peer-to-peer • m-node—Mixed • h-node—Hybrid (recommended)
Page 389: Ip Dhcp Excluded-Address
M4100 Series ProSAFE Managed Switches option The option command configures DHCP server options. The <code> parameter specifies the DHCP option code and ranges from 1-254. The <ascii string> parameter specifies an NVT ASCII character string. ASCII character strings that contain white space must be delimited by quotation marks.
Page 390: Ip Dhcp Ping Packets
M4100 Series ProSAFE Managed Switches ip dhcp ping packets Use this command to specify the number of packets, in a range from 2-10, that a DHCP server sends to a pool address as part of a ping operation. By default, the number of packets sent to a pool address is 2, which is the smallest allowed number when sending packets.
Page 391: Ip Dhcp Conflict Logging
M4100 Series ProSAFE Managed Switches no ip dhcp bootp automatic This command disables the allocation of the addresses to the bootp client. The address are from the automatic address pool. Format no ip dhcp bootp automatic Mode Global Config ip dhcp conflict logging This command enables conflict logging on DHCP server.
Page 392: Clear Ip Dhcp Conflict
M4100 Series ProSAFE Managed Switches clear ip dhcp conflict The command is used to clear an address conflict from the DHCP Server database. The server detects conflicts using a ping. DHCP server clears all conflicts If the asterisk (*) character is used as the address parameter.
Page 393: Show Ip Dhcp Pool Configuration
M4100 Series ProSAFE Managed Switches show ip dhcp pool configuration This command displays pool configuration. If all is specified, configuration for all the pools is displayed. Format show ip dhcp pool configuration {<name> | all} Modes • Privileged EXEC •...
Page 394: Show Ip Dhcp Conflict
M4100 Series ProSAFE Managed Switches Field Definition Automatic The number of IP addresses that have been automatically mapped to the MAC Bindings addresses of hosts that are found in the DHCP database. Expired Bindings The number of expired leases. Malformed The number of truncated or corrupted messages that were received by the DHCP server.
Page 395: Dns Client Commands
M4100 Series ProSAFE Managed Switches Term Definition Detection The manner in which the IP address of the hosts were found on the DHCP Server. Method Detection time The time when the conflict was found. DNS Client Commands These commands are used in the Domain Name System (DNS), an Internet directory service.
Page 396: Ip Domain List
M4100 Series ProSAFE Managed Switches no ip domain name Use this command to remove the default domain name configured using the ip domain name command. Format no ip domain name Mode Global Config ip domain list Use this command to define a list of default domain names to complete unqualified names.
Page 397: Ip Host
M4100 Series ProSAFE Managed Switches ip host Use this command to define static host name-to-address mapping in the host cache. The <name> parameter is the host name. The <ip address> parameter is the IP address of the host. Default none Format ip host <name>...
Page 398: Ip Domain Timeout
M4100 Series ProSAFE Managed Switches no ip domain retry Use this command to return to the default. Format no ip domain retry <number> Mode Global Config ip domain timeout Use this command to specify the amount of time to wait for a response to a DNS query. The <seconds>...
Page 399: Show Hosts
M4100 Series ProSAFE Managed Switches show hosts Use this command to display the default domain name, a list of name server hosts, the static and the cached list of host names and addresses <name> ranges from 1-255 characters. This command displays both IPv4 and IPv6 entries.
Page 400: Packet Capture Commands
M4100 Series ProSAFE Managed Switches Packet Capture Commands Packet capture commands assist in troubleshooting protocol-related problems with the management CPU. The packets to and from the management CPU can be captured in an internally allocated buffer area for export to a PC host for protocol analysis. Public domain packet analysis tools like Ethereal can be used to decode and review the packets in detail.
Page 401: Capture Remote Port
M4100 Series ProSAFE Managed Switches Parameter Description In remote capture mode, the captured packets are redirected in real time to an remote ® ® external computer running the Wireshark tool for Microsoft Windows . A packet capture server runs on the switch side and sends the captured packets via a TCP connection to the Wireshark tool.
Page 402: Capture File Size
M4100 Series ProSAFE Managed Switches capture file size Use this command to configure file capture options. The command is persistent across a reboot cycle. The range is from 2 to 512 Kbytes. Default 512 Kbytes Format capture file size <file-size>...
Page 403: Serviceability Packet Tracing Commands
M4100 Series ProSAFE Managed Switches Format show capture packets Mode Privileged EXEC Serviceability Packet Tracing Commands These commands improve the capability of network engineers to diagnose conditions affecting their managed switch product. CAUTION: The output of the debug commands can be long and might adversely affect system performance.
Page 404: Debug Clear
M4100 Series ProSAFE Managed Switches no debug auto-voip Use this command to disable Auto VoIP debug messages. Format no debug auto-voip Mode Privileged EXEC debug clear This command disables all previously enabled debug traces. Default disabled Format debug clear Mode...
Page 405: Debug Dhcp Packet
M4100 Series ProSAFE Managed Switches • Event logging • Persistent logging • System Information (output of sysapiMbufDump) • Message Queue Debug Information • Memory Debug Information • Memory Debug Status • OS Information (output of osapiShowTasks) • /proc information (meminfo, cpuinfo, interrupts, version and net/sockstat) Format debug crashlog {[kernel] <crashlog-number>...
Page 406: Debug Dot1X Packet
M4100 Series ProSAFE Managed Switches debug dot1x packet Use this command to enable dot1x packet debug trace. Default disabled Format debug dot1x Mode Privileged EXEC no debug dot1x packet Use this command to disable dot1x packet debug trace. Format no debug dot1x...
Page 407: Debug Igmpsnooping Packet Receive
M4100 Series ProSAFE Managed Switches Command example: (NETGEAR Switch) #debug igmpsnooping packet transmit <15> JAN 01 02:45:06 192.168.17.29-1 IGMPSNOOP[185429992]: igmp_snooping_debug.c(116) 908 % Pkt TX - Intf: 0/20(20), Vlan_Id:1 Src_Mac: 00:03:0e:00:00:00 Dest_Mac: 01:00:5e:00:00:01 Src_IP: 9.1.1.1 Dest_IP: 225.0.0.1 Type: V2_Membership_Report Group: 225.0.0.1 The parameters that are shown in the following table are displayed in the trace message.
Page 408: Debug Ip Acl
M4100 Series ProSAFE Managed Switches Command example: (NETGEAR Switch) #debug igmpsnooping packet receive <15> JAN 01 02:45:06 192.168.17.29-1 IGMPSNOOP[185429992]: igmp_snooping_debug.c(116) 908 % Pkt RX - Intf: 0/20(20), Vlan_Id:1 Src_Mac: 00:03:0e:00:00:10 Dest_Mac: 01:00:5e:00:00:05 Src_IP: 11.1.1.1 Dest_IP: 225.0.0.5 Type: Membership_Query Group: 225.0.0.5 The parameters that are shown in the following table are displayed in the trace message.
Page 409: Debug Ip Dvmrp Packet
M4100 Series ProSAFE Managed Switches no debug ip acl Use this command to disable debug of IP Protocol packets matching the ACL criteria. Format no debug ip acl <acl-number> Mode Privileged EXEC debug ip dvmrp packet Use this command to trace DVMRP packet reception and transmission. If you use the receive option, only received DVMRP packets are traced.
Page 410: Debug Ip Mcache Packet
M4100 Series ProSAFE Managed Switches no debug ip igmp packet Use this command to disable debug tracing of IGMP packet reception and transmission. Format no debug ip igmp packet [receive | transmit] Mode Privileged EXEC debug ip mcache packet Use this command for tracing MDATA packet reception and transmission. If you use the receive option, only received MDATA packets are traced.
