- DL manuals
- D-Link
- Switch
- xStack DGS-3200 Series
- Cli Manual
D-Link xStack DGS-3200 Series Cli Manual
Summary of xStack DGS-3200 Series
Page 1
Cli manual . September 2007 651gs320015g recyclable product model : gs-3200-10 d layer 2 gigabit ethernet managed switch release 1 cli manual product model: dgs-3200 series layer 2 gigabit ethernet managed switch release 1.1.
Page 2: Table of Contents
Dgs-3200 series layer 2 gigabit managed switch cli manual ii table of contents i. Introduction .................................................................................................................. 15 1 u sing c ommand l ine i nterface .......................................................
Page 3
Dgs-3200 series layer 2 gigabit managed switch cli manual iii 4-1 download ...............................................................................................................................................................49 4-2 upload .......................................................
Page 4
Dgs-3200 series layer 2 gigabit managed switch cli manual iv 7-4 show trusted_host..................................................................................................................................................84 7-5 config snmp system_name ............................................
Page 5
Dgs-3200 series layer 2 gigabit managed switch cli manual v 12-1 config sntp .........................................................................................................................................................116 12-2 show sntp.......................................................
Page 6
Dgs-3200 series layer 2 gigabit managed switch cli manual vi 16-13 config stp .........................................................................................................................................................152 16-14 config stp ports..............................................
Page 7
Dgs-3200 series layer 2 gigabit managed switch cli manual vii 20-12 disable pvid auto_assign.................................................................................................................................184 20-13 show pvid auto_assign...................................................
Page 8
Dgs-3200 series layer 2 gigabit managed switch cli manual viii 27-4 enable ipif ..........................................................................................................................................................212 27-5 disable ipif ...............................................
Page 9
Dgs-3200 series layer 2 gigabit managed switch cli manual ix 32-6 disable igmp_snooping.....................................................................................................................................241 32-7 show igmp_snooping........................................................
Page 10
Dgs-3200 series layer 2 gigabit managed switch cli manual x 35-14 delete 802.1x guest_vlan ................................................................................................................................277 35-15 config 802.1x guest vlan..................................................
Page 11
Dgs-3200 series layer 2 gigabit managed switch cli manual xi 36-26 config admin local_enable..............................................................................................................................315 37 ssl c ommand l ist ...........................................................
Page 12
Dgs-3200 series layer 2 gigabit managed switch cli manual xii 40-8 show wac user ...................................................................................................................................................347 40-9 clear wac auth_state .............................................
Page 13
Dgs-3200 series layer 2 gigabit managed switch cli manual xiii 43-1 config bandwidth_control.................................................................................................................................379 43-2 show bandwidth_control ..................................................
Page 14
Dgs-3200 series layer 2 gigabit managed switch cli manual xiv 46-6 show time_range ...............................................................................................................................................421 46-7 create cpu access_profile ..........................................
Page 15
Dgs-3200 series layer 2 gigabit managed switch cli manual 15 i. Introduction the introduction section includes the following chapter: using command line interface..
Page 16
Dgs-3200 series layer 2 gigabit managed switch cli manual 16 1 using command line interface the switch can be managed through the switch’s serial port, telnet, or the web-based management agent. The command line interface (cli) can be used to configure and manage the switch via the serial port or te...
Page 17
Dgs-3200 series layer 2 gigabit managed switch cli manual 17 1-2 setting the switch’s ip address each switch must be assigned its own ip address, which is used for communication with an snmp network manager or other tcp/ip application (for example bootp, tftp). The switch’s default ip address is 10....
Page 18
Dgs-3200 series layer 2 gigabit managed switch cli manual 18 in the above example, the switch was assigned an ip address of 10.24.22.100 with a subnet mask of 255.0.0.0. The system message success indicates that the command was executed successfully. The switch can now be configured and managed via ...
Page 19
Dgs-3200 series layer 2 gigabit managed switch cli manual 19 when entering a command without its required parameters, the cli will prompt you with a next possible completions: message. In this case, the command config account was entered with the parameter . The cli will then prompt to enter the wit...
Page 20
Dgs-3200 series layer 2 gigabit managed switch cli manual 20 in the above example, the command config account was entered without the required parameter , the cli returned the next possible completions: prompt. The up arrow cursor control key was pressed to re-enter the previous command (config acco...
Page 21
Dgs-3200 series layer 2 gigabit managed switch cli manual 21 in the above example, all of the possible next parameters for the show command are displayed. At the next command prompt, the up arrow was used to re-enter the show command, followed by the account parameter. The cli then displays the user...
Page 23
Dgs-3200 series layer 2 gigabit managed switch cli manual 23 ii. Interface and hardware the interface and hardware section includes the following chapter: switch port..
Page 25
Dgs-3200 series layer 2 gigabit managed switch cli manual 25 1000_full 1000_full sets port speed to 1000_full. When setting port speed to 1000_full, user should specify master or slave mode for 1000 base tx interface, and leave the 1000_full without any master or slave setting for other interface. F...
Page 27
Dgs-3200 series layer 2 gigabit managed switch cli manual 27 1 e n a b l e d 1 0 m / f u l l / e n a b l e d e r r - d i s a b l e d e n a b l e d d e s c : p o r t 1 . 2 e n a b l e d 1 0 m / f u l l / e n a b l e d e r r - d i s a b l e d e n a b l e d d e s c : p o r t 2 . 3 e n a b l e d 1 0 m /...
Page 28
Dgs-3200 series layer 2 gigabit managed switch cli manual 28 iii. Fundamentals the fundamentals section includes the following chapters: basic management and utility..
Page 30
Dgs-3200 series layer 2 gigabit managed switch cli manual 30 parameters parameters description admin name of the admin account. User name of the user account. Restrictions you must have administrator privileges. Examples to create the admin-level user “dlink”: d g s - 3 2 0 0 - 1 0 : 4 # c r e a t e...
Page 31
Dgs-3200 series layer 2 gigabit managed switch cli manual 31 description the user account configuration information will be stored in the configuration file, and can be applied to the system later. If the password encryption is enabled, the password will be in encrypted form when it is stored in the...
Page 32
Dgs-3200 series layer 2 gigabit managed switch cli manual 32 restrictions you must have administrator privileges. Examples to disable password encryption d g s - 3 2 0 0 - 1 0 : 4 # d i s a b l e p a s s w o r d e n c r y p t i o n c o m m a n d : d i s a b l e p a s s w o r d e n c r y p t i o n s ...
Page 33
Dgs-3200 series layer 2 gigabit managed switch cli manual 33 restrictions you must have administrator privileges. Examples to configure the user password of “dlink” account : dgs-3200-10:4#config account dlink command: config account dlink enter a old password:**** enter a case-sensitive new passwor...
Page 34
Dgs-3200 series layer 2 gigabit managed switch cli manual 34 example to display the accounts that have been created: d g s - 3 2 0 0 - 1 0 : 4 # s h o w a c c o u n t c o m m a n d : s h o w a c c o u n t c u r r e n t a c c o u n t s : u s e r n a m e a c c e s s l e v e l - - - - - - - - - - - - -...
Page 35
Dgs-3200 series layer 2 gigabit managed switch cli manual 35 d g s - 3 2 0 0 - 1 0 : 4 # d e l e t e a c c o u n t s y s t e m c o m m a n d : d e l e t e a c c o u n t s y s t e m s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 3-7 show session purpose used to display a list of currently logged-in user...
Page 36
Dgs-3200 series layer 2 gigabit managed switch cli manual 36 3-8 show switch purpose used to display the switch information. Format show switch description the show switch command displays the switch information. Parameters none. Restrictions none. Example to display the switch information: d g s - ...
Page 37
Dgs-3200 series layer 2 gigabit managed switch cli manual 37 w e b : e n a b l e d ( t c p 8 0 ) s n m p : e n a b l e d r m o n : d i s a b l e d s s l s t a t u s : d i s a b l e d s s h s t a t u s : d i s a b l e d 8 0 2 . 1 x : d i s a b l e d j u m b o f r a m e : o f f c l i p a g i n g : e n...
Page 38
Dgs-3200 series layer 2 gigabit managed switch cli manual 38 d g s - 3 2 0 0 - 1 6 : 4 # s h o w e n v i r o n m e n t c o m m a n d : s h o w e n v i r o n m e n t s i d e f a n t e m p e r a t u r e ( c e l s i u s ) - - - - - - - - - - - - - - - - - - - - - o k 4 7 n o t e : t h e w a r n i n g t...
Page 39
Dgs-3200 series layer 2 gigabit managed switch cli manual 39 p a r i t y b i t s : n o n e s t o p b i t s : 1 a u t o - l o g o u t : 1 0 m i n s d g s - 3 2 0 0 - 1 0 : 4 # 3-11 config serial_port purpose used to configure the serial bit rate that will be used to communicate with the management ho...
Page 40
Dgs-3200 series layer 2 gigabit managed switch cli manual 40 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 3-12 enable clipaging purpose used to pause the scrolling of the console screen when the show command displays more than one page. Format enable clipaging description the enable clipaging command...
Page 41
Dgs-3200 series layer 2 gigabit managed switch cli manual 41 description the disable clipaging command disables pausing of the screen display when show command output reaches the end of the page. The default setting is enabled. Parameters none. Restrictions you must have administrator privileges. Ex...
Page 42
Dgs-3200 series layer 2 gigabit managed switch cli manual 42 example to enable telnet and configure a port number: d g s - 3 2 0 0 - 1 0 : 4 # e n a b l e t e l n e t 2 3 c o m m a n d : e n a b l e t e l n e t 2 3 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 3-15 disable telnet purpose the switch al...
Page 43
Dgs-3200 series layer 2 gigabit managed switch cli manual 43 use the command to enable http and configure port number. Format enable web { 1-65535>} description the enable web command enables http and configures port number. Parameters parameters description tcp_port_number the tcp port number. Tcp ...
Page 44
Dgs-3200 series layer 2 gigabit managed switch cli manual 44 restrictions you must have administrator privileges. Example to disable http : d g s - 3 2 0 0 - 1 0 : 4 # d i s a b l e w e b c o m m a n d : d i s a b l e w e b s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 3-18 save purpose used to save c...
Page 45
Dgs-3200 series layer 2 gigabit managed switch cli manual 45 d g s - 3 2 0 0 - 1 0 : 4 # d g s - 3 2 0 0 - 1 0 : 4 # s a v e c o n f i g 1 c o m m a n d : s a v e c o n f i g 1 s a v i n g c o n f i g u r a t i o n 1 t o n v - r a m . . . . . . . . . . D o n e . D g s - 3 2 0 0 - 1 0 : 4 # d g s - 3...
Page 46
Dgs-3200 series layer 2 gigabit managed switch cli manual 46 restrictions you must have administrator privileges. Example d g s - 3 2 0 0 - 1 0 : 4 # r e b o o t c o m m a n d : r e b o o t a r e y o u s u r e t o p r o c e e d w i t h t h e s y s t e m r e b o o t ? ( y / n ) p l e a s e w a i t , ...
Page 47
Dgs-3200 series layer 2 gigabit managed switch cli manual 47 d g s - 3 2 0 0 - 1 0 : 4 # r e s e t c o n f i g c o m m a n d : r e s e t c o n f i g a r e y o u s u r e t o p r o c e e d w i t h s y s t e m r e s e t ? ( y / n ) s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # d g s - 3 2 0 0 - 1 0 : 4 #...
Page 48
Dgs-3200 series layer 2 gigabit managed switch cli manual 48 3-22 logout purpose used to log out of the switch. Format logout description when you are finished using the facility, use the logout command to logout. Parameter none. Restrictions none. Example d g s - 3 2 0 0 - 1 0 : 4 # l o g o u t c o...
Page 50
Dgs-3200 series layer 2 gigabit managed switch cli manual 50 parameters parameters description firmware_fromtftp download and install new firmware on the switch from a tftp server. Cfg_fromtftp download a switch configuration file from a tftp server. Ipaddr the ip address of the tftp server. Ipv6add...
Page 52
Dgs-3200 series layer 2 gigabit managed switch cli manual 52 d g s - 3 2 0 0 - 1 0 : 4 # u p l o a d l o g _ t o t f t p 1 0 . 4 8 . 7 4 . 1 2 1 c : \ c f g \ d g s - 3 2 0 0 - 1 0 \ l o g c o m m a n d : u p l o a d l o g _ t o t f t p 1 0 . 4 8 . 7 4 . 1 2 1 c : \ c f g \ d g s - 3 2 0 0 - 1 0 \ l...
Page 53
Dgs-3200 series layer 2 gigabit managed switch cli manual 53 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g f i r m w a r e i m a g e _ i d 1 b o o t _ u p c o m m a n d : c o n f i g f i r m w a r e i m a g e _ i d 1 b o o t _ u p s u c c e s s ! D g s - 3 2 0 0 - 1 0 : 4 # 4-4 config configuration purpos...
Page 54
Dgs-3200 series layer 2 gigabit managed switch cli manual 54 description the show firmware information command displays the firmware information. Parameters none restrictions you must have administrator privileges. Example to show the firmware information: d g s - 3 2 0 0 - 1 0 : 4 # s h o w f i r m...
Page 55
Dgs-3200 series layer 2 gigabit managed switch cli manual 55 description none parameters none restrictions you must have administrator privileges. Example to show the configuration information: d g s - 3 2 0 0 - 1 0 : 4 # s h o w c o n f i g i n f o r m a t i o n c o m m a n d : s h o w c o n f i g ...
Page 56
Dgs-3200 series layer 2 gigabit managed switch cli manual 56 format ping {times } {timeout } description the ping command sends internet control message protocol (icmp) echo messages to a remote ip address. The remote ip address will then “echo” or return the message. This is used to confirm connect...
Page 57
Dgs-3200 series layer 2 gigabit managed switch cli manual 57 4-8 traceroute purpose used to trace the routed path between the switch and a destination endstation. Format traceroute {ttl } {port } {timeout } {probe } description the traceroute command allows you to trace a route between the switch an...
