DL manuals
3Com
Switch
SuperStack 4 5500G-EI Series
Command Reference Manual

3Com SuperStack 4 5500G-EI Series Command Reference Manual

Manual is about: Version 3.1.x

Page of 530

Download

Print this page

Bookmark us

SuperStack

4 Switch 5500G-EI Family

Command Reference Guide

Version 3.1.x

http://www.3com.com/

Part number: DUA1725-0CAA01

Published: July 2005

1 2 3 4 5 6 7 Next › »

Summary of SuperStack 4 5500G-EI Series

Page 1
Superstack ® 4 switch 5500g-ei family command reference guide version 3.1.X http://www.3com.Com/ part number: dua1725-0caa01 published: july 2005.
Page 2
3com corporation 350 campus drive marlborough, ma usa 01752-3064 copyright © 2005, 3com corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without writt...
Page 3: Ontents
C ontents a bout t his g uide about this software version 19 organization of the manual 19 intended readership 20 conventions 20 related manuals 21 1 u sing s ystem a ccess c ommands logging in commands 24 authentication-mode 24 auto-execute command 24 command-privilege level 25 databits 26 display ...
Page 4
Telnet 43 user-interface 44 user privilege level 45 2 u sing p ort c ommands ethernet port configuration commands 49 broadcast-suppression 49 copy configuration 50 description 50 display interface 51 display loopback-detection 53 display port 54 display unit 54 duplex 55 flow-control 56 interface 56...
Page 5
Port link-aggregation group 77 reset lacp statistics 77 3 u sing vlan c ommands vlan configuration commands 80 description 80 display interface vlan-interface 80 display vlan 81 interface vlan-interface 82 port 82 shutdown 83 vlan 84 voice vlan configuration commands 85 display voice vlan oui 85 dis...
Page 6
Display arp 110 display arp timer aging 111 reset arp 111 resilient arp configuration commands 112 debugging resilient-arp 112 display resilient-arp 113 resilient-arp enable 113 resilient-arp interface vlan-interface 114 bootp client configuration commands 115 debugging dhcp xrn xha 115 ip address b...
Page 7
Display tcp statistics 137 display tcp status 138 display udp statistics 139 reset ip statistics 140 reset tcp statistics 140 reset udp statistics 140 tcp timer fin-timeout 141 tcp timer syn-timeout 141 tcp window 142 6 u sing r outing p rotocol c ommands routing table display commands 146 display i...
Page 8
Summary 175 timers 176 traffic-share-across- interface 176 ospf configuration commands 177 abr-summary 177 area 178 asbr-summary 178 authentication-mode 179 default cost 180 default interval 181 default limit 181 default tag 182 default type 183 default-cost 183 default-route-advertise 184 display d...
Page 9
Preference 214 reset ospf 215 router id 215 silent-interface 216 snmp-agent trap enable ospf 217 spf-schedule-interval 218 stub 218 vlink-peer 219 ip routing policy configuration commands 220 apply cost 220 apply tag 221 display ip ip-prefix 222 display route-policy 222 filter-policy export 223 filt...
Page 10
Multicast routing-enable 247 reset multicast forwarding-table 248 reset multicast routing-table 249 igmp configuration commands 250 debugging igmp 250 display igmp group 250 display igmp interface 251 igmp enable 252 igmp group-limit 252 igmp group-policy 253 igmp group-policy vlan 254 igmp host-joi...
Page 11
8 u sing q o s/acl c ommands acl configuration command list 282 acl 282 display acl 283 display packet-filter 284 display time-range 284 packet-filter 285 reset acl counter 286 rule 286 time-range 289 qos configuration commands list 290 display mirror 290 display qos-interface all 291 display qos-in...
Page 12
9 u sing f abric c ommands fabric commands 317 display xrn-fabric 317 change self-unit 317 change unit-id 318 set unit name 319 sysname 319 10 u sing rstp c ommands rstp configuration commands 322 display stp 322 323 display stp ignored-vlan 324 display stp tc 324 reset stp 324 stp 325 stp bpdu-prot...
Page 13
Dot1x retry 350 dot1x supp-proxy-check 351 dot1x timer 352 reset dot1x statistics 353 centralized mac address authentication configuration commands 354 debugging mac-authentication event 354 display mac-authentication 355 mac-authentication 356 mac-authentication domain 357 mac-authentication timer ...
Page 14
Secondary authentication 389 server-type 390 state 391 stop-accounting-buffer enable 392 timer 392 timer realtime-accounting 393 timer response-timeout 394 user-name-format 395 12 u sing s ystem m anagement c ommands file system management commands 402 cd 402 copy 403 delete 403 dir 404 execute 405 ...
Page 15
Cd 422 cdup 423 close 423 delete 424 dir 424 disconnect 424 ftp 425 get 425 lcd 426 ls 426 mkdir 426 passive 427 put 427 pwd 428 quit 428 remotehelp 428 rmdir 429 user 429 verbose 429 tftp configuration commands 430 tftp get 430 tftp put 430 mac address table management commands 431 display mac-addr...
Page 16
Display config-agent 446 display debugging 447 display version 447 system debug commands 447 debugging 448 display diagnostic-information 448 network connection test commands 449 end-station polling ip-address 449 ping 449 tracert 451 hwping commands 453 hwping-agent enable 453 hwping 453 count 454 ...
Page 17
Display snmp-agent statistics 477 display snmp-agent sys-info 478 display snmp-agent usm-user 479 display snmp-proxy unit 479 enable snmp trap 480 snmp-agent community 480 snmp-agent group 481 snmp-agent local-engineid 482 snmp-agent mib-view 483 snmp-agent packet max-size 483 snmp-agent sys-info 48...
Page 18
Ssh configuration commands 513 debugging ssh server 513 display rsa local-key-pair public 513 display rsa peer-public-key 514 display ssh server 515 display ssh user-information 515 peer-public-key end 516 protocol inbound 516 public-key-code begin 517 public-key-code end 518 rsa local-key-pair crea...
Page 19: Bout
A bout t his g uide this guide provides all the information you need to use the configuration commands supported by version 3.0.X software on the 3com ® superstack ® 4 switch 5500g-ei. About this software version the software in the switch 5500g-ei is a subset of that used in some other 3com product...
Page 20
20 a bout t his g uide ■ using system management commands — introduces the commands used for system management and maintenance. Intended readership the manual is intended for the following readers: ■ network administrators ■ network engineers ■ users who are familiar with the basics of networking co...
Page 21
Related manuals 21 related manuals the 3com superstack 4 switch 5500g-ei getting started guide provides information about installation. The 3com superstack 4 switch 5500g-ei configuration guide provides information about configuring your network using the commands described in this guide. [ ] items ...
Page 22
22 a bout t his g uide.
Page 23: Sing
1 u sing s ystem a ccess c ommands this chapter describes how to use the following commands: logging in commands ■ authentication-mode ■ auto-execute command ■ command-privilege level ■ databits ■ display history-command ■ display user-interface ■ display users ■ free user-interface ■ header ■ histo...
Page 25
Logging in commands 25 undo auto-execute command view user interface view parameter text: specifies the command to be run automatically. Description enter auto-execute command text to configure the switch to automatically run a specified command. When the user logs in, the command will be executed a...
Page 26
26 c hapter 1: u sing s ystem a ccess c ommands the command levels are, from lowest to highest: ■ 0 – visit ■ 1 – monitoring ■ 2 – system ■ 3 – management you can assign a priority level depending on user requirements. The commands that a user can access depend first on the access level assigned to ...
Page 27
Logging in commands 27 example to configure the data bits of the aux (console) port to 7 bits, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]user-interface aux 0 [sw5500-ui-aux0]databits 7 display history-command syntax display history-command view all views ...
Page 28
28 c hapter 1: u sing s ystem a ccess c ommands this command without the summary parameter displays user interface type, absolute/relative index, transmission speed, priority, authentication methods, and physical location. This command with the summary parameter displays one user interface in use wi...
Page 29
Logging in commands 29 display users syntax display users [ all ] view all views parameter all: enter to display information on all user interfaces. Description use the display users command to view information on the current user interface. Use the display users all command to view the information ...
Page 30
30 c hapter 1: u sing s ystem a ccess c ommands parameter type: enter the type and type number of the user interface to be reset. Number: enter the index number of the user interface to be reset. Description use this command to reset a specified user interface to its default settings. The user inter...
Page 32
32 c hapter 1: u sing s ystem a ccess c ommands mode 2: input in several lines system-view system view: return to user view with ctrl+z. [sw5500]header shell % shell: after you pressing the key, the system prompts the following message: input banner text, and quit with the character '%'. Go on input...
Page 33
Logging in commands 33 system-view system view: return to user view with ctrl+z. [sw5500]user-interface aux 0 [sw5500-ui-aux0]history-command max-size 20 idle-timeout syntax idle-timeout minutes [ seconds ] undo idle-timeout view user interface view parameter minutes: enter the number of minutes you...
Page 34
34 c hapter 1: u sing s ystem a ccess c ommands example to change the command line interface from english to chinese, enter the following: language-mode chinese lock syntax lock view user view parameter none description use the lock command to lock the current user interface and prevent unauthorized...
Page 36
36 c hapter 1: u sing s ystem a ccess c ommands ■ system view ■ menu views, for example vlan view, ethernet port view, and so on. Related commands: return , system-view . Example to return to user view from system view, enter the following: [sw5500]quit return syntax return view system view or highe...
Page 37
Logging in commands 37 to disable this function, that is to allow an unlimited number of information lines, enter the parameter as 0 . Example to configure a terminal to display 20 lines of information, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]user-inter...
Page 38
38 c hapter 1: u sing s ystem a ccess c ommands ftp-directory directory : specifies the directory of ftp users, directory is a character string of up to 64 characters. Lan-access : specifies user type to lan-access, which mainly refers to ethernet accessing users, 802.1x supplicants for example. Ter...
Page 40
40 c hapter 1: u sing s ystem a ccess c ommands description use the shell command to enable the terminal service for a user interface. The terminal service is enabled by default. Use the undo shell command to disable the terminal service for a user interface. When using the undo shell command, note ...
Page 41
Logging in commands 41 undo stopbits view user interface view parameter 1: sets the stop bits to 1. 1.5: sets the stop bits to 1.5. 2: sets the stop bits to 2. Description use the stopbits command to configure the stop bits on the aux (console) port. Use the undo stopbits command to restore the defa...
Page 43
Logging in commands 43 undo sysname view system view parameter text: enter the host name of the switch. The host name must be no more than 30 characters long. The default is sw5500. Description use the sysname command to configure the host name of the switch. Use the undo sysname command to restore ...
Page 44
44 c hapter 1: u sing s ystem a ccess c ommands parameter hostname: enter the host name of the remote switch. It is configured using the ip host command. Ip_address: enter theip address or the host name of the remote switch. If you enter the host name, the switch must be set to static resolution. Se...
Page 45
Logging in commands 45 description using user-interface command, you can enter single user interface view or multiple user interface views to configure the corresponding user interfaces. Example to configure the user interfaces with index numbers 0 to 9, enter the following : system-view system view...
Page 46
46 c hapter 1: u sing s ystem a ccess c ommands undo negate a command or set its default.
Page 47: Sing
2 u sing p ort c ommands this chapter describes how to use the following commands: ethernet port configuration commands ■ broadcast-suppression ■ copy configuration ■ description ■ display interface ■ display loopback-detection ■ display port ■ display unit ■ duplex ■ flow-control ■ interface ■ jumb...
Page 48
48 c hapter 2: u sing p ort c ommands ■ debugging link-aggregation event ■ debugging lacp packet ■ debugging lacp state ■ display link-aggregation summary ■ display link-aggregation verbose ■ display link-aggregation interface ■ display lacp system-id ■ lacp enable ■ lacp port-priority ■ lacp system...
Page 51
Ethernet port configuration commands 51 description use the description command to enter a description of an ethernet port. Use the undo description command to cancel the description. By default, an ethernet port does not have a description. Example set the description of port ethernet1/0/1 to be la...
Page 52
52 c hapter 2: u sing p ort c ommands ip sending frames' format is pktfmt_ethnt_2, hardware address is 00e0-fc00-0010 the maximum transmit unit is 1500 media type is twisted pair, loopback not set port hardware type is 1000_base_t unkown-speed mode, unknown-duplex mode link speed type is autonegotia...
Page 53
Ethernet port configuration commands 53 display loopback-detection syntax display loopback-detection view all views parameter none description use the display loopback-detection command to view whether the port loopback detection has been enabled. If it has been enabled, then the time interval of th...
Page 55
Ethernet port configuration commands 55 description using display unit unit-id interface command, you can view all port interfaces for the specified unit. Example display the port information for all ports on unit 1. Display unit 1 interface aux1/0/0 current state :down line protocol current state :...
Page 56
56 c hapter 2: u sing p ort c ommands system view: return to user view with ctrl+z. [sw5500]interface gigabitethernet 1/0/1 [sw5500-gigabitethernet1/0/1]duplex auto flow-control syntax flow-control undo flow-control view ethernet port view parameters none description use the flow-control command to ...
Page 57
Ethernet port configuration commands 57 you can use the interface_name at this command. This consists of the interface_type and the interface_number combined as a single parameter. For example ethernet1/0/1. Description use the command interface interface_type interface_number to enter the interface...
Page 58
58 c hapter 2: u sing p ort c ommands view ethernet port view parameter external: external loop test. Internal: internal loop test. Description use the loopback command to configure the ethernet port to perform the loopback test to check if the ethernet port works normally. The loop test will finish...
Page 59
Ethernet port configuration commands 59 example enable port loopback detection control. System-view system view: return to user view with ctrl+z. [sw5500]interface gigabitethernet 1/0/1 [sw5500-gigabitethernet1/0/1]loopback-detection control enable loopback-detection enable syntax loopback-detection...
Page 60
60 c hapter 2: u sing p ort c ommands by default, the interval is 30 seconds. Description use the loopback-detection interval-time command to configure the detection interval for the external loopback condition of each port. Use the undo loopback-detection interval-time command to restore the defaul...
Page 61
Ethernet port configuration commands 61 view ethernet port view parameter ratio : specifies the bandwidth ratio of multicast traffic allowed on an ethernet port. The ratio value ranges from 1 to 100. The incremental step is 1. By default, the ratio is 100 meaning all multicast traffic is accepted. T...
Page 62
62 c hapter 2: u sing p ort c ommands system view: return to user view with ctrl+z. [sw5500]interface gigabitethernet 1/0/1 [sw5500-gigabitethernet1/0/1]port access vlan 3 port hybrid pvid vlan syntax port hybrid pvid vlan vlan_id undo port hybrid pvid view ethernet port view parameter vlan_id: ente...
Page 63
Ethernet port configuration commands 63 parameter vlan_id_list: enter a vlan id, or more than one vlan id, in the range 2 to 4094. The hybrid port will be added to the specified vlans. This can be a single vlan, a series of individual vlans separated by a space, or the the first vlan in a range of v...
Page 64
64 c hapter 2: u sing p ort c ommands description use the port link-type command to configure the link type of the ethernet port. Use the undo port link-type command to restore the port as default status. By default, a port is an access port. A port on a switch can be configured as an access port, a...
Page 65
Ethernet port configuration commands 65 example to add the trunk port ethernet1/0/1 to vlan 2, vlan 4 and all vlans in the range 50-100, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]interface gigabitethernet 1/0/1 [sw5500-gigabitethernet1/0/1]port trunk perm...
Page 66
66 c hapter 2: u sing p ort c ommands parameter interface_type: specifies the port type. Interface_num: specifies the port number. Interface_name: specifies the port name in the interface_name= interface_type interface_num format. For parameter description, refer to the interface command. Descriptio...
Page 68