Page 411: Debug Ip Pimsm Packet
M4100 Series ProSAFE Managed Switches no debug ip pimdm packet Use this command to disable debug tracing of PIMDM packet reception and transmission. Format no debug ip pimdm packet [receive | transmit] Mode Privileged EXEC debug ip pimsm packet Use this command to trace PIMSM packet reception and transmission. Use this command to trace PIMSM packet reception and transmission.
Page 412: Debug Ipv6 Dhcp
M4100 Series ProSAFE Managed Switches debug ipv6 dhcp Use this command to display debug information about DHCPv6 client activities and trace DHCPv6 packets to and from the local DHCPv6 client. Default disabled Format debug ipv6 dhcp Mode Privileged EXEC no ipv6 debug dhcp Use this command to disable the display of debug trace output for DHCPv6 client activity.
Page 413: Debug Ipv6 Pimdm Packet
M4100 Series ProSAFE Managed Switches Default disabled Format debug ipv6 mld packet [receive | transmit] Mode Privileged EXEC no debug ipv6 mld packet Use this command to disable debug tracing of MLDv6 packet reception and transmission. Format no debug ipv6 mld packet [receive | transmit]...
Page 414: Debug Lacp Packet
M4100 Series ProSAFE Managed Switches Default disabled Format debug ipv6 pimsm packet [receive | transmit] Mode Privileged EXEC no debug ipv6 pimsm packet Use this command to disable debug tracing of PIMSMv6 packet reception and transmission. Format no debug ipv6 pimsm packet [receive | transmit]...
Page 415: Debug Ospf Packet
M4100 Series ProSAFE Managed Switches Default disabled Format debug mldsnooping packet [receive | transmit] Mode Privileged EXEC no debug mldsnooping packet Use this command to disable debug tracing of MLD snooping packet reception and transmission. Format no debug mldsnooping packet [receive | transmit]...
Page 416 M4100 Series ProSAFE Managed Switches The parameters that are shown in the following table are displayed in the trace message. Parameter Definition TX/RX TX refers to a packet transmitted by the device. RX refers to packets received by the device.
Page 417: Debug Ipv6 Ospfv3 Packet
M4100 Series ProSAFE Managed Switches For LS_REQ packet field definitions, the parameter that is shown in the following table is displayed in the trace message. Field Definition Length Length of packet For LS_UPD packet field definitions, the parameter that is shown in the following table is displayed in the trace message.
Page 418: Debug Ping Packet
M4100 Series ProSAFE Managed Switches debug ping packet This command enables tracing of ICMP echo requests and responses. The command traces pings on the network port or service port for switching packages. For routing packages, pings are traced on the routing ports as well.
Page 419: Debug Rip Packet
M4100 Series ProSAFE Managed Switches debug rip packet This command turns on tracing of RIP requests and responses. This command takes no options. The output is directed to the log file. Default disabled Format debug rip packet Mode Privileged EXEC...
Page 420: Debug Sflow Packet
M4100 Series ProSAFE Managed Switches no debug rip packet This command disables tracing of RIP requests and responses. Format no debug rip packet Mode Privileged EXEC debug sflow packet Use this command to enable sFlow debug packet trace. Default disabled...
Page 421: Debug Spanning-Tree Bpdu Receive
M4100 Series ProSAFE Managed Switches debug spanning-tree bpdu receive This command enables tracing of spanning tree BPDUs received by the switch. Spanning tree should be enabled on the device and on the interface in order to monitor packets for a particular interface.
Page 422: Debug Spanning-Tree Bpdu Transmit
M4100 Series ProSAFE Managed Switches debug spanning-tree bpdu transmit This command enables tracing of spanning tree BPDUs transmitted by the switch. Spanning tree should be enabled on the device and on the interface in order to monitor packets on a particular interface.
Page 423: Debug Udld Packet
M4100 Series ProSAFE Managed Switches debug udld packet This command enables debugging on the received and transmitted UDLD PDUs. Default Disabled Format default udld packet receive Mode Privileged EXEC no debug udld packet This command disables debugging on the received and transmitted UDLD PDUs.
Page 424: Debug Aaa Accounting
M4100 Series ProSAFE Managed Switches no debug udld packet transmit This command enables debugging on the transmitted UDLD PDUs. Format debug udld packet transmit Mode Privileged EXEC debug aaa accounting This command is useful for debugging accounting configuration and functionality in User Manager.
Page 425: Cable Test Command
M4100 Series ProSAFE Managed Switches Cable Test Command The cable test feature enables you to determine the cable connection status on a selected port. Note: The cable test feature is supported only for copper cable. It is not supported for optical fiber cable. If the port has an active link while the cable test is run, the link can go down for the duration of the test.
Page 426: Sflow Receiver
M4100 Series ProSAFE Managed Switches sflow receiver Use this command to configure the sFlow collector parameters (owner string, receiver time-out, maximum datagram size, IP address, and port) for a poller. Format sflow receiver <rcvr_idx> {owner <owner-string> {timeout <rcvr_timeout> | notimeout} | maxdatagram <size> | ip <ip> | port <port>}...
Page 427: Sflow Sampler
M4100 Series ProSAFE Managed Switches sflow sampler A data source configured to collect flow samples is called a poller. Use this command to configure a new sFlow sampler instance for this data source if <rcvr-idx> is valid. Format sflow sampler {<rcvr-indx> | rate <sampling-rate> | maxheadersize <size>}...
Page 428: Sflow Poller
M4100 Series ProSAFE Managed Switches sflow poller A data source configured to collect counter samples is called a poller. Use this command to enable a new sFlow poller instance for this data source if <rcvr-idx> is valid. Format sflow poller {<rcvr-indx> | interval <poll-interval>}...
Page 429: Show Sflow Pollers
M4100 Series ProSAFE Managed Switches Command example: (NETGEAR Switch) #show sflow agent sFlow Version........1.3;Netgear;1.0 IP Address........10.131.12.66 show sflow pollers Use this command to display the sFlow polling instances created on the switch. Use “-” for range. Format show sflow pollers...
Page 430: Show Sflow Samplers
M4100 Series ProSAFE Managed Switches Field Description Address Type The sFlow receiver IP address type. For an IPv4 address, the value is 1 and for an IPv6 address, the value is 2. Datagram The sFlow protocol version to be used while sending samples to sFlow receiver.
Page 431: Ip Address Conflict Commands
M4100 Series ProSAFE Managed Switches IP Address Conflict Commands ip address-conflict-detect run This command triggers the switch to run active address conflict detection by sending gratuitous ARP packets for IPv4 addresses on the switch. Note: This command takes effect only once after it is executed and cannot be saved across power cycles.
Page 432: Rmon Stats And History Commands
M4100 Series ProSAFE Managed Switches RMON Stats and History Commands The various MIBs within RFC 2819, 3273, and 3434 are arranged into groups. The managed switch supports some of the groups in these RFCs but not all. The managed switch complies with MODULE-COMPLIANCE and OBJECT-GROUP definitions within these RFCs for supporting individual groups.
Page 433: Rmon Alarm
M4100 Series ProSAFE Managed Switches Group 2 - High Capacity Alarm Capabilities Group Describes the high capacity alarm capabilities provided by the agent. Group 3 - High Capacity Alarm Notifications Group Provides new rising and falling threshold notifications for high capacity objects.
