Powered by AcctonManagement GuideES4524DES4548D24/48-PortGigabit Ethernet Switche-mail: [email protected]tel: 08-52 400 700 fax: 08-520 18121
Contentsxend 33-4exit 33-4quit 33-5Chapter 34: System Management Commands 34-1hostname 34-1reload 34-2switch renumber 34-2jumbo frame 34-3show s
Setting the System Clock10-210CLI – This example configures the switch to operate as an SNTP client and then displays the current time and settings.Se
11-1Chapter 11: Simple Network Management Protocol This chapter describes how to configure the Simple Network Management Protocol (SNMP) on the switch
Simple Network Management Protocol11-211security models v1 and v2c. The following table shows the security models and levels available and the system
Setting Community Access Strings11-311CLI – The following example enables SNMP on the switch.Setting Community Access Strings You may configure up to
Simple Network Management Protocol11-411Specifying Trap Managers and Trap TypesTraps indicating status changes are issued by the switch to specified t
Specifying Trap Managers and Trap Types11-511Version 1 or 2c clients), or define a corresponding “User Name” in the SNMPv3 Users page (for Version 3 c
Simple Network Management Protocol11-611Web – Click SNMP, Configuration. Enter the IP address and community string for each management station that wi
Configuring SNMPv3 Management Access11-711Setting a Local Engine IDAn SNMPv3 engine is an independent SNMP agent that resides on the switch. This engi
Simple Network Management Protocol11-811The engine ID can be specified by entering 1 to 26 hexadecimal characters. If less than 26 characters are spec
Configuring SNMPv3 Management Access11-911• Authentication Password – A minimum of eight plain text characters is required.• Privacy Protocol – The en
ContentsxiChapter 38: SMTP Alert Commands 38-1logging sendmail host 38-1logging sendmail level 38-2logging sendmail source-email 38-2logging sendm
Simple Network Management Protocol11-1011CLI – Use the snmp-server user command to configure a new user name and assign it to a group.Configuring Remo
Configuring SNMPv3 Management Access11-1111• Privacy Protocol – The encryption algorithm use for data privacy; only 56-bit DES is currently available.
Simple Network Management Protocol11-1211CLI – Use the snmp-server user command to configure a new user name and assign it to a group.Configuring SNMP
Configuring SNMPv3 Management Access11-1311Table 11-2 Supported Notification MessagesObject Label Object ID DescriptionRFC 1493 TrapsnewRoot 1.3.6.1
Simple Network Management Protocol11-1411Private Traps - swPowerStatus ChangeTrap1.3.6.1.4.1.259.6.10.95.2.1.0.1 This trap is sent when the power stat
Configuring SNMPv3 Management Access11-1511Web – Click SNMP, SNMPv3, Groups. Click New to configure a new group. In the New Group page, define a name,
Simple Network Management Protocol11-1611Setting SNMPv3 ViewsSNMPv3 views are used to restrict user access to specified portions of the MIB tree. The
Configuring SNMPv3 Management Access11-1711CLI – Use the snmp-server view command to configure a new view. This example view includes the MIB-2 interf
Simple Network Management Protocol11-1811
12-1Chapter 12: User Authentication This chapter describes how to configure the switch to authenticate users logging into the system for management ac
Contentsxiiradius-server timeout 41-8show radius-server 41-8TACACS+ Client 41-9tacacs-server host 41-9tacacs-server port 41-9tacacs-server key 4
User Authentication12-212Web – Click Security, User Accounts. To configure a new user account, enter the user name, access level, and password, then c
Configuring Local/Remote Logon Authentication12-312RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort delivery, while TCP offers a co
User Authentication12-412- ServerIndex – Specifies one of five RADIUS servers that may be configured. The switch attempts authentication using the lis
Configuring HTTPS12-512CLI – Specify all the required parameters to enable logon authentication.Configuring HTTPSYou can configure the switch to enabl
User Authentication12-612- The client and server generate session keys for encrypting and decrypting data.• The client and server establish a secure e
Configuring HTTPS12-712obtain a unique certificate and a private key and password from a recognized certification authority. Note: For maximum securit
User Authentication12-812Configuring the Secure Shell The Berkley-standard includes remote access tools originally designed for Unix systems. Some of
Configuring the Secure Shell12-912client’s granted management access to the switch. (Note that these clients must be configured locally on the switch
User Authentication12-1012Authenticating SSH v2 Clientsa.The client first queries the switch to determine if DSA public key authentication using a pre
Configuring the Secure Shell12-1112Web – Click Security, SSH, Host-Key Settings. Select the host-key type from the drop-down box, select the option to
ContentsxiiiChapter 44: Access Control List Commands 44-1IPv4 ACLs 44-1access-list ip 44-2permit, deny (Standard IPv4 ACL) 44-2permit, deny (Exte
User Authentication12-1212Configuring the SSH ServerThe SSH server includes basic settings for authentication. Field Attributes• SSH Server Status – A
Filtering IP Addresses for Management Access12-1312CLI – This example enables SSH, sets the authentication parameters, and displays the current config
User Authentication12-1412• End IP Address – The end address of a range.Web – Click Security, IP Filter. Enter the IP addresses or range of addresses
13-1Chapter 13: Configuring Port Security Port security is a feature that allows you to configure a switch port with one or more device MAC addresses
Configuring Port Security13-213Web – Click Security, Port Security. Set the action to take when an invalid address is detected on a port, mark the che
14-1Chapter 14: Configuring 802.1X Port Authentication Network switches can provide open and easy access to network resources by simply attaching a c
Configuring 802.1X Port Authentication14-214The operation of dot1x on the switch requires the following:• The switch must have an IP address assigned.
Configuring 802.1X Global Settings14-314Configuring 802.1X Global SettingsThe 802.1X protocol provides port authentication. The 802.1X protocol must b
Configuring 802.1X Port Authentication14-414• Max Request – Sets the maximum number of times the switch port will retransmit an EAP request packet to
Configuring Port Settings for 802.1X14-514CLI – This example sets the 802.1X parameters on port 2. For a description of the additional fields displaye
Contentsxivlacp port-priority 46-8show lacp 46-8show port-channel load-balance 46-11Chapter 47: Broadcast Storm Control Commands 47-1switchport br
Configuring 802.1X Port Authentication14-614Displaying 802.1X StatisticsThis switch can display statistics for dot1x protocol exchanges for any port.
Displaying 802.1X Statistics14-714Web – Select Security, 802.1X, Statistics. Select the required port and then click Query. Click Refresh to update th
Configuring 802.1X Port Authentication14-814
15-1Chapter 15: Access Control ListsAccess Control Lists (ACL) provide packet filtering for IPv4 frames (based on address, protocol, Layer 4 protocol
Access Control Lists15-215the “TCP” protocol is specified, then you can also filter packets based on the TCP control code. • IPv6 Standard: IPv6 ACL m
Configuring an Extended IPv4 ACL15-315Web – Specify the action (i.e., Permit or Deny). Select the address type (Any, Host, or IP). If you select “Host
Access Control Lists15-415• Source/Destination Port – Source/destination port number for the specified protocol type. (Range: 0-65535)• Source/Destina
Configuring an Extended IPv4 ACL15-515Web – Specify the action (i.e., Permit or Deny). Specify the source and/or destination addresses. Select the add
Access Control Lists15-615Configuring a MAC ACLCommand Attributes• Action – An ACL can contain any combination of permit or deny rules.• Source/Destin
Configuring a Standard IPv6 ACL15-715Web – Specify the action (i.e., Permit or Deny). Specify the source and/or destination addresses. Select the addr
ContentsxvChapter 52: VLAN Commands 52-1GVRP and Bridge Extension Commands 52-1bridge-ext gvrp 52-2show bridge-ext 52-2switchport gvrp 52-3show g
Access Control Lists15-815• Source Prefix-Length – A decimal value indicating how many contiguous bits (from the left) of the address comprise the pre
Configuring an Extended IPv6 ACL15-915• Destination Prefix-Length – A decimal value indicating how many contiguous bits (from the left) of the address
Access Control Lists15-1015Web – Specify the action (i.e., Permit or Deny). Select the address type (Any or IPv6-prefix). If you select “IPv6-prefix,”
Binding a Port to an Access Control List15-1115Binding a Port to an Access Control ListAfter configuring the Access Control Lists (ACL), you should bi
Access Control Lists15-1215
16-1Chapter 16: Port Configuration This chapter describes how to configure switch ports and display the current connection status.Displaying Connectio
Port Configuration16-216Field Attributes (CLI)Basic information:• Port type – Indicates the port type. (1000BASE-T or SFP)• MAC address – The physical
