USER GUIDE GTL-2691 20 GE + 4 GE Combo SFP + 2 10G Slots L3Managed Stackable SwitchUser Manual
CONTENTS– 10 –Configuring a MAC ACL 365Configuring an ARP ACL 367Binding a Port to an Access Control List 369ARP Inspection 370Configuring Globa
CHAPTER 2 | Initial Switch ConfigurationManaging System Files– 100 –◆ Diagnostic Code — Software that is run during system boot-up, also known as
CHAPTER 31 | Interface CommandsInterface Configuration– 1000 –◆ The 1000BASE-T and 10GBASE-T standard does not support forced mode. Auto-negotiati
CHAPTER 31 | Interface CommandsInterface Configuration– 1001 –EXAMPLE The following example adds a description to port 4.Console(config)#interface
CHAPTER 31 | Interface CommandsInterface Configuration– 1002 –media-type This command forces the port type selected for combination ports 21-24. U
CHAPTER 31 | Interface CommandsInterface Configuration– 1003 –◆ When auto-negotiation is enabled the switch will negotiate the best settings for a
CHAPTER 31 | Interface CommandsInterface Configuration– 1004 –speed-duplex This command configures the speed and duplex mode of a given interface
CHAPTER 31 | Interface CommandsInterface Configuration– 1005 –RELATED COMMANDS negotiation (1002)capabilities (999)switchport mtu This command con
CHAPTER 31 | Interface CommandsInterface Configuration– 1006 –◆ The port MTU size can be displayed with the show show interfaces status command.EX
CHAPTER 31 | Interface CommandsInterface Configuration– 1007 –◆ The rate limits set by this command are also used by automatic storm control when
CHAPTER 31 | Interface CommandsInterface Configuration– 1008 –EXAMPLE The following example clears statistics on port 5.Console#clear counters eth
CHAPTER 31 | Interface CommandsInterface Configuration– 1009 –EXAMPLE Console#show interfaces counters ethernet 1/17Ethernet 1/ 1 ===== IF table S
CHAPTER 2 | Initial Switch ConfigurationManaging System Files– 101 –To restore configuration settings from a backup server, enter the following co
CHAPTER 31 | Interface CommandsInterface Configuration– 1010 –show interfacesstatusThis command displays the status for an interface.SYNTAX show i
CHAPTER 31 | Interface CommandsInterface Configuration– 1011 –show interfacesswitchportThis command displays the administrative and operational st
CHAPTER 31 | Interface CommandsInterface Configuration– 1012 –Table 100: show interfaces switchport - display description Field DescriptionBroadc
CHAPTER 31 | Interface CommandsInterface Configuration– 1013 –show interfacestransceiverThis command displays identifying information for the spec
CHAPTER 31 | Interface CommandsCable Diagnostics– 1014 – Vcc : 0.00 V Bias Current : 43.11 mA TX Power : 6
CHAPTER 31 | Interface CommandsCable Diagnostics– 1015 – Cable Short with accuracy 0 meters. Pair A OK, length 1 meters Pair B OK, length 2 me
CHAPTER 31 | Interface CommandsCable Diagnostics– 1016 –EXAMPLE Console#show cable-diagnostics dsp interface ethernet 1/1Cable Diagnostics on inte
– 1017 –32 LINK AGGREGATION COMMANDSPorts can be statically grouped into an aggregate link (i.e., trunk) to increase the bandwidth of a network conn
CHAPTER 32 | Link Aggregation CommandsManual Configuration Commands– 1018 –◆ All ports in a trunk must be configured in an identical manner, inclu
CHAPTER 32 | Link Aggregation CommandsManual Configuration Commands– 1019 –DEFAULT SETTINGsrc-dst-ipCOMMAND MODEGlobal ConfigurationCOMMAND USAGE◆
CHAPTER 2 | Initial Switch ConfigurationManaging System Files– 102 –
CHAPTER 32 | Link Aggregation CommandsDynamic Configuration Commands– 1020 –channel-group This command adds a port to a trunk. Use the no form to
CHAPTER 32 | Link Aggregation CommandsDynamic Configuration Commands– 1021 –COMMAND USAGE ◆ The ports on both ends of an LACP trunk must be config
CHAPTER 32 | Link Aggregation CommandsDynamic Configuration Commands– 1022 –lacp admin-key(Ethernet Interface)This command configures a port'
CHAPTER 32 | Link Aggregation CommandsDynamic Configuration Commands– 1023 –lacp port-priority This command configures LACP port priority. Use the
CHAPTER 32 | Link Aggregation CommandsDynamic Configuration Commands– 1024 –lacp system-priority This command configures a port's LACP system
CHAPTER 32 | Link Aggregation CommandsTrunk Status Display Commands– 1025 –DEFAULT SETTING 0COMMAND MODE Interface Configuration (Port Channel)COM
CHAPTER 32 | Link Aggregation CommandsTrunk Status Display Commands– 1026 –EXAMPLEConsole#show lacp 1 countersPort Channel: 1---------------------
CHAPTER 32 | Link Aggregation CommandsTrunk Status Display Commands– 1027 –Console#show lacp 1 neighborsPort Channel 1 neighbors------------------
CHAPTER 32 | Link Aggregation CommandsTrunk Status Display Commands– 1028 – Console#show lacp sysidPort Channel System Priority System MAC
– 1029 –33 PORT MIRRORING COMMANDSData can be mirrored from a local port on the same switch or from a remote port on another switch for analysis at
– 103 –SECTION IIWEB CONFIGURATIONThis section describes the basic switch features, along with a detailed description of how to configure each featu
CHAPTER 33 | Port Mirroring CommandsLocal Port Mirroring Commands– 1030 –DEFAULT SETTING ◆ No mirror session is defined. ◆ When enabled for an int
CHAPTER 33 | Port Mirroring CommandsRSPAN Mirroring Commands– 1031 –COMMAND MODE Privileged ExecCOMMAND USAGE This command displays the currently
CHAPTER 33 | Port Mirroring CommandsRSPAN Mirroring Commands– 1032 –3. Use the rspan destination command to specify the destination port for the t
CHAPTER 33 | Port Mirroring CommandsRSPAN Mirroring Commands– 1033 –rspan source Use this command to specify the source port and traffic type to b
CHAPTER 33 | Port Mirroring CommandsRSPAN Mirroring Commands– 1034 –rspan destination Use this command to specify the destination port to monitor
CHAPTER 33 | Port Mirroring CommandsRSPAN Mirroring Commands– 1035 –rspan remote vlan Use this command to specify the RSPAN VLAN, switch role (sou
CHAPTER 33 | Port Mirroring CommandsRSPAN Mirroring Commands– 1036 –dynamically add port members to an RSPAN VLAN. Also, note that the show vlan c
CHAPTER 33 | Port Mirroring CommandsRSPAN Mirroring Commands– 1037 –COMMAND MODE Privileged ExecEXAMPLE Console#show rspan sessionRSPAN Session ID
CHAPTER 33 | Port Mirroring CommandsRSPAN Mirroring Commands– 1038 –
– 1039 –34 RATE LIMIT COMMANDSThis function allows the network manager to control the maximum rate for traffic transmitted or received on an interfa
SECTION II | Web Configuration– 104 –◆ "Multicast Routing" on page 705
CHAPTER 34 | Rate Limit Commands– 1040 –EXAMPLEConsole(config)#interface ethernet 1/1Console(config-if)#rate-limit input 64Console(config-if)#RELA
– 1041 –35 AUTOMATIC TRAFFIC CONTROL COMMANDSAutomatic Traffic Control (ATC) configures bounding thresholds for broadcast and multicast storms which
CHAPTER 35 | Automatic Traffic Control Commands– 1042 –USAGE GUIDELINESATC includes storm control for broadcast or multicast traffic. The control
CHAPTER 35 | Automatic Traffic Control Commands– 1043 –expires. When ingress traffic falls below this threshold, ATC sends a Storm Alarm Clear Tra
CHAPTER 35 | Automatic Traffic Control CommandsThreshold Commands– 1044 –Threshold Commandsauto-traffic-controlapply-timerThis command sets the ti
CHAPTER 35 | Automatic Traffic Control CommandsThreshold Commands– 1045 –seconds - The time at which to release the control response after ingress
CHAPTER 35 | Automatic Traffic Control CommandsThreshold Commands– 1046 –EXAMPLE This example enables automatic storm control for broadcast traffi
CHAPTER 35 | Automatic Traffic Control CommandsThreshold Commands– 1047 –EXAMPLE This example sets the control response for broadcast traffic on p
CHAPTER 35 | Automatic Traffic Control CommandsThreshold Commands– 1048 –EXAMPLE This example sets the clear threshold for automatic storm control
CHAPTER 35 | Automatic Traffic Control CommandsThreshold Commands– 1049 –auto-traffic-controlauto-control-releaseThis command automatically releas
– 105 –3 USING THE WEB INTERFACEThis switch provides an embedded HTTP web agent. Using a web browser you can configure the switch and view statistic
CHAPTER 35 | Automatic Traffic Control CommandsSNMP Trap Commands– 1050 –SNMP Trap Commandssnmp-server enableport-traps atcbroadcast-alarm-clearTh
CHAPTER 35 | Automatic Traffic Control CommandsSNMP Trap Commands– 1051 –snmp-server enableport-traps atcbroadcast-control-applyThis command sends
CHAPTER 35 | Automatic Traffic Control CommandsSNMP Trap Commands– 1052 –snmp-server enableport-traps atcmulticast-alarm-clearThis command sends a
CHAPTER 35 | Automatic Traffic Control CommandsSNMP Trap Commands– 1053 –snmp-server enableport-traps atcmulticast-control-applyThis command sends
CHAPTER 35 | Automatic Traffic Control CommandsATC Display Commands– 1054 –ATC Display Commandsshow auto-traffic-controlThis command shows global
– 1055 –36 ADDRESS TABLE COMMANDSThese commands are used to configure the address table for filtering specified addresses, displaying current entrie
CHAPTER 36 | Address Table Commands– 1056 –EXAMPLE Console(config)#mac-address-table aging-time 100Console(config)#mac-address-tablestaticThis com
CHAPTER 36 | Address Table Commands– 1057 –EXAMPLE Console(config)#mac-address-table static 00-e0-29-94-34-de interface ethernet 1/1 vlan 1 delete
CHAPTER 36 | Address Table Commands– 1058 –COMMAND USAGE ◆ The MAC Address Table contains the MAC addresses associated with each interface. Note t
CHAPTER 36 | Address Table Commands– 1059 –show mac-address-table countThis command shows the number of MAC addresses used and the number of avail
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 106 –forwarding (i.e., enable Admin Edge Port) to improve the switch’s re
CHAPTER 36 | Address Table Commands– 1060 –
– 1061 –37 SPANNING TREE COMMANDSThis section includes commands that configure the Spanning Tree Algorithm (STA) globally for the switch, and comman
CHAPTER 37 | Spanning Tree Commands– 1062 –spanning-tree This command enables the Spanning Tree Algorithm globally for the switch. Use the no form
CHAPTER 37 | Spanning Tree Commands– 1063 –EXAMPLE This example shows how to enable the Spanning Tree Algorithm for the switch:Console(config)#spa
CHAPTER 37 | Spanning Tree Commands– 1064 –DEFAULT SETTING 2 secondsCOMMAND MODE Global ConfigurationCOMMAND USAGE This command sets the time inte
CHAPTER 37 | Spanning Tree Commands– 1065 –RELATED COMMANDSspanning-tree forward-time (1063)spanning-tree hello-time (1063)spanning-tree mode This
CHAPTER 37 | Spanning Tree Commands– 1066 – A spanning tree instance can exist only on bridges that have compatible VLAN instance assignments. Be
CHAPTER 37 | Spanning Tree Commands– 1067 –spanning-treepriorityThis command configures the spanning tree priority globally for this switch. Use t
CHAPTER 37 | Spanning Tree Commands– 1068 –revision (1072)max-hops (1069)spanning-treesystem-bpdu-floodingThis command configures the system to fl
CHAPTER 37 | Spanning Tree Commands– 1069 –COMMAND USAGE This command limits the maximum transmission rate for BPDUs.EXAMPLE Console(config)#spann
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 107 –CONFIGURATIONOPTIONSConfigurable parameters have a dialog box or a d
CHAPTER 37 | Spanning Tree Commands– 1070 –mst priority This command configures the priority of a spanning tree instance. Use the no form to resto
CHAPTER 37 | Spanning Tree Commands– 1071 –COMMAND MODE MST ConfigurationCOMMAND USAGE ◆ Use this command to group VLANs into spanning tree instan
CHAPTER 37 | Spanning Tree Commands– 1072 –EXAMPLE Console(config-mstp)#name R&DConsole(config-mstp)#RELATED COMMANDSrevision (1072)revision T
CHAPTER 37 | Spanning Tree Commands– 1073 –COMMAND USAGE ◆ This command filters all Bridge Protocol Data Units (BPDUs) received on an interface to
CHAPTER 37 | Spanning Tree Commands– 1074 –be manually re-enabled using the no spanning-tree spanning-disabled command.◆ Before enabling BPDU Guar
CHAPTER 37 | Spanning Tree Commands– 1075 – COMMAND MODE Interface Configuration (Ethernet, Port Channel)COMMAND USAGE ◆ This command is used by t
CHAPTER 37 | Spanning Tree Commands– 1076 –devices such as workstations or servers, retains the current forwarding database to reduce the amount o
CHAPTER 37 | Spanning Tree Commands– 1077 –spanning-treeloopback-detectionThis command enables the detection and response to Spanning Tree loopbac
CHAPTER 37 | Spanning Tree Commands– 1078 –command, the selected interface will be automatically enabled when the shutdown interval has expired.◆
CHAPTER 37 | Spanning Tree Commands– 1079 –◆ When configured for manual release mode, then a link down / up event will not release the port from t
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 108 –MAIN MENU Using the onboard web agent, you can define system paramet
CHAPTER 37 | Spanning Tree Commands– 1080 –shown below. Path cost “0” is used to indicate auto-configuration mode. When the short path cost method
CHAPTER 37 | Spanning Tree Commands– 1081 –COMMAND USAGE ◆ This command defines the priority for the use of an interface in the multiple spanning-
CHAPTER 37 | Spanning Tree Commands– 1082 –spanning-tree port-priorityThis command configures the priority for the specified interface. Use the no
CHAPTER 37 | Spanning Tree Commands– 1083 –COMMAND USAGE ◆ A bridge with a lower bridge identifier (or same identifier and lower MAC address) can
CHAPTER 37 | Spanning Tree Commands– 1084 –spanning-treetc-prop-stopThis command stops propagating topology changes on an interface. Use the no fo
CHAPTER 37 | Spanning Tree Commands– 1085 –EXAMPLE Console#spanning-tree loopback-detection release ethernet 1/1Console#spanning-treeprotocol-migr
CHAPTER 37 | Spanning Tree Commands– 1086 –show spanning-tree This command shows the configuration for the common spanning tree (CST) or for an in
CHAPTER 37 | Spanning Tree Commands– 1087 –EXAMPLEThis example shows a full listing of global and interface settings for the spanning tree.Console
CHAPTER 37 | Spanning Tree Commands– 1088 –This example shows a brief summary of global and interface setting for the spanning tree.Console#show s
– 1089 –38 ERPS COMMANDSThe G.8032 recommendation, also referred to as Ethernet Ring Protection Switching (ERPS), can be used to increase the availa
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 109 –Configure by Port Range Configures connection settings for a range o
CHAPTER 38 | ERPS Commands– 1090 –Configuration Guidelines for ERPS1. Create an ERPS ring: Create a ring using the erps domain command. The ring n
CHAPTER 38 | ERPS Commands– 1091 –erps This command enables ERPS on the switch. Use the no form to disable this feature. SYNTAX [no] erpsDEFAULT S
CHAPTER 38 | ERPS Commands– 1092 –control-vlan This command specifies a dedicated VLAN used for sending and receiving ERPS protocol messages. Use
CHAPTER 38 | ERPS Commands– 1093 –enable This command activates the current ERPS ring. Use the no form to disable the current ring. SYNTAX [no
CHAPTER 38 | ERPS Commands– 1094 –COMMAND USAGE The guard timer duration should be greater than the maximum expected forwarding delay for an R-APS
CHAPTER 38 | ERPS Commands– 1095 –major-domain This command specifies the ERPS ring used for sending control packets. Use the no form to remove th
CHAPTER 38 | ERPS Commands– 1096 –COMMAND USAGE ◆ This parameter is used to ensure that received R-APS PDUs are directed for this ring. A unique l
CHAPTER 38 | ERPS Commands– 1097 –more information on how ERPS recovers from a node failure, refer to "Ethernet Ring Protection Switching&quo
CHAPTER 38 | ERPS Commands– 1098 –non-erps-dev-protectThis command sends non-standard health-check packets when an owner node enters protection st
CHAPTER 38 | ERPS Commands– 1099 –EXAMPLE Console(config-erps)#non-erps-dev-protectConsole(config-erps)#propagate-tc This command enables propagat
CONTENTS– 11 –Simple Network Management Protocol 426Configuring Global Settings for SNMP 428Setting the Local Engine ID 429Specifying a Remote E
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 110 –Statistics Shows Interface, Etherlike, RMON and Utilization trunk st
CHAPTER 38 | ERPS Commands– 1100 –ring-port This command configures a node’s connection to the ring through the east or west interface. Use the no
CHAPTER 38 | ERPS Commands– 1101 –rpl owner This command configures a ring node to be the Ring Protection Link (RPL) owner or a non-owner. SYNTAX
CHAPTER 38 | ERPS Commands– 1102 –EXAMPLE Console(config-erps)#wtr-timer 10Console(config-erps)#clear erps statistics This command clears statisti
CHAPTER 38 | ERPS Commands– 1103 –This example displays detailed information for the specified ERPS ring. Console#show erps domain rd1Domain Nam
CHAPTER 38 | ERPS Commands– 1104 –This example displays statistics for the specified ring. Console#show erps statistics domain rdERPS statistics f
CHAPTER 38 | ERPS Commands– 1105 –show erps statistics This command displays statistics for ERPS protocol messages for all configured rings, or fo
CHAPTER 38 | ERPS Commands– 1106 –
– 1107 –39 VLAN COMMANDSA VLAN is a group of ports that can be located anywhere in the network, but communicate as though they belong to the same ph
CHAPTER 39 | VLAN CommandsGVRP and Bridge Extension Commands– 1108 –GVRP AND BRIDGE EXTENSION COMMANDSGARP VLAN Registration Protocol defines a wa
CHAPTER 39 | VLAN CommandsGVRP and Bridge Extension Commands– 1109 –garp timer This command sets the values for the join, leave and leaveall timer
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 111 –ProtocolConfigure ProtocolAdd Creates a protocol group, specifying s
CHAPTER 39 | VLAN CommandsGVRP and Bridge Extension Commands– 1110 –switchportforbidden vlanThis command configures forbidden VLANs. Use the no fo
CHAPTER 39 | VLAN CommandsGVRP and Bridge Extension Commands– 1111 –COMMAND USAGE GVRP cannot be enabled for ports set to Access mode using the sw
CHAPTER 39 | VLAN CommandsGVRP and Bridge Extension Commands– 1112 –COMMAND MODE Normal Exec, Privileged ExecEXAMPLE Console#show garp timer ether
CHAPTER 39 | VLAN CommandsEditing VLAN Groups– 1113 –EDITING VLAN GROUPSvlan database This command enters VLAN database mode. All commands in this
CHAPTER 39 | VLAN CommandsEditing VLAN Groups– 1114 –vlan This command configures a VLAN. Use the no form to restore the default settings or delet
CHAPTER 39 | VLAN CommandsConfiguring VLAN Interfaces– 1115 –EXAMPLE The following example adds a VLAN, using VLAN ID 105 and name RD5. The VLAN i
CHAPTER 39 | VLAN CommandsConfiguring VLAN Interfaces– 1116 –COMMAND USAGE ◆ Creating a “normal” VLAN with the vlan command initializes it as a La
CHAPTER 39 | VLAN CommandsConfiguring VLAN Interfaces– 1117 –EXAMPLE The following example shows how to restrict the traffic received on port 1 to
CHAPTER 39 | VLAN CommandsConfiguring VLAN Interfaces– 1118 –◆ If a VLAN on the forbidden list for an interface is manually added to that interfac
CHAPTER 39 | VLAN CommandsConfiguring VLAN Interfaces– 1119 –switchport mode This command configures the VLAN membership mode for a port. Use the
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 112 –Modify Modify priority for an MST instance 258Add Member Adds VLAN m
CHAPTER 39 | VLAN CommandsConfiguring VLAN Interfaces– 1120 –switchport nativevlanThis command configures the PVID (i.e., default VLAN ID) for a p
CHAPTER 39 | VLAN CommandsConfiguring VLAN Interfaces– 1121 –The following figure shows VLANs 1 and 2 configured on switches A and B, with VLAN tr
CHAPTER 39 | VLAN CommandsDisplaying VLAN Information– 1122 –DISPLAYING VLAN INFORMATIONThis section describes commands used to display VLAN infor
CHAPTER 39 | VLAN CommandsConfiguring IEEE 802.1Q Tunneling– 1123 –Console#CONFIGURING IEEE 802.1Q TUNNELINGIEEE 802.1Q tunneling (QinQ tunneling)
CHAPTER 39 | VLAN CommandsConfiguring IEEE 802.1Q Tunneling– 1124 –7. Configure the QinQ tunnel uplink port to dot1Q-tunnel uplink mode (switchpor
CHAPTER 39 | VLAN CommandsConfiguring IEEE 802.1Q Tunneling– 1125 –switchport dot1q-tunnel modeThis command configures an interface as a QinQ tunn
CHAPTER 39 | VLAN CommandsConfiguring IEEE 802.1Q Tunneling– 1126 –switchport dot1q-tunnel servicematch cvidThis command creates a CVLAN to SPVLAN
CHAPTER 39 | VLAN CommandsConfiguring IEEE 802.1Q Tunneling– 1127 –EXAMPLEThis example sets the SVID to 99 in the outer tag for egress packets exi
CHAPTER 39 | VLAN CommandsConfiguring IEEE 802.1Q Tunneling– 1128 –7. Verify configuration settings.Console#show dot1q-tunnel service802.1Q Tunnel
CHAPTER 39 | VLAN CommandsConfiguring IEEE 802.1Q Tunneling– 1129 –◆ The specified ethertype only applies to ports configured in Uplink mode using
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 113 –VoIP Voice over IP 303Configure Global Configures auto-detection of
CHAPTER 39 | VLAN CommandsConfiguring Port-based Traffic Segmentation– 1130 –Console#show dot1q-tunnel service 100802.1Q Tunnel Service Subscripti
CHAPTER 39 | VLAN CommandsConfiguring Port-based Traffic Segmentation– 1131 –COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ Traffic segmentation
CHAPTER 39 | VLAN CommandsConfiguring Port-based Traffic Segmentation– 1132 –traffic-segmentationsessionThis command creates a traffic-segmentatio
CHAPTER 39 | VLAN CommandsConfiguring Port-based Traffic Segmentation– 1133 –COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ A port cannot be con
CHAPTER 39 | VLAN CommandsConfiguring Private VLANs– 1134 –EXAMPLEThis example enables forwarding of traffic between uplink ports assigned to diff
CHAPTER 39 | VLAN CommandsConfiguring Private VLANs– 1135 – To configure private VLANs, follow these steps:1. Use the private-vlan command to desi
CHAPTER 39 | VLAN CommandsConfiguring Private VLANs– 1136 –private-vlan Use this command to create a primary or community private VLAN. Use the no
CHAPTER 39 | VLAN CommandsConfiguring Private VLANs– 1137 –private vlanassociationUse this command to associate a primary VLAN with a secondary (i
CHAPTER 39 | VLAN CommandsConfiguring Private VLANs– 1138 –COMMAND MODE Interface Configuration (Ethernet, Port Channel) COMMAND USAGETo assign a
CHAPTER 39 | VLAN CommandsConfiguring Private VLANs– 1139 –switchport private-vlan mappingUse this command to map an interface to a primary VLAN.