Page 434: Rmon Hcalarm
M4100 Series ProSAFE Managed Switches rmon hcalarm This command sets the RMON hcalarm entry in the High Capacity RMON alarm MIN group. Format rmon hcalarm <alarm-number> <variable> <sample-interval> <sampling-type> {rising-threshold high <value>} {rising-threshold low <value>} {falling-threshold high <value>} {falling-threshold low <value>} [startup {rising | falling | rising-falling}] [owner...
Page 435: Rmon Event
M4100 Series ProSAFE Managed Switches rmon event This command sets the RMON event entry in the RMON event MIB group. Format rmon event <event-number> [description <string> | log | owner <string> | trap <community>] Mode Global Config Parameter Description <event number> An index number that uniquely identifies an entry in the event table. Each such entry defines one event that is to be generated when the appropriate conditions occur.
Page 436: Show Rmon
This command displays the specified entry in the RMON history table. Format show rmon history <index> {errors | other | throughput} Mode Privileged Exec Command example: (NETGEAR Switch) # show rmon history 1 throughput Sample set: 1 Maximum table size: 270 Time Octets Packets...
Page 437: Show Rmon Log
This command displays the RMON statistics for the interface. Format show rmon statistics interface <slot/port> Mode Privileged Exec Command example: (NETGEAR Switch) # show rmon statistics interface 0/1 Interface: 0/1 Dropped: 0 Octets: 0 Packets: 0 Broadcast: 0 Multicast: 0...
Page 438: Unidirectional Link Detection Commands
M4100 Series ProSAFE Managed Switches UniDirectional Link Detection Commands The UDLD feature detects unidirectional links physical ports. A unidirectional link is a forwarding anomaly in a Layer 2 communication channel in which a bidirectional link stops passing traffic in one direction. UDLD must be enabled on both sides of the link in order to detect a unidirectional link.
Page 439: Udld Enable (Interface Config)
M4100 Series ProSAFE Managed Switches udld enable (Interface Config) This command enables UDLD on the specified interface. Default disabled Format udld enable Mode Interface Config no udld enable (Interface Config) This command disables UDLD on the specified interface. Format no udld enable...
Page 440: Usb Commands
M4100 Series ProSAFE Managed Switches If you do not enter a value for the <slot/port> parameter, the command output displays the fields that are shown in the following table. Term Definition Admin Mode The global administrative mode of UDLD. Message Interval The time period (in seconds) between the transmission of UDLD probe packets.
Page 441: Dir Usb
M4100 Series ProSAFE Managed Switches Parameter Description Device Status This field specifies the current status of device. Following are possible device status states: • Active. Device is plugged in and the device is recognized if device is not mounted. •...
Page 442 M4100 Series ProSAFE Managed Switches Parameter Description Filename File name Filesize File size Total Size USB flash device storage size Bytes Used Indicates size of memory used on the device. Bytes Free Indicates size of memory free on the device...
Page 443: Chapter 8 Management Commands
Management Commands This chapter describes the management commands available in the managed switch CLI. The chapter contains the following sections: • Switch Management CPU Commands • Management Interface Commands • Console Port Access Commands • Telnet Commands • Secure Shell (SSH) Commands •...
Page 444: Switch Management Cpu Commands
M4100 Series ProSAFE Managed Switches Switch Management CPU Commands To manage the switch via the web GUI or telnet, an IP address needs to be assigned to the switch management CPU. Whereas there are CLI commands that can be used to do this, ezconfig simplifies the task.
Page 445 M4100 Series ProSAFE Managed Switches The following is an example of an ezconfig session. NETGEAR EZ Configuration Utility -------------------------------- Hello and Welcome! This utility will walk you thru assigning the IP address for the switch management CPU. It will allow you to save the changes at the end. After the session, simply use the newly assigned IP address to access the Web GUI using any public domain Web browser.
Page 446: Management Interface Commands
M4100 Series ProSAFE Managed Switches Management Interface Commands This section describes the commands you use to configure a logical interface for management access. enable (Privileged EXEC access) Use this command to access the Privileged EXEC mode. From the Privileged EXEC mode, you can configure the network interface.
Page 447: Network Mac-Type
M4100 Series ProSAFE Managed Switches A locally administered address must have bit 6 On (b'1') and bit 7 Off (b'0'). Format network mac-address <macaddr> Mode Privileged EXEC network mac-type Use this command to specify whether the switch uses the burned in MAC address or the locally administered MAC address.
Page 448: Show Network
M4100 Series ProSAFE Managed Switches show network Use this command to display configuration settings associated with the switch’s network interface. The network interface is the logical interface used for in-band connectivity with the switch via any of the switch's front panel ports. The configuration parameters associated with the switch's network interface do not affect the configuration of the front panel ports through which traffic is switched or routed.
Page 449: Console Port Access Commands
M4100 Series ProSAFE Managed Switches Command example: This output is for the network port: (NETGEAR Switch) #show network Interface Status....... Always Up IP Address........10.250.3.1 Subnet Mask........255.255.255.0 Default Gateway........ 10.250.3.3 IPv6 Administrative Mode....... Enabled IPv6 Address/Length is ......FE80::210:18FF:FE82:337/64 IPv6 Address/Length is ......
Page 450: Serial Baudrate
M4100 Series ProSAFE Managed Switches serial baudrate Use this command to specify the communication rate of the terminal interface. The supported rates are 1200, 2400, 4800, 9600, 19200, 38400, 57600, 115200. Default 115200 Format serial baudrate {1200 | 2400 | 4800 | 9600 | 19200 | 38400 | 57600 |...
Page 451: Enable Authentication
M4100 Series ProSAFE Managed Switches no login authentication Use this command to return to the default specified by the login authentication command. Format no login authentication {default | <list-name>} Mode Line Config enable authentication Use this command in line configuration mode to specify an authentication method list when the user accesses a higher privilege level in remote telnet or console.
Page 452: Telnet Commands
M4100 Series ProSAFE Managed Switches Term Definition Stop Bits The number of Stop bits per character. The number of Stop bits is always 1. Parity Type The parity method used on the serial port. The parity method is always None.
Page 453: Transport Input Telnet
M4100 Series ProSAFE Managed Switches transport input telnet Use this command to regulate new Telnet sessions. If enabled, new Telnet sessions can be established until there are no more sessions available. An established session remains active until the session is ended or an abnormal network error ends the session.
Page 454: Telnetcon Maxsessions
M4100 Series ProSAFE Managed Switches session-limit Use this command to specify the maximum number of simultaneous outbound Telnet sessions. A value of 0 indicates that no outbound Telnet session can be established. Default Format session-limit <0-5> Mode Line Config no session-limit Use this command to set the maximum number of simultaneous outbound Telnet sessions to the default value.
Page 455: Telnetcon Timeout