Displaying Connection Status16-316CLI – This example shows the connection status for Port 5.Console#show interfaces status ethernet 1/5 45-8Informatio
Port Configuration16-416Configuring Interface Connections You can use the Port Configuration or Trunk Configuration page to enable/disable an interfac
Configuring Interface Connections16-516Web – Click Port, Port Configuration or Trunk Configuration. Modify the required interface settings, and click
ContentsxviPriority Commands (Layer 3 and 4) 55-7map ip port (Global Configuration) 55-7map ip port (Interface Configuration) 55-8map ip precedence
Port Configuration16-616Showing Port StatisticsYou can display standard statistics on network traffic from the Interfaces Group and Ethernet-like MIBs
Showing Port Statistics16-716Transmit Discarded Packets The number of outbound packets which were chosen to be discarded even though no errors had bee
Port Configuration16-816Received Frames The total number of frames (bad, broadcast and multicast) received.Broadcast Frames The total number of good f
Showing Port Statistics16-916Web – Click Port, Port Statistics. Select the required interface, and click Query. You can also use the Refresh button at
Port Configuration16-1016CLI – This example shows statistics for port 12.Console#show interfaces counters ethernet 1/12 45-9Ethernet 1/12 Iftable stat
17-1Chapter 17: Creating Trunk Groups You can create multiple links between devices that work as one virtual, aggregate link. A port trunk offers a dr
Creating Trunk Groups17-217Statically Configuring a TrunkCommand Usage• When configuring static trunks, you may not be able to link switches of differ
Setting a Load-Balance Mode for Trunks17-317CLI – This example creates trunk 1 with ports 9 and 10. Just connect these ports to two static trunk ports
Creating Trunk Groups17-417• Destination MAC Address: All traffic with the same destination MAC address is output on the same link in a trunk. This mo
Enabling LACP on Selected Ports17-517CLI – The following example sets the load-balance method to source and destination IP address. Enabling LACP on S
Contentsxviiip domain-lookup 58-5show hosts 58-6show dns 58-7show dns cache 58-7clear dns cache 58-8Chapter 59: IPv4 Interface Commands 59-1ip a
Creating Trunk Groups17-617Web – Click Port, LACP, Configuration. Select any of the switch ports from the scroll-down port list and click Add. After y
Configuring LACP Parameters17-717Configuring LACP ParametersDynamically Creating a Port Channel –Ports assigned to a common port channel must meet the
Creating Trunk Groups17-817Web – Click Port, LACP, Aggregation Port. Set the System Priority, Admin Key, and Port Priority for the Port Actor. You can
Displaying LACP Port Counters17-917CLI – The following example configures LACP parameters for ports 1-10. Ports 1-8 are used as active members of the
Creating Trunk Groups17-1017Web – Click Port, LACP, Port Counters Information. Select a member port to display the corresponding information.Figure 17
Displaying LACP Settings and Status for the Local Side17-1117Displaying LACP Settings and Status for the Local SideYou can display configuration setti
Creating Trunk Groups17-1217Web – Click Port, LACP, Port Internal Information. Select a port channel to display the corresponding information.Figure 1
Displaying LACP Settings and Status for the Remote Side17-1317Displaying LACP Settings and Status for the Remote SideYou can display configuration set
Creating Trunk Groups17-1417CLI – The following example displays the LACP configuration settings and operational state for the remote side of port cha
18-1Chapter 18: Broadcast Storm ControlBroadcast storms may occur when a device on your network is malfunctioning, or if application programs are not
ContentsxviiiSection IV: AppendicesAppendix A: Software Specifications A-1Software Features A-1Management Features A-2Standards A-2Management Infor
Broadcast Storm Control18-218CLI – Specify any interface, and then enter the threshold. The following disables broadcast storm control for port 1, and
19-1Chapter 19: Configuring Port Mirroring You can mirror traffic from any source port to a target port for real-time analysis. You can then attach a
Configuring Port Mirroring19-219Web – Click Port, Mirror Port Configuration. Specify the source port, the traffic type to be mirrored, and the monitor
20-1Chapter 20: Configuring Rate Limits This function allows the network manager to control the maximum rate for traffic transmitted or received on an
Configuring Rate Limits20-220CLI - This example sets the rate limit for input and output traffic passing through port 1 to 600 Mbps.Console(config)#in
21-1Chapter 21: Address Table Settings Switches store the addresses for all known devices. This information is used to pass traffic directly between t
Address Table Settings21-221CLI – This example adds an address to the static address table, but sets it to be deleted when the switch is reset.Display
Displaying the Address Table21-321Web – Click Address Table, Dynamic Addresses. Specify the search type (i.e., mark the Interface, MAC Address, or VLA
Address Table Settings21-421Changing the Aging TimeYou can set the aging time for entries in the dynamic address table. Command Attributes• Aging Stat
22-1Chapter 22: Spanning Tree Algorithm Configuration The Spanning Tree Algorithm (STA) can be used to detect and disable network loops, and to provi
xixTablesTable 1-1 Key Features 1-1Table 1-2 System Defaults 1-6Table 3-1 Web Page Configuration Buttons 3-3Table 3-2 Switch Main Menu 3-4Table 9-
Spanning Tree Algorithm Configuration22-222alternate route that can be used when a node or port fails, and retaining the forwarding database for ports
Displaying Global Settings22-322MSTP connects all bridges and LAN segments with a single Common and Internal Spanning Tree (CIST). The CIST is formed
Spanning Tree Algorithm Configuration22-422These additional parameters are only displayed for the CLI:• Spanning tree mode – Specifies the type of spa
Displaying Global Settings22-522Web – Click Spanning Tree, STA, Information.Figure 22-1 STA InformationCLI – This command displays global STA setting
Spanning Tree Algorithm Configuration22-622Note: The current root port and current root cost display as zero when this device is not connected to the
Configuring Global Settings22-722• Multiple Spanning Tree Protocol- To allow multiple spanning trees to operate over the network, you must configure a
Spanning Tree Algorithm Configuration22-822• Forward Delay – The maximum time (in seconds) this device will wait before changing states (i.e., discard
Configuring Global Settings22-922Web – Click Spanning Tree, STA, Configuration. Modify the required attributes, and click Apply.Figure 22-2 STA Globa
Spanning Tree Algorithm Configuration22-1022CLI – This example enables Spanning Tree Protocol, sets the mode to MST, and then configures the STA and M
Displaying Interface Settings22-1122• Designated Port – The port priority and number of the port on the designated bridging device through which this
xxTablesTable 41-5 RADIUS Client Commands 41-5Table 41-6 TACACS+ Client Commands 41-9Table 41-7 Web Server Commands 41-11Table 41-8 HTTPS System Su
Spanning Tree Algorithm Configuration22-1222• External path cost – The path cost for the IST. This parameter is used by the STA to determine the bes
Configuring Interface Settings22-1322CLI – This example shows the STA attributes for port 5. Configuring Interface SettingsYou can configure RSTP and
Spanning Tree Algorithm Configuration22-1422The following interface attributes can be configured:• Spanning Tree – Enables/disables STA on this interf
Configuring Multiple Spanning Trees22-1522Migration button to manually re-check the appropriate BPDU format (RSTP or STP-compatible) to send on the se
Spanning Tree Algorithm Configuration22-16223. Add the VLANs that will share this MSTI (MSTP VLAN Configuration). Note:All VLANs are automatically add
Configuring Multiple Spanning Trees22-1722CLI – This displays STA settings for instance 1, followed by settings for each port. CLI – This example sets
Spanning Tree Algorithm Configuration22-1822Displaying Interface Settings for MSTPThe MSTP Port Information and MSTP Trunk Information pages display t
Configuring Interface Settings for MSTP22-1922Configuring Interface Settings for MSTPYou can configure the STA interface settings for an MST Instance
Spanning Tree Algorithm Configuration22-2022• Default: 128• Range: 0-240, in steps of 16• Admin MST Path Cost – This parameter is used by the MSTP to
23-1Chapter 23: VLAN Configuration In large networks, routers are used to isolate broadcast traffic for each subnet into separate domains. This switch
xxiTablesTable 57-4 Static Multicast Routing Commands 57-8Table 58-1 DNS Commands 58-1Table 58-2 show dns cache - display description 58-7Table 59-
VLAN Configuration23-223Note: VLAN-tagged frames can pass through VLAN-aware or VLAN-unaware network interconnection devices, but the VLAN tags should
Assigning Ports to VLANs23-323these hosts, and core switches in the network, enable GVRP on the links between these devices. You should also determine
VLAN Configuration23-423Enabling or Disabling GVRP (Global Setting) GARP VLAN Registration Protocol (GVRP) defines a way for switches to exchange VLAN
