Switch 7700 Command Reference Guide http://www.3com.
3Com Corporation 350 Campus Drive Marlborough, MA USA 01752-3064 Copyright © 2003, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3Com Corporation.
CONTENTS ABOUT THIS GUIDE About This Software Version Organization of the Manual Intended Readership 20 Conventions 20 Related Manuals 21 1 19 19 USING SYSTEM ACCESS COMMANDS Logging in Commands 24 authentication-mode 24 auto-execute command 24 command-privilege level 25 databits 26 display history-command 27 display user-interface 27 display users 28 flow-control 29 free user-interface 29 header 30 history-command max-size 31 idle-timeout 31 lock 32 modem 32 modem auto-answer 33 modem timer answer 33 p
system-view 42 telnet 42 user-interface 43 user privilege level 43 2 USING PORT COMMANDS Ethernet Port Configuration Commands 46 description 46 display interface 46 display mirroring-group 48 display port 49 duplex 49 flow-control 50 interface 50 jumboframe 51 mac-address max-mac-count 52 mdi 52 port access vlan 53 port hybrid pvid vlan 53 port hybrid vlan 54 port link-type 55 port trunk permit vlan 56 port trunk pvid vlan 56 reset counters interface 57 shutdown 58 speed 58 vlan-vpn 59 Ethernet Port Link
garp timer leaveall 73 reset garp statistics 73 GVRP Configuration Commands display gvrp statistics 74 display gvrp status 75 gvrp 76 gvrp registration 76 4 74 USING NETWORK PROTOCOL COMMANDS IP Address Configuration Commands 80 display ip host 80 display ip interface vlan-interface 80 ip address 81 ip host 82 ARP Configuration Commands 82 arp static 82 arp timer aging 83 debugging arp 84 display arp 84 display arp timer aging 85 reset arp 86 DHCP Relay Configuration Commands 87 address-check disable 87
display ip routing-table ip_address1 ip_address2 display ip routing-table ip-prefix 109 display ip routing-table protocol 110 display ip routing-table radix 111 display ip routing-table statistics 112 display ip routing-table verbose 113 Static Route Configuration Command 114 ip route-static default-preference 114 ip route-static 115 RIP Configuration Commands 116 checkzero 116 default cost 116 display rip 117 filter-policy export 117 filter-policy import 118 host-route 119 import-route 120 network 121 peer
display ospf interface 141 display ospf lsdb 141 display ospf nexthop 142 display ospf peer 143 display ospf request-queue 143 display ospf retrans-queue 144 display ospf routing 144 display ospf vlink 145 filter-policy export 146 filter-policy import 146 import-route 147 network 148 nssa 148 ospf 149 ospf authentication-mode 150 ospf cost 150 ospf dr-priority 151 ospf mtu-enable 151 ospf network-type 152 ospf timer dead 153 ospf timer hello 154 ospf timer poll 154 ospf timer retransmit 155 ospf trans-delay
isis 171 isis authentication-mode 172 isis circuit-level 173 isis cost 173 isis dis-priority 174 isis enable 175 isis mesh-group 175 isis timer csnp 176 isis timer dead 177 isis timer hello 178 isis timer lsp 178 isis timer retransmit 179 is-level 180 log-peer-change 180 network-entity 181 preference 181 reset isis all 182 reset isis peer 182 set-overload 183 silent-interface 183 spf-delay-interval 184 spf-slice-size 185 summary 185 timer lsp-max-age 186 timer lsp-refresh 187 timer spf 187 BGP Configuration
display bgp routing-table different-origin-as 204 display bgp routing-table flap-info 205 display bgp routing-table peer 206 display bgp routing-table regular-expression 206 filter-policy export 207 filter-policy import 208 group 208 import-route 209 ip as-path acl 210 ip community-list 210 network 211 peer advertise-community 212 peer allow-as-loop 212 peer as-number 213 peer as-path-acl 213 peer connect-interface 214 peer default-route-advertise 215 peer description 215 peer ebgp-max-hop 216 peer enable 2
display route-policy 233 filter-policy export 233 filter-policy import 234 if-match { acl | ip-prefix } 235 if-match as-path 236 if-match community 236 if-match cost 237 if-match interface 237 if-match ip next-hop 238 if-match tag 239 ip ip-prefix 239 route-policy 241 Route Capacity Configuration Commands display memory limit 242 memory auto-establish disable 243 memory auto-establish enable 243 memory { safety | limit } 244 6 242 USING MULTICAST PROTOCOL COMMANDS GMRP Configuration Commands 248 debuggin
debugging pim sm 261 display pim bsr 262 display pim interface 262 display pim neighbor 263 display pim routing-table 264 display pim rp-info 265 pim 265 pim bsr-boundary 265 pim dm 266 pim sm 267 pim timer hello 267 spt-switch-threshold 268 7 USING QOS/ACL COMMANDS ACL Configuration Command List 270 acl 270 acl mode 271 display acl config 272 display acl mode 272 display acl running-packet-filter 273 display time-range 273 packet-filter 274 reset acl counter 275 rule 275 time-range 278 QoS Configuration
traffic-red 294 traffic-statistic 294 Logon user’s ACL Control Command acl 295 snmp-agent community 296 snmp-agent group 297 snmp-agent usm-user 298 8 295 USING STP COMMANDS RSTP Configuration Commands 302 display stp 302 reset stp 303 stp 304 stp bpdu-protection 305 stp cost 305 stp edged-port 306 stp loop-protection 307 stp mcheck 307 stp mode 308 stp point-to-point 308 stp port priority 309 stp priority 310 stp root primary 310 stp root secondary 311 stp root-protection 311 stp timeout-factor 312 stp
stp instance root secondary 328 stp interface 329 stp interface edged-port 330 stp interface instance cost 331 stp interface instance port priority 332 stp interface loop-protection 332 stp interface mcheck 333 stp interface point-to-point 334 stp interface root-protection 335 stp interface transit-limit 336 stp loop-protection 336 stp max-hops 337 stp mcheck 337 stp mode 338 stp point-to-point 339 stp region-configuration 339 stp root-protection 340 stp timer forward-delay 341 stp timer hello 342 stp timer
local-user 367 local-user password-display-mode 368 password 369 radius-scheme 369 service-type 370 state 371 RADIUS Protocol Configuration Commands 372 data-flow-format 372 display local-server statistics 372 display radius 373 display radius statistics 374 display stop-accounting-buffer 375 key 376 local-server 377 primary accounting 378 primary authentication 379 radius scheme 379 reset stop-accounting-buffer 380 retry 381 retry realtime-accounting 382 retry stop-accounting 383 secondary accounting 383 s
11 USING SYSTEM MANAGEMENT COMMANDS File System Management Commands 405 cd 405 copy 406 delete 406 dir 407 file prompt 408 format 409 mkdir 409 more 409 move 410 pwd 411 rename 411 reset recycle-bin 412 rmdir 412 undelete 413 Configuration File Management Commands reset saved-configuration 414 save 415 FTP Server Configuration Commands 415 display ftp-server 415 display ftp-user 416 ftp server 416 ftp timeout 416 local-user 417 password 418 service-type 418 FTP Client Commands 419 ascii 419 binary 419 bye
