Management Software AT-S63 ◆ Command Line User’s Guide For AT-9400 Switch Stacks AT-S63 Version 3.2.0 for AT-9400 Basic Layer 3 Switches 613-001027 Rev.
Copyright © 2008 Allied Telesis, Inc. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesis, Inc. Allied Telesis and the Allied Telesis logo are trademarks of Allied Telesis, Incorporated. Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation. Netscape Navigator is a registered trademark of Netscape Communications Corporation.
Contents Preface ............................................................................................................................................................ 13 How This Guide is Organized........................................................................................................................... 14 Product Documentation .................................................................................................................................... 16 Where to Go First ....
Contents Chapter 2: Starting a Command Line Management Session ..................................................................... 51 Starting a Local Management Session ............................................................................................................. 52 Remote Telnet Management ............................................................................................................................ 54 Planning for Remote Management...........................................
AT-S63 Stack Command Line User’s Guide SET SNMP COMMUNITY .............................................................................................................................. 118 SHOW SNMP ................................................................................................................................................. 120 Chapter 7: Port Parameter Commands ..................................................................................................... 123 DISABLE SWITCH PORT .
Contents Section II: Advanced Operations ...........................................................................197 Chapter 13: File System Commands ..........................................................................................................199 Overview .........................................................................................................................................................200 COPY .............................................................................
AT-S63 Stack Command Line User’s Guide Section IV: SNMPv3 ............................................................................................... 281 Chapter 18: SNMPv3 Commands ............................................................................................................... 283 ADD SNMPV3 USER ..................................................................................................................................... 285 CREATE SNMPV3 ACCESS ..................................
Contents Chapter 20: Rapid Spanning Tree Protocols Commands ........................................................................357 ACTIVATE RSTP ............................................................................................................................................358 DISABLE RSTP ..............................................................................................................................................359 ENABLE RSTP ..............................................
AT-S63 Stack Command Line User’s Guide Chapter 24: RADIUS Commands ............................................................................................................... 447 ADD RADIUSSERVER................................................................................................................................... 448 DELETE RADIUSSERVER ............................................................................................................................ 450 PURGE AUTHENTICATION ......
Contents 10
Tables Table 1. Maximum Number of Switches in a Stack of both 24-port and 48-port Switches ..................................................30 Table 2. Module Variable .....................................................................................................................................................94 Table 3. File Extensions and File Types ............................................................................................................................201 Table 4.
Tables 12
Preface This guide describes the command line interface of the AT-S63 Management Software for the AT-9400 Basic Layer 3 Gigabit Ethernet Switches. The commands detailed in this guide are used to manage the network operations of AT-9400 Switches that have been assembled into a stack with the AT-StackXG Stacking Module.
Preface How This Guide is Organized This guide has the following sections and chapters: Section I: Basic Operations Chapter 1, “Overview” on page 25 Chapter 2, “Starting a Command Line Management Session” on page 51 Chapter 3, “Basic Command Line Commands” on page 61 Chapter 4, “Stacking Commands” on page 69 Chapter 5, “Basic Stack Commands” on page 75 Chapter 6, “SNMPv2 and SNMPv2c Commands” on page 103 Chapter 7, “Port Parameter Commands” on page 123 Chapter 8, “Port Statistics Commands” on page 145 C
AT-S63 Stack Command Line User’s Guide Section VI: Virtual LANs Chapter 21, “Port-based and Tagged VLAN Commands” on page 373 Section VII: Internet Protocol Routing Chapter 22, “Internet Protocol Version 4 Packet Routing Commands” on page 389 Section VIII: Port Security Chapter 23, “802.
Preface Product Documentation For overview information on the features of the AT-9400 Switch and the AT-S63 Management Software, refer to: AT-S63 Management Software Features Guide (PN 613-001022) For instructions on starting a local or remote management session on a stand-alone AT-9400 Switch or a stack, refer to: Starting an AT-S63 Management Session Guide (PN 613-001023) For instructions on installing or managing a stand-alone AT-9400 Switch, refer to: AT-9400 Gigabit Ethernet Switch Installa
AT-S63 Stack Command Line User’s Guide Where to Go First Allied Telesis recommends that you read Chapter 1, Overview, in the AT-S63 Management Software Features Guide before you begin to manage the switch for the first time. There you will find a variety of basic information about the unit and the management software, like the two levels of manager access levels and the different types of management sessions.
Preface Starting a Management Session For instructions on how to start a local or remote management session on a stack, refer to the Starting an AT-S63 Management Session Guide or Chapter 2, “Starting a Command Line Management Session” on page 51 in this guide.
AT-S63 Stack Command Line User’s Guide Document Conventions This document uses the following conventions: Note Notes provide additional information. Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data. Warning Warnings inform you that performing or omitting a specific action may result in bodily injury.
Preface Where to Find Web-based Guides The installation and user guides for all Allied Telesis products are available in portable document format (PDF) on our web site at www.alliedtelesis.com. You can view the documents online or download them onto a local workstation or server.
AT-S63 Stack Command Line User’s Guide Contacting Allied Telesis This section provides Allied Telesis contact information for technical support and for sales and corporate information. Online Support You can request technical support online from the Allied Telesis Knowledge Base at www.alliedtelesis.com/support/kb.aspx. You can submit questions to our technical support staff from the Knowledge Base and review answers to previously asked questions.
Preface 22
Section I Basic Operations The chapters in this section include: Section I: Basic Operations Chapter 1, “Overview” on page 25 Chapter 2, “Starting a Command Line Management Session” on page 51 Chapter 3, “Basic Command Line Commands” on page 61 Chapter 4, “Stacking Commands” on page 69 Chapter 5, “Basic Stack Commands” on page 75 Chapter 6, “SNMPv2 and SNMPv2c Commands” on page 103 Chapter 7, “Port Parameter Commands” on page 123 Chapter 8, “Port Statistics Commands” on pa
Section I: Basic Operations
Chapter 1 Overview This chapter has the following sections: “Introduction” on page 26 “AT-S63 Management Software” on page 27 “Supported Models” on page 27 “Supported Features” on page 28 “AT-StackXG Stacking Module” on page 29 “Maximum Number of Switches in a Stack” on page 30 “Management Interfaces” on page 30 “Management Access Methods” on page 30 “Enhanced Stacking” on page 31 “Stack Topology” on page 32 “Discovery Process” on page 34 “Master and Member S
Chapter 1: Overview Introduction The switches in the AT-9400 Series are divided into the Layer 2+ group and the Basic Layer 3 group. The two groups share many of the same features, but there are a number of significant differences. For instance, the Internet Protocol version 4 packet routing feature and the Virtual Router Redundancy Protocol are supported only on the Basic Layer 3 switches. Three models in the Basic Layer 3 series support an additional feature called stacking.
AT-S63 Stack Command Line User’s Guide AT-S63 Management Software Stacking requires Version 3.0.0 or later of the AT-S63 Management Software. Note Version 3.0.0 is only supported on the AT-9424T, AT-9424T/POE, AT-9424Ts, AT-9424Ts/XP, AT-9448T/SP, and AT-9448Ts/XP Basic Layer 3 Switches. Do not install it on the AT-9408LC/SP, AT-9424T/GB, and AT-9424T/SP Layer 2+ Switches.
Chapter 1: Overview Supported Features A stack supports these features of the AT-S63 Management Software: Local Management Remote Telnet management Remote web browser management SNMPv1, v2c, and v3 Basic port configuration – Port status (enabled or disabled) – Auto-Negotiation – Speed – Duplex-mode – Flow control and backpressure – MDI or MDI-X setting – Packet filtering and rate limiting Port statistics Static port trunks Link Aggregation Control Protocol (LACP)
AT-S63 Stack Command Line User’s Guide AT-StackXG Stacking Module The AT-9400 Switch must have the AT-StackXG Stacking Module, shown in Figure 1, to be part of a stack. You install the module in the switch’s expansion slot on the back panel. For installation instructions, refer to the AT-9400 Stack Installation Guide. AATT-L-S X4ta4cC kPXUG CVR Stack Port 1 Stack Port 2 1240 Figure 1.
Chapter 1: Overview Maximum Number of Switches in a Stack Stacks of the 24-port AT-9424Ts Switch or the AT-9424Ts/XP Switch can have up to eight units. A stack can have both models and either model can be the master switch of the stack. Allied Telesis does not recommend using the 48-port AT-9448Ts/XP Switch as the master switch of a stack. Consequently, a stack with one or more 48-port switches should have as the master switch the 24-port AT-9424Ts Switch or the AT-9424Ts/XP Switch.
AT-S63 Stack Command Line User’s Guide Enhanced Stacking If you have prior experience with Allied Telesis products, you might already be familiar with a feature that happens to have a similar name to the feature discussed in this manual. The feature is enhanced stacking and what it allows you to do is manage the different Allied Telesis switches in your network from one management session by redirecting the management session from switch to switch.
Chapter 1: Overview Stack Topology The switches of a stack are cabled with the AT-StackXG Stacking Module and its two full-duplex, 12-Gbps stacking ports. There are two supported topologies. The first topology is the duplex-chain topology, where a port on one stacking module is connected to a port on the stacking module in the next switch, which is connected to the next switch, and so on. The connections must crossover to different numbered ports on the modules.
AT-S63 Stack Command Line User’s Guide AT-StackXG RPS INPUT STACK PORT 1 STACK PORT 2 STACK PORT 1 STACK PORT 2 STACK PORT 1 STACK PORT 2 STACK PORT 1 STACK PORT 2 AT-StackXG RPS INPUT AT-StackXG RPS INPUT AT-StackXG RPS INPUT 1247 Figure 3. Duplex-ring Topology Both topologies offer the same in terms of network speed and performance. But the duplex-ring topology adds redundancy by providing a secondary path through the stacking modules.
Chapter 1: Overview Discovery Process When the switches of a stack are powered on or reset, they synchronize their operating software in a two phase process before they begin to forward network traffic through their ports. In the first phase the switches initialize their AT-S63 Management Software. It takes about one minute for a switch to fully initialize its software.
AT-S63 Stack Command Line User’s Guide Master and Member Switches A stack must have a master switch to coordinate the activity of the devices. There can be only one master switch, but it can be any unit. In a stack with different AT-9400 Switch models, the master switch can be any model. The master switch is selected during the discovery process and is based on the module ID numbers of the units, as explained in “Module ID Numbers” on page 38. The master switch has module ID 1.
Chapter 1: Overview Active Configuration File The parameter settings of the stack are stored in the active configuration file in the master switch’s file system. In the file are the commands that reestablish the current configuration of the ports and switches in the stack. The file is used by the master switch whenever the stack performs the discovery process, such as after a reset or a power cycle, or a change to a stack’s composition.
AT-S63 Stack Command Line User’s Guide By having two standard configuration files, a switch can retain its prior configuration settings when converted from a stand-alone configuration to a stack member, or vice versa. This saves you the trouble of having to reconfigure the device. It should be noted, however, that the parameter settings from a standalone configuration file cannot be transferred to a stack configuration file.
Chapter 1: Overview Module ID Numbers A switch has to have a unique module ID number in the range of 1 to 5 or 1 to 8 to be a member of a stack. The two ranges happen to correspond to the maximum size of a stack, as explained in “Maximum Number of Switches in a Stack” on page 30. The switch assigned module ID number 1 becomes the stack’s master switch. The switches of a stack are identified in the boot configuration file on the master switch by their module ID numbers.
AT-S63 Stack Command Line User’s Guide The switches should be numbered starting with ID number 1. The switch assigned ID number 1 will be the master switch of the stack. Any switch can be the master switch, but it should be either the top or bottom switch in the stack to make it easy to identify.
Chapter 1: Overview command. A switch can have only one stack priority value. The lower the number, the higher the priority. The switch with the lowest stack priority is assigned module ID 1 and becomes the master switch. The switch with the next lowest priority is assigned module ID 2, and so on. In cases where switches have the same priority value, ID number assignments are based on MAC addresses, as explained previously. The range of the stack priority value is 1 to 16. The default is 16.
AT-S63 Stack Command Line User’s Guide Guidelines Section I: Basic Operations Here are the guidelines for module ID numbers: Each switch must have a unique module ID number. The module ID numbers are set with the SET STACK command and displayed with the SHOW STACK command. The SET STACK command should only be used when a switch is operating as a standalone device. Setting a switch’s module ID number while it is part of a stack can have unpredictable results.
Chapter 1: Overview Port Numbers in Commands Some of the commands in the AT-S63 Management Software are used to configure or display the settings of the individual ports on the switches in the stack. The ports are designated with the PORT parameter. Because a stack has more than one switch, entering just a port number will obviously not be enough. Instead, a port number must be preceded by the module ID number of the switch in the stack with the port. Here is the format of the parameter: port=module ID.
AT-S63 Stack Command Line User’s Guide The following is an example of the PORT parameter in the CREATE SWITCH TRUNK command, which is used to create static port trunks. The example creates a static port trunks of ports 3 to 5 on module 2 and ports 7 and 8 on module 4: create switch trunk=load22 port=2.3-2.5,4.7-4.
Chapter 1: Overview Stack IP Address A stack does not need an IP address to forward network packets through the ports of the switches.
AT-S63 Stack Command Line User’s Guide Upgrading the AT-S63 Management Software The AT-9400 Switch must have Version 3.0.0 or later of the AT-S63 Management Software to be a member of a stack. To update the management software on an existing stack for versions after Version 3.0.0, you must disconnect the stacking cables and update the switches individually, either locally through the Terminal Port on the units or over the network using a TFTP server.
Chapter 1: Overview Powering On a Stack The switches of a stack can be powered on in any order. The units initialize their management software, which takes about one minute to complete, and afterwards perform the discovery process. The length of the discovery process can vary from fifteen seconds to several minutes, depending on the size of the stack and the number of the commands in the active configuration file on the master switch.
AT-S63 Stack Command Line User’s Guide In the final stage the master switch configures the devices with the commands in the active configuration file in its file system. If this is the first time the stack is booted up, you will see the messages in Figure 6. Configuring the Stack............................. done! Reinitializing Software Modules .................. done! Configuration file "stack.cfg" not found! Loading default configuration ........ done! Figure 6.
Chapter 1: Overview Troubleshooting the Discovery Process The easiest way to troubleshoot a stack that is unable to complete the discovery process is by watching for error messages on the Terminal Port of the master switch. Here are the steps: 1. Connect a terminal or a personal computer with a terminal emulation program to the Terminal Port on the master switch, as explained in “Starting a Local Management Session” on page 52. 2. Power on all the switches in the stack.
AT-S63 Stack Command Line User’s Guide If the master switch successfully completes the discovery process but the SHOW STACK command displays only one switch or a subset of the switches of the stack, try the following: Section I: Basic Operations Verify that all the switches are powered on. Verify that all the switches are using the same version of the AT-S63 Management Software. For instructions, refer to AT-9400 Stack Installation Guide.
Chapter 1: Overview 50 Section I: Basic Operations
Chapter 2 Starting a Command Line Management Session This chapter contains the following sections: “Starting a Local Management Session” on page 52 “Remote Telnet Management” on page 54 “Quitting a Management Session” on page 56 “Command Line Interface Features” on page 57 “Command Formatting” on page 58 “Redundant Twisted Pair Ports” on page 59 51
Chapter 2: Starting a Command Line Management Session Starting a Local Management Session Note A stack does not need an IP address for local management. To start a local management session, perform the following procedure: 1. Identify the master switch of the stack. (Local management sessions must be conducted through the master switch.) If you followed the instructions in the AT-9400 Stack Installation Guide, the switches should have labels with their module ID numbers.
AT-S63 Stack Command Line User’s Guide Stop bits: 1 Flow control: None Note The port settings are for a DEC VT100 or ANSI terminal, or an equivalent terminal emulator program. 5. Press Enter. You are prompted for a user name and password. 6. Enter a user name and password. The stack comes with two standard user accounts: manager and operator. The manager account lets you configure the stack’s settings while the operator account only lets you view them.
Chapter 2: Starting a Command Line Management Session Remote Telnet Management Planning for Remote Management Before you can remotely manage a stack with a Telnet client from a network workstation, you must assign an IP address to the stack, as outlined in the steps here: 1. Create a virtual LAN (VLAN) on the stack. The VLAN must include the port(s) through which the stack and the remote Telnet clients will conduct the management sessions.
AT-S63 Stack Command Line User’s Guide Note A stack can support one manager session and eight operator sessions simultaneously. After you have logged on, the command line interface (CLI) prompt is displayed, as shown in Figure 8 on page 53. If the stack has a name, the name is displayed below the master switch’s model name. 3. You can now begin to manage the stack with the commands detailed in this guide.
Chapter 2: Starting a Command Line Management Session Quitting a Management Session To quit a local management session, type EXIT. You should always exit from a management session at the completion of a session. This can prevent an unauthorized individual from making changes to a stack’s configuration in the event you leave your management station unattended.
AT-S63 Stack Command Line User’s Guide Command Line Interface Features The following features are supported in the command line interface: Section I: Basic Operations Command history - Use the up and down arrow keys. Context-specific help - Press the question mark key at any time to see a list of legal next parameters. Keyword abbreviations - Any keyword can be recognized by typing an unambiguous prefix, for example, “sh” for “show”.
Chapter 2: Starting a Command Line Management Session Command Formatting The following formatting conventions are used in this manual: screen text font - This font illustrates the format of a command and command examples. 58 screen text font - Italicized screen text indicates a variable for you to enter. [ ] - Brackets indicate optional parameters. | - Vertical line separates parameter options for you to choose from.
AT-S63 Stack Command Line User’s Guide Redundant Twisted Pair Ports The twisted pair ports 21R to 24R on the AT-9424Ts and AT-9424Ts/XP Switches are paired with four SFP slots. Follow these guidelines when using these ports and slots: Only one port in a pair — either the twisted pair port or the corresponding SFP module — can be active at a time. The twisted pair port is the active port when its SFP slot is empty, or when an SFP module is installed but has not established a link to an end node.
Chapter 2: Starting a Command Line Management Session 60 Section I: Basic Operations
Chapter 3 Basic Command Line Commands This chapter contains the following commands: “CLEAR SCREEN” on page 62 “EXIT” on page 63 “HELP” on page 64 “LOGOFF, LOGOUT and QUIT” on page 65 “SAVE CONFIGURATION” on page 66 “SET PROMPT” on page 67 “SHOW USER” on page 68 Note Remember to save your changes with the SAVE CONFIGURATION command.
Chapter 3: Basic Command Line Commands CLEAR SCREEN Syntax clear screen Parameters None. Description This command clears the screen.
AT-S63 Stack Command Line User’s Guide EXIT Syntax exit Parameters None. Description This command ends a management session. Example exit Equivalent Commands logoff logout quit For information, see “LOGOFF, LOGOUT and QUIT” on page 65.
Chapter 3: Basic Command Line Commands HELP Syntax help Parameters None. Description This command lists the CLI keywords. Each keyword has a brief description.
AT-S63 Stack Command Line User’s Guide LOGOFF, LOGOUT and QUIT Syntax logoff logout quit Parameters None. Description These three commands end a management session.
Chapter 3: Basic Command Line Commands SAVE CONFIGURATION Syntax save configuration Parameters None. Description This command saves your changes to the parameter settings of the stack in the master switch’s active boot configuration file for permanent storage. Changes to the operating parameters of a stack, such as the creation of a new virtual LAN or static port trunk, are initially stored in temporary memory, where they will be lost the next time the stack is reset or power cycle.
AT-S63 Stack Command Line User’s Guide SET PROMPT Syntax set prompt="prompt" Parameter prompt Specifies the command line prompt. The prompt can be from one to 12 alphanumeric characters. Spaces and special characters are allowed. The prompt must be enclosed in quotes. Description This command changes the command line prompt. Assigning each stack a different command prompt can make them easier to identify.
Chapter 3: Basic Command Line Commands SHOW USER Syntax show user Parameter None. Description Displays the user account used to log on to manage the stack.
