- DL manuals
- Accton Technology
- Switch
- VS4512
- Management Manual
Accton Technology VS4512 Management Manual
Summary of VS4512
Page 1
Vdsl switch-vs4512 vdsl switch-vs4512dc management guide.
Page 2
Command line interface 4-16 stopbits this command sets the number of the stop bits transmitted per byte. Use the no form to restore the default setting. Syntax stopbits { 1
Page 3: Vdsl Switch-V4512
Management guide vdsl switch-v4512 vdsl switch (with ac power connector) supporting 12 vdsl lines, with 2 slots for optional 1000base-sx, 1000base-lx, 1000base-t or 1000base-x gbic uplink modules vdsl switch-vs4512dc vdsl switch (with dc power connector) supporting 12 vdsl lines, with 2 slots for op...
Page 4
Accton is a trademark of accton technology corporation. Other trademarks or brand names mentioned herein are trademarks or registered trademarks of their respective companies. International headquarters no. 1 creation road iii, science-based industrial park hsinchu 300, taiwan phone: 886-3-5770-270 ...
Page 5: Contents
I contents chapter 1: introduction 1-1 key features 1-1 description of software features 1-2 system defaults 1-5 chapter 2: initial configuration 2-1 connecting to the switch 2-1 configuration options 2-1 required connections 2-2 remote connections 2-3 basic configuration 2-3 console connection 2-3 ...
Page 6
Contents ii saving or restoring configuration settings 3-16 downloading configuration settings from a server 3-16 setting the startup configuration file 3-17 copying the running configuration to a file 3-17 resetting the system 3-18 setting the system clock 3-18 configuring sntp 3-18 setting the tim...
Page 7
Contents iii address table settings 3-73 setting static addresses 3-73 displaying the address table 3-74 changing the aging time 3-75 spanning tree algorithm configuration 3-76 displaying global settings 3-77 configuring global settings 3-79 displaying interface settings 3-81 configuring interface s...
Page 8
Contents iv chapter 4: command line interface 4-1 using the command line interface 4-1 accessing the cli 4-1 console connection 4-1 telnet connection 4-1 entering commands 4-3 keywords and arguments 4-3 minimum abbreviation 4-3 command completion 4-3 getting help on commands 4-3 showing commands 4-4...
Page 9
Contents v user access commands 4-24 username 4-24 enable password 4-25 ip filter commands 4-26 management 4-26 show management 4-27 web server commands 4-28 ip http port 4-28 ip http server 4-28 ip http secure-server 4-29 ip http secure-port 4-30 ip telnet server 4-30 secure shell commands 4-31 ip ...
Page 10
Contents vi system status commands 4-49 show startup-config 4-49 show running-config 4-51 show system 4-53 show users 4-53 show version 4-54 flash/file commands 4-55 copy 4-55 delete 4-57 dir 4-58 whichboot 4-59 boot system 4-59 authentication commands 4-60 authentication sequence 4-60 authenticatio...
Page 11
Contents vii snmp commands 4-76 snmp-server community 4-76 snmp-server contact 4-77 snmp-server location 4-77 snmp-server host 4-78 snmp-server enable traps 4-79 snmp ip filter 4-80 show snmp 4-81 dhcp commands 4-82 dhcp client 4-82 ip dhcp client-identifier 4-82 ip dhcp restart client 4-83 interfac...
Page 12
Contents viii show controllers efm admin 4-112 show controllers efm profile 4-112 show controllers efm status 4-114 show controllers efm remote ethernet mode 4-115 show controllers efm-noise-margin 4-116 show controllers efm channel-performance 4-117 show controllers efm line-table 4-117 show contro...
Page 13
Contents ix configuring private vlans 4-144 pvlan 4-144 show pvlan 4-145 bridge extension commands 4-146 show bridge-ext 4-146 priority commands 4-147 priority commands (layer 2) 4-147 switchport priority default 4-147 queue mode 4-148 queue bandwidth 4-149 queue cos-map 4-150 show queue mode 4-151 ...
Page 14
Contents x ip interface commands 4-166 basic ip configuration 4-166 ip address 4-167 ip default-gateway 4-168 show ip interface 4-168 show ip redirects 4-169 ping 4-169 appendix a: software specifications a-1 software features a-1 management features a-2 standards a-2 management information bases a-...
Page 15: Chapter 1: Introduction
1-1 chapter 1: introduction the switch provides a broad range of features for layer 2 switching. It includes a management agent that allows you to configure the features listed in this manual. The default configuration can be used for most of the features provided by this switch. However, there are ...
Page 16
Introduction 1-2 description of software features the switch provides a wide range of advanced performance enhancing features. Flow control eliminates the loss of packets due to bottlenecks caused by port saturation. Broadcast storm suppression prevents broadcast traffic storms from engulfing the ne...
Page 17
Description of software features 1-3 port mirroring – the switch can unobtrusively mirror traffic from any port to a monitor port. You can then attach a protocol analyzer or rmon probe to this port to perform traffic analysis and verify connection integrity. Port trunking – ports can be combined int...
Page 18
Introduction 1-4 virtual lans – the switch supports up to 255 vlans. A virtual lan is a collection of network nodes that share the same collision domain regardless of their physical location or connection point in the network. The switch supports tagged vlans based on the ieee 802.1q standard. Membe...
Page 19: System Defaults
System defaults 1-5 system defaults the switch’s system defaults are provided in the configuration file “factory_default_config.Cfg.” to reset the switch defaults, this file should be set as the startup configuration file (page 3-17). The following table lists some of the basic system defaults. Func...
Page 20
Introduction 1-6 web management http server enabled http port number 80 http secure server enabled http secure port number 443 snmp community strings “public” (read only) “private” (read/write) traps authentication traps: enabled link-up-down events: enabled ip filtering disabled port configuration ...
Page 21
System defaults 1-7 acceptable frame type all ingress filtering disabled switchport mode (egress mode) hybrid: tagged/untagged frames traffic prioritization ingress port priority 0 weighted round robin queue: 0:1 1:4 2:16 3:64 ip precedence priority disabled ip dscp priority disabled ip settings ip ...
Page 22
Introduction 1-8.
Page 23: Connecting To The Switch
2-1 chapter 2: initial configuration connecting to the switch configuration options the switch includes a built-in network management agent. The agent offers a variety of management options, including snmp, rmon and a web-based interface. A pc may also be connected directly to the switch for configu...
Page 24: Required Connections
Initial configuration 2-2 • globally set broadcast storm control • display system information and statistics required connections the switch provides an rs-232 serial port that enables a connection to a pc or terminal for monitoring and configuring the switch. A null-modem console cable is provided ...
Page 25: Remote Connections
Basic configuration 2-3 remote connections prior to accessing the switch’s onboard agent via a network connection, you must first configure it with a valid ip address, subnet mask, and default gateway using a console connection, dhcp or bootp protocol. The ip address for this switch is assigned by d...
Page 26: Setting Passwords
Initial configuration 2-4 setting passwords note: if this is your first time to log into the cli program, you should define new passwords for both default user names using the “username” command, record them and put them in a safe place. Passwords can consist of up to 8 alphanumeric characters and a...
Page 27
Basic configuration 2-5 before you can assign an ip address to the switch, you must obtain the following information from your network administrator: • ip address for the switch • default gateway for the network • network mask for this network to assign an ip address to the switch, complete the foll...
Page 28
Initial configuration 2-6 5. Wait a few minutes, and then check the ip configuration settings by typing the “show ip interface” command. Press . 6. Then save your configuration changes by typing “copy running-config startup-config.” enter the startup file name and press . Enabling snmp management ac...
Page 29
Basic configuration 2-7 to configure a community string, complete the following steps: 1. From the privileged exec level global configuration mode prompt, type “snmp-server community string mode ,” where “string” is the community access string and “mode” is rw (read/write) or ro (read only). Press ....
Page 30: Managing System Files
Initial configuration 2-8 managing system files the switch’s flash memory supports three types of system files that can be managed by the cli program, web interface, or snmp. The switch’s file system allows files to be uploaded and downloaded, copied, deleted, and set as a start-up file. The three t...
Page 31: Using The Web Interface
3-1 chapter 3: configuring the switch using the web interface this switch provides an embedded http web agent. Using a web browser you can configure the switch and view statistics to monitor network activity. The web agent can be accessed by any computer on the network using a standard web browser (...
Page 32: Home Page
Configuring the switch 3-2 navigating the web browser interface to access the web-browser interface you must first enter a user name and password. The administrator has read/write access to all configuration parameters and statistics. The default user name and password for the administrator is “admi...
Page 33: Panel Display
Navigating the web browser interface 3-3 notes: 1. To ensure proper screen refresh, be sure that internet explorer 5.X is configured as follows: under the menu “tools / internet options / general / temporary internet files / settings,” the setting for item “check for newer versions of stored pages” ...
Page 34
Configuring the switch 3-4 sntp 3-18 configuration configures sntp client settings, including broadcast mode or a specified list of servers 3-18 clock time zone sets the local time zone for the system clock 3-19 snmp 3-20 configuration configures community strings and related trap functions 3-21 ip ...
Page 35
Navigating the web browser interface 3-5 rate limit 3-50 input port configuration sets the input rate limit for each port 3-50 input trunk configuration sets the input rate limit for each trunk 3-50 output port configuration sets the output rate limit for each port 3-50 output trunk configuration se...
Page 36
Configuring the switch 3-6 vlan 3-86 802.1q vlan 3-86 basic information displays information on the vlan type supported by this switch 3-88 current table shows the current port members of each vlan and whether or not the port is tagged or untagged 3-89 static list used to create or remove vlan group...
Page 37: Basic Configuration
Basic configuration 3-7 basic configuration displaying system information you can easily identify the system by displaying the device name, location and contact information. Field attributes • system name – name assigned to the switch system. • object id – mib ii object id for switch’s network manag...