Page 58
Dgs-3200 series layer 2 gigabit managed switch cli manual 58 4-9 telnet purpose used to login a host that supports telnet. Format telnet {tcp_port } description the telnet command logins a host that supports telnet. Parameters parameters description ipaddr the ip address of the host to login. Tcp_po...
Page 59
Dgs-3200 series layer 2 gigabit managed switch cli manual 59 iv. Network management the fundamentals section includes the following chapters: snmpv1/v2, snmpv3, network management, network monitoring, system severity, command list history, modify banner and prompt, time and sntp, jumbo frame, single...
Page 61
Dgs-3200 series layer 2 gigabit managed switch cli manual 61 d g s - 3 2 0 0 - 1 0 : 4 # c r e a t e s n m p c o m m u n i t y s y s t e m r e a d w r i t e c o m m a n d : c r e a t e s n m p c o m m u n i t y s y s t e m r e a d w r i t e s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 5-2 delete snmp...
Page 62
Dgs-3200 series layer 2 gigabit managed switch cli manual 62 format show snmp community description the show snmp community command displays the following information: snmp community strings, view name, and access rights. Parameter parameters description community_string an alphanumeric string of up...
Page 65
Dgs-3200 series layer 2 gigabit managed switch cli manual 65 d g s - 3 2 0 0 - 1 0 : 4 # c r e a t e s n m p u s e r d l i n k d - l i n k _ g r o u p e n c r y p t e d b y _ p a s s w o r d a u t h m d 5 1 2 3 4 5 6 7 8 p r i v d e s 1 2 3 4 5 6 7 8 c o m m a n d : c r e a t e s n m p u s e r d l i...
Page 66
Dgs-3200 series layer 2 gigabit managed switch cli manual 66 6-3 show snmp user purpose used to display information on each snmp username in the group username table. Format show snmp user description the show snmp user command displays information on each snmp username in the group username table. ...
Page 67
Dgs-3200 series layer 2 gigabit managed switch cli manual 67 parameters none. Restrictions you must have administrator privileges. Example d g s - 3 2 0 0 - 1 0 : 4 # s h o w s n m p g r o u p s c o m m a n d : s h o w s n m p g r o u p s v a c m a c c e s s t a b l e s e t t i n g s g r o u p n a m...
Page 68
Dgs-3200 series layer 2 gigabit managed switch cli manual 68 g r o u p n a m e : p r i v a t e r e a d v i e w n a m e : c o m m u n i t y v i e w w r i t e v i e w n a m e : c o m m u n i t y v i e w n o t i f y v i e w n a m e : c o m m u n i t y v i e w s e c u r i t y m o d e l : s n m p v 2 s e...
Page 69
Dgs-3200 series layer 2 gigabit managed switch cli manual 69 w r i t e v i e w n a m e : c o m m u n i t y v i e w n o t i f y v i e w n a m e : c o m m u n i t y v i e w s e c u r i t y m o d e l : s n m p v 1 s e c u r i t y l e v e l : n o a u t h n o p r i v g r o u p n a m e : w r i t e g r o u...
Page 70
Dgs-3200 series layer 2 gigabit managed switch cli manual 70 specify the access type of of the mib tree in this view . Included includes for this view. View_type excluded excluded for this view. Restrictions you must have administrator privileges. Example d g s - 3 2 0 0 - 1 0 : 4 # c r e a t e s n ...
Page 71
Dgs-3200 series layer 2 gigabit managed switch cli manual 71 6-7 show snmp view purpose used to display the snmp view record. Format show snmp view {} description the show snmp view command displays the snmp view record. Parameters parameters description view_name view name of the user who likes to ...
Page 72
Dgs-3200 series layer 2 gigabit managed switch cli manual 72 6-8 create snmp community purpose use an snmp community string to define the relationship between the snmp manager and the agent. The community string acts like a password to permit access to the agent on the switch. You can specify one or...
Page 73
Dgs-3200 series layer 2 gigabit managed switch cli manual 73 6-9 delete snmp community purpose used to remove a specific communtiy string format delete snmp community description the delete snmp community command removes a specific community string. Parameters parameters description community_string...
Page 74
Dgs-3200 series layer 2 gigabit managed switch cli manual 74 restrictions you must have administrator privileges. Example d g s - 3 2 0 0 - 1 0 : 4 # s h o w s n m p c o m m u n i t y c o m m a n d : s h o w s n m p c o m m u n i t y s n m p c o m m u n i t y t a b l e c o m m u n i t y n a m e v i ...
Page 75
Dgs-3200 series layer 2 gigabit managed switch cli manual 75 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g s n m p e n g i n e i d 1 0 2 3 4 5 7 8 9 0 c o m m a n d : c o n f i g s n m p e n g i n e i d 1 0 2 3 4 5 7 8 9 0 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 6-12 show snmp engineid purpose used to...
Page 76
Dgs-3200 series layer 2 gigabit managed switch cli manual 76 description the create snmp group command creates a new snmp group. Parameters parameters description groupname the name of the group. V1 the least secure of the possible security models. V2c the second least secure of the possible securit...
Page 77
Dgs-3200 series layer 2 gigabit managed switch cli manual 77 parameters parameters description groupname the name of the group will be deleted. Restrictions you must have administrator privileges. Example d g s - 3 2 0 0 - 1 0 : 4 # d e l e t e s n m p g r o u p d _ l i n k _ g r o u p c o m m a n d...
Page 78
Dgs-3200 series layer 2 gigabit managed switch cli manual 78 restrictions 2-level administrator 3-level operator example d g s - 3 2 0 0 - 1 0 : 4 # c r e a t e s n m p h o s t 1 0 . 4 8 . 7 4 . 1 0 0 v 3 n o a u t h _ n o p r i v i n i t i a l c o m m a n d : c r e a t e s n m p h o s t 1 0 . 4 8 ....
Page 79
Dgs-3200 series layer 2 gigabit managed switch cli manual 79 6-17 show snmp host purpose used to display the recipient for which the traps are targeted. Format show snmp host { } description the show snmp host command displays the recipient for which the traps are targeted. Parameters parameters des...
Page 80
Dgs-3200 series layer 2 gigabit managed switch cli manual 80 description the show snmp v6host command displays the recipient for which the traps are targeted. Parameters parameters description ipaddr the ip address of the recipient for which the traps are targeted. If no parameters are specified, al...
Page 81
Dgs-3200 series layer 2 gigabit managed switch cli manual 81 description the show snmp traps command is used to show traps state. Parameters none restrictions you must have administrator privileges. Example d g s - 3 2 0 0 - 1 0 : 4 # s h o w s n m p t r a p s c o m m a n d : s h o w s n m p t r a p...
Page 85
Dgs-3200 series layer 2 gigabit managed switch cli manual 85 parameters none. Restrictions none. Example to display a trusted host: d g s - 3 2 0 0 - 1 0 : 4 # s h o w t r u s t e d _ h o s t c o m m a n d : s h o w t r u s t e d _ h o s t m a n a g e m e n t s t a t i o n s i p a d d r r e s s - - ...
Page 86
Dgs-3200 series layer 2 gigabit managed switch cli manual 86 restrictions you must have administrator privileges. Example to configure the switch name for “ d g s - 3 2 0 0 - 1 0 g i g a b i t e t h e r n e t s w i t c h ”: . D g s - 3 2 0 0 - 1 0 : 4 # c o n f i g s n m p s y s t e m _ n a m e d g ...
Page 87
Dgs-3200 series layer 2 gigabit managed switch cli manual 87 7-7 config snmp system_contact purpose used to enter the name of a contact person who is responsible for the switch. Format config snmp system_contact {} description the config snmp system_contact command is used to enter the name and/or o...
Page 88
Dgs-3200 series layer 2 gigabit managed switch cli manual 88 restrictions you must have administrator privileges. Example to enable rmon on the switch: d g s - 3 2 0 0 - 1 0 : 4 # e n a b l e r m o n c o m m a n d : e n a b l e r m o n s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 7-9 disable rmon pur...
Page 89
Dgs-3200 series layer 2 gigabit managed switch cli manual 89 7-10 enable snmp traps purpose used to enable snmp trap support. Format enable snmp traps description the enable snmp traps command is used to enable snmp trap support on the switch. Parameters none. Restrictions you must have administrato...
Page 90
Dgs-3200 series layer 2 gigabit managed switch cli manual 90 example to prevent snmp traps from being sent from the switch: d g s - 3 2 0 0 - 1 0 : 4 # d i s a b l e s n m p t r a p s c o m m a n d : d i s a b l e s n m p t r a p s s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 7-12 enable snmp authent...
Page 91
Dgs-3200 series layer 2 gigabit managed switch cli manual 91 format disable snmp authenticate_traps description the disable snmp authenticate_traps command disables snmp authentication failure trap support. Parameters none. Restrictions you must have administrator privileges. Example to disable snmp...
Page 93
Dgs-3200 series layer 2 gigabit managed switch cli manual 93 restrictions none. Example to display the packets analysis for port 7 d g s - 3 2 0 0 - 1 0 : 4 # s h o w p a c k e t p o r t s 7 c o m m a n d : s h o w p a c k e t p o r t s 7 p o r t n u m b e r : 7 = = = = = = = = = = = = = = = = = = =...
Page 94
Dgs-3200 series layer 2 gigabit managed switch cli manual 94 parameters parameters description portlist specifies a range of ports to be displayed. Restrictions none. Example to display the errors of port 3: d g s - 3 2 0 0 - 1 0 : 4 # s h o w e r r o r p o r t s 3 c o m m a n d : s h o w e r r o r ...
Page 95
Dgs-3200 series layer 2 gigabit managed switch cli manual 95 restrictions none. Example to display the ports utilization: d g s - 3 2 0 0 - 1 0 : 4 # s h o w u t i l i z a t i o n p o r t s c o m m a n d : s h o w u t i l i z a t i o n p o r t s p o r t t x / s e c r x / s e c u t i l - - - - - - - ...
Page 96
Dgs-3200 series layer 2 gigabit managed switch cli manual 96 description the clear counters command clears the switch’s statistics counters. Parameters parameters description portlist specifies a range of ports to be configured. The beginning and end of the port list range are separated by a dash. I...
Page 97
Dgs-3200 series layer 2 gigabit managed switch cli manual 97 d g s - 3 2 0 0 - 1 0 : 4 # c l e a r l o g c o m m a n d : c l e a r l o g s u c c e s s d g s - 3 2 0 0 - 1 0 : 4 # 8-6 show log purpose used to display the switch history log. Format show log {index } description the show log command di...
Page 98
Dgs-3200 series layer 2 gigabit managed switch cli manual 98 8-7 enable syslog purpose used to enable syslog to send a message. Format enable syslog description the enable syslog command enables syslog to send a message. Parameters none. Restrictions you must have administrator privileges. Examples ...
Page 99
Dgs-3200 series layer 2 gigabit managed switch cli manual 99 examples to disable syslog sending a message: d g s - 3 2 0 0 - 1 0 : 4 # d i s a b l e s y s l o g c o m m a n d : d i s a b l e s y s l o g s u c c e s s d g s - 3 2 0 0 - 1 0 : 4 # 8-9 show syslog purpose used to display the syslog prot...
Page 101
Dgs-3200 series layer 2 gigabit managed switch cli manual 101 example d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g s y s l o g h o s t a l l s e v e r i r y a l l f a c i l i t y l o c a l 0 c o m m a n d : c o n f i g s y s l o g h o s t a l l s e v e r i r y a l l f a c i l i t y l o c a l 0 s u c c e ...
Page 102
Dgs-3200 series layer 2 gigabit managed switch cli manual 102 local5 user-defined facility local6 user-defined facility local7 user-defined facility udp_port the udp port number. Ipaddr the ip address of the host. State the syslog protocol has been used for the transmission of event notification mes...
Page 103
Dgs-3200 series layer 2 gigabit managed switch cli manual 103 example d g s - 3 2 0 0 - 1 0 : 4 # d e l e t e s y s l o g h o s t 4 c o m m a n d : d e l e t e s y s l o g h o s t 4 s u c c e s s d g s - 3 2 0 0 - 1 0 : 4 # 8-13 show syslog host purpose used to display syslog host configurations. Fo...
Page 105
Dgs-3200 series layer 2 gigabit managed switch cli manual 105 description showsthemethod to save log. Parameters none. Restrictions none. Example to show the timing method of the log save. D g s - 3 2 0 0 - 1 0 : 4 # show log_save_timing command: show log_save_timing saving log method: on_demand d g...
Page 107
Dgs-3200 series layer 2 gigabit managed switch cli manual 107 9-2 show system_severity purpose to show the severity level control for a system. Format show system_severity description use this command to show severity level control for a system. Parameters none. Restrictions none. Examples to show t...
Page 108
Dgs-3200 series layer 2 gigabit managed switch cli manual 108 10 command list history command list ? Show command_history dir config command_history 10-1 ? Purpose used to display all commands in the command line interface (cli). Format ? {command} description the ? Command will display all of the c...
Page 109
Dgs-3200 series layer 2 gigabit managed switch cli manual 109 c l e a r f d b c l e a r l o g c l e a r p o r t _ s e c u r i t y _ e n t r y p o r t c o n f i g 8 0 2 . 1 p d e f a u l t _ p r i o r i t y c o n f i g 8 0 2 . 1 p u s e r _ p r i o r i t y c o n f i g 8 0 2 . 1 x a u t h _ m o d e c ...
Page 110
Dgs-3200 series layer 2 gigabit managed switch cli manual 110 d g s - 3 2 0 0 - 1 0 : 4 # s h o w c o m m a n d _ h i s t o r y c o m m a n d : s h o w c o m m a n d _ h i s t o r y ? ? S h o w t r a f f i c _ s e g m e n t a t i o n 1 - 6 c o n f i g t r a f f i c _ s e g m e n t a t i o n 1 - 6 f ...