68 c hapter 2: u sing p ort c ommands parameter ratio : specifies the bandwidth ratio of unicast traffic allowed on an ethernet port. The ratio value ranges from 1 to 100. The incremental step is 1. By default, the ratio is 100 meaning all unicast traffic is accepted. The smaller the ratio is, the l...
Page 69
Ethernet port link aggregation commands 69 description use the debugging link-aggregation error command to enable link aggregation error debugging. Use the undo debugging link-aggregation error command to disable link aggregation error debugging. Example to enable link aggregation error debugging, e...
Page 70
70 c hapter 2: u sing p ort c ommands interface_type: specifies port type and interface_num port number. For more information, see the parameter item for the interface command. Description use the debugging lacp packet command to enable lacp packets debugging at a designated port or ports. Use the u...
Page 71
Ethernet port link aggregation commands 71 description use the debugging lacp state command to enable lacp state machines debugging on a designated port or ports. Use the undo debugging lacp state command to disable lacp state machines debugging on a designated port or ports. Example to enable all l...
Page 72
72 c hapter 2: u sing p ort c ommands description use the display link-aggregation verbose command to view detailed information of a link aggregation, including aggregation id, the type of aggregation, load-sharing type, detailed local information (member ports, port status, port priority, lacp stat...
Page 73
Ethernet port link aggregation commands 73 description use the display link-aggregation interface command to view detailed link aggregation information at a designated port, including aggregation group id for the port, port priority, operation key, lacp state flag, partner information (system id, po...
Page 74
74 c hapter 2: u sing p ort c ommands description use the display lacp system-id command to view actor system id, including system priority and system mac address. Related command: link-aggregation . Example to display the local system id. Display lacp system-id actor system id: 0x8000, 00e0-fc00-01...
Page 75
Ethernet port link aggregation commands 75 description use the lacp port priority command to configure port priority value. Use the undo lacp port-priority command to restore the default value. Related commands: display link-aggregation verbose and display link-aggregation interface . Example to set...
Page 76
76 c hapter 2: u sing p ort c ommands alname: aggregation group name, character string with 1 to 32 characters. Description use the link-aggregation group agg_id description command to configure descriptor for an aggregation group. Use the undo link-aggregation group agg-id description command to de...
Page 77
Ethernet port link aggregation commands 77 port link-aggregation group syntax port link-aggregation group agg_id undo port link-aggregation group view ethernet port view parameter agg_id: aggregation group id, in the range of 1 to 464. Description use the port link-aggregation group agg_id command t...
Page 78
78 c hapter 2: u sing p ort c ommands description use the reset lacp statistics command to clear lacp statistics at a designated port. If no port is specified, then lacp statistics at all ports shall be cleared. Related command: display link-aggregation interface . Example to clear lacp statistics a...
Page 79: Sing
3 u sing vlan c ommands this chapter describes how to use the following commands: vlan configuration commands ■ description ■ display interface vlan-interface ■ display vlan ■ interface vlan-interface ■ port ■ shutdown ■ vlan voice vlan commands ■ display voice vlan oui ■ display voice vlan status ■...
Page 80
80 c hapter 3: u sing vlan c ommands vlan configuration commands this section describes the commands you can use to configure and manage the vlans and vlan interfaces on your system. Description syntax description string undo description view vlan view parameter string: enter a description of the cu...
Page 81
Vlan configuration commands 81 ■ vlan interface description ■ maximum transmit unit (mtu) ■ ip address and subnet mask ■ format of the ip frames ■ mac hardware address. Use display interface vlan-interface to display information on all vlan interfaces. Use display interface vlan-interface vlan_id to...
Page 82
82 c hapter 3: u sing vlan c ommands the command display vlan all to display information on all the vlans. Use the command display vlan dynamic to display information on vlans created dynamically by the system. Use the command display vlan static to display information of vlan created statically by ...
Page 84
84 c hapter 3: u sing vlan c ommands by default, when all ethernet ports are in down status in vlan interface, the vlan interface is in down status and is disabled. When there is one or more ethernet ports in vlan interface are in up status, the vlan interface is up. This command can be used to star...
Page 85
Voice vlan configuration commands 85 voice vlan configuration commands this section describes the commands you can use to configure voice vlans. Display voice vlan oui syntax display voice vlan oui view any view parameter none description use the display voice vlan oui command to display the oui add...
Page 86
86 c hapter 3: u sing vlan c ommands voice vlan status: enable voice vlan id: 2 voice vlan configuration mode: auto voice vlan security mode: security voice vlan aging time: 100 minutes current voice vlan enabled port: -------------------------------- ethernet1/0/2, ethernet1/0/3, voice vlan aging s...
Page 87
Voice vlan configuration commands 87 you can only run the voice vlan function on the port when all the voice vlan features in system view and port view are enabled. For the related command, see display voice vlan status . Example to enable the voice vlan features on port ethernet1/0/2, enter the fol...
Page 88
88 c hapter 3: u sing vlan c ommands parameter oui: the mac address to be set, in the format h-h-h. Oui_mask: the valid length of a mac address, represented by a mask, and in the format h-h-h. Description string: description of the mac address, in the range of 1 to 30. Description use the voice vlan...
Page 89
Voice vlan configuration commands 89 by default, the voice vlan is in auto mode. If required, the voice vlan mode auto and undo voice vlan mode auto commands must be executed before the voice vlan features are enabled globally. For the related command, see display voice vlan status . Example to set ...
Page 90
90 c hapter 3: u sing vlan c ommands.
Page 91: Sing
4 u sing p ower over e thernet (p o e) c ommands this chapter describes how to use the following commands: poe configuration commands ■ display poe interface ■ display poe interface power ■ display poe powersupply ■ poe max-power ■ poe mode ■ poe power-management ■ poe priority ■ poe update.
Page 93
Poe configuration commands 93 gigabitethernet1/0/15 off enable signal low detection gigabitethernet1/0/16 off enable signal low detection gigabitethernet1/0/17 off enable signal low detection gigabitethernet1/0/18 off enable signal low detection gigabitethernet1/0/19 off enable signal low detection ...
Page 94
94 c hapter 4: u sing p ower over e thernet (p o e) c ommands port power :12400 mw display the power information of all ports. [sw5500]display poe power port index power (mw) port indexpower (mw) gigabitethernet1/0/1 0 gigabitethernet1/0/2 100 gigabitethernet1/0/3 200 gigabitethernet1/0/4 300 gigabi...
Page 95
Poe configuration commands 95 description use the display poe powersupply command to view the parameters of the power sourcing equipment (pse). Example display the pse parameters. [sw5500]display poe powersupply pse id :1 pse legacy detection :disable pse total power consumption :12000 mw pse availa...
Page 96
96 c hapter 4: u sing p ower over e thernet (p o e) c ommands view system view parameter none description use the poe legacy enable command to enable the nonstandard-pd detect function. Use the undo poe legacy enable command to disable the nonstandard-pd detect function. Pds compliant with 802.3af s...
Page 97
Poe configuration commands 97 the unit of power is mw. You can set the power in the granularity of 100 mw. The actual maximum power will be 5% larger than what you have set allowing for the effect of transient peak power. Example set the maximum power supplied by current port. [sw5500-gigabitetherne...
Page 98
98 c hapter 4: u sing p ower over e thernet (p o e) c ommands view system view parameter auto: adopt the auto mode, a poe management mode based on port priority. Manual: adopt the manual mode. Description use the poe power-management command to configure the poe management mode of port used in the c...
Page 99
Poe configuration commands 99 if there are too many ports with critical priority, the total power these ports need might exceed the maximum power supplied by the equipment, i.E., 300w. In this case, no new pd can be added to the switch. When the remaining power of the whole equipment is below 18.8 w...
Page 100
Ethernet port configuration commands 67 speed syntax for a 100 mbps ethernet port, the parameters for this command are as follows: speed { 10
Page 101: Sing
5 u sing n etwork p rotocol c ommands this chapter describes how to use the following commands: ip address configuration commands ■ display ip host ■ display ip interface ■ ip address ■ ip host arp configuration commands ■ arp check enable ■ arp static ■ arp timer aging ■ debugging arp packet ■ disp...
Page 102
102 c hapter 5: u sing n etwork p rotocol c ommands ■ debugging dhcp-relay ■ dhcp-security static ■ dhcp-server ■ dhcp-server ip ■ display dhcp-security ■ display dhcp-server ■ display dhcp-server interface vlan-interface access management configuration commands ■ am enable ■ am ip-pool ■ am trap en...
Page 103
103 ■ tcp timer syn-timeout ■ tcp window.
Page 104
104 c hapter 5: u sing n etwork p rotocol c ommands ip address configuration commands this section describes the commands you can use to configure and manage ip addressing on your switch 5500g-ei. Display ip host syntax display ip host view all views parameter none description use the display ip hos...
Page 105
Ip address configuration commands 105 the maximum transmit unit : 1500 bytes input packets : 0, bytes : 0, multicasts : 0 output packets : 0, bytes : 0, multicasts : 0 ttl invalid packet number: 0 icmp packet input number: 0 echo reply: 0 unreachable: 0 source quench: 0 routing redirect: 0 echo requ...
Page 106
106 c hapter 5: u sing n etwork p rotocol c ommands use the undo ip address ip_address mask command to cancel the primary ip address and ip subnet mask of a vlan interface. Before you can cancel the primary ip address of an interface, you must cancel any secondary ip addresses. Use the undo ip addre...
Page 107
Arp configuration commands 107 example to enter a host name of lanswitch1 for the ip address 202.38.0.8, enter the following . System-view system view: return to user view with ctrl+z. [sw5500]ip host lanswitch1 202.38.0.8 arp configuration commands this section describes the commands you can use to...
Page 108
108 c hapter 5: u sing n etwork p rotocol c ommands mac_address enter the mac address of the arp mapping entry, in the format h-h-h (h indicates a four digit hexadecimal number, for example 00e0-fc01-0000). Vlan_id enter the id number of the local vlan that you want to use to associate with the arp ...
Page 109
Arp configuration commands 109 description use the arp timer aging command to configure the dynamic arp aging timer. Use the undo arp timer aging command to restore the default time of 20 minutes. Related commands: display arp timer aging example to configure the dynamic arp aging timer to 10 minute...
Page 111
Arp configuration commands 111 display arp timer aging syntax display arp timer aging view all views. Parameter none. Description use the display arp timer aging command to view the current setting of the dynamic arp aging timer. Example to display the current setting of the dynamic arp aging timer,...
Page 112
112 c hapter 5: u sing n etwork p rotocol c ommands description use the reset arp command to remove information that is no longer required from the arp mapping table. You can remove entries of a specified type, or from a specified port. Use the reset arp command to clear all arp entries. You are ask...
Page 113
Resilient arp configuration commands 113 example to enable debugging resilient arp packets, enter the following: debugging resilient-arp packet display resilient-arp syntax display resilient-arp [ unit unit-id ] view any view parameter unit-id enter the unit id, in the range of 1 to 8. Description u...
Page 114
114 c hapter 5: u sing n etwork p rotocol c ommands example to enable the resilient arp function, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]resilient-arp enable resilient-arp interface vlan-interface syntax resilient-arp interface vlan-interface vlan-id u...
Page 115
Bootp client configuration commands 115 bootp client configuration commands this section describes the commands you can use to configure and manage the bootp client operations on your switch 5500g-ei. Debugging dhcp xrn xha syntax debugging dhcp xrn xha undo debugging dhcp xrn xha view user view par...
Page 116
116 c hapter 5: u sing n etwork p rotocol c ommands example to configure vlan interface 1 to obtain ip address using bootp, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]interface vlan-interface 1 [sw5500-vlan-interface1]ip address bootp-alloc dhcp client con...
Page 117
Dhcp client configuration commands 117 parameter none description use the debugging dhcp xrn xha command to enable dhcp client hot backup debugging. Use the undo debugging dhcp xrn xha command to disable dhcp client hot backup debugging. By default, dhcp client hot backup debugging is disabled. Exam...
Page 118
118 c hapter 5: u sing n etwork p rotocol c ommands undo ip address dhcp-alloc view vlan interface view parameter none description use the ip address dhcp-alloc command to configure vlan interface to obtain ip address using dhcp. Use the undo ip address dhcp-alloc command to remove the configuration...
Page 119
Dhcp relay configuration commands 119 system-view system view: return to user view with ctrl+z. [sw5500]interface vlan-interface 1 [sw5500-vlan-interface1]address-check enable debugging dhcp-relay syntax debugging dhcp-relay undo debugging dhcp-relay view user view parameter none description use the...
Page 121
Dhcp relay configuration commands 121 use the undo dhcp-server command to remove the vlan interface from the selected dhcp server group. By default, dhcp server requests are not forwarded. You can only add the primary vlan interface to a dhcp server group. The primary vlan interface is the first int...
Page 123
Dhcp relay configuration commands 123 description use the display dhcp-server command to view information on a selected dhcp server group. Related commands: dhcp-server ip , dhcp-server , display dhcp-server interface vlan-interface , debugging dhcp-relay . Example to view information on dhcp server...
Page 124
124 c hapter 5: u sing n etwork p rotocol c ommands the information displays in the following format: the dhcp server group of this interface is 0 the information shown above indicates that vlan-interface 2 is configured with a dhcp server group whose id is 0. Access management configuration command...
Page 125
Access management configuration commands 125 ip-pool enter to configure ip address pool for access management. Address-list enter ip address list in the start_ip_address [ ip_address_num ] & > format. Start_ip_address is the start address of an ip address range in the pool. Ip_address_num specifies ...
Page 126
126 c hapter 5: u sing n etwork p rotocol c ommands use the undo am trap enable command to disable the access management trap function. By default, the access management trap is disabled. Example to enable the access management trap, enter the following: system-view system view: return to user view ...
Page 127
Access management configuration commands 127 display isolate port syntax display isolate port view any view parameter none description use the display isolate port command to view port isolation information. Example to display port isolation information, enter the following: display isolate port uni...
Page 128
128 c hapter 5: u sing n etwork p rotocol c ommands example to add ethernet1/0/1 and ethernet1/0/2 to isolation group, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]interface gigabitethernet 1/0/1 [sw5500-gigabitethernet1/0/1]port isolate [sw5500-gigabitether...
Page 129
Udp helper configuration commands 129 parameter vlan_id vlan interface id. Description use the display udp-helper server command to view the information of destination helper server corresponding to the vlan interface. Example to display the information of destination helper server corresponding to ...
Page 130
130 c hapter 5: u sing n etwork p rotocol c ommands parameters port enter the id of the udp port with relay function to be enabled, in the range of 1 to 65535. Dns domain name system, corresponding to udp port 53. Netbios-ds netbios datagram service, corresponding to udp port 138. Netbios-ns netbios...
Page 131
Ip performance configuration commands 131 system-view system view: return to user view with ctrl+z. [sw5500]interface vlan-interface 1 [sw5500-vlan-interface1]udp-helper server 192.1.1.2 ip performance configuration commands this section describes the commands you can use to configure and manage the...
Page 132