Displaying Current VLANs23-523CLI – Enter the following command.Displaying Current VLANsThe VLAN Current Table shows the current port members of each
VLAN Configuration23-623Command Attributes (CLI)• VLAN – ID of configured VLAN (1-4093, no leading zeroes).• Type – Shows how this VLAN was added to t
Adding Static Members to VLANs (VLAN Index)23-723Web – Click VLAN, 802.1Q VLAN, Static List. To create a new VLAN, enter the VLAN ID and VLAN name, ma
VLAN Configuration23-823Command Attributes • VLAN – ID of configured VLAN (1-4093).• Name – Name of the VLAN (1 to 32 characters).• Status – Enables o
Adding Static Members to VLANs (Port Index)23-923CLI – The following example adds tagged and untagged ports to VLAN 2.Adding Static Members to VLANs (
VLAN Configuration23-1023Configuring VLAN Behavior for InterfacesYou can configure VLAN behavior for specific interfaces, including the default VLAN i
Configuring VLAN Behavior for Interfaces23-1123• GARP Leave Timer2 – The interval a port waits before leaving a VLAN group. This time should be set to
xxiiTables
VLAN Configuration23-1223CLI – This example sets port 3 to accept only tagged frames, assigns PVID 3 as the native VLAN ID, enables GVRP, sets the GAR
Configuring IEEE 802.1Q Tunneling23-1323When a double-tagged packet enters another trunk port in an intermediate or core switch in the service provide
VLAN Configuration23-14233. After packet classification through the switching process, the packet is written to memory with one tag (an outer tag) or
Configuring IEEE 802.1Q Tunneling23-1523Configuration Limitations for QinQ• The native VLAN of uplink ports should not be used as the SPVLAN. If the S
VLAN Configuration23-1623Enabling QinQ Tunneling on the SwitchThe switch can be configured to operate in normal VLAN mode or IEEE 802.1Q (QinQ) tunnel
Configuring IEEE 802.1Q Tunneling23-1723Adding an Interface to a QinQ TunnelFollow the guidelines in the preceding section to set up a QinQ tunnel on
VLAN Configuration23-1823Figure 23-1 Tunnel Port ConfigurationCLI – This example sets port 1 to tunnel access mode, indicates that the TPID used for
24-1Chapter 24: Configuring Private VLANs Private VLANs provide port-based security and isolation between ports within the assigned VLAN. Data traffic
Configuring Private VLANs24-224Configuring Uplink and Downlink PortsUse the Private VLAN Link Status page to set ports as downlink or uplink ports. Po
25-1Chapter 25: Configuring Protocol-Based VLANs The network devices required to support multiple protocols cannot be easily grouped into a common VLA
xxiiiFiguresFigure 3-1 Home Page 3-2Figure 3-2 Front Panel Indicators 3-3Figure 4-1 System Information 4-2Figure 4-2 Switch Information 4-4Figure
Configuring Protocol-Based VLANs25-225Web – Click VLAN, Protocol VLAN, Configuration. Enter a protocol group ID, frame type and protocol type, then cl
Mapping Protocols to VLANs25-325Web – Click VLAN, Protocol VLAN, Port Configuration. Select a a port or trunk, enter a protocol group ID, the correspo
Configuring Protocol-Based VLANs25-425
26-1Chapter 26: Class of Service Configuration Class of Service (CoS) allows you to specify which data packets have greater precedence when traffic is
Class of Service Configuration26-226Web – Click Priority, Default Port Priority or Default Trunk Priority. Modify the default priority for any interfa
Layer 2 Queue Settings26-326Mapping CoS Values to Egress QueuesThis switch processes Class of Service (CoS) priority tagged traffic by using eight pri
Class of Service Configuration26-426Web – Click Priority, Traffic Classes. Assign priorities to the traffic classes (i.e., output queues), then click
Layer 2 Queue Settings26-526Command Attributes• WRR - Weighted Round-Robin shares bandwidth at the egress ports by using scheduling weights 1, 2, 4, 6
Class of Service Configuration26-626Web – Click Priority, Queue Scheduling. Select the interface, highlight a traffic class (i.e., output queue), ente
Layer 3/4 Priority Settings26-726Layer 3/4 Priority SettingsMapping Layer 3/4 Priorities to CoS ValuesThis switch supports several common methods of p
xxivFiguresFigure 12-7 IP Filter 12-14Figure 13-1 Port Security 13-2Figure 14-1 802.1X Global Information 14-2Figure 14-2 802.1X Global Configurati
Class of Service Configuration26-826Mapping IP PrecedenceThe Type of Service (ToS) octet in the IPv4 header includes three precedence bits defining ei
Layer 3/4 Priority Settings26-926CLI – The following example globally enables IP Precedence service on the switch, maps IP Precedence value 1 to CoS v
Class of Service Configuration26-1026Web – Click Priority, IP DSCP Priority. Select an entry from the DSCP table, enter a value in the Class of Servic
Layer 3/4 Priority Settings26-1126Mapping IP Port PriorityYou can also map network applications to Class of Service values based on the IP port number
Class of Service Configuration26-1226CLI – The following example globally enables IP Port Priority service on the switch, maps HTTP traffic (on port 1
27-1Chapter 27: Quality of Service The commands described in this section are used to configure Quality of Service (QoS) classification criteria and
Quality of Service27-227Configuring a Class MapA class map is used for matching packets to a specified class.Command Usage • To configure a Class Map,
Configuring a Class Map27-327• IP Precedence – An IP Precedence value. (Range: 0-7) • VLAN – A VLAN. (Range:1-4093)• Add – Adds specified criteria to
Quality of Service27-427CLI - This example creates a class map call “rd-class,” and sets it to match packets marked for DSCP service value 3.Creating
Creating QoS Policies27-527• Add Policy – Opens the “Policy Configuration” page. Enter a policy name and description on this page, and click Add to op
xxvFiguresFigure 24-1 Private VLAN Status 24-1Figure 24-2 Private VLAN Link Status 24-2Figure 25-1 Protocol VLAN Configuration 25-2Figure 25-2 Prot
Quality of Service27-627Web – Click QoS, DiffServ, Policy Map to display the list of existing policy maps. To add a new policy map click Add Policy. T
Attaching a Policy Map to Ingress Queues27-727CLI – This example creates a policy map called “rd-policy,” sets the average bandwidth the 1 Mbps, the b
Quality of Service27-827
28-1Chapter 28: Multicast Filtering Multicasting is used to support real-time applications such as videoconferencing or streaming audio. A multicast s
Multicast Filtering28-228router/switch to ensure that multicast traffic is passed to all appropriate interfaces within the switch.Static IGMP Host Int
Layer 2 IGMP (Snooping and Query)28-328• IGMP Version — Sets the protocol version for compatibility with other devices on the network. (Range: 1-2; De
Multicast Filtering28-428Displaying Interfaces Attached to a Multicast RouterMulticast routers that are attached to ports on the switch use informatio
Layer 2 IGMP (Snooping and Query)28-528Specifying Static Interfaces for a Multicast RouterDepending on your network connections, IGMP snooping may not
Multicast Filtering28-628Displaying Port Members of Multicast Services You can display the port members associated with a specified VLAN and multicast
Layer 2 IGMP (Snooping and Query)28-728Assigning Ports to Multicast Services Multicast filtering can be dynamically configured using IGMP Snooping and
xxviFigures
Multicast Filtering28-828CLI – This example assigns a multicast address to VLAN 1, and then displays all the known multicast services supported on VLA
29-1Chapter 29: Configuring Domain Name Service The Domain Naming System (DNS) service on this switch allows host names to be mapped to IP addresses u
Configuring Domain Name Service29-229Web – Select DNS, General Configuration. Set the default domain name or list of domain names, specify one or more
Configuring Static DNS Host to Address Entries29-329Configuring Static DNS Host to Address EntriesYou can manually configure static entries in the DNS
Configuring Domain Name Service29-429Web – Select DNS, Static Host Table. Enter a host name and one or more corresponding addresses, then click Apply.
Displaying the DNS Cache29-529Displaying the DNS CacheYou can display entries in the DNS cache that have been learned via the designated name servers.
Configuring Domain Name Service29-629CLI - This example displays all the resource records learned from the designated name servers.Console#show dns ca
30-1Chapter 30: Switch Clustering Switch Clustering is a method of grouping switches together to enable centralized management through a single unit.
Switch Clustering30-230Web – Click Cluster, Configuration. Figure 30-1 Cluster ConfigurationCLI – This example first enables clustering on the switch
Cluster Member Information30-330Web – Click Cluster, Member Configuration. Figure 30-2 Cluster Member ConfigurationCLI – This example creates a new c
Section I: Getting StartedThis section provides an overview of the switch, and introduces some basic concepts about network switches. It also describe
Switch Clustering30-430CLI – This example shows information about cluster Member switches.Cluster Candidate InformationDisplays information about disc
Section III:Command Line InterfaceThis section provides a detailed description of the Command Line Interface, along with examples for all of the comma
Command Line InterfaceDomain Name Service Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58-1IPv4 Interface Commands . . . .