Page 111
Dgs-3200 series layer 2 gigabit managed switch cli manual 111 example to display all commands: d g s - 3 2 0 0 - 1 0 : 4 # d i r c o m m a n d : d i r . . ? A d d p o r t _ s e c u r i t y _ e n t r y v l a n _ n a m e c l e a r c l e a r a r p t a b l e c l e a r c o u n t e r s c l e a r f d b c l...
Page 112
Dgs-3200 series layer 2 gigabit managed switch cli manual 112 description the config command_history command lets you cofigure the number of commands that the switch can recall. Parameters parameters description value the number of commands (1-40) that the switch can recall. Restrictions none. Examp...
Page 114
Dgs-3200 series layer 2 gigabit managed switch cli manual 114 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = t h i s i s a d g s - 3 2 0 0 - 1 0 s w i t c h . = = = = = = = = = = = = = = = ...
Page 115
Dgs-3200 series layer 2 gigabit managed switch cli manual 115 description users may enter this command to modify the command prompt. The current command prompt consists of four parts: “product name” + “:” + ”user level” + ”#” (e.G. “dgs-3200-10:4#”). This command is used to modify the first part (1....
Page 117
Dgs-3200 series layer 2 gigabit managed switch cli manual 117 parameters parameters description primary the sntp primary server ip address. Secondary the sntp secondary server ip address. Poll-interval the polling interval range is between 30 and 99999 seconds. Restrictions you must have administrat...
Page 118
Dgs-3200 series layer 2 gigabit managed switch cli manual 118 d g s - 3 2 0 0 - 1 0 : 4 # s h o w s n t p c o m m a n d : s h o w s n t p c u r r e n t t i m e s c o u r c e : s y s t e m c l o c k s n t p : d i s a b l e d s n t p p r i m a r y s e r v e r : 1 0 . 1 . 1 . 1 s n t p s e c o n d a r ...
Page 119
Dgs-3200 series layer 2 gigabit managed switch cli manual 119 format disable sntp description the disable sntp command turns off sntp support. Parameters none. Restrictions you must have administrator privileges. Example to disable sntp: d g s - 3 2 0 0 - 1 0 : 4 # d i s a b l e s n t p c o m m a n ...
Page 120
Dgs-3200 series layer 2 gigabit managed switch cli manual 120 example to configure time: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g t i m e 3 0 j u n 2 0 0 3 1 6 : 3 0 : 3 0 c o m m a n d : c o n f i g t i m e 3 0 j u n 2 0 0 3 1 6 : 3 0 : 3 0 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 12-6 config tim...
Page 121
Dgs-3200 series layer 2 gigabit managed switch cli manual 121 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g t i m e _ z o n e o p e r a t o r + h o u r 2 m i n 3 0 c o m m a n d : c o n f i g t i m e _ z o n e o p e r a t o r + h o u r 2 m i n 3 0 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 12-7 config ds...
Page 122
Dgs-3200 series layer 2 gigabit managed switch cli manual 122 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g d s t r e p e a t i n g s _ w e e k 2 s _ d a y t u e s _ m t h 4 s _ t i m e 1 5 : 0 0 e _ w e e k 2 e _ d a y w e d e _ m t h 1 0 e _ t i m e 1 5 : 3 0 o f f s e t 3 0 c o m m a n d : c o n f i g ...
Page 123
Dgs-3200 series layer 2 gigabit managed switch cli manual 123 13 jumbo frame command list enable jumbo_frame disable jumbo_frame show jumbo_frame 13-1 enable jumbo_frame purpose use the command to enable support of jumbo frames. Format enable jumbo_frame description the enable jumbo_frame command en...
Page 124
Dgs-3200 series layer 2 gigabit managed switch cli manual 124 description the disable jumbo_frame command disables support of jumbo frames. Parameters none. Restrictions you must have administrator privileges. Example to disable jumbo frames: d g s - 3 2 0 0 - 1 0 : 4 # d i s a b l e j u m b o _ f r...
Page 125
Dgs-3200 series layer 2 gigabit managed switch cli manual 125 d g s - 3 2 0 0 - 1 0 : 4 # s h o w j u m b o _ f r a m e c o m m a n d : s h o w j u m b o _ f r a m e j u m b o f r a m e s t a t e : d i s a b l e d m a x i m u m f r a m e s i z e : 1 5 3 6 b y t e s d g s - 3 2 0 0 - 1 0 : 4 #.
Page 127
Dgs-3200 series layer 2 gigabit managed switch cli manual 127 d g s - 3 2 0 0 - 1 0 : 4 # e n a b l e s i m c o m m a n d : e n a b l e s i m s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 14-2 disable sim purpose used to disable single ip management on the switch. Format disable sim description the di...
Page 128
Dgs-3200 series layer 2 gigabit managed switch cli manual 128 description the show sim command displays the information of the specific sorts of devices including of self, candidate, member, group, and neighbor. Parameters parameters description candidates specifies the candidate devices. Members sp...
Page 129
Dgs-3200 series layer 2 gigabit managed switch cli manual 129 d g s - 3 2 0 0 - 1 0 : 4 # s h o w s i m c a n d i d a t e c o m m a n d : s h o w s i m c a n d i d a t e i d m a c a d d r e s s p l a t f o r m / h o l d f i r m w a r e d e v i c e n a m e c a p a b i l i t y t i m e v e r s i o n - ...
Page 130
Dgs-3200 series layer 2 gigabit managed switch cli manual 130 d g s - 3 2 0 0 - 1 0 : 4 # s h o w s i m g r o u p c o m m a n d : s h o w s i m g r o u p s i m g r o u p n a m e : d e f a u l t i d m a c a d d r e s s p l a t f o r m / h o l d f i r m w a r e d e v i c e n a m e c a p a b i l i t y ...
Page 132
Dgs-3200 series layer 2 gigabit managed switch cli manual 132 parameters parameters description candidate_id add a specific candidate to group. Password the password of candidate if necessary. Member_id remove a specific member from group. Restrictions you must have administrator privilege. Examples...
Page 134
Dgs-3200 series layer 2 gigabit managed switch cli manual 134 to update name of group: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g s i m c o m m a n d e r g r o u p _ n a m e m y g r o u p c o m m a n d : c o n f i g s i m c o m m a n d e r g r o u p _ n a m e m y g r o u p s u c c e s s . D g s - 3 2 0...
Page 135
Dgs-3200 series layer 2 gigabit managed switch cli manual 135 parameters parameters description ipaddr specifes the ipaddress of tftp server. Path_filename specifes the file path of firmware of configuration in tftp server. Members specifies a range of members which download this firmware or configu...
Page 136
Dgs-3200 series layer 2 gigabit managed switch cli manual 136 i d m a c a d d r e s s r e s u l t - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1 0 0 - 0 1 - 0 2 - 0 3 - 0 4 - 0 0 s u c c e s s 2 0 0 - 0 7 - 0 6 - 0 5 - 0 4 - 0 3 f a i l 3 0 0 - 0 7 - 0 6 - 0 5 - 0 4 - 0 3 ...
Page 138
Dgs-3200 series layer 2 gigabit managed switch cli manual 138 rising config utilization rising threshold , the range is between 20%-100% , if the cpu utilization is over the rising threshold, the switch enters exhausted mode. Falling config utilization falling threshold , the range is between 20%-10...
Page 139
Dgs-3200 series layer 2 gigabit managed switch cli manual 139 examples to show safeguard engine information: d g s - 3 2 0 0 - 1 0 : 4 #show safeguard_engine command: show safeguard_engine safeguard engine state : enabled safeguard engine current status : exhausted mode =============================...
Page 140
Dgs-3200 series layer 2 gigabit managed switch cli manual 140 v. Layer 2 the layer 2 section includes the following chapters: mstp, fdb, mac notification, mirror, vlan/protocol vlan, link aggregation, lacp configuration, traffic segmentation, port security, and static mac-based vlan..
Page 142
Dgs-3200 series layer 2 gigabit managed switch cli manual 142 description the show stp command is used to show the bridge parameters global settings. Parameters none. Restrictions none. Examples to show stp: d g s - 3 2 0 0 - 1 0 : 4 # s h o w s t p c o m m a n d : s h o w s t p s t p b r i d g e g ...
Page 143
Dgs-3200 series layer 2 gigabit managed switch cli manual 143 parameters description instance mstp instance id. Instance 0 represents the default instance: cist. The bridge supports a total 16 instance(0-15)at most. Restrictions none. Examples to show stp instances: d g s - 3 2 0 0 - 1 0 : 4 # s h o...
Page 144
Dgs-3200 series layer 2 gigabit managed switch cli manual 144 format show stp ports {} description this command displays each port's parameter settings. If the portlist is not input, all ports will be shown. If there are multi instances on this bridge, the parameters of the port on different instanc...
Page 145
Dgs-3200 series layer 2 gigabit managed switch cli manual 145 format show stp mst_config_id description show the three elements of the mst configuration identification, including configuration name, revision level, and the mst configuration table. The default configuration name is the mac address of...
Page 146
Dgs-3200 series layer 2 gigabit managed switch cli manual 146 description to create a new mst instance independent from the default instance: cist(instance 0). After creating the mst instance, you need to configure the vlans(using commands in 47-7), or the newly created mst instance will still be in...
Page 147
Dgs-3200 series layer 2 gigabit managed switch cli manual 147 restrictions you must have administrator privilege. Examples to delete an mstp instance: d g s - 3 2 0 0 - 1 0 : 4 # d e l e t e s t p i n s t a n c e _ i d 2 c o m m a n d : d e l e t e s t p i n s t a n c e _ i d 2 s u c c e s s . D g s...
Page 148
Dgs-3200 series layer 2 gigabit managed switch cli manual 148 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g s t p i n s t a n c e _ i d 2 a d d _ v l a n 1 t o 3 c o m m a n d : c o n f i g s t p i n s t a n c e _ i d 2 a d d _ v l a n 1 t o 3 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # to remove a vlan i...
Page 149
Dgs-3200 series layer 2 gigabit managed switch cli manual 149 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g s t p m s t _ c o n f i g _ i d n a m e r & d _ b l o c k g r e v i s i o n _ l e v e l 1 c o m m a n d s : c o n f i g s t p m s t _ c o n f i g _ i d n a m e r & d _ b l o c k g r e v i s i o n _ ...
Page 150
Dgs-3200 series layer 2 gigabit managed switch cli manual 150 format disable stp description to disable stp functionality in every existing instance. Parameters none. Restrictions you must have administrator privilege. Examples to disable stp: d g s - 3 2 0 0 - 1 0 : 4 # d i s a b l e s t p c o m m ...
Page 151
Dgs-3200 series layer 2 gigabit managed switch cli manual 151 restrictions you must have administrator privilege. Examples to configure the stp version: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g s t p v e r s i o n m s t p c o m m a n d : c o n f i g s t p v e r s i o n m s t p s u c c e s s . D g s -...
Page 152
Dgs-3200 series layer 2 gigabit managed switch cli manual 152 examples to configure the stp instance id: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g s t p p r i o r i t y 6 1 4 4 0 i n s t a n c e _ i d 0 c o m m a n d : c o n f i g s t p p r i o r i t y 6 1 4 4 0 i n s t a n c e _ i d 0 s u c c e s s ....
Page 153
Dgs-3200 series layer 2 gigabit managed switch cli manual 153 examples to config stp: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g s t p m a x a g e 2 5 c o m m a n d : c o n f i g s t p m a x a g e 2 5 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 16-14 config stp ports purpose used to configure the ports...
Page 154
Dgs-3200 series layer 2 gigabit managed switch cli manual 154 state decides if this port supports the stp functionality. Restricted_role decides if this port is to be selected as root port or not. The default value is false. Restricted_tcn decides if this port is to to propagate a topology change or...
Page 155
Dgs-3200 series layer 2 gigabit managed switch cli manual 155 instance_id instance = 0 represents cist, instance from 1 to 15 represents msti 1 - msti 15 . Internal_cost the port path cost used in mstp. Priority the port priority. Restrictions you must have administrator privilege. Examples to confi...
Page 157
Dgs-3200 series layer 2 gigabit managed switch cli manual 157 d g s - 3 2 0 0 - 1 0 : 4 # c r e a t e f d b d e f a u l t 0 0 - 0 0 - 0 0 - 0 0 - 0 1 - 0 2 p o r t 5 c o m m a n d : c r e a t e f d b d e f a u l t 0 0 - 0 0 - 0 0 - 0 0 - 0 1 - 0 2 p o r t 5 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 ...
Page 159
Dgs-3200 series layer 2 gigabit managed switch cli manual 159 parameters description aging_time specifies the time, in seconds, that a dynamically learned mac address will remain in the switch’s mac address forwarding table, without being accessed, before being dropped from the database. The range o...
Page 160
Dgs-3200 series layer 2 gigabit managed switch cli manual 160 restrictions you must have administrator privileges. Examples to configure the the multicast packet filtering mode for all vlan: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g m u l t i c a s t v l a n _ f i l t e r i n g _ m o d e a l l f o r w...
Page 162
Dgs-3200 series layer 2 gigabit managed switch cli manual 162 description the show multicast_fdb command displays the contents of the switch’s multicast forwarding database. Parameters parameters description vlan_name 32 the name of the vlan on which the mac address resides. The maximum length is 32...
Page 163
Dgs-3200 series layer 2 gigabit managed switch cli manual 163 parameters parameters description port displays the entries for one port. Vlan_name 32 displays the entries for a specific vlan. Static displays all permanent entries. Aging_time displays the unicast mac address aging time. If no paramete...
Page 164
Dgs-3200 series layer 2 gigabit managed switch cli manual 164 parameters parameters description vidlist displays the entries by vlan id list. Vlan_name 32 displays the entries for a specific vlan. Restrictions none. Examples to show multicast filtering mode for ports: d g s - 3 2 0 0 - 1 0 : 4 # s h...
Page 166
Dgs-3200 series layer 2 gigabit managed switch cli manual 166 description disable global mac address table notification on the switch. Parameters none. Restrictions you must have administrator privileges. Examples to disable the mac notification function: d g s - 3 2 0 0 - 1 0 : 4 # disable mac_noti...