Page 38
Configuring the switch 3-8 web – click system, system information. Specify the system name, location, and contact information for the system administrator, then click apply. (this page also includes a telnet button that allows access to the command line interface via telnet.) cli – specify the hostn...
Page 39
Basic configuration 3-9 displaying switch hardware/software versions use the switch information page to display hardware/firmware version numbers for the main board and management software, as well as the power status of the system. Field attributes main board • serial number – the serial number of ...
Page 40
Configuring the switch 3-10 cli – use the following command to display version information. Displaying bridge extension capabilities the bridge mib includes extensions for managed devices that support multicast filtering, traffic classes, and virtual lans. You can access these extensions to display ...
Page 41
Basic configuration 3-11 web – click system, bridge extension. Cli – enter the following command. Setting the switch’s ip address an ip address may be used for management access to the switch over your network. By default, the switch uses dhcp to assign ip settings to vlan 1 on the switch. If you wi...
Page 42
Configuring the switch 3-12 command attributes • management vlan – id of the configured vlan (1-4093, no leading zeroes). By default, all ports on the switch are members of vlan 1. However, the management station can be attached to a port belonging to any vlan, as long as that vlan has been assigned...
Page 43
Basic configuration 3-13 cli – specify the management interface, ip address and default gateway. Using dhcp/bootp if your network provides dhcp/bootp services, you can configure the switch to be dynamically configured by these services. Web – click system, ip configuration. Specify the vlan to which...
Page 44: Fan Status
Configuring the switch 3-14 renewing dchp – dhcp may lease addresses to clients indefinitely or for a specific period of time. If the address expires or the switch is moved to another network segment, you will lose management access to the switch. In this case, you can reboot the switch or submit a ...
Page 45
Basic configuration 3-15 note: up to two copies of the system software (i.E., the runtime firmware) can be stored in the file directory on the switch. The currently designated startup version of this file cannot be deleted. Downloading system software from a server when downloading runtime code, you...
Page 46
Configuring the switch 3-16 cli – enter the ip address of the tftp server, select “config” or “opcode” file type, then enter the source and destination file names, set the new file to start up the system, and then restart the switch. Saving or restoring configuration settings you can upload/download...
Page 47
Basic configuration 3-17 setting the startup configuration file if you download to a new file name, select the new file from the drop-down list for startup configuration file, and press apply changes. To use the new settings, reboot the system via the system/reset menu. Cli – enter the ip address of...
Page 48: Resetting The System
Configuring the switch 3-18 resetting the system web – click system, reset. Click the reset button to restart the switch. Cli – use the reload command to restart the switch. Note: when restarting the system, it will always run the power-on self-test. Setting the system clock simple network time prot...
Page 49
Basic configuration 3-19 • sntp poll interval – sets the interval between sending requests for a time update from a time server when set to sntp client mode. (range: 16-16284 seconds; default: 16 seconds) • sntp server – in unicast mode, sets the ip address for up to three time servers. The switch a...
Page 50
Configuring the switch 3-20 web – select sntp, clock time zone. Set the offset for your time zone relative to the utc, and click apply. Cli - this example shows how to set the time zone for the system clock. Simple network management protocol simple network management protocol (snmp) is a communicat...
Page 51
Simple network management protocol 3-21 setting community access strings you may configure up to five community strings authorized for management access. All community strings used for ip trap managers should be listed in this table. For security reasons, you should consider removing the default str...
Page 52
Configuring the switch 3-22 specifying trap managers and trap types traps indicating status changes are issued by the switch to specified trap managers. You must specify trap managers so that key events are reported by this switch to your management station (using network management platforms such a...
Page 53
Simple network management protocol 3-23 filtering addresses for snmp client access the switch allows you to create a list of up to 16 ip addresses or ip address groups that are allowed access to the switch via snmp management software. Command usage • to specify the clients allowed snmp access, ente...
Page 54: User Authentication.
Configuring the switch 3-24 cli – this example allows snmp access for a specific client. User authentication. Use the passwords or radius/tacacs+ menu to restrict management access based on specified user names and passwords. You can manually configure access rights on the switch (passwords menu), o...
Page 55
User authentication. 3-25 cli – assign a user name to access-level 15 (i.E., administrator), then specify the password. Configuring local/remote logon authentication use the authentication settings menu to restrict management access based on specified user names and passwords. You can manually confi...
Page 56
Configuring the switch 3-26 command attributes • authentication – select the authentication, or authentication sequence required: - local – user authentication is performed only locally by the switch. - radius – user authentication is performed using a radius server only. - tacacs – user authenticat...
Page 57
User authentication. 3-27 web – click security, authentication settings. To configure local or remote authentication preferences, specify the authentication sequence (i.E., one to three methods), fill in the parameters for radius or tacacs+ authentication if selected, and click apply. Cli – specify ...
Page 58: Telnet Settings
Configuring the switch 3-28 telnet settings telnet access to the switch can be enabled via the web or cli. Web – click security, telnet settings, then check the checkbox to enable access via telnet (i.E., a virtual terminal). Cli – this example enables telnet access to the switch. Configuring https ...
Page 59
User authentication. 3-29 command attributes • https status – allows you to enable/disable the https server feature on the switch. (default: enabled) • change https port number – specifies the udp port number used for https/ ssl connection to the switch’s web interface. (default: port 443) web – cli...
Page 60: Configuring The Secure Shell
Configuring the switch 3-30 configuring the secure shell the berkley-standard includes remote access tools originally designed for unix systems. Some of these tools have also been implemented for microsoft windows and other environments. These tools, including commands such as, rsh (remote shell), a...
Page 61: Configuring Port Security
User authentication. 3-31 cli – this example enables ssh, sets the authentication parameters, and displays the current configuration. It shows that the administrator has made a connection via shh, and then disabled this connection. Configuring port security port security is a feature that allows you...
Page 62
Configuring the switch 3-32 command attributes • port – port number. • action* – the action to be taken when a port security violation is detected: - none : no action should be taken. (this is the default.) - trap : send an snmp trap message. - shutdown : disable the port. - trap and shutdown : send...
Page 63
User authentication. 3-33 configuring 802.1x port authentication network switches can provide open and easy access to network resources by simply attaching a client pc. Although this automatic configuration and access is a desirable feature, it also allows unauthorized personnel to easily intrude an...
Page 64
Configuring the switch 3-34 displaying 802.1x global settings the dot1x protocol includes global parameters that control the client authentication process that runs between the client and the switch (i.E., authenticator), as well as the client identity lookup process that runs between the switch and...
Page 65
User authentication. 3-35 cli – this example shows the default protocol settings for 802.1x. For a description of the additional entries displayed in the cli, see “show dot1x” on page 73. Console#show dot1x 4-73 global 802.1x parameters reauth-enabled: yes reauth-period: 300 quiet-period: 350 tx-per...
Page 66
Configuring the switch 3-36 configuring 802.1x global settings the dot1x protocol includes global parameters that control the client authentication process that runs between the client and the switch (i.E., authenticator), as well as the client identity lookup process that runs between the switch an...
Page 67
User authentication. 3-37 cli – this enables re-authentication and sets all of the global parameters for 802.1x. Configuring port authorization mode when dot1x is enabled, you need to specify the dot1x authentication mode configured for each port. Command attributes • status – indicates if authentic...
Page 68
Configuring the switch 3-38 cli – this example sets the authentication mode to enable 802.1x on port 2, and allows up to ten clients to connect to this port. Displaying 802.1x statistics this switch can display statistics for dot1x protocol exchanges for any port. Statistical values web – select sec...
Page 69: Port Configuration
Port configuration 3-39 cli – this example displays the 802.1x statistics for port 4. Port configuration displaying connection status you can use the port information or trunk information pages to display the current connection status, including link state, speed/duplex mode, flow control, and auto-...
Page 70
Configuring the switch 3-40 • max mac count – shows the maximum number of mac address that can be learned by a port. (0 - 20 addresses) • speed duplex status – shows the current speed and duplex mode. • flow control status – indicates the type of flow control currently in use. (ieee 802.3x, back-pre...
Page 71
Port configuration 3-41 - 10full - supports 10 mbps full-duplex operation - 100half - supports 100 mbps half-duplex operation - 100full - supports 100 mbps full-duplex operation - 1000full - supports 1000 mbps full-duplex operation - sym - transmits and receives pause frames for flow control - fc - ...
Page 72
Configuring the switch 3-42 cli – this example shows the connection status for port 5. Configuring interface connections you can use the port configuration or trunk configuration page to enable/disable an interface, set auto-negotiation and the interface capabilities to advertise, or manually fix th...
Page 73
Port configuration 3-43 • autonegotiation (port capabilities) – allows auto-negotiation to be enabled/ disabled. When auto-negotiation is enabled, you need to specify the capabilities to be advertised. When auto-negotiation is disabled, you can force the settings for speed, mode, and flow control.Th...
Page 74: Creating Trunk Groups
Configuring the switch 3-44 cli – select the interface, and then enter the required settings. Creating trunk groups you can create multiple links between devices that work as one virtual, aggregate link. A port trunk offers a dramatic increase in bandwidth for network segments where bottlenecks exis...
Page 75
Port configuration 3-45 statically configuring a trunk command usage • when configuring static trunks, you may not be able to link switches of different types, depending on the manufacturer’s implementation. However, note that the static trunks on this switch are cisco etherchannel compatible. • to ...
Page 76
Configuring the switch 3-46 cli – this example creates trunk 2 with ports 13 and 14. Just connect these ports to two static trunk ports on another switch to form a trunk. Enabling lacp on selected ports command usage • to avoid creating a loop in the network, be sure you enable lacp before connectin...