31-1Chapter 31: Using the Command Line InterfaceThis chapter describes how to use the Command Line Interface (CLI).Accessing the CLIWhen accessing the
Using the Command Line Interface31-231To access the switch through a Telnet session, you must first set the IP address for the switch, and set the def
Entering Commands31-331Entering CommandsThis section describes how to enter CLI commands.Keywords and ArgumentsA CLI command is a series of keywords a
Using the Command Line Interface31-431Showing CommandsIf you enter a “?” at the command prompt, the system will display the first level of keywords fo
Entering Commands31-531Partial Keyword LookupIf you terminate a partial keyword with a question mark, alternatives that match the initial letters are
Using the Command Line Interface31-631Understanding Command ModesThe command set is divided into Exec and Configuration classes. Exec commands general
Entering Commands31-731Configuration CommandsConfiguration commands are privileged level commands used to modify switch settings. These commands modif
Getting Started
Using the Command Line Interface31-831To enter the other modes, at the configuration prompt type one of the following commands. Use the exit or end co
Entering Commands31-931Command Line ProcessingCommands are not case sensitive. You can abbreviate commands and parameters as long as they contain enou
Using the Command Line Interface31-1031
32-1Chapter 32: CLI Command GroupsThe system commands can be broken down into the functional groups shown below.Table 32-1 Command Group IndexComman
CLI Command Groups32-232The access mode shown in the following tables is indicated by these abbreviations: ACL (Access Control List Configuration) MST
33-1Chapter 33: General CommandsThis chapter describes general system commands that apply to using the CLI.enableThis command activates Privileged Exe
General Commands33-233Example Related Commands disable (33-2)enable password (41-2)disableThis command returns to Normal Exec mode from privileged mod
show history33-333Example Related Commands end (33-4)show historyThis command shows the contents of the command history buffer.Default Setting NoneCom
General Commands33-433promptThis command customizes the CLI prompt. Use the no form to restore the default prompt.Syntax prompt stringno promptstring
quit33-533Command Mode AnyExample This example shows how to return to the Privileged Exec mode from the Global Configuration mode, and then quit the C
1-1Chapter 1: IntroductionThis switch provides a broad range of features for Layer 2 switching. It includes a management agent that allows you to conf
General Commands33-633
34-1Chapter 34: System Management CommandsThis section describes commands used to configure information that uniquely identifies the switch, and displ
System Management Commands34-234reloadThis command restarts the system.Note:When the system is restarted, it will always run the Power-On Self-Test. I
jumbo frame34-334jumbo frameThis command enables support for jumbo frames. Use the no form to disable it.Syntax [no] jumbo frameDefault Setting Disabl
System Management Commands34-434Command Usage • Use this command in conjunction with the show running-config command to compare the information in run
show running-config34-534Related Commandsshow running-config (34-5)show running-configThis command displays the configuration information currently in
System Management Commands34-634- Multiple spanning tree instances (name and interfaces)- IP address - Layer 4 precedence settings- Spanning tree sett
show system34-734show systemThis command displays system information.Default Setting NoneCommand Mode Normal Exec, Privileged ExecCommand Usage • For
System Management Commands34-834Command Mode Normal Exec, Privileged ExecCommand Usage The session used to execute this command is indicated by a “*”
show version34-934Example Console#show versionUnit1 Serial Number: 0000E8900000 Hardware Version: R01 EPLD Version: 1.02 N
Management GuideES4524D Gigabit Ethernet SwitchLayer 2 Switchwith 20 10/100/1000BASE-T (RJ-45) Ports, and 4 Gigabit Combination Ports (RJ-45/SFP)ES454
Introduction1-21Description of Software FeaturesThe switch provides a wide range of advanced performance enhancing features. Flow control eliminates t
System Management Commands34-1034
35-1Chapter 35: File Management CommandsThese commands are used to manage software and configuration files on the switch.Managing FirmwareFirmware can
File Management Commands35-235copy This command moves (upload/download) a code image or configuration file between the switch’s flash memory and a
copy35-335• To replace the startup configuration, you must use startup-config as the destination.•Use the copy file unit command to copy a local file
File Management Commands35-435The following example shows how to download a configuration file: This example shows how to copy a secure-site certifica
dir35-535Command Mode Privileged ExecCommand Usage • If the file type is used for system startup, then this file cannot be deleted. • “Factory_Default
File Management Commands35-635• File information is shown below:Example The following example shows how to display all file information:whichbootThis
boot system35-735boot systemThis command specifies the file or image used to start up the system.Syntax boot system [unit:] {boot-rom| config | opcode
File Management Commands35-835
36-1Chapter 36: Line Commands You can access the onboard configuration program by attaching a VT100 compatible device to the server’s serial port. The
Description of Software Features1-31Port Configuration – You can manually configure the speed and duplex mode, and flow control used on specific ports
Line Commands36-236Command Mode Global Configuration Command Usage Telnet is considered a virtual terminal connection and will be shown as “VTY” in sc
password36-336• This command controls login authentication via the switch itself. To configure user names and passwords for remote authentication serv
Line Commands36-436Related Commandslogin (36-2)password-thresh (36-5)timeout login responseThis command sets the interval that the system waits for a
password-thresh36-536Default Setting CLI: No timeoutTelnet: 10 minutesCommand Mode Line ConfigurationCommand Usage • If user input is detected within
Line Commands36-636Related Commandssilent-time (36-6)silent-timeThis command sets the amount of time the management console is inaccessible after the
parity36-736Command Usage The databits command can be used to mask the high bit on input from devices that generate 7 data bits with parity. If parity
Line Commands36-836speedThis command sets the terminal line’s baud rate. This command sets both the transmit (to terminal) and receive (from terminal)
disconnect36-936Example To specify 2 stop bits, enter this command:disconnectThis command terminates an SSH, Telnet, or console connection.Syntax disc
Line Commands36-1036Example To show all lines, enter this command:Console#show line Console configuration: Password threshold: 3 times Interactive
37-1Chapter 37: Event Logging CommandsThis section describes commands used to configure event logging on the switch.logging onThis command controls lo
Introduction1-41Spanning Tree Algorithm – The switch supports these spanning tree protocols:Spanning Tree Protocol (STP, IEEE 802.1D) – This protocol
Event Logging Commands37-237Related Commandslogging history (37-2)logging trap (37-4)clear log (37-5)logging historyThis command limits syslog message
logging host37-337Example logging hostThis command adds a syslog server host IP address that will receive logging messages. Use the no form to remove
Event Logging Commands37-437Command Usage The command specifies the facility type tag sent in syslog messages. (See RFC 3164.) This type has no effect
clear log37-537clear logThis command clears messages from the log buffer.Syntax clear log [flash | ram]• flash - Event history stored in flash memory
Event Logging Commands37-637ExampleThe following example shows that system logging is enabled, the message level for flash memory is “errors” (i.e., d
show log37-737show logThis command displays the log messages stored in local memory.Syntax show log {flash | ram}• flash - Event history stored in fla
Event Logging Commands37-837
38-1Chapter 38: SMTP Alert CommandsThese commands configure SMTP event handling, and forwarding of alert messages to the specified SMTP servers and em
SMTP Alert Commands38-238Examplelogging sendmail levelThis command sets the severity threshold used to trigger alert messages.Syntaxlogging sendmail l
logging sendmail destination-email38-338Command Usage You may use an symbolic email address that identifies the switch, or the address of an administr
Description of Software Features1-51Traffic Prioritization – This switch prioritizes each packet based on the required level of service, using eight p
SMTP Alert Commands38-438Exampleshow logging sendmailThis command displays the settings for the SMTP event handler.Command Mode Normal Exec, Privilege
39-1Chapter 39: Time Commands The system clock can be dynamically set by polling a set of specified time servers (NTP or SNTP). Maintaining an accurat
Time Commands39-239Example Related Commandssntp server (39-2)sntp poll (39-3)show sntp (39-3)sntp serverThis command sets the IP address of the server
sntp poll39-339Related Commandssntp client (39-1)sntp poll (39-3)show sntp (39-3)sntp pollThis command sets the interval between sending time requests
Time Commands39-439Example clock timezoneThis command sets the time zone for the switch’s internal clock.Syntax clock timezone name hour hours minute
calendar set39-539calendar setThis command sets the system clock. It may be used if there is no time server on your network, or if you have not config
Time Commands39-639
40-1Chapter 40: SNMP CommandsControls access to this switch from management stations using the Simple Network Management Protocol (SNMP), as well as t
SNMP Commands40-240snmp-serverThis command enables the SNMPv3 engine and services for all management clients (i.e., versions 1, 2c, 3). Use the no for
snmp-server community40-340Examplesnmp-server communityThis command defines the SNMP v1 and v2c community access string. Use the no form to remove the
Introduction1-61System DefaultsThe switch’s system defaults are provided in the configuration file “Factory_Default_Config.cfg.” To reset the switch d
SNMP Commands40-440• private - Read/write access. Authorized management stations are able to both retrieve and modify MIB objects.Command Mode Global
snmp-server host40-540Command Mode Global ConfigurationExample Related Commandssnmp-server contact (40-4)snmp-server host This command specifies the r
SNMP Commands40-640• SNMP Version: 1• UDP Port: 162Command Mode Global ConfigurationCommand Usage • If you do not enter an snmp-server host command, n
snmp-server enable traps40-740supports. If the snmp-server host command does not specify the SNMP version, the default is to send SNMP version 1 notif
SNMP Commands40-840conjunction with the corresponding entries in the Notify View assigned by the snmp-server group command (page 40-11).Example Relate
show snmp engine-id40-940• A local engine ID is automatically generated that is unique to the switch. This is referred to as the default engine ID. If
SNMP Commands40-1040snmp-server viewThis command adds an SNMP view which controls user access to the MIB. Use the no form to remove an SNMP view.Synta
show snmp view40-1140show snmp viewThis command shows information on the SNMP views.Command Mode Privileged ExecExample snmp-server groupThis command
SNMP Commands40-1240• writeview - Defines the view for write access. (1-64 characters)• notifyview - Defines the view for notifications. (1-64 charact
show snmp group40-1340show snmp groupFour default groups are provided – SNMPv1 read-only access and read/write access, and SNMPv2c read-only access an
System Defaults1-71SNMP SNMP Agent EnabledCommunity Strings “public” (read only) “private” (read/write) Traps Authentication traps: enabledLink-up-dow
SNMP Commands40-1440snmp-server userThis command adds a user to an SNMP group, restricting the user to a specific SNMP Read, Write, or Notify View. Us
show snmp user40-1540Command Usage • The SNMP engine ID is used to compute the authentication/privacy digests from the password. You should therefore
SNMP Commands40-1640Table 40-5 show snmp user - display descriptionField DescriptionEngineId String identifying the engine ID.User Name Name of user
41-1Chapter 41: User Authentication Commands You can configure this switch to authenticate users logging into the system for management access using l
User Authentication Commands41-241• access-level level - Specifies the user level.The device has two predefined privilege levels: 0: Normal Exec, 15:
Authentication Sequence41-341Default Setting • The default is level 15. • The default password is “super”Command Mode Global ConfigurationCommand Usag
User Authentication Commands41-441• tacacs - Use TACACS server password.Default Setting LocalCommand Mode Global ConfigurationCommand Usage • RADIUS u
RADIUS Client41-541Command Usage • RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort delivery, while TCP offers a connection-oriente
User Authentication Commands41-641radius-server hostThis command specifies primary and backup RADIUS servers and authentication parameters that apply
RADIUS Client41-741Command Mode Global ConfigurationExample radius-server keyThis command sets the RADIUS encryption key. Use the no form to restore t
Introduction1-81Traffic Prioritization Ingress Port Priority 0Queue Mode WRRWeighted Round Robin Queue: 0 1 2 3 4 5 6 7Weight: 1 2 4
User Authentication Commands41-841radius-server timeoutThis command sets the interval between transmitting authentication requests to the RADIUS serve
TACACS+ Client41-941TACACS+ ClientTerminal Access Controller Access Control System (TACACS+) is a logon authentication protocol that uses software run
User Authentication Commands41-1041Default Setting 49Command Mode Global ConfigurationExample tacacs-server keyThis command sets the TACACS+ encryptio
Web Server Commands41-1141Web Server CommandsThis section describes commands used to configure web browser management access to the switch.ip http por
User Authentication Commands41-1241Command Mode Global ConfigurationExample Related Commandsip http port (41-11)ip http secure-serverThis command enab
Web Server Commands41-1341• The following web browsers and operating systems currently support HTTPS:• To specify a secure-site certificate, see “Repl
User Authentication Commands41-1441Related Commandsip http secure-server (41-12)Telnet Server CommandsThis section describes commands used to configur
Secure Shell Commands41-1541Secure Shell CommandsThis section describes the commands used to configure the SSH server. Note that you also need to inst
User Authentication Commands41-16412. Provide Host Public Key to Clients – Many SSH client programs automatically import the host public key during th
Secure Shell Commands41-1741c.If a match is found, the switch uses its secret key to generate a random 256-bit string as a challenge, encrypts this st
2-1Chapter 2: Initial ConfigurationConnecting to the SwitchConfiguration OptionsThe switch includes a built-in network management agent. The agent off
User Authentication Commands41-1841Example Related Commandsip ssh crypto host-key generate (41-20)show ssh (41-22)ip ssh timeoutThis command configure
Secure Shell Commands41-1941ip ssh authentication-retriesThis command configures the number of times the SSH server attempts to reauthenticate a user.
