User Interface Description English PRIMERGY BX600 Blade Server Systems Intelligent Blade Panel Module 30/12
PRIMERGY BX600 Blade Server Systems Intelligent Blade Panel Module 30/12 Edition March 2008
Comments… Suggestions… Corrections… The User Documentation Department would like to know your opinion on this manual. Your feedback helps us to optimize our documentation to suit your individual needs. Feel free to send us your comments by e-mail to: manuals@fujtsu-siemens.
Important Notes Introduction Networking Planning Making Network Connection Configuration the IBP Web Base Command Interface Command Reference Using SNMP System Defaulting Troubleshooting and Tips 3 Intelligent Blade Panel Module
CONTENTS 1 Important Notes ...........................................................................................................8 1.1 Information About Boards.....................................................................................8 1.2 Compliance Statements........................................................................................9 2 Introduction................................................................................................................12 2.1 2.
.2.4 7 Command Reference ..............................................................................................131 7.1 CLI Command Format......................................................................................131 7.2 CLI Mode-based Topology................................................................................132 7.3 System Information and Statistics commands..................................................134 7.4 7.5 7.6 5 Extended Configuration Menu ............
.7 7.8 7.9 7.10 7.6.1 Show Commands ........................................................................................208 7.6.2 show logging buffered .................................................................................208 7.6.3 show logging traplog....................................................................................209 7.6.4 Configuration Commands............................................................................210 Script Management Commands .........
7.11.15 quit...............................................................................................................272 7.12 DHCP Commands ............................................................................................273 7.12.1 ip dhcp restart..............................................................................................273 7.12.2 ip dhcp client-identifier.................................................................................273 8 Using SNMP .................
Information About Boards Important Notes 1 Important Notes Store this manual close to the device. If you pass the device on to third parties, you should pass this manual on with it. Be sure to read this page carefully and note the information before you open the device. You cannot access the IBP Module without first opening the device. How to dismantle and reassemble the device is described in the Operating Manual accompanying the device.
Compliance Statements Introduction 1.2 Compliance Statements FCC Class A Compliance This equipment has been tested and found to comply with the limits for a “Class A” digital device, pursuant to Part 15 of the FCC rules and meets all requirements of the Canadian Interference-Causing Equipment Regulations. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
Compliance Statements Introduction Japan VCCI Class A CE Mark Declaration of Conformance for EMI and Safety (EEC) This information technology equipment complies with the requirements of the Council Directive 89/336/EEC on the Approximation of the laws of the Member States relating to Electromagnetic Compatibility and 73/23/EEC for electrical equipment used within certain voltage limits and the Amendment Directive 93/68/EEC.
Compliance Statements Introduction Taiwan BSMI Class A Australia AS/NZS 3548 (1995) - Class A 11 Intelligent Blade Panel Module
Features of the IBP Module Introduction 2 Introduction The PRIMERGY BX600 Blade Server system is a modular server system that can integrates up to 10 server modules, four IBP Modules (one IBP will be included in the base enclosure, the other three are optional) and two Management Modules (MMB). The IBP Module provides networking connectivity to PRIMERGY BX600 Blade Server. The Management Modules provides a single point of control for the PRIMERGY BX600 Blade Server.
Features of the IBP Module Introduction 2.1 Features of the IBP Module The IBP provides a wide range of advanced performance-enhancing features. Multicast filtering provides support for real-time network applications. Flow control eliminates the loss of packets due to bottlenecks caused by port saturation. And broadcast storm suppression prevents broadcast traffic storms from engulfing the network. Some of the management features are briefly described below.
Features of the IBP Module Introduction from incoming frames. These user-defined entries are not subject to aging, and are preserved across resets and reboots. Self-Learning MAC Addresses The IBP Module enables automatic MAC address learning from incoming packets. The MAC addresses are stored in the Bridging Table. Automatic Aging for MAC Addresses MAC addresses from which no traffic is received for a given period are aged out. This prevents the Bridging Table from overflowing.
Features of the IBP Module Introduction Uplink Set Support Uplink Sets are used to define the external connection. An “Uplink Set” is defined as a set of 1 to n external (uplink) ports, which is used in port group definitions to connect a group of server blades to the customer’s LAN. All members of a Uplink Set will form a LAG. Port Group Support Port Group feature is supported on IBP. Port Groups combine several internal ports into a group. Up to 30 groups are available for IBP.
Features of the IBP Module Introduction configures, binds and monitors the port binding to aggregators within the system. BootP and DHCP Clients DHCP enables additional setup parameters to be received from a network server upon system startup. DHCP service is an on-going process. DHCP is an extension to BootP. For more information on DHCP, see "Defining DHCP IP Interface Parameters". 2.1.
Features of the IBP Module Introduction Provision The Intelligent Blade Panel allows users to select the Configuration files to configure the system. There are two timings to configure system: Start-up and Run time. Start-up: Select the Configuration File for start-up purpose. Run time: Users can choose a new configuration file to reconfigure the system while system running, without rebooting the system. This function is available for CLI only.
Features of the IBP Module Introduction reference clock. The higher the stratum (where zero is the highest), the more accurate the clock. 2.1.4 Security Feature SSL Secure Socket Layer (SSL) is an application-level protocol that enables secure transactions of data through privacy, authentication, and data integrity. It relies upon certificates and public and private keys. SSL version 3 and TLS version 1 are currently supported. Port Based Authentication (802.
System LED There is one IBP Module system LED with dual functions, controlled by MMB for error status reporting and blade identification. Different flashing frequencies are used to indicate the different functions. There are two functions, identification and error reporting, with identification having a higher priority than error reporting. NOTE: If there is an error and the identification function is activated, the LED still functions as an identification LED.
Features of the IBP Module Introduction can be automatically set if this feature is also supported by the attached device. Otherwise, these items can be manually configured for any connection. Note – Auto-negotiation must be enabled for automatic MDI/MDI-X pin-out configuration. Internal Ports The IBP also includes 30 internal 1000BASE-X Gigabit Ethernet ports that connect to the server blades in the chassis. These ports are fixed at 1000 Mbps, full duplex.
Features of the IBP Module 21 Introduction Intelligent Blade Panel Module
Features of the IBP Module Introduction PRIMERGY GbE Switch Blade 30/12 Internal Ports List PRIMERGY BX620 I/O Switch Internal S4 Nic No. Blade Module. Ports Mapping PRIMERGY BX620 I/O Switch Internal S4 Nic No. Blade Module.
Features of the IBP Module Introduction 2.2.2 Status of LEDs The front panel contains light emitting diodes (LED) that indicate the status of links, and IBP diagnostics. Port LEDs Each of uplink port has two LED indicators.
Features of the IBP Module Introduction straight-through cable (with auto-negotiation enabled) l Auto-negotiation enables each port to automatically select the optimum speed (10, 100 or 1000 Mbps) and communication mode (half or full duplex) if this feature is supported by the attached device; otherwise the port can be configured manually l IEEE 802.3ab Gigabit Ethernet compliance ensures compatibility standards-based network cards and switches from any vendor 2.3.
l Telnet, SNMP/RMON and Web-based interface l Multicast Switching based on IGMP (Internet Group Management Protocol) Snooping and Multicast Filtering l Broadcast storm suppression l Link aggregaton l Management access security provided with username/password, and SNMP community names Notational Conventions Introduction 2.
Target Group Introduction 2.5 Target Group This manual is intended for those responsible for installing and configuring network connections. This manual contains all the information required to configure the IBP.
Technical Data Introduction 2.6 Technical Data Electrical data Operating voltage +12 VDC @ 3 A max Maximum current 11 A max @ 3.3 VDC National and international standards Product safety IEC 60950 / EN 60950 / UL 1950, CSA 22.2 No.
Technical Data Introduction Environmental conditions Environment class 3K2 DIN IEC 721 part 3-3 Environment class 2K2 DIN IEC 721 part 3-2 Temperature: – Operating (3K2) 0 °C .... 50 °C – Transport (2K2) -40 °C .... 70 °C Humidity 10 ... 90% Condensation while operating must be avoided.
Introduction to IBP Network Planning 3 Network Planning 3.1 Introduction to IBP The Intelligent Blade Panel Module (IBP) provides a simple Ethernet interface option for connecting the PRIMERGY BX600 Blade Server systems to the network infrastructure. The administrative effort and network skills required to connect to the network are minimized.
The IBP connects server boards installed inside the system to a common switch fabric, and also provides three external ports for uplinking to external IEEE 802.3ab compliant devices. For most applications, the external ports on the IBP will be connected to other switches in the network backbone.
1000BASE-T Cable Requirements Making Network Connections Do not plug a phone jack connector into any RJ-45 port. This may ! damage the IBP. Instead, use only twisted-pair cables with RJ-45 connectors that conform with FCC standards. For 1000 Mbps operation, all four wire pairs in the cable must be connected.
1000BASE-T Pin Assignments 4.2.2 Making Network Connections Adjusting Existing Category 5 Cabling for 1000BASE-T If your existing Category 5 installation does not meet one of the test parameters for 1000BASE-T, there are basically three measures that can be applied to try and correct the problem: 1. Replace any Category 5 patch cables with high-performance Category 5e cables. 2. Reduce the number of connectors used in the link. 3. Reconnect some of the connectors in the link. 4.
Overview Configuration the IBP Module 5 Configuration the IBP Module This section contains information about IBP unpacking, installation, and cable connections. 5.1 Overview The IBP Module is inserted in the PRIMERGY BX600 Blade Server which is a modular server system that can integrates up to 10 processor blades and four IBP Modules.
Connecting the IBP Module Configuration the IBP Module 5.2 Connecting the IBP Module Before configuring the IBP Module, PRIMERGY BX600 Blade Server console port must be connected to the IBP Module. To connect PRIMERGY BX600 Blade Server console port to the IBP Module, perform the following: 1. Mount the IBP Module. On the console monitor the MMB application displays a login screen. The IBP Module bootup screen is displayed. Welcome to Management Blade 1.
Connecting the IBP Module Configuration the IBP Module (5) Logout (6) Reboot Management Blade (7) System Information Dump Enter selection: 3 3. Select (3) Console Redirection. The Console Redirection Table is displayed.
Start up and Configuration the IBP Module Configuration the IBP Module 5.3 Start up and Configuration the IBP Module It’s important to understand the IBP Module architecture when configuring the IBP Module. The IBP Module has two types of ports. One type is for interfacing the IBP Module with PRIMERGY BX600 Blade Server, and the other type are regular Ethernet ports used for connecting PRIMERGY BX600 Blade Server to the network.
Configuring the Terminal Configuration the IBP Module 5.4 Configuring the Terminal To configure the device, the station must be running terminal emulation software. Ensure that switch module is correctly mounted and is connected to the chassis serial port. Ensure that the terminal emulation software is set as follows: Connect PRIMERGY BX600 Blade Server serial port to the IBP Module. NOTE: 1. The default data rate is 9600. No other data rate is required for initial configuration. 2.
Booting Device Configuration the IBP Module 2. Power up the Chassis and observe booting information (if Chassis is running press few times to ensure that terminal connection is successful). 5.5 Booting Device • The device is delivered with a default configuration. • The device is not configured with a default user name and password.
Software Download Configuration the IBP Module the device. If it is not the latest version, download and install the latest version. For more information on downloading the latest version see the "Software Download" 5.6 Software Download 5.6.1 In BootROM Back Door CLI Software Download Using Xmodem Protocol The software download procedure is performed when a new version must be downloaded to replace the corrupted files, update or upgrade the system software (system and boot images).
Software Download Configuration the IBP Module 8. Enter the reset command. The following message is displayed: BootROM > reset Are you sure you want to reset the system (y/n)? y System Resetting... 9. Enter y. The device reboots. 5.6.2 In Operation Code CLI Software Download Through TFTP Server This section contains instructions for downloading device software through a TFTP server. The TFTP server must be configured before beginning to download the software.