M4100 Series ProSAFE Managed Switches no telnetcon maxsessions Use this command to set the maximum number of Telnet connection sessions that can be established to the default value. Format no telnetcon maxsessions Mode Privileged EXEC telnetcon timeout Use this command to set the Telnet connection session time-out value, in minutes. A session is active as long as the session has not been idle for the value set.
Page 456: Show Telnet
M4100 Series ProSAFE Managed Switches show telnet Use this command to display the current outbound Telnet settings. In other words, these settings apply to Telnet connections initiated from the switch to a remote system. Format show telnet Modes • Privileged EXEC •...
Page 457: Secure Shell (Ssh) Commands
M4100 Series ProSAFE Managed Switches Secure Shell (SSH) Commands This section describes the commands you use to configure SSH access to the switch. Use SSH to access the switch from a remote management host. Note: The system allows a maximum of five SSH sessions.
Page 458: Sshcon Maxsessions
M4100 Series ProSAFE Managed Switches sshcon maxsessions Use this command to specify the maximum number of SSH connection sessions that can be established. A value of 0 indicates that no ssh connection can be established. The range is 0–5. Default Format sshcon maxsessions <0-5>...
Page 459: Management Security Commands
M4100 Series ProSAFE Managed Switches show ip ssh Use this command to display the ssh settings. Format show ip ssh Mode Privileged EXEC Term Definition Administrative This field indicates whether the administrative mode of SSH is enabled or disabled. Mode...
Page 460: Hypertext Transfer Protocol (Http) Commands
M4100 Series ProSAFE Managed Switches no crypto certificate generate Use this command to delete the HTTPS certificate files from the device, regardless of whether they are self-signed or downloaded from an outside source. Format no crypto certificate generate Mode Global Config crypto key generate rsa Use this command to generate an RSA key pair for SSH.
Page 461: Ip Http Server
M4100 Series ProSAFE Managed Switches ip http server Use this command to enable access to the switch through the Web interface. When access is enabled, the user can login to the switch from the Web interface. When access is disabled, the user cannot login to the switch’s web server.
Page 462: Ip Http Session Hard-Timeout
M4100 Series ProSAFE Managed Switches no ip http java Use this command to disable the Web Java mode. The Java mode applies to both secure and unsecure web connections. Format no ip http java Mode Privileged EXEC ip http session hard-timeout Use this command to configure the hard time-out for unsecure HTTP sessions in hours.
Page 463: Ip Http Session Maxsessions
M4100 Series ProSAFE Managed Switches Term Definition Tacacs Uses the list of all TACACS servers for authentication. None Uses no authentication. no ip http authentication Use this command to restore the authentication methods to the default. Format no ip http authentication <method1> [<method2> ...]...
Page 464: Ip Http Secure-Session Maxsessions
M4100 Series ProSAFE Managed Switches no ip http session soft-timeout Use this command to reset the soft time-out for unsecure HTTP sessions to the default value. Format no ip http session soft-timeout Mode Privileged EXEC ip http secure-session maxsessions Use this command to limit the number of secure HTTP sessions. Zero is the configurable minimum.
Page 465: Ip Http Secure-Session Hard-Timeout
M4100 Series ProSAFE Managed Switches ip http secure-session hard-timeout Use this command to configure the hard time-out for secure HTTP sessions in hours. When the time-out expires, the user must reauthenticate. This timer begins on initiation of the web session and is unaffected by the activity level of the connection. The secure session hard time-out cannot be set to zero (infinite).
Page 466: Ip Http Secure-Port
M4100 Series ProSAFE Managed Switches ip http secure-port Use this command to set the SSL port where port can be 1-65535 and the default is port 443. Default Format ip http secure-port <portid> Mode Privileged EXEC no ip http secure-port Use this command to reset the SSL port to the default value.
Page 467: Access Commands
M4100 Series ProSAFE Managed Switches Term Definition Secure Port The secure HTTP server port number. Secure Protocol Level(s) The protocol level might have the values of SSL3, TSL1, or both SSL3 and TSL1. Maximum Allowable HTTPS The number of allowable secure http sessions.
Page 468: User Account Commands
M4100 Series ProSAFE Managed Switches Field Definition Session Time Total time this session has been connected. Session Type Shows the type of session, which can be HTTP, HTTPS, telnet, serial, or SSH. User Account Commands This section describes the commands you use to add, manage, and delete system users.
Page 469: Username Name Nopassword
M4100 Series ProSAFE Managed Switches Term Definition encrypted Encrypted password you enter, copied from another device configuration. override-complexity Disables the validation of the password strength. -check no username Use this command to remove a user account. Format no username <username>...
Page 470: Username Snmpv3 Accessmode
M4100 Series ProSAFE Managed Switches username snmpv3 accessmode Use this command to specify the SNMPv3 access privileges for the specified login user. The valid accessmode values are readonly and readwrite. The <username> is the login user name for which the specified access mode applies. The default is readwrite for the “admin”...
Page 471: Username Snmpv3 Encryption
M4100 Series ProSAFE Managed Switches username snmpv3 encryption Use this command to specify the encryption protocol used for the specified user. The valid encryption protocols are des and none. If you select des, you can specify the required key on the command line. The encryption key must be 8–64 characters long.
Page 472: Show Users Accounts
M4100 Series ProSAFE Managed Switches Term Definition SNMPv3 The authentication protocol to be used for the specified login user. Authentication SNMPv3 The encryption protocol to be used for the specified login user. Encryption show users accounts Use this command to display the local user status about user account lockout and password aging.
Page 473: Show Users Long
M4100 Series ProSAFE Managed Switches Password Expiry........ --- Lockout........False Override Complexity Check...... Disable Password Strength......--- show users long Use this command to display the user’s full name. Format show users long Mode Privileged EXEC Term Definition User Name The full name of the user.
Page 474: Passwords History
M4100 Series ProSAFE Managed Switches no passwords min-length Use this command to set the minimum password length to the default value. Format no passwords min-length Mode Global Config passwords history Use this command to set the number of previous passwords that shall be stored for each user account.
Page 475: Passwords Lock-Out
M4100 Series ProSAFE Managed Switches passwords lock-out Use this command to strengthen the security of the switch by locking user accounts that have failed login due to wrong passwords. When a lockout count is configured, a user that is logged in must enter the correct password within that count. Otherwise the user will be locked out from further switch access.
Page 476: Passwords Strength Minimum Lowercase-Letters
M4100 Series ProSAFE Managed Switches Default Format passwords strength minimum uppercase-letters <number> Mode Global Config no passwords strength minimum uppercase-letters Use this command to reset the minimum number of uppercase letters to the default value. Format no passwords strength minimum uppercase-characters...
Page 477: Passwords Strength Minimum Special-Characters
