Gebruiksaanwijzing /service van het product 548B van de fabrikant Fortinet
Ga naar pagina of 976
FortiSwitch-548B V ersion 5.2.0.2 User Guide.
FortiSwitch-548B User Guide Version 5.2.0.2 Revision 2 15 December 2010 © Copyright 2010 Fortinet, Inc. All rights reserve d. No part of this publication including text, examples, diagrams or illustr.
- 3 - T able of Content s 1. Introduction .................................................................................................................. 6 1.1 Scope ..................................................................................
- 4 - 7.2 Device Configuration Commands ....................................................................... 42 7.3 Management Commands ................................................................................. 153 7.4 S panning T ree Commands .
- 5 - 9.4 Multicast Commands ........................................................................................ 513 9.5 Protocol Independent Multicast – Dense Mode (PIM-DM) Commands ............ 519 9.6 Protocol Independent Multicast – S parse Mode (PIM-SM) Commands .
- 6 - 1. Introduction 1.1 Scope This document describes: how to install the FortiSwitch-548B switch (the Switch) how to use the CLI console to manage the Switch how to use the web-based manag ement interface to configure the Switch 1.2 Documentation The Fortinet Technical Documentation web site, http://docs.
- 7 - To learn about the training services that Fortinet prov ides, visit the Fortinet Trai n ing Service s web site at http://campus.training.fortinet.
- 8 - 2. Product Overview 2.1 Switch Description FortiSwitch-548B is a SFP+ 10-Gigabit Ether net backbone switch designe d for adapta bility and scalability.
- 9 - • VLAN routing support • IP Multicast support • IGMP v1, v2, and v3 support • DVMRP support • Protocol Independent Multicast - Dense M ode (PIM -DM) su pport for IPv4 and IPv6 • Prot.
- 10 - 2.3 Front-Panel Components The front panel of the Switch consists of 48 10-Gig abit interfaces, 2 LED indicators, 1 built-in 10 00/100/10 RJ-45 Ethernet service ports, an RS-2 32 communication port, and 48 port LEDs. The upper LED indicators d i splay po wer status.
- 1 1 - 2.6 Management Options The system may be managed by using one Service Ports through a Web Browswer,Telent, SNMP function and using the con sole port on the front panel through CLI comm and.
- 12 - • RFC 3289 - DIFFSERV-DSCP-TC • RFC 3289 - DIFFSERV-MIB • QOS-DIFFSERV-EXTENSIONS-MIB • QOS-DIFFSERV-PRIVATE-MIB • RFC 2674 802.1p • RFC 2932 (IPMROUTE-MIB) • Fortinet Enterprise .
- 13 -.
- 14 - 3. Installation and Quick Startup 3.1 Package Contents Before you begin installing the Switch, confirm that your package contai n s the following item s: • One FortiSwitch-548B Layer III 10-G.
- 15 - 3.2 Switch Installation Installing the Switch Without the Ra ck 1. Install the Switch on a level surface that can safely su pport the we ight of the Switch and its attached cables. The Switch must have adequ ate space fo r ventilation and for accessing cable connectors.
- 16 - 3.3 Installing the Switch in a Rack You can install the Switch in most standard 19-inch (48. 3-cm) racks. Refer to the illustrations below. 1. Use the supplied screws to attach a mounting bra cket to each side of the Switch. 2. Align the holes in the mounting bracket with the holes in the rack.
- 17 - 3.4 Quick Starting the Switch 1. Read the device Installation Guide for the connectiv ity procedure. In-ban d conn ectivity allows access to the FortiSwitch-548B Series Switch locally. From a remote workstation,the device must be configured with IP information (IP address, subnet mask, and defa ult gateway).
- 18 - 3.5 System Information Setup 3.5.1 Quick Start up Software Version Information T able 2-1. Quick St art up Software V ersion Information Command Details show hardware Allows the user to see the.
- 19 - (Read/Write) or is only able to view (Read Only). As a factory default, admin has Read/Write access and guest has Rea d Only access. There can only be one Read/Write user and up to 5 Read Only users.
- 20 - Management VLAN Id - Specifies VLAN id Web Mode - Indicates whet her HTTP/Web is enabled. Java Mode - Indicates whether java mod e is enabled. ip address (Config)# interface vlan 1 (if-vlan 1)# ip address <ipaddr> <netm ask> (if-vlan 1)# exit (Config)# ip default-gateway <gateway> IP Address range from 0.
- 21 - copy <url> startup-config <filename> Sets the download datatype to be an image or config file. The URL must be specified as: tftp://ipAddr/filepath/fileName. The startup-config option downloads the config file using tftp and image option downloads the code file.
- 22 - 4. Console and Telnet Administration Interface This chapter discusses many of the feature s used to manage the Switch, and explains many concepts and important points rega rd ing these features. Configuring the Switch to impleme nt these concepts is discussed in detail in chapter 6.
- 23 - • The console port is set for the following config uration: • Baud rate: 11,520 • Data width: 8 bits • Parity: none • Stop bits: 1 • Flow Control: none A typical console connection .
- 24 - 4.3 Set Up your Switch Using Telnet Access Once you have set an IP address for your Switch, you can use a Telnet program (in a VT-100 compatible terminal mode) to access and control the Switch. Mo st of the screens a re id entical, whether accessed from the console port or from a Telnet interface.
- 25 - 5. Web-Based Management Interface 5.1 Overview The Fortinet FortiSwitch-548B Series Layer III plus QoS Managed Switch provides a built-in browser interface that lets you configure and manage it remo tely using a standard Web br owser such as Microsoft Internet Explorer 5.
- 26 - 5.2 How to log in The Fortinet FortiSwitch-548B Series Layer III plus QoS Managed Switch can be configured remotely from Microsoft Internet Explorer (version 5.0 or above), or Mozilla FireFox (versi on 3.6 or above). 1. Determine the IP address of your managed switch.
- 27 - 5.3 Web-Based Management Menu Menus The Web-based interface enables navigation through several menus. The main navigation menu is on the left of every page and contains the screens that let y ou access all the commands and statistics the swit ch provides.
- 28 - Secondary Menus The Secondary Menus u nder the Main M enu contain a hos t of optio ns that you can use to conf igure your switch. The online help co ntains a d etailed description of the features on each screen. You can cli ck the ‘help’ or the question mark at the top righ t of each screen to view the help menu topics.
- 29 - • MAC-based VLAN — see “MAC-base d Comm ands” • MAC-based Vocie VLAN — see “MAC-based Voci e VLAN Commands” • Voice VLAN — see “Voice VLAN Commands” • Filters — see .
- 30 - • Secure HTTP — see “HTT P Comman ds” • Secure Shell — see “Secure Shell (SSH) Command s” IPv6 • OSPFv3 — see “OSPFv3 Configuration Comma nd s” • IPv6 Routes — see .
- 31 - 6. Command Line Interface St ructure and Mode-based CLI The Command Line Interface (CLI) syntax, conventions , and termi nology are described in this section. Each CLI command is illustrated us ing the structure outlined b elow. 6.1 CLI Command Format Commands are followed by values, parameters, or b oth.
- 32 - 6.2 CLI Mode-based Topology Parameters Parameters are order dependent. The text in bold italics should be replaced with a name or n umber . T o use spaces as p art of a name parameter , enclose it in double quotes like this: "System Name with S paces".
- 33 - Conventions Network addresses are used to define a link to a rem ote host, workstation, or network. Netw ork addresses are shown usin g the followin g syntax: T able 5-1. Network Address Synt a x Address Type Format Range IPAddr A.B.C.D 0.0.0.0 to 255.
- 34 - 7. Switching Commands le 7.1 System Information and Statistics commands 7.1.1 show arp This command displays co nne ctivity between the switch and other devices. The Address Resolution Protocol (ARP) cache identifies t he MAC addre sses of the IP stati ons comm uni cating with the switch.
- 35 - 7.1.3 show process cpu This command provides the percentage utiliz ation of the CPU by different tasks. Syntax show process cpu i It is not necessarily the traffic to the CPU, but different tas.
- 36 - 7.1.4 show eventlog This command displays the event log, which contains error messages from t he system, in the Primary Management System or in the specified unit. T he event log is not cleared on a sy stem reset. Syntax show eventlog [unit] unit - The unit number of the remote sy stem.
- 37 - Default Setting None Command Mode Privileged Exec 7.1.6 show sysinfo This command displays switch brie f information and MIBs sup ported. Syntax show sysinfo Default Setting None Command Mode Privileged Exec Display Message System Description: The text used to identify this switch.
- 38 - Display Message System Description: Text used to identify this switch. System Object ID: The manufacturin g ID System Information System Up Time: The time in days, hours a nd min utes since the last switch reboot. System Name: Name u sed to identify the switch.
- 39 - Default Setting None Command Mode Privileged Exec Display Message System Description: Text used to iden tify the product name of thi s switch. Machine Type: Specifies the machine model as defined by the Vital Product Data. Machine Model: Specifies the machine model as defined by the Vital Produ ct Da ta.
- 40 - Name: Name provided by Power Supply vendor. Model: Model Number provided by Power Supply ven dor. Revision Number: Revisi on Num b e r provided by Power Supply vendor. Manufacturer Location: Location provi ded by Power Supply vendor. Date of Manufacturing: Date of Manufacturing provided by Powe r Supply vend or.
- 41 - Serial Number: The unique box serial n umber for this switch. Hardware Version: The hardware versi on of this switch. It is divided into four parts. The first byte is the major version and the second byte repre se nts the minor version. Number of ports: Total number of port for this swirch system.
- 42 - 7.1.12 show command filter This command displays the information that begin/include/exclude t he regular expression. Syntax show command [| begin/include/exclude <LINE > ] Default Setting.
- 43 - Source: This port is a monitoring port. PC Mbr: This port is a member of a port-channel (LAG). Dest: This port is a probe port. Admin Mode: Selects the Port control administration state. The port must be enabled in order for it to be allowed into the network.
- 44 - Broadcast Packets Recei v ed: The total number of packets rece ived that were directed to the broadcast address. Note that this doe s not include multicast packe ts. Packets Transmitted Without Error: The total numb er of packets transmitted out of the interface.
- 45 - Total Packets Received (Octets): The total number of octets of d ata (including those in bad packets) received on the network (excluding frami ng bi ts but including FCS octets). This object can be used as a reasonable estimate of Ethernet utiliz ation.
- 46 - Packets RX and TX 4096-9216 Oc tets: The total number of packets (including bad packets) received that were between 4096 and 9216 octets in length inclusive (excludi ng framing bits but including FCS octets).
- 47 - Packets Transmitted 1024-15 18 Octets: The total number of packets (in cludin g bad pa ckets) received that were between 1024 and 1518 octets in length inclusive (excludi ng framing bits but including FCS octets).
- 48 - RSTP BPDUs Received: Rapid Spanning Tree Proto col Brid ge Protocol Data Units received. MSTP BPDUs Transmitted: Multiple Spanning Tree Protocol Bri d ge Protocol Data Units sent. MSTP BPDUs Received: Multiple Spanning Tree Protocol Bridge Protocol Data Units received.
- 49 - Most VLAN Entries Ever Used: The large st number of VLANs that have been active on this switch since the last reboot. Static VLAN Entries: The number of presently active VLAN entries on this swit ch that have been created statically.
- 50 - Syntax interface <slot/port> <slot/port> - is the de sired interface num ber. Default Setting None Command Mode Global Config 7.2.1.5 speed-duplex This command is used to set the spee d and duplex mode for the int erface. i The 10-Giga interfaces will not provide the following command.
- 51 - Default Setting None Command Mode Global Config 7.2.1.6 negotiate This command enables a utomatic negotiation on a port. The default value is enabl ed. i The 10-Giga interfaces will not provide the followin g command. Syntax negotiate no negotiate no - This command disab l es autom atic negotiation on a port.
- 52 - 7.2.1.7 capabilities This command is used to set the capa bilities on specific interfa ce. i The 10-Giga interfaces will not provide the followin g command.
- 53 - Command Mode Global Config 7.2.1.8 storm-control flowcontrol This command enables 802.3x flow control for the switch. i 802.3x flow control only applies to full-duplex mode ports. Syntax storm-control flowcontrol no storm-control flowcontrol no - This command disa b les 802.
- 54 - 7.2.1.9 storm-control flowcontrol pfc The PFC function is disabled by default. Only af ter enabling it, the PFC process also start s. Once the feature is enabled, the original basic IEEE 802.3x P AUSE control cannot be enabled. It means these two features cannot be enabled at the same time.
- 55 - no - This command enables all po rts. Default Setting Enabled Command Mode Global Config 7.2.1.11 description This command is used to create an alph a-numeric description of the port. Syntax description <description> no description no - This command removes the description of the port.
- 56 - Interface Config 7.2.2 L2 MAC Address and Multicast Forwarding Database Tables 7.2.2.1 show mac-addr-table This command displays the forwarding database entries. If the command is entered with no p a rameter, the entire table is displayed. This is the same as entering the optional all paramet er.
- 57 - 7.2.2.2 show mac-addr-table count This command displays the total forwarding databas e entries, the number of static and learn ning mac address, and the max address available on the switch.
- 58 - Static: The v alue of the correspondi ng instance was adde d by the system or a user when a static MAC filter was defined. It cannot be relearned. Learned: The value of the correspondin g instan ce was learned by observing the source MA C addresses of incoming traffic, and is currently in use.
- 59 - GMRP Learned: The value of the correspo nding in stance was l earned via GM RP and ap pli es to Multicast. Other: The value of the corre sp onding instance does not fall into one of the othe r categories.
- 60 - Typ e: This display s the type of the ent ry. Static entries are those that are configured by the end user. Dynamic entries are added to the table as a re sult of a learning process or protocol. Description: The text description of this multicast table entry.
- 61 - Syntax show mac-address-tabl e st ats Default Setting None Command Mode Privileged Exec Display Message Max MFDB Table Entries: This di splays the total number of entries that can possibly be in the MFDB.
- 62 - 300 Command Mode Global Config 7.2.3 VLAN Management 7.2.3.1 show vlan This command displays brief informat ion on a list of all configured VLANs. Syntax show vlan Default Setting None Command Mode Privileged Exec Display Message VLAN ID: There is a VLAN Identifier (vla nid) associated with each VLAN.
- 63 - Display Message VLAN ID: There is a VLAN Identifier (VID) asso ciated with each VLAN. The range of the VLAN ID is 1 to 3965. VLAN Name: A string associated with this VLAN a s a conve nien ce. It can be up to 16 alphanumeri c characters, including blanks.
- 64 - Privileged Exec Display Message MAC Address: A unicast MAC address for whi c h the switch ha s forwarding and/or filtering information. The format is 6 or 8 two-digit hexade cimal numbe rs that are separated by colons, for example 01:23:45:67:89:AB.
- 65 - Default Setting None Command Mode Privileged Exec Display Message Group Name: This field displays the group nam e of an ent ry in the Protocol-ba sed VLAN table. Group ID: This field displays the group identifier of the protocol g ro up. Protocol(s): This field indicate s the type of protocol(s) for this group.
- 66 - 7.2.3.7 vlan database This command is used to enter VLAN Int erface configuration mode Syntax vlan database Default Setting None Command Mode Global Config 7.2.3.8 vlan This command crea tes a n ew VLAN and assign s it an ID. The ID is a valid VLAN identification number (ID 1 is reserved fo r the def ault VLAN).
- 67 - no - This command sets the name of a VLAN to a blank string. The VLAN ID is a valid VLAN identification number. ID range is 1-3965 . Default Setting The name for VLAN ID 1 is always Default. The nam e for other VLANs is defaul ted to a blank string.
- 68 - 7.2.3.12 vlan makestatic This command change s a dynamically created VLAN ( one that is created by GVRP registration) to a static VLAN (one that is permanent ly configured and defined). The ID is a valid VLAN identification number. VLAN range is 2-3965.
- 69 - frames received on this int erface are accepte d and assi gned the value of the interface VLAN ID for this port. With either option, VLAN tagged frames are forwarded in accordance with the IEEE 802.
- 70 - 7.2.3.15 switchport ingress-filtering This command enables in gress filtering. If ingress filt ering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the rece iving interface are admitted and forwarde d to ports that are members of that VLAN.
- 71 - 7.2.3.16 switchport native vlan This command changes the VLAN ID per interface. Syntax switchport native vlan <vlanid> no switchport native vlan <vlanid> <vlanid> - VLAN ID (Range: 1 –3965). no - This command sets the VLAN ID p er interface to 1.
- 72 - <vlan-list> - VLAN ID (Range: 1 –3965) – separate non- consecutive IDs with ',' and no spaces and no zeros in between the ra nge; Use '-' for range. add - The interface is always a membe r of this VL AN. This is equiva lent to regist ration fixed.
- 73 - Syntax switchport tagging <vlan-li st> no switchport tagging <vlan-list > <vlan-list> - VLAN ID (Range: 1 –3965) – separate non- consecutive IDs with ',' and no spaces and no zeros in between the ra nge; Use '-' for range.
- 74 - switchport forbidden vlan {add | remove } <vlan-list> no switchport forbidden <vlan-list> - VLAN ID (Range: 1 –3965) – separate non- consecutive IDs with ',' and no spaces and no zeros in between the ra nge; Use '-' for range.
- 75 - Default Setting 0 Command Mode Global Config 7.2.3.21 switchport protocol group This command adds the ph ysical <slot/port> interface to the protocol-based VLAN identified b y < group-name> . A group may have more than one interface associat ed with it.
- 76 - Global Config This command adds all ph ysical inte rfaces to the protocol-based VLAN identified by < group-name> . A group may have more th an one interface asso ciated with it. Each int erface and protocol combination can only be associated with one group.
- 77 - None Command Mode Global Config 7.2.4 Double VLAN commands 7.2.4.1 show dvlan-tunnel/ dot1q-tunnel This command is used without the optional param eters to display all interfaces enabled for Double VLAN Tunneling.
- 78 - Default Setting Vman Command Mode Interface Config 7.2.4.3 switchport dvlan-tunnel/ dot1q-tunnel This command is used to enable Doubl e VLAN Tunneling on the specified interface. Syntax switchport {dvlan-tunnel|d ot1q-tunnel} no switchport {dvlan-tunnel |dot1q-tun nel} Default Setting Disable Command Mode Interface Config 7.
- 79 - GVRP Admin Mode: This display s the admini strativ e mode of GARP VLAN Registration Protocol (GVRP) for the system. 7.2.5.2 show gvrp configuration This command displays Ge neric Attributes Registra tion Protocol (GARP) information for one o r all interfaces.
- 80 - 7.2.5.3 show gmrp configuration This command displays Ge neric Attributes Registra tion Protocol (GARP) information for one o r All interfaces. Syntax show gmrp configuration {<slot/port > | all} <slot/port> - An interface numbe r. all - All interfaces.
- 81 - Syntax show garp configuration {<slot/port > | all} <slot/port> - An interface numbe r. all - All interfaces. Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: This displays the slot/port of the interfa c e that this row in the table describes.
- 82 - 7.2.5.6 bridge-ext gmrp This command enables GARP Multicast Registration Protocol (GM RP) on the system. The default value is disabled. Syntax bridge-ext gmrp no bridge-ext gmrp no - This command disab l es GA RP Multicast R egi stration Protocol (GMRP) on the system.
- 83 - all - All interfaces. no - This command disab l es GV RP (GARP VLAN Regi stration Protocol) for all ports. If GVRP is disabled, Join Time, Leave Time, and Leave All Time have no effect. Default Setting Disabled Command Mode Global Config 7.2.5.
- 84 - all - All interfaces. no - This command disab l es GM RP Multicast Registration Protoc ol on a sel ected interface. Default Setting Disabled Command Mode Global Config 7.2.5.9 garp timer This command sets the GVRP join time per po rt and per GARP.
- 85 - garp timer join all < 10-100 > no garp timer join all <10-100> - join time (Range: 10 – 100) i n centiseconds. all - All interfaces. no - This command sets the GVRP join time for a ll ports and per GARP to 20 centiseconds (0.2 seconds).
- 86 - This command sets the GVRP leave time per po rt. Le ave time is the time to wait after receiving an unregister request for a VLAN or a mult icast grou p b efore deleting the VLAN entry. This can be considered a buffer time for another stati on to assert registration for the same attribute in ord er to maintain uninterrupted service.
- 87 - Global Config This command sets how freque ntly Lea ve All PDUs are generated per port. A Leave All PDU indicate s that all registrations will be unre giste red. Partic ipants would need to rejoin in o rd er to maintain registration. The value applies per port an d per GARP participation.
- 88 - Default Setting 1000 centiseconds (10 secon ds) Command Mode Global Config 7.2.6 IGMP Snooping 7.2.6.1 ip igmp snooping The user can go to the CLI Global Configuration Mode to set IGMP Snooping on the system, use the ip igmp snooping global configuration command.
- 89 - 7.2.6.3 ip igmp snooping fast-leave The user can go to the CLI Global/Interface Configur ation Mode to set IGMP Snooping fa st-lea ve admin mode on a selected interface or all interf aces, use the ip igmpsnooping fast-leave global/interface configuration command.
- 90 - 7.2.6.5 ip igmp snooping max-response-time The user can go to the CLI Interface Global/Interf ace Config uratio n Mode to set the IGMP Maximum Response time for the sy stem, on a particula r interface, use the ip i gmp snooping max-response-time <1-25> global /interface con figuration co mmand.
- 91 - 7.2.6.7 ip igmp snooping mrouter interface The user can go to the CLI Interface Configurati on Mo de to configure the interface as a multicast router-attached interface or configure the VLAN ID.
- 92 - Syntax set igmp fast-leave <vlanid> no set igmp fast-leave <vlanid> <vlanid> - VLAN ID (Range: 1 – 3965). Default Setting Disabled Command Mode VLAN Mode 7.
- 93 - < vlanid > - VLAN ID (Range: 1 – 396 5). <1-25> -- This value must be less than t he IGMP Que ry Interval time value. The range is 1 to 25 seconds.
- 94 - <slot/port> - Interface number. Default Setting None Command Mode Global Config 7.2.6.14 show ip igmp snooping The user can go to the CLI Privilege Exe c to get all of igmp snoopin g information, use the show ip igmp snooping Privilege comm and.
- 95 - When you specify a value for <vlani d>, the following informatio n appears. VLAN ID : VLAN Id IGMP Snooping Admin Mode : Indicates whether IGMP Snooping is active on the VLAN. Fast Leave Mode : Indicates whether IGMP Snooping Fast L eave is active on the VLAN.
- 96 - <slot/port> - Interface number. Default Setting None Command Mode Privilege Exec Display Message VLAN ID : Displays the list of VLANs of which the interface is a me mber. Slot/Port : Shows the interface on which multica st rout er inform ation is being displayed.
- 97 - Default Setting None Command Mode Privilege Exec Display Message MAC Address : A multicast MAC add ress for which the swit ch has f orwarding or filtering inform ation. The format is twodigit hexadecimal num bers t hat are sep arated by colons, for example 01:00:5e:67:89:AB.
- 98 - Default Setting 0.0.0.0 Command Mode Global Config 7.2.7.3 ip igmp snooping querier query-interval The user can go to the CLI Global Configuration M ode to set IGMP snooping querier query interval, use the ip igmp snooping querier query-interv al <1-1800> global configuration command.
- 99 - 7.2.7.5 ip igmp snooping querier version The user can go to the CLI Global Configuration M ode to set IGMP snooping querier version, us e the ip igmp snooping querier version <1-2> global configuration command. Use the no ip igmp snooping querier version return to default value zero.
- 100 - 7.2.7.7 ip igmp snooping querier vlan address The user can go to the CLI Global Configuration M ode to set IGMP snooping querier vlan add re ss, use the ip igmp snooping querier vlan <1-3965> addr e ss <ip-address> global configuratio n command.
- 101 - Syntax show ip igmp snooping que rier Command Mode Privilege Exec Display Information IGMP Snooping Querier Mode: Administrative mod e for IGMP Snoopi ng. The default is disable. Querier Address: Specify the Snooping Queri er Address to be used as source address in periodic IGMP queries.
- 102 - Operational Version: Displays the operational IGMP protocol version of the querier. 7.2.7.11 show ip igmp snooping querier detail This command display all of IGMP snoop ing que rier information on the system.
- 103 - User Exec Display Message When the optional arguments <slot/port> or <vl anid> are not used, the comm and displays the following information. Admin Mode: Indicates whether or not MLD Snoopin g is active on the switch. Interfaces Enabled for MLD Snooping: Interfa ce s on which MLD Snooping is enabled.
- 104 - show ipv6 mld snooping mrouter inte rface <slot/port> Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: Shows the interface on whi ch multicast router information is being displayed. Multicast Router Attached: Indicate s whether multicast router is statically ena bled on the interface.
- 105 - Syntax show ipv6 mld snooping st atic Default Setting None Command Mode Privilege Exec User Exec Display Message VLAN: The VLAN ID used with the MAC address to fully identify packets you want L2Mca st Group. MAC Address: The MAC address of the L2Mcast Gr oup in the format 33:33:xx:xx:xx:xx.
- 106 - 7.2.8.6 ipv6 mld snooping The user can go to the CLI Global Configuration Mode to set MLD Snooping on th e system , use the ipv6 mld snooping global configuration com mand. Use the no ipv6 mld snooping to disable ML D Snooping on the system. Syntax Ipv6 mld snooping no ipv6 mld snooping Default Setting Disabled Command Mode Global Config 7.
- 107 - Disabled Command Mode Global Config Interface Config 7.2.8.9 ipv6 mld snooping fast-leave The user can go to the CLI Global/Interface Config uration Mode to set MLD Snoo ping fast-leave admin mode on a selected interface or all interf aces, use the ip v 6 mld snooping fast-leave global/interface configuration command.
- 108 - 7.2.8.11 ipv6 mld snooping max-response-time The user can go to the CLI Interface Global/Inte rface Configuration Mode to set the MLD Maximum Response time for the system, on a p articular interface, use the ipv6 mld snooping max-response-time <1-65> global /interface con figuration co mmand.
- 109 - Syntax Ipv6 mld snooping mrouter interface interface|<vlanI d> no ipv6 mld snooping mrouter interface|<vlanId> Default Setting None Command Mode Interface Config 7.2.8.14 ipv6 mld snooping static The user can go to the Glo bal Mode and add a po rt to ipv6 multicast group, use the ipv6 mld snooping static Global command.
- 1 10 - 7.2.8.16 set mld fast-leave The user can go to the CLI VLAN Configuration Mode to set MLD Snooping fast-leave admin mode on a particular VLAN, use the set mld fas t-leave <vlanid> vlan configuration command. Use th e no set mld fast-leave <vlanid> disabl e MLD Snooping fas t-leave admin mode.
- 1 1 1 - 10 Command Mode VLAN Mode 7.2.8.19 set ipv6 mld mcrtrexpiretime The user can go to the CLI Interface VLAN Confi guration Mode to set the Multicast Router Present Expiration time on a particular VLAN, use the set mld mcrtrexpiretime <v lanid> <0-3600> vlan configuration command.
- 1 12 - MLD Version: Specify the MLD protocol version u se d in periodic MLD querie s. Querier Query Interval: Specify the time interval in seco nd s between periodic queries sent by the snooping querier. The Q uery Interval must be a value in the range of 1 and 1800.
- 1 13 - Syntax show ipv6 mld snooping q uerie r detail Default Setting None Command Mode Privileged Exec User Exec Display Message MLD Snooping Querier Mode: Admi n istrative mode for MLD Snooping. The default is disable Querier Address: Specify the Snooping Queri er Address to be used as source address in periodic MLD queries.
- 1 14 - 7.2.9.5 ipv6 mld snooping querier address The user can go to the CLI Global Configuration Mode to set MLD snooping querier address, use the ipv 6 mld snooping querier address <ipv6-addres s> global configuration comman d. Use the ipv6 mld snooping querier address <ipv 6-address> return to default value zero.
- 1 15 - Command Mode Global Config 7.2.9.8 ipv6 mld snooping querier vlan The user can go to the CLI Global Configuration Mode to set MLD sn ooping querier vlan admin mode, use the ipv6 mld snooping querier vlan <1-3965> global configu ration command.
- 1 16 - Syntax ipv6 mld snooping querier vlan electio n participate <1-3965> no ipv6 mld snooping querier vlan ele ction parti cipate <1-3965> Default Setting Disabled Command Mode Global Config 7.
- 1 17 - Syntax show port-channel <logi cal slot/port> <logical slot/port> - The port-channel interface numb er. Default Setting None Command Mode Privileged Exec Display Message Log. Intf: The logical slot and the logical port. Channel Name: The nam e of this port-cha nnel (LAG).
- 1 18 - Channel Name: The nam e of this port-cha nnel (LAG). You may enter any string of up to 15 alphanumeric characters. Link: Indicates whethe r the Link i s up or down.
- 1 19 - 7.2.10.3 port-channel adminmode all This command sets every configure d port-channel with the same administ rative mode setting. Syntax port-channel adminmode all no port-channel adminmode all no - This command disa bles a port-channel (LA G).
- 120 - <logical slot/port> - The port-channel interface numb er. all - all port-channel interfaces. no - This command disab les link trap notifications for the port -cha nnel (LA G). The interface is a logical slot and port for a configured port-channel.
- 121 - Syntax load-balance { src-mac| dst-mac | dst-src-ma c | src-ip | dst-ip| dst-src-ip } no load-balance src-mac - Sets the mode on the source MAC address. dst-mac - Sets the mode on the destination MAC address. dst-src-mac - Sets the mode on the source and desti nation MAC a ddresses.
- 122 - 7.2.10.8 port-channel system priority This command defines a system priority for the port-chann el (LAG ). Syntax port-channel system priority <prio rity-value> <priority-value> - valid value 0-65535. Default Setting 32768 Command Mode Global Config 7.
- 123 - no - This command disab l es Lin k Aggregation Control Protocol (LACP) on a port. Default Setting Enabled Command Mode Interface Config This command enables Li nk Aggregation C ontrol Protocol (LACP) on all port s. Syntax lacp all no lacp all all - All interfaces.
- 124 - This command set <actor | partne r> admin state value of Link Aggre gation Contro l Protocol (LACP) on a port. Syntax lacp <actor|partner> a dmin stat e <individual|longtimeout|pa ssive > no lacp <actor|partner> admin st ate <in dividual|longtimeout|passive> individual - Set lacp admin state to individual.
- 125 - Syntax lacp <actor|part ne r> syste m priority <pri ority -va lue> no lacp <actor|partner> system priority <priority-v alue> – range 0-65535. no - This command restores <a ctor | partner> syst em priority value of Link Ag gregation Control Protocol (LACP).
