![Zyxel MES3500-10 [215/364] Password commands](/img/pdf.png)
Zyxel MES3500-10 [215/364] Password commands
![Zyxel MES3500-10 [215/364] Password commands](/views2/1169485/page215/bgd7.png)
Ethernet Switch CLI Reference Guide
215
CHAPTER 50
Password Commands
Use these commands to configure passwords for specific privilege levels on the Switch.
50.1 Password Encryption
Password encryption provides service providers a means to securely enter administrator and
login passwords. By default, passwords are sent in plain text. Plain text passwords are also
stored temporarily in the Switch’s spt and temp buffers. By enabling password encryption, you
can hide these plain text passwords in transit as well as in the device buffers.
50.2 Command Summary
The following section lists the commands for this feature.
Table 120 password Command Summary
COMMAND DESCRIPTION M P
admin-password <pw-string>
<confirm-string>
Changes the administrator password.
pw-string: 1-32 alphanumeric characters
confirm-string: 1-32 alphanumeric characters
C14
admin-password <pw-string> Changes the administrator password.
pw-string: 1-32 alphanumeric characters
C14
admin-password cipher <pw-
string>
Sets the administrator cipher password, which is used in
administrator password encryption.
pw-string: 32 alphanumeric characters
C14
password <password> [privilege
<0-14>]
Changes the password for the highest privilege level or,
optionally, the specified privilege.
password: 1-32 alphanumeric characters
C14
password cipher <pw-string>
[privilege <0-14>]
Changes the password cipher for the highest privilege level
or, optionally, the specified privilege. This is used in password
encryption.
password: 32 alphanumeric characters
C14
no password privilege <0-14> Clears the password for the specified privilege level and
prevents users from entering the specified privilege level.
C14
password encryption Sets all password setting encryption. C 14
no password encryption Disables password encryption. The encrypted password will
not be changed back to plain text.
C14
Содержание
- Cli reference guide 1
- Default login details 1
- Ethernet switch 1
- Firmware version 3 9 3 0 3 0 and 4 0 edition 2 08 2011 1
- Www zyxel com 1
- About this cli reference guide 3
- This guide is intended as a command reference for a series of products therefore many commands in this guide may not be available in your product see your user s guide for a list of supported features and details about feature implementation 3
- Document conventions 4
- Notes tell you other important information for example other things you may need to configure or helpful tips or recommendations 4
- Warnings tell you about things that could harm you or your device see your user s guide for product specific warnings 4
- Document conventions 6
- Ethernet switch cli reference guide 6
- Figures in this guide may use the following generic icons the switch icon is not an exact representation of your device 6
- Icons used in figures 6
- Contents overview 7
- Introduction 11 7
- Reference a g 27 7
- Reference h m 101 7
- Reference n s 207 8
- Appendices and index of commands 333 9
- Reference t z 287 9
- Introduction 11
- Accessing the cli 13
- Console port 13
- Hapter 13
- How to access and use the cli 13
- Telnet 13
- Logging in 14
- The switch automatically logs you out of the management interface after five minutes of inactivity if this happens to you simply log back in again 14
- Using shortcuts and getting help 14
- Logging out 15
- Saving your configuration 15
- You should save your changes after each cli session all unsaved configuration changes are lost once you restart the switch 15
- Hapter 17
- Privilege level and command mode 17
- Privilege levels 17
- Privilege levels for commands 17
- Privilege levels for login accounts 17
- Privilege levels for sessions 18
- Command modes 19
- Command modes for privilege levels 0 12 19
- Chapter 2 privilege level and command mode 20
- Command modes for privilege levels 13 14 20
- Each command is usually in one and only one mode if a user wants to run a particular command the user has to change to the appropriate mode the command modes are organized like a tree and users start in enable mode the following table explains how to change from one mode to another 20
- Ethernet switch cli reference guide 20
- If the session s privilege level is 13 14 the allowed commands are in one of several modes 20
- Table 7 command modes for privilege levels 13 14 and the types of commands in each one 20
- Table 8 changing between command modes for privilege levels 13 14 20
- Listing available commands 21
- Changing the administrator password 23
- Changing the enable password 23
- Hapter 23
- Initial setup 23
- Afterwards you have to use the new ip address to access the switch 24
- Changing the management ip address 24
- Changing the out of band management ip address 24
- Prohibiting concurrent logins 24
- Chapter 3 initial setup 25
- Ethernet switch cli reference guide 25
- Looking at basic system information 25
- Looking at the operating configuration 25
- See chapter 85 on page 323 for more information about these attributes 25
- This is illustrated in the following example 25
- Use this command to look at general system information about the switch 25
- Use this command to look at the current operating configuration 25
- Reference a g 27
- Aaa commands 29
- Command summary 29
- Hapter 29
- Chapter 4 aaa commands 30
- Ethernet switch cli reference guide 30
- Table 10 command summary aaa accounting continued 30
- Table 11 aaa authorization command summary 30
- Arp commands 31
- Command examples 31
- Command summary 31
- Hapter 31
- Chapter 5 arp commands 32
- Ethernet switch cli reference guide 32
- Table 13 show ip arp continued 32
- Arp inspection commands 33
- Command summary 33
- Hapter 33
- Chapter 6 arp inspection commands 34
- Ethernet switch cli reference guide 34
- Table 16 command summary arp inspection log 34
- Table 17 command summary interface arp inspection 34
- Table 18 command summary arp inspection vlan 34
- Chapter 6 arp inspection commands 35
- Command examples 35
- Ethernet switch cli reference guide 35
- Table 19 show arp inspection filter 35
- The following table describes the labels in this screen 35
- This example looks at log messages that were generated by arp packets and that have not been sent to the syslog server yet 35
- This example looks at the current list of mac address filters that were created because the switch identified an unauthorized arp packet when the switch identifies an unauthorized arp packet it automatically creates a mac address filter to block traffic from the source mac address and source vlan id of the unauthorized arp packet 35
- Chapter 6 arp inspection commands 36
- Ethernet switch cli reference guide 36
- Table 20 show arp inspection log 36
- The following table describes the labels in this screen 36
- This example displays whether ports are trusted or untrusted ports for arp inspection 36
- Chapter 6 arp inspection commands 37
- Ethernet switch cli reference guide 37
- Table 21 show arp inspection interface port channel 37
- The following table describes the labels in this screen 37
- Arp learning commands 39
- Command examples 39
- Command summary 39
- Hapter 39
- Bandwidth commands 41
- Hapter 41
- Chapter 8 bandwidth commands 42
- Command summary 42
- Ethernet switch cli reference guide 42
- Note the sum of cirs cannot be greater than or equal to the uplink bandwidth 42
- Table 23 user input values running config 42
- Table 24 command summary bandwidth control bandwidth limit 42
- The following section lists the commands for this feature 42
- The following table describes user input values available in multiple commands for this feature 42
- Chapter 8 bandwidth commands 43
- Command examples cir pir 43
- Command examples ingress 43
- Ethernet switch cli reference guide 43
- This example deactivates the outgoing bandwidth limit on port 1 43
- This example displays the bandwidth limits configured on port 1 43
- This example sets the guaranteed traffic bandwidth limit on port 1 to 4000 kbps and the maximum traffic bandwidth limit to 5000 kbps for port 1 43
- This example sets the outgoing traffic bandwidth limit to 5000 kbps and the incoming traffic bandwidth limit to 4000 kbps for port 1 43
- Broadcast storm commands 45
- Command summary 45
- Hapter 45
- 128 broadcast packets per second 256 multicast packets per second 46
- Chapter 9 broadcast storm commands 46
- Command example bmstorm limit 46
- Command example broadcast limit multicast limit dlf limit 46
- Ethernet switch cli reference guide 46
- Table 26 command summary storm control bmstorm limit and bstorm control continued 46
- This example enables broadcast storm control on port 1 and limits the combined maximum rate of broadcast multicast and dlf packets to 128 kbps 46
- This example enables broadcast storm control on the switch and configures port 1 to accept up to 46
- 64 dlf packets per second 47
- Chapter 9 broadcast storm commands 47
- Ethernet switch cli reference guide 47
- Cfm commands 49
- Cfm overview 49
- Hapter 49
- How cfm works 49
- Cfm term definition 50