Page 77
Port configuration 3-47 web – click port, lacp, configuration. Select switch ports from the scroll-down port list and click add. After you have completed adding ports to the member list, click apply. Cli – the following example enables lacp for ports 13 and 14. Just connect these ports to lacp-enabl...
Page 78
Configuring the switch 3-48 setting broadcast storm thresholds broadcast storms may occur when a device on your network is malfunctioning, or if application programs are not well designed or properly configured. If there is too much broadcast traffic on your network, performance can be severely degr...
Page 79: Configuring Port Mirroring
Port configuration 3-49 cli – specify any interface, and then enter the threshold. The following disables broadcast storm control for port 1, and then sets broadcast suppression at 600 packets per second for port 2. This threshold will then apply to all ports with broadcast storm control enabled. Co...
Page 80: Configuring Rate Limits
Configuring the switch 3-50 web – click port, mirror. Specify the source port, the traffic type to be mirrored, and the target port, then click add . Cli – use the interface command to select the monitor port, then use the port monitor command to specify the source port. Note that default mirroring ...
Page 81: Showing Port Statistics
Port configuration 3-51 web - click rate limit, input/output port/trunk configuration. Set the input rate limit status or output rate limit status, then set the rate limit for the individual interfaces, and click apply. Cli - this example sets the rate limit for input and output traffic passing thro...
Page 82
Configuring the switch 3-52 statistical values parameter description interface statistics received octets the total number of octets received on the interface, including framing characters. Received unicast packets the number of subnetwork-unicast packets delivered to a higher-layer protocol. Receiv...
Page 83
Port configuration 3-53 single collision frames the number of successfully transmitted frames for which transmission is inhibited by exactly one collision. Internal mac transmit errors a count of frames for which transmission on a particular interface fails due to an internal mac sublayer transmit e...
Page 84
Configuring the switch 3-54 web – click port, port statistics. Select the required interface, and click query. You can also use the refresh button at the bottom of the page to update the screen. 64 bytes frames the total number of frames (including bad packets) received and transmitted that were 64 ...
Page 85
Port configuration 3-55 cli – this example shows statistics for port 12. Console#show interfaces counters ethernet 1/12 4-92 ethernet 1/12 iftable stats: octets input: 868453, octets output: 3492122 unicast input: 7315, unitcast output: 6658 discard input: 0, discard output: 0 error input: 0, error ...
Page 86: Vdsl Configuration
Configuring the switch 3-56 vdsl configuration you can configure and display communication parameters for vdsl and ethernet ports on the switch and connected cpes. Vdsl global configuration this web page assigns the same profile to each vdsl switch port. Details of these profiles are given in the ta...
Page 87
Vdsl configuration 3-57 4. The maximum distances for vdsl links using the recommended profiles are: 5. Type-1 26 awg (100 ohm)/0.4 mm, or type-2 24 awg (100 ohm)/0.5 mm cable may be installed to achieve the maximum distance. However, typically, 24 awg (100 ohm)/0.5 mm wire is better than 26 awg (100...
Page 88: Vdsl Port Configuration
Configuring the switch 3-58 vdsl port configuration you can enable/disable a selected port, enable/disable remote digital loopback (rdl), set the optimal transmission rate, and configure a profile for the selected port. Command attributes • active status – check this box to enable the selected port....
Page 89
Vdsl configuration 3-59 noise margins should be configured to a level appropriate to the actual noise level of the environment. A noisier environment requires a higher noise margin to ensure a stable link. The noise margin only comes into effect after a link is activated. Increasing the noise margin...
Page 90
Configuring the switch 3-60 web – click vdsl, port configuration. Select a port from the drop-down list, and click select. Cli – the following examples show how these features are configured in the cli. Examples the following example disables vdsl port 1. The following example shows how to enable/di...
Page 91: Vdsl Port Link Status
Vdsl configuration 3-61 the following example shows rate adaption enabled for port 1. The following example configures vdsl port 1 with an upstream noise margin of 6, and a downstream noise margin of 6. The following example configures vdsl port 1 with: • m - downstream value: 16, upstream value: 8 ...
Page 92
Configuring the switch 3-62 - pbo – indicates the status of the power back-off mechanism (on/off). If pbo is enabled, the power of transmission from the port will automatically be adjusted to ensure that the signal successfully reaches the receive port. - rate adaptation – the data rate on a vdsl li...
Page 93
Vdsl configuration 3-63 cli –the following examples show how vdsl link current values are displayed in the cli. Examples the following example displays vdsl link current values on vdsl switch port 2. The following example displays link status, signal-to-noise ratios, reed-solomon errors, interleaver...
Page 94
Configuring the switch 3-64 displaying vdsl port ethernet statistics vdsl port ethernet statistics display key statistics for an interface. Web – click vdsl, vdsl port ethernet statistics..
Page 95: Vdsl Line Configuration
Vdsl configuration 3-65 cli – use the show interfaces counters command. Example vdsl line configuration command attributes • line – select the vdsl line for configuration from the drop-down list. • local/remote – in this version this may only be set to local, indicating that the line configuration a...
Page 96
Configuring the switch 3-66 • config profile – in this version, only “defval” is displayed. In future versions, a drop-down list of all configurable vdsl profiles will be displayed in this field. • alarm config profile – the alarm profile is pre-configured to send trap messages via snmp protocol to ...
Page 97
Vdsl configuration 3-67 • physical interfaces information - serial number – a number given by the manufacturer to the item produced. This only displays on the cpe side. - vendor id – the name of the manufacturer of this switch. - version number – the number of the current hardware. - current signal ...
Page 98
Configuring the switch 3-68 web – click vdsl, interface information. Select line and channel from the drop-down lists, and click query. Cli – the following examples show how these parameters are displayed in the cli. Examples the following example displays physical interface information for vdsl por...
Page 99
Vdsl configuration 3-69 vdsl performance monitor information this screen displays line and channel performance data information since the switch was last reset, during the current 15 minute interval, and during the current day. Command attributes • line – select the vdsl line from the drop-down list...
Page 100
Configuring the switch 3-70 web – click vdsl, performance monitor information..
Page 101
Vdsl configuration 3-71 cli – use the show controllers efm current-performance command. Example console#show controllers efm current-performance vtu-c 1/1 4-120 vdsl_perf_data_entry : ethernet 1/1 loss of framing 0 ethernet 1/1 loss of signal 0 ethernet 1/1 loss of power 0 ethernet 1/1 loss of link ...
Page 102
Configuring the switch 3-72 monitoring vdsl performance history this page displays line and channel performance data information during selected 15 minute intervals over the last 24 hours of switch operation, and during selected 1-day intervals from the current day to 30 days ago. Command attributes...
Page 103: Setting Static Addresses
Vdsl configuration 3-73 web – click vdsl, performance monitor history. Note: the parameters described above are not displayed in the cli for periods before the current 15 minute, or 24 hour interval. To display these parameters during the current 15 minute, or 24 hour period see “vdsl performance mo...
Page 104
Configuring the switch 3-74 web – click address table, static addresses. Specify the interface, the mac address and vlan, then click add static address. Cli – this example adds an address to the static address table, but sets it to be deleted when the switch is reset. Displaying the address table th...
Page 105: Changing The Aging Time
Vdsl configuration 3-75 web – click address table, dynamic addresses. Specify the search type (i.E., mark the interface, mac address, or vlan checkbox), select the method of sorting the displayed addresses, and then click query . Cli – this example also displays the address table entries for port 1....
Page 106
Configuring the switch 3-76 web – click address table, address aging. Specify the new aging time, click apply . Cli – this example sets the aging time to 400 seconds. Spanning tree algorithm configuration the spanning tree algorithm (sta) can be used to detect and disable network loops, and to provi...
Page 107: Displaying Global Settings
Spanning tree algorithm configuration 3-77 if a bridge does not get a hello bpdu after a predefined interval (maximum age), the bridge assumes that the link to the root bridge is down. This bridge will then initiate negotiations with other bridges to reconfigure the network to reestablish a valid ne...
Page 108
Configuring the switch 3-78 • configuration changes – the number of times the spanning tree has been reconfigured. • last topology change – time since the spanning tree was last reconfigured. These additional parameters are only displayed for the cli: • spanning tree mode – specifies the type of spa...
Page 109: Configuring Global Settings
Spanning tree algorithm configuration 3-79 cli – this command displays global sta settings, followed by settings for each port. Note: the current root port and current root cost display as zero when this device is not connected to the network. Configuring global settings global settings apply to the...
Page 110
Configuring the switch 3-80 • priority – bridge priority is used in selecting the root device, root port, and designated port. The device with the highest priority becomes the sta root device. However, if all devices have the same priority, the device with the lowest mac address will then become the...
Page 111
Spanning tree algorithm configuration 3-81 web – click spanning tree, sta, configuration. Modify the required attributes, and click apply. Cli – this example enables spanning tree protocol, and then configures the sta parameters. Displaying interface settings the sta port information and sta trunk i...
Page 112
Configuring the switch 3-82 the rules defining port status are: - a port on a network segment with no other sta compliant bridging device is always forwarding. - if two ports of a switch are connected to the same segment and there is no other sta device attached to this segment, the port with the sm...
Page 113
Spanning tree algorithm configuration 3-83 these additional parameters are only displayed for the cli: • admin status – shows if this interface is enabled. • path cost – this parameter is used by the sta to determine the best path between devices. Therefore, lower values should be assigned to ports ...
Page 114
Configuring the switch 3-84 web – click spanning tree, sta, port information or sta trunk information. Cli – this example shows the sta attributes for port 5. Configuring interface settings you can configure rstp attributes for specific interfaces, including port priority, path cost, link type, and ...
Page 115
Spanning tree algorithm configuration 3-85 • trunk – indicates if a port is a member of a trunk. (sta port configuration only) the following interface attributes can be configured: • priority – defines the priority used for this port in the spanning tree protocol. If the path cost for all ports on a...