132 c hapter 5: u sing n etwork p rotocol c ommands parameters ip_address1, ip_address2 enter destination ip address, in dotted decimal format. Ip_address1 and ip_address2 jointly define the address range. The fib entries in this address range will be displayed. Mask1 , mask2 , mask-length1 , mask-l...
Page 135
Ip performance configuration commands 135 timestamp 0 information request 0 mask requests 0 mask replies 0 time exceeded 0 output:echo 10 destination unreachable 0 source quench 0 redirects 0 echo reply 5 parameter problem 0 timestamp 0 information reply 0 mask requests 0 mask replies 0 time exceede...
Page 136
136 c hapter 5: u sing n etwork p rotocol c ommands la = 0.0.0.0:23, fa = 0.0.0.0:0, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = so_acceptconn so_keepalive so_sendvpnid so_setkeepalive, socket state = ss_priv ss_async task = vtyd(18), socketid = 2, proto = 6, la = 10.153.17.9...
Page 137
Ip performance configuration commands 137 example to view statistics about ip packets, enter the following: display ip statistics input: sum 7120 local 112 bad protocol 0 bad format 0 bad checksum 0 bad options 0 output: forwarding 0 local 27 dropped 0 no route 2 compress fails 0 fragment:input 0 ou...
Page 138
138 c hapter 5: u sing n etwork p rotocol c ommands description use the display tcp statistics command to view the statistics information about tcp packets. The statistics information about tcp packets are divided into two major kinds which are received packets and sent packets. Each kind of packet ...
Page 139
Ip performance configuration commands 139 parameter none description use the display tcp status command to view the tcp connection state. Example to display the state of all tcp connections, enter the following: display tcp status tcpcb local add:port foreign add:port state 03e37dc4 0.0.0.0:4001 0.0...
Page 140
140 c hapter 5: u sing n etwork p rotocol c ommands reset ip statistics syntax reset ip statistics view user view parameter none description use the reset ip statistics command to clear the ip statistics information. Related commands: display ip interface , display ip statistics . Example to clear t...
Page 141
Ip performance configuration commands 141 example to clear the udp traffic statistics information, enter the following: reset udp statistics tcp timer fin-timeout syntax tcp timer fin-timeout time-value undo tcp timer fin-timeout view system view parameter time-value enter the tcp finwait timer valu...
Page 142
142 c hapter 5: u sing n etwork p rotocol c ommands use the undo tcp timer syn-timeout command to restore the default value of the timer. Tcp will enable the synwait timer, if a syn packet is sent. The tcp connection will be terminated if the response packet is not received. Related commands: tcp ti...
Page 143: Sing
6 u sing r outing p rotocol c ommands this chapter describes how to use the following commands: routing table display commands ■ display ip routing-table ■ display ip routing-table acl ■ display ip routing-table ip_address ■ display ip routing-table ip_address1 ip_address2 ■ display ip routing-table...
Page 144
144 c hapter 6: u sing r outing p rotocol c ommands ■ rip authentication-mode ■ rip input ■ rip metricin ■ rip metricout ■ rip output ■ rip split-horizon ■ rip version ■ rip work ■ summary ■ timers ■ traffic-share-across- interface ospf configuration commands ■ abr-summary ■ area ■ asbr-summary ■ au...
Page 145
145 ■ filter-policy export ■ filter-policy import ■ import-route ■ network ■ nssa ■ ospf ■ ospf authentication-mode ■ ospf cost ■ ospf dr-priority ■ ospf mib-binding ■ ospf mtu-enable ■ ospf network-type ■ ospf timer dead ■ ospf timer hello ■ ospf timer poll ■ ospf timer retransmit ■ ospf trans-dela...
Page 147
Routing table display commands 147 3.3.3.0/24 direct 0 0 3.3.3.1 vlan-interface3 3.3.3.1/32 direct 0 0 127.0.0.1 inloopback0 4.4.4.0/24 direct 0 0 4.4.4.1 vlan-interface4 4.4.4.1/32 direct 0 0 127.0.0.1 inloopback0 127.0.0.0/8 direct 0 0 127.0.0.1 inloopback0 127.0.0.1/32 direct 0 0 127.0.0.1 inloop...
Page 148
148 c hapter 6: u sing r outing p rotocol c ommands routes matched by access-list 2000: summary count: 4 destination/mask protocol pre cost nexthop interface 10.1.1.0/24 direct 0 0 10.1.1.21 vlan-interface1 10.1.1.2/32 direct 0 0 127.0.0.1 inloopback0 for detailed description of the output informati...
Page 149
Routing table display commands 149 display ip routing-table ip_address syntax display ip routing-table ip_address [ mask ] [ longer-match ] [ verbose ] view all views parameters ip_address enter the destination ip address. State route state desription: activeu — the route is selected and is optimum ...
Page 150
150 c hapter 6: u sing r outing p rotocol c ommands mask enter either the ip subnet mask (in x.X.X.X format), or the subnet mask length (in the range 0 to 32). Optional. Longer-match enter to display an address route that matches the destination ip address in natural mask range . Optional. Verbose e...
Page 151
Routing table display commands 151 age: 3:47 cost: 0/0 for detailed description of output information, refer to table 18 . Display ip routing-table ip_address1 ip_address2 syntax display ip routing-table ip_address1 m ask1 i p_address2 mask2 [ verbose ] view all views parameters ip_address1 mask1 en...
Page 152
152 c hapter 6: u sing r outing p rotocol c ommands parameter ip_prefix_name enter the ip prefix list name. Verbose enter to display verbose information about both the active and inactive routes that passed filtering rules. Without this parameter, this command displays the summary of active routes t...
Page 154
154 c hapter 6: u sing r outing p rotocol c ommands to display a summary of all static route information, enter the following: display ip routing-table protocol static the information displays in the following format: static routing tables: summary count: 1 static routing tables status:: summary cou...
Page 155
Routing table display commands 155 display ip routing-table statistics syntax display ip routing-table statistics view all views parameter none description use the display ip routing-table statistics command to display the routing information for all protocols. The information includes the number of...
Page 156
156 c hapter 6: u sing r outing p rotocol c ommands parameter none description use the display ip routing-table verbose command to display the verbose routing table information. The information displayed includes the route state, the verbose description of each route and the statistics of the entire...
Page 157
Static route configuration command 157 static route configuration command this section describes the command you can use to configure a static route. Delete static-routes all syntax delete static-routes all view system view parameter none description use the delete static-routes all command to delet...
Page 158
158 c hapter 6: u sing r outing p rotocol c ommands mask-length enter the number of consecutive 1s in the mask. Because 1s in the 32-bit mask must be consecutive, the mask in dotted decimal format can be replaced by mask-length . Interface_name specify the transmission interface name of the route.Pa...
Page 159
Rip configuration commands 159 use the following precautions when configuring a static route: ■ you cannot specify an interface address of the local switch as the next hop address of an static route. ■ when the destination ip address and subnet mask are both set to 0.0.0.0, this is the configured de...
Page 160
160 c hapter 6: u sing r outing p rotocol c ommands example to configure the switch not to perform zero checking for rip-1 packet, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]rip [sw5500-rip]undo checkzero default cost syntax default cost value undo default...
Page 161
Rip configuration commands 161 example to display the current running state and configuration information of rip, enter the following: display rip rip is running public net vpn-instance checkzero is on default cost : 1 summary is on preference : 100 traffic-share-across-interface is off period updat...
Page 162
162 c hapter 6: u sing r outing p rotocol c ommands table 23 description of the display rip interface command display rip routing syntax display rip routing view all views parameter none description use the display rip routing command to view rip routing information. Example to display rip routing i...
Page 165
Rip configuration commands 165 host-route syntax host-route undo host-route view rip view parameter none description use the host-route command to configure rip to accept host routes. This is the default. Use the undo host-route command to configure rip to reject host routes. Example to configure ri...
Page 166
166 c hapter 6: u sing r outing p rotocol c ommands transmits it with the specified cost value. This command can greatly enhance the rip capability of obtaining routes, thus increases the rip performance. If the cost value is not specified, routes will be imported according to the default cost rangi...
Page 167
Rip configuration commands 167 when the network command is used on an ip address, the interface on this network segment is enabled. For example, if you view the network 129.102.1.1 with both the display current-configuration command and the display rip , the ip address is shown as 129.102.0.0. Relat...
Page 168
168 c hapter 6: u sing r outing p rotocol c ommands parameter value enter the preference level, in the range 1 to 255. By default, the value is 100. Description use the preference command to configure the route preference of rip. Use the undo preference command to restore the default preference. The...
Page 169
Rip configuration commands 169 parameter none description use the rip command to enable rip and enter the rip command view. From here, you can configure rip using the other commands described in this section. Use the undo rip command to disable rip. By default, rip is disabled. Enabling rip does not...
Page 170
170 c hapter 6: u sing r outing p rotocol c ommands use the rip authentication-mode simple command to configure the rip-2 simple text authentication key. Use the rip authentication-mode md5 usual key-string to configure the md5 cipher text authentication key for rip-2. Use the rip authentication-mod...
Page 171
Rip configuration commands 171 parameter none description use the rip input command to allow an interface to receive rip packets. By default, all interfaces except loopback interfaces are able to receive rip packets. Use the undo rip input command to block an interface from receiving rip packets. Th...
Page 172
172 c hapter 6: u sing r outing p rotocol c ommands [sw5500]interface vlan-interface 1 [sw5500-vlan-interface1]rip metricin 2 rip metricout syntax rip metricout value undo rip metricout view interface view parameter value enter an additional route metric added when transmitting a packet, ranging fro...
Page 173
Rip configuration commands 173 this command is used in conjunction with two other commands: rip input and rip work . Rip input and rip output control, respectively, the receipt and the transmission of rip packets on an interface. Rip work allows both receipt and transmission of rip packets. Related ...
Page 174
174 c hapter 6: u sing r outing p rotocol c ommands parameters 1 enter to set the interface version to rip-1. 2 enter to set the interface version to rip-2. Broadcast enter to set the transmission mode of an rip-2 packet to broadcast. Multicast enter to set the transmission mode of an rip-2 packet t...
Page 175
Rip configuration commands 175 use the undo rip work command to disable rip on an interface. This command is used in conjunction with the rip input , rip output and network commands. Refer to the descriptions of these commands for details. Related commands: network , rip input , rip output . Example...
Page 177
Ospf configuration commands 177 description use the traffic-share-across-interface command to enable rip to distribute traffic equally among interfaces by employing equivalent routes. Use the undo traffic-share-across-interface command to disable traffic sharing among interfaces. By default traffic ...
Page 178
178 c hapter 6: u sing r outing p rotocol c ommands abr. For each network segment configured with route aggregation, there is only one route transmitted to other areas. Example to enter area 1, and then aggregate the network segments, 66.48.10.0 and 66.48.120.0 into the summary route 66.48.0.0, ente...
Page 179
Ospf configuration commands 179 mask enter the ip subnet mask. Not-advertise enter this parameter if you do not want to advertise routes matching the specified ip address and mask. Tag value enter a tag value, which is mainly used to control advertisement of routes via route-policy. This value can b...
Page 180
180 c hapter 6: u sing r outing p rotocol c ommands use the undo authentication-mode command to cancel the authentication mode for this area. By default, an area does not support an authentication mode. All the routers in one area must use the same authentication mode (no authentication, simple text...
Page 181
Ospf configuration commands 181 example to specify a default routing cost of 10 for an external route imported by ospf, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]router id 1.1.1.1 [sw5500]ospf [sw5500-ospf-1]default cost 10 default interval syntax default...
Page 182
182 c hapter 6: u sing r outing p rotocol c ommands parameter routes enter a limit on the number of imported external routes, in the range 200 to 2147483647. By default, the limit is 1000. Description use the default limit command to configure maximum number of allowed imported routes. Use the undo ...
Page 184
184 c hapter 6: u sing r outing p rotocol c ommands description use the default-cost command to configure the cost of the route transmitted by ospf to a stub or nssa area. Use the undo default-cost command to restore the default cost of the default route transmitted by ospf to a stub or nssa. Relate...
Page 185
Ospf configuration commands 185 the import-route command cannot import the default route. When local router is not configured with default route, the keyword always should be used by ase lsa to generate default route. Related command: import-route . Example if a local route has no default route, the...
Page 186
186 c hapter 6: u sing r outing p rotocol c ommands view all views parameter process-id enter the process id of ospf, ranging from 1 to 65535. The command is applied to all current ospf processes if you do not specify a process id. Description use the display ospf abr-asbr command to view informatio...
Page 187
Ospf configuration commands 187 if you do not specify an ip address and subnet mask, the summary information of all ospf imported routes is displayed. Related command: asbr-summary . Example to display the summary information of all ospf imported routes, enter the following: display ospf asbr-summar...
Page 188
188 c hapter 6: u sing r outing p rotocol c ommands example to display ospf summary information, enter the following: display ospf brief ospf process 1 with router id 10.110.95.189 ospf protocol information the information displays in the following format: routerid: 10.110.95.189 border router: as s...
Page 189
Ospf configuration commands 189 display ospf cumulative syntax display ospf [ process-id ] cumulative view all views parameter process-id enter process id of ospf, ranging from 1 to 65535. The command is applied to all current ospf processes if you do not specify a process id. Description use the di...
Page 190
190 c hapter 6: u sing r outing p rotocol c ommands display ospf error syntax display ospf [ process-id ] error view all views parameter process-id enter the process id of ospf, ranging from 1 to 65535. The command is applied to all current ospf processes if you do not specify a process id. Descript...
Page 191
Ospf configuration commands 191 0: ospf: packet size > ip length 0:ospf: transmit error 0: ospf: interface down 0:ospf: unknown neighbor 0: hello: netmask mismatch 0:hello: hello timer mismatch 0: hello: dead timer mismatch 0:hello: extern option mismatch 0: hello: router id confusion 0:hello: virtu...
Page 192
192 c hapter 6: u sing r outing p rotocol c ommands display ospf interface syntax display ospf [ process-id ] interface [ interface-type port-number ] view all views parameters process-id enter the process id of ospf, ranging from 1 to 65535. The command is applied to all current ospf processes if y...
Page 194
194 c hapter 6: u sing r outing p rotocol c ommands description use the display ospf lsdb command to view database information about the ospf connecting state. Example to display database information about the ospf connecting state, enter the following: display ospf lsdb ospf process 1 with router i...
Page 195
Ospf configuration commands 195 seq#: 80000001 chksum: 0xfcaf options: (dc) net mask: 255.255.0.0 tos 0 metric:1 e type:2 forwarding address:0.0.0.0 tag: 1 display ospf nexthop syntax display ospf [ process-id ] nexthop view all views parameter process-id enter the process id of ospf, ranging from 1...
Page 196
196 c hapter 6: u sing r outing p rotocol c ommands display ospf peer syntax display ospf [ process-id ] peer [ brief ] view all views parameter process-id enter the process id of ospf, ranging from 1 to 65535. The command is applied to all current ospf processes if you do not specify a process id. ...
Page 197
Ospf configuration commands 197 to view brief information for every peer, enter the following: display ospf peer brief ospf process 1 with router id 1.1.1.1 neighbor statistics area id down attempt init 2-way exstart exchange loading full total 0.0.0.0 0 0 0 0 0 0 0 1 1 0.0.0.1 0 0 0 0 0 0 0 1 1 tot...
Page 198