- Chapter 10 cfm commands 51
- Ethernet switch cli reference guide 51
- Table 27 cfm term definitions 51
- Table 28 cfm command user input values 51
- This section lists the common term definition appears in this chapter refer to user s guide for more detailed information about cfm 51
- User input values 51
- Chapter 10 cfm commands 52
- Command summary 52
- Ethernet switch cli reference guide 52
- Table 29 cfm command summary 52
- The following section lists the commands for this feature 52
- Chapter 10 cfm commands 53
- Ethernet switch cli reference guide 53
- Note if you set the format to vid the vlan id should be the same as the vlan id you use to identify the ma 53
- Table 29 cfm command summary continued 53
- Chapter 10 cfm commands 54
- Ethernet switch cli reference guide 54
- Table 29 cfm command summary continued 54
- Command examples 55
- Remember to save new settings using the write memory command 55
- Chapter 10 cfm commands 56
- Ethernet switch cli reference guide 56
- Table 30 show cfm action mipccmdb 56
- The following table describes the labels in this screen 56
- This example displays all neighbors mep port information in the mip ccm databases 56
- This example lists all cfm domains in this example only one md md1 is configured the ma3 with the associated mep port 1 is under this md1 56
- This example starts a loopback test and displays the test result on the console 56
- Chapter 10 cfm commands 57
- Ethernet switch cli reference guide 57
- This example assigns a virtual mac address to port 3 and displays the mac addresses of the ports 2 4 the assigned virtual mac address should be unique in both the switch and the network to which it belongs 57
- This example sets the switch to carry its host name and management ip address 192 68 00 in cfm packets 57
- This example shows remote mep database information the remote mep has been configured to carry its host name and a specified ip address in cfm packets 57
- Classifier commands 59
- Command summary 59
- Hapter 59
- Chapter 11 classifier commands 60
- Ethernet switch cli reference guide 60
- In an ipv4 packet header the protocol field identifies the next level protocol the following table shows some common ipv4 protocol types and the corresponding protocol number refer to http www iana org assignments protocol numbers for a complete list 60
- In an ipv6 packet header the next header field identifies the next level protocol the following table shows some common ipv6 next header values 60
- Table 32 common ethernet types and protocol number 60
- Table 33 common ipv4 protocol types and protocol numbers 60
- Table 34 common ipv6 next header values 60
- The following table shows some other common ethernet types and the corresponding protocol number 60
- Command examples 61
- Cluster commands 63
- Command summary 63
- Hapter 63
- Chapter 12 cluster commands 64
- Command examples 64
- Ethernet switch cli reference guide 64
- Table 36 show cluster member 64
- The following table describes the labels in this screen 64
- This example creates the cluster cmanage in vlan 1 then it looks at the current list of candidates for membership in this cluster and adds two switches to cluster 64
- Chapter 12 cluster commands 65
- Ethernet switch cli reference guide 65
- Table 37 show cluster 65
- The following table describes the labels in this screen 65
- This example logs in to the cli of member 00 13 49 00 00 01 looks at the current firmware version on the member switch logs out of the member s cli and returns to the cli of the manager 65
- This example looks at the current status of the switch s cluster 65
- Command summary 67
- Date and time commands 67
- Hapter 67
- Chapter 13 date and time commands 68
- Command examples 68
- Ethernet switch cli reference guide 68
- Table 39 time command summary continued 68
- Table 40 timesync command summary 68
- This example sets the current date current time time zone and daylight savings time 68
- Chapter 13 date and time commands 69
- Ethernet switch cli reference guide 69
- Table 41 show timesync 69
- The following table describes the labels in this screen 69
- This example looks at the current time server settings 69
- Command summary 71
- Dhcp commands 71
- Hapter 71
- Chapter 14 dhcp commands 72
- Ethernet switch cli reference guide 72
- Note you have to configure the vlan before you configure a dhcp relay for the vlan you have to disable dhcp smart relay before you can enable dhcp relay 72
- Table 43 dhcp relay command summary 72
- Table 44 dhcp relay broadcast command summary 72
- Table 45 dhcp server command summary 72
- Chapter 14 dhcp commands 73
- Command examples 73
- Ethernet switch cli reference guide 73
- Figure 3 example global dhcp relay 73
- In this example the switch relays dhcp requests for the vlan1 and vlan2 domains there is only one dhcp server for dhcp clients in both domains 73
- In this example there are two vlans vids 1 and 2 in a campus network two dhcp servers are installed to serve each vlan the switch forwards dhcp requests from the dormitory rooms vlan 1 to the dhcp server with ip address 192 68 00 dhcp requests from the academic buildings vlan 2 are sent to the other dhcp server with ip address 172 6 0 00 73
- This example shows how to configure the switch for this configuration dhcp relay agent information option 82 is also enabled 73
- Vlan1 vlan2 73
- In this example the switch is a dhcp server for clients on vlan 1 and vlan 2 the dhcp clients in vlan 1 are assigned ip addresses in the range 192 68 00 to 192 68 00 and clients on vlan 2 are assigned ip addresses in the range 172 6 0 to 172 6 30 74
- This example shows how to configure the dhcp server for vlan 1 with the configuration shown in figure 5 on page 74 it also provides the dhcp clients with the ip address of the default gateway and the dns server 74
- This example shows how to configure these dhcp servers the vlans are already configured 74
- Command summary 75
- Dhcp snooping dhcp vlan commands 75
- Hapter 75
- Chapter 15 dhcp snooping dhcp vlan commands 76
- Command examples 76
- Enables dhcp snooping switch sets up an external dhcp snooping database on a network server with ip address 172 6 7 7 76
- Ethernet switch cli reference guide 76
- Table 46 dhcp snooping command summary continued 76
- Table 47 dhcp vlan command summary 76
- The following table describes the dhcp vlan commands 76
- This example 76
- Chapter 15 dhcp snooping dhcp vlan commands 77
- Enables dhcp snooping on vlans 1 2 3 200 and 300 sets the switch to add the slot number port number and vlan id to dhcp requests that it broadcasts to the dhcp vlan sets ports 1 5 as dhcp snooping trusted ports sets the maximum number of dhcp packets that can be received on ports 1 5 to 100 packets per second configures a dhcp vlan with a vlan id 300 displays dhcp snooping configuration details 77
- Ethernet switch cli reference guide 77
- Command summary 79
- Diffserv commands 79
- Hapter 79
- Command summary 81
- Display commands 81
- Hapter 81
- Command summary 83
- Dvmrp commands 83
- Dvmrp overview 83
- Hapter 83
- Chapter 18 dvmrp commands 84
- Command examples 84
- Enables igmp and dvmrp on the switch enables dvmrp on the following routing domains 10 0 0 24 172 6 24 displays dvmrp settings configured on the switch 84
- Ethernet switch cli reference guide 84
- Figure 6 dvmrp network example 84
- In this example the switch is configured to exchange dvmrp information with other dvmrp enabled routers as shown next the switch is a dvmrp router c dvmrp is activated on ip routing domains 10 0 0 24 and 172 6 24 so that it can exchange dvmrp information with routers a and b 84
- Table 50 command summary dvmrp continued 84
- Cpu protection overview 85
- Error disable and recovery commands 85
- Error disable recovery overview 85
- Hapter 85
- User input values 85
- Chapter 19 error disable and recovery commands 86
- Command summary 86
- Ethernet switch cli reference guide 86
- Table 52 cpu protection command summary 86
- Table 53 errdisable recovery command summary 86
- The following section lists the commands for this feature 86
- Chapter 19 error disable and recovery commands 87
- Command examples 87
- Ethernet switch cli reference guide 87
- Limit the number of arp packets that port 7 can handle to 100 packets per second set to shut down port 7 when the number arp packets the port should handle exceeds the rate limit display the cpu protection settings that you just set for port 7 display the error disable status and action mode for arp packet handling 87
- Table 53 errdisable recovery command summary continued 87
- This example shows you how to configure the following 87
- Chapter 19 error disable and recovery commands 88
- Ethernet switch cli reference guide 88
- This example enables the disabled port recovery function and the recovery timer for the loopguard feature on the switch if a port is shut down due to the specified reason the switch activates the port 300 seconds the default value later this example also shows the number of the disabled port s and the time left before the port s becomes active 88
- Command summary 89
- Ethernet oam commands 89
- Hapter 89