Chapter 4 Stacking Commands This chapter contains the following commands: “SET STACK” on page 70 “SHOW STACK” on page 72 69
Chapter 4: Stacking Commands SET STACK Syntax set stack moduleid=value newmoduleid=auto|static|value priority=value Parameters mymoduleid Specifies the switch’s current ID number. To view this number, refer to “SHOW STACK” on page 72. newmoduleid Specifies a new stack ID number for the switch. Options are: priority auto Sets the switch’s ID dynamically, based on the device’s MAC address or stack priority number. static Converts the switch’s current dynamic module ID into a static ID.
AT-S63 Stack Command Line User’s Guide You must reset or power cycle the unit after performing this command to activate a switch’s new ID number. You do not have to issue the SAVE CONFIGURATION command with this command. A device’s new ID number is automatically stored in a hidden system file in the unit’s file system. Note All of the switches of a stack must have the same type of stack ID number of static or dynamic.
Chapter 4: Stacking Commands SHOW STACK Syntax show stack Parameters None. Description This command displays the module ID number of a switch. The command displays different information depending on whether the switch is a standalone unit or the master switch of a functioning stack. Figure 9 is an example of the information from a stand-alone switch. This information is useful when setting or changing a switch’s ID number, which should only be performed when the device is not connected to a stack.
AT-S63 Stack Command Line User’s Guide Figure 10 is an example of the command when it is performed on the master switch of a functioning stack. The switches in the stack and their module ID numbers are displayed in a table.
Chapter 4: Stacking Commands Priority - The priority number of a switch. The range is 1 to 16. The lower the number, the higher the priority. To set this value, refer to “SET STACK” on page 70. This value only applies when the ID numbers are set automatically. Mac Address - The MAC address of a switch. For information on module ID numbers, refer to “Module ID Numbers” on page 38.
Chapter 5 Basic Stack Commands This chapter contains the following commands: “DISABLE TELNET” on page 76 “ENABLE TELNET” on page 77 “PING” on page 78 “RESET SWITCH” on page 79 “RESET SYSTEM” on page 80 “RESTART REBOOT” on page 81 “RESTART SWITCH” on page 82 “SET ASYN” on page 84 “SET DATE” on page 85 “SET PASSWORD MANAGER” on page 86 “SET PASSWORD OPERATOR” on page 87 “SET SWITCH CONSOLETIMER” on page 88 “SET SYSTEM” on page 89 “SET TELNET INSERTNULL”
Chapter 5: Basic Stack Commands DISABLE TELNET Syntax disable telnet Parameters None. Description This command disables the Telnet server on the master switch. You might disable the server to prevent anyone from managing the stack with a Telnet client. The default setting for the Telnet server is enabled.
AT-S63 Stack Command Line User’s Guide ENABLE TELNET Syntax enable telnet Parameters None. Description This command activates the Telnet server on the master switch. When the server is activated, you can remotely manage the stack using the Telnet application protocol. To disable the server, refer to “DISABLE TELNET” on page 76. The default setting for the Telnet server is enabled.
Chapter 5: Basic Stack Commands PING Syntax ping ipaddress Parameter ipaddress Specifies the IP address of an end node to be pinged. Description This command instructs the stack to ping an end node. You can use this command to determine whether an active link exists between the stack and another network device. Follow these guidelines when using this command: The stack must have a routing interface. It uses the IP address of the interface as its source address when pinging a device.
AT-S63 Stack Command Line User’s Guide RESET SWITCH Syntax reset switch [module=id] Parameters id Specifies the ID number of a switch in the stack. You can specify only one switch at a time. To view the ID numbers of the switches, refer to “SHOW STACK” on page 72. Description This command does the following: Performs a soft reset on all of the ports on a switch or in a stack. The reset takes less than a second to complete. The ports retain their current operating parameter settings.
Chapter 5: Basic Stack Commands RESET SYSTEM Syntax reset system [name] [contact] [location] Parameters name Deletes the switch’s name. contact Deletes the switch’s contact. location Deletes the switch’s location. Description This command delete’s the stack’s name, the name of the network administrator responsible for managing it, and its location. To set these parameters, refer to “SET SYSTEM” on page 89. To view the current settings, refer to “SHOW SYSTEM” on page 100.
AT-S63 Stack Command Line User’s Guide RESTART REBOOT Syntax restart reboot Parameters None. Description This command resets the entire stack. The switches run their internal diagnostics, load the AT-S63 Management Software, and perform the discovery process. The reset can take several minutes to complete. For further information, refer to “Discovery Process” on page 34. Note The switches of a stack do not forward traffic during the reset process. Some network traffic may be lost.
Chapter 5: Basic Stack Commands RESTART SWITCH Syntax restart switch config=none|filename.cfg Parameters config Specifies the configuration file. The file must already exist on the master switch. The NONE option returns all of the parameter settings in the stack to the default values. Description This command can load a different configuration file on the stack or return the stack’s parameter settings to their default values. This command can also be used to reset a stack.
AT-S63 Stack Command Line User’s Guide Note For a list of default values, refer to Appendix A, “AT-S63 Default Settings” in the AT-S63 Management Software Features Guide. Your local or remote management session ends when you reset the stack. You must reestablish the session to continue managing it. Examples The following command configures the stack using the configuration file named stack12.cfg: restart switch config=stack12.
Chapter 5: Basic Stack Commands SET ASYN Syntax set asyn [speed=1200|2400|4800|9600|19200|38400| 57600|115200] [prompt=”prompt”] Parameters speed Sets the speed (baud rate) of the serial terminal port on the master switch. The default is 9600 bps. prompt Specifies the command line prompt. The prompt can be from one to 12 alphanumeric characters. Spaces and special characters are allowed. The prompt must be enclosed in double quotes. This parameter performs the same function as “SET PROMPT” on page 67.
AT-S63 Stack Command Line User’s Guide SET DATE Syntax set date=dd-mm-yyyy Parameter date Specifies the date for the stack in day-month-year format. Description This command manually sets the date on the stack. You can use this command to set the stack’s date if you are not using an SNTP server. The date and time are maintained even when a switch is powered off because the unit has an onboard battery.
Chapter 5: Basic Stack Commands SET PASSWORD MANAGER Syntax set password manager Parameters None. Description This command sets the manager’s password. The manager account allows you to view and change all of the stack parameters. The default password is “friend.” The password can be from 0 to 16 alphanumeric characters. Allied Telesis recommends that you avoid special characters, such as spaces, asterisks, or exclamation points because some web browsers do not accept them in passwords.
AT-S63 Stack Command Line User’s Guide SET PASSWORD OPERATOR Syntax set password operator Parameters None. Description This command sets the operator’s password. Logging in as operator allows you to only view the parameter settings in a stack. The default password is “operator.” The password can be from 0 to 16 alphanumeric characters. Allied Telesis recommends that you avoid special characters, such as spaces, asterisks, or exclamation points because some web browsers do not accept them in passwords.
Chapter 5: Basic Stack Commands SET SWITCH CONSOLETIMER Syntax set switch consoletimer=value Parameter consoletimer Specifies the console timer in minutes. The range is 1 to 60 minutes. The default is 10 minutes. Description This command sets the console timer, which the management software uses to end inactive management sessions.
AT-S63 Stack Command Line User’s Guide SET SYSTEM Syntax set system [name="name"] [contact="contact"] [location="location"] Parameters name Specifies the name of the stack. The name can be from 1 to 39 alphanumeric characters in length and must be enclosed in double quotes (“ “). Spaces are allowed. contact Specifies the name of the network administrator responsible for managing the stack. The contact can be from 1 to 39 alphanumeric characters in length and must be enclosed in double quotes.
Chapter 5: Basic Stack Commands SET TELNET INSERTNULL Syntax set telnet insertnull=on|off Parameters insertnull Controls whether the Telnet server inserts a NULL character after each CR sent to the remote client. Options are: on Sends a NULL character after each CR sent to the remote client. off Specifies that no NULL character is sent to the remote client. This is the default setting.
AT-S63 Stack Command Line User’s Guide SET TIME Syntax set time=hh:mm:ss Parameter time Specifies the hour, minute, and second for the stack’s time in 24-hour format. Description This command manually sets the time on the stack. You can use this command to set the stack’s time if you are not using an SNTP server. The date and time are maintained even when the switch is powered off because the unit has an onboard battery.
Chapter 5: Basic Stack Commands SET USER PASSWORD Syntax set user manager|operator password=password Parameter password Specifies the password. Description This command sets the manager or operator’s password. The default manager password is “friend.” The default operator password is “operator.” The password can be from 0 to 16 alphanumeric characters.
AT-S63 Stack Command Line User’s Guide SHOW ASYN Syntax show asyn Parameters None. Description This command displays the settings for the serial terminal port on the master switch. The port is used for local management of the stack. An example of the display is shown in Figure 11. Asynchronous Port (Console) Information: Baud Rate ................................. Parity .................................... Data bits ................................. Stop bits ................................. Prompt ...
Chapter 5: Basic Stack Commands SHOW CONFIG DYNAMIC Syntax show config dynamic[=module] Parameters module Displays the settings of a specific module in the management software. You can specify only one module at a time. For a list of modules, refer to Table 2. Description This command displays the parameter settings of the stack that have been changed from their default values, including those not yet saved to the active boot configuration file.
AT-S63 Stack Command Line User’s Guide Table 2.
Chapter 5: Basic Stack Commands SHOW CONFIG INFO Syntax show config info Parameters None. Description This command displays all of the parameter settings on a stack, including those not yet saved to the active boot configuration file.
AT-S63 Stack Command Line User’s Guide SHOW SWITCH Syntax show switch module=id Parameters id Specifies the ID number of a switch in the stack. You can specify only one switch at a time. To view the module ID numbers, refer to “SHOW STACK” on page 72. Description This command displays a variety of information and parameter settings about the switches in a stack. You can only view one switch at a time.
Chapter 5: Basic Stack Commands MAC address - The MAC address of the switch. This value cannot be changed. VLAN mode - The stack’s VLAN mode. The three possible VLAN modes are: User configured (for creating your own port-based and tagged VLANs) 802.1Q-compliant Non-802.1Q-compliant The default is user configured VLANs. Version 3.0.0 of the management software does not support 802.1Q-compliant or non802.1Q-compliant in a stack.
AT-S63 Stack Command Line User’s Guide information correctly. When OFF, the default setting, no NULL character is set after a CR. To set this feature, see “SET TELNET INSERTNULL” on page 90. MAC address aging time - The current value for the MAC address aging timer. The switch uses the aging timer to delete inactive dynamic MAC addresses from the MAC address table. To set this value, refer to “SET SWITCH AGINGTIMER|AGEINGTIMER” on page 157.
Chapter 5: Basic Stack Commands SHOW SYSTEM Syntax show system Parameters None. Description This command displays the following information about the master switch of a stack: MAC Address The MAC address of the master switch. Model Name The model name of the master switch. Serial Number The serial number of the master switch. IP Address The IP address of the local interface. Subnet Mask The subnet mask of the local interface. Default Gateway For a stack, this field displays the default gateway address.
AT-S63 Stack Command Line User’s Guide Administrator The name of the network administrator responsible for managing the stack. Location The location of the stack, (for example, 4th Floor - rm 402B). Note To configure the name, administrator, and location parameters, refer to “SET SYSTEM” on page 89. Power Information The status of the main power supply, the redundant power supply (if present), and internal power consumption in the master switch. Temperature (Deg.
Chapter 5: Basic Stack Commands SHOW TIME Syntax show time Parameters None. Description This command shows the stack’s current date and time.
Chapter 6 SNMPv2 and SNMPv2c Commands This chapter contains the following commands: “ADD SNMP COMMUNITY” on page 104 “CREATE SNMP COMMUNITY” on page 106 “DELETE SNMP COMMUNITY” on page 109 “DESTROY SNMP COMMUNITY” on page 111 “DISABLE SNMP” on page 112 “DISABLE SNMP AUTHENTICATETRAP” on page 113 “DISABLE SNMP COMMUNITY” on page 114 “ENABLE SNMP” on page 115 “ENABLE SNMP AUTHENTICATETRAP” on page 116 “ENABLE SNMP COMMUNITY” on page 117 “SET SNMP COMMUNITY” on page
Chapter 6: SNMPv2 and SNMPv2c Commands ADD SNMP COMMUNITY Syntax add snmp community="community" [traphost=ipaddress] [manager=ipaddress] Parameters community Specifies an existing SNMP community string on the stack. This parameter is case sensitive. The name must be enclosed in double quotes if it contains a space or special character such as an exclamation point. Otherwise, the quotes are optional. traphost Specifies the IP address of a trap receiver.
AT-S63 Stack Command Line User’s Guide The following command adds the IP address 149.212.10.11 as a trap receiver to the “public” community string: add snmp community=public traphost=149.212.10.
Chapter 6: SNMPv2 and SNMPv2c Commands CREATE SNMP COMMUNITY Syntax create snmp community="community" [access=read|write] [open=yes|no|on|off|true|false] [traphost=ipaddress] [manager=ipaddress] Parameters community Specifies a new community string. The maximum length of a community string is 15 alphanumeric characters. Spaces are allowed. The name must be enclosed in double quotes if it includes a space or other special character such as an exclamation point. Otherwise, the quotes are optional.
AT-S63 Stack Command Line User’s Guide Description This command creates a new SNMP community string on the stack. The stack comes with two default community strings, “public,” with an access of read only, and “private,” with an access level of read and write. A stack can support up to eight community strings. The COMMUNITY parameter specifies the new community string. The string can be up to 15 alphanumeric characters. The string is case sensitive.
Chapter 6: SNMPv2 and SNMPv2c Commands station that will use the string: create snmp community=wind11 access=write open=no manager=149.35.24.22 (The OPEN=NO parameter can be omitted from the example because closed status is the default for a new community string.) This command creates a community string called “serv12” with a closed status.
AT-S63 Stack Command Line User’s Guide DELETE SNMP COMMUNITY Syntax delete snmp community=”community” traphost=ipaddress manager=ipaddress Parameters community Specifies the SNMP community string on the stack to be modified. The community string must already exist on the stack. This parameter is case sensitive. The name must be enclosed in double quotes if it contains a space or special character, such as an exclamation point. Otherwise, the quotes are optional.
Chapter 6: SNMPv2 and SNMPv2c Commands The following command deletes the IP address 149.212.44.45 of a trap receiver from the community string “public.” delete snmp community=public traphost=149.212.44.
AT-S63 Stack Command Line User’s Guide DESTROY SNMP COMMUNITY Syntax destroy snmp community="community" Parameter community Specifies an SNMP community string to delete from the stack. This parameter is case sensitive. The name must be enclosed in double quotes if it contains a space or special character, such as an exclamation point. Otherwise, the quotes are optional. Description This command deletes an SNMP community string from the stack.
Chapter 6: SNMPv2 and SNMPv2c Commands DISABLE SNMP Syntax disable snmp Parameters None. Description This command disables SNMP on the stack. You cannot manage the unit from an SNMP management station when SNMP is disabled. The default setting for SNMP is disabled.
AT-S63 Stack Command Line User’s Guide DISABLE SNMP AUTHENTICATETRAP Syntax disable snmp authenticatetrap|authenticate_trap Parameters None. Description This command stops the stack from sending authentication failure traps to trap receivers. However, the stack will continue to send other system traps, such as alarm traps. The default setting for sending authentication failure traps is disabled. The AUTHENTICATETRAP and AUTHENTICATE_TRAP keywords are equivalent.
Chapter 6: SNMPv2 and SNMPv2c Commands DISABLE SNMP COMMUNITY Syntax disable snmp community="community" Parameter community Specifies an SNMP community string to disable on the stack. This parameter is case sensitive. The string must be enclosed in double quotes if it contains a space or other special character such as an exclamation point. Otherwise, the quotes are optional. Description This command disables a community string on the stack, while leaving SNMP and all other community strings active.
AT-S63 Stack Command Line User’s Guide ENABLE SNMP Syntax enable snmp Parameters None. Description This command activates SNMP on the stack so that you can remotely manage the unit with an SNMP application program from a management station on your network. It also enables the stack to send SNMP traps to trap receivers. The default setting for SNMP on the stack is disabled.
Chapter 6: SNMPv2 and SNMPv2c Commands ENABLE SNMP AUTHENTICATETRAP Syntax enable snmp authenticatetrap|authenticate_trap Parameters None. Description This command configures the stack to send authentication failure traps to trap receivers.
AT-S63 Stack Command Line User’s Guide ENABLE SNMP COMMUNITY Syntax enable snmp community="community" Parameter community Specifies an SNMP community string. This parameter is case sensitive. The name must be enclosed in double quotes if it contains a space or other special character such as an exclamation point. Otherwise, the quotes are optional. Description This command activates a community string on the stack. The default setting for a new community string is enabled.
Chapter 6: SNMPv2 and SNMPv2c Commands SET SNMP COMMUNITY Syntax set snmp community="community" [access=read|write] [open=yes|no|on|off|true|false] Parameters community Specifies the SNMP community string whose access level or access status is to be changed. This community string must already exist on the stack. This parameter is case sensitive. The name must be enclosed in double quotes if it contains a space or other special character such as an exclamation point. Otherwise, the quotes are optional.
AT-S63 Stack Command Line User’s Guide Examples The following command changes the access status for the SNMP community string “sw44” to closed: set snmp community=sw44 open=no The following command changes the access level for the SNMP community string “serv12” to read and write with open access: set snmp community=serv12 access=write open=yes Section I: Basic Features 119
Chapter 6: SNMPv2 and SNMPv2c Commands SHOW SNMP Syntax show snmp [community="community"] Parameter community Specifies a community string on the stack. This parameter is case sensitive. The name must be enclosed in double quotes if it contains a space or other special character such as an exclamation point. Otherwise, the quotes are optional. Default community strings are “public” and “private.
AT-S63 Stack Command Line User’s Guide string that has a closed access status. (Management station IP addresses are displayed only when you specify a specific community string using the COMMUNITY parameter in this command.) To add IP addresses of management stations to a community string, refer to “ADD SNMP COMMUNITY” on page 104. Trap receiver IP addresses - These are the IP addresses of management stations to receive SNMP traps from the stack.
Chapter 6: SNMPv2 and SNMPv2c Commands 122 Section I: Basic Features
Chapter 7 Port Parameter Commands This chapter contains the following commands: “DISABLE SWITCH PORT” on page 124 “DISABLE SWITCH PORT FLOW” on page 125 “ENABLE SWITCH PORT” on page 126 “ENABLE SWITCH PORT FLOW” on page 127 “PURGE SWITCH PORT” on page 128 “RESET SWITCH PORT” on page 129 “SET SWITCH PORT” on page 130 “SET SWITCH PORT FILTERING” on page 134 “SET SWITCH PORT RATELIMITING” on page 137 “SHOW SWITCH PORT” on page 140 Note Remember to save your changes with
Chapter 7: Port Parameter Commands DISABLE SWITCH PORT Syntax disable switch port=port Parameter port Specifies the port to disable. You can specify more than one port at a time. Port numbers are entered in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command disables a port. A disabled port does not forward traffic. You might disable unused ports on the stack to prevent them from being used by unauthorized individuals.
AT-S63 Stack Command Line User’s Guide DISABLE SWITCH PORT FLOW Syntax disable switch port=port flow=pause Parameter port Specifies the port where flow control is to be disabled. You can specify more than one port at a time. Port numbers are entered in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command deactivates flow control on a port. Flow control only applies to ports operating in full duplex mode.
Chapter 7: Port Parameter Commands ENABLE SWITCH PORT Syntax enable switch port=port Parameter port Specifies the port to enable. You can specify more than one port at a time. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command enables a port. When a port is enabled, it forwards traffic. The default setting for a port is enabled. Example The following command enables ports 2.1 to 2.