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 114 –User Accounts 325Add Configures user names, passwords, and access le
CHAPTER 39 | VLAN CommandsConfiguring Protocol-based VLANs– 1140 –EXAMPLEConsole#show vlan private-vlanPrimary Secondary Type Interf
CHAPTER 39 | VLAN CommandsConfiguring Protocol-based VLANs– 1141 –protocol-vlanprotocol-group(Configuring Groups)This command creates a protocol g
CHAPTER 39 | VLAN CommandsConfiguring Protocol-based VLANs– 1142 –COMMAND MODE Interface Configuration (Ethernet, Port Channel)COMMAND USAGE ◆ Whe
CHAPTER 39 | VLAN CommandsConfiguring Protocol-based VLANs– 1143 –EXAMPLE This shows protocol group 1 configured for IP over Ethernet:Console#show
CHAPTER 39 | VLAN CommandsConfiguring IP Subnet VLANs– 1144 –CONFIGURING IP SUBNET VLANSWhen using IEEE 802.1Q port-based VLAN classification, all
CHAPTER 39 | VLAN CommandsConfiguring IP Subnet VLANs– 1145 –is found, the corresponding VLAN ID is assigned to the frame. If no mapping is found,
CHAPTER 39 | VLAN CommandsConfiguring MAC Based VLANs– 1146 –CONFIGURING MAC BASED VLANSWhen using IEEE 802.1Q port-based VLAN classification, all
CHAPTER 39 | VLAN CommandsConfiguring Voice VLANs– 1147 –◆ When MAC-based, IP subnet-based, and protocol-based VLANs are supported concurrently, p
CHAPTER 39 | VLAN CommandsConfiguring Voice VLANs– 1148 –voice vlan This command enables VoIP traffic detection and defines the Voice VLAN ID. Use
CHAPTER 39 | VLAN CommandsConfiguring Voice VLANs– 1149 –voice vlan aging This command sets the Voice VLAN ID time out. Use the no form to restore
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 115 –Add Rule 352Absolute Sets exact time or time range 352Periodic Sets
CHAPTER 39 | VLAN CommandsConfiguring Voice VLANs– 1150 –description - User-defined text that identifies the VoIP devices. (Range: 1-32 characters
CHAPTER 39 | VLAN CommandsConfiguring Voice VLANs– 1151 –COMMAND USAGEWhen auto is selected, you must select the method to use for detecting VoIP
CHAPTER 39 | VLAN CommandsConfiguring Voice VLANs– 1152 –switchport voicevlan ruleThis command selects a method for detecting VoIP traffic on a po
CHAPTER 39 | VLAN CommandsConfiguring Voice VLANs– 1153 –COMMAND USAGE◆ Security filtering discards any non-VoIP packets received on the port that
CHAPTER 39 | VLAN CommandsConfiguring Voice VLANs– 1154 –Eth 1/10 Disabled Disabled OUI 6 NAConsole#show voice vlan ouiOUI Address
– 1155 –40 CLASS OF SERVICE COMMANDSThe commands described in this section allow you to specify which data packets have greater precedence when traf
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 2)– 1156 –queue cos-map This command assigns class of service (CoS) values to the p
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 2)– 1157 –RELATED COMMANDS show queue cos-map (1160)queue mode This command sets th
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 2)– 1158 –◆ A weight can be assigned to each of the weighted queues (and thereby to
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 2)– 1159 –EXAMPLE The following example shows how to assign round-robin weights of
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 116 –Administration 405Log 405System 405Configure Global Stores error mes
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 2)– 1160 –EXAMPLE The following example shows how to set a default priority on port
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 2)– 1161 –COMMAND MODE Privileged ExecEXAMPLE Console#show queue mode ethernet 1/1U
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 3 and 4)– 1162 –PRIORITY COMMANDS (LAYER 3 AND 4)This section describes commands us
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 3 and 4)– 1163 –map ip port (GlobalConfiguration)This command enables IP port mappi
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 3 and 4)– 1164 –EXAMPLE The following example shows how to enable IP precedence map
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 3 and 4)– 1165 –EXAMPLE The following example shows how to map IP DSCP value 1 to C
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 3 and 4)– 1166 –map ip precedence(InterfaceConfiguration)This command sets IP prece
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 3 and 4)– 1167 –show map ip dscp This command shows the IP DSCP priority map.SYNTAX
CHAPTER 40 | Class of Service CommandsPriority Commands (Layer 3 and 4)– 1168 –EXAMPLE The following shows that HTTP traffic has been mapped to Co
– 1169 –41 QUALITY OF SERVICE COMMANDSThe commands described in this section are used to configure Differentiated Services (DiffServ) classification
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 117 –Show Community Shows community strings and access mode 439Add SNMPv3
CHAPTER 41 | Quality of Service Commands– 1170 –To create a service policy for a specific category of ingress traffic, follow these steps:1. Use t
CHAPTER 41 | Quality of Service Commands– 1171 –COMMAND USAGE ◆ First enter this command to designate a class map and enter the Class Map configur
CHAPTER 41 | Quality of Service Commands– 1172 –match This command defines the criteria used to classify traffic. Use the no form to delete the ma
CHAPTER 41 | Quality of Service Commands– 1173 –This example creates a class map call “rd-class#2,” and sets it to match packets marked for IP Pre
CHAPTER 41 | Quality of Service Commands– 1174 –COMMAND USAGE ◆ Use the policy-map command to specify the name of the policy map, and then use the
CHAPTER 41 | Quality of Service Commands– 1175 –◆ Up to 16 classes can be included in a policy map.EXAMPLE This example creates a policy called “r
CHAPTER 41 | Quality of Service Commands– 1176 –◆ Policing is based on a token bucket, where bucket depth (i.e., the maximum burst before the buck
CHAPTER 41 | Quality of Service Commands– 1177 –committed-rate - Committed information rate (CIR) in kilobits per second. (Range: 1-1000000 kbps o
CHAPTER 41 | Quality of Service Commands– 1178 –The token buckets C and E are initially full, that is, the token count Tc(0) = BC and the token co
CHAPTER 41 | Quality of Service Commands– 1179 –police trtcm-color This command defines an enforcer for classified traffic based on a two rate thr
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 118 –Configure Details Configures ring parameters 468CFM Connectivity Fa
CHAPTER 41 | Quality of Service Commands– 1180 –Rate (CIR) and Peak Information Rate (PIR), and their associated burst sizes - Committed Burst Siz
CHAPTER 41 | Quality of Service Commands– 1181 –EXAMPLE This example creates a policy called “rd-policy,” uses the class command to specify the pr
CHAPTER 41 | Quality of Service Commands– 1182 –EXAMPLE This example creates a policy called “rd-policy,” uses the class command to specify the pr
CHAPTER 41 | Quality of Service Commands– 1183 –show class-map This command displays the QoS class maps which define matching criteria used for cl
CHAPTER 41 | Quality of Service Commands– 1184 –EXAMPLEConsole#show policy-map Policy Map rd-policyDescription: class rd-class set cos 3 Console#
– 1185 –42 MULTICAST FILTERING COMMANDSThis switch uses IGMP (Internet Group Management Protocol) to check for any attached hosts that want to recei
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1186 –IGMP SNOOPINGThis section describes commands used to configure IGMP snooping on the
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1187 –ip igmp snooping This command enables IGMP snooping globally on the switch or on a s
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1188 –ip igmp snoopingproxy-reportingThis command enables IGMP Snooping with Proxy Reporti
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1189 –COMMAND USAGE ◆ IGMP snooping querier is not supported for IGMPv3 snooping (see ip i
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 119 –Show Fault Notification Generator Displays configuration settings fo
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1190 –ip igmp snoopingrouter-port-expire-timeThis command configures the querier timeout.
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1191 –◆ If a topology change notification (TCN) is received, and all the uplink ports are
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1192 –tree change occurred. When an upstream multicast router receives this solicitation,
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1193 –DEFAULT SETTING 400 seconds COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ When a
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1194 –EXAMPLE The following configures the global setting for IGMP snooping to version 1.C
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1195 –COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ By default, general query messages
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1196 –EXAMPLE The following shows how to enable immediate leave.Console(config)#ip igmp sn
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1197 –DEFAULT SETTING 10 (1 second) COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ When
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1198 –◆ Advertisements are sent by routers to advertise that IP multicast forwarding is en
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1199 –To resolve this problem, the source address in proxied IGMP query and report message
CONTENTS– 12 –Displaying Fault Notification Settings 508Displaying Continuity Check Errors 50915 MULTICAST FILTERING 511Overview 511IGMP Protoco
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 120 –Configure Detail Configure detailed settings, such as advertisement
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1200 –downstream hosts, all receivers build an IGMP report for the multicast groups they h
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1201 –ip igmp snoopingvlan staticThis command adds a port to a multicast group. Use the no
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1202 –COMMAND USAGE This command displays global and VLAN-specific IGMP configuration sett
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1203 –igmpsnp - Display only entries learned through IGMP snooping. sort-by-port - Display
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1204 –COMMAND MODE Privileged ExecEXAMPLE The following shows IGMP protocol statistics inp
CHAPTER 42 | Multicast Filtering CommandsIGMP Snooping– 1205 –The following shows IGMP query-related statistics for VLAN 1:Console#show ip igmp sn
CHAPTER 42 | Multicast Filtering CommandsStatic Multicast Routing– 1206 –STATIC MULTICAST ROUTINGThis section describes commands used to configure
CHAPTER 42 | Multicast Filtering CommandsStatic Multicast Routing– 1207 –EXAMPLE The following shows how to configure port 11 as a multicast route
CHAPTER 42 | Multicast Filtering CommandsIGMP Filtering and Throttling– 1208 –IGMP FILTERING AND THROTTLINGIn certain switch applications, the adm
CHAPTER 42 | Multicast Filtering CommandsIGMP Filtering and Throttling– 1209 –COMMAND USAGE◆ IGMP filtering enables you to assign a profile to a s
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 121 –Configure Global Enables DHCP snooping globally, MAC-address verific
CHAPTER 42 | Multicast Filtering CommandsIGMP Filtering and Throttling– 1210 –permit, deny This command sets the access mode for an IGMP filter pr
CHAPTER 42 | Multicast Filtering CommandsIGMP Filtering and Throttling– 1211 –EXAMPLE Console(config)#ip igmp profile 19Console(config-igmp-profil
CHAPTER 42 | Multicast Filtering CommandsIGMP Filtering and Throttling– 1212 –DEFAULT SETTING 1024COMMAND MODE Interface Configuration (Ethernet)C
CHAPTER 42 | Multicast Filtering CommandsIGMP Filtering and Throttling– 1213 –EXAMPLE Console(config)#interface ethernet 1/1Console(config-if)#ip
CHAPTER 42 | Multicast Filtering CommandsIGMP Filtering and Throttling– 1214 –EXAMPLE Console(config)#interface ethernet 1/1Console(config-if)#ip
CHAPTER 42 | Multicast Filtering CommandsIGMP Filtering and Throttling– 1215 –EXAMPLE Console#show ip igmp profileIGMP Profile 19IGMP Profile 50Co
CHAPTER 42 | Multicast Filtering CommandsIGMP Filtering and Throttling– 1216 –show ip igmpthrottle interfaceThis command displays the interface se
CHAPTER 42 | Multicast Filtering CommandsMLD Snooping– 1217 –COMMAND MODE Privileged ExecCOMMAND USAGE Using this command without specifying an in
CHAPTER 42 | Multicast Filtering CommandsMLD Snooping– 1218 –ipv6 mld snooping This command enables MLD Snooping globally on the switch. Use the n
CHAPTER 42 | Multicast Filtering CommandsMLD Snooping– 1219 –COMMAND USAGE ◆ If enabled, the switch will serve as querier if elected. The querier
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 122 –Show Static Multicast Router Displays ports statically configured as
CHAPTER 42 | Multicast Filtering CommandsMLD Snooping– 1220 –ipv6 mld snoopingquery-max-response-timeThis command configures the maximum response
CHAPTER 42 | Multicast Filtering CommandsMLD Snooping– 1221 –EXAMPLE Console(config)#ipv6 mld snooping robustness 2Console(config)#ipv6 mld snoopi
CHAPTER 42 | Multicast Filtering CommandsMLD Snooping– 1222 –COMMAND MODEGlobal ConfigurationCOMMAND USAGE◆ When set to “flood,” any received IPv6
CHAPTER 42 | Multicast Filtering CommandsMLD Snooping– 1223 –port-channel channel-id (Range: 1-32) DEFAULT SETTING No static multicast router port
CHAPTER 42 | Multicast Filtering CommandsMLD Snooping– 1224 –EXAMPLEConsole(config)#ipv6 mld snooping vlan 1 static FF00:0:0:0:0:0:0:10C ethernet
CHAPTER 42 | Multicast Filtering CommandsMLD Snooping– 1225 –EXAMPLE The following shows MLD Snooping configuration informationConsole#show ipv6 m
CHAPTER 42 | Multicast Filtering CommandsMLD Snooping– 1226 –EXAMPLE The following shows MLD Snooping group mapping information:Console#show ipv6
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1227 –MVR FOR IPV4This section describes commands used to configure Multicast VLAN Registra
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1228 –mvr This command enables Multicast VLAN Registration (MVR) globally on the switch. Us
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1229 –EXAMPLE The following an MVR group address profile to domain 1:Console(config)#mvr do
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 123 –Show Current Member Shows multicast addresses associated with the se
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1230 –DEFAULT SETTING No profiles are definedCOMMAND MODE Global ConfigurationCOMMAND USAGE
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1231 –EXAMPLE This example sets the proxy query interval for MVR proxy switching.Console(co
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1232 –EXAMPLE The following example enable MVR proxy switching.Console(config)#mvr proxy-sw
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1233 –mvr source-port-mode dynamicThis command configures the switch to only forward multic
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1234 –COMMAND MODE Global ConfigurationEXAMPLE Console(config)#mvr domain 1 upstream-source
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1235 –mvr immediate-leaveThis command causes the switch to immediately remove an interface
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1236 –mvr type This command configures an interface as an MVR receiver or source port. Use
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1237 –mvr vlan group This command statically binds a multicast group to a port which will r
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1238 –show mvr This command shows information about MVR domain settings, including MVR oper
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1239 –show mvrassociated-profileThis command shows the profiles bound the specified domain.
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 124 –Show VLAN Statistics Shows statistics for protocol messages and numb
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1240 –Console#show mvr members This command shows information about the current number of e
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1241 –EXAMPLE The following shows information about the number of multicast forwarding entr
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1242 –show mvr profile This command shows all configured MVR profiles.COMMAND MODE Privileg
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1243 –EXAMPLE The following shows MVR protocol-related statistics received:Console#show mvr
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv4– 1244 –The following shows MVR query-related statistics:Console#show mvr domain 1 statistics
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1245 –MVR FOR IPV6This section describes commands used to configure Multicast VLAN Registra
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1246 –mvr6 associated-profileThis command binds the MVR group addresses specified in a prof
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1247 –EXAMPLE The following example enables MVR for domain 1:Console(config)#mvr6 domain 1C
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1248 –mvr6 proxy-query-intervalThis command configures the interval at which the receiver p
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1249 –◆ Receiver ports are known as downstream or router interfaces. These interfaces perfo
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 125 –Reset Statistics Clears statistics for RIP protocol messages 668OSPF
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1250 –COMMAND USAGE ◆ This command sets the number of times report messages are sent upstre
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1251 –mvr6 upstream-source-ipThis command configures the source IPv6 address assigned to al
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1252 –COMMAND MODE Global ConfigurationCOMMAND USAGE MVR source ports can be configured as
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1253 –EXAMPLE The following enables immediate leave on a receiver port.Console(config)#inte
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1254 –EXAMPLE The following configures one source port and several receiver ports on the sw
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1255 –EXAMPLE The following statically assigns a multicast group to a receiver port:Console
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1256 –show mvr6associated-profileThis command shows the profiles bound the specified domain
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1257 –COMMAND MODE Privileged ExecEXAMPLE The following displays information about the inte
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1258 –EXAMPLE The following shows information about the number of multicast forwarding entr
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1259 –show mvr6 profile This command shows all configured MVR profiles.COMMAND MODE Privile
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 126 –Virtual Link 697Add Configures a virtual link through a transit area
CHAPTER 42 | Multicast Filtering CommandsMVR for IPv6– 1260 – Eth 1/ 2 12 15 8 3 5 19 4 VLAN
CHAPTER 42 | Multicast Filtering CommandsIGMP (Layer 3)– 1261 – Specific Query Sent : 0 Number of Reports Sent : 2 Number of Leaves S
CHAPTER 42 | Multicast Filtering CommandsIGMP (Layer 3)– 1262 –EXAMPLEConsole(config)#interface vlan 1Console(config-if)#ip igmpConsole(config-if)
CHAPTER 42 | Multicast Filtering CommandsIGMP (Layer 3)– 1263 –EXAMPLE Console(config)#interface vlan 1Console(config-if)#ip igmp last-member-quer
CHAPTER 42 | Multicast Filtering CommandsIGMP (Layer 3)– 1264 –ip igmp query-intervalThis command configures the frequency at which host query mes
CHAPTER 42 | Multicast Filtering CommandsIGMP (Layer 3)– 1265 –COMMAND MODE Interface Configuration (VLAN)COMMAND USAGE ◆ The robustness value is
CHAPTER 42 | Multicast Filtering CommandsIGMP (Layer 3)– 1266 –request to join the multicast group will also fail if the next node up the reverse
CHAPTER 42 | Multicast Filtering CommandsIGMP (Layer 3)– 1267 –If there are Version 1 hosts present for a particular group, the switch will ignore
CHAPTER 42 | Multicast Filtering CommandsIGMP (Layer 3)– 1268 –COMMAND MODE Privileged ExecCOMMAND USAGE To display information about multicast gr
CHAPTER 42 | Multicast Filtering CommandsIGMP (Layer 3)– 1269 –The following shows the information displayed in a detailed listing for a dynamical
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 127 – Show Shows the static addresses configured for each RP and the asso
CHAPTER 42 | Multicast Filtering CommandsIGMP Proxy Routing– 1270 –show ip igmpinterfaceThis command shows multicast information for the specified
CHAPTER 42 | Multicast Filtering CommandsIGMP Proxy Routing– 1271 –To enable IGMP proxy service, follow these steps:1. Use the ip multicast-routin
CHAPTER 42 | Multicast Filtering CommandsIGMP Proxy Routing– 1272 –◆ Only one upstream interface is supported on the system.◆ A maximum of 1024 mu
CHAPTER 42 | Multicast Filtering CommandsMLD (Layer 3)– 1273 –MLD (LAYER 3)This section describes commands used to configure Layer 3 Multicast Lis
CHAPTER 42 | Multicast Filtering CommandsMLD (Layer 3)– 1274 – Query Interval : 125 sec Query Max Response Time : 10 s
CHAPTER 42 | Multicast Filtering CommandsMLD (Layer 3)– 1275 –ipv6 mld max-resp-intervalThis command configures the maximum response time advertis
CHAPTER 42 | Multicast Filtering CommandsMLD (Layer 3)– 1276 –COMMAND MODE Interface Configuration (VLAN)COMMAND USAGE ◆ Multicast routers send ho
CHAPTER 42 | Multicast Filtering CommandsMLD (Layer 3)– 1277 –the robustness value is set to zero, meaning that this device will not advertise a Q
CHAPTER 42 | Multicast Filtering CommandsMLD (Layer 3)– 1278 –EXAMPLE The following example assigns VLAN 1 as a static member of the specified mul
CHAPTER 42 | Multicast Filtering CommandsMLD (Layer 3)– 1279 –clear ipv6 mld group This command deletes entries from the MLD cache. SYNTAX clear i
CHAPTER 3 | Using the Web InterfaceNavigating the Web Browser Interface– 128 –
CHAPTER 42 | Multicast Filtering CommandsMLD (Layer 3)– 1280 –command, and multicast routing must be enabled globally on the system using the ip m
CHAPTER 42 | Multicast Filtering CommandsMLD Proxy Routing– 1281 –show ipv6 mldinterfaceThis command shows multicast information for the specified
CHAPTER 42 | Multicast Filtering CommandsMLD Proxy Routing– 1282 –To enable MLD proxy service, follow these steps:1. Use the ipv6 multicast-routin
CHAPTER 42 | Multicast Filtering CommandsMLD Proxy Routing– 1283 –◆ Only one upstream interface is supported on the system. ◆ MLD and MLD proxy ca
CHAPTER 42 | Multicast Filtering CommandsMLD Proxy Routing– 1284 –
– 1285 –43 LLDP COMMANDSLink Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring devices on the local broadcast
CHAPTER 43 | LLDP Commands– 1286 –lldp basic-tlv system-nameConfigures an LLDP-enabled port to advertise its system nameIClldp dot1-tlv proto-iden
CHAPTER 43 | LLDP Commands– 1287 –lldp This command enables LLDP globally on the switch. Use the no form to disable LLDP.SYNTAX[no] lldpDEFAULT SE
CHAPTER 43 | LLDP Commands– 1288 –lldp med-fast-start-countThis command specifies the amount of MED Fast Start LLDPDUs to transmit during the acti
CHAPTER 43 | LLDP Commands– 1289 –◆ Information about changes in LLDP neighbors that occur between SNMP notifications is not transmitted. Only sta
– 129 –4 BASIC MANAGEMENT TASKSThis chapter describes the following topics:◆ Displaying System Information – Provides basic system description, incl
CHAPTER 43 | LLDP Commands– 1290 –COMMAND MODEGlobal ConfigurationCOMMAND USAGEWhen LLDP is re-initialized on a port, all information in the remot
CHAPTER 43 | LLDP Commands– 1291 –lldp admin-status This command enables LLDP transmit, receive, or transmit and receive mode on the specified por
CHAPTER 43 | LLDP Commands– 1292 –enterprise specific or other starting points for the search, such as the Interface or Entity MIB.◆ Since there a
CHAPTER 43 | LLDP Commands– 1293 –lldp basic-tlvsystem-capabilitiesThis command configures an LLDP-enabled port to advertise its system capabiliti
CHAPTER 43 | LLDP Commands– 1294 –lldp basic-tlvsystem-nameThis command configures an LLDP-enabled port to advertise the system name. Use the no f
CHAPTER 43 | LLDP Commands– 1295 –lldp dot1-tlv proto-vidThis command configures an LLDP-enabled port to advertise port related VLAN information.
CHAPTER 43 | LLDP Commands– 1296 –lldp dot1-tlv vlan-nameThis command configures an LLDP-enabled port to advertise its VLAN name. Use the no form
CHAPTER 43 | LLDP Commands– 1297 –lldp dot3-tlv mac-phyThis command configures an LLDP-enabled port to advertise its MAC and physical layer capabi
CHAPTER 43 | LLDP Commands– 1298 –lldp med-locationcivic-addrThis command configures an LLDP-MED-enabled port to advertise its location identifica
CHAPTER 43 | LLDP Commands– 1299 –Any number of CA type and value pairs can be specified for the civic address location, as long as the total does
CONTENTS– 13 –16 IP CONFIGURATION 573Setting the Switch’s IP Address (IP Version 4) 573Sending DHCP Inform Requests for Additional Information 577
CHAPTER 4 | Basic Management TasksDisplaying System Information– 130 –PARAMETERSThese parameters are displayed:◆ System Description – Brief descri
CHAPTER 43 | LLDP Commands– 1300 –COMMAND USAGE◆ This option sends out SNMP trap notifications to designated target stations at the interval speci
CHAPTER 43 | LLDP Commands– 1301 –lldp med-tlv location This command configures an LLDP-MED-enabled port to advertise its location identification
CHAPTER 43 | LLDP Commands– 1302 –lldp med-tlvnetwork-policyThis command configures an LLDP-MED-enabled port to advertise its network policy confi
CHAPTER 43 | LLDP Commands– 1303 –An SNMP agent should therefore periodically check the value of lldpStatsRemTableLastChangeTime to detect any lld
CHAPTER 43 | LLDP Commands– 1304 –Console#show lldp config detail ethernet 1/1LLDP Port Configuration Detail Port : Eth 1/1 Admin Status : Tx-Rx N
CHAPTER 43 | LLDP Commands– 1305 –EXAMPLEConsole#show lldp info local-device LLDP Local System Information Chassis Type : MAC Addr
CHAPTER 43 | LLDP Commands– 1306 –EXAMPLENote that an IP phone or other end-node device which advertises LLDP-MED capabilities must be connected t
CHAPTER 43 | LLDP Commands– 1307 – Power Priority : Unknown Power Value : 0 Watts Inventory :
CHAPTER 43 | LLDP Commands– 1308 –Console#show lldp info statistics detail ethernet 1/1 LLDP Port Statistics Detail PortName : Eth 1/1
– 1309 –44 CFM COMMANDSConnectivity Fault Management (CFM) is an OAM protocol that includes proactive connectivity monitoring using continuity check
CHAPTER 4 | Basic Management TasksDisplaying Switch Hardware/Software Versions– 131 –DISPLAYING SWITCH HARDWARE/SOFTWARE VERSIONS Use the System &
CHAPTER 44 | CFM Commands– 1310 –ethernet cfm mep Sets an interface as a domain boundary, defines it as a maintenance end point (MEP), and sets di
CHAPTER 44 | CFM Commands– 1311 –Basic Configuration Steps for CFM1. Configure the maintenance domains with the ethernet cfm domain command.2. Con
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1312 –5. Enable CFM globally on the switch with the ethernet cfm enable command.6. Enable CFM on
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1313 –EXAMPLEThis example sets the maintenance level for sending AIS messages within the specifi
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1314 –ethernet cfm aisperiodThis command configures the interval at which AIS information is sen
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1315 –COMMAND USAGE ◆ For multipoint connectivity, a MEP cannot determine the specific maintenan
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1316 –pass, and only if a maintenance end point (MEP) is created at some lower MA Level.none – N
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1317 –Also note that while MEPs are active agents which can initiate consistency check messages
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1318 –ma index name This command creates a maintenance association (MA) within the current maint
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1319 –applied to this MA. For a detailed description of the MIP types, refer to the Command Usag
CHAPTER 4 | Basic Management TasksConfiguring Support for Jumbo Frames– 132 –WEB INTERFACETo view hardware and software version information.1. Cli
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1320 –ethernet cfm mep This command sets an interface as a domain boundary, defines it as a main
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1321 –ethernet cfm port-enableThis command enables CFM processing on an interface. Use the no fo
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1322 –COMMAND USAGE This command can be used to clear AIS defect entries if a MEP does not exit
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1323 –This example shows the configuration status for continuity check and cross-check traps.Con
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1324 –DEFAULT SETTING NoneCOMMAND MODE Privileged ExecEXAMPLEThis example shows all configured m
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1325 –show ethernet cfmmaintenance-pointslocalThis command displays the maintenance points confi
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1326 –show ethernet cfmmaintenance-pointslocal detail mepThis command displays detailed CFM info
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1327 –show ethernet cfmmaintenance-pointsremote detailThis command displays detailed CFM informa
CHAPTER 44 | CFM CommandsDefining CFM Structures– 1328 –ma-name – Maintenance association name. (Range: 1-44 alphanumeric characters)DEFAULT SETTI
CHAPTER 44 | CFM CommandsContinuity Check Operations– 1329 –Continuity Check Operations ethernet cfm cc maintervalThis command sets the transmissi
CHAPTER 4 | Basic Management TasksDisplaying Bridge Extension Capabilities– 133 –PARAMETERSThe following parameters are displayed: ◆ Jumbo Frame –
CHAPTER 44 | CFM CommandsContinuity Check Operations– 1330 –is registered. The interval at which CCMs are issued should therefore be configured to
CHAPTER 44 | CFM CommandsContinuity Check Operations– 1331 –◆ If a maintenance point receives a CCM with an invalid MEPID or MA level or an MA lev
CHAPTER 44 | CFM CommandsContinuity Check Operations– 1332 –EXAMPLEThis example enables SNMP traps for mep-up events.Console(config)#snmp-server e
CHAPTER 44 | CFM CommandsContinuity Check Operations– 1333 –DEFAULT SETTING NoneCOMMAND MODE Privileged ExecCOMMAND USAGE Use this command without
CHAPTER 44 | CFM CommandsContinuity Check Operations– 1334 –show ethernet cfmerrorsThis command displays the CFM continuity check errors logged on
CHAPTER 44 | CFM CommandsCross Check Operations– 1335 –Cross Check Operationsethernet cfm mepcrosscheck start-delayThis command sets the maximum d
CHAPTER 44 | CFM CommandsCross Check Operations– 1336 –mep-unknown – Sends a trap if an unconfigured MEP comes up.DEFAULT SETTING All continuity c
CHAPTER 44 | CFM CommandsCross Check Operations– 1337 –COMMAND USAGE ◆ Use this command to statically configure remote MEPs that exist inside the
CHAPTER 44 | CFM CommandsCross Check Operations– 1338 –These remote MEPs are used in the cross-check operation to verify that all endpoints in the
CHAPTER 44 | CFM CommandsLink Trace Operations– 1339 –Link Trace Operationsethernet cfmlinktrace cacheThis command enables caching of CFM data lea
CHAPTER 4 | Basic Management TasksDisplaying Bridge Extension Capabilities– 134 –◆ VLAN Learning – This switch uses Independent VLAN Learning (IVL
CHAPTER 44 | CFM CommandsLink Trace Operations– 1340 –COMMAND MODE Global ConfigurationCOMMAND USAGE Before setting the aging time for cache entri
CHAPTER 44 | CFM CommandsLink Trace Operations– 1341 –ethernet cfmlinktraceThis command sends CFM link trace messages to the MAC address of a remo
CHAPTER 44 | CFM CommandsLink Trace Operations– 1342 –◆ When using the command line or web interface, the source MEP used by to send a link trace
CHAPTER 44 | CFM CommandsLoopback Operations– 1343 –Loopback Operationsethernet cfmloopbackThis command sends CFM loopback messages to a MAC addre
CHAPTER 44 | CFM CommandsFault Generator Operations– 1344 –transmit-count – The number of times the loopback message is sent. (Range: 1-100)packet
CHAPTER 44 | CFM CommandsFault Generator Operations– 1345 –DEFAULT SETTING 3 secondsCOMMAND MODE CFM Domain ConfigurationCOMMAND USAGE A fault ala
CHAPTER 44 | CFM CommandsFault Generator Operations– 1346 –notification generator state machine has been reset, and repeat those steps until the f
CHAPTER 44 | CFM CommandsFault Generator Operations– 1347 –mep fault-notifyreset-timeThis command configures the time after a fault alarm has been
CHAPTER 44 | CFM CommandsDelay Measure Operations– 1348 –Delay Measure Operationsethernet cfm delay-measure two-wayThis command sends periodic del
CHAPTER 44 | CFM CommandsDelay Measure Operations– 1349 –Size: 64 bytesTimeout: 5 secondsCOMMAND MODE Privileged ExecCOMMAND USAGE ◆ Delay measure
CHAPTER 4 | Basic Management TasksManaging System Files– 135 –MANAGING SYSTEM FILESThis section describes how to upgrade the switch operating soft
CHAPTER 44 | CFM CommandsDelay Measure Operations– 1350 –
– 1351 –45 DOMAIN NAME SERVICE COMMANDSThese commands are used to configure Domain Naming System (DNS) services. Entries can be manually configured
CHAPTER 45 | Domain Name Service Commands– 1352 –COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ Domain names are added to the end of the list on
CHAPTER 45 | Domain Name Service Commands– 1353 –◆ If all name servers are deleted, DNS will automatically be disabled.EXAMPLEThis example enables
CHAPTER 45 | Domain Name Service Commands– 1354 –Domain Name List:Name Server List:Console#RELATED COMMANDS ip domain-list (1351)ip name-server (1
CHAPTER 45 | Domain Name Service Commands– 1355 –ip name-server This command specifies the address of one or more domain name servers to use for n
CHAPTER 45 | Domain Name Service Commands– 1356 –ipv6 host This command creates a static entry in the DNS table that maps a host name to an IPv6 a
CHAPTER 45 | Domain Name Service Commands– 1357 –clear host This command deletes dynamic entries from the DNS table.SYNTAX clear host {name | *}na
CHAPTER 45 | Domain Name Service Commands– 1358 –show dns cache This command displays entries in the DNS cache.COMMAND MODE Privileged ExecEXAMPLE
CHAPTER 45 | Domain Name Service Commands– 1359 –Table 180: show hosts - display description Field DescriptionNo. The entry number for each resou
CHAPTER 4 | Basic Management TasksManaging System Files– 136 –NOTE: Up to two copies of the system software (i.e., the runtime firmware) can be st
CHAPTER 45 | Domain Name Service Commands– 1360 –
– 1361 –46 DHCP COMMANDSThese commands are used to configure Dynamic Host Configuration Protocol (DHCP) client, relay, and server functions. Any VLA
CHAPTER 46 | DHCP CommandsDHCP Client– 1362 –DEFAULT SETTING Class identifier option enabled, with the name GTL-2691COMMAND MODE Interface Configu
CHAPTER 46 | DHCP CommandsDHCP Client– 1363 –EXAMPLEConsole(config)#interface vlan 2Console(config-if)#ip dhcp client class-id hex 000099669966Con
CHAPTER 46 | DHCP CommandsDHCP Client– 1364 –ip dhcp restart client This command submits a BOOTP or DHCP client request.DEFAULT SETTING NoneCOMMAN
CHAPTER 46 | DHCP CommandsDHCP Relay– 1365 –DHCP RELAYThis section describes commands used to configure DHCP relay functions for host devices atta
CHAPTER 46 | DHCP CommandsDHCP Relay for IPv4– 1366 –RELATED COMMANDSip dhcp restart relay (1366)ip dhcp restart relay This command enables DHCP r
CHAPTER 46 | DHCP CommandsDHCP Relay for IPv6– 1367 –DHCP Relay for IPv6ipv6 dhcp relaydestinationThis command specifies the destination address o
CHAPTER 46 | DHCP CommandsDHCP Server– 1368 –EXAMPLE Console(config)#interface vlan 1Console(config-if)#ipv6 dhcp relay destination 2001:0DB8:3000
CHAPTER 46 | DHCP CommandsDHCP Server– 1369 –ip dhcp excluded-addressThis command specifies IP addresses that the DHCP server should not assign to
CHAPTER 4 | Basic Management TasksManaging System Files– 137 –SAVING THE RUNNINGCONFIGURATION TO ALOCAL FILEUse the System > File (Copy) page t
CHAPTER 46 | DHCP CommandsDHCP Server– 1370 –ip dhcp pool This command configures a DHCP address pool and enter DHCP Pool Configuration mode. Use
CHAPTER 46 | DHCP CommandsDHCP Server– 1371 –COMMAND USAGEIf the DHCP server is running, you must restart it to implement any configuration change
CHAPTER 46 | DHCP CommandsDHCP Server– 1372 –COMMAND MODE DHCP Pool ConfigurationCOMMAND USAGE ◆ This command identifies a DHCP client to bind to
CHAPTER 46 | DHCP CommandsDHCP Server– 1373 –dns-server This command specifies the Domain Name System (DNS) IP servers available to a DHCP client.