Software Download Configuration the IBP Module file name file type startup size (byte) -------------------------------- -------------- ------- ----------PRIMERGY BX600-b-0.4.1214.biz Boot-Rom image default.cfg Config File Y Y 118206 17336 PRIMERGY BX600-r-c-0.5.0110.biz Operation Code Y 40666365 5. Enter (vty-0) # copy tftp://{tftp address}/{file name} image {file name} command to copy a new system image to the device. The following message is displayed: Mode...................................
Software Download Configuration the IBP Module (vty-0) #reload Are you sure you would like to reset the system? (y/n) y System will now restart! 9. Enter y. The device reboots.
Overview Web-Based Management Interface 6 Web-Based Management Interface 6.1 Overview The BX600 Network IBP module provides a built-in browser software interface that lets you configure and manage it remotely using a standard Web browser such as Microsoft Internet Explorer or Netscape Navigator. This software interface also allows for system monitoring and management of the IBP module.
Main Menu Web-Based Management Interface 6.2 Main Menu 6.2.1 6.2.1.1 Groups Administration Managing Uplink Sets 6.2.1.1.1. Configuring Uplink Set Configuration Page An "Uplink Set" is defined as a set of 1 to n external (uplink) ports, which is be used in port group definitions to connect a group of server blades to the customer's LAN. The purpose of the uplink set configuration is to create groups, and to add or modify the existing external ports to groups.
Groups Administration Web-Based Management Interface Submit – Update the IBP the values on this screen. If you want the IBP to retain the new values across a power cycle, you have to perform a save Delete – Delete the Uplink Set. You are not allowed to delete the "default" uplink set. 6.2.1.1.2. View Uplink Set Information Page This page displays the status of all currently configured uplink set. Non-Configurable Data Uplink Set Name – The group name of the uplink set.
Groups Administration Web-Based Management Interface 6.2.1.2 Managing Port Groups 6.2.1.2.1. Configuring Port Group Configuration Page The purpose of the port group configuration is to create port groups, and to modify the existing port groups. Only the internal ports could be defined to be the member of the port groups. The external connection is defined by specifying an Uplink Set. Selection Criteria Group Name – Use this pull-down menu to select one of the existing groups.
Groups Administration Web-Based Management Interface Command Buttons Submit – Update the IBP the values on this screen. If you want the IBP to retain the new values across a power cycle, you have to perform a save. Delete - Delete the port group. You are not allowed to delete the "default" port group.
Groups Administration Web-Based Management Interface 6.2.1.2.2. Viewing Port Group Information Page This page displays the status of all currently configured port group. Non-Configurable Data Port Group Name – The group name of the port group. Internal Ports – List the internal port members. Uplink Set Name –The name of the uplink set. External Ports – List the external port members.
Groups Administration Web-Based Management Interface 6.2.1.3 Managing VLAN Port Groups 6.2.1.3.1. Configuring VLAN Port Group Configuration Page The purpose of the VLAN port group configuration is to create groups based on the VLAN basis, and to modify the existing groups. Only the internal ports could be defined to be the member of the VLAN port groups. The external connection is defined by specifying an Uplink Set.
Groups Administration Web-Based Management Interface 6.2.1.3.2. Viewing VLAN Port Group Information Page This page displays the status of all currently configured VLAN port group.
Groups Administration Web-Based Management Interface VLAN Port Group Name – The group name of the VLAN port group. VLAN ID – The VLAN Identifier of the VLAN Port Group. Internal Ports – Internal interface, member of that VLAN Port Group. Uplink Set Name – The Uplink Set for the external connection of that VLAN Port Group. External Ports – External interface, member of the specified Uplink Set.
Groups Administration Web-Based Management Interface 6.2.1.4 Managing Service LAN Groups 6.2.1.4.1. Configuring Service LAN Configuration Page Selection Criteria Service LAN Name – You can use this screen to configure an existing Service LAN, or to create a new one. Use this pulldown menu to select one of the existing Service LAN Groups, or select 'Create' to add a new one. Configurable Data Service LAN Name – Specify the name for the new Service LAN.
Groups Administration Web-Based Management Interface 6.2.1.4.2. Viewing Service LAN Information Page This page displays the status of all currently configured Service LAN. Non-Configurable Data Service LAN Name – The group name of the Service LAN.
Groups Administration Web-Based Management Interface Internal Ports – Internal interface, member of that Service LAN. Uplink Set Name – The Uplink Set for the external connection of that Service LAN. External Ports – External interface, member of the specified Uplink Set.
Groups Administration Web-Based Management Interface 6.2.1.5 Managing Service VLAN Groups 6.2.1.5.1. Configuring Service VLAN Configuration Page Selection Criteria Service VLAN Name - You can use this screen to reconfigure an existing Service VLAN, or to create a new one. Use this pull down menu to select one of the existing Service VLANs, or select 'Create' to add a new one. Configurable Data Service VLAN Name – Specify the Service VLAN Name for the new Service VLAN.
Groups Administration Web-Based Management Interface 6.2.1.5.2. Viewing Service VLAN Information Page This page displays the status of all currently configured Service VLANs.
Groups Administration Web-Based Management Interface Service VLAN Name – The group name of the Service VLAN. Service VLAN ID –The VLAN Identifier of the Service VLAN. Internal Ports – Internal interface, member of that Service VLAN. Uplink Set Name – The Uplink Set for the external connection of that Service VLAN. External Ports – External interface, member of the specified Uplink Set.
Groups Administration Web-Based Management Interface 6.2.1.6 Managing Port Backup 6.2.1.6.1. Configuring Port Backup Configuration Page Two link aggregation groups are associated with one uplink set as the uplink set is created. Two link aggregation groups are defined as active and backup port internally. One of two link aggregation groups will be activated at a time.
Groups Administration Web-Based Management Interface 6.2.1.6.2. Viewing Port Backup Status Page The page displays the status of all currently configured port-backup. Non-Configurable Data Uplink Set Name – The name of the Uplink Set. External Active Ports – The configured external active ports. External Backup Ports – The configured external backup ports. Port Backup – Current port backup setting for the Uplink Set.
Groups Administration Web-Based Management Interface 60 Intelligent Blade Panel Module
Panel Settings Menu Web-Based Management Interface 6.2.2 Panel Settings Menu 6.2.2.1 6.2.2.1.1 Configuring Management Session and Network Parameters Viewing Inventory Information Use this panel to display the IBP's Vital Product Data, stored in non-volatile memory at the factory. Non-Configurable Data System Description - The product name of this IBP module. Machine Type - The machine type of this IBP module. Machine Model - The model within the machine type.
Panel Settings Menu Web-Based Management Interface 62 Intelligent Blade Panel Module
Panel Settings Menu Web-Based Management Interface 6.2.2.1.2 Viewing Panel Description Page Configurable Data System Name - Enter the name you want to use to identify this IBP module. You may use up to 31 alpha-numeric characters. The factory default is blank. System Location - Enter the location of this IBP module. You may use up to 31 alpha-numeric characters. The factory default is blank. System Contact - Enter the contact person for this IBP module. You may use up to 31 alpha-numeric characters.
Panel Settings Menu Web-Based Management Interface 6.2.2.1.3 Configuring Inband Administration Page The network interface is the logical interface used for in-band connectivity with the IBP module via any of the IBP's front panel ports. The configuration parameters associated with the IBP's network interface do not affect the configuration of the front panel ports through which traffic is switched or routed.
Panel Settings Menu Web-Based Management Interface management access. By setting the interface to be granted, IBP will be allowed to access from this interface; on the other hand, if the interface is set to be denied, IBP will not be allowed to access from this interface. Non-Configurable Data Burned-in MAC Address - The burned-in MAC address used for in-band connectivity if you choose not to configure a locally administered address. Status – The status of the interface. Grant or Deny.
Panel Settings Menu Web-Based Management Interface 6.2.2.1.4 Configuring Telnet Session Page Configurable Data Telnet Session Timeout (minutes) - Specify how many minutes of inactivity should occur on a telnet session before the session is logged off. You may enter any number from 1 to 160. The factory default is 5. Maximum Number of Telnet Sessions - Use the pulldown menu to select how many simultaneous telnet sessions will be allowed. The maximum is 5, which is also the factory default.
Panel Settings Menu Web-Based Management Interface 6.2.2.1.5 Configuring Outbound Telnet Client Configuration Page Configurable Data Admin Mode - Specifies if the Outbound Telnet service is Enabled or Disabled. Default value is Enabled. Maximum Sessions - Specifies the maximum number of Outbound Telnet Sessions allowed. Default value is 5. Valid Range is (0 to 5). Session Timeout - Specifies the Outbound Telnet login inactivity timeout. Default value is 5. Valid Range is (1 to 160).
Panel Settings Menu Web-Based Management Interface 6.2.2.1.6 Configuring Serial Port Page Configurable Data Serial Port Login Timeout (minutes) - Specify how many minutes of inactivity should occur on a serial port connection before the IBP closes the connection. Enter a number between 0 and 160: the factory default is 5. Entering 0 disables the timeout. Baud Rate (bps) - Select the default baud rate for the serial port connection from the pull-down menu.
Panel Settings Menu Web-Based Management Interface 6.2.2.1.7 Defining User Accounts Page By default, two user accounts exist: admin, with 'Read/Write' privileges guest, with 'Read Only' privileges By default, the password for admin is “admin”, and password for guest is blank. The names are case insensitive.
Panel Settings Menu Web-Based Management Interface Command Buttons Submit - Update the IBP module with the values on this screen. If you want the IBP module to retain the new values across a power cycle, you must perform a save. Delete - Delete the currently selected user account. If you want the IBP module to retain the new values across a power cycle, you must perform a save. This button is only visible when you have selected a user account with 'Read Only' access.
Panel Settings Menu Web-Based Management Interface 6.2.2.1.8 Defining DHCP Client Configuring DHCP Restart Page This command issues a BOOTP or DHCP client request for any IP interface that has been set to BOOTP or DHCP mode via the IP address command. DHCP requires the server to reassign the client's last address if available. If the BOOTP or DHCP server has been moved to a different domain, the network portion of the address provided to the client will be based on this new domain.
Panel Settings Menu Web-Based Management Interface 6.2.2.1.9 Defining SNMP Configuring SNMP Community Configuration Page By default, two SNMP Communities exist: private, with 'Read/Write' privileges and status set to enable public, with 'Read Only' privileges and status set to enable These are well-known communities, you can use this menu to change the defaults or to add other communities.
Panel Settings Menu Web-Based Management Interface new values across a power cycle, you must perform a save. Configuring SNMP Trap Receiver Configuration Page This menu will display an entry for every active Trap Receiver. Configurable Data SNMP Community Name - Enter the community string for the SNMP trap packet to be sent to the trap manager. This may be up to 16 characters and is case sensitive.
Panel Settings Menu Web-Based Management Interface Viewing SNMP supported MIBs Page This is a list of all the MIBs supported by the IBP module. Non-configurable Data Name - The RFC number if applicable and the name of the MIB. Description - The RFC title or MIB description. Command Buttons Refresh - Update the data.
Panel Settings Menu Web-Based Management Interface 75 Intelligent Blade Panel Module
Panel Settings Menu Web-Based Management Interface 6.2.2.1.10 Configuring SNTP Configuring SNTP Global Configuration Page Configurable Data Client Mode - Specifies the mode of operation of SNTP Client. An SNTP client may operate in one of the following modes. • Disable- SNTP is not operational. No SNTP requests are sent from the client nor are any received SNTP messages processed. • Unicast- SNTP operates in a point to point fashion.
Panel Settings Menu Web-Based Management Interface Viewing SNTP Global Status Page Non-Configurable Data Version - Specifies the SNTP Version the client supports. Supported Mode - Specifies the SNTP modes the client supports. Multiple modes may be supported by a client. Last Update Time - Specifies the local date and time (UTC) the SNTP client last updated the system clock. Last Attempt Time - Specifies the local date and time (UTC) of the last SNTP request or receipt of an unsolicited message.
Panel Settings Menu Web-Based Management Interface Address Type - Specifies the address type of the SNTP Server address for the last received valid packet. Server Stratum - Specifies the claimed stratum of the server for the last received valid packet. Reference Clock Id - Specifies the reference clock identifier of the server for the last received valid packet. Server Mode - Specifies the mode of the server for the last received valid packet.