- 126 - Syntax channel-grou p <logi cal slot/port> <logical slot/port> - Port-Channel Interface number. Default Setting None Command Mode Interface Config Command Usage The maximum number of members for each Port-Channel i s 8. 7.2.10.13 delete-channel-group This command deletes the port from the port-ch annel (LAG).
- 127 - Default Setting None Command Mode Global Config 7.2.11 Storm Control 7.2.11.1 show storm-control This command is used to display broad cast sto rm control information. Syntax show storm-control broadcast Default Setting None Command Mode Privileged Exec Display Message Intf: Displays interface number.
- 128 - Intf: Displays interface number. Mode: Displays status of storm control m ulticast. Level: Displays level for storm control m ulticast Rate: Display s rate for storm control multicast.
- 129 - Default Setting Disabled Command Mode Interface Config This command enables b roadcast storm recovery mode on all interface s. Syntax storm-control broadcast no storm-control broadcast no - This command disab l es broad cast storm recovery mode on al l interface s.
- 130 - storm-control multicast no storm-control multicast no - This command disab les multicast st orm recovery mode on all interface s. Default Setting None Command Mode Global Config 7.2.11.4 storm-control unicast This command enables u nicast storm recovery mo de on the selected interface.
- 131 - Global Config 7.2.11.5 switchport broadcast packet-rate This command will protect your net wo rk from broadcast stor ms by setting a threshol d level for broadcast traffic on each port. Syntax switchport broadcast packet-rate { 1 | 2 | 3 | 4} 1 - Threshold level represents 64 pps for 1G Port or 1042 pps for 1 0G port.
- 132 - Command Mode Global Config 7.2.11.6 switchport multicast packet-rate This command will protect your network from multicast stor ms by setting a threshold level for multicast traffic on each port. Syntax switchport multicast packe t-rate {1 | 2 | 3 | 4} 1 - Threshold level represents 64 pps for 1G Port or 1042 pps for 1 0G port.
- 133 - Level 4 Command Mode Global Config 7.2.11.7 switchport unicast packet-rate This command will protect your net work from unicast storms by setting a threshold level for unicast traffic on each port. Syntax switchport unicast packet -rate {1 | 2 | 3 | 4} 1 - Threshold level represents 64 pps for 1G Port or 1042 pps for 1 0G port.
- 134 - Default Setting Level 4 Command Mode Global Config 7.2.12 L2 Priority 7.2.12.1 show queue cos-map This command displ ays the class of se rv ice priority map on sp ecifi c interface. Syntax show queue cos-m ap [<slot/port>] <slot/port> - Interface number.
- 135 - priority queue 0 1 1 0 2 0 3 1 4 2 5 2 6 3 7 3 Command Mode Interface Config 7.2.13 Port Mirror 7.2.13.1 show port-monitor session This command displays the Port monitoring information for the sp ecified se ssion. Syntax show port-monitor session <Sessio n Number> <Session Number> - session numb er.
- 136 - 7.2.13.2 port-monitor session This command configure s a probe port and a monitor ed port for monitor session (po rt monitoring). Use the source interface <slot/port> parameter to specif y the interface to monitor. Use rx to monitor only ingress packets, or use tx to monitor only egress pa ckets.
- 137 - port-monitor sessi on <se ssion-id> mode no port-monitor session <session-id> mode <session-id> - Sessi on ID. no - This command disab les port-monitoring function for a monitor sessio n. Default Setting None Command Mode Global Config 7.
- 138 - Syntax link state [group | [enable <1-6>]] no link state [group <1-6> | [enable <1-6 >]] no - This command disab les link state function. Command Mode Global Config 7.2.14.3 link state group Set upstream port or downstrea m port for a link stat e group.
- 139 - Mode : Indicates whether or not the group is active. MAC Update : Indicates wh ether or not mac-move-update is enabl e on the gro up. Active Port : Display the active port number. Backup Port : Display the active port number. Current Active Port : Display the current active port number.
- 140 - 7.2.16 FIP Snooping 7.2.16.1 show fip-snooping This command displays fip-sno oping whether enable or disable. Syntax show fip-snooping Default Setting None Command Mode Privileged Exec Display Message FIP Snooping: fip-snooping function status.
- 141 - 7.2.16.3 show fip-snooping session This command displays all FIP snooping sessions for the entire system. Syntax show fip-snooping sessi on Default Setting None Command Mode Privileged Exec Display Message FCF MAC: MAC addre ss o f the FCF.. ENode MAC: MAC address of the ENode.
- 142 - 7.2.16.5 show fip-snooping vlan This command displays FIP snoopi ng whether enable or disable on specific VLAN. Syntax show fip-snooping vlan {< 1-3965 > | all} <1 - 3965> - VLAN ID.
- 143 - 7.2.16.7 fip-snooping vlan This command enable s FIP sno oping on a VLAN. VL AN must be configured before it can be use d. Once VLAN is enabled, the FIP packets will be snoo ped only on the confi gured VLANs. FIP snooping is disabled on VLANs by default.
- 144 - 7.2.17.2 show queue ets scheduler-type This command displays ET S function on spec ific interface for the entire system. Syntax show queue ets schedule r -type <slot/po r t> <slot/port> - Interface number.
- 145 - show queue ets pg-mappi ng <slot/port > Default Setting None Command Mode Privileged Exec Display Message Interface: Name of the interface to which the ETS is enabl ed. pg-mapping: ETS priority to priority group mapping list. 7.2.17.5 queue ets The ETS function is disabled by default.
- 146 - WERR - Set ETS scheduler type to WERR no - This command restores the scheduler type to WERR. Default Setting werr Command Mode Interface Config 7.2.17.7 queue ets weight This command configures t he weight ratio of the tw o p riority groups (LAN and SAN) fo r an interface.
- 147 - <0 - 7> - Priority Id from 0 to 7. lan - Sets ETS Priority Id to LAN priority group san - Sets ETS Priority Id to SAN priority group ipc - Sets ETS Priority Id to IPC priority group no - This command restores the priority to pr iority group mapping list to default value.
- 148 - outer CFI: Displays Outer Packet CFI for Congestion Notification Message inner CFI: Displays Inner Packet CFI for Con gestion Notification Message inner Dot1p: Displays Inner Packet Priority for Congestion Notification Message no-generate: Generate CNM or not.
- 149 - Disabled Command Mode Interface Config 7.2.18.4 congestion-notify tag The user can go to the CLI Global Configuration M ode to configure the CNTAG Ether Type is recognize d by parsing stages. Use the ‘con gest ion-notify tag ethertype recogn ize’ glo bal configuration command.
- 150 - 7.2.18.5 congestion-notify enable The user can go to the CLI Global Configuration Mode to enable handling congestion notificatio n message. Use the ‘congestion-notify enable’ global configuration comman d. Use the ‘no congestion-notify enable’ to disable h andling congesti on notification message.
- 151 - Syntax congestion-notify CPID devid < 0-16777215 > no congestion-notify CPID devid <0-16777215> - Thi s com mand sets the Device ID of CPID no - This command confi gure d evice identifier to default value.
- 152 - no congestion-notify outer { CFI | Dot1p | TPID| vlan} <-1-1> - This comm and sets value of CNM's outer VLAN tag's CFI bits. <-1-7> - This comm and sets value of CNM's outer VLAN tag's 802. 1p bits. <0-65535> - This command sets value of CNM's outer VLAN tag's TPID.
- 153 - Syntax congestion-notify no-generate no congestion-notify no-generate no - This command uses to keep g enerate CNM. Default Setting keep generate CNM.
- 154 - Network Configuration Protocol Current: Indicates which network proto col i s being used. The options are bootp | dhcp | none. DHCP Client Identifier TEXT: DCHP client identifier in TEXT mode for this swit ch. DHCP Client Identifier HEX: DHCP client identifier in HEX address for this swi tch.
- 155 - no - This command sets the default ma ximum transmission unit (MTU) size (in bytes) for the interface. Default Setting 1518 Command Mode Interface Config 7.3.1.4 interface vlan This command is used to enter Interfa ce -vlan co nfigu ration mode.
- 156 - Command Mode Interface-Vlan Config Command Usage Once the IP address is set, the VLAN ID’s value will be assigned to management VLAN. 7.3.1.6 ip default-gateway This command sets the IP Address of the default gate way.
- 157 - 7.3.1.8 ip filter This command is used to enable the IP filter function. Syntax ip filter no ip filter no – Disable ip filter. Default Setting Disabled Command Mode Global Config This command is used to set an IP address to be a filter.
- 158 - Syntax show line console Default Setting None Command Mode Privileged Exec Display Message Serial Port Login Timeout (minutes): Specifies the time, in minutes, of inactivity on a Serial port connection, after which the Switch will close the co nnection.
- 159 - 7.3.2.3 baudrate This command specifies the communica tion rate of t he terminal interface. The supported rates are 1 200, 2400, 4800, 9600, 19200, 38400, 57 600, 115200.
- 160 - Syntax password-threshold <0-120> no password-threshold <threshold> - max threshold (Ra nge: 0 - 120). no - This command sets the maximum value to the default.
- 161 - Default Setting 24 Command Mode Line Config 7.3.3 Telnet Session Commands 7.3.3.1 telnet This command establish es a new outbound telnet connection to a remote host. Syntax telnet <host> [port] [debug] [line] [echo] <host> - A hostname or a valid IP address.
- 162 - Command Mode Privileged Exec Display Message Remote Connection Login Timeout (minutes): Th is object indicates the number of minutes a remote connection session is allowed to remain inactive before bei ng logged off. A zero means there will be no timeout.
- 163 - Syntax exec-timeout <1-160> no exec-timeout <sec> - max connect time (Range: 1 -16 0). no - This command sets the rem ote connection session timeout value, in minutes, to the default.
- 164 - no - This command sets the value to the default. Default Setting 24 Command Mode Line Vty 7.3.3.7 maxsessions This command specifie s the maximum number of remote con nection session s that can be established. A value of 0 indicates that no remote connection can be established.
- 165 - 7.3.3.9 sessions This command regulates n ew telnet sessions. If sessions are enabled, new telne t session s can be established until there are no more sessions avail able .
- 166 - 7.3.3.11 telnet maxsessions This command specifies the maximum n umber of si multaneous outbound telnet se ssions. A value of 0 indicates that no outbound telnet se ssi on can be established. Syntax telnet maxsessions <0-5 > no maxsessi ons <0-5> - max session s (Ra nge: 0 - 5).
- 167 - Syntax show telnet Default Setting None Command Mode Privileged Exec User Exec Display Message Outbound Telnet Login Timeout (in minutes ) Indicates the number of minut es an outbound telnet session is allowed to remai n inactive before being lo gged off.
- 168 - 7.3.4.2 sshc sessions This command regulates new outbo und ssh connecti ons. If enabled, new outbou nd ssh sessio ns can be established until it reaches the maximum number of simultan eou s outbound ssh sessions all owed. If disabled, no new outboun d ssh session can be estab lished.
- 169 - i Changing the timeout value for active sessions doe s not become effective until the session is reaccessed. Any keystroke will also activate the new timeout duration. Syntax sshc exec-timeout <1-160> no sshc exec-timeout <1-160> - max connect time (Ra nge: 1 -160).
- 170 - 7.3.5 SNMP Server Commands 7.3.5.1 show snmp This command displays SNMP commu nity information. Six communities are supported. You can add, chan ge, or delete communitie s.
- 171 - Syntax show tra pflags Default Setting None Command Mode Privileged Exec Display Message Authentication Flag: May be enabled or disabled. Th e factory default is enabled. Indicates wh ether authentication failure traps will be sent. Link Up/Down Flag: May be enabled or disabl ed.
- 172 - Global Config 7.3.5.4 snmp-server location This command set s the physical lo cation of the switch. The ra nge for name is from 1 to 31 al phan umeri c characte rs. Syntax snmp-server l ocation <loc> <loc> - range is from 1 to 31 alpha numeric characters.
- 173 - i Community names in the SNMP community t able must be unique. If you make multiple entries using the same co mmunity nam e, the first entry is ke pt and processed and all duplicate entries are ignored.
- 174 - This command sets a client IP mask for an SNMP community. The addre ss is the associated co mmunity SNMP packet sending address and i s used along with the client IP addres s value to denote a range of IP addresses from which SNMP client s may use that community to acce ss the d evice.
- 175 - range of IP addresses from which SNM P clients may us e that community to access the device. A value of 0.0.0.0 allows access from any IP address. Otherwise, this value is ANDed with the mask to determin e the range of allowed client IP addresses.
- 176 - no - This command disab les the Authentication trap. Default Setting Enabled Command Mode Global Config This command enables the DVMRP trap. Syntax snmp-server enable trap s dvmrp no snmp-server enable traps dvmrp no - This command disab les the DVMRP trap.
- 177 - This command enables Mu ltiple User traps. When the traps are enabled, a Multiple User Trap is sent when a user logs in to the termin al interface (EIA 232 or telnet) a nd there is an ex isting terminal interface session.
- 178 - virtauthentication-failure | virt-bad-packet | virt-config-err or} | if-rx {all | if-rx-packet} | lsa {all | lsa-maxage | lsa-originate} | overflow {all | lsdb-overflow | lsdb-approa chin g-ov.
- 179 - Enabled Command Mode Global Config 7.3.6 SNMP Trap Commands 7.3.6.1 show snmptrap This command displays SNMP trap re ceivers. Trap me ssages are sent a cro ss a network to an SNMP Network Manager. These messages alert the mana ger to events occurring within the switch or on the network.
- 180 - Syntax snmptrap snmpversion <name> <ipadd r> <snmpversion> Default Setting Snmpv2 Command Mode Global Config 7.3.6.3 snmp trap link-status This command enables lin k status traps by interface. i This command is valid only when the Li nk Up/Down Flag is en able d.
- 181 - Default Setting Disabled Command Mode Global Config 7.3.6.4 snmptrap <name> ipaddr <ipaddr> <snmpversion> This command adds an SNMP trap nam e.
- 182 - <ipaddr> - an original IP addres s. <ipaddrnew> - a new IP address. Default Setting None Command Mode Global Config 7.3.6.6 snmptrap mode This command activates or deactivates an SNMP trap. Enabled trap receivers are active (able to receive traps).
- 183 - Command Mode Privileged Exec Display Message HTTP Mode (Unsecure): This field indi cates whether the HTTP mode is enabled or disabled. HTTP Port: This field specifies the port configured for HTTP. HTTP Mode (Secure): This field indicat es whether the admin istrative mode of secure HTTP is enabled or disabled.
- 184 - Syntax ip http port <1-65535> no ip http port <1-65535> - HTTP Port value. no - This command is used to reset the http port to the default value. Default Setting 80 Command Mode Global Config 7.3.7.4 ip http server This command enables a ccess to the switch through the Web interface.
- 185 - no ip http secure-port <portid> - SSLT Port value. no - This command is used to reset the SSLT port to the default value. Default Setting 443 Command Mode Global Config 7.3.7.6 ip http secure-server This command is used to enable the secure socket layer for secure HTTP.
- 186 - Default Setting SSL3 and TLS1 Command Mode Global Config 7.3.8 Secure Shell (SSH) Commands 7.3.8.1 show ip ssh This command displays the SSH settings.
- 187 - no - This command is used to disable SSH. Default Setting Disabled Command Mode Global Config 7.3.8.3 ip ssh protocol This command is used to set or remove protocol leve ls (or versions) for SSH. Either SSH1 (1 ), SSH2 (2), or both SSH 1 and SSH 2 (1 and 2) can be set.
- 188 - 7.3.8.5 ip ssh timeout This command sets the SS H connection session timeo ut value, in minutes. A session is active as long as the session has been idle f o r the value set. A value of 0 indicates that a sessio n remains active indefinitely. The time is a decimal value from 0 to 160.
- 189 - 7.3.9.2 crypto key generate This command is used to generat e an RSA or DSA key pair for SSH. Syntax crypto key generate {RSA | DSA} no crypto key generate {RSA | DSA} no- This command is used to delete the RSA or DSA key from the device. Default Setting None Command Mode Global Config 7.
- 190 - ip dhcp client-identifier {t ext <text> | hex <hex>} no ip dhcp client-identifier <text> - A text string. (Range: 1-32 cha racters). <hex> - The hexadecimal value (00:00:00:00:00:00). no - This command is used to restore to default value.
- 191 - Default Setting None Command Mode Global Config 7.3.11.3 serviceport protocol This command specifies the oob configuration protoco l to be used. If you modify this value, the change is effective immediately. Syntax serviceport protocol {bootp | dhcp | dhcp6 | none [dhcp6]} <bootp> - Obtains IP address from BOOTP.
- 192 - 7.3.12 DHCP Relay Commands 7.3.12.1 show bootpdhcprelay This command is used to display the DHCP relay agent configurati on inform ation on the system. Syntax show bootpdhcprelay Default Setting None Command Mode Privileged Exec Display Message Maximum Hop Count - The maximum number of Hops a cli ent request can go without being discarded.
- 193 - no - This command is used to reset to the default value. Default Setting 4 Command Mode Global Config 7.3.13 sFlow Commands 7.3.13.1 show sflow agent The user can go to the CLI Privilege Exe c to get the sFlow agent information, u se the sho w sflow agent Privilege command.
- 194 - Display Message Poller Data Source: The sFlowDataSource (slot/port) for this sFlow sampler. This agent will support Physical ports only. Receiver Index: The sFlo wReceiver a ssociated with this sFlow counter poller. Poller Interval: The number of seconds betwee n su ccessive samples of the cou n ters a ssociated with this data source.
- 195 - Command Mode Privilege Exec Display Message Sampler Data Source: The sFlowDataSource (slot/port) for this sFlow sampler. This agent will support Physical ports only. Receiver Index: The sFlo wReceiver co nfigured for this sFlow sampler. Packet Sampling Rate: The statisti cal sampling rate for packet sampling from t his source.
- 196 - 7.3.13.7 set sflow maximum datagram size The user can go to the CLI Global Configuration M ode to set maximum datagram size, u se the sflo w receiver <index> maxda tagram <200-9116> global configuration command. Use the no sflow receiver <index> maxdatagram return to default value 1400.
- 197 - Default Setting 6343 Command Mode Global Config 7.3.13.10 set sflo w interval The user can go to the CLI Interface Confi guration Mo de to set polli ng interval, use the sflo w poller interval <0-86400> interfa ce configuration command. Use the no sflo w poller interval re turn to default value zero.
- 198 - 7.3.13.12 set sflo w poller index The user can go to the CLI I nterface Configuration M ode to configure a new sFlo w poller instance, use the sflow poller <index> interface configu ration command. Use the no sflo w poller return to default setting.
- 199 - 7.3.14.2 show serviceport ndp This command displays IPv6 Neigh bor entries. Syntax show serviceport ndp Default Setting None Command Mode Privileged Exec Display Message IPv6 Address: Specifies the IPv6 address of neigh bor or interface. MAC Address: Specifies MAC add re ss associated with an interface.
- 200 - Syntax serviceport ip <ipaddr> <n etmask> <ipaddr> - The user manu ally configu res IP address for this swit ch. <netmask> - The user ma nually configures Subnet Mask for this switch. Default Setting None Command Mode Global Config 7.
- 201 - Syntax serviceport ipv6 enable no serviceport ipv6 enable no - This command is disable IPv6 operation on the servi c e po rt. Default Setting None Command Mode Global Config 7.3.14.6 serviceport ipv6 address Use this command to configure IPv6 global addre ssing (i.
- 202 - Syntax serviceport ipv6 gateway <gateway-address> no serviceport ipv6 gateway <gateway-address > : Gateway address in IPv6 global or link-lo cal a ddress format. no - This command remove IPv6 gateways on the service port int erface.
- 203 - Privileged Exec Display Message Bridge Priority: Configured value. Bridge Identifier: The MAC Address for the Bridge from wh ich the Bridge Identi fiers used by the Spanning Tree Algorithm and Protocol. Time Since Topology Change: In se conds.
- 204 - Command Mode Privileged Exec Display Message Hello Time: The hello time value. Not Configured mean s usi ng default value. Port Mode: The administration mode of spa nnin g tree. BPDU Guard: Enabled or disa bled. ROOT Guard: Enabled or disa bled.
- 205 - Associated Instance : Identifier for the associated m ultiple sp anning tree instance or "CST" if associated with the common and internal spanning tree. 7.4.1.4 show spanning-tree mst This command displays settings an d parameters for the specified multiple span ning tree instance.
- 206 - Default Setting None Command Mode Privileged Exec Display Message MST Instance ID List: List of multiple spanning tree s IDs cu rrently configured. For each MSTID : The multiple spanning tree instance ID. Associated FIDs: List of forwarding databa se ide ntifier s associated with this instanc e.
- 207 - If 0 (defined as the default CIST ID) is passed as the <0-4094>, then this comm and displays the settings and param eters for a specifi c switch port wit hin the comm on and intern al spanni ng tree. The <slot/port> is the desired switch port.
- 208 - <0-4094> - multiple spanning tree instance ID. <slot/port> - is the desired interface nu mber. all - All interfaces. Default Setting None Command Mode Privileged Exec Display Message MST Instance ID: The MST instance asso ciated with this port.
- 209 - Configuration Name : TConfigured name. Configuration Revision Level : Configu red value. Configuration Digest Key : Calculated value. Configuration Format Selector : Configured value. MST Instances : List of all multiple spanning tree inst ances configured on the switch.
- 210 - no - This command sets the sp anning-tree operation al mode to be disabled. While disabled, the spanning-tree configuration is retaine d and can be changed, but is not activated. Default Setting Disabled Command Mode Global Config 7.4.2.2 spanning-tree protocol-migration This command enables BP DU migration check on a given interface.
- 21 1 - Default Setting The base MAC address displayed using hexadecimal notation as s pecified in IEEE 802 standard. Command Mode Global Config This command set s the Configuration Identifier Revisi on Level for u se in identifying the configuration that this switch is currently using.
- 212 - Global Config 7.4.2.5 spanning-tree forward-time This command sets the Bridge Fo rward Delay parameter to a new value for the comm on and internal spanning tree. The forward -time value is in seconds within a range of 4 to 30, with the value bein g greater than or equal to "(Bridge Max Age / 2) + 1".
- 213 - 7.4.2.7 spanning-tree max-age This command sets the Bridge Max Age parameter to a new value for the common and internal spannin g tree. The max-age value is in seconds within a rang e of 6 to .
- 214 - 7.4.2.9 spanning-tree hold-count This command sets the Bridge Tx Hold Count parameter to a new value for the common an d internal spanning tree. The Tx Hold Count value i s in a ran ge o f 1 to 110. Syntax spanni ng-tree hold-co unt <1-10> no spanning-tree hol d-count <1-10> - the Maximum hol d-count value (Range: 1-110).
- 215 - This command set s the bridge priority for a sp ecific multiple spanning tree instance. The instan ce <mstid> is a number that corresponds to the desi red existing multiple spanning tree inst ance. The priority value is a number within a range of 0 to 61440 in increments o f 4096.
- 216 - Default Setting None Command Mode Global Config This command set s the Path Cost or Port Priority for this po rt within the multiple spanning tree instan ce or in the common and internal spanning tre e.
- 217 - If the ‘port-priority’ token is specified, this command sets the priority for this port within a specific multiple spanning tree instance or t he common and internal spanning tree instance, depe nding on the <1-4094> parameter. The port-pri orit y value is a number in the range of 0 to 240 in increments of 16.
- 218 - This command sets the Administrative Sw itch Port State for all ports to enabled. Syntax spanning-tree port mode all no spanning-tree po rt mod e all all - All interfaces. no - This command sets the Admini strative Switch Port State for all ports to disabled.
- 219 - no - This command sets the Edgep ort function to the default value, that is Enabled. Default Setting Enabled Command Mode Global Config This command specifie s that this port is an Edge Port within the common an d internal spanning tree. This will allow this port to transition to Forwarding State without delay.
- 220 - This command sets the Edgepo rt BPDU Guard enable/disable parameter for accepting BPDUs on this switch. This command only works on dot1d mode. Syntax spanning-tree edgeport bp duguard no spanning-tree ed gep ort bpduguard no - This command sets the Edgep ort BPDU Guard to the default value, that is, Disabled.
- 221 - Default Setting Disabled Command Mode Interface Config 7.4.2.14 spanning-tree uplinkfast This command sets the Upl ink Fast parameter to a new value on this switch.
- 222 - 7.4.2.16 spanning-tree tcnguard This command sets the TC N Guard parameter to prevent a port from propagating topology ch ange notifications. Syntax spanning-tree tcnguard no spanning-tree tcn guard no - This command sets the tcng uard parameter to the default value, that is Disabled.
- 223 - Console Logging Severity Filter The minimum severity to log to the console lo g. Messages with an equal or lower numerical severity are logged. Buffered Logging The mode for buffered loggi ng. Syslog Logging The mod e for logging to configured syslog ho sts.
- 224 - Default Setting None Command Mode Privileged Exec Display Message Number of Traps since last reset: The number of traps that have occurred since the last reset of this device. Trap Log Capacity: The maximum number of traps that could be stored in the switch.
- 225 - 7.5.2 Configuration Commands 7.5.2.1 logging buffered This command enables lo gging to in-memory log where up to 128 l ogs a re kept. Syntax logging buffered no logging buffered no - This command disab les log ging to in-memory log.
- 226 - [<severi ty level> | <0-7>] - The value is specified as either an integer from 0 to 7 or symboli cally through one of the following keywords: emergency (0 ), alert (1), critical (2), error (3), warning (4), notice (5), informational (6), debug (7).
- 227 - None Command Mode Privileged Exec 7.5.2.5 logging host This command enables lo gging to a host w here up to eight hosts can be configured. Syntax logging host <hostaddress> [ <po r t>] [[<severitylevel> | <0-7 >]] <hostaddress> - IP add re ss of the log server.
- 228 - Syntax logging host reconfigure <hostindex> <h ostaddress> <hostindex> - Index of the log server. <hostaddress> - New IP a ddress of the log server. Default Setting None Command Mode Globla Config 7.5.2.6 logging syslog This command enables syslog logging.
- 229 - Command Mode Globla Config 7.5.2.7 clear logging buffered This command clears all in-memory log. Syntax clear logging buffered Default Setting None Command Mode Privileged Exec 7.6 Script Management Commands 7.6.1 script apply This command applies the commands in the configur ation script to the switch.
- 230 - 7.6.2 script delete This command deletes a specified script or all the scripts pre se nted in the switch. Syntax script delete {<scriptname> | all} <scriptname> - The name of the script to be deleted. all - Delete all scripts presented in the switch.
- 231 - <scriptname> - Name of the script file. Default Setting None Command Mode Privileged Exec 7.6.4 script validate This command displays the content of a script file. Syntax script validate <scriptname> <scriptname> - Name of the script file.
- 232 - Default Setting None Command Mode Privileged Exec Display Message User Name: The name the user will use to login using the se rial port , Telnet or Web. A new user may be added to the switch by entering a name in a blan k entry. The user nam e may be up to eight characters, and is not case sensitive.
- 233 - 7.7.1.3 show passwords configuration Use this command to display the configured passwo r d management settings. Syntax show passwords config uration Default Setting None Command Mode Privileged Exec Display Message Minimum Password Length: Minimum number of characters required when cha nging passwords .
- 234 - i The admin user account cannot be deleted. Default Setting No password Command Mode Global Config 7.7.2.2 Unlock a locked user account The user can go to the CLI Global Configuration M ode to unlock a locked user accou nt, use the username <name> unlock global configuratio n com mand.
- 235 - none - no use authentication method. no - This command sets the authe ntication protocol to be used for the specified login u ser to none . The <username> is the login user na me for which the specified authentication protocol will b e use d.
- 236 - passwords aging <1-365> no passwords agin g <1-365> - Number of days until password expire s. Default Setting 0 Command Mode Global Config 7.7.2.6 Set the password history The user can go to the CLI Global Configurati on Mode to set the password history, use the pass words history <0-10> Glob al configuration command.
- 237 - Default Setting 0 Command Mode Global Config 7.7.2.8 Set the minimum password length The user can go to the CLI Global Configuration M ode to set the minimum password length, use the passwords min-length <8-64> Global configuration comm and.
- 238 - Display Message User: This field lists every user that has an authentica t ion login list assigned. System Login: This field display s the au thenticatio n login list assigned to the user for system login. 802.1x: This field displays the authe ntica tion login list assigned to the user for 802.
- 239 - User Name: This field displays the user assigned to the specifie d authentication login list. Component: This field displays the component (User or 802.1x) for which the aut hentication login list is assigned. 7.8.1.4 show dot1x This command is used to show the stat us of the dot1x Administrativ e mode.
- 240 - Protocol Version: The protocol version asso ciated with this port. The only possible value is 1, corresponding to the first versi on of the dot1x specification. PAE Capabilities: The port access entity (PAE) functionalit y of this port. Poss ible values are Authenticator or Supplicant.
- 241 - terminated the port goes into unauthorized stat e. If the value is Radius-Request , then a reauthentication of the client aut henticated on the port is performed. 7.8.1.6 show dot1x statistics This command is used to show a summ ary of the glo bal dot1x conf iguration and the dot1x sta tistics for a specified po rt.
- 242 - EAP Length Error Frames Received: The number of EAPOL frames that hav e been received by this authenticator in which the frame type is not recog nize d. 7.8.1.7 show dot1x summary This command is used to show a summary of the gl obal dot1x conf iguration and summa ry information of the dot1x configuration for a sp ecified port or all ports.
- 243 - Privileged Exec Display Message User: Users config ure d locally to have access to the specified port. 7.8.1.9 show dot1x client This command displays 80 2.1x client informatio n. Syntax show dot1x clients {<slot/port> | all} <slot/port> - is the desired interface nu mber.
- 244 - 7.8.1.10 show radius servers This command is used to display item s of the configured RADIUS server s. Syntax show radius servers [<ipaddr|ho stnam e>] Default Setting None Command Mode Privileged Exec Display Message <ipaddr|hostname>: The IP addres s or host name of the authenticating se rver.
- 245 - Number of Named Accounting Serv er Groups: The number of configured named RADIUS server groups. Number of Retransmits: The configure d value of the maximum number of times a request packet is retransmitted. Time Duration: The configured timeout value, in seco nds, for request re-transmissi ons.
- 246 - Round Trip Time: The time interval in centiseconds, between the most recent Accounting- Response and the Accounting-Req uest that matc hed it from the RADIUS accounting server. Requests: The number of RADIUS Accounting-Request pack ets sent to this a ccounting server.