CHAPTER 46 | DHCP CommandsDHCP Server– 1374 –hardware-address This command specifies the hardware address of a DHCP client. This command is valid
CHAPTER 46 | DHCP CommandsDHCP Server– 1375 –COMMAND MODEDHCP Pool ConfigurationUSAGE GUIDELINES ◆ Host addresses must fall within the range speci
CHAPTER 46 | DHCP CommandsDHCP Server– 1376 –hours - Specifies the number of hours in the lease. A days value must be supplied before you can conf
CHAPTER 46 | DHCP CommandsDHCP Server– 1377 –EXAMPLE Console(config-dhcp)#netbios-name-server 10.1.0.33 10.1.0.34Console(config-dhcp)#RELATED COMM
CHAPTER 46 | DHCP CommandsDHCP Server– 1378 –COMMAND MODEDHCP Pool ConfigurationUSAGE GUIDELINES ◆ When a client request is received, the switch f
CHAPTER 46 | DHCP CommandsDHCP Server– 1379 –EXAMPLE Console(config-dhcp)#next-server 10.1.0.21Console(config-dhcp)#RELATED COMMANDSbootfile (1371
CHAPTER 4 | Basic Management TasksManaging System Files– 138 –If you replaced a file currently used for startup and want to start using the new fi
CHAPTER 46 | DHCP CommandsDHCP Server– 1380 –DEFAULT SETTING NoneCOMMAND MODENormal Exec, Privileged ExecEXAMPLEConsole#show ip dhcp binding I
– 1381 –47 VRRP COMMANDSVirtual Router Redundancy Protocol (VRRP) use a virtual IP address to support a primary router and multiple backup routers.
CHAPTER 47 | VRRP Commands– 1382 –vrrp authentication This command specifies the key used to authenticate VRRP packets received from other routers
CHAPTER 47 | VRRP Commands– 1383 –COMMAND MODE Interface (VLAN)COMMAND USAGE ◆ The interfaces of all routers participating in a virtual router gro
CHAPTER 47 | VRRP Commands– 1384 –COMMAND USAGE ◆ If preempt is enabled, and this backup router has a priority higher than the current acting mast
CHAPTER 47 | VRRP Commands– 1385 –◆ If the backup preempt function is enabled with the vrrp preempt command, and a backup router with a priority h
CHAPTER 47 | VRRP Commands– 1386 –EXAMPLEConsole(config-if)#vrrp 1 timers advertise 5Console(config-if)#clear vrrp interfacecountersThis command c
CHAPTER 47 | VRRP Commands– 1387 –COMMAND MODE Privileged ExecCOMMAND USAGE ◆ Use this command without any keywords to display the full listing of
CHAPTER 47 | VRRP Commands– 1388 –This example displays the brief listing of status information for all groups.Console#show vrrp briefInterface
CHAPTER 47 | VRRP Commands– 1389 –EXAMPLEThis example displays the full listing of status information for VLAN 1.Console#show vrrp interface vlan
CHAPTER 4 | Basic Management TasksManaging System Files– 139 –WEB INTERFACETo show the system files:1. Click System, then File. 2. Select Show fro
CHAPTER 47 | VRRP Commands– 1390 –show vrrp routercountersThis command displays counters for errors found in VRRP protocol packets.COMMAND MODE Pr
– 1391 –48 IP INTERFACE COMMANDS An IP Version 4 and Version 6 address may be used for management access to the switch over the network. Both IPv4 o
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1392 –BASIC IPV4CONFIGURATIONThis section describes commands used to configure IP addresses for
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1393 –◆ Before any network interfaces are configured on the router, first create a VLAN for each
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1394 –ip default-gateway This command specifies the default gateway for destinations not found i
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1395 –RELATED COMMANDS ip route (1448)show ip route (1450)ipv6 default-gateway (1408)show ip int
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1396 –ICMP Statistics:ICMP received 45 input 45 errors
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1397 –◆ A trace terminates when the destination responds, when the maximum timeout (TTL) is exce
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1398 –COMMAND MODE Normal Exec, Privileged ExecCOMMAND USAGE ◆ Use the ping command to see if an
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1399 –ARP CONFIGURATION This section describes commands used to configure the Address Resolution
CONTENTS– 14 –Configuring IP Routing Interfaces 624Configuring Local and Remote Interfaces 624Using the Ping Function 625Using the Trace Route Fu
CHAPTER 4 | Basic Management TasksManaging System Files– 140 –indicated here). Enter the file name for other switches described in this manual exa
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1400 –EXAMPLEConsole(config)#arp 10.1.0.19 01-02-03-04-05-06Console(config)#RELATED COMMANDS cle
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1401 –ip proxy-arp This command enables proxy Address Resolution Protocol (ARP). Use the no form
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1402 –show arp This command displays entries in the Address Resolution Protocol (ARP) cache.COMM
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1403 –UDP HELPERCONFIGURATIONUser Datagram Protocol (UDP) Helper allows host applications to for
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1404 –EXAMPLEThis example enables forwarding for DHCPv6 UDP packets.Console(config)#ip forward-p
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1405 –ip helper-address This command specifies the application server or subnet (indicated by a
CHAPTER 48 | IP Interface CommandsIPv4 Interface– 1406 –EXAMPLEThis example indicates that designated UDP broadcast packets are to be forwarded to
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1407 –IPV6 INTERFACEThis switch supports the following IPv6 interface commands. Table 195: IPv6
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1408 –Interface Address Configuration and Utilitiesipv6 default-gatewayThis command sets an IPv6
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1409 –◆ An IPv6 default gateway can only be successfully set when a network interface that direc
CHAPTER 4 | Basic Management TasksManaging System Files– 141 –PARAMETERSThe following parameters are displayed: ◆ Automatic Opcode Upgrade – Enabl
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1410 –◆ When configuring a global IPv6 address for a static tunnel, the link-local address gener
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1411 –ipv6 address eui-64 This command configures an IPv6 address for an interface using an EUI-
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1412 –◆ For example, if a device had an EUI-48 address of 28-9F-18-1C-82-35, the global/local bi
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1413 –ipv6 addresslink-localThis command configures an IPv6 link-local address for an interface
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1414 –FF02::1IPv6 link MTU is 1500 bytesND DAD is enabled, number of DAD attempts: 3.ND retransm
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1415 –Link-local address: FE80::200:E8FF:FE93:82A0/64Global unicast address(es): 2001:DB8:2222
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1416 –◆ IPv6 must be enabled on an interface before the MTU can be set.EXAMPLE The following exa
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1417 –FF02::1IPv6 link MTU is 1280 bytesND DAD is enabled, number of DAD attempts: 2.ND retransm
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1418 –This example displays a brief summary of IPv6 addresses configured on the switch.Console#s
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1419 –show ipv6 traffic This command displays statistics about IPv6 traffic passing through this
CHAPTER 4 | Basic Management TasksManaging System Files– 142 –ExamplesThe following examples demonstrate the URL syntax for a TFTP server at IP ad
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1420 – 3 neighbor solicit messages neighbor advertisement
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1421 –reassembly succeeded The number of IPv6 datagrams successfully reassembled. Note that this
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1422 –echo request messages The number of ICMP Echo (request) messages received by the interface
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1423 –clear ipv6 traffic This command resets IPv6 traffic counters.COMMAND MODE Privileged ExecC
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1424 –size - Number of bytes in a packet. (Range: 0-1500 bytes) The actual packet size will be e
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1425 –traceroute6 This command shows the route packets take to the specified destination. SYNTAX
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1426 –Hop Packet 1 Packet 2 Packet 3 IPv6 Address--- -------- -------- -------- ----------------
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1427 –vlan-id - VLAN ID (Range: 1-4093) hardware-address - The 48-bit MAC layer address for the
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1428 –ipv6 nd dadattemptsThis command configures the number of consecutive neighbor solicitation
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1429 –EXAMPLE The following configures five neighbor solicitation attempts for addresses configu
CHAPTER 4 | Basic Management TasksSetting the System Clock– 143 –Figure 11: Configuring Automatic Code UpgradeIf a new image is found at the spec
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1430 –◆ The ipv6 nd other-config-flag command is used to tell hosts that they should use statefu
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1431 –EXAMPLE The following tells hosts to use stateful autoconfiguration to obtain other non-ad
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1432 –FF02::2FF02::1:FF00:0FF02::1:2FF02::1:FF9C:CA10FF02::1IPv6 link MTU is 1500 bytesND DAD is
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1433 –EXAMPLE The following sets the reachable time for a remote node to 1000 milliseconds:Conso
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1434 –COMMAND USAGE ◆ Prefixes configured as addresses on an interface using the ipv6 address co
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1435 –by the system (33% of the maximum RA interval) and the maximum value set by the ipv6 nd ra
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1436 –ipv6 nd rarouter-preferenceThis command configures the default router preference for the r
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1437 –EXAMPLE The following suppressed router advertisements on the current interface:Console(co
CHAPTER 48 | IP Interface CommandsIPv6 Interface– 1438 –IPv6 Address Age Link-layer Addr State VLANFE80::2E0:CF
CHAPTER 48 | IP Interface CommandsIPv6 to IPv4 Tunnels– 1439 –IPV6 TO IPV4 TUNNELSThis switch supports connection between isolated IPv6 nodes over
CHAPTER 4 | Basic Management TasksSetting the System Clock– 144 –PARAMETERSThe following parameters are displayed: ◆ Current Time – Shows the curr
CHAPTER 48 | IP Interface CommandsIPv6 to IPv4 Tunnels– 1440 –7. Bind the tunnel to a VLAN with the tunnel source vlan command.8. Assign an IPv6 g
CHAPTER 48 | IP Interface CommandsIPv6 to IPv4 Tunnels– 1441 –tunnel destination This command sets the IPv4 address of a tunnel destination (or fa
CHAPTER 48 | IP Interface CommandsIPv6 to IPv4 Tunnels– 1442 –packets (by ensuring an IPv4 MTU of at least 1300 bytes is used) or by preventing fr
CHAPTER 48 | IP Interface CommandsIPv6 to IPv4 Tunnels– 1443 –The 6to4 mechanism is typically implemented almost entirely in routers bordering
CHAPTER 48 | IP Interface CommandsIPv6 to IPv4 Tunnels– 1444 –tunnel end-point IPv4 address. This eliminates the need to explicitly configure the
CHAPTER 48 | IP Interface CommandsIPv6 to IPv4 Tunnels– 1445 –tunnel ttl This command configures the TTL (Time to Live) value stored in the IPv4 h
CHAPTER 48 | IP Interface CommandsIPv6 to IPv4 Tunnels– 1446 –The following example shows the interface status of the configured tunnels. Console#
– 1447 –49 IP ROUTING COMMANDSAfter network interfaces are configured for the switch, the paths used to send traffic between different interfaces mu
CHAPTER 49 | IP Routing CommandsGlobal Routing Configuration– 1448 –IPv4 Commandsip route This command configures static routes. Use the no form t
CHAPTER 49 | IP Routing CommandsGlobal Routing Configuration– 1449 –◆ If both static and dynamic paths have the same lowest cost, the first route
CHAPTER 4 | Basic Management TasksSetting the System Clock– 145 –SETTING THE SNTPPOLLING INTERVALUse the System > Time (Configure General - SNT
CHAPTER 49 | IP Routing CommandsGlobal Routing Configuration– 1450 –show ip host-route This command displays the interface associated with known r
CHAPTER 49 | IP Routing CommandsGlobal Routing Configuration– 1451 –COMMAND MODE Privileged ExecCOMMAND USAGE ◆ The FIB contains information requi
CHAPTER 49 | IP Routing CommandsGlobal Routing Configuration– 1452 –Information Base (see Command Usage under the show ip route command).EXAMPLE C
CHAPTER 49 | IP Routing CommandsGlobal Routing Configuration– 1453 –IP sent forwards datagrams 5927 requests
CHAPTER 49 | IP Routing CommandsGlobal Routing Configuration– 1454 –IPv6 Commandsipv6 route This command configures static IPv6 routes. Use the no
CHAPTER 49 | IP Routing CommandsGlobal Routing Configuration– 1455 –◆ If both static and dynamic paths have the same lowest cost, the first route
CHAPTER 49 | IP Routing CommandsGlobal Routing Configuration– 1456 –COMMAND MODE Privileged ExecCOMMAND USAGE ◆ The FIB contains information requi
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1457 –ROUTING INFORMATION PROTOCOL (RIP).Table 204: Routing Information Protoc
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1458 –router rip This command enables Routing Information Protocol (RIP) routi
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1459 –RELATED COMMANDSip route (1448)redistribute (1463)default-metric This co
CHAPTER 4 | Basic Management TasksSetting the System Clock– 146 –CONFIGURING NTP Use the System > Time (Configure General - NTP) page to config
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1460 –distance This command defines an administrative distance for external ro
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1461 –maximum-prefix This command sets the maximum number of RIP routes allowe
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1462 –EXAMPLEConsole(config-router)#neighbor 10.2.0.254Console(config-router)#
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1463 –passive-interface This command stops RIP from sending routing updates on
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1464 –COMMAND MODE Router ConfigurationCOMMAND USAGE ◆ When a metric value has
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1465 –timers basic This command configures the RIP update timer, timeout timer
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1466 –version This command specifies a RIP version used globally by the router
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1467 –ip rip authenticationmodeThis command specifies the type of authenticati
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1468 –ip rip authenticationstringThis command specifies an authentication key
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1469 –COMMAND MODE Interface Configuration (VLAN)COMMAND USAGE ◆ Use this comm
CHAPTER 4 | Basic Management TasksSetting the System Clock– 147 –CONFIGURING TIMESERVERSUse the System > Time (Configure Time Server) pages to
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1470 –EXAMPLEConsole(config)#interface vlan 1Console(config-if)#ip rip receive
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1471 –RELATED COMMANDSversion (1466)ip rip send-packet This command configures
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1472 –COMMAND USAGE ◆ Split horizon never propagates routes back to an interfa
CHAPTER 49 | IP Routing CommandsRouting Information Protocol (RIP)– 1473 –the RIP routes learned from neighbors and also keep the RIP network inta
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1474 –EXAMPLE Console#show ip ripCodes: R - RIP, Rc - RIP connected, Rs - RIP s
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1475 –area stub Defines a stubby area that cannot send or receive LSAs RCarea v
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1476 –General Configurationrouter ospf This command enables Open Shortest Path
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1477 –destination. When disabled, preference is based on type of path (where ty
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1478 –◆ The metric for the default external route is used to calculate the path
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1479 –router-id This command assigns a unique router ID for this device within
CHAPTER 4 | Basic Management TasksSetting the System Clock– 148 –SPECIFYING NTP TIME SERVERSUse the System > Time (Configure Time Server – Add
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1480 –timers spf This command configures the delay after receiving a topology c
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1481 –EXAMPLEConsole#clear ip ospf processConsole#Route Metrics and Summariesar
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1482 –area range This command summarizes the routes advertised by an Area Borde
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1483 –auto-cost reference-bandwidthUse this command to calculate the default me
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1484 –default-metric This command sets the default metric for external routes i
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1485 –redistribute This command redistributes external routing information from
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1486 –the cost associated with reaching the advertising ASBR, plus the cost of
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1487 –EXAMPLEThis example creates a summary address for all routes contained in
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1488 –other areas within the AS for an NSSA ABR, or to areas outside the AS for
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1489 –EXAMPLEThis example creates a stub area 10.3.0.0, and assigns all interfa
CHAPTER 4 | Basic Management TasksSetting the System Clock– 149 –To show the list of configured NTP time servers:1. Click System, then Time. 2. Se
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1490 –EXAMPLEThis example creates a stub area 10.2.0.0, and assigns all interfa
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1491 –value must be the same for all routers attached to an autonomous system.
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1492 –DEFAULT SETTING area-id: Nonerouter-id: Nonehello-interval: 10 secondsret
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1493 –network area This command defines an OSPF area and the interfaces that op
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1494 –Interface Configurationip ospfauthenticationThis command specifies the au
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1495 –◆ The plain-text authentication-key, or the MD5 key-id and key, must be u
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1496 –EXAMPLEThis example sets a password for the specified interface.Console(c
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1497 –ip ospf dead-interval This command sets the interval at which hello packe
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1498 –ip ospf hello-interval This command specifies the interval between sendin
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1499 –DEFAULT SETTING MD5 authentication is disabled.COMMAND USAGE ◆ Before spe
CONTENTS– 15 –Configuring Stub Settings 682Displaying Information on NSSA and Stub Areas 684Configuring Area Ranges (Route Summarization for ABRs)
CHAPTER 4 | Basic Management TasksSetting the System Clock– 150 –Figure 18: Adding an NTP Authentication KeyTo show the list of configured NTP au
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1500 –DEFAULT SETTING 1COMMAND USAGE ◆ A designated router (DR) and backup desi
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1501 –COMMAND USAGE ◆ A router will resend an LSA to a neighbor if it receives
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1502 –EXAMPLEConsole(config)#interface vlan 1Console(config-if)#ip ospf transmi
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1503 –EXAMPLEConsole#show ip ospf Routing Process "ospf 1" with ID 19
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1504 –show ip ospfborder-routersThis command shows entries in the routing table
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1505 –show ip ospfdatabaseThis command shows information about different OSPF L
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1506 – Net Link States (Area 0.0.0.0)Link ID ADV Router
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1507 –The following shows output when using the external keyword.Console#show i
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1508 – External Route Tag: 0Console#The following shows output when usin
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1509 –The following shows output when using the router keyword.Console#show ip
CHAPTER 4 | Basic Management TasksConsole Port Settings– 151 –◆ Minutes (0-59) – The number of minutes before/after UTC.WEB INTERFACETo set your l
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1510 –The following shows output when using the summary keyword.Console#show ip
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1511 –show ip ospfinterfaceThis command displays summary information for OSPF i
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1512 –show ip ospfneighborThis command displays information about neighboring r
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1513 –EXAMPLEConsole#show ip ospf neighbor ID Pri State
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1514 –IA 172.16.10.0/24 [30] via 10.10.11.50, VLAN2, Area 0.0.0.0E2 192.168.0.0
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv2)– 1515 –show ip protocolsospfThis command displays OSPF process parameters.SYNTAX
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1516 –OPEN SHORTEST PATH FIRST (OSPFV3). Table 217: Open Shortest Path First Co
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1517 –General GuidelinesFollow these basic steps to configure OSPFv3:1. Assign
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1518 –COMMAND USAGE ◆ This command is used to enable an OSPFv3 routing process,
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1519 –DEFAULT SETTING ciscoCOMMAND USAGE ◆ The basic criteria for a router to s
CHAPTER 4 | Basic Management TasksConsole Port Settings– 152 –◆ Exec Timeout – Sets the interval that the system waits until user input is detecte
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1520 –max-current-dd This command sets the maximum number of neighbors with whi
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1521 –COMMAND USAGE ◆ This command sets the router ID for the OSPF process spec
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1522 –◆ Using a low value for the holdtime allows the router to switch to a new
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1523 –area range This command summarizes the routes advertised by an Area Borde
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1524 –default-metric This command sets the default metric for external routes i
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1525 –type-value1 - Type 1 external route2 - Type 2 external route (default) -
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1526 –no-summary - Stops an Area Border Router (ABR) from sending summary link
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1527 –area virtual-link This command defines a virtual link. To remove a virtua
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1528 –DEFAULT SETTING area-id: Nonerouter-id: Nonehello-interval: 10 secondsret
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1529 –COMMAND MODE Interface ConfigurationDEFAULT SETTING NoneCOMMAND USAGE ◆ A
CHAPTER 4 | Basic Management TasksTelnet Settings– 153 –Figure 21: Console Port SettingsTELNET SETTINGSUse the System > Telnet menu to configu
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1530 –ipv6 router ospf tagareaThis command binds an OSPF area to the selected i
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1531 –RELATED COMMANDSrouter ipv6 ospf (1517)router-id (1520)ipv6 router ospf a
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1532 –ipv6 ospf dead-intervalThis command sets the interval at which hello pack
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1533 –ipv6 ospf hello-intervalThis command specifies the interval between sendi
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1534 –COMMAND MODE Interface Configuration (VLAN)DEFAULT SETTING 1COMMAND USAGE
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1535 –DEFAULT SETTING 5 secondsCOMMAND USAGE ◆ A router will resend an LSA to a
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1536 –receive them. To avoid this problem, use the transmit delay to force the
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1537 –Display Informationshow ipv6 ospf This command shows basic information ab
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1538 –show ipv6 ospfdatabaseThis command shows information about different OSPF
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1539 – AS-external-LSALink State ID ADV Router Age Seq#
CHAPTER 4 | Basic Management TasksTelnet Settings– 154 –◆ Exec Timeout – Sets the interval that the system waits until user input is detected. If
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1540 –show ipv6 ospfneighborThis command displays information about neighboring
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1541 –EXAMPLEConsole#show ipv6 ospf neighbor ID Pri State
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1542 –C 2001:DB8:2222:7272::/64, VLAN1? FE80::/64, VLAN1 inactiveC FE8
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1543 –RELATED COMMANDSarea virtual-link (1527)Hello due The timeout for the nex
CHAPTER 49 | IP Routing CommandsOpen Shortest Path First (OSPFv3)– 1544 –
– 1545 –50 MULTICAST ROUTING COMMANDSMulticast routers can use various kinds of multicast routing protocols to deliver IP multicast packets across d
CHAPTER 50 | Multicast Routing CommandsGeneral Multicast Routing– 1546 –COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ This command is used to e
CHAPTER 50 | Multicast Routing CommandsGeneral Multicast Routing– 1547 –IP Multicast Routing Table Flags: D - Dense, S - Sparse, s - SSM Channel,
CHAPTER 50 | Multicast Routing CommandsGeneral Multicast Routing– 1548 –This example lists all entries in the multicast table in summary form:Cons
CHAPTER 50 | Multicast Routing CommandsGeneral Multicast Routing– 1549 –EXAMPLE Console(config)#ipv6 multicast-routingConsole(config)#show ipv6 mr
CHAPTER 4 | Basic Management TasksDisplaying CPU Utilization– 155 –DISPLAYING CPU UTILIZATIONUse the System > CPU Utilization page to display i
CHAPTER 50 | Multicast Routing CommandsGeneral Multicast Routing– 1550 –Table 226: show ip mroute - display descriptionField DescriptionFlagsThe f
CHAPTER 50 | Multicast Routing CommandsStatic Multicast Routing– 1551 –This example lists all entries in the multicast table in summary form:Conso
CHAPTER 50 | Multicast Routing CommandsStatic Multicast Routing– 1552 –COMMAND USAGE Depending on your network connections, IGMP snooping may not
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1553 –PIM MULTICAST ROUTINGThis section describes the PIM commands used for IPv4 and
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1554 –Shared Mode Commandsrouter pim This command enables IPv4 Protocol-Independent
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1555 –EXAMPLEConsole(config)#router pimConsole(config)#exitConsole#show ip pim inter
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1556 –determines that there are no group members or downstream routers, or when a pr
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1557 –COMMAND USAGE The ip pim hello-holdtime should be greater than the value of ip
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1558 –COMMAND MODE Interface Configuration (VLAN)COMMAND USAGE The multicast interfa
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1559 –RELATED COMMANDSip pim override-interval (1559)ip pim propagation-delay (1560)
CHAPTER 4 | Basic Management TasksDisplaying Memory Utilization– 156 –DISPLAYING MEMORY UTILIZATIONUse the System > Memory Status page to displ
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1560 –ip pim propagation-delayThis command configures the propagation delay required
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1561 –COMMAND MODE Interface Configuration (VLAN)COMMAND USAGE ◆ When a router first
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1562 –show ip pimneighborThis command displays information about PIM neighbors.SYNTA
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1563 –COMMAND USAGE A graft message is sent by a router to cancel a prune state. Whe
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1564 –COMMAND MODE Interface Configuration (VLAN)COMMAND USAGE ◆ The pruned state ti
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1565 –COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ When the ip pim bsr-candidate
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1566 –COMMAND MODE Global ConfigurationCOMMAND USAGE This command can be used to rel
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1567 –ip pim rp-address This command sets a static address for the Rendezvous Point
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1568 –EXAMPLEIn the following example, the first PIM-SM command just specifies the R
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1569 –COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ When the ip pim rp-candidate
CHAPTER 4 | Basic Management TasksResetting the System– 157 –Master unit is taken as the top of the stack and is numbered as unit 1, and all other
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1570 –ip pim spt-threshold This command prevents the last-hop PIM router from switch
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1571 –ip pim dr-priority This command sets the priority value for a Designated Route
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1572 –Console#ip pim join-prune-intervalThis command sets the join/prune timer. Use
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1573 – Propagation Delay : 500 ms Override Interval : 2500
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1574 –State : Elected BSRConsole#show ip pim rpmappingThis command displa
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1575 –show ip pim rp-hash This command displays the RP used for the specified multic
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1576 –ipv6 pim hello-interval Sets the interval between sending PIM hello messages I
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1577 –PIM6 Shared Mode Commandsrouter pim6 This command enables IPv6 Protocol-Indepe
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1578 –globally for the router with the router pim6 command, and also enable PIM-DM o
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1579 –ipv6 pim hello-holdtimeThis command configures the interval to wait for hello
CHAPTER 4 | Basic Management TasksResetting the System– 158 –PARAMETERSThe following parameters are displayed: System Reload Information◆ Reload S
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1580 –EXAMPLEConsole(config-if)#ipv6 pim hello-interval 60Console(config-if)#ipv6 pi
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1581 –COMMAND USAGE ◆ When other downstream routers on the same VLAN are notified th
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1582 –Join message back to the upstream router to ensure that the flow is not termin
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1583 –ipv6 pim trigger-hello-delayThis command configures the maximum time before tr
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1584 –EXAMPLEConsole#show ipv6 pim interface vlan 1PIM is enabled.VLAN 1 is up. PIM
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1585 –PIM-DM Commandsipv6 pim graft-retry-intervalThis command configures the time t
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1586 –ipv6 pim max-graft-retriesThis command configures the maximum number of times
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1587 –◆ This command is only effectively for interfaces of first hop, PIM-DM routers
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1588 –◆ This router will continue to be the BSR until it receives a bootstrap messag
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1589 –EXAMPLEThis example sets the register rate limit to 500 pps. Console(config)#i
CHAPTER 4 | Basic Management TasksResetting the System– 159 – Weekly - Day of the week at which to reload. (Range: Sunday ... Saturday) Monthly -
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1590 –ipv6 pim rp-address This command sets a static address for the Rendezvous Poin
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1591 –EXAMPLEIn the following example, the first PIM-SM command just specifies the R
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1592 –candidate RP for the specified group addresses. The IP address of the designat
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1593 –ipv6 pim spt-thresholdThis command prevents the last-hop PIM router from switc
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1594 –ipv6 pim dr-priority This command sets the priority value for a Designated Rou
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1595 –Console#ipv6 pim join-prune-intervalThis command sets the join/prune timer. Us
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1596 – Propagation Delay : 500 ms Override Interval : 2500 ms DR Priorit
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1597 –State : Elected BSRConsole#show ipv6 pim rpmappingThis command disp
CHAPTER 50 | Multicast Routing CommandsPIM Multicast Routing– 1598 –show ipv6 pim rp-hashThis command displays the RP used for the specified multi
– 1599 –SECTION IVAPPENDICESThis section provides additional information and includes these items:◆ "Software Specifications" on page 1601
CONTENTS– 16 –SECTION III COMMAND LINE INTERFACE 74522 USING THE COMMAND LINE INTERFACE 747Accessing the CLI 747Console Connection 747Telnet Conne
CHAPTER 4 | Basic Management TasksResetting the System– 160 –Figure 27: Restarting the Switch (In)Figure 28: Restarting the Switch (At)Figure 29
SECTION IV | Appendices– 1600 –
– 1601 –A SOFTWARE SPECIFICATIONSSOFTWARE FEATURESMANAGEMENTAUTHENTICATIONLocal, RADIUS, TACACS+, Port Authentication (802.1X), HTTPS, SSH, Port Sec
CHAPTER A | Software SpecificationsSoftware Features– 1602 –VLAN SUPPORT Up to 4093 groups; port-based, protocol-based, tagged (802.1Q),voice VLAN
CHAPTER A | Software SpecificationsManagement Features– 1603 –MANAGEMENT FEATURESIN-BAND MANAGEMENT Telnet, web-based HTTP or HTTPS, SNMP manager,
CHAPTER A | Software SpecificationsManagement Information Bases– 1604 –IGMPv2 (RFC 2236)IGMPv3 (RFC 3376) - partial supportIGMP Proxy (RFC 4541)IP
CHAPTER A | Software SpecificationsManagement Information Bases– 1605 –MIB II (RFC 1213)OSPF MIB (RFC 1850)OSPFv3 MIB (draft-ietf-ospf-ospfv3-mib-
CHAPTER A | Software SpecificationsManagement Information Bases– 1606 –
– 1607 –B TROUBLESHOOTINGPROBLEMS ACCESSING THE MANAGEMENT INTERFACE Table 239: Troubleshooting ChartSymptom ActionCannot connect using Telnet, web
CHAPTER B | TroubleshootingUsing System Logs– 1608 –USING SYSTEM LOGSIf a fault does occur, refer to the Installation Guide to ensure that the pro
– 1609 –C LICENSE INFORMATIONThis product includes copyrighted third-party software subject to the terms of the GNU General Public License (GPL), GN
– 161 –5 INTERFACE CONFIGURATIONThis chapter describes the following topics:◆ Port Configuration – Configures connection settings, including auto-ne
CHAPTER C | License InformationThe GNU General Public License– 1610 –GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND
CHAPTER C | License InformationThe GNU General Public License– 1611 –b) Accompany it with a written offer, valid for at least three years, to give
CHAPTER C | License InformationThe GNU General Public License– 1612 –9. If the distribution and/or use of the Program is restricted in certain cou
– 1613 –GLOSSARYACL Access Control List. ACLs can limit network traffic and restrict access to certain users or devices by checking each packet for
GLOSSARY– 1614 –DIFFSERV Differentiated Services provides quality of service on large networks by employing a well-defined set of building blocks fr
GLOSSARY– 1615 –GMRP Generic Multicast Registration Protocol. GMRP allows network devices to register end stations with multicast groups. GMRP requi
GLOSSARY– 1616 –IGMP Internet Group Management Protocol. A protocol through which hosts can register with their local router for multicast services.