AT-S63 Stack Command Line User’s Guide ENABLE SWITCH PORT FLOW Syntax enable switch port=port flow=pause Parameter port Specifies the port where you want to active flow control. You can specify more than one port at a time. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command activates flow control on a port. Flow control applies to ports operating in full duplex mode.
Chapter 7: Port Parameter Commands PURGE SWITCH PORT Syntax purge switch port=port Parameters port Specifies the port whose parameter settings are to be returned to the default values. You can specify more than one port at a time. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command returns all of the parameter settings of a port to the factory default values.
AT-S63 Stack Command Line User’s Guide RESET SWITCH PORT Syntax reset switch port=port Parameter port Specifies the port to reset. You can specify more than one port at a time. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command resets a port. The reset takes less that a second to complete. You might reset a port if it is experiencing a problem establishing a link with its end node.
Chapter 7: Port Parameter Commands SET SWITCH PORT Syntax set switch port=port [description=”description”] [status=enabled|disabled] [speed=autonegotiate|10mhalf|10mfull|100mhalf|100mfull| 1000mfull] [mdimode=mdi|mdix|auto] [flowcontrol=disable|enable|auto] [fctrllimit=value] [backpressure=yes|no|on|off|true|false|enabled| disabled] [bplimit=value] [holbplimit=value] [renegotiation=auto] [softreset] Parameters port Specifies the port to be configured. You can configure more than one port at a time.
AT-S63 Stack Command Line User’s Guide 10mhalf 10 Mbps and half-duplex mode. 10mfull 10 Mbps and full-duplex mode. 100mhalf 100 Mbps and half-duplex mode. 100mfull 100 Mbps and full-duplex mode. 1000mfull 1000 Mbps and full-duplex mode. (Applies only to 1000Base SFP and GBIC modules. This selection should not be used. An SFP or GBIC module should use Auto-Negotiation to set its speed and duplex mode.
Chapter 7: Port Parameter Commands backpressure Controls backpressure on the port. Backpressure applies only to ports operating in half-duplex mode. The options are: yes, on, true, enabled Activates backpressure on the port. These options are equivalent. no, off, false, disabled Deactivates backpressure on the port. This is the default. These options are equivalent. bplimit Specifies the number of cells for back pressure. A cell represents 128 bytes. The range is 1 to 7935 cells.
AT-S63 Stack Command Line User’s Guide The following command sets the speed on ports 1.2 to 1.6 to 100 Mbps, the duplex mode to full duplex, the wiring configuration to MDI-X, and flow control to enabled: set switch port=1.2-1.6 speed=100mfull mdimode=mdix flowcontrol=enabled The following command resets port 5.5: set switch port=5.5 softreset Equivalent Commands disable switch port=port For information, see “DISABLE SWITCH PORT” on page 124.
Chapter 7: Port Parameter Commands SET SWITCH PORT FILTERING Syntax set switch port=port [bcastfiltering=yes|no|on|off|true|false|enabled| disabled] [bcastegressfiltering=yes|no|on|off|true|false|enabled| disabled] [unkmcastfiltering=yes|no|on|off|true|false] [unkmcastegressfiltering=yes|no|on|off|true|false] [unkucastfiltering=yes|no|on|off|true|false] [unkucastegressfiltering=yes|no|on|off|true|false] Parameters port Specifies the port you want to configure.
AT-S63 Stack Command Line User’s Guide unkmcastfiltering Controls the unknown ingress multicast frame filter. The options are: yes, on, true, enabled The port discards all unknown ingress multicast frames. These options are equivalent. no, off, false, disabled The port forwards all unknown ingress multicast frames. This is the default. These options are equivalent. unkmcastegressfiltering Controls the unknown egress multicast frame filter.
Chapter 7: Port Parameter Commands no, off, false, disabled The port forwards all unknown egress unicast frames. This is the default. These options are equivalent. Description This command discards ingress and egress broadcast packets as well as unknown unicast and multicast packets on a port. When you activate this feature on a port, the port discards all ingress or egress packets of the type specified. The default setting for each type of packet filter is disabled.
AT-S63 Stack Command Line User’s Guide SET SWITCH PORT RATELIMITING Syntax set switch port=port [bcastratelimiting=yes|no|on|off|true|false|enabled| disabled] [bcastrate=value] [mcastratelimiting=yes|no|on|off|true|false|enabled| disabled] [mcastrate=value] [unkucastratelimiting=yes|no|on|off|true|false|enabled| disabled] [unkucastrate=value] Parameters port Specifies the port to be configured. You can specify more than one port at a time, but the ports must be of the same medium type.
Chapter 7: Port Parameter Commands mcastratelimiting mcastrate Enables or disables a rate limit for ingress multicast packets. The options are: yes, on, true, enabled Activates multicast packet rate limit on the port. The options are equivalent. no, off, false, disabled Deactivates multicast packet rate limit on the port. This is the default. The options are equivalent. Specifies the maximum number of ingress multicast packets a port accepts each second. The range is 0 to 262,134 packets.
AT-S63 Stack Command Line User’s Guide Examples This command activates rate limiting for ingress broadcast and multicast packets on port 1.6. It sets a threshold of 20,000 packets per second for broadcast packets and 100,000 for multicast packets: set switch port=1.6 bcastratelimiting=yes bcastrate=20000 mcastratelimiting=yes mcastrate=100000 This command sets a threshold of 150,000 packets per second for unknown ingress unicast packets on ports 2.15 and 2.17: set switch port=2.15,2.
Chapter 7: Port Parameter Commands SHOW SWITCH PORT Syntax show switch port[=port] Parameter port Specifies the port whose parameter settings you want to view. You can specify more than one port at a time. Omitting this parameter displays all ports. Port numbers are entered in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command displays a port’s current operating specifications, such as speed and duplex mode.
AT-S63 Stack Command Line User’s Guide displays N/A, because the MDI/MDIX setting is set automatically on the port. A value only appears in this field if you disable AutoNegotiation on a twisted pair port and set MDI/MDIX manually. This field does not apply to a fiber optic port. To adjust a port’s MDI/MDIX setting, refer to “SET SWITCH PORT” on page 130. Section I: Basic Operations Actual Speed/Duplex - Displays the current operating speed and duplex mode of a port.
Chapter 7: Port Parameter Commands 142 Unknown Multicast Ingress Filtering - Displays the status of unknown ingress multicast filtering. If enabled, the port discards all unknown ingress multicast packets. The default is disabled. To configure this parameter, refer to “SET SWITCH PORT FILTERING” on page 134. Unknown Multicast Egress Filtering - Displays the status of unknown egress multicast filtering. If enabled, the port discards all unknown egress multicast packets. The default is disabled.
AT-S63 Stack Command Line User’s Guide Q1 egress queue. To set this parameter, refer to “SET SWITCH PORT PRIORITY OVERRIDEPRIORITY” on page 264. Override Priority - Displays whether the Class of Service priority level in ingress tagged packets is ignored when determining the egress queue for storing the packets. If this parameter is displaying Yes the stack ignores the priority level in tagged packets and uses the priority level assigned to the port to determine the egress queue.
Chapter 7: Port Parameter Commands Port #11 Information: Port Description ..................... Port Type ............................ Status ............................... Link State ........................... Configured Speed/Duplex .............. Configured MDI Crossover ............. Actual Speed/Duplex .................. Actual MDI Crossover ................. Flow Control Status .................. Flow Control Threshold ............... Backpressure Status .................. Backpressure Threshold ..
Chapter 8 Port Statistics Commands This chapter contains the following commands: “RESET SWITCH PORT COUNTER” on page 146 “SHOW SWITCH MODULE COUNTER” on page 147 “SHOW SWITCH PORT COUNTER” on page 150 145
Chapter 8: Port Statistics Commands RESET SWITCH PORT COUNTER Syntax reset switch port=port counter Parameter port Specifies the port whose statistics counters are to be returned to zero. You can specify more than one port at a time. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command returns a port’s statistics counters to zero.
AT-S63 Stack Command Line User’s Guide SHOW SWITCH MODULE COUNTER Syntax show switch module=id counter Parameters id Specifies the ID number of a switch in the stack. You can specify only one switch at a time. To view the ID numbers of the switches, refer to “SHOW STACK” on page 72. Description This command displays the operating statistics, such as the number of ingress and egress packets, of a switch in a stack. An example is shown in Figure 15. Module: 2 Port: All Bytes Rx ......... Frames Rx .......
Chapter 8: Port Statistics Commands Bcast Frames Rx Number of broadcast frames received by the switch. Bcast Frames Tx Number of broadcast frames transmitted by the switch. Mcast Frames Rx Number of multicast frames received by the switch. Mcast Frames Tx Number of multicast frames transmitted by the switch. Frames 64 Frames 65-127 Frames 128-255 Frames 256-511 Frames 512-1023 Frames 1024-1518 Frames 1519-1522 Number of frames transmitted from the port, grouped by size.
AT-S63 Stack Command Line User’s Guide Dropped Frames Number of frames successfully received and buffered by the switch, but discarded and not forwarded.
Chapter 8: Port Statistics Commands SHOW SWITCH PORT COUNTER Syntax show switch port[=port] counter Parameter port Specifies the port whose statistics you want to view. You can specify more than one port at a time. To view all ports, do not specify a port. Port numbers are entered in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command displays the operating statistics for a port on the switch.
Chapter 9 MAC Address Table Commands This chapter contains the following commands: “ADD SWITCH FDB|FILTER” on page 152 “DELETE SWITCH FDB|FILTER” on page 154 “RESET SWITCH FDB” on page 156 “SET SWITCH AGINGTIMER|AGEINGTIMER” on page 157 “SHOW SWITCH AGINGTIMER|AGEINGTIMER” on page 158 “SHOW SWITCH FDB” on page 159 Note Remember to save your changes with the SAVE CONFIGURATION command.
Chapter 9: MAC Address Table Commands ADD SWITCH FDB|FILTER Syntax add switch fdb|filter destaddress|macaddress=macaddress port=port vlan=name|vid Note The FDB and FILTER keywords are equivalent. Parameters destaddress or macaddress Specifies the static unicast or multicast address to be added to the stack’s MAC address table. The parameters are equivalent. The address can be entered in either of the following formats: xxxxxxxxxxxx or xx:xx:xx:xx:xx:xx port Specifies the port(s) for the MAC address.
AT-S63 Stack Command Line User’s Guide Examples This command adds the static MAC address 00:A0:D2:18:1A:11 to port 1.7 in the Default_VLAN: add switch fdb macaddress=00A0D2181A11 port=1.7 vlan=default_vlan This command adds the multicast MAC address 01:00:51:00:00 10 to ports 2.1 to 2.5 in the Engineering VLAN: add switch fdb macaddress=010051000010 port=2.1-2.
Chapter 9: MAC Address Table Commands DELETE SWITCH FDB|FILTER Syntax delete switch fdb|filter macaddress|destaddress=macaddress vlan=name|vid type|status=static|staticunicast|staticmulticast|dynamic| dynamicunicast|dynamicmulticast Note The FDB and FILTER keywords are equivalent. Parameters macaddress or Deletes a dynamic or static unicast or multicast MAC destaddress address from the MAC address table.
AT-S63 Stack Command Line User’s Guide Description This command deletes dynamic and static unicast and multicast addresses from the stack’s MAC address table. Note You cannot delete a stack’s MAC address, an STP BPDU MAC address, or a broadcast address. Examples The following command deletes the static MAC address 00:A0:D2:18:1A:11 from the table.
Chapter 9: MAC Address Table Commands RESET SWITCH FDB Syntax reset switch fdb [port=port] Parameter port Specifies the port whose dynamic MAC addresses are to be deleted from the MAC address table. You can specify more than one port at a time. Port numbers must be specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command deletes all of the dynamic MAC addresses learned by the entire stack or on a specific port.
AT-S63 Stack Command Line User’s Guide SET SWITCH AGINGTIMER|AGEINGTIMER Syntax set switch agingtimer|ageingtimer=value Parameter agingtimer or ageingtimer Specifies the aging timer for the MAC address table. The value is in seconds. The range is 0 to 1048575. The default is 300 seconds (5 minutes). The parameters are equivalent. Description The stack uses the aging timer to delete inactive dynamic MAC addresses from the MAC address table in the master switch.
Chapter 9: MAC Address Table Commands SHOW SWITCH AGINGTIMER|AGEINGTIMER Syntax show switch agingtimer|ageingtimer Parameters None. Description This command displays the current setting for the aging timer. The stack uses the aging timer to delete inactive dynamic MAC addresses from the MAC address table. To set the aging timer, refer to “SET SWITCH AGINGTIMER|AGEINGTIMER” on page 157. Figure 16 illustrates the information displayed by this command. Aging interval: 300 second(s) Figure 16.
AT-S63 Stack Command Line User’s Guide SHOW SWITCH FDB Syntax show switch fdb [macaddress|destaddress=macaddress] [port=port] [type|status=static|staticunicast| staticmulticast|dynamic|dynamicunicast|dynamicmulticast] [vlan=name] Parameters address Specifies a MAC address. Use this parameter to determine the port on the stack where a particular MAC address was learned (dynamic) or assigned (static).
Chapter 9: MAC Address Table Commands Note You can specify more than one parameter at a time with this command. Description This command displays the unicast and multicast MAC addresses learned or assigned to the ports on the stack and stored in the stack’s MAC address table. Figure 17 is an example. Switch Forwarding Database Total Number of MAC Addresses: 121 VLAN ID MAC Address Port Status -----------------------------------------------------------0 01:80:C1:00:02:01 1.
AT-S63 Stack Command Line User’s Guide Figure 18 is an example of a multicast address. Multicast Switch Forwarding Database Total Number of MCAST MAC Addresses: 1 MAC Address VLANID Type Port Maps (U:Untagged T:Tagged) ---------------------------------------------------------------01:00:51:00:00:01 1 Static U:2.1-2.4 T: Figure 18. SHOW SWITCH FDB Command - Multicast Addresses The columns are defined here: MAC Address - The static or dynamic unicast MAC address.
Chapter 9: MAC Address Table Commands The following command displays the MAC addresses learned on the ports in the Sales VLAN: show switch fdb vlan=sales The following command displays the static MAC addresses on port 2.17: show switch fdb port=2.
Chapter 10 Static Port Trunking Commands This chapter contains the following commands: “Overview” on page 164 “ADD SWITCH TRUNK” on page 166 “CREATE SWITCH TRUNK” on page 168 “DELETE SWITCH TRUNK” on page 170 “DESTROY SWITCH TRUNK” on page 171 “SET SWITCH TRUNK” on page 172 “SHOW SWITCH TRUNK” on page 173 Note Remember to save your changes with the SAVE CONFIGURATION command.
Chapter 10: Static Port Trunking Commands Overview A static port trunk is a group of two to eight ports that function as a single virtual link between the stack and another network device. A static port trunk distributes the traffic across its ports to improve performance and enhance reliability by reducing the reliance on a single physical link. A static port trunk is easy to configure. You simply designate the ports of the trunk and the management software automatically groups them together.
AT-S63 Stack Command Line User’s Guide Section I: Basic Operations The switch selects the lowest numbered port in the trunk to handle broadcast packets and packets of unknown destination. For example, a trunk of ports 2.11 to 2.15 would use port 2.11 for broadcast packets.
Chapter 10: Static Port Trunking Commands ADD SWITCH TRUNK Syntax add switch trunk=name [tgid=id_number] port=port Parameters trunk Specifies the name of the static port trunk to be modified. tgid Specifies the ID number of the static port trunk to be modified. The range is 1 to 6. This parameter is optional. port Specifies the port to be added to the port trunk. You can add more than one port at a time. Port numbers are specified in the following format: module ID.
AT-S63 Stack Command Line User’s Guide Note A port that already belongs to a static port trunk must be removed from its current assignment before it can be added to another port trunk. To remove a port from a trunk, see “DELETE SWITCH TRUNK” on page 170. Example The following command adds port 1.5 to a port trunk called load22: add switch trunk=load22 port=1.
Chapter 10: Static Port Trunking Commands CREATE SWITCH TRUNK Syntax create switch trunk=name port=ports [select=macsrc|macdest|macboth|ipsrc|ipdest|ipboth] Parameters trunk Specifies the name of the trunk. The name can be up to 16 alphanumeric characters. No spaces or special characters are allowed. port Specifies the ports to be added to the port trunk. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42.
AT-S63 Stack Command Line User’s Guide Caution Do not connect the cables to the trunk ports on the devices until after you have created the trunk in the management software. Connecting the cables before configuring the software will create a loop in your network topology. Data loops can result in broadcast storms and poor network performance. Note Before creating a static port trunk, examine the speed, duplex mode, and flow control settings of the lowest numbered port to be in the trunk.
Chapter 10: Static Port Trunking Commands DELETE SWITCH TRUNK Syntax delete switch trunk=name port=port Parameters trunk Specifies the name of the static port trunk to be modified. port Specifies the port to be removed from the existing port trunk. You can specify more than one port at a time. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command removes ports from a static port trunk.
AT-S63 Stack Command Line User’s Guide DESTROY SWITCH TRUNK Syntax destroy switch trunk=name Parameter trunk Specifies the name of the trunk to be deleted. Description This command deletes a static port trunk from a stack. After a port trunk has been deleted, the ports that made up the trunk can be connected to different end nodes. Caution Disconnect the cables from the port trunk on the stack before destroying the trunk.
Chapter 10: Static Port Trunking Commands SET SWITCH TRUNK Syntax set switch trunk=name select=macsrc|macdest|macboth|ipsrc|ipdest|ipboth Parameters trunk Specifies the name of the static port trunk. select Specifies the load distribution method. Options are: macsrc Source MAC address. macdest Destination MAC address. macboth Source address/destination MAC address. ipsrc Source IP address. ipdest Destination IP address. ipboth Source address/destination IP address.
AT-S63 Stack Command Line User’s Guide SHOW SWITCH TRUNK Syntax show switch trunk Parameters None. Description This command displays the names, ports, and load distribution methods of the static port trunks on the stack. An example of the command is shown in Figure 19. Trunk group ID ............ Trunk status ........... Trunk group name ....... Trunk method ........... Ports .................. 2 UP Server11 SRC/DST MAC 2.12-2.16 Figure 19.
Chapter 10: Static Port Trunking Commands Example The following command displays port trunking information: show switch trunk 174 Section I: Basic Operations
Chapter 11 LACP Port Trunking Commands This chapter contains the following commands: “ADD LACP PORT” on page 176 “CREATE LACP AGGREGATOR” on page 178 “DELETE LACP PORT” on page 180 “DESTROY LACP AGGREGATOR” on page 181 “DISABLE LACP” on page 182 “ENABLE LACP” on page 183 “SET LACP AGGREGATOR” on page 184 “SET LACP SYSPRIORITY” on page 186 “SET LACP STATE” on page 187 “SHOW LACP” on page 188 Note Remember to save your changes with the SAVE CONFIGURATION command.
Chapter 11: LACP Port Trunking Commands ADD LACP PORT Syntax add lacp aggregator=name port=port Parameters aggregator Specifies the name of the aggregator. The name is case-sensitive. port Specifies the port(s) to be added to the aggregator. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command adds ports to an existing aggregator. You must identify the aggregator by its name.
AT-S63 Stack Command Line User’s Guide Examples The following command adds ports 1.8 and 2.22 to an aggregator named “agg_1”: add lacp aggregator=agg_1 port=1.8,2.
Chapter 11: LACP Port Trunking Commands CREATE LACP AGGREGATOR Syntax create lacp aggregator=name|adminkey=0xkey port=port [distribution=macsrc|macdest|macboth|ipsrc|ipdest|ipboth] Parameters aggregator Specifies a name for the new aggregator. The name can be up to 20 alphanumeric characters. No spaces or special characters are allowed. If no name is specified, the default name is DEFAULT_AGG followed by a number. adminkey Specifies an adminkey number for the aggregator.
AT-S63 Stack Command Line User’s Guide Description This command creates an LACP aggregator. Note the following when creating a new aggregator: You can specify either a name or an adminkey but not both when creating a new aggregator. When you create a new aggregator by specifying a name, the adminkey is based on the operator key of the lowest numbered port in the aggregator.