Panel Settings Menu Web-Based Management Interface Allowed types are : • • Unknown IPV4 Default value is Unknown Port - Specifies the port on the server to which SNTP requests are to be sent. Allowed range is (1 to 65535). Default value is 123. Priority - Specifies the priority of this server entry in determining the sequence of servers to which SNTP requests will be sent. The client continues sending requests to different servers until a successful response is received or all servers are exhausted.
Panel Settings Menu Web-Based Management Interface Last Attempt Time - Specifies the local date and time (UTC) that this SNTP server was last queried. Last Attempt Status - Specifies the status of the last SNTP request to this server. If no packet has been received from this server, a status of Other is displayed. • • Other None of the following enumeration values. Success The SNTP operation was successful and the system time was updated.
Panel Settings Menu Web-Based Management Interface 6.2.2.2 Configuring IBP Interface 6.2.2.2.1 Interface Configuration Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Configurable Data Physical Mode - Use the pulldown menu to select the port's speed and duplex mode. If you select auto the duplex mode and speed will be set by the auto-negotiation process. Note that the port's maximum capability (full duplex and 100 Mbps) will be advertised.
Panel Settings Menu Web-Based Management Interface 6.2.2.2.2 Viewing Interface Configuration Page This screen displays the status for all ports in the box. Non-Configurable Port Status Data Slot/Port - Identifies the port Port Type - For normal ports this field will be blank. Otherwise the possible values are: Mon - this port is a monitoring port. Look at the Port Monitoring screens for more information. LAG - the port is a member of a Link Aggregation trunk. Look at the LAG screens for more information.
Panel Settings Menu Web-Based Management Interface Refresh – Refresh the configuration value again.
Panel Settings Menu Web-Based Management Interface 6.2.2.3 Managing System Utilities 6.2.2.3.1 Panel Reset Page Command Buttons Reset - Select this button to reboot the IBP. Any configuration changes you have made since the last time you issued a save will be lost. You will be shown a confirmation screen after you select the button. 6.2.2.3.2 Reset All Configuration to Defaults Page Command Buttons Reset - Clicking the Reset button will reset all of the system login passwords to their default values.
Panel Settings Menu Web-Based Management Interface 6.2.2.3.4 Downloading Specific Files to Panel Page Use this menu to download a file to the Panel. Configurable Data File Type - Specify what type of file you want to download: Script - specify configuration script when you want to update the IBP’s script file. CLI Banner - Specify the banner that you want to display before user login to the IBP. Code – Specify code when you want to upgrade the operational flash.
Panel Settings Menu Web-Based Management Interface 6.2.2.3.5 Uploading Specific Files from Panel Page Use this menu to upload a code, configuration, or log file from the IBP. Configurable Data File Type - Specify the type of file you want to upload. The available options are Script, Code, CLI Banner, Configuration, Error Log, Buffered Log, and Trap Log. The factory default is Error Log. TFTP Server IP Address - Enter the IP address of the TFTP server. The factory default is 0.0.0.
Panel Settings Menu Web-Based Management Interface 6.2.2.3.6 Defining Configuration and Runtime Startup File Page Specify the file used to start up the system. Configurable Data Configuration File - Configuration files. Runtime File - Run-time operation codes. Command Buttons Submit - Send the updated screen to the IBP and specify the file start-up. 6.2.2.3.7 Removing Specific File Page Delete files in flash. If the file type is used for system startup, then this file cannot be deleted.
Panel Settings Menu Web-Based Management Interface 6.2.2.3.8 Copying Running Configuration to Panel Page Use this menu to copy a start-up configuration file from the running configuration file on IBP. Configurable Data File Name - Enter the name you want to give the file being copied. You may enter up to 32 characters. The factory default is blank. Non-Configurable Data The last row of the table is used to display information about the progress of the file copy.
Panel Settings Menu Web-Based Management Interface Command Buttons Submit - This will initiate the ping.
Security Menu Web-Based Management Interface 6.2.3 Security Menu 6.2.3.1 Managing RADIUS 6.2.3.1.1 Configuring RADIUS Configuration Page Configurable Data Max Number of Retransmits - The value of the maximum number of times a request packet is retransmitted. The valid range is 1 - 15. Consideration to maximum delay time should be given when configuring RADIUS maxretransmit and RADIUS timeout.
Security Menu Web-Based Management Interface 6.2.3.1.2 Viewing Radius Statistics Page Non-Configurable Data Invalid Server Addresses - The number of RADIUS Access-Response packets received from unknown addresses. Command Buttons Refresh - Update the information on the page. 6.2.3.1.3 Configuring RADIUS Server Configuration Page Selection Criteria RADIUS Server IP Address - Selects the RADIUS server to be configured. Select add to add a server.
Security Menu Web-Based Management Interface Non-Configurable Data Current - Indicates if this server is currently in use as the authentication server. Secret Configured - Indicates if the shared secret for this server has been configured. Command Buttons Submit - Sends the updated screen to the IBP and causes the changes to take effect on the IBP but these changes will not be retained across a power cycle unless a save is performed. Remove - Remove the selected server from the configuration.
Security Menu Web-Based Management Interface malformed access-responses. Bad Authenticators - The number of RADIUS Access-Response packets containing invalid authenticators or signature attributes received from this server. Pending Requests - The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response. Timeouts - The number of authentication timeouts to this server.
Security Menu Web-Based Management Interface Secret - Specifies the shared secret to use with the specified accounting server. This field is only displayed if the user has READWRITE access. Apply - The Secret will only be applied if this box is checked. If the box is not checked, anything entered in the Secret field will have no affect and will not be retained. This field is only displayed if the user has READWRITE access.
Security Menu Web-Based Management Interface that contained invalid authenticators received from this accounting server. Pending Requests - Displays the number of RADIUS Accounting-Request packets sent to this server that have not yet timed out or received a response. Timeouts - Displays the number of accounting timeouts to this server. Unknown Types - Displays the number of RADIUS packets of unknown type that were received from this server on the accounting port.
Security Menu Web-Based Management Interface 6.2.3.2 Defining TACACS Configuration 6.2.3.2.1 Configuring TACACS Configuration Page Use this menu to configure the parameters for TACACS+, which is used to verify the login user's authentication. Note that only a user with Read/Write access privileges may change the data on this screen. Configurable Data Authen. State - TACACS+ administration mode which are Enable and Disable. Server ID - The TACACS+ server index which are 1, 2, and 3. Authen.
Security Menu Web-Based Management Interface 6.2.3.3 Defining Secure HTTP Configuration 6.2.3.3.1 Secure HTTP Configuration Page Configurable Data Admin Mode - This field is used to enable or disable the Administrative Mode of Secure HTTP. The currently configured value is shown when the web page is displayed. The default value is disabled. TLS Version 1 - This field is used to enable or disable Transport Layer Security Version 1.0. The currently configured value is shown when the web page is displayed.
Security Menu Web-Based Management Interface 6.2.3.4 Defining Secure Shell Configuration 6.2.3.4.1 Configuring Secure Shell Configuration Page Configurable Data Admin Mode - This select field is used to Enable or Disable the administrative mode of SSH. The currently configured value is shown when the web page is displayed. The default value is Disable. SSH Version 1 - This select field is used to Enable or Disable Protocol Level 1 for SSH.
Security Menu Web-Based Management Interface 99 Intelligent Blade Panel Module
Extended Configuration Menu Web-Based Management Interface 6.2.4 Extended Configuration Menu 6.2.4.1 Viewing System Logs 6.2.4.1.1 Viewing Buffered Log Configuration Page This log stores messages in memory based upon the settings for message component and severity. On stackable systems, this log exists only on the top of stack platform. Other platforms in the stack forward their messages to the top of stack log. Configurable Data Admin Status - A log that is "Disabled" shall not log messages.
Extended Configuration Menu Web-Based Management Interface Aug 24 05:34:05 by line 318 of file mstp_api.c. This is the 237th message logged. Messages logged to a collector or relay via syslog have an identical format to the above message. Note for buffered log Number of log messages displayed: For the buffered log, only the latest 128 entries are displayed on the webpage Command Buttons Refresh - Refresh the page with the latest log entries. Clear Log - Clear all entries in the log. 6.2.4.1.
Extended Configuration Menu Web-Based Management Interface 6.2.4.1.4 Configuring Console Log Page This allows logging to any serial device attached to the host. Configurable Data Admin Status -A log that is "Disabled" shall not log messages. A log that is "Enabled" shall log messages. Enable or Disable logging by selecting the corresponding line on the pulldown entry field. Severity Filter - A log records messages equal to or above a configured severity threshold.
Extended Configuration Menu Web-Based Management Interface events. After the event is logged and the updated log is saved in FLASH memory, the IBP module will be reset. The log can hold at least 2,000 entries (the actual number depends on the platform and OS), and the oldest one will be erased when an attempt is made to add an entry after it is full. The event log is preserved across system resets. Non-Configurable Data Entry - The number of the entry within the event log. The most recent entry is first.
Extended Configuration Menu Web-Based Management Interface -Error (3): error conditions -Warning (4): warning conditions -Notice(5): normal but significant conditions -Informational(6): informational messages -Debug(7): debug-level messages Command Buttons Submit - Update the IBP with the values you entered. Refresh - Refetch the database and display it again starting with the first entry in the table. Delete - Delete a configured host. 6.2.4.1.
Extended Configuration Menu Web-Based Management Interface 105 Intelligent Blade Panel Module
Extended Configuration Menu Web-Based Management Interface 6.2.4.1.8 Viewing Login Session Page Non-Configurable Data ID - Identifies the ID of this row. User Name - Shows the user name of user who made the session. Connection From - Shows the IP from which machine the user is connected. Idle Time - Shows the idle session time. Session Time - Shows the total session time. Session Type – Shows the type of session: telnet, serial or SSH. Command Buttons Refresh - Update the information on the page.
Extended Configuration Menu Web-Based Management Interface 6.2.4.2 Viewing Statistics 6.2.4.2.1 Viewing the Panel Detailed Statistics Page Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with the Processor of this IBP. Octets Received - The total number of octets of data received by the processor (excluding framing bits but including FCS octets).
Extended Configuration Menu Web-Based Management Interface to a higher-layer protocol. A possible reason for discarding a packet could be to free up buffer space. Most Address Entries Ever Used - The highest number of Forwarding Database Address Table entries that have been learned by this IBP since the most recent reboot. Address Entries in Use - The number of Learned and static entries in the Forwarding Database Address Table for this IBP.
Extended Configuration Menu Web-Based Management Interface Broadcast Packets Received - The total number of packets received that were directed to the broadcast address. Note that this does not include multicast packets. Packets Received with Errors - The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. Packets Transmitted Without Errors - The total number of packets transmitted out of the interface.
Extended Configuration Menu Web-Based Management Interface ifIndex - This object indicates the ifIndex of the interface table entry associated with this port on an adapter. Packets RX and TX 64 Octets - The total number of packets (including bad packets) received or transmitted that were 64 octets in length (excluding framing bits but including FCS octets).
Extended Configuration Menu Web-Based Management Interface Packets Received 65-127 Octets - The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 128-255 Octets - The total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
Extended Configuration Menu Web-Based Management Interface Alignment Errors - The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad Frame Check Sequence (FCS) with a non-integral number of octets.
Extended Configuration Menu Web-Based Management Interface Maximum Frame Size - The maximum ethernet frame size the interface supports or is configured, including ethernet header, CRC, and payload. (1518 to 9216). The default maximum frame size is 1518 . Total Packets Transmitted Successfully - The number of frames that have been transmitted by this port to its segment.
Extended Configuration Menu Web-Based Management Interface 114 Intelligent Blade Panel Module
Extended Configuration Menu Web-Based Management Interface 115 Intelligent Blade Panel Module
CLI Command Format 6.2.4.2.4 Command Reference Viewing Each Port Summary Statistics Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with this port on an adapter. Total Packets Received without Errors - The total number of packets received that were without errors.