Page 167
Dgs-3200 series layer 2 gigabit managed switch cli manual 167 d g s - 3 2 0 0 - 1 0 : 4 # config mac_notification interval 1 historysize 500 command: config mac_notification interval 1 historysize 500 success. D g s - 3 2 0 0 - 1 0 : 4 # 18-4 config mac_notification ports purpose used to configure t...
Page 168
Dgs-3200 series layer 2 gigabit managed switch cli manual 168 format show mac_notification description used to display the switch’s mac address table notification global settings. Parameters none. Restrictions none. Examples to show the switch’s mac address table notification global settings: d g s ...
Page 169
Dgs-3200 series layer 2 gigabit managed switch cli manual 169 restrictions none. Examples to display the mac address table notification status settings of all ports: d g s - 3 2 0 0 - 1 0 : 4 # show mac_notification ports command: show mac_notification ports port # mac address table notification sta...
Page 171
Dgs-3200 series layer 2 gigabit managed switch cli manual 171 examples to add mirroring ports: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g m i r r o r p o r t 6 a d d s o u r c e p o r t s 1 - 5 b o t h c o m m a n d : c o n f i g m i r r o r p o r t 6 a d d s o u r c e p o r t s 1 - 5 b o t h s u c c e...
Page 172
Dgs-3200 series layer 2 gigabit managed switch cli manual 172 19-3 disable mirror purpose used to disable a previously entered port mirroring configuration. Format disable mirror description this command, combined with the enable mirror command above, allows you to enter a port mirroring configurati...
Page 173
Dgs-3200 series layer 2 gigabit managed switch cli manual 173 restrictions none. Examples to display mirroring configuration: d g s - 3 2 0 0 - 1 0 : 4 # s h o w m i r r o r c o m m a n d : s h o w m i r r o r c u r r e n t s e t t i n g s m i r r o r s t a t u s : d i s a b l e d t a r g e t p o r ...
Page 175
Dgs-3200 series layer 2 gigabit managed switch cli manual 175 parameters parameters description vlan_name the name of the vlan to be created. Vlan vlanid the vlan id of the vlan to be created. Tag the vlan id of the vlan to be created. The range is from 2 to 4094. Advertisement specifies the vlan as...
Page 176
Dgs-3200 series layer 2 gigabit managed switch cli manual 176 restrictions you must have administrator privileges. Examples to remove a vlan v1: d g s - 3 2 0 0 - 1 0 : 4 # d e l e t e v l a n v 1 c o m m a n d : d e l e t e v l a n v 1 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 20-3 config vlan ad...
Page 177
Dgs-3200 series layer 2 gigabit managed switch cli manual 177 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g v l a n v 1 a d d t a g g e d 4 - 8 c o m m a n d : c o n f i g v l a n v 1 a d d t a g g e d 4 - 8 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 20-4 config vlan delete ports purpose used to delete o...
Page 179
Dgs-3200 series layer 2 gigabit managed switch cli manual 179 parameter parameters description portlist a range of ports for which you want ingress checking. The beginning and end of the port list range are separated by a dash. State enables or disables gvrp for the ports specified in the port list....
Page 180
Dgs-3200 series layer 2 gigabit managed switch cli manual 180 parameter none. Restrictions you must have administrator privileges. Example to enable the generic vlan registration protocol (gvrp): d g s - 3 2 0 0 - 1 0 : 4 # e n a b l e g v r p c o m m a n d : e n a b l e g v r p s u c c e s s . D g ...
Page 182
Dgs-3200 series layer 2 gigabit managed switch cli manual 182 d g s - 3 2 0 0 - 1 0 : 4 # s h o w v l a n p o r t s 1 - 2 c o m m a n d : s h o w v l a n p o r t s 1 - 2 p o r t v i d u n t a g g e d t a g g e d d y n a m i c f o r b i d d e n - - - - - - - - - - - - - - - - - - - - - - - - - - - - ...
Page 183
Dgs-3200 series layer 2 gigabit managed switch cli manual 183 3 2 e n a b l e d e n a b l e d o n l y v l a n - t a g g e d f r a m e s 4 2 e n a b l e d e n a b l e d o n l y v l a n - t a g g e d f r a m e s 5 2 e n a b l e d e n a b l e d o n l y v l a n - t a g g e d f r a m e s 6 1 d i s a b l ...
Page 184
Dgs-3200 series layer 2 gigabit managed switch cli manual 184 20-12 disable pvid auto_assign purpose disable auto assignment of pvid. Format disable pvid auto_assign description the command disables the auto-assignment of pvid. If “auto-assign pvid” is disabled, pvid can only be changed by pvid conf...
Page 185
Dgs-3200 series layer 2 gigabit managed switch cli manual 185 description this command displays the pvid auto-assign state. Parameters none. Restrictions user level example to display pvid auto-assignment state. D g s - 3 2 0 0 - 1 0 : : 4 # s h o w p v i d a u t o _ a s s i g n p v i d a u t o - a ...
Page 187
Dgs-3200 series layer 2 gigabit managed switch cli manual 187 for example: the auto-generated name for group id 1 is “protocolgroup1”. If this name already exists, then protocolgroup1alt1 will be used instead. Restrictions you must have administrator privileges. 21-2 config dot1v_protocol_group add ...
Page 189
Dgs-3200 series layer 2 gigabit managed switch cli manual 189 parameters description group_id specifies the group id to be deleted. Group_name the name of the protocol group. Restrictions you must have administrator privileges. 21-5 show dot1v_protocol_group purpose display the protocols defined in ...
Page 190
Dgs-3200 series layer 2 gigabit managed switch cli manual 190 parameters parameters description portlist specifies a range of ports to apply this command. Group_id group id of the protocol group. Group_name the name of the protocol group. Vlan vlan that is to be associated with this protocol group o...
Page 192
Dgs-3200 series layer 2 gigabit managed switch cli manual 192 22-2 delete link_aggregation group_id purpose used to delete a previously configured link aggregation group. Format delete link_aggregation group_id description the delete link_aggregation group_id command is used to delete a previously c...
Page 193
Dgs-3200 series layer 2 gigabit managed switch cli manual 193 parameters parameters description group_id specifies the group id. The group number identifies each of the groups. The switch allows up to five link aggregation groups to be configured. Master_port the master port id. Specifies which port...
Page 194
Dgs-3200 series layer 2 gigabit managed switch cli manual 194 parameters parameters description mac_source_dest indicates that the switch should examine the mac source and destination address. Ip_source_dest indicates that the switch should examine the ip source and destination address. Restrictions...
Page 195
Dgs-3200 series layer 2 gigabit managed switch cli manual 195 restrictions none. Example link aggregation group enabled: d g s - 3 2 0 0 - 1 0 : 4 # s h o w l i n k _ a g g r e g a t i o n c o m m a n d : s h o w l i n k _ a g g r e g a t i o n l i n k a g g r e g a t i o n a l g o r i t h m = m a c...
Page 197
Dgs-3200 series layer 2 gigabit managed switch cli manual 197 description the display per-port lacp mode. Parameters parameters description portlist specified a range of ports to be configured. If no parameter is specified, the system will display current lacp and all port status. Restrictions none....
Page 199
Dgs-3200 series layer 2 gigabit managed switch cli manual 199 24-2 show traffic_segmentation purpose used to display current traffic segmentation table. Format show traffic_segmentation {} description the show traffic_segmentation command displays current traffic segmentation table. Parameters param...
Page 201
Dgs-3200 series layer 2 gigabit managed switch cli manual 201 deleteontimeout the locked addresses can be aged out after aging timer expire deleteonreset never age out the locked addresses unless restart the system to prevent from port movement or intrusion. Restrictions you must have administrator ...
Page 202
Dgs-3200 series layer 2 gigabit managed switch cli manual 202 restrictions you must have administrator privileges. Examples to delete a default route from the routing table: d g s - 3 2 0 0 - 1 0 : 4 # delete port_security_entry vlan_name default mac_address 00-01-30-10-2c-c7 port 6 command: delete ...
Page 203
Dgs-3200 series layer 2 gigabit managed switch cli manual 203 25-4 show port_security purpose used to display the port security related information of the switch ports. Format show port_security {ports } description the show port_security command displays the port security related information of the...
Page 204
Dgs-3200 series layer 2 gigabit managed switch cli manual 204 format enable port_security trap_log description when the port_security trap is enabled, if there's a new mac that violates the pre-defined port security configuration, a trap will be sent out with the info of the mac and port, and the re...
Page 205
Dgs-3200 series layer 2 gigabit managed switch cli manual 205 d g s - 3 2 0 0 - 1 0 : 4 # d i s a b l e p o r t _ s e c u r i t y t r a p _ l o g c o m m a n d : d i s a b l e p o r t _ s e c u r i t y t r a p _ l o g s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 #.
Page 206
Dgs-3200 series layer 2 gigabit managed switch cli manual 206 26 static mac-based vlan command list create mac_based_vlan mac_address vlan delete mac_based_vlan {mac_address vlan } show mac_based_vlan {mac_address vlan } 26-1 create mac_based_vlan purpose used to create a static mac-based vlan entry...
Page 207
Dgs-3200 series layer 2 gigabit managed switch cli manual 207 description user use this command to delete a database entry. If the mac address and vlan are not specified, all static entries associated with the port will be removed. Parameters parameters description mac_address the mac address. Vlan ...
Page 208
Dgs-3200 series layer 2 gigabit managed switch cli manual 208 vi. Ip the ip section includes the following chapters: basic ip, auto config, routing table, arp, and loopback detection..
Page 210
Dgs-3200 series layer 2 gigabit managed switch cli manual 210 restrictions you must have administrator privileges. Examples to configure the system ip interface: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g i p i f s y s t e m v l a n v 1 c o m m a n d : c o n f i g i p i f s y s t e m v l a n v 1 s u c ...
Page 211
Dgs-3200 series layer 2 gigabit managed switch cli manual 211 d g s - 3 2 0 0 - 1 0 : 4 # c r e a t e i p i f i p v l a n 2 c o m m a n d : c r e a t e i p i f i p i f i p v l a n 2 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 27-3 delete ipif purpose used to delete an interface or an ipv6 address. ....
Page 213
Dgs-3200 series layer 2 gigabit managed switch cli manual 213 parameters parameters description ipif_name the name of the interface. All all the ip interface restrictions you must have administrator privileges. Examples to disable the state for an interface. Dgs-3200-10:4#disable ipif interface1 com...
Page 214
Dgs-3200 series layer 2 gigabit managed switch cli manual 214 d g s - 3 2 0 0 - 1 0 : 4 # s h o w i p i f c o m m a n d : s h o w i p i f i p i n t e r f a c e s e t t i n g s i p i n t e r f a c e : s y s t e m i p a d d r e s s : 1 0 . 9 0 . 9 0 . 9 0 ( m a n u a l ) s u b n e t m a s k : 2 5 5 . ...
Page 215
Dgs-3200 series layer 2 gigabit managed switch cli manual 215 restrictions you must have administrator privileges. Examples enable the automatic configuration of link local address for an interface. Dgs-3200-10:4#enable ipif_ipv6_link_local_auto interface1 command: enable ipif_ipv6_link_local_auto i...
Page 216
Dgs-3200 series layer 2 gigabit managed switch cli manual 216 27-9 show ipif_ipv6_link_local_auto purpose to display the link local address automatic configuration state. Format show ipif_ipv6_link_local_auto {} description use this command to display the link local address automatic configuration s...
Page 217
Dgs-3200 series layer 2 gigabit managed switch cli manual 217 28 auto config command list show autoconfig enable autoconfig disable autoconfig 28-1 show autoconfig purpose used to show dhcp auto configuration status. Format show autoconfig description show dhcp auto configuration status. Restriction...
Page 218
Dgs-3200 series layer 2 gigabit managed switch cli manual 218 restrictions administrator level. Example to enable dhcp auto configuration status: d g s - 3 2 0 0 - 1 0 : 4 # e n a b l e a u t o c o n f i g c o m m a n d : e n a b l e a u t o c o n f i g s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 28...
Page 220
Dgs-3200 series layer 2 gigabit managed switch cli manual 220 29-2 delete iproute default purpose used to delete a default ip route entry. Format delete iproute default description the delete iproute default command deletes a default route entry. Parameters none. Restrictions you must have administr...
Page 221
Dgs-3200 series layer 2 gigabit managed switch cli manual 221 restrictions none. Examples to display the contents of the ip routing table: d g s - 3 2 0 0 - 1 0 : 4 # s h o w i p r o u t e c o m m a n d : s h o w i p r o u t e r o u t i n g t a b l e i p a d d r e s s / n e t m a s k g a t e w a y i...
Page 222
Dgs-3200 series layer 2 gigabit managed switch cli manual 222 restrictions you must have administrator privileges. Examples dgs-3200-10:4#create ipv6route default system fec0::5 command: create ipv6route default system fec0::5 success. Dgs-3200-10:4# 29-5 delete ipv6route purpose to delete an ipv6 s...
Page 223
Dgs-3200 series layer 2 gigabit managed switch cli manual 223 29-6 show ipv6route purpose to display ipv6 routes. Format show ipv6route description used to display ipv6 routes. Parameters none. Restrictions none. Examples to display an ipv6 route: dgs-3200-10:4#show ipv6route command: show ipv6route...
Page 226
Dgs-3200 series layer 2 gigabit managed switch cli manual 226 mac address of the entry. Parameters parameters description ipaddr the ip address of the end node or station. Macaddr the mac address corresponding to the ip address above. Restrictions you must have administrator privileges. Examples to ...
Page 227
Dgs-3200 series layer 2 gigabit managed switch cli manual 227 examples to configure the arp aging time: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g a r p _ a g i n g t i m e 3 0 c o m m a n d : c o n f i g a r p _ a g i n g t i m e 3 0 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 30-5 show arpentry purpo...