- Ieee 802 ah link layer ethernet oam implementation 89
- Chapter 20 ethernet oam commands 90
- Command examples 90
- Ethernet switch cli reference guide 90
- Table 54 ethernet oam command summary continued 90
- This example enables ethernet oam on port 7 and sets the mode to active 90
- Chapter 20 ethernet oam commands 91
- Ethernet switch cli reference guide 91
- Table 55 show ethernet oam discovery 91
- The following table describes the labels in this screen 91
- This example performs ethernet oam discovery from port 7 91
- Chapter 20 ethernet oam commands 92
- Ethernet switch cli reference guide 92
- Table 55 show ethernet oam discovery continued 92
- This example looks at the number of oam packets transferred on port 1 92
- Chapter 20 ethernet oam commands 93
- Ethernet switch cli reference guide 93
- Table 56 show ethernet oam statistics 93
- Table 57 show ethernet oam summary 93
- The following table describes the labels in this screen 93
- This example looks at the configuration of ports on which oam is enabled 93
- Chapter 20 ethernet oam commands 94
- Ethernet switch cli reference guide 94
- Table 57 show ethernet oam summary continued 94
- Command summary 95
- External alarm commands 95
- Hapter 95
- Chapter 21 external alarm commands 96
- Command examples 96
- Ethernet switch cli reference guide 96
- This example configures and shows the name and status of the external alarm s 96
- Command summary 97
- Garp commands 97
- Garp overview 97
- Hapter 97
- Chapter 22 garp commands 98
- Command examples 98
- Ethernet switch cli reference guide 98
- In this example the administrator looks at the switch s garp timer settings and decides to change them the administrator sets the join timer to 300 milliseconds the leave timer to 800 milliseconds and the leave all timer to 11000 milliseconds 98
- Command examples 99
- Command summary 99
- Gvrp commands 99
- Hapter 99
- Reference h m 101
- Command summary 103
- Hapter 103
- Https server commands 103
- Chapter 24 https server commands 104
- Command examples 104
- Ethernet switch cli reference guide 104
- Table 62 show https 104
- The following table describes the labels in this screen 104
- This example shows the current https settings statistics and sessions 104
- Chapter 24 https server commands 105
- Ethernet switch cli reference guide 105
- Table 62 show https continued 105
- Table 63 show https session 105
- The following table describes the labels in this screen 105
- This example shows the current https sessions 105
- Chapter 24 https server commands 106
- Ethernet switch cli reference guide 106
- Table 63 show https session continued 106
- Command summary 107
- Guest vlan overview 107
- Hapter 107
- Ieee 802 x authentication commands 107
- Chapter 25 ieee 802 x authentication commands 108
- Command examples 108
- Ethernet switch cli reference guide 108
- Specifies radius server 1 with ip address 10 0 0 port 1890 and the string secretkey as the password 2 specifies the timeout period of 30 seconds that the switch will wait for a response from the radius server 3 enables port authentication on the switch 4 enables port authentication on ports 4 to 8 108
- Table 64 port access authenticator command summary continued 108
- This example configures the switch in the following ways 108
- Command summary 111
- Hapter 111
- Igmp and multicasting commands 111
- Igmp overview 111
- Chapter 26 igmp and multicasting commands 112
- Command examples 112
- Ethernet switch cli reference guide 112
- Sets the switch to flood unknown multicast frames sets the switch to non querier mode 112
- Table 65 igmp command summary continued 112
- Table 66 ipmc command summary 112
- This example configures igmp on the switch with the following settings 112
- Command summary 115
- Hapter 115
- Igmp snooping commands 115
- Chapter 27 igmp snooping commands 116
- Ethernet switch cli reference guide 116
- Table 68 igmp snooping command summary continued 116
- Chapter 27 igmp snooping commands 117
- Ethernet switch cli reference guide 117
- Table 68 igmp snooping command summary continued 117
- Table 69 igmp snooping vlan command summary 117
- Table 70 interface igmp command summary 117
- Chapter 27 igmp snooping commands 118
- Ethernet switch cli reference guide 118
- Table 70 interface igmp command summary continued 118
- Chapter 27 igmp snooping commands 119
- Command examples 119
- Ethernet switch cli reference guide 119
- Host timeou 119
- Table 70 interface igmp command summary continued 119
- This example enables igmp snooping on the switch sets the 119
- Value to 30 seconds and sets the switch to drop packets from unknown multicast groups 119
- Chapter 27 igmp snooping commands 120
- Ethernet switch cli reference guide 120
- Table 71 show multicast 120
- The following table describes the labels in this screen 120
- This example limits the number of multicast groups on port 1 to 5 120
- This example shows the current multicast groups on the switch 120
- This example shows the current multicast vlan on the switch 120
- Chapter 27 igmp snooping commands 121
- Ethernet switch cli reference guide 121
- This example restricts ports 1 4 to multicast ip addresses 224 55 55 through 225 55 55 55 121
- Command summary 123
- Hapter 123
- Igmp filtering commands 123
- Chapter 28 igmp filtering commands 124
- Command examples 124
- Ethernet switch cli reference guide 124
- This example restricts ports 1 4 to multicast ip addresses 224 55 55 through 225 55 55 55 124
- Command summary 125
- Hapter 125
- Interface commands 125
- Chapter 29 interface commands 126
- Ethernet switch cli reference guide 126
- Table 73 interface command summary continued 126
- Chapter 29 interface commands 127
- Command examples 127
- Ethernet switch cli reference guide 127
- Table 74 show interfaces 127
- The following table describes the labels in this screen 127
- This example looks at the current status of port 1 127
- Chapter 29 interface commands 128
- Ethernet switch cli reference guide 128
- Table 74 show interfaces continued 128
- Chapter 29 interface commands 129
- Ethernet switch cli reference guide 129
- Sets the default port vid to 200 2 sets these ports to accept only tagged frames 129
- Sets the ieee 802 p quality of service priority to four 4 2 sets the name test 3 sets the speed to 100 mbps in half duplex mode 129
- Table 74 show interfaces continued 129
- This example configures ports 1 3 4 and 5 in the following ways 129
- This example configures ports 1 5 in the following ways 129
- Command examples 131
- Command summary 131
- Hapter 131
- Interface route domain mode 131
- Command summary 133
- Hapter 133
- Ip commands 133
- Chapter 31 ip commands 134
- Command examples 134
- Ethernet switch cli reference guide 134
- Table 77 tcp and udp command summary continued 134
- Table 78 show ip tcp 134
- The following table describes the labels in this screen 134
- This example shows the tcp statistics and listener ports see rfc 1213 for more information 134
- Chapter 31 ip commands 135
- Ethernet switch cli reference guide 135
- Table 78 show ip tcp continued 135
- Chapter 31 ip commands 136
- Ethernet switch cli reference guide 136
- Table 78 show ip tcp continued 136
- Table 79 show ip udp 136
- The following table describes the labels in this screen 136
- This example shows the udp statistics and listener ports see rfc 1213 for more information 136
- Command examples 137
- Command summary 137
- Hapter 137
- Ip source binding commands 137
- Chapter 32 ip source binding commands 138
- Ethernet switch cli reference guide 138
- Table 81 show ip source binding continued 138
- Hapter 139
- Ipv6 addressing 139
- Ipv6 commands 139
- Ipv6 overview 139
- Ipv6 terms 140
- A loopback address 0 0 0 0 0 0 0 1 or 1 allows a host to send packets to itself it is similar to 127 in ipv4 141
- Chapter 33 ipv6 commands 141
- Ethernet switch cli reference guide 141
- Loopback 141
- Multicast scope allows you to determine the size of the multicast group a multicast address has a predefined prefix of ff00 8 the following table describes some of the predefined multicast addresses 141
- Table 84 predefined multicast address 141
- Table 85 reserved multicast address 141
- The following table describes the multicast addresses which are reserved and can not be assigned to a multicast group 141
- Eui 64 142
- Chapter 33 ipv6 commands 146
- Command summary 146
- Ethernet switch cli reference guide 146
- In the following mld snooping proxy example all connected upstream ports 1 7 are treated as one interface the connection between ports 8 and 9 is blocked by stp to break the loop if there is one query from a router x or mld done or report message from any upstream port it will be broadcast to all connected upstream ports 146
- Report 146
- Table 86 ipv6 user input values 146
- Table 87 ipv6 address command summary 146
- The following section lists the commands for this feature 146
- The following table describes user input values available in multiple commands for this feature 146
- Chapter 33 ipv6 commands 147
- Ethernet switch cli reference guide 147
- Note make sure an ipv6 router is available in the vlan network before using this command on the switch 147