198 c hapter 6: u sing r outing p rotocol c ommands view all views parameter process-id : enter the process id of ospf, ranging from 1 to 65535. The command is applied to all current ospf processes if you do not specify a process id. Description use the display ospf request-queue command to view inf...
Page 199
Ospf configuration commands 199 example to display information on the ospf retransmission queue, enter the following: display ospf retrans-queue ospf process 200 with router id 103.160.1.1 the information displays in the following format: the router's neighbors is routerid: 162.162.162.162 address: ...
Page 200
200 c hapter 6: u sing r outing p rotocol c ommands display ospf vlink syntax display ospf [ process-id ] vlink view all views parameter process-id : enter the process id of ospf, ranging from 1 to 65535. The command is applied to all current ospf processes if you do not specify a process id. Descri...
Page 203
Ospf configuration commands 203 undo import-route protocol view ospf view parameter protocol enter the source routing protocol to be imported. This can be one of the following: direct , rip , and static . Route-policy route_policy_name enter a route policy name. Only routes that match the specified ...
Page 204
204 c hapter 6: u sing r outing p rotocol c ommands ip_mask enter the ip address mask or ip address wildcard shielded text (similar to the complement of the ip address mask). Description using the network command, you can configure the interface running ospf protocol to which the interface belongs. ...
Page 205
Ospf configuration commands 205 for all the routers connected to the nssa area, the command nssa must be used to configure the area as the nssa attribute. The default-route-advertise parameter is used to generate a default type-7 lsa. No matter whether there is route 0.0.0.0 in the routing table on ...
Page 207
Ospf configuration commands 207 [sw5500-ospf-1]area 1 [sw5500-ospf-1-area-0.0.0.1]network 131.119.0.0 0.0.255.255 [sw5500-ospf-1-area-0.0.0.1]authentication-mode md5 [sw5500-ospf-1-area-0.0.0.1]quit [sw5500-ospf-1]quit [sw5500]interface vlan-interface 1 [sw5500-vlan-interface1]ospf authentication-mo...
Page 208
208 c hapter 6: u sing r outing p rotocol c ommands description using the ospf dr-priority command, you can configure the priority for electing the "designated router" on an interface. Using the undo ospf dr-priority command, you can restore the default value. The priority of the interface determine...
Page 209
Ospf configuration commands 209 cancel the binding of mib operation. [sw5500]undo ospf mib-binding ospf mtu-enable syntax ospf mtu-enable undo ospf mtu-enable view vlan interface view parameter none description using the ospf mtu-enable command, you can enable the interface to write the mtu value wh...
Page 210
210 c hapter 6: u sing r outing p rotocol c ommands description use the ospf network-type command to configure the network type of ospf interface. Use the undo ospf network-type command to restore the default network type of the ospf interface. Ospf divides networks into four types by link layer pro...
Page 211
Ospf configuration commands 211 parameter seconds enter the amount of dead time allowed, in seconds, in the range 1 to 65535. Description using the ospf timer dead command, you can configure the amount of dead time allowed to ospf neighbors, in seconds. Using the undo ospf timer dead command, you ca...
Page 212
212 c hapter 6: u sing r outing p rotocol c ommands system-view system view: return to user view with ctrl+z. [sw5500]interface vlan-interface 1 [sw5500-vlan-interface1]ospf timer hello 20 ospf timer poll syntax ospf timer poll seconds undo ospf timer poll view vlan interface view parameter seconds ...
Page 213
Ospf configuration commands 213 using the undo ospf timer retransmit command, you can restore the default interval value for lsa re-transmission on an interface. When a router transmits a link state advertisement (lsa) to the peer, it waits for the acknowledgement packet. If no acknowledgement is re...
Page 214
214 c hapter 6: u sing r outing p rotocol c ommands peer syntax peer ip_address [ dr-priority dr _ priority _ number ] undo peer ip _ address view ospf view parameter ip_address enter the ip address of the neighboring router. Dr_priority_number enter the priority value that represents the correspond...
Page 215
Ospf configuration commands 215 because multiple dynamic routing protocols could be running on a router at any one time, priority needs to be assigned to each protocol. Using this command, you can set a default preference for each routing protocol. The protocol with the higher preference has priorit...
Page 216
216 c hapter 6: u sing r outing p rotocol c ommands view system view parameter router_id enter the router id as a 32-bit unsigned integer. Description using the router id command, you can configure the id of a router running the ospf protocol. Using the undo router id command, you can cancel the rou...
Page 217
Ospf configuration commands 217 description using the silent-interface command, you can prevent an interface from transmitting ospf packets. Using the undo silent-interface command, you can restore the default setting. By default, the interface transmits ospf packets. You can use this command to sto...
Page 218
218 c hapter 6: u sing r outing p rotocol c ommands this command cannot be applied to the ospf processes that are started after the command is executed. By default, the switch does not send trap packets in case of ospf anomalies. For detailed configuration of snmp trap, see “using system management ...
Page 219
Ospf configuration commands 219 view ospf area view parameter no-summary enter to prevent the transmission of summary lsas to the stub area. Description using the stub command, you can configure the type of an ospf area as “stub”. Using the undo stub command, you can cancel the setting. By default, ...
Page 220
220 c hapter 6: u sing r outing p rotocol c ommands simple password enter the simple text authentication key of the interface, in eight characters or less. This must equal the authentication key of the virtually linked neighbor. Md5 keyid enter the md5 authentication key id, in the range 1 to 255. T...
Page 221
Ip routing policy configuration commands 221 view route policy view parameter value enter the route cost value of route information. Description use the apply cost command to configure the route cost value of route information. This command is one of the apply sub-statements of the route-policy attr...
Page 222
222 c hapter 6: u sing r outing p rotocol c ommands system-view system view: return to user view with ctrl+z. [sw5500]route-policy permit node 1 % new sequence of this list [sw5500-route-policy]apply tag 100 display ip ip-prefix syntax display ip ip-prefix [ ip_prefix_name ] view all views parameter...
Page 224
224 c hapter 6: u sing r outing p rotocol c ommands it may be necessary that only the routing information that meets special conditions can be advertised. Then, the filter-policy command can be used to set the filtering conditions for the advertised routing information. Only the routing information ...
Page 225
Ip routing policy configuration commands 225 it may be necessary that only the routing information that meets special conditions can be received. Then, the filter-policy command can be used to set the filtering conditions for the received routing information. Only the routing information passing the...
Page 226
226 c hapter 6: u sing r outing p rotocol c ommands if-match cost syntax if-match cost value undo if-match cost view route policy view parameter value specify the required route metric value, ranging from 0 to 4294967295. Description use the if-match cost command to configure one of the match rules ...
Page 227
Ip routing policy configuration commands 227 use the undo if-match interface command to cancel the setting of matching condition. By default, no match sub-statement is defined. Related command: if-match acl , if-match ip-prefix , if-match ip next-hop , if-match cost , if-match tag , route-policy , a...
Page 228
228 c hapter 6: u sing r outing p rotocol c ommands [sw5500]route-policy permit node 1 % new sequence of this list [sw5500-route-policy]if-match ip next-hop ip-prefix p1 if-match tag syntax if-match tag value undo if-match tag view route policy view parameter value enter the value in tag field of os...
Page 229
Ip routing policy configuration commands 229 permit enter to specify the match mode of the defined address prefix list items as permit mode. Deny enter to specify the match mode of the defined address prefix list items as deny mode. Network enter the ip address prefix range (ip address). If it is 0....
Page 231
Route capacity configuration commands 231 route capacity configuration commands this section describes the commands you can use to configure route capacity on the switch. Display memory syntax display memory [ unit unit-id ] mode any view parameter unit-id enter the unit id. Description use the disp...
Page 232
232 c hapter 6: u sing r outing p rotocol c ommands example display the current memory setting and state information. Display memory limit current memory limit configuration information: system memory safety: 2 (mbytes) system memory limit: 1 (mbytes) auto-establish enabled free memory: 67397036 (by...
Page 234
234 c hapter 6: u sing r outing p rotocol c ommands parameter safety safety_value enter the safety value of the switch idle memory, in mbytes. Its value range depends on the idle memory of the active switch. The default value is 4mbytes. Limit limit_value enter the lower limit of the switch idle mem...
Page 235: Sing
7 u sing m ulticast p rotocol c ommands this chapter describes how to use the following commands: igmp snooping configuration commands ■ display igmp-snooping configuration ■ display igmp-snooping group ■ display igmp-snooping statistics ■ igmp-snooping ■ igmp-snooping host-aging-time ■ igmp-snoopin...
Page 236
236 c hapter 7: u sing m ulticast p rotocol c ommands ■ igmp host-join port ■ igmp host-join vlan ■ igmp lastmember- queryinterval ■ igmp max-response-time ■ igmp robust-count ■ igmp timer other-querier-present ■ igmp timer query ■ igmp version ■ reset igmp group pim configuration commands ■ bsr-pol...
Page 237
Igmp snooping configuration commands 237 igmp snooping configuration commands this section describes how to use the internet group management protocol (igmp) configuration commands on your switch 5500g-ei. Display igmp-snooping configuration syntax display igmp-snooping configuration view all views ...
Page 238
238 c hapter 7: u sing m ulticast p rotocol c ommands description use the display igmp-snooping group command to view the ip multicast groups and mac multicast groups under vlan. This command displays the ip multicast group and mac multicast group information of a vlan or all the vlan where the ethe...
Page 239
Igmp snooping configuration commands 239 related command: igmp-snooping . Example display statistics information about igmp snooping. Display igmp-snooping statistics received igmp general query packet(s) number:0. Received igmp specific query packet(s) number:0. Received igmp v1 report packet(s) nu...
Page 240
240 c hapter 7: u sing m ulticast p rotocol c ommands undo igmp-snooping host-aging-time view system view parameter seconds : specifies the port aging time of the multicast group member, ranging from 200 to 1000 and measured in seconds. The default is 260. Description use the igmp-snooping host-agin...
Page 241
Igmp snooping configuration commands 241 example configure to respond to the igmp snooping packet within 20s. System-view system view: return to user view with ctrl+z [sw5500]igmp-snooping max-response-time 20 igmp-snooping router-aging-time syntax igmp-snooping router-aging-time seconds undo igmp-s...
Page 242
242 c hapter 7: u sing m ulticast p rotocol c ommands related command: igmp-snooping . Example clear igmp snooping statistics information. Reset igmp-snooping statistics multicast common configuration commands this section describes how to use the multicast common configuration commands on your swit...
Page 243
Multicast common configuration commands 243 use the undo debugging multicast kernel-routing to disable the debugging functions. Example enable multicast kernel routing debugging functions. Debugging multicast kernel-routing debugging multicast status-forwarding syntax debugging multicast status-forw...
Page 244
244 c hapter 7: u sing m ulticast p rotocol c ommands related command: display multicast routing-table . Example view the multicast forwarding table information. Display multicast forwarding-table multicast forwarding cache table total 2 entries 00001. (4.4.4.4, 224.2.254.84), iif vlan-interface1, 0...
Page 245
Multicast common configuration commands 245 register: register interface of pim-sm. Description use the display multicast routing-table to view the information of ip multicast routing table. This command displays the multicast routing table information, while the display multicast forwarding-table c...
Page 246
246 c hapter 7: u sing m ulticast p rotocol c ommands mtracert syntax mtracert { source-address } [ last-hop-address ] [ group-address ] view any view parameter source-address : address of the multicast source. L ast-hop-address : unicast address, which is the starting address of path tracing. This ...
Page 247
Multicast common configuration commands 247 output packet count on outgoing interface: 0 total number of packets for this source-group pair: 0 protocol: pim forwarding ttl: 0 forwarding code: no error multicast route-limit syntax multicast route-limit limit undo multicast route-limit view system vie...
Page 248
248 c hapter 7: u sing m ulticast p rotocol c ommands use the undo multicast routing-enable to disable ip multicast routing. By default, ip multicast routing is disabled. The system will not forward any multicast packet when ip multicast routing is disabled. Related commands: igmp enable, pim dm , p...
Page 249
Multicast common configuration commands 249 related commands: reset pim routing-table , reset multicast routing-table and display multicast forwarding-table . Example clear the forwarding entry with address of 225.5.4.3 from the mfc forwarding table. Reset multicast forwarding-table 225.5.4.3 clear ...
Page 250
250 c hapter 7: u sing m ulticast p rotocol c ommands example clear the route entry with address of 225.5.4.3 from the core multicast routing table. Reset multicast routing-table 225.5.4.3 clear statistic information of the forward entry with address of 225.5.4.3 from the mfc forwarding table. Reset...
Page 251
Igmp configuration commands 251 parameter group-address : address of the multicast group. Interface-type interface-number : interface type and interface number of the router, used to specify the specific interface. Description use the display igmp group command to view the member information of the ...
Page 252
252 c hapter 7: u sing m ulticast p rotocol c ommands example view the igmp configuration and running information of all interfaces. Display igmp interface vlan-interface1 (10.153.17.99): igmp is enabled current igmp version is 2 value of query interval for igmp(in seconds): 60 value of other querie...
Page 253
Igmp configuration commands 253 undo igmp group-limit view vlan interface view parameter number : number of multicast groups, in the range of 0 to 1024. Description use the igmp group-limit command to limit multicast groups on an interface. Use the undo igmp group-limit command to restore the defaul...
Page 254
254 c hapter 7: u sing m ulticast p rotocol c ommands description use the igmp group-policy command to set the filter of multicast groups on an interface to control the accessing to the ip multicast groups. Use the undo igmp group-policy command to remove the filter configured. By default, no filter...
Page 255
Igmp configuration commands 255 example configure that only the hosts contained in the access-list 2000 connected to the port gigabitethernet1/0/1 in vlan-interface10 can be added to the multicast group, which is configured to use igmp version 2. System-view system view: return to user view with ctr...
Page 256
256 c hapter 7: u sing m ulticast p rotocol c ommands parameter group-address : multicast address of the multicast group that an interface will join. Port: specifies the port in the vlan interface. Description use the igmp host-join port command to enable a port in the vlan interface of an ethernet ...
Page 257
Igmp configuration commands 257 for the related command, see igmp host-join port , igmp host-join , igmp group-policy . Example add port gigabitethernet 1/0/1 in vlan-interface10 to the multicast group at 225.0.0.1. System-view system view: return to user view with ctrl+z. [sw5500]interface vlan-int...
Page 258
258 c hapter 7: u sing m ulticast p rotocol c ommands report messages are received from any hosts within the defined period, the igmp querier considers it a timeout and stops membership maintenance for the group. This command only takes effect on an igmp querier running igmp v2. For a querier runnin...
Page 259
Igmp configuration commands 259 view vlan interface view parameter robust-value : igmp robust value, number of sending the igmp group query message after the igmp query router receives the igmp leave message from the host. It is in the range of 2 to 5. The default is 2. Description use igmp robust-c...
Page 260
260 c hapter 7: u sing m ulticast p rotocol c ommands view vlan interface view parameter seconds : igmp querier present timer value in second ranging from 1 to 131070. By default, the value is twice the value of igmp query message interval, i.E., 120 seconds. Description use the igmp timer other-que...