Page 116: Vlan Configuration
Configuring the switch 3-86 • migration – if at any time the switch detects stp bpdus, including configuration or topology change notification bpdus, it will automatically set the selected interface to forced stp-compatible mode. However, you can also use the protocol migration button to manually re...
Page 117
Vlan configuration 3-87 vlans provide greater network efficiency by reducing broadcast traffic, and allow you to make network changes without having to update ip addresses or ip subnets. Vlans inherently provide a high level of network security since traffic must pass through a configured layer 3 li...
Page 118
Configuring the switch 3-88 port overlapping – port overlapping can be used to allow access to commonly shared network resources among different vlan groups, such as file servers or printers. Note that if you implement vlans which do not overlap, but still need to communicate, you can connect them b...
Page 119: Displaying Current Vlans
Vlan configuration 3-89 cli – enter the following command. Displaying current vlans the vlan current table shows the current port members of each vlan and whether or not the port supports vlan tagging. Ports assigned to a large vlan group that crosses several switches should use vlan tagging. Howeve...
Page 120
Configuring the switch 3-90 web – click vlan, 802.1q vlan, current table. Select any id from the scroll-down list. Command attributes (cli) • vlan – id of configured vlan (1-4094, no leading zeroes) • type – shows how this vlan was added to the switch - dynamic: automatically learned via gvrp* - sta...
Page 121: Creating Vlans
Vlan configuration 3-91 creating vlans use the vlan static list to create or remove vlan groups. To propagate information about vlan groups used on this switch to external network devices, you must specify a vlan id for each of these groups. Command attributes • current – lists all the current vlan ...
Page 122
Configuring the switch 3-92 adding static members to vlans (vlan index) notes: 1. Use the vlan static table to configure port members for the selected vlan index. Assign ports as tagged if they are connected to 802.1q vlan compliant devices, or untagged they are not connected to any vlan-aware devic...
Page 123
Vlan configuration 3-93 web – click vlan, 802.1q vlan, static table. Select a vlan id from the scroll-down list. Modify the vlan name and status if required. Select the membership type by marking the appropriate radio button in the list of ports or trunks. Click apply. Cli – the following example ad...
Page 124
Configuring the switch 3-94 web – open vlan, 802.1q vlan, static membership. Select an interface from the scroll-down box (port or trunk). Click query to display membership information for the interface. Select a vlan id, and then click add to add the interface as a tagged member, or click remove to...
Page 125
Vlan configuration 3-95 • ingress filtering – determines how to process frames tagged for vlans for which the ingress port is not a member. (default: disabled) - ingress filtering only affects tagged frames. - if ingress filtering is disabled and a port receives frames tagged for vlans for which it ...
Page 126: Configuring Private Vlans
Configuring the switch 3-96 web – click vlan, 802.1q vlan, port configuration or vlan trunk configuration. Fill in the required settings for each interface, click apply. Cli – this example sets port 3 to accept only tagged frames, assigns pvid 3 as the native vlan id, sets the garp timers, and then ...
Page 127
Vlan configuration 3-97 enabling private vlans use the private vlan status page to enable/disable the private vlan function. Web – click vlan, private vlan, status. Select enable or disable from the scroll-down box, and click apply. Cli – this example enables private vlans. Configuring uplink and do...
Page 128
Configuring the switch 3-98 cli – this example configures ports 13 and 14 as uplink ports and ports 1-8 as downlink ports. Class of service configuration class of service (cos) allows you to specify which data packets have greater precedence when traffic is buffered in the switch due to congestion. ...
Page 129
Class of service configuration 3-99 command attributes • default priority* – the priority that is assigned to untagged frames received on the specified interface. (range: 0 - 7, default: 0) • number of egress traffic classes – the number of queue buffers provided for each port. * the cli displays th...
Page 130
Configuring the switch 3-100 mapping cos values to egress queues this switch processes class of service (cos) priority tagged traffic by using four priority queues for each port, with service schedules based on strict or weighted round robin (wrr). Up to eight separate traffic priorities are defined...
Page 131: Selecting The Queue Mode
Class of service configuration 3-101 web – click priority, traffic classes. Mark an interface and click select to display the current mapping of cos values to output queues. Assign priorities to the traffic classes (i.E., output queues) for the selected interface, then click apply. Cli – the followi...
Page 132
Configuring the switch 3-102 cli – the following sets the queue mode to strict priority service mode. Setting the service weight for traffic classes this switch uses the weighted round robin (wrr) algorithm to determine the frequency at which it services each priority queue. As described in “mapping...
Page 133
Class of service configuration 3-103 cli – the following example shows how to assign wrr weights to each of the priority queues. Mapping layer 3/4 priorities to cos values this switch supports several common methods of prioritizing layer 3/4 traffic to meet application requirements. Traffic prioriti...
Page 134: Mapping Ip Precedence
Configuring the switch 3-104 cli – the following example enables ip precedence service on the switch. Mapping ip precedence the type of service (tos) octet in the ipv4 header includes three precedence bits defining eight different priority levels ranging from highest priority for network control pac...
Page 135: Mapping Dscp Priority
Class of service configuration 3-105 cli – the following example globally enables ip precedence service on the switch, maps ip precedence value 1 to cos value 0 (on port 1), and then displays the ip precedence settings. * mapping specific values for ip precedence is implemented as an interface confi...
Page 136
Configuring the switch 3-106 web – click priority, ip dscp priority. Select an entry from the dscp table, enter a value in the class of service value field, then click apply. Cli – the following example globally enables dscp priority service on the switch, maps dscp value 0 to cos value 1 (on port 1...
Page 137: Mapping Ip Port Priority
Class of service configuration 3-107 mapping ip port priority in the ip port priority page, for each switch port or trunk, you can map ip ports (tcp/udp ports) to the switch’s 4 traffic class queues. Command attributes • current ip port table – displays a list of ip ports with their mapped class of ...
Page 138: Copy Priority Settings
Configuring the switch 3-108 cli – the following example shows ip port 80 mapped to cos value 0 for ethernet port 1. Copy priority settings in the copy settings page you can copy the priority settings from a selected port or trunk to another selected port or trunk. Command attributes • source interf...
Page 139: Multicast Filtering
Multicast filtering 3-109 multicast filtering multicasting is used to support real-time applications such as videoconferencing or streaming audio. A multicast server does not have to establish a separate connection with each client. It merely broadcasts its service to the network, and any hosts that...
Page 140
Configuring the switch 3-110 configuring igmp snooping and query parameters you can configure the switch to forward multicast traffic intelligently. Based on the igmp query and report messages, the switch forwards traffic only to the ports that request multicast traffic. This prevents the switch fro...
Page 141
Multicast filtering 3-111 web – click igmp snooping, igmp configuration. Adjust the igmp settings as required, and then click apply. (the default settings are shown below.) cli – this example modifies the settings for multicast filtering, and then displays the current status. Displaying interfaces a...
Page 142
Configuring the switch 3-112 web – click igmp snooping, multicast router port information. Select the required vlan id from the scroll-down list to display the associated multicast routers. Cli – this example shows that port 11 has been statically configured as a port attached to a multicast router....
Page 143
Multicast filtering 3-113 web – click igmp snooping, static multicast router port configuration. Specify the interfaces attached to a multicast router, indicate the vlan which will forward all the corresponding multicast traffic, and then click add. After you have finished adding interfaces to the l...
Page 144
Configuring the switch 3-114 web – click igmp snooping, ip multicast registration table. Select a vlan id and the ip address for a multicast service from the scroll-down lists. The switch will display all the interfaces that are propagating this multicast service. Cli – the following shows the multi...
Page 145
Multicast filtering 3-115 web – click igmp snooping, igmp member port table. Specify the interface attached to a multicast service (via an igmp-enabled switch or multicast router), indicate the vlan that will propagate the multicast service, specify the multicast ip address, and click add. After you...
Page 146
Configuring the switch 3-116.
Page 147: Accessing The Cli
4-1 chapter 4: command line interface this chapter describes how to use the command line interface (cli). Using the command line interface accessing the cli when accessing the management interface for the switch over a direct connection to the server’s console port, or via a telnet connection, the s...
Page 148
Command line interface 4-2 to access the switch through a telnet session, you must first set the ip address for the switch, and set the default gateway if you are managing the switch from a different ip subnet. For example, if your corporate network is connected to another network outside your offic...
Page 149: Entering Commands
Entering commands 4-3 entering commands this section describes how to enter cli commands. Keywords and arguments a cli command is a series of keywords and arguments. Keywords identify a command, and arguments specify configuration parameters. For example, in the command “show interfaces status ether...
Page 150: Partial Keyword Lookup
Command line interface 4-4 showing commands if you enter a “?” at the command prompt, the system will display the first level of keywords for the current command class (normal exec or privileged exec) or configuration class (global, acl, interface, line, vlan database, or mstp). You can also display...
Page 151: Using Command History
Entering commands 4-5 negating the effect of commands for many configuration commands you can enter the prefix keyword “ no ” to cancel the effect of a command or reset the configuration to the default value. For example, the logging command will log system messages to a host server. To disable logg...
Page 152: Configuration Commands
Command line interface 4-6 the system will now display the “console#” command prompt. You can also enter privileged exec mode from within normal exec mode, by entering the enable command, followed by the privileged level password “super” (page 4-25). To enter privileged exec mode, enter the followin...
Page 153: Command Line Processing
Entering commands 4-7 to enter the other modes, at the configuration prompt type one of the following commands. Use the exit or end command to return to the privileged exec mode. For example, you can use the following commands to enter interface configuration mode, and then return to privileged exec...
Page 154: Command Groups
Command line interface 4-8 command groups the system commands can be broken down into the functional groups shown below . The access mode shown in the following tables is indicated by these abbreviations: ne (normal exec) lc (line configuration) pe (privileged exec) vc (vlan database configuration) ...