Page 228
Dgs-3200 series layer 2 gigabit managed switch cli manual 228 d g s - 3 2 0 0 - 1 0 : 4 # s h o w a r p e n t r y c o m m a n d : s h o w a r p e n t r y a r p a g i n g t i m e : 2 0 i n t e r f a c e i p a d d r e s s m a c a d d r e s s t y p e - - - - - - - - - - - - - - - - - - - - - - - - - - ...
Page 230
Dgs-3200 series layer 2 gigabit managed switch cli manual 230 restriction you must have administrator privileges. Examples to set a recover time of 0 and an interval of 20 in vlan-based mode: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g loopdetect r e c o v e r _ t i m e r 0 i n t e r v a l 2 0 v l a n -...
Page 231
Dgs-3200 series layer 2 gigabit managed switch cli manual 231 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g loopdetect p o r t s 1 - 5 s t a t e e n a b l e c o m m a n d : c o n f i g loopdetect p o r t s 1 - 5 s t a t e e n a b l e s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 31-3 enable loopdetect purpo...
Page 232
Dgs-3200 series layer 2 gigabit managed switch cli manual 232 description the disable loopdetect command allows the loop detection function to be globally disabled on the switch. The default value is enabled. Parameters none. Restrictions you must have administrator privileges. Examples to disable l...
Page 233
Dgs-3200 series layer 2 gigabit managed switch cli manual 233 d g s - 3 2 0 0 - 1 0 : 4 # s h o w loopdetect c o m m a n d : s h o w loopdetect l b d g l o b a l s e t t i n g s - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - l b d s t a t u s : e n a b l e d l b d i n t e r v a ...
Page 234
Dgs-3200 series layer 2 gigabit managed switch cli manual 234 d g s - 3 2 0 0 - 1 0 : 4 # s h o w loopdetect p o r t s 1 - 9 c o m m a n d : s h o w loopdetect p o r t s 1 - 9 p o r t l o o p d e t e c t s t a t e l o o p s t a t u s - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ...
Page 235
Dgs-3200 series layer 2 gigabit managed switch cli manual 235 vii. Multicast the multicast section includes the following chapters: igmp snooping, mld snooping, and limited multicast ip address..
Page 237
Dgs-3200 series layer 2 gigabit managed switch cli manual 237 switch’s can be a member of a multicast group without the switch receiving a host membership report. The default is 260 seconds. Leave_timer leave timer. The default setting is 2. State enable or disable igmp snooping for the chosen vlan....
Page 238
Dgs-3200 series layer 2 gigabit managed switch cli manual 238 query_interval specifies the amount of time in seconds between general query transmissions. The default setting is 125 seconds.. Max_reponse_time the maximum time in seconds to wait for reports from members. The default setting is 10 seco...
Page 239
Dgs-3200 series layer 2 gigabit managed switch cli manual 239 restrictions you must have administrator privileges. Examples to configure the igmp snooping querier: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g i g m p _ s n o o p i n g q u e r i e r d e f a u l t q u e r y _ i n t e r v a l 1 2 5 s t a t ...
Page 240
Dgs-3200 series layer 2 gigabit managed switch cli manual 240 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g r o u t e r _ p o r t s d e f a u l t a d d 1 - 1 0 c o m m a n d : c o n f i g r o u t e r _ p o r t s d e f a u l t a d d 1 - 1 0 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 32-4 config router_por...
Page 241
Dgs-3200 series layer 2 gigabit managed switch cli manual 241 32-5 enable igmp_snooping purpose used to enable igmp snooping on the switch. Format enable igmp_snooping description the enable igmp_snooping command allows you to enable igmp snooping on the switch. Parameters none. Restrictions you mus...
Page 242
Dgs-3200 series layer 2 gigabit managed switch cli manual 242 restrictions you must have administrator privileges. Examples to disable igmp snooping on the switch: d g s - 3 2 0 0 - 1 0 : 4 # d i s a b l e i g m p _ s n o o p i n g c o m m a n d : d i s a b l e i g m p _ s n o o p i n g s u c c e s ...
Page 243
Dgs-3200 series layer 2 gigabit managed switch cli manual 243 d g s - 3 2 0 0 - 1 0 : 4 # s h o w i g m p _ s n o o p i n g c o m m a n d : s h o w i g m p _ s n o o p i n g i g m p s n o o p i n g g l o b a l s t a t e : d i s a b l e d v l a n n a m e : d e f a u l t q u e r y i n t e r v a l : 1 ...
Page 244
Dgs-3200 series layer 2 gigabit managed switch cli manual 244 restrictions none. Examples to show the igmp snooping group: d g s - 3 2 0 0 - 1 6 : 4 # s h o w i g m p _ s n o o p i n g g r o u p c o m m a n d : s h o w i g m p _ s n o o p i n g g r o u p s o u r c e / g r o u p : 1 0 . 0 . 0 . 2 / 2...
Page 245
Dgs-3200 series layer 2 gigabit managed switch cli manual 245 parameters parameters description vlan_name the name of the vlan on which the router port resides. Static displays router ports that have been statically configured. Dynamic displays router ports that have been dynamically registered. For...
Page 247
Dgs-3200 series layer 2 gigabit managed switch cli manual 247 done_timer the done timer. The default setting is 2. State enable or disable mld snooping for the chosen vlan. Fast_done enable or disable the mld snooping fast done function. If enabled, the membership is immediately removed when the sys...
Page 248
Dgs-3200 series layer 2 gigabit managed switch cli manual 248 max_reponse_time the maximum time in seconds to wait for reports from listeners. The default setting is 10 seconds. Robustness_variable provides fine-tuning to allow for expected packet loss on a subnet. The value of the robustness variab...
Page 249
Dgs-3200 series layer 2 gigabit managed switch cli manual 249 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g m l d _ s n o o p i n g q u e r i e r d e f a u l t q u e r y _ i n t e r v a l 1 2 5 s t a t e e n a b l e c o m m a n d : c o n f i g m l d _ s n o o p i n g q u e r i e r d e f a u l t q u e r y ...
Page 251
Dgs-3200 series layer 2 gigabit managed switch cli manual 251 restrictions you must have administrator privileges. Example to enable mld snooping on the switch: d g s - 3 2 0 0 - 1 0 : 4 # e n a b l e m l d _ s n o o p i n g c o m m a n d : e n a b l e m l d _ s n o o p i n g s u c c e s s . D g s -...
Page 253
Dgs-3200 series layer 2 gigabit managed switch cli manual 253 f a s t d o n e : d i s a b l e d v e r s i o n : 2 t o t a l e n t r i e s : 1 d g s - 3 2 0 0 - 1 0 : 4 # 33-8 show mld_snooping group purpose used to display the current mld snooping group configuration on the switch. Format show mld_s...
Page 254
Dgs-3200 series layer 2 gigabit managed switch cli manual 254 s o u r c e / g r o u p : 2 0 0 0 : : 1 0 0 : 1 0 : 1 0 : 5 / f f 0 e : : 1 0 0 : 0 : 0 : 2 0 v l a n n a m e / v i d : d e f a u l t / 1 m e m b e r p o r t s : 3 f i l t e r m o d e : e x c l u d e s o u r c e / g r o u p : n u l l / f ...
Page 255
Dgs-3200 series layer 2 gigabit managed switch cli manual 255 example to display the router ports. D g s - 3 2 0 0 - 1 0 : 4 # s h o w mld_snooping m r o u t e r _ p o r t s c o m m a n d : s h o w mld_snooping m r o u t e r _ p o r t s v l a n n a m e : d e f a u l t s t a t i c m r o u t e r p o r...
Page 257
Dgs-3200 series layer 2 gigabit managed switch cli manual 257 d g s - 3 2 0 0 - 1 0 : 4 # create mcast_filter_profile profile_id 2 profile_name mod command: create mcast_filter_profile profile_id 2 profile_name mod success. D g s - 3 2 0 0 - 1 0 : 4 # 34-2 config mcast_filter_profile purpose this co...
Page 259
Dgs-3200 series layer 2 gigabit managed switch cli manual 259 restrictions user level examples d g s - 3 2 0 0 - 1 0 : 4 # show mcast_filter_profile c o m m a n d : show mcast_filter_profile p r o f i l e i d n a m e m u l t i c a s t a d d r e s s e s - - - - - - - - - - - - - - - - - - - - - - - -...
Page 260
Dgs-3200 series layer 2 gigabit managed switch cli manual 260 profile_id a profile to be added to or deleted from the port permit specifies that the packet that match the addresses defined in the profiles will be permitted. The default mode is permit. Deny specifies that the packet that match the ad...
Page 261
Dgs-3200 series layer 2 gigabit managed switch cli manual 261 restrictions user level examples to display a limited multicast address range: d g s - 3 2 0 0 - 1 0 : 4 # s h o w l i m i t e d _ m u l t i c a s t _ a d d r 1 , 3 c o m m a n d : s h o w l i m i t e d _ m u l t i c a s t _ a d d r 1 , 3...
Page 262
Dgs-3200 series layer 2 gigabit managed switch cli manual 262 parameters description a range of ports to config the max_mcast_group. Max_group specifies the maximum number of the multicast groups. The range is from 1 to 256 or infinite. Infinite is the default setting. Restrictions you must have adm...
Page 263
Dgs-3200 series layer 2 gigabit managed switch cli manual 263 d g s - 3 2 0 0 - 1 0 : 4 # show max_mcast_group ports 1 command: show max_mcast_group ports 1 port max multicast group number -------- ----------------------------- 1 100 3 100 d g s - 3 2 0 0 - 1 0 : 4 #.
Page 264
Dgs-3200 series layer 2 gigabit managed switch cli manual 264 viii. Security the security section includes the following chapters: 802.1x, access authentication control, ssl, ssh, ip-mac-port binding (impb), web-based access control, mac-based access control, and jwac..
Page 266
Dgs-3200 series layer 2 gigabit managed switch cli manual 266 show auth_client show acct_client 35-1 enable 802.1x purpose used to enable the 802.1x function. Format enable 802.1x description the enable 802.1x command enables 802.1x function. Parameters none. Restrictions you must have administrator...
Page 267
Dgs-3200 series layer 2 gigabit managed switch cli manual 267 parameters none. Restrictions you must have administrator privileges. Examples to disable the 802.1x function: d g s - 3 2 0 0 - 1 0 : 4 # d i s a b l e 8 0 2 . 1 x c o m m a n d : d i s a b l e 8 0 2 . 1 x s u c c e s s . D g s - 3 2 0 0...
Page 268
Dgs-3200 series layer 2 gigabit managed switch cli manual 268 d g s - 3 2 0 0 - 1 0 : 4 # c r e a t e 8 0 2 . 1 x u s e r c t s n o w c o m m a n d : c r e a t e 8 0 2 . 1 x u s e r c t s n o w e n t e r a c a s e - s e n s i t i v e n e w p a s s w o r d : e n t e r t h e n e w p a s s w o r d a g ...
Page 269
Dgs-3200 series layer 2 gigabit managed switch cli manual 269 35-5 show 802.1x user purpose used to display the 802.1x user. Format show 802.1x user description the show 802.1x user command displays the 802.1x user account information. Parameters none. Restrictions none. Examples to display the 802....
Page 270
Dgs-3200 series layer 2 gigabit managed switch cli manual 270 parameters parameters description local specifies the auth protocol as local. Radius_eap specifies the auth protocol as radius eap restrictions you must have administrator privilege. Examples to config the 802.1x radius eap: d g s - 3 2 0...
Page 271
Dgs-3200 series layer 2 gigabit managed switch cli manual 271 examples to display the 802.1x states: d g s - 3 2 0 0 - 1 0 : 4 # s h o w 8 0 2 . 1 x a u t h _ s t a t e p o r t s 1 - 5 c o m m a n d : s h o w 8 0 2 . 1 x a u t h _ s t a t e p o r t s 1 - 5 p o r t a u t h p a e s t a t e b a c k e n...
Page 273
Dgs-3200 series layer 2 gigabit managed switch cli manual 273 description the config 802.1x auth_parameter command configures the parameters that control the operation of the authenticator associated with a port. Parameters parameters description portlist specifies a range of ports to be configured....
Page 274
Dgs-3200 series layer 2 gigabit managed switch cli manual 274 examples to configure the parameters that control the operation of the authenticator associated with a port: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g 8 0 2 . 1 x a u t h _ p a r a m e t e r p o r t s 1 : 1 - 1 : 2 0 d i r e c t i o n b o t...
Page 276
Dgs-3200 series layer 2 gigabit managed switch cli manual 276 parameters parameters description port_based switch pass data based on its authenticated port. Mac_based switch pass data based on mac address of authenticated radius client. Portlist specifies a range of ports to be configured. All all p...
Page 277
Dgs-3200 series layer 2 gigabit managed switch cli manual 277 restrictions you must have administrator privileges. The specific vlan which is assigned to a guest vlan must already exist. The specific vlan which is assigned to the guest vlan can’t be deleted. Example d g s - 3 2 0 0 - 1 0 : 4 # creat...
Page 279
Dgs-3200 series layer 2 gigabit managed switch cli manual 279 description the show guest vlan command allows you to show the information of a guest vlan. Parameter none. Restrictions none. Example d g s - 3 2 0 0 - 1 0 : 4 # s h o w 8 0 2 . 1 x g u e s t _ v l a n c o m m a n d : s h o w 8 0 2 . 1 x...
Page 280
Dgs-3200 series layer 2 gigabit managed switch cli manual 280 used to encrypt user’s authentication data before being transmitted over the internet. The maximum length of the key is 32. Default sets the auth_port to be 1812 and acct_port to be 1813. Auth_port specifies the udp port number which is u...
Page 281
Dgs-3200 series layer 2 gigabit managed switch cli manual 281 restrictions you must have administrator privileges. Examples to delete a radius server: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g r a d i u s d e l e t e 1 c o m m a n d : c o n f i g r a d i u s d e l e t e 1 s u c c e s s . D g s - 3 2 0...