Chapter 11: LACP Port Trunking Commands DELETE LACP PORT Syntax delete lacp aggregator=name port=port Parameters aggregator Specifies the name of the aggregator. The name is case-sensitive. port Specifies the port(s) to be removed from the aggregator. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command removes a port from an aggregator. You must identify the aggregator by its name.
AT-S63 Stack Command Line User’s Guide DESTROY LACP AGGREGATOR Syntax destroy lacp aggregator=name|adminkey=0xkey Parameter aggregator Specifies the name of the aggregator. The name is case-sensitive. adminkey Specifies the adminkey number of the aggregator. This is a hexadecimal number between 0x1 and 0xffff. Description This command deletes an LACP aggregator from the switch. You can identify the aggregator by its name or adminkey number.
Chapter 11: LACP Port Trunking Commands DISABLE LACP Syntax disable lacp Parameters None. Description This command disables LACP on the switch. The default is disabled. Caution Do not disable LACP if there are defined aggregators without first disconnecting all cables connected to the aggregate trunk ports. Otherwise, a network loop may occur, resulting in a broadcast storm and poor network performance.
AT-S63 Stack Command Line User’s Guide ENABLE LACP Syntax enable lacp Parameters None. Description This command activates LACP on the switch. The default is disabled. Example The following command activates LACP: enable lacp Equivalent Command set lacp state=enable For information, see “SET LACP STATE” on page 187.
Chapter 11: LACP Port Trunking Commands SET LACP AGGREGATOR Syntax set lacp aggregator=name|adminkey=key [distribution=macsrc|macdest|macboth|ipsrc|ipdest|ipboth] Parameters aggregator Specifies the name of the aggregator you want to modify. The name is case-sensitive. adminkey Specifies the adminkey number of the aggregator you want to modify. This is a hexadecimal number between 0x1 and 0xffff. distribution Specifies one of the following load distribution methods: macsrc Source MAC address.
AT-S63 Stack Command Line User’s Guide The following command changes the load distribution method of an LACP aggregator with the adminkey 0x22 to the destination MAC address method: set lacp adminkey=0x22 distribution=macdest Section I: Basic Operations 185
Chapter 11: LACP Port Trunking Commands SET LACP SYSPRIORITY Syntax set lacp syspriority=0xpriority Parameters syspriority Specifies the LACP system priority value for a switch. This is a hexadecimal value from 0x1 to 0xffff. The lower the number, the higher the priority. The default is 0x0080. Description This command sets the LACP priority of the switch. LACP uses the priority to resolve conflicts between two switches to decide which switch makes the decision about which ports to aggregate.
AT-S63 Stack Command Line User’s Guide SET LACP STATE Syntax set lacp state=enable|disable Parameters state Specifies the state of LACP on the switch. The options are: enable Enables LACP. disable Disables LACP. This is the default. Description This command enables or disables LACP on the switch. Caution Do not disable LACP if there are defined aggregators without first disconnecting all cables connected to the aggregate trunk ports.
Chapter 11: LACP Port Trunking Commands SHOW LACP Syntax show lacp [port=port] [aggregator] [machine=port] Parameter port Specifies the port(s) to display. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. aggregator Displays information about the aggregators. machine Specifies the LACP machine state for a port or ports on the system.
AT-S63 Stack Command Line User’s Guide The PORT parameter displays LACP port information. Figure 21 illustrates the information displayed by this parameter. For definitions, refer to the IEEE 802.3ad standard. Port ............. 05 Aggregator ....... LACP sw22 ACTOR PARTNER ============================================ Actor Port ............. 05 Partner Port ......... Selected ............... SELECTED Partner System ....... Oper Key ............... 0xf705 Oper Key ............ Oper Port Priority ....
Chapter 11: LACP Port Trunking Commands The following command displays the configuration of the aggregators on the system: show lacp aggregator The following command displays the LACP machine states for each port on the system: show lacp machine 190 Section I: Basic Operations
Chapter 12 Port Mirroring Commands This chapter contains the following commands: “Overview” on page 192 “SET SWITCH MIRROR” on page 193 “SET SWITCH PORT MIRROR” on page 194 “SHOW SWITCH MIRROR” on page 195 Note Remember to save your changes with the SAVE CONFIGURATION command.
Chapter 12: Port Mirroring Commands Overview The port mirror feature allows you to unobtrusive monitor the ingress or egress traffic on one or more ports on a stack by copying the traffic to another stack port. By connecting a network analyzer to the port where the traffic is being copied to, you can monitor the traffic on the other ports without impacting network performance or speed. The port(s) whose traffic you want to mirror is called the source port(s).
AT-S63 Stack Command Line User’s Guide SET SWITCH MIRROR Syntax set switch mirror=port Parameter mirror Specifies the destination port for the port mirror, where the traffic from the source ports is copied. A stack can have only one destination port. To stop port mirroring and free the destination port for use as a normal networking port, specifying “0” (zero) as the destination port. Port numbers are specified in the following format: module ID.
Chapter 12: Port Mirroring Commands SET SWITCH PORT MIRROR Syntax set switch port=port mirror=none|rx|tx|both Parameters port Specifies the source port of a port mirror. You can specify more than one port. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. mirror Specifies which traffic on the source ports is to be mirrored to the destination port. The options are: rx Specifies ingress mirroring.
AT-S63 Stack Command Line User’s Guide SHOW SWITCH MIRROR Syntax show switch mirror Parameters None. Description This command displays the source and destination ports of a port mirror on the stack. An example is shown in Figure 23. Port Mirroring: Mirroring State ..................... Mirror-To (Destination) Port ........ Ingress (Rx) Mirror (Source) Ports .. Egress (Tx) Mirror (Source) Ports ... Enabled 1.22 2.1,2.3 2.1,2.3,5.11-5.13 Figure 23.
Chapter 12: Port Mirroring Commands 196 Section I: Basic Operations
Section II Advanced Operations The chapters in this section include: Section II: Advanced Operations Chapter 13, “File System Commands” on page 199 Chapter 14, “File Download and Upload Commands” on page 215 Chapter 15, “Event Log and Syslog Client Commands” on page 235 Chapter 16, “Class of Service (CoS) Commands” on page 263 197
Section II: Advanced Operations
Chapter 13 File System Commands This chapter contains the following commands: “Overview” on page 200 “COPY” on page 201 “CREATE CONFIG” on page 203 “DELETE FILE” on page 204 “FORMAT DEVICE” on page 205 “RENAME” on page 206 “SET CFLASH DIR” on page 208 “SET CONFIG” on page 209 “SHOW CFLASH” on page 211 “SHOW CONFIG” on page 212 “SHOW FILE” on page 213 “SHOW FLASH” on page 214 Note The master switch’s file system is the only active file system in a stack.
Chapter 13: File System Commands Overview You can use the commands in this chapter to manage the files in the file system in the master switch of the stack. For example, you might create a backup copy of an configuration file or delete obsolete files. The file systems on the member switches of a stack are inactive and cannot be accessed with these command. For further information about the switch’s file system, refer to the AT-S63 Management Software Features Guide.
AT-S63 Stack Command Line User’s Guide COPY Syntax copy [cflash:]sourcefile.ext [cflash:]destinationfile.ext Parameters sourcefile.ext Specifies the name of the source file. If the file is stored on a compact memory flash card, precede the name with “cflash:”. If the filename contains spaces, enclose it in double quotes. Otherwise, the quotes are optional. destinationfile.ext Specifies the name of the destination file. To store the copy on a compact memory flash card, precede the name with “cflash:”.
Chapter 13: File System Commands Table 3. File Extensions and File Types Extension File Type .csr Certificate enrollment request .key Public encryption key .log Event log Examples The following command creates a copy of the configuration file “admin.cfg” in the master switch’s file system and names the copy “admin2.cfg”: copy admin.cfg admin2.cfg The following command creates a copy of the configuration file “stack 12.cfg” in the file system and names the copy “backup.cfg”: copy "stack 12.
AT-S63 Stack Command Line User’s Guide CREATE CONFIG Syntax create config=[cflash:]filename.cfg Parameter config Specifies the name of a new configuration file. If the filename contains spaces, enclose it in double quotes. Otherwise, the quotes are optional. To store the configuration file on a flash memory card, precede the name with “cflash:”. Description This command creates a new configuration file in the file system of the master switch.
Chapter 13: File System Commands DELETE FILE Syntax delete file=[cflash:]filename Parameter file Specifies the name of the file to be deleted. A name with spaces must be enclosed in double quotes. Otherwise, the quotes are optional. If the file is stored on a compact memory flash card, precede the name with “cflash:”. Description This command deletes a file from the file system or from a compact flash memory card in the master switch.
AT-S63 Stack Command Line User’s Guide FORMAT DEVICE Syntax format device=flash Parameter device Specifies the device to format. The only option is “Flash” for the master switch’s file system. Description This command formats the flash memory in the master switch. Caution Formatting the flash memory deletes ALL files from the file system in the master switch, including the active configuration file and encryption keys.
Chapter 13: File System Commands RENAME Syntax rename [cflash:]filename1.ext [cflash:]filename2.ext Parameters filename1.ext Specifies the name of the file to be renamed. If the name contains spaces, enclose it in double quotes. Otherwise, the quotes are optional. If the file is stored on a compact memory card, precede the name with “cflash:”. filename2.ext Specifies the new name for the file. The filename can be from 1 to 16 alphanumeric characters, not including the filename extension.
AT-S63 Stack Command Line User’s Guide system to “Stack 44a.cfg”: rename Stack12.cfg "Stack 44a.cfg" This command renames the file “sales_stack.cfg” on a flash memory card in the master switch to “sales 5 stack.cfg”: rename cflash:sales_stack.cfg cflash:”sales 5 stack.
Chapter 13: File System Commands SET CFLASH DIR Syntax set cflash dir=directory Parameter dir Specifies the directory path. Description This command changes the current directory on the compact flash card in the master switch. Note You cannot create directories on a compact flash card with the AT-S63 Management Software.
AT-S63 Stack Command Line User’s Guide SET CONFIG Syntax set config=[cflash:]filename.cfg|none Parameter config Specifies the name of the configuration file to act as the active configuration file on the stack. The name can be from 1 to 16 alphanumeric characters, not including the extension “.cfg”. If the filename contains spaces, enclose it in double quotes. Description This command specifies the active configuration file on the master switch.
Chapter 13: File System Commands – To be able to save configuration changes again, you must assign a new active boot configuration file. If the master switch has a flash memory card, you can specify a configuration file on a flash card as the active boot configuration file. However, the configuration file is not copied to the master switch’s file system, but is instead used and updated directly from the card.
AT-S63 Stack Command Line User’s Guide SHOW CFLASH Syntax show cflash Parameter None Description This command displays information about the compact flash card in the master switch. The information includes the current directory, the number of files, how much space is used, and amount of space available. An example is shown in Figure 24. Compact Flash: --------------------------------------------------Current Directory: \ Number of files ............ 6 Number of directories ...... 3 Bytes used ..........
Chapter 13: File System Commands SHOW CONFIG Syntax show config [dynamic] Parameter dynamic Displays the stack’s parameter settings in command line format. Description This command, when used without the DYNAMIC parameter, displays two pieces of information. An example is shown in Figure 25. Boot configuration file .............. "SalesSt4a.cfg" (Exists) Current configuration ................ "SalesSt4a.cfg" Figure 25.
AT-S63 Stack Command Line User’s Guide SHOW FILE Syntax show file[=[cflash:]filename.ext] Parameter file Specifies the name of the file to be displayed. Use double quotes to enclose the name if it contains spaces. Otherwise, the quotes are optional. To view a file on a flash memory card, precede the name with “cflash”. If you do not specify a file name, the command displays a list of all files in flash memory as well as on the compact flash card.
Chapter 13: File System Commands SHOW FLASH Syntax show flash Parameter None Description This command displays information about the file system in the master switch. The information includes the number of files, how much space is used, and the amount of space available. An example is shown in Figure 26. Flash: --------------------------------------------------------Files .............. 12288 bytes (5 files) Free .............. 8211456 bytes Total ..............
Chapter 14 File Download and Upload Commands This chapter contains the following commands: “LOAD METHOD=LOCAL” on page 216 “LOAD METHOD=TFTP” on page 218 “LOAD METHOD=XMODEM” on page 223 “UPLOAD METHOD=LOCAL” on page 227 “UPLOAD METHOD=TFTP” on page 229 “UPLOAD METHOD=XMODEM” on page 232 215
Chapter 14: File Download and Upload Commands LOAD METHOD=LOCAL Syntax load method=local destfile=appblock srcfile|file=[cflash:]filename Parameters method Specifies a local download. destfile Specifies the application block (APPBLOCK) of the switch’s flash memory. This is the area of memory reserved for the switch’s active AT-S63 image file. srcfile or file Specifies the filename of the AT-S63 image file in the file system to be downloaded into the application block.
AT-S63 Stack Command Line User’s Guide Use the SRCFILE or FILE parameter to specify the name of the AT-S63 image file in the switch’s file system or on the compact flash card. The current configuration of a switch is retained when a new AT-S63 software image is copied to the application block. After downloading an image file into the application block, you can delete the image file from the file system or compact flash card to free up space for other files.
Chapter 14: File Download and Upload Commands LOAD METHOD=TFTP Syntax load method=tftp destfile=[cflash:]filename|appblock server=ipaddress srcfile|file=filename Parameters method Specifies a TFTP download. destfile Specifies the destination filename for the file. This is the name given to the file when it is stored in the switch’s file system. The name can be from 1 to 15 alphanumeric characters, not including the three-letter extension. If the name includes spaces, enclose it in double quotes.
AT-S63 Stack Command Line User’s Guide The DESTFILE parameter specifies a name for the file when it is stored in the file system or a flash memory card in the switch. Enclose the name in double quotes if it contains a space. When specifying the new name of a downloaded file, be sure to give it the correct three-letter extension that corresponds to its file type. The extensions are shown in Table 4. Table 4. File Name Extensions - Downloading Files Extension File Type .cfg AT-S63 configuration file .
Chapter 14: File Download and Upload Commands You should start the TFTP server software before performing the download command. For AT-9400 Switches running AT-S63 version 2.0.0 or later, the switch must have a routing interface on the local subnet from where it reaches the TFTP server. The switch uses the interface’s IP address as its source address during the file transfer with the server.
AT-S63 Stack Command Line User’s Guide Note Downloading an AT-S63 image file into a switch’s file system rather than into the application block should be perform with care. The file will take up 2 megabytes of space in the file system. If you download a file onto a flash memory card in the switch and later want to copy the file from the card to a switch’s file system, refer to “COPY” on page 201.
Chapter 14: File Download and Upload Commands Since the file is downloaded to the switch’s file system and not to the application block, it is not used as the switch’s active image file. If at some point in the future you want to make it the active image file, refer to “UPLOAD METHOD=LOCAL” on page 227. This command downloads a configuration file called “sw12.cfg onto a flash memory card in the switch. The configuration file retains the same name when stored on the card.
AT-S63 Stack Command Line User’s Guide LOAD METHOD=XMODEM Syntax load method=xmodem destfile=[cflash:]filename|appblock Parameters method Specifies an Xmodem download. destfile Specifies the destination filename for the file. This is the name given to the file when it is stored in the switch’s file system. The name can be from 1 to 15 alphanumeric characters, not including the three-letter extension. If the name includes spaces, enclose it in double quotes.
Chapter 14: File Download and Upload Commands The APPBLOCK option of the DESTFILE parameter refers to the switch’s application block, which is the portion of flash memory reserved for the active AT-S63 image. This option downloads a new version of the AT-S63 image file into the application block, making it the active image file on the switch. Note The APPBLOCK option should only be used when downloading a new AT-S63 image file, and not with any other file type.
AT-S63 Stack Command Line User’s Guide configuration. If the switch has a static address, the interface is assigned the same address. If the unit obtained its IP configuration from a DHCP or BOOTP server, the interface is created with its DHCP or BOOTP client activated. The interface is given the interface number 0 and assigned to the preexisting management VLAN. Furthermore, the interface is designated as the local interface on the switch. For example, if the switch has the static IP address 149.44.44.
Chapter 14: File Download and Upload Commands load method=xmodem destfile=cflash:product_sw.cfg The following command downloads a new version of the AT-S63 image file to the switch’s file system instead of the application block. It does this by replacing the APPBLOCK option with a filename, in this case “ats63v1_2_0.img”. The image file is stored in the switch’s file system with this name: load method=xmodem destfile=ats63v1_2_0.
AT-S63 Stack Command Line User’s Guide UPLOAD METHOD=LOCAL Syntax upload method=local destfile=[cflash:]filename srcfile|file=appblock Parameters method Specifies a local upload. destfile Specifies a filename for the AT-S63 image file. If the name contains spaces, enclose the name in quotes. To upload the active image file to a flash memory card in the switch, precede the name with “cflash:”. srcfile or file Specifies the application block (APPBLOCK), where the active AT-S63 image file is stored.
Chapter 14: File Download and Upload Commands upload method=local destfile=cflash:s63.
AT-S63 Stack Command Line User’s Guide UPLOAD METHOD=TFTP Syntax upload method=tftp destfile=filename server=ipaddress srcfile|file=switchcfg|[cflash:]filename|appblock Parameters method Specifies a TFTP upload. destfile Specifies a filename for the uploaded file. This is the name given the file when it is stored on the TFTP server. If the name contains spaces, enclose it in quotes. server Specifies the IP address of the network node containing the TFTP server software.
Chapter 14: File Download and Upload Commands Start the TFTP server software before you perform the command. The switch must have a routing interface on the local subnet from where it is reaching the TFTP server. The switch uses the interface’s IP address as its source address during the file transfer with the server. The server can be located on any interface on the switch, not just the local interface.
AT-S63 Stack Command Line User’s Guide Examples The following command uses TFTP to upload a configuration file called “sw22 boot.cfg” from the switch’s file system to a TFTP server with an IP address of 149.88.88.88. The command stores the file on the server with the same name that it has on the switch: upload method=tftp destfile="sw22 boot.cfg" server=149.88.88.88 srcfile="sw22 boot.
Chapter 14: File Download and Upload Commands UPLOAD METHOD=XMODEM Syntax upload method=xmodem srcfile|file=switchcfg|[cflash:]filename|appblock Parameters method Specifies an Xmodem upload. srcfile or file Specifies the file to be uploaded. Options are: switchcfg Uploads the switch’s active boot configuration file. filename Specifies the name of a file to upload from the switch’s file system or compact flash card. If the file is stored on a compact flash card, precede the name with “cflash:”.
AT-S63 Stack Command Line User’s Guide filename - Uploads a file from the switch’s file system or a compact flash memory card. This differs from the SWITCHCFG parameter in that the latter can upload just the active boot configuration file, while this parameter can upload any file on the switch. If the file is stored on a flash memory card in the switch, precede the filename with “cflash:”. APPBLOCK - Uploads the switch’s active AT-S63 image file.
Chapter 14: File Download and Upload Commands 234 Section II: Advanced Operations
Chapter 15 Event Log and Syslog Client Commands This chapter contains the following commands: “ADD LOG OUTPUT” on page 236 “CREATE LOG OUTPUT” on page 238 “DESTROY LOG OUTPUT” on page 242 “DISABLE LOG” on page 243 “DISABLE LOG OUTPUT” on page 244 “ENABLE LOG” on page 245 “ENABLE LOG OUTPUT” on page 246 “PURGE LOG” on page 247 “SAVE LOG” on page 248 “SET LOG FULLACTION” on page 250 “SET LOG OUTPUT” on page 251 “SHOW LOG” on page 254 “SHOW LOG OUTPUT” on pa
Chapter 15: Event Log and Syslog Client Commands ADD LOG OUTPUT Syntax add log output=output-id module=[all|module] severity=[all|severity] Parameters output Specifies the output definition ID number. module Specifies what AT-S63 events to filter. The available options are: severity all Sends events for all modules. This is the default. module Sends events for specific module(s). You can select more than one module at a time, for example, MAC,PACCESS.