Page 261
Igmp configuration commands 261 a multicast router periodically sends out igmp query messages to attached segments to find hosts that belong to different multicast groups. The query interval can be modified according to the practical conditions of the network. Related command: igmp timer other-queri...
Page 262
262 c hapter 7: u sing m ulticast p rotocol c ommands parameter all: all igmp groups. Interface interface-type interface-number: interface type and interface number. Group-address: igmp group address. Group-mask: mask of igmp group address. Description use the reset igmp group command to delete an e...
Page 263
Pim configuration commands 263 use the undo bsr-policy command to restore the default setting so that no range limit is set and all received messages are taken as legal. In a pim sm network using the bsr (bootstrap router) mechanism, every router can set itself as a c-bsr (candidate bsr) and have th...
Page 264
264 c hapter 7: u sing m ulticast p rotocol c ommands parameter interface-type interface-number : interface type and interface number of a router. The candidate bsr is configured on the interface. Pim-sm must be enabled on the interface first. Hash-mask-len: length of the mask. The value ranges from...
Page 265
Pim configuration commands 265 use the undo c-rp to remove the configuration. By default, no candidate rp is configured. Related command: c-bsr . Example configure the ethernet switch to advertise the bsr that it is the c-rp in the pim domain. The standard access list 2000 defines the groups related...
Page 266
266 c hapter 7: u sing m ulticast p rotocol c ommands the source address and their server group addresses are subset of those in acl, can the be considered as matched. Related commands: acl and rule example configure c-rp filtering policy on the c-bsr routers, allowing only 1.1.1.1/32 as c-rp and to...
Page 268
268 c hapter 7: u sing m ulticast p rotocol c ommands mrt: debugging information of pim-sm multicast routing table. Timer: debugging information of pim-sm timer. Warning: debugging information of pim-sm warning message. Recv: debugging information of pim-sm receiving packets. Send: debugging informa...
Page 269
Pim configuration commands 269 table 46 output description of the display pim bsr command display pim interface syntax display pim interface [ interface-type interface-number ] view all views parameter interface-type: specifies the interface type. Interface-number: specifies interface number. Descri...
Page 270
270 c hapter 7: u sing m ulticast p rotocol c ommands view all views parameter interface-type interface-number : interface type and interface number, used to specify the interface. Description use the display pim neighbor to view the pim neighbor information. Example display pim neighbor neighbor ad...
Page 271
Pim configuration commands 271 example view the contents of the pim multicast routing table on the router. Display pim routing-table pimsm routing table total 0 (*,*,rp), 0 (*,g), 2 (s,g) (192.168.1.2, 224.2.178.130), protocol 0x20: pimsm, flag 0x4: spt uptime: 23:59, timeout after 196 seconds upstr...
Page 272
272 c hapter 7: u sing m ulticast p rotocol c ommands pim syntax pim undo pim view system view parameter none description use the pim to enter the pim view. Use the undo pim to clear the configurations in pim view. The global parameters of pim can only be configured in pim view. Example enable multi...
Page 273
Pim configuration commands 273 related command: c-bsr . Example configure domain border on vlan-interface10. System-view system view: return to user view with ctrl+z [sw5500]interface vlan-interface-10 [sw5500-vlan-interface10]pim bsr-boundary pim dm syntax pim dm undo pim dm view interface view par...
Page 274
274 c hapter 7: u sing m ulticast p rotocol c ommands description use the pim neighbor-limit command to limit the pim neighbors on an interface. No neighbor can be added when the limit is reached. Use the undo pim neighbor-limit command to restore the default setting. By default, the pim neighbors o...
Page 275
Pim configuration commands 275 [sw5500-acl-basic-2000]rule permit source 10.10.1.2 0 [sw5500-acl-basic-2000]rule deny source 10.10.1.1 0 pim sm syntax pim sm undo pim sm view interface view parameter none description use the pim sm to enable the pim-sm protocol on an interface. Use the undo pim sm t...
Page 276
276 c hapter 7: u sing m ulticast p rotocol c ommands example configure to transmit hello packet via vlan-interface10 every 40 seconds. System-view system view: return to user view with ctrl+z [sw5500]multicast routing-enable [sw5500]interface vlan-interface-10 [sw5500-vlan-interface10]pim timer hel...
Page 277
Pim configuration commands 277 neighbor-address : specifies neighbor address. Interface interface-type interface-number : specifies interface. Description use the reset pim neighbor command to clear a pim neighbor. Related command: display pim neighbor example clear the pim neighbor 25.5.4.3. Reset ...
Page 278
278 c hapter 7: u sing m ulticast p rotocol c ommands must be 224.0.0.0, and source address has no mask), then it means only the (*, *, rp) item will be cleared. If in this command, the group-address is any a group address, and source-address is 0 (where group address can have a mask, and source add...
Page 279
Pim configuration commands 279 system view: return to user view with ctrl+z [sw5500]multicast routing-enable [sw5500]pim [sw5500-pim]source-policy 1 [sw5500-pim]quit [sw5500]acl number 1 [sw5500-acl-basic-1]rule permit source 10.10.1.2 0 [sw5500-acl-basic-1]rule deny source 10.10.1.1 0 static-rp syn...
Page 280
280 c hapter 7: u sing m ulticast p rotocol c ommands.
Page 281: Sing
8 u sing q o s/acl c ommands this chapter describes how to use the following commands: acl configuration command list ■ acl ■ display acl ■ display packet-filter ■ display time-range ■ packet-filter ■ reset acl counter ■ rule ■ time-range qos configuration commands list ■ display mirror ■ display qo...
Page 282
282 c hapter 8: u sing q o s/acl c ommands ■ traffic-statistic qos profile configuration commands ■ apply qos-profile ■ display qos-profile ■ packet-filter ■ qos-profile ■ qos-profile user-based ■ traffic-limit ■ traffic-priority logon user’s acl control command ■ acl ■ ip http acl ■ snmp-agent comm...
Page 283
Acl configuration command list 283 description use the acl command to define an acl identified by a number, and enter the corresponding acl view. Use the undo acl command to cancel all subitems of an acl identified by a number, or cancel the entire acl. By default, the acls are matched in config ord...
Page 284
284 c hapter 8: u sing q o s/acl c ommands example display the content of all the acls. Display acl all basic acl 2000, 0 rule,match-order is auto acl’s step is 1 advanced acl 3000, 1 rule acl's step is 1 rule 1 permit ip (0 times matched) display packet-filter syntax display packet-filter { interfa...
Page 285
Acl configuration command list 285 note that the system has a delay of about 1 minute when updating the acl state, while the display time-range command applies the current time. Therefore when display time-range displays that a time range is active, the acl using it may not have been activated yet. ...
Page 287
Acl configuration command list 287 view corresponding acl view parameter rule-id : specifies the subitems of an acl, ranging from 0 to 65534. Permit: permits packets that meet the requirements. Deny: denies packets that meet the requirements. Time-range name : name of a time range, during which a ru...
Page 288
288 c hapter 8: u sing q o s/acl c ommands icmp-type type code : appears when protocol is icmp. Type code specifies an icmp packet. Type represents the type of icmp packet, notated by a character or a number which ranges from 0 to 255; code represents icmp code, which appears when the protocol is “i...
Page 289
Acl configuration command list 289 system-view system view: return to user view with ctrl+z [sw5500]acl number 3000 [sw5500-acl-adv-3000]rule 1 permit tcp established source 1.1.1.1 0 destination 2.2.2.2 0 [sw5500-acl-adv-3000] add a subrule to a basic acl: system-view system view: return to user vi...
Page 290
290 c hapter 8: u sing q o s/acl c ommands to end-time end-date :: the end date of a special time-range, together with start-time start-date means this special time-range is effective during a certain period, notated as hh:mm mm/dd/yyyy. If the above two parameters are not configured, it means there...
Page 294
294 c hapter 8: u sing q o s/acl c ommands this command is used for displaying the traffic priority settings. The information displayed includes the acl corresponding to the traffic tagged with priority, priority type and value. Related command: traffic-priority . Example display the traffic priorit...
Page 296
296 c hapter 8: u sing q o s/acl c ommands line-rate syntax line-rate outbound target-rate undo line-rate outbound view ethernet port view parameter target-rate : the total limited rate of packets sent by interfaces. Unit in kbps. The number inputted must be a multiple of 64. For 1000 mbps port, the...
Page 298
298 c hapter 8: u sing q o s/acl c ommands the fabric. You need to configure the monitor port before configuring the monitored port. Related command: display mirror . Example to configure gigabitethernet1/0/1 as a monitored port, and monitor packets in both directions, enter the following: system-vi...
Page 299
Qos configuration commands list 299 parameter priority-level : specifies the priority level of the port, ranging from 0 to 7. Description use the priority command to configure the priority of ethernet port. Use the undo priority command to restore the default port priority. By default, the priority ...
Page 300
300 c hapter 8: u sing q o s/acl c ommands [sw5500-gigabitethernet1/0/1]priority trust [sw5500-gigabitethernet1/0/1] queue-scheduler syntax queue-scheduler { wrr queue1-weight queue2-weight queue3-weight queue4-weight queue5-weight queue6-weight queue7-weight queue8-weight undo queue-scheduler view ...
Page 301
Qos configuration commands list 301 parameters inbound : specify the traffic received by the ethernet port. Ip-group acl-number : activates ip acls, including basic and advanced acls. Acl-number : sequence number of acl, ranging from 2000 to 3999. Link-group acl-number : activates layer 2 acls. Acl-...
Page 302
302 c hapter 8: u sing q o s/acl c ommands parameter inbound : performs traffic limitation to the packets received by the interface. Ip-group acl-number : activates ip acls, including basic and advanced acls. Acl-number : sequence number of acl, ranging from 2000 to 3999. Link-group acl-number : act...
Page 306
306 c hapter 8: u sing q o s/acl c ommands qos profile configuration commands this section describes how to use the quality of service (qos) profile configuration commands on your switch. Apply qos-profile syntax apply qos-profile profile-name undo apply qos-profile profile-name view ethernet port v...
Page 307
Qos profile configuration commands 307 description use the display qos-profile command to view qos profile configuration information. Example to display qos profile configuration information, enter the following: display qos-profile all qos-profile: qos-profile student, 3 actions packet-filter inbou...
Page 308
308 c hapter 8: u sing q o s/acl c ommands qos-profile syntax qos-profile profile-name undo qos-profile profile-name view system view parameter profile-name : qos profile name, a string of one to 32 characters, starting with letters [a-z, a-z] and excluding all, interface, and user which are reserve...
Page 309
Qos profile configuration commands 309 after you configure the qos profiles and the user pass the authentication, the switch will deliver the right profile dynamically to the port from which the user is accessed. The qos profile can be delivered to the port in these different modes: ■ user-based mod...
Page 310
310 c hapter 8: u sing q o s/acl c ommands ■ drop: drops packets. ■ remark-dscp value : sets a new dscp value. Description use the traffic-limit command to add traffic policing action in the qos profile, with the granularity of 64 kbps. Use the undo traffic-limit command to remove traffic policing a...
Page 312
312 c hapter 8: u sing q o s/acl c ommands description using the acl command, you can reference acl and implement the acl control to the telnet users. Using the undo acl command, you can remove the control from the telnet users. Example perform acl control to the users who access the local switch us...
Page 313
Logon user’s acl control command 313 parameter read : indicates that this community name has the read-only right within the specified view. Write : indicates that this community name has the read-write right within the specified view. Community-name : character string of the community name. Mib-view...
Page 314
314 c hapter 8: u sing q o s/acl c ommands v2c: v2c security mode. V3: v3 security mode. Groupname : group name, ranging from 1 to 32 bytes. Authentication: if this parameter is added to configuration command, the system will authenticate but not encrypt snmp data packets. Privacy: authenticates and...
Page 315
Logon user’s acl control command 315 parameter v1 : v 1 security mode. V2c : v 2 security mode. V3 : v 3 security mode. User-name : the user name, ranging from 1 to 32 bytes. Group-name : the corresponding group name of the user, ranging from 1 to 32 bytes. Authentication-mode : specifies the securi...
Page 316
316 c hapter 8: u sing q o s/acl c ommands [sw5500] snmp-agent usm-user v3 john mygroup authentication-mode md5 hello acl 2002.
Page 317: Sing
10 u sing rstp c ommands this chapter describes how to use the following commands: rstp configuration commands ■ display stp ■ display stp ignored-vlan ■ display stp tc ■ reset stp ■ stp ■ stp bpdu-protection ■ stp cost ■ stp edged-port ■ stp loop-protection ■ stp ignored vlan ■ stp mcheck ■ stp mod...
Page 318
322 c hapter 10: u sing rstp c ommands rstp configuration commands this section describes how to use the rapid spanning tree protocol (rstp) configuration commands on your switch. Display stp syntax display stp [ interface interface_list ] display stp brief view any view parameter interface interfac...
Page 319
Rstp configuration commands 323 maximum transmission limit is 3 packets / hello time times: hello time 2 sec, max age 20 sec forward delay 15 sec, message age 0 bpdu sent: 0 tcn: 0, rst: 0, config bpdu: 0 bpdu received: 0 tcn: 0, rst: 0, config bpdu: 0 to display a brief stp summary for the switch, ...
Page 320
324 c hapter 10: u sing rstp c ommands display stp ignored-vlan syntax display stp ignored-vlan view any view parameter none description use the display stp ignored-vlan command to view the list of stp-ignored vlans. After a stp-ignored vlan is configured, the packets of this vlan will be forwarded ...
Page 322
326 c hapter 10: u sing rstp c ommands for the device and ports. This command enables/disables rstp on a device in system view and enables/disables rstp on a port in ethernet port view. Related command: stp mode . Example to enable rstp on a switch, enter the following: system-view system view: retu...
Page 323
Rstp configuration commands 327 [sw5500]stp bpdu-protection stp cost syntax stp cost cost undo stp cost view ethernet port view parameter cost : specifies the path cost, ranging from 1 to 2000000. Description use the stp cost command to configure the path cost on a spanning tree for the current ethe...
Page 324
328 c hapter 10: u sing rstp c ommands parameter enable: sets the current ethernet port as an edge port. Disable: sets the current ethernet port as a non-edge port. Description use the stp edged-port enable command to configure the current port as an edge port. Use the stp edged-port disable command...
Page 325
Rstp configuration commands 329 example to enable loop protection function in gigabitethernet1/0/1, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]interface gigabitethernet1/0/1 [sw5500-gigabitethernet1/0/1]stp loop-protection stp ignored vlan syntax stp ignor...
Page 326
330 c hapter 10: u sing rstp c ommands parameter none description if the network is unstable, even when the bridge running stp on the segment is removed, the corresponding port will still work in the stp compatible mode. Use the stp mcheck command to force the port to work in rstp mode. If there is ...
Page 327
Rstp configuration commands 331 this command can be used for specifying the current ethernet switch to run the spanning tree in rstp mode or in stp compatible mode. Related commands: stp , stp mcheck . Example to set spanning tree to work in stp compatible mode, enter the following: system-view syst...
Page 328
332 c hapter 10: u sing rstp c ommands view ethernet port view parameter force-true: indicates that the link to the current ethernet port is a point-to-point link. Force-false: indicates that the link to the current ethernet port is not a point-to-point link. Auto: specifies to automatically check i...
Page 329
Rstp configuration commands 333 example to set the priority of gigabitethernet1/0/1 to 64, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]interface gigabitethernet1/0/1 [sw5500-gigabitethernet1/0/1]stp port priority 64 stp priority syntax stp priority bridge-p...
Page 330
334 c hapter 10: u sing rstp c ommands description use the stp root primary command to configure the current switch as the primary root of a spanning tree. Use the undo stp root command to cancel the current switch for primary root of a spanning tree. By default, the switch is not a primary root. Yo...
Page 331