rmdir 427 user 427 verbose 427 TFTP Configuration Commands 428 tftp 428 tftp get 428 tftp put 429 MAC Address Table Management Commands 430 display mac-address learning 430 display mac-address aging-time 430 display mac-address 431 mac-address 432 mac-address mac-learning disable 433 mac-address max-mac-count 433 mac-address timer 434 Device Management Commands 435 boot bootloader 435 boot bootrom 435 boot bootrom 435 display backboard view 436 display bootloader 436 display cpu 437 display device 437 displ
Log Commands 456 display channel 456 display info-center 456 info-center console channel 457 info-center enable 458 info-center logbuffer 458 info-center loghost 459 info-center monitor channel 460 info-center snmp channel 460 info-center source 461 info-center timestamp 462 info-center trapbuffer 463 rename channel 464 reset logbuffer 464 reset trapbuffer 465 terminal debugging 465 terminal logging 466 terminal monitor 466 terminal trapping 467 SNMP Configuration Commands 467 display snmp-agent community 4
display rmon statistics 486 rmon alarm 487 rmon event 488 rmon history 489 rmon prialarm 490 rmon statistics 491 NTP Configuration Commands 491 debugging ntp-service 491 display ntp-service sessions 492 display ntp-service status 493 display ntp-service trace 494 ntp-service access 494 ntp-service authentication enable 495 ntp-service authentication-keyid 496 ntp-service broadcast-client 496 ntp-service broadcast-server 497 ntp-service max-dynamic sessions 497 ntp-service multicast-client 498 ntp-service mu
ABOUT THIS GUIDE This guide provides all the information you need to use the configuration commands supported by version 2.0 software on the 3Com Switch 7700. About This Software Version The software in the 3Com Switch 7700 is a subset of that used in other 3Com products. Depending on the capabilities of your hardware platform, some commands described in this guide may not be available on your Switch, although the unavailable commands may still display on the command line interface (CLI).
ABOUT THIS GUIDE Intended Readership Conventions The manual is intended for the following readers: ■ Network administrators ■ Network engineers ■ Users who are familiar with the basics of networking This manual uses the following conventions: Table 1 Icons Icon Notice Type Description Information note Information that describes important features or instructions. Caution Information that alerts you to potential loss of data or potential damage to an application, system, or device.
Related Manuals 21 Table 2 Text conventions [] Items shown in square brackets [ ] are optional. Example 1: in the command display users [all], the square brackets indicate that the parameter all is optional. You can enter the command with or without this parameter. Example 2: in the command user-interface [type] first-number [last-number] the square brackets indicate that the parameters [type] and [last-number] are both optional. You can enter a value in place of one, both or neither of these parameters.
ABOUT THIS GUIDE
1 USING SYSTEM ACCESS COMMANDS This chapter describes how to use the following commands: Logging in Commands ■ authentication-mode ■ auto-execute command ■ command-privilege level ■ databits ■ display history-command ■ display user-interface ■ display users ■ flow-control ■ free user-interface ■ header ■ history-command max-size ■ idle-timeout ■ lock ■ modem ■ modem auto-answer ■ modem timer answer ■ parity ■ quit ■ return ■ screen-length ■ send ■ service-type te
CHAPTER 1: USING SYSTEM ACCESS COMMANDS Logging in Commands authentication-mode ■ system-view ■ telnet ■ user-interface ■ user privilege level This section describes the commands that you can use to configure system access and system security. Syntax authentication-mode { password | scheme | none } View User interface view Parameter password: Requires local authentication of password at log in. scheme: Requires local or remote authentication of username and password at log in.
Logging in Commands 25 View User interface view Parameter command: Enter the command you want to run automatically at user login. Description Enter auto-execute command command to configure the Switch 7700 to automatically run a specified command. When the user logs in, the command will be executed automatically, after which the user will be disconnected. This command is usually used to connect the user to a specified device using Telnet. See the example below.
CHAPTER 1: USING SYSTEM ACCESS COMMANDS ■ 1 – Monitoring ■ 2 – Configuration ■ 3 – Management You can assign a priority level depending on user requirements. The commands that a user can access depend first on the access level assigned to the command and second on the access level assigned to the user interface. If the two levels are different, the access level assigned to the command has priority.
Logging in Commands display history-command 27 Syntax display history-command View All views Parameter None Description Use the display history-command command to view the commands previously entered during this login session, up to a specified maximum. To set the maximum number of commands to display, see history-command max-size. Example To display previously entered commands, enter the following. display history-command The commands display on screen.
CHAPTER 1: USING SYSTEM ACCESS COMMANDS The information is displayed in the following format: Idx Type Tx/Rx Modem Privi Auth I 0 AUX 0 9600 3 N * : Current user-interface is active. I : Current user-interface is active and work in async mode. Idx : Absolute index of user-interface. Type : Type and relative index of user-interface. Privi: The privilege of user-interface. Auth : The authentication mode of user-interface. A: Authenticate use AAA. L: Authenticate use local database.
Logging in Commands 29 The categories of information displayed are as follows: Table 2 Output description of the display users command Field Description I Indicates that the user interface in use. UI The first number in the column is the Index number of the interface. The three letter identifier and the number that follows are the type and type number of the user interface. flow-control Delay Indicates the interval from the latest input until now, in minutes.
CHAPTER 1: USING SYSTEM ACCESS COMMANDS index_number: Enter the index number of the user interface to be reset. Description Using this command, you can reset a specified user interface to its default settings. The user interface will be disconnected after the reset. ■ Use free user-interface type number to reset the interface with the specified type and type number to its default settings.