M4100 Series ProSAFE Managed Switches no passwords strength minimum numeric-characters Use this command to reset the minimum number of numeric characters to the default value. Format no passwords strength minimum numeric-characters Mode Global Config passwords strength minimum special-characters Use this command to enforce a minimum number of special characters that a password should contain.
Page 478: Passwords Strength Maximum Repeated-Characters
M4100 Series ProSAFE Managed Switches passwords strength maximum repeated-characters Use this command to enforce a maximum number of repeated characters that a password should contain. An example of repeated characters is aaaa. The valid range is 0-16. If a password has a repetition of characters more than the configured limit, it fails to configure.
Page 479: Show Passwords Configuration
M4100 Series ProSAFE Managed Switches no passwords strength exclude-keyword Use this command to reset the restriction for the specified keyword or all the keywords configured. Format no passwords strength exclude-keyword [<keyword>] Mode Global Config show passwords configuration Use this command to display the configured password management settings.
Page 480: Show Passwords Result
M4100 Series ProSAFE Managed Switches show passwords result Use this command to display the last password set result information. Format show passwords result Mode Privileged EXEC Term Definition Last User Whose Shows the name of the user with the most recently set password.
Page 481: Aaa Authentication Enable
Uses the list of all RADIUS servers for authentication. • tacacs. Uses the list of all TACACS servers for authentication. Command example: (NETGEAR Switch)(config)# aaa authentication login default radius local enable none no aaa authentication login Use this command to remove authentication at login. Format no aaa authentication login {default | <list-name>}...
Page 482: Aaa Authentication Dot1X
M4100 Series ProSAFE Managed Switches Parameter Description Uses the listed authentication methods that follow this argument as the default list of default methods, when using higher privilege levels. Character string used to name the list of authentication methods activated, when using <list-name>...
Page 483: Aaa Accounting
M4100 Series ProSAFE Managed Switches no aaa authentication dot1x Use this command to remove the authentication at login. Format no aaa authentication dot1x default Mode Global Config aaa accounting The command creates an accounting method list. This list is identified by the default keyword or by a user-specified <list-name>.
Page 484: Accounting (Console/Telnet/Ssh)
M4100 Series ProSAFE Managed Switches no aaa accounting This command deletes the accounting method list. Format no aaa accounting {exec | commands} {default | <list-name>} Mode Global Config accounting (console/Telnet/SSH) This command applies the accounting method list to a line configuration (console/Telnet/SSH).
Page 485: Show Accounting
M4100 Series ProSAFE Managed Switches Term Definition The default list of methods for authorization services. default Alphanumeric character string used to name the list of authorization methods. <list-name> no ip http/https accounting exec This command deletes the authorization method list.
Page 486: Aaa Authorization
M4100 Series ProSAFE Managed Switches Commands UserCmdAudit start-stop TACACS Line EXEC Method List Command Method List --------- -------------------- -------------------- Console none none Telnet none none none none HTTPS none none HTTP none none aaa authorization The command creates an authorization method list. This list is identified by the default keyword or by a user-specified <list-name>.
Page 487: Authorization (Console/Telnet/Ssh)
M4100 Series ProSAFE Managed Switches no aaa authorization This command deletes the authorization method list. Format no aaa authorization {exec | commands} {default | <list-name>} <method1> [<method2>…] Mode Global Config authorization (console/Telnet/SSH) To apply the command authorization method list to an access method (console/Telnet/SSH).
Page 488: Domain-Name (Global Config)
M4100 Series ProSAFE Managed Switches Exec Authorization List Method ---------------------------- ------------------------------ dfltExecAuthList none undefined undefined undefined Line Exec Method List --------- --------------------- Console dfltExecAuthList Telnet dfltExecAuthList dfltExecAuthList domain-name (Global Config) The managed switch supports authentication based on domain name, in addition to the user name and password.
Page 489: Show Domain-Name
M4100 Series ProSAFE Managed Switches no domain-name enable This command disables the domain name functionality. Format no domain-name enable Mode Global Config show domain-name This command displays the configured domain-name. Format show domain-name Mode Privileged EXEC Command example: (NETGEAR Switch) #show domain-name...
Page 490: Password (Aaa Ias User Configuration)
M4100 Series ProSAFE Managed Switches Parameter Definition Use the same session ID for all AAA Service types. common Use a unique session ID for AAA Service types. unique no aaa session-id This command resets the AAA session ID behavior to default.
Page 491: Snmp Commands
M4100 Series ProSAFE Managed Switches show aaa ias-users Use this command to display configured IAS users and their attributes. Passwords configured are not shown in the show command output. Format show aaa ias-users Mode Privileged EXEC SNMP Commands This section describes the commands you use to configure Simple Network Management Protocol (SNMP) on the switch.
Page 492: Snmp-Server Community Ipaddr
M4100 Series ProSAFE Managed Switches no snmp-server community Use this command to remove this community name from the table. The <name> is the community name to be deleted. Format no snmp-server community <name> Mode Global Config snmp-server community ipaddr Use this command to set a client IP address for an SNMP community. The address is the...
Page 493: Snmp-Server Community Mode
M4100 Series ProSAFE Managed Switches no snmp-server community ipmask Use this command to set a client IP mask for an SNMP community to 0.0.0.0. The name is the applicable community name. The community name might be up to 16 alphanumeric characters.
Page 494: Snmp-Server Community Rw
M4100 Series ProSAFE Managed Switches snmp-server community rw Use this command to restrict access to switch information. The access mode is read/write (also called private). Format snmp-server community rw <name> Mode Global Config snmp-server enable traps violation Use this command to enable sending new violation traps designating when a packet with a disallowed MAC address is received on a locked port.
Page 495: Snmp-Server Enable Traps Linkmode
M4100 Series ProSAFE Managed Switches snmp-server enable traps linkmode Use this command to enable Link Up/Down traps for the entire switch. When enabled, link traps are sent only if the Link Trap flag setting associated with the port is enabled. For more...
Page 496: Snmptrap Snmpversion
M4100 Series ProSAFE Managed Switches no snmp-server enable traps stpmode Use this command to disable sending new root traps and topology change notification traps. Format no snmp-server enable traps stpmode Mode Global Config snmptrap Use this command to add an SNMP trap receiver. The maximum length of <name> is 16 case-sensitive alphanumeric characters.
Page 497: Snmptrap Ipaddr
M4100 Series ProSAFE Managed Switches Note: This command does not support a no form. Default snmpv2 Format snmptrap snmpversion <name> {<ipaddr> | <hostname>} | {<ip6addr> | <hostname>} {snmpv1 | snmpv2} Mode Global Config snmptrap ipaddr Use this command to assign an IP address to a specified community name. The name can use up to 16 case-sensitive alphanumeric characters.