Page 155: Line Commands
Line commands 4-9 line commands you can access the onboard configuration program by attaching a vt100 compatible device to the server’s serial port. These commands are used to set communication parameters for the serial port or telnet (i.E., a virtual terminal). Line this command identifies a specif...
Page 156
Command line interface 4-10 command usage telnet is considered a virtual terminal connection and will be shown as “vty” in screen displays such as show users. However, the serial communication parameters (e.G., databits) do not affect telnet connections. Example to enter console line mode, enter the...
Page 158: Exec-Timeout
Command line interface 4-12 exec-timeout this command sets the interval that the system waits until user input is detected. Use the no form to restore the default. Syntax exec-timeout [ seconds ] no exec-timeout seconds - integer that specifies the number of seconds. (range: 0 - 65535 seconds; 0: no...
Page 159: Silent-Time
Line commands 4-13 command usage • when the logon attempt threshold is reached, the system interface becomes silent for a specified amount of time before allowing the next logon attempt. (use the silent-time command to set this interval.) when this threshold is reached for telnet, the telnet logon i...
Page 161: Speed
Line commands 4-15 command mode line configuration command usage communication protocols provided by devices such as terminals and modems often require a specific parity bit setting. Example to specify no parity, enter this command: speed this command sets the terminal line’s baud rate. This command...
Page 164: Enable
Command line interface 4-18 enable this command activates privileged exec mode. In privileged mode, additional commands are available, and certain commands display additional information. See “understanding command modes” on page 4-5. Syntax enable level level - privilege level to log into the devic...
Page 165: Configure
General commands 4-19 command usage the “>” character is appended to the end of the prompt to indicate that the system is in normal access mode. Example related commands enable (4-18) configure this command activates global configuration mode. You must enter this mode to modify any settings on the s...
Page 166: Reload
Command line interface 4-20 example in this example, the show history command lists the contents of the command history buffer: the ! Command repeats commands from the execution command history buffer when you are in normal exec or privileged exec mode, and commands from the configuration command hi...
Page 167: End
General commands 4-21 end this command returns to privileged exec mode. Default setting none command mode global configuration, interface configuration, line configuration, vlan database configuration, and multiple spanning tree configuration. Example this example shows how to return to the privileg...
Page 168: System Management Commands
Command line interface 4-22 command usage the quit and exit commands can both exit the configuration program. Example this example shows how to quit a cli session: system management commands these commands are used to control system logs, passwords, user names, browser configuration options, and dis...
Page 169
System management commands 4-23 prompt this command customizes the cli prompt. Use the no form to restore the default prompt. Syntax prompt string no prompt string - any alphanumeric string to use for the cli prompt. (maximum length: 255 characters) default setting console command mode global config...
Page 170: User Access Commands
Command line interface 4-24 user access commands the basic commands required for management access are listed in this section. This switch also includes other options for password checking via the console or a telnet connection (page 4-9), user authentication via a remote authentication server (page...
Page 171
System management commands 4-25 example this example shows how the set the access level and password for a user. Enable password after initially logging onto the system, you should set the privileged exec password. Remember to record it in a safe place. This command controls access to the privileged...
Page 174: Web Server Commands
Command line interface 4-28 web server commands ip http port this command specifies the tcp port number used by the web browser interface. Use the no form to use the default port. Syntax ip http port port-number no ip http port port-number - the tcp port to be used by the browser interface. (range: ...
Page 175
System management commands 4-29 command mode global configuration example related commands ip http port (4-28) ip http secure-server this command enables the secure hypertext transfer protocol (https) over the secure socket layer (ssl), providing secure access (i.E., an encrypted connection) to the ...
Page 176
Command line interface 4-30 example related commands ip http secure-port (4-30) copy tftp https-certificate (4-55) ip http secure-port this command specifies the udp port number used for https/ssl connection to the switch’s web interface. Use the no form to restore the default port. Syntax ip http s...
Page 177: Secure Shell Commands
System management commands 4-31 command mode global configuration example secure shell commands the berkley-standard includes remote access tools originally designed for unix systems. Some of these tools have also been implemented for microsoft windows and other environments. These tools, including ...
Page 178
Command line interface 4-32 default setting disabled command mode global configuration command usage • the ssh server supports up to four client sessions. The maximum number of client sessions includes both current telnet sessions and ssh sessions. • the ssh server uses dsa or rsa for key exchange w...
Page 179
System management commands 4-33 example related commands exec-timeout (4-12) show ip ssh (4-34) ip ssh authentication-retries use this command to configure the number of times the ssh server attempts to reauthenticate a user. Use the no form to restore the default setting. Syntax ip ssh authenticati...
Page 180
Command line interface 4-34 example show ip ssh use this command to display the connection settings used when authenticating client access to the ssh server. Command mode privileged exec example show ssh use this command to display the current ssh server connections. Command mode privileged exec exa...
Page 181: Event Logging Commands
System management commands 4-35 event logging commands logging on this command controls logging of error messages, sending debug or error messages to switch memory. The no form disables the logging process. Syntax [ no ] logging on default setting none command mode global configuration command usage...
Page 183
System management commands 4-37 logging host this command adds a syslog server host ip address that will receive logging messages. Use the no form to remove a syslog server host. Syntax [ no ] logging host host_ip_address host_ip_address - the ip address of a syslog server. Default setting none comm...
Page 184
Command line interface 4-38 example logging trap this command limits syslog messages saved to a remote server based on severity. Use the no form to return the remote logging of syslog messages to the default level. Syntax [ no ] logging trap level level - one of the level arguments listed below. Mes...
Page 186: Smtp Alert Commands
Command line interface 4-40 the following example displays settings for the trap function. Related commands show logging sendmail (4-43) smtp alert commands configures smtp event handling, and forwarding of alert messages to the specified smtp servers and email recipients. Console#show logging trap ...
Page 187
System management commands 4-41 logging sendmail host this command specifies smtp servers that will be sent alert messages. Use the no form to remove an smtp server. Syntax [ no ] logging sendmail host ip_address ip_address - ip address of an smtp server that will be sent alert messages for event ha...
Page 188
Command line interface 4-42 command usage the specified level indicates an event threshold. All events at this level or higher will be sent to the configured email recipients. (for example, using level 7 will report all events from level 7 to level 0.) example this example will send email alerts for...
Page 189
System management commands 4-43 command mode global configuration command usage you can specify up to five recipients for alert messages. However, you must enter a separate command to specify each recipient. Example logging sendmail this command enables smtp event handling. Use the no form to disabl...
Page 190: Time Commands
Command line interface 4-44 example time commands the system clock can be dynamically set by polling a set of specified time servers (ntp or sntp), or by using information broadcast by local time servers. Sntp client this command enables sntp client requests for time synchronization from ntp or sntp...
Page 191
System management commands 4-45 command usage • the time acquired from time servers is used to record accurate dates and times for log events. Without sntp, the switch only records the time starting from the factory default set at the last bootup (e.G., 00:00:00, jan. 1, 2001). • this command enable...
Page 192
Command line interface 4-46 command usage this command specifies time servers from which the switch will poll for time updates when set to sntp client mode. The client will poll the time servers in the order specified until a response is received. It issues time synchronization requests based on the...
Page 193
System management commands 4-47 sntp broadcast client this command synchronizes the switch’s clock based on time broadcast from time servers (using the multicast address 224.0.1.1). Use the no form to disable sntp broadcast client mode. Syntax [ no ] sntp broadcast client default setting disabled co...
Page 195: System Status Commands
System management commands 4-49 default setting none command mode privileged exec example this example shows how to set the system clock to 15:12:34, february 1st, 2002. Show calendar this command displays the system clock. Default setting none command mode normal exec, privileged exec example syste...
Page 196
Command line interface 4-50 command mode privileged exec command usage • use this command in conjunction with the show running-config command to compare the information in running memory to the information stored in non-volatile memory. • this command displays settings for key command modes. Each mo...
Page 197
System management commands 4-51 example related commands show running-config (4-51) show running-config this command displays the configuration information currently in use. Default setting none command mode privileged exec console#show startup-config building startup-config, please wait..... ! ! Us...
Page 198
Command line interface 4-52 command usage • use this command in conjunction with the show startup-config command to compare the information in running memory to the information stored in non-volatile memory. • this command displays settings for key command modes. Each mode group is separated by “!” ...
Page 199
System management commands 4-53 related commands show startup-config (4-49) show system this command displays system information. Default setting none command mode normal exec, privileged exec command usage • for a description of the items shown by this command, refer to “displaying system informati...
Page 200
Command line interface 4-54 command mode normal exec, privileged exec command usage the session used to execute this command is indicated by a “*” symbol next to the line (i.E., session) index number. Example show version this command displays hardware and software version information for the system...
Page 201: Flash/file Commands
Flash/file commands 4-55 flash/file commands these commands are used to manage the system code or configuration files. Copy this command moves (upload/download) a code image or configuration file between the switch’s flash memory and a tftp server. When you save the system code or configuration sett...
Page 202
Command line interface 4-56 command usage • the system prompts for data required to complete the copy command. • the destination file name should not contain slashes (\ or /), the leading letter of the file name should not be a period (.), and the maximum length for file names on the tftp server is ...
Page 203: Delete
Flash/file commands 4-57 the following example shows how to download a configuration file: this example shows how to copy a secure-site certificate from an tftp server. It then reboots the switch to activate the certificate: delete this command deletes a file or image. Syntax delete filename filenam...
Page 205: Whichboot
Flash/file commands 4-59 whichboot this command displays which files were booted when the system powered up. Default setting none command mode privileged exec example this example shows the information displayed by the whichboot command. See the table under the dir command for a description of the f...
Page 206: Authentication Commands
Command line interface 4-60 related commands dir (4-58) whichboot (4-59) authentication commands you can configure this switch to authenticate users logging into the system for management access using local or radius authentication methods. You can also enable port-based authentication for network c...