- Table 87 ipv6 address command summary continued 147
- Chapter 33 ipv6 commands 148
- Ethernet switch cli reference guide 148
- Table 87 ipv6 address command summary continued 148
- Table 88 ipv6 dhcp relay command summary 148
- Chapter 33 ipv6 commands 149
- Ethernet switch cli reference guide 149
- Note the switch applies the time interval in increments of 10 for example if you set a time interval from 1280 to 1289 milliseconds the switch uses the time interval of 1280 milliseconds 149
- Table 89 ipv6 icmp and ping6 command summary 149
- Table 90 ipv6 mld snooping proxy command summary 149
- Chapter 33 ipv6 commands 150
- Ethernet switch cli reference guide 150
- Table 90 ipv6 mld snooping proxy command summary continued 150
- Chapter 33 ipv6 commands 151
- Ethernet switch cli reference guide 151
- Table 90 ipv6 mld snooping proxy command summary continued 151
- Chapter 33 ipv6 commands 152
- Ethernet switch cli reference guide 152
- Table 90 ipv6 mld snooping proxy command summary continued 152
- Chapter 33 ipv6 commands 153
- Ethernet switch cli reference guide 153
- Table 91 ipv6 nd command summary 153
- Chapter 33 ipv6 commands 154
- Ethernet switch cli reference guide 154
- Table 91 ipv6 nd command summary continued 154
- Table 92 ipv6 neighbor command summary 154
- Chapter 33 ipv6 commands 155
- Command examples 155
- Ethernet switch cli reference guide 155
- Table 92 ipv6 neighbor command summary continued 155
- Table 93 show ipv6 155
- The following table describes the labels in the show ipv6 command output 155
- This example shows how to enable ipv6 in vlan 1 and display the link local address the switch automatically generated for the vlan 155
- Chapter 33 ipv6 commands 156
- Ethernet switch cli reference guide 156
- Table 93 show ipv6 continued 156
- This example shows how to enable ipv6 in vlan 1 and display the link local address the switch automatically generated and other ipv6 information for the vlan 156
- This example shows how to manually configure two ipv6 addresses one uses the eui 64 format one doesn t in vlan 1 and then display the result before using ipv6 address commands you have to enable ipv6 in the vlan and this has the switch generate a link local address for the interface 156
- Chapter 33 ipv6 commands 157
- Ethernet switch cli reference guide 157
- There are three addresses created in total for vlan 1 the address 2001 db8 c18 1 219 cbff fe00 1 64 is created with the interface id 219 cbff fe00 1 generated using the eui 64 format the address 2001 db8 c18 1 12b 64 is created exactly the same as what you entered in the command 157
- Chapter 33 ipv6 commands 158
- Ethernet switch cli reference guide 158
- Table 94 show ipv6 neighbor 158
- The following table describes the labels in this screen 158
- This example shows the switch owns l displays in the t field two manually configured permanent ip addresses 2001 1234 and fe80 219 cbff fe00 1 it also displays a neighbor fe80 2d0 59ff feb8 103c in vlan 1 is reachable from the switch 158
- Chapter 33 ipv6 commands 159
- Ethernet switch cli reference guide 159
- Table 94 show ipv6 neighbor continued 159
- This example sends ping requests to an ethernet device with ipv6 address fe80 2d0 59ff feb8 103c in vlan 1 the device also responds the pings 159
- By default windows xp and windows 2003 support ipv6 this example shows you how to use the ipv6 install command on windows xp 2003 to enable ipv6 this also displays how to use the ipconfig command to see auto generated ip addresses 160
- Chapter 33 ipv6 commands 160
- Ethernet switch cli reference guide 160
- Example enabling ipv6 on windows xp 2003 160
- This example configures a static ipv6 route to forward packets with ipv6 prefix 2100 and prefix length 64 to the gateway with ipv6 address fe80 219 cbff fe01 101 in vlan 1 160
- Example http accessing the switch using ipv6 161
- How you access the switch using http varies depending on the operating system os and the type of browser you use and the type of address you want to access 161
- Ipv6 is installed and enabled by default in windows vista use the ipconfig command to check your automatic configured ipv6 address as well you should see at least one ipv6 address available for the interface on your computer 161
- It s recommended to use internet explorer 7 or firefox to access the switch s web gui 161
- Make sure you have enabled ipv6 on your computer see section 33 use the ipconfig command in the command prompt to check the ipv6 address on your computer the example uses an interface with address fe80 2d0 59ff feb8 103c to 161
- This example shows you how to access the switch using http on windows xp 161
- Chapter 33 ipv6 commands 164
- Check the switch ipv6 address es to which you want to ping in this example there are two ipv6 addresses in vlan 1 one is a link local address fe80 219 cbff fe00 1 64 and the other one is a global address 2001 1234 64 164
- Ethernet switch cli reference guide 164
- Example ipv6 ping on windows xp 2003 vista 164
- In windows xp 2003 vista use the ipconfig command in the command prompt to check the ipv6 address on your computer each ipv6 address is appended with a percentage and the ethernet interface s interface identifier of the ethernet interface with which the address associates this is an example to show you how to ping from a windows xp computer to the switch 164
- Make sure you have enabled ipv6 on your computer see section 33 on page 160 use the ipconfig command in the command prompt to check this in this example the address fe80 2d0 59ff feb8 103c is used to ping the switch so the 4 of the ethernet interface identifier will be used later to ping 164
- Chapter 33 ipv6 commands 165
- Ethernet switch cli reference guide 165
- Ping to the switch s global address when you ping a global address on a windows xp computer you just need to enter an ipv6 destination address 165
- Ping to the switch s link local address when you ping a link local address from a windows xp computer you have to append the interface identifier of the ethernet interface from which you want to ping 165
- Command summary 167
- Hapter 167
- Layer 2 protocol tunnel l2pt commands 167
- Chapter 34 layer 2 protocol tunnel l2pt commands 168
- Command examples 168
- Ethernet switch cli reference guide 168
- Table 96 l2pt command summary continued 168
- This example enables l2pt on the switch and sets the destination mac address for encapsulating layer 2 protocol packets received on an access port 168
- Chapter 34 layer 2 protocol tunnel l2pt commands 169
- Ethernet switch cli reference guide 169
- This example displays l2pt settings and status on port 3 you can also see how many cdp stp vtp lacp pagp and udld packets received on this port are encapsulated decapsulated or dropped 169
- This example enables l2pt for stp cdp and vtp packets on port 3 it also sets l2pt mode to access for this port 169
- This example sets l2pt mode to tunnel for port 4 169
- Hapter 171
- Link layer discovery protocol lldp commands 171
- Lldp overview 171
- Chapter 35 link layer discovery protocol lldp commands 172
- Command summary 172
- Ethernet switch cli reference guide 172
- Table 97 lldp command summary 172
- The following section lists the commands for this feature 172
- Chapter 35 link layer discovery protocol lldp commands 173
- Ethernet switch cli reference guide 173
- Note make sure the lldp packet transmitting interval is shorter than its ttl to have the switch s device information being updated in the neighboring devices before it ages out 173
- Table 97 lldp command summary continued 173
- Chapter 35 link layer discovery protocol lldp commands 174
- Command examples 174
- Ethernet switch cli reference guide 174
- Table 97 lldp command summary continued 174
- This example enables lldp on the switch sets port 2 to send and receive lldp packets and allows the switch to send optional basic management tlvs such as management address port description and system description tlvs on port 2 this example also shows the lldp settings on port 2 and global lldp settings on the switch 174
- Command summary 175
- Hapter 175
- Load sharing commands 175
- Load sharing overview 175
- Chapter 36 load sharing commands 176
- Command examples 176
- Ethernet switch cli reference guide 176
- This example enables equal cost multipath ecmp routing on the switch and sets the switch to use a packet s source and destination ip addresses to determine the routing path for the packet 176
- Command examples 177
- Command summary 177
- Hapter 177
- Logging commands 177
- Command summary 179
- Hapter 179
- Login account commands 179
- Password encryption 179
- Chapter 38 login account commands 180
- Command examples 180
- Ethernet switch cli reference guide 180
- This example creates a new user user2 with privilege 13 180
- Command summary 181
- Hapter 181
- Loopguard commands 181
- Chapter 39 loopguard commands 182
- Command examples 182
- Ethernet switch cli reference guide 182
- Table 102 show loopguard 182
- The following table describes the labels in this screen 182
- This example enables loopguard on ports 1 3 182
- Command summary 183
- Hapter 183