GLOSSARY– 1617 –LINK AGGREGATION See Port Trunk. LLDP Link Layer Discovery Protocol is used to discover basic information about neighboring devices
GLOSSARY– 1618 –OSPF Open Shortest Path First is a link-state routing protocol that functions better over a larger network such as the Internet, as
GLOSSARY– 1619 –RIP Routing Information Protocol seeks to find the shortest route to another device by minimizing the distance-vector, or hop count,
CHAPTER 5 | Interface ConfigurationPort Configuration– 162 –◆ When using auto-negotiation, the optimal settings will be negotiated between the lin
GLOSSARY– 1620 –TELNET Defines a remote communication facility for interfacing to a terminal device over TCP/IP.TFTP Trivial File Transfer Protocol.
– 1621 –COMMAND LISTAaaa accounting dot1x 876aaa accounting exec 877aaa accounting update 878aaa authorization exec 879aaa group server 88
COMMAND LIST– 1622 –default-information originate 1458default-information originate 1477default-metric 1459default-metric 1484default-metric
COMMAND LIST– 1623 –ip domain-name 1353ip forward-protocol udp 1403ip helper 1404ip helper-address 1405ip host 1354ip http port 884ip ht
COMMAND LIST– 1624 –ipv6 access-group 985ipv6 address 1409ipv6 address eui-64 1411ipv6 address link-local 1413ipv6 default-gateway 1408ip
COMMAND LIST– 1625 –lldp reinit-delay 1289lldp tx-delay 1290logging facility 799logging history 799logging host 800logging on 801logging
COMMAND LIST– 1626 –ntp client 813ntp server 814Pparity 792passive-interface 1463passive-interface 1502passive-interface 1536password
COMMAND LIST– 1627 –show class-map 1183show cluster 824show cluster candidates 825show cluster members 825show dns 1357show dns cache 13
COMMAND LIST– 1628 –show lacp 1025show line 797show lldp config 1303show lldp info local-device 1304show lldp info remote-device 1305show
COMMAND LIST– 1629 –snmp-server enable traps ethernet cfm cc 1331snmp-server enable traps ethernet cfm crosscheck 1335snmp-server engine-id 83
CHAPTER 5 | Interface ConfigurationPort Configuration– 163 –◆ Name – Allows you to label an interface. (Range: 1-64 characters)◆ Admin – Allows yo
COMMAND LIST– 1630 –vlan-trunking 1120voice vlan 1148voice vlan aging 1149voice vlan mac-address 1149vrrp authentication 1382vrrp ip 138
– 1631 –INDEXNUMERICS802.1Q tunnel 215, 1123access 1125configuration, guidelines 218, 1123configuration, limitations 218, 1124CVID to SVID m
INDEX– 1632 –ignoring superior BPDUs 253, 1082selecting protocol based on message format 254, 1085shut down port on receipt 254, 1073bridge ex
INDEX– 1633 –information option policy 399, 950information option, enabling 399, 949policy selection 399, 950specifying trusted interfaces 4
INDEX– 1634 –Ffault isolation, CFM 474, 1341fault notification generator, CFM 476, 483, 508, 1345, 1347fault notification, CFM 474, 508, 1309,
INDEX– 1635 –static multicast routing 519, 1206static port assignment 521, 1206static router interface 514, 1206static router port, configurin
INDEX– 1636 –local device information, displaying 416, 1304message attributes 413, 1285message statistics 424, 1307remote information, display
INDEX– 1637 –multicast filtering 511, 1185enabling IGMP snooping 515, 1187enabling IGMP snooping per interface 522, 1187enabling MLD snooping
INDEX– 1638 –default metric for external routes 674, 1484enabling 1476general settings 673, 676, 1474hello interval 692, 1498interface summa
INDEX– 1639 –triggered hello delay 731, 1583PIMv6-DMglobal configuration 729, 735interface settings 731PIMv6-SM 735bootstrap router 736BSR
CHAPTER 5 | Interface ConfigurationPort Configuration– 164 –◆ Speed/Duplex – Allows you to manually set the port speed and duplex mode. (i.e., wit
INDEX– 1640 –remote maintenance end point, CFM 477, 486, 492, 501, 504, 505, 1326, 1327, 1332, 1336Remote Monitoring See RMONrename, DiffServ 1
INDEX– 1641 –configuring 343, 890downloading public keys for clients 349, 780generating host key pair 347, 895server, configuring 346, 892ti
INDEX– 1642 –basic information, displaying 1111configuring port members, by interface 206, 1116–1120configuring port members, VLAN index 205cr
GTL-2691E042013/ST-R01
CHAPTER 5 | Interface ConfigurationPort Configuration– 165 –WEB INTERFACETo configure port connection parameters:1. Click Interface, Port, General
CHAPTER 5 | Interface ConfigurationPort Configuration– 166 –◆ Media Type – Media type used. (Options: Copper-Forced, SFP-Forced, or SFP-Preferred-
CHAPTER 5 | Interface ConfigurationPort Configuration– 167 –COMMAND USAGE ◆ Traffic can be mirrored from one or more source ports to one destinati
CHAPTER 5 | Interface ConfigurationPort Configuration– 168 –To display the configured mirror sessions:1. Click Interface, Port, Mirror.2. Select S
CHAPTER 5 | Interface ConfigurationPort Configuration– 169 –Transmitted Errors The number of outbound packets that could not be transmitted becaus
CONTENTS– 17 –System Status 769show access-list tcam-utilization 769show memory 770show process cpu 770show running-config 771show startup-conf
CHAPTER 5 | Interface ConfigurationPort Configuration– 170 –Internal MAC Receive ErrorsA count of frames for which reception on a particular inter
CHAPTER 5 | Interface ConfigurationPort Configuration– 171 –WEB INTERFACETo show a list of port statistics:1. Click Interface, Port, Statistics.2.
CHAPTER 5 | Interface ConfigurationPort Configuration– 172 –Figure 37: Showing Port Statistics (Chart)PERFORMING CABLEDIAGNOSTICSUse the Interfac
CHAPTER 5 | Interface ConfigurationPort Configuration– 173 –◆ The test takes approximately 5 seconds. The switch displays the results of the test
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 174 –WEB INTERFACETo test the cable attached to a port:1. Click Interface, Port, Cable Tes
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 175 –COMMAND USAGEBesides balancing the load across each port in the trunk, the other port
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 176 –However, note that the static trunks on this switch are Cisco EtherChannel compatible
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 177 –To add member ports to a static trunk:1. Click Interface, Trunk, Static.2. Select Con
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 178 –To display trunk connection parameters:1. Click Interface, Trunk, Static.2. Select Co
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 179 –◆ All ports on both ends of an LACP trunk must be configured for full duplex, and aut
CONTENTS– 18 –stopbits 796timeout login response 796disconnect 797show line 797Event Logging 798logging facility 799logging history 799logging
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 180 –NOTE: Configuring LACP settings for a port only applies to its administrative state,
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 181 –Figure 46: Enabling LACP on a PortTo configure LACP parameters for group members:1.
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 182 –Figure 48: Showing Members of a Dynamic TrunkTo configure connection parameters for
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 183 –Figure 50: Displaying Connection Parameters for Dynamic TrunksDISPLAYING LACPPORT CO
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 184 –Figure 51: Displaying LACP Port CountersDISPLAYING LACPSETTINGS AND STATUSFOR THE LO
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 185 –WEB INTERFACETo display LACP settings and status for the local side:1. Click Interfac
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 186 –DISPLAYING LACPSETTINGS AND STATUSFOR THE REMOTE SIDEUse the Interface > Trunk >
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 187 –Figure 53: Displaying LACP Port Remote InformationCONFIGURING LOADBALANCINGUse the I
CHAPTER 5 | Interface ConfigurationTrunk Configuration– 188 – Source and Destination IP Address: All traffic with the same source and destination
CHAPTER 5 | Interface ConfigurationSampling Traffic Flows– 189 –Figure 54: Configuring Load BalancingSAMPLING TRAFFIC FLOWSThe flow sampling (sFl
CONTENTS– 19 –Time Range 817time-range 818absolute 818periodic 819show time-range 820Switch Clustering 820cluster 821cluster commander 822cluste
CHAPTER 5 | Interface ConfigurationSampling Traffic Flows– 190 –CONFIGURING SFLOWPARAMETERSUse the Interface > sFlow page to set the source and
CHAPTER 5 | Interface ConfigurationTraffic Segmentation– 191 –3. Click Apply.Figure 55: Sampling Traffic FlowsTRAFFIC SEGMENTATIONIf tighter secu
CHAPTER 5 | Interface ConfigurationTraffic Segmentation– 192 – Blocking – Blocks traffic between uplink ports assigned to different sessions. Forw
CHAPTER 5 | Interface ConfigurationTraffic Segmentation– 193 –CONFIGURING UPLINKAND DOWNLINK PORTSUse the Interface > Traffic Segmentation (Con
CHAPTER 5 | Interface ConfigurationTraffic Segmentation– 194 –◆ Interface – Displays a list of ports or trunks. Port – Port Identifier. (Range: 1-
CHAPTER 5 | Interface ConfigurationVLAN Trunking– 195 –VLAN TRUNKINGUse the Interface > VLAN Trunking page to allow unknown VLAN groups to pass
CHAPTER 5 | Interface ConfigurationVLAN Trunking– 196 –◆ Trunk – Trunk Identifier. (Range: 1-32)◆ VLAN Trunking Status – Enables VLAN trunking on
– 197 –6 VLAN CONFIGURATIONThis chapter includes the following topics:◆ IEEE 802.1Q VLANs – Configures static and dynamic VLANs.◆ Private VLANs – Co
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 198 –or IP subnets. VLANs inherently provide a high level of network security since traffic must
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 199 –VLAN Classification – When the switch receives a frame, it classifies the frame in one of tw
USER MANUALGTL-2691MANAGED 24-PORT L3 STACKABLE GE SWITCHLayer 3 Stackable Gigabit Ethernet Switchwith 20 10/100/1000BASE-T (RJ-45) Ports,4 Gigabit Co
CONTENTS– 20 –show nlm oper-status 845show snmp notify-filter 845Additional Trap Commands 845memory 845process cpu 84626 REMOTE MONITORING COM
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 200 –Figure 62: Using GVRPForwarding Tagged/Untagged FramesIf you want to create a small port-ba
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 201 –about this interface type. This parameter must be enabled before you can assign an IP addres
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 202 –To modify the configuration settings for VLAN groups:1. Click VLAN, Static.2. Select Modify
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 203 –aware devices. Or configure a port as forbidden to prevent the switch from automatically add
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 204 –◆ Ingress Filtering – Determines how to process frames tagged for VLANs for which the ingres
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 205 –◆ Trunk Range – Displays a list of ports. (Range: 1-32)NOTE: The PVID, acceptable frame type
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 206 –4. Modify the settings for any interface as required. 5. Click Apply.Figure 67: Configuring
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 207 –Figure 68: Configuring Static VLAN Members by Interface RangeCONFIGURINGDYNAMIC VLANREGISTR
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 208 – Join – The interval between transmitting requests/queries to participate in a VLAN group. (
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q VLANs– 209 –To configure GVRP status and timers on a port or trunk:1. Click VLAN, Dynamic.2. Select Conf
CONTENTS– 21 –radius-server key 870radius-server retransmit 871radius-server timeout 871show radius-server 872TACACS+ Client 872tacacs-server h
CHAPTER 6 | VLAN ConfigurationPrivate VLANs– 210 –To show the members of a dynamic VLAN:1. Click VLAN, Dynamic.2. Select Show Dynamic VLAN from th
CHAPTER 6 | VLAN ConfigurationPrivate VLANs– 211 –all other traffic through promiscuous ports). Then assign any promiscuous ports to a primary VLA
CHAPTER 6 | VLAN ConfigurationPrivate VLANs– 212 –To display a list of private VLANs:1. Click VLAN, Private.2. Select Configure VLAN from the Step
CHAPTER 6 | VLAN ConfigurationPrivate VLANs– 213 –5. Select an entry from the Community VLAN list to associate it with the selected primary VLAN.
CHAPTER 6 | VLAN ConfigurationPrivate VLANs– 214 –◆ Port – Port Identifier. (Range: 1-26/50)◆ Trunk – Trunk Identifier. (Range: 1-32)◆ Port/Trunk
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q Tunneling– 215 –Figure 77: Configuring Interfaces for Private VLANsIEEE 802.1Q TUNNELINGIEEE 802.1Q Tun
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q Tunneling– 216 –When a double-tagged packet enters another trunk port in an intermediate or core switch
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q Tunneling– 217 –3. After packet classification through the switching process, the packet is written to m
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q Tunneling– 218 –7. The switch sends the packet to the proper egress port.8. If the egress port is an unt
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q Tunneling– 219 –6. Configure the QinQ tunnel uplink port to Uplink mode (see "Adding an Interface t
CONTENTS– 22 –ip ssh timeout 894delete public-key 894ip ssh crypto host-key generate 895ip ssh crypto zeroize 896ip ssh save host-key 896show i
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q Tunneling– 220 –Figure 79: Enabling QinQ TunnelingCREATING CVLAN TOSPVLAN MAPPINGENTRIESUse the VLAN &g
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q Tunneling– 221 –PARAMETERSThese parameters are displayed:◆ Port – Port identifier. (Range: 1-26)◆ Custom
CHAPTER 6 | VLAN ConfigurationIEEE 802.1Q Tunneling– 222 –Figure 81: Showing CVLAN to SPVLAN Mapping EntriesThe preceding example sets the SVID t
CHAPTER 6 | VLAN ConfigurationProtocol VLANs– 223 – Uplink – Configures QinQ tunneling for an uplink port to another device within the service pro
CHAPTER 6 | VLAN ConfigurationProtocol VLANs– 224 –COMMAND USAGE◆ To configure protocol-based VLANs, follow these steps:1. First configure VLAN gr
CHAPTER 6 | VLAN ConfigurationProtocol VLANs– 225 –WEB INTERFACETo configure a protocol group:1. Click VLAN, Protocol.2. Select Configure Protocol
CHAPTER 6 | VLAN ConfigurationProtocol VLANs– 226 –MAPPING PROTOCOLGROUPS TOINTERFACESUse the VLAN > Protocol (Configure Interface - Add) page
CHAPTER 6 | VLAN ConfigurationProtocol VLANs– 227 –6. Enter the corresponding VLAN to which the protocol traffic will be forwarded.7. Click Apply.
CHAPTER 6 | VLAN ConfigurationConfiguring IP Subnet VLANs– 228 –CONFIGURING IP SUBNET VLANSUse the VLAN > IP Subnet page to configure IP subnet
CHAPTER 6 | VLAN ConfigurationConfiguring IP Subnet VLANs– 229 –WEB INTERFACETo map an IP subnet to a VLAN:1. Click VLAN, IP Subnet.2. Select Add
CONTENTS– 23 –pppoe intermediate-agent vendor-tag strip 917clear pppoe intermediate-agent statistics 917show pppoe intermediate-agent info 918sho
CHAPTER 6 | VLAN ConfigurationConfiguring MAC-based VLANs– 230 –CONFIGURING MAC-BASED VLANSUse the VLAN > MAC-Based page to configure VLAN base
CHAPTER 6 | VLAN ConfigurationConfiguring MAC-based VLANs– 231 –6. Click Apply.Figure 89: Configuring MAC-Based VLANsTo show the MAC addresses ma
CHAPTER 6 | VLAN ConfigurationConfiguring MAC-based VLANs– 232 –
– 233 –7 ADDRESS TABLE SETTINGSSwitches store the addresses for all known devices. This information is used to pass traffic directly between the inb
CHAPTER 7 | Address Table SettingsConfiguring MAC Address Learning– 234 –◆ Also note that MAC address learning cannot be disabled if any of the fo
CHAPTER 7 | Address Table SettingsSetting Static Addresses– 235 –SETTING STATIC ADDRESSESUse the MAC Address > Static page to configure static
CHAPTER 7 | Address Table SettingsChanging the Aging Time– 236 –4. Click Apply.Figure 92: Configuring Static MAC AddressesTo show the static addr
CHAPTER 7 | Address Table SettingsDisplaying the Dynamic Address Table– 237 –WEB INTERFACETo set the aging time for entries in the dynamic address
CHAPTER 7 | Address Table SettingsClearing the Dynamic Address Table– 238 –WEB INTERFACETo show the dynamic address table:1. Click MAC Address, Dy
CHAPTER 7 | Address Table SettingsClearing the Dynamic Address Table– 239 –3. Select the method by which to clear the entries (i.e., All, MAC Addr
CONTENTS– 24 –web-auth re-authenticate (IP) 944show web-auth 945show web-auth interface 945show web-auth summary 946DHCP Snooping 946ip dhcp sn
CHAPTER 7 | Address Table SettingsClearing the Dynamic Address Table– 240 –
– 241 –8 SPANNING TREE ALGORITHM This chapter describes the following basic topics:◆ Loopback Detection – Configures detection and response to loopb
CHAPTER 8 | Spanning Tree AlgorithmOverview– 242 –lowest cost spanning tree, it enables all root ports and designated ports, and disables all othe
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Loopback Detection– 243 –An MST Region consists of a group of interconnected bridges that have the
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Loopback Detection– 244 –◆ The interface ceases to receive it’s own BPDUs in a forward delay interv
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Global Settings for STA– 245 –Figure 100: Configuring Port Loopback DetectionCONFIGURING GLOBAL SE
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Global Settings for STA– 246 –MSTP generates a unique spanning tree for each instance. This provide
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Global Settings for STA– 247 –spanning tree is disabled globally on the switch or disabled on a spe
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Global Settings for STA– 248 –delay is required because every device must receive information about
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Global Settings for STA– 249 –Figure 101: Configuring Global Settings for STA (STP)Figure 102: Co
CONTENTS– 25 –Denial of Service Protection 969dos-protection land 969dos-protection tcp-scan 970show dos-protection 97030 ACCESS CONTROL LISTS 9
CHAPTER 8 | Spanning Tree AlgorithmDisplaying Global Settings for STA– 250 –Figure 103: Configuring Global Settings for STA (MSTP)DISPLAYING GLOB
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Interface Settings for STA– 251 –◆ Root Port – The number of the port on this switch that is closes
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Interface Settings for STA– 252 –CLI REFERENCES◆ "Spanning Tree Commands" on page 1061PAR
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Interface Settings for STA– 253 –◆ Admin Link Type – The link type attached to this interface. Poin
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Interface Settings for STA– 254 –An interface cannot function as an edge port under the following c
CHAPTER 8 | Spanning Tree AlgorithmDisplaying Interface Settings for STA– 255 –5. Click Apply.Figure 105: Configuring Interface Settings for STAD
CHAPTER 8 | Spanning Tree AlgorithmDisplaying Interface Settings for STA– 256 –The rules defining port status are: A port on a network segment wit
CHAPTER 8 | Spanning Tree AlgorithmDisplaying Interface Settings for STA– 257 –Figure 106: STA Port RolesWEB INTERFACETo display interface settin
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Multiple Spanning Trees– 258 –CONFIGURING MULTIPLE SPANNING TREESUse the Spanning Tree > MSTP (C
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Multiple Spanning Trees– 259 –WEB INTERFACETo create instances for MSTP:1. Click Spanning Tree, MST
CONTENTS– 26 –capabilities 999description 1000flowcontrol 1001media-type 1002negotiation 1002shutdown 1003speed-duplex 1004switchport mtu 1005switc
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Multiple Spanning Trees– 260 –To modify the priority for an MST instance:1. Click Spanning Tree, MS
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Multiple Spanning Trees– 261 –To add additional VLAN groups to an MSTP instance:1. Click Spanning T
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Interface Settings for MSTP– 262 –CONFIGURING INTERFACE SETTINGS FOR MSTPUse the Spanning Tree >
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Interface Settings for MSTP– 263 –The recommended range is listed in Table 12 on page 252. The defa
CHAPTER 8 | Spanning Tree AlgorithmConfiguring Interface Settings for MSTP– 264 –
– 265 –9 CONGESTION CONTROLThe switch can set the maximum upload or download data transfer rate for any port. It can also control traffic storms by
CHAPTER 9 | Congestion ControlStorm Control– 266 –◆ Rate – Sets the rate limit level. (Range: 64 - 1,000,000 kbits per second for Gigabit Ethernet
CHAPTER 9 | Congestion ControlStorm Control– 267 –◆ When traffic exceeds the threshold specified for broadcast and multicast or unknown unicast tr
CHAPTER 9 | Congestion ControlAutomatic Traffic Control– 268 –4. Set the required threshold beyond which the switch will start dropping packets.5.