Page 282
Dgs-3200 series layer 2 gigabit managed switch cli manual 282 restrictions you must have administrator privileges. Examples to configure a radius server: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g r a d i u s a d d 1 1 0 . 4 8 . 7 4 . 1 2 1 k e y d l i n k d e f a u l t c o m m a n d : c o n f i g r a ...
Page 283
Dgs-3200 series layer 2 gigabit managed switch cli manual 283 r e t r e t r a n s m i t : 2 k e y : a d f d s l k f j e f i e f d k g j d a s s d w t g j k 6 y 1 w i n d e x 2 i p a d d r e s s : 1 7 2 . 1 8 . 2 1 1 . 7 1 a u t h - p o r t : 1 8 1 2 a c c t - p o r t : 1 8 1 3 t i m e o u t : 5 r a ...
Page 284
Dgs-3200 series layer 2 gigabit managed switch cli manual 284 examples to display authenticator statistics information from port 1 d g s - 3 2 0 0 - 1 0 : 4 # s h o w a u t h _ s t a t i s t i c s p o r t s 1 c o m m a n d : s h o w a u t h _ s t a t i s t i c s p o r t s 1 p o r t n u m b e r : 1 e...
Page 285
Dgs-3200 series layer 2 gigabit managed switch cli manual 285 examples to display authenticator diagnostics information from port 1 d g s - 3 2 0 0 - 1 0 : 4 # s h o w a u t h _ d i a g n o s t i c s p o r t s 1 c o m m a n d : s h o w a u t h _ d i a g n o s t i c s p o r t s 1 p o r t n u m b e r ...
Page 286
Dgs-3200 series layer 2 gigabit managed switch cli manual 286 parameters parameters description auth_portlist specifies a range of ports to be configured. Restrictions none. Examples to display authenticator session statistics information from port 1 d g s - 3 2 0 0 - 1 0 : 4 # s h o w a u t h _ s e...
Page 287
Dgs-3200 series layer 2 gigabit managed switch cli manual 287 restrictions none examples to display authentication client information: d g s - 3 2 0 0 - 1 0 : 4 # s h o w a u t h _ c l i e n t c o m m a n d : s h o w a u t h _ c l i e n t r a d i u s a u t h c l i e n t = = > r a d i u s a u t h c l...
Page 288
Dgs-3200 series layer 2 gigabit managed switch cli manual 288 r a d i u s a u t h s e r v e r i n d e x : 2 r a d i u s a u t h s e r v e r a d d r e s s 0 . 0 . 0 . 0 r a d i u s a u t h c l i e n t s e r v e r p o r t n u m b e r x r a d i u s a u t h c l i e n t r o u n d t r i p t i m e 0 r a d ...
Page 289
Dgs-3200 series layer 2 gigabit managed switch cli manual 289 r a d i u s a u t h c l i e n t p a c k e t s d r o p p e d 0 d g s - 3 2 0 0 - 1 0 : 4 # 35-25 show acct_client purpose used to display account client information. Format show acct_client description the show acct_client command displays...
Page 290
Dgs-3200 series layer 2 gigabit managed switch cli manual 290 r a d i u s a c c c l i e n t m a l f o r m e d r e s p o n s e s 0 r a d i u s a c c c l i e n t b a d a u t h e n t i c a t o r s 0 r a d i u s a c c c l i e n t p e n d i n g r e q u e s t s 0 r a d i u s a c c c l i e n t t i m e o u ...
Page 291
Dgs-3200 series layer 2 gigabit managed switch cli manual 291 r a d i u s a c c c l i e n t r o u n d t r i p t i m e 0 r a d i u s a c c c l i e n t r e q u e s t s 0 r a d i u s a c c c l i e n t r e t r a n s m i s s i o n s 0 r a d i u s a c c c l i e n t r e s p o n s e s 0 r a d i u s a c c c ...
Page 293
Dgs-3200 series layer 2 gigabit managed switch cli manual 293 config authen parameter attempt show authen parameter enable admin config admin local_enable 36-1 enable authen_policy purpose used to enable system access authentication policy. Format enable authen_policy description enables system acce...
Page 294
Dgs-3200 series layer 2 gigabit managed switch cli manual 294 description disables system access authentication policy. When authentication is disabled, the device will adopt the local user account database to authenticate the user for login, and adopt the local enable password to authenticate the e...
Page 295
Dgs-3200 series layer 2 gigabit managed switch cli manual 295 d g s - 3 2 0 0 - 1 0 : 4 # s h o w a u t h e n _ p o l i c y c o m m a n d : s h o w a u t h e n _ p o l i c y a u t h e n t i c a t i o n p o l i c y : e n a b l e d d g s - 3 2 0 0 - 1 0 : 4 # 36-4 create authen_login method_list_name ...
Page 297
Dgs-3200 series layer 2 gigabit managed switch cli manual 297 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g a u t h e n _ l o g i n m e t h o d _ l i s t _ n a m e l o g i n _ l i s t _ 1 m e t h o d t a c a c s + t a c a c s l o c a l c o m m a n d : c o n f i g a u t h e n _ l o g i n m e t h o d _ l i ...
Page 299
Dgs-3200 series layer 2 gigabit managed switch cli manual 299 admin level. Format create authen_enable method_list_name description create a user-defined method list of authentication methods for promoting a user's privilege to admin level. The maximum supported number of the enable method lists is ...
Page 300
Dgs-3200 series layer 2 gigabit managed switch cli manual 300 be sent to the first server host in the tacacs+ built-in server group. If the first server host in the tacacs+ group is missing, the authentication request will be sent to the second server host in the tacacs+ group, and so on. If all ser...
Page 301
Dgs-3200 series layer 2 gigabit managed switch cli manual 301 36-10 delete authen_enable method_list_name purpose used to delete a user-defined method list of authentication methods for promoting a user's privilege to admin level. Format delete authen_enable method_list_name description delete a use...
Page 302
Dgs-3200 series layer 2 gigabit managed switch cli manual 302 parameters parameters description default display default user-defined method list for promoting a user's privilege to admin level. Method_list_name display the specific user-defined method list for a promoting user's privilege to admin l...
Page 303
Dgs-3200 series layer 2 gigabit managed switch cli manual 303 description configure login or enable method list for all or the specified application. Parameters parameters description console application: console. Telnet an application: telnet. Ssh an application: ssh. Http an application: web. All ...
Page 304
Dgs-3200 series layer 2 gigabit managed switch cli manual 304 description display the login/enable method list for all applications. Parameters none. Restrictions none. Examples to display the login/enable method list for all applications: d g s - 3 2 0 0 - 1 0 : 4 # s h o w a u t h e n a p p l i c ...
Page 305
Dgs-3200 series layer 2 gigabit managed switch cli manual 305 restrictions you must have administrator privilege. Examples to create a user-defined authentication server group. D g s - 3 2 0 0 - 1 0 : 4 # c r e a t e a u t h e n s e r v e r _ g r o u p m i x _ 1 c o m m a n d : c r e a t e a u t h e...
Page 306
Dgs-3200 series layer 2 gigabit managed switch cli manual 306 protocol xtacacs the server host’s authentication protocol. Protocol tacacs+ the server host’s authentication protocol. Protocol radius the server host’s authentication protocol. Restrictions you must have administrator privilege. Example...
Page 307
Dgs-3200 series layer 2 gigabit managed switch cli manual 307 d g s - 3 2 0 0 - 1 0 : 4 # d e l e t e a u t h e n s e r v e r _ g r o u p m i x _ 1 c o m m a n d : d e l e t e a u t h e n s e r v e r _ g r o u p m i x _ 1 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 36-17 show authen server_group pur...
Page 309
Dgs-3200 series layer 2 gigabit managed switch cli manual 309 restrictions you must have administrator privilege. Examples to create a tacacs+ authentication server host, its listening port number is 15555 and the timeout value is 10 seconds: d g s - 3 2 0 0 - 1 0 : 4 # c r e a t e a u t h e n s e r...
Page 310
Dgs-3200 series layer 2 gigabit managed switch cli manual 310 the key for tacacs+ and radius authenticaiton. If the value is null, no encryption will apply. This value is meaningless for tacacs and xtacacs. Key none no encryption for tacacs+ and radius authenticaiton. This value is meaningless for t...
Page 311
Dgs-3200 series layer 2 gigabit managed switch cli manual 311 parameters parameters description server_host the server host’s ip address. Protocol tacacs the server host’s authentication protocol. Protocol xtacacs the server host’s authentication protocol. Protocol tacacs+ the server host’s authenti...
Page 312
Dgs-3200 series layer 2 gigabit managed switch cli manual 312 d g s - 3 2 0 0 - 1 0 : 4 # s h o w a u t h e n s e r v e r _ h o s t c o m m a n d : s h o w a u t h e n s e r v e r _ h o s t s r v i p a d d r e s s p r o t o c o l p o r t t i m e o u t r e t r a n s m i t k e y - - - - - - - - - - - ...
Page 313
Dgs-3200 series layer 2 gigabit managed switch cli manual 313 36-23 config authen parameter attempt purpose used to configure the maximum attempts for users trying to login or promote the privilege on console, telnet, or ssh applications. Format config authen parameter attempt description used to co...
Page 314
Dgs-3200 series layer 2 gigabit managed switch cli manual 314 parameters none. Restrictions none. Examples to display the parameters of authentication: d g s - 3 2 0 0 - 1 0 : 4 # s h o w a u t h e n p a r a m e t e r c o m m a n d : s h o w a u t h e n p a r a m e t e r r e s p o n s e t i m e o u ...
Page 315
Dgs-3200 series layer 2 gigabit managed switch cli manual 315 examples to enable administrator lever privilege: d g s - 3 2 0 0 - 1 0 : 3 # e n a b l e a d m i n p a s s w o r d : * * * * * * * * d g s - 3 2 0 0 - 1 0 : 4 # 36-26 config admin local_enable purpose used to configure the local enable p...
Page 317
Dgs-3200 series layer 2 gigabit managed switch cli manual 317 d g s - 3 2 0 0 - 1 0 : 4 # s h o w s s l c e r t i f i c a t e c o m m a n d : s h o w s s l c e r t i f i c a t e l o a d e d w i t h r s a c e r t i f i c a t e ! D g s - 3 2 0 0 - 1 0 : 4 # 37-2 download ssl certificate purpose downlo...
Page 318
Dgs-3200 series layer 2 gigabit managed switch cli manual 318 d g s - 3 2 0 0 - 1 0 : 4 # d o w n l o a d s s l c e r t i f i c a t e 1 0 . 5 5 . 4 7 . 1 c e r t f i l e n a m e c e r t . D e r k e y f i l e n a m e p k e y . D e r c o m m a n d : d o w n l o a d s s l c e r t i f i c a t e 1 0 . 5 ...
Page 319
Dgs-3200 series layer 2 gigabit managed switch cli manual 319 examples to enable the ssl ciphersuite for rsa_with_rc4_128_md5: d g s - 3 2 0 0 - 1 0 : 4 # e n a b l e s s l c i p h e r s u i t e r s a _ w i t h _ r c 4 _ 1 2 8 _ m d 5 c o m m a n d : e n a b l e s s l c i p h e r s u i t e r s a _ w...
Page 320
Dgs-3200 series layer 2 gigabit managed switch cli manual 320 dhe_dss_with_3des_ede_cbc_sha indicates dh key exchange with 3des_ede_cbc encryption and sha hash. Rsa_export_with_rc4_40_md5 indicates rsa_export key exchange with rc4 40 bits encryption and md5 hash. Null disables the ssl feature. Restr...
Page 321
Dgs-3200 series layer 2 gigabit managed switch cli manual 321 parameters none. Restrictions none. Examples to show ssl: d g s - 3 2 0 0 - 1 0 : 4 # s h o w s s l c o m m a n d s : s h o w s s l s s l s t a t u s d i s a b l e d r s a _ w i t h _ r c 4 _ 1 2 8 _ m d 5 0 x 0 0 0 4 e n a b l e d r s a ...
Page 322
Dgs-3200 series layer 2 gigabit managed switch cli manual 322 examples to show the ssl cache timeout: d g s - 3 2 0 0 - 1 0 : 4 # s h o w s s l c a c h e t i m e o u t c o m m a n d s : s h o w s s l c a c h e t i m e o u t c a c h e t i m e o u t i s 6 0 0 s e c o n d ( s ) d g s - 3 2 0 0 - 1 0 : ...
Page 324
Dgs-3200 series layer 2 gigabit managed switch cli manual 324 dss an ssh server public key algorithm. Rsa an ssh server public key algorithm. Enable used to enable the algorithm. Disable used to disable the alogirthm. Restrictions you must have administrator privileges. Examples to enable an ssh ser...
Page 325
Dgs-3200 series layer 2 gigabit managed switch cli manual 325 d g s - 3 2 0 0 - 1 0 : 4 # s h o w s s h a l g o r i t h m c o m m a n d : s h o w s s h a l g o r i t h m e n c r y p t i o n a l g o r i t h m - - - - - - - - - - - - - - - - - - - - - - - - - - 3 d e s : e n a b l e d a e s 1 2 8 : e ...
Page 326
Dgs-3200 series layer 2 gigabit managed switch cli manual 326 parameters parameters description password specifies user authentication method. Publickey specifies user authentication method. Hostbased specifies user authentication method. Enable enable user authentication method. Disable disable use...
Page 327
Dgs-3200 series layer 2 gigabit managed switch cli manual 327 d g s - 3 2 0 0 - 1 0 : 4 # s h o w s s h a u t h m o d e c o m m a n d : s h o w s s h a u t h m o d e t h e s s h a u t h m o d e - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ...
Page 328
Dgs-3200 series layer 2 gigabit managed switch cli manual 328 examples to update user “test” authmode: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g s s h u s e r t e s t p u b l i c k e y c o m m a n d : c o n f i g s s h u s e r t e s t p u b l i c k e y s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 38-6 ...