AT-S63 Stack Command Line User’s Guide The second step is to customize the definition by specifying which event messages are to be sent. This is accomplished with this command. You can customize the definition so that the stack sends all of its event messages or just events from particular modules in the AT-S63 Management Software. An alternative method to configuring a definition is with “SET LOG OUTPUT” on page 251. Note The default configuration for a new output definition is no event messages.
Chapter 15: Event Log and Syslog Client Commands CREATE LOG OUTPUT Syntax create log output=output-id destination=syslog server=ipaddress [facility=default|local1|local2|local3|local4|local5|local6 |local7] [syslogformat=extended|normal] Parameters output destination Specifies an ID number that identifies the output definition. The possible output IDs are: 0 Reserved for permanent (nonvolatile) storage. You cannot change or delete this ID. 1 Reserved for temporary (dynamic) storage.
AT-S63 Stack Command Line User’s Guide syslogformat Specifies the format of the generated messages. The possible options are: extended Messages include the date, time, and system name. This is the default. normal Messages do not include the date, time, and system name. Description This command creates a new output definition. The stack uses the definition to send event messages to a device on your network. You can create up to nineteen output definitions.
Chapter 15: Event Log and Syslog Client Commands The FACILITY parameter adds a numerical code to the entries as they are sent to the syslog server so that the entries are grouped on the server according to the source device. This is of particular value when a syslog server is collecting events from several difference network devices. You can specify only one facility level for a syslog server definition. There are two approaches to using this parameter. The first is to use the DEFAULT option.
AT-S63 Stack Command Line User’s Guide Table 7. Numerical Code and Facility Level Mappings Facility Level Setting Numerical Code LOCAL1 17 LOCAL2 18 LOCAL3 19 LOCAL4 20 LOCAL5 21 LOCAL6 22 LOCAL7 23 The SYSLOGFORMAT parameter defines the content of the events. Examples The following command creates a definition for a syslog server with the IP address 149.65.10.22.
Chapter 15: Event Log and Syslog Client Commands DESTROY LOG OUTPUT Syntax destroy log output=output-id Parameters output Specifies the output definition ID number. Description This command deletes an output definition. To disable the output definition without deleting it, see “DISABLE LOG OUTPUT” on page 244.
AT-S63 Stack Command Line User’s Guide DISABLE LOG Syntax disable log Parameters None. Description This command disables the event log module. When the log module is disabled, the AT-S63 Management Software stops storing events in the event logs and sending events to output definitions. The default setting for the event logs is enabled. Note The event log module, even when disabled, still logs all AT-S63 initialization events that occur when the stack is reset or power cycled.
Chapter 15: Event Log and Syslog Client Commands DISABLE LOG OUTPUT Syntax disable log output[=output-id] Parameters output Specifies the output definition ID number to disable. Not specifying an output definition disables all definitions. Description This command disables an output definition. When disabled, no event messages are sent to the specified device, although the definition still exists. To permanently remove an output definition, see “DESTROY LOG OUTPUT” on page 242.
AT-S63 Stack Command Line User’s Guide ENABLE LOG Syntax enable log Parameters None. Description This command activates the event logs. After the log is activated, the switch immediately starts to store events in the event logs and send events to defined outputs. The default setting for the event log is enabled.
Chapter 15: Event Log and Syslog Client Commands ENABLE LOG OUTPUT Syntax enable log output[=output-id] Parameters output Specifies the output definition ID number to enable. The range is 2 to 20. Description This command enables an output definition that was disabled using “DISABLE LOG OUTPUT” on page 244.
AT-S63 Stack Command Line User’s Guide PURGE LOG Syntax purge log[=permanent|temporary] Parameter log Specifies the event log to be purged. The options are: permanent Permanent (nonvolatile) memory. Deletes all of the events in the event log in nonvolatile memory, which can contain up to 2,000 events. temporary Temporary memory. Deletes all of the events in the event log in temporary memory, which can contain up to 4,000 events. This is the default if you do not specify the “permanent” option.
Chapter 15: Event Log and Syslog Client Commands SAVE LOG Syntax save log[=permanent|temporary] filename=filename.log [full] [module=module] [reverse] [severity=all|severity] [overwrite] Parameters log Specifies the source of the events you want to save to the log file. The options are: permanent Permanent (nonvolatile) memory. Saves events stored in nonvolatile memory, which can contain up to 2,000 events. temporary Temporary memory.
AT-S63 Stack Command Line User’s Guide severity overwrite Saves events of a particular severity. Choices are I for Informational, E for Error, W for Warning, and D for Debug. You can select more than one severity at a time (for example, E,W). For a definition of the severity levels, see Table 9, “Event Log Severity Levels” on page 257. The default is E, W, I. Overwrites the file if it already exists.
Chapter 15: Event Log and Syslog Client Commands SET LOG FULLACTION Syntax set log fullaction [temporary=halt|wrap] [permanent=halt|wrap] Parameters fullaction Specifies what happens when a log reaches maximum capacity. You can set the action separately for each log. The possible actions are: halt The log stops storing new events. wrap The log deletes the oldest entries as new ones are added. This is the default.
AT-S63 Stack Command Line User’s Guide SET LOG OUTPUT Syntax set log output=output-id [destination=syslog] server=ipaddress [facility=default|local1|local2|local3|local4|local5|local6 |local7] [syslogformat=extended|normal] [module=all|module] [severity=all|severity-list] Parameters output destination Specifies an ID number that identifies the output definition to be modified. The possible output IDs are: 0 Reserved for permanent (nonvolatile) storage. You cannot change or delete this ID.
Chapter 15: Event Log and Syslog Client Commands syslogformat module severity Specifies the format of the generated messages. The possible options are: extended Messages include the date, time, and system name. This is the default. normal Messages do not include the date, time, and system name. Specifies what AT-S63 events to filter. The available options are: all Sends events for all modules. This is the default. module Sends events for specific module(s).
AT-S63 Stack Command Line User’s Guide Examples The following command changes the IP address for output definition number 5 to 149.55.55.55: set log output=5 server=149.55.55.55 The following command modifies output definition number 6 to only send messages from the RADIUS module of all severity levels: set log output=6 module=radius severity=all The following command changes the facility level and message format for output definition 4.
Chapter 15: Event Log and Syslog Client Commands SHOW LOG Syntax show log[=permanent|temporary] [full] [module=module] [reverse] [severity=severity] Parameters log 254 Specifies which of the two event logs you want to view. The options are: permanent Displays the events stored in permanent memory. temporary Displays the events stored in temporary memory. This is the default. full Specifies the amount of information displayed by the log.
AT-S63 Stack Command Line User’s Guide Description This command displays the entries stored in an event log. An event log can display entries in two modes: normal and full. In the normal mode, a log displays the time, module, severity, and description for each entry. In the full mode, a log also displays the filename, line number, and event ID. If you want to view the entries in the full mode, use the FULL parameter. To view entries in the normal mode, omit the parameter.
Chapter 15: Event Log and Syslog Client Commands Table 8.
AT-S63 Stack Command Line User’s Guide Table 9. Event Log Severity Levels Value Severity Level Description E Error Stack operation is severely impaired. W Warning An issue may require manager attention. I Informational Useful information that can be ignored during normal operation. D Debug Messages intended for technical support and software development. An example of the event log is shown in Figure 27. The example uses the full display mode.
Chapter 15: Event Log and Syslog Client Commands Examples The following command displays all the entries in the event log stored in permanent memory: show log=permanent The following command displays the events stored in temporary memory in the full display mode, which adds more information: show log=temporary full The following command displays only those entries stored in temporary memory and associated with the AT-S63 modules FILE and QOS: show log=permanent module=file,qos The following command disp
AT-S63 Stack Command Line User’s Guide SHOW LOG OUTPUT Syntax show log output[=output-id] [full] Parameters output Specifies the output definition ID number. If an output ID number is not specified, all output definitions on the stack are displayed. full Displays the details of the output definition. If not specified, only a summary is displayed. Description This command displays output definition details. An example of the information displayed by this command is shown in Figure 28.
Chapter 15: Event Log and Syslog Client Commands An example of the information displayed by this command with the FULL parameter is shown in Figure 29. Output ID .................... Output Type .................. Status ....................... Server IP Address ............ Message Format ............... Facility Level ............... Event Severity ............... Event Module ................. 2 Syslog Enabled 149.88.88.88 Extended DEFAULT E,W,I All Figure 29.
AT-S63 Stack Command Line User’s Guide SHOW LOG STATUS Syntax show log status Parameter None. Description This command displays information about the event log feature. Figure 30 is an example of the information displayed by this command. Event Log Configuration: Event Logging .................... Enabled Number of Output Definitions ..... 4 Figure 30. SHOW LOG STATUS Command The Event Logging field indicates whether the feature is enabled or disabled.
Chapter 15: Event Log and Syslog Client Commands 262 Section II: Advanced Operations
Chapter 16 Class of Service (CoS) Commands This chapter contains the following command: “SET SWITCH PORT PRIORITY OVERRIDEPRIORITY” on page 264 Note Remember to save your changes with the SAVE CONFIGURATION command. Note For overview information on this feature, refer to the AT-S63 Management Software Features Guide.
Chapter 16: Class of Service (CoS) Commands SET SWITCH PORT PRIORITY OVERRIDEPRIORITY Syntax set switch port=port [priority=value] [overridepriority=yes|no|on|off|true|false] Parameters port Specifies the port to be configured. You can specify more than one port at a time, but the ports must be of the same medium type (either all twisted pair ports or all fiber optic ports). Port numbers are specified in the following format: module ID.
AT-S63 Stack Command Line User’s Guide This command allows you to override the priority level mappings at the port level by assigning the packets a temporary priority. Note that this assignment is made when a packet is received on the ingress port and before the frame is forwarded to the egress port. Consequently, you need to configure this feature on the ingress port.
Chapter 16: Class of Service (CoS) Commands 266 Section II: Advanced Operations
Section III Snooping Protocol This section has the following chapter: Section III: Snooping Protocol Chapter 17, ”IGMP Snooping Commands” on page 269 267
Section III: Snooping Protocol
Chapter 17 IGMP Snooping Commands This chapter contains the following commands: “DISABLE IGMPSNOOPING” on page 270 “ENABLE IGMPSNOOPING” on page 271 “SET IP IGMP” on page 272 “SHOW IGMPSNOOPING” on page 275 “SHOW IP IGMP” on page 277 Note Remember to save your changes with the SAVE CONFIGURATION command. Note For overview information on this feature, refer to the AT-S63 Management Software Features Guide.
Chapter 17: IGMP Snooping Commands DISABLE IGMPSNOOPING Syntax disable igmpsnooping Parameters None. Description This command deactivates IGMP snooping on the stack. Example The following command deactivates IGMP snooping: disable igmpsnooping Equivalent Command set ip igmp snoopingstatus=disabled For information, refer to “SET IP IGMP” on page 272.
AT-S63 Stack Command Line User’s Guide ENABLE IGMPSNOOPING Syntax enable igmpsnooping Parameters None. Description This command activates IGMP snooping on the stack. Example The following command activates IGMP snooping: enable igmpsnooping Equivalent Command set ip igmp snoopingstatus=enabled For information, refer to “SET IP IGMP” on page 272.
Chapter 17: IGMP Snooping Commands SET IP IGMP Syntax set ip igmp [snoopingstatus=enabled|disabled] [hoststatus=singlehost|multihost] [timeout=value] [numbermulticastgroups=value] [routerport=port|all|none|auto] Parameters snoopingstatus hoststatus timeout Activates and deactivates IGMP snooping on the stack. The options are: enabled Activates IGMP snooping. disabled Deactivates IGMP snooping. This is the default setting. Specifies the IGMP host node topology.
AT-S63 Stack Command Line User’s Guide during the specified time interval, the router is assumed to be no longer active on the port. The actual timeout may be ten seconds less than the specified value. For example, at a setting of 25 seconds host nodes or multicast routers could be labeled as inactive after just 15 seconds. A setting of 10 seconds or less could result in the immediate timeout of inactive host nodes or routers.
Chapter 17: IGMP Snooping Commands Examples The following command activates IGMP snooping, sets the IGMP topology to Multi-Host, and sets the timeout value to 120 seconds: set ip igmp snoopingstatus=enabled hoststatus=multihost timeout=120 The following command changes the topology to Single-Host: set ip igmp hoststatus=singlehost The following command disables IGMP snooping: set ip igmp snoopingstatus=disabled Equivalent Commands disable igmpsnooping For information, refer to “DISABLE IGMPSNOOPING” on
AT-S63 Stack Command Line User’s Guide SHOW IGMPSNOOPING Syntax show igmpsnooping Parameters None. Description This command displays the IGMP parameters. Figure 31 illustrates the information that is displayed by this command. IGMP Snooping Configuration: IGMP Snooping Status ............... Host Topology ...................... Host/Router Timeout Interval ....... Maximum IGMP Multicast Groups ...... Router Port(s) .....................
Chapter 17: IGMP Snooping Commands Examples The following command displays the current IGMP parameter settings: show igmpsnooping Equivalent Command show ip igmp For information, see “SHOW IP IGMP” on page 277.
AT-S63 Stack Command Line User’s Guide SHOW IP IGMP Syntax show ip igmp [hostlist] [routerlist] Parameters hostlist Displays a list of the multicast groups the stack has learned, and the stack ports that are connected to host nodes. For this parameter to display information there have to be active host nodes. routerlist Displays the ports on the stack where multicast routers are detected. This parameter displays information only when there are active multicast routers.
Chapter 17: IGMP Snooping Commands Number of IGMP Multicast Groups: 4 VLAN Port/ IGMP Exp. MulticastGroup ID TrunkID HostIP Ver Time -----------------------------------------------------------01:00:5E:00:01:01 01:00:5E:7F:FF:FA 1 1 6/5/- 01:00:5E:00:00:02 01:00:5E:00:00:09 1 1 17/14/- 172.16.10.51 149.35.200.75 149.35.200.65 149.35.200.69 172.16.10.51 v2 v2 v2 v2 v2 21 11 65 34 32 Figure 33.
AT-S63 Stack Command Line User’s Guide Examples The following command displays the current IGMP parameter settings: show ip igmp The following command displays a list of active host nodes connected to the stack: show ip igmp hostlist The following command displays a list of active multicast routers: show ip igmp routerlist Equivalent Command show igmpsnooping This command does not display the router and host lists. For information, see “SHOW IGMPSNOOPING” on page 275.
Chapter 17: IGMP Snooping Commands 280 Section III: Snooping Protocol
Section IV SNMPv3 This section has the following chapter: Section IV: Spanning Tree Protocols Chapter 18, ”SNMPv3 Commands” on page 283 281
Section IV: Spanning Tree Protocols
Chapter 18 SNMPv3 Commands This chapter contains the following commands: “ADD SNMPV3 USER” on page 285 “CREATE SNMPV3 ACCESS” on page 287 “CREATE SNMPV3 COMMUNITY” on page 290 “CREATE SNMPV3 GROUP” on page 292 “CREATE SNMPV3 NOTIFY” on page 294 “CREATE SNMPV3 TARGETADDR” on page 296 “CREATE SNMPV3 TARGETPARAMS” on page 298 “CREATE SNMPV3 VIEW” on page 300 “DELETE SNMPV3 USER” on page 302 “DESTROY SNMPv3 ACCESS” on page 303 “DESTROY SNMPv3 COMMUNITY” on page 305
Chapter 18: SNMPv3 Commands “SHOW SNMPV3 ACCESS” on page 332 “SHOW SNMPV3 COMMUNITY” on page 333 “SHOW SNMPv3 GROUP” on page 334 “SHOW SNMPV3 NOTIFY” on page 335 “SHOW SNMPV3 TARGETADDR” on page 336 “SHOW SNMPV3 TARGETPARAMS” on page 337 “SHOW SNMPV3 USER” on page 338 “SHOW SNMPV3 VIEW” on page 339 Note Remember to save your changes with the SAVE CONFIGURATION command. Note For overview information on this feature, refer to the AT-S63 Management Software Features Guide.
AT-S63 Stack Command Line User’s Guide ADD SNMPV3 USER Syntax add snmpv3 user=user [authentication=md5|sha] authpassword=password privpassword=password [storagetype=volatile|nonvolatile] Parameters user Specifies the name of an SNMPv3 user, up to 32 alphanumeric characters. authentication Specifies the authentication protocol that is used to authenticate this user with an SNMP entity (manager or NMS). If you do not specify an authentication protocol, this parameter is automatically set to None.
Chapter 18: SNMPv3 Commands entry to the configuration file on the master switch. This is the default. nonvolatile Allows you to save the table entry to the configuration file on the stack. Description This command creates an SNMPv3 User Table entry. Examples The following command creates an SNMPv3 user with the name “steven142” with an authentication protocol of MD5, an authentication password of “99doublesecret12”, a privacy password of “encrypt178” and a storage type of nonvolatile.
AT-S63 Stack Command Line User’s Guide CREATE SNMPV3 ACCESS Syntax create snmpv3 access=access [securitymodel=v1|v2c|v3] [securitylevel=noauthentication|authentication| privacy] readview=readview writeview=writeview notifyview=notifyview [storagetype=volatile|nonvolatile] Parameters access Specifies the name of the security group, up to 32 alphanumeric characters. securitymodel Specifies the security model.
Chapter 18: SNMPv3 Commands notifyview Specifies a Notify View Name that allows the users assigned to this Group Name to send traps permitted in the specified View. This is an optional parameter. If you do not assign a value to this parameter, then the notifyview parameter defaults to none. storagetype Specifies the storage type of this table entry. This is an optional parameter. The options are: volatile Does not allow you to save the table entry to the configuration file on the stack.
AT-S63 Stack Command Line User’s Guide Note In the above example, the storage type has not been specified. As a result, the storage type for the hwengineering security group is volatile storage.
Chapter 18: SNMPv3 Commands CREATE SNMPV3 COMMUNITY Syntax create snmpv3 community index=index communityname=communityname securityname=securityname transporttag=transporttag [storagetype=volatile|nonvolatile] Parameters index Specifies the name of this SNMPv3 Community Table entry, up to 32 alphanumeric characters. communityname Specifies a password for this community entry, up to 32 alphanumeric characters.
AT-S63 Stack Command Line User’s Guide The following command creates an SNMP community with an index of 95 and a community name of “12sacramento49.” The user is “regina” and the transport tag “trainingtag.” The storage type for this community is nonvolatile storage.
Chapter 18: SNMPv3 Commands CREATE SNMPV3 GROUP Syntax create snmpv3 group username=username [securitymodel=v1|v2c|v3] groupname=groupname [storagetype=volatile|nonvolatile] Parameter username Specifies a user name configured in the SNMPv3 User Table. securitymodel Specifies the security model of the above user name. The options are: v1 Associates the Security Name, or User Name, with the SNMPv1 protocol. v2c Associates the Security Name, or User Name, with the SNMPv2c protocol.
AT-S63 Stack Command Line User’s Guide create snmpv3 group username=Nancy securitymodel=v3 groupname=admin storagetype=nonvolatile The following command creates the SNMPv3 SecurityToGroup Table entry for a user named princess. The security model is set to the SNMPv3 protocol. The group name, or security group, for this user is the “training” group. The storage type is set to nonvolatile storage.
Chapter 18: SNMPv3 Commands CREATE SNMPV3 NOTIFY Syntax create snmpv3 notify=notify tag=tag [type=trap|inform] [storagetype=volatile|nonvolatile] Parameters notify Specifies the name of an SNMPv3 Notify Table entry, up to 32 alphanumeric characters. tag Specifies the notify tag name, up to 32 alphanumeric characters. This is an optional parameter. type Specifies the message type. This is an optional parameter.