CHAPTER 9 | Congestion ControlAutomatic Traffic Control– 269 –The key elements of this diagram are described below:◆ Alarm Fire Threshold – The hi
CONTENTS– 27 –show port monitor 1030RSPAN Mirroring Commands 1031rspan source 1033rspan destination 1034rspan remote vlan 1035no rspan session
CHAPTER 9 | Congestion ControlAutomatic Traffic Control– 270 –SETTING THE ATCTIMERSUse the Traffic > Auto Traffic Control (Configure Global) pa
CHAPTER 9 | Congestion ControlAutomatic Traffic Control– 271 –Figure 120: Configuring ATC TimersCONFIGURING ATCTHRESHOLDS ANDRESPONSESUse the Tra
CHAPTER 9 | Congestion ControlAutomatic Traffic Control– 272 –◆ Auto Release Control – Automatically stops a traffic control response of rate limi
CHAPTER 9 | Congestion ControlAutomatic Traffic Control– 273 –WEB INTERFACETo configure the response timers for automatic storm control:1. Click T
CHAPTER 9 | Congestion ControlAutomatic Traffic Control– 274 –
– 275 –10 CLASS OF SERVICEClass of Service (CoS) allows you to specify which data packets have greater precedence when traffic is buffered in the sw
CHAPTER 10 | Class of ServiceLayer 2 Queue Settings– 276 –◆ If the output port is an untagged member of the associated VLAN, these frames are stri
CHAPTER 10 | Class of ServiceLayer 2 Queue Settings– 277 –◆ WRR queuing specifies a relative weight for each queue. WRR uses a predefined relative
CHAPTER 10 | Class of ServiceLayer 2 Queue Settings– 278 –WEB INTERFACETo configure the queue mode:1. Click Traffic, Priority, Queue.2. Select the
CHAPTER 10 | Class of ServiceLayer 2 Queue Settings– 279 –Figure 125: Setting the Queue Mode (Strict and WRR)MAPPING COS VALUESTO EGRESS QUEUESUs
CONTENTS– 28 –show mac-address-table aging-time 1058show mac-address-table count 105937 SPANNING TREE COMMANDS 1061spanning-tree 1062spanning-tree
CHAPTER 10 | Class of ServiceLayer 2 Queue Settings– 280 –CLI REFERENCES◆ "queue cos-map" on page 1156◆ "show queue cos-map" o
CHAPTER 10 | Class of ServiceLayer 3/4 Priority Settings– 281 –Figure 126: Mapping CoS Values to Egress QueuesLAYER 3/4 PRIORITY SETTINGSMapping
CHAPTER 10 | Class of ServiceLayer 3/4 Priority Settings– 282 –COMMAND USAGE◆ The DSCP is six bits wide, allowing coding for up to 64 different fo
CHAPTER 10 | Class of ServiceLayer 3/4 Priority Settings– 283 –Figure 127: Mapping IP DSCP Priority ValuesMAPPING IPPRECEDENCEUse the Traffic >
CHAPTER 10 | Class of ServiceLayer 3/4 Priority Settings– 284 –NOTE: IP Precedence settings apply to all interfaces. PARAMETERSThese parameters ar
CHAPTER 10 | Class of ServiceLayer 3/4 Priority Settings– 285 –COMMAND USAGE ◆ This mapping table is only used if the protocol type of the arrivin
CHAPTER 10 | Class of ServiceLayer 3/4 Priority Settings– 286 –To show the TCP/UDP port number to CoS priority map:1. Click Traffic, Priority, IP
– 287 –11 QUALITY OF SERVICE This chapter describes the following tasks required to apply QoS policies:Class Map – Creates a map which identifies a
CHAPTER 11 | Quality of ServiceConfiguring a Class Map– 288 –COMMAND USAGETo create a service policy for a specific category or ingress traffic, f
CHAPTER 11 | Quality of ServiceConfiguring a Class Map– 289 –◆ Description – A brief description of a class map. (Range: 1-64 characters)Add Rule◆
CONTENTS– 29 –show spanning-tree 1086show spanning-tree mst configuration 108838 ERPS COMMANDS 1089erps 1091erps domain 1091control-vlan 1092enab
CHAPTER 11 | Quality of ServiceConfiguring a Class Map– 290 –To show the configured class maps: 1. Click Traffic, DiffServ.2. Select Configure Cla
CHAPTER 11 | Quality of ServiceCreating QoS Policies– 291 –To show the rules for a class map: 1. Click Traffic, DiffServ.2. Select Configure Class
CHAPTER 11 | Quality of ServiceCreating QoS Policies– 292 –Policing is based on a token bucket, where bucket depth (that is, the maximum burst bef
CHAPTER 11 | Quality of ServiceCreating QoS Policies– 293 – if Te(t)-B ≥ 0, the packets is yellow and Te is decremented by B down to the minimum v
CHAPTER 11 | Quality of ServiceCreating QoS Policies– 294 –respectively. The maximum size of the token bucket P is BP and the maximum size of the
CHAPTER 11 | Quality of ServiceCreating QoS Policies– 295 –Add Rule◆ Policy Name – Name of policy map.◆ Class Name – Name of a class map that defi
CHAPTER 11 | Quality of ServiceCreating QoS Policies– 296 – Violate – Specifies whether the traffic that exceeds the maximum rate (CIR) will be dr
CHAPTER 11 | Quality of ServiceCreating QoS Policies– 297 – Drop – Drops out of conformance traffic. Violate – Specifies whether the traffic that
CHAPTER 11 | Quality of ServiceCreating QoS Policies– 298 – Transmit – Transmits in-conformance traffic without any change to the DSCP service lev
CHAPTER 11 | Quality of ServiceCreating QoS Policies– 299 –To show the configured policy maps: 1. Click Traffic, DiffServ.2. Select Configure Poli
– 3 –ABOUT THIS GUIDEPURPOSE This guide gives specific information on how to operate and use the management functions of the switch.AUDIENCE The gui
CONTENTS– 30 –switchport allowed vlan 1117switchport ingress-filtering 1118switchport mode 1119switchport native vlan 1120vlan-trunking 1120Dis
CHAPTER 11 | Quality of ServiceCreating QoS Policies– 300 –Figure 137: Adding Rules to a Policy MapTo show the rules for a policy map: 1. Click T
CHAPTER 11 | Quality of ServiceAttaching a Policy Map to a Port– 301 –ATTACHING A POLICY MAP TO A PORTUse the Traffic > DiffServ (Configure Int
CHAPTER 11 | Quality of ServiceAttaching a Policy Map to a Port– 302 –
– 303 –12 VOIP TRAFFIC CONFIGURATIONThis chapter covers the following topics:◆ Global Settings – Enables VOIP globally, sets the Voice VLAN, and the
CHAPTER 12 | VoIP Traffic ConfigurationConfiguring VoIP Traffic– 304 –CLI REFERENCES◆ "Configuring Voice VLANs" on page 1147PARAMETERSTh
CHAPTER 12 | VoIP Traffic ConfigurationConfiguring Telephony OUI– 305 –CONFIGURING TELEPHONY OUIVoIP devices attached to the switch can be identif
CHAPTER 12 | VoIP Traffic ConfigurationConfiguring VoIP Traffic Ports– 306 –Figure 141: Configuring an OUI Telephony ListTo show the MAC OUI numb
CHAPTER 12 | VoIP Traffic ConfigurationConfiguring VoIP Traffic Ports– 307 – Auto – The port will be added as a tagged member to the Voice VLAN wh
CHAPTER 12 | VoIP Traffic ConfigurationConfiguring VoIP Traffic Ports– 308 –3. Configure any required changes to the VoIP settings each port.4. Cl
– 309 –13 SECURITY MEASURESYou can configure this switch to authenticate users logging into the system for management access using local or remote a
CONTENTS– 31 –show mac-vlan 1147Configuring Voice VLANs 1147voice vlan 1148voice vlan aging 1149voice vlan mac-address 1149switchport voice vla
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 310 –◆ DHCP Snooping – Filter IP traffic on insecure ports for which the source ad
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 311 –3. Define a method name for each service to which you want to apply accountin
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 312 – [authentication sequence] – User authentication is performed by up to three
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 313 –CLI REFERENCES◆ "RADIUS Client" on page 868◆ "TACACS+ Client&q
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 314 – Set Key – Mark this box to set or modify the encryption key. Authentication
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 315 –When specifying the priority sequence for a sever, the server index must alre
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 316 –Figure 147: Configuring Remote Authentication Server (TACACS+)To configure t
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 317 –To show the RADIUS or TACACS+ server groups used for accounting and authoriza
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 318 –◆ Method Name – Specifies an accounting method for service requests. The “def
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 319 –◆ Accounting Type - Displays the accounting service.◆ Interface - Displays th
CONTENTS– 32 –police flow 1175police srtcm-color 1176police trtcm-color 1179set 1181service-policy 1182show class-map 1183show policy-map 1183s
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 320 –Figure 151: Configuring AAA Accounting MethodsTo show the accounting method
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 321 –Figure 153: Configuring AAA Accounting Service for 802.1X ServiceFigure 154:
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 322 –To display basic accounting information and statistics recorded for user sess
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 323 –other group name refers to a server group configured on the TACACS+ Group Set
CHAPTER 13 | Security MeasuresAAA Authorization and Accounting– 324 –To show the authorization method applied to the EXEC service type and the ass
CHAPTER 13 | Security MeasuresConfiguring User Accounts– 325 –To display a the configured authorization method and assigned server groups for The
CHAPTER 13 | Security MeasuresConfiguring User Accounts– 326 – Plain Password – Plain text unencrypted password. Encrypted Password – Encrypted pa
CHAPTER 13 | Security MeasuresWeb Authentication– 327 –To show user accounts: 1. Click Security, User Accounts.2. Select Show from the Action list
CHAPTER 13 | Security MeasuresWeb Authentication– 328 –CONFIGURING GLOBALSETTINGS FOR WEBAUTHENTICATIONUse the Security > Web Authentication (C
CHAPTER 13 | Security MeasuresWeb Authentication– 329 –CONFIGURINGINTERFACE SETTINGSFOR WEBAUTHENTICATIONUse the Security > Web Authentication
CONTENTS– 33 –IGMP Filtering and Throttling 1208ip igmp filter (Global Configuration) 1208ip igmp profile 1209permit, deny 1210range 1210ip igmp
CHAPTER 13 | Security MeasuresNetwork Access (MAC Address Authentication)– 330 –Figure 164: Configuring Interface Settings for Web Authentication
CHAPTER 13 | Security MeasuresNetwork Access (MAC Address Authentication)– 331 –◆ Authenticated MAC addresses are stored as dynamic entries in the
CHAPTER 13 | Security MeasuresNetwork Access (MAC Address Authentication)– 332 –For example, if the attribute is “service-policy-in=p1;service-pol
CHAPTER 13 | Security MeasuresNetwork Access (MAC Address Authentication)– 333 –regardless of the 802.1X Operation Mode (Single-Host, Multi-Host,
CHAPTER 13 | Security MeasuresNetwork Access (MAC Address Authentication)– 334 –PARAMETERSThese parameters are displayed:◆ MAC Authentication Sta
CHAPTER 13 | Security MeasuresNetwork Access (MAC Address Authentication)– 335 –exempt from authentication on the specified port (as described und
CHAPTER 13 | Security MeasuresNetwork Access (MAC Address Authentication)– 336 – Link down – Only link down events will trigger the port action. L
CHAPTER 13 | Security MeasuresNetwork Access (MAC Address Authentication)– 337 –COMMAND USAGE◆ Specified MAC addresses are exempt from authenticat
CHAPTER 13 | Security MeasuresNetwork Access (MAC Address Authentication)– 338 –Figure 169: Showing the MAC Address Filter Table for Network Acce
CHAPTER 13 | Security MeasuresNetwork Access (MAC Address Authentication)– 339 –WEB INTERFACETo display the authenticated MAC addresses stored in
CONTENTS– 34 –mvr proxy-query-interval 1230mvr proxy-switching 1231mvr robustness-value 1232mvr source-port-mode dynamic 1233mvr upstream-source
CHAPTER 13 | Security MeasuresConfiguring HTTPS– 340 –CONFIGURING HTTPSYou can configure the switch to enable the Secure Hypertext Transfer Protoc
CHAPTER 13 | Security MeasuresConfiguring HTTPS– 341 –PARAMETERSThese parameters are displayed:◆ HTTPS Status – Allows you to enable/disable the H
CHAPTER 13 | Security MeasuresConfiguring HTTPS– 342 –When you have obtained these, place them on your TFTP server and transfer them to the switch
CHAPTER 13 | Security MeasuresConfiguring the Secure Shell– 343 –Figure 172: Downloading the Secure-Site CertificateCONFIGURING THE SECURE SHELL
CHAPTER 13 | Security MeasuresConfiguring the Secure Shell– 344 –To use the SSH server, complete these steps:1. Generate a Host Key Pair – On the
CHAPTER 13 | Security MeasuresConfiguring the Secure Shell– 345 –NOTE: To use SSH with only password authentication, the host public key must stil
CHAPTER 13 | Security MeasuresConfiguring the Secure Shell– 346 –CONFIGURING THESSH SERVERUse the Security > SSH (Configure Global) page to ena
CHAPTER 13 | Security MeasuresConfiguring the Secure Shell– 347 –Figure 173: Configuring the SSH ServerGENERATING THEHOST KEY PAIRUse the Securit
CHAPTER 13 | Security MeasuresConfiguring the Secure Shell– 348 –WEB INTERFACETo generate the SSH host key pair: 1. Click Security, SSH.2. Select
CHAPTER 13 | Security MeasuresConfiguring the Secure Shell– 349 –IMPORTING USERPUBLIC KEYSUse the Security > SSH (Configure User Key - Copy) pa
CONTENTS– 35 –ip igmp last-member-query-interval 1262ip igmp max-resp-interval 1263ip igmp query-interval 1264ip igmp robustval 1264ip igmp sta
CHAPTER 13 | Security MeasuresConfiguring the Secure Shell– 350 –Figure 176: Copying the SSH User’s Public KeyTo display or clear the SSH user’s
CHAPTER 13 | Security MeasuresAccess Control Lists– 351 –ACCESS CONTROL LISTS Access Control Lists (ACL) provide packet filtering for IPv4 frames
CHAPTER 13 | Security MeasuresAccess Control Lists– 352 –◆ If no matches are found down to the end of the list, the traffic is denied. For this re
CHAPTER 13 | Security MeasuresAccess Control Lists– 353 –WEB INTERFACETo configure a time range: 1. Click Security, ACL.2. Select Configure Time R
CHAPTER 13 | Security MeasuresAccess Control Lists– 354 –6. Fill in the required parameters for the selected mode.7. Click Apply.Figure 180: Add
CHAPTER 13 | Security MeasuresAccess Control Lists– 355 –SHOWING TCAMUTILIZATIONUse the Security > ACL (Configure ACL - Show TCAM) page to show
CHAPTER 13 | Security MeasuresAccess Control Lists– 356 –SETTING THE ACLNAME AND TYPEUse the Security > ACL (Configure ACL - Add) page to creat
CHAPTER 13 | Security MeasuresAccess Control Lists– 357 –Figure 183: Creating an ACLTo show a list of ACLs: 1. Click Security, ACL.2. Select Conf
CHAPTER 13 | Security MeasuresAccess Control Lists– 358 –◆ Source IP Address – Source IP address.◆ Source Subnet Mask – A subnet mask containing f
CHAPTER 13 | Security MeasuresAccess Control Lists– 359 –CONFIGURING ANEXTENDED IPV4 ACLUse the Security > ACL (Configure ACL - Add Rule - IP E
CONTENTS– 36 –lldp basic-tlv port-description 1292lldp basic-tlv system-capabilities 1293lldp basic-tlv system-description 1293lldp basic-tlv sys
CHAPTER 13 | Security MeasuresAccess Control Lists– 360 –where the equivalent binary bit “1” means to match a bit and “0” means to ignore a bit. T
CHAPTER 13 | Security MeasuresAccess Control Lists– 361 –Figure 186: Configuring an Extended IPv4 ACLCONFIGURING ASTANDARD IPV6 ACLUse the Securi
CHAPTER 13 | Security MeasuresAccess Control Lists– 362 –◆ Time Range – Name of a time range.WEB INTERFACETo add rules to a Standard IPv6 ACL: 1.
CHAPTER 13 | Security MeasuresAccess Control Lists– 363 –CONFIGURING ANEXTENDED IPV6 ACLUse the Security > ACL (Configure ACL - Add Rule - IPv6
CHAPTER 13 | Security MeasuresAccess Control Lists– 364 –◆ Flow Label – A label for packets belonging to a particular traffic “flow” for which the
CHAPTER 13 | Security MeasuresAccess Control Lists– 365 –Figure 188: Configuring an Extended IPv6 ACLCONFIGURING A MACACLUse the Security > AC
CHAPTER 13 | Security MeasuresAccess Control Lists– 366 –◆ Packet Format – This attribute includes the following packet types: Any – Any Ethernet
CHAPTER 13 | Security MeasuresAccess Control Lists– 367 –Figure 189: Configuring a MAC ACLCONFIGURING AN ARPACLUse the Security > ACL (Configu
CHAPTER 13 | Security MeasuresAccess Control Lists– 368 –◆ Source/Destination IP Subnet Mask – Subnet mask for source or destination address. (See
CHAPTER 13 | Security MeasuresAccess Control Lists– 369 –Figure 190: Configuring a ARP ACLBINDING A PORT TO ANACCESS CONTROLLISTAfter configuring
CONTENTS– 37 –show ethernet cfm md 1323show ethernet cfm ma 1324show ethernet cfm maintenance-points local 1325show ethernet cfm maintenance-poin
CHAPTER 13 | Security MeasuresARP Inspection– 370 –WEB INTERFACETo bind an ACL to a port: 1. Click Security, ACL.2. Select Configure Interface fro
CHAPTER 13 | Security MeasuresARP Inspection– 371 –COMMAND USAGEEnabling & Disabling ARP Inspection◆ ARP Inspection is controlled on a global
CHAPTER 13 | Security MeasuresARP Inspection– 372 –with different MAC addresses are classified as invalid and are dropped. IP – Checks the ARP bod
CHAPTER 13 | Security MeasuresARP Inspection– 373 – Src-MAC – Validates the source MAC address in the Ethernet header against the sender MAC addre
CHAPTER 13 | Security MeasuresARP Inspection– 374 –◆ ARP Inspection uses the DHCP snooping bindings database for the list of valid IP-to-MAC addre
CHAPTER 13 | Security MeasuresARP Inspection– 375 –Figure 193: Configuring VLAN Settings for ARP InspectionCONFIGURINGINTERFACE SETTINGSFOR ARP I
CHAPTER 13 | Security MeasuresARP Inspection– 376 –3. Specify any untrusted ports which require ARP inspection, and adjust the packet inspection r
CHAPTER 13 | Security MeasuresARP Inspection– 377 –WEB INTERFACETo display statistics for ARP Inspection: 1. Click Security, ARP Inspection.2. Sel
CHAPTER 13 | Security MeasuresFiltering IP Addresses for Management Access– 378 –WEB INTERFACETo display the ARP Inspection log: 1. Click Security
CHAPTER 13 | Security MeasuresFiltering IP Addresses for Management Access– 379 –◆ You can delete an address range just by specifying the start ad
CONTENTS– 38 –45 DOMAIN NAME SERVICE COMMANDS 1351ip domain-list 1351ip domain-lookup 1352ip domain-name 1353ip host 1354ip name-server 1355ipv
CHAPTER 13 | Security MeasuresConfiguring Port Security– 380 –To show a list of IP addresses authorized for management access: 1. Click Security,
CHAPTER 13 | Security MeasuresConfiguring Port Security– 381 –◆ When the port security state is changed from enabled to disabled, all dynamically
CHAPTER 13 | Security MeasuresConfiguring 802.1X Port Authentication– 382 –The maximum address count is effective when port security is enabled or
CHAPTER 13 | Security MeasuresConfiguring 802.1X Port Authentication– 383 –ports in a network can be centrally controlled from a server, which mea
CHAPTER 13 | Security MeasuresConfiguring 802.1X Port Authentication– 384 –◆ Each client that needs to be authenticated must have dot1X client sof
CHAPTER 13 | Security MeasuresConfiguring 802.1X Port Authentication– 385 –4. Click ApplyFigure 201: Configuring Global Settings for 802.1X Port
CHAPTER 13 | Security MeasuresConfiguring 802.1X Port Authentication– 386 –◆ Control Mode – Sets the authentication mode to one of the following o
CHAPTER 13 | Security MeasuresConfiguring 802.1X Port Authentication– 387 –a port, the switch will initiate authentication when the port link stat
CHAPTER 13 | Security MeasuresConfiguring 802.1X Port Authentication– 388 –◆ Identifier (Server) – Identifier carried in the most recent EAP Succe
CHAPTER 13 | Security MeasuresConfiguring 802.1X Port Authentication– 389 –DISPLAYING 802.1XSTATISTICSUse the Security > Port Authentication (S
CONTENTS– 39 –netbios-name-server 1376netbios-node-type 1377network 1377next-server 1378clear ip dhcp binding 1379show ip dhcp binding 1379show ip
CHAPTER 13 | Security MeasuresDoS Protection– 390 –WEB INTERFACETo display port authenticator statistics for 802.1X: 1. Click Security, Port Authe
CHAPTER 13 | Security MeasuresIP Source Guard– 391 –◆ TCP Scan – Configures the switch to protect against the types of DoS attacks described below
CHAPTER 13 | Security MeasuresIP Source Guard– 392 –CONFIGURING PORTSFOR IP SOURCEGUARDUse the Security > IP Source Guard > Port Configurati
CHAPTER 13 | Security MeasuresIP Source Guard– 393 –PARAMETERSThese parameters are displayed:◆ Filter Type – Configures the switch to filter inbou
CHAPTER 13 | Security MeasuresIP Source Guard– 394 –CONFIGURING STATICBINDINGS FOR IPSOURCE GUARDUse the Security > IP Source Guard > Static
CHAPTER 13 | Security MeasuresIP Source Guard– 395 –4. Click ApplyFigure 206: Configuring Static Bindings for IP Source GuardTo display static bi
CHAPTER 13 | Security MeasuresDHCP Snooping– 396 –◆ IP Address – A valid unicast IP address, including classful types A, B or C.Dynamic Binding Li
CHAPTER 13 | Security MeasuresDHCP Snooping– 397 –COMMAND USAGEDHCP Snooping Process◆ Network traffic may be disrupted when malicious DHCP message
CHAPTER 13 | Security MeasuresDHCP Snooping– 398 – If a DHCP packet from a client passes the filtering criteria above, it will only be forwarded t
CHAPTER 13 | Security MeasuresDHCP Snooping– 399 –DHCP packets, keep the existing information, or replace it with the switch’s relay information.D
ABOUT THIS GUIDE– 4 –REVISION HISTORY This section summarizes the changes in each revision of this guide.APRIL 2013 RELEASEThis is the first version
CONTENTS– 40 –ip helper 1404ip helper-address 1405show ip helper 1406IPv6 Interface 1407Interface Address Configuration and Utilities 1408ipv6
CHAPTER 13 | Security MeasuresDHCP Snooping– 400 –4. Click ApplyFigure 209: Configuring Global Settings for DHCP SnoopingDHCP SNOOPINGVLANCONFIGU
CHAPTER 13 | Security MeasuresDHCP Snooping– 401 –WEB INTERFACETo configure global settings for DHCP Snooping: 1. Click Security, IP Source Guard,
CHAPTER 13 | Security MeasuresDHCP Snooping– 402 –WEB INTERFACETo configure global settings for DHCP Snooping: 1. Click Security, IP Source Guard,
CHAPTER 13 | Security MeasuresDHCP Snooping– 403 –◆ Store – Writes all dynamically learned snooping entries to flash memory. This function can be
CHAPTER 13 | Security MeasuresDHCP Snooping– 404 –
– 405 –14 BASIC ADMINISTRATION PROTOCOLSThis chapter describes basic administration tasks including:◆ Event Logging – Sets conditions for logging ev
CHAPTER 14 | Basic Administration ProtocolsConfiguring Event Logging– 406 –The System Logs page allows you to configure and limit system messages
CHAPTER 14 | Basic Administration ProtocolsConfiguring Event Logging– 407 –3. Enable or disable system logging, set the level of event messages to
CHAPTER 14 | Basic Administration ProtocolsConfiguring Event Logging– 408 –REMOTE LOGCONFIGURATIONUse the Administration > Log > Remote page
CHAPTER 14 | Basic Administration ProtocolsConfiguring Event Logging– 409 –Figure 215: Configuring Settings for Remote Logging of Error MessagesS
CONTENTS– 41 –tunnel source vlan 1444tunnel ttl 1445show ipv6 tunnel 144549 IP ROUTING COMMANDS 1447Global Routing Configuration 1447IPv4 Comman
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 410 –WEB INTERFACETo configure SMTP alert messages: 1. Click Administrat
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 411 –SETTING LLDP TIMINGATTRIBUTESUse the Administration > LLDP (Conf
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 412 –should therefore periodically check the value of lldpStatsRemTableL
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 413 –CONFIGURING LLDPINTERFACEATTRIBUTESUse the Administration > LLDP
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 414 –Since there are typically a number of different addresses associate
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 415 – Max Frame Size – The maximum frame size. (See "Configuring Su
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 416 –Figure 218: Configuring LLDP Interface AttributesDISPLAYING LLDPLO
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 417 –◆ Chassis ID – An octet string indicating the specific identifier f
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 418 –WEB INTERFACETo display LLDP information for the local device: 1. C
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 419 –PARAMETERSThese parameters are displayed:Port◆ Local Port – The loc
CONTENTS– 42 –show ip protocols rip 1473show ip rip 1473Open Shortest Path First (OSPFv2) 1474General Configuration 1476router ospf 1476compati
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 420 –◆ Port Description – A string that indicates the port’s description
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 421 –Port Details – 802.3 Extension Port Information◆ Remote Port Auto-N
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 422 –◆ Remote Power Pairs – “Signal” means that the signal pairs only ar
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 423 –Figure 221: Displaying Remote Device Information for LLDP (Port)
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 424 –Figure 222: Displaying Remote Device Information for LLDP (Port De
CHAPTER 14 | Basic Administration ProtocolsLink Layer Discovery Protocol– 425 –PARAMETERSThese parameters are displayed:General Statistics on Remo
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 426 –Figure 223: Displaying LLDP Device Statistics (General)Figure
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 427 –as well as the traffic passing through its ports. A network ma
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 428 –COMMAND USAGEConfiguring SNMPv1/2c Management AccessTo configu
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 429 –PARAMETERSThese parameters are displayed:◆ Agent Status – Enab
CONTENTS– 43 –show ip ospf database 1505show ip ospf interface 1511show ip ospf neighbor 1512show ip ospf route 1513show ip ospf virtual-links
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 430 –ID is deleted or changed, all SNMP users will be cleared. You
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 431 –COMMAND USAGE◆ SNMP passwords are localized using the engine I
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 432 –Figure 228: Showing Remote Engine IDs for SNMPSETTING SNMPV3V
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 433 –3. Select Add View from the Action list.4. Enter a view name a
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 434 –5. Click ApplyFigure 231: Adding an OID Subtree to an SNMP Vi
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 435 –CONFIGURINGSNMPV3 GROUPSUse the Administration > SNMP (Conf
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 436 –Table 29: Supported Notification Messages Model Level Grou
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 437 –Private TrapsswPowerStatusChangeTrap 1.3.6.1.4.1.22426.1.26910
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 438 –WEB INTERFACETo configure an SNMP group:1. Click Administratio
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 439 –SETTING COMMUNITYACCESS STRINGSUse the Administration > SNM
CONTENTS– 44 –show ipv6 ospf route 1541show ipv6 ospf virtual-links 154250 MULTICAST ROUTING COMMANDS 1545General Multicast Routing 1545IPv4 Com
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 440 –To show the community access strings:1. Click Administration,
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 441 – AuthPriv – SNMP communications use both authentication and en
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 442 –To show local SNMPv3 users:1. Click Administration, SNMP.2. Se
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 443 –◆ Security Level – The following security levels are only used
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 444 –Figure 239: Configuring Remote SNMPv3 UsersTo show remote SNM
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 445 –SPECIFYING TRAPMANAGERSUse the Administration > SNMP (Confi
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 446 –PARAMETERSThese parameters are displayed:SNMP Version 1◆ IP Ad
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 447 –SNMP Version 3◆ IP Address – IP address of a new management st
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 448 –WEB INTERFACETo configure trap managers:1. Click Administratio
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 449 –Figure 243: Configuring Trap Managers (SNMPv3)To show configu
CONTENTS– 45 –ip pim rp-candidate 1568ip pim spt-threshold 1570ip pim dr-priority 1571ip pim join-prune-interval 1572clear ip pim bsr rp-set
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 450 –COMMAND USAGE◆ Systems that support SNMP often need a mechanis
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 451 –4. Fill in the IP address of a configured trap manager and the
CHAPTER 14 | Basic Administration ProtocolsSimple Network Management Protocol– 452 –◆ Unknown community name – The total number of SNMP messages d