- Mac address commands 183
- Chapter 40 mac address commands 184
- Command examples 184
- Ethernet switch cli reference guide 184
- Table 103 mac mac aging time and mac flush command summary continued 184
- Table 104 show mac address table 184
- The following table describes the labels in this screen 184
- This example shows the current mac address table 184
- Command summary 185
- Hapter 185
- Mac authentication commands 185
- Mac authentication overview 185
- Chapter 41 mac authentication commands 186
- Command examples 186
- Ethernet switch cli reference guide 186
- Table 105 mac authentication command summary continued 186
- This example enables mac authentication on the switch specifies the name prefix clientname and the mac authentication password lech89 next mac authentication is activated on ports 1 5 and configuration details are displayed 186
- Command summary 187
- Hapter 187
- Mac filter commands 187
- Command example 188
- Command example filter source 188
- Command summary 189
- Hapter 189
- Mac forward commands 189
- Command summary 191
- Hapter 191
- Mirror commands 191
- Chapter 44 mirror commands 192
- Command examples 192
- Ethernet switch cli reference guide 192
- Table 109 mirror command summary continued 192
- Table 110 mirror filter command summary 192
- This example enables port mirroring and copies outgoing traffic from ports 1 4 5 and 6 to port 3 192
- Chapter 44 mirror commands 193
- Ethernet switch cli reference guide 193
- This example displays the mirror settings of the switch after you configured in the example above 193
- Command summary 195
- Hapter 195
- Mrstp commands 195
- Mrstp overview 195
- Chapter 45 mrstp commands 196
- Command examples 196
- Enables mrstp on the switch activates tree 1 and sets the bridge priority hello time maximum age and forward values for this rstp configuration activates mrstp for ports 1 5 and sets path cost on these ports to 127 adds ports 1 5 to tree index 1 196
- Ethernet switch cli reference guide 196
- In this example we enable mrstp on ports 21 24 port 24 is connected to the host while ports 21 23 are connected to another switch 196
- Note an edge port becomes a non edge port as soon as it receiveds a bridge protocol data units bpdu 196
- Table 111 command summary mrstp 196
- This example configures mrstp in the following way 196
- Command summary 197
- Hapter 197
- Mstp commands 197
- Chapter 46 mstp commands 198
- Command examples 198
- Ethernet switch cli reference guide 198
- Table 113 mstp instance command summary 198
- This example shows the current mstp configuration 198
- Chapter 46 mstp commands 199
- Ethernet switch cli reference guide 199
- Table 114 show mstp 199
- The following table describes the labels in this screen 199
- This example shows the current cist configuration mstp instance 0 199
- Chapter 46 mstp commands 200
- Ethernet switch cli reference guide 200
- Table 115 show mstp instance 200
- The following table describes the labels in this screen 200
- Command examples 203
- Command summary 203
- Hapter 203
- Multiple login commands 203
- Command summary 205
- Hapter 205
- Mvr commands 205
- Command examples 206
- Reference n s 207
- Command summary 209
- Hapter 209
- Ospf commands 209
- Ospf overview 209
- Chapter 49 ospf commands 210
- Ethernet switch cli reference guide 210
- Table 119 ospf command summary continued 210
- Chapter 49 ospf commands 211
- Ethernet switch cli reference guide 211
- Note you cannot set two routing protocols to have the same administrative distance 211
- Table 119 ospf command summary continued 211
- Chapter 49 ospf commands 212
- Command examples 212
- Ethernet switch cli reference guide 212
- Figure 7 ospf network example 212
- In this example the switch a is an area border router abr in an ospf network 212
- Table 119 ospf command summary continued 212
- In this example the switch z is a redistributor between a rip network and an ospf network it summarizes 4 routing entries 192 68 24 192 68 1 24 learned from rip router a into 192 68 22 and then sends it to ospf router b 213
- Is also set to 1 as this router should participate in router elections 213
- This example configures an ospf interface for the 172 6 24 network and specifies to use simple authentication with the key 1234abcd the priority for the 213
- This example enables ospf on the switch sets the router id to 172 6 configures an ospf area id as 0 backbone and enables simple authentication 213
- Chapter 49 ospf commands 214
- Ethernet switch cli reference guide 214
- From the example above the third octet of all the four network ip addresses is 00001000 00001001 00001010 000001011 respectively the first 4 digits 000010 are the common part among these ip addresses so 192 68 22 can be used to represent all of the 4 networks the following example shows you how to configure the ospf summary address and then show all redistribution entries 214
- This example shows you how to enable the redistribution for rip protocol and then show all redistribution entries 214
- Command summary 215
- Hapter 215
- Password commands 215
- Password encryption 215
- Command examples 216
- Command summary 217
- Hapter 217
- Poe commands 217
- Chapter 51 poe commands 218
- Command examples 218
- Ethernet switch cli reference guide 218
- This example enables power over ethernet poe on ports 1 4 and enables traps when the power usage reaches 25 218
- This example shows the current status and configuration of power over ethernet 218
- Chapter 51 poe commands 219
- Ethernet switch cli reference guide 219
- Note if the management mode is set to consumption this field shows na 219
- Note the switch must have at least 16 w of remaining power in order to supply power to a poe device even if the poe device requested less than 16 w 219
- Table 122 show pwr 219
- The following table describes the labels in this screen 219
- Command summary 221
- Hapter 221
- Policy commands 221
- Chapter 52 policy commands 222
- Ethernet switch cli reference guide 222
- Table 123 policy command summary 222
- Chapter 52 policy commands 223
- Command examples 223
- Ethernet switch cli reference guide 223
- Table 123 policy command summary 223
- This example creates a policy highpriority for the traffic flow identified via classifier vlan3 see the classifier example in chapter 11 on page 59 this policy replaces the ieee 802 priority field with the ip tos priority field value 7 for vlan3 packets 223
- Chapter 52 policy commands 224
- Ethernet switch cli reference guide 224
- This example creates a policy policy1 for the traffic flow identified via classifier class1 see the classifier example in chapter 11 on page 59 this policy forwards class1 packets to port 8 224
- Command summary 225
- Hapter 225
- Policy route commands 225
- 9 it then shows the policy routing information 226
- By default the switch forwards all packets to the default gateway this example configures a layer 3 classifier class 1 to group traffic with source ip address 192 68 3 this example also creates a policy routing rule in profile profile 1 to set the 226
- Chapter 53 policy route commands 226
- Command examples 226
- Ethernet switch cli reference guide 226
- To forward packets that match the layer 3 classifier to the gateway with ip address 226
- Command summary 227
- Hapter 227
- Port security commands 227
- Chapter 54 port security commands 228
- Command examples 228
- Ethernet switch cli reference guide 228
- Table 125 port security command summary continued 228
- This example enables port security on port 1 and limits the number of learned mac addresses to 5 228
- Command examples 229
- Command summary 229
- Hapter 229
- Port based vlan commands 229
- Hapter 231
- Port state 231
- Pppoe ia commands 231
- Pppoe intermediate agent overview 231
- Chapter 56 pppoe ia commands 232
- Command summary 232
- Ethernet switch cli reference guide 232
- Table 127 pppoe intermediate agent command summary 232
- The following section lists the commands for this feature 232
- The switch discards pado and pads packets which are sent from a pppoe server but received on an untrusted port 232
- Chapter 56 pppoe ia commands 233
- Ethernet switch cli reference guide 233
- Table 127 pppoe intermediate agent command summary continued 233
- Chapter 56 pppoe ia commands 234
- Command examples 234
- Ethernet switch cli reference guide 234
- This example is more advanced it assumes a pppoe ia client is connected to port 2 and a pppoe ia server is connected to port 5 if we want pppoe ia to work port 2 and port 5 must be belong to the some vlan and the pppoe ia must be enabled globally and in this corresponding vlan we also need to set port 5 as trust port then the last thing we need to do is to decide which sub options the received padi padr or padt packet needs to carry here assume both circuit id and remote id should be carried 234
- This is an example of how to enable and configure pppoe ia for vlans 234
- This is an example of how to enable and disable pppoe ia on the switch 234
- This is an example of how to set a pppoe ia trust port 234