AT-S63 Stack Command Line User’s Guide The following command creates the SNMPv3 Notify Table entry called “testenginform5” and the notify tag is “testenginformtag5.” The message type is defined as an inform message and the storage type for this entry is nonvolatile storage.
Chapter 18: SNMPv3 Commands CREATE SNMPV3 TARGETADDR Syntax create snmpv3 targetaddr=targetaddr params=params ipaddress=ipaddress udpport=udpport timeout=timeout retries=retries taglist=taglist [storagetype=volatile|nonvolatile] Parameters targetaddr Specifies the name of the SNMP manager, or host, that manages the SNMP activity on the stack, up to 32 alphanumeric characters. params Specifies the target parameters name, up to 32 alphanumeric characters. ipaddress Specifies the IP address of the host.
AT-S63 Stack Command Line User’s Guide Examples In the following command, the name of the Target Address Table entry is “snmphost1.” In addition, the params parameter is assigned to “snmpv3manager” and the IP address is 198.1.1.1. The tag list consists of “swengtag,” “hwengtag,” and “testengtag.” The storage type for this table entry is nonvolatile storage. create snmpv3 targetaddr=snmphost1 params=snmpv3manager ipaddress=198.1.1.
Chapter 18: SNMPv3 Commands CREATE SNMPV3 TARGETPARAMS Syntax create snmpv3 targetparams=targetparams username=username [securitymodel=v1|v2c|v3] [messageprocessing=v1|v2c|v3] [securitylevel=noauthentication|authentication| privacy] [storagetype=volatile|nonvolatile] Parameters targetparams Specifies the name of the SNMPv3 Target Parameters Table entry, up to 32 alphanumeric characters. username Specifies a user name configured in the SNMPv3 User Table.
AT-S63 Stack Command Line User’s Guide securitylevel Specifies the security level. The options are: noauthentication This option provides no authentication protocol and no privacy protocol. storagetype authentication This option provides an authentication protocol, but no privacy protocol. privacy This option provides an authentication protocol and the privacy protocol. Specifies the storage type of this table entry. This is an optional parameter.
Chapter 18: SNMPv3 Commands CREATE SNMPV3 VIEW Syntax create snmpv3 view=view [subtree=OID|text] mask=mask [type=included|excluded] [storagetype=volatile|nonvolatile] Parameters view Specifies the name of the view, up to 32 alphanumeric characters. subtree Specifies the view of the MIB Tree. The options are: OID A numeric value in hexadecimal format. text Text name of the view. mask Specifies the subtree mask, in hexadecimal format. type Specifies the view type. This is an optional parameter.
AT-S63 Stack Command Line User’s Guide included. The storage type for this table entry is nonvolatile storage. create snmpv3 view=internet1 subtree=internet type=included storagetype=nonvolatile The following command creates an SNMPv3 View Table entry called “tcp1” with a subtree value of the TCP/IP MIBs and a view type of excluded. The storage type for this table entry is nonvolatile storage.
Chapter 18: SNMPv3 Commands DELETE SNMPV3 USER Syntax delete snmpv3 user=user Parameters user Specifies the name of an SNMPv3 user to delete from the stack. Description This command deletes an SNMPv3 User Table entry. After you delete an SNMPv3 user from the stack, you cannot recover it. Examples The following command deletes the user named “wilson890.” delete snmpv3 user=wilson890 The following command deletes the user named “75murthy75.
AT-S63 Stack Command Line User’s Guide DESTROY SNMPv3 ACCESS Syntax destroy snmpv3 access=access [securitymodel=v1|v2c|v3] [securitylevel=noauthentication|authentication| privacy] Parameter access Specifies an SNMPv3 Access Table entry. securitymodel Specifies the security model of the user name specified above. The options are: securitylevel v1 Associates the Security Name, or User Name, with the SNMPv1 protocol. v2c Associates the Security Name, or User Name, with the SNMPv2c protocol.
Chapter 18: SNMPv3 Commands destroy snmpv3 access=swengineering securitymodel=v3 securitylevel=authentication The following command deletes the SNMPv3 Access Table entry called “testengineering” with a security model of the SNMPv3 protocol and a security level of privacy.
AT-S63 Stack Command Line User’s Guide DESTROY SNMPv3 COMMUNITY Syntax destroy snmpv3 community index=index Parameter index Specifies the name of this SNMPv3 Community Table entry, up to 32 alphanumeric characters. Description This command deletes an SNMPv3 Community Table entry. After you delete an SNMPv3 Community Table entry, you cannot recover it. Examples The following command deletes an SNMPv3 Community Table entry with an index of 1001.
Chapter 18: SNMPv3 Commands DESTROY SNMPv3 GROUP Syntax destroy snmpv3 group username=username [securitymodel=v1|v2c|v3] Parameter username Specifies a user name configured in the SNMPv3 User Table. securitymodel Specifies the security model of the above user name. The options are: v1 Associates the Security Name, or User Name, with the SNMPv1 protocol. v2c Associates the Security Name, or User Name, with the SNMPv2c protocol.
AT-S63 Stack Command Line User’s Guide DESTROY SNMPv3 NOTIFY Syntax destroy snmpv3 notify=notify Parameter notify Specifies an SNMPv3 Notify Table entry. Description This command deletes an SNMPv3 Notify Table entry. After you delete an SNMPv3 Notify Table entry, you cannot recover it. Examples The following command deletes an SNMPv3 Notify Table entry called “systemtestnotifytrap.
Chapter 18: SNMPv3 Commands DESTROY SNMPv3 TARGETADDR Syntax destroy snmpv3 targetaddr=target Parameter targetaddr Specifies an SNMPv3 Target Address table entry. Description This command deletes an SNMPv3 Target Address Table entry. After you delete an SNMPv3 Target Address Table entry, you cannot recover it. Example The following command deletes an SNMPv3 Address Table entry called “snmpmanager.
AT-S63 Stack Command Line User’s Guide DESTROY SNMPv3 TARGETPARMS Syntax destroy snmpv3 targetparams=targetparams Parameter targetparams Specifies an SNMPv3 Target Parameters table entry. Description This command deletes an SNMPv3 Target Parameters Table entry. After you delete an SNMPv3 Target Parameters Table entry, you cannot recover it. Examples The following command deletes the SNMPv3 Target Parameters Table entry called “targetparameter1.
Chapter 18: SNMPv3 Commands DESTROY SNMPV3 VIEW Syntax destroy snmpv3 view=view [subtree=OID|text] Parameters view Specifies the name of the view, up to 32 alphanumeric characters. subtree Specifies the view subtree view. The options are: OID A numeric value in hexadecimal format. text Text name of the view. Description This command deletes an SNMPv3 View Table entry. After you delete an SNMPv3 View Table entry, you cannot recover it.
AT-S63 Stack Command Line User’s Guide PURGE SNMPV3 ACCESS Syntax purge snmpv3 access Parameters None Description This command resets the SNMPv3 Access Table to its default value by removing all the access table entries. To remove a single entry, use “DESTROY SNMPv3 ACCESS” on page 303.
Chapter 18: SNMPv3 Commands PURGE SNMPV3 COMMUNITY Syntax purge snmpv3 community Parameters None Description This command resets the SNMPv3 Community Table to its default value by removing all the community table entries. To remove a single entry, use “DESTROY SNMPv3 COMMUNITY” on page 305.
AT-S63 Stack Command Line User’s Guide PURGE SNMPV3 NOTIFY Syntax purge snmpv3 notify Parameters None Description This command resets the SNMPv3 Notify Table to its default value by removing all the notify table entries. To remove a single entry, use “DESTROY SNMPv3 NOTIFY” on page 307.
Chapter 18: SNMPv3 Commands PURGE SNMPV3 TARGETADDR Syntax purge snmpv3 targetaddr Parameters None Description This command resets the SNMPv3 Target Address Table to its default values by removing all the target address table entries. To remove a single entry, use “DESTROY SNMPv3 TARGETADDR” on page 308.
AT-S63 Stack Command Line User’s Guide PURGE SNMPV3 VIEW Syntax purge snmpv3 view Parameters None Description This command resets the SNMPv3 View Table to its default values by removing all the view table entries. To remove a single entry, use “DESTROY SNMPV3 VIEW” on page 310.
Chapter 18: SNMPv3 Commands SET SNMPV3 ACCESS Syntax set snmpv3 access=access [securitymodel=v1|v2c|v3] [securitylevel=noauthentication|authentication| privacy] readview=readview writeview=writeview notifyview=notifyview [storagetype=volatile|nonvolatile] Parameters access Specifies the name of the group, up to 32 alphanumeric characters. securitymodel Specifies the security model. Options are: securitylevel v1 Associates the Security Name, or User Name, with the SNMPv1 protocol.
AT-S63 Stack Command Line User’s Guide storagetype Specifies the storage type of this table entry. This is an optional parameter. The options are: volatile Does not allow you to save the table entry to the configuration file on the master switch. This is the default. nonvolatile Allows you to save the table entry to the configuration file on the master switch. Description This command modifies an SNMPv3 Access Table entry. Examples The following command modifies the group called engineering.
Chapter 18: SNMPv3 Commands SET SNMPV3 COMMUNITY Syntax set snmpv3 community index=index communityname=communityname securityname=securityname transporttag=transporttag [storagetype=volatile|nonvolatile] Parameters index Specifies the name of this SNMPv3 Community Table entry, up to 32 alphanumeric characters. communityname Specifies a password of this community, up to 32 alphanumeric characters. securityname Specifies the name of an SNMPv1 and SNMPv2 user, up to 32 alphanumeric characters.
AT-S63 Stack Command Line User’s Guide The following command modifies the community table entry with an index of 52. The community has a password of “oldmiss71” and a security name of “jjhuser234.” The transport tag is set to “testtag40.
Chapter 18: SNMPv3 Commands SET SNMPV3 GROUP Syntax set snmpv3 group username=username [securitymodel=v1|v2c|v3] groupname=groupname [storagetype=volatile|nonvolatile] Parameter username Specifies a user name configured in the SNMPv3 User Table. securitymodel Specifies the security model of the above user name. The options are: v1 Associates the Security Name, or User Name, with the SNMPv1 protocol. v2c Associates the Security Name, or User Name, with the SNMPv2c protocol.
AT-S63 Stack Command Line User’s Guide The following command modifies the SecurityToGroup Table entry with a user name of “nelvid.” The security model is the SNMPv3 protocol and the group name “systemtest.
Chapter 18: SNMPv3 Commands SET SNMPV3 NOTIFY Syntax set snmpv3 notify=notify tag=tag [type=trap|inform] [storagetype=volatile|nonvolatile] Parameters notify Specifies the name associated with the trap message, up to 32 alphanumeric characters. tag Specifies the notify tag name, up to 32 alphanumeric characters. type Specifies the message type. Options are: storagetype trap Trap messages are sent, with no response expected from the host.
AT-S63 Stack Command Line User’s Guide The following command modifies an SNMPv3 Notify Table entry called “systemtestinform5.” The notify tag is “systemtestinform5tag” and the message type is an inform message.
Chapter 18: SNMPv3 Commands SET SNMPV3 TARGETADDR Syntax set snmpv3 targetaddr=targetaddr params=params ipaddress=ipaddress udpport=udpport timeout=timeout retries=retries taglist=taglist [storagetype=volatile|nonvolatile] Parameters 324 targetaddr Specifies the name of the SNMP entity (NMS or manager) that manages the SNMP activity on the stack, up to 32 alphanumeric characters. params Specifies the target parameters name, up to 32 alphanumeric characters. This is an optional parameter.
AT-S63 Stack Command Line User’s Guide Description This command modifies an SNMPv3 Target Address Table entry. Examples The following command modifies the Target Address Table entry with a value of “snmphost.” The params parameter is set to “targetparameter7” and the IP address is 198.1.1.1. The taglist is set to “systemtesttraptag” and “systemtestinformtag.” set snmpv3 targetaddr=snmphost params=targetparameter7 ipaddress=198.1.1.
Chapter 18: SNMPv3 Commands SET SNMPV3 TARGETPARAMS Syntax set snmpv3 targetparams=targetparams username=username [securitymodel=v1|v2c|v3] [messageprocessing=v1|v2c|v3] [securitylevel=noauthentication|authentication| privacy] [storagetype=volatile|nonvolatile] Parameters targetparams Specifies the target parameters name, up to 32 alphanumeric characters. username Specifies the user name. securitymodel Specifies the security model of the above user name.
AT-S63 Stack Command Line User’s Guide authentication This option provides an authentication protocol, but no privacy protocol. privacy storagetype This option provides an authentication protocol and the privacy protocol. Specifies the storage type of this table entry. This is an optional parameter. The options are: volatile Does not allow you to save the table entry to the configuration file on the master switch. This is the default.
Chapter 18: SNMPv3 Commands SET SNMPV3 USER Syntax set snmpv3 user=user [authentication=md5|sha] authpassword=password privpassword=password [storagetype=volatile|nonvolatile] Parameters 328 user Specifies the name of an SNMPv3 user, up to 32 alphanumeric characters. authentication Specifies the authentication protocol that is used to authenticate this user with an SNMPv3 entity (or NMS). The default is no authentication. The options are: md5 The MD5 authentication protocol.
AT-S63 Stack Command Line User’s Guide Description This command modifies an SNMPv3 User Table entry. Examples The following command modifies a User Table entry called “atiuser104”. The authentication protocol is set to the MD5 protocol and the authentication password is “atlanta45denver.” The DES privacy protocol is on and the privacy password is “denvertoatlanta3.
Chapter 18: SNMPv3 Commands SET SNMPV3 VIEW Syntax set snmpv3 view=view [subtree=OID|text] mask=mask [type=included|excluded] [storagetype=volatile|nonvolatile] Parameters view Specifies the name of the view, up to 32 alphanumeric characters. subtree Specifies the view subtree view. Options are: OID A numeric value in hexadecimal format. text Text name of the view. mask Specifies the subtree mask, in hexadecimal format. type Specifies the view type.
AT-S63 Stack Command Line User’s Guide set snmpv3 view=internet1 subtree=internet type=included The following command modifies the view called system. The subtree is set to 1.3.6.1.2.1 (System MIBs) and the view type is excluded. set snmpv3 view=system subtree=1.3.6.1.2.
Chapter 18: SNMPv3 Commands SHOW SNMPV3 ACCESS Syntax show snmpv3 access=access Parameter access Specifies an SNMPv3 Access Table entry. Description This command displays the SNMPv3 Access Table. You can display one or all of the table entries. Examples The following command displays the SNMPv3 Access Table entry called “production.
AT-S63 Stack Command Line User’s Guide SHOW SNMPV3 COMMUNITY Syntax show snmpv3 community index=index Parameter index Specifies the name of this SNMPv3 Community Table entry, up to 32 alphanumeric characters. Description This command displays the SNMPv3 Community Table. You can display one or all of the SNMPv3 Community Table entries.
Chapter 18: SNMPv3 Commands SHOW SNMPv3 GROUP Syntax show snmpv3 group username=username [securitymodel=v1|v2c|v3] Parameter username Specifies a user name configured in the SNMPv3 User Table. securitymodel Specifies the security model of the above user name. The options are: v1 Associates the Security Name, or User Name, with the SNMPv1 protocol. v2c Associates the Security Name, or User Name, with the SNMPv2c protocol. v3 Associates the Security Name, or User Name, with the SNMPv3 protocol.
AT-S63 Stack Command Line User’s Guide SHOW SNMPV3 NOTIFY Syntax show snmpv3 notify=notify Parameter notify Specifies an SNMPv3 Notify Table entry. Description This command displays SNMPv3 Notify Table entries. You can display one or all of the table entries.
Chapter 18: SNMPv3 Commands SHOW SNMPV3 TARGETADDR Syntax show snmpv3 targetaddr=targetaddr Parameter targetaddr Specifies an SNMPv3 Target Address Table entry. Description This command displays SNMPv3 Target Address Table entries. You can display one or all of the table entries.
AT-S63 Stack Command Line User’s Guide SHOW SNMPV3 TARGETPARAMS Syntax show snmpv3 targetparams=targetparams Parameter targetparams Specifies an SNMPv3 Target Parameters Table entry. Description This command displays SNMPv3 Target Parameters Table entries. You can display one or all of the table entries.
Chapter 18: SNMPv3 Commands SHOW SNMPV3 USER Syntax show snmpv3 user=user Parameters userSpecifies the name of an SNMPv3 user, up to 32 alphanumeric characters. Description This command displays SNMPv3 User Table entries. You can display one or all of the table entries.
AT-S63 Stack Command Line User’s Guide SHOW SNMPV3 VIEW Syntax show snmpv3 view=view [subtree=OID|text] Parameter view Specifies an SNMPv3 View Table entry. subtree Specifies the view subtree view. Options are: OID A numeric value in hexadecimal format. text Text name of the view. Description This command displays the SNMPv3 View Table entries. You can display one or all of the table entries.
Chapter 18: SNMPv3 Commands 340 Section IV: SNMPv3
Section V Spanning Tree Protocols The chapters in this section contain the commands for the spanning tree protocols.
Section V: Spanning Tree Protocols
Chapter 19 Spanning Tree Protocol Commands This chapter contains the following commands: “ACTIVATE STP” on page 344 “DISABLE STP” on page 345 “ENABLE STP” on page 346 “PURGE STP” on page 347 “SET STP” on page 348 “SET STP PORT” on page 351 “SET SWITCH MULTICASTMODE” on page 353 “SHOW STP” on page 355 Note Remember to save your changes with the SAVE CONFIGURATION command.
Chapter 19: Spanning Tree Protocol Commands ACTIVATE STP Syntax activate stp Parameters None. Description This command designates STP as the active spanning tree on the stack. You cannot enable STP or configure its parameters until you have designated it as the active spanning tree with this command. Only one spanning tree protocol, STP, RSTP, or MSTP, can be active on the stack at a time.
AT-S63 Stack Command Line User’s Guide DISABLE STP Syntax disable stp Parameters None. Description This command disables the Spanning Tree Protocol on the stack. The default setting for STP is disabled. To view the current status of STP, refer to “SHOW STP” on page 355.
Chapter 19: Spanning Tree Protocol Commands ENABLE STP Syntax enable stp Parameters None. Description This command enables the Spanning Tree Protocol on the stack. The default setting for STP is disabled. To view the current status of STP, refer to “SHOW STP” on page 355. Note You cannot enable STP until after you have activated it with “ACTIVATE STP” on page 344.
AT-S63 Stack Command Line User’s Guide PURGE STP Syntax purge stp Parameters None. Description This command returns all STP bridge and port parameters to the default settings. STP must be disabled in order for you to use this command. To disable STP, see “DISABLE STP” on page 345. Example purge stp Equivalent Command set stp default For information, see “SET STP” on page 348.
Chapter 19: Spanning Tree Protocol Commands SET STP Syntax set stp [default] [priority=priority] [hellotime=hellotime] [forwarddelay=forwarddelay] [maxage=maxage] Parameters default Disables STP and returns all bridge and port STP settings to the default values. This parameter cannot be used with any other command parameter and can only be used when STP is disabled. (This parameter performs the same function as the PURGE STP command.) priority Specifies the priority number for the bridge.
AT-S63 Stack Command Line User’s Guide hellotime Specifies the time interval between generating and sending configuration messages by the bridge. This parameter can be from 1 to 10 seconds. The default is 2 seconds. forwarddelay Specifies the waiting period before a bridge changes to a new state, for example, becomes the new root bridge after the topology changes. If the bridge transitions too soon, all links may not have had time to adapt to the change, resulting in network loops.
Chapter 19: Spanning Tree Protocol Commands Examples This command sets the stack’s bridge priority value to 45,056 (increment 11): set stp priority=11 This command sets the hello time to 7 seconds and the forwarding delay to 25 seconds: set stp hellotime=7 forwarddelay=25 This command returns all of the stack’s STP parameters to the default values: set stp default Equivalent Command purge stp For information, see “PURGE STP” on page 347.