- 247 - Round Trip Time - The time interval, in hundredths of a second, between the most recent Access-Reply, Access - Ch allenge and the Access- Request that matched it from the RADIUS authentication server. Access Requests - The number of RADIUS Acce ss-Re quest packets sent to this server.
- 248 - Port: Shows the configure d TACA CS + server port number. TimeOut: Shows the timeout in seconds fo r establishing a TCP connection. Priority: Shows the preference ord er in which TACACS + servers are contacted. If a server connection fails, the next highest priority serve r is contacted.
- 249 - This command show s the dynamically locked MA C addresses for port. Syntax show port-security dynamic <slot/port> Default Setting None Command Mode Privileged Exec Display Message MAC addr ess Dynamicall y locked MAC address. This command show s the statically locke d MAC addresses for port.
- 250 - MAC addr ess MAC addre ss of di scarded packet on locked ports. 7.8.2 Configuration Commands 7.8.2.1 authentication login This command creates a n authenti cation login list. The < listname> is up to 15 alphanumeric characters and is not case sensitive.
- 251 - None Command Mode Global Config 7.8.2.2 username defaultlogin This command assigns the authentication login list to use for non -configured users when attempting to lo g in to the system. This setting is ov erridden by the authenticatio n login list assigned to a specific user if the user is configured locally.
- 252 - Default Setting None Command Mode Global Config 7.8.3 Dot1x Configuration Commands 7.8.3.1 dot1x initialize This command begins the initialization sequence on t he specified port. This co mmand i s only valid if the control mode for the specified port is 'aut o'.
- 253 - Global Config 7.8.3.3 dot1x login This command assigns the specified authenticatio n login list to the specified user for 802.1x port se curity. The <user> parameter must be a co nfigured user and the <listn a me> parameter must be a config ure d authentication login list.
- 254 - 7.8.3.5 dot1x user This command adds th e specified user to the list of user s with access to the specified port or all ports. The <username> parameter m ust be a configured user. Syntax dot1x user <user> {<slot/port> | all} no dot1x user <user> {<slot/port> | all} <user> - Is the login user name.
- 255 - Command Mode Global Config This command sets the authentication m ode to be u sed on the specified port. The control mode may be one of the following. force-unauthorized: The authenticator PAE uncondit ionally sets the controlled port to unauthorized.
- 256 - Default Setting 2 Command Mode Interface Config 7.8.3.8 dot1x max-user This command configure s the maximum users to a sp ecified port, The system’s d efault maximum users of an interface has no limitation. If ‘ no dot1x max-users ’ command is executed, the system will reset the maximum users to infinity.
- 257 - 7.8.3.10 dot1x re-reauthenticate This command begins the re-authentication sequen ce on the specified port. This command is only valid if the control mode for the sp ecified p ort is 'auto'. If t he control mode is not 'auto' an error will be returned.
- 258 - server-timeou t: Sets the value, in seconds, of the timer used by the authenticator state machine on this port to timeout the authentication server.
- 259 - 7.8.4 Radius Configuration Commands 7.8.4.1 radius accounting mode This command is used to enable the RADIUS accounting function. Syntax radius accounting mode no radius accounting mode no - This command is used to set the RADIUS accounti ng function to the defa ult value - that is, the RADIUS accounting function is disabl ed .
- 260 - 7.8.4.3 radius server attribute 4 This command to set the NAS-IP address for the ra dius server. Syntax radius-server attribute 4 [ipaddr] no radius-server attribute 4 no – use this command to reset the NAS-IP addres s for the ra dius server.
- 261 - number, the IP address must match that of a previ ously configure d RADIUS a uthentication server. The port number must lie between 1 - 65535, with 1812 being the default value. If the 'acct' token is used, the command config ure s the IP address to use for the RADIUS accounting server.
- 262 - Default Setting None Command Mode Global Config 7.8.4.7 radius-server retransmit This command sets the maximum number of times a reque st packe t is re-transmi tted when no response is received from the RADIUS server. T he retri es val ue is an inte ger in the range of 1 to 15.
- 263 - Command Mode Global Config 7.8.4.9 radius-server msgauth This command enables the message authenticator attribute for a specified server. Syntax radius-server msgauth <ip a ddr|hostname > <ipaddr|hostname > - is a IP address o r hostname.
- 264 - 7.8.5 TACACS+ Configuration Commands 7.8.5.1 tacacs host This command is used to enable /di sable TACACS+ f unction and to config ure th e TACACS+ server IP address. The system has not any TACACS+ server conf igured for its initialization and supp ort 5 TACACS+ server s.
- 265 - This command is used to configure the TA CACS+ au thenticatio n and encryption key. Syntax key [<key-string> | encr ypt ed <key-string>] Note that the length of the secret key is up to 128 characters. < key-string > - The valid value of the key.
- 266 - Default Setting 0 Command Mode TACACS Host Config 7.8.5.3 tacacs timeout This command is used to configure t he TACACS+ conne ction timeout value. Syntax tacacs timeout [<timeout>] no tacacs timeout <timeout> - The co nnection timeout value.
- 267 - 7.8.6 Port Security Configuration Commands 7.8.6.1 port-security This command enables p ort lockin g at the system level (Global Config) or port level (Interface Config ). Syntax port-securit y no port-security Default Setting None Command Mode Global Config Interface Config 7.
- 268 - no - This command resets the maximum number of st atically lo cked MAC addresses allowed on a specific port to its default value. Default Setting 20 Command Mode Interface Config 7.8.6.4 port-security mac-address This command adds a MAC add ress to the lis t of statically locked MAC addre sses.
- 269 - 7.8.6.6 port-security violation shutdown This command configure s the port violation shutdown mode. Once t he violation h appens, the interface will be shutdown. Syntax port-security violation shutdown no port-security violation no - This command restore violation mode to be def ault.
- 270 - CDP Holdtime (sec): The l ength of time a receiving device should hold the L2 Network Switch CDP information before discarding it CDP Transmit Interv al (sec): A period of the L2 Net w ork Swit ch to send CDP packet Ports: Port number vs CDP s tatus CDP: CDP enable or disable 7.
- 271 - Privileged Exec Display Message Device Id: Identifies the device name in the form of a cha ra cter string. Entry Address(es): The L3 addresses of the inte rface that has se nt the update. Platform: Describes the hardwa re platform name of the device, for example, Fo rtinet the L2 Network Switch.
- 272 - Syntax cdp no cdp no - This command is used to disable CDP Admin Mode. Default Setting Enabled Command Mode Global Config 7.9.2.2 cdp run This command is used to enable CDP o n a specified interface. Syntax cdp run no cdp run no - This command is used to disable CDP on a specified interface.
- 273 - Command Mode Global Config 7.9.2.3 cdp timer This command is used to configure an interval time (seconds) of the sending CDP packet. Syntax cdp timer <5-254> no cdp timer <5-254> - interval time (Range: 5 – 254 ). no - This command is used to reset the interval time to the default value.
- 274 - 7.10 SNTP (Simple Network Time Protocol) Commands 7.10.1 Show Commands 7.10.1.1 show sntp This command displays the current time and configuration settings for the SNTP client, and indicates whether the local time has been properl y updated.
- 275 - Client Mode: Configured SNTP Client Mode. Unicast Poll Interval Poll interval value for SNTP clients in se conds as a power of two. Poll Timeout (Seconds) Poll timeout value in second s for SNTP cli ents. Poll Retry Poll retry value for SNTP clients.
- 276 - 7.10.2 Configuration Commands 7.10.2.1 sntp broadcast client poll-interval This command will set the poll interval for SNTP broa dcast clients in seconds as a power of two where <poll-interval> can be a value from 6 to 10.
- 277 - 7.10.2.3 sntp client port This command will set the SNTP client p ort id and poll ing interval in seconds. Syntax sntp client port <portid> no sntp client port <portid> - SNTP client port id. no - Resets the SNTP client port id. Default Setting The default portid is 123.
- 278 - Syntax sntp unicast client poll-timeout <poll-time out> no sntp unicast client poll-timeout < poll-timeout > - Polling timeout in se con ds. The range is 1 to 30. no - This command will reset the poll t i meout for SNTP unica st cli ents to its default value.
- 279 - <ipaddress/ipv 6address/domain-nam e > - IPv4 or IPv6 addre ss or domain name of the SNTP server. <addressty pe > - The a ddress type is ipv4 or ipv6 or dns or dnsv6. <1-3> - The range is 1 to 3. <version> - The range is 1 to 4.
- 280 - sntp multicast client poll-interval <poll-interval> no sntp multicast client poll-interval <poll-interval> - Polling interval. It’s 2^(value) second s where the range of value is 6 to 10. no – This command will reset the poll interval for SN TP multicast client to its default value.
- 281 - Mask: The mac-mask is the last eight di git of the mask code of the MAC address, the valid values are: 0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80 and 0x0. Priority: The p riority-id is the priority of the voic e traffic; the valid range is 0 to 7.
- 282 - Default Setting Disabled Command Mode Global Config 7.11.2.2 voice-vlan vlan This command configures the specifie d VLAN to Voice VLAN. Syntax voice-vlan vlan <vlan-id> Default Setting None Command Mode Global Config 7.11.2.3 voice-vlan mac This command is used to add a voice dev ice to a Voice VLAN.
- 283 - 7.11.2.4 voice vlan This command is used to enable/di sable Voice VLAN Admin Mode. Syntax voice vlan no voice vlan no - This command disab les the Voice VLAN capability on this switch. Default Setting Disabled Command Mode Global Config This command configures the Voice VLAN capability on the interface.
- 284 - Syntax voice vlan data priority untrust | trust Default Setting trust Command Mode Interface Config 7.12 LLDP (Link Layer Discovery Protocol) Commands 7.12.1 Show Commands 7.12.1.1 show lldp This command uses to display a summar y of the current LLDP configuratio n.
- 285 - Syntax show lldp interface {<slot/port> | all} <slot/port> - Configs a specific interface. Default Setting None Command Mode Privileged Exec Display Message Interface: Shows the interf ace in a slot/port format. Link: Shows whether the li nk is u p or down.
- 286 - Total Deletes: Total number of deletes from the rem ote data table . Total Drops: Total number of times the complete rem ote data received was not inserted due to insufficient re sources. Total Ageouts: Total num ber of times a complete remote data entry was deleted because the Time to Live interval expired.
- 287 - 7.12.1.5 show lldp remote-device detail This command uses to display detailed information about remote dev ices that transmit current LLDP data to an interface on the system. Syntax show lldp remote-device detail <slot/port> <slot/port> - Displays a specific interface.
- 288 - Syntax show lldp local-device {<slot/port> | all} <slot/port> - Displays a specific interface. Default Setting None Command Mode Privileged Exec Display Message Interface: Identifies the interface in a slot/port format . Port ID: Shows the port ID associated with this interface.
- 289 - Port Description: Describ es the port in an alpha-numeric fo rmat. System Capabilities Supported: Indicates the prim ary func tion(s) of the device.
- 290 - Command Mode Privileged Exec Display Message Interface: Specifie s all the ports o n which LLDP-MED can be confi gured. Link: Specifies the link status of the port s whether it is Up/Down. ConfigMED: Specifies the LLDP-MED mode is e nabled or disable d on this interface.
- 291 - Firmware Rev: Specifies Firmware versi on. Software Rev: Specifies Software version. Serial Num: Specifies serial number. Mfg Name: Specifies manufacturers name. Model Name: Specifies model name. Asset ID: Specifies asset id. Location Specifies if location TLV is present in LLDP frames.
- 292 - Display Message Interface: Specifies the list of all the ports on which LLDP-MED is enabled. Remote ID: An internal identifier to the switch to mark each remote device to the system. Device Class: Specifies l ocal device's MED Classification.
- 293 - DSCP: Specifies the DSCP associated with a parti cular policy type. Unkno w n : Specifies the unkn own bit asso ci ated with a particular policy type. Tagged: Specifies the tagged bit associated with a p articular policy type. Inventory Specifies if inventory TLV is rece ived in LLDP frames on this port.
- 294 - no lldp notification no - This command is used to disable notification s. Default Setting Disbaled Command Mode Interface Config 7.12.2.2 lldp notification-interval This command is used to configure how freque ntly the system sends rem o te data chan ge notifications.
- 295 - Default Setting Disabled Command Mode Interface Config 7.12.2.4 lldp transmit This command uses to enable t he LLDP advertise capability. Syntax lldp transmit no lldp transmit no - This command is used to return the loca l data transmission capability to the default.
- 296 - 7.12.2.6 lldp transmit-tlv This command is used to specify which optional type length values (TLVs) in the 802.1AB basic management set are transmitted in the LLDPDUs. Us e sys-name to transmit th e system n ame TLV. To configure the system name , please refer to “snmp-serv er” com mand.
- 297 - Default Setting Interval-seconds 30 Hold-value 4 Reinit-sec onds 2 Command Mode Global Config 7.12.2.8 lldp tx-delay This command is used to set the timing parameter s for data transmissi on delay on ports enabled for LLDP. The <delay-seconds> determi nes the number of seconds to wait betwe en transmitting local data LLDPDUs.
- 298 - 7.12.2.10 lldp med confignotification The user can go to the CLI Interface Co nfiguration M o de to set all t he po rts to send the topol o gy change notification, use the lldp med confignotification Interface configuration comma nd. Use the no lldp med confignotification to disable notifications.
- 299 - Interface Config 7.12.2.12 lldp med all The user can go to the CLI Global Configuration M ode to set LLDP-MED on all th e ports, u se the lldp med all Global configuration comman d. Use the no lldp med all to disabl e LLDP-MED on all the ports.
- 300 - Syntax lldp med faststartrepeatcount <1 -10 > no lldp med faststartrepeat count Default Setting 3 Command Mode Global Config 7.12.2.15 lldp med transmit-tlv all The user can go to the CL.
- 301 - 7.13 Denial Of Service Commands 7.13.1 Show Commands 7.13.1.1 show dos-control This command displays the Denial of Serv ice configurations for the entire sy stem. Syntax show dos-cont rol Default Setting None Command Mode Privileged Exec Display Message TCP Fragment Mode: May be enabled or disabled.
- 302 - 7.13.2 Configuration Commands 7.13.2.1 dos-control sipdip This command enables So urce IP Address = Desti nation IP Address (SIP=DIP) Denial of Service protection. If the mode is enabled, Denial of Service prev ention is active for this type of attack.
- 303 - 7.13.2.3 dos-control firstfrag This command enables IP First Fragm ent Denial of Se rvice protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having IP First Fragment Offset equal to one (1), the packets will be drop ped if the mode is en abled.
- 304 - 7.13.2.5 dos-control l4port This command enables L4 Port Denial of Service pr otections. If the mode is enabled, Denial of Service prevention is active for this type of at ta ck. If packet s ingress having Source TCP/UDP Port Number equal to Destination TCP/UDP Port Number , the packets will be drop ped if the mode is enabled.
- 305 - 7.13.2.7 dos-control udpport This command enables the UDP L4 source = destinat ion port number (Source UDP Port = Destination UDP Port) Denial of Service protection. If the mode is enabled, De n ial of Service prevention is active for this type of attack.
- 306 - 7.13.2.9 dos-control icmpv4 This command enables Ma ximum ICMPv4 Packet Size Denial of Service prote ct ions. If the mode is enabled, Denial of Service preventio n is active for this type of attack.
- 307 - 7.13.2.11 dos-control icmpfrag This command enables the ICMP Fragment Denial of Se rvice p rotection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets in gress has fragme nted ICMP pa ckets, the packets will be dropped if the mode is enable d.
- 308 - ingress having TCP FIN, URG, and PSH all set and TCP Sequence Number set to 0, the packets will be dropped if the mode is enabled. Syntax dos-control tcpfinurgpsh no dos-control tcpfinurg psh no - This command disa bles the TCP FIN and URG and PSH and SEQ=0 checking Denial of Service protections.
- 309 - Syntax dos-control tcpsynfin no dos-control tcpsynfin no - This command disab les the T CP SYN & FIN Denial of Service protection. Default Setting Disabled Command Mode Global Config 7.13.2.16 dos-control tcpoffset This command enables the TCP Fragment Offset Deni al of Service protection.
- 310 - Default Setting Disabled Command Mode Global Config 7.14 VTP (VLAN Trunking Protocol) Commands 7.14.1 Show Commands 7.14.1.1 show vtp counters This command displays the VTP packet s tatistics.
- 31 1 - 7.14.1.2 show vtp password This command displays the VTP domain password. Syntax show vtp password Default Setting None Command Mode Privileged Exec Display Message VTP Password: Displays the VTP domain password. 7.14.1.3 show vtp status This command displays the VTP domain status.
- 312 - Configuration last modified: Displ ays the time stamp of the last configuration modification and the IP address of the switch that caused th e configuration chan ge to the databa se. Local updater ID: Displays the Local u pdater ID for the VTP domain status.
- 313 - 7.14.2.2 vtp domain This command uses to set VTP administ r ative domai n name. Syntax vtp domain <string> no vtp domain <string> - Configures the string for domai n name. (maximum lengt h 32 bytes) no - This command resets the domain name to NULL.
- 314 - Global Config 7.14.2.4 vtp version Use the no vtp version to reset the VTP version number to default value.. Syntax vtp version <1-2> no vtp version no - This command resets the VTP version to default value. Default Setting 1 Command Mode Global Config 7.
- 315 - 7.14.2.6 vtp pruning This command uses to co n figure the ad minstrative domain to permit pruning Syntax vtp pruning no vtp pruning no - This command resets the pruning mode to default value. Default Setting Disabled Command Mode Global Config 7.
- 316 - Default Setting Disabled Command Mode Interface Config 7.15 Protected Ports Commands 7.15.1 Show Commands 7.15.1.1 show switchport protected This command displays the status of all the interface s, includi ng pro tected and unprotected interface s.
- 317 - None Command Mode Privileged Exec Display Message Name: An name of the pro t ected po rt group. Protected: Indicates whether the inte rface is protected or not. It shows TRUE or FALSE. If the group is a multiple groups then it shows TRUE in Group <g roupid>.
- 318 - switchport protected <0-2 > no switchport protect ed <0 -2> no - This command uses to configu re a port as u nprotected. Default Setting None Command Mode Interface Config 7.16 Static MAC Filtering Commands 7.16.1 Show Commands 7.16.
- 319 - 7.16.2 Configuration Commands 7.16.2.1 macfilter This command adds a static MAC filter entry for the MAC address <macadd r > on the VLAN <vlanid>. The value of the <macaddr> parameter is a 6-byte hexade cimal numbe r in the format of b1:b2:b3:b4:b5:b6.
- 320 - Interface Config 7.16.2.3 macfilter addsrc all This command adds all interfaces to the source filt er set for the M AC filter with the MAC address of <macaddr> and <vlanid>. You must spe cify the <m acaddr> parameter as a 6-by te hexadecimal number in the format of b1:b2:b3:b4:b5:b6.
- 321 - 7.17.1.2 clear traplog This command clears the trap log. Syntax clear traplog Default Setting None Command Mode Privileged Exec 7.17.1.3 clear eventlog This command is used to clear the event log, wh ich contains error messages from the system .
- 322 - Default Setting None Command Mode Privileged Exec 7.17.1.5 clear config This command resets the configuration to the factor y defaults without powering off the switch. The swit ch is automatically reset when this comm and is proc essed. You are prompted to confirm that the reset should proceed.
- 323 - 7.17.1.7 clear counters This command clears the stats for a sp ecified <slot/port> or for all the port s or for the entire swit ch based upon the argument. Syntax clear counters [<sl ot/port> | all] <slot/port> - is the de sired interface num ber.
- 324 - Syntax clear cdp [traffic] traffic - this command is used to clear t he CDP packet counte rs. Default Setting None Command Mode Privileged Exec 7.17.1.10 clear vlan This command resets VLAN co nfigurat ion paramete r s to the factory defaults.
- 325 - 7.17.1.11 clear igmpsnooping This command clears the tables ma naged by the IG MP Snooping function and will attempt to delete these entries from the Multicast Forwarding Database. Syntax clear igmpsnooping Default Setting None Command Mode Privileged Exec 7.
- 326 - None Command Mode Privileged Exec 7.17.1.14 clear dot1x statistics This command resets the 802.1x statistics for the specified port or for all port s. Syntax clear dot1x statistics {all | <slot/port>} <slot/port> - is the de sired interface num ber.
- 327 - 7.17.1.16 clear domain-list This command is used to clear all ent ries domain names for incomplete host names. Syntax clear domain-list Default Setting None Command Mode Privileged Exec 7.17.1.17 clear hosts This command is used to clear all st atic host nam e-to-address mapping.
- 328 - Default Setting None Command Mode Privileged Exec 7.17.1.19 clear ip arp-cache This command c auses all ARP entries of typ e dynamic to be removed from the ARP cache. If the gateway keyword is specified, the dynamic entrie s of type gateway are purg ed as well.
- 329 - 7.17.1.21 clear lldp remote-data This command will use to delete all information from the LLDP remote data table. Syntax clear lldp remote-data Default Setting None Command Mode Privileged Exec 7.17.1.22 enable passwd This command changes Privileged EXEC password.
- 330 - Global Config. 7.17.1.24 clear ipv6 neighbors This command will use to clear all en tries IPv6 neighbor table or an entry on a specific in terface. Use the <slot/port> parameter to sp ecify the interface. Syntax clear ipv6 neighbors [<slot/ port>] <slot/port> - Specify the interface.
- 331 - 7.17.1.26 clear ipv6 dhcp This command will use to clear DHCPv6 statistics for all inte rfaces or for a specif ic interface. Use the <slot/port> parameter to sp ecify the interface. Syntax clear ipv6 dhcp {statistics | interfac e <slot/port> statistics} <slot/port> - Specify the interface.
- 332 - <url> - xmodem, tftp://ipaddr/path/file or ftp://user:pass@ipaddr/path/file. errorlog - event Log file. log - message Log file. traplog - trap Log file.
- 333 - Write running configurati on file into flash Syntax copy running-config startup-config [filena me] <filename> - name of the configuration file.
- 334 - <filename> - name of the configuration or image file. Default Setting None Command Mode Privileged Exec 7.17.4 dir This command is used to display a list of files in Flash memory. Syntax dir [boot-rom | config | opcode [<filename>] ] <filename> - name of the configuration or image file.
- 335 - Syntax whichboot Default Setting None Command Mode Privileged Exec 7.17.6 boot-system This command is used to specify the file or image used to start up the system. Syntax boot-system {boot-rom | config | opcode} <filename> <filename> - name of the configuration or image file.
- 336 - Syntax ping <ipaddress|h ostn ame> count <0-2 0000 000> [size <32-512>] ping <ipaddress|h ostn ame> size < 32-512> [count <0-20000000>] < ipaddress|hostname> - a host name or an IP address. <0-20000000> - number of pings (Range: 0 - 20000000).
- 337 - 7.17.7.3 ping ipv6 interface This command use to deter mine wh ether another com puter is on the network. To use the com mand, configure the switch for network (in-band ) connection. The source and targ et devices must hav e the ping utility enabled and running on top of TCP/IP.
- 338 - <maxTtl> - Use maxTtle to specify the maximum TTL. Range is 1 to 255. <interval> - Use interval to specify the time between probe s, in seconds. Range is 1 to 60 seco nd s. <count> - Use the optional count param eter to specify the number of probes to send for ea ch TTL value.
- 339 - Syntax logging cli-command Default Setting None Command Mode Global Config 7.17.10 calendar set This command is used to set the system clock. Syntax calendar set <hh: mm:ss> <1-3 1 &g.
- 340 - Default Setting None Command Mode Privileged Exec 7.17.12 configure This command is used to activate global config uration mode. Syntax configure Default Setting None Command Mode Privileged Exec 7.17.13 disconnect This command is used to close a teln et session.
- 341 - 7.17.14 hostname This command is used to set the prompt string. Syntax hostname <prompt_string > <prompt_string> - Prompt string. Default Setting Fortinet Command Mode Global Config 7.17.15 quit This command is used to exit a CLI session.
- 342 - Default Setting None Command Mode Privileged Exec Display Message Cable Status : One of the following statuses is returned: Normal : The cable is worki ng co rrectly. Open : The cable is disconnected or the re is a faulty connector. Short : There is an electrical short in the cabl e.
- 343 - The hardware identifies all incoming DHCP packet s on ports where DHCP snooping is en abled. DHCP snooping is enabled on a port if (a) DHCP snooping is enabled globally, and (b) the port is a membe r of a VLAN where DHCP snooping is en abled. On untruste d ports, the hardware traps all incoming DHCP packets to the CPU.
- 344 - Default Setting None Command Mode Privileged Exec Display Message MAC Address: Displays the MAC add re ss for the binding that was added. The MAC address is the key to the binding database. IP Address: Displays the valid IP address for the bin ding rule.
- 345 - Default Setting None Command Mode Privileged Exec Display Message Interface: The IP address of the interface in slot/port format. MAC Verify Failures: Represents the numbe r of DHCP messages that were filtered on an untru sted interface because of source MAC addre ss a nd cli ent HW address mismatch.
- 346 - no - This command disab l es the DHCP Snooping o n VLANs. Default Setting Disabled Command Mode Global Config 7.18.2.3 ip dhcp snooping verify mac-address This command ena bles the verification of the source MAC addres s with the client hardware a ddress in the received DCHP message.
- 347 - 7.18.2.5 ip dhcp snooping database write-delay This command configure s the interval in seco nds at which the DHCP Snooping database will b e persisted.
- 348 - no - This command removes the DHCP static entry from the DHCP Snooping database. Default Setting None Command Mode Global Config 7.18.2.8 ip dhcp snooping limit This command control s the rate at which the DHCP Snooping messages come. T he default rate is 15 pps with a range from 0 to 300 pps.
- 349 - Interface Config 7.18.2.10 ip dhcp snooping trust This command configure s the port a s tru sted. Syntax ip dhcp snooping trust no ip dhcp snooping trust no - This command configure s the port as untrusted. Default Setting Disabled Command Mode Interface Config 7.
- 350 - Syntax ip dhcp snooping information option allo w-untrusted no ip dhcp snooping information option a llow-untruste d no - This command disallows DHCP p acket receiv ed form untrusted port with option 82 data. Default Setting Disabled Command Mode Global Config 7.
- 351 - show ip verify [interface <slot/port>] Default Setting None Command Mode Privileged Exec Display Message Interface: Interface address in slot/port format. Filter Type: Is one of two values: • ip-mac: User has configured MAC address filtering on this interfac e.
- 352 - Syntax show ip source binding [{static/dhcp-snooping}] [interface <slot/port>] [vlan id] Default Setting None Command Mode Privileged Exec Display Message MAC Address: The MAC address for the entry that is added. IP Address: The IP address of the entry that is adde d.
- 353 - Syntax ip verify binding <mac-address> vlan <v lan id> <ip address> interface <slot/port> no ip verify binding <mac-address> vlan <vl an id> <ip address> inte rface <slot/port> no - This command removes the IPSG stat ic entry from the IPSG database.
- 354 - the single vlan argument and the com m and displays the statistics on that VLAN. If no argument is included, the command li sts a su mmary of the forwarded and dropped ARP pa ckets.
- 355 - Source MAC Validation: Displays whether Source MAC Validati on of ARP frame is enabled or disabled. Destination MAC Validation: Displays wheth er Desti nation MAC Validation is enabled or disabled. IP Address Validation : Displays whether IP Addre ss Validation is enabl ed or disabled.
- 356 - show arp access-list [acl-name] Default Setting None Command Mode Privileged Exec 7.20.2 Configuration Commands 7.20.2.1 ip arp inspection validate This command enables a dditional validation checks like source -mac validation, destination-mac validation, and ip address validation on the received ARP packet s .
- 357 - Command Mode Global Config 7.20.2.3 ip arp inspection vlan logging This command enables lo g ging of invalid ARP pac kets on a list of comma-separated VLAN ranges.
- 358 - 7.20.2.5 ip arp inspection trust This command configure s an interfa ce as trusted for Dynamic ARP Inspection. Syntax ip arp inspection trust no ip arp inspection trust no - This command confi gure s an interface as untrusted for Dynamic ARP Insp ection.
- 359 - no - This command delet es a configu red ARP ACL. Default Setting None Command Mode Global Config 7.20.2.8 permit ip host mac host This command configure s a rule for a valid IP address and MAC address com bination used in ARP packet validation.
- 360 - 7.21 Differentiated Service Command ! This Switching Command f unction can only be used o n the QoS software version . This chapter contains the CLI commands used for th e QOS Differentiated Service s (DiffServ) packag e. The user configures DiffServ in several st age s by specifying: 1.
- 361 - − 'all' within 'all' − no nested 'not' conditions − no nested 'acl ' cla ss types − each class contains at mo st one referen ced class • hiera.
- 362 - Syntax no diffserv Command Mode Global Config 7.21.2 Class Commands The 'class' command set is used in DiffServ to define: Traffic Classification specifies Behavior Aggregate (BA) ba sed on DSCP, and Multi- Field (MF) classes of traffic (name, match criteria) Service Levels specifies the BA forwarding cla sses / service levels.
- 363 - The CLI mode is changed to Class-Map Conf ig or Ipv6-Class-Map Config whe n this command is successfully executed dep endin g on the [{ipv4 | ipv6}] keyword specified. Command Mode Global Config 7.21.2.2 no class-map This command eliminates an existing Di ffServ class.
- 364 - ! The class name ‘default’ is rese rved and must not be used here. Default Setting None Command Mode Global Config 7.21.2.4 match any This command adds to the spe cified class definition a match conditi on whereby all packets are considered to belong to the class.
- 365 - Restrictions The class types of both < cl assname> and < refclassname> must be identical (t hat is, any vs. any, or all vs. all). A class type of acl is not supported by this command. Cannot specify <refclassn ame> the same as < classname> (that is, self-refe ren cing of class name not allowed).
- 366 - Syntax match cos <0-7> Default Setting None Command Mode Class-Map Config 7.21.2.8 match destination-address mac This command adds to the spe cified class definition a match conditi on based on the destination MAC address of a packet.
- 367 - <ipaddr> specifies an IP address. < ipmask> specifies an IP address bit mask; note th at although si milar to a standard subnet mask, this bit mask need not be contiguous.
- 368 - 7.21.2.11 match ethertype This command adds to the spe cified class definit ion a match conditi on based on the value of the ethertype. The <ethertype> value is spe c ified as one of the.
- 369 - None Command Mode Class-Map Config / Ipv6-Class-Map Config 7.21.2.13 match ip precedence This command adds to the spe cified class definiti on a match conditi on based on the value of the IP P.
- 370 - i The ip dscp, ip precedence, and ip tos m atch conditions are alternative ways to specify a match criterion for the same Service Typ e field in the IP heade r, but with a slightl y different user notation.