Rstp configuration commands 335 you can configure no more than one primary root for a spanning tree but you can configure one or more secondary roots for it. You cannot change the bridge priority of a switch if you configure it as a secondary root of a spanning tree. Example to designate the switch ...
Page 332
336 c hapter 10: u sing rstp c ommands stp timeout-factor syntax stp timeout-factor number undo stp timeout-factor view system view parameter number : specifies the multiple of hello time, ranging from 3 to 7. Description use the stp timeout-factor command to configure the multiple of hello time for...
Page 333
Rstp configuration commands 337 use the undo stp timer forward-delay command to restore the default forward delay time. The value of forward delay is related to the “diameter” of the switching network. The more extensive the switching network is, the longer the forward delay should be set. You can u...
Page 334
338 c hapter 10: u sing rstp c ommands undo stp timer max-age view system view parameter centiseconds : specifies the maximum age in centiseconds, ranging from 600 to 4000. By default, the value is 2000 centiseconds. Description use the stp timer max-age command to configure the max age of the switc...
Page 335
Rstp configuration commands 339 example to set the packetnum parameter of gigabitethernet1/0/1 to 5, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]interface gigabitethernet1/0/1 [sw5500-gigabitethernet1/0/1]stp transmit-limit 5.
Page 336
340 c hapter 10: u sing rstp c ommands.
Page 337: Sing
9 u sing f abric c ommands this chapter describes how to use the following commands: fabric configuration commands ■ display xrn-fabric ■ change self-unit ■ change unit-id ■ set unit name ■ sysname fabric commands this section describes how to use the fabric configuration commands on your switch 550...
Page 338
318 c hapter 9: u sing f abric c ommands view system view parameter self-unit: current unit auto-numbering: change the unit id automatically. Description use the change unit command to change the unit id of the current switch. By default, the unit id of a switch is set to 1. A unit id can be set to ...
Page 339
Fabric commands 319 uid cpu-mac prio fabric-port chips mid pid a/m 1 00e0-fc00-5502 10 up/down 2 0/1 3 a 2 00e0-fc03-5502 10 up/down 2 2/3 3 a 3 00e0-fc04-5502 10 up/down 2 4/5 3 a 6 00e0-fc05-5502 10 up/down 2 10/11 3 a 5 00e0-fc06-5502 10 up/down 2 8/9 3 a 4 00e0-fc07-5502 5 up/down 2 6/7 3 m 7 00...
Page 340
320 c hapter 9: u sing f abric c ommands use the undo sysname command to restore the default fabric name. Example change the fabric name of the device to "building1". Display xrn-fabric fabric name(hostname): sw5500, fabric authentication: md5 fabric mode : l3, fabric unit number: 2 unit name unit i...
Page 341: Sing
11 u sing aaa and radius c ommands this chapter describes how to use the following commands: 802.1x configuration commands ■ display dot1x ■ dot1x ■ dot1x authentication-method ■ dot1x dhcp-launch ■ dot1x max-user ■ dot1x port-control ■ dot1x port-method ■ dot1x quiet-period ■ dot1x retry ■ dot1x su...
Page 342
342 c hapter 11: u sing aaa and radius c ommands ■ local-user ■ messenger ■ password ■ radius-scheme ■ scheme ■ self-service-url ■ service-type ■ state radius protocol configuration commands ■ accounting optional ■ data-flow-format ■ display local-server statistics ■ display radius ■ display radius ...
Page 344
344 c hapter 11: u sing aaa and radius c ommands configuration: transmit period 30 s, handshake period 15 s quiet period 60 s, quiet period timer is disabled supp timeout 30 s, server timeout 100 s the maximum retransmitting time 2 total maximum 802.1x user resource number is 1024 total current used...
Page 345
802.1x configuration commands 345 enabled globally, if the parameters are not configured globally or for a specified port, they will maintain the default values. After the global 802.1x performance is enabled, only when port 802.1x performance is enabled will the configuration of 802.1x become effec...
Page 346
346 c hapter 11: u sing aaa and radius c ommands not necessary to transfer the eap packet to a standard radius packet first and then send it to radius server. To use pap, chap or eap authentication, radius server should support pap, chap or eap authentication respectively. Related command: display d...
Page 347
802.1x configuration commands 347 parameter user-number : specifies the limit to the amount of supplicants on the port, ranging from 1 to 1024. By default, the maximum user number is 1024. Interface interface-list : ethernet interface list including several ethernet interfaces, expressed in the form...
Page 348
348 c hapter 11: u sing aaa and radius c ommands authorized-force: forced authorized mode, configuring the interface to always stay in authorized state and the user is allowed to access the network resources without authentication/authorization. Unauthorized-force: forced unauthorized mode, configur...
Page 349
802.1x configuration commands 349 parameter macbased: configures the 802.1x authentication system to perform authentication on the supplicant based on mac address. Portbased: configures the 802.1x authentication system to perform authentication on the supplicant based on interface number. Interface ...
Page 350
350 c hapter 11: u sing aaa and radius c ommands view system view parameter none description use the dot1x quiet-period command to enable the quiet-period timer. Use the undo dot1x quiet-period command to disable this timer. If an 802.1x user has not been authenticated, the authenticator will keep q...
Page 351
802.1x configuration commands 351 the authentication request frame only once. 2 indicates that the switch is configured to transmit authentication request frame once again when no response is received for the first time and so on. This command has an effect on all the ports after configuration. Rela...
Page 352
352 c hapter 11: u sing aaa and radius c ommands only if you enable this feature on a specific port can this configuration take effect on the port. Related command: display dot1x . Example to configure the switch to cut the network connection to a user upon detecting the use of proxy on gigabitether...
Page 353
802.1x configuration commands 353 quiet-period-value : specify how long the quiet period is. The value ranges from 10 to 120 in units of second and defaults to 60. Server-timeout: specify the timeout timer of an authentication server. If an authentication server has not responded before the specifie...
Page 354
354 c hapter 11: u sing aaa and radius c ommands view user view parameter interface interface-list : ethernet port list including several ethernet ports. Interface-list = { interface-num [ to interface-num ] } & . Interface-num specifies a single ethernet port in the format port-num = { interface-ty...
Page 355
Centralized mac address authentication configuration commands 355 description use the debugging mac-authentication event command to enable centralized mac address authentication event debugging. Use the undo debugging mac-authentication event command to disable event debugging. Example to enable cen...
Page 356
356 c hapter 11: u sing aaa and radius c ommands mac-authentication syntax mac-authentication[ interface interface-list ] undo mac-authentication[ interface interface-list ] view ethernet port view parameter interface interface-list: ethernet interface list including several ethernet interfaces, exp...
Page 357
Centralized mac address authentication configuration commands 357 description use the mac-authentication command to enable the centralized mac address authentication feature on a specified port or globally. Use the undo mac-authentication command to disable the feature on a specified port or globall...
Page 358
358 c hapter 11: u sing aaa and radius c ommands by default, the domain used by centralized mac address authentication user is null, that is, not configured. Example to configure the domain used by the mac address to cams, enter the following: system-view system view: return to user view with ctrl+z...
Page 360
360 c hapter 11: u sing aaa and radius c ommands access-limit max-user-number : specifies the maximum number of users who access the device using the current user name. The argument max-user-number is in the range of 1 to 1024. Ip: specifies the ip address of a user. Mac mac-address : specifies the ...
Page 363
Aaa configuration commands 363 display domain syntax display domain [ isp-name ] view all views parameter isp-name: specifies the isp domain name, with a character string not exceeding 24 characters. The specified isp domain shall have been created. Description use the display domain command to view...
Page 364
364 c hapter 11: u sing aaa and radius c ommands idle-cut: configures to display the local users according to the state of idle-cut function. Disable means that the user disables the idle-cut function and enable means the user enables the function. This parameter only takes effect on the users confi...
Page 365
Aaa configuration commands 365 view system view parameter isp-name : specifies an isp domain name. The name is expressed with a character string not exceeding 24 characters, excluding “/”, “: ”, “*”, “? ”, “”. Default enable isp-name : enables the default isp domain specified by isp-name . Default d...
Page 367
Aaa configuration commands 367 view local user view parameter level : specifies user priority level, an integer ranging from 0 to 3. Description use the level command to configure user priority level. Use the undo level command to restore the default user priority level. By default, the user priorit...
Page 368
368 c hapter 11: u sing aaa and radius c ommands ssh: the specified user type is ssh. Terminal: the specified user type is terminal which refers to users who use the terminal service (login from the console port). All: all the users. Description use the local-user command to configure a local user a...
Page 369
Aaa configuration commands 369 ■ if the threshold is reached, the switch sends messages containing the user's remaining online time to the client at the interval you configured. ■ the client keeps the user informed of the remaining online time through a message alert dialog box. Example to configure...
Page 370
370 c hapter 11: u sing aaa and radius c ommands parameter radius-scheme-name : specifies a radius scheme, with a character string not exceeding 32 characters. Description use the radius-scheme command to configure the radius scheme used by the current isp domain. This command is used to specify the...
Page 371
Aaa configuration commands 371 you can use either the scheme or radius-scheme command to specify the radius scheme for an isp domain. If both of these two commands are used, the latest configuration will take effect. Related command: radius scheme . Example to specify the current isp domain, 3com163...
Page 373
Aaa configuration commands 373 you can use either level or service-type commands to specify the level for a local user. If both of these commands are used, the latest configuration takes effect. Example to set to provide the lan-access service for the user johnq, enter the following: system-view sys...
Page 374
374 c hapter 11: u sing aaa and radius c ommands [sw5500]domain marlboro.Net [sw5500-isp-marlboro.Net]state block [sw5500-isp-marlboro.Net]quit to set the user 3com1 to be in the block state, enter the following: [sw5500-user-3com1]state block radius protocol configuration commands this section desc...
Page 375
Radius protocol configuration commands 375 undo data-flow format view radius scheme view parameter data: set data unit. Byte: set 'byte' as the unit of data flow. Giga-byte: set 'giga-byte' as the unit of data flow. Kilo-byte: set 'kilo-byte' as the unit of data flow. Mega-byte: set 'mega-byte' as t...
Page 376
376 c hapter 11: u sing aaa and radius c ommands parameter none description use the display local-server statistics command to view the statistics of local radius authentication server. Related command: local-server . Example to display the statistics of local radius authentication server, enter the...
Page 377
Radius protocol configuration commands 377 schemename = default system index=0 type=3com primary auth ip =127.0.0.1 port=1645 primary acct ip =127.0.0.1 port=1646 second auth ip =0.0.0.0 port=1812 second acct ip =0.0.0.0 port=1813 auth server encryption key= 3com acct server encryption key= 3com acc...
Page 378
378 c hapter 11: u sing aaa and radius c ommands code= 5,num=0 ,err=0 code=11,num=0 ,err=0 code=22,num=0 ,err=0 running statistic: radius received messages statistic: normal auth request ,num=0 ,err=0 ,succ=0 eap auth request ,num=0 ,err=0 ,succ=0 account request ,num=0 ,err=0 ,succ=0 account off re...
Page 379
Radius protocol configuration commands 379 server, or display the packets according to user session id or username. You may also display the request packets saved during a specified time range. The displayed packet information can help with diagnosis and troubleshooting. Related commands: reset stop...
Page 380
380 c hapter 11: u sing aaa and radius c ommands to set the authentication/authorization key of the radius scheme to “hello”, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]radius scheme 3com [sw5500-radius-3com]key authentication hello example 2: to set the a...
Page 381
Radius protocol configuration commands 381 example to set the ip address of local radius authentication server to 10.110.1.2 and the password to 3com, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]local-server nas-ip 10.110.1.2 key 3com nas-ip syntax nas-ip i...
Page 382
382 c hapter 11: u sing aaa and radius c ommands parameter ip-address : ip address, in dotted decimal format. Port-number : specifies udp port number. Ranging from 1 to 65535. . Description use the primary accounting command to configure the ip address and port number for the primary accounting serv...
Page 383
Radius protocol configuration commands 383 description use the primary authentication command to configure the ip address and port number for the primary radius authentication/authorization. Use the undo primary authentication command to restore the default ip address and port number of the primary ...
Page 384
384 c hapter 11: u sing aaa and radius c ommands example to configure the switch to send radius packets from 129.10.10.1, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]radius nas-ip 129.10.10.1 radius scheme syntax radius scheme radius-scheme-name undo radius...
Page 385
Radius protocol configuration commands 385 [sw5500]radius scheme 3com new radius scheme [sw5500-radius-3com] reset radius statistics syntax reset radius statistics view user view parameter none description use the reset radius statistics command to clear the statistic information related to the radi...
Page 386
386 c hapter 11: u sing aaa and radius c ommands and “>”. The @ character can only be used once in one username. The pure username (the part before @, namely the user id) cannot exceed 24 characters. Description use the reset stop-accounting-buffer command to reset the stopping accounting requests, ...
Page 387
Radius protocol configuration commands 387 radius server has been disconnected and it will transmit request packet to other radius servers. Setting a suitable retry-time according to the network situation can speed up the system response. Related command: radius scheme example to set to retransmit t...
Page 388
388 c hapter 11: u sing aaa and radius c ommands example to allow the real-time accounting request failing to be responded for up to 10 times, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]radius scheme 3com [sw5500-radius-3com]retry realtime-accounting 10 re...
Page 389
Radius protocol configuration commands 389 parameter ip-address : ip address, in dotted decimal format. By default, the ip addresses of second accounting server is at 0.0.0.0. Port-number : specifies the udp port number, ranging from 1 to 65535. By default, the accounting service is provided via udp...
Page 390
390 c hapter 11: u sing aaa and radius c ommands example to set the ip address of the second authentication/authorization server of radius scheme, “3com”, to 10.110.1.2 and the udp port 1812 to provide radius authentication/authorization service, enter the following: system-view system view: return ...
Page 392
392 c hapter 11: u sing aaa and radius c ommands stop-accounting-buffer enable syntax stop-accounting-buffer enable undo stop-accounting-buffer enable view radius scheme view parameter none description use the stop-accounting-buffer enable command to configure to save the stopping accounting request...
Page 393
Radius protocol configuration commands 393 description use the timer command to configure radius server response timer. Use the undo timer command to restore the default value of the timer. After a radius (authentication/authorization or accounting) request packet has been transmitted for a period o...
Page 394
394 c hapter 11: u sing aaa and radius c ommands related commands: retry realtime-accounting , radius scheme . Example to set the real-time accounting interval of radius scheme, “3com”, to 15 minutes, enter the following: system-view system view: return to user view with ctrl+z. [sw5500]radius schem...
Page 396
396 c hapter 11: u sing aaa and radius c ommands.
Page 397: Sing
12 u sing s ystem m anagement c ommands this chapter describes how to use the following commands: file system management commands ■ cd ■ copy ■ delete ■ dir ■ execute ■ file prompt ■ format ■ mkdir ■ more ■ move ■ pwd ■ rename ■ reset recycle-bin ■ rmdir ■ undelete configuration file management comm...