User Authentication Commands41-2041delete public-keyThis command deletes the specified user’s public key.Syntax delete public-key username [dsa | rsa]
Secure Shell Commands41-2141Related Commandsip ssh crypto zeroize (41-21)ip ssh save host-key (41-21)ip ssh crypto zeroizeThis command clears the host
User Authentication Commands41-2241Example Related Commandsip ssh crypto host-key generate (41-20)show ip sshThis command displays the connection sett
Secure Shell Commands41-2341show public-keyThis command shows the public key for the specified user or for the host.Syntax show public-key [user [user
User Authentication Commands41-2441Example IP Filter CommandsThis section describes commands used to configure IP management access to the switch.mana
IP Filter Commands41-2541Command Mode Global ConfigurationCommand Usage • If anyone tries to access a management interface on the switch from an inval
User Authentication Commands41-2641ExampleConsole#show management all-clientManagement Ip Filter HTTP-Client: Start IP address End IP address--
42-1Chapter 42: Port Security CommandsThese commands can be used to enable port security on a port. When using port security, the switch stops learnin
Initial Configuration2-22• Configure up to 32 static or LACP trunks per switch• Enable port mirroring• Set broadcast storm control on any port• Displa
Port Security Commands42-242Command Usage • If you enable port security, the switch stops learning new MAC addresses on the specified port when it has
43-1Chapter 43: 802.1X Port Authentication The switch supports IEEE 802.1X (dot1x) port-based access control that prevents unauthorized access to the
802.1X Port Authentication43-243dot1x defaultThis command sets all configurable dot1x global and port settings to their default values.Command ModeGlo
dot1x operation-mode43-343• force-authorized – Configures the port to grant access to all clients, either dot1x-aware or otherwise. • force-unauthor
802.1X Port Authentication43-443Exampledot1x re-authenticateThis command forces re-authentication on all ports or a specific interface.Syntaxdot1x re-
dot1x timeout quiet-period43-543• The connected client is re-authenticated after the interval specified by the dot1x timeout re-authperiod command. Th
802.1X Port Authentication43-643Command ModeInterface ConfigurationExampledot1x timeout tx-periodThis command sets the time that an interface on the s
show dot1x43-743Command UsageThis command displays the following information:• Global 802.1X Parameters – Shows whether or not 802.1X port authenticat
802.1X Port Authentication43-843• Request Count– Number of EAP Request packets sent to the Supplicant without receiving a response.• Identifier(Server
44-1Chapter 44: Access Control List Commands Access Control Lists (ACL) provide packet filtering for IPv4 frames (based on address, protocol, Layer 4
Basic Configuration2-32Note: This switch supports four concurrent Telnet/SSH sessions.After configuring the switch’s IP parameters, you can access the
Access Control List Commands44-244access-list ip This command adds an IP access list and enters configuration mode for standard or extended IPv4 ACLs.
IPv4 ACLs44-344Default SettingNoneCommand ModeStandard IPv4 ACLCommand Usage• New rules are appended to the end of the list.• Address bitmasks are sim
Access Control List Commands44-444• host – Keyword followed by a specific IP address.• precedence – IP precedence level. (Range: 0-7)• tos – Type of S
IPv4 ACLs44-544ExampleThis example accepts any incoming packets if the source address is within subnet 10.7.1.x. For example, if the rule is matched;
Access Control List Commands44-644ip access-group This command binds a port to an IPv4 ACL. Use the no form to remove the port.Syntax[no] ip access-gr
IPv6 ACLs44-744IPv6 ACLsThe commands in this section configure ACLs based on IPv6 addresses, next header type, and flow label. To configure IPv6 ACLs,
Access Control List Commands44-844Example Related Commandspermit, deny (44-8)ipv6 access-group (44-11)show ipv6 access-list (44-10)permit, deny (Stand
IPv6 ACLs44-944permit, deny (Extended IPv6 ACL) This command adds a rule to an Extended IPv6 ACL. The rule sets a filter condition for packets with sp
Access Control List Commands44-1044e.g., in a hop-by-hop option. A flow is uniquely identified by the combination of a source address and a non-zero f
IPv6 ACLs44-1144Command ModePrivileged ExecExample Related Commandspermit, deny (44-8)ipv6 access-group (44-11)ipv6 access-group This command binds a
ES4524DES4548DF0.0.0.4 E112006-CS-R01149100030400A
Initial Configuration2-423. Type “username guest password 0 password,” for the Normal Exec level, where password is your new password. Press <Enter
Access Control List Commands44-1244Example Related Commandsipv6 access-group (44-11)MAC ACLsThe commands in this section configure ACLs based on hardw
MAC ACLs44-1344• An ACL can contain up to 32 rules.Example Related Commandspermit, deny (44-13)mac access-group (44-15)show mac access-list (44-14)per
Access Control List Commands44-1444• source – Source MAC address.• destination – Destination MAC address range with bitmask.• address-bitmask2 – Bitma
MAC ACLs44-1544Example Related Commandspermit, deny 44-13mac access-group (44-15)mac access-groupThis command binds a port to a MAC ACL. Use the no fo
Access Control List Commands44-1644Example Related Commandsmac access-group (44-15)ACL InformationThis section describes commands used to display ACL
ACL Information44-1744Example Console#show access-groupInterface ethernet 1/2 IP standard access-list david MAC access-list jerryConsole#
Access Control List Commands44-1844
45-1Chapter 45: Interface Commands These commands are used to display or set communication parameters for an Ethernet port, aggregated link, or VLAN.
Interface Commands45-245Command Mode Global Configuration Example To specify port 4, enter the following command:descriptionThis command adds a descri
negotiation45-345Default Setting • Auto-negotiation is enabled by default. • When auto-negotiation is disabled, the default speed-duplex setting is: -
Basic Configuration2-523. Type “exit” to return to the global configuration mode prompt. Press <Enter>. 4. To set the IP address of the default
Interface Commands45-445• If autonegotiation is disabled, auto-MDI/MDI-X pin signal configuration will also be disabled for the RJ-45 ports.Example Th
flowcontrol45-545Example The following example configures Ethernet port 5 capabilities to 100half and 100full.Related Commands negotiation (45-3)speed
Interface Commands45-645Related Commands negotiation (45-3)capabilities (flowcontrol, symmetric) (45-4)media-typeThis command forces the port type sel
clear counters45-745Command Usage This command allows you to disable a port due to abnormal behavior (e.g., excessive collisions), and then reenable i
Interface Commands45-845show interfaces statusThis command displays the status for an interface.Syntax show interfaces status [interface]interface • e
show interfaces counters45-945show interfaces countersThis command displays interface statistics. Syntax show interfaces counters [interface]interface
Interface Commands45-1045show interfaces switchportThis command displays the administrative and operational status of the specified interfaces.Syntax
show interfaces switchport45-1145VLAN membership mode Indicates membership mode as Trunk or Hybrid (page 52-8).Ingress rule Shows if ingress filtering
Interface Commands45-1245
46-1Chapter 46: Link Aggregation Commands Ports can be statically grouped into an aggregate link (i.e., trunk) to increase the bandwidth of a network
Initial Configuration2-62To configure an IPv6 link local address for the switch, complete the following steps:1. From the Global Configuration mode pr
Link Aggregation Commands46-246• All the ports in a trunk have to be treated as a whole when moved from/to, added or deleted from a VLAN via the speci
port channel load-balance46-346port channel load-balanceThis command sets the load-distribution method among ports in aggregated links (for both stati
Link Aggregation Commands46-446- src-dst-ip: All traffic with the same source and destination IP address is output on the same link in a trunk. This m
lacp system-priority46-546ExampleThe following shows LACP enabled on ports 10-12. Because LACP has also been enabled on the ports at the other end of
Link Aggregation Commands46-646Command Mode Interface Configuration (Ethernet)Command Usage • Port must be configured with the same system priority to
lacp admin-key (Port Channel)46-746• Once the remote side of a link has been established, LACP operational settings are already in use on that side. C
Link Aggregation Commands46-846lacp port-priorityThis command configures LACP port priority. Use the no form to restore the default setting.Syntax lac
show lacp46-946Default Setting Port Channel: allCommand Mode Privileged ExecExample Console#show lacp 1 countersPort channel: 1-----------------
Link Aggregation Commands46-1046Table 46-3 show lacp internal - display descriptionField DescriptionOper Key Current operational value of the key fo
show port-channel load-balance46-1146show port-channel load-balanceThis command shows the setting of the aggregated link load-balance method.Default S
Basic Configuration2-72To generate an IPv6 global unicast address for the switch using a general network prefix, complete the following steps:1. From
Link Aggregation Commands46-1246ExampleConsole#show port-channel load-balanceSource and destination IP addressConsole#
47-1Chapter 47: Broadcast Storm Control CommandsThese commands can be used to enable broadcast storm control on a port. You can protect your network f
Broadcast Storm Control Commands47-247
48-1Chapter 48: Mirror Port Commands This section describes how to mirror traffic from a source port to a target port. port monitorThis command config
Mirror Port Commands48-248Example The following example configures the switch to mirror all packets from port 6 to 11:show port monitorThis command di
49-1Chapter 49: Rate Limit Commands This function allows the network manager to control the maximum rate for traffic transmitted or received on an int
Rate Limit Commands49-249
50-1Chapter 50: Address Table Commands These commands are used to configure the address table for filtering specified addresses, displaying current en