- 371 - i This command is not available on the Broad com 56 30x platform. Syntax match source-addre ss mac <add ress> <macmask> <address> - Specifies any layer 2 MAC address. <macmas k> - Specifies a layer 2 MAC a ddre ss bit mask.
- 372 - Syntax match srcl4port {<portkey > | <0-655 35>} <portkey> is one of the supporte d po rt name keywords (listed below). The currently supported <portkey > values are: do main, ec ho, ftp, ftpdata, http, smtp, snmp, telnet, tftp, www.
- 373 - 7.21.2.20 match dstip6 This command adds to the spe cified class definiti on a match conditi on based on the destination IPv6 address of a packet. Syntax match dstip6 <destination-ipv6-p refix/prefix-length> Default Setting None Command Mode IPv6-Class-Map Config 7.
- 374 - 7.21.3 Policy Commands The 'policy' command set is used in DiffServ to define: Traffic Conditioning Specify traffic conditioning actio ns (p olicing, marking, shaping) to apply to traffic clas ses Service Provisioning Specify bandwidth and queue depth manage ment requirements of service levels (EF, AF, etc.
- 375 - 7.21.3.1 assign-queue This command modifie s the queue id to which the as sociated traffic stream is a ssigned. The queueid i s an integer from 0 to n-1, where n is the num ber of egress queu es supported by the device. Syntax assign-queue <0-7 > <0-7> - Queue ID.
- 376 - mirror <slot/port> <slot/port> - Interface Number. Default Setting None Command Mode Policy-Class-Map Config Incompatibilities Drop, Redirect 7.21.3.4 redirect This command specifies that all incoming packets fo r the associated traffic strea m are redirected to a specific egress interface (physical port or port -channel).
- 377 - Command Mode Policy-Class-Map Config Incompatibilities Drop, Mirror 7.21.3.6 mark cos This command marks all packets for the associated traffi c stream with the specifi ed class of service val ue in the priority field of the 802.1p header. If the pa cket does not alre ady contai n this header, one is inserted.
- 378 - 7.21.3.8 no class This command deletes the instance of a particular class and its defined treatmen t from the spe cified policy. Syntax no class <classname> < classname> is the name of an existing DiffServ class. Note that this co mmand removes the reference to the class definition for the specified policy.
- 379 - Syntax mark ip-preceden ce <0-7> Command Mode Policy-Class-Map Config Policy Type In Incompatibilities Drop, Mark (all forms) 7.21.3.11 police-simple This command is used to e stablish the traffic policing st yle for the specifie d class.
- 380 - <set-co s-transmit> - an priority value is required and is specified as an integer from 0-7. <set-dscp-tr ansmit> - is required and is specifie d as either an integer fro m 0 to 63.
- 381 - Global Config Policy Type In 7.21.4 Service Commands The 'service' command set is use d in DiffServ to define: Traffic Conditioning Assign a DiffServ traffic conditioning policy (as specified by the policy commands) to an interfa ce in the incomi ng direction.
- 382 - Command Mode Global Config (for all system interfaces) Interface Config (for a specific interface) Restrictions Only a single policy may be attached to a particular interface in a particula r direction at any one time. 7.21.4.2 no service-policy This command detaches a policy from a n interface in a particula r direction.
- 383 - This information can be displayed in eith er summary or detailed formats. The status informatio n is only shown when the DiffServ administ rative mode is e nabl ed; it is suppressed otherwise. There is also a 'show' command for gene ral DiffServ information that is available at any time.
- 384 - 7.21.5.2 show diffserv This command displays the DiffServ Gen eral Stat us Group information, which incl ude s the current administrative mode setting as well as the cu rrent an d maximum number of rows in each of the main DiffServ private MIB tables.
- 385 - Default Setting None Command Mode Privileged Exec Display Message DiffServ Admin Mode: The current set ting of the DiffServ adm inistrative mode. An attached policy is only in effect on an interface while DiffServ is in an enabled mode. Interface: The slot number and port nu mber of the interface (slot/port).
- 386 - 7.21.5.5 show policy-map This command displays all configuration information for the specified policy. Syntax show policy-map [<policy-map-name>] <policy-map-name> - is the name of an existing DiffServ policy. Default Setting None Command Mode Privileged Exec Display Message Policy Name: The name of this policy.
- 387 - Non-Conform Action: The current setti ng for the action taken on a packet considered to not conform to the policing parameters. This is not displayed if policing not in use for the class under this p olicy. Non-Conform DSCP Value: Thi s field displ a ys the DSCP mark value if this action is ma rkdscp.
- 388 - The following information is repeated for each class instance w ithin this policy : Class Name: The name of this class instance. In Offered Packets: A count of the pa ckets offered t o this cla ss instan ce before the defined DiffServ treatment is applied.
- 389 - 7.22 ACL Command 7.22.1 Show Commands 7.22.1.1 show mac access-lists name This command displays a MAC access list and all of the rules that are defined for the ACL.
- 390 - show mac access -lists Default Setting None Command Mode Privileged Exec Display Message Current number of all ACLs: The number of u ser-configured rule s define d for this ACL. Maximum number of all ACLs: The maximum number of ACL rules. MAC ACL Name: The name of the MAC ACL rule.
- 391 - Rule: This display s the nu mber id entifier for each rule that is defined for the ACL. Action: This displ ays the action associated with each ru le. The possible values are Permit or Deny. Match ALL: Match all packets or not. Protocol: This displays the protocol to filter for this rule.
- 392 - Sequence Number: An optional sequence n umbe r may be specified to indicate the orde r of this access list relative to other acce ss li sts already assigned to this inte rface a nd direction. A lower number indicates higher pr ece dence order.
- 393 - Default Setting None Command Mode Global Config 7.22.2.3 mac access-group in This command attaches a spe cific MAC Access Control List (ACL) identified by <name> to an interface, or associates it wi th a VLAN ID, in a given direction. Th e <name> parameter must b e the name of an exsiting MAC ACL.
- 394 - A rule may either deny or permit traffic according to the specified classification fields. At a minimum, the source and destination MAC value and mask pai rs m u st be specified, each of which may be sub stituted using the keyword any to indicate a match on any val ue in that field.
- 395 - permit or deny - The ACL rule is create d with two options. The protocol to filter for an ACL rule is specified by giving the protocol to be us ed like i cmp ,igmp ,ip ,tcp, udp . The command specifies a source ip address and source mask for match condition of the ACL rule specified by the srcip and srcmask parameters.
- 396 - This command specified in 'Interface Co nfig' mode only affects a single interface , where as the 'Global Config' mode setting is applied to all interface s. The VLAN keyword is only valid in the 'Global Config' mode.
- 397 - None Command Mode Global Config 7.22.2.9 ip access-list rename Use this command to cha nge the name of an IP Access Control Li st (ACL). The <name> para meter is the names of an existing IP ACL. The <newname> p aramete r is a case-se nsitive alphan umeric string from 1 to 31 characters uniquely identifying the IP access li st.
- 398 - User EXEC Display Message Rule Number: The ordered rule nu mber identifier defined within the IPv6 ACL. Action: The action asso ci ated with each rule. The possible values are Permit or Deny. Match All: Indicates whether this access list applies to every packet .
- 399 - Default Setting None Command Mode Global Config 7.23.2.2 ipv6 access-list rename This command change s th e name of an IPv6 ACL. The <name> parameter is the name of an e xisting IPv6 ACL. The <newname> parameter is a case -sensi tive alphanumeric strin g from 1 to 31 ch aracters uniquely identifying the IPv6 access list.
- 400 - The assign-queue parameter allows spe cification of a particular hardware queue for handling traffic that matches this rule. The allowed <queue-id> value is 0-(n-1), where n is the number of user configurable queues available for the hardwa re platform.
- 401 - Command Mode Global Config Interface Config 7.24 CoS (Class of Service) Command 7.24.1 Show Commands 7.24.1.1 show queue cos-map This command displays th e current Dot1p (8 02.1p) priority mapping to internal traffic classes for a specific interface.
- 402 - 7.24.1.2 show queue ip-dscp-mapping This command maps an IP DSCP value to an internal traffic class. The <ipdscp> value is sp ecified as either an integer from 0 to 63, or symbolically t.
- 403 - Non-IP Traffic Class: The traffic cla ss used for non-IP traffic. This is only displayed whe n the COS trust mode is set to either 'trust ip -d scp' or 'trust ip-preced ence'. Untrusted Traffic Class : The traffic class use d for al l untrusted traffic.
- 404 - 7.24.2 Configuration Commands 7.24.2.1 queue cos-map This command maps an 80 2.1p prio rity to an internal traffic class on a "per-p ort" basis. Syntax queue cos-map <0 -7> <0-7> no queue cos-map < 0-7 > - The range of queue prio rity is 0 to 7.
- 405 - Syntax queue trust {dot1p | ip-dscp | untrusted } all no queue trust all no - This command sets t he class of service trust mode to untru sted for all interfaces.
- 406 - <bw-0> <b w-1> … <bw-6>- Each Valid range is (0 to 100) in increments of 5 and the total su m is less than or equal to 100. no - This command restores the defaul t for each queue's minimum band width value in the device.
- 407 - 7.24.2.5 queue cos-queue traffic-shape This command specifies the maximum transmi ssion band width limit for the interface as a whole. Also known as rate shaping, this ha s the effect of smoothing tempo rary traffic bursts over time so that the transmitted traffic rate is bounded.
- 408 - 7.25 Domain Name Server Relay Commands 7.25.1 Show Commands 7.25.1.1 show hosts This command displays the static ho st name-to-address mappin g table. Syntax show hosts Default Setting None Command Mode Privileged Exec Display Message Domain Name List: Domain Name.
- 409 - Response: Number of the DNS response packet s been received. 7.25.1.3 show dns cache This command displays all entrie s in the DNS cache table.
- 410 - None Command Mode Global Config 7.25.2.2 clear hosts This command clears the e ntire static host name-to-address mappi ng table. Syntax clear hosts Default Setting None Command Mode Privileged Exec 7.25.2.3 ip domain-name This command defines the default domain name to be appended to incomplete host name s (i.
- 41 1 - 7.25.2.4 ip domain-list This command defines the domain name that can be a ppended to incomplete host names (i.e., host names passed from a client are not form atted with dotted notation).
- 412 - Global Config 7.25.2.6 ip domain-lookup This command enables the IP Domain Naming Syste m (DNS)-based host name- to-address translation. Syntax ip domain-lookup no ip domain-lookup <no> - This command disables the IP Domain Nami ng System (DNS)-bas ed host name-to-address translation.
- 413 - Default Setting None Command Mode Privileged Exec 7.25.2.9 clear dns cache This command clears all e ntries in the DNS cache table. Syntax clear dns cache Default Setting None Command Mode Privileged Exec 7.25.2.10 clear dns counter This command clears the statistics of all entries in the DNS cache table.
- 414 - 8. Routing Commands le 8.1 Address Resolution Protocol (ARP) Commands 8.1.1 Show Commands 8.1.1.1 show ip arp This command displ a y s t he Address Resolution Protocol (ARP) cache. Syntax show ip arp Default Setting None Command Mode Privileged Exec Display Message Age Time: Is the time it takes for an ARP entry to age out.
- 415 - Typ e: Is the type that was configure d into the unit. The possible values are Local , Gateway, Dynamic and Static. Age: This field displays the current age of the AR P entry since last refre sh (in hh:mm:ss format). 8.1.1.2 show ip arp brief This command displ ays the brief Addre ss Reso lution Protocol (ARP) table information.
- 416 - None Command Mode Privileged Exec Display Message IP address: Is the IP address of a device on a subnet a ttached to an existing rou ting interface. MAC addr ess: Is the MAC address for that device. 8.1.2 Configuration Commands 8.1.2.1 arp This command creates a n ARP entry.
- 417 - no - This command disab les proxy ARP on a router interface. Default Setting Enabled Command Mode Interface Config 8.1.2.3 ip local-proxy-arp This command enables o r disables Local Proxy ARP on an interface. Syntax ip local-proxy-arp no ip local-proxy-arp no - This command disab les Local Proxy ARP on a router interface.
- 418 - 8.1.2.5 arp dynamicrenew This command enables ARP compo nent to automatica lly renew ARP entries of type dynamic when they age out. Syntax arp dynamicrenew no arp dynamicrene w no - This command disab les ARP component from aut omatically renewing ARP entries of type dynamic when they age out.
- 419 - arp resptime <1-10> no arp resptime <1-10> - The range of defa ult response time is 1 to 10 seconds. no - This command confi gure s the default response timeout time. Default Setting The default response time is 1. Command Mode Global Config 8.
- 420 - Default Setting The default value is 1200. Command Mode Global Config 8.1.2.10 clear ip arp-cache This command causes all ARP entrie s of type dynamic to be removed form the ARP cache. If the [gateway] parameter is specifi ed, the dynamic entries of type gateway are purged as well.
- 421 - Default Time to Live: The computed TTL (Time to Live) of forw ardi ng a packet from the local router to the final destination. Routin g Mode: Show whether the routing mode is enabled or disabled. IP Forwarding Mode: Disable or enable the forwardi n g of IP frames.
- 422 - 8.2.1.3 show ip interface brief This command displays su mmary inform ation about IP c onfiguration settings for all ports in the router. Syntax show ip interface brief Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: Valid slot, and port number separated by forward slashes.
- 423 - None Command Mode Privileged Exec Display Message Route Codes: Displays th e key for the routing protocol co d es that might appear in the routing table output.
- 424 - Next H o p IP Address: The outgoing router IP address to use when forwarding traffic to the next router (if any) in the path toward the destination.
- 425 - None Command Mode Privileged Exec Display Message Route Codes: Displays th e key for the routing protocol co d es that might appear in the routing table output.
- 426 - IP-Address/Mask: The IP-Address and mask of the destinati on n etwork correspondi ng to this route. Preference: The administrative distan ce associated with this route. Routes with low value s are preferred over routes with highe r values. Metric: The cost associated with this route.
- 427 - Syntax show ip route static [all] Default Setting None Command Mode Privileged Exec Display Message Route Codes: Displays th e key for the routing protocol co d es that might appear in the routing table output.
- 428 - Connected Routes: The total number of conn ected routes in the routing table. Static Routes: Total number of static routes in the routing table. RIP Routes: Total number of routes inst alled by RIP proto col. OSPF Routes: Total number of routes installed by OSPF protocol.
- 429 - no routing no - Disable routing for an interface. Default Setting Disabled Command Mode Interface Config 8.2.2.2 ip routing This command enables the IP Router Ad min Mode for the master switch. Syntax ip routing no ip routing no - Disable the IP Router Admin Mode for the master switch.
- 430 - Default Setting None Command Mode Interface Config 8.2.2.4 ip route This command configure s a static route. Syntax ip route <networkaddr> <subnetma sk > [ <nexthopi p> [<1-255 >] ] no ip route <networkaddr> <subnetma sk> [ { <n exthopip> | <1-255 > } ] <ipaddr> - A valid IP address .
- 431 - None Command Mode Global Config 8.2.2.6 ip route precedence This command sets the default precedence for static r outes. Lower route prefe rence values are preferred when determining the best route.
- 432 - Interface Config 8.2.2.8 encapsulation This command configure s the link laye r encap sulation type for the packet. Syntax encapsulation {ethernet | snap} ethernet - The link layer encapsulation type is ethern et. snap - The link layer encapsulation type is SNAP.
- 433 - ! Some of the information below display s onl y if you enable OSPF and co nfigure certai n features. Router ID : A 32-bit integer in dotted decimal format ident ifying the router, about which information is displayed. This is a configured value.
- 434 - AS_OPAQUE LSA Checksum: Sho w s the sum of the LS Checksums of AS Opaque LSA s contained in the link-state databa se. New LSAs Originated: The number of new link-state adverti sements that have been origin ated. LSAs Received: The number of link-state advertise m ents received determined to be ne w instantiations.
- 435 - Syntax show ip ospf abr Default Setting None Command Mode Privileged Eexc User Exec Display Messages Typ e: The type of the route to the destination. It can be either: • intra — Intra-area route • inter — Inter-area route Router ID: Router ID of the destination.
- 436 - Area Border Router Count: The total numbe r of area border routers reachable within this area. Area LSA Count: Total nu mber of link-state advertisement s in this area's lin k-state database, excluding AS External LSA’s.
- 437 - 8.3.1.4 show ip ospf asbr This command displays the internal OSP F routing table entries to Autonomous System Boundary Routers (ASBR). This command takes no options. Syntax show ip os pf asbr Default Setting None Command Mode Privileged Exec User Exec Display Messages Typ e: The type of the route to the destination.
- 438 - nssa-external - Use nssa-external to display NSSA external LSAs. opaque-area - Use opaqu e-area to display area opaq ue LSAs. opaque-as - Use opaque-as to display AS opaque L SAs. opaque-link - Use opaque-link to di splay link opaque LSAs. router - Use router to display router LSA s .
- 439 - None Command Mode Privileged Exec User Exec Display Messages Router: Total numbe r of router LSAs in the OSPF link state database. Network: Tot al number of network LSAs in the OSPF link state database. Summary Net: Total number of summary network LSAs in the database.
- 440 - Retransmit Interval: A number repre senting the OSPF Retransmit Interval for the sp ecified interface. Hello Interval: A number representing the OSPF Hell o In terval for the specified interface. Dead Interval: A number repre se nting the OSPF De ad Interval for the spe cified interface.
- 441 - Interface: Valid slot and port numb er s eparated by a forward slash. OSPF Admin Mode: States whether OSPF is enabled or disa bled on a router interface. OSPF Area ID: The OSPF Area Id for the specified int erface. Router Priority: A number representing the OSPF Pri ority for the specifie d interf ace.
- 442 - Neighbor Events: The nu mber of times this neighbor relati onship has changed state, or an error ha s occurred. External LSA Count: The number of external (LS type 5) link- state advertise ments in the l ink-state database. Sent Packets: The number of OSPF packets transmitted on the interface.
- 443 - show ip ospf neighbor [interfa ce <slot/port>] [<ip-address>] Default Setting None Command Mode Privileged Exec User Exec Display Messages If you do not specify an IP address, a ta.
- 444 - Options: An integer value that indicates the optional OSPF cap abilities supported by the nei ghbo r. The neighbor's optional OSPF capabilities are also listed in its Hello packets. This enables received Hello Packets to be rejected (i.e.
- 445 - 8.3.1.12 show ip ospf statistics This command displays inf o rmatio n about recent Shor test Path First (SPF) calculations. The SPF is the OSPF routing table calculation. The output lists the number of times the SPF has run for each OSPF area.
- 446 - Display Messages Area ID: A 32-bit identifier for the created stub area. Type of Service: The type of service associated with the stub metri c. only sup po rts Norm al TOS. Metric Val: The metric value is applied based on the TOS. It defaults to the least metric of the type of service among the interfaces to other areas.
- 447 - Syntax show ip ospf virtual-link brief Default Setting None Command Mode Privileged Exec User Exec Display Messages Area ID: The area id of the requested O SPF area. Neighbor: The neighbor interface of the OSPF virtual interface. Hello Interval: The configured hell o interval for the OSPF virtual interface.
- 448 - Syntax enable no enable Default Setting Enabled Command Mode Router OSPF Config Mode 8.3.2.3 network area Use network area command to enable O SPFv2 on an interface and set its area ID if the IP address of an interface is covered by this network command.
- 449 - Interface Config 8.3.2.5 1583compatibility 1583 compatibility mode is enabled by default. If all OSPF routers in the routing domain are capabl e of operating according to RFC 2328, OSPF 1583 comp atibility mode should be disabled. 1583compatibility command enables OSPF 1583 compatibility.
- 450 - area <areaid> nssa no area <areaid> n s sa Default Setting None Command Mode Router OSPF Config Mode 8.3.2.8 area nssa default-info-originate area nssa default-info-ori ginate command configures the metric value and type for the defaul t route advertised into the NSSA.
- 451 - 8.3.2.10 area nssa no-summary area nssa no-summary command configures the NSSA so that summary LSAs are not advertised into the NSSA. no area nssa no-summary command di sables nssa from the su.
- 452 - Syntax area <areaid> nssa translator-s tab-intv <stabilityinterval> no area <areaid> nssa translator -stab-intv <stabilityinterval> Default Setting None Command Mode Router OSPF Config Mode 8.3.2.13 area range area range command creates a specified area range for a specified NSSA.
- 453 - Command Mode Router OSPF Config Mode 8.3.2.15 area stub no-summary area stub no-summary command confi gures the Summary LSA mode for the stub area identified by <areaid> .
- 454 - be 8 bytes or less if the authentication type is simple . If the type is encrypt, the key may be up to 16 bytes. Unauthenticated interfaces do not need an authentica tion key. If the type is encrypt, a key id in the ra nge of 0 and 255 must be specified.
- 455 - Syntax area <areaid > virtual-li nk <neighbor> hello-inte rval <1-65535> no area <areaid> virtual-li nk <neighbor> hello-interval Default Setting 10 Command Mode Router OSPF Config Mode 8.
- 456 - Router OSPF Config Mode 8.3.2.22 auto-cost By default, OSPF computes the link cost of each inte rf ace from the interface band width. Faster l inks have lower metrics,making them more attr active in route selection.
- 457 - Interface Config 8.3.2.24 capability opaque Use capability opaque command to en able Opaque Capability on the Router. The information co ntained in Opaque LSAs may be used directly by OSPF or i ndirectly by an application wi shing to distri bute information throughout the OSPF domain.
- 458 - Default Setting None Command Mode Privileged Exec 8.3.2.27 clear ip ospf counters Use this command to reset global an d interface statistics Syntax clear ip ospf counters Default Setting None Command Mode Privileged Exec 8.3.2.28 clear ip ospf neighbor Use this command to drop the adja cency with all OS PF neigh bors.
- 459 - Syntax clear ip ospf neighbor interface [slot/port ] [neighbor-id] Default Setting None Command Mode Privileged Exec 8.3.2.30 clear ip ospf redistribution Use this command to flush all self-originated external LSAs. Rea ppl y the redistri bution co nfiguration and re-originate prefixes as necessary.
- 460 - 8.3.2.32 default-metric default-metric command is used to set a default for the metric of distributed ro utes. no default-metric comma nd is u sed to set a default for the metric of distributed routes. Syntax default-metric <1-16777214> no default-metric Default Setting None Command Mode Router OSPF Config Mode 8.
- 461 - Syntax distribute-list <1-199> out {rip | bgp | static | connecte d} no distribute-list <1-199 > out {rip | bgp | static | connected} Default Setting None Command Mode Router OSPF Config Mode 8.3.2.35 exit-overflow-interval exit-overflow-interval command configure s the exit overflow interval for OSPF.
- 462 - Default Setting -1 Command Mode Router OSPF Config Mode 8.3.2.37 ip ospf authentication ip ospf authentication co mmand sets the OSPF Authentication Type and Key for the spe cified interface. The value of <type> is either none, simple or en crypt.
- 463 - 8.3.2.39 ip ospf dead-interval ip ospf dead-interval com mand sets th e OSPF dead interval for the specified interface. The value for <seconds> is a valid positive integer, which rep res.
- 464 - point-to-point network. For point-to- point networks, OS PF does not elec t a desig nated router or generate a network link state advertisement (LSA). Both endpoi nt s of the link must be configured to operate in point-to-point mode.. no ip ospf network command to return the OSPF network type to the default.
- 465 - ip ospf retransmit-interval <0-3600> no ip ospf retransmit-interval Default Setting 5 Command Mode Interface Config 8.3.2.44 ip ospf transmit-delay ip ospf transmit-delay command sets the OSPF Transit Del ay for the specified interface. The transmit delay is specified in seconds.
- 466 - Interface Config 8.3.2.46 router-id router-id command sets a 4-digit dotte d-decimal number uniquely identifying the router ospf id. The <ipaddress> is a configured value. Syntax router-id <ipaddress> Default Setting None Command Mode Router OSPF Config Mode 8.
- 467 - 8.3.2.48 maximum-paths maximum-paths command sets the number of paths that O SPF can report for a given destination where maxpaths is platform dependent. no maximum-paths command resets the number of paths that OSPF can report for a given destination back to its default value.
- 468 - Default Setting Disabled Command Mode Router OSPF Config Mode 8.3.2.51 timers spf Use this command to confi gure the SPF delay time an d hold time.
- 469 - User Exec Display Message Maximum Hop Count: Is the maximum allowable rel ay agent hops. Minimum Wait Time (Seconds) Is the minimum wait time. Admin Mode Represents whether relay ing of requ ests is enabled or disabled. Server IP Address Is the IP Address for the BootP/DHCP Relay serv er.
- 470 - Command Mode Global Config 8.4.2.3 bootpdhcprelay maxhopcount This command configure s the maximum allowabl e relay agent hop s for BootP/DHCP Relay on the system. Syntax bootpdhcprelay maxhopcount <1-16 > no bootpdhcprelay maxhopcount <count> - The range of maximum hop cou nt is 1 to 16.
- 471 - 8.4.2.5 bootpdhcprelay serverip This command configure s the se rver IP A ddress for BootP/DHCP Relay on the system. Syntax bootpdhcprelay serverip <ipadd r> no bootpdhcprelay serverip <ipaddr> - The IP address of the BootP/DHCP serv er.
- 472 - - a route will be included in updates sent to the router from which it was learned, but the metric will be set to infinity. The default is simple Auto Summary Mode: Select enable or disable from the pu lldown menu.
- 473 - Authentication Key : 16 alpha-num eric characters for authentication key when uses simple or encrypt authentication. Authentication Key ID: It is a Key ID when uses MD5 enc ryption for RIP authentication. Default Metric: A numbe r which represents the metric used for default routes in RIP updates originated on the specified interfac e.
- 474 - Syntax enable no enable no - This command sets the admini strative mode of RIP in the router to inactive. Default Setting Enabled Command Mode Router RIP Config 8.5.2.2 ip rip This command enables RIP on a router interface. Syntax ip rip no ip rip no - This command disab les RIP on a router inte rface.
- 475 - Disabled Command Mode Router RIP Config 8.5.2.4 default-information originate This command is used to set the advertisement of default routes. Syntax default-information originat e no default-information originate no - This command is used to cancel the adverti sement of default routes.
- 476 - 8.5.2.6 distance rip This command sets the rou te preference value of RI P in the router. Lower route preference val ues a re preferred when determining the best rou t e. Syntax distance rip <1-255> no distance rip <1 - 255> - the value for distance.
- 477 - split-horizon {none | simpl e | poison} no split-horizon none - This command sets without using RIP split horizon mode. simple - This command sets to use simple split horizon mode. poison - This command sets to use poison reve rse mode. no - This command cancel to set the RIP split hori z on mo de an d sets none mode.
- 478 - Syntax Format for OSPF as source protocol: redistribute ospf [metric <1 -15 >] [match [internal ] [external 1] [external 2] [nssa-external 1] [nssa-external 2]] Format for other source p.
- 479 - Command Mode Interface Config 8.5.2.12 ip rip receive version This command configure s the interfa ce to allow RIP control packet s of the specified version(s) to be received.
- 480 - rip2 Command Mode Interface Config 8.6 Router Discovery Protocol Commands 8.6.1 Show Commands 8.6.1.1 show ip irdp This commands display s the router discovery informat ion for all interfaces, or a specified interface.
- 481 - 8.6.2 Configuration Commands 8.6.2.1 ip irdp This command enables Router Discovery on an interface. Syntax ip irdp no ip irdp <no> - Disable Route r Discovery on an interface. Default Setting Disabled Command Mode Interface Config 8.6.2.
- 482 - ip irdp holdtime < maxadvertinterval-90 00 > no ip irdp holdtime < maxadvertinterval-9000 > The range is the maxadvertinterval to 9000 second s. no - This command configure s the def ault value, in seconds, of the holdtime field of the router advertisement sent from this interface.
- 483 - no - This command sets the minimum t ime to 450. Default Setting The default value is 450. Command Mode Global Config 8.6.2.6 ip irdp preference This command configure s the prefe ra bility of the addre ss as a defau lt router address, relative to other router addresses on the same subnet.
- 484 - Command Mode Privileged Exec User Exec Display Message MAC Address used by Routing VLANs: Is the MAC Address associated with the internal bridgerouter interface (IBRI). The same MAC Address is used by all VLAN r outing interfaces. It will be displayed above the per-VLAN information.
- 485 - Syntax show ip vrrp Default Setting None Command Mode Privileged Exec User Exec Display Message Admin Mode: Displays the administrative mode for V RRP fun ctionality on the switch. Router Checksum Errors: Represents the total number of VRRP packet s re cei ved with an invalid VRRP checksum value.
- 486 - 8.8.1.3 show ip vrrp interface This command displays all configuration information of a virtual router configured on a spe cific interface. Note that the information will be di splayed only when th e IP address of the sp ecific interface is configured.
- 487 - None Command Mode Privileged Exec User Exec Display Message VRID: Represent s the rout er ID of the virtual router. Uptime: Is the time that the virtual router has b een up, in days, hou rs, minutes and second s. Protocol: Repre sent s the protocol conf igured on the i nterface.
- 488 - ip vrrp no ip vrrp Default Setting Disabled Command Mode Global Config This command sets the virt ual route r ID on an interf ace for Virtual Router conf iguration in the router. Syntax ip vrrp <1-255> no ip vrrp <1-255> <1-255> - The range of virtual route r ID i s 1 to 255.
- 489 - None Command Mode Interface Config 8.8.2.3 ip vrrp mode This command enables the virtual router configured on the specified interface. Enabling the status field starts a virtual router. Syntax ip vrrp <1- 255> mode no ip vrrp <1-255> mode <1-255> - The range of virtual route r ID i s 1 to 255.
- 490 - Interface Config 8.8.2.5 ip vrrp preempt This command sets the preemption mo de value for the virtual router configured on a specified interface. Syntax ip vrrp <1-255> preempt no ip vrrp <1-255> preempt <1-255> - The range of virtual route r ID i s 1 to 255.
- 491 - The default priority value is 100 unless the router is the address owner, in whi ch ca se its priority is automatically set to 255. Command Mode Interface Config 8.8.2.7 ip vrrp timers advertise This command sets the ad vertisement value for a virtual router in seco nd s.
- 492 - <1-255> - The range of virtual route r ID i s 1 to 255. < 1-254 > - The range of d ecrement is 1 to 254. <no> - This command removes the interface from the trac ked li st or to restore the priority decrement to its default. Default Setting Decrement: 10 Command Mode Interface Config 8.
- 493 - 9. IP Multicast Commands 9.1 Distance Vector Multicast R outing Protocol (DVMRP) Commands This section provides a detailed explanation of the DVMRP com mands. The commands are divided into the following different groups: Show commands are used to display device settings, stat istics and o ther information.