Logging in Commands 31 Use the undo header { shell | incoming | login } command to delete the specified header. Example To configure a header to display after connection using the control character method, enter the following. [SW7700]header shell % Enter TEXT message. End with the character '%'. SHELL : Hello! Welcome % The header text displays on the terminal when a user next logs in. To test this, quit from the session, and press Enter to restart.
CHAPTER 1: USING SYSTEM ACCESS COMMANDS View User interface view Parameter minutes: Enter the number of minutes you want to allow a user interface to remain idle before it is disconnected. This can be in the range 0 to 35791. seconds: Enter the number of seconds in addition to the number of minutes. Optional. Description ■ Use the idle-timeout command to configure the amount of time you want to allow a user interface to remain idle before it is disconnected.
Logging in Commands 33 View User interface view Parameter call-in: Enter to enable (or disable) modem call-in. both: Enter to enable (or disable) modem call-in and call-out. Description Using this command, you can configure the call-in and call-out attributes of the modem. ■ The modem call-in command allows modem call-in only. ■ The modem both command allows both modem call-in and call-out ■ The undo modem call-in command denies modem call-in.
CHAPTER 1: USING SYSTEM ACCESS COMMANDS undo modem timer answer View User interface view Parameter seconds: Specifies the time between lifting the receiver and detecting the carrier, in the range 1 second to 60 seconds. The default value is 30. Description ■ Use the modem timer answer seconds command to configure the timer answer period, in seconds, from off-hook to carrier detected when establishing a call-in connection.
Logging in Commands quit 35 Syntax quit View All views Parameter None Description Use the quit command to exit from the current view to the next highest view. If the current view is user view, this command quits the system. There are three levels of view, which are, from high to low: ■ user view ■ system view ■ menu views, for example VLAN view, Ethernet port view, and so on. Related commands: return, system-view.
CHAPTER 1: USING SYSTEM ACCESS COMMANDS undo screen-length View User interface view Parameter screen-length: Enter the maximum number of information lines that you want to display on a terminal screen, ranging from 0 to 512. The default is 24. Description ■ Use the command screen-length to configure how many information lines (maximum) will be displayed on the screen of a terminal. ■ Use the command undo screen-length to restore the default of 24 lines.
Logging in Commands 37 View Local-user view Parameter level: Enter the command level that a user can enter after Telnet login, in the range 0 to 3. The default is level 1. Description ■ Use the command service-type telnet level level to configure which level of command a user can access after login. ■ Use the command undo service-type telnet level to restore the default level of command (level 1). Commands are classified into four levels, as follows: ■ 0 - Visit level.
CHAPTER 1: USING SYSTEM ACCESS COMMANDS View User interface view Parameter cipher: Sets the authentication mode to cipher text. The password displays as encrypted text if you use this option. simple: Sets the authentication mode to plain text. The password must be in plain text. A plain text password is a sequential character string of no more than 16 digits, for example, 3Com918 password: Enter the required password text.
Logging in Commands ■ You cannot use this command on the current user interface. ■ You are asked to confirm the command. 39 Example To disable the terminal service on the VTY user interfaces 0 to 4, enter the following from another user interface: [SW7700]user-interface vty 0 4 [SW7700-ui-vty0-4]undo shell The following message will be displayed on the Telnet terminal after login: Connection to host lost.
CHAPTER 1: USING SYSTEM ACCESS COMMANDS 1.5: Sets the stop bits to 1.5. 2: Sets the stop bits to 2. Description ■ Use the stopbits command to configure the stop bits on the AUX (Console) port. ■ Use the undo stopbits command to restore the default stop bits (the default is 1). This command can only be performed in AUX user interface view.
Logging in Commands 41 undo super password level level View System view Parameter level: Enter a user level in the range 1 to 3. The default is 3. The password you enter is set for the specified level. simple: Sets the password to plain text. A plain text password is a sequential character string of no more than 16 characters, for example, 3Com918. cipher: Sets the password to cipher text. The password displays as encrypted text if you use this option. password: Enter the required password.
CHAPTER 1: USING SYSTEM ACCESS COMMANDS Example To configure the hostname of the Switch 7700 to 3Com, enter the following: [SW7700]sysname 3Com [3Com] system-view Syntax system-view View User view Parameter None Description Enter system-view to enter the system view from the user view. Related commands: quit, return. Example To enter system view from user view, enter the following: system-view Enter system view, return user view with Ctrl+Z.
Logging in Commands 43 Example To log in to the Ethernet switch Switch32 at IP address 129.102.0.1 from the current Switch (Switch01), enter the following: telnet 129.102.0.1 Trying 129.102.0.1 Connected to 129.102.0.1 user-interface Syntax user-interface [ type ] first_number [ last_number ] View System view Parameter type: Enter the user interface type, which can be AUX or VTY. Optional. first_number: Enter the number of the first (or only) user interface view to be configured.
CHAPTER 1: USING SYSTEM ACCESS COMMANDS Description ■ Use the user privilege level level command to configure the command level that a user can access from the specified user interface. The user can use all the available commands at this command level. ■ Use the undo user privilege level command to restore the default command level.
2 USING PORT COMMANDS This chapter describes how to use the following commands: Ethernet Port Configuration Commands ■ description ■ display interface ■ display mirroring-group ■ display port ■ duplex ■ flow-control ■ interface ■ jumboframe ■ mac-address max-mac-count ■ mdi ■ port access vlan ■ port hybrid pvid vlan ■ port hybrid vlan ■ port link-type ■ port trunk permit vlan ■ port trunk pvid vlan ■ reset counters interface ■ shutdown ■ speed ■ vlan-vpn Ethernet Po
CHAPTER 2: USING PORT COMMANDS Ethernet Port Configuration Commands description This section describes the commands you can use to configure and manage the ports on your Switch 7700. Syntax description text undo description View Ethernet port view Parameter text: Enter a description of the Ethernet port. This must be a maximum of 80 characters. Description ■ Use the description command to enter a description of an Ethernet port. ■ Use the undo description command to cancel the description.
Ethernet Port Configuration Commands 47 The M-Ethernet interface is always set to 0/0/0. You can use the interface_name at this command. This is made up of interface_type and interface_number parameters combined as a single parameter, for example Ethernet0/0/1. Description Using the display interface command, you can view the configuration information on the selected interface. ■ Use the command display interface to display information on all ports.
CHAPTER 2: USING PORT COMMANDS Table 3 Output description of the display interface command Field Description Ethernet1/0/1 current state Indicates the current state of the Ethernet port (enabled or disabled) IP Sending frames’ format Displays the Ethernet frame format Hardware address Displays the port hardware address Description Displays the port description The Maximum Transmit Unit Indicates the maximum transmit unit Media type Indicates the type of media loopback not set Displays th
Ethernet Port Configuration Commands 49 The information displays in the following format: mirroring-group 1 inbound Ethernet3/0/47 mirrored-to Ethernet3/0/48 This indicates that mirror-group 1 is only capturing incoming packets from the port Ethernet3/0/47 and mirroring these packet to the egress port Ethernet3/0/48 display port Syntax display port { hybrid | trunk } View All Views Parameter hybrid: Enter to display the hybrid ports. trunk: Enter to display the trunked ports.
CHAPTER 2: USING PORT COMMANDS Description Use the duplex command to configure the duplex mode of an Ethernet port to auto-negotiation, full duplex or half-duplex. Use the undo duplex command to restore the duplex mode of a port to the default mode (auto-negotiation). Related command: speed.
Ethernet Port Configuration Commands 51 ■ The slot number is a number in the range 0 to 6 (the Fabric slot is 0). ■ The subslot number is set to 0. ■ The port number is a number in the range 1 to 8 (on an 8-port Gigabit module), 1 to 24 (on a 24-port 100BASE-FX module), or 1 to 48 (on a 48-port 10/100/BASE-TX modules). The M-Ethernet interface is always set to 0/0/0. You can use the interface_name at this command.
CHAPTER 2: USING PORT COMMANDS Example To allow jumbo frame to pass through GigabitEthernet port 2/0/1, enter the following: [SW7700-GigabitEthernet2/0/1]jumboframe enable mac-address max-mac-count Syntax mac-address max-mac-count count undo mac-address max-mac-count View Ethernet port view Parameter count: Enter to specify how many MAC addresses a port can learn. This can be in the range 0 to 32768. 0 means that the port is not allowed to learn MAC addresses.
Ethernet Port Configuration Commands 53 auto: Enter to configure the use of either straight-through cable or cross-over cable. normal: Enter to configure the network cable type to straight-through cable. Not available on the Switch 7700. Description ■ Use the mdi command to configure the network cable type for an Ethernet port. ■ Use the undo mdi command to restore the default type. By default, the network cable type is recognized automatically (the mdi auto command).
CHAPTER 2: USING PORT COMMANDS Parameter vlan_id: Enter a VLAN ID in the range 1 to 409, as defined in IEEE 802.1Q. The default is 1. Description ■ Use the port hybrid pvid vlan command to configure the default VLAN ID of the hybrid port. ■ Use the undo port hybrid pvid command to restore the default VLAN ID of the hybrid port. Hybrid port can be configured together with the isolate-user-vlan. But if the default VLAN has set mapping in the isolate-user-vlan, the default VLAN ID cannot be modified.
Ethernet Port Configuration Commands 55 Description Using the command port hybrid vlan, you can add the hybrid port to a single VLAN, a series of individual VLANs or a range of VLANs. ■ Use the port hybrid vlan vlan_id command to join the hybrid port to a single VLAN. ■ Use the port hybrid vlan vlan_id vlan_id … command to join the hybrid port to two or more individual VLANs. Separate the number of each VLAN ID with a space.
CHAPTER 2: USING PORT COMMANDS Example To configure the Ethernet port Ethernet1/0/1 as a trunk port, enter the following: [SW7700-Ethernet1/0/1]port link-type trunk port trunk permit vlan Syntax port trunk permit vlan {vlan_id [to last_vlan_id] | all} undo port trunk permit vlan {vlan_id [to last_vlan_id] | all} View Ethernet port view Parameter vlan_id: Enter a VLAN ID, or more than one VLAN ID, in the range 1 to 4094. The trunk port will be added to the specified VLANs.
Ethernet Port Configuration Commands 57 View Ethernet port view Parameter vlan_id: Enter a VLAN ID in the range 1 to 4094, as defined in IEEE802.1Q. This is the VLAN that you want to be the default VLAN for a trunk port. The default is 1. Description ■ Use the port trunk pvid vlan command to configure the default VLAN ID for a trunk port. ■ Use the undo port trunk pvid command to restore the default VLAN ID for a trunk port.
CHAPTER 2: USING PORT COMMANDS You can use the interface_name at this command. This is made up of interface_type and interface_number parameters combined as a single parameter, for example Ethernet0/0/1. Description Use the reset counters interface command to reset the statistical information on the port and count the related information again on the port for the user. If you do not enter a port type, or port type and port number, information is cleared from all ports on the Switch. If 802.
Ethernet Port Configuration Commands 59 View Ethernet port view Parameter 10: Enter to set the port speed to 10 Mbps. 100: Enter to set the port speed to 100 Mbps. 1000: Enter to set the port speed to 1000 Mbps. (Only available on 10/100/1000 ports). auto: Enter to set the port speed to auto-negotiation. Description ■ Use the speed command to configure the port speed. ■ Use the undo speed command to restore the default speed. By default, the speed is auto. Related command: duplex.
CHAPTER 2: USING PORT COMMANDS Ethernet Port Link Aggregation Commands This section describes the commands you can use to configure Ethernet Port LInk Aggregation on the Switch 7700. display link-aggregation Syntax display link-aggregation [ master_port_number ] View All views Parameter master_port_number: Enter the port number of the master port in an aggregation port group.
Ethernet Port Link Aggregation Commands 61 Parameter start_port_number: Enter the first port in the range of ports that you want to add to the link aggregation. This becomes the master port in the link aggregation. end_port_number: Enter the last port in the range of ports that you want to add to the link aggregation. both: Enter to configure the sub-ports in the link aggregation to share the outgoing load on the port, depending on the source address and destination MAC address.
CHAPTER 2: USING PORT COMMANDS
3 USING VLAN COMMANDS This chapter describes how to use the following commands: VLAN Configuration Commands ■ broadcast-suppression ■ description ■ display interface VLAN-interface ■ display vlan ■ interface VLAN-interface ■ ip address ■ port ■ shutdown ■ vlan GARP Configuration Commands ■ display garp statistics ■ display garp timer ■ garp timer ■ garp timer leaveall ■ reset garp statistics GVRP Configuration Commands VLAN Configuration Commands broadcast-suppression ■ disp
CHAPTER 3: USING VLAN COMMANDS View VLAN view Parameter max-ratio: Enter the broadcast suppression ratio for the current VLAN as a percentage, in the range 0 to 100. The smaller the percentage, the less broadcast traffic is allowed through the VLAN. If you do not want to perform broadcast suppression on the VLAN, enter 100. Description ■ Use the broadcast-suppression command to limit the amount of broadcast traffic passing through a VLAN.
VLAN Configuration Commands 65 View All views Parameter vlan_id: Enter the ID number of the VLAN interface, ranging from 1 to 4094. Description Use the display interface Vlan-interface command to view the information about a specific VLAN interface, or all VLAN interfaces.
CHAPTER 3: USING VLAN COMMANDS Description Use the display vlan command to view related information about specific VLANs, specific types of VLAN or all VLANs. The information includes: VLAN type, whether the Route interface has been configured on the VLAN, the Broadcast Suppression max-ratio, the VLAN description, and a list of the tagged and untagged ports that belong to the VLAN. ■ Use the command display vlan to display a summary of the VLAN IDs of all VLANs configured on the system.
VLAN Configuration Commands 67 Parameter vlan_id: Enter the ID of the VLAN interface you want to configure, in the range 1 to 4094. Note that VLAN1 is the default VLAN and cannot be deleted. Description ■ Use the interface VLAN-interface command to enter a VLAN interface view and use the related configuration commands. ■ Use the undo interface VLAN-interface command to exit the current VLAN interface. Related command: display interface VLAN-interface.
CHAPTER 3: USING VLAN COMMANDS undo port { interface_type interface_number } [ to { interface_type interface_number } ] View VLAN view Parameter interface_type: Enter the interface type of the port or ports you want to add to the VLAN. This can be either Ethernet or GigabitEthernet. interface_number: Enter the interface number of the port you want to add to the VLAN. This must not be a trunk port. If you want to add a range of ports, enter the interface number of the first port in the range..
VLAN Configuration Commands 69 View VLAN interface view. Parameter None Description ■ Use the shutdown command to disable the VLAN interface. ■ Use the undo shutdown command to re-enable the VLAN interface. By default, when all Ethernet ports are in DOWN status in VLAN interface, the VLAN interface is in DOWN status, i.e. disabled status. When one or more Ethernet ports in VLAN interface are in UP status, the VLAN interface is UP.
CHAPTER 3: USING VLAN COMMANDS GARP Configuration Commands display garp statistics This section describes the commands you can use to configure and manage the Generic Attribute Registration Protocol (GARP) on your Switch 7700. Syntax display garp statistics [ interface interface_type interface_number [to interface_type interface_number ]] View All views Parameter interface_type: Enter an interface type. This can be either Ethernet or GigabitEthernet. interface_number: Enter an interface number.
GARP Configuration Commands 71 The information displays in the following format: GARP statistics on port Ethernet1/0/1 Number Of GMRP Frames Received Number Of GVRP Frames Received Number Of GMRP Frames Transmitted Number Of GVRP Frames Transmitted Number Of Frames Discarded : : : : : 0 0 0 0 0 The above table indicates that the number of GVRP and GMRP packets received and sent on Ethernet port 1/0/1 is 0, and that the number of discarded packets is 0.
CHAPTER 3: USING VLAN COMMANDS This command displays the following GARP timer statistics: Join time, Leave time, LeaveAll time and Hold time. Related commands: garp timer, garp timer leaveall.
GARP Configuration Commands 73 Example To set the Join timer of GARP to 30 centiseconds (300 ms) on port Ethernet 1/0/1, enter the following: [SW7700-Ethernet1/0/1]garp timer join 30 garp timer leaveall Syntax garp timer leaveall timer_value undo garp timer leaveall View System view Parameter timer_value: Enter the value of the GARP LeaveAll timer in centiseconds, in the range 10 to 32765. By default, the LeaveAll timer is set to 1000 centiseconds, that is 10 seconds.
CHAPTER 3: USING VLAN COMMANDS ■ The port number is a number in the range 1 to 8 (on an 8-port Gigabit module), 1 to 24 (on a 24-port 100BASE-FX module), or 1 to 48 (on a 48-port 10/100/BASE-TX modules). You can use the interface_name at this command. This is made up of interface_type and interface_number parameters combined as a single parameter, for example Ethernet0/0/1.
GVRP Configuration Commands 75 You can use the interface_name at this command. This is made up of interface_type and interface_number parameters combined as a single parameter, for example Ethernet0/0/1. to interface_type interface_number If you want to display statistics on a range of ports, use this parameter to indicate the last port in the range. This parameter is optional. You can enter up to ten interface_type and interface_number parameters at one display gvrp statistics command.
CHAPTER 3: USING VLAN COMMANDS Example To display GVRP status, enter the following: display gvrp status GVRP is enabled gvrp Syntax gvrp undo gvrp View System view/Ethernet port view Parameter None Description ■ Use the gvrp command to enable GVRP. You must enable GVRP globally from System view before you can enable GVRP per port from Ethernet port view. GVRP can only be enabled on a trunk port; in addition, GVRP must be enabled on both ends of a trunk link.
GVRP Configuration Commands 77 Description ■ Use the gvrp registration command to configure the GVRP registration type. ■ Use the undo gvrp registration command to restore the default type. By default, the registration type is normal. This command can be only used on a trunk port. Related commands: display gvrp statistics.
CHAPTER 3: USING VLAN COMMANDS
4 USING NETWORK PROTOCOL COMMANDS This chapter describes how to use the following commands: IP Address Configuration Commands ■ display ip host ■ display ip interface vlan-interface ■ ip address ■ ip host ARP Configuration Commands ■ arp static ■ arp timer aging ■ debugging arp ■ display arp ■ display arp timer aging ■ reset arp DHCP Relay Configuration Commands ■ address-check disable ■ address-check enable ■ debugging dhcp-relay ■ dhcp-security static ■ dhcp-server ■ dhcp-
CHAPTER 4: USING NETWORK PROTOCOL COMMANDS IP Address Configuration Commands display ip host ■ tcp timer fin-timeout ■ tcp timer syn-timeout ■ tcp window This section describes the commands you can use to configure and manage IP Addressing on your Switch 7700. Syntax display ip host View All views Parameter None Description Use the display ip host command to display all host names and their corresponding IP addresses.
IP Address Configuration Commands 81 Example To display information on VLAN-Interface 1, enter the following: display ip interface vlan-interface 1 The information displays in the following format: Vlan-interface1 current state : DOWN Line protocol current state : DOWN Internet Address is 1.1.1.1/8 Primary Broadcast address : 1.1.255.
CHAPTER 4: USING NETWORK PROTOCOL COMMANDS 255.255.0.0. You can confirm that the subnet address is 202.38.0.0 by performing the logic operation “AND” on the IP address and mask. Related commands: ip route, display ip interface, display interface. Example To configure VLAN-Interface 2 to have an IP address of 202.38.10.66, and a subnet mask of 255.255.255.0, enter the following: [SW7700-vlan-interface2]ip address 202.38.10.66 255.255.255.
ARP Configuration Commands 83 Parameter ip_address: Enter the IP address of the ARP mapping entry. mac_address: Enter the Ethernet MAC address of the ARP mapping entry, in the format H-H-H (H indicates a four digit hexadecimal number, for example 00e0-fc01-0000). vlan_id: Enter the ID number of the local VLAN that you want to use to send frames to this address. The VLAN ID can be in the range 1 to 4094. Optional.
CHAPTER 4: USING NETWORK PROTOCOL COMMANDS Description ■ Use the arp timer aging command to configure the dynamic ARP aging timer. ■ Use the undo arp timer aging command to restore the default time of 30 minutes. Related commands: display arp timer aging Example To configure the dynamic ARP aging timer to 10 minutes, enter the following: [SW7700]arp timer aging 10 debugging arp Syntax debugging arp { packet | status } undo debugging arp { packet | status } View User view.
ARP Configuration Commands 85 static: Enter to display the static ARP entries in the ARP mapping table. timer aging: Enter to display the current ARP aging time. proxy interface vlan-interface vlan_id: : Enter to display the ARP proxy status for the selected VLAN ID. ip_address: Enter to display ARP mapping entries for the specified IP address. Description Using the display arp command, you can display the ARP mapping table entries by entry type, or by a specified IP address.
CHAPTER 4: USING NETWORK PROTOCOL COMMANDS Example To display the current setting of the dynamic ARP aging timer, enter the following: [SW7700] display arp timer aging The information displays in the following format: Current ARP aging time is 10 minute(s) reset arp Syntax reset arp [ dynamic | static | interface interface_type interface_number ] View User view Parameter dynamic: Enter to clear the dynamic ARP mapping entries. Note that dynamic ARP entries start re-learning immediately.
DHCP Relay Configuration Commands DHCP Relay Configuration Commands address-check disable 87 This section describes the commands you can use to configure and manage the Dynamic Host Configuration Protocol (DHCP) operations on your Switch 7700. Syntax address-check disable View VLAN interface view Parameter None Description Use the address-check disable command to disable the security features of DHCP relay and disable the user address validity check on a VLAN interface.
CHAPTER 4: USING NETWORK PROTOCOL COMMANDS View User view Parameter None Description ■ Use the debugging dhcp-relay command to enable DHCP relay debugging. ■ Use the undo debugging dhcp-relay command to disable DHCP relay debugging. By default, DHCP relay debugging is disabled. Related commands: dhcp-server ip, dhcp-server, display dhcp-server vlan.
DHCP Relay Configuration Commands dhcp-server 89 Syntax dhcp-server group_number undo dhcp-server View VLAN interface view Parameter group_number: Enter the DHCP Server group number. Description ■ Use the dhcp-server command to associate a VLAN interface with a DHCP Server group. DHCP Server requests are forward to the server associated with this group from the specified interface. ■ Use the undo dhcp-server command to remove the VLAN interface from the selected DHCP Server group.
CHAPTER 4: USING NETWORK PROTOCOL COMMANDS Description ■ Use the dhcp-server ip command to configure the IP address of the DHCP Server used by the DHCP Server group. ■ Use the undo dhcp-server ip command to delete the IP addresses of all DHCP Servers in DHCP Server group. This command has fewer parameters when entered in VLAN interface view. Refer to dhcp-server for details. Related commands: dhcp-server, debugging dhcp-relay.
DHCP Relay Configuration Commands 91 Table 5 Description of the display dhcp-security information display dhcp-server Field Description IP Address IP address of the DHCP Server group MAC Address User MAC address of the DHCP Server group Type Type of user address table entry, can be either dynamic or static. Syntax display dhcp-server group_number View All views. Parameter group_number: Enter a DHCP Server group number.
CHAPTER 4: USING NETWORK PROTOCOL COMMANDS Parameter vlan_id: Enter the VLAN interface number. Description Use the display dhcp-server interface vlan-interface command to display the information on the DHCP Server group corresponding to a specific VLAN interface. Related commands: dhcp-server, debugging dhcp-relay.
IP Performance Configuration Commands 93 The information displays in the following format: IP Protocol: Sent packets: sent out: 67, forwarded: 0, raw packets: discarded: 0, routing failed: 98 Received packets: total:782477, local host: 6500, format error: checksum error:0, option error: 0, protocol error: discarded for TTL exceeded: 0 Fragmented packets: total: 0, timeout: 0, sent: 0 ICMP protocol: Sent packets: redirected: echo replied: src quenched: time exceeded: Received packets: format error: unreach
CHAPTER 4: USING NETWORK PROTOCOL COMMANDS The information displays in the following format: Received packets: Total: 753 packets in sequence: 412 (11032 bytes) window probe packets: 0, window update packets: 0 checksum error: 0, offset error: 0, short error: 0 duplicate packets: 4 (88 bytes), partially duplicate packets: 5 (7 bytes) out-of-order packets: 0 (0 bytes) packets of data after window: 0 (0 bytes) packets received after close: 0 ACK packets: 481 (8776 bytes) duplicate ACK packets: 7, too muc
IP Performance Configuration Commands 95 View System view. Parameters redirects: Enter to send redirection packets to CPU. ttl-expires: Enter to send TTL timeout packets to CPU. unreachables: Enter to send route unreachable packets to CPU. Description ■ Use the ip command to configure the Switch 7700 to send redirection packets, TTL timeout packets or route unreachable packets to CPU for further processing. By default, TTL timeout packets are sent to CPU.
CHAPTER 4: USING NETWORK PROTOCOL COMMANDS Description Use the reset tcp statistics command to reset the TCP statistics information. Related commands: display tcp statistics Example To reset the TCP statistics information, enter the following: reset tcp statistics tcp timer fin-timeout Syntax tcp timer fin-timeout wait_time undo tcp timer fin-timeout View System view Parameter wait_time: Enter the TCP fin-wait time in seconds, in the range 76 to 3600. The default is 675 seconds.
IP Performance Configuration Commands 97 Description ■ Use the tcp timer syn-timeout command to configure the TCP syn-wait time. ■ Use the undo tcp timer syn-timeout command to restore the default value of the timer. TCP will enable the synwait timer when a SYN packet is sent. The TCP connection will be terminated if the response packet is not received before the timer expires. Related command: tcp timer fin-timeout, tcp window.
CHAPTER 4: USING NETWORK PROTOCOL COMMANDS
5 USING ROUTING PROTOCOL COMMANDS This chapter describes how to use the following commands: Routing Table Display Commands ■ display ip routing-table ■ display ip routing-table acl ■ display ip routing-table ip_address ■ display ip routing-table ip_address1 ip_address2 ■ display ip routing-table ip-prefix ■ display ip routing-table protocol ■ display ip routing-table radix ■ display ip routing-table statistics ■ display ip routing-table verbose Static Route Configuration Command ■ ip ro
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS ■ rip metricout ■ rip output ■ rip split-horizon ■ rip version ■ rip work ■ summary OSPF Configuration Commands ■ abr-summary ■ area ■ asbr-summary ■ authentication-mode ■ default cost ■ default interval ■ default limit ■ default tag ■ default type ■ default-cost ■ default-route-advertise ■ display ospf abr-asbr ■ display ospf asbr-summary ■ display ospf brief ■ display ospf cumulative ■ display ospf error ■ displa
■ ospf authentication-mode ■ ospf cost ■ ospf dr-priority ■ ospf mtu-enable ■ ospf network-type ■ ospf timer dead ■ ospf timer hello ■ ospf timer poll ■ ospf timer retransmit ■ ospf trans-delay ■ peer ■ preference ■ reset ospf all ■ router id ■ silent-interface ■ spf-schedule-interval ■ stub ■ vlink-peer Integrated IS-IS Configuration Commands ■ area-authentication- mode ■ default-route-advertise ■ display isis interface ■ display isis lsdb ■ display isis me
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS ■ isis mesh-group ■ isis timer csnp ■ isis timer dead ■ isis timer hello ■ isis timer lsp ■ isis timer retransmit ■ is-level ■ log-peer-change ■ network-entity ■ preference ■ reset isis all ■ reset isis peer ■ set-overload ■ silent-interface ■ spf-delay-interval ■ spf-slice-size ■ summary ■ timer lsp-max-age ■ timer lsp-refresh ■ timer spf BGP Configuration Commands ■ aggregate ■ bgp ■ compare-different-as- med ■
■ display bgp routing-table community ■ display bgp routing-table community-list ■ display bgp routing-table dampening ■ display bgp routing-table different-origin-as ■ display bgp routing-table flap-info ■ display bgp routing-table peer ■ display bgp routing-table regular-expression ■ filter-policy export ■ filter-policy import ■ group ■ import-route ■ ip as-path acl ■ ip community-list ■ network ■ peer advertise-community ■ peer allow-as-loop ■ peer as-number ■ peer
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS ■ summary automatic ■ timer IP Routing Policy Commands ■ apply as-path ■ apply community ■ apply cost ■ apply cost-type ■ apply ip next-hop ■ apply local-preference ■ apply origin ■ apply tag ■ display ip ip-prefix ■ display route-policy ■ filter-policy export ■ filter-policy import ■ if-match { acl | ip-prefix } ■ if-match as-path ■ if-match community ■ if-match cost ■ if-match interface ■ if-match ip next-hop ■ if-ma
Routing Table Display Commands 105 View All views Parameter None Description Using the display ip routing-table command, you can view a summary of routing table information Each line in the table represents one route. The displayed information includes destination address/mask length, protocol, preference, cost, next hop and output interface. Only the currently used route, that is the best route, is displayed.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Description Using the display ip routing-table acl command, you can view the route filtered through the specified access control list (ACL). This command is used to display the routes that passed the filtering rules in the specified ACL. The command only displays routes that passed basic ACL filtering rules.
Routing Table Display Commands 107 Protocol: #Static Preference: 60 *NextHop: 2.1.1.1 Interface: 2.1.1.1(LoopBack1) Vlinkindex: 0 State: Age: 3:47Metric: 0/0 **Destination: 169.0.0.0 Mask: 255.254.0.0 Protocol: #Static Preference: 60 *NextHop: 2.1.1.1 Interface: 2.1.1.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Example There is corresponding route in natural mask range. Display the summary. display ip routing-table 169.0.0.0 Routing Tables: Summary count:1 Destination/Mask Proto Pre Cost Nexthop 169.0.0.0/16 Static 60 0 2.1.1.1 Interface LoopBack1 There are corresponding routes in the natural mask range. Display the detailed information. display ip routing-table 169.0.0.
Routing Table Display Commands 109 Example To display the routing information of destination addresses ranging from 1.1.1.0 to 2.2.2.0., with a subnet mask of 24, enter the following: display ip routing-table 1.1.1.0 24 2.2.2.0 24 The information displays in the following format: Routing tables: Summary count: 3 Destination/Mask Proto 1.1.1.0/24 DIRECT Vlan-interface1 1.1.1.1/32 DIRECT 2.2.2.0/24 DIRECT Vlan-interface2 display ip routing-table ip-prefix Pre Cost 0 0 0 0 0 0 Nexthop 1.1.1.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS To display the information on the active and inactive routes for prefix list abc2, enter the following: display ip routing-table ip-prefix abc2 verbose The information displays in the following format: Routes matched by ip-prefix abc2: Generate Default: no + = Active Route, - = Last Active, # = Both* = Next hop in use Summary count:4 **Destination: 127.0.0.0 Mask: 255.0.0.0 Protocol: #Direct Preference: 0 *NextHop: 127.0.0.1 Interface: 127.0.0.
Routing Table Display Commands ■ ospf: Displays OSPF route information. ■ ospf-ase: Displays OSPF ASE route information. ■ ospf-nssa: Displays OSPF NSSA route information. ■ rip: Displays RIP route information. 111 inactive: Enter to display the inactive route information. Without this parameter, the command displays both active and inactive route information. Optional. verbose: Enter to display the verbose route information. Without this parameter, the command displays the route summary.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS View All views Parameter None Description Using the display ip routing-table radix command, you can view the route information in a tree structure. Example To display the route infromation, enter the following: display ip routing-table radix The information displays in the following format: Radix tree for INET (2) inodes 7 routes 5: +-32+--{210.0.0.1 +--0+ | | +--8+--{127.0.0.0 | | | +-32+--{127.0.0.1 | +--1+ | +--8+--{20.0.0.0 | +-32+--{20.1.1.
Routing Table Display Commands 113 The information displays in the following format: Routing Proto DIRECT RIP STATIC OSPF O_ASE O_NSSA Total display ip routing-table verbose tables: route 5 0 0 0 0 0 5 active 4 0 0 0 0 0 4 added 5 0 0 0 0 0 5 deleted 0 0 0 0 0 0 0 freed 0 0 0 0 0 0 0 Syntax display ip routing-table verbose View All views Parameter None Description Use the display ip routing-table verbose command to display the verbose routing table information.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS *NextHop: 2.2.2.1 Interface: 2.2.2.1(Vlan-interface2) State: Age: 20:08:05 Metric: 0/0 The meanings of the parameters are explained in the following table: Table 6 Routing table information Descriptor Meaning Holddown The number of holddown routes.
Static Route Configuration Command ip route-static 115 Syntax ip route-static ip_address ip_mask { interface_name | gateway_address } [ preference { preference_value } | reject | blackhole ] undo ip route-static ip-address { mask | mask_length } [ interface_name | gateway_address ] [ preference preference_value ] View System view Parameter ip-address: Enter the destination IP address. ip_mask: Enter either the IP subnet mask (x.x.x.x), or the subnet mask length (in the range 0 to 32). interface_name .
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS RIP Configuration Commands This section describes the commands you can use to configure the Routing Information Protocol (RIP). When the Switch 7700 runs a routing protocol, it is able to perform the functions of a router. The term router in this section can refer either to a physical router or to the Switch 7700 running a routing protocol.
RIP Configuration Commands 117 Description Using the default cost command, you can set the default routing cost of an imported route. Using the undo default cost command, you can restore the default value. If you do not specify a routing cost when using the import-route command, the default cost you specify here is used. Related command: import-route.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS undo filter-policy { acl_number | ip-prefix ip_prefix-name } export [ routing_protocol ] View RIP view Parameter acl_number: Enter the number of the access control list that you want to use to filter the destination addresses of the routing information. ip_prefix_name: Enter the name of the address prefix list that you want to use to filter the destination addresses of the routing information.
RIP Configuration Commands 119 Parameter gateway ip_prefix_name Enter the name of the address prefix list. This is used to filter the addresses of this neighboring routers advertising the routing information. acl_number Enter an Access Control List (ACL) number. This is used to filter the destination addresses of the routing information. ip_prefix_name Enter the name of the address prefix list. This is used to filter the destination addresses of the routing information.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Example To configure RIP to reject a host route, enter the following: [SW7700-rip]undo host-route import-route Syntax import-route protocol [ cost value ] [ route-policy route_policy_name ] undo import-route protocol View RIP view Parameter protocol Enter the routing protocol to be imported. This can be one of the following: direct, bgp, ospf, ospf-ase, ospf-nssa or static. value Enter the cost value of the route to be imported.
RIP Configuration Commands network 121 Syntax network network_address undo network network_address View RIP view Parameter network_address: Enter the IP network address of an interface. Description Using the network command, you can enable Routing Information Protocol (RIP) on the interface of a specified network segment connected to the router. Using the undo network command, you can disable RIP on the interface. By default, RIP is disabled on an interface.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Description Using the peer command, you can configure the destination address of the peer device. Using the undo peer command, you can cancel the set destination address. By default, there is no destination address. 3Com recommends that you do not use this command. RIP can use unicast to exchange information with non-broadcasting networks. If required, you can use this command to specify the destination address of the peer device.
RIP Configuration Commands 123 Description Use the reset command to reset the system configuration parameters of RIP. When you need to re-configure parameters of RIP, this command can be used to restore to the default setting. Example Reset the RIP system. [SW7700-rip]reset rip Syntax rip undo rip View System view Parameter None Description Using the rip command, you can enable RIP and enter the RIP command view. From here, you can configure RIP using the other commands described in this section.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS string: Enter the MD5 cipher text authentication key. id: Enter an MD5 cipher text authentication identifier, ranging from 1 to 255. nonstandard: Enter to set the MD5 cipher text authentication packet to use a nonstandard packet format (as described in RFC2082). usual: Enter to set the MD5 cipher text authentication packet to use the general packet format (as described in RFC1723).
RIP Configuration Commands 125 [SW7700-Vlan-interface1]rip authentication-mode md5 type nonstandard To set MD5 authentication on Vlan-interface 1 with the key string set to “aaa” and the packet type set to usual, enter the following: [SW7700]interface Vlan-interface 1 [SW7700-Vlan-interface1]rip version 2 [SW7700-Vlan-interface1]rip authentication-mode md5 key-string aaa [SW7700-Vlan-interface1]rip authentication-mode md5 type usual rip input Syntax rip input undo rip input View VLAN interface view Pa
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Description Using the rip metricin command, you can configure an additional route metric to be added to the route when an interface receives RIP packets. Using the undo rip metricin command, you can restore the default value of this additional route metric. Related command: rip metricout.
RIP Configuration Commands 127 Parameter None Description Using the rip output command, you can allow an interface to transmit RIP packets/ Using the undo rip output command, you can disable an interface to transmit RIP packets. By default, all interfaces except loopback interfaces are able to transmit RIP packets. This command is used in conjunction with two other commands: rip input and rip work..
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS rip version Syntax rip version 1 rip version 2 [ broadcast | multicast ] undo rip version View VLAN interface view Parameter 1 Enter to set the interface version to RIP-1. 2 Enter to set the interface version to RIP-2. broadcast Enter to set the transmission mode of an RIP-2 packet to broadcast. multicast Enter to set the transmission mode of an RIP-2 packet to multicast.
RIP Configuration Commands 129 Parameter None Description Using the rip work command, you can enable the running of RIP on an interface. This is the default. Using the undo rip work command, you can disable the running of RIP on an interface. This command is used in conjunction with the rip input, rip output and network commands. Refer to the descriptions of these commands for details. Related commands: network, rip input, rip output.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Example To set the RIP version on the interface Vlan-interface 1 to RIP-2, and then disable the route aggregation, enter the following: [SW7700]interface Vlan-interface 1 [SW7700-Vlan-interface1]rip version 2 [SW7700-Vlan-interface1]quit [SW7700]rip [SW7700-rip]undo summary OSPF Configuration Commands This section describes the commands you can use to configure the Open Shortest Path First (OSPF) routing protocol.
OSPF Configuration Commands area 131 Syntax area area_id undo area area_id View OSPF view Parameter area_id: Enter the ID of the OSPF area. This can either be in IP address