Address Table Commands50-250Command Usage The static address for a host device can be assigned to a specific port within a specific VLAN. Use this com
show mac-address-table50-350show mac-address-tableThis command shows classes of entries in the bridge-forwarding database.Syntax show mac-address-tabl
Initial Configuration2-82Dynamic ConfigurationObtaining an IPv4 AddressIf you select the “bootp” or “dhcp” option, IP will be enabled but will not fun
Address Table Commands50-450mac-address-table aging-timeThis command sets the aging time for entries in the address table. Use the no form to restore
51-1Chapter 51: Spanning Tree Commands This section includes commands that configure the Spanning Tree Algorithm (STA) globally for the switch, and co
Spanning Tree Commands51-251spanning-treeThis command enables the Spanning Tree Algorithm globally for the switch. Use the no form to disable it.Synta
spanning-tree forward-time51-351Command Usage • Spanning Tree ProtocolUses RSTP for the internal state machine, but sends only 802.1D BPDUs. - This cr
Spanning Tree Commands51-451Default Setting 15 secondsCommand Mode Global ConfigurationCommand Usage This command sets the maximum time (in seconds) t
spanning-tree max-age51-551spanning-tree max-ageThis command configures the spanning tree bridge maximum age globally for this switch. Use the no form
Spanning Tree Commands51-651Default Setting 32768Command Mode Global ConfigurationCommand Usage Bridge priority is used in selecting the root device,
spanning-tree transmission-limit51-751spanning-tree transmission-limitThis command configures the minimum interval between the transmission of consecu
Spanning Tree Commands51-851mst vlanThis command adds VLANs to a spanning tree instance. Use the no form to remove the specified VLANs. Using the no f
mst priority51-951mst priorityThis command configures the priority of a spanning tree instance. Use the no form to restore the default.Syntax mst inst
Basic Configuration2-92Obtaining an IPv6 AddressLink Local Address — There are several ways to dynamically configure IPv6 addresses. The simplest meth
Spanning Tree Commands51-1051Command Usage The MST region name and revision number (page 51-10) are used to designate a unique MST region. A bridge (i
max-hops51-1151max-hopsThis command configures the maximum number of hops in the region before a BPDU is discarded. Use the no form to restore the def
Spanning Tree Commands51-1251spanning-tree costThis command configures the spanning tree path cost for the specified interface. Use the no form to res
spanning-tree port-priority51-1351spanning-tree port-priorityThis command configures the priority for the specified interface. Use the no form to rest
Spanning Tree Commands51-1451cause forwarding loops, they can pass directly through to the spanning tree forwarding state. Specifying Edge Ports provi
spanning-tree link-type51-1551ExampleRelated Commandsspanning-tree edge-port (51-13)spanning-tree link-typeThis command configures the link type for R
Spanning Tree Commands51-1651spanning-tree mst costThis command configures the path cost on a spanning instance in the Multiple Spanning Tree. Use the
spanning-tree mst port-priority51-1751spanning-tree mst port-priorityThis command configures the interface priority on a spanning instance in the Mult
Spanning Tree Commands51-1851Command Mode Privileged ExecCommand Usage If at any time the switch detects STP BPDUs, including Configuration or Topolog
show spanning-tree51-1951• For a description of the items displayed under “Spanning-tree information,” see “Configuring Global Settings” on page 22-6.
Initial Configuration2-1022. From the interface prompt, type “ipv6 address autoconfig” and press <Enter>.Enabling SNMP Management Access The swi
Spanning Tree Commands51-2051show spanning-tree mst configurationThis command shows the configuration of the multiple spanning tree.Command Mode Privi
52-1Chapter 52: VLAN Commands A VLAN is a group of ports that can be located anywhere in the network, but communicate as though they belong to the sam
VLAN Commands52-252bridge-ext gvrpThis command enables GVRP globally for the switch. Use the no form to disable it.Syntax [no] bridge-ext gvrpDefault
GVRP and Bridge Extension Commands52-352switchport gvrpThis command enables GVRP for a port. Use the no form to disable it.Syntax [no] switchport gvrp
VLAN Commands52-452garp timerThis command sets the values for the join, leave and leaveall timers. Use the no form to restore the timers’ default valu
Editing VLAN Groups52-552show garp timerThis command shows the GARP timers for the selected interface.Syntax show garp timer [interface]interface • et
VLAN Commands52-652Command Usage • Use the VLAN database command mode to add, change, and delete VLANs. After finishing configuration changes, you can
Configuring VLAN Interfaces52-752Example The following example adds a VLAN, using VLAN ID 105 and name RD5. The VLAN is activated by default.Related C
VLAN Commands52-852Example The following example shows how to set the interface configuration mode to VLAN 1, and then assign an IP address to the VLA
Configuring VLAN Interfaces52-952switchport acceptable-frame-types This command configures the acceptable frame types for a port. Use the no form to r
Basic Configuration2-112The default strings are:• public - with read-only access. Authorized management stations are only able to retrieve MIB objects
VLAN Commands52-1052• If ingress filtering is enabled and a port receives frames tagged for VLANs for which it is not a member, these frames will be d
Configuring VLAN Interfaces52-1152switchport allowed vlanThis command configures VLAN groups on the selected interface. Use the no form to restore the
VLAN Commands52-1252switchport forbidden vlanThis command configures forbidden VLANs. Use the no form to remove the list of forbidden VLANs.Syntax swi
Configuring IEEE 802.1Q Tunneling52-1352Configuring IEEE 802.1Q TunnelingIEEE 802.1Q tunneling (QinQ tunneling) uses a single Service Provider VLAN (S
VLAN Commands52-1452dot1q-tunnel system-tunnel-controlThis command sets the switch to operate in QinQ mode. Use the no form to disable QinQ operating
Configuring IEEE 802.1Q Tunneling52-1552ExampleRelated Commandsshow dot1q-tunnel (52-16)show interfaces switchport (45-10)switchport dot1q-tunnel tpi
VLAN Commands52-1652show dot1q-tunnelThis command displays information about QinQ tunnel ports.Command Mode Privileged ExecExampleRelated Commandsswit
Displaying VLAN Information52-1752show vlanThis command shows VLAN information.Syntax show vlan [id vlan-id | name vlan-name]• id - Keyword to be foll
VLAN Commands52-1852
53-1Chapter 53: Private VLAN CommandsPrivate VLANs provide port-based security and isolation between ports within the assigned VLAN. This section des
Initial Configuration2-122Configuring Access for SNMP Version 3 ClientsTo configure management access for SNMPv3 clients, you need to first create a v
Private VLAN Commands53-253show pvlanThis command displays the configured private VLAN.Command Mode Privileged ExecExampleConsole#show pvlanPrivate VL
54-1Chapter 54: Protocol-based VLAN CommandsThe network devices required to support multiple protocols cannot be easily grouped into a common VLAN. T
Protocol-based VLAN Commands54-254• protocol - Protocol type. The only option for the llc_other frame type is ipx_raw. The options for all other frame
show protocol-vlan protocol-group54-354- If the frame is untagged and the protocol type matches, the frame is forwarded to the appropriate VLAN.- If t
Protocol-based VLAN Commands54-454show interfaces protocol-vlan protocol-groupThis command shows the mapping from protocol groups to VLANs for the sel
55-1Chapter 55: Class of Service Commands The commands described in this section allow you to specify which data packets have greater precedence when
Class of Service Commands55-255queue modeThis command sets the queue mode to strict priority or Weighted Round-Robin (WRR) for the class of service (C
Priority Commands (Layer 2)55-355switchport priority defaultThis command sets a priority for incoming untagged frames. Use the no form to restore the
Class of Service Commands55-455queue bandwidth This command assigns weighted round-robin (WRR) weights to the eight class of service (CoS) priority qu
Priority Commands (Layer 2)55-555Default Setting This switch supports Class of Service by using eight priority queues, with Weighted Round Robin queui
Managing System Files2-132Due to the size limit of the flash memory, the switch supports only two operation code files. However, you can have as many
Class of Service Commands55-655show queue bandwidthThis command displays the weighted round-robin (WRR) bandwidth allocation for the eight priority qu
Priority Commands (Layer 3 and 4)55-755Priority Commands (Layer 3 and 4)This section describes commands used to configure Layer 3 and Layer 4 traffic
Class of Service Commands55-855map ip port (Interface Configuration)This command sets IP port priority (i.e., TCP/UDP port priority). Use the no form
Priority Commands (Layer 3 and 4)55-955Example The following example shows how to enable IP precedence mapping globally:map ip precedence (Interface C
Class of Service Commands55-1055map ip dscp (Global Configuration)This command enables IP DSCP mapping (i.e., Differentiated Services Code Point mappi
Priority Commands (Layer 3 and 4)55-1155Default Setting The DSCP default values are defined in the following table. Note that all the DSCP values that
Class of Service Commands55-1255Default SettingNoneCommand Mode Privileged ExecExample The following shows that HTTP traffic has been mapped to CoS va
Priority Commands (Layer 3 and 4)55-1355Example Related Commands map ip precedence (Global Configuration) (55-8)map ip precedence (Interface Configura
Class of Service Commands55-1455Related Commands map ip dscp (Global Configuration) (55-10)map ip dscp (Interface Configuration) (55-10)
56-1Chapter 56: Quality of Service Commands The commands described in this section are used to configure Differentiated Services (DiffServ) classifica
vContents Section I: Getting StartedChapter 1: Introduction 1-1Key Features 1-1Description of Software Features 1-2System Defaults 1-6Chapter 2:
Initial Configuration2-142
Quality of Service Commands56-256Notes: 1. You can configure up to 16 rules per Class Map. You can also include multiple classes in a Policy Map.2. Yo