- 494 - 9.1.1.2 show ip dvmrp interface This command displays the interface inform ation for DVMRP on the specified interface. Syntax show ip dvmrp interface <slot/port> <slot/port> - Valid slot and port number separated by forwa rd slashes.
- 495 - User EXEC Display Message IfIndex: This field displays the value of the interfa ce used to reach the neighbor. Nbr IP Addr: This field indi cates the IP Address of the DVMRP neig hbor for which this entry contains information. State: This field displays the state of the neighbori ng router.
- 496 - 9.1.1.5 show ip dvmrp prune This command displays the table listing the router’s upstream prune information . Syntax show ip dvmrp prune Default Setting None Command Mode Privileged Exec User Exec Display Message Group IP: This field identifies the multicast Address that is pruned.
- 497 - Upstream Neighbor: This field indicates the IP Address of the ne ighbo r which is the source f or the packets for a specified multica st address. Interface: This field displays the interfa ce used to receive the packets s ent by the source s. Metric: This field displays the dista nce in hops to the source subnet.
- 498 - Command Mode Interface Config 9.1.2.2 ip dvmrp metric This command configures the metric for an interfa ce. This value is used in the DVMRP messa ges as the cost to reach this network. Syntax ip dvmrp metric <value> no ip dvmrp metric <value> <value> - Thi s field ha s a range of 1 to 3 1.
- 499 - Default Setting None Command Mode Privileged Exec User EXEC Display Message IGMP Admin Mode: This field displays the administrative st atus of IGMP. This is a configu red value. Interface: Valid slot and port numb er separated by forward slashes.
- 500 - If detail is specified, the following fields are display ed: Multicast IP Address: This displays the IP Address of the registered multica st group on this interface. Last Reporter: This displays the IP Add ress of the source of the last memb ership report receiv ed for the specified multicast group addre ss on this interface.
- 501 - Robustness: This field displays the tuning for the exp e cted packet loss on a subnet. If a subnet is expected to be have a lot of loss, the Robustn ess vari able may be increased for that interface.
- 502 - Source Filter Mode: The source filter mode (Includ e/Excl ude ) for the sp ecified group on this interface. This is “-----” for IG MPv1 and IGMPv2 Membership Rep o rts. Source Hosts: This displays the list of unicast source IP Addresses in the gro up record of the IGMPv3 Membership Report with the specified multic ast group IP Addre ss.
- 503 - 9.2.2 Configuration Commands 9.2.2.1 ip igmp This command sets the ad ministrative m ode of IGM P in the route r to active . Syntax ip igmp no ip igmp no - This command sets the admini strative mode of IGMP in the router to inactive.
- 504 - no - This command resets the version of IGMP for this interface. The version is re set to the default value. Default Setting 3 Command Mode Interface Config 9.2.2.3 ip igmp last-member-query-count This command sets the number of Group-Spe cific Qu eries sent bef ore the router assumes tha t there are no local members on the interface.
- 505 - 10 tenths of a second Command Mode Interface Config 9.2.2.5 ip igmp query-interval This command configure s the que ry interval for the specified inte rfa ce. This is the frequency at which IGMP Host-Query packets are tra nsmitted on this interface.
- 506 - Interface Config 9.2.2.7 ip igmp robustness This command configures the robustne ss that allows tuning of the interface. T he robustness is the tuning for the expected packet loss on a subnet. If a subnet is expected to have a lot of loss, the Robustne ss variable may be increased for the interface.
- 507 - 9.2.2.9 ip igmp startup-query-interval This command sets the interval betwee n General Quer ies sent by a Querier on startup on the interface. The time interval value is in seconds. Syntax ip igmp startup-query-interval <1-3 00 > no ip igmp startup-query-interval <1-300> - The range for <1-30 0 > is 1 to 300 seconds.
- 508 - Command Mode Privileged Exec Display Message The following fields are displayed as a table when <slot/port> i s specified. Group Address: The address of the m ultica st group. Interface: Interface throug h whi ch the multicast group is reachable.
- 509 - MLD Version: Indicates the version of MLD configu red on the interface. Query Interval: Indicates t he co nfigured query interval for the interface. Query Max Response Time: Indicates t he configured maximum query respo nse time (in seconds) advertised in MLD queries on this interfa ce.
- 510 - Queries Received: The numbe r of valid MLD queries received by the router. Queries Sent: The number of valid MLD que rie s sent by the router. Reports Receiv ed: The numbe r of valid MLD reports received by the router. Reports Sent: The numbe r of valid MLD reports sent by the router.
- 51 1 - Default Setting 1000 milliseconds Command Mode Interface Config 9.3.2.3 ipv6 mld last-member-query-interval Use this command to set the last memb er que ry interval for the MLD interface, which is the value of the maximum response time parameter in t he group specific queries sent out of this interface.
- 512 - Interface Config 9.3.2.5 ipv6 mld router Use this command, in the administrative mode of the router, to en able MLD in the router. Syntax ipv6 mld router no ipv6 mld router Default Setting Disabled Command Mode Global Config Interface Config 9.
- 513 - Default Setting None Command Mode Privilege Exec 9.3.2.8 ipv6 mld version This command configure s the version of MLD for an interface. Syntax ipv6 mld version {1 | 2} no ipv6 mld version <1- 2> - The mld version n umber. no - This command resets the version of MLD for this interface.
- 514 - Command Mode Privileged Exec User Exec Display Message Admin Mode: This field displays the administrative status of multicast. This is a configure d value. Protocol State: This field indicates the current state of t he multica st protocol. Possible value s are Operational or Non-Operational.
- 515 - Syntax show ip mcast interface <slot/port> <slot/port > - Interface number. Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: Valid slot and port numb er separated by forward slashes. TTL: This field displays the time-to-live value for this i nterface.
- 516 - Flags: This field displays the flags asso ciated with this entry. If the “ summary ” parameter is spe cified , the following fields are displayed: Source IP: This field displays the IP addre ss of the multicast data source. Group IP: This field displays the IP address of the destination of the multicast packet.
- 517 - Group IP: This field displays the IP address of the destination of the multicast packet. Protocol This field displays the multicast routing protocol by which th is entry was created. Incoming Interface: This field displays t he interface on which the packet for this grou p arrives.
- 518 - 9.4.2 Configuration Commands 9.4.2.1 ip multicast This command sets the ad ministrative mode of the IP multicast forwa rd er in the router to active. For multicast routing to become operational, IGMP mu st be currently enabled. An error me ssage will be displayed on the CLI if multicast routing is enabled wh ile IGMP is disabled.
- 519 - no - This command deletes an a dministrative scope multicast boundary sp ecified by <gro upipaddr> and <mask> for which this multica st administrativ e boundary is ap plicable. <gro upipa ddr> is a group IP address and <mask> i s a group IP m ask.
- 520 - Syntax show ip pimdm Default Setting None Command Mode Privileged Exec User Exec Display Message Admin Mode: This field indicate s whether PIM-DM is enabled or disabled. This is a configured value. Interface: Valid slot and port numb er separated by forward slashes.
- 521 - 9.5.1.3 show ip pimdm interface stats This command displ ay s the statistical inf orm ation for PIM-DM on the sp ecifie d interface. Syntax show ip pimdm interface stats {<slot/port > | all} <slot/port> - Interface number. all - this command represents all interfaces.
- 522 - Display Message Neighbor Addr: This field displ ays the IP Addres s of the neigh bor on an interface. Interface: Valid slot and port numb er separated by forward slashes. Up Time: This field indicates the time si nce thi s neig hbor h as become active on this interface.
- 523 - Interface Config 9.5.2.3 ip pimdm hello-interval This command configure s the transmission fr equency of hello messages betwee n PIM enabled neighbors. This field has a range of 10 to 3600 seconds. Syntax ip pimdm hello-interval <10 - 3600 > no ip pimdm hello-interval <10 - 3600> - This is time interval in seconds.
- 524 - Admin Mode: Thi s field indicates whether PIM-SM is enabled o r disabled. This is a configured value. Data Threshold Rate (K b ps): This field sho ws the data threshold rate for the PIM-SM router.
- 525 - Syntax show ip pimsm interface <slot/port> <slot/port> - Interface number. Default Setting None Command Mode Privileged Exec User Exec Display Message Slot/Port: Valid slot and port number separated by forward slashes. IP Address: This field indicates the IP addres s of the spe cified interface.
- 526 - Privileged Exec User Exec Display Message Interface: Valid slot and port numb er separated by forward slashes. IP Address: This field displays the IP Addres s of the neigh bor on an interface. Up Time: This field indicates the time si nce thi s neig hbor h as become active on this interface.
- 527 - Command Mode Privileged Exec User Exec 9.6.2 Configuration Commands 9.6.2.1 ip pimsm This command sets administrative mode of PIM-SM mu ltica st routing across t he router to enabled.
- 528 - 9.6.2.3 ip pimsm register-threshold This command is used to configure the Threshold rate fo r the RP router to switch t o the shortest path. The rate is specified in Kilobits per second.
- 529 - 9.6.2.5 ip pimsm rp-address This command is used to create RP IP address fo r t he PIM-SM router. The parameter <rp-address> is the IP address of the RP. The parameter <g roup-address> is the group address su p ported by the RP. The parameter <group-ma sk> is the group mask for the group address.
- 530 - 9.6.2.7 ip pimsm hello-interval This command configure s the transmission frequen cy of hello messages in seconds betwe en PIM enabled neighbors. This field has a ran ge of 0 to 18000 seconds. Syntax ip pimsm query-interval <0 - 1800 0> no ip pimsm query-interval <0 - 18000> - This is time interval in seconds.
- 531 - ip pimsm dr-priority <0-214 7483 647> no ip pimsm dr-priority no - This command is used to reset the priority to default value. Default Setting 1 Command Mode Interface Config 9.6.2.10 ip pimsm bsr-candidate This command is used to configure the router to announce its candi dacy a s a bo otstrap router (BSR).
- 532 - ip pimsm rp-candidate interface <slot/port> < group-address> <group -mask> no ip pimsm rp-candidate interface <slot/port> <group -add ress> <g roup -m ask> no - This command is used to disable the route r to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap route r (BSR).
- 533 - Syntax show ip igmp-proxy Default Setting None Command Mode Privileged Exec User Exec Display Message Interface index : The interface number o f the IGMP Proxy. Admin Mode: States whether the IGMP Proxy is ena bl ed or not. This is a configured value.
- 534 - Interface: The interface number of the IGMP Proxy. Group Address: The IP address of the multica st gro up. Last Reporter: The IP address of ho st that last se nt a membership report. Up Time (in secs): The time elapsed since la st created. Member State: The status of the entry.
- 535 - 9.7.1.4 show ip igmp-proxy interface This command displays a d etailed list of the ho st interface status parameters. It displays the following parameters only when you enable IGMP Proxy.
- 536 - Default Setting Disabled Command Mode Interface Config 9.7.2.2 ip igmp-proxy reset-status This command resets the host interfa ce status p ara meters of the IGMP Proxy router. This command is valid only when you enable IGMP Proxy on the interface.
- 537 - 9.8 MLD Proxy Commands MLD-Proxy is the IPv6 equivalent of IGMP-Proxy. MLD-Proxy commands allow you to configure the network device as well as to view device settings a nd statistics using either seri al interface or telnet session. The operation of MLD-Proxy commands i s t he same as for IGMP-Proxy: MLD is for IPv6 and IGMP is for IPv4.
- 538 - Syntax show ipv6 mld-proxy groups Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: The interface number of the MLD-Proxy.
- 539 - group, on the network attached to the ML D-Proxy interface (up stre am interfa ce). Up Time (in secs): The time elapsed since la st created. Member State: Possible values are: • Idle_Member - interface has resp onded to the latest gr oup membe rship query for t his group.
- 540 - 9.8.2 Configuration Commands 9.8.2.1 ipv6 mld-proxy This command enables ML D-Proxy on the route r. To enable MLD-Proxy on the router, you must enable multicast forwarding. Also, make sure that there ar e no other multicast routing protocols enabled n the router.
- 541 - no ipv6 mld-proxy unsolicit-rprt-interval no - This command re sets the unsolicited repo rt interval of the MLD-Proxy router to the default value.
- 542 - 10. IPv6 Commands 10.1 Tunnel Interface Commands The commands in this section de scribe how to creat e, delete, and manage tunnel interfaces. Several different types of tunnels provide functionality to facilitate the transition of IPv4 networks to IPv6 networks.
- 543 - address and prefix display. 10.1.2 Configuration Commands 10.1.2.1 interface tunnel This command uses to ent er the Inte rfa ce Config m o de for a tu nnel interfa ce.
- 544 - 10.1.2.3 tunnel destination This command specifies the destin ation transport address of the tunnel. Syntax tunnel destination {<ipv4-addre ss>} <ipv4-address> - A valid IP Address. Default Setting None Command Mode Interfacel Tunnel Mode 10.
- 545 - 10.2.1 Show Commands 10.2.1.1 show interface loopback This command displays inf o rmatio n about configured loopback inte rface s. Syntax show interface loopback [<0-7>] Default Setting .
- 546 - interface loopback <0-7> no interface loopback <0-7> no - This command removes the loopback interface and associat ed configurat i on parameters for the specified loopback interface. Default Setting Disabled Command Mode Global Config 10.
- 547 - ICMPv6 Rate Limit Burst Size Sho ws the number of ICMPv6 er ror message s that can be sent during one burst-interval. F or more inform ation, see “i pv6 icmp error-interval” Maximum Routes Shows the maximum IPv6 route table size. 10.
- 548 - Router Advertisement Reachable Tim e: Shows the amount of time, in milliseconds, to consi der a neighbor reachable after n e ighbor discovery confirmati on. Router Advertisement Interval: Shows the frequen cy, in seconds, that router advertisement s are sent.
- 549 - Neighbor State: State of neighbor cache entry. Possible values a re Inco mplete , Reachable, Stale, Delay, Probe, and Unknown. Age(Seconds): Shows the system uptime when the inform ation for the neighbo r was last updated.
- 550 - MAC Address: The MAC Addre s s used . isRtr: Specifies the router flag. Neighbor State: The state of the neighbor cache ent ry. Possible values are: Reachable, Delay. Age Updated: The time in secon ds that has elapsed since an en t ry was a dded to the cache.
- 551 - Next-Hop: The outgoing router IPv6 addre ss to use whe n forwarding traffic to the next router (if any) in the path toward the destination Route-Timestamp: The last updated time for dynamic route s.
- 552 - Syntax show ipv6 route summary [all] Default Setting None Command Mode Privileged Exec Display Message Connected Routes: Total number of conne cted rout es in the routing table. Static Routes: Shows whether the IPv6 unicast routing mode i s enabled.
- 553 - 10.3.1.10 show ipv6 t raffic This command displays tra ffic and statistics for IPv6 and ICMPv6. Specify a logical, loopba ck, or tunnel interface to view information about traffic on a specific interface. If you do not specify an interface, the command displays information about traf fic on all interfaces.
- 554 - Datagrams Successfully Rea ssemble d: Number of IPv6 datagrams succe ssfully reassembled. Note that this counter increments at the interf ace to which these dat agram s were addressed, which might not be necessarily the input in terface for some of the fragments.
- 555 - ICMPv6 Router Solicit Messag es Received: Number of ICMP Router Solicit messages received by the interface. ICMPv6 Router Advertise ment Messages Receiv e d: Number of ICMP Router Advertisement messages received by the interface. ICMPv6 Neighbor Solicit Messages Receiv ed: Number of ICM P Neighbor Solicit messages received by the interface.
- 556 - ICMPv6 Duplicate Address Detec ts: Numbe r of dupl icate addresses detected by interface. 10.3.2 Configuration Commands 10.3.2.1 ipv6 forwarding This command enables IPv6 forwa rding on the switch. Syntax Ipv6 forwarding no ipv6 forwarding no - This command disab l es IPv6 forwardin g on the switch.
- 557 - 10.3.2.3 ipv6 unicast-routing Use this command to enable the forward ing of IPv6 unica st packets. Syntax ipv6 unicast-routing no ipv6 unicast-routing no – Use this command to disable the fo rwarding of IPv6 unica st packets. Default Setting Disabled Command Mode Global Config 10.
- 558 - this command since one is automatically created. Th e <p refix> field con sists of the bits of the a ddre ss to be configured. The <prefix_length> desi gnates how many of the high-order contig u ous bits of the address make up the prefix.
- 559 - <gateway-address > - G ateway address in IPv6 global or link-local addre ss format. no – Use this command remove IPv6 gateway s on the network port interface. Command Mode Interface vlan 10.3.2.7 ipv6 route Use this command to configure an IPv6 static route.
- 560 - Changing the default distance d oe s not update the distan ce of existing static routes, even if they were assigned the original default dist ance. The ne w defau lt distance will only be applied to static routes created after invoking the ipv6 route distance com mand.
- 561 - no ipv6 nd dad attempts no – This command resets to number of duplicate a ddress detection value to d efault value . Default Setting 1 Command Mode Interface Config 10.3.2.11 ipv6 nd managed-config-flag This command set s the “managed addre ss configuration” flag in rou ter advertisements.
- 562 - Default Setting 0 Command Mode Interface Config 10.3.2.13 ipv6 nd other-config-flag This command sets the “other stateful configuration ” flag in router adver tisements sent from the interface.
- 563 - 10.3.2.15 ipv6 nd ra-lifetime This command sets the value, in seco nds, that is placed in the Router Lifetime field of the rout er advertisements sent from the interfa ce. The <lifetime> value mu st be ze ro, or it must be an integer between the value of the router adver tisement transmission interval and 9000.
- 564 - ipv6 nd suppress-ra no ipv6 nd suppress-ra no – This command enables router tra nsmissi on on an interface. Default Setting Disabled Command Mode Interface Config 10.3.2.18 ipv6 nd prefix This command set s the IPv6 prefixe s to include in the router adve rtiseme nt.
- 565 - 10.3.2.19 ipv6 unreachables Use this command to enable the generat ion of ICMPv6 Destination Unreachable messages. By default, the generation of ICMPv6 Destination Unrea ch able m e ssag es is enabled. Syntax ipv6 unreachables no ipv6 unreachables no – This command prevent the generat ion of ICMP v6 Destination Unrea chable messag es.
- 566 - 10.3.2.21 ipv6 neighbors static The user can add/delete a static nei ghb or into neighbor cache tabl e. Syntax ipv6 neighbors static <ipv 6-address> <m ac-address> no ipv6 neighbors static <ipv6-ad dress> <ipv6-address> - Enter the IPv6 Address.
- 567 - Router ID: Is a 32 bit integer in dotted decimal format identifying the router, about which information is displayed. This is a configured value. OSPF Admin Mode: Shows whether the administ r ative mode of O SPF in the router is enabled or disabled.
- 568 - 10.4.1.2 show ip ospf abr This command displays the inte rnal OSPFv3 ro utes to reach Ar ea Border Routers ( ABR).This command takes no options. Syntax show ipv6 ospf abr Default Setting None Command Mode Privileged Exec User Exec Display Messages Typ e: The type of the route to the destination.
- 569 - External Routing: Is a number rep re se nting the external routing capabilities for this area. Spf Runs: Is the number of times that th e intra-area r oute table has been calcul ated using this area's link-state database. Area Border Router Count: The total n umbe r of area border routers rea chable within this area.
- 570 - Typ e: The type of the route to the destination. It can be either : • intra — Intra-area route • inter — Inter-area route Router ID: Router ID of the destination Cost: Cost of using thi s ro ute Area ID: The area ID of the area from wh ich this route is learned.
- 571 - Sequence: Is a number that represents whi ch LSA is more recent. Checksum: Is the total number LSA ch ecksum. Options: This is an integer. It indicates that the LSA receives special handling during routing calculations. Rtr Opt: Router Option s are valid for router links only.
- 572 - 10.4.1.7 show ipv6 ospf interface This command displays the information f or the IFO object or virtual interface tables. Syntax show ipv6 ospf interface {<sl ot/port > | loopb ack <0-7> | tunnel <0-7>} <slot/port> - Interface number.
- 573 - broadcast. The OSPF Interf ace Type will be 'broadcast'. State: The OSPF Interface States are: down, lo opback, waiting, point-to-p oint, desig nated router, and backup design ated route r. Designated Router: The route r ID representing the desi gnate d router.
- 574 - 10.4.1.9 show ipv6 ospf interface stats This command displays the statistics for a sp ecific interface. The command only displ ays information if OSPF is enabled Syntax show ipv6 ospf interface stats <slot/port> <slot/port> - Interface number.
- 575 - No Neighbor at Source Address: The numbe r of OSPF packets dropped because the sender is not an existing neighbor or the sender’s IP address do es not match the previou sly recorded IP address for that neighbor. NOTE: Does not apply to Hellos.
- 576 - • Exchange start - the first step in creating an adjacency between the two neighboring routers, the goal is to decide which router is the master and to decide upon the initial DD seq uence number. • Exchange - the router is describing its e nti re link state databa se by sending Dat aba se Description packets to the neighbor.
- 577 - User Exec Display Messages Area ID: The area id of the requested O SPF area. IP Address: An IP Address which represents this a rea range. Subnet Mask: A valid subnet mask for this area rang e. Lsdb Type: The type of link advertisement as sociated with this area range.
- 578 - <areaid> - Area ID. <neighbor> - Neighbor's router ID. Default Setting None Command Mode Privileged Exec User Exec Display Messages Area ID: The area id of the requested O SPF area. Neighbor Router ID: The input neig hbo r Router ID.
- 579 - Retransmit Interval: Is the configure d retransmit interval for the OSPFv3 virtual interface. Transit Delay: Is the configured transit delay for the OSPFv3 virtual interface. 10.4.2 Configuration Commands 10.4.2.1 ipv6 ospf This command enables OS PF on a router interface or loopback interface.
- 580 - 10.4.2.3 ipv6 ospf cost This command configure s the co st on an OSPF inte rface. The <cost> parameter has a range of 1 to 65535. Syntax ipv6 ospf cost <1-65535> no ipv6 ospf cost <no> - This command configures the def ault cost on an OSPF interface.
- 581 - 10.4.2.5 ipv6 ospf hello-interval This command sets the OSPF hello interval for the sp ecified interface. The value for <seconds> is a valid positive integer, which represe nts the le ngth of time in secon ds. The value fo r the length of time must b e the same for all routers attached to a ne twork.
- 582 - bandwidth IP network between two r outers, the network type can b e poi nt-to-point since there are only two routers. Using point-to-poi nt as the network ty pe eliminates the overhead of the OSPF design ated router election. It is normally not useful to set a tunnel to OSPF network type broadcast.
- 583 - Syntax ipv6 ospf retransmit-interv al <second s> no ipv6 ospf retransmit-interval <no> - This command sets the default OSPF retran sm it Interval for the specified interface.
- 584 - Command Mode Global Config 10.4.2.12 area default-cost This command configures t he monetary default cost for the stub area. The ope rator must specify the area id and an integer value between 1-1677 7215. Syntax area <areaid > default-co st <1-1677721 5> <areaid> - Area ID.
- 585 - 10.4.2.14 area nssa default-info-originate This command configures the metr ic value and type for the default rout e advertised into the NSSA. The optional metric parameter specifies the metric of the default route and is to be in a range of 1-16777 214.
- 586 - 10.4.2.16 area nssa no-summary This command configures the NSSA so that su mmary LSAs are not advertised into the NSSA Syntax area <areaid> nssa n o-summary no area <areaid> ns sa no -summary <areaid> - Area ID. no - This command disab les nssa from the summary LSAs.
- 587 - 10.4.2.18 area nssa translator-stab-intv This command configures t he translator stability interval of the NS SA. The <stabilityinterval> is the period of time that an elected translator continues to perform its duties after it determines that its translator status has been deposed by anot her router.
- 588 - Command Mode Router OSPFv3 Config 10.4.2.20 area stub This command creates a stub area for the specified area ID. A stub area is characteri zed by the fact that AS External LSAs are not propagated into the ar ea. Removing AS External LSAs and Summary LSAs can significantly reduce the link state dat abase of routers within the stub area.
- 589 - 10.4.2.22 area virtual-link This command creates the OSPF virtual interface for the specifie d <areaid> and <neighbo r>. The <neighborid> para meter is the Router ID of the neighbor.
- 590 - 10.4.2.24 area virtual-link hello-interval This command configure s the hello inte rval for the O SPF virtual interface on the interface identified by <areaid> and <neighborid> .
- 591 - 10.4.2.26 area virtual-link transmit-delay This command configure s the tran smit d elay for t he OSPF virtual interface on the virtual interface identified by <areaid> and <neighborid> .
- 592 - 10.4.2.28 default-information originate This command is used to control the advertisement of default route s . Syntax default-information originat e [always] [m etric <1-16777215>] [metric-type {1 | 2}] no default-information originat e [metric] [metric-type] [always] - Sets the router advertise 0.
- 593 - 10.4.2.30 distance ospf This command set s the rou te preferen ce value of OSPF in the route r. Lower route preference values are preferred when determining the best rou t e.
- 594 - 10.4.2.32 exit-overflow-interval This command configure s the exit overflow interval for OSPF. It describes the number of seconds after entering Overflow state that a router will wait before attempting to leave the Overflow State. This allows the router to again originate non-default AS-external-LSAs.
- 595 - 10.4.2.34 maximum-paths This command set s the number of paths that OSPF can repo rt for a given de stination where <maxpaths> is platform dependent. Syntax maximum-paths <1-2> no maximum-paths <1-2> - The maximum number of paths that OSPF can r eport for a given destination.
- 596 - passive-interface {<unit/slo t/port> | tunn el <tunnel-id>} no passive-interface {<unit/slot/port > | tunnel <tu nnel-id>} Default Setting Disabled Command Mode Router OSPFv3 Config.
- 597 - None Command Mode Router OSPFv3 Config 10.5 RIPng Commands RIPng is intended to allow routers to exchange info rmation for computing routes through an IP v6-ba sed network. RIPng is a distan ce vecto r protocol. RIPng should be implement ed only in routers.
- 598 - Distance: Configured value. Update Time: Configured value. Garbage Time: Configured value. Info Time: Configured value. Enable Ripng of interfaces: List all interfaces enabl ed RIPng. Enable passive mode of interfaces: List all interfaces enable d RIPng passive.
- 599 - Interface Config 10.5.2.3 ipv6 router rip Use this command to enter Router RIPng mode. Syntax ipv6 router rip Default Setting Disabled Command Mode Global Config 10.5.2.4 default-information originate This command is used to set the advertisement of default routes.
- 600 - <1-15> - a value for default -metri c. no - This command is used to reset the default metric of distributed routes to its default valu e. Default Setting Not configured Command Mode IPv6 Router RIP Config 10.5.2.6 distance rip This command sets the rou te preference value of RIPng in the route r.
- 601 - no - This command canc el to set the RIPngplit horizon mode and sets n one mode. Default Setting Simple Command Mode IPv6 Router RIP Config 10.5.2.8 redistribute This command configure s RIPng protocol to r edistrib u te route s from the specified source protocol/routers.
- 602 - garbage - This comman d sets to the RI Png garbage time. info - This command sets to the RIPng info time. no - This command sets t he RIPng tim er to default value. Default Setting update - the default value is 30 (seconds) garbage - the default value is 120 (seconds) info - the default value is 180 (seconds) Command Mode Global Config 10.
- 603 - show ipv6 pimdm Default Setting None Command Mode Privileged Exec User Exec Display Message PIM-DM Admin Mode: Indicates whether PIM-DM is enabl ed or disabled. Interface: Valid unit, slot, and port nu mb er separated by forward sl ash es. Interface Mode: Indicates whether PIM-DM is en abled or disabled on this interface.
- 604 - Syntax show ipv6 pimdm neighbor [<sl ot/port>|all] Default Setting None Command Mode Privileged Exec User Exec Display Message Interface: Valid unit, slot, and port nu mb er separated by forward sl ash es. Neighbor Address: The I P address of the neighbor on an interface.
- 605 - 10.6.2.2 ipv6 pimdm hello-interval Use this command to configure the PIM-DM hello in terval for the specified router interface. The hello-interval is specified in seconds and is in the range 30–3 600.
- 606 - Interface: Valid unit, slot, and port nu mb er separated by forward sl ash es. Interface Mode: Indicates whether PIM-SM is enabl ed or disabled on the interface. Operational State: The current state of the PIM-SM protocol on the interface. Po ssi ble values are Operational or Non- Op eration al.
- 607 - None Command Mode Privileged Exec User Exec Display Message Slot Port: Valid unit, slot, and port number sepa rated by forward slashes. IP Address: The IP address of the specified interface. Subnet Mask: The Subne t Mask for the IP address of the PIM interface.
- 608 - Syntax show ipv6 pimsm rphash <group -a ddress> <group-address > - the IP multicast group address. Default Setting None Command Mode Privileged Exec User Exec Display Message RP: The IP address of the RP for the group specified . Origin: Indicates the mechanism (BSR or stat ic) by which the RP was selected.
- 609 - 10.7.2 Configuration Commands 10.7.2.1 ipv6 pimsm This command sets administrative mod e of PIM-SM multicast routing across the router to enabled. MLD must be enabled before PIM-SM can be enable d. Syntax ipv6 pimsm no ipv6 pimsm no - This command sets admini strative mode of PIM- SM multicast routing across the router to disabled.
- 610 - 10.7.2.3 ipv6 pimsm register-threshold This command configure s the Register Threshol d rate for the Rendezvous Point router to switch to a source-specific shorte st pa th.
- 61 1 - 10.7.2.5 ipv6 pimsm rp-candidate This command is used to configure the router to adv ertise itself as a PIM candidate rend ezvo us point (RP) to the bootstrap router (BSR).
- 612 - default - Defines the SSM range acce ss list to 232/8. no - This command is used to disable the Source Specific Multicast (SSM) range. Default Setting Disbaled Command Mode Global Config 10.7.2.8 ipv6 pimsm bsr-border Use this command to prevent bootstrap route r (BSR) messages fro m being sent or received through an interface.
- 613 - Interface Config 10.7.2.10 ipv6 pimsm join-prune-interval This command is used to configure the interface join/p rune interval for the PIM- SM router. The join/prune interval is specified in seconds. This paramete r can be configured to a value fro m 0 to 18000.
- 614 - 11. Web-Based Management Interface 11.1 Overview The Layer 3 Network Switch provides a built-in browser software i nterface that lets you configure and manage it remotely using a standard Web browser su ch as Microsoft Internet Explorer or Netscape Navigator.