- Because we didn t assign the appended string for remote id in examples 1 and 2 the switch appends a string to carry the client s mac address as default if we want the remote id to carry the forportvlanremoteidtest information for a specific vlan on a port we can add the following configuratio 235
- Similarly we can let the circuit id carry the information which we configure 235
- The following examples show you how to configure the vendor specific tag for pppoe ia they assume there is a pppoe ia client connected to port 2 and pppoe ia server or up link port connected to port 5 235
- This is a variation of the previous one and uses the same initial setup client on port 2 server on port 5 235
- Vendor specific tag examples 235
- Additionally we can let the circuit id or remote id carry the user configured information from a specific port whose priority is less than the specific vlan on a port setting 236
- Chapter 56 pppoe ia commands 236
- Ethernet switch cli reference guide 236
- Since we didn t assign the appended string for remote id in example 1 and 2 it will carry the client s mac address as default 236
- Hapter 237
- Private vlan commands 237
- Private vlan overview 237
- Chapter 57 private vlan commands 238
- Command examples 238
- Command summary 238
- Ethernet switch cli reference guide 238
- Table 128 private vlan command summary 238
- That applies to vlan 123 ports 7 and 8 are the promiscuour ports in vlan 123 other ports in this vlan are added to the isolated port list automatically and cannot communicate with each other the isolated ports in vlan 123 can send and receive traffic from ports 7 and 8 this example also shows all private vlan rules configured on the 238
- The following section lists the commands for this feature 238
- This example sets a private vlan rule 238
- Chapter 57 private vlan commands 239
- Ethernet switch cli reference guide 239
- That applies to vlan 111 ports 1 2 and 24 belong to vlan 111 ports 1 and 2 are added to the isolated port list automatically and cannot communicate with each other port 24 is the uplink port and also the promiscuour port in this vlan the isolated ports in vlan 111 can send and receive traffic from the uplink port 24 this example also shows all private vlan rules configured on the 239
- This example sets a private vlan rule 239
- Command summary 241
- Hapter 241
- Protocol based vlan commands 241
- Protocol based vlan overview 241
- Chapter 58 protocol based vlan commands 242
- Command examples 242
- Ethernet switch cli reference guide 242
- Note protocols in the hexadecimal number range 0x0000 to 0x05ff are not allowed 242
- Table 129 protocol based vlan command summary continued 242
- This example creates an ip based vlan called ip_vlan on ports 1 4 with a vlan id of 200 and a priority 6 242
- Hapter 243
- Queuing commands 243
- Queuing overview 243
- Chapter 59 queuing commands 244
- Command summary port by port configuration 244
- Ethernet switch cli reference guide 244
- For example using the default setting q0 on port 1 gets a guaranteed bandwidth of 244
- Note some models only support 4 queues 244
- Table 130 queuing command summary 244
- The following section lists the commands for this feature 244
- Weighted fair queuing wfq guarantees each queue s minimum bandwidth based on its bandwidth weight portion when there is traffic congestion wfq is activated only when a port has more traffic than it can handle queues with larger weights get more guaranteed bandwidth than queues with smaller weights this queuing mechanism is highly efficient in that it divides any available bandwidth across the different traffic queues by default the weight for q0 is 1 for q1 is 2 for q2 is 3 and so on guaranteed bandwidth is calculated as follows 244
- Weighted round robin scheduling wrr services queues on a rotating basis and is activated only when a port has more traffic than it can handle a queue is a given an amount of bandwidth based on the queue weight value queues with larger weights get more service than queues with smaller weights this queuing mechanism is highly efficient in that it divides any available bandwidth across the different traffic queues and returns to queues that have not yet emptied hybrid mode wrr spq or wfq spq some switch models allow you to configure higher priority queues to use spq and use wrr or wfq for the lower level queues 244
- Chapter 59 queuing commands 245
- Command examples port by port configuration 245
- Ethernet switch cli reference guide 245
- Table 130 queuing command summary continued 245
- This example configures wfq on ports 1 5 and assigns weight values 1 2 3 4 12 13 14 15 to the physical queues q0 to q8 245
- Chapter 59 queuing commands 246
- Command examples system wide 246
- Command summary system wide configuration 246
- Ethernet switch cli reference guide 246
- Note some models only support 4 queues 246
- Table 131 queueing command summary 246
- The following section lists the commands for this feature 246
- This example configures the switch to use wrr as a queueing method but configures the gigabit ports 9 12 to use spq for queues 5 6 and 7 246
- This example configures wfq on the switch and assigns weight values 1 2 3 4 12 13 14 15 to the physical queues q0 to q8 246
- Command summary 247
- Hapter 247
- Radius commands 247
- Chapter 60 radius commands 248
- Command examples 248
- Ethernet switch cli reference guide 248
- Table 133 radius accounting command summary continued 248
- This example sets up one primary radius server 172 6 0 0 and one secondary radius server 172 6 0 1 the secondary radius server is also the accounting server 248
- Command summary 249
- Hapter 249
- Remote management commands 249
- Chapter 61 remote management commands 250
- Command examples 250
- Ethernet switch cli reference guide 250
- Table 136 service control command summary continued 250
- This example allows computers in subnet 172 6 7 24 to access the switch through any service except snmp allows the computer at 192 68 0 to access the switch only through snmp and prevents other computers from accessing the switch at all 250
- This example disables all snmp and icmp access to the 250
- Command summary 251
- Hapter 251
- Rip commands 251
- Rip overview 251
- Chapter 62 rip commands 252
- Command examples 252
- Enables rip enters the ip routing domain 172 6 with subnet mask 255 55 55 sets the rip direction in this routing domain to both and the version to 2 with subnet broadcasting v2b the switch will send and receive rip packets in this routing domain 252
- Ethernet switch cli reference guide 252
- Note you cannot set two routing protocols to have the same administrative distance 252
- Table 137 rip command summary continued 252
- This example 252
- Hapter 253
- Rmon overview 253
- User input values 253
- Chapter 63 rmon 254
- Command summary 254
- Ethernet switch cli reference guide 254
- Table 140 rmon command summary 254
- The following section lists the commands for this feature 254
- Chapter 63 rmon 255
- Ethernet switch cli reference guide 255
- Event index number 2 enable event logging and snmp traps yes the trap s community public who will handle this alarm operator additional description for this event entry test 255
- Rmon alarm command example 255
- Rmon event command example 255
- Syntax 255
- This example also shows how to display the setting results 255
- This example shows how to configure the switch s action when an rmon event using the following settings 255
- Alarm index number 2 variable getting the number of errored packets received on port 1 how often to get a data sample every 60 seconds sampling method delta when to send an alarm when the value is higher than the rising threshold the rising threshold 50 which event s action should be taken for the rising alarm 2 see section 63 on page 255 the falling threshold 0 which event s action should be taken for the falling alarm 0 see section 63 on page 255 who will handle this alarm operator 256
- Chapter 63 rmon 256
- Ethernet switch cli reference guide 256
- This example shows you how to configure an alarm using the following settings 256
- Chapter 63 rmon 257
- Ethernet switch cli reference guide 257
- Rmon statistics command example 257
- The ethernet statistics table entry s index number 1 collecting data samples from which port 12 257
- This example also shows how to display the data collection results 257
- This example also shows how to display the setting results 257
- This example shows how to configure the settings to display current network traffic statistics using the following settings 257
- Chapter 63 rmon 258
- Ethernet switch cli reference guide 258
- Rmon history command example 258
- The history control table entry s index number 1 how many data sampling data you want to store 10 time interval between data samplings 10 seconds collecting data samples from which port 12 258
- This example also shows how to display the data collection results 258
- This example shows how to configure the settings to display historical network traffic statisticsusing the following settings 258
- Command summary 259
- Hapter 259
- Running configuration commands 259
- Switch configuration file 259
- Chapter 64 running configuration commands 260