AT-S63 Stack Command Line User’s Guide SET STP PORT Syntax set stp port=port [pathcost|portcost=auto|portcost] [portpriority=portpriority] Parameters port Specifies the port you want to configure. You can configure more than one port at a time. Port numbers must be specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. pathcost or portcost Specifies the port’s cost. The parameters are equivalent.
Chapter 19: Spanning Tree Protocol Commands portpriority Specifies the port’s priority. This parameter is used as a tie breaker when two or more ports are determined to have equal costs to the root bridge. The range is 0 to 240 in increments of 16, for a total of 16 increments as shown in Table 13. You specify the increment of the desired value. The default is 128 (increment 8). Table 13.
AT-S63 Stack Command Line User’s Guide SET SWITCH MULTICASTMODE Syntax set switch multicastmode=[a|b|c|d] Parameter multicast mode Specifies the multicast mode. The options are: a Discards all ingress spanning tree BPDU and 802.1x EAPOL packets on all ports. b Forwards ingress spanning tree BPDU and 802.1x EAPOL packets across all VLANs and ports. c Forwards ingress BPDU and EAPOL packets only among the untagged ports of the VLAN where the ingress port is a member.
Chapter 19: Spanning Tree Protocol Commands B - Forwards ingress spanning tree BPDU and 802.1x EAPOL packets across all VLANs and ports. This is the default setting. The stack behaves as follows: If STP, RSTP, and MSTP are disabled, ingress BPDUs are flooded on all ports. If STP, RSTP, MSTP, and 802.1x are disabled on the stack, BPDUs and EAPOL packets are flooded on all ports. If the stack is running STP or RSTP and 802.
AT-S63 Stack Command Line User’s Guide SHOW STP Syntax show stp [port=port] Parameter port Specifies the port whose STP parameters you want to view. You can view more than one port at a time.Port numbers must be specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command displays the current values for the STP parameters. An example of the display is shown in Figure 35. Status ......................
Chapter 19: Spanning Tree Protocol Commands The root bridge parameter specifies the bridge identifier of the root bridge of the spanning tree domain. The identifier consists of the bridge priority value and MAC address of the root switch, separated by a slash (/). This parameter only appears when STP is activated on the stack. The root path cost parameter displays the path cost from the stack to the root bridge of the spanning tree domain. If the stack is the root bridge, the path cost is 0.
Chapter 20 Rapid Spanning Tree Protocols Commands This chapter contains the following commands: “ACTIVATE RSTP” on page 358 “DISABLE RSTP” on page 359 “ENABLE RSTP” on page 360 “PURGE RSTP” on page 361 “SET RSTP” on page 362 “SET RSTP PORT” on page 365 “SHOW RSTP” on page 368 Note Remember to save your changes with the SAVE CONFIGURATION command. Note For overview information on the rapid spanning tree protocol (RSTP), refer to the AT-S63 Management Software Features Guide.
Chapter 20: Rapid Spanning Tree Protocols Commands ACTIVATE RSTP Syntax activate rstp Parameters None. Description This command designates RSTP as the active spanning tree on the stack. After selecting RSTP as the active spanning tree, you can enable or disable it with the ENABLE RSTP and DISABLE RSTP commands. RSTP is active on a stack only after you have designated it as the active spanning tree with this command and enabled it with the ENABLE RSTP command.
AT-S63 Stack Command Line User’s Guide DISABLE RSTP Syntax disable rstp Parameters None. Description This command disables the Rapid Spanning Tree Protocol on the stack. To view the current status of RSTP, use “SHOW RSTP” on page 368.
Chapter 20: Rapid Spanning Tree Protocols Commands ENABLE RSTP Syntax enable rstp Parameters None. Description This command enables the Rapid Spanning Tree Protocol on the stack. The default setting for RSTP is disabled. To view the current status of RSTP, use “SHOW RSTP” on page 368. You cannot enable RSTP until you have activated it with the ACTIVATE RSTP command.
AT-S63 Stack Command Line User’s Guide PURGE RSTP Syntax purge rstp Parameters None. Description This command returns all RSTP bridge and port parameters to the default settings. RSTP must be disabled before you can use this command. To disable RSTP, refer to “DISABLE RSTP” on page 359. Example The following command resets RSTP: purge rstp Equivalent Command set rstp default For information, refer to “SET RSTP” on page 362.
Chapter 20: Rapid Spanning Tree Protocols Commands SET RSTP Syntax set rstp [default] [priority=priority] [hellotime=hellotime] [forwarddelay=forwarddelay] [maxage=maxage] [rstptype|forceversion=stpcompatible| forcestpcompatible|normalrstp] Parameters default Returns all bridge and port RSTP settings to the default values. This parameter cannot be used with any other command parameter and only when RSTP is disabled. (This parameter performs the same function as the PURGE RSTP command.
AT-S63 Stack Command Line User’s Guide hellotime Specifies the time interval between generating and sending configuration messages by the bridge. This parameter can be from 1 to 10 seconds. The default is 2 seconds. forwarddelay Specifies the waiting period before a bridge changes to a new state, for example, becomes the new root bridge after the topology changes. If the bridge transitions too soon, not all links may have yet adapted to the change, resulting in network loops.
Chapter 20: Rapid Spanning Tree Protocols Commands Forwarding delay Maximum age time Port priority Force version of STP or normal RSTP This command can also return the RSTP parameters to their default settings. Note You can use this command only if RSTP is the active spanning tree protocol on the stack. See “ACTIVATE RSTP” on page 358.
AT-S63 Stack Command Line User’s Guide SET RSTP PORT Syntax set rstp port=port [pathcost|portcost=cost|auto] [portpriority=portpriority] [edgeport=yes|no|on|off|true|false] [ptp|pointtopoint=yes|no|on|off|true|false|autoupdate] [migrationcheck=yes|no|on|off|true|false] Parameters port Specifies the port you want to configure. You can specify more than one port at a time. Port numbers are specified in the following format: module ID.
Chapter 20: Rapid Spanning Tree Protocols Commands Table 16 lists the RSTP port costs with Auto-Detect when the port is part of a port trunk. Table 16. RSTP Auto-Detect Port Trunk Costs portpriority Port Speed Port Cost 10 Mbps 20,000 100 Mbps 20,000 1000 Mbps 2,000 Specifies the port’s priority. This parameter is used as a tie breaker when two or more ports are determined to have equal costs to the root bridge.
AT-S63 Stack Command Line User’s Guide ptp or pointtopoint migrationcheck Defines whether the port is functioning as a pointto-point port. The parameters are equivalent. This type of port is connected to a device operating at full-duplex mode. The options are: yes, on, true The port is an point-to-point port. The options are equivalent. no, off, false The port is not an point-to-point port. The parameters are equivalent. are equivalent. autoupdate The port’s status is determined automatically.
Chapter 20: Rapid Spanning Tree Protocols Commands SHOW RSTP Syntax show rstp [portconfig=port|portstate=port] Parameters portconfig Displays the RSTP port settings. You can specify more than one port at a time. portstate Displays the RSTP port status. You can specify more than one port at a time. Description You can use this command to display the RSTP parameter settings. An example of the display is shown in Figure 37. Status ....................... Force Version ................ Bridge Priority ...
AT-S63 Stack Command Line User’s Guide The root bridge identifier parameter displays the bridge priority value and MAC address of the root switch of the spanning tree domain. The values are separated by a slash (/). This parameter only appears when RSTP is activated on the stack. The root path cost parameter displays the path cost from the stack to the root bridge of the spanning tree domain. If the stack is the root bridge, the path cost is 0.
Chapter 20: Rapid Spanning Tree Protocols Commands The information displayed by the command is as follows: Port — The port number. State — The RSTP state of the port. The possible states for a port connected to another device running RSTP are Discarding and Forwarding. The possible states for a port connected to a device running STP are Listening, Learning, Forwarding, and Blocking. The possible states for a port not being used or where spanning tree is not activated is Disabled.
Section VI Virtual LANs This section has the following chapter: Section VI: Virtual LANs Chapter 21, “Port-based and Tagged VLAN Commands” on page 373 371
Section VI: Virtual LANs
Chapter 21 Port-based and Tagged VLAN Commands This chapter contains the following commands: “ADD VLAN” on page 374 “CREATE VLAN” on page 376 “DELETE VLAN” on page 379 “DESTROY VLAN” on page 382 “SET SWITCH INFILTERING” on page 383 “SET VLAN” on page 384 “SHOW VLAN” on page 385 Note Remember to use the SAVE CONFIGURATION command to save your changes on the stack. Note For overview information on port-based and tagged VLANs, refer to the AT-S63 Management Software Features Guide.
Chapter 21: Port-based and Tagged VLAN Commands ADD VLAN Syntax 1 add vlan=name [vid=vid] ports=ports|all frame=untagged|tagged Syntax 2 add vlan=name [vid=vid] taggedports=ports|all untaggedports=ports|all Parameters vlan Specifies the name of the VLAN to modify. vid Specifies the VID of the VLAN you want to modify. This parameter is optional. ports Specifies the ports to be added to the VLAN. Port numbers are entered in the following format: module ID.
AT-S63 Stack Command Line User’s Guide This command has two syntaxes. Either syntax can be used to add ports to a VLAN. The difference between the two is that Syntax 1 can add only one type of port, tagged or untagged, at a time to a VLAN, while Syntax 2 can add both in the same command. This is illustrated in Examples below.
Chapter 21: Port-based and Tagged VLAN Commands CREATE VLAN Syntax 1 create vlan=name vid=vid [type=port] ports=ports|all frame=untagged|tagged Syntax 2 create vlan=name vid=vid [type=port] taggedports=ports|all untaggedports=ports|all Parameters vlan Specifies a name of up to 20 alphanumeric characters for the new VLAN. A VLAN must have a name. It should reflect the function of the member nodes of the VLAN (for example, Sales or Accounting).
AT-S63 Stack Command Line User’s Guide ports Specifies the ports on the stack that are tagged or untagged members of the new VLAN. This parameter must be followed by the FRAME parameter. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. frame Specifies whether the ports of the VLAN are to be tagged or untagged. This parameter must be used with the PORTS parameter.
Chapter 21: Port-based and Tagged VLAN Commands assignments. Examples The following command uses Syntax 1 to create a port-based VLAN called Sales with a VID of 3. The VLAN consists of ports 1.4 to 1.8 and ports 2.12 to 2.16. All ports will be untagged ports in the VLAN: create vlan=Sales vid=3 ports=1.4-1.8,2.12-2.16 frame=untagged The following command uses Syntax 2 to create the same VLAN: create vlan=Sales vid=3 untaggedports=1.4-1.8,2.12-2.
AT-S63 Stack Command Line User’s Guide DELETE VLAN Syntax 1 delete vlan=name [vid=vid] ports=ports frame=untagged|tagged Syntax 2 delete vlan=name [vid=vid] taggedports=ports untaggedports=ports Parameters vlan Specifies the name of the VLAN to be modified. vid Specifies the VID of the VLAN to be modified. This parameter is optional. ports Specifies the ports to be removed from the VLAN. This parameter must be used with the FRAME parameter.
Chapter 21: Port-based and Tagged VLAN Commands Note To delete a VLAN, see “DESTROY VLAN” on page 382. Note You cannot change a VLAN’s name or VID. When you remove an untagged port from a VLAN, the following happens: The port is returned to the Default_VLAN as an untagged port. If the port is also a tagged member of other VLANS, those VLAN assignments are not changed. The port remains a tagged member of the other VLANs.
AT-S63 Stack Command Line User’s Guide delete vlan=Service ports=5.6-5.8 frame=untagged Using Syntax 2, you can do the whole thing with just one command: delete vlan=Service untaggedports=5.6-5.8 taggedports=1.
Chapter 21: Port-based and Tagged VLAN Commands DESTROY VLAN Syntax destroy vlan=name|vid|all Parameters vlan Specifies the name or VID of the VLAN to be deleted. To delete all VLANs, use the ALL option. Description This command deletes port-based VLANs from the stack. You can use the command to delete selected VLANs or all the VLANs on the stack. Note the following before using this command: You cannot delete the Default_VLAN. You cannot delete a VLAN if it has a routing interface.
AT-S63 Stack Command Line User’s Guide SET SWITCH INFILTERING Syntax set switch infiltering=yes|no|on|off|true|false Parameters infiltering Specifies the operating status of ingress filtering. The options are: yes, on, true Activates ingress filtering. The options are equivalent. This is the default setting. no, off, false Deactivates ingress filtering. The options are equivalent. Description This command controls the status of ingress filtering.
Chapter 21: Port-based and Tagged VLAN Commands SET VLAN Syntax set vlan=name|vid port=ports frame=tagged|untagged Parameters vlan Specifies the name or VID of the VLAN to be modified. ports Specifies the port whose VLAN type is to be changed. You can specify more than one port at a time. Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. frame Identifies the new VLAN type for the port.
AT-S63 Stack Command Line User’s Guide SHOW VLAN Syntax show vlan[=name|vid] Parameter vlan Specifies the name or VID of the VLAN. Description This command displays the VLANs on the stack. An example of the information displayed by this command for port-based and tagged VLANs is shown in Figure 40. VLAN Name ............................ VLAN ID .............................. VLAN Type ............................ Protected Ports ...................... Untagged Port(s) Configured ........................
Chapter 21: Port-based and Tagged VLAN Commands – Actual: The current untagged ports of the VLAN. This applies to 802.1x port-based network access control. Since version 3.0.0 of the AT-S63 Management Software does not support this feature in a stack, you can ignore this field. The ports in the Configured and Actual fields will always be the same. Tagged port(s) - The tagged ports of the VLAN. A tagged port can belong to more than one VLAN at a time.
Section VII Internet Protocol Routing This section has the following chapter: Section VII: Internet Protocol Routing Chapter 22, “Internet Protocol Version 4 Packet Routing Commands” on page 389 387
Section VII: Internet Protocol Routing
Chapter 22 Internet Protocol Version 4 Packet Routing Commands This chapter has the following commands: “ADD IP ARP” on page 390 “ADD IP INTERFACE” on page 392 “ADD IP ROUTE” on page 394 “DELETE IP ARP” on page 396 “DELETE IP INTERFACE” on page 397 “DELETE IP ROUTE” on page 398 “PURGE IP” on page 399 “SET IP ARP” on page 400 “SET IP ARP TIMEOUT” on page 402 “SET IP INTERFACE” on page 403 “SET IP LOCAL INTERFACE” on page 405 “SET IP ROUTE” on page 406 “SHOW
Chapter 22: Internet Protocol Version 4 Packet Routing Commands ADD IP ARP Syntax add ip arp=ipaddress interface=interface port=port ethernet=macaddress Parameters arp Specifies the IP address of the host. The IP address must be a member of a local subnet or network that has a routing interface on the stack. interface Specifies the name of the interface from where the host is reached. An interface name consists of “VLAN” followed by the name or ID (VID) of the VLAN and the interface number (e.g.
AT-S63 Stack Command Line User’s Guide This command adds a static ARP entry for a host with an IP address of 149.124.85.14 and a MAC address of 00:06:7A:22:11:A4. The host is located on port 3.6 in the VLAN14-1 interface: add ip arp=149.124.85.14 interface=vlan14-1 port=3.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands ADD IP INTERFACE Syntax add ip interface=interface ipaddress=ipaddress|dhcp|bootp [mask|netmask=subnetmask] [ripmetric=value] Parameters interface Specifies a name for the new routing interface. An interface name consists of “VLAN” followed by the name or ID (VID) of the VLAN and the interface number (e.g., vlan-Sales-0 or vlan4-0). The range of the interface number is 0 to 15. ipaddress Specifies an IP address for the interface.
AT-S63 Stack Command Line User’s Guide Description This command creates a new interface for routing IPv4 packets to a local network or subnet. Note the following before using this command: The VLAN must already exist on the stack. You cannot assign more than one interface to the same local network or subnet on a stack. When there are multiple interfaces within a VLAN, each must be assigned a unique interface number.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands ADD IP ROUTE Syntax add ip route=ipaddress [interface=interface] nexthop=ipaddress [mask=subnetmask] [metric=value] [preference=value] Parameters route Specifies the IP address of the destination network, subnet, or node. The IP address for a default route is 0.0.0.0. interface Specifies the name of the routing interface where the static route is to be added. To view the interfaces on the stack, refer to “SHOW IP INTERFACE” on page 412.
AT-S63 Stack Command Line User’s Guide metric Specifies the cost of crossing the route. The range is 1 to 16. The default is 1. preference Assigns a preference value to the static route. The stack uses the preference values to select the active routes when there are more than eight static or dynamic routes in the routing table to the same remote destination. The range is 0 to 65535. The lower the value, the higher the preference. The default value for a static route is 60.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands DELETE IP ARP Syntax delete ip arp=ipaddress Parameters arp Specifies the IP address of the host to be deleted from the ARP cache. Description This command deletes static and dynamic ARP entries from the ARP cache. This command can delete only one ARP entry at a time. To view the entries in the cache, refer to “SHOW IP ARP” on page 408. Example This command deletes the ARP entry for a host with the IP address 149.42.67.
AT-S63 Stack Command Line User’s Guide DELETE IP INTERFACE Syntax delete ip interface=interface Parameters interface Specifies the name of the interface to be deleted from the stack. An interface name consists of “VLAN” followed by the name or ID (VID) of the VLAN and the interface number (e.g., vlan-Sales-0 or vlan4-0). Description This command deletes an interface from the stack. You can only delete one interface at a time.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands DELETE IP ROUTE Syntax delete ip route=ipaddress [interface=interface] nexthop=ipaddress mask=subnetmask Parameters route Specifies the destination IP address of the static, dynamic, or default route to be deleted. The IP address for the default route is 0.0.0.0. interface Specifies the name of the interface where the static or dynamic route is assigned.
AT-S63 Stack Command Line User’s Guide PURGE IP Syntax purge ip Parameters None. Description This command deletes all routing interfaces on the stack. Note the following before performing this command: All IPv4 packet routing on the stack ceases. The device, however, continues to switch packets among the ports within the VLANs (but not across the VLAN boundaries) using Layer 2. All static routes are deleted from the route table.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands SET IP ARP Syntax set ip arp=ipaddress [interface=interface] [port=port] [ethernet=macaddress] Parameters arp Specifies the IP address of the static route entry to be modified. interface Specifies the interface where the host is located. An interface name consists of “VLAN” followed by the name or ID (VID) of the VLAN and the interface number (e.g., vlan-Sales-0 or vlan4-0). The interface must already exist on the stack.
AT-S63 Stack Command Line User’s Guide This command changes the MAC address for the static ARP entry with the IP address 149.124.85.14: set ip arp=149.124.85.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands SET IP ARP TIMEOUT Syntax set ip arp timeout=integer Parameter timeout Specifies the ARP cache timeout value The range is 150 to 260000 seconds. The default setting is 600 seconds. Description This command sets the ARP cache timeout value. The timer prevents the ARP table from becoming full with inactive entries. An entry that is not used for the length of the timeout period is designated as inactive and deleted from the table.
AT-S63 Stack Command Line User’s Guide SET IP INTERFACE Syntax set ip interface=interface|eth0 [ipaddress=ipaddress|dhcp|bootp] [mask|netmask=subnetmask] [ripmetric=value] Parameters interface Specifies the name of the routing interface to be modified. An interface name consists of “VLAN” followed by the name or ID (VID) of the VLAN and the interface number (e.g., vlan-Sales-0 or vlan4-0). The “eth0” value can be used in place of the interface name to specify the local interface.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands Note the following before performing this command: Modifying the IP address of a routing interface deletes all static routes assigned to the interface. Modifying the IP address of a routing interface that has RIP removes the routing protocol from the interface and deletes all RIP routes learned on the interface from the routing table. You cannot change the name of a routing interface.