Page 498: Snmp Trap Link-Status
M4100 Series ProSAFE Managed Switches snmp trap link-status Use this command to enable link status traps by interface. Note: This command is valid only when the Link Up/Down Flag is enabled. For more information, see snmp-server enable traps linkmode page 495.
Page 499: Show Snmpcommunity
M4100 Series ProSAFE Managed Switches Format no snmp trap link-status all Mode Global Config show snmpcommunity Use this command to display SNMP community information. Six communities are supported. You can add, change, or delete communities. The switch does not need to be reset for changes to take effect.
Page 500: Show Trapflags
M4100 Series ProSAFE Managed Switches Field Definition SNMP Trap The community string of the SNMP trap packet sent to the trap manager. The string is Name case-sensitive and can be up to 16 alphanumeric characters. IP Address The IPv4 address to receive SNMP traps from this device.
Page 501: Radius Commands
M4100 Series ProSAFE Managed Switches Field Definition OSPFv2 Traps Can be enabled or disabled. The factory default is disabled. Indicates whether OSPF traps are sent. If any of the OSPF trap flags are not enabled, the command displays disabled. Otherwise, the command shows all the enabled OSPF traps’ information.
Page 502: Radius Server Attribute
Format no radius server attribute 4 [<ipaddr>] Mode Global Config Command example: (NETGEAR Switch) (Config) #radius server attribute 4 192.168.37.60 Command example: (NETGEAR Switch) (Config) #radius server attribute 4 radius server host This command configures the IP address or DNS name to use for communicating with the RADIUS server of a selected server type.
Page 503 M4100 Series ProSAFE Managed Switches default names, respectively. The same name can be configured for more than one authenticating servers and the name should be unique for accounting servers. The RADIUS client allows the configuration of a maximum 32 authenticating and accounting servers.
Page 504: Radius Server Key
Global Config Command example: (NETGEAR Switch) (Config) #radius server host acct 192.168.37.60 (NETGEAR Switch) (Config) #radius server host acct 192.168.37.60 port 1813 (NETGEAR Switch) (Config) #radius server host auth 192.168.37.60 name Network1_RADIUS_Auth_Server port 1813 (NETGEAR Switch) (Config) #radius server host acct 192.168.37.60 name Network2_RADIUS_Auth_Server (NETGEAR Switch) (Config) #no radius server host acct 192.168.37.60...
Page 505: Radius Server Msgauth
M4100 Series ProSAFE Managed Switches Parameter Description The IP address of the server. <ipaddr> The DNS name of the server. <dnsname> The password in encrypted format. <password> Command example: radius server key acct 10.240.4.10 encrypted <encrypt-string> radius server msgauth Use this command to enable the message authenticator attribute to be used for the specified RADIUS Authenticating server.
Page 506: Radius Server Retransmit
M4100 Series ProSAFE Managed Switches Parameter Description The IP address of the RADIUS Authenticating server. <ipaddr> The DNS name of the server. <dnsname> radius server retransmit Use this command to configure the global parameter for the RADIUS client that specifies the number of transmissions of the messages to be made before attempting the fall back server upon unsuccessful communication with the current RADIUS authenticating server.
Page 507: Show Radius
M4100 Series ProSAFE Managed Switches no radius server timeout Use this command to set the timeout global parameter to the default value. Format no radius server timeout Mode Global Config show radius Use this command to display the values configured for the global parameters of the RADIUS client.
Page 508: Show Radius Servers
M4100 Series ProSAFE Managed Switches Time Duration........... 10 RADIUS Accounting Mode........Disable RADIUS Attribute 4 Mode......... Enable RADIUS Attribute 4 Value ....... 192.168.37.60 show radius servers Use this command to display the summary and details of RADIUS authenticating servers configured for the RADIUS client.
Page 509 Primary 192.168.37.202 Network3_RADIUS_Server Secondary 192.168.37.203 Network4_RADIUS_Server Primary Command example: (NETGEAR Switch) #show radius servers name Default_RADIUS_Server Server Name......Default_RADIUS_Server Host Address......192.168.37.58 Secret Configured...... No Message Authenticator ....Enable Number of Retransmits....4 Time Duration......10 RADIUS Accounting Mode....Disable RADIUS Attribute 4 Mode....
Page 510: Show Radius Accounting
192.168.37.200 Network1_RADIUS_Server 1813 192.168.37.201 Network2_RADIUS_Server 1813 192.168.37.202 Network3_RADIUS_Server 1813 192.168.37.203 Network4_RADIUS_Server 1813 Command example: (NETGEAR Switch) #show radius accounting name Default_RADIUS_Server Server Name......Default_RADIUS_Server Host Address......192.168.37.200 RADIUS Accounting Mode....Disable Port ........1813 Secret Configured ..... Yes Management Commands...
Page 511: Show Radius Accounting Statistics
The number of RADIUS packets received from this server on the accounting port and dropped for some other reason. Command example: (NETGEAR Switch) #show radius accounting statistics 192.168.37.200 RADIUS Accounting Server Name....Default_RADIUS_Server Host Address........192.168.37.200 Round Trip Time....... 0.00 Requests........
Page 512: Show Radius Statistics
Bad Authenticators......0 Pending Requests......0 Timeouts........0 Unknown Types......... 0 Packets Dropped....... 0 Command example: (NETGEAR Switch) #show radius accounting statistics name Default_RADIUS_Server RADIUS Accounting Server Name....Default_RADIUS_Server Host Address........192.168.37.200 Round Trip Time....... 0.00 Requests........0 Retransmissions....... 0 Responses........
Page 513 Malformed Access Responses....0 Bad Authenticators......0 Pending Requests......0 Timeouts........0 Unknown Types......... 0 Packets Dropped....... 0 Command example: (NETGEAR Switch) #show radius statistics name Default_RADIUS_Server RADIUS Server Name......Default_RADIUS_Server Server Host Address......192.168.37.200 Access Requests....... 0.00 Access Retransmissions......0 Management Commands...
Page 514: Tacacs+ Commands
M4100 Series ProSAFE Managed Switches Access Accepts........ 0 Access Rejects........ 0 Access Challenges......0 Malformed Access Responses....0 Bad Authenticators......0 Pending Requests......0 Timeouts........0 Unknown Types......... 0 Packets Dropped....... 0 TACACS+ Commands TACACS+ provides access control for networked devices via one or more centralized servers.
Page 515: Tacacs-Server Key
M4100 Series ProSAFE Managed Switches no tacacs-server host Use this command to delete the specified TACACS+ server. The <ip-address> or <hostname> parameter is the IP address or host name of the TACACS+ server. Format no tacacs-server host {<ip-address> | <hostname>}...
Page 516: Tacacs-Server Source Interface
M4100 Series ProSAFE Managed Switches tacacs-server source interface Use this command in Global Configuration mode to configure the global source interface (source IP selection) for all TACACS+ communications between the TACACS+ client and the server. Format tacacs-server source-interface {<slot/port> | loopback <loopback-id>...
Page 517: Key (Tacacs Config)
M4100 Series ProSAFE Managed Switches key (TACACS Config) Use the key command in TACACS Configuration mode to specify the authentication and encryption key for all TACACS communications between the device and the TACACS server. This key must match the key used on the TACACS daemon. The <key-string> parameter specifies the key name.
Page 518: Configuration Scripting Commands
M4100 Series ProSAFE Managed Switches show tacacs Use this command to display the configuration and statistics of a TACACS+ server. Format show tacacs [<ip-address> | <hostname>] Mode Privileged EXEC Field Definition Host Address The IP address or hostname of the configured TACACS+ server.