Extended Configuration Menu Web-Based Management Interface 6.2.4.3 Managing Access Control (802.1x) 6.2.4.3.1 Defining Access Control Page Configurable Data Administrative Mode - This selector lists the two options for administrative mode: enable and disable. The default value is disabled. Command Buttons Submit - Sends the updated screen to the IBP and causes the changes to take effect on the IBP but these changes will not be retained across a power cycle unless a save is performed. 6.2.4.3.
Extended Configuration Menu Web-Based Management Interface EAP Request/Identity frame to the supplicant. The transmit period must be a number in the range of 1 to 65535. The default value is 30. Changing the value will not change the configuration until the Submit button is pressed. Supplicant Timeout - This input field allows the user to enter the supplicant timeout for the selected port.
Extended Configuration Menu Web-Based Management Interface 6.2.4.3.3 Viewing each Port Access Control Configuration Information Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid. Non-Configurable Data Control Mode - Displays the configured control mode for the specified port.
Extended Configuration Menu Web-Based Management Interface Server Timeout - This field displays the configured server timeout for the selected port. The server timeout is the value, in seconds, of the timer used by the authenticator on this port to timeout the authentication server. The server timeout is a value in the range of 1 to 65535. Maximum Requests - This field displays the configured maximum requests for the selected port.
Extended Configuration Menu Web-Based Management Interface "Timeout" "Initialize" "Idle" Command Buttons Refresh - Update the information on the page. 6.2.4.3.4 Viewing Access Control Summary Page Non-Configurable Data Port - Specifies the port whose settings are displayed in the current table row. Control Mode - This field indicates the configured control mode for the port.
Extended Configuration Menu Web-Based Management Interface Reauthentication Enabled - This field shows whether reauthentication of the supplicant for the specified port is allowed. The possible values are 'true' and 'false'. If the value is 'true' reauthentication will occur. Otherwise, reauthentication will not be allowed. Port Status - This field shows the authorization status of the specified port. The possible values are 'Authorized' and 'Unauthorized'.
Extended Configuration Menu Web-Based Management Interface 6.2.4.3.5 Viewing each Port Access Control Statistics Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid. Non-Configurable Data EAPOL Frames Received - This displays the number of valid EAPOL frames of any type that have been received by this authenticator.
Extended Configuration Menu Web-Based Management Interface 6.2.4.3.6 Defining Access Control User Login Page Selection Criteria Users - Selects the user name that will use the selected login list for 802.1x port security. Configurable Data Login - Selects the login to apply to the specified user. All configured logins are displayed.
Extended Configuration Menu Web-Based Management Interface 6.2.4.3.7 Defining Each Port Access Privileges Page Selection Criteria Port - Selects the port to configure. Configurable Data Users - Selects the users that have access to the specified port or ports. Command Buttons Submit - Sends the updated screen to the IBP and causes the changes to take effect on the IBP but these changes will not be retained across a power cycle unless a save is performed. Refresh - Update the information on the page. 6.
Extended Configuration Menu Web-Based Management Interface 126 Intelligent Blade Panel Module
Extended Configuration Menu Web-Based Management Interface 6.2.4.4 Managing IP Filter 6.2.4.4.1 IP Filter Configuration Page Management IP filter designates stations that are allowed to make configuration changes to the IBP. Select up to five management stations used to manage the IBP.
Extended Configuration Menu Web-Based Management Interface 6.2.4.5 Managing Authentication Configuration 6.2.4.5.1 Defining Authentication List Configuration Page You use this screen to configure login lists. A login list specifies the authentication method(s) you want used to validate IBP or port access for the users associated with the list. The pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList, which you may not delete.
Extended Configuration Menu Web-Based Management Interface perform a save. 6.2.4.5.2 Viewing Authentication List Summary Page Non-Configurable Data Authentication List - Identifies the authentication login list summarized in this row. Method List - The ordered list of methods configured for this login list. Login Users - The users you assigned to this login list on the User Login Configuration screen. This list is used to authenticate the users for system login access. 802.
Extended Configuration Menu Web-Based Management Interface User Login Configuration screen. If you need to create a new login list for the user, you would do so on the Login Configuration screen. The pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList, which you may not delete. All newly created users are also assigned to the defaultList until you specifically assign them to a different list.
CLI Command Format 7 Command Reference Command Reference The Command Line Interface (CLI) syntax, conventions, and terminology are described in this section. Each CLI command is illustrated using the structure outlined below. 7.1 CLI Command Format Commands are followed by values, parameters, or both. Example 1 ip address [] • Ip address is the command name. • are the required values for the command. • [] is the optional value for the command.
CLI Mode-based Topology Command Reference 7.2 CLI Mode-based Topology Parameters Parameters are order dependent. The text in bold italics should be replaced with a name or number. To use spaces as part of a name parameter, enclose it in double quotes like this: "System Name with Spaces". Parameters may be mandatory values, optional values, choices, or a combination. – . The <> angle brackets indicate that a mandatory parameter must be entered in place of the brackets and text inside them.
CLI Mode-based Topology Command Reference Conventions Network addresses are used to define a link to a remote host, workstation, or network. Network addresses are shown using the following syntax: Table 5-1. Network Address Syntax Address Type IPAddr MacAddr Format A.B.C.D YY:YY:YY:YY:YY:YY Range 0.0.0.0 to 255.255.255.255 hexidecimal digit pairs Double quotation marks such as "System Name with Spaces" set off user defined strings.
System Information and Statistics commands Command Reference 7.3 System Information and Statistics commands 7.3.1 show arp This command displays connectivity between the IBP and other devices. The Address Resolution Protocol (ARP) cache identifies the MAC addresses of the IP stations communicating with the IBP. Syntax show arp Default Setting None Command Mode Privileged Exec Display Message MAC Address: A unicast MAC address for which the IBP has forwarding and/or filtering information.
System Information and Statistics commands Command Reference Privileged Exec Display Message Current Time displays system time 7.3.3 show eventlog This command displays the event log, which contains error messages from the system, in the Primary Management System . The event log is not cleared on a system reset. Syntax show eventlog Default Setting None Command Mode Privileged Exec Display Message File: The file in which the event originated. Line: The line number of the event.
System Information and Statistics commands Command Reference name extension of “.scr”, the output will be redirected to a script file. Syntax show running-config [all] [] [all] - enable the display/capture of all commands with settings/configurations that include values that are same as the default values. - redirect the output to the file . Default Setting None Command Mode Privileged Exec 7.3.
System Information and Statistics commands 7.3.6 Command Reference show system This command displays IBP system information. Syntax show system Default Setting None Command Mode Privileged Exec Display Message System Description: Text used to identify this IBP. System Object ID: The manufacturing ID System Information System Up Time: The time in days, hours and minutes since the last IBP reboot. System Name: Name used to identify the IBP. System Location: Text used to identify the location of the IBP.
System Information and Statistics commands Command Reference Privileged Exec Display Message System Description: Text used to identify the product name of this IBP. Machine Type: Specifies the machine model as defined by the Vital Product Data. Machine Model: Specifies the machine model as defined by the Vital Product Data. Serial Number: The unique box serial number for this IBP. Label Revision Number: The label revision serial number of this IBP is used for manufacturing purposes.
System Information and Statistics commands Command Reference running on the IBP. For example, if the major version was 2 and the minor version was 4, the format would be '2.4'. Operating Code Version: The release version maintenance number of the code currently running on the IBP. For example, if the major version was 2 and the minor version was 4, the format would be '2.4'. Boot Rom Version: The release version maintenance number of the boot rom code currently running on the IBP.
Device Configuration Commands Command Reference 7.4 Device Configuration Commands 7.4.1 Interface 7.4.1.1 show interface status This command displays the Port monitoring information for the system. Syntax show interface status { | all} - is the desired interface number. all - This parameter displays information for all interfaces. Default Setting None Command Mode Privileged Exec Display Message Intf: The physical slot and physical port.
Device Configuration Commands 7.4.1.2 Command Reference show interface This command displays the Port monitoring information for the system. Syntax show interface - is the desired interface number. Default Setting None Command Mode Privileged Exec Display Message Intf: The physical slot and physical port. Type: If not blank, this field indicates that this port is a special type of port. The possible values are: PC Mbr - This port is a member of a port-channel (LAG).
Device Configuration Commands Command Reference all - This command displays statistics information for all interfaces. Default Setting None Command Mode Privileged Exec Display Message The display parameters when the argument is '' are as follows: Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received by the processor.
Device Configuration Commands Command Reference Syntax show interface counters detailed { | switchport} - is the desired interface number. switchport - This parameter specifies whole IBP or all interfaces.
Device Configuration Commands Command Reference received that were between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets). Packets RX and TX 512-1023 Octets: The total number of packets (including bad packets) received that were between 512 and 1023 octets in length inclusive (excluding framing bits but including FCS octets).
Device Configuration Commands Command Reference Packets Transmitted 65-127 Octets: The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). Packets Transmitted 128-255 Octets: The total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
Device Configuration Commands Command Reference seconds since the statistics for this port were last cleared. The display parameters when the argument is ‘switchport’ are as follows: Total Packets Received (Octets): The total number of octets of data received by the processor (excluding framing bits but including FCS octets). Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received by the processor.
Device Configuration Commands 7.4.1.4 Command Reference show interface IBP This command displays a summary of statistics for all CPU traffic. Syntax show interface switch Default Setting None Command Mode Privileged Exec Display Message Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received by the processor. Broadcast Packets Received: The total number of packets received that were directed to the broadcast address.
Device Configuration Commands 7.4.1.5 Command Reference interface This command is used to enter Interface configuration mode. Syntax interface - is the desired interface number. Default Setting None Command Mode Global Config 7.4.1.6 interface range This command is used to enter Interface range configuration mode. Syntax .
Device Configuration Commands 7.4.1.7 Command Reference speed-duplex This command is used to set the speed and duplex mode for the interface. Syntax speed-duplex {10 | 100} {full-duplex | half-duplex} 100 - 100BASE-T 10 - 10BASE-T full-duplex - Full duplex half-duplex - Half duplex Default Setting None Command Mode Interface Config This command is used to set the speed and duplex mode for all interfaces.
Device Configuration Commands 7.4.1.8 Command Reference negotiate This command enables automatic negotiation on a port. The default value is enabled. Syntax negotiate no negotiate no - This command disables automatic negotiation on a port. Default Setting Enable Command Mode Interface Config This command enables automatic negotiation on all interfaces. The default value is enabled. Syntax negotiate all no negotiate all all - This command represents all interfaces.
Device Configuration Commands 7.4.1.9 Command Reference capabilities This command is used to set the capabilities on specific interface. Syntax capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex } no capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex } 10 - 10BASE-T 100 - 100BASE-T 1000 - 1000BASE-T full-duplex - Full duplex half-duplex - Half duplex no - This command removes the advertised capability with using parameter.
Device Configuration Commands 7.4.1.10 Command Reference description This command is used to add a description for the interface. Syntax description - Up to 64 characters describing this interface. Default Setting None Command Mode Interface Config 7.4.1.11 storm-control flowcontrol This command enables 802.3x flow control for all interfaces on the IBP. Note: This command only applies to full-duplex mode ports.
Device Configuration Commands Command Reference Syntax storm-control flowcontrol no storm-control flowcontrol no - This command disables 802.3x flow control for the specific interface. Default Setting Disabled Command Mode Interface Config 7.4.2 L2 MAC Address and Multicast Forwarding Database Tables 7.4.2.1 show mac-addr-table This command displays the forwarding database entries. If the command is entered with no parameter, the entire table is displayed.
Device Configuration Commands Command Reference information. The format is 6 or 8 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB. In an IVL system the MAC address will be displayed as 8 bytes. In an SVL system, the MAC address will be displayed as 6 bytes. Note: This software version only supports IVL systems. Interface: The port on which this L2 MAC address was learned.
Device Configuration Commands 7.4.2.3 Command Reference show mac-address-table multicast This command displays the MFDB information. If the command is entered with no parameter, the entire table is displayed. This is the same as entering the all parameter. The user can display the table entry for one MAC Address by specifying the MAC address as an optional parameter.