AT-S63 Stack Command Line User’s Guide SET IP LOCAL INTERFACE Syntax set ip local interface=interface|none Parameters interface Specifies the name of the interface to act as the local interface on the stack. An interface name consists of “VLAN” followed by the name or ID (VID) of the VLAN and the interface number (e.g., vlan-Sales-0 or vlan40). Use the NONE option to remove the currently assigned local interface without assigning a new one. The default is no local interface.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands SET IP ROUTE Syntax set ip route=ipaddress [interface=interface] nexthop=ipaddress mask=subnetmask [metric=value] [preference=value] Parameters route Specifies the IP address of the remote destination of the static route to be modified. The IP address of the default route is 0.0.0.0. You cannot change the destination IP address of a static route. If the destination address changes, you must delete the old route and enter a new route.
AT-S63 Stack Command Line User’s Guide Note In version 2.0.0, the routing table supported only these three values for subnet masks. In all later versions, subnet masks can be of variable lengths, provided that the “1” bits are consecutive (e.g.,128, 192, 224, etc.). metric Specifies a new cost for crossing the route. The range is 1 to 16. The default is 1. preference Assigns a preference value to the static route.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands SHOW IP ARP Syntax show ip arp Parameters None. Description This command displays the entries in the ARP cache. The ARP cache contains mappings of IP addresses to physical addresses for hosts where the stack has recently routed packets. Figure 41 is an example of the information displayed by this command.
AT-S63 Stack Command Line User’s Guide Example This command displays the entries in the ARP cache: show ip arp Section VII: Internet Protocol Routing 409
Chapter 22: Internet Protocol Version 4 Packet Routing Commands SHOW IP COUNTER Syntax show ip counter [port=ports|all] Parameters port Specifies the ports whose IP statistics you want to view. Omitting this parameter displays the statistics for all the ports. Port numbers are entered in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. Description This command displays Layer 3 counters for the individual ports on a stack.
AT-S63 Stack Command Line User’s Guide Examples This command displays the statistics for all the ports: show ip counter This command displays the statistics for ports 1.1 to 1.4: show ip counter port=1.1-1.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands SHOW IP INTERFACE Syntax show ip interface[=interface|eth0] Parameters interface Specifies the interface name. An interface name consists of “VLAN” followed by the name or ID (VID) of the VLAN and the interface number (e.g., vlanSales-0 or vlan4-0). If no interface value is specified, the stack displays all the interfaces. The “eth0” value can be used to designate the local interface.
AT-S63 Stack Command Line User’s Guide its IP configuration from a DHCP or BOOTP server, but the server has not responded. NetMask - The interface’s subnet mask. The subnet mask is assigned manually to the interface or automatically by a DHCP or BOOTP server. If the mask is 0.0.0.0, the DHCP or BOOTP server has not responded. RipMet - The hop count for this interface when routing packets with RIP.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands SHOW IP ROUTE Syntax show ip route [general] [fdb] [full] Parameters general Displays general routing information, such as the total number of routes in the cache and the cache size. fdb Displays the status of the static and dynamic routes. full Displays both the routes and the general routing information. Description Entering this command without any parameters displays all of the IPv4 interface, static and RIP routes.
AT-S63 Stack Command Line User’s Guide NextHop - IP address of the next hop to the destination network or subnet. RipMetric - RIP metric (cost) to reaching the destination. Interface - Name of the interface where the next hop of the route is located. A hash symbol (#) following the name signifies that the route is physically “down,” meaning there are no active nodes in the VLAN of the interface. Preference - The preference value of the route.
Chapter 22: Internet Protocol Version 4 Packet Routing Commands The interface with the next hop of the route is up (i.e., there is at least one active port in the VLAN) There is a static or dynamic ARP entry for the next hop in the routing table. A route with a status of No has not been installed by the stack in its routing hardware and is not currently being used. Any one of the following conditions can cause a route to have this status: The interface for the next hop of the route is down (i.e.
AT-S63 Stack Command Line User’s Guide Examples This command displays the IPv4 packet routes on the stack: show ip route This command displays general routing information: add ip route general This command displays both the routes and the general routing information: add ip route full Section VII: Internet Protocol Routing 417
Chapter 22: Internet Protocol Version 4 Packet Routing Commands 418 Section VII: Internet Protocol Routing
Section VIII Port Security This section has the following chapter: Section VIII: Port Security Chapter 23, ”802.
Section VIII: Port Security
Chapter 23 802.
Chapter 23: 802.1x Port-based Network Access Control Commands DISABLE PORTACCESS|PORTAUTH Syntax disable portaccess|portauth Note The PORTACCESS and PORTAUTH keywords are equivalent. Parameters None. Description This command disables 802.1x Port-based Network Access Control on the switch. This is the default setting. Example The following command disables 802.
AT-S63 Stack Command Line User’s Guide DISABLE RADIUSACCOUNTING Syntax disable radiusaccounting Parameters None Description This command disables RADIUS accounting on the switch. Example The following command disables RADIUS accounting: disable radiusaccounting Equivalent Command set radiusaccounting status=disabled For information, see “SET RADIUSACCOUNTING” on page 437.
Chapter 23: 802.1x Port-based Network Access Control Commands ENABLE PORTACCESS|PORTAUTH Syntax enable portaccess|portauth Note The PORTACCESS and PORTAUTH keywords are equivalent. Parameters None. Description This command activates 802.1x Port-based Network Access Control on the switch. The default setting for this feature is disabled. Note You should activate and configure the RADIUS client software on the switch before activating port-based access control. Refer to “SET AUTHENTICATION” on page 452.
AT-S63 Stack Command Line User’s Guide ENABLE RADIUSACCOUNTING Syntax enable radiusaccounting Parameters None Description This command activates RADIUS accounting on the switch. Example The following command activates RADIUS accounting: enable radiusaccounting Equivalent Command set radiusaccounting status=enabled For information, see “SET RADIUSACCOUNTING” on page 437.
Chapter 23: 802.
AT-S63 Stack Command Line User’s Guide Port numbers are specified in the following format: module ID.port number For instructions, refer to “Port Numbers in Commands” on page 42. type or role mode control Specifies the role of the port. The parameters are equivalent. The options are: authenticator Specifies the authenticator role. none Disables port-based access control on the port. Controls the operating mode of an authenticator port.
Chapter 23: 802.1x Port-based Network Access Control Commands through the port. The authentication process begins when the link state of the port changes. The switch requests the identity of the client and begins relaying authentication messages between the client and the authentication server. Each client that attempts to access the network is uniquely identified by the switch by using the client's MAC address. This is the default setting. authorised or forceauthenticate Disables 802.
AT-S63 Stack Command Line User’s Guide reauthentications is set with the reauthperiod parameter. disabled Specifies that reauthentication by the client is not required after the initial authentication. Reauthentication is only required if there is a change to the status of the link between the supplicant and the switch or the switch is reset or power cycled. reauthperiod Enables periodic reauthentication of the client, which is disabled by default. The default value is 3600 seconds.
Chapter 23: 802.1x Port-based Network Access Control Commands The options are: ingress An authenticator port, when in the unauthorized state, discards all ingress broadcast and multicast packets from the client while forwarding all egress broadcast and multicast traffic to the same client. This is the default setting. both An authenticator port, when in the unauthorized state, does not forward ingress or egress broadcast and multicast packets from or to the client until the client has logged on.
AT-S63 Stack Command Line User’s Guide The options are: vlan-name Specifies the name of the Guest VLAN. vlan-id Specifies the VID of the Guest VLAN. none Removes a predefined Guest VLAN from an authenticator port. A Guest VLAN is only supported when the operating mode of the port is set to Single. The specified VLAN must already exit on the switch. vlanassignment securevlan Section VIII: Port Security Specifies whether to use the VLAN assignments entered in the user accounts on the RADIUS server.
Chapter 23: 802.1x Port-based Network Access Control Commands Description This command sets ports to the authenticator role and configures the authenticator role parameters. This command also removes port-based access control from a port. Examples The following command sets ports 1.4 to 1.6 to the authenticator role. The authentication method is set to 802.1x, meaning that the supplicants must have 802.
AT-S63 Stack Command Line User’s Guide The following command sets port 4.22 to the authenticator role and the operating mode to Multiple. This configuration is also appropriate where there is more than one supplicant on a port. But an authenticator port in the Multiple mode requires that all supplicants have their own username and password combinations on the RADIUS server and that they log on before they can use the authenticator port on the switch: set portaccess=8021x port=4.
Chapter 23: 802.1x Port-based Network Access Control Commands The following command removes port-based access control from ports 4.12 and 4.15: set portaccess port=4.12,4.
AT-S63 Stack Command Line User’s Guide SET PORTACCESS|PORTAUTH PORT ROLE=SUPPLICANT Syntax set portaccess|portauth port=port type|role=supplicant|none [authperiod=value] [heldperiod=value] [maxstart=value] [startperiod=value] [username|name=name] [password=password] Note The PORTACCESS and PORTAUTH keywords are equivalent. Parameters port Specifies the port that you want to set to the supplicant role or whose supplicant settings you want to adjust. You can specify more than one port at a time.
Chapter 23: 802.1x Port-based Network Access Control Commands startperiod Specifies the time period in seconds between successive attempts by the supplicant to establish contact with an authenticator when there is no reply. The range is 1 to 60. The default is 30. username or name Specifies the username for the switch port. The parameters are equivalent. The port sends the name to the authentication server for verification when the port logs on to the network.
AT-S63 Stack Command Line User’s Guide SET RADIUSACCOUNTING Syntax set radiusaccounting [status=enabled|disabled] [serverport=value] [type=network] [trigger=start_stop|stop_only] [updateenable=enabled|disabled] [interval=value] Parameters status Section VIII: Port Security Activates and deactivates RADIUS accounting on the switch. The options are: enabled Activates RADIUS accounting. This option is equivalent to “ENABLE RADIUSACCOUNTING” on page 425. disabled Deactivates the feature.
Chapter 23: 802.1x Port-based Network Access Control Commands Description RADIUS accounting is supported on those switch ports operating in the Authenticator role. The accounting information sent by the switch to a RADIUS server includes the date and time when clients log on and log off, as well as the number of packets sent and received by a switch port during a client session. This feature is disabled by default on the switch.
AT-S63 Stack Command Line User’s Guide SHOW PORTACCESS|PORTAUTH Syntax show portaccess|portauth=8021x|macbased Parameters portaccess or portauth Specifies the authenticator method of the port. Options are: 8021x Displays information for an 802.1x authenticator port. macbased Displays information for a MAC addressbased authenticator port. config Displays whether port-based access control is enabled or disabled on the switch. status Displays the role and status of each port.
Chapter 23: 802.1x Port-based Network Access Control Commands Examples The following command displays the 802.
AT-S63 Stack Command Line User’s Guide SHOW PORTACCESS|PORTAUTH PORT Syntax show portaccess|portauth=8021x|macbased port=port authenticator|supplicant [config] [status] Parameters portaccess or portauth Specifies the authenticator method of the port. Options are: 8021x Displays information for an 802.1x authenticator port. macbased Displays information for a MAC addressbased authenticator port. port Specifies the port whose port-based access control settings you want to view.
Chapter 23: 802.1x Port-based Network Access Control Commands Port 1 PAE Type.................. Supplicant Mode........... AuthControlPortControl.... quietPeriod............... txPeriod.................. suppTimeout............... serverTimeout............. maxReq.................... reAuthPeriod.............. reAuthEnabled............. vlanAssignment............ secureVlan................ guestVlan................. adminControlDirection..... piggyBack.................
AT-S63 Stack Command Line User’s Guide Examples The following command displays the configuration and status for port 1.10, which is an 802.1x authenticator port: show portaccess=8021x port=1.10 authenticator The following command displays the configuration and status for port 3.12 which is a MAC address-based authenticator port: show portaccess=8021x=macbased port=3.12 authenticator This command displays the port access configuration of port 4.17, which is a supplicant port: show portaccess port=4.
Chapter 23: 802.1x Port-based Network Access Control Commands SHOW RADIUSACCOUNTING Syntax show radiusaccounting Parameters None. Description This command displays the current parameter settings for RADIUS accounting, which sends updates of supplicant activity on the switch’s authenticator ports to the RADIUS server. Figure 50 is an example of the information displayed by this command. Radius Accounting Configuration ------------------------------------Radius Accounting Status ...........
AT-S63 Stack Command Line User’s Guide Radius Accounting Update Interval - Specifies the interval at which the switch sends interim accounting updates to the RADIUS server. The default is 60 seconds.
Chapter 23: 802.
Chapter 24 RADIUS Commands This chapter contains the following commands: “ADD RADIUSSERVER” on page 448 “DELETE RADIUSSERVER” on page 450 “PURGE AUTHENTICATION” on page 451 “SET AUTHENTICATION” on page 452 “SHOW AUTHENTICATION” on page 453 Note Remember to save your changes with the SAVE CONFIGURATION command. Note In Version 3.2.0 of the AT-S63 Management Software, stacks support the RADIUS protocol only for 802.1x port-based network access control.
Chapter 24: RADIUS Commands ADD RADIUSSERVER Syntax add radiusserver server|ipaddress=ipaddress order=value [secret=string] [port=value] [accport=value] Parameters server or ipaddress Specifies an IP address of a RADIUS server. The parameters are equivalent. order Specifies the order that the RADIUS servers are queried by the stack. This value can be from 1 to 3. The servers are queried starting with 1. secret Specifies the encryption key used for this server. The maximum length is 39 characters.
AT-S63 Stack Command Line User’s Guide The following command adds the RADIUS server with the IP address 149.245.22.22. In addition, it specifies the server as the third RADIUS server to be queried by the stack and has a UDP port of 3: add radiusserver ipaddress=149.245.22.22 order=3 port=3 The following command adds a RADIUS server with an IP address of 149.245.22.22. It specifies the order is 2, the encryption key is tiger74, and the UDP port is 1811: add radiusserver ipaddress=149.245.22.
Chapter 24: RADIUS Commands DELETE RADIUSSERVER Syntax delete radiusserver server|ipaddress=ipaddress Parameter server or ipaddress Specifies the IP address of a RADIUS server to be deleted from the management software. The parameters are equivalent. Description This command deletes the IP address of a RADIUS from your stack. Example The following command deletes the RADIUS server with the IP address 149.245.22.22: delete radiusserver ipaddress=149.245.22.
AT-S63 Stack Command Line User’s Guide PURGE AUTHENTICATION Syntax purge authentication Parameters None. Description This command disables authentication, returns the authentication method to TACACS+, deletes any global secret, and returns the timeout value to its default setting of 10 seconds. This command does not delete the IP address or secret of any RADIUS or TACACS+ authentication servers you may have specified.
Chapter 24: RADIUS Commands SET AUTHENTICATION Syntax set authentication method=radius [secret=string] [timeout=value] Parameters method Specifies the active authenticator protocol on the stack. Stacks only support RADIUS. secret Specifies the global encryption key of the RADIUS servers. If the servers use different encryption keys, you can leave this parameter blank and set individual encryption keys with “ADD RADIUSSERVER” on page 448.
AT-S63 Stack Command Line User’s Guide SHOW AUTHENTICATION Syntax show authentication[=radius] Parameters None. Description This command displays the following information about the RADIUS authentication protocol on the stack: Status - The status of your authenticated protocol: enabled or disabled. Authentication Method - The authentication protocol activated on your stack. The IP addresses of up to three authentication servers. The server encryption keys, if defined.
Chapter 24: RADIUS Commands 454 Section VIII: Port Security
Section IX Management Security This section contains the following chapter: Section IX: Management Security Chapter 25, “Web Server Commands” on page 457 455
Section IX: Management Security
Chapter 25 Web Server Commands This chapter contains the following commands: “DISABLE HTTP SERVER” on page 458 “ENABLE HTTP SERVER” on page 459 “PURGE HTTP SERVER” on page 460 “SHOW HTTP SERVER” on page 461 Note Remember to save your changes with the SAVE CONFIGURATION command. Note For overview information on this feature, refer to the AT-S63 Management Software Features Guide.
Chapter 25: Web Server Commands DISABLE HTTP SERVER Syntax disable http server Parameters None. Description This command disables the web server on the stack. When the server is disabled, you cannot manage the stack from a web browser. To view the current status of the web server, see “SHOW HTTP SERVER” on page 461. The default setting for the web server is enabled.
AT-S63 Stack Command Line User’s Guide ENABLE HTTP SERVER Syntax enable http server Parameters None. Description This command activates the web server on the stack. Activating the server allows you to manage the unit from a web browser. To view the current status of the web server, see “SHOW HTTP SERVER” on page 461. The default setting for the web server is enabled.
Chapter 25: Web Server Commands PURGE HTTP SERVER Syntax purge http server Parameters None. Description This command resets the HTTP server to its default values, as specified in Appendix A, “AT-S63 Default Settings” in the AT-S63 Management Software Menus Interface User’s Guide. To view the current web server settings, refer to “SHOW HTTP SERVER” on page 461.
AT-S63 Stack Command Line User’s Guide SHOW HTTP SERVER Syntax show http server Parameters None. Description This command displays the following information about the web server on the stack: Status SSL security SSL key ID Listen port SSL security and key ID are not supported in a stack.
Chapter 25: Web Server Commands 462 Section IX: Management Security
Index Numerics 802.
Index CREATE SWITCH TRUNK command 168 CREATE VLAN command 376 D default route adding 394 deleting 398 displaying 414 modifying 406 DELETE FILE command 204 DELETE IP ARP command 396 DELETE IP INTERFACE command 397 DELETE IP ROUTE command 398 DELETE LACP PORT command 180 DELETE RADIUSSERVER command 450 DELETE SNMP COMMUNITY command 109 DELETE SNMPV3 USER command 302 DELETE SWITCH FDB|FILTER command 154 DELETE SWITCH TRUNK command 170 DELETE VLAN command 379 destination port 192 DESTROY LACP AGGREGATOR comma
AT-S63 Stack Command Line User’s Guide displaying 461 enabling 459 resetting to defaults 460 I IGMP snooping configuring 272 disabling 270 displaying 275, 277 enabling 271 ingress filtering 383 IP address, stack 44 K keyword abbreviations 57 L LACP disabling 182, 187 displaying status 188 enabling 183, 187 LACP aggregator adding ports 176 changing adminkey 184 changing load distribution method 184 creating 178 deleting ports 180 destroying 181 displaying status 188 setting system priority 186 LOAD METHO
Index port mirror described 192 destination port 192 destination port, setting 193 displaying 195 setting 194 source port 192 port trunk adding 166 creating 168 deleting 170 destroying 171 displaying 173 load distribution 172 setting 172 speed, setting 172 port-based access control authenticator port, configuring 426 disabling 422 displaying 439, 441 enabling 424 RADIUS accounting 437 supplicant port, configuring 435 port-based VLAN adding ports 374 creating 376 deleting ports 379 destroying 382 displaying
AT-S63 Stack Command Line User’s Guide SET SNMPV3 ACCESS command 316 SET SNMPV3 COMMUNITY command 318 SET SNMPV3 GROUP command 320 SET SNMPV3 NOTIFY command 322 SET SNMPV3 TARGETADDR command 324 SET SNMPV3 TARGETPARAMS command 326 SET SNMPV3 VIEW command 330 SET STACK command 70 SET STP command 348 SET STP PORT command 351 SET SWITCH AGINGTIMER|AGEINGTIMER command 157 SET SWITCH CONSOLETIMER command 88 SET SWITCH INFILTERING command 383 SET SWITCH MIRROR command 193 SET SWITCH MULTICASTMODE command 353 SET
Index stacking maximum number of switches 30 topology 32 static module ID numbers described 38 displaying 72 setting 70 static multicast address 152 static port trunk described 164 static routes adding 394 deleting 398 displaying 414 modifying 406 static unicast address 152 STP activating 344 disabling 345 displaying 355 enabling 346 port, setting 351 resetting values to defaults 347 setting 348 supplicant port configuring 435 displaying 439, 441 switch configuration, displaying 94, 96, 212 distinguished n