Page 207: Radius Client
Authentication commands 4-61 • radius and tacacs+ logon authentication assigns a specific privilege level for each user name and password pair. The user name, password, and privilege level must be configured on the authentication server. • you can specify three authentication methods in a single com...
Page 208
Command line interface 4-62 command mode global configuration example radius-server port this command sets the radius server network port. Use the no form to restore the default. Syntax radius-server port port_number no radius-server port port_number - radius server udp port used for authentication ...
Page 209
Authentication commands 4-63 example radius-server retransmit this command sets the number of retries. Use the no form to restore the default. Syntax radius-server retransmit number_of_retries no radius-server retransmit number_of_retries - number of times the switch will try to authenticate logon a...
Page 210: Tacacs+ Client
Command line interface 4-64 show radius-server this command displays the current settings for the radius server. Default setting none command mode privileged exec example tacacs+ client terminal access controller access control system (tacacs+) is a logon authentication protocol that uses software r...
Page 211
Authentication commands 4-65 example tacacs-server port this command specifies the tacacs+ server network port. Use the no form to restore the default. Syntax tacacs-server port port_number no tacacs-server port port_number - tacacs+ server tcp port used for authentication messages. (range: 1-65535)...
Page 212: Port Security Commands
Command line interface 4-66 example show tacacs-server this command displays the current settings for the tacacs+ server. Default setting none command mode privileged exec example port security commands these commands can be used to disable the learning function or manually specify secure addresses ...
Page 213
Authentication commands 4-67 port security this command enables or configures port security. Use the no form without any keywords to disable port security. Use the no form with the appropriate keyword to restore the default settings for a response to security violation or for the maximum number of a...
Page 214: 802.1X Port Authentication
Command line interface 4-68 example the following example enables port security for port 5, and sets the response to a security violation to issue a trap message: related commands shutdown (4-89) mac-address-table static (4-122) show mac-address-table (4-123) 802.1x port authentication the switch su...
Page 215
Authentication commands 4-69 default setting radius command mode global configuration example dot1x default this command sets all configurable dot1x global and port settings to their default values. Syntax dot1x default command mode global configuration example dot1x max-req this command sets the ma...
Page 217
Authentication commands 4-71 example dot1x re-authenticate this command forces re-authentication on all ports or a specific interface. Syntax dot1x re-authenticate interface interface • ethernet unit / port - unit - this is device 1. - port - port number. Command mode privileged exec example dot1x r...
Page 218
Command line interface 4-72 default 60 seconds command mode global configuration example dot1x timeout re-authperiod this command sets the time period after which a connected client must be re-authenticated. Syntax dot1x timeout re-authperiod seconds no dot1x timeout re-authperiod seconds - the numb...
Page 219
Authentication commands 4-73 example show dot1x this command shows general port authentication related settings on the switch or a specific interface. Syntax show dot1x [ statistics ] [ interface interface ] interface • ethernet unit / port - unit - this is device 1. - port - port number. Command mo...
Page 220
Command line interface 4-74 • authenticator state machine - state– current state (including initialize, disconnected, connecting, authenticating, authenticated, aborting, held, force_authorized, force_unauthorized). - reauth count– number of times connecting state is re-entered. • backend state mach...
Page 221
Authentication commands 4-75 example console#show dot1x global 802.1x parameters reauth-enabled: yes reauth-period: 300 quiet-period: 350 tx-period: 300 supp-timeout: 30 server-timeout: 30 reauth-max: 2 max-req: 2 802.1x port summary port name status mode authorized 1 disabled forceauthorized n/a 2 ...
Page 222: Snmp Commands
Command line interface 4-76 snmp commands snmp commands control access to this switch from management stations using the simple network management protocol (snmp), as well as the error types sent to trap managers. Snmp-server community this command defines the community access string for the simple ...
Page 223: Snmp-Server Contact
Snmp commands 4-77 example snmp-server contact this command sets the system contact string. Use the no form to remove the system contact information. Syntax snmp-server contact string no snmp-server contact string - string that describes the system contact information. (maximum length: 255 character...
Page 224: Snmp-Server Host
Command line interface 4-78 example related commands snmp-server contact (4-77) snmp-server host this command specifies the recipient of a simple network management protocol notification operation. Use the no form to remove the specified host. Syntax snmp-server host host-addr community-string [ ver...
Page 225: Snmp-Server Enable Traps
Snmp commands 4-79 example related commands snmp-server enable traps (4-79) snmp-server enable traps this command enables this device to send simple network management protocol traps (snmp notifications). Use the no form to disable snmp notifications. Syntax [ no ] snmp-server enable traps [ authent...
Page 226: Snmp Ip Filter
Command line interface 4-80 snmp ip filter this command sets the ip addresses of clients that are allowed management access to the switch via snmp. Use the no form the remove an ip address. Syntax [ no ] snmp ip filter ip_address subnet_mask • ip_address - an ip address indicating a client or group ...
Page 227: Show Snmp
Snmp commands 4-81 show snmp this command checks the status of snmp communications. Default setting none command mode normal exec, privileged exec command usage this command provides information on the community access strings, counter information for snmp input and output protocol data units, and w...
Page 228: Dhcp Commands
Command line interface 4-82 dhcp commands these commands are used to configure dynamic host configuration protocol (dhcp) client. You can configure any vlan interface to be automatically assigned an ip address via dhcp. Dhcp client ip dhcp client-identifier this command specifies the dchp client ide...
Page 229
Dhcp commands 4-83 ip dhcp restart client this command submits a bootp or dhcp client request. Default setting none command mode privileged exec command usage • this command issues a bootp or dhcp client request for any ip interface that has been set to bootp or dhcp mode via the ip address command....
Page 230: Interface Commands
Command line interface 4-84 interface commands these commands are used to display or set communication parameters for an ethernet port, aggregated link, or vlan. Interface this command configures an interface type and enter interface configuration mode. Use the no form to remove a trunk. Syntax inte...
Page 231: Description
Interface commands 4-85 command mode global configuration example to specify port 24, enter the following command: description this command adds a description to an interface. Use the no form to remove the description. Syntax description string no description string - comment or a description to hel...
Page 232: Negotiation
Command line interface 4-86 default setting • auto-negotiation is enabled by default. • when auto-negotiation is disabled, the default speed-duplex setting is 100half for 100base-tx ports and 1000full for gigabit ethernet ports. Command mode interface configuration (ethernet, port channel) command u...
Page 233: Capabilities
Interface commands 4-87 command usage • when auto-negotiation is enabled the switch will negotiate the best settings for a link based on the capabilities command. When auto-negotiation is disabled, you must manually specify the link attributes with the speed-duplex and flowcontrol commands. • if aut...
Page 234: Flowcontrol
Command line interface 4-88 command usage when auto-negotiation is enabled with the negotiation command, the switch will negotiate the best settings for a link based on the capabilities command. When auto-negotiation is disabled, you must manually specify the link attributes with the speed-duplex an...
Page 235: Shutdown
Interface commands 4-89 example the following example enables flow control on port 5. Related commands negotiation (4-86) capabilities (4-87) shutdown this command disables an interface. To restart a disabled interface, use the no form. Syntax [ no ] shutdown default setting all interfaces are enabl...
Page 236: Clear Counters
Command line interface 4-90 default setting enabled for all ports packet-rate limit: 500 packets per second command mode interface configuration (ethernet) command usage • when broadcast traffic exceeds the specified threshold, packets above that threshold are dropped. • this command can enable or d...
Page 237: Show Interfaces Status
Interface commands 4-91 example the following example clears statistics on port 5. Show interfaces status this command displays the status for an interface. Syntax show interfaces status [ interface ] interface • ethernet unit / port - unit - this is device 1. - port - port number. • port-channel ch...
Page 238: Show Interfaces Counters
Command line interface 4-92 example show interfaces counters this command displays interface statistics. Syntax show interfaces counters [ interface ] interface • ethernet unit / port - unit - this is device 1 - port - port number • port-channel channel-id (value: 1) default setting shows the counte...
Page 239: Show Interfaces Switchport
Interface commands 4-93 example related commands show controllers ethernet-controller (4-109) show interfaces switchport this command displays the administrative and operational status of the specified interfaces. Syntax show interfaces switchport [ interface ] interface • ethernet unit / port - uni...
Page 240
Command line interface 4-94 command usage if no interface is specified, information on all interfaces is displayed. Example this example shows the configuration setting for port 2. * not supported in the present version * not supported in the current version console#show interfaces switchport ethern...
Page 242: Show Port Monitor
Command line interface 4-96 example the following example configures the switch to mirror all packets from port 6 to 11: show port monitor this command displays mirror information. Syntax show port monitor [ interface ] interface - ethernet unit / port (source port) • unit - switch (unit 1) • port -...
Page 243: Rate Limit Commands
Rate limit commands 4-97 rate limit commands this function allows the network manager to control the maximum rate for traffic transmitted or received on an interface. Rate limiting is configured on interfaces at the edge of a network to limit traffic into or out of the network. Traffic that falls wi...
Page 244: Link Aggregation Commands
Command line interface 4-98 link aggregation commands ports can be statically grouped into an aggregate link (i.E., trunk) to increase the bandwidth of a network connection or to ensure fault recovery. Or you can use the link aggregation control protocol (lacp) to automatically negotiate a trunk lin...
Page 245: Channel-Group
Link aggregation commands 4-99 • however, if the port channel admin key is set, then the port admin key must be set to the same value for a port to be allowed to join a channel group. • if a link goes down, lacp port priority is used to select the backup link. Channel-group this command adds a port ...
Page 246
Command line interface 4-100 command usage • the ports on both ends of an lacp trunk must be configured for full duplex, either by forced mode or auto-negotiation. • a trunk formed with another switch using lacp will automatically be assigned the next available port-channel id. • if the target switc...