Page 398
398 c hapter 12: u sing s ystem m anagement c ommands ■ local-user ■ password ■ service-type ftp client commands ■ ascii ■ binary ■ bye ■ cd ■ cdup ■ close ■ delete ■ dir ■ disconnect ■ ftp ■ get ■ lcd ■ ls ■ mkdir ■ passive ■ put ■ pwd ■ quit ■ remotehelp ■ rmdir ■ user ■ verbose tftp configuration...
Page 399
399 ■ boot bootrom ■ display boot-loader ■ display cpu ■ display device ■ display fan ■ display memory ■ display power ■ display schedule reboot ■ reboot ■ schedule reboot at ■ schedule reboot delay basic system configuration and management commands ■ clock datetime ■ clock summer-time ■ clock timez...
Page 400
400 c hapter 12: u sing s ystem m anagement c ommands log commands ■ display channel ■ display info-center ■ display logbuffer ■ display logbuffer summary ■ display trapbuffer ■ info-center channel name ■ info-center console channel ■ info-center enable ■ info-center logbuffer ■ info-center loghost ...
Page 401
401 ■ snmp-agent packet max-size ■ snmp-agent sys-info ■ snmp-agent target-host ■ snmp-agent trap enable ■ snmp-agent trap life ■ snmp-agent trap queue-size ■ snmp-agent trap source ■ snmp-agent usm-user ■ undo snmp-agent rmon configuration commands ■ display rmon alarm ■ display rmon event ■ displa...
Page 402
402 c hapter 12: u sing s ystem m anagement c ommands ■ ntp-service unicast-peer ■ ntp-service unicast-server ssh configuration commands ■ debugging ssh server ■ display rsa local-key-pair public ■ display rsa peer-public-key ■ display ssh server ■ display ssh user-information ■ peer-public-key end ...
Page 403
File system management commands 403 example change the current working directory of the switch to flash. Cd flash: pwd unit1>flash: copy syntax copy file-source file-dest view user view parameter file-source: source file name. File-dest: destination file name. Description use the copy command to cop...
Page 404
404 c hapter 12: u sing s ystem m anagement c ommands parameter /unreserved : the file will be deleted permanently if the user chooses this parameter. File-path: path and name of the file you want to delete. Description use the delete command to delete a specified file from the storage device of the...
Page 405
File system management commands 405 display information for directory flash:/test/ dir flash:/test/ directory of unit1>flash:/test/ 1 -rw- 248 aug 29 2000 17:49:36 test.Txt 20578304 bytes total (3104544 bytes free) display all of the files with names starting with "t" in directory flash:/test/ dir f...
Page 407
File system management commands 407 view user view parameter directory : directory name. Description use the mkdir command to create a directory in the specified directory on the storage device. The directory to be created cannot have the same name as that of any other directory or file in the speci...
Page 408
408 c hapter 12: u sing s ystem m anagement c ommands parameter filepath-source : source file name. Filepath-dest : destination file name. Description use the move command to move files. When the destination filename is the same as that of an existing file, the system will ask whether to overwrite t...
Page 409
File system management commands 409 description use the pwd command to display the current path. Error may occur without setting the current path. Example display the current path. Pwd unit1>flash: rename syntax rename filepath-source filepath-dest view user view parameter filepath - source : source...
Page 410
410 c hapter 12: u sing s ystem m anagement c ommands view user view parameter file-path : name of the file to be deleted. /force : delete files from the recycle bin without prompt. Description use the reset recycle-bin command to permanently delete files from the recycle bin. The delete command onl...
Page 411
Configuration file management commands 411 description use the undelete command to recover the deleted file. The file name to be recovered cannot be the same as an existing directory name. If the destination file name is the same as an existing file name, a prompt will be displayed asking whether to...
Page 412
412 c hapter 12: u sing s ystem m anagement c ommands configuration configuration : view specific parts of the current configuration. The value of configuration is the key word of the configuration, such as: acl-adv: view the configuration information of advanced acl. Ospf: view the configuration in...
Page 413
Configuration file management commands 413 to view the pre-positive and post-positive configuration information, enter the following: display current-configuration configuration display saved-configuration syntax display saved-configuration [ unit unit-id ] view all views parameter unit unit-id : sp...
Page 414
414 c hapter 12: u sing s ystem m anagement c ommands configurations of the protocol views are displayed when executing this command in protocol sub-views. For the related command, see save, reset, saved-configuration, display current-configuration, display saved-configuration . Example display the ...
Page 415
Configuration file management commands 415 parameter none description use the reset saved-configuration command to erase configuration files from the flash memory of the switch. Consult with technical support personnel before executing this command. Generally, this command is used in the following s...
Page 416
416 c hapter 12: u sing s ystem m anagement c ommands if you do not enter the file-name parameter in this command, for the switches that have specified the configuration file for booting, the current configurations will be stored to the specified configuration file; and for the switches that have no...
Page 417
Ftp server configuration commands 417 display ftp-server syntax display ftp-server view all views parameter none description use the display ftp-server command to display the parameters of the current ftp server. You can perform this command to verify the configuration after setting ftp parameters. ...
Page 418
418 c hapter 12: u sing s ystem m anagement c ommands parameter enable: start ftp server. Description ■ use the ftp server command to start ftp server and enable ftp user logon. ■ use the undo ftp server command to close ftp server and disable ftp user logon. By default, ftp server is shut down. Per...
Page 420
420 c hapter 12: u sing s ystem m anagement c ommands parameters simple: specifies that passwords are displayed in simple text. Cipher: specifies that passwords are displayed in cipher text. Password: enter a password, up to 16 characters in length for simple text, and up to 24 characters in length ...
Page 421
Ftp client commands 421 ftp: specifies the user’s service type as ftp. Ftp-directory directory : enter an ftp directory, up to 64 characters in length. Optional. Lan-access: specifies user type to lan-access, which mainly refers to ethernet accessing users, 802.1x supplicants for example. Terminal :...
Page 422
422 c hapter 12: u sing s ystem m anagement c ommands by default, the file transmission mode is ascii mode. Perform this command if the user needs to change the file transmission mode to default mode. Example configure to transmit data in the ascii mode. [ftp]ascii 200 type set to a. Binary syntax b...
Page 423
Ftp client commands 423 view ftp client view parameter pathname : path name. Description use the cd command to change the working path on the remote ftp server. This command is used to access another directory on ftp server. Note that the user can only access the directories authorized by the ftp se...
Page 424
424 c hapter 12: u sing s ystem m anagement c ommands example terminate connection with the remote ftp server and stay in ftp client view. [ftp]close delete syntax delete remotefile view ftp client view parameter remotefile: file name. Description use the delete command to delete the specified file....
Page 425
Ftp client commands 425 parameter none description using the disconnect command, subscribers can disconnect ftp client side from ftp server side without exiting ftp client side view. This command terminates the control connection and data connection with the remote ftp server at the same time. Examp...
Page 426
426 c hapter 12: u sing s ystem m anagement c ommands example download the file temp1.C and saves it as temp.C [ftp]get temp1.C temp.C lcd syntax lcd view ftp client view parameter none description use the lcd command to display local working path of ftp client. Example show local working path. [ftp...
Page 427
Ftp client commands 427 parameter pathname : directory name. Description use the mkdir command to create a directory on the remote ftp server. User can perform this operation as long as the remote ftp server has authorized the operation. Example create the directory flash:/lanswitch on the remote ft...
Page 428
428 c hapter 12: u sing s ystem m anagement c ommands example upload the local file temp.C to the remote ftp server and saves it as temp1.C . [ftp]put temp.C temp1.C pwd syntax pwd view ftp client view parameter none description use the pwd command to display the current directory on the remote ftp ...
Page 429
Ftp client commands 429 description use the remotehelp command to display help information about the ftp protocol command. Example show the syntax of the protocol command user . [ftp]remotehelp user syntax: user rmdir syntax rmdir pathname view ftp client view parameter pathname : directory name of ...
Page 430
430 c hapter 12: u sing s ystem m anagement c ommands view ftp client view parameter none description use the verbose command to enable verbose. Use the undo verbose command to disable verbose. By default, verbose is disabled. Example enable verbose. [ftp]verbose tftp configuration commands this sec...
Page 431
Mac address table management commands 431 view user view parameter tftp-server : ip address or hostname of the tftp server. The name of the tftp server should be a string ranging from 1 to 20 characters. Source-file : specify the filename of the source file which is saved on the switch. Dest-file : ...
Page 432
432 c hapter 12: u sing s ystem m anagement c ommands for details about the interface-type , interface-num and interface-name parameters, refer to the port configuration in this manual. Count : the display information will only contain the number of mac addresses in the mac address table if the user...
Page 434
434 c hapter 12: u sing s ystem m anagement c ommands [sw5500]mac-address static 00e0-fc01-0101 interface gigabitethernet 1/0/1 vlan 2 mac-address max-mac-count syntax mac-address max-mac-count count undo mac-address max-mac-count view ethernet port view parameter count: enter a value in the range 0...
Page 435
Mac address table management commands 435 parameter aging age: specifies the aging time (measured in seconds) of the layer-2 dynamic address table entry, ranging from 10 to 1000000; by default, the aging time is 300 seconds. No-aging: no aging time. Description use the mac-address timer command to c...
Page 436
436 c hapter 12: u sing s ystem m anagement c ommands device management commands this section describes the device management commands available on your switch 5500g-ei. Boot boot-loader syntax boot boot-loader file-path view user view parameter file-path: path and name of app file. Description use ...
Page 437
Device management commands 437 parameter unit unit-id : specify the unit id of the switch. Description use the display boot-loader command to display app file used for this boot and the next boot. Example display boot-loader the app to boot of board 0 at the next time is: flash:/platform.App the app...
Page 438
438 c hapter 12: u sing s ystem m anagement c ommands parameter unit unit-id : specify the unit id of the switch. Description use the display device command to display the module type and working status information of a card, including physical card number, physical daughter card number, number of p...
Page 439
Device management commands 439 example to display the current memory status, enter the following: display memory the information displays in the following format: system total memory(bytes): 32491008 total used memory(bytes): 13181348 used rate: 40% table 55 display information display power syntax ...
Page 440
440 c hapter 12: u sing s ystem m anagement c ommands related command: reboot, schedule reboot at, schedule reboot delay, undo schedule reboot. Example display the configuration of the schedule reboot terminal service parameters of the current switch. Display schedule reboot reboot system at 16:00:0...
Page 441
Device management commands 441 if the schedule reboot at command sets specified date parameters, which represents a data in the future, the switch will be restarted in specified time, with error not more than 1 minute. If no specified date parameters are configured, two cases are involved: if the co...
Page 442
442 c hapter 12: u sing s ystem m anagement c ommands two formats can be used to set the waiting delay of timing reboot switch, namely the format of "hour: minute" and the format of "absolute minutes". But the total minutes should be no more than 30×24×60 minutes, or 30 days. After this command is c...
Page 444
444 c hapter 12: u sing s ystem m anagement c ommands offset_time : enter the offset time, that is the amount of time added, in the format hh:mm:ss. Description use the clock summer-time command to set the name, start date and time, and end date and time of summer time. Use the undo clock summer-tim...
Page 445
System status and system information display commands 445 related command: clock summer-time example to set the local time zone as zone 5, and configure the local time to be 5 hours ahead of utc, enter the following: clock timezone z5 add 05:00:00 sysname syntax sysname sysname undo sysname view sys...
Page 446
446 c hapter 12: u sing s ystem m anagement c ommands description use the display clock command to obtain information about system data and time from the terminal display.. For the related commands, see clock . Example view the current system date and clock. Display clock 15:50:45 utc mon 2001/2/12 ...
Page 449
Network connection test commands 449 example to display system information on all currently running modules, enter the following: display diagnostic-information network connection test commands this section describes the network connection test commands available on your switch 5500g-ei. End-station...
Page 450
450 c hapter 12: u sing s ystem m anagement c ommands parameter -a ip-address : specify the source ip address to transmit icmp echo-request. -c : count specify how many times the icmp echo-request packet will be transmitted, ranging from 1 to 4294967295. -d : configure the socket to be in debugging ...
Page 451
Network connection test commands 451 ■ host will be treated as ip address first. If it is not an ip address, perform domain name resolution, ■ the default padding operation starts from 0x01 and ends on 0x09 (progressively), then performs again, ■ show all the information including statistics, ■ rout...
Page 452
452 c hapter 12: u sing s ystem m anagement c ommands view all views parameter -a source-ip : configure the source ip address used by tracert command. -f : configure to verify the -f switch, first-ttl specifies an initial ttl, ranging from 0 to the maximum ttl. -m : configure to verify the -m switch...
Page 453
Hwping commands 453 example test the gateways passed by the packets to the destination host at 18.26.0.115. Tracert 18.26.0.115 tracert to allspice.Lcs.Mit.Edu (18.26.0.115), 30 hops max 1 helios.Ee.Lbl.Gov (128.3.112.1) 0 ms 0 ms 0 ms 2 lilac-dmc.Berkeley.Edu (128.32.216.1) 19 ms 19 ms 19 ms 3 lila...
Page 454
454 c hapter 12: u sing s ystem m anagement c ommands view system view parameter administrator-name: specify the name of the administrator creating an hwping test group. Operation-tag: test operation tag. Description use the hwping command to create an hwping test group. Executing this command allow...
Page 455
Hwping commands 455 view hwping test group view parameter ip-address: destination ip address in a test description use the destination-ip command to configure the destination ip address in the test. Use the undo destination-ip command to delete the configured destination ip address. By default, no d...
Page 456
456 c hapter 12: u sing s ystem m anagement c ommands parameter test-type: test type, which can be one of the following key words: ■ dhcp : dhcp test ■ ftp: ftp connection test ■ icmp-echo: icmp test, the default test type ■ snmpquery: snmp test ■ tcp-private: tests the tcp connection of a specified...
Page 457
Log commands 457 view any view parameter use the display hwping command to view test results. If a test group is specified using the arguments of administrator-name and test-operation-tag , the system displays only the test result of the group. If not, it displays the test results of all the test gr...
Page 458
458 c hapter 12: u sing s ystem m anagement c ommands display info-center syntax display info-center view all views parameter none description use the display info-center command to display the configuration of system log and the information recorded in the memory buffer. If the information in the c...
Page 459
Log commands 459 view any view parameter level : information level. Severity : information level, do not output information below this level. By default, the log information level is warnings, the trap information level is debugging, the debugging information level is debugging. Information at diffe...
Page 460
460 c hapter 12: u sing s ystem m anagement c ommands dropped messages : 0 overwritten messages : 0 current messages : 91 display logbuffer summary syntax display logbuffer summary [ level severity ] view any view parameter level: information level. Severity: information level, do not output informa...