- 615 - 7. IPv4 Multicast Menu: This section p rovides users to conf igure IGMP, DVMRP, Multicast, PIM-DM, PIM-SM. It also provides information for a multicast distribution tree. 8. IPv6 Multicast Menu: This section p rovides users to conf igure MLD, PIM-DM, PIM-SM.
- 616 - Non-Configurable Da ta System Description - The prod uct name of this switch. Machine Type - The machine type of this switch. Machine Model - The model within the machi ne type . Serial Number - The unique box serial numbe r for this switch. Part Number - The manufacturing part numbe r.
- 617 - Boot Rom Version - The release-version numb er of the boot rom code curre ntly running o n the switch. For example, if the release was 1, and the version wa s 2, the format would be '1.2'. Label Revision Number - The label revision seri al number of this switch is used for manufa cturing purpose.
- 618 - Interface = y........ .............. SFP+ (The yth 10-Giga information of switch 1 ). 10 Gigabit Ethernet Compliance Codes : Transceiv er’s compliance codes.
- 619 - Configurable Data System Name - Enter the name you wa nt to use to identify this switch. You may use up to 31 alpha-numeric characte rs. The factory default is blank. System Location - Enter the location of this switch. You may use up to 31 alph a-numeric characters.
- 620 - System Up time - The time in days, hours a nd min utes since the last switch reboot. Current SNTP Syncronized Time - Displays currently synch ronized SNTP time in UTC. If time is not syncronised, it displays "Not Syncroni zed ." MIBs Supported - The list of MIBs supported by the management agent running on this switch.
- 621 - Non-Configurable Da ta Burned-in MAC Addre ss - The burned-in MAC address u sed for in-band conne ctivity. Default Routers - The IPv6 default routers. Command Buttons Submit - Update the switch with the values on the sc reen. If you want the swit ch to retain the new values across a power cycle you must perform a save .
- 622 - 11.2.3.4 Configuring Network Connectivity Page The network interface is the logical interface used for in-band conn ectivity with the switch via any of the switch's front panel ports.
- 623 - Subnet Mask - The IP subnet mask for the interface. The factory d efault value is 0.0.0.0 Default Gateway - The default gateway for the IP interfac e. The factory default value is 0.0.0.0 Management VLAN ID - Specifies the manageme nt VLAN ID of the switch.
- 624 - Command Buttons Refresh - Refresh the data on the scree n with the present state of the data in the router. 11.2.3.6 HTTP Configuration Configurable Data HTTP Session Soft Timeout - This field is used to set the inactivity timeout for HTTP session s.
- 625 - Selection Criteria Maximum Number of Telnet Sessions - Use the pulldown menu to sele ct how many simultaneou s telnet sessions will be allowed. The maximum is 5, which is also the factory default. Allow New Telnet Sessions - If you set this to no, new telnet sessions will not be allowed.
- 626 - Selection Criteria Admin Mode - Specifies if the Outbound Telnet se rvic e is Enable d or Disabled. Default value is Enabled. Maximum Sessions - Specifies the maximum number of Outbound Telnet Sessions allo wed. Default value is 5. Valid Range is (0 to 5).
- 627 - 11.2.3.10 Configuring Serial Port Page Selection Criteria Baud Rate (bps) - Select the default baud rate for the serial po rt connection from the pull-down menu. You may choose from 1200, 2400, 4800, 9600, 19200, 38400 , 57600, and 1152 00 baud.
- 628 - By default, two user accounts exist: − admin , with 'Read/Write' privileges − guest , with 'Read Only' privileges By default, both of these accounts have blank pass wo rds.
- 629 - Password - Enter the optional new or changed password fo r the account. It will not display as it is typed, only asterisks (*) will show. Passwords are up to eight alpha numeric characters in length, and are case sensitive. Confirm Password - Enter the password again, to co nfirm that you entered it correctly.
- 630 - Selection Criteria Authentication List - Select the authentication lo gin list you want to configure. Select 'create' to define a new login list. When you create a new logi n list, 'local' is set as the initial authentication method.
- 631 - Non-Configurable Da ta ID - Identifies the ID of this row. User Name - Shows the user name of us er who made the se ssion. Connection From - Shows the IP from which machine the use r is connected. Idle Time - Shows the idle session time. Session Time - Shows the total session time.
- 632 - 11.2.3.15 Defining User Login Page Each configured user is assigned to a login list that specifies how the user should be authenticated when attempting to access the switch or a port on the switch.
- 633 - Configurable Data Password Minimum Length - All new local user passwords must be at least this many chara cters in length. Password Aging (days) - The maximum time that user passwor ds are valid, in days, from the time the password is set.
- 634 - Selection Criteria TCP Fragment - Enable or disable this option by selecting the corre spo ndin g line on the pulldown entry field. Enabling TCP Fragment DoS prevention c auses the swi t ch to dro p packets that have a TCP header smaller then t he co nfigured Min TCP Hdr Size.
- 635 - packets that have TCP Flags FIN, URG, and PSH set and TCP Sequence Number=0. The factory default is disabled. TCP Flag&Sequence - Enable o r disa ble this optio n by selecting the corresponding line o n the pulldown entry field.
- 636 - Configurable Data Aging Interval(secs) - Th e forwa rding database con tains static entries, which are never age d out, and dynamically learned entries, which are removed i f they are not updated within a given time. You specify that time by entering a value for the A ddress Ageing Timeout.
- 637 - ifIndex - The ifIndex of the MIB interface tabl e entry associated with the sou rce port. Status - The status of this entry. The possible values are: Static : the entry was added when a stat ic MAC filter was defined. Learned : the entry was learned by observing the source MAC addresses of incoming traffic, and is currently in use.
- 638 - 11.2.5.2 Viewing Buffered Log Page This help message appli es to the format of all log ged messages which a re displayed for the bu ffered log, persistent log, or console log. Format of the messages <15>Aug 24 05:34:05 STK0 MSTP[2110]: mspt_api.
- 639 - Selection Criteria Admin Mode - Enable/Disable the operat ion of the CLI Comma nd logging by selecting the corresponding pulldown field and cli c kin g Submit. Command Buttons Submit - Update the switch with the values you ente re d. 11.2.5.4 Configuring Console Log Page This allows logging to any serial device attache d to the host.
- 640 - − Info (6): informational messages − Debug(7): debug-level me ssages Command Buttons Submit - Update the switch with the values you ente re d. 11.2.5.5 Viewing Event Log Page Use this panel to display the event log, which is used to hold error m essages for catastrophi c events.
- 641 - Clear Log - Remove all log information. 11.2.5.6 Configuring Hosts configuration Page Selection Criteria Host - This is a list of the hosts that have been config ured fo r sysl og. Select a host for changing the configuration or choose to add a ne w hosts from the drop down list.
- 642 - 11.2.5.7 Configuring Terminal Log Configuration Page This allows logging to any terminal client conn ected to the switch via telnet or SSH. To receive the log messages, terminals have to enable "terminal monito r" via CLI com mand.
- 643 - − Informational(6): informational messages − Debug(7): debug-level me ssages Command Buttons Submit - Update the switch with the values you ente re d. 11.2.5.8 Configuring syslog configuration Page Selection Criteria Admin Status -For Enabling and Di sabling logging to confi gured syslog hosts.
- 644 - 11.2.6 Managing Switch Interface 11.2.6.1 Configuring Switch Interface Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or co nfigu red. Admin Mode - Use the pulldown menu to select the Port c ontrol ad ministration state.
- 645 - The actual packet rate for switch will co nvert from the input level and the speed of that interface. (see table 1 and table 2) Table 1. For 10/100Mbps/1Gbps Table 2.
- 646 - Selection Criteria MST ID - Select the Multiple Spanning Tree instance ID from the list of all currently configured MST ID's to determine the values displaye d for the Spanni ng Tre e parameters. Changing the selected MST ID will generate a screen refresh.
- 647 - Port Role - Each MST Bridge Port that is enabled is assigned a Port Role for e ach spanning tree. The port role will be one of the following values: Root Port, Designated Port, Alternate Port, Backup Port, Master Port, or Disabled Port. Admin Mode - The Port control administ ration state.
- 648 - Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or co nfigu red. Configurable Data Port Description Enter the Description string to be attached to a po rt.
- 649 - Selection Criteria Slot/Port - This field indicates the interface to which the cable to b e tested is connected. Non-Configurable Da ta Interface - Displays the int erface tested in the Slot/Port notation. This field is displayed after the "Test Cable" button has been cli c ked a nd results are availab le.
- 650 - Selection Criteria Session - Select a port mirroring sessio n from the list. The number of sessions allowed is platf orm specific. By default the First Session is sele cted. Up to 1 sessions are supporte d. Mode - S pecifies the Sessi on Mode for a selected session ID.
- 651 - Selection Criteria Slot/Port - Select the physical interface for which you want to display or config ure data. Configurable Data Interface Mode - This specifies the ad m inistrative mode via whi c h Doubl e VLAN Tagging can be enabled or disabled.
- 652 - Non-Configurable Da ta Slot/Port - The physical interface fo r which data is being displayed. Interface Mode - This specifies the ad ministrative m ode via whi c h Doubl e VLAN Tagging can be enabled or disabled. The d efault value for this i s Disabled.
- 653 - Configurable Data Version - Uniquely identifies the version and impleme nta tion of this MIB. The version string m u st have the following structure: MIB Version;Organiza tion;Software Revi sion where: • MIB Version: '1.3', the version of this MIB.
- 654 - sFlow Receiver Timeout - The time (in seconds) rem aining before the sampler i s released and stops sampling. A management entity wanting to maintain c ontrol of the sampler is responsible for setting a new value before the old one expires.
- 655 - Configurable Data Receiver Index - The sFlowReceiver as so ciated with this counter poller. Allowed range i s (1 to 8 ) Poller Interval - The maximum number of second s between successive samples of the counters associated with this data so urce.
- 656 - Slot/Port - The interface for which data is being di splayed. Receiver Index - The sFlowReceiver for this sFlow sampler. Sampling Rate - The statistical sampling rate for packet sampling from this source. Maximum Header Size - The maximum number of bytes that should be copied from a sampled packet.
- 657 - Broadcast Packets Recei ved Rate - The total number of packet s received rates that were directed to the broadcast address. Note that this does not include multicast packets.
- 658 - Selection Criteria Community - You can use this screen to reconfigu re an existing community, or to create a ne w one. Use this pulldown menu to select one of the existi ng community names, or select 'Create' to add a new one.
- 659 - 11.2.8.2 Configuring SNMP Trap Receiver Configuration Page This menu will display an entry fo r every active Trap Receiver. Selection Criteria Community - You can use this screen to reconfigu re an existing community, or to create a ne w one.
- 660 - 11.2.8.3 Viewing SNMP supported MIBs Page This is a list of all the MIBs supported by the swit ch. Non-configurable Data Name - The RFC number if applica ble and the name of the MIB. Description - The RFC title or MIB description. Command Buttons Refresh - Update the data.
- 661 - Non-Configurable Da ta ifIndex - This object indicat es the ifIndex of the interface table entry associ ated with the Processor of this switch. Octets Received - The total numbe r of octets of data rece ived by the processor (exclu ding fra ming bits but including FCS octets).
- 662 - Most Address Entries Ever Use d - The highe st nu mber of Forwarding Database Add ress Table entries that have been learned by this sw itch since the most recent reboot. Address Entries in Use - The number of Learn ed a nd static entries in the Forwarding Database Address Table for this switch.
- 663 - Packets Transmitted Without Errors - The total number of p ackets transmitted out of the interface. Broadcast Packe ts Transmitted - The total number of packets that higher-level protocols requested to be transmitted to the Broadcast address, incl uding those that were discarded o r not se nt.
- 664 - ifIndex - This object indicates the ifIndex of the inte rface table entry associ ated with this port o n an adapter. Packets RX and TX 64 Octets - The total numbe r of packets (including bad pa ckets) re ceived or transmitted that were 64 octets in length (exclu ding framing bits but including F CS octets).
- 665 - Packets Receiv ed > 1522 Octets - The total number of packets received that were lo nger than 1522 octets (excluding framing bits, but inclu ding FCS octets) and were otherwi se well formed. Total Packets Received Without Erro rs - The total number of packet s received that were without errors.
- 666 - Packets Transmitted 1024-15 18 Octets - The total number of packets (i nclu ding bad packets) received that were between 1024 and 1518 octets in length inclusive (excludi ng framing bits but including FCS octets).
- 667 - Time Since Counters Last Cleared - The elapsed time, in days, hours, minutes, and seconds sin ce the statistics for this port were last cleared. Command Buttons Clear Counters - Clear all the counters, resetting all stat istics for this port to default values.
- 668 - 11.2.9.4 Viewing Each Port Summary Statistics Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or co nfigu red. Non-Configurable Da ta ifIndex - This object indicates the ifIndex of the inte rface table entry associ ated with this port o n an adapter.
- 669 - 11.2.10 Managing Sy stem Utilities 11.2.10.1 Saving All Configuration Changed Page Command Buttons Save - Click this button to have configuration ch ange s you have made saved across a system reboot. All changes submitted since the previous save o r sy stem reb oot will be retained by the switch.
- 670 - Command Buttons Reset - Clicking the Reset button will reset all of the system login pass words to their default values. If you want the switch to retain the new val ues across a power cy cle, you must pe rform a save.
- 671 - Selection Criteria File Type - Specify what type of file you want to download: Script - specify configuration script when you want to update the switch's script file. CLI Banner - Specify the banner that you want to display before user login to the switch.
- 672 - FTP/TFTP File Name (Target) - Enter the name on the switch of the file you want to save. You may enter up to 30 characters. The factory default is blank. Start File Transfer - To initiate the down load you ne ed to ch eck this box and then select the submit button.
- 673 - Start File Transfer - To initiate the uploa d you need to check this box and then select the su bm it button. Non-Configurable Da ta The last row of the table is used to display info rmation about the progre ss of the file transfer. The screen will refresh automatically unt il the file transfer completes.
- 674 - Configurable Data Configuration File - Configuration files. Runtime File - Run-time operation code s. Script File - Configuration script files. Command Buttons Remove File - Send the updated scree n to the sw itch and perform the file remove. 11.
- 675 - 11.2.10.10 Defining Ping Function Page Use this screen to tell the switch to send a Ping req ue st to a specified IP address. You can use this to check whether the swit ch can communicate with a particu lar IP station.
- 676 - Selection Criteria Ping - Select either global IPv6 Address or Link Local Addre ss to ping. Interface - Select a IPv6 interface. Configurable Data IPv6 Address - Enter the IPv6 address of the station you w ant the switch to ping . The initial value is blank.
- 677 - Selection Criteria IPv4 Address - Select the way "IPv4 Address" to trace. Host Name - Select the way "host name" to trace. Host Name V6 - Select the way "Host Name V6" to trace. IPv6 Address - Select the way "IPv6 Address" to trace.
- 678 - 11.2.11 Managing CDP Function 11.2.11.1 Defining CDP Configuration Page Use this menu to configure the parameters for CDP, which is use d to discover a CISCO device on the LAN. Selection Criteria Admin Mode - CDP administration m od e wh ich are Enable and Disable.
- 679 - Non-Configurable Da ta Device ID - Identifies the device name in the form of a cha racter string. Intf - The CDP neighbor information receiving port. Time - The length of time a receiving device should hold CDP information befo re discardi ng it.
- 680 - Outgoing Packet Number - Transmitte d CDP packets number fro m this device. Error Packet Number - Received illegal CDP pa ckets numb er from neighbors. Command Buttons Clear Counters - Clear all the counters, resetting all swit ch summary and detailed statistics to default values.
- 681 - DVMRP Traps - Enabled or disable activation of DVMRP tr aps by selecting the corresponding line on the pulldown entry field. The factory default is disabled. OSPF Traps - Enabled or disable activa tion of OSPF tr aps by selecting the corresponding line on the pulldown entry field.
- 682 - Command Buttons Clear Log - Clear all entries in the log. Subsequent displ ays of the log will only show new log entries. 11.2.13 Configuring SNTP 11.2.13.1 Configuring SNTP Global Configuration Page Selection Criteria Client Mode - Specifies the mode of operat ion of SNTP Client.
- 683 - Multicast Poll Interval - Specifies the number of seconds bet ween multicast poll requests expressed as a power of two when configure d in m ulticast mode . Multicast s received prior to the expiry of this interval are discarded. Allowed range is (6 to 10).
- 684 - • Success - The SNTP operation wa s succe ssful and the system time was upda ted. • Request Timed Out - A directed SNTP request timed out without receiving a respon se from the SNTP server. • Bad Date Encoded - The time provided by the SNTP server is not valid.
- 685 - Selection Criteria Server - Specifies all the existing Server Addresses along with an a dditional option "Create". When the user selects "Create" another text box "Addres s" appea rs where the user may enter Address for Server to be configured.
- 686 - Non-Configurable Da ta Address - Specifies all the existing Serv er Addresse s. If no Server configur ation exists, a message saying "No SNTP server exists" flashes on the scre en. Last Update Time - Specifies the local date and time (UTC) that the resp onse from this server wa s used to update the system clo ck.
- 687 - Configurable Data Year - Year (4-digit). (Ran ge: 2000 - 2 099). Month - Month. (Range: 1 - 12). Day - Day of month. (Range: 1 - 31). Hour - Hour in 24-hour format. (Ran ge: 0 - 23). Minute - Minute. (Range: 0 - 59). Second - Second. (Range: 0 - 59).
- 688 - Direction • before-utc - Sets the local time zone before (e ast ) of UTC • after-utc - Sets the local time zone after (west) of UTC Configurable Data Time Zone Name - The name of time zone, usually an acronym. (Range: 1-15 characters). Time Zone Hours - The number of hours before/after UT C.
- 689 - Command Buttons Reset - Send the updated scree n to the switch perform the restart DHCP6 client . 11.2.14.2 Configuring DHCP Client-identifier Page Specify the DCHP client identifier fo r the switch. The DCHP client identifier is us ed to include a client identifier in all communications with the DHCP se rver.
- 690 - 11.2.15 Defining DNS Relay Function 11.2.15.1 Configuring DNS Relay Configuration Page The DNS protocol controls the Domai n Name System (DNS), a dist ributed database with which you can map host names to IP addresses.
- 691 - Selection Criteria Domain - Specifies all the existing domain names along with an a dditional option "Create". When the user selects "Create" anoth er text box "Domai n Name" appears whe re the u ser m ay enter domain name to be configured.
- 692 - Protocol - Select IPv4 or IPv6 to confi gure the corresponding attributes. Name Server - Specifies all the existing domain n ame servers along with an ad ditional option "Create". When the user selects "Create" another te xt box "IP Address" appears where the user may enter domain name server to be configured.
- 693 - 11.2.15.5 Configuring Hosts Configuration Page You can use this scree n to change the configuration pa rameters for the static entry in the DNS table. You can also use this screen to disp lay the contents of the table. Selection Criteria Protocol - Select IPv4 or IPv6 to confi gure the corresponding attributes.
- 694 - 11.3 Switching Menu 11.3.1 Managing DHCP Snooping 11.3.1.1 Configuring DHCP Snooping Configuration Page Configurable Data DHCP Snooping Mode - Enables or disabl es the DHCP Sno oping feature. The factory default is disabled. MAC Address Validation - Enables or disable s the validat ion of sender MAC Address for DHCP Snooping.
- 695 - Command Buttons Submit - Applies the new conf iguration and causes th e changes to take effect. These changes will not be retained across a power cycle u nless a save configuration is performed.
- 696 - Configurable Data Slot/Port - Selects the interface to add a bindi ng into the DHCP sn ooping database. MAC Address - Specify the MAC addre ss for the bin ding to be a d ded. This is the Key to the binding database. VLAN ID - Selects the VLAN from the list for the binding rule.
- 697 - • Lease Time - This is the remaining Lease time for the Dynamic entri es • Page - Lists the Number of Pages the dynamic bindin g entrie s occupied. Select the Page Number from this list to disp lay the particular Page entries. Command Buttons Add - Adds DHCP snooping binding entry into the database.
- 698 - 11.3.1.6 DHCP Snooping Interface Statistics Page Selection Criteria Slot/Port - Select the un trusted and snooping enabl ed interf a ce for which statistics to be displayed. Non-Configurable Da ta MAC Verify Failures - Number of pa ckets that we re dropped by DHCP Snooping as the re is no matching DHCP Snooping binding entry found.
- 699 - Configurable Data IPSG - Enables or disables validation of Sender IP Address on this interface. If IPSG is Enabled Packets will not be forwarded if Sender IP Address is not in DHCP Snoopin g Binding database. The factory default is disabled. IPSG Port Security - Enables or disables the IPSG Port Se curity on the selected interface.
- 700 - Configurable Data Slot/Port - Selects the interface to add a binding into the IPSG database. MAC Address - Specify the MAC address fo r the binding. VLAN ID - Selects the VLAN from the list for the binding rule. IP Address - Specify valid IP Address for the binding rule.
- 701 - • Page - Lists the Number of Pages the IPSG dy namic bindin g entrie s occu pied. Select the Page Number from this list to display the particular Page entri es. Command Buttons Add - Adds DHCP snooping binding entry into the database. Submit - Deletes selected static entri es from the databa se.
- 702 - 11.3.3.2 Configuring DAI VLAN Configuration Page Selection Criteria VLAN List - Select the DAI Capable VLANs for which information has to be displayed or con figured. Configurable Data Dynamic ARP Inspection - Indicates whether the Dynamic ARP Inspe ction is enabled on this VLAN.
- 703 - Selection Criteria Slot/Port - Select the physical interface for which dat a is to be displayed or configured. Configurable Data Trusted State - Indicates whether the interface is trusted for Dynamic ARP Inspection pu rpose. If this object is set to 'Enable', the interface is trust ed.
- 704 - Configurable Data ARP ACL Name - This is used to create New ARP ACL for DAI. Remove - This is u sed to select the particul ar ACLs which you want to delete. Non-Configurable Da ta ARP ACL Name - This will list all the configured ARP ACL List. Command Buttons Add - This is used to create New ARP ACL.
- 705 - Submit - This is used to delete the entries selected u sing checkbox under Rem ove field. Refresh - Refresh the data on the scree n with the present state of the data in the switch. 11.3.3.6 Configuring DAI Statistics Page Selection Criteria VLAN ID - Select the DAI enabled VLAN ID for which statistics to b e displ ayed.
- 706 - Command Buttons Refresh - Refresh the data on the scree n with the present state of the data in the switch. 11.3.4 Managing Filters 11.3.4.1 Configuring MAC filter Configuration Page Selection Criteria MAC Filter - This is the li st of MAC address and VLAN ID pairi ngs for all configured filters.
- 707 - 11.3.4.2 MAC filter Summary Page Non-Configurable Da ta MAC Address - The MAC address of the filter in the format 00:01:1A:B2:53:4D. VLAN ID - The VLAN ID associated with the filter. Source Port Members - A list of ports to be used for filtering inbo u nd packets.
- 708 - Participation - Use this field to specify whether a port w ill parti cipate in this VLAN. The factory default is 'Autodetect'. The possible values are: • Include - This port is alway s a membe r of this VLAN. This is equivalent to regi stration fixed in the IEEE 802.
- 709 - VLAN ID - The VLAN Identifier (VID) of the VLAN. The rang e of the VLAN ID is (1 to 3965). VLAN Name - The name of the VLAN. VLAN ID 1 is al ways named `Default`.
- 710 - 11.3.5.4 Viewing VLAN Port Summary Page Non-Configurable Da ta Slot/Port - The interface. Port VLAN ID - The VLAN ID that this port will assign to untagged frames or priority tagged frames received on this port. Acceptable Frame Types - Specifies the types of frames that may be received on this port.
- 71 1 - 11.3.5.5 Resetting VLAN Configuration Page Command Buttons Reset - If you select this bu tton and confirm your selection on the next screen, all VLAN configuration parameters will be reset to their factory default val ues. Also, all VLANs, except for the default VLAN, will be deleted.
- 712 - Selection Criteria Group ID - The protected ports can be combi ned into a logical group. Traffic can flow betwe en protected ports belongin g to different groups, but not within the same group. The selection b ox lists all the possible protected port Group IDs supporte d for t he current platform.
- 713 - Group ID - The protected ports can be combi ned into a logical group. Traffic can flow betwe en protected ports belonging to different group s, but not within the sa me gro up. The valid range of the Group ID is (0 to 2) . Group Name - Displays the alphanume r ic string associated with a Group ID.
- 714 - Group ID - You can use this screen to reconfigure or delete an existing protocol-based VLAN , or create a new one. Use this pull do wn menu to select one of the existing PBVLANs, or select 'Create' to add a new one. A Group ID number will be assi gned automatical ly when you create a new group.
- 715 - Group ID - The number used to identify the group. It was automatically assigne d when you created the group. Protocol(s) - The protocol(s) that belon gs to the grou p. There are three configurable protocol s: IP, IPX, and ARP. IP - IP is a network layer protocol that provides a connectionless service fo r the delivery of data.
- 716 - VLAN ID - VLAN ID can be any number in the rang e o f (1 to 3965). Command Buttons Submit - Update the switch with the values on this sc reen. If you want the switch to retain the new values across a power cycle, you must perform a save . Delete - Delete an entry of IP Subnet to VLAN mapping.
- 717 - ingress processi ng on the packet conti nues, otherwise the packet is dropped. This implies that the user is allowed to configure a MAC addre ss m apping to a VLAN that has not been created on the system. Configurable Data MAC Address - Valid MAC Addre ss which is to be bound to a VLAN ID.
- 718 - 11.3.10 Managing MAC-based Voice VLAN 11.3.10.1 Voice VLAN Administration Page Configurable Data VLAN ID - Sets the VLAN as a Voice VLAN. Admin Mode - Enables or disables the Voice VLAN f unction. Command Buttons Submit - Applies the new conf iguration and causes th e changes to take effect.
- 719 - 01:80:C2:00:00:20 to 01:80:C2:00:00:21 01:00:5E:00:00:00 to 01:00:5E:FF:FF:FF 33:33:00:00:00:00 to 33:33:FF:FF:FF:FF FF:FF:FF:FF:FF:FF Configurable Data MAC Address - Specify the MAC Address for the new Voice VLA N . (You can o nly enter data in this field when you are creating a new Voice VLAN.
- 720 - 11.3.11 Managing Voice VLAN 11.3.11.1 Voice VLAN Configuration Page Use this menu to configure the parameters fo r Voice VLAN Co nfiguration. Note that only a user with Read/Write access privileges may change the data on this screen.
- 721 - 11.3.12 Defining GARP 11.3.12.1 Viewing GARP Information Page This screen shows the GARP Status for the switch and for the individual ports. Note that the timers are only relevant when the status for a port shows as enabled.
- 722 - will need to rejoin in order to maintain registration . An instance of this ti mer exists for each GARP participant for each port. The Leave All Period Timer is set to a ra ndom value in the range of LeaveAllTime to 1.5*LeaveAllTime. Permissible va lues are 200 to 6000 centiseconds (2 to 60 seconds).
- 723 - ! It can take up to 10 seconds for GARP configuration changes to take effect. Selection Criteria Slot/Port - Select the physical interface for which dat a is to be displayed or con figured. It is possible to set the parameters for all ports by selecting 'All'.
- 724 - 11.3.13 Managing IGMP Snooping 11.3.13.1 Configuring IGMP Snooping Global Configuration Page Use this menu to configure the pa rameters for IGMP Snooping, wh ich is used to build forwa rding list s for multicast traffic. Note that only a user with R ead/Write access privileges may ch ange the d ata on this screen.
- 725 - 11.3.13.2 Defining IGMP Snooping Interface Configuration Page Selection Criteria Slot/Port - The single select box lists all physical ,VLA N and LAG interfaces. Select the interface you want to configure. Admin Mode - Select the interface mod e for the sel ect ed interface for IGMP Sn ooping for th e switch from the pulldown menu.
- 726 - Selection Criteria VLAN ID - Specifies list of VLAN IDs for which IGMP Snooping is e nable d. Fast Leave Admin Mode - Enable or disabl e the Igmp Snoopi ng Fast Leave Mode for the specified VLAN ID. Configurable Data VLAN ID - Appears when "New Entry" is selected in VLAN ID combo box.
- 727 - Non-Configurable Da ta VLAN ID - All Vlan Ids for which the IGMP Snooping mode is Enabled. Admin Mode - Igmp Snooping Mode for Vlan ID. Fast Leave Admin Mode - Fast Leave Mode for Vla n ID. Group Membership Interv al - Group Membership Interval of IGMP Snooping for the specified VLAN ID.
- 728 - Selection Criteria Slot/Port - The single select box lists all physical and LAG interfaces. Select the interface for which you want to display the statistics. Non-Configurable Da ta Multicast Router - Spe cifies for the selected interface whether multicast router is enable or disabl ed.
- 729 - Configurable Data VLAN ID - VLAN ID for which the Multicast Router Mode is to be E nabled or Disabled. Command Buttons Submit - Update the switch with the values you ente re d. 11.3.13.8 Viewing Multicast Router VLAN Statistics Page Selection Criteria Slot/Port - The select box lists all Slot/Ports.
- 730 - MAC Filter - This is the list of MAC add ress and VLAN ID pairings for all configured L2M cast Groups. To change the port mask(s) for an existing L2M cast Gr oup, select the entry you want to chan ge. To add a new L2Mcast Group, sele ct "Create Filter" from the top of the list.
- 731 - 11.3.14 Managing IGMP Snooping Querier 11.3.14.1 Configuring IGMP Snooping Querier Configuration Page Use this menu to configure the parameters fo r IGMP Snoopin g Qu erie r, Note that only a user with Read/Write access privileges may change the data on this screen.
- 732 - Selection Criteria VLAN ID - Selects the VLAN ID on which IGMP Snooping Querie r i s enabled. Querier Election Participate Mode - Enable or disable the Igmp Snoopin g Querier participate in election mode. When this mode is disa bled, up on seeing other querier of same versio n in the vlan, the snooping querier move to non que rier state.
- 733 - VLAN ID Search - Enter VLAN ID, then click on the se arch bu tton. If the record ex ists, that entry will be displayed. An exact match is require d . Non-Configurable Da ta Admin Mode - Display the administrative mode for IG MP Snooping for the switch.
- 734 - Last Querier Version - Displays the IGMP protocol version of the last querier from which a query was snooped on the VLAN. Operational Max Response Time - Displays maximum response time to be used in the queries that are sent by the Snooping Querier.
- 735 - Selection Criteria Admin Mode - Select the administrative mode for M LD Snoo ping for the switch from the pulldown menu. The default is disable. Non-Configurable Da ta Multicast Control Frame Count - The number of multicast control frames that are processed by the CPU.