CHAPTER 14 | Basic Administration ProtocolsRemote Monitoring– 453 –◆ Response PDUs – The total number of SNMP Get-Response PDUs which have been ac
CHAPTER 14 | Basic Administration ProtocolsRemote Monitoring– 454 –a trap message to the management agent which can then respond to the event if s
CHAPTER 14 | Basic Administration ProtocolsRemote Monitoring– 455 –threshold, and again moves back up to the rising threshold. (Range: 1-65535)◆ R
CHAPTER 14 | Basic Administration ProtocolsRemote Monitoring– 456 –Figure 248: Configuring an RMON AlarmTo show configured RMON alarms:1. Click A
CHAPTER 14 | Basic Administration ProtocolsRemote Monitoring– 457 –CONFIGURING RMONEVENTSUse the Administration > RMON (Configure Global - Add
CHAPTER 14 | Basic Administration ProtocolsRemote Monitoring– 458 –WEB INTERFACETo configure an RMON event:1. Click Administration, RMON.2. Select
CHAPTER 14 | Basic Administration ProtocolsRemote Monitoring– 459 –Figure 251: Showing Configured RMON EventsCONFIGURING RMONHISTORY SAMPLESUse t
CONTENTS– 46 –show ipv6 pim rp mapping 1597show ipv6 pim rp-hash 1598SECTION IV APPENDICES 1599ASOFTWARE SPECIFICATIONS 1601Software Features 160
CHAPTER 14 | Basic Administration ProtocolsRemote Monitoring– 460 –◆ Owner - Name of the person who created this entry. (Range: 1-127 characters)W
CHAPTER 14 | Basic Administration ProtocolsRemote Monitoring– 461 –Figure 253: Showing Configured RMON History SamplesTo show collected RMON hist
CHAPTER 14 | Basic Administration ProtocolsRemote Monitoring– 462 –CONFIGURING RMONSTATISTICAL SAMPLESUse the Administration > RMON (Configure
CHAPTER 14 | Basic Administration ProtocolsRemote Monitoring– 463 –Figure 255: Configuring an RMON Statistical SampleTo show configured RMON stat
CHAPTER 14 | Basic Administration ProtocolsEthernet Ring Protection Switching– 464 –Figure 257: Showing Collected RMON Statistical SamplesETHERNE
CHAPTER 14 | Basic Administration ProtocolsEthernet Ring Protection Switching– 465 –blocking traffic over the RPL. When a ring failure occurs, the
CHAPTER 14 | Basic Administration ProtocolsEthernet Ring Protection Switching– 466 –Configuration Guidelines for ERPS1. Create an ERPS ring (Confi
CHAPTER 14 | Basic Administration ProtocolsEthernet Ring Protection Switching– 467 –◆ Ring ports can not be a member of a dynamic trunk. ◆ Dynamic
CHAPTER 14 | Basic Administration ProtocolsEthernet Ring Protection Switching– 468 –ERPS RINGCONFIGURATIONUse the Administration > ERPS (Config
CHAPTER 14 | Basic Administration ProtocolsEthernet Ring Protection Switching– 469 –Configure Details◆ Domain Name – Name of a configured ERPS rin
– 47 –FIGURESFigure 1: Home Page 106Figure 2: Front Panel Indicators 107Figure 3: System Information 130Figure 4: General Switch Information 132Figu
CHAPTER 14 | Basic Administration ProtocolsEthernet Ring Protection Switching– 470 –◆ RPL Owner – Configures a ring node to be the Ring Protection
CHAPTER 14 | Basic Administration ProtocolsEthernet Ring Protection Switching– 471 –Control VLAN must be tagged. Failure to observe these restrict
CHAPTER 14 | Basic Administration ProtocolsEthernet Ring Protection Switching– 472 –Figure 260: Creating an ERPS RingTo configure the ERPS parame
CHAPTER 14 | Basic Administration ProtocolsEthernet Ring Protection Switching– 473 –Figure 262: Creating an ERPS Ring (Secondary Ring)To show the
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 474 –CONNECTIVITY FAULT MANAGEMENTConnectivity Fault Management (CFM) is
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 475 –the DSAPs within an MA, and may also include interconnection points
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 476 –distinguished by the domain name, maintenance level, maintenance as
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 477 –3. Configure the local maintenance end points (MEPs) which will ser
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 478 –Domains"), Configure MA page (see "Configuring CFM Mainte
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 479 –Continuity Check Errors◆ Connectivity Check Config – Sends a trap i
FIGURES– 48 –Figure 32: Displaying Port Information 166Figure 33: Configuring Local Port Mirroring 166Figure 34: Configuring Local Port Mirroring 16
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 480 –WEB INTERFACETo configure global settings for CFM:1. Click Administ
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 481 –CONFIGURINGINTERFACES FOR CFMCFM processes are enabled by default f
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 482 –CLI REFERENCES◆ "CFM Commands" on page 1309COMMAND USAGEC
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 483 –The MIP creation method defined for an MA (see "Configuring CF
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 484 –PARAMETERSThese parameters are displayed:Creating a Maintenance Dom
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 485 –3. Select Add from the Action list.4. Specify the maintenance domai
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 486 –To configure detailed settings for maintenance domains:1. Click Adm
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 487 –◆ Multiple domains at the same maintenance level cannot have an MA
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 488 –◆ MIP Creation Type – Specifies the CFM protocol’s creation method
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 489 –◆ AIS Transmit Level – Configure the AIS maintenance level in an MA
FIGURES– 49 –Figure 68: Configuring Static VLAN Members by Interface Range 207Figure 69: Configuring Global Status of GVRP 208Figure 70: Configuring
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 490 –Figure 272: Showing Maintenance AssociationsTo configure detailed
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 491 –CONFIGURINGMAINTENANCE ENDPOINTSUse the Administration > CFM (Co
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 492 –6. Click Apply.Figure 274: Configuring Maintenance End PointsTo sh
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 493 –COMMAND USAGE◆ All MEPs that exist on other devices inside a mainte
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 494 –Figure 276: Configuring Remote Maintenance End PointsTo show the c
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 495 –◆ LTMs are sent as multicast CFM frames, and forwarded from MIP to
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 496 –5. Click Apply.6. Check the results in the Link Trace cache (see &q
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 497 –◆ MA Index – MA identifier. (Range: 0-4094)◆ Source MEP ID – The id
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 498 –TRANSMITTING DELAY-MEASURE REQUESTSUse the Administration > CFM
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 499 –◆ Count – The number of times to retry sending the message if no re
– 5 –CONTENTSABOUT THIS GUIDE 3CONTENTS 5FIGURES 47TABLES 61SECTION I GETTING STARTED 691INTRODUCTION 71Key Features 71Description of Software Feat
FIGURES– 50 –Figure 104: Displaying Global Settings for STA 251Figure 105: Configuring Interface Settings for STA 255Figure 106: STA Port Roles 257F
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 500 –DISPLAYING LOCALMEPSUse the Administration > CFM > Show Infor
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 501 –DISPLAYING DETAILSFOR LOCAL MEPSUse the Administration > CFM >
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 502 –◆ Suppress Alarm – Shows if the specified MEP is configured to supp
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 503 –DISPLAYING LOCALMIPSUse the Administration > CFM > Show Infor
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 504 –DISPLAYING REMOTEMEPSUse the Administration > CFM > Show Info
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 505 –DISPLAYING DETAILSFOR REMOTE MEPSUse the Administration > CFM &g
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 506 – Down – The interface cannot pass packets. Testing – The interface
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 507 –DISPLAYING THE LINKTRACE CACHEUse the Administration > CFM >
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 508 – EgrVid – The Egress Port can be identified, but the bridge port is
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 509 –◆ Alarm Time – The time a defect must exist before a fault alarm is
FIGURES– 51 –Figure 140: Configuring a Voice VLAN 304Figure 141: Configuring an OUI Telephony List 306Figure 142: Showing an OUI Telephony List 306F
CHAPTER 14 | Basic Administration ProtocolsConnectivity Fault Management– 510 –and some other MA y, at a higher maintenance level, and associated
– 511 –15 MULTICAST FILTERING This chapter describes how to configure the following multicast services:◆ Layer 2 IGMP – Configures snooping and quer
CHAPTER 15 | Multicast FilteringIGMP Protocol– 512 –This switch can use Internet Group Management Protocol (IGMP) to filter multicast traffic. IGM
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 513 –across different subnetworks. Therefore, when PIM routing is enabled for a
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 514 –NOTE: When the switch is configured to use IGMPv3 snooping, the snooping v
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 515 –CONFIGURING IGMPSNOOPING AND QUERYPARAMETERSUse the Multicast > IGMP Sn
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 516 –◆ Proxy Reporting Status – Enables IGMP Snooping with Proxy Reporting. (De
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 517 –When the root bridge in a spanning tree receives a TCN for a VLAN where IG
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 518 –◆ IGMP Snooping Version – Sets the protocol version for compatibility with
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 519 –SPECIFYING STATICINTERFACES FOR AMULTICAST ROUTERUse the Multicast > IG
FIGURES– 52 –Figure 176: Copying the SSH User’s Public Key 350Figure 177: Showing the SSH User’s Public Key 350Figure 178: Setting the Name of a Tim
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 520 –To show the static interfaces attached to a multicast router:1. Click Mult
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 521 –ASSIGNINGINTERFACES TOMULTICAST SERVICESUse the Multicast > IGMP Snoopi
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 522 –Figure 295: Assigning an Interface to a Multicast ServiceTo show the stat
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 523 –and snooping switches from different vendors. In response to this problem,
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 524 –NOTE: MRD messages are flooded to all ports in a VLAN where IGMP snooping
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 525 –◆ Multicast Router Discovery – MRD is used to discover which interfaces ar
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 526 –◆ Last Member Query Interval – The interval to wait for a response to a gr
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 527 –Figure 297: Configuring IGMP Snooping on a VLANTo show the interface sett
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 528 –PARAMETERSThese parameters are displayed:◆ IGMP Query Drop – Configures an
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 529 –◆ Group Address – IP multicast group address with subscribers directly att
FIGURES– 53 –Figure 212: Displaying the Binding Table for DHCP Snooping 403Figure 213: Configuring Settings for System Memory Logs 407Figure 214: Sh
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 530 –◆ Port – Port identifier. (Range: 1-28)◆ Trunk – Trunk identifier. (Range:
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 531 –Output Statistics◆ Report – The number of IGMP membership reports sent fro
CHAPTER 15 | Multicast FilteringLayer 2 IGMP (Snooping and Query)– 532 –Figure 302: Displaying IGMP Snooping Statistics – VLAN To display IGMP
CHAPTER 15 | Multicast FilteringFiltering and Throttling IGMP Groups– 533 –FILTERING AND THROTTLING IGMP GROUPSIn certain switch applications, the
CHAPTER 15 | Multicast FilteringFiltering and Throttling IGMP Groups– 534 –Figure 304: Enabling IGMP Filtering and Throttling $$$CONFIGURING IGMP
CHAPTER 15 | Multicast FilteringFiltering and Throttling IGMP Groups– 535 –WEB INTERFACETo create an IGMP filter profile and set its access mode:1
CHAPTER 15 | Multicast FilteringFiltering and Throttling IGMP Groups– 536 –5. Click Apply.Figure 307: Adding Multicast Groups to an IGMP Filterin
CHAPTER 15 | Multicast FilteringFiltering and Throttling IGMP Groups– 537 –removes an existing group and replaces it with the new multicast group.
CHAPTER 15 | Multicast FilteringMLD Snooping (Snooping and Query for IPv6)– 538 –Figure 309: Configuring IGMP Filtering and Throttling Interface
CHAPTER 15 | Multicast FilteringMLD Snooping (Snooping and Query for IPv6)– 539 –An IPv6 address must be configured on the VLAN interface from whi
FIGURES– 54 –Figure 248: Configuring an RMON Alarm 456Figure 249: Showing Configured RMON Alarms 456Figure 250: Configuring an RMON Event 458Figure
CHAPTER 15 | Multicast FilteringMLD Snooping (Snooping and Query for IPv6)– 540 –3. Click Apply.Figure 310: Configuring General Settings for MLD
CHAPTER 15 | Multicast FilteringMLD Snooping (Snooping and Query for IPv6)– 541 –Figure 311: Configuring Immediate Leave for MLD SnoopingSPECIFYI
CHAPTER 15 | Multicast FilteringMLD Snooping (Snooping and Query for IPv6)– 542 –Figure 312: Configuring a Static Interface for an IPv6 Multicast
CHAPTER 15 | Multicast FilteringMLD Snooping (Snooping and Query for IPv6)– 543 –ASSIGNINGINTERFACES TO IPV6MULTICAST SERVICESUse the Multicast &g
CHAPTER 15 | Multicast FilteringMLD Snooping (Snooping and Query for IPv6)– 544 –Figure 315: Assigning an Interface to an IPv6 Multicast Service
CHAPTER 15 | Multicast FilteringMLD Snooping (Snooping and Query for IPv6)– 545 –Figure 317: Showing Current Interfaces Assigned to an IPv6 Multi
CHAPTER 15 | Multicast FilteringLayer 3 IGMP (Query used with Multicast Routing)– 546 –◆ Request List – Sources included on the router’s request l
CHAPTER 15 | Multicast FilteringLayer 3 IGMP (Query used with Multicast Routing)– 547 –NOTE: Multicast Routing Discovery (MRD) is used to discover
CHAPTER 15 | Multicast FilteringLayer 3 IGMP (Query used with Multicast Routing)– 548 –the proxy devices independent of the multicast routing prot
CHAPTER 15 | Multicast FilteringLayer 3 IGMP (Query used with Multicast Routing)– 549 –◆ The system periodically checks the multicast route table
FIGURES– 55 –Figure 284: Showing Information on Remote MEPs 504Figure 285: Showing Detailed Information on Remote MEPs 506Figure 286: Showing the Li
CHAPTER 15 | Multicast FilteringLayer 3 IGMP (Query used with Multicast Routing)– 550 –CONFIGURING IGMPINTERFACEPARAMETERSUse the Multicast > I
CHAPTER 15 | Multicast FilteringLayer 3 IGMP (Query used with Multicast Routing)– 551 –the QRV field does not contain a declared robustness value,
CHAPTER 15 | Multicast FilteringLayer 3 IGMP (Query used with Multicast Routing)– 552 –WEB INTERFACETo configure IGMP interface settings:1. Click
CHAPTER 15 | Multicast FilteringLayer 3 IGMP (Query used with Multicast Routing)– 553 –◆ The switch supports a maximum of 64 static group entries.
CHAPTER 15 | Multicast FilteringLayer 3 IGMP (Query used with Multicast Routing)– 554 –Figure 323: Showing Static IGMP Groups DISPLAYINGMULTICAST
CHAPTER 15 | Multicast FilteringLayer 3 IGMP (Query used with Multicast Routing)– 555 –◆ V1 Timer – The time remaining until the switch assumes th
CHAPTER 15 | Multicast FilteringLayer 3 IGMP (Query used with Multicast Routing)– 556 – Forward – Indicates whether or not traffic will be forward
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 557 –MULTICAST VLAN REGISTRATIONMulticast VLAN Registration (MVR) is a protocol that
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 558 –group to the participating interfaces (see "Assigning Static MVR Multicast
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 559 –WEB INTERFACETo configure global settings for MVR:1. Click Multicast, MVR.2. Sel
FIGURES– 56 –Figure 320: Configuring IGMP Proxy Routing 549Figure 321: Configuring IGMP Interface Settings 552Figure 322: Configuring Static IGMP Gr
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 560 –PARAMETERSThese parameters are displayed:Configure Profile◆ Profile Name – The n
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 561 –To show the configured MVR group address profiles:1. Click Multicast, MVR.2. Sel
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 562 –Figure 331: Showing the MVR Group Address Profiles Assigned to a Domain CONFI
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 563 –remaining subscribers for that multicast group before removing the port from the
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 564 –WEB INTERFACETo configure interface settings for MVR:1. Click Multicast, MVR.2.
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 565 –◆ The MVR VLAN cannot be specified as the receiver VLAN for static bindings.PARA
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 566 –4. Select an MVR domain.5. Select the port or trunk for which to display this in
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 567 –WEB INTERFACETo show all MVR groups assigned to a port:1. Click Multicast, MVR.2
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 568 –◆ General Query Sent – The number of general queries sent from this interface.◆
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 569 –WEB INTERFACETo display statistics for MVR query-related messages:1. Click Multi
FIGURES– 57 –Figure 356: Showing the List of Name Servers for DNS 599Figure 357: Configuring Static Entries in the DNS Table 600Figure 358: Showing
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 570 –To display MVR protocol-related statistics for a VLAN:1. Click Multicast, MVR.2.
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 571 –To display MVR protocol-related statistics for a port:1. Click Multicast, MVR.2.
CHAPTER 15 | Multicast FilteringMulticast VLAN Registration– 572 –
– 573 –16 IP CONFIGURATIONThis chapter describes how to configure an initial IP interface for management access to the switch over the network. This
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 4)– 574 –◆ To enable routing between interfaces defined on this switch an
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 4)– 575 –WEB INTERFACETo set a static address for the switch:1. Click IP,
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 4)– 576 –Figure 340: Configuring a Dynamic IPv4 AddressNOTE: The switch
CHAPTER 16 | IP ConfigurationSending DHCP Inform Requests for Additional Information– 577 –Figure 341: Showing the Configured IP Address for an I
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 578 –WEB INTERFACETo send DHCP Inform requests for additional informa
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 579 –CONFIGURING THEIPV6 DEFAULTGATEWAYUse the IP > IPv6 Configura
FIGURES– 58 –Figure 392: Setting the Maximum ECMP Number 638Figure 393: Master Virtual Router with Backup Routers 639Figure 394: Several Virtual Mas
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 580 –◆ "DHCP Client" on page 1361COMMAND USAGE◆ The switch
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 581 –◆ ND DAD Attempts – The number of consecutive neighbor solicitat
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 582 – This time limit is included in all router advertisements sent o
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 583 –◆ The switch must always be configured with a link-local address
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 584 – EUI-64 (Extended Universal Identifier) – Configures an IPv6 add
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 585 –3. Specify the VLAN to configure, select the address type, and t
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 586 –example, FF02::1:FF90:0/104 is the solicited-node multicast addr
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 587 –SHOWING THE IPV6NEIGHBOR CACHEUse the IP > IPv6 Configuration
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 588 –Figure 347: Showing IPv6 NeighborsSHOWING IPV6STATISTICSUse the
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 589 –PARAMETERSThese parameters are displayed:Table 33: Show IPv6 Sta
FIGURES– 59 –Figure 428: Showing General Settings for OSPF 677Figure 429: Adding an NSSA or Stub 678Figure 430: Showing NSSAs or Stubs 679Figure 431
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 590 –IPv6 TransmittedForwards Datagrams The number of output datagram
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 591 –Neighbor Advertisement MessagesThe number of ICMP Neighbor Adver
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 592 –WEB INTERFACETo show the IPv6 statistics:1. Click IP, IPv6 Confi
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 593 –Figure 349: Showing IPv6 Statistics (ICMPv6)Figure 350: Showin
CHAPTER 16 | IP ConfigurationSetting the Switch’s IP Address (IP Version 6)– 594 –SHOWING THE MTUFOR RESPONDINGDESTINATIONSUse the IP > IPv6 Co
– 595 –17 IP SERVICESThis chapter describes the following IP services:◆ DNS – Configures default domain names, identifies servers to use for dynamic
CHAPTER 17 | IP ServicesDomain Name Service– 596 –COMMAND USAGE◆ To enable DNS service on this switch, enable domain lookup status, and configure
CHAPTER 17 | IP ServicesDomain Name Service– 597 –◆ If there is no domain list, the default domain name is used (see "Configuring General DNS
CHAPTER 17 | IP ServicesDomain Name Service– 598 –Figure 354: Showing the List of Domain Names for DNSCONFIGURING A LISTOF NAME SERVERSUse the IP
CHAPTER 17 | IP ServicesDomain Name Service– 599 –Figure 355: Configuring a List of Name Servers for DNSTo show the list name servers:1. Click IP
CONTENTS– 6 –SECTION II WEB CONFIGURATION 1033USING THE WEB INTERFACE 105Connecting to the Web Interface 105Navigating the Web Browser Interface 1
FIGURES– 60 –Figure 464: Configuring a Static Rendezvous Point 723Figure 465: Showing Static Rendezvous Points 723Figure 466: Configuring an RP Cand
CHAPTER 17 | IP ServicesDomain Name Service– 600 –WEB INTERFACETo configure static entries in the DNS table:1. Click IP Service, DNS, Static Host
CHAPTER 17 | IP ServicesDynamic Host Configuration Protocol– 601 –client can try each address in succession, until it establishes a connection wit
CHAPTER 17 | IP ServicesDynamic Host Configuration Protocol– 602 –SPECIFYING A DHCPCLIENT IDENTIFIERUse the IP Service > DHCP > Client page
CHAPTER 17 | IP ServicesDynamic Host Configuration Protocol– 603 –CONFIGURING DHCPRELAY SERVICEUse the IP Service > DHCP > Relay page to con
CHAPTER 17 | IP ServicesDynamic Host Configuration Protocol– 604 –Figure 362: Configuring DHCP Relay ServiceCONFIGURING THEDHCP SERVERThis switch
CHAPTER 17 | IP ServicesDynamic Host Configuration Protocol– 605 –ENABLING THE SERVERUse the IP Service > DHCP > Server (Configure Global) p
CHAPTER 17 | IP ServicesDynamic Host Configuration Protocol– 606 –◆ End IP Address – The last address in a range that the DHCP server should not a
CHAPTER 17 | IP ServicesDynamic Host Configuration Protocol– 607 –CONFIGURING ADDRESS POOLSUse the IP Service > DHCP > Server (Configure Poo
CHAPTER 17 | IP ServicesDynamic Host Configuration Protocol– 608 –◆ Subnet Mask – The bit combination that identifies the network (or subnet) and
CHAPTER 17 | IP ServicesDynamic Host Configuration Protocol– 609 –3. Select Add from the Action list.4. Set the pool Type to Network or Host. 5. E
– 61 –TABLESTable 1: Key Features 71Table 2: System Defaults 79Table 3: Options 60, 66 and 67 Statements 96Table 4: Options 55 and 124 Statements
CHAPTER 17 | IP ServicesDynamic Host Configuration Protocol– 610 –Figure 368: Configuring DHCP Server Address Pools (Host)To show the configured
CHAPTER 17 | IP ServicesForwarding UDP Service Requests– 611 –PARAMETERSThese parameters are displayed:◆ IP Address – IP address assigned to host.
CHAPTER 17 | IP ServicesForwarding UDP Service Requests– 612 –ENABLING THE UDPHELPERUse the IP Service > UDP Helper > General page to enable
CHAPTER 17 | IP ServicesForwarding UDP Service Requests– 613 –IEN-116 Name Service port 42NetBIOS Datagram Server port 138NetBIOS Name Server p
CHAPTER 17 | IP ServicesForwarding UDP Service Requests– 614 –SPECIFYING THETARGET SERVER ORSUBNETUse the IP Service > UDP Helper > Address
CHAPTER 17 | IP ServicesConfiguring the PPPoE Intermediate Agent– 615 –3. Enter the address of the remote server or subnet where UDP request packe
CHAPTER 17 | IP ServicesConfiguring the PPPoE Intermediate Agent– 616 –COMMAND USAGEWhen PPPoE IA is enabled, the switch inserts a tag identifying
CHAPTER 17 | IP ServicesConfiguring the PPPoE Intermediate Agent– 617 –Figure 376: Configuring Global Settings for PPPoE Intermediate AgentCONFIG
CHAPTER 17 | IP ServicesConfiguring the PPPoE Intermediate Agent– 618 – The switch intercepts PPPoE discovery frames from the client and inserts a
CHAPTER 17 | IP ServicesConfiguring the PPPoE Intermediate Agent– 619 –SHOWING PPPOE IASTATISTICSUse the IP Service > PPPoE Intermediate Agent
TABLES– 62 –Table 32: ShowIPv6 Neighbors - display description 587Table 33: Show IPv6 Statistics - display description 589Table 34: Show MTU - dis
CHAPTER 17 | IP ServicesConfiguring the PPPoE Intermediate Agent– 620 –Figure 378: Showing PPPoE Intermediate Agent Statisticsg
– 621 –18 GENERAL IP ROUTINGThis chapter provides information on network functions including:◆ Ping – Sends ping message to another node on the netw
CHAPTER 18 | General IP RoutingIP Routing and Switching– 622 –Figure 379: Virtual Interfaces and Layer 3 RoutingIP ROUTING AND SWITCHINGIP Switch
CHAPTER 18 | General IP RoutingIP Routing and Switching– 623 –broadcast to get the destination MAC address from the destination node. The IP packe
CHAPTER 18 | General IP RoutingConfiguring IP Routing Interfaces– 624 –ROUTING PROTOCOLS The switch supports both static and dynamic routing.◆ Sta
CHAPTER 18 | General IP RoutingConfiguring IP Routing Interfaces– 625 –unknown destinations, i.e., packets that do not match any routing table ent
CHAPTER 18 | General IP RoutingConfiguring IP Routing Interfaces– 626 –WEB INTERFACETo ping another device on the network:1. Click IP, General, Pi
CHAPTER 18 | General IP RoutingAddress Resolution Protocol– 627 –returning an “ICMP port unreachable” message. If the timer goes off before a resp
CHAPTER 18 | General IP RoutingAddress Resolution Protocol– 628 –next hop. IP traffic passes along the path to its final destination in this way,
CHAPTER 18 | General IP RoutingAddress Resolution Protocol– 629 –Figure 382: Proxy ARPPARAMETERSThese parameters are displayed:◆ Timeout – Sets t
TABLES– 63 –Table 68: User Access Commands 864Table 69: Default Login Settings 865Table 70: Authentication Sequence Commands 866Table 71: RADIUS
CHAPTER 18 | General IP RoutingAddress Resolution Protocol– 630 –Figure 383: Configuring General Settings for ARPCONFIGURING STATICARP ADDRESSESF
CHAPTER 18 | General IP RoutingAddress Resolution Protocol– 631 –WEB INTERFACETo map an IP address to the corresponding physical address in the AR
CHAPTER 18 | General IP RoutingAddress Resolution Protocol– 632 –DISPLAYING DYNAMICOR LOCAL ARPENTRIESThe ARP cache contains static entries, and e
CHAPTER 18 | General IP RoutingConfiguring Static Routes– 633 –DISPLAYING ARPSTATISTICSUse the IP > ARP (Show Information) page to display stat
CHAPTER 18 | General IP RoutingConfiguring Static Routes– 634 –network topology, so you should only configure a small number of stable routes to e
CHAPTER 18 | General IP RoutingDisplaying the Routing Table– 635 –Figure 389: Configuring Static RoutesTo display static routes:1. Click IP, Rout
CHAPTER 18 | General IP RoutingDisplaying the Routing Table– 636 –network, the routing table is updated, and those changes are immediately reflect
CHAPTER 18 | General IP RoutingEqual-cost Multipath Routing– 637 –Figure 391: Displaying the Routing TableEQUAL-COST MULTIPATH ROUTINGUse the IP
CHAPTER 18 | General IP RoutingEqual-cost Multipath Routing– 638 –◆ The routing table can only have up to 8 equal-cost multipaths for static routi
– 639 –19 CONFIGURING ROUTER REDUNDANCYRouter redundancy protocols use a virtual IP address to support a primary router and multiple backup routers.