Device Configuration Commands 7.4.2.4 Command Reference show mac-address-table stats This command displays the MFDB statistics. Syntax show mac-address-table stats Default Setting None Command Mode Privileged Exec Display Message Max MFDB Table Entries: This displays the total number of entries that can possibly be in the MFDB. Most MFDB Entries Since Last Reset: This displays the largest number of entries that have been present in the Multicast Forwarding Database table.
Device Configuration Commands 7.4.2.6 Command Reference mac-address-table aging-time This command configures the forwarding database address aging timeout in seconds. Syntax mac-address-table aging-time <10-1000000> no mac-address-table aging-time <10-1000000> <10-1000000> - aging-time (Range: 10-1000000) in seconds no - This command sets the forwarding database address aging timeout to 300 seconds. Default Setting 300 Command Mode Global Config 7.4.3 IGMP Snooping 7.4.3.1 7.4.3.1.
Device Configuration Commands 7.4.3.2 Command Reference Configuration Commands 7.4.3.2.1 igmpsnooping This command enables IGMP Snooping on a Uplink Set. The default value is enabled. Syntax igmpsnooping no igmpsnooping - The name of a uplink set which the IGMP snooping to be enabled or disabled. no - This command disables IGMP Snooping on the specific uplink set. Default Setting Disabled Command Mode Global Config 7.4.4 Port Channel 7.4.4.
Device Configuration Commands 7.4.4.2 Command Reference show lacp This command enables Link Aggregation Control Protocol (LACP) on a uplink set. Syntax show lacp [] - The name of a uplink set which the LACP to be enabled or disabled. Default Setting Disable Command Mode Privileged Exec Display Message Uplink Set Name: This indicates the name of uplink set. Linkstate:. This indicates lacp is enabled or disabled for this uplink set 7.4.5 Uplink Sets 7.4.5.
Device Configuration Commands Command Reference Port Backup: The status of port backup for the uplink set. IGMP snooping: The status of the IGMP snooping for the uplink set. LACP: The status of the LACP for the uplink set. 7.4.5.2 Configuration Commands 7.4.5.2.1 uplink-set This command is used to create or delete an uplink set. Syntax uplink-set no uplink-set - A string associated with uplink set as a convenience.
Device Configuration Commands 7.4.6.1 Command Reference Show Commands This command display the port group information. Syntax show port-group [] - The name of a port group which user want to display. Default Setting None Command Mode Privileged Exec Display Message Port Group Name: This indicates the name of port group. Internal Ports:. List the internal port members Uplink Set Name: The name of the uplink set. External Ports: List the external ports of the port group.
Device Configuration Commands Command Reference Syntax port-group no port-group - A string associated with port group as a convenience. It should be an existing port group. no - This command remove a port from a port group. Default Setting None Command Mode Interface Config 7.4.7 Port Backup 7.4.7.1 Show Commands This command display the port backup information.
Device Configuration Commands 7.4.7.2 7.4.7.2.1 Command Reference Configuration Commands port-backup This command is used to enable or disable port backup for a uplink set Syntax port-backup no port-backup - A string associated with uplink set as a convenience. It should be an existing uplink set. no - This command disable port backup for an existing port group.
Device Configuration Commands Command Reference no - This command move the port to active-port list. Restriction: users are not allowed to move the last member of active port to backup port. Default Setting None Command Mode Interface Config 7.4.8 Link State 7.4.8.1 Show Commands This command display the linkstate information. Syntax show linkstate [] - The name of a uplink set which user want to display.
Device Configuration Commands Command Reference linkstate no linkstate - A string associated with uplink set as a convenience. It should be an existing uplink set. no - This command disable linkstate for an existing uplink set. Default Setting None Command Mode Global Config 7.4.9 VLAN Port Groups 7.4.9.1 Show Commands This command display the vlan group information.
Device Configuration Commands 7.4.9.2 7.4.9.2.1 Command Reference Configuration Commands vlan-group This command is used to create or destroy a vlan port group. Syntax vlan-group <1-4094> no vlan-group - A string associated with vlan port group as a convenience. <1-4094> - VLAN ID - which uplink set to be the external connection for this vlan port group. no - This command disable linkstate for an existing vlan port group.
Device Configuration Commands Command Reference - A string associated with vlan port group as a convenience. no - This command set the native VLAN option back to default value..
Device Configuration Commands 7.4.10 Command Reference Service LAN 7.4.10.1 Show Commands This command display the Service LAN information. Syntax show svc-lan [] - The name of Service LAN which user want to display. Default Setting None Command Mode Privileged Exec Display Message Service LAN name: This indicates the name of Service LAN VLAN ID: The VLAN Identifier of the Service LAN.
Device Configuration Commands Command Reference no - This command destroy the specified Service LAN. Default Setting None Command Mode Global Config This command is used to add/remove a port to/from Service LAN. Syntax svc-lan no svc-lan - A string associated with Service LAN as a convenience. no - This command remove a port from the specified Service LAN.
Device Configuration Commands 7.4.11 Command Reference Service VLAN 7.4.11.1 Show Commands This command display the Service VLAN information. Syntax show svc-vlan [] - The name of Service VLAN which user want to display. Default Setting None Command Mode Privileged Exec Display Message Service VLAN name: This indicates the name of Service VLAN VLAN ID: The VLAN Identifier of the Service VLAN. The range of the VLAN ID is from 1 to 4094.
Device Configuration Commands Command Reference no - This command destroy the existing Service VLAN. Default Setting None Command Mode Global Config This command is used to add/remove a port to/from Service VLAN. Syntax svc-vlan no svc-vlan - A string associated with Service VLAN as a convenience. no - This command remove a port from the specified Service VLAN.
Management Commands 7.5 Management Commands 7.5.1 Network Commands 7.5.1.1 Command Reference show ip interface This command displays configuration settings associated with the IBP's network interface. The network interface is the logical interface used for in-band connectivity with the IBP via any of the IBP's front panel ports.
Management Commands Command Reference Display Message IP default gateway: The default gateway for this IP interface. The factory default value is 0.0.0.0 7.5.1.3 show ip filter This command displays management IP filter status and all designated management stations. Syntax show ip filter Default Setting None Command Mode Privileged Exec Display Message Index: The index of stations. IP Address: The IP address of stations that are allowed to make configuration changes to the IBP. 7.5.1.
Management Commands Command Reference 1518 Command Mode Interface Config 7.5.1.5 ip address This command sets the IP Address, and subnet mask. The IP Address and the gateway must be on the same subnet. Syntax ip address [] no ip address - IP address - Subnet Mask - Inband Administration VLAN ID, range is from 1~4094. no - Restore the default IP address and Subnet Mask Default Setting IP address: 0.0.0.0 Subnet Mask: 0.0.0.
Management Commands Command Reference < gateway > - IP address of the default gateway no - Restore the default IP address of the default gateway Default Setting IP address: 0.0.0.0 Command Mode Global Config 7.5.1.7 ip address protocol This command specifies the network configuration protocol to be used. If you modify this value, the change is effective immediately. Syntax ip address protocol {{bootp | dhcp []} | none} - Obtains IP address from BOOTP.
Management Commands Command Reference Syntax ip address mgmt-vlan - VLAN ID (Range: 1 – 4094). Default Setting VLAN ID: 1. Command Mode Global Config 7.5.1.9 ip filter This command is used to enable the IP filter function. Syntax ip filter no ip filter no – Disable ip filter. Default Setting Disabled Command Mode Global Config This command is used to set an IP address to be a filter.
Management Commands Command Reference Syntax ip filter no ip filter - Configure a IP address to be a filter. No - Remove this filter IP address. Default Setting None Command Mode Global Config 7.5.2 Serial Interface Commands 7.5.2.1 show line console This command displays serial communication settings for the IBP.
Management Commands Command Reference Control is always disabled. Stop Bits: The number of Stop bits per character. The number of Stop bits is always 1. Parity: The Parity Method used on the Serial Port. The Parity Method is always None. Password Threshold: When the logon attempt threshold is reached on the console port, the system interface becomes silent for a specified amount of time before allowing the next logon attempt. (Use the silent time command to set this interval.
Management Commands 7.5.2.4 Command Reference exec-timeout This command specifies the maximum connect time (in minutes) without console activity. A value of 0 indicates that a console can be connected indefinitely. The time range is 0 to 160. Syntax exec-timeout <0-160> <0-160> - max connect time (Range: 0 -160). no - This command sets the maximum connect time (in minutes) without console activity to 5. Default Setting 5 Command Mode Line Config 7.5.2.
Management Commands 7.5.2.6 Command Reference silent-time This command uses to set the amount of time the management console is inaccessible after the number of unsuccessful logon tries exceeds the threshold value. Syntax Silent-time <0-65535> <0-65535> - silent time (Range: 0 - 65535) in seconds. no - This command sets the maximum value to the default. Default Setting 0 Command Mode Line Config 7.5.3 Telnet Session Commands 7.5.3.
Management Commands Command Reference Default Setting None Command Mode Privileged Exec 7.5.3.2 show line vty This command displays telnet settings. Syntax show line vty Default Setting None Command Mode Privileged Exec Display Message Remote Connection Login Timeout (minutes): This object indicates the number of minutes a remote connection session is allowed to remain inactive before being logged off. A zero means there will be no timeout. May be specified as a number from 0 to 160.
Management Commands Command Reference Default Setting None Command Mode Global Config 7.5.3.4 exec-timeout This command sets the remote connection session timeout value, in minutes. A session is active as long as the session has been idle for the value set. A value of 0 indicates that a session remains active indefinitely. The time is a decimal value from 0 to 160. Note: Changing the timeout value for active sessions does not become effective until the session is reaccessed.
Management Commands Command Reference password-threshold <0-120> no password-threshold - max threshold (Range: 0 - 120). no - This command sets the maximum value to the default. Default Setting 3 Command Mode Telnet Config 7.5.3.6 maxsessions This command specifies the maximum number of remote connection sessions that can be established. A value of 0 indicates that no remote connection can be established. The range is 0 to 5.
Management Commands Command Reference Syntax sessions no sessions no - This command disables telnet sessions. If sessions are disabled, no new telnet sessions are established. Default Setting Enabled Command Mode Telnet Config 7.5.3.8 telnet sessions This command regulates new outbound telnet connections. If enabled, new outbound telnet sessions can be established until it reaches the maximum number of simultaneous outbound telnet sessions allowed.
Management Commands Command Reference This command specifies the maximum number of simultaneous outbound telnet sessions. A value of 0 indicates that no outbound telnet session can be established. Syntax telnet maxsessions <0-5> no maxsessions <0-5> - max sessions (Range: 0 - 5). no - This command sets the maximum value to be 5. Default Setting 5 Command Mode Global Config 7.5.3.10 telnet exec-timeout This command sets the outbound telnet session timeout value in minute.
Management Commands Command Reference Global Config 7.5.3.11 show telnet This command displays the current outbound telnet settings. Syntax show telnet Default Setting None Command Mode User Exec, Privileged Exec Display Message Outbound Telnet Login Timeout (in minutes) Indicates the number of minutes an outbound telnet session is allowed to remain inactive before being logged off. A value of 0, which is the default, results in no timeout.
Management Commands Command Reference SNMP community parameters). Syntax show snmp Default Setting None Command Mode Privileged Exec Display Message SNMP Community Name: The community string to which this entry grants access. A valid entry is a case-sensitive alphanumeric string of up to 16 characters. Each row of this table must contain a unique community name. Client IP Address: An IP address (or portion thereof) from which this device will accept SNMP packets with the associated community.
Management Commands Command Reference Command Mode Privileged Exec Display Message Authentication Flag: May be enabled or disabled. The factory default is enabled. Indicates whether authentication failure traps will be sent. Link Up/Down Flag: May be enabled or disabled. The factory default is enabled. Indicates whether link status traps will be sent. Multiple Users Flag: May be enabled or disabled. The factory default is enabled.