Page 247: Vdsl Commands
Vdsl commands 4-101 vdsl commands these commands are used to to configure and display communication parameters for vdsl and ethernet ports on the switch and connected cpes. Command function mod e page efm profile global batch assigns profiles for speed to all the vdsl ports on the switch gc 4-102 ef...
Page 248: Efm Profile Global
Command line interface 4-102 efm profile global use this command to batch assign profiles for speed to all the vdsl ports on the switch. Syntax efm profile global profile name profile name - name of the profile. Default setting default profile command mode global configuration command usage assigns ...
Page 249: Efm Profile
Vdsl commands 4-103 2. A suffix of “a” in the profile name (e.G., s2-16-16a) indicates that this profile is for both vdsl and adsl lines in a bundle. Profiles without a suffix of “a” in the profile name (e.G., s1-16-16) are for vdsl lines only. 3. The following profiles are recommended for use with ...
Page 251: Efm Rdl
Vdsl commands 4-105 command mode interface configuration command usage use this command to disable the vdsl chipset transmitter of a vdsl port that is not connected to a working cpe. In some unusual circumstances, the power emitted by vdsl ports can affect other vdsl ports. It is recommended that po...
Page 252: Efm Interleave
Command line interface 4-106 efm interleave this command sets the interleave parameters for the selected vdsl port. Syntax efm interleave [ downstream m value ] [ upstream m value ] [ downstream i value ] [ upstream i value ] no efm interleave • m value – m is the interleaving depth index. Range: 0-...
Page 253: Efm Noise-Margin
Vdsl commands 4-107 efm noise-margin this command sets the noise margin of the selected vdsl port. Use the no form of this command to disable this feature. Syntax efm noise-margin [ downstream noise margin ] [ upstream noise margin ] no efm noise-margin • downstream noise margin - a measure of the a...
Page 254: Efm Rate-Adapt
Command line interface 4-108 example the following example configures vdsl port 1 with an upstream noise margin of 6, and a downstream noise margin of 6. Related commands efm interleave (4-106) show controllers efm-noise-margin (4-116) efm rate-adapt this command enables and disables the rate adapti...
Page 255: Efm Pbo
Vdsl commands 4-109 efm pbo this command enables and disables power back-off on the selected vdsl port. Syntax [ no ] efm pbo default setting enabled command mode interface configuration command usage if pbo is enabled, the power of transmission from the port will automatically be adjusted to ensure...
Page 256
Command line interface 4-110 example related commands show interfaces counters (4-92) console#show controllers ethernet-controller ethernet 1/2 ethernet 1/2 : efm phy on switch: transmit 9671624 bytes transmitted 8487 frames transmitted 0 pause frames 0 single collision frames 0 multiple collisions ...
Page 259
Vdsl commands 4-113 command mode privileged exec command usage see efm profile global (4-102) for the vdsl profiles shipped with the switch, and for the their upstream and downstream data rates. Examples this example displays vdsl profiles and link status for the switch’s vdsl ports. This example di...
Page 260: Show Controllers Efm Status
Command line interface 4-114 show controllers efm status use this command to display the vdsl link statistics and profile information on a specific vdsl port including link state, link duration, data rates, power levels, signal-to-noise ratio, and reed-solomon errors. Syntax show controllers efm sta...
Page 261
Vdsl commands 4-115 this example displays the link status, uptime, profile name, downstream and upstream rates, and the number of link failures for the switch’s vdsl ports. Related commands show controllers efm interface-id actual show controllers efm interface-id admin show controllers efm remote e...
Page 262
Command line interface 4-116 show controllers efm-noise-margin this command displays the noise margin for the switch’s vdsl ports. Syntax show controllers efm noise-margin default setting default: 0 dbm command mode privileged exec example this example displays the downstream (ds) and upstream (us) ...
Page 267
Vdsl commands 4-121 example console#show controllers efm current-performance vtu-c 1/1 vdsl_perf_data_entry : ethernet 1/1 loss of framing 0 ethernet 1/1 loss of signal 0 ethernet 1/1 loss of power 0 ethernet 1/1 loss of link 0 ethernet 1/1 errored seconds 0 ethernet 1/1 severely errored seconds 0 e...
Page 268: Address Table Commands
Command line interface 4-122 address table commands these commands are used to configure the address table for filtering specified addresses, displaying current entries, clearing the table, or setting the aging time. Mac-address-table static this command maps a static address to a destination port i...
Page 269: Show Mac-Address-Table
Address table commands 4-123 • static addresses are bound to the assigned interface and will not be moved. When a static address is seen on another interface, the address will be ignored and will not be written to the address table. • a static address cannot be learned on another port until the addr...
Page 270
Command line interface 4-124 command usage • the mac address table contains the mac addresses associated with each interface. Note that the type field may include the following types: • learned - dynamic address entries • permanent - static entry • delete-on-reset - static entry to be deleted when s...
Page 271: Spanning Tree Commands
Spanning tree commands 4-125 show mac-address-table aging-time this command shows the aging time for entries in the address table. Default setting none command mode privileged exec example spanning tree commands this section includes commands that configure the spanning tree algorithm (sta) globally...
Page 272: Spanning-Tree
Command line interface 4-126 spanning-tree this command enables the spanning tree algorithm globally for the switch. Use the no form to disable it. Syntax [ no ] spanning-tree default setting spanning tree is enabled. Command mode global configuration command usage the spanning tree algorithm (sta) ...
Page 273: Spanning-Tree Forward-Time
Spanning tree commands 4-127 • rapid spanning tree protocol rstp supports connections to either stp or rstp nodes by monitoring the incoming protocol messages and dynamically adjusting the type of protocol messages the rstp node transmits, as described below: - stp mode – if the switch receives an 8...
Page 274: Spanning-Tree Hello-Time
Command line interface 4-128 example spanning-tree hello-time this command configures the spanning tree bridge hello time globally for this switch. Use the no form to restore the default. Syntax spanning-tree hello-time time no spanning-tree hello-time time - time in seconds. (range: 1-10 seconds). ...
Page 275: Spanning-Tree Priority
Spanning tree commands 4-129 command usage this command sets the maximum time (in seconds) a device can wait without receiving a configuration message before attempting to reconfigure. All device ports (except for designated ports) should receive configuration messages at regular intervals. Any port...
Page 277: Spanning-Tree Cost
Spanning tree commands 4-131 example spanning-tree cost this command configures the spanning tree path cost for the specified interface. Use the no form to restore the default. Syntax spanning-tree cost cost no spanning-tree cost cost - the path cost for the port. (range: 1-200,000,000)) the recomme...
Page 278: Spanning-Tree Port-Priority
Command line interface 4-132 spanning-tree port-priority this command configures the priority for the specified interface. Use the no form to restore the default. Syntax spanning-tree port-priority priority no spanning-tree port-priority priority - the priority for a port. (range: 0-240, in steps of...
Page 279: Spanning-Tree Portfast
Spanning tree commands 4-133 command usage • you can enable this option if an interface is attached to a lan segment that is at the end of a bridged lan or to an end node. Since end nodes cannot cause forwarding loops, they can pass directly through to the spanning tree forwarding state. Specifying ...
Page 281: Show Spanning-Tree
Spanning tree commands 4-135 spanning-tree protocol-migration this command re-checks the appropriate bpdu format to send on the selected interface. Syntax spanning-tree protocol-migration interface interface • ethernet unit / port - unit - this is device 1. - port - port number. • port-channel chann...
Page 282
Command line interface 4-136 command usage • use the show spanning-tree command with no parameters to display the spanning tree configuration for the switch and for every interface in the tree. • use the show spanning-tree interface command to display the spanning tree configuration for an interface...
Page 283: Vlan Commands
Vlan commands 4-137 vlan commands a vlan is a group of ports that can be located anywhere in the network, but communicate as though they belong to the same physical segment. This section describes commands used to create vlan groups, add port members, specify how vlan tagging is used, and enable aut...
Page 285: Configuring Vlan Interfaces
Vlan commands 4-139 configuring vlan interfaces interface vlan this command enters interface configuration mode for vlans, which is used to configure vlan parameters for a physical interface. Syntax interface vlan vlan-id vlan-id - id of the configured vlan. (range: 1-4093, no leading zeroes) defaul...
Page 287
Vlan commands 4-141 command usage when set to receive all frame types, any received frames that are untagged are assigned to the default vlan. Example the following example shows how to restrict the traffic received on port 1 to tagged frames: related commands switchport mode (4-140) switchport ingr...
Page 288
Command line interface 4-142 switchport native vlan this command configures the pvid (i.E., default vlan id) for a port. Use the no form to restore the default. Syntax switchport native vlan vlan-id no switchport native vlan vlan-id - default vlan id for a port. (range: 1-4093, no leading zeroes) de...
Page 289: Displaying Vlan Information
Vlan commands 4-143 command mode interface configuration (ethernet, port channel) command usage • a port, or a trunk with switchport mode set to hybrid , must be assigned to at least one vlan as untagged. • if a trunk has switchport mode set to trunk (i.E., 1q trunk), then you can only assign an int...
Page 290: Configuring Private Vlans
Command line interface 4-144 default setting shows all vlans. Command mode normal exec, privileged exec example the following example shows how to display information for vlan 1: configuring private vlans pvlan use this command in global configuration mode to enable or configure private vlan. Use th...
Page 291: Show Pvlan
Configuring private vlans 4-145 command usage a private vlan allows modification of the default vlan to provide port-based security and isolation between ports within the vlan. Data traffic on the downlink ports can only be forwarded to, and from, the uplink port. Private vlans and normal vlans can ...
Page 292: Bridge Extension Commands
Command line interface 4-146 bridge extension commands this section describes how to display default configuration settings for the bridge extension mib. Show bridge-ext this command shows the configuration for bridge extension commands. Default setting none command mode privileged exec command usag...