TABLES– 64 –Table 104: show lacp neighbors - display description 1027Table 105: show lacp sysid - display description 1028Table 106: Port Mirrorin
CHAPTER 19 | Configuring Router RedundancyConfiguring VRRP Groups– 640 –Figure 395: Several Virtual Master Routers Configured for Mutual Backup a
CHAPTER 19 | Configuring Router RedundancyConfiguring VRRP Groups– 641 –priority. In cases where the configured priority is the same on several gr
CHAPTER 19 | Configuring Router RedundancyConfiguring VRRP Groups– 642 –◆ VLAN – ID of a VLAN configured with an IP interface. (Range: 1-4093; Def
CHAPTER 19 | Configuring Router RedundancyConfiguring VRRP Groups– 643 –◆ Authentication Mode – Authentication mode used to verify VRRP packets re
CHAPTER 19 | Configuring Router RedundancyConfiguring VRRP Groups– 644 –Figure 396: Configuring the VRRP Group IDTo show the configured VRRP grou
CHAPTER 19 | Configuring Router RedundancyConfiguring VRRP Groups– 645 –Figure 398: Setting the Virtual Router Address for a VRRP GroupTo show th
CHAPTER 19 | Configuring Router RedundancyDisplaying VRRP Global Statistics– 646 –Figure 400: Configuring Detailed Settings for a VRRP GroupDISPL
CHAPTER 19 | Configuring Router RedundancyDisplaying VRRP Group Statistics– 647 –Figure 401: Showing Counters for Errors Found in VRRP PacketsDIS
CHAPTER 19 | Configuring Router RedundancyDisplaying VRRP Group Statistics– 648 –WEB INTERFACETo show counters for VRRP protocol events and errors
– 649 –20 UNICAST ROUTINGThis chapter describes how to configure the following unicast routing protocols:RIP – Configures Routing Information Protoc
TABLES– 65 –Table 140: IGMP Snooping Commands 1186Table 141: show ip igmp snooping statistics input - display description 1204Table 142: show ip i
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 650 –To coexist with a network built on multilayer switches, the subnetw
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 651 –versions can take a long time to converge on a new route after the
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 652 –RIP send/receive versions set on the RIP Interface settings screen
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 653 –access list that filters networks according to the IP address of th
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 654 –Figure 404: Configuring General Settings for RIPCLEARING ENTRIESFR
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 655 –◆ Clear Route By Network – Clears a specific route based on its IP
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 656 –PARAMETERSThese parameters are displayed:◆ By Address – Adds a netw
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 657 –Figure 407: Showing Network Interfaces Using RIP SPECIFYING PASSIV
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 658 –Figure 408: Specifying a Passive RIP Interface To show the passive
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 659 –3. Add the address of any static neighbors which may not readily to
TABLES– 66 –Table 176: MEP Defect Descriptions 1346Table 177: show fault-notify-generator - display description 1348Table 178: Address Table Comma
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 660 –◆ Metric – Metric assigned to all external routes for the specified
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 661 –Figure 413: Showing External Routes Redistributed into RIP SPECIFY
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 662 –WEB INTERFACETo define an administrative distance for external rout
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 663 –◆ "ip rip authentication mode" on page 1467◆ "ip rip
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 664 –password. If any incoming protocol messages do not contain the corr
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 665 –◆ Authentication Type – Specifies the type of authentication requir
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 666 –Figure 416: Configuring a Network Interface for RIP To show the ne
CHAPTER 20 | Unicast RoutingConfiguring the Routing Information Protocol– 667 –◆ Rcv Bad Routes – Number of bad routes received.◆ Send Updates – N
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 668 –Figure 419: Showing RIP Peer InformationRESETTING
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 669 –Figure 421: Configuring OSPFCOMMAND USAGE◆ OSPF l
TABLES– 67 –Table 212: show ip ospf database summary - display description 1510Table 213: show ip ospf interface - display description 1511Table 2
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 670 – You can further optimize the exchange of OSPF tra
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 671 –CLI REFERENCES◆ "router ospf" on page 14
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 672 –WEB INTERFACETo define an OSPF area and the interf
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 673 –Figure 425: Showing OSPF Process Identifiers CONF
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 674 –◆ Auto Cost – Calculates the cost for an interface
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 675 –◆ Advertise Default Route12 – The router can adver
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 676 –Figure 427: Configure General Settings for OSPF D
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 677 –WEB INTERFACETo show administrative settings and s
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 678 –ADDING AN NSSA ORSTUBUse the Routing Protocol >
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 679 –To show the NSSA or stubs added to the specified O
TABLES– 68 –
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 680 –CLI REFERENCES◆ "router ospf" on page 14
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 681 –◆ Redistribute – Disable this option when the rout
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 682 –5. Click ApplyFigure 432: Configuring Protocol Se
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 683 –◆ A stub can have multiple ABRs or exit points. Ho
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 684 –Figure 434: Configuring Protocol Settings for a S
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 685 –Figure 435: Displaying Information on NSSA and St
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 686 –PARAMETERSThese parameters are displayed:◆ Process
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 687 –3. Select the process ID.Figure 438: Showing Conf
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 688 –◆ Protocol Type – Specifies the external routing p
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 689 –Figure 440: Importing External Routes To show the
– 69 –SECTION IGETTING STARTEDThis section provides an overview of the switch, and introduces some basic concepts about network switches. It also de
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 690 –CLI REFERENCES◆ "router ospf" on page 14
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 691 –To show the summary addresses for external routes:
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 692 –◆ IP Address – Address of the interfaces assigned
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 693 –◆ Transmit Delay – Sets the estimated time to send
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 694 –the OSPF header when routing protocol packets are
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 695 –Figure 444: Configuring Settings for All Interfac
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 696 –Figure 445: Configuring Settings for a Specific A
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 697 –Figure 447: Showing MD5 Authentication Keys CONFI
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 698 –CLI REFERENCES◆ "router ospf" on page 14
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 699 –To show virtual links:1. Click Routing Protocol, O
CONTENTS– 7 –Displaying Connection Status 165Configuring Port Mirroring 166Showing Port or Trunk Statistics 168Performing Cable Diagnostics 172T
SECTION I | Getting Started– 70 –
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 700 –Figure 452: Showing MD5 Authentication Keys DISPL
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 701 –CLI REFERENCES◆ "show ip ospf database"
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 702 –Figure 453: Displaying Information in the Link St
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 703 – Attempt – Connection down, but attempting contact
CHAPTER 20 | Unicast RoutingConfiguring the Open Shortest Path First Protocol (Version 2)– 704 –
– 705 –21 MULTICAST ROUTINGThis chapter describes the following multicast routing topics:◆ Enabling Multicast Routing Globally – Describes how to gl
CHAPTER 21 | Multicast RoutingOverview– 706 –PIM-DM is a simple multicast routing protocol that uses flood and prune to build a source-routed mult
CHAPTER 21 | Multicast RoutingOverview– 707 –group addresses. The BSR places information about all of the candidate RPs in subsequent bootstrap me
CHAPTER 21 | Multicast RoutingConfiguring Global Settings for Multicast Routing– 708 –data transmission delays. The switch can also be configured
CHAPTER 21 | Multicast RoutingConfiguring Global Settings for Multicast Routing– 709 –DISPLAYING THEMULTICAST ROUTINGTABLEUse the Multicast > M
– 71 –1 INTRODUCTIONThis switch provides a broad range of features for Layer 2 switching and Layer 3 routing. It includes a management agent that al
CHAPTER 21 | Multicast RoutingConfiguring Global Settings for Multicast Routing– 710 –Show Details◆ Group Address – IP group address for a multica
CHAPTER 21 | Multicast RoutingConfiguring Global Settings for Multicast Routing– 711 – Pruned – This route has been terminated. Registering - A do
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 712 –CONFIGURING PIM FOR IPV4This section describes how to configure PIM-DM and PIM-SM for
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 713 –◆ PIM and IGMP proxy cannot be used at the same time. When an interface is set to use
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 714 –Hello messages are sent to neighboring PIM routers from which this device has receive
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 715 –The override interval and the propagation delay are used to calculate the LAN prune d
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 716 –of each router in the tree. This also enables PIM routers to recognize topology chang
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 717 –Figure 459: Configuring PIM Interface Settings (Dense Mode)Figure 460: Configuring
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 718 –DISPLAYING NEIGHBORINFORMATIONUse the Routing Protocol > PIM > Neighbor page to
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 719 –◆ Register Source – Configures the IP source address of a register message to an addr
CHAPTER 1 | IntroductionDescription of Software Features– 72 –DESCRIPTION OF SOFTWARE FEATURESThe switch provides a wide range of advanced perform
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 720 –Figure 462: Configuring Global Settings for PIM-SMCONFIGURING A BSRCANDIDATEUse the
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 721 –with the same seed hash will be mapped to the same RP. If the mask length is less tha
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 722 –◆ If an IP address is specified that was previously used for an RP, then the older en
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 723 –Figure 464: Configuring a Static Rendezvous PointTo display static rendezvous points
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 724 –◆ The election process for each group is based on the following criteria: Find all RP
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 725 –Figure 466: Configuring an RP CandidateTo display settings for an RP candidate:1. Cl
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 726 –◆ Priority – Priority value used by this BSR candidate.◆ Hash Mask Length – The numbe
CHAPTER 21 | Multicast RoutingConfiguring PIM for IPv4– 727 –Figure 468: Showing Information About the BSRDISPLAYING RPMAPPINGUse the Routing Pro
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 728 –Figure 469: Showing RP MappingCONFIGURING PIMV6 FOR IPV6This section describes how
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 729 –CONFIGURING PIMINTERFACE SETTINGSUse the Routing Protocol > PIM6 > Interface
CHAPTER 1 | IntroductionDescription of Software Features– 73 –CONFIGURATIONBACKUP ANDRESTOREYou can save the current configuration settings to a f
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 730 –◆ Hello Holdtime – Sets the interval to wait for hello messages from a neighboring
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 731 –command effectively prompts any downstream neighbors with hosts receiving the flow
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 732 –◆ Max. Graft Retries – The maximum number of times to resend a Graft message if it
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 733 –prune state for this (source, group) pair until the join/prune interval timer expir
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 734 –Figure 472: Configuring PIMv6 Interface Settings (Sparse Mode)DISPLAYING NEIGHBORI
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 735 –CONFIGURING GLOBALPIM6-SM SETTINGSUse the Routing Protocol > PIM6 > PIM6-SM (
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 736 –WEB INTERFACETo configure global settings for PIM6-SM:1. Click Routing Protocol, PI
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 737 –PARAMETERSThese parameters are displayed:◆ BSR Candidate Status – Configures the sw
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 738 –CONFIGURING A PIM6STATIC RENDEZVOUSPOINTUse the Routing Protocol > PIM6 > PIM
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 739 –3. Specify the static RP to use for a multicast group, or a range of groups by usin
CHAPTER 1 | IntroductionDescription of Software Features– 74 –RATE LIMITING This feature controls the maximum rate for traffic transmitted or rece
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 740 –from the BSR also elects an active RP for each group range using the same election
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 741 –multicast group address and mask indicating the groups for which this router is bid
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 742 –◆ Priority – Priority value used by this BSR candidate.◆ Hash Mask Length – The num
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 743 –Figure 480: Showing Information About the PIM6 BSRDISPLAYING RPMAPPINGUse the Rout
CHAPTER 21 | Multicast RoutingConfiguring PIMv6 for IPv6– 744 –Figure 481: Showing PIM6 RP Mapping
– 745 –SECTION IIICOMMAND LINE INTERFACEThis section provides a detailed description of the Command Line Interface, along with examples for all of t
SECTION III | Command Line Interface– 746 –◆ "Class of Service Commands" on page 1155◆ "Quality of Service Commands" on page 1
– 747 –22 USING THE COMMAND LINE INTERFACEThis chapter describes how to use the Command Line Interface (CLI).NOTE: You can only access the console i
CHAPTER 22 | Using the Command Line InterfaceAccessing the CLI– 748 –TELNET CONNECTION Telnet operates over the IP transport protocol. In this env
CHAPTER 22 | Using the Command Line InterfaceEntering Commands– 749 –NOTE: You can open up to eight sessions to the device via Telnet or SSH.ENTER
CHAPTER 1 | IntroductionDescription of Software Features– 75 –This prevents bad frames from entering the network and wasting bandwidth.To avoid dr
CHAPTER 22 | Using the Command Line InterfaceEntering Commands– 750 –GETTING HELP ONCOMMANDSYou can display a brief description of the help system
CHAPTER 22 | Using the Command Line InterfaceEntering Commands– 751 – radius-server RADIUS server information reload Show
CHAPTER 22 | Using the Command Line InterfaceEntering Commands– 752 –NEGATING THE EFFECTOF COMMANDSFor many configuration commands you can enter t
CHAPTER 22 | Using the Command Line InterfaceEntering Commands– 753 –display the “Console#” command prompt. You can also enter Privileged Exec mod
CHAPTER 22 | Using the Command Line InterfaceEntering Commands– 754 –◆ Line Configuration - These commands modify the console port and Telnet conf
CHAPTER 22 | Using the Command Line InterfaceEntering Commands– 755 –For example, you can use the following commands to enter interface configurat
CHAPTER 22 | Using the Command Line InterfaceCLI Command Groups– 756 –CLI COMMAND GROUPSThe system commands can be broken down into the functional
CHAPTER 22 | Using the Command Line InterfaceCLI Command Groups– 757 –The access mode shown in the following tables is indicated by these abbrevia
CHAPTER 22 | Using the Command Line InterfaceCLI Command Groups– 758 –PM (Policy Map Configuration)RC (Router Configuration)VC (VLAN Database Conf
– 759 –23 GENERAL COMMANDSThese commands are used to control the command access mode, configuration mode, and other basic functions.prompt This comm
CHAPTER 1 | IntroductionDescription of Software Features– 76 –◆ Simplify network management for node changes/moves by remotely configuring VLAN me
CHAPTER 23 | General Commands– 760 –EXAMPLE Console(config)#prompt RD2RD2(config)#reload (GlobalConfiguration)This command restarts the system at
CHAPTER 23 | General Commands– 761 –COMMAND USAGE ◆ This command resets the entire system. ◆ Any combination of reload options may be specified. I
CHAPTER 23 | General Commands– 762 –EXAMPLE Console>enablePassword: [privileged level password]Console#RELATED COMMANDS disable (764)enable pas
CHAPTER 23 | General Commands– 763 –EXAMPLE In this example, the show history command lists the contents of the command history buffer:Console#sho
CHAPTER 23 | General Commands– 764 –disable This command returns to Normal Exec mode from privileged mode. In normal access mode, you can only dis
CHAPTER 23 | General Commands– 765 –show reload This command displays the current reload settings, and the time at which next scheduled reload wil
CHAPTER 23 | General Commands– 766 –EXAMPLE This example shows how to return to the Privileged Exec mode from the Global Configuration mode, and t
– 767 –24 SYSTEM MANAGEMENT COMMANDSThese commands are used to control system logs, passwords, user names, management options, and display or config
CHAPTER 24 | System Management CommandsDevice Designation– 768 –hostname This command specifies or modifies the host name for this device. Use the
CHAPTER 24 | System Management CommandsSystem Status– 769 –SYSTEM STATUSThis section describes commands used to display system information.show ac
CHAPTER 1 | IntroductionDescription of Software Features– 77 –ETHERNET RINGPROTECTIONSWITCHINGERPS can also be used to increase the availability a
CHAPTER 24 | System Management CommandsSystem Status– 770 –show memory This command shows memory utilization parameters.COMMAND MODE Normal Exec,
CHAPTER 24 | System Management CommandsSystem Status– 771 –show running-configThis command displays the configuration information currently in use
CHAPTER 24 | System Management CommandsSystem Status– 772 –!<stackingMac>00_00-00-00-00-00-00_00</stackingMac>!<stackingMac>00_0
CHAPTER 24 | System Management CommandsSystem Status– 773 –◆ This command displays settings for key command modes. Each mode group is separated by
CHAPTER 24 | System Management CommandsSystem Status– 774 –EXAMPLEConsole#show systemSystem Description : GTL-2691 Managed L3 Stackable SwitchSyst
CHAPTER 24 | System Management CommandsSystem Status– 775 – Telnet Server Port: 23 Jumbo Frame: Disabled...show users Shows all a
CHAPTER 24 | System Management CommandsFrame Size– 776 –EXAMPLE Console#show versionUnit 1 Serial Number : S123456 Hardware Version
CHAPTER 24 | System Management CommandsFan Control– 777 –between the two end nodes must be able to accept the extended frame size. And for half-du
CHAPTER 24 | System Management CommandsFile Management– 778 –FILE MANAGEMENTManaging FirmwareFirmware can be uploaded and downloaded to or from an
CHAPTER 24 | System Management CommandsFile Management– 779 –General Commandsboot system This command specifies the file or image used to start up
CHAPTER 1 | IntroductionDescription of Software Features– 78 –ADDRESS RESOLUTIONPROTOCOLThe switch uses ARP and Proxy ARP to convert between IP ad
CHAPTER 24 | System Management CommandsFile Management– 780 –copy This command moves (upload/download) a code image or configuration file between
CHAPTER 24 | System Management CommandsFile Management– 781 –◆ You can use “Factory_Default_Config.cfg” as the source to copy from the factory def
CHAPTER 24 | System Management CommandsFile Management– 782 –The following example shows how to copy the running configuration to a startup file.C
CHAPTER 24 | System Management CommandsFile Management– 783 –This example shows how to copy a file to an FTP server. Console#copy ftp fileFTP serv
CHAPTER 24 | System Management CommandsFile Management– 784 –dir This command displays a list of files in flash memory.SYNTAX dir [unit:] {boot-ro
CHAPTER 24 | System Management CommandsFile Management– 785 –whichboot This command displays which files were booted when the system powered up.SY
CHAPTER 24 | System Management CommandsFile Management– 786 –1. It will search for a new version of the image at the location specified by upgrade
CHAPTER 24 | System Management CommandsFile Management– 787 –DEFAULT SETTING NoneCOMMAND MODE Global ConfigurationCOMMAND USAGE ◆ This command is
CHAPTER 24 | System Management CommandsLine– 788 –COMMAND MODE Global ConfigurationEXAMPLEThis shows how to specify a TFTP server where new code i
CHAPTER 24 | System Management CommandsLine– 789 –line This command identifies a specific line for configuration, and to process subsequent line c
CHAPTER 1 | IntroductionSystem Defaults– 79 –SYSTEM DEFAULTSThe switch’s system defaults are provided in the configuration file “Factory_Default_C
CHAPTER 24 | System Management CommandsLine– 790 –databits This command sets the number of data bits per character that are interpreted and genera
CHAPTER 24 | System Management CommandsLine– 791 –COMMAND USAGE ◆ If user input is detected within the timeout interval, the session is kept open;
CHAPTER 24 | System Management CommandsLine– 792 –◆ This command controls login authentication via the switch itself. To configure user names and
CHAPTER 24 | System Management CommandsLine– 793 –password This command specifies the password for a line. Use the no form to remove the password.
CHAPTER 24 | System Management CommandsLine– 794 –password-thresh This command sets the password intrusion threshold which limits the number of fa
CHAPTER 24 | System Management CommandsLine– 795 –COMMAND MODE Line Configuration (console only)EXAMPLE To set the silent time to 60 seconds, ente
CHAPTER 24 | System Management CommandsLine– 796 –stopbits This command sets the number of the stop bits transmitted per byte. Use the no form to
CHAPTER 24 | System Management CommandsLine– 797 –EXAMPLE To set the timeout to two minutes, enter this command:Console(config-line)#timeout login
CHAPTER 24 | System Management CommandsEvent Logging– 798 –EXAMPLE To show all lines, enter this command:Console#show line Console Configuration:
CHAPTER 24 | System Management CommandsEvent Logging– 799 –logging facility This command sets the facility type for remote logging of syslog messa
CONTENTS– 8 –7ADDRESS TABLE SETTINGS 233Configuring MAC Address Learning 233Setting Static Addresses 235Changing the Aging Time 236Displaying the
CHAPTER 1 | IntroductionSystem Defaults– 80 –Port Configuration Admin Status EnabledAuto-negotiation EnabledFlow Control DisabledPo rt Trunking St
CHAPTER 24 | System Management CommandsEvent Logging– 800 –DEFAULT SETTING Flash: errors (level 3 - 0)RAM: debugging (level 7 - 0)COMMAND MODE Glo
CHAPTER 24 | System Management CommandsEvent Logging– 801 –EXAMPLE Console(config)#logging host 10.1.0.3Console(config)#logging on This command co
CHAPTER 24 | System Management CommandsEvent Logging– 802 –DEFAULT SETTING DisabledLevel 7COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ Using t
CHAPTER 24 | System Management CommandsEvent Logging– 803 –show log This command displays the log messages stored in local memory.SYNTAX show log
CHAPTER 24 | System Management CommandsEvent Logging– 804 –EXAMPLEThe following example shows that system logging is enabled, the message level fo
CHAPTER 24 | System Management CommandsSMTP Alerts– 805 –SMTP ALERTSThese commands configure SMTP event handling, and forwarding of alert messages
CHAPTER 24 | System Management CommandsSMTP Alerts– 806 –COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ You can specify up to three SMTP servers
CHAPTER 24 | System Management CommandsSMTP Alerts– 807 –EXAMPLEThis example will send email alerts for system errors from level 3 through 0.Conso
CHAPTER 24 | System Management CommandsTime– 808 –COMMAND USAGE You may use an symbolic email address that identifies the switch, or the address o
CHAPTER 24 | System Management CommandsTime– 809 –SNTP Commandssntp client This command enables SNTP client requests for time synchronization from
CHAPTER 1 | IntroductionSystem Defaults– 81 –IP Settings Management. VLAN Any VLAN configured with an IP addressIP Address 192.168.1.1Default Gate
CHAPTER 24 | System Management CommandsTime– 810 –Current Mode: unicastSNTP Status : EnabledSNTP Server 137.92.140.80 0.0.0.0 0.0.0.0Current Serve
CHAPTER 24 | System Management CommandsTime– 811 –DEFAULT SETTING NoneCOMMAND MODE Global ConfigurationCOMMAND USAGE This command specifies time s
CHAPTER 24 | System Management CommandsTime– 812 –NTP Commandsntp authenticate This command enables authentication for NTP client-server communica
CHAPTER 24 | System Management CommandsTime– 813 –COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ The key number specifies a key value in the NTP
CHAPTER 24 | System Management CommandsTime– 814 –◆ This command enables client time requests to time servers specified via the ntp servers comman
CHAPTER 24 | System Management CommandsTime– 815 –EXAMPLE Console(config)#ntp server 192.168.3.20Console(config)#ntp server 192.168.3.21Console(co
CHAPTER 24 | System Management CommandsTime– 816 –minutes - Number of minutes before/after UTC. (Range: 0-59 minutes)before-utc - Sets the local t
CHAPTER 24 | System Management CommandsTime Range– 817 –COMMAND USAGE Note that when SNTP is enabled, the system clock cannot be manually configur
CHAPTER 24 | System Management CommandsTime Range– 818 –time-range This command specifies the name of a time range, and enters time range configur
CHAPTER 24 | System Management CommandsTime Range– 819 –COMMAND MODE Time Range ConfigurationCOMMAND USAGE If a time range is already configured,
CHAPTER 1 | IntroductionSystem Defaults– 82 –
CHAPTER 24 | System Management CommandsSwitch Clustering– 820 –EXAMPLEThis example configures a time range for the periodic occurrence of an event
CHAPTER 24 | System Management CommandsSwitch Clustering– 821 –Using Switch Clustering◆ A switch cluster has a primary unit called the “Commander”
CHAPTER 24 | System Management CommandsSwitch Clustering– 822 –IP subnets in the network. Cluster IP addresses are assigned to switches when they
CHAPTER 24 | System Management CommandsSwitch Clustering– 823 –cluster ip-pool This command sets the cluster IP address pool. Use the no form to r
CHAPTER 24 | System Management CommandsSwitch Clustering– 824 –COMMAND MODEGlobal ConfigurationCOMMAND USAGE ◆ The maximum number of cluster Membe
CHAPTER 24 | System Management CommandsSwitch Clustering– 825 –Heartbeat Loss Count : 3 secondsNumber of Members : 1Number of Candidates : 2Con
CHAPTER 24 | System Management CommandsSwitch Clustering– 826 –
– 827 –25 SNMP COMMANDSControls access to this switch from management stations using the Simple Network Management Protocol (SNMP), as well as the e
CHAPTER 25 | SNMP Commands– 828 –Notification Log Commandsnlm Enables the specified notification log GCsnmp-server notify-filter Creates a notific
CHAPTER 25 | SNMP CommandsGeneral SNMP Commands– 829 –General SNMP Commandssnmp-server This command enables the SNMPv3 engine and services for all
– 83 –2 INITIAL SWITCH CONFIGURATIONThis chapter includes information on connecting to the switch and basic configuration procedures.CONNECTING TO T
CHAPTER 25 | SNMP CommandsGeneral SNMP Commands– 830 –EXAMPLE Console(config)#snmp-server community alpha rwConsole(config)#snmp-servercontactThis
CHAPTER 25 | SNMP CommandsGeneral SNMP Commands– 831 –EXAMPLE Console(config)#snmp-server location WC-19Console(config)#RELATED COMMANDSsnmp-serve
CHAPTER 25 | SNMP CommandsSNMP Target Host Commands– 832 –SNMP Target Host Commandssnmp-server enabletrapsThis command enables this device to send
CHAPTER 25 | SNMP CommandsSNMP Target Host Commands– 833 –snmp-server host This command specifies the recipient of a Simple Network Management Pro
CHAPTER 25 | SNMP CommandsSNMP Target Host Commands– 834 –enable multiple hosts, you must issue a separate snmp-server host command for each host.