Management Commands Command Reference Default Setting None Command Mode Global Config 7.5.4.5 snmp-server contact This command sets the organization responsible for the network. The range for contact is from 1 to 31 alphanumeric characters. Syntax snmp-server contact - Range is from 1 to 31 alphanumeric characters. Default Setting None Command Mode Global Config 7.5.4.6 snmp-server community This command adds (and names) a new SNMP community.
Management Commands Command Reference - community name (up to 16 case-sensitive characters). no - This command removes this community name from the table. The name is the community name to be deleted. Default Setting Two default community names: public and private. You can replace these default community names with unique identifiers for each community. The default values for the remaining four community names are blank. Command Mode Global Config This command activates an SNMP community.
Management Commands Command Reference This command sets a client IP mask for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP address value to denote a range of IP addresses from which SNMP clients may use that community to access the device. A value of 255.255.255.255 will allow access from only one station, and will use that machine's IP address for the client IP Address. A value of 0.0.0.0 will allow access from any IP address.
Management Commands Command Reference Command Mode Global Config 7.5.4.7 snmp-server host This command sets a client IP address for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP mask value to denote a range of IP addresses from which SNMP clients may use that community to access the device. A value of 0.0.0.0 allows access from any IP address.
Management Commands Command Reference Default Setting Enabled Command Mode Global Config This command enables Link Up/Down traps for the entire IBP. When enabled, link traps are sent only if the Link Trap flag setting associated with the port is enabled (see ‘snmp trap link-status’ command). Syntax snmp-server enable traps linkmode no snmp-server enable traps linkmode no - This command disables Link Up/Down traps for the entire IBP.
Management Commands Command Reference Enabled Command Mode Global Config 7.5.5 SNMP Trap Commands 7.5.5.1 show snmptrap This command displays SNMP trap receivers. Trap messages are sent across a network to an SNMP Network Manager. These messages alert the manager to events occurring within the IBP or on the network. Six trap receivers are simultaneously supported.
Management Commands 7.5.5.2 Command Reference snmp trap link-status This command enables link status traps by interface. Note: This command is valid only when the Link Up/Down Flag is enabled. See ‘snmpserver enable traps linkmode’ command. Syntax snmp trap link-status no snmp trap link-status no - This command disables link status traps by interface. Note: This command is valid only when the Link Up/Down Flag is enabled. (See ‘snmpserver enable traps linkmode’ command.
Management Commands Command Reference Default Setting Disabled Command Mode Global Config 7.5.5.3 snmptrap This command adds an SNMP trap name. The maximum length of the name is 16 case-sensitive alphanumeric characters. Syntax snmptrap no snmptrap - SNMP trap name (Range: up to 16 case-sensitive alphanumeric characters). - an IP address of the trap receiver. no - This command deletes trap receivers for a community.
Management Commands Command Reference snmptrap ipaddr - SNMP trap name. - an original IP address. - a new IP address. Default Setting None Command Mode Global Config 7.5.5.5 snmptrap mode This command activates or deactivates an SNMP trap. Enabled trap receivers are active (able to receive traps). Disabled trap receivers are inactive (not able to receive traps).
Management Commands Command Reference This command displays the http settings for the IBP. Syntax show ip http Default Setting None Command Mode Privileged Exec Display Message HTTP Mode (Unsecure): This field indicates whether the HTTP mode is enabled or disabled. HTTP Port: This field specifies the port configured for HTTP. HTTP Mode (Secure): This field indicates whether the administrative mode of secure HTTP is enabled or disabled. Secure Port: This field specifies the port configured for SSLT.
Management Commands 7.5.6.3 Command Reference ip http port This command is used to set the http port where port can be 1-65535 and the default is port 80. Syntax ip http port <1-65535> no ip http port <1-65535> - HTTP Port value. no - This command is used to reset the http port to the default value. Default Setting 80 Command Mode Global Config 7.5.6.4 ip http server This command enables access to the IBP through the Web interface.
Management Commands Command Reference Command Mode Global Config 7.5.6.5 ip http secure-port This command is used to set the SSLT port where port can be 1-65535 and the default is port 443. Syntax ip http secure-port no ip http secure-port - SSLT Port value. no - This command is used to reset the SSLT port to the default value. Default Setting 443 Command Mode Global Config 7.5.6.6 ip http secure-server This command is used to enable the secure socket layer for secure HTTP.
Management Commands Command Reference Global Config 7.5.6.7 ip http secure-protocol This command is used to set protocol levels (versions). The protocol level can be set to TLS1, SSL3 or to both TLS1 and SSL3. Syntax ip http secure-protocol [protocollevel2] no ip http secure-protocol [protocollevel2] - The protocol level can be set to TLS1, SSL3 or to both TLS1 and SSL3.
Management Commands Command Reference Display Message Administrative Mode: This field indicates whether the administrative mode of SSH is enabled or disabled. Protocol Levels: The protocol level may have the values of version 1, version 2, or both versions. SSH Sessions Currently Active: This field specifies the current number of SSH connections. Max SSH Sessions Allowed: The maximum number of inbound SSH sessions allowed on the IBP.
Management Commands Command Reference Default Setting SSH1 and SSH2 Command Mode Global Config 7.5.7.4 ip ssh maxsessions This command specifies the maximum number of SSH connection sessions that can be established. A value of 0 indicates that no ssh connection can be established. The range is 0 to 5. Syntax ip ssh maxsessions <0-5> no ip ssh maxsessions <0-5> - maximum number of sessions.
Management Commands Command Reference Syntax ip ssh timeout <1-160> no ip ssh timeout <1-160> - timeout interval in seconds. no - This command sets the SSH connection session timeout value, in minutes, to the default. Changing the timeout value for active sessions does not become effective until the session is reaccessed. Any keystroke will also activate the new timeout duration. Default Setting 5 Command Mode Global Config 7.5.8 DHCP Client Commands 7.5.8.
Management Commands Command Reference Syntax ip dhcp client-identifier {text | hex } no ip dhcp client-identifier - A text string. (Range: 1-15 characters). - The hexadecimal value (00:00:00:00:00:00). no - This command is used to restore to default value.
Management Commands 7.5.9 Command Reference LOCK Commands 7.5.9.1 lock This command locks the http access to the IBP and registers the passed “lock_identifier” with this lock. When the lock is set, the Web-GUI presents a message that access to this IBP is currently not possible, bcause it is managed by another application. Use the no form to restore to default value. Syntax lock [EXCLUSIVE] no lock {|ALL} < lock_identifier > - A alphanumeric string.
Management Commands Command Reference If you want to remove this lock, this Blade server must not be managed by any Virtual IO Manager. In order to release the lock without using the Virtual IO Manager issue the command "no lock " for each lock identifier that is registered.” Command Mode Global Config 7.5.9.3 lock_reset This command resets the IBP to unlock status, and restore all lock configuration. Syntax lock_reset Default Setting None Command Mode Global Config 7.5.9.
System Log Management Commands 7.6 Command Reference System Log Management Commands 7.6.1 Show Commands 7.6.1.1 show logging This command displays logging. Syntax Show logging Default Setting None Command Mode Privileged Exec Display Message Logging Client Local Port The port on the collector/relay to which syslog messages are sent CLI Command Logging The mode for CLI command logging. Console Logging The mode for console logging.
System Log Management Commands Command Reference Default Setting None Command Mode Privileged Exec Display Message Message: The message that has been logged. Note: Message log information is not retained across a system reset. 7.6.3 show logging traplog This command displays the trap log maintained by the IBP. The trap log contains a maximum of 256 entries that wrap.
System Log Management Commands Command Reference Syntax Show logging hosts Default Setting None Command Mode Privileged Exec Display Message Index (used for deleting) IP Address IP Address of the configured server. Severity The minimum severity to log to the specified address. Port Server Port Number.This is the port on the local host from which syslog messages are sent. Status The state of logging to configured syslog hosts. If the status is disable, no logging occurs. 7.6.4 Configuration Commands 7.
System Log Management Commands Command Reference This command enables wrapping of in-memory logging when full capacity reached. Otherwise when full capacity is reached, logging stops. Syntax logging buffered wrap no logging buffered wrap no - This command disables wrapping of in-memory logging when full capacity reached. Default Setting None Command Mode Privileged Exec 7.6.4.2 logging console This command enables logging to the console.
System Log Management Commands 7.6.4.3 Command Reference logging host This command enables logging to a host where up to eight hosts can be configured. Syntax logging host [ ] [[ | <0-7>]] - IP address of the log server. - Port number.
System Log Management Commands Command Reference This command reconfigures the IP address of the log server. Syntax logging host reconfigure < hostindex > - Index of the log server. - New IP address of the log server. Default Setting None Command Mode Privileged Exec 7.6.4.4 logging syslog This command enables syslog logging. Syntax logging syslog no logging syslog no - Disables syslog logging.
System Log Management Commands Command Reference Syntax logging syslog port no logging syslog port no - Resets the local logging port to the default. Default Setting None Command Mode Privileged Exec 7.6.4.5 clear logging buffered This command clears all in-memory log.
Script Management Commands 7.7 Command Reference Script Management Commands 7.7.1 script apply This command applies the commands in the configuration script to the IBP. The apply command backs up the running configuration and then starts applying the commands in the script file. Application of the commands stops at the first failure of a command. Syntax script apply - The name of the script to be applied. Default Setting None Command Mode Privileged Exec 7.7.
Script Management Commands 7.7.3 Command Reference script list This command lists all scripts present on the IBP as well as the total number of files present. Syntax script list Default Setting None Command Mode Privileged Exec 7.7.4 script show This command displays the content of a script file. Syntax script show - Name of the script file.
User Account Management Commands 7.8 Command Reference User Account Management Commands 7.8.1 Show Commands 7.8.1.1 show users This command displays the configured user names and their settings. This command is only available for users with readwrite privileges. The SNMPv3 fields will only be displayed if SNMP is available on the system.
User Account Management Commands Command Reference This command adds a new user (account) if space permits. The account can be up to eight characters in length. The name may be comprised of alphanumeric characters as well as the dash (‘-’) and underscore (‘_’). The is not case-sensitive. Six user names can be defined. This command changes the password of an existing operator. User password should not be more than eight characters in length.
User Account Management Commands Command Reference - is the login user name. md5 - md5 authentication method. sha - sha authentication method. none - no use authentication method. no - This command sets the authentication protocol to be used for the specified login user to none. The is the login user name for which the specified authentication protocol will be used. Default Setting No authentication Command Mode Global Config 7.8.2.
Security Commands 7.9 Command Reference Security Commands 7.9.1 Show Commands 7.9.1.1 show users authentication This command displays all users and all authentication login information. It also displays the authentication login list assigned to the default user. Syntax show users authentication Default Setting None Command Mode Privileged Exec Display Message User: This field lists every user that has an authentication login list assigned.
Security Commands Command Reference Authentication Login List: This displays the authentication login listname. Method 1: This displays the first method in the specified authentication login list, if any. Method 2: This displays the second method in the specified authentication login list, if any. Method 3: This displays the third method in the specified authentication login list, if any. 7.9.1.
Security Commands Command Reference Privileged Exec Display Message Administrative mode: Indicates whether authentication control on the IBP is enabled or disabled. 7.9.1.5 show dot1x detail This command is used to show a summary of the global dot1x configuration and the detailed dot1x configuration for a specified port. Syntax show dot1x detail - is the desired interface number.
Security Commands Command Reference this port will retransmit an EAPOL EAP Request/Identity before timing out the supplicant. The value will be in the range of 1 to 10. Reauthentication Period: The timer used by the authenticator state machine on this port to determine when reauthentication of the supplicant takes place. The value is expressed in seconds and will be in the range of 1 to 65535. Reauthentication Enabled: Indicates if reauthentication is enabled on this port.
Security Commands Command Reference EAP Response Frames Received: The number of valid EAP response frames (other than resp/id frames) that have been received by this authenticator. EAP Request/Id Frames Transmitted: The number of EAP request/identity frames that have been transmitted by this authenticator. EAP Request Frames Transmitted: The number of EAP request frames (other than request/identity frames) that have been transmitted by this authenticator.