Page 330
Dgs-3200 series layer 2 gigabit managed switch cli manual 330 description the enable ssh command enables ssh server services. Parameters none. Restrictions you must have administrator privilege. When enabling ssh, telnet is disabled. Examples d g s - 3 2 0 0 - 1 0 : 4 # e n a b l e s s h c o m m a n...
Page 331
Dgs-3200 series layer 2 gigabit managed switch cli manual 331 38-10 show ssh server purpose used to show ssh server. Format show ssh server description the show ssh server command show ssh server general information. Parameters none. Restrictions none. Examples to show ssh server: d g s - 3 2 0 0 - ...
Page 333
Dgs-3200 series layer 2 gigabit managed switch cli manual 333 defaults to arp mode. If the system is in arp mode, the arp mode entries and acl mode entries will be effective. If the system is in acl mode, only the acl mode entries will be active; the arp mode entry will not be in effect. Acl this en...
Page 334
Dgs-3200 series layer 2 gigabit managed switch cli manual 334 allow_zeroip this feature is for the dhcp packet which the source ip address is zero. Enable :the dhcp packet which the source ip is zero can be forwarded. Disable :process according normal logic. Restrictions you must have administrator ...
Page 335
Dgs-3200 series layer 2 gigabit managed switch cli manual 335 restrictions you must have administrator privileges. Examples to delete an address binding entry : d g s - 3 2 0 0 - 1 0 : 4 #delete address_binding ip_mac ipaddress 10.1.1.1 mac_address 00-00-00-00-00-11 command: create address_binding i...
Page 336
Dgs-3200 series layer 2 gigabit managed switch cli manual 336 restrictions you must have administrator privileges. Examples to config an address binding entry : d g s - 3 2 0 0 - 1 0 : 4 #config address_binding ip_mac ipaddress 10.1.1.1 mac_address 00-00-00-00-00-11 command: config address_binding i...
Page 337
Dgs-3200 series layer 2 gigabit managed switch cli manual 337 d g s - 3 2 0 0 - 1 0 : 4#show address_binding ip_mac command: show address_binding ip_mac acl_mode : disabled trap/log : disabled enabled ports: enabled allow zero ip ports: ip address mac address mode ports --------------- -------------...
Page 338
Dgs-3200 series layer 2 gigabit managed switch cli manual 338 if the acl pool is full before creating all the address binding entries, then the address binding module can not create access entries. The switch will show an error message and the switch will set up these address binding entries as inac...
Page 339
Dgs-3200 series layer 2 gigabit managed switch cli manual 339 examples to disable an address binding acl mode : d g s - 3 2 0 0 - 1 0 : 4 #disable address_binding acl_mode command: disable address_binding acl_mode success. D g s - 3 2 0 0 - 1 0 : 4 # 39-8 enable address_binding trap_log purpose used...
Page 340
Dgs-3200 series layer 2 gigabit managed switch cli manual 340 39-9 disable address_binding trap_log purpose used to disable the address binding trap/log. Format disable address_binding trap_log. Description user use this command to disable address binding trap log. Parameters none. Restrictions you ...
Page 342
Dgs-3200 series layer 2 gigabit managed switch cli manual 342 40-2 disable wac purpose used to disable the web-based access control function. Format disable wac description the disable wac command will disable the wac function. Parameters none. Restrictions you must have administrator privileges. Ex...
Page 343
Dgs-3200 series layer 2 gigabit managed switch cli manual 343 vlan the authentication vlan name. Default_redirpath the url that the client will be redirected to after successful authentication. Initially, the redirected path is empty string. It must be specified by the user before the function can b...
Page 344
Dgs-3200 series layer 2 gigabit managed switch cli manual 344 40-4 create wac user purpose used to create a user account for web-based access control. Format create wac user vlan description the create wac command allows you to create an account for web-based access control. Parameters parameters de...
Page 345
Dgs-3200 series layer 2 gigabit managed switch cli manual 345 description the delete wac command allows you to delete a account. Parameters parameters description username user account for web-based access control. Restrictions none. Example to delete a wac account: d g s - 3 2 0 0 - 1 0 : 4 # d e l...
Page 346
Dgs-3200 series layer 2 gigabit managed switch cli manual 346 example to configure the port state: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g w a c u s e r 1 2 3 v l a n v 1 0 0 c o m m a n d : c o n f i g w a c u s e r 1 2 3 v l a n v 1 0 0 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 40-7 show wac pur...
Page 347
Dgs-3200 series layer 2 gigabit managed switch cli manual 347 to show wac ports: d g s - 3 2 0 0 - 1 0 : 4 # s h o w w a c p o r t s 1 - 8 c o m m a n d : s h o w w a c p o r t s 1 - 8 p o r t s t a t e u s e r n a m e a u t h s t a t u s a s s i g n e d v l a n - - - - - - - - - - - - - - - - - - -...
Page 348
Dgs-3200 series layer 2 gigabit managed switch cli manual 348 d g s - 3 2 0 0 - 1 0 : 4 # s h o w w a c u s e r c o m m a n d : s h o w w a c u s e r c u r r e n t a c c o u n t s : u s e r n a m e v l a n n a m e - - - - - - - - - - - - - - - - - - - - - - - - 1 2 3 d e f a u l t s u c c e s s . D ...
Page 350
Dgs-3200 series layer 2 gigabit managed switch cli manual 350 41-2 disable mac_based_access_control purpose used to disable mac-based access control. Format disable mac_based_access_control description the disable mac_based_access_control command will disable the mac-based access control function. P...
Page 351
Dgs-3200 series layer 2 gigabit managed switch cli manual 351 parameters parameters description ports a range of ports to enable or disable the mac_based_access_control function. State specify specific port state. Method specify which authenticated method. Password in radius mode, the switch communi...
Page 352
Dgs-3200 series layer 2 gigabit managed switch cli manual 352 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g m a c _ b a s e d _ a c c e s s _ c o n t r o l p a s s w o r d d e f a u l t c o m m a n d : c o n f i g m a c _ b a s e d _ a c c e s s _ c o n t r o l p a s s w o r d d e f a u l t s u c c e s s ...
Page 353
Dgs-3200 series layer 2 gigabit managed switch cli manual 353 41-5 delete mac_based_access_control guest_vlan purpose to delete mac-based access control guest vlans. Format delete mac_based_access_control guest_vlan description this command deletes guest vlans from the switch. Parameters none. Restr...
Page 354
Dgs-3200 series layer 2 gigabit managed switch cli manual 354 restrictions you must have administrator privileges. Example to create a local database entry: d g s - 3 2 0 0 - 1 0 : 4 # c r e a t e m a c _ b a s e d _ a c c e s s _ c o n t r o l _ l o c a l m a c 0 0 - 0 0 - 0 0 - 0 0 - 0 0 - 0 1 v l...
Page 356
Dgs-3200 series layer 2 gigabit managed switch cli manual 356 41-9 show mac_based_access_control auth_mac purpose used to display mac-based access control authentication macs. Format show mac_based_access_control auth_mac {ports } description user use this command to display mac_based_access_control...
Page 358
Dgs-3200 series layer 2 gigabit managed switch cli manual 358 d g s - 3 2 0 0 - 1 0 : 4 # s h o w m a c _ b a s e d _ a c c e s s _ c o n t r o l p o r t 1 - 9 c o m m a n d : s h o w m a c _ b a s e d _ a c c e s s _ c o n t r o l p o r t 1 - 9 p o r t s t a t e - - - - - - - - - - - - - - 1 d i s ...
Page 359
Dgs-3200 series layer 2 gigabit managed switch cli manual 359 d g s - 3 2 0 0 - 1 0 : 4 # s h o w m a c _ b a s e d _ a c c e s s _ c o n t r o l _ l o c a l c o m m a n d : s h o w m a c _ b a s e d _ a c c e s s _ c o n t r o l _ l o c a l m a c a d d r e s s v l a n n a m e - - - - - - - - - - - ...
Page 360
Dgs-3200 series layer 2 gigabit managed switch cli manual 360 42 jwac command list enable jwac disable jwac enable jwac redirect disable jwac redirect enable jwac forcible_logout disable jwac forcible_logout enable jwac udp_filtering disable jwac udp_filtering enable jwac quarantine_server_monitor d...
Page 361
Dgs-3200 series layer 2 gigabit managed switch cli manual 361 disable jwac description jwac and wac are mutually exclusive functions. That is, they can not be enabled at the same time. Using the jwac function, pc users need to pass two stages of authentication. The first stage is to do the authentic...
Page 362
Dgs-3200 series layer 2 gigabit managed switch cli manual 362 parameters none. Restrictions when enable redirect to quarantine server is in effect, a quarantine server must be configured first. You must have administrator privileges. Example d g s - 3 2 0 0 - 1 0 : 4 # e n a b l e j w a c r e d i r ...
Page 363
Dgs-3200 series layer 2 gigabit managed switch cli manual 363 d g s - 3 2 0 0 - 1 0 : 4 # e n a b l e j w a c f o r c i b l e _ l o g o u t c o m m a n d : e n a b l e j w a c f o r c i b l e _ l o g o u t s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 42-4 enable/disable jwac udp_filtering purpose use...
Page 364
Dgs-3200 series layer 2 gigabit managed switch cli manual 364 description when the jwac quarantine server monitor is enabled, the jwac switch will monitor the quarantine server to ensure the server is okay. If the switch detects no quarantine server, it will redirect all unauthenticated http accesse...
Page 365
Dgs-3200 series layer 2 gigabit managed switch cli manual 365 restrictions you must have administrator privileges. Example d g s - 3 2 0 0 - 1 0 : 4 # config jwac quarantine_server_error_timeout 60 c o m m a n d : config jwac quarantine_server_error_timeout 60 s u c c e s s . D g s - 3 2 0 0 - 1 0 :...
Page 366
Dgs-3200 series layer 2 gigabit managed switch cli manual 366 42-8 config jwac virtual_ip purpose used to configure jwac virtual ip addresses used to accept authentication requests from an unauthenticated host. Format config jwac virtual_ip description the virtual ip of jwac is used to accept authen...
Page 367
Dgs-3200 series layer 2 gigabit managed switch cli manual 367 quarantine server reaches the jwac switch, the switch will handle this http packet and send back a message to the host ot make it access the quarantine server with the configured url. When the pc connects to the specified url, the quarant...
Page 368
Dgs-3200 series layer 2 gigabit managed switch cli manual 368 example d g s - 3 2 0 0 - 1 0 : 4 # config jwac clear_quarantine_server_url c o m m a n d : config jwac clear_quarantine_server_url s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 42-11 config jwac update_server purpose used to configure the ...
Page 369
Dgs-3200 series layer 2 gigabit managed switch cli manual 369 example d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g j w a c o t h e r _ s e r v e r a d d i p a d d r e s s 1 0 . 9 0 . 9 0 . 1 0 9 / 2 4 c o m m a n d : c o n f i g j w a c o t h e r _ s e r v e r a d d i p a d d r e s s 1 0 . 9 0 . 9 0 . 1 ...
Page 372
Dgs-3200 series layer 2 gigabit managed switch cli manual 372 format create jwac user {vlan } config jwac user {vlan } description the create jwac user command creates jwac users in the local db. When “local” is chosen while configuring the jwac radius protocol, the local db will be used. Parameters...
Page 373
Dgs-3200 series layer 2 gigabit managed switch cli manual 373 restrictions you must have administrator privileges. Example d g s - 3 2 0 0 - 1 0 : 4 # d e l e t e j w a c u s e r 1 1 2 2 3 3 c o m m a n d : d e l e t e j w a c u s e r 1 1 2 2 3 3 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 42-17 sho...
Page 375
Dgs-3200 series layer 2 gigabit managed switch cli manual 375 parameters none. Restrictions none. Example d g s - 3 2 0 0 - 1 0 : 4 # s h o w j w a c c o m m a n d : s h o w j w a c s t a t e : e n a b l e d e n a b l e d p o r t s : 1 , 9 v i r t u a l i p : 1 . 1 . 1 . 1 s w i t c h h t t p p o r ...
Page 376
Dgs-3200 series layer 2 gigabit managed switch cli manual 376 parameters parameters description port a port range to show the information of client host authenticated only to show authenticated client hosts authenticating only to show client hosts being in authenticating process blocked only to show...
Page 377
Dgs-3200 series layer 2 gigabit managed switch cli manual 377 parameters parameters description all shows all the ports configured for jwac. Specifies a port range to show the configuration of jwac. Restrictions none. Example d g s - 3 2 0 0 - 1 0 : 4 # s h o w j w a c p o r t 1 - 4 c o m m a n d : ...
Page 378
Dgs-3200 series layer 2 gigabit managed switch cli manual 378 ix. Qos the qos section includes the following chapter: qos..
Page 380
Dgs-3200 series layer 2 gigabit managed switch cli manual 380 no_limit - indicates there is no limit on port rx bandwidth. An integer value from 64 to 1024000 sets a maximum limit in kbits/sec. The specified bandwidth limit may be equaled but not exceeded. This exact logical limit or token value is ...
Page 381
Dgs-3200 series layer 2 gigabit managed switch cli manual 381 response messages (1). “success.” when users input a value that is a multiple of 64 and the setting is successful. (2). "fail ! Trunk member port %-p can not be configured because the master is not contained in the portlist" . The configu...
Page 382
Dgs-3200 series layer 2 gigabit managed switch cli manual 382 d g s - 3 2 0 0 - 1 0 : 4 # s h o w b a n d w i d t h _ c o n t r o l 1 - 1 0 c o m m a n d : s h o w b a n d w i d t h _ c o n t r o l 1 - 1 0 b a n d w i d t h c o n t r o l t a b l e p o r t r x r a t e t x r a t e e f f e c t i v e r ...
Page 383
Dgs-3200 series layer 2 gigabit managed switch cli manual 383 parameters description class_id this specifies which of the n+1 hardware priority queues the config scheduling command will apply to. The four hardware priority queues are identified by number − from 0 to n − with the 0 queue being the lo...
Page 384
Dgs-3200 series layer 2 gigabit managed switch cli manual 384 restrictions you must have administrator privileges. Examples to configure the traffic scheduling mechanism for each cos queue: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g s c h e d u l i n g _ m e c h a n i s m s t r i c t c o m m a n d : c ...