Page 293: Priority Commands
Priority commands 4-147 priority commands the commands described in this section allow you to specify which data packets have greater precedence when traffic is buffered in the switch due to congestion. This switch supports cos with four priority queues for each port. Data packets in a port’s high-p...
Page 294
Command line interface 4-148 command mode interface configuration (ethernet, port channel) command usage • the precedence for priority mapping is ip port, ip precedence or ip dscp, and default switchport priority. • the default priority applies for an untagged frame received on a port set to accept ...
Page 295
Priority commands 4-149 command usage you can set the switch to service the queues based on a strict rule that requires all traffic in a higher priority queue to be processed before lower priority queues are serviced, or use weighted round-robin (wrr) queuing that specifies a relative weight of each...
Page 296
Command line interface 4-150 queue cos-map this command assigns class of service (cos) values to the priority queues (i.E., hardware output queues 0 - 3). Use the no form set the cos map to the default values. Syntax queue cos-map queue_id [ cos1 ... Cosn ] no queue cos-map • queue_id - the id of th...
Page 297
Priority commands 4-151 show queue mode this command shows the current queue mode. Default setting none command mode privileged exec example show queue bandwidth this command displays the weighted round-robin (wrr) bandwidth allocation for the eight priority queues. Default setting none command mode...
Page 298: Priority Commands
Command line interface 4-152 command mode privileged exec example priority commands (layer 3 and 4) map ip precedence (global configuration) this command enables ip precedence mapping (i.E., ip type of service). Use the no form to disable ip precedence mapping. Syntax [ no ] map ip precedence defaul...
Page 299
Priority commands 4-153 map ip precedence (interface configuration) this command sets ip precedence priority (i.E., ip type of service priority). Use the no form to restore the default table. Syntax map ip precedence ip-precedence-value cos cos-value no map ip precedence • precedence-value - 3-bit p...
Page 300
Command line interface 4-154 command usage • the precedence for priority mapping is ip port, ip precedence or ip dscp, and default switchport priority. • ip precedence and ip dscp cannot both be enabled. Enabling one of these priority types will automatically disable the other type. Example the foll...
Page 301
Priority commands 4-155 example the following example shows how to map ip dscp value 1 to cos value 0: map ip port (global configuration) use this command to enable ip port mapping (i.E., class of service mapping for tcp/udp sockets). Use the no form to disable ip port mapping. Syntax map ip port no...
Page 302
Command line interface 4-156 show map ip precedence this command shows the ip precedence priority map. Syntax show map ip precedence interface interface • ethernet unit / port - unit - this is device 1. - port - port number. • port-channel channel-id (value: 1) default setting none command mode priv...
Page 303
Priority commands 4-157 default setting none command mode privileged exec example related commands map ip dscp (global configuration) (4-153) map ip dscp (interface configuration) (4-154) show map ip port use this command to show the ip port priority map. Syntax show map ip port [ interface ] interf...
Page 304: Igmp Snooping Commands
Command line interface 4-158 example the following shows that http traffic has been mapped to cos value 0: related commands map ip port (interface configuration) (4-155) multicast filtering commands this switch uses igmp (internet group management protocol) to query for any attached hosts that want ...
Page 305
Multicast filtering commands 4-159 default setting enabled command mode global configuration example the following example enables igmp snooping. Ip igmp snooping vlan static this command adds a port to a multicast group. Use the no form to remove the port. Syntax [ no ] ip igmp snooping vlan vlan-i...
Page 306
Command line interface 4-160 default setting igmp version 2 command mode global configuration command usage all systems on the subnet must support the same version. If there are legacy devices in your network that only support version 1, you will also have to configure this switch to use version 1. ...
Page 308
Command line interface 4-162 ip igmp snooping querier this command enables the switch as an igmp querier. Use the no form to disable it. Syntax [ no ] ip igmp snooping querier default setting enabled command mode global configuration command usage if enabled, the switch will serve as querier if elec...
Page 309
Multicast filtering commands 4-163 example the following shows how to configure the query count to 10: related commands ip igmp snooping query-max-response-time (4-163) ip igmp snooping query-interval this command configures the query interval. Use the no form to restore the default. Syntax ip igmp ...
Page 310
Command line interface 4-164 command usage • the switch must be using igmpv2 for this command to take effect. • this command defines the time after a query, during which a response is expected from a multicast client. If a querier has sent a number of queries defined by the ip igmp snooping query-co...
Page 311
Multicast filtering commands 4-165 related commands ip igmp snooping version (4-159) static multicast routing commands ip igmp snooping vlan mrouter this command statically configures a multicast router port. Use the no form to remove the configuration. Syntax [ no ] ip igmp snooping vlan vlan-id mr...
Page 312: Ip Interface Commands
Command line interface 4-166 show ip igmp snooping mrouter this command displays information on statically configured and dynamically learned multicast router ports. Syntax show ip igmp snooping mrouter [ vlan vlan-id ] vlan-id - vlan id (range: 1-4093) default setting displays multicast router port...
Page 314
Command line interface 4-168 ip default-gateway this command establishes a static route between this switch and devices that exist on another network segment. Use the no form to remove the static route. Syntax ip default-gateway gateway no ip default-gateway gateway - ip address of the default gatew...
Page 315
Ip interface commands 4-169 show ip redirects this command shows the default gateway configured for this device. Default setting none command mode privileged exec example related commands ip default-gateway (4-168) ping this command sends icmp echo request packets to another node on the network. Syn...
Page 316
Command line interface 4-170 example related commands interface (4-84) console#ping 10.1.0.9 type esc to abort. Ping to 10.1.0.9, by 5 32-byte payload icmp packets, timeout is 5 seconds response time: 10 ms response time: 10 ms response time: 10 ms response time: 10 ms response time: 0 ms ping stati...
Page 317: Software Features
A-1 appendix a: software specifications software features authentication local, radius, tacacs, port (802.1x), https, ssh, port security dhcp client port configuration 1000base-t: 10/100/1000 mbps, half/full duplex 1000base-sx/lx: 1000 mbps, full duplex flow control full duplex: ieee 802.3x half dup...
Page 318: Management Features
A-2 software specifications management features in-band management telnet, web-based http or https, snmp manager, or secure shell out-of-band management rs-232 db-9 console port software loading tftp in-band or xmodem out-of-band snmp management access via mib database trap management to specified h...
Page 319
A-3 management information bases management information bases bridge mib (rfc 1493) entity mib (rfc 2737) ethernet mib (rfc 2665) ether-like mib (rfc 1643) extended bridge mib (rfc 2674) extensible snmp agents mib (rfc 2742) forwarding table mib (rfc 2096) igmp mib (rfc 2933) interface group mib (rf...
Page 320
A-4 software specifications.
Page 321: Appendix B: Troubleshooting
B-1 appendix b: troubleshooting troubleshooting chart symptom action cannot connect using telnet, web browser, or snmp software • be sure you have configured the agent with a valid ip address, subnet mask and default gateway. • if you are trying to connect to the agent via the ip address for a tagge...
Page 322
B-2 troubleshooting.
Page 323: Glossary
Glossary-1 glossary boot protocol (bootp) bootp is used to provide bootup information for network devices, including ip address information, the address of the tftp server that contains the devices system files, and the name of the boot file. Class of service (cos) cos is supported by prioritizing p...
Page 324
Glossary glossary-2 garp vlan registration protocol (gvrp) defines a way for switches to exchange vlan information in order to register necessary vlan members on ports along the spanning tree so that vlans defined in each switch can work automatically over a spanning tree network. Generic attribute ...
Page 325
Glossary glossary-3 ieee 802.3x defines ethernet frame start/stop requests and timers used for flow control on full-duplex links. Igmp snooping listening to igmp query and igmp report packets transferred between ip multicast routers and ip multicast host groups to identify ip multicast group members...
Page 326
Glossary glossary-4 management information base (mib) an acronym for management information base. It is a set of database objects that contains information about a specific device. Multicast switching a process whereby the switch filters incoming multicast frames for services for which no attached h...
Page 327
Glossary glossary-5 remote authentication dial-in user service (radius) radius is a logon authentication protocol that uses software running on a central server to control access to radius-compliant devices on the network. Remote monitoring (rmon) rmon provides comprehensive network monitoring capab...
Page 328
Glossary glossary-6 transmission control protocol/internet protocol (tcp/ip) protocol suite that includes tcp as the primary transport protocol, and ip as the network layer protocol. Trivial file transfer protocol (tftp) a tcp/ip protocol commonly used for software downloads. User datagram protocol ...
Page 329: Index
Index-1 numerics 802.1x, port authentication 3-33, 4-68 a acceptable frame type 3-94, 4-140 address table 3-73, 4-122 aging time 3-75, 4-125 b bootp 3-13, 4-167 bpdu 3-76 broadcast storm, threshold 3-48, 4-89 c class of service see cos cli, showing commands 4-4 command line interface see cli communi...
Page 330
Index index-2 logon authentication 3-24, 4-60 radius client 4-61 radius server 4-61 tacacs+ client 3-25, 4-64 tacacs+ server 3-25, 4-64 logon authentication, sequence 3-26, 4-60 m main menu 3-3 management information bases (mibs) a-3 mirror port, configuring 3-49, 4-95 multicast filtering 3-109, 4-1...
Page 331
Index index-3 startup files creating 3-16, 4-55 displaying 3-15, 4-49 setting 3-15, 4-59 static addresses, setting 3-73, 4-122 statistics port 3-51, 4-92 stp 3-79, 4-126 stp also see sta system clock, setting 3-18, 4-44 system software, downloading from server 3-15, 4-55 t tacacs+, logon authenticat...
Page 332
Index index-4.
Page 334
Vs4512 vs4512dc e122003-r02 150000041800a.