Security Commands Command Reference Syntax show dot1x users - is the desired interface number. Default Setting None Command Mode Privileged Exec Display Message User: Users configured locally to have access to the specified port. 7.9.1.9 show radius-servers This command is used to display items of the configured RADIUS servers.
Security Commands Command Reference Syntax show radius Default Setting None Command Mode Privileged Exec Display Message Current Server IP Address: Indicates the configured server currently in use for authentication Number of configured servers: The configured IP address of the authentication server Number of retransmits: The configured value of the maximum number of times a request packet is retransmitted Timeout Duration: The configured timeout value, in seconds, for request re-transmissions RADIUS Acc
Security Commands Command Reference Secret Configured: Yes or No If the optional token 'statistics ' is included, the statistics for the configured RADIUS accounting server are displayed. The IP address parameter must match that of a previously configured RADIUS accounting server. The following information regarding the statistics of the RADIUS accounting server is displayed.
Security Commands Command Reference Privileged Exec Display Message If an IP address is not specified then only the Invalid Server Addresses field is displayed. Otherwise, the other listed fields are displayed. Invalid Server Addresses: The number of RADIUS Access-Response packets received from unknown addresses. Server IP Address: The IP address of radius server.
Security Commands Command Reference Privileged Exec Display Message Admin Mode: Displays TACACS administration mode.
Security Commands Command Reference Privileged Exec Display Message Port Security Administration Mode: Port lock mode for the entire system. This command shows the port-security settings for a particular interface or all interfaces. Syntax show port-security { | all } Default Setting None Command Mode Privileged Exec Display Message Intf Interface Number. Interface Admin Mode Port Locking mode for the Interface. Dynamic Limit Maximum dynamically allocated MAC Addresses.
Security Commands Command Reference Syntax show port-security static Default Setting None Command Mode Privileged Exec Display Message MAC address Statically locked MAC address. This command displays the source MAC address of the last packet that was discarded on a locked port. Syntax show port-security violation Default Setting None Command Mode Privileged Exec Display Message MAC address MAC address of discarded packet on locked ports. 7.9.2 7.9.2.
Security Commands Command Reference list of methods are set in the authentication login list. If the authentication login list does not exist, a new authentication login list is first created and then the authentication methods are set in the authentication login list. The maximum number of authentication login methods is three. The possible method values are local, radius, reject, and tacacs. The value of local indicates that the user’s locally stored ID and password are used for authentication.
Security Commands Command Reference Syntax username defaultlogin - an authentication login list. Default Setting None Command Mode Global Config 7.9.2.3 username login This command assigns the specified authentication login list to the specified user for system login. The must be a configured and the must be a configured login list.
Security Commands 7.9.3 Command Reference Dot1x Configuration Commands 7.9.3.1 dot1x initialize This command begins the initialization sequence on the specified port. This command is only valid if the control mode for the specified port is 'auto'. If the control mode is not 'auto' an error will be returned. Syntax dot1x initialize - is the desired interface number. Default Setting None Command Mode Privileged Exec 7.9.3.
Security Commands 7.9.3.3 Command Reference dot1x login This command assigns the specified authentication login list to the specified user for 802.1x port security. The parameter must be a configured user and the parameter must be a configured authentication login list. Syntax dot1x login - is the login user name. - an authentication login list. Default Setting None Command Mode Global Config 7.9.3.
Security Commands 7.9.3.5 Command Reference dot1x user This command adds the specified user to the list of users with access to the specified port or all ports. The parameter must be a configured user. Syntax dot1x user { | all} no dot1x user { | all} - Is the login user name. - Is the desired interface number. all - All interfaces. no - This command removes the user from the list of users with access to the specified port or all ports.
Security Commands Command Reference no - This command sets the authentication mode to be used on all ports to 'auto'. Default Setting auto Command Mode Global Config This command sets the authentication mode to be used on the specified port. The control mode may be one of the following. force-unauthorized: The authenticator PAE unconditionally sets the controlled port to unauthorized. force-authorized: The authenticator PAE unconditionally sets the controlled port to authorized.
Security Commands Command Reference dot1x max-req <1-10> no dot1x max-req <1-10> - maximum number of times (Range: 1 – 10). no - This command sets the maximum number of times the authenticator state machine on this port will transmit an EAPOL EAP Request/Identity frame before timing out the supplicant to the default value, that is, 2. Default Setting 2 Command Mode Interface Config 7.9.3.8 dot1x re-authentication This command enables re-authentication of the supplicant for the specified port.
Security Commands Command Reference Syntax dot1x re-authenticate - is the desired interface number. Default Setting None Command Mode Privileged Exec 7.9.3.10 dot1x timeout This command sets the value, in seconds, of the timer used by the authenticator state machine on this port. Depending on the token used and the value (in seconds) passed; various timeout configurable parameters are set. The following tokens are supported.
Security Commands Command Reference no dot1x timeout {quiet-period | reauth-period | server-timeout | supp-timeout | tx-period} - Value in the range 0 – 65535. no - This command sets the value, in seconds, of the timer used by the authenticator state machine on this port to the default values. Depending on the token used, the corresponding default values are set.
Security Commands 7.9.4.2 Command Reference radius-server host This command is used to configure the RADIUS authentication and accounting server. If the 'auth' token is used, the command configures the IP address to use to connect to a RADIUS authentication server. Up to 3 servers can be configured per RADIUS client. If the maximum number of configured servers is reached, the command will fail until one of the servers is removed by executing the no form of the command.
Security Commands Command Reference This command is used to configure the shared secret between the RADIUS client and the RADIUS accounting / authentication server. Depending on whether the 'auth' or 'acct' token is used, the shared secret will be configured for the RADIUS authentication or RADIUS accounting server. The IP address provided must match a previously configured server. When this command is executed, the secret will be prompted.
Security Commands 7.9.4.5 Command Reference radius-server timeout This command sets the timeout value (in seconds) after which a request must be retransmitted to the RADIUS server if no response is received. The timeout value is an integer in the range of 1 to 30. Syntax radius-server timeout no radius-server timeout - the maximum timeout (Range: 1 - 30).
Security Commands 7.9.4.7 Command Reference radius-server primary This command is used to configure the primary RADIUS authentication server for this RADIUS client. The primary server is the one that is used by default for handling RADIUS requests. The remaining configured servers are only used if the primary server cannot be reached. A maximum of three servers can be configured on each client. Only one of these servers can be configured as the primary.
Security Commands Command Reference Disabled Command Mode Global Config 7.9.5.2 tacacs mode This command is used to enable/select/disable the TACACS server administrative mode Syntax tacacs mode <1-3> {master | slave} no tacacs mode <1-3> <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to disable it. Default Setting Disabled Command Mode Global Config 7.9.5.3 tacacs server-ip This command is used to configure the TACACS server IP address.
Security Commands Command Reference Default Setting IP 0.0.0.0 Command Mode Global Config 7.9.5.4 tacacs port This command is used to configure the TACACS server’s service port. Syntax tacacs port <1-3> <1-65535> no tacacs port <1-3> <1-65535> - service port (Range: 1 to 65535). <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to reset port-id to the default value. Default Setting 49 Command Mode Global Config 7.9.5.
Security Commands Command Reference no - This command is used to remove the TACACS server secret key. Default Setting None Command Mode Global Config 7.9.5.6 tacacs retry This command is used to configure the TACACS packet retransmit times. Syntax tacacs retry <1-3> <1-9> no tacacs retry <1-3> <1-9> - retry times (Range: 1 to 9). <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to reset retry value to the default value. Default Setting 5 Command Mode Global Config 7.9.5.
Security Commands Command Reference <1-255> - max timeout (Range: 1 to 255). <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to reset the timeout value to the default value. Default Setting 3 Command Mode Global Config 7.9.6 Port Security Configuration Commands 7.9.6.1 port-security This command enables port locking at the system level (Global Config) or port level (Interface Config).
Security Commands Command Reference Syntax port-security max-dynamic [<0-600>] no port-security max-dynamic no - This command resets the maximum of dynamically locked MAC addresses allowed on a specific port to its default value. Default Setting 600 Command Mode Interface Config 7.9.6.3 port-security max-static This command sets the maximum number of statically locked MAC addresses allowed on a specific port.
Security Commands 7.9.6.4 Command Reference port-security mac-address This command adds a MAC address to the list of statically locked MAC addresses. Syntax port-security mac-address <1-3965> no port-security mac-address <1-3965> <1-3965> VLAN ID no - This command removes a MAC address from the list of statically locked MAC addresses. Default Setting None Command Mode Interface Config 7.9.6.
SNTP Commands 7.10 Command Reference SNTP Commands 7.10.1 Show Commands 7.10.1.1 show sntp This command displays the current time and configuration settings for the SNTP client, and indicates whether the local time has been properly updated. Syntax show sntp Default Setting None Command Mode Privileged Exec Display Message Last Update Time Time of last clock update. Last Unicast Attempt Time Time of last transmit query (in unicast mode).
SNTP Commands Command Reference Display Message Client Supported Modes Supported SNTP Modes (Broadcast, Unicast, or Multicast). SNTP Version The highest SNTP version the client supports. Port SNTP Client Port Client Mode: Configured SNTP Client Mode. Unicast Poll Interval Poll interval value for SNTP clients in seconds as a power of two. Poll Timeout (Seconds) Poll timeout value in seconds for SNTP clients. Poll Retry Poll retry value for SNTP clients.
SNTP Commands 7.10.2.1 Command Reference sntp broadcast client poll-interval This command will set the poll interval for SNTP broadcast clients in seconds as a power of two where can be a value from 6 to 16. Syntax sntp broadcast client poll-interval <6-10> no sntp broadcast client poll-interval <6-10> - The range is 6 to 16. no - This command will reset the poll interval for SNTP broadcast client back to its default value. Default Setting 6 Command Mode Global Config 7.10.2.
SNTP Commands Command Reference Command Mode Global Config 7.10.2.3 sntp client port This command will set the SNTP client port id and polling interval in seconds. Syntax sntp client port [<6-10>] no sntp client port - SNTP client port id. <6-10> - Polling interval. It's 2^(value) seconds where value is 6 to 10. no - Resets the SNTP client port id. Default Setting The default portid is 123. Command Mode Global Config 7.10.2.
SNTP Commands Command Reference Default Setting The default value is 6. Command Mode Global Config 7.10.2.5 sntp unicast client poll-timeout This command will set the poll timeout for SNTP unicast clients in seconds. Syntax sntp unicast client poll-timeout no sntp unicast client poll-timeout < poll-timeout > - Polling timeout in seconds. The range is 1 to 30. no - This command will reset the poll timeout for SNTP unicast clients to its default value.
SNTP Commands Command Reference < poll-retry> - Polling retry in seconds. The range is 0 to 10. no - This command will reset the poll retry for SNTP unicast clients to its default value. Default Setting The default value is 1. Command Mode Global Config 7.10.2.7 sntp server This command configures an SNTP server (with a maximum of three) where the server address can be an ip address or a domain name and the address type either ipv4 or dns.
System Utilities Command Reference 7.10.2.9 This command sets the time zone for the IBP’s internal clock. Syntax sntp clock timezone <0-12> <0-59> {before-utc | after-utc} - Name of the time zone, usually an acronym. (Range: 1-15 characters) <0-12> - Number of hours before/after UTC. (Range: 0-12 hours) <0-59> - Number of minutes before/after UTC. (Range: 0-59 minutes) before-utc - Sets the local time zone before (east) of UTC. after-utc - Sets the local time zone after (west) of UTC.
System Utilities Command Reference Command Mode Privileged Exec 7.11.1.2 clear traplog This command clears the trap log. Syntax clear traplog Default Setting None Command Mode Privileged Exec 7.11.1.3 clear eventlog This command is used to clear the event log, which contains error messages from the system. Syntax clear eventlog Default Setting None Command Mode Privileged Exec 7.11.1.4 clear logging buffered This command is used to clear the message log maintained by the IBP.