match56-356matchThis command defines the criteria used to classify traffic. Use the no form to delete the matching criteria.Syntax [no] match {access-
Quality of Service Commands56-456policy-mapThis command creates a policy map that can be attached to multiple interfaces, and enters Policy Map config
set56-556Default Setting NoneCommand Mode Policy Map ConfigurationCommand Usage • Use the policy-map command to specify a policy map and enter Policy
Quality of Service Commands56-656Command Mode Policy Map Class ConfigurationExample This example creates a policy called “rd_policy,” uses the class c
service-policy56-756Example This example creates a policy called “rd_policy,” uses the class command to specify the previously defined “rd_class,” use
Quality of Service Commands56-856show class-mapThis command displays the QoS class maps which define matching criteria used for classifying traffic.Sy
show policy-map interface56-956Exampleshow policy-map interfaceThis command displays the service policy assigned to the specified interface.Syntax sho
Quality of Service Commands56-1056
57-1Chapter 57: Multicast Filtering Commands This switch uses IGMP (Internet Group Management Protocol) to query for any attached hosts that want to r
Section II: Switch ManagementThis section describes the basic switch features, along with a detailed description of how to configure each feature via
Multicast Filtering Commands57-257ip igmp snooping vlan staticThis command adds a port to a multicast group. Use the no form to remove the port.Syntax
IGMP Snooping Commands57-357Example The following configures the switch to use IGMP Version 1:show ip igmp snoopingThis command shows the IGMP snoopin
Multicast Filtering Commands57-457Example The following shows the multicast entries learned through IGMP snooping for VLAN 1:IGMP Query CommandsThis s
IGMP Query Commands57-557ip igmp snooping query-countThis command configures the query count. Use the no form to restore the default.Syntax ip igmp sn
Multicast Filtering Commands57-657Example The following shows how to configure the query interval to 100 seconds:ip igmp snooping query-max-response-t
IGMP Query Commands57-757ip igmp snooping router-port-expire-timeThis command configures the query timeout. Use the no form to restore the default.Syn
Multicast Filtering Commands57-857Static Multicast Routing Commandsip igmp snooping vlan mrouterThis command statically configures a multicast router
Static Multicast Routing Commands57-957show ip igmp snooping mrouter This command displays information on statically configured and dynamically learne
Multicast Filtering Commands57-1057
58-1Chapter 58: Domain Name Service Commands These commands are used to configure Domain Naming System (DNS) services. You can manually configure entr
Switch ManagementConfiguring Domain Name Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29-1Switch Clustering . . . . . . . .
Domain Name Service Commands58-258Command Usage Servers or other network devices may support one or more connections via multiple IP addresses. If mor
ip domain-name58-358ip domain-nameThis command defines the default domain name appended to incomplete host names (i.e., host names passed from a clien
Domain Name Service Commands58-458Default Setting NoneCommand Mode Global ConfigurationCommand Usage • Domain names are added to the end of the list o
ip domain-lookup58-558Command Usage The listed name servers are queried in the specified sequence until a response is received, or the end of the list
Domain Name Service Commands58-658ExampleThis example enables DNS and then displays the configuration.Related Commands ip domain-name (58-3)ip name-se
show dns58-758show dnsThis command displays the configuration of the DNS service.Command Mode Privileged ExecExampleshow dns cacheThis command display
Domain Name Service Commands58-858clear dns cacheThis command clears all entries in the DNS cache.Command Mode Privileged ExecExampleConsole#clear dns
59-1Chapter 59: IPv4 Interface Commands An IP addresses may be used for management access to the switch over your network. An IPv4 address for this sw
IPv4 Interface Commands59-259numbers, 0 to 255, separated by periods. Anything outside this format will not be accepted by the configuration program.
ip dhcp restart59-359• An default gateway can only be successfully set when a network interface that directly connects to the gateway has been configu
3-1Chapter 3: Configuring the SwitchUsing the Web InterfaceThis switch provides an embedded HTTP web agent. Using a web browser you can configure the
IPv4 Interface Commands59-459show ip interfaceThis command displays the settings of an IPv4 interface.Command Mode Privileged ExecExample Related Comm
ping59-559pingThis command sends (IPv4) ICMP echo request packets to another node on the network.Syntax ping host [count count][size size]• host - IP
IPv4 Interface Commands59-659
60-1Chapter 60: IPv6 Interface CommandsAn IPv6 address can either be manually configured or dynamically generated. You may also need to a establish an
IPv6 Interface Commands60-260ipv6 enableThis command enables IPv6 on an interface that has not been configured with an explicit IPv6 address. Use the
ipv6 general-prefix60-360ipv6 general-prefixThis command defines an IPv6 general prefix for the network address segment. Use the no form to remove the
IPv6 Interface Commands60-460show ipv6 general-prefixThis command displays all configured IPv6 general prefixes.Command Mode Normal Exec, Privileged E
ipv6 address60-560Command Usage • The general prefix normally applies to all interfaces, and is therefore specified at the global configuration level.
IPv6 Interface Commands60-660ipv6 address autoconfig This command enables stateless autoconfiguration of IPv6 addresses on an interface and enables IP
ipv6 address eui-6460-760Related Commands ipv6 address (60-4)show ipv6 interface (60-10)ipv6 address eui-64 This command configures an IPv6 address fo
Configuring the Switch3-23Navigating the Web Browser InterfaceTo access the web-browser interface you must first enter a user name and password. The a
IPv6 Interface Commands60-860universal/local bit in the address and inserting the hexadecimal number FFFE between the upper and lower three bytes of t
ipv6 address link-local60-960ipv6 address link-local This command configures an IPv6 link-local address for an interface and enables IPv6 on the inter
IPv6 Interface Commands60-1060Related Commands ipv6 enable (60-2)show ipv6 interface (60-10)show ipv6 interfaceThis command displays the usability and
show ipv6 interface60-1160This example displays a brief summary of IPv6 addresses configured on the switch.Related Commands show ip interface (59-4)IP
IPv6 Interface Commands60-1260ipv6 default-gateway This command sets an IPv6 default gateway to use when the management station in located on a differ
ipv6 mtu60-1360Example The following shows the default gateway configured for this device:Related Commands show ip redirects (59-4)ipv6 mtu This comma
IPv6 Interface Commands60-1460show ipv6 mtuThis command displays the maximum transmission unit (MTU) cache for destinations that have returned an ICMP
show ipv6 traffic60-1560Example The following example shows statistics for all IPv6 unicast and multicast traffic, as well as ICMP, UDP and TCP statis
IPv6 Interface Commands60-1660 router solicit 0 router advert 0 redirects 0 neighbor soli
show ipv6 traffic60-1760hop count exceeded Number of packets discarded because its time-to-live (TTL) field was decremented to zero. unknown protocol
Navigating the Web Browser Interface3-33Configuration OptionsConfigurable parameters have a dialog box or a drop-down list. Once a configuration chang
IPv6 Interface Commands60-1860Ipv6 mcastmcast received The number of multicast packets received by the interface.mcast sent The number of multicast pa
show ipv6 traffic60-1960router solicit The number of ICMP Router Solicit messages received by the interface.router advert The number of ICMP Router Ad
IPv6 Interface Commands60-2060clear ipv6 traffic This command resets IPv6 traffic counters.Command Mode Privileged ExecCommand Usage This command rese
ping ipv660-2160ping ipv6 This command sends ICMP echo request packets to an IPv6 node on the network.ping ipv6 address {ipv6-address | host-name} [si
IPv6 Interface Commands60-2260Example Related Commands ping (59-5)ipv6 neighbor This command configures a static entry in the IPv6 neighbor discovery
ipv6 nd dad attempts60-2360• If the specified entry was dynamically learned through the IPv6 neighbor discovery process, and already exists in the nei
IPv6 Interface Commands60-2460in a “pending” state. Duplicate address detection is automatically restarted when the interface is administratively re-a
ipv6 nd ns interval60-2560ipv6 nd ns interval This command configures the interval between transmitting IPv6 neighbor solicitation messages on an inte
IPv6 Interface Commands60-2660show ipv6 neighborsThis command displays information in the IPv6 neighbor discovery cache.Syntax show ipv6 neighbors [vl
clear ipv6 neighbors60-2760Related Commands show mac-address-table (50-3)clear ipv6 neighborsThis command deletes all dynamic entries in the IPv6 neig
Configuring the Switch3-43Main Menu Using the onboard web agent, you can define system parameters, manage and control the switch, and all its ports, o
IPv6 Interface Commands60-2860
61-1Chapter 61: Switch Cluster CommandsSwitch Clustering is a method of grouping switches together to enable centralized management through a single u
Switch Cluster Commands61-261• Configured switch clusters are maintained across power resets and network changes.Examplecluster commanderThis command
cluster member61-361Command ModeGlobal ConfigurationCommand Usage • An “internal” IP address pool is used to assign IP addresses to Member switches in
Switch Cluster Commands61-461rcommandThis command provides access to a cluster Member CLI for configuration. Syntax rcommand id <member-id>membe
show cluster members61-561show cluster membersThis command shows the current switch cluster members.Command Mode Privileged ExecExampleshow cluster ca
Switch Cluster Commands61-661
Section IV:AppendicesThis section provides additional information on the following topics. Software Specifications . . . . . . . . . . . . . . . . .