Page 519: Script Apply
M4100 Series ProSAFE Managed Switches The following lines show an example of a script: ! Script file for displaying management access show telnet !Displays the information about remote connections ! Display information about direct connections show serial ! End of the script file! To specify a blank password for a user in the configuration script, you must specify it as a space within quotes.
Page 520: Pre-Login Banner And System Prompt Commands
M4100 Series ProSAFE Managed Switches Term Definition Configuration Script Name of the script. Size Privileged EXEC script show Use this command to display the contents of a script file, which is named <scriptname>. Format script show <scriptname> Mode Privileged EXEC...
Page 521: Set Prompt
M4100 Series ProSAFE Managed Switches Format copy <url> nvram:clibanner copy nvram:clibanner <url> Mode Privileged EXEC set prompt Use this command to change the name of the prompt. The length of name might be up to 64 alphanumeric characters. Format set prompt <prompt_string>...
Page 522: Chapter 9 Green Ethernet Commands
Green Ethernet Commands This chapter describes the green Ethernet commands available in the managed switch CLI. The chapter contains the following sections: • Green Feature Support • Energy-Detect Mode • Energy Efficient Ethernet (EEE) • Green Ethernet Commands...
Page 523: Green Feature Support
M4100 Series ProSAFE Managed Switches Green Feature Support The NETGEAR Managed switch supports the following green Ethernet power saving modes: • Energy Detect Mode • EEE Mode The green Ethernet commands supported depends on the switch model. Table 2. Green feature support...
Page 524: Energy Efficient Ethernet (Eee)
M4100 Series ProSAFE Managed Switches Energy Efficient Ethernet (EEE) Energy Efficient Ethernet (EEE) combines MAC with ports that support operation in a Low-Power Mode. This feature is defined by the IEEE 802.3az Energy Efficient Ethernet Task Force. Lower Power Mode enables both send and receive sides of a link to disable some port functionality to save power when the port is lightly loaded.
Page 525: Green-Mode Eee
M4100 Series ProSAFE Managed Switches green-mode eee This command enables EEE low-power idle mode on an interface or on all interfaces. It allows both send and receive sides of a link to disable some functionality for power savings when the port is lightly loaded. Transition to Low-Power Mode does not change the link status.
Page 526: Show Green-Mode
M4100 Series ProSAFE Managed Switches show green-mode This command displays the green mode configuration and operational status either for the whole system or for a port. This command can display the per-port configuration and operational status of the green mode. The status is shown only for the modes supported on the switch.
Page 527 M4100 Series ProSAFE Managed Switches Field Definition Reason for Energy-detect The energy detect mode might be administratively enabled, but the operational current operational status status might be inactive. The reasons for the same are: Port is currently operating in the fiber mode Link is up.
Page 528 M4100 Series ProSAFE Managed Switches Field Definition Remote Tw_sys_rx Integer that indicates the value of Tw_sys that the remote system requests from the (microsec) local system. This value maps from the aLldpXdot3RemRxTwSys attribute. Remote Tw_sys_rx Echo Integer that indicates the value of Receive Tw_sys echoed back by the remote (microsec) system.
Page 529 M4100 Series ProSAFE Managed Switches Interface Energy-Detect Short-Reach-Config Short-Reach Config Auto Forced Config --------- --------- --------- --------- --------- ----------- -------- Disabled Inactive Disabled Disabled Inactive Disabled Disabled Inactive Disabled Disabled Inactive Disabled Disabled Inactive Disabled Disabled Inactive Disabled Disabled Inactive...
Page 530: Green-Mode Eee-Lpi-History
M4100 Series ProSAFE Managed Switches Rx DLL enabled......Yes Rx DLL ready....... Yes Cumulative Energy Saving (W * H)..... XX Time Since Counters Last Cleared....1 day 20 hr 47 min 34 sec green-mode eee-lpi-history Configure the global EEE LPI history collection interval and buffer size using this command.
Page 531 M4100 Series ProSAFE Managed Switches Field Description Percentage LPI time per stack Percentage of Total time spent in LPI mode by all port in stack when compared to total time since reset. Sample No Sample Index Sample Time Time since last reset...
Page 532: Chapter 10 Log Messages
There is no specific action that can be taken per message. If a problem is being diagnosed, a set of these messages in the event log, along with an understanding of the system configuration and details of the problem, can assist NETGEAR technical support in determining the root cause of such a problem.
Page 533: Core
M4100 Series ProSAFE Managed Switches Core Table 3. BSP Log Messages Component Message Cause Event(0xaaaaaaaa) Switch has restarted. Starting code... BSP initialization complete, starting application. Table 4. NIM Log Messages Component Message Cause NIM: L7_ATTACH out of order for Interface creation out of order...
Page 534 M4100 Series ProSAFE Managed Switches Table 5. System Log Messages Component Message Cause SYSTEM Configuration file Switch CLI.cfg size is 0 The configuration file could not be read. (zero) bytes This message might occur on a system for which no configuration has ever been saved or for which configuration has been erased.
Page 535: Utilities
M4100 Series ProSAFE Managed Switches Utilities Table 6. Trap Mgr Log Message Component Message Cause Trap Mgr Link Up/Down: slot/port An interface changed link state. Table 7. DHCP Filtering Log Messages Component Message Cause DHCP Filtering Unable to create r/w lock for DHCP...
Page 536 M4100 Series ProSAFE Managed Switches Table 9. RADIUS Log Messages Component Message Cause RADIUS RADIUS: Invalid data length - xxx The RADIUS Client received an invalid message from the server. RADIUS RADIUS: Failed to send the request A problem communicating with the RADIUS server.
Page 537: Management
M4100 Series ProSAFE Managed Switches Table 10. TACACS+ Log Messages Component Message Cause TACACS+ TACACS+: authentication error, no server TACACS+ request needed, but no servers to contact are configured. TACACS+ TACACS+: connection failed to server TACACS+ request sent to server x.x.x.x x.x.x.x...
Page 538 M4100 Series ProSAFE Managed Switches Table 14. EmWeb Log Messages Component Message Cause EmWeb EMWEB (Telnet): Max number of Telnet A user attempted to connect via telnet login sessions exceeded when the maximum number of telnet sessions were already active.
Page 539 M4100 Series ProSAFE Managed Switches Table 16. WEB Log Messages Component Message Cause Max clients exceeded This message is shown when the maximum allowed java client connections to the switch is exceeded. Error on send to sockfd XXXX, closing Failed to send data to the java clients connection through the socket.
Page 540 M4100 Series ProSAFE Managed Switches Table 18. SSHD Log Messages Component Message Cause SSHD SSHD: Unknown UI event in message, Failed to dispatch the UI event to the event=XXXX appropriate SSHD function as it’s an invalid event. XXXX indicates the event to be dispatched.
Page 541: Switching
M4100 Series ProSAFE Managed Switches Table 20. User_Manager Log Messages Component Message Cause User_Manager User Login Failed for XXXX Failed to authenticate user login. XXXX indicates the user name to be authenticated. User_Manager Access level for user XXXX could not be Invalid access level specified for the user.