- 736 - Multicast Router Present Expiration Time - Specify the amount of time you want the switch to wait to receive a query on an interface before removing it from the list of interfaces with multica st routers attached. Enter a value between 0 and 3600 second s.
- 737 - 11.3.15.3 Configuring MLD Snooping VLAN Configuration Page Selection Criteria VLAN ID - Specifies list of VLAN IDs for which MLD Snoopi ng is enabled. Fast Leave Admin Mode - Enable or disabl e the MLD Snoopi ng Fast Leave Mode for the specified VLAN ID.
- 738 - Non-Configurable Da ta VLAN ID - All Vlan Ids for which the MLD Snooping mode is En abled. Admin Mode - MLD Snooping Mode for Vlan ID. Fast Leave Admin Mode - Fast Leave Mode for Vla n ID. Group Membership Interv a l - Group Membership Interval of ML D Snoopi ng f or the specified VLAN ID.
- 739 - Selection Criteria Slot/Port - The single select box lists all physical and LAG interfaces. Select the interface for which you want to display the status. Non-Configurable Da ta Multicast Router - Spe cifies for the selected interface whether multicast router is enable or disabled.
- 740 - 11.3.15.8 Configuring Multicast Router VLAN Status Page Selection Criteria Slot/Port - The select box lists all Slot/Ports.Select t he interfa ce for whi ch you want to display the status. Non-Configurable Da ta VLAN ID - All Vlan Ids for which the Multicast Router Mode is En abled.
- 741 - 00:00:00:00:00:00 33:33:00:00:00:01 to 33:33:00:00:00:FF FF:FF:FF:FF:FF:FF Solt/Port(s) - List the ports you want included into L2 Mca st Group. Command Buttons Submit - Update the switch with the values on the scr een. If you want the swit ch to retain the new values across a power cycle you must perform a save .
- 742 - 11.3.16 Managing MLD Snooping Querier 11.3.16.1 Configuring MLD Snooping Querier Configuration Page Use this menu to configure the parameters fo r ML D Snoopin g Qu erier, Note that only a user with Read/Write access privileges may change the data on this screen.
- 743 - Selection Criteria VLAN ID - Selects the VLAN ID on which MLD Snooping Que rie r is enable d. Querier Election Participate Mode - Enable or disable the Igmp Snoopin g Querier participate in election mode. When this mode is disa bled, up on seeing other querier of same versio n in the vlan, the snooping querier move to non que rier state.
- 744 - Non-Configurable Da ta VLAN ID - Specifies the VLAN ID on which MLD S nooping Qu erier is administratively enabled. Admin Mode - Display the administrativ e mode for M LD Snooping for the switch. Querier Election Participate Mode - Display s the qu erie r election participate mode on the V LAN.
- 745 - Operational Max Response Time - Displays maximum response time to be used in the queries that are sent by the Snooping Querier. 11.3.17 Managing Port-Channel 11.
- 746 - • Source and destination MAC addre ss - Sets the mode on the source and destination MAC addresses. • Source IP address - Sets the m ode on the source IP address. • Destination IP addres s - Sets the m ode on the destination IP address. • Source and destination IP address - Sets the mode on the sou rce and de stinati on IP addresses.
- 747 - Port Channel Type - The type of this Port Channel. Admin Mode - The Administrative Mode of the Port Chann el, enable or disable. Link Status - Indicates whether the Link is up or do wn. STP Mode - The Spanning Tree Protocol Administrative Mode associated with the Port Channel.
- 748 - Configurable Data MAC Address - Enter the VLAN ID - MAC Address pa ir wh ose MFDB table entry you want displayed. Enter eight two-digit hexadecimal numbers sep arated by colons, for example 00:01:23:43:45:67:89:AB. The first two two-digit hexadecimal numbers a re the VLAN ID and the remaining numbers are the MAC addre ss.
- 749 - Non-Configurable Da ta MAC Address - A VLAN ID - multicast MAC address pair fo r which the switch has forwarding and/or filtering information. The format is 8 two-digit hexadecimal numbers that are separated by colon s, for example 00:01:23:45:67:89:AB:CD.
- 750 - 11.3.18.4 Viewing MLD Snooping MFDB Table Page Non-Configurable Da ta MAC Address - A VLAN ID - multicast MAC address pair fo r which the switch has forwarding and or filtering information. The format is 8 two-digit hexadecimal numbers that are separated by colon s, for example 00:01:23:45:67:89:AB:CD.
- 751 - Refresh - Refresh the data on the scree n with the present state of the data in the switch. 11.3.19 Managing Spanning Tree 11.3.19.1 Configuring Switch Spanning Tree Configuration Page Selection Criteria Spanning Tree Mode - Specifies wheth er spanning tree operat ion i s enabled on the switch.
- 752 - Command Buttons Submit - Applies the new conf iguration and causes th e changes to take effect. These changes will not be retained across a power cycle u nless a save configuration is performed. Refresh - Refreshes the scre en with most recent data.
- 753 - Bridge Hello Time - Specifies the bridge hello time for the Common and Intern al Spannin g tree (CST), with the value being less than or equal to "(Bridge Max Age / 2) - 1". The default hello t ime value is 2. Bridge Forward Delay - Specifies the ti me spent in "List ening and Learning" mode before forwarding packets.
- 754 - Selection Criteria MST ID - Create a new MST which you wish to conf igure or configure already existing MST s. Configurable Data MST ID - This is only visible when the sel ect option of t he MST ID select box is selected. The ID of the MST being created.
- 755 - Delete - Deletes the sel ected MST instance. All VLANs asso ciated with the instance are associated with the CST Refresh - Refreshes the scre en with most recent data.
- 756 - Admin Edge Port - Specifies if the specified port is an Edge Port wi thin the CIST. It takes a val ue of Enable or Disable, where the default val ue is Disable. BPDU Guard - Specifies whether BPDU Guard is enabled for the Common a nd Internal Spanning tree (CST).
- 757 - Designated Bridge - Bridge Identifier of the bridge with the Design ated Port. It is made up using the bridge priority and the base MAC address of the bridge. Designated Port - Port Identifier on the Designated Bridge that offers the lowest cost to the LAN.
- 758 - Selection Criteria MST ID - Selects one MST instan ce from existing MST instance s. Slot/Port - Selects one of the physi cal o r LAG interface s asso ciated with VLANs associ ated with the selected MST instan ce. Configurable Data Port Priority - The priority for a particular port within the sel ected MST instance.
- 759 - Designated Cost - Path Cost offered t o the LAN by the De signated Port. Designated Bridge - Bridge Identifier of the bridge with the Design ated Port. It is made up using the bridge priority and the base MAC address of the bridge. Designated Port - Port Identifier on the Designated Bridge that offers the lowest cost to the LAN.
- 760 - Command Buttons Refresh - Refreshes the scre en with most recent data. 11.3.20 Defining 802.1p priority 11.3.20.1 Defining 802.1p Priority Mapping Page Selection Criteria Slot/Port - Select the physical interface for which you want to display or configure data.
- 761 - 11.3.21 Managing Port Security 11.3.21.1 Configuring Port Security Administration Mode Page Selection Criteria Port Security Mode - Enables or disables the Port Security feature. Command Buttons Submit - Applies the new conf iguration and causes th e changes to take effect.
- 762 - Enable violation traps - Enables or disable s the se n ding of new violation traps designating when a packet with a disallowed M A C add ress is received on a locked port. Enable violation Shutdown - Enables or disa bles the Port Secu rity Violation Shutdown mode for the selected interface.
- 763 - 11.3.21.4 Viewing Port Security Dynamically Learnt MAC Address Page Selection Criteria Slot/Port - Select the physical interface for which you want to display data. Non-configurable data MAC Address - Displays the MAC ad dresse s learned on a specific port.
- 764 - 11.3.21.6 Clearing Port Security Dy namically Learned MAC Addresses Page Use this menu to clear a Dynamic MA C addresses of port security on switch. Configurable Data Dynamically MAC Addr ess - Accepts user input for the MAC address to be deleted.
- 765 - Hold Multiplier - Specifies the multiplier on Transmit Interv al to assign TTL. The range is from (2 to 10). Default value is 4. Re-Initialization Delay - Specifies the delay before re-initialization. The range is from (1 to 10) . Default value is 2 seconds.
- 766 - • System Description - To inclu de system description TLV in LLDP frames. • System Capabilities - To include system capability TLV in LLDP frames. • Port Description - To include po rt description TLV in LLDP frames. • Organization Specific - To include org anization spe cific TLV in LLDP frames.
- 767 - 11.3.22.4 Viewing LLDP Statistics Page Non-Configurable Da ta Last Update - Specifies the time when an entry was crea ted, modified or delete d in the tables associated with the remote system.
- 768 - TLV Discards - Specifies the num ber of LLDP T LVs disc arded for a ny reason by the LL DP agent on the corresponding port. TLV Unknowns - Specifies the number of LLDP TLV s re ceived o n the local ports which were not recognized by the LLDP agent on the correspon ding port.
- 769 - Chassis ID - Specifies the string value used to ide ntify the chassi s component associated wit h the local system. Port ID Subtype - Specifies the string descri bes th e source of the port identifier. Port ID - Specifies the string that describes the source of the port identifier.
- 770 - Non-Configurable Da ta Interface - Specifies the ports on whi c h LLDP - 802.1AB frames can be transmitted. Port ID - Specifies the string describes t he source of the port identifier. Port Description - Specifies the description of the por t asso ciated with the local system.
- 771 - Selection Criteria Local Interface - Specifies all the local ports which can receive LLDP frames. Non-Configurable Da ta Remote ID - Specifies the remote client ident ifier a ssi gned to the remote system. Chassis ID Subtype - Specifies the source of the cha ssis identifi er.
- 772 - Management Address • Management Address - Specifies the advertise d management address of the remote system. • Typ e - Specifies the type of the management addre ss. MAC/PHY Configuration/Status • Auto-Negotiation - Spe cif ies whether the auto-negotia tion is su pported and whether the auto-negotiation is enabled .
- 773 - Local Interface - Specifies the local port which can receive LLDP frames adverti sed by a remote system. Chassis ID - Specifies the chassis component as sociated with the remote syste m. Port ID - Specifies the port component associated wit h the remote system.
- 774 - 11.3.23.2 Configuring LLDP-MED Interface Configuration Page Selection Criteria Interface - Specifies the list of ports on which LL DP-MED - 802.1AB can be configured. 'All' option is provided to configure all interfaces on the DUT and to be consistent with CLI.
- 775 - Non-Configurable Da ta Interface - Specifies all the ports on wh ich LLDP-MED can be con f igured. Link Status - Specifies the link status of the ports whether it is Up/ Down. MED Status - Specifies the LLDP -MED mode is enabled or disabl ed on this int erface.
- 776 - Selection Criteria Interface - Specifies the list of all the ports on whi ch LLDP-ME D frames can be transmitted. Non-Configurable Da ta Network Policy Information - Specifies if network policy TLV is present in the LLDP frames. Media Application Type - Specifie s th e application type.
- 777 - 11.3.23.5 Configuring LLDP-MED Remote Device Information Page Selection Criteria Local Interface - Specifies the list of all the por ts on which LLDP-MED is enable d. Non-Configurable Da ta Capability Information - Specifies the supported a nd enabled ca pabilities that was re ceived in MED TLV on this port.
- 778 - VLAN Id - Specifies the VLAN id associated with a particular p olicy type. Priority - Specifies the priority associ ated with a particula r policy type. DSCP - Specifies the DSCP associated with a parti cular policy type. Unkno wn Bit Status - Specifies the unknown bit associ ated with a particula r policy type.
- 779 - Selection Criteria Admin Mode - Enable or disable the VTP feature. Device Mode - Use the pulldown menu t o select the VTP device mode(client, server and transparent). The default operational mo de of VTP device is "se rver". Pruning Mode - Enable or disable the VTP pruning mode.
- 780 - Non-configurable data VTP Status - Displays the VTP Status. VTP Version - Displays the VTP version operating on the swit ch. Configuration Revision - Displays the curre nt config uration revision number on this switch. Maximum VTP supported VLANs - Maximum number of VLANs supported locally.
- 781 - 11.3.25 Managing Link State 11.3.25.1 Configuring Link State Configuration Page Selection Criteria Admin Mode - Choose the link state administrative mo de fo r the switch by sele cting enable or disabl e from the pull-down menu. The factory default is disabled.
- 782 - Selection Criteria Admin Mode - The administrative mode of the link state function. Group ID - The group identify of the link state. The ra nge of the group ID is 1 ~ 6. Mode - The administrative mode of the group. Upstream port - The monitored uplin k port, and the link state of this uplink port.
- 783 - Group Mode - Choose the group a dministrative mode for the switch by sele cting enable or disable from the pull-down menu. The factory default is disa bled. You could enable this grou p as active port and backup port are configured. Active port - Configure th e active port for a group.
- 784 - 11.3.27 Managing FIP-Snooping 11.3.27.1 Configuring FIP-Snooping Configuration Selection Criteria Admin Mode - Enable/Disable FIP Snooping function. • Enable - Enable FIP Snooping and star t the FIP Snooping process. • Disable - Disable ETS and stop the ETS process.
- 785 - • FC ID - ID number of the virtual port that wa s created by the FCF when the ENo de logged into the network. FIP Snooping FCFs • Interface - Name of the interface to which t he FCoE Forwarder (FCF) i s connected. • VLAN - ID number of the VLAN to whi ch the FCF belo ngs.
- 786 - Command Buttons Submit - Update the switch with the values on this sc reen. If you want the switch to retain the new values across a power cycle, you must perform a save . Delete - Allows the user to remove specified stati c e ntry from the ARP Table.
- 787 - Dynamic Rene w - This controls wheth e r the ARP compone nt automatically attempts to renew ARP Entries of type Dynamic when they age out. The default setting is Enable. Remove from Table - Allows the user to remove certain entries from the ARP Table.
- 788 - 11.4.2 Managing IP Interfaces 11.4.2.1 Configuring IP Use this menu to configure routing parameters for the swit ch as opposed to an interface. Selection Criteria Routin g Mode - Select enable or disabl e from the pul l down menu. You must enable routing for the switch before you can route throug h any of the interfaces.
- 789 - Non-Configurable Da ta IpInReceives - The total number of input datagram s received from interfaces, including those received in error. IpInHdrErrors - The number of input datagrams discarded .
- 790 - IpForwDatagrams - The number of inpu t datagram s for which this entity was not their final IP destination, as a result of which an attempt was mad e to find a route to forward them to that final destination.
- 791 - IcmpInRedirects - The number of ICM P Redirect m essages received. IcmpInEchos - The number of ICMP Echo (request) message s received. IcmpInEchoReps - The number of ICMP Echo Re ply messages received. IcmpInTimestamps - The number of ICMP Timestamp (re que st) messag es received.
- 792 - Selection Criteria Slot/Port - Select the interface for which data is to be displayed or configured. Routin g Mode - Setting this enables or disables routi ng for an interface. The default value is enable. Administrative Mode - The Administrative Mode of the interface.
- 793 - MAC Address - The burned-in physi cal address of the specif ied interface. The format is six two-digit hexadecimal numbers sep arated by col ons, for exam ple 00:06:29:32:81:40. Link Speed Data Rate - An integer represe nting the physical lin k data rate of the sp ecified interface.
- 794 - Configurable Data Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the router withi n the autonomous system (AS). If you want to change the R outer ID you must first disa ble OSPF. After you set the new Router ID, you must re-enable OSPF to have the change take effect.
- 795 - ! Once OSPF is initialized on the router, it w ill remain initialized until the router is reset. RFC 1583 Compatibility - Select enable or disable fro m the pulldown menu to specify the preference rules that will be used when choosing a m ong multipl e AS-external-LSAs advertising the sam e destination.
- 796 - LSAs Received - The number of LSAs (link state advertise ments) received that were determined to be new instantiations. This number d oe s not include newer instantiations of self-originate d L SAs. Command Buttons Submit - Send the updated configuration to the sw itch.
- 797 - SPF DelayTime(secs) - Delay time is the number of seco nd s from when OSPF receives a topology change to the start of the next SPF calculation. Delay Time is an integer from 0 to 65535 se conds. The default time is 5 seconds. A value of 0 means that there is no d elay; that is, the SPF calculation is started upon a topology change.
- 798 - AS_OPAQUE LSA Checksum - The sum of the LS checksums of the opaque L SAs with domain wide flooding scope. This sum ca n be us ed to determi ne if there ha s bee n a change in a route r's link state database, and to com pare the lin k-state databases of tw o ro uters.
- 799 - 11.4.3.4 Configuring Area Range Selection Criteria Area ID - Selects the area for which dat a is to be co nfigured. Configurable Data IP address - Enter the IP Address for the addre ss range for the se lected a r ea. Subnet Mask - Enter the Subnet Mask for the addre ss range for the selected area.
- 800 - Selection Criteria Slot/Port - Select the interface for which data is to be displayed. Non-Configurable Da ta OSPF Area ID - The OSPF area to which the selected route r interface belong s. An OSPF Area ID is a 32 bit integer in dotted decimal format that uniquely identifies the area to which the interface connects .
- 801 - AS Border Router Count - The total nu mber of Autonomous System border routers rea chable within this area. This is initially zero, and is calculated in each SPF Pass. Area LSA Count - The total numbe r of link-state adve rtisem ents in this area's link-state datab ase, excluding AS External LSAs.
- 802 - DD Packet s Received - The number of Database De scription packets received on this interface by this router. LS Requests Sent - The number of LS Reque sts sen t on this interf ace by this router. LS Requests Received - The number of LS Requests received on this interfac e by this rout er.
- 803 - Slot/Port - Select the interface for which data is to be displayed or configured. Configurable Data OSPF Area ID - Enter the 32 bit integer in dotted deci mal format that uniquely identifies the OSPF area to which the selected router interface conn ec t s.
- 804 - Authentication Key ID - Enter the ID to be used for authenti c ation. You will only be prompted to enter an ID when you select 'Encrypt' as the authentication type. The ID is a nu mber between 0 ad 255, inclusive. Metric Cost - Enter the value on this interface for the co st TOS (ty pe of se rvice).
- 805 - Designated Router - The identity of the Desi gnate d Router for this network, in the view of the advertising router. The Designated Rout er is identified here by its router ID. The value 0.0.0.0 means that there is no Designated Router. Thi s field is only displayed if the OSPF admin mode is enabled.
- 806 - 11.4.3.8 Configuring OSPF Neighbor This panel displays the OSPF neighbo r configuration for a selected neigh bor ID. When a pa rticular neighbor ID is specified, detailed information about a neighbor is given. The information below will only be displayed if OSPF is enabled and the interface ha s a neighbor.
- 807 - • Init - In this state, a Hello packet has re cently been seen from the neighbor. However, bidirectional communication has n ot yet been establi s hed with the neighbor (i.e., the router itself did not appear in the neighbor' s Hello pac ket).
- 808 - the Router ID you must first disable OSPF. Afte r you set the new Router ID, you must re-enabl e OSPF to have the change take effect. The default value is 0.0.0.0, althoug h this is not a valid Route r ID. Area ID - The ID of an OSPF area to which one of the rout er interfaces is conne cted.
- 809 - Selection Criteria Create New Virtual Link - Select this option from the dropdo wn menu to define a new virtual link. The area portion of the virtual link identification is fixed: you will be prompted to enter the Neighbor Router ID on a new screen.
- 810 - Authentication Key - Enter the OSPF Authentication Key fo r the specified interface. If you do not choose to use authentication you will not be prompt ed to enter a key. If you choose ' simple' authentication you cannot use a key of more than 8 octets.
- 81 1 - Non-Configurable Da ta Area ID - The Area ID portion of the virtual link identification for whi ch data is to be displayed. The Area ID and Neighbor Router ID togeth er define a virtual link. Neighbor Router ID - The neigh bor p ortion of the virtual link identification.
- 812 - Configurable Data Configured Source - This select box is a dynamic sele ctor and would be popul ated by only those Source Routes that have already been configured for redistribute b y OSPF.
- 813 - Delete - Delete the entry of the Source Route selected as Configu red Source from the list of Sources configured for OSPF Route Redistributio n. 11.4.3.13 Viewing OSPF Route Redistribution Summary Information This scre en displays the OSPF R oute Redistribution Configurations.
- 814 - 11.4.4 Managing BOOTP/DHCP Relay Agent 11.4.4.1 Configuring BOOTP/DHCP Relay Agent Configurable Data Maximum Hop Count - Enter the maximum number of hops a cli ent requ est can take before being discarded. Admin Mode - Select enable or disabl e from the pulldown menu.
- 815 - Maximum Hop Count - The maximum number of Hops a cli ent request can go without being discarded. Admin Mode - Administrative mode of the relay. When you select 'enabl e' BOO TP/DHCP requests will be forwarded to the IP address you entered in the 'Server IP ad dress' field.
- 816 - None - no special proce ssing for this case. Simple - a route will not be included in updates sent to the router from which it was learned. Poisoned reverse - a route will be in cluded in updates sent to the router fro m wh ich it was learned, but the metric will be set to infinity.
- 817 - None - RIP control packets w ill not be transmitted. The default is RIP-2. Receive Version - Which RIP versi on control packet s will be accepted by the interface. The v alue is one of the following: RIP-1 - only RIP version 1 formatt ed packets will be received.
- 818 - RIP-2 - send RIP version 2 packets u sin g multica st. None - no RIP control packets will be sent. The default is RIP-2. Receive Version - Select what RIP control pa ckets the interface will accept from the pulldow n menu. The value is one of the following: RIP-1 - accept only RIP version 1 formatted packets.
- 819 - 11.4.5.4 Configuring Route Redistribution Configuration This screen can be u sed to config ure the RIP Ro ute Redistri bution parameters. The all owabl e value s for each field are displayed next to the field. If any invalid values are entered, an alert message will be displayed with the list of all the valid values.
- 820 - External 1 - Sets External Type 1 OSPF Routes to be redistributed External 2 - Sets External Type 2 OSPF Routes to be redistributed NSSA-External 1 - Sets NSSA External Type 1 OSPF Routes to be redistributed NSSA-External 2 - Sets NSSA External Type 2 OSPF Routes to be redistributed The default is Internal.
- 821 - Source - The Source Route to be Redistributed by RI P. Metric - The Metric of redistribute d routes for the gi v en Source Route. Display s "Unconfigured" when not configured. Match - List of Routes redistributed when "OSPF" is selected as S ource.
- 822 - Maximum Advertise Interval (secs) - Enter the maximum time (in se conds) allowed between router advertisements sent from the interfa ce. Minimum Advertise Interval (secs) - Enter the minimum time (in se conds) allowed between router advertisements sent from the interfa ce.
- 823 - Maximum Advertise Interval (secs) - The maximu m time (in se conds) allowed between ro uter advertisements sent from the interfa ce. Minimum Advertise Interval (secs) - The minimum time (in seconds) all owed between router advertisements sent from the interfa ce.
- 824 - Next Hop IP Address - The outgoin g router IP address to use when forwardi ng traffic to the n ext router (if any) in the path towards the destination. The next router will always be one of the adjacent neighbors or the IP address of the local in terface for a directly attached net work.
- 825 - 11.4.7.3 Configuring Router Static Route Entry Selection Criteria Network Address - Spe cifies the IP ro ute prefix for t he de st ination. In order to create a route a valid routing interface must exist and the next hop IP Addr ess must be on the same network as the routing interface.
- 826 - 11.4.7.4 Configuring (Static) Routes Entry Selection Criteria Route Ty pe - This field can be either def ault or static or st atic reject. If creating a default ro ute, all that needs to be specified is the next hop IP address, ot herwise ea ch fie ld needs to be specified.
- 827 - 11.4.7.5 Configuring Router Route Preference Use the Route Preferences Configur ation page to configure the defaul t preferen ce for e ach protocol. These values arearbitrary values that range from 1 to 255, and are indepe ndent of route metrics.
- 828 - Local - This field displays the local route preference value. Command Buttons Submit - Send the updated configuration to the sw itch. Configu ration changes take effect immediately. These changes will not be retained ac ross a power cycle unless a save is performed.
- 829 - • Change back to the VLAN Routing Summary page. The ne w VLAN shoul d appear in the table with the correct IP address and subnet mask assig ned.
- 830 - 11.4.9.2 Configuring Virtual Router Selection Criteria VRID and Slot/Port - Select 'Create' from the pulldown menu to configure a new Virtual Router, or select one of the existing Virtual Routers, listed by interface number and VRID.
- 831 - Authentication Ty pe - Select the type of Authenticat ion for the Virtual Route r from the pulldown menu. The default is None. The choice s are: 0-None - No authentication will be pe rforme d. 1-Key - Authentication will be performe d usin g a text password.
- 832 - IP Address - Enter the IP address for the interface. Thi s address must be a memb er of one of the subnets currently configured on the interf ac e. This value is readonly once configured. Non-Configurable Da ta Slot/Port - The interface for which data is to be displayed or configured.
- 833 - Submit - Send the updated configuration to the rout er. Configuration changes ta ke effect immediately. These changes will not be retained across a power cycle unles s a save is performed. Refresh - Refresh the data on the scree n with the present state of the data in the switch.
- 834 - Configurable Data Priority Decrement - Enter the priority decrement for the tracked Route. The valid rang e is 1 -254. default value is 10. Remove - Removes the se lected Tracking Routes fro m the VRRP tracked list. Non-Configurable Da ta Slot/Port - The VRRP interface for whi ch Tracking data is to be displayed.
- 835 - Configurable Data Track Route Pfx - The Prefix of the route. Track Route PfxLen - The prefix length of the route. Priority Decrement - The priority decrement for the Route. T he v alid range is 1 -254. Default value is 10. Non-Configurable Da ta Slot/Port - The interface for which data is to be displayed.
- 836 - Priority - The priority value used by the VRRP router in the election for the mast er virtual router. Pre-empt Mode - • Enable - if the Virtual Router is a backup router it will preempt the .
- 837 - Selection Criteria VRID and Slot/Port - Select the existing Virtual Router , listed by interface number and VRID, for which you want to display statistical information. Non-Configurable Da ta Router Checksum Errors - The total number of VRRP packets received with an invalid VRRP checksum value.
- 838 - Zero Priority Packets Received - The total number of VRRP pa ckets received by the virtual router with a priority of '0'. Zero Priority Packets Sent - The total number of VRRP packets sent by the virtual ro uter wi th a priority of '0'.
- 839 - Mode - Selector for the Tunnel mode. The suppo rted modes are 6-in-4-configure d and 6-to-4. IPv6 Implicit Mode - Enable IPv6 on this interface using the IPv6 address. This option is only configurable prior to spe cif ying an explicit IPv6 address.
- 840 - Refresh - Refresh the page with the latest Tun nel entries. 11.4.11 Managing Loopbacks 11.4.11.1 Configuring Loopbacks Configuration Page Loopback interfaces can b e created, configured and remove d on this page. Configurable Data Loopback - Select list of currently configure d loopba ck in terfaces.
- 841 - Submit - Update the system with the values on this screen. Delete Loopback - Remove the selected loop ba ck interface. Delete Primary - Remove the configured Primary IPv4 Address. Add Secondary - Add the user sp ecifie d Secondary IPv4 Address.
- 842 - Configurable Data Administrative Mode - This sel ector lists the two options for admin istrative mod e: enable and disable. The default value is disabled. Guest Vlan Supplicant Mode - Thi s selector lists the two o ptions for Gu est VLAN Suppli cant mode: enable and disable.
- 843 - Selection Criteria Port - Selects the port to be configured. Whe n the sel ection is changed, a screen refre s h will o ccur causing all fields to be updated for the newly sel ected port. All physical interfaces are valid. Contro l Mode - This selector lists the options for contro l mode.
- 844 - Maximum Requests - This input field allows the user to enter the maximum requ ests for the selected port. The maximum requests value is the maximum numbe r of times the authenticator state machi ne on this port will retransmit an EAPOL EAP Request/Identity before timing out the supplicant.
- 845 - Selection Criteria Port - Selects the port to be displayed. When the selection i s ch an ged, a screen refresh will occur causing all fields to be updated for the newly sel ected port. All physical interfaces are valid. Non-Configurable Da ta Contro l Mode - Displays the configured control m ode for the specified port.
- 846 - Transmit Period(secs) - This field displ ays the configured transmit period for th e selected port. The transmit period is the value, in seconds, of the timer used by the authentic ator st ate machine on the specified port to determine when to send an EAPOL EAP Request/Identity frame to the supplicant.
- 847 - Backend State - This field displays the current state of the backend authentic ation state machine. Possible values are: "Request" "Response" "Success" "Fail.
- 848 - Non-Configurable Da ta Port - Specifies the port whose settings are displayed in the current table row. Contro l Mode - This field indicates the configure d control mode for the port. Possible value s are: • Force Unauthorized: The authenticator port access en tity (PAE) unconditionally sets the controlled port to unauthorized.
- 849 - Refresh - Update the information on the page. 11.5.1.5 Viewing each Port Access Control Statistics Page Selection Criteria Port - Selects the port to be displayed. When the selection i s ch an ged, a screen refresh will occur causing all fields to be updated for the newly sel ected port.
- 850 - EAP Request/Id Frames Transmitted - This di spl ays the number of EAP request/identity frames that have been transmitted by this authenticator. EAP Request Frames Transmitte d - This displays the number of EAP request frames (other than request/identity frames) that have been transmitted by this authe nticator.
- 851 - 11.5.1.7 Defining Port Access Client Summary Page Selection Criteria Port - Selects the port to be displayed. When the selection i s ch an ged, a screen refresh will occur causing all fields to be updated for the newly sel ected port. All physical interfaces are valid.
- 852 - Configurable Data Login - Selects the login to apply to the specified user. All configured logins are displayed. Command Buttons Submit - Sends the updated screen to the switch and caus es the changes to take effect on the swit ch but these changes will not be re tained across a powe r cycle unless a save is performed.
- 853 - Non-Configurable Da ta Port - Displays the port in Slot/Port format. Users - Displays the users that have access to the p ort. Command Buttons Refresh - Update the information on the page.
- 854 - Selection Criteria Accounting Mode - Selects if the RADIUS accounting mode is en abled or disabled. Configurable Data Max Number of Retransmits - The value of the maximum numb er of times a request packet is retransmitted. The valid range is 1 - 15.
- 855 - 11.5.2.2 Configuring RADIUS Server Configuration Page Selection Criteria RADIUS Server IP Address - Selects the RADI US server to be configured. Select add to add a server. Primary Server - Sets the selected server to thePrimary or Secondary server.