System Utilities Command Reference Syntax clear logging buffered Default Setting None Command Mode Privileged Exec 7.11.1.5 clear config This command resets the configuration to the factory defaults without powering off the IBP. The IBP is automatically reset when this command is processed. You are prompted to confirm that the reset should proceed. Syntax clear config Default Setting None Command Mode Privileged Exec 7.11.1.
System Utilities Command Reference Default Setting None Command Mode Privileged Exec 7.11.1.7 clear mac address table This command clear all dynamic mac address from the mac address table of IBP. Syntax clear mac-addr-table dynamic Default Setting None Command Mode Privileged Exec 7.11.1.8 clear counters This command clears the stats for a specified or for all the ports or for the entire IBP based upon the argument.
System Utilities 7.11.1.9 Command Reference clear port-group This command resets port group configuration parameters and management VLAN parameters to the factory defaults. Syntax clear port-group Default Setting None Command Mode Privileged Exec 7.11.1.10 enable passwd This command changes Privileged EXEC password. Syntax enable passwd Default Setting None Command Mode Global Config. 7.11.1.
System Utilities Command Reference Command Mode Privileged Exec 7.11.1.12 clear ip filter This command is used to clear all ip filter entries. Syntax clear ip filter Default Setting None Command Mode Privileged Exec 7.11.1.13 clear dot1x statistics This command resets the 802.1x statistics for the specified port or for all ports. Syntax clear dot1x statistics {all | } - is the desired interface number. all - All interfaces.
System Utilities Command Reference 7.11.1.14 clear radius statistics This command is used to clear all RADIUS statistics. Syntax clear radius statistics Default Setting None Command Mode Privileged Exec 7.11.1.15 clear tacacs This command is used to clear TACACS configuration. Syntax clear tacacs Default Setting None Command Mode Privileged Exec 7.11.2 copy This command uploads and downloads to/from the IBP. Local URLs can be specified using tftp or xmodem.
System Utilities Command Reference The command can also be used to download ssh key files as sshkey-rsa, sshkey-rsa2, and sshkey-dsa and http secure-server certificates as sslpem-root, sslpem- server, sslpem-dhweak, and sslpem-dhstrong. Files upload to PC Syntax copy startup-config copy {errorlog | log | traplog} copy script where ={xmodem | tftp://ipaddr/path/file} - The filename of a configuration file or a script file.
System Utilities Command Reference - name of the image file or the script file. - xmodem or tftp://ipaddr/path/file. sshkey-rsa1 - SSH RSA1 Key file. sshkey-rsa2 - SSH RSA2 Key file. sshkey-dsa - SSH DSA Key file. sslpem-root - Secure Root PEM file. sslpem-server - Secure Server PEM file. sslpem-dhweak - Secure DH Weak PEM file. sslpem-dhstrong - Secure DH Strong PEM file.
System Utilities Command Reference This command upload or download the pre-login banner file Syntax copy clibanner copy clibanner no clibanner - xmodem or tftp://ipaddr/path/file. no - Delete CLI banner. Default Setting None Command Mode Privileged Exec 7.11.3 delete This command is used to delete a configuration or image file. Syntax delete - name of the configuration or image file. Default Setting None Command Mode Privileged Exec 7.11.
System Utilities Command Reference Syntax dir [boot-rom | config | opcode [] ] - name of the configuration or image file. boot-rom - bootrom. config - configuration file. opcode - run time operation code. Default Setting None Command Mode Privileged Exec Display Message Column Heading date file name file type startup size Description The date that the file was created. The name of the file. File types: Boot-Rom, Operation Code, and Config file.
System Utilities Command Reference This command is used to specify the file or image used to start up the system. Syntax boot-system {boot-rom | config | opcode} - name of the configuration or image file. boot-rom - bootrom. config - configuration file. opcode - run time operation code. Default Setting None Command Mode Privileged Exec 7.11.7 ping This command checks if another computer is on the network and listens for connections.
System Utilities Command Reference Ping on changing parameter value Syntax ping count <0-20000000> [size <32-512>] ping size <32-512> [count <0-20000000>] - an IP address. <0-20000000> - number of pings (Range: 0 - 20000000). Note that 0 means infinite. - packet size (Range: 32 - 512). Default Setting Count = 5 Size = 32 Command Mode Privileged Exec 7.11.
System Utilities Command Reference Privileged Exec 7.11.9 logging cli-command This command enables the CLI command Logging feature. The Command Logging component enables the IBP to log all Command Line Interface (CLI) commands issued on the system. Syntax Logging cli-command Default Setting None Command Mode Global Config 7.11.10 calendar set This command is used to set the system clock.
System Utilities 7.11.11 Command Reference reload This command resets the IBP without powering it off. Reset means that all network connections are terminated and the boot code executes. The IBP uses the stored configuration to initialize the system. You are prompted to confirm that the reset should proceed. A successful reset is indicated by the LEDs on the IBP. Syntax reload Default Setting None Command Mode Privileged Exec 7.11.
System Utilities Command Reference <0-11> - telnet session ID. all - all telnet sessions. Default Setting None Command Mode Privileged Exec 7.11.14 hostname This command is used to set the prompt string. Syntax hostname < prompt_string > - Prompt string. Default Setting vty-0 Command Mode Global Config 7.11.15 quit This command is used to exit a CLI session.
DHCP Commands 7.12 Command Reference DHCP Commands 7.12.1 ip dhcp restart Submit a DHCP client request. Syntax ip dhcp restart Default Setting None Command Mode Global Config 7.12.2 ip dhcp client-identifier This commands specifies the DHCP client identifier for the IBP. Syntax ip dhcp client-identifier {text | hex } - A text string which length is 1 to 15. - A hex string which format is XX:XX:XX:XX:XX:XX (X is 0-9, A-F).
Supported MIBs Using SNMP 8 Using SNMP SNMP (Simple Network Management Protocol) is a communication protocol designed specifically for managing devices or other elements on a network. Equipment commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performance or detect potential problems.
Supported MIBs Using SNMP 8.1 Supported MIBs The standard MIBs are listed in the following table. Public MIB NAME MIB FIles IEEE 802.1x IEEE8021-PAE-MIB dot1x.my IEEE 802.3ad LAG-MIB dot3ad.my RFC 1213 RFC1213-MIB mib-2.my Specifications RFC 2011 IP-MIB RFC2011 ip-icmp.my RFC 1493 BRIDGE-MIB bridge.my RFC 1643 ETHERLIKE-MIB etherlike.my RFC 1907 SNMPv2-MIB v2-mib.my RFC 2233 IF-MIB if.my RFC 2571 SNMP-FRAMEWORK-MIB v3-arch.my RFC 2572 SNMP-MPD-MIB v3-mpd.
Supported MIBs Using SNMP RFC 3814 MPLS-FTN-MIB mpls_ftn.my RFC 2932 IPMROUTE-STD-MIB ipmroute.my RFC 1354 IP-FORWARD-MIB ipforward.my RFC 2213 INTEGRATED-SERVICES-MIB intserv.my RFC 3291 INET-ADDRESS-MIB inetaddress.my RFC 2933 and RFC 3019 MGMD-STD-MIB igmp.my RFC 1573 IANAifType-MIB iftype.my RFC 2677 IANA-ADDRESS-FAMILY-NUMBERS-MIB ianaaddr.my The private enterprise MIB is listed below. Private MIB names MIB files FSC-SWITCH-MIB lvl7ref.my KEYING-PRIVATE-MIB fastpath_keying.
Accessing MIB Objects Using SNMP 8.2 Accessing MIB Objects MIB objects represent features of the IBP that an SNMP application can control and manage. One example is the RFC-2233 IF-MIB group which you can use to get or set the port configuration by reading or writing to different variables in this MIB group. The variables supported by this group are listed in the following table.
Accessing MIB Objects Using SNMP ifOutOctets Yes RO ifOutUcastPkts Yes RO ifOutNUcastPkts Yes RO ifOutDiscards NO RO ifOutErrors Yes RO ifOutQLen NO RO ifSpecific NO RO ifXTable Index: ifIndex ifName Yes RO ifInMulticastPkts Yes RO ifInBroadcastPkts Yes RO ifOutMulticastPkts Yes RO ifOutBroadcastPkts Yes RO ifHCInOctets Yes RO ifHCInUcastPkts Yes RO ifHCInMulticastPkts Yes RO ifHCInBroadcastPkts Yes RO ifHCOutOctets Yes RO ifHCOutUcastPkts Yes RO if
Accessing MIB Objects ifStackTable Using SNMP Indicies: ifStackHigherLayer ifStackLowerLayer ifStackStatus No RC ifRcvAddressTable Indicies: ifIndex ifRcvAddressAddress ifRcvAddressStatus No RC ifRcvAddressType No RC ifTestTable Index: ifTestId ifTestStatus No RW ifTestType No RW ifTestResult No RW ifTestCode No RO ifTestOwner No RW 279 Intelligent Blade Panel Module
Supported Traps Using SNMP 8.3 Supported Traps SNMP traps supported include the following items: RFC No.
The overview system default settings Default Settings 9 Default Settings 9.1 The overview system default settings The default settings for the system module are shown in the following table. Management CLI serial port / telnet / ssh HTTP Java Applet / SSL3.0 , TLS 1.0 SNMP v1/v2c/v3 Enterprise MIBs / Standard MIBs / RMON Management VLAN VLAN 1 WEB Management HTTP Mode (Unsecure): Enabled HTTP Port: 80 Traps Authentication Flag............................ Enable Link Up/Down Flag................
The default settings for all the configuration commands Default Settings SSL HTTP Mode (Secure): Disabled Secure Port: 443 Secure Protocol Level(s): TLS1 SSL3 802.1X Port Authent. disable RADIUS Client disable IGMP Snooping disable 802.3ad enable SNTP Client disable TACACS disable StormControl enable Link State disable Port-Backup disable SNMP 9.
The default settings for all the configuration commands 283 Default Settings Ip ip javamode ip dhcp client-identifier text Default (system clear config : ip dhcp client-identifier hex ) no ip http secure-server ip http secure-protocol TLS1 SSL3 ip http secure-port 443 ip http server no ip ssh ip ssh maxsessions 5 ip ssh timeout 5 username username defaultlogin defaultList dot1x no dot1x system-auth-control dot1x default-login defaultList Radius no radius accounting mode radius-server
The default settings for all the configuration commands Default Settings tacacs no tacacs tacacs port 1 49 no tacacs key 1 no tacacs server-ip 1 tacacs timeout 1 3 tacacs retry 1 5 no tacacs mode 1 tacacs port 2 49 no tacacs key 2 no tacacs server-ip 2 tacacs timeout 2 3 tacacs retry 2 5 no tacacs mode 2 tacacs port 3 49 no tacacs key 3 no tacacs server-ip 3 tacacs timeout 3 3 tacacs retry 3 5 no tacacs mode 3 port-security no port-security ip address ip address protocol none no ip address line cons
The default settings for all the configuration commands Default Settings lacp no lacp dot1x dot1x port-control auto no dot1x re-authentication dot1x timeout quiet-period 60 dot1x timeout reauth-period 3600 dot1x timeout supp-timeout 30 dot1x timeout tx-period 30 dot1x timeout server-timeout 30 dot1x max-req 2 storm-control no storm-control flowcontrol snmp snmp trap link-status port-security no port-security port-security max-dynamic 600 port-security max-static 20 snmp-server no snmp-server en
Diagnosing IBP Indicators Troubleshooting and Tips 10 Troubleshooting and Tips If you are having problems connecting to the network, check your network cabling to ensure that the device in question is properly connected to the network. Then refer to verify that the corresponding port on the IBP is functioning properly. If you are having problems connecting to the management interface, refer to the troubleshooting chart. 10.
Accessing the Management Interface Troubleshooting and Tips 10.2 Accessing the Management Interface You can access the management interface for the IBP from anywhere within the attached network using Telnet, a Web browser, or any SNMP-based network management software. If you are having trouble accessing the management interface, then refer to the troubleshooting information displayed in the following table.