Page 461
Log commands 461 parameter size : configure the size of buffer. Buffersize : size of buffer (number of messages which can be kept); by default, the size of the buffer is 256. Description using display trapbuffer command, you can view the attribute of trapbuffer and the information recorded in trapbu...
Page 462
462 c hapter 12: u sing s ystem m anagement c ommands description use the info-center channel name command to rename a channel specified by the channel-number as channel-name. . Using the u ndo info-center channel command , you can restore the channel name. Note that the channel name cannot be dupli...
Page 463
Log commands 463 view system view parameter none description use the info-center enable command to enable the system log function. Use the undo info-center enable command to disable system log function. By default, system log function is enabled. Only after the system log function is enabled can the...
Page 464
464 c hapter 12: u sing s ystem m anagement c ommands description use the info-center logbuffer command to configure to output information to the memory buffer. Use the undo info-center logbuffer command to cancel the information output to buffer this command takes effect only after the system loggi...
Page 465
Log commands 465 for the related commands, see info-center enable , display info-center . Example configure to send log information to the unix workstation at 202.38.160.1. System-view system view: return to user view with ctrl+z. [sw5500]info-center loghost202.38.160.1 info-center loghost source sy...
Page 466
466 c hapter 12: u sing s ystem m anagement c ommands channel-name: specify the channel name. The name can be channel6, channel7, channel8, channel9, console, logbuffer, loghost, monitor, snmpagent, trapbuffer. Description use the info-center monitor channel command to set the channel to output the ...
Page 468
468 c hapter 12: u sing s ystem m anagement c ommands channel-name: channel name to be set. The name can be channel6, channel7, channel8, channel9, console, logbuffer, loghost, monitor, snmpagent, trapbuffer. State: set the state of the information. State: specify the state as on or off . Descriptio...
Page 471
Log commands 471 buffersize: size of trap buffer (numbers of messages). Channel: configure the channel to output information to trap buffer. Channel-number: channel number, ranging from 0 to 9, that is, the system has ten channels. Channel-name: specify the channel name. Description use the info-cen...
Page 472
472 c hapter 12: u sing s ystem m anagement c ommands parameter none description use the reset trapbuffer command to clear information in trap buffer. Example clear information in trap buffer. Reset trapbuffer terminal debugging syntax terminal debugging undo terminal debugging view user view parame...
Page 473
Log commands 473 by default, this function is enabled. Example disable the terminal log display. Undo terminal logging terminal monitor syntax terminal monitor undo terminal monitor view user view parameter none description use the terminal monitor command to enable the log debugging/log/trap on the...
Page 474
474 c hapter 12: u sing s ystem m anagement c ommands description use the terminal trapping command to enable terminal trap information display. Use the undo terminal trapping command to disable this function. By default, this function is enabled. Example enable trap information display. Terminal tr...
Page 475
Snmp configuration commands 475 description use the display snmp-agent community command to display the currently configured community names. Example display the currently configured community names. Display snmp-agent community community name:public group name:public storage-type: nonvolatile commu...
Page 477
Snmp configuration commands 477 display snmp-agent statistics syntax display snmp-agent statistics view all views parameter none description use the display snmp-agent statistics command to view the current state of snmp communication. This command provides a counter for snmp operations. Example dis...
Page 480
480 c hapter 12: u sing s ystem m anagement c ommands number of getreq msgs sent :0 number of getnextreq msgs received :0 number of getnextreq msgs sent :0 number of getresp msgs received :0 number of getresp msgs sent :0 number of getnextresp msgs received :0 number of getnextresp msgs sent :0 numb...
Page 481
Snmp configuration commands 481 view system view parameter read: indicate that mib object can only be read. Write: indicate that mib object can be read and written. Community-name: community name character string. View-name: mib view name. Acl acl-list : set access control list for specified communi...
Page 482
482 c hapter 12: u sing s ystem m anagement c ommands privacy: specifies that the packet is authenticated and encrypted. Read-view: configures read-only view settings. Read-view : enter a read-only view name, up to 32 characters in length. Write-view: configures read and write view settings. Write-v...
Page 483
Snmp configuration commands 483 description use the snmp-agent local-engineid command to configure a name for a local or remote snmp engine on the switch. Use the undo snmp-agent local-engineid command to restore the default setting of engine id. Device information is determined according to differe...
Page 484
484 c hapter 12: u sing s ystem m anagement c ommands undo snmp-agent packet max-size view system view parameter byte-count: specify the size of snmp packet (measured in bytes), ranging from 484 to 17940; the default size is 1500 bytes. Description use the snmp-agent packet max-size command to confi...
Page 485
Snmp configuration commands 485 description use the snmp-agent sys-info command to set system information such as geographical location of the device, contact information for system maintenance and version information of running snmp. Use the undo snmp-agent sys-info location command to restore the ...
Page 486
486 c hapter 12: u sing s ystem m anagement c ommands use the undo snmp-agent target-host command to cancel the host currently configured to receive snmp notification. You must enter the snmp-agent trap enable command before you enter the snmp-agent target-host command. The snmp-agent trap enable co...
Page 487
Snmp configuration commands 487 coldstart : configure to send snmp cold start trap messages when switch is rebooted. Linkdown : configure to send snmp link down trap messages when switch port turns down. Linkup : configure to send snmp link up trap messages when switch port turns up. Warmstart : con...
Page 488
488 c hapter 12: u sing s ystem m anagement c ommands for the related commands, see snmp-agent trap enable , snmp-agent target-host . Example configure the timeout interval of trap packet as 60 seconds. System-view system view: return to user view with ctrl+z. [sw5500]snmp-agent trap life 60 snmp-ag...
Page 489
Snmp configuration commands 489 example configure the ip address of the vlan interface 1 as the source address for transmitting the trap packets. System-view system view: return to user view with ctrl+z. [sw5500]snmp-agent trap source vlan-interface 1 snmp-agent usm-user syntax snmp-agent usm-user {...
Page 490
490 c hapter 12: u sing s ystem m anagement c ommands privpassstring : enter the encryption password with a character string, ranging from 1 to 64 bytes. Acl acl-list : enter the access control list for this user, based on usm name. Description use the snmp-agent usm-user command to add a new commun...
Page 491
Rmon configuration commands 491 display rmon alarm syntax display rmon alarm [ alarm-table-entry ] view all views parameter alarm-table-entry : alarm table entry index. Description use the display rmon alarm command to view rmon alarm information. For the related commands, see rmon alarm. Example di...
Page 492
492 c hapter 12: u sing s ystem m anagement c ommands parameter event-table-entry : entry index of event table. Description use the display rmon event command to view rmon events. The display includes event index in event table, owner of the event, description to the event, action caused by event (l...
Page 493
Rmon configuration commands 493 description: the 1.3.6.1.2.1.16.1.1.1.4.1 defined in alarm table 1, less than(or =) 100 with alarm value 0. Alarm sample type is absolute. Generates eventlog 1.2 at 0days 00h:02m:27s. Description: the alarm formula defined in private alarm table 1, less than(or =) 100...
Page 494
494 c hapter 12: u sing s ystem m anagement c ommands display rmon prialarm syntax display rmon prialarm [ prialarm-table-entry ] view all views parameter prialarm-table-entry : entry of extended alarm table. Description use the display rmon prialarm command to display information about extended ala...
Page 495
Rmon configuration commands 495 table 66 output description of the display rmon prialarm command display rmon statistics syntax display rmon statistics [ port-num ] view all views parameter port-num : ethernet port number. Description use the display rmon statistics command to display rmon statistic...
Page 497
Rmon configuration commands 497 falling-threshold threshold-value2 : falling threshold, ranging from 0 to 2147483647. Event-entry2 : event number corresponding to the falling threshold, ranging from 0 to 65535. Owner text : specifies the creator of the alarm. Length of the character string ranges fr...
Page 498
498 c hapter 12: u sing s ystem m anagement c ommands owner rmon-station: name of the network management station that creates this entry. The length of the character string ranges from 1 to 127. Description use the rmon event command to add an entry to the event table. Use the undo rmon event comman...
Page 500
500 c hapter 12: u sing s ystem m anagement c ommands example delete line 10 from the extended rmon alarm table. System-view system view: return to user view with ctrl+z. [sw5500]undo rmon prialarm 10 rmon statistics syntax rmon statistics entry-number [ owner text-string ] undo rmon statistics entr...
Page 502
502 c hapter 12: u sing s ystem m anagement c ommands display ntp-service sessions syntax display ntp-service sessions [ verbose ] view all views. Parameter verbose : display detailed information about the sessions. Description use the display ntp-service sessions command to display the status of al...
Page 503
Ntp configuration commands 503 actual frequency: 100.0000 hz clock precision: 2^17 clock offset: 0.0000 ms root delay: 0.00 ms root dispersion: 0.00 ms peer dispersion: 0.00 ms reference time: 00:00:00.000 utc jan 1 1900(00000000.00000000) the following table describes the outputs: display ntp-servi...
Page 505
Ntp configuration commands 505 parameters none description use the ntp-service authentication enable command to enable the ntp-service authentication function, if no ip address is specified, the switch automatically selects 224.0.1.1 as the multicast ip address. Use the undo ntp-service authenticati...
Page 506
506 c hapter 12: u sing s ystem m anagement c ommands undo ntp-service broadcast-client view vlan interface view parameter none. Description use the ntp-service broadcast-client command to configure ntp broadcast client mode. Use the undo ntp-service broadcast-client command to disable the ntp broad...
Page 507
Ntp configuration commands 507 designate an interface on the local equipment to broadcast ntp packets. The local equipment runs in broadcast-server mode and regularly broadcasts packets to its clients. Example configure to broadcast ntp packets via vlan-interface1 and encrypt them with key 4 and set...
Page 508
508 c hapter 12: u sing s ystem m anagement c ommands description use the ntp-service multicast-client command to configure the ntp multicast client mode. Use the undo ntp-service multicast-client command to disable the ntp multicast client mode. By default, the multicast client service is disabled....
Page 509
Ntp configuration commands 509 designate an interface on the local equipment to transmit ntp multicast packet. The local equipment operates in multicast-server mode and multicasts packets regularly to its clients. Example configure to transmit ntp multicast packets encrypted with key 4 via vlan-inte...
Page 510
510 c hapter 12: u sing s ystem m anagement c ommands view system view parameter interface-name : specify an interface. The source ip address of the packets will be taken from the address of the interface. Interface-type : specify the interface type and determine an interface with the interface-numb...
Page 513
Ssh configuration commands 513 system view: return to user view with ctrl+z. [sw5500]ntp-service unicast-server 128.108.22.44 version 3 ssh configuration commands this section describes the ssh configuration commands available on your switch 5500g-ei. Debugging ssh server syntax debugging ssh server...
Page 514
514 c hapter 12: u sing s ystem m anagement c ommands parameter none description use the display rsa local-key-pair public command to display local key pair and public key of the server. If no key is generated, corresponding information will be prompted, for example, “rsa keys not found”. Related co...
Page 515
Ssh configuration commands 515 1023 abcd 1024 hq 1024 wn1 1024 hq_all display rsa peer-public-key name abcd key name:abcd key address: data: 30818602 8180739a 291abda7 04f5d93d c8fdf84c 42746319 91c164b0 df178c55 fa833591 c7d47d53 81d09ce8 2913d7ed f9c08511 d83ca4ed 2b30b809 808eb0d1 f52d045d e40861...
Page 516
516 c hapter 12: u sing s ystem m anagement c ommands parameter username : valid ssh user named defined by aaa description use the display ssh user-information command to display information of the user, including username, corresponding key, authentication type. If a username is specified, the syst...
Page 517
Ssh configuration commands 517 telnet: supports only telnet protocol. Description use the protocol inbound command to configure the protocols supported by a designated user interface. By default, the system supports both telnet and ssh protocols. If ssh protocol is enabled and specified for the user...
Page 518
518 c hapter 12: u sing s ystem m anagement c ommands system-view system view: return to user view with ctrl+z. [sw5500]rsa peer-public-key sw5500003 [sw5500-rsa-public-key]public-key-code begin [sw5500-rsa-key-code]308186028180739a291abda704f5d93dc8fdf84c427463 [sw5500-rsa-key-code]1991c164b0df178c...
Page 519
Ssh configuration commands 519 description use the rsa local-key-pair create command to create local rsa host key pair and server key pair. If you have configured rsa key, the system gives an alarm after using this command and prompts that the existing one will be replaced. The key naming format is ...
Page 520
520 c hapter 12: u sing s ystem m anagement c ommands acknowledgement information will be promoted before the system clears all rsa key pairs. This command is just a one-time instruction, so the result will not be stored in the configuration file. Related command: rsa local-key-pair create . Example...
Page 521
Ssh configuration commands 521 description use the ssh server authentication-retries command to define ssh authentication retry times value, which takes effect at next logon. Use the undo ssh server authentication-retries command to restore the default retry value. By default, it is 3. Related comma...
Page 522
522 c hapter 12: u sing s ystem m anagement c ommands parameter seconds : defines registration timeout value, in the range of 1~120 seconds. Description use the ssh server timeout command to define timeout value for ssh registration authentication, which takes effect at next logon. Use the undo ssh ...
Page 524
524 c hapter 12: u sing s ystem m anagement c ommands.
Page 525: Ootrom
A b ootrom i nterface accessing the bootrom interface during the initial boot phase of the switch the following prompt is displayed with a five second countdown timer allowing access to the bootrom: starting...... ****************************************************** * * * superstack 4 switch 5500g...
Page 526
526 c hapter a: b ootrom i nterface boot menu 1. Download application file to flash 2. Select application file to boot 3. Display all files in flash 4. Delete file from flash 5. Modify bootrom password 6. Enter bootrom upgrade menu 7. Skip current configuration file 8. Set bootrom password recovery ...
Page 527
Boot menu 527 enter option 1 at the prompt to display the following: free space: 10491904 bytes (*)-with main attribute;(b)-with backup attribute (*b)-with both main and backup attribute please input the file number to be change: an asterisk (*) indicates the current main boot file. A similar screen...
Page 528
528 c hapter a: b ootrom i nterface free space: 10460160 bytes the current application file is s4b03_01_04s168.App (*)-with main attribute;(b)-with backup attribute (*b)-with both main and backup attribute please input the file number to delete: the current application file is name and an * indicate...
Page 529
Boot menu 529 are you sure to disable bootrom password recovery? Yes or no(y/n) n if the bootrom super password is disabled and the bootrom password (set at boot menu option 5) is lost, bootrom access is no longer possible. If access to the bootrom menu is required, the switch will need to be return...
Page 530
530 c hapter a: b ootrom i nterface selecting a ftp download 1. Set tftp protocol parameter 2. Set ftp protocol parameter 3. Set xmodem protocol parameter 0. Return to boot menu enter your choice(0-3): 2 load file name:s4b03_01_04s168.App switch ip address:10.1.1.200 server ip address:10.1.1.177 ftp...