- Command examples 260
- Ethernet switch cli reference guide 260
- Table 142 running config command summary 260
- The following section lists the commands for this feature 260
- This example copies all attributes of port 1 to port 2 and copies selected attributes active bandwidth limit and stp settings from port 1 to ports 5 8 260
- This example resets the switch to the factory default settings 260
- Command summary 261
- Hapter 261
- Sflow overview 261
- Chapter 65 sflow 262
- Command examples 262
- Ethernet switch cli reference guide 262
- Table 143 sflow command summary continued 262
- This example enables the sflow agent on the switch and configures an sflow collector with the ip address 10 8 and udp port 6343 this example also enables sflow on ports 1 2 3 and 4 and configures the same collector sample rate and poll interval for these ports 262
- Hapter 263
- Smart isolation commands 263
- Smart isolation overview 263
- Command summary 264
- The uplink port connected to the internet should be the root port otherwise with smart isolation enabled the isolated ports cannot access the internet 264
- Chapter 66 smart isolation commands 265
- Command examples 265
- Ethernet switch cli reference guide 265
- Table 145 show smart isolation 265
- The following table describes the labels in this screen 265
- This example enables smart isolation and displays smart isolation status and information on the switch you should have configured rstp or mrstp on the switch in order to have smart isolation work by adding the designated port s to the isolated port list you also have created vlan 200 and configured a private vlan rule for vlan 200 to put ports 3 4 and 5 in the isolated port list in this example the designated port 7 is added to the isolated port list after smart isolation is enabled 265
- Chapter 66 smart isolation commands 266
- Ethernet switch cli reference guide 266
- Table 145 show smart isolation continued 266
- Command summary 267
- Hapter 267
- Snmp server commands 267
- Chapter 67 snmp server commands 268
- Ethernet switch cli reference guide 268
- Note the settings on the snmp manager must be set at the same security level or higher than the security level settings on the switch 268
- Table 147 snmp server command summary continued 268
- Table 148 snmp server trap destination enable traps command summary 268
- Chapter 67 snmp server commands 269
- Ethernet switch cli reference guide 269
- Table 148 snmp server trap destination enable traps command summary continued 269
- Chapter 67 snmp server commands 270
- Command examples 270
- Ethernet switch cli reference guide 270
- This example shows you how to display all snmp user information on the switch 270
- This example shows you how to display the snmp information on the switch 270
- Command summary 271
- Hapter 271
- Stp and rstp commands 271
- Chapter 68 stp and rstp commands 272
- Command examples 272
- Enables stp on the switch 2 sets the bridge priority of the switch to 0 3 sets the hello time to 4 maximum age to 20 and forward delay to 15 4 enables stp on port 5 with a path cost of 150 5 sets the priority for port 5 to 20 272
- Ethernet switch cli reference guide 272
- Note an edge port becomes a non edge port as soon as it receiveds a bridge protocol data units bpdu 272
- Table 149 spanning tree command summary continued 272
- This example configures stp in the following ways 272
- Chapter 68 stp and rstp commands 273
- Ethernet switch cli reference guide 273
- Table 150 show spanning tree config 273
- The following table describes the labels in this screen 273
- This example shows the current stp settings 273
- Chapter 68 stp and rstp commands 274
- Ethernet switch cli reference guide 274
- In this example we enable rstp on ports 21 24 port 24 is connected to the host while ports 21 23 are connected to another switch 274
- Table 150 show spanning tree config continued 274
- Command examples 275
- Command summary 275
- Hapter 275
- Ssh commands 275
- Chapter 69 ssh commands 276
- Ethernet switch cli reference guide 276
- Table 152 show ssh 276
- The following table describes the labels in this screen 276
- This example shows the general ssh settings 276
- Command summary 277
- Hapter 277
- Static multicast commands 277
- Command examples 278
- Command summary 279
- Hapter 279
- Static route commands 279
- Chapter 71 static route commands 280
- Command examples 280
- Ethernet switch cli reference guide 280
- For example you cannot create an active static route that routes traffic for 192 68 0 24 to 192 68 280
- Is in 172 6 7 24 or 127 16 you cannot create an active static route to other ip addresses 280
- Table 155 show ip route 280
- The following table describes the labels in this screen 280
- This example shows the current routing table 280
- You can create this static route if it is inactive however 280
- Chapter 71 static route commands 281
- Ethernet switch cli reference guide 281
- You can create an active static route that routes traffic for 192 68 0 24 to 172 6 7 54 281
- Command summary 283
- Hapter 283
- Subnet based vlan commands 283
- Subnet based vlan overview 283
- Chapter 72 subnet based vlan commands 284
- Command examples 284
- Ethernet switch cli reference guide 284
- Table 156 subnet based vlan command summary continued 284
- This example configures a subnet based vlan subnet1vlan with priority 6 and a vid of 200 for traffic received from ip subnet 172 6 7 24 284
- Command summary 285
- Hapter 285
- Syslog commands 285
- Reference t z 287
- Command summary 289
- Hapter 289
- Tacacs commands 289
- Command summary 291
- Hapter 291
- Tftp commands 291
- Command summary 293
- Hapter 293
- Trunk commands 293
- Chapter 76 trunk commands 294
- Command examples 294
- Ethernet switch cli reference guide 294
- Table 165 lacp command summary 294
- Table 166 show trunk 294
- The following table describes the labels in this screen 294
- This example activates trunk 1 and places ports 5 8 in the trunk using static link aggregation 294
- This example disables trunk one t1 and removes ports 1 3 4 and 5 from trunk two t2 294
- This example looks at the current trunks 294
- Chapter 76 trunk commands 295
- Ethernet switch cli reference guide 295
- Table 166 show trunk continued 295
- Table 167 show lacp 295
- The following table describes the labels in this screen 295
- This example shows the current lacp settings 295
- Command summary 297
- Hapter 297
- Trtcm commands 297
- Trtcm overview 297
- Chapter 77 trtcm commands 298
- Command examples 298
- Ethernet switch cli reference guide 298
- Sets the switch to inspect the dscp value of packets color aware mode enables trtcm on ports 1 5 sets the committed information rate cir to 4000 kbps sets the peak information rate pir to 4500 kbps specifies dscp value 7 for green packets 22 for yellow packets and 44 for red packets 298
- Table 168 trtcm command summary continued 298
- This example activates trtcm on the switch with the following settings 298
- Chapter 77 trtcm commands 299
- Enable trtcm on the switch enable diffserv on the switch set the switch to inspect the dscp value of packets color aware mode create a trtcm dscp profile with the name abc and set dscp value 1 for green packets 2 for yellow packets 3 for red packets associate the profile abc with port 1 enable trtcm on port 1 enable diffserv on port 1 set the committed information rate cir to 4000 kpbs set the peak information rate pir to 4500 kbps display the settings of this example 299
- Ethernet switch cli reference guide 299
- This examples activates trtcm on the switch with the following settings 299
- Hapter 301
- Vlan commands 301
- Vlan configuration overview 301
- Vlan overview 301
- Command summary 302
- See chapter 29 on page 125 for interface port channel commands 302
- The following section lists the commands for the ingress checking feature 302
- The following section lists the commands for this feature 302
- Vlan ingress checking implementation differs across switch models 302
- Chapter 78 vlan commands 303
- Command examples 303
- Ethernet switch cli reference guide 303
- Some models enable or disable vlan ingress checking on all the ports via the vlan1q ingress check command other models enable or disable vlan ingress checking on each port individually via the ingress check command in the config interface mode 303
- Table 170 vlan1q ingress check command summary 303
- Table 171 ingress check command summary 303
- This example configures ports 1 to 5 as fixed and untagged ports in vlan 2000 303
- This example deletes entry 2 in the static vlan table 303
- This example shows the vlan table 303
- Chapter 78 vlan commands 304
- Ethernet switch cli reference guide 304
- Table 172 show vlan 304
- The following table describes the labels in this screen 304
- This example enables ingress checking on ports 1 5 304
- Chapter 78 vlan commands 305
- Ethernet switch cli reference guide 305
- Table 173 show vlan counters 305
- The following table describes the labels in this screen 305
- This example displays concurrent incoming packet statistics for vlan 1 305
- Chapter 78 vlan commands 306
- Ethernet switch cli reference guide 306