- 856 - Secret Configured - Indicates if the shared se cret fo r this server has been configure d. Command Buttons Submit - Sends the updated screen to the switch and caus es the changes to take effect on the swit ch but these changes will not be re tained across a powe r cycle unless a save is performed.
- 857 - Access Rejects - The number of RA DI US Access-Reject packets, including both valid and invalid packets that were received from this server. Access Challenges - The numbe r of RADIUS Acce ss-Chal lenge packets, inclu ding both vali d and invalid packets that were received from this server.
- 858 - 224.xxx.xxx.xxx 127.0.0.1 Host name - Enter the host name of the station. Port - Specifies the UDP Port to be u sed by the acco unting server. The valid range is 0 - 6553 5. If the user has READONLY access, the value is displayed but cannot be cha nged.
- 859 - Accounting Server IP Address - Identifies the accounting server associated wi th the statistics. Round Trip Time (secs) - Displays the time interval, in hund redths of a seco nd, betwe en the most recent Accounting-Response and the Accou nting-Request that matched it from this RA DIUS accounting server.
- 860 - 11.5.3 Defining TACACS+ Configuration 11.5.3.1 Configuring TACACS Configuration Page Configurable Data Key String - Specifie s the authentication and encrypti on key for TACACS+ communications between the device and the TACACS+ server. The valid rang e is 0-1 28 characters.
- 861 - Selection Criteria TACACS+ Server Selects the TACACS+ server for which dat a is to be displayed or configured. If the add item is selected, a new TACACS server can b e configured. Configurable Data IP Address - Specifies the TACACS+ Se rver IP address.
- 862 - designated management st ations, only the ch osen stat ions, as defined by IP address, will be allowed management privilege through the web manag er, Telnet session, Secure Shell (SSH) o r Secure Socket Layer (SSL) for secure HTTP. Selection Criteria Admin Mode - Selects the IP Filter admin mode for enable or disa ble.
- 863 - Selection Criteria HTTPS Admin Mode - This field is used to enable or disa ble the Administ rative Mode of Secure HTTP. The currently configured value is shown whe n the web page is displayed. The default value is disabled. TLS Version 1 - This field is used to enable or disable Tran sport Layer Security Version 1.
- 864 - Delete - Used to delete the corresponding ce rtificate, if it is present. 11.5.6 Defining Secure Shell Configuration 11.5.6.1 Configuring Secure Shell Configuration Page Selection Criteria Admin Mode - This select field is used to Enable or Disable the administrative mode of SSH.
- 865 - Generate RSA Hos t Keys - Begin generating the RSA host keys. Note that to generate SSH key files SSH must be administratively disabled and there can be no active SSH session s.
- 866 - 11.6.2 Configuring IPv6 Interface Configuration Page Selection Criteria Interface - Selects the interface to be configured. W hen the selection is ch anged, a screen refresh will occur causing all fields to be updated for the new ly sele cted port.
- 867 - IPv6 Implicit Mode - When ipv6 implicit mode is enabled, interface is capable of ipv6 operation without a global address. In this case, a n eui-64 based link-local ad dress is used. This selecto r lists the two options for ipv6 mode: enable a nd disable.
- 868 - Non-Configurable Da ta Interface - Specifies the interface who se settings are displayed in the cu rrent table ro w. Routin g Mode - Specifies routing mode of an interface.
- 869 -.
- 870 - Selection Criteria Interface - Selects the interface to be configured. W hen the selection is ch anged, a screen refresh will occur causing all fields to be update d for the newly selected po rt.
- 871 - which these fragments were addres sed which might not be necessarily the input interface for some of the fragments. Datagrams Successfully Rea ssemble d - The number of IPv6 datagram s successfully reassembled.
- 872 - ICMPv6 Echo Reply Messages Receiv ed - The number of ICMP Echo Reply messages received by the interface. ICMPv6 Router Solicit Messages Receiv ed - The number of ICMP Router Solicit messages received by the interface.
- 873 - ICMPv6 Redirect Messag es Transmitted - The num ber of Redirect messages sent. ICMPv6 Group Membership Query Messag es Transmitted - The number of ICMPv6 Group Membership Query messages sent. ICMPv6 Group Membership Response Messages Transmitted - The number of ICMPv6 Group Membership Response messages sent.
- 874 - • Stale - More than ReachableTime millise con ds h ave elapsed since the last positive confirmation was received that the forwa rd pat h was functioning properly.
- 875 - 11.6.7 Managing OSPFv3 Protocol 11.6.7.1 Configuring OSPFv3 Configuration Page Configurable Data Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the router withi n the autonomous system (AS). If you want to change the R outer ID you must first disable OSPFv3.
- 876 - *NOTE: once OSPFv3 is initialized on the router, it w i ll remain in itialized until the router is reset. Exit Overflow Interval - Enter the number of seconds that, a fter entering over flow state, the route r should wait before attempting to leave overflow st ate.
- 877 - been a change in a router's link state dat abase, and to compare the link-state databa ses of two routers. AS_OPAQUE LSA Count - The num ber of opaque LSAs with dom ain wid e flooding scope. AS_OPAQUE LSA Checksum - The sum of the LS checksums of the opaque L SAs with domain wide flooding scope.
- 878 - Import Summary LSAs - Select enable or disable fro m the pulldown menu. If you select ena ble summary LSAs will be imported into are as. Defa ults to Enable. Stub Area Specific Parameters. Metric Value - Enter the metric value you want applied for the default route adve rtised into the stub area.
- 879 - Translator State - Translator State 'Enabl ed' means that the NSSA r outer OSPFv3 Area NssA Translator Role has been set to always. Tran sl ator State of 'Elected' means a candidate NSSA Border router is translating ty pe-7 LSAs into type-5.
- 880 - Selection Criteria Area ID - Selects the area for which dat a is to be co nfigured. Configurable Data IPv6 Prefix - Enter the IPv6 Prefix/Prefix Length fo r the address range for the selected area. LSDB Type - Select the type of Link Advertisement a s sociated wit h the spe cified area and addres s range.
- 881 - Selection Criteria Slot/Port - Select the interface for which data is to be displayed or configured. Configurable Data OSPFv3 Admin Mode* - You may select enable or disabl e from the pulldown menu.
- 882 - Hello Interval - Enter the OSPFv3 hello interval for the s pecified interface in seconds. This parameter must be the same for all routers attached to a network. Valid value s ran ge from 1 to 65,535. The default is 10 seconds. Dead Interval - Enter the OSPFv3 dead interval for the spec ified interface in seconds.
- 883 - • Other Designated Rou te r - The interface is connected to a broadcast or NBM A network on which other routers have b een selected to be the De signated Router and Backup Designated Router either. The router attempts to form adjacencies to both the Design ated Router and the Backup Designated Router.
- 884 - Selection Criteria Slot/Port - Select the interface for which data is to be displayed. Non-Configurable Da ta OSPFv3 Area ID - The OSPFv3 area to which the selected router interface b elongs. An OSPFv3 Area ID is a 32 bit integer in dotted decimal fo rmat that uniquely identifies the area to whi ch the interface connects.
- 885 - Virtual Events - The number of state change s or e rrors that have occurred on this virtual link. Neighbor Events - The nu mber of times this neighbor relationshi p has changed state o r an error has occurred. External LSA Count - The number of external (LS type 5) lin k-state advertisements in the l ink-state database.
- 886 - 11.6.7.7 Viewing OSPFv3 Neighbor Information Page This screen shows the OSPFv3 Neigh b or information for a selected neigh bor Router ID on the selected interface. When a particular Neighbo r Router ID is selected, it shows detailed information abo ut the neighbor.
- 887 - 11.6.7.8 Viewing OSPFv3 Neighbor Table Information Page This screen shows the OSPFv3 Neighb or Table, either for all interfaces on whi ch valid OSPFv3 Neighbors are pre sent o r the neig hbo rs specific to a given interface on whi ch OSPFv3 Neighbors exist.
- 888 - Non-Configurable Da ta Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the router withi n the autonomous system (AS). The Router I D is set on the OSPFv3 Interface Configuration p age. If you want to change the Router ID you must first disable OSPFv3.
- 889 - 11.6.7.10 Configuring OSPFv3 Virtual Link Configuration Page Selection Criteria Create New Virtual Link - Select this option from the dropdo wn menu to define a new virtual link. The area portion of the virtual link identification is fixed: you will be prompted to enter the Neighbor Router ID on a new screen.
- 890 - • Waiting - The router is trying to determi ne the identity of the (Backup) Designated Router by monitoring received Hello Packets. The router is not allowed to elect a Backup Designated Router or a Designated Ro uter until it transit ions out of Waiting stat e.
- 891 - Neighbor Router ID - The neigh bor p ortion of the virtual link identification. Virtual links may be configured between any pair of area b order rout ers having interfaces to a common (non-ba ckbone ) area. Hello Interval - The OSPFv3 hello interval for the virtual link in units of secon ds.
- 892 - Metric Type - Sets the OSPFv3 metric type of redistri buted routes. Tag - Sets the tag field in routes redistributed. This field displays t he tag if the source was pre-configured, else a default tag value of 0 is displayed. The valid values are (0 to 429496729 5) Command Buttons Submit - Send the updated configuration to the r outer.
- 893 - Selection Criteria Global or Link-local Next-hop - Specify if the Next Hop IPv6 Addr ess is a Global IPv6 Address o r a Link-local IPv6 Address. Slot/Port - Enter the unit, slot and port number for the Link-l ocal IPv6 Next Hop Address. This field is displayed only if the Global or Link-local Next -hop Sel ector i s selected as Link-local.
- 894 - • All Routes - Shows all active IPv6 routes Non-Configurable Da ta Number of Routes/Best Routes - Di splays the total number of a ctive routes/best routes in the route table. IPv6 Prefix/Prefix Length - Displays the Network Pref ix and Prefix Length for th e Active Route.
- 895 - Submit - Send the updated configuration to the sw itch. Configu ration changes take effect immediately. These changes will not be retained ac ross a power cycle unless a save is performed.
- 896 - Configurable Data RIPv6 Admin Mode - Select ena ble or disable from the pulldown menu. If you select enable RIPv6 will be enabled for the switch. The default is disable. Split Horizon Mode - Select none, simple or poison reverse f rom the pulldown menu.
- 897 - Selection Criteria Slot/Port - Select the interface for which data is to be configured. Configurable Data Interface Mode - Select enable o r disable from the pull down menu. Before you enable RIPv6 version 1 or version 1c on an interface, you must fi rst enable network dire cted broadcast mode on the corresponding interface.
- 898 - Available Source - This select box is a dynamic sele ctor and wo uld be populated by only those Source Routes that have not prev iously been configured for redistri but ion by RIPv6. This select box would appear only if the user select s "Create" opt ion as Configured Source.
- 899 - 11.7 QOS Menu 11.7.1 Managing Access Control Lists 11.7.1.1.1 Configuring IP Access Control List Configuration Page An IP ACL consists of a set of rules which are mat c he d sequentially against a packet.
- 900 - Non-Configurable Da ta IP ACL ID - The IP ACL identifier. Rules - The number of rules currently configured for the IP ACL. Direction - The direction of packet traffic affected by the IP ACL. Direction can only be: • Inbound Slot/Port(s) - The interfaces to which the IP ACL applies.
- 901 - Selection Criteria IP ACL ID - Use the pulldown menu to select the IP ACL for which to create or update a rule. Rule - Select an existing rule from the pulldown menu, or select 'Create New Rule.' ACL as well as an option to add a new Rule.
- 902 - Protocol Number - Specify that a packet's IP protocol is a match condition for the sel ected IP ACL rule and identify the protocol by number. The prot ocol number is a standard value assigned by IANA and is interpreted as an integer from 1 to 255.
- 903 - 11.7.1.4 Configuring IPv6 Access Control List Configuration Page An IPv6 ACL consists of a set of rules which are matched sequenti a lly again st a packet. When a p acket meets the match crite ria of a rule, the specified ru le action (Permit/Deny) is taken and the additional rule s are not checked for a match.
- 904 - Non-Configurable Da ta IPv6 ACL Name - Exiting IPv6 ACL identifier. Rules - The number of rules currently configured for the IPv6 ACL. Direction - The direction of packet traffic affected by the IPv6 ACL. Direction can only be one of the following : Inbound Slot/Port(s) - The interfaces to wh ich the IPv6 ACL applies.
- 905 - the specified criteria in order to be true against that rule and for the specified rule action (Pe rmit/Deny) to take place. Configurable Data Rule ID - Enter a whole number in the range of (1 to 10) that will be use d to ide ntify the rule. Action - Specify what action should b e taken if a pa ck et matches the rule's criteria.
- 906 - Flow Label - Flow label is 20-bit number that is uni que to an IPv6 packet, used by end stations to signify quality-of-service handling in routers. Flo w label can spe cified within the range (0 to 1048575). IPv6 DSCP Service - Specify the IP DiffServ Code Point (DSCP) field.
- 907 - Delete - Removes the currently selected MAC ACL from the switch configu ration. 11.7.1.8 Viewing MAC Access Control List Summary Page Non-Configurable Da ta MAC ACL Name - MAC ACL identifier. Rules - The number of rules currently configured for the MAC ACL.
- 908 - Selection Criteria MAC ACL - Select the MAC ACL for which to create or update a rule. Rule - Select an existing rule or select 'Create New Rule' to add a new Rule. New rules cann ot be created if the maximum number of rule s has been reached.
- 909 - Assign Queue ID - Specifies the hardware eg re ss queue identifier used to handle all packet s matching this ACL rule. Valid r ange of Queue Ids is (0 to 6). Mirror Interface - Specifies the specifi c egre ss interfa ce w here the matchin g traffic stream is copied in addition to being forwarded normally b y the device.
- 910 - Configure - Configure the corre spo ndin g match criteria for the selected rule. Submit - Send the updated configuration to the sw itch. Configu ration changes take effect immediately. These changes will not be retained ac ross a power cycle unless a save is performed.
- 91 1 - and direction, the specified access li st replaces the currently attach ed access list using that sequence number. If the sequence numbe r is not spe cified by the user, a sequen ce numb er that is one greate r than the highest sequence numbe r currently in use fo r this interface and directi on will be used.
- 912 - IP ACL - Specifies list of all IP ACLs. Thi s field is visible only if the user has sele cted "IP ACL" as "ACL Type". IPv6 ACL - Specifies list of all IPv6 ACLs. This field is visible only if the user has selected "IPv6 ACL" as "ACL Type".
- 913 - VLAN(s) - VLAN(s) to which the IP ACL applies. Direction - The direction of packet traffic affected by the IP ACL. Direction can only be one of the following : • Inbound ACL Type - Displays the type of ACL assi gne d to selected VLAN and direction.
- 914 - Selection Criteria DiffServ Admin Mode - This lists the option s for the mode, from which one can be selecte d. The default value is 'enable'. While disabled, the DiffServ configuration is retained when save d and can be changed, but it is not activated.
- 915 - Only when a new class is cre ated, this f ield is a selector field. After class creation this be comes a non-configurable field displaying the conf igured class type. Class Layer 3 Protocol - Indicates h ow to interpret the any layer 3. This lists types of packets supported by Diffserv.
- 916 - 11.7.2.3 Viewing DiffServ Class Summary Page Non-Configurable Da ta Class Name - Displays names of the configured DiffServ cla sses. Class Type - Displays types of the conf igured classes as 'all', 'any', or 'a cl'.
- 917 - Selection Criteria Policy Selector - Along with an option to create a new poli cy, this lists all the existing DiffServ policy names, from which one can be sel ected.
- 918 - Remove Selected Class - Removes a policy class instance by detachi ng the policy from the specified class. 11.7.2.5 Viewing DiffServ Policy Summary Page Non-Configurable Da ta Policy Name - Displays name of the DiffServ policy. Policy Type - Displays type of the policy as 'In'.
- 919 - Policy Attribute Selector - This lists all attributes supported for this type of policy, from which one can be selected. Non-Configurable Da ta Policy Type - Displays type of the configured policy as 'In'.
- 920 - Slot/Port - Select the Slot/Port that uniquely specifies an interface. This is a list of all valid slot number and port number combination s in the system . For Read/Write users where 'All' appears in the list, select it to specify all interfaces.
- 921 - 11.7.2.10 Viewing DiffServ Service Statistics Page This screen display s service-level stati s tical informatio n in tabular form for all interface s in the system to which a DiffServ policy has been attached in the inbound and/or out bound traffic directions.
- 922 - Direction - List of the traffic directi on of interface. Onl y shows the direction(s) for which a DiffServ policy is currently attached. Member Classes - List of all DiffServ classes cu rrent ly defined as members of the selected Policy Name. Choose one member cla ss name at a time to disp lay its statistics.
- 923 - Each port selected will be adde d to the policy created. Selection Criteria Traffic Type - Traffic type is used to define the DiffSer v Class. Traffic type options: VOIP, HTTP, FTP, Telnet, and Any. Policing - Enabling policing will add policing to the Dif f Serv Policy and the poli c in g rate will be applied.
- 924 - Selection Criteria Slot/Port - Specifies all CoS configura ble interface s. The option " Global" rep resent s the most re cent global configuration settings. These may be overridden on a per-interface basi s. Interface Trust Mode - Specifie s wh ether or not to trust a pa rticular pa cket marking at ing ress.
- 925 - Selection Criteria Slot/Port - Specifies all CoS configura ble interface s. The option " Global" rep resent s the most re cent global configuration settings. Configurable Data IP DSCP Value Traffic Class - Specify which internal traffic class to map the corresponding IP DSCP value.
- 926 - Selection Criteria Slot/Port - Specifies all CoS configura ble interface s. The option " Global" rep resent s the most re cent global configuration settings.
- 927 - Scheduler Type - Specifies the type of scheduli ng u sed for this queue. Scheduler Type can only be one of the following: • strict • weighted Default value is weighted. Queue Management Type - Queue de pth management technique used for queues on thi s interface.
- 928 - Minimum Bandwidth - Specifies the minimum guaranteed band width allotted to this queue. The value 0 means no guaranteed minimu m. Sum of indi vidual Minimum Band width values for all queu es in the selected interface cannot exceed defined maxi mum (100).
- 929 - • Disable - Disable ETS and stop the ETS process. Other configuration will not be change if you disable ETS. The system's default ETS admin mode is disabl ed Scheduler Type - Configures the scheduler type for an interface. • WERR - Set scheduler type to WERR.
- 930 - Queue in SAN Priority Group - List of queues in SAN prio rity group. Queue in IPC Priority Group - List of queues in IPC priority gro up. 11.7.4.8 Configuring Congestion Notification (CN)) Global configuration Selection Criteria CNM Admin Mode - Enable/Disable congestio n notif ication messa g e(CNM) handling.
- 931 - Configurable Data Ether Type for CN-TAG - Set Ether Type for CN-TAG . The sy stem's default Ether Type of CN-TAG is 8937. The valid Ether Type range is 0 to 65535. Ether Type for CNM - Set Ether Type for Conge stion Notification Message (CNM).
- 932 - Status - Enable or Disable specific priori ty queue. The CN function is disabled by default on all priorities for each port. Non-Configurable Da ta Queue ID - Specifies the queue ID. Command Buttons Submit - Send the updated configuration to the sw itch.
- 933 - 11.8 IPv4 Multicast Menu 11.8.1 Managing DVMRP Protocol 11.8.1.1 Configuring DVMRP Global Configuration Page Configurable Data Admin Mode - Select enable or disable from the dropdow n menu. This sets the administrative status of DVMRP to active or inactive.
- 934 - Selection Criteria Slot/Port - Select the interface for which data is to be configured. You must configure at lea st one router interface before you configure a DVMRP interface. Othe rwise you will se e a message telling you that no router interfaces are available, and the configuratio n screen will not be displayed.
- 935 - Selection Criteria Slot/Port - Select the interface for which data is to be displayed. You must configure at least one router interface before you can display data for a DVMRP interface. Otherwise you will see a message telling you that no router interfaces are av ailable, and the configuration summary screen will not be displayed.
- 936 - 11.8.1.4 Viewing DVMRP Next Hop Config uration Summary Non-Configurable Da ta Source IP - The IP address used with the source mask to identify the so urce network for this table entry. Source Mask - The network mask used with the source IP address.
- 937 - Refresh - Refresh the screen with the n ew data 11.8.1.6 Viewing DVMRP Route Summary Non-Configurable Da ta Source Address - The network address that is combi ned with the source mask to identify the sources for this entry. Source Mask - The subnet mask to be combined wit h t he source address to identify the sources for this entry.
- 938 - Configurable Data Admin Mode - Select enable or disabl e from the pulldow n menu to set the administrative status of IGMP in the router to active or inactive. The default is disable. Command Buttons Submit - Send the updated configuration to the r outer.
- 939 - Version - Enter the version of IGMP you want to config ure on the selected interfac e. Valid values are 1 to 3 and the default value is 3. This field is configurable only when IGMP interface mode is en abled. Robustness - Enter the robustness value.
- 940 - Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Non-Configurable Da ta Interface Mode - The administrative stat us of IGMP on the selecte d interface. IP Address - The IP address of the selected interface.
- 941 - Last Member Query Interval - The last member query interval. The last member query interval is the maximum response time inserted into group-spec ific queries sent in response to leave group messages, and is also the amount of time betwe en group-sp ecific query messages.
- 942 - Last Reporter - The IP address of the source of the la st membership rep ort received for the IP Multicast group address on the sele cted interface. Up Time - The time elapsed since this entry was crea ted. Expiry Time - The minimum amount of time remaining before this entry will be aged out.
- 943 - Source Filter Mode - The source filter mode (Include/Exc lude/NA ) for the sp ecified group on this interface. Source Hosts - This parameter shows sou rce add resses which are members of this multicast address. Expiry Time - This parameter shows ex piry time in terval agai nst each sour ce address which are members of this multicast group.
- 944 - 11.8.2.7 Viewing IGMP Proxy Configration Summary Page Non-Configurable Da ta Slot/Port - Displays the interface on which IGMP proxy is enabled. IP Address - The IP address of the IGMP Proxy interface. Subnet Mask - The subnet mask for the IP addre ss of the IGMP Proxy interface.
- 945 - Selection Criteria Multicast Group IP - Select the IP multicast group ad dress for which data is to be displayed. If no group membership rep orts have been received on the sele cted interface you will not be able to make this selection, and none of the non-c onfig urabl e data will be displayed.
- 946 - Up Time - Displays the up time since the entry was created in cache table. State - The state of the host entry. A Host can be in one of the state. Non- member state - does not belong to the group on the interface. Delaying membe r state - host belongs to the group on th e interface and report timer runnin g.
- 947 - 11.8.3.2 Configuring Interface’s Multicast Configuration Page Selection Criteria Slot/Port - Select the routing interface you want to configure from the dropdo wn menu. Configurable Data TTL Threshold - Enter the TTL threshold belo w whi ch a multicast data packet will not be forwarded from the selected interface.
- 948 - Outgoing Interface(s) - The list of outgoing interface s on which multica st packets for this source/group are forwarded. Up Time (secs) - The time in seconds si nce the entry was created. Expiry Time (secs) - The time in second s before this entry will age out and be removed from the table.
- 949 - Slot/Port - Select the interface number from the dropdown menu. This is th e interface that connects to the neighbor router for t he given source IP address. Command Buttons Submit - Send the updated configuration to the r outer. Configu ration changes take effect immediately.
- 950 - Slot/Port - Select the router interface for which the administ ratively scoped bou ndary is to be configured. Configurable Data Group IP - Enter the multicast group addre ss fo r the start of the range of addresses to be excl uded. The address must be in the range of 239.
- 951 - Admin Mode - Select enable or disabl e from the pulldow n menu to set the administrative status of PIM-DM in the router. The default is disa bled. Command Buttons Submit - Send the updated configuration to the r outer. Configu ration changes take effect immediately.
- 952 - Selection Criteria Slot/Port - Select the physical interface for which data is to be displayed. There must be configured at least one router interface before displaying data fo r a PIM-DM interface, otherwise a message will be displayed.
- 953 - Configurable Data Admin Mode - Select enable or disabl e from the pulldow n menu to set the administrative status of PIM-SM in the router. The default is disable. Data Threshold Rate - Enter the rate in K bits/second above wh ich the last-hop router will switch to a source-specific shorte st pa th tree.
- 954 - Command Buttons Refresh - Refresh the data on the scree n with the present state of the data in the router. 11.8.5.3 Configuring PIM-SM SSM Range Configuration Page Configurable Data SSM Group Address - Enter the source-specifi c multicast group ip-address.
- 955 - Configurable Data Mode - Select enable or disable from the pulldown menu to set the administrative status of PIM-SM in the router. The default is disable. Hello Interval (secs) - Enter the time in second s between the tran smission of which PIM Hello messages on this interface.
- 956 - Net Mask - The network mask for the IP address of the sele cted PIM interface. Hello Interval (secs) - The frequency at which PIM Hello messages are transmit ted on the selected interface. Join/Prune Interval - The frequency at which PIM Join/Prune messag es are transmitted on this PIM interface.
- 957 - Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Configurable Data Hash Mask Length - Enter the C-BSR hash mask length to be advertised in bootstrap messages. This hash mask length will be used in the hash algori thm for selecting the RP for a particul ar g roup.
- 958 - 11.8.5.9 Configuring PIM-SM Static RP Configuration Page Configurable Data IP Address - IP Address of the RP to be created or del eted. Group - Group Address of the RP to be created o r deleted. Group Mask - Group Mask of the RP to be created or deleted.
- 959 - Command Buttons Submit - Send the updated configuration to the sw itch. Configu ration changes take effect immediately. These changes will not be retained ac ross a power cycle unless a save is performed.
- 960 - MLD is robust to (robustness variable-1 ) packet loss es. Valid values are from (1 to 255) . The default value is 2 Startup Query Interval - Enter the number of seconds between th e transmissio n of startup queries on the selected interface. The valid values are from (1 to 300 ) .
- 961 - Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Non-Configurable Da ta MLD Global Admin Mode - The administrative status of ML D on the selecte d interface. MLD Operational Mode - The operatio nal statu s of MLD on the Interface.
- 962 - Querier Status - This value indicates whether the interf ace is a M LD querier or non-querie r on the subnet it is associated with. Querier Address - The address of the MLD qu erier on the IP subnet to which the selected interface is attached.
- 963 - Refresh - Refresh the data on the scree n with the present state of the data in the router. Clear Traffic - Clears all the parameters for the sele ct ed interface.
- 964 - Non-Configurable Da ta Slot/Port - Displays the interface on which MLD proxy is enabled. IPv6 Address - The IPv6 address of the MLD Proxy interface. Subnet Mask - The subnet mask for the IPv6 address of the ML D Proxy interface. Admin Mode - The administrative status of MLD Proxy on the selected interface.
- 965 - Selection Criteria Multicast Group IPv6 - Select the IPv6 multicast g roup address for whi ch data i s to be displa yed. If no group membership reports have been received on the selected in terface you will not be able to make this selection, and none of the non-configura ble data will be displayed.
- 966 - Multicast Group IPv6 - Select the IPv6 multicast g roup address for whi ch data i s to be displa yed. If no group membership re ports have bee n received on t he MLD Proxy interface you will not b e able to make this selection, and none of the non-configura ble data will be displayed.
- 967 - Selection Criteria Slot/Port - Select the Slot and port for which data is to be displayed or co nfigure d. Slot 0 is the base unit. You must have configured at least one router interface before configuring or displaying data for a PIM-DM interface, otherwise an er ror message will be displayed.
- 968 - Selection Criteria Slot/Port - Select the physical interface for which data is to be displayed. There must be configured at least one router interface before displaying data fo r a PIM-DM interface, otherwise a message will be displayed.
- 969 - Command Buttons Submit - Send the updated configuration to the r outer. Configu ration changes take effect immediately. These changes will not be retained ac ross a power cycle unless a save is performed.
- 970 - Submit - Send the updated configuration to the r outer. Configu ration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. Refresh - Refresh the data on the scree n with the pr esent state of the data in the router.
- 971 - Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Non-Configurable Da ta Admin Mode - The administrative status of PIM-SM in the router: either enable or disable. Protocol State - The operational state of the PIM-SM protocol on this interfa ce .
- 972 - 11.9.3.6 Configuring PIM-SM Candidate RP Configuration Page Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed. Slot 0 is the base unit. Non-Configurable Da ta Group Address - The group addre ss transmitted in Candidate-RP-Advertisements.
- 973 - Hash Mask Length - Enter the C-BSR hash mask length to be advertised in bootstrap messages. This hash mask length will be used in the hash algori thm for selecting the RP for a particul ar g roup. The valid values are from (0 to 128). Default value is 30.
- 974 - Configurable Data RP Address - IP Address of the RP. Group Address/Prefix Length - Enter the source-specifi c multicast group ip-address / Prefix Length. Overide - To override the entry you need to check this box and then select the submit button.
- 975 - Source IP - Enter the IP address of the multicast packet source to be combined with the Group IP to fully identify a single route whose Mr oute table entry you want to displa y or clear. You may leave this field blank. Group IP - Enter the destination group IP addres s whose multicast route(s) you want to display or clear.
www .fortinet.com.
Een belangrijk punt na aankoop van elk apparaat Fortinet 548B (of zelfs voordat je het koopt) is om de handleiding te lezen. Dit moeten wij doen vanwege een paar simpele redenen:
Als u nog geen Fortinet 548B heb gekocht dan nu is een goed moment om kennis te maken met de basisgegevens van het product. Eerst kijk dan naar de eerste pagina\'s van de handleiding, die je hierboven vindt. Je moet daar de belangrijkste technische gegevens Fortinet 548B vinden. Op dit manier kan je controleren of het apparaat aan jouw behoeften voldoet. Op de volgende pagina's van de handleiding Fortinet 548B leer je over alle kenmerken van het product en krijg je informatie over de werking. De informatie die je over Fortinet 548B krijgt, zal je zeker helpen om een besluit over de aankoop te nemen.
In een situatie waarin je al een beziter van Fortinet 548B bent, maar toch heb je de instructies niet gelezen, moet je het doen voor de hierboven beschreven redenen. Je zult dan weten of je goed de alle beschikbare functies heb gebruikt, en of je fouten heb gemaakt die het leven van de Fortinet 548B kunnen verkorten.
Maar de belangrijkste taak van de handleiding is om de gebruiker bij het oplossen van problemen te helpen met Fortinet 548B . Bijna altijd, zal je daar het vinden Troubleshooting met de meest voorkomende storingen en defecten #MANUAl# samen met de instructies over hun opplosinge. Zelfs als je zelf niet kan om het probleem op te lossen, zal de instructie je de weg wijzen naar verdere andere procedure, bijv. door contact met de klantenservice of het dichtstbijzijnde servicecentrum.