CHAPTER 25 | SNMP CommandsSNMPv3 Commands– 835 –EXAMPLE Console(config)#snmp-server host 10.1.19.23 batmanConsole(config)#RELATED COMMANDSsnmp-ser
CHAPTER 25 | SNMP CommandsSNMPv3 Commands– 836 –◆ Trailing zeroes need not be entered to uniquely specify a engine ID. In other words, the value “
CHAPTER 25 | SNMP CommandsSNMPv3 Commands– 837 –COMMAND USAGE ◆ A group sets the access policy for the assigned users.◆ When authentication is sel
CHAPTER 25 | SNMP CommandsSNMPv3 Commands– 838 –DEFAULT SETTING None COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ Local users (i.e., the comma
CHAPTER 25 | SNMP CommandsSNMPv3 Commands– 839 –snmp-server view This command adds an SNMP view which controls user access to the MIB. Use the no
CHAPTER 2 | Initial Switch ConfigurationConnecting to the Switch– 84 –◆ Control port access through IEEE 802.1X security or static address filteri
CHAPTER 25 | SNMP CommandsSNMPv3 Commands– 840 –show snmpengine-idThis command shows the SNMP engine ID.COMMAND MODE Privileged ExecEXAMPLEThis ex
CHAPTER 25 | SNMP CommandsSNMPv3 Commands– 841 –Write View : No writeview specifiedNotify View : No notifyview specifiedStorage Type : vo
CHAPTER 25 | SNMP CommandsSNMPv3 Commands– 842 –Row Status: activeConsole#show snmp view This command shows information on the SNMP views.COMMAND
CHAPTER 25 | SNMP CommandsNotification Log Commands– 843 –Notification Log Commandsnlm This command enables or disables the specified notification
CHAPTER 25 | SNMP CommandsNotification Log Commands– 844 –COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ Systems that support SNMP often need a
CHAPTER 25 | SNMP CommandsAdditional Trap Commands– 845 –show nlmoper-statusThis command shows the operational status of configured notification l
CHAPTER 25 | SNMP CommandsAdditional Trap Commands– 846 –COMMAND USAGE Once the rising alarm threshold is exceeded, utilization must drop beneath
– 847 –26 REMOTE MONITORING COMMANDSRemote Monitoring allows a remote device to collect information or respond to specified events on an independent
CHAPTER 26 | Remote Monitoring Commands– 848 –rmon alarm This command sets threshold bounds for a monitored variable. Use the no form to remove an
CHAPTER 26 | Remote Monitoring Commands– 849 –◆ If the current value is less than or equal to the falling threshold, and the last sample value was
CHAPTER 2 | Initial Switch ConfigurationConnecting to the Switch– 85 –3. Make sure the terminal emulation software is set as follows: Select the a
CHAPTER 26 | Remote Monitoring Commands– 850 –◆ The specified events determine the action to take when an alarm triggers this event. The response
CHAPTER 26 | Remote Monitoring Commands– 851 –EXAMPLEConsole(config)#interface ethernet 1/1Console(config-if)#rmon collection history 21 buckets 2
CHAPTER 26 | Remote Monitoring Commands– 852 –show rmon alarms This command shows the settings for all configured alarms.COMMAND MODE Privileged E
CHAPTER 26 | Remote Monitoring Commands– 853 –show rmonstatisticsThis command shows the information collected for all configured entries in the st
CHAPTER 26 | Remote Monitoring Commands– 854 –
– 855 –27 FLOW SAMPLING COMMANDS Flow sampling (sFlow) can be used with a remote sFlow Collector to provide an accurate, detailed and real-time over
CHAPTER 27 | Flow Sampling Commands– 856 –COMMAND USAGE Flow sampling must be enabled globally on the switch, as well as for those ports where it
CHAPTER 27 | Flow Sampling Commands– 857 –sflow max-datagram-sizeThis command configures the maximum size of the sFlow datagram payload. Use the n
CHAPTER 27 | Flow Sampling Commands– 858 –sflow owner This command configures the name of the receiver (i.e., sFlow Collector). Use the no form to
CHAPTER 27 | Flow Sampling Commands– 859 –sflow sample This command configures the packet sampling rate. Use the no form to restore the default ra
CHAPTER 2 | Initial Switch ConfigurationStack Operations– 86 –STACK OPERATIONSUp to eight switches can be stacked together as described in the Ins
CHAPTER 27 | Flow Sampling Commands– 860 –sflow timeout This command configures the length of time samples are sent to the Collector before resett
CHAPTER 27 | Flow Sampling Commands– 861 –COMMAND MODE Privileged ExecEXAMPLEConsole#show sflow interface ethernet 1/9 Interface of Ethernet 1/9
CHAPTER 27 | Flow Sampling Commands– 862 –
– 863 –28 AUTHENTICATION COMMANDS You can configure this switch to authenticate users logging into the system for management access using local or r
CHAPTER 28 | Authentication CommandsUser Accounts– 864 –USER ACCOUNTSThe basic commands required for management access are listed in this section.
CHAPTER 28 | Authentication CommandsUser Accounts– 865 –EXAMPLE Console(config)#enable password level 15 0 adminConsole(config)#RELATED COMMANDSen
CHAPTER 28 | Authentication CommandsAuthentication Sequence– 866 –EXAMPLE This example shows how the set the access level and password for a user.
CHAPTER 28 | Authentication CommandsAuthentication Sequence– 867 –◆ RADIUS and TACACS+ logon authentication assigns a specific privilege level for
CHAPTER 28 | Authentication CommandsRADIUS Client– 868 –“authentication login radius tacacs local,” the user name and password on the RADIUS serve
CHAPTER 28 | Authentication CommandsRADIUS Client– 869 –COMMAND MODE Global ConfigurationEXAMPLE Console(config)#radius-server acct-port 181Consol
CHAPTER 2 | Initial Switch ConfigurationStack Operations– 87 –SELECTING THEBACKUP UNITOnce the Master unit finishes booting up, it continues to sy
CHAPTER 28 | Authentication CommandsRADIUS Client– 870 –key - Encryption key used to authenticate logon access for client. Do not use blank spaces
CHAPTER 28 | Authentication CommandsRADIUS Client– 871 –radius-serverretransmitThis command sets the number of retries. Use the no form to restore
CHAPTER 28 | Authentication CommandsTACACS+ Client– 872 –show radius-server This command displays the current settings for the RADIUS server.DEFAU
CHAPTER 28 | Authentication CommandsTACACS+ Client– 873 –tacacs-server host This command specifies the TACACS+ server and other optional parameter
CHAPTER 28 | Authentication CommandsTACACS+ Client– 874 –COMMAND MODE Global ConfigurationEXAMPLE Console(config)#tacacs-server key greenConsole(c
CHAPTER 28 | Authentication CommandsTACACS+ Client– 875 –EXAMPLE Console(config)#tacacs-server retransmit 5Console(config)#tacacs-servertimeoutThi
CHAPTER 28 | Authentication CommandsAAA– 876 –TACACS Server Group:Group Name Member Index------------------------- -------------tac
CHAPTER 28 | Authentication CommandsAAA– 877 –group - Specifies the server group to use.radius - Specifies all RADIUS hosts configure with the rad
CHAPTER 28 | Authentication CommandsAAA– 878 –group - Specifies the server group to use.radius - Specifies all RADIUS hosts configure with the rad
CHAPTER 28 | Authentication CommandsAAA– 879 –◆ Using the command without specifying an interim interval enables updates, but does not change the
CHAPTER 2 | Initial Switch ConfigurationStack Operations– 88 –other units within this VLAN interface, then this IP address will no longer be avail
CHAPTER 28 | Authentication CommandsAAA– 880 –aaa group server Use this command to name a group of security server hosts. To remove a server group
CHAPTER 28 | Authentication CommandsAAA– 881 –EXAMPLE Console(config)#aaa group server radius tpsConsole(config-sg-radius)#server 10.2.68.120Conso
CHAPTER 28 | Authentication CommandsAAA– 882 –EXAMPLE Console(config)#line consoleConsole(config-line)#accounting exec tpsConsole(config-line)#exi
CHAPTER 28 | Authentication CommandsWeb Server– 883 –statistics - Displays accounting records.user-name - Displays accounting records for a specif
CHAPTER 28 | Authentication CommandsWeb Server– 884 –ip http port This command specifies the TCP port number used by the web browser interface. Us
CHAPTER 28 | Authentication CommandsWeb Server– 885 –ip http secure-port This command specifies the UDP port number used for HTTPS connection to t
CHAPTER 28 | Authentication CommandsWeb Server– 886 –COMMAND USAGE ◆ Both HTTP and HTTPS service can be enabled independently on the switch. Howev
CHAPTER 28 | Authentication CommandsTelnet Server– 887 –TELNET SERVERThis section describes commands used to configure Telnet management access to
CHAPTER 28 | Authentication CommandsTelnet Server– 888 –ip telnet port This command specifies the TCP port number used by the Telnet interface. Us
CHAPTER 28 | Authentication CommandsSecure Shell– 889 –show ip telnet This command displays the configuration settings for the Telnet server. COMM
CHAPTER 2 | Initial Switch ConfigurationBasic Configuration– 89 –running a different image version. For information on downloading firmware, see “
CHAPTER 28 | Authentication CommandsSecure Shell– 890 –Configuration GuidelinesThe SSH server on this switch supports both password and public key
CHAPTER 28 | Authentication CommandsSecure Shell– 891 –4. Set the Optional Parameters – Set other optional parameters, including the authenticatio
CHAPTER 28 | Authentication CommandsSecure Shell– 892 –c. The client sends a signature generated using the private key to the switch.d. When the s
CHAPTER 28 | Authentication CommandsSecure Shell– 893 –COMMAND MODE Global ConfigurationCOMMAND USAGE ◆ The SSH server supports up to eight client
CHAPTER 28 | Authentication CommandsSecure Shell– 894 –ip ssh timeout This command configures the timeout for the SSH server. Use the no form to r
CHAPTER 28 | Authentication CommandsSecure Shell– 895 –EXAMPLE Console#delete public-key admin dsaConsole#ip ssh crypto host-key generateThis comm
CHAPTER 28 | Authentication CommandsSecure Shell– 896 –ip ssh cryptozeroizeThis command clears the host key from memory (i.e. RAM). SYNTAX ip ssh
CHAPTER 28 | Authentication CommandsSecure Shell– 897 –RELATED COMMANDSip ssh crypto host-key generate (895)show ip ssh This command displays the
CHAPTER 28 | Authentication CommandsSecure Shell– 898 –1854900028313416250083487184495220874292122556916656552963281635169640408315547660664151657
CHAPTER 28 | Authentication Commands802.1X Port Authentication– 899 –802.1X PORT AUTHENTICATIONThe switch supports IEEE 802.1X (dot1x) port-based
CONTENTS– 9 –12 VOIP TRAFFIC CONFIGURATION 303Overview 303Configuring VoIP Traffic 303Configuring Telephony OUI 305Configuring VoIP Traffic Ports
CHAPTER 2 | Initial Switch ConfigurationBasic Configuration– 90 –4. Type “username admin password 0 password,” for the Privileged Exec level, wher
CHAPTER 28 | Authentication Commands802.1X Port Authentication– 900 –General Commandsdot1x default This command sets all configurable dot1x global
CHAPTER 28 | Authentication Commands802.1X Port Authentication– 901 –dot1x system-auth-controlThis command enables IEEE 802.1X port authentication
CHAPTER 28 | Authentication Commands802.1X Port Authentication– 902 –dot1x max-reauth-reqThis command sets the maximum number of times that the sw
CHAPTER 28 | Authentication Commands802.1X Port Authentication– 903 –dot1x operation-modeThis command allows hosts (clients) to connect to an 802.
CHAPTER 28 | Authentication Commands802.1X Port Authentication– 904 –dot1x port-control This command sets the dot1x mode on a port interface. Use
CHAPTER 28 | Authentication Commands802.1X Port Authentication– 905 –EXAMPLEConsole(config)#interface eth 1/2Console(config-if)#dot1x re-authentic
CHAPTER 28 | Authentication Commands802.1X Port Authentication– 906 –EXAMPLEConsole(config)#interface eth 1/2Console(config-if)#dot1x timeout re-a
CHAPTER 28 | Authentication Commands802.1X Port Authentication– 907 –DEFAULT30 secondsCOMMAND MODEInterface ConfigurationEXAMPLEConsole(config)#in
CHAPTER 28 | Authentication Commands802.1X Port Authentication– 908 –Display Information Commandsshow dot1x This command shows general port authen
CHAPTER 28 | Authentication Commands802.1X Port Authentication– 909 – Reauth Max Retries – Maximum number of reauthentication attempts. Max Reque
CHAPTER 2 | Initial Switch ConfigurationBasic Configuration– 91 –◆ Default gateway for the network To assign an IPv4 address to the switch, comple
CHAPTER 28 | Authentication CommandsManagement IP Filter– 910 –802.1X Port Details802.1X Authenticator is enabled on port 1/1...802.1X Authenticat
CHAPTER 28 | Authentication CommandsManagement IP Filter– 911 –management This command specifies the client IP addresses that are allowed manageme
CHAPTER 28 | Authentication CommandsManagement IP Filter– 912 –show management This command displays the client IP addresses that are allowed mana
CHAPTER 28 | Authentication CommandsPPPoE Intermediate Agent– 913 –PPPOE INTERMEDIATE AGENTThis section describes commands used to configure the P
CHAPTER 28 | Authentication CommandsPPPoE Intermediate Agent– 914 –port-ID attribute in PPP authentication and AAA accounting requests to a RADIUS
CHAPTER 28 | Authentication CommandsPPPoE Intermediate Agent– 915 –pppoe intermediate-agent port-enableThis command enables the PPPoE IA on an int
CHAPTER 28 | Authentication CommandsPPPoE Intermediate Agent– 916 –◆ The switch intercepts PPPoE discovery frames from the client and inserts a un
CHAPTER 28 | Authentication CommandsPPPoE Intermediate Agent– 917 –pppoe intermediate-agent vendor-tagstripThis command enables the stripping of v
CHAPTER 28 | Authentication CommandsPPPoE Intermediate Agent– 918 –show pppoeintermediate-agentinfoThis command displays configuration settings fo
CHAPTER 28 | Authentication CommandsPPPoE Intermediate Agent– 919 –EXAMPLEConsole#show pppoe intermediate-agent statistics interface ethernet 1/1E
CHAPTER 2 | Initial Switch ConfigurationBasic Configuration– 92 –example, followed by the “link-local” command parameter. Then press <Enter>
CHAPTER 28 | Authentication CommandsPPPoE Intermediate Agent– 920 –
– 921 –29 GENERAL SECURITY MEASURES This switch supports many methods of segregating traffic for clients attached to each of the data ports, and for
CHAPTER 29 | General Security MeasuresPort Security– 922 –PORT SECURITY These commands can be used to enable port security on a port. When MAC add
CHAPTER 29 | General Security MeasuresPort Security– 923 –◆ The mac-learning commands cannot be used if 802.1X Port Authentication has been global
CHAPTER 29 | General Security MeasuresPort Security– 924 –COMMAND USAGE ◆ The default maximum number of MAC addresses allowed on a secure port is
CHAPTER 29 | General Security MeasuresPort Security– 925 –show port security This command displays port security status and the secure address cou
CHAPTER 29 | General Security MeasuresPort Security– 926 –The following example shows the port security settings and number of secure addresses fo
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 927 –NETWORK ACCESS (MAC ADDRESS AUTHENTICATION)Network Access
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 928 –network-accessagingUse this command to enable aging for au
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 929 –COMMAND MODE Global Configuration COMMAND USAGE◆ Specified
CHAPTER 2 | Initial Switch ConfigurationBasic Configuration– 93 –3. Type “exit” to return to the global configuration mode prompt. Press <Enter
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 930 –network-accessdynamic-qosUse this command to enable the dy
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 931 –EXAMPLE The following example enables the dynamic QoS feat
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 932 –network-accessguest-vlanUse this command to assign all tra
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 933 –network-accesslink-detection link-downUse this command to
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 934 –EXAMPLEConsole(config)#interface ethernet 1/1Console(confi
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 935 –COMMAND MODE Interface Configuration COMMAND USAGE The max
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 936 –◆ When port status changes to down, all MAC addresses are
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 937 –mac-authenticationintrusion-actionUse this command to conf
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 938 –clear network-accessUse this command to clear entries from
CHAPTER 29 | General Security MeasuresNetwork Access (MAC Address Authentication)– 939 –EXAMPLE Console#show network-access interface ethernet 1/1
CHAPTER 2 | Initial Switch ConfigurationBasic Configuration– 94 –To automatically configure the switch by communicating with BOOTP or DHCP address
CHAPTER 29 | General Security MeasuresWeb Authentication– 940 –00-00-00 to 00-00-01-FF-FF-FF to be displayed. All other MACs would be filtered out
CHAPTER 29 | General Security MeasuresWeb Authentication– 941 –NOTE: RADIUS authentication must be activated and configured for the web authentica
CHAPTER 29 | General Security MeasuresWeb Authentication– 942 –EXAMPLE Console(config)#web-auth login-attempts 2Console(config)#web-auth quiet-per
CHAPTER 29 | General Security MeasuresWeb Authentication– 943 –EXAMPLE Console(config)#web-auth session-timeout 1800Console(config)#web-auth syste
CHAPTER 29 | General Security MeasuresWeb Authentication– 944 –web-auth re-authenticate (Port)This command ends all web authentication sessions co
CHAPTER 29 | General Security MeasuresWeb Authentication– 945 –show web-auth This command displays global web authentication parameters.COMMAND MO
CHAPTER 29 | General Security MeasuresDHCP Snooping– 946 –show web-authsummaryThis command displays a summary of web authentication port parameter
CHAPTER 29 | General Security MeasuresDHCP Snooping– 947 –ip dhcp snooping This command enables DHCP snooping globally. Use the no form to restore
CHAPTER 29 | General Security MeasuresDHCP Snooping– 948 – If the DHCP packet is from a client, such as a DECLINE or RELEASE message, the switch f
CHAPTER 29 | General Security MeasuresDHCP Snooping– 949 –ip dhcp snoopingdatabase flashThis command writes all dynamically learned snooping entri
CHAPTER 2 | Initial Switch ConfigurationBasic Configuration– 95 –2. Type “ipv6 enable” and press <Enter>.Console(config)#interface vlan 1Con
CHAPTER 29 | General Security MeasuresDHCP Snooping– 950 –just their MAC address. DHCP client-server exchange messages are then forwarded directly
CHAPTER 29 | General Security MeasuresDHCP Snooping– 951 –policy for these packets. The switch can either drop the DHCP packets, keep the existing
CHAPTER 29 | General Security MeasuresDHCP Snooping– 952 –ip dhcp snoopingvlanThis command enables DHCP snooping on the specified VLAN. Use the no
CHAPTER 29 | General Security MeasuresDHCP Snooping– 953 –COMMAND MODEInterface Configuration (Ethernet, Port Channel)COMMAND USAGE ◆ A trusted in
CHAPTER 29 | General Security MeasuresDHCP Snooping– 954 –COMMAND MODEPrivileged ExecEXAMPLEConsole(config)#clear ip dhcp snooping binding 11-22-3
CHAPTER 29 | General Security MeasuresIP Source Guard– 955 –show ip dhcpsnooping bindingThis command shows the DHCP snooping binding table entries
CHAPTER 29 | General Security MeasuresIP Source Guard– 956 –ip source-guardbindingThis command adds a static address to the source-guard binding t
CHAPTER 29 | General Security MeasuresIP Source Guard– 957 –EXAMPLEThis example configures a static source-guard binding on port 5.Console(config)
CHAPTER 29 | General Security MeasuresIP Source Guard– 958 –◆ Table entries include a MAC address, IP address, lease time, entry type (Static-IP-S
CHAPTER 29 | General Security MeasuresIP Source Guard– 959 –ip source-guardmax-bindingThis command sets the maximum number of entries that can be
CHAPTER 2 | Initial Switch ConfigurationBasic Configuration– 96 –◆ If the switch does not receive a DHCP response prior to completing the bootup p
CHAPTER 29 | General Security MeasuresARP Inspection– 960 –show ip source-guard bindingThis command shows the source guard binding table.SYNTAX sh
CHAPTER 29 | General Security MeasuresARP Inspection– 961 –ip arp inspection This command enables ARP Inspection globally on the switch. Use the n
CHAPTER 29 | General Security MeasuresARP Inspection– 962 –◆ When ARP Inspection is disabled globally, it is still possible to configure ARP Inspe
CHAPTER 29 | General Security MeasuresARP Inspection– 963 –EXAMPLEConsole(config)#ip arp inspection filter sales vlan 1Console(config)#ip arp insp
CHAPTER 29 | General Security MeasuresARP Inspection– 964 –EXAMPLEConsole(config)#ip arp inspection log-buffer logs 1 interval 10Console(config)#i
CHAPTER 29 | General Security MeasuresARP Inspection– 965 –ip arp inspectionvlanThis command enables ARP Inspection for a specified VLAN or range
CHAPTER 29 | General Security MeasuresARP Inspection– 966 –ip arp inspectionlimitThis command sets a rate limit for the ARP packets received on a
CHAPTER 29 | General Security MeasuresARP Inspection– 967 –EXAMPLEConsole(config)#interface ethernet 1/1Console(config-if)#ip arp inspection trust
CHAPTER 29 | General Security MeasuresARP Inspection– 968 –show ip arpinspection logThis command shows information about entries stored in the log
CHAPTER 29 | General Security MeasuresDenial of Service Protection– 969 –EXAMPLEConsole#show ip arp inspection vlan 1VLAN ID DAI Status
CHAPTER 2 | Initial Switch ConfigurationBasic Configuration– 97 – option dynamicProvision.tftp-server-name code 66 = text; option dynamicProvision
CHAPTER 29 | General Security MeasuresDenial of Service Protection– 970 –dos-protection tcp-scanThis command protects against DoS TCP-null-scan at
CHAPTER 29 | General Security MeasuresDenial of Service Protection– 971 –EXAMPLEConsole#show dos-protectionGlobal DoS Protections: LAND Attack
CHAPTER 29 | General Security MeasuresDenial of Service Protection– 972 –
– 973 –30 ACCESS CONTROL LISTSAccess Control Lists (ACL) provide packet filtering for IPv4 frames (based on address, protocol, Layer 4 protocol port
CHAPTER 30 | Access Control ListsIPv4 ACLs– 974 –access-list ip This command adds an IP access list and enters configuration mode for standard or
CHAPTER 30 | Access Control ListsIPv4 ACLs– 975 –permit, deny(Standard IP ACL)This command adds a rule to a Standard IPv4 ACL. The rule sets a fil
CHAPTER 30 | Access Control ListsIPv4 ACLs– 976 –permit, deny(Extended IPv4 ACL)This command adds a rule to an Extended IPv4 ACL. The rule sets a
CHAPTER 30 | Access Control ListsIPv4 ACLs– 977 –port-bitmask – Decimal number representing the port bits to match. (Range: 0-65535)control-flags
CHAPTER 30 | Access Control ListsIPv4 ACLs– 978 –EXAMPLEThis example accepts any incoming packets if the source address is within subnet 10.7.1.x.
CHAPTER 30 | Access Control ListsIPv4 ACLs– 979 –COMMAND USAGE◆ Only one ACL can be bound to a port.◆ If an ACL is already bound to a port and you
CHAPTER 2 | Initial Switch ConfigurationBasic Configuration– 98 –◆ private - with read/write access. Authorized management stations are able to bo
CHAPTER 30 | Access Control ListsIPv6 ACLs– 980 –EXAMPLE Console#show ip access-list standardIP standard access-list david: permit host 10.1.1.21
CHAPTER 30 | Access Control ListsIPv6 ACLs– 981 –COMMAND MODEGlobal ConfigurationCOMMAND USAGE◆ When you create a new ACL or enter configuration m
CHAPTER 30 | Access Control ListsIPv6 ACLs– 982 –DEFAULT SETTINGNoneCOMMAND MODEStandard IPv6 ACLCOMMAND USAGENew rules are appended to the end of
CHAPTER 30 | Access Control ListsIPv6 ACLs– 983 –flow-label – A label for packets belonging to a particular traffic “flow” for which the sender re
CHAPTER 30 | Access Control ListsIPv6 ACLs– 984 –EXAMPLEThis example accepts any incoming packets if the destination address is 2009:DB9:2229::79/
CHAPTER 30 | Access Control ListsIPv6 ACLs– 985 – permit 2009:DB9:2229:5::/64Console#RELATED COMMANDSpermit, deny (Standard IPv6 ACL) (981)permit
CHAPTER 30 | Access Control ListsMAC ACLs– 986 –show ipv6 access-groupThis command shows the ports assigned to IPv6 ACLs.COMMAND MODEPrivileged Ex
CHAPTER 30 | Access Control ListsMAC ACLs– 987 –COMMAND USAGE◆ When you create a new ACL or enter configuration mode for an existing ACL, use the
CHAPTER 30 | Access Control ListsMAC ACLs– 988 –{permit | deny} untagged-eth2{any | host source | source address-bitmask} {any | host destination
CHAPTER 30 | Access Control ListsMAC ACLs– 989 –COMMAND MODEMAC ACLCOMMAND USAGE◆ New rules are added to the end of the list.◆ The ethertype optio
CHAPTER 2 | Initial Switch ConfigurationManaging System Files– 99 –CONFIGURING ACCESS FOR SNMP VERSION 3 CLIENTSTo configure management access for
CHAPTER 30 | Access Control ListsMAC ACLs– 990 –EXAMPLE Console(config)#interface ethernet 1/2Console(config-if)#mac access-group jerry inConsole(
CHAPTER 30 | Access Control ListsARP ACLs– 991 –ARP ACLSThe commands in this section configure ACLs based on the IP or MAC address contained in AR
CHAPTER 30 | Access Control ListsARP ACLs– 992 –permit, deny(ARP ACL)This command adds a rule to an ARP ACL. The rule filters packets matching a s
CHAPTER 30 | Access Control ListsARP ACLs– 993 –EXAMPLE This rule permits packets from any source IP and MAC address to the destination subnet add
CHAPTER 30 | Access Control ListsACL Information– 994 –ACL INFORMATIONThis section describes commands used to display ACL information.show access-
CHAPTER 30 | Access Control ListsACL Information– 995 –EXAMPLE Console#show access-listIP standard access-list david: permit host 10.1.1.21 perm
CHAPTER 30 | Access Control ListsACL Information– 996 –
– 997 –31 INTERFACE COMMANDSThese commands are used to display or set communication parameters for an Ethernet port, aggregated link, or VLAN; or pe
CHAPTER 31 | Interface CommandsInterface Configuration– 998 –Interface Configurationinterface This command configures an interface type and enters
CHAPTER 31 | Interface CommandsInterface Configuration– 999 –COMMAND MODE Interface Configuration (Ethernet, Port Channel)COMMAND USAGEThe alias i
Comments to this Manuals