- Table 173 show vlan counters continued 306
- Command summary 307
- Hapter 307
- Ip interfaces overview 307
- Vlan ip commands 307
- Chapter 79 vlan ip commands 308
- Command examples 308
- Ethernet switch cli reference guide 308
- See section 3 on page 24 for an example of how to configure a vlan management ip address using ipv4 see chapter 33 on page 146 for ipv6 vlan commands 308
- Table 174 vlan ip address command summary continued 308
- Command summary 309
- Hapter 309
- Vlan mapping commands 309
- Chapter 80 vlan mapping commands 310
- Command examples 310
- Ethernet switch cli reference guide 310
- This example enables vlan mapping on port 4 310
- This example enables vlan mapping on the switch and creates a vlan mapping rule to translate the vlan id from 123 to 234 in the packets received on port 4 310
- Command summary 311
- Hapter 311
- Vlan port isolation commands 311
- Command summary 313
- Hapter 313
- Vlan stacking commands 313
- A 37 24 314
- B 48 24 314
- Chapter 82 vlan stacking commands 314
- Command examples 314
- Customer a customer a 314
- Customer b customer b 314
- Ethernet switch cli reference guide 314
- Figure 10 example vlan stacking 314
- In the following example figure both a and b are service provider s network spn customers with vpn tunnels between their head offices and branch offices respectively both have an identical vlan tag for their vlan group the service provider can separate these two vlans within its network by adding tag 37 to distinguish customer a and tag 48 to distinguish customer b at edge device x and then stripping those tags at edge device y as the data frames leave the network 314
- Table 177 vlan stacking command summary continued 314
- Vlan 24 vlan 24 314
- Chapter 82 vlan stacking commands 315
- Ethernet switch cli reference guide 315
- This example shows how to configure ports 1 and 2 on the switch to tag incoming frames with the service provider s vid of 37 ports are connected to customer a network this example also shows how to set the priority for ports 1 and 2 to 3 315
- Command summary 317
- Hapter 317
- Vlan trunking commands 317
- Command summary 319
- Hapter 319
- Vrrp commands 319
- Vrrp overview 319
- Chapter 84 vrrp commands 320
- Command examples 320
- Ethernet 320
- Ethernet switch cli reference guide 320
- Figure 11 example vrrp 320
- Table 179 vrrp command summary continued 320
- The following figure shows a vrrp network example with the switches a and b implementing one virtual router vr1 to ensure the link between the host x and the uplink gateway g host x is configured to use vr1 192 68 54 as the default gateway switch a has a higher priority so it is the master router switch b having a lower priority is the backup router 320
- Chapter 84 vrrp commands 321
- Ethernet switch cli reference guide 321
- This example shows how to create the ip routing domains and configure the switch to act as router a in the topology shown in figure 11 on page 320 321
- Chapter 84 vrrp commands 322
- Ethernet switch cli reference guide 322
- This example shows how to create the ip routing domains and configure the switch to act as router b in the topology shown in figure 11 on page 320 322
- Additional commands 323
- Command summary 323
- Hapter 323
- Chapter 85 additional commands 324
- Ethernet switch cli reference guide 324
- Table 181 command summary additional enable mode continued 324
- Chapter 85 additional commands 325
- Command examples 325
- Ethernet switch cli reference guide 325
- Table 181 command summary additional enable mode continued 325
- Table 182 command summary additional configure mode 325
- This example checks the cable pairs on port 7 325
- Chapter 85 additional commands 326
- Ethernet switch cli reference guide 326
- Table 183 ping 326
- Table 184 show alarm status 326
- The following table describes the labels in this screen 326
- This example sends ping requests to an ethernet device with ip address 172 6 7 54 326
- This example shows the current status of the various alarms in the switch 326
- Chapter 85 additional commands 327
- Ethernet switch cli reference guide 327
- Table 184 show alarm status continued 327
- Table 185 show cpu utilization 327
- The following table describes the labels in this screen 327
- This example shows the current and recent cpu utilization 327
- Chapter 85 additional commands 328
- Ethernet switch cli reference guide 328
- Table 186 show hardware monitor 328
- The following table describes the labels in this screen 328
- This example looks at the current sensor readings from various places in the hardware 328
- Chapter 85 additional commands 329
- Ethernet switch cli reference guide 329
- Table 186 show hardware monitor continued 329
- Table 187 show multicast vlan 329
- Table 188 show poe status 329
- The following table describes the labels in this screen 329
- This example displays multicast vlan configuration on the 329
- This example shows the current status of power over ethernet 329
- Chapter 85 additional commands 330
- Ethernet switch cli reference guide 330
- Note if the management mode is set to consumption this field shows na 330
- Note the switch must have at least 16 w of remaining power in order to supply power to a poe device even if the poe device requested less than 16 w 330
- Table 188 show poe status continued 330
- Table 189 show system information 330
- The following table describes the labels in this screen 330
- This example looks at general system information about the switch 330
- Chapter 85 additional commands 331
- Ethernet switch cli reference guide 331
- For temperature voltage transmission bias transmission and receiving power as shown 331
- This example displays run time sfp small form facter pluggable parameters on port 21 on the 331
- This example displays run time sfp small form facter pluggable parameters on ports 9 the first sfp port 0 with an sfp transceiver installed and 10 the second sfp port 1 no sfp transceiver installed on the 331
- This example displays the firmware version the switch is currently using 331
- You can also see the alarm and warning threasholds 331
- Chapter 85 additional commands 332
- Ethernet switch cli reference guide 332
- This example displays route information to an ethernet device with ip address 332
- This example displays the firmware versions of the dual firmware images 332
- This example runs an internal loopback test on ports 3 6 332
- Appendices and index of commands 333
- Default values 335
- Ppendix 335
- Certifications 337
- Copyright 337
- Legal information 337
- Ppendix 337
- Zyxel limited warranty 338
- Index of commands 341
- Use of undocumented commands or misconfiguration can damage the unit and possibly render it unusable 341
- Ethernet switch cli reference guide 342
- Index of commands 342
- Ethernet switch cli reference guide 343
- Index of commands 343
- Ethernet switch cli reference guide 344
- Index of commands 344
- Ethernet switch cli reference guide 345
- Index of commands 345
- Ethernet switch cli reference guide 346
- Index of commands 346
- Ethernet switch cli reference guide 347
- Index of commands 347
- Ethernet switch cli reference guide 348
- Index of commands 348
- Ethernet switch cli reference guide 349
- Index of commands 349
- Ethernet switch cli reference guide 350
- Index of commands 350
- Ethernet switch cli reference guide 351
- Index of commands 351
- Ethernet switch cli reference guide 352
- Index of commands 352
- Ethernet switch cli reference guide 353
- Index of commands 353
- Ethernet switch cli reference guide 354
- Index of commands 354
- Ethernet switch cli reference guide 355
- Index of commands 355
- Ethernet switch cli reference guide 356
- Index of commands 356
- Ethernet switch cli reference guide 357
- Index of commands 357
- Ethernet switch cli reference guide 358
- Index of commands 358
- Ethernet switch cli reference guide 359
- Index of commands 359
- Ethernet switch cli reference guide 360
- Index of commands 360
- Ethernet switch cli reference guide 361
- Index of commands 361
- Ethernet switch cli reference guide 362
- Index of commands 362
- Ethernet switch cli reference guide 363
- Index of commands 363
Похожие устройства
- Zyxel MES3500-24 Инструкция по эксплуатации
- Zyxel MES3500-24 Технические характеристики
- Zyxel MES3500-24 Прошивка Микропрограмма
- Zyxel MES3500-24 DC Инструкция по эксплуатации
- Zyxel MES3500-24F Инструкция по эксплуатации
- Zyxel MES3500-24F Технические характеристики
- Zyxel MES3500-24F Справочник командного интерфейса
- Zyxel MGS3520-28 Инструкция по эксплуатации
- Zyxel MGS3520-28 Технические характеристики
- Zyxel MGS3520-28 Справочник командного интерфейса
- Zyxel MGS3520-28F Инструкция по эксплуатации
- Zyxel MGS3520-28F Справочник командного интерфейса
- Zyxel MGS3520-28F Технические характеристики
- Zyxel MGS3520-50 Инструкция по эксплуатации
- Zyxel MGS3520-50 Технические характеристики
- Zyxel MGS3520-50 Справочник командного интерфейса
- Zyxel MGS-3712F Инструкция по эксплуатации
- Zyxel MGS-3712F Инструкция по установке
- Zyxel MGS-3712F Справочник командного интерфейса
- Zyxel XGS-4728F Инструкция по эксплуатации
Скачать
Случайные обсуждения