Appendices
A-1Appendix A: Software SpecificationsSoftware FeaturesAuthenticationLocal, RADIUS, TACACS+, Port (802.1X), HTTPS, SSH, Port SecurityAccess Control Li
Navigating the Web Browser Interface3-53SNMP 11-1Configuration Configures community strings and related trap functions 11-3Agent Status Enables or dis
Software SpecificationsA-2AMulticast Filtering IGMP SnoopingSwitch Clustering36 groupsAdditional FeaturesCIDR (Classless Inter-Domain Routing)SNTP (Si
Management Information BasesA-3AIGMPv2 (RFC 2236)IPv4 IGMP (RFC 3228)RADIUS+ (RFC 2618)RMON (RFC 2819 groups 1,2,3,9)SNMP (RFC 1157)SNMPv2c (RFC 2571)
Software SpecificationsA-4ATACACS+ Authentication Client MIBTCP MIB (RFC 2012)Trap (RFC 1215)UDP MIB (RFC 2013)
B-1Appendix B: TroubleshootingProblems Accessing the Management Interface Table B-1 Troubleshooting ChartSymptom ActionCannot connect using Telnet,
TroubleshootingB-2BUsing System LogsIf a fault does occur, refer to the Installation Guide to ensure that the problem you encountered is actually caus
Glossary-1GlossaryAccess Control List (ACL)ACLs can limit network traffic and restrict access to certain users or devices by checking each packet for
GlossaryGlossary-2Extended Universal Identifier (EUI) An address format used by IPv6 to identify the host portion of the network address. The interfac
Glossary-3GlossaryIEEE 802.1QVLAN Tagging—Defines Ethernet frame tags which carry VLAN information. It allows switches to assign endstations to differ
GlossaryGlossary-4IP Multicast FilteringA process whereby this switch can pass multicast traffic along to participating hosts.IP PrecedenceThe Type of
Glossary-5GlossaryPort AuthenticationSee IEEE 802.1X.Port MirroringA method whereby data on a target port is mirrored to a monitor port for troublesho
Configuring the Switch3-63Trunk Membership Specifies ports to group into static trunks 17-2LACP 17-1Configuration Allows ports to dynamically join tr
GlossaryGlossary-6Secure Shell (SSH)A secure replacement for remote access functions, including Telnet. SSH can authenticate users with a cryptographi
Glossary-7GlossaryUser Datagram Protocol (UDP)UDP provides a datagram mode for packet-switched communications. It uses IP as the underlying transport
GlossaryGlossary-8
Index-1Numerics802.1Q tunnel 23-12, 52-13description 23-12interface configuration 23-17, 52-14–52-15mode selection 23-17TPID 23-17, 52-15802.1X, port
Index-2IndexEedge port, STA 22-12, 22-14, 51-13event logging 37-1Ffirmwaredisplaying version 4-3, 34-8upgrading 6-2, 35-2GGARP VLAN Registration Proto
Index-3IndexTACACS+ server 12-2, 41-9logon authentication, sequence 12-3, 41-3, 41-4Mmain menu 3-4Management Information Bases (MIBs) A-3mirror port,
Index-4Indexpath cost method 22-8, 51-6port priority 22-12, 51-13protocol migration 22-14, 51-17transmission limit 22-8, 51-7standards, IEEE A-2startu
ES4524DES4548DE112006-CS-R01149100030400A
Navigating the Web Browser Interface3-73Port Configuration Configures port settings for a specified MST instance 22-19Trunk Configuration Configures t
ContentsviChapter 5: Setting an IP Address 5-1Setting the Switch’s IP Address (IP Version 4) 5-1Manual Configuration 5-2Using DHCP/BOOTP 5-3Setti
Configuring the Switch3-83IP DSCP Priority Sets IP Differentiated Services Code Point priority, mapping a DSCP tag to a class-of-service value26-9IP P
4-1Chapter 4: Basic System SettingsThis chapter describes the basic functions required to set up management access to the switch, display or upgrade o
Basic System Settings4-24Web – Click System, System Information. Specify the system name, location, and contact information for the system administrat
Displaying Switch Hardware/Software Versions4-34CLI – Specify the hostname, location and contact information.Displaying Switch Hardware/Software Versi
Basic System Settings4-44• Boot-ROM Version – Version of Power-On Self-Test (POST) and boot code.• Operation Code Version – Version number of runtime
Displaying Bridge Extension Capabilities4-54Displaying Bridge Extension CapabilitiesThe Bridge MIB includes extensions for managed devices that suppor
Basic System Settings4-64CLI – Enter the following command. Configuring Support for Jumbo FramesThe switch provides more efficient throughput for larg
Renumbering the Stack4-74Renumbering the StackIf the units are no longer numbered sequentially after several topology changes or failures, you can res
Basic System Settings4-84
5-1Chapter 5: Setting an IP AddressThis chapter describes how to configure an IPv4 interface for management access over the network. This switch suppo
ContentsviiConfiguring the SSH Server 12-12Filtering IP Addresses for Management Access 12-13Chapter 13: Configuring Port Security 13-1Chapter 14:
Setting an IP Address5-25Manual ConfigurationWeb – Click System, IP Configuration. Select the VLAN through which the management station is attached, s
Setting the Switch’s IP Address (IP Version 4)5-35Using DHCP/BOOTP If your network provides DHCP/BOOTP services, you can configure the switch to be dy
Setting an IP Address5-45Web – If the address assigned by DHCP is no longer functioning, you will not be able to renew the IP settings via the web int
Setting the Switch’s IP Address (IP Version 6)5-55length, and using the EUI-64 form of the interface identifier to automatically create the low-order
Setting an IP Address5-65IP Address• Auto Configuration – Enables stateless autoconfiguration of IPv6 addresses on an interface and enables IPv6 funct
Setting the Switch’s IP Address (IP Version 6)5-75length of the general prefix takes precedence, and some of the address bits entered in the IPv6 Addr
Setting an IP Address5-85Current Address Table• IPv6 Address – IPv6 address assigned to this interface. In addition to the unicast addresses assigned
Setting the Switch’s IP Address (IP Version 6)5-95Web – Click System, IPv6 Configuration, IPv6 Configuration. Set the IPv6 default gateway, specify th
Setting an IP Address5-105CLI – This example configures an IPv6 gateway, specifies the management interface, configures a global unicast address, and
Setting the Switch’s IP Address (IP Version 6)5-115Web – Click System, IPv6 Configuration, IPv6 General Prefix. Click Add to open the editing fields f
ContentsviiiConfiguring Global Settings 22-6Displaying Interface Settings 22-10Configuring Interface Settings 22-13Configuring Multiple Spanning Tr
Setting an IP Address5-125- Configuring a value of 0 disables duplicate address detection.- Duplicate address detection determines if a new unicast IP
Setting the Switch’s IP Address (IP Version 6)5-135- PROBE - A reachability confirmation is actively sought by resending neighbor solicitation message
Setting an IP Address5-145Web – Click System, IPv6 Configuration, IPv6 ND Neighbor. To configure the Neighbor Detection protocol settings, select a VL
6-1Chapter 6: Managing System FilesThis chapter describes how to upgrade the switch operating software, save and restore switch configuration files, a
Managing System Files6-26Downloading System Software from a Server When downloading runtime code, you can specify the destination file name to replace
Managing Firmware6-36To delete a file select System, File Management, Delete. Select the file name from the given list by checking the tick box and cl
Managing System Files6-46Saving or Restoring Configuration SettingsYou can upload/download configuration settings to/from a TFTP server. The configura
Saving or Restoring Configuration Settings6-56Downloading Configuration Settings from a ServerYou can download the configuration file under a new file
Managing System Files6-66CLI – Enter the IP address of the TFTP server, specify the source file on the server, set the startup file name on the switch
7-1Chapter 7: Console Port SettingsYou can access the onboard configuration program by attaching a VT100 compatible device to the switch’s serial cons
ContentsixChapter 28: Multicast Filtering 28-1Layer 2 IGMP (Snooping and Query) 28-1Configuring IGMP Snooping and Query Parameters 28-2Displaying I
Console Port Settings7-27Web – Click System, Line, Console. Specify the console port connection parameters as required, then click Apply.Figure 7-1 C
8-1Chapter 8: Telnet SettingsYou can access the onboard configuration program over the network using Telnet (i.e., a virtual terminal). Management acc
Telnet Settings8-28Figure 8-1 Configuring the Telnet InterfaceCLI – Enter Line Configuration mode for a virtual terminal, then specify the connection
9-1Chapter 9: Configuring Event LoggingThe switch allows you to control the logging of error messages, including the type of events that are recorded
Configuring Event Logging9-29Web – Click System, Logs, System Logs. Specify System Log Status, set the level of event messages to be logged to RAM and
Remote Log Configuration9-39• Host IP Address – Specifies a new server IP address to add to the Host IP List.Web – Click System, Logs, Remote Logs. To
Configuring Event Logging9-49Displaying Log MessagesUse the Logs page to scroll through the logged system and event messages. The switch can store up
Sending Simple Mail Transfer Protocol Alerts9-59• SMTP Server List – Specifies a list of up to three recipient SMTP servers. The switch attempts to co
Configuring Event Logging9-69CLI – Enter the IP address of at least one SMTP server, set the syslog severity level to trigger an email message, and sp
10-1Chapter 10: Setting the System Clock Simple Network Time Protocol (SNTP) allows the switch to set its internal clock based on periodic updates fro
Commentaires sur ces manuels