Page 542 M4100 Series ProSAFE Managed Switches Table 22. IP Subnet VLANS Log Messages Component Message Cause IPsubnet vlans ERROR vlanIpSubnetSubnetValid :Invalid Occurs when an invalid pair of subnet and subnet netmask has come from the CLI IPsubnet vlans IP Subnet Vlans: failed to save...
Page 543 M4100 Series ProSAFE Managed Switches Table 23. Mac-based VLANs Log Messages Component Message Cause Mac based vlanMacVlanChangeCallback: Failed to Appears when a dtl fails to add an entry for VLANS add an entry a VLAN add notify event. Mac based...
Page 544 M4100 Series ProSAFE Managed Switches Table 25. IGMP Snooping Log Messages Component Message Cause IGMP Snooping Failed to set igmp mrouter mode %d for Failed to set VLAN multicast router mode interface xxx on VLAN yyy due to IGMP Snooping message queue...
Page 545 M4100 Series ProSAFE Managed Switches Table 27. 802.3ad Log Messages Component Message Cause 802.3ad dot3adReceiveMachine: received default Received a LAG PDU and the RX state event %x machine is ignoring this LAGPDU 802.3ad dot3adNimEventCompletionCallback, The event sent to NIM was not completed...
Page 546 M4100 Series ProSAFE Managed Switches Table 32. 802.1Q Log Messages Component Message Cause 802.1Q dot1qIssueCmd: Unable to send message dot1qMsgQueue is full. %d to dot1qMsgQueue for vlan %d - %d msgs in queue 802.1Q dot1qVlanCreateProcess: Attempt to Accommodates for reserved vlan ids. that create a vlan with an invalid vlan id %d ;...
Page 547: Qos
M4100 Series ProSAFE Managed Switches Table 35. Protocol-based VLANs Log Messages Component Message Cause Protocol Based pbVlanCnfgrInitPhase2Process: Unable to Appears when nimRegisterIntfChange fails VLANs register NIM callback to register pbVlan for link state changes. Protocol Based pbVlanCnfgrInitPhase2Process: Unable to Appears when vlanRegisterForChange...
Page 548: Routing/Ipv6 Routing
M4100 Series ProSAFE Managed Switches Table 38. DiffServ Log Messages Component Message Cause DiffServ diffserv.c 165: diffServRestore Failed to While attempting to clear the running reset DiffServ. Recommend resetting configuration an error was encountered in device removing the current settings. This might lead to an inconsistent state in the system and resetting is advised.
Page 549 M4100 Series ProSAFE Managed Switches Table 40. OSPFv2 Log Messages (continued) Component Message Cause OSPFv2 Warning: OSPF LSDB is 90% full (22648 OSPFv2 limits the number of Link State LSAs). Advertisements (LSAs) that can be stored in the link state database (LSDB). When the database becomes 90 or 95 percent full, OSPFv2 logs this warning.
Page 550 M4100 Series ProSAFE Managed Switches Table 42. Routing Table Manager Log Messages Component Message Cause Routing Table RTO is full. Routing table contains 8000 The routing table manager, also called Manager best routes, 8000 total routes. “RTO,” stores a limited number of best routes, based on hardware capacity.
Page 551: Multicast
M4100 Series ProSAFE Managed Switches Table 45. RIP Log Message Component Message Cause RIP : discard response from xxx via When RIP response is received with a unexpected interface source address not matching the incoming interface’s subnet. Table 46. DHCP6 Log Message...
Page 552 M4100 Series ProSAFE Managed Switches Table 49. IGMP-Proxy Log Messages Component Message Cause IGMP-Proxy Error getting memory for igmp host group When we are unable to allocate memory for record the IGMP group record in the Host (Proxy) table IGMP-Proxy...
Page 553: Stacking
M4100 Series ProSAFE Managed Switches Table 51. PIM-DM Log Messages Component Message Cause PIM-DM Out of memory when creating xxx This message is logged when there is insufficient memory to accommodate a new neighbor/(S,G) Entry, Prune, Graft, Join etc. PIM-DM Error entry->ll_xxx LL creation error...
Page 554 M4100 Series ProSAFE Managed Switches Technologies Table 54. System General Error Messages Component Message Cause Invalid USP unit = x, slot = x, port =x A port was not able to be translated correctly during the receive. In hapiBroadSystemMacAddress call to...
Page 555 M4100 Series ProSAFE Managed Switches Table 54. System General Error Messages Component Message Cause USL: A Trunk being created by bcmx Possible synchronization issue between already existed in USL the application, hardware, and sync layer USL: A Trunk being destroyed doesn't exist...
Page 556: O/S Support
M4100 Series ProSAFE Managed Switches Table 54. System General Error Messages Component Message Cause USL: failed to sync L3 Route table on unit= Could not synchronize unit x due to a transport failure or API issue on remote unit. A synchronization retry will be issued...
Page 557 M4100 Series ProSAFE Managed Switches Table 55. OSAPI Log Messages (continued) Component Message Cause OSAPI osapiCleanupIf: NetIPGet During the call to remove the interface from the route table, the attempt to get an ipv4 interface address from the stack failed.
Page 558 Command List {deny | permit} (IP ACL) ..............300 {deny | permit} (IPv6) .
Page 559 M4100 Series ProSAFE Managed Switches boot system ................332 bootfile .
Page 560 M4100 Series ProSAFE Managed Switches clear mac-addr-table ...............367 clear pass .
Page 561 M4100 Series ProSAFE Managed Switches debug ipv6 ospfv3 packet ..............417 debug ipv6 pimdm packet .
Page 562 M4100 Series ProSAFE Managed Switches dos-control tcpfinurgpsh ..............208 dos-control tcpflag .
Page 563 M4100 Series ProSAFE Managed Switches green-mode energy-detect ..............524 hardware-address .
Page 564 M4100 Series ProSAFE Managed Switches ip http authentication ...............462 ip http java .
Page 565 M4100 Series ProSAFE Managed Switches lacp actor admin state individual ............. .111 lacp actor admin state longtimeout .
Page 566 M4100 Series ProSAFE Managed Switches logging persistent ................358 logging syslog .
Page 567 M4100 Series ProSAFE Managed Switches mode dot1q-tunnel ............... . . 63 mode dvlan-tunnel .
Page 568 M4100 Series ProSAFE Managed Switches poe power management ..............320 poe priority .
Page 569 M4100 Series ProSAFE Managed Switches random-detect exponential weighting-constant ..........266 random-detect queue-parms .
Page 570 M4100 Series ProSAFE Managed Switches set igmp querier timer expiry ..............165 set igmp querier version .
Page 571 M4100 Series ProSAFE Managed Switches show dhcp l2relay all ...............135 show dhcp l2relay interface .
Page 572 M4100 Series ProSAFE Managed Switches show ip brief ................241 show ip dhcp binding .
Page 573 M4100 Series ProSAFE Managed Switches show lldp remote-device detail ............. . .189 show lldp statistics .
Page 574 M4100 Series ProSAFE Managed Switches show port-channel brief ..............124 show port-channel system priority .
Page 575 M4100 Series ProSAFE Managed Switches show sysinfo ................350 show tacacs .
Page 576 M4100 Series ProSAFE Managed Switches sntp client mode ................375 sntp client port .
Page 577 M4100 Series ProSAFE Managed Switches storm-control multicast rate (Global Config) ...........103 storm-control multicast rate (Interface Config) .
Page 578 M4100 Series ProSAFE Managed Switches username unlock ................469 vlan .

NETGEAR M4100 Series ProSAFE Reference Manual

Table of Contents

Chapter 1 Using the Command-Line Interface

Chapter 2 Switching Commands

Chapter 3 Multicast VLAN Registration Commands

Chapter 4 Routing Commands

Chapter 5 Quality of Service Commands

Chapter 6 Power over Ethernet Commands

Chapter 7 Utility Commands

Chapter 8 Management Commands

Chapter 9 Green Ethernet Commands

Chapter 10 Log Messages

Quick Links

Chapters

Related Manuals for NETGEAR M4100 Series ProSAFE

Summary of Contents for NETGEAR M4100 Series ProSAFE