Page 385
Dgs-3200 series layer 2 gigabit managed switch cli manual 385 c l a s s - 4 5 c l a s s - 5 6 c l a s s - 6 7 c l a s s - 7 8 d g s - 3 2 0 0 - 1 0 : 4 # 43-6 show scheduling_mechanism purpose used to show the traffic scheduling mechanism. Format show scheduling_mechanism description the show schedu...
Page 386
Dgs-3200 series layer 2 gigabit managed switch cli manual 386 43-7 config 802.1p user_priority purpose used to map the 802.1p user priority of an incoming packet to one of the four hardware queues available on the switch. Format config 802.1p user_priority description the config 802.1p user_priority...
Page 387
Dgs-3200 series layer 2 gigabit managed switch cli manual 387 43-8 show 802.1p user_priority purpose used to display 802.1p user priority. Format show 802.1p user_priority description the show 802.1p user_priority command displays 802.1p user priority. Parameters none. Restrictions none. Examples to...
Page 389
Dgs-3200 series layer 2 gigabit managed switch cli manual 389 description the show 802.1p default_priority command displays the current default priority settings on the switch. Parameters parameters description portlist specified a range of ports to be displayed. If no parameter is specified, the sy...
Page 390
Dgs-3200 series layer 2 gigabit managed switch cli manual 390 x. Ip addressing service the ip addressing service section includes the following chapter: dhcp relay..
Page 392
Dgs-3200 series layer 2 gigabit managed switch cli manual 392 d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g d h c p _ r e l a y h o p s 4 t i m e 2 c o m m a n d : c o n f i g d h c p _ r e l a y h o p s 4 t i m e 2 s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 44-2 config dhcp_relay add purpose used to add...
Page 393
Dgs-3200 series layer 2 gigabit managed switch cli manual 393 format config dhcp_relay delete ipif description the config dhcp_relay delete command is used to delete one or all of the ip destination addresses in the swith’s relay table. Parameters parameters description ipif_name the name of the ip ...
Page 394
Dgs-3200 series layer 2 gigabit managed switch cli manual 394 1. Suboption type 2. Length 3. Circuit id type 4. Length 5. Vlan : the incoming vlan id of dhcp client packet. 6 . Module : for a standalone switch, module is always 0. 7. Port : the incoming port number of dhcp client packet, port number...
Page 395
Dgs-3200 series layer 2 gigabit managed switch cli manual 395 examples to configure the dhcp relay option 82: d g s - 3 2 0 0 - 1 0 : 4 # c o n f i g d h c p _ r e l a y o p t i o n _ 8 2 s t a t e e n a b l e c o m m a n d : c o n f i g d h c p _ r e l a y o p t i o n _ 8 2 s t a t e e n a b l e s ...
Page 396
Dgs-3200 series layer 2 gigabit managed switch cli manual 396 d g s - 3 2 0 0 - 1 0 : 4 # e n a b l e d h c p _ r e l a y c o m m a n d : e n a b l e d h c p _ r e l a y s u c c e s s . D g s - 3 2 0 0 - 1 0 : 4 # 44-6 disable dhcp_relay purpose used to disable dhcp relay function on the switch. For...
Page 397
Dgs-3200 series layer 2 gigabit managed switch cli manual 397 description the show dhcp_relay command displays the current dhcp relay configuration. Parameters parameters description ipif_name the ip interface name. If no parameter is specified , the system will display all dhcp relay configurations...
Page 398
Dgs-3200 series layer 2 gigabit managed switch cli manual 398 xi. Ipv6 the ipv6 section includes the following chapter: ipv6 ndp..
Page 400
Dgs-3200 series layer 2 gigabit managed switch cli manual 400 examples to create a static neighbor cache entry. Dgs-3200-10:4#create ipv6 neighbor_cache ipif system 3ffc::1 00:01:02:03:04:05 command: create ipv6 neighbor_cache ipif system 3ffc::1 00-01-02-03-04-05 success. Dgs-3200-10:4# 45-2 delete...
Page 401
Dgs-3200 series layer 2 gigabit managed switch cli manual 401 dgs-3200-10:4#delete ipv6 neighbor_cache ipif system 3ffc::1 command: delete ipv6 neighbor_cache ipif system 3ffc::1 success. Dgs-3200-10:4# 45-3 show ipv6 neighbor_cache purpose to show an ipv6 neighbor cache. Format show ipv6 neighbor_c...
Page 402
Dgs-3200 series layer 2 gigabit managed switch cli manual 402 dgs-3200-10:4#show ipv6 neighbor_cache ipif system all command: show ipv6 neighbor_cache ipif system all neighbor link layer address interface state -------------------------------------- ------------------ ------------ ----- fe80::20b:6a...
Page 403
Dgs-3200 series layer 2 gigabit managed switch cli manual 403 restrictions you must have the administrator privilege. Examples dgs-3200-10:4#config ipv6 nd ns ipif system retrans_time 400 command: config ipv6 nd ns ipif system retrans_time 400 success. Dgs-3200-10:4# 45-5 config ipv6 nd rs purpose t...
Page 405
Dgs-3200 series layer 2 gigabit managed switch cli manual 405 seconds and no greater than .75 * maxrtradvinterval. Default: 0.33 * maxrtradvinterval the maximum time allowed between sending max_rtr_adv_interval unsolicited multicast router advertisements from the interface, in seconds. Must be no le...
Page 406
Dgs-3200 series layer 2 gigabit managed switch cli manual 406 on_link_flag when set to 1, the address implied by the specified prefix are available on the link where the ra message is received. Autonomous_flag when set to 1, then the specified prefix will be used to create an autonomous address conf...
Page 407
Dgs-3200 series layer 2 gigabit managed switch cli manual 407 examples to display interface’s information. Dgs-3200-10:4#show ipv6 nd ipif system command: show ipv6 nd ipif system interface name : system hop limit : 64 ns retransmit time : 0 (ms) router advertisement : disabled ra max router advinte...
Page 408
Dgs-3200 series layer 2 gigabit managed switch cli manual 408 xii. Acl the acl section includes the following chapter: acl..
Page 414
Dgs-3200 series layer 2 gigabit managed switch cli manual 414 user_define_mask specifies the l4 part mask. Packet_content_mask specifies the frame content mask. There are a maximum of five offsets that can be configured. Each offset presents 16 bytes, the range of mask of frame is 80 bytes (5 offset...
Page 415
Dgs-3200 series layer 2 gigabit managed switch cli manual 415 d g s - 3 2 0 0 - 1 0 : 4 # d g s - 3 2 0 0 - 1 0 : 4 # c r e a t e a c c e s s _ p r o f i l e p r o f i l e _ i d 1 0 1 i p v l a n s o u r c e _ i p _ m a s k 2 5 5 . 2 5 5 . 2 5 5 . 2 5 5 d e s t i n a t i o n _ i p _ m a s k 2 5 5 . ...
Page 417
Dgs-3200 series layer 2 gigabit managed switch cli manual 417 parameters parameters description profile_id specifies the index of the access list profile. Specifies the index of the access list entry. The range of this value is 1 to 200. Vlan specifies a vlan name. Source_mac specifies the source ma...
Page 418
Dgs-3200 series layer 2 gigabit managed switch cli manual 418 flowlabel specifies ipv6 flow label value. Source_ipv6 specifies ipv6 source ip value. Destination_ip v6 specifies ipv6 destionation ip value. Permit specifies the packets that match the access profile are permit by the switch. Priority s...
Page 419
Dgs-3200 series layer 2 gigabit managed switch cli manual 419 description the show access_profile command displays current access list table. Parameters parameters description profile_id specifies the index of the access list profile. Restrictions none. Example to display the current access list tab...
Page 420
Dgs-3200 series layer 2 gigabit managed switch cli manual 420 2 5 5 . 2 5 5 . 2 5 5 . 2 5 5 2 5 5 . 2 5 5 . 2 5 5 . 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - a c c e s s i d : 1 m o d e : p e r m i t r x r a t e ( 6 ...
Page 421
Dgs-3200 series layer 2 gigabit managed switch cli manual 421 delete deletes a time range profile. When a time range profile has been associated with acl entries, the deletion of this time rangeprofile will fail. Restrictions you must have administrator privileges. Examples d g s - 3 2 0 0 - 1 0 : 4...
Page 422
Dgs-3200 series layer 2 gigabit managed switch cli manual 422 dgs-3200-10:4#show time_range command: show time_range time range information ------------------------- range name : testdaily weekdays : mon,fri start time : 12:00:00 end time : 13:00:00 total entries :1 dgs-3200-10:4# 46-7 create cpu ac...
Page 423
Dgs-3200 series layer 2 gigabit managed switch cli manual 423 description the create cpu access_profile command creates cpu access list rules. Parameters parameters description vlan specifies a vlan mask. Source_mac specifies the source mac mask. Destination_mac specifies the destination mac mask. 8...
Page 424
Dgs-3200 series layer 2 gigabit managed switch cli manual 424 destination_ipv6_mask specifies the ipv6 destination ip mask. Restrictions you must have administrator privileges. The switch supports a maximum of five cpu profiles to be configured. Example to create cpu access list rules: d g s - 3 2 0...
Page 425
Dgs-3200 series layer 2 gigabit managed switch cli manual 425 restrictions you must have administrator privileges. The switch supports a maximum of 500 access entries. The delete cpu access_profile command can only delete the profile which is created by the cpu acl module. Example to delete access l...
Page 427
Dgs-3200 series layer 2 gigabit managed switch cli manual 427 specifies that the rule applies to the value of ip protocol id traffic. Protocod_id user_define specifies the l4 part value. Offset_0-15 specifies value for packet bytes 0-15. Offset_16-31 specifies value for packet bytes 16-31. Offset_32...
Page 428
Dgs-3200 series layer 2 gigabit managed switch cli manual 428 format show cpu access_profile {profile_id } description the show cpu access_profile command displays current cpu access list table. Parameters parameters description profile_id specifies the index of an access list profile. Restrictions ...
Page 429
Dgs-3200 series layer 2 gigabit managed switch cli manual 429 a c c e s s p r o f i l e i d : 2 t y p e : i p = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = m a s k o p t i o n : s o u r ...
Page 430
Dgs-3200 series layer 2 gigabit managed switch cli manual 430 46-12 disable cpu_interface_filtering purpose used to disable cpu interface filtering. Format disable cpu_interface_filtering description the disable cpu_interface_filtering command disables cpu interface filtering. Parameters none. Restr...
Page 431
Dgs-3200 series layer 2 gigabit managed switch cli manual 431 xiii. Packet control the packet control section includes the following chapter: packet storm..
Page 433
Dgs-3200 series layer 2 gigabit managed switch cli manual 433 countdown , and time_interval as well. Threshold the upper threshold at which the specified storm control will turn on. The is the number of broadcast/multicast packets per second received by the switch that will trigger the storm traffic...
Page 434
Dgs-3200 series layer 2 gigabit managed switch cli manual 434 storm events are detected by a sw traffic storm control mechanism. Note : a traffic control trap is active only when the control action is configured as “shutdown”. If the control action is “drop” there will no traps issue while storm eve...
Page 435
Dgs-3200 series layer 2 gigabit managed switch cli manual 435 restrictions none. Examples to display the packet storm control setting: d g s - 3 2 0 0 - 1 0 : 4 # s h o w t r a f f i c c o n t r o l c o m m a n d : s h o w t r a f f i c c o n t r o l t r a f f i c s t o r m c o n t r o l t r a p : [...
Page 436: Packet Content Acl
Dgs-3200 series layer 2 gigabit managed switch cli manual 436 appendix - mitigating arp spoofing attacks using packet content acl how address resolution protocol works in the process of arp, pc a will first issue an arp request to query pc b’s mac address. The network structure is shown in figure-1....
Page 437
Dgs-3200 series layer 2 gigabit managed switch cli manual 437 port1 00-20-5c-01-11-11 in addition, when the switch receives the broadcasted arp request, it will flood the frame to all ports except the source port, port 1 (see figure-2). Figure-2 who is 10.10.10.2? When the switch floods the frame of...
Page 438
Dgs-3200 series layer 2 gigabit managed switch cli manual 438 table-3 (arp payload) h/w type protocol type h/w address length protocol address length operation sender sender protocol address target target protocol address h/w address h/w address arp reply 00-20-5c-01-11-11 10.10.10.1 00-20-5c-01-22-...
Page 439
Dgs-3200 series layer 2 gigabit managed switch cli manual 439 how arp spoofing attacks a network arp spoofing, also known as arp poisoning, is a method to attack an ethernet network which may allow an attacker to sniff data frames on a lan, modify the traffic, or stop the traffic altogether (known a...
Page 440
Dgs-3200 series layer 2 gigabit managed switch cli manual 440 a common dos attack today can be done by associating a nonexistent or any specified mac address to the ip address of the network’s default gateway. The malicious attacker only needs to broadcast one gratuitous arp to the network claiming ...
Page 441: Configuration
Dgs-3200 series layer 2 gigabit managed switch cli manual 441 example topology configuration the configuration logic is as follows: 1. Only if the arp matches source mac address in ethernet, sender mac address and sender ip address in arp protocol can pass through the switch. (in this example, it is...
Page 442
Dgs-3200 series layer 2 gigabit managed switch cli manual 442 table-6: chunk and packet offset offset chunk offset chunk0 offset chunk1 offset chunk2 offset chunk3 offset chunk4 offset chunk5 offset chunk6 offset chunk7 offset chunk8 offset chunk9 offset chunk10 offset chunk11 offset chunk12 offset ...
Page 443
Dgs-3200 series layer 2 gigabit managed switch cli manual 443 command description – create access profile 1 create access_profile profile_id 1 ethernet source_mac ff-ff-ff-ff-ff-ff ethernet_type step1 to match ethernet type and source mac address. Config access_profile profile_id 1 add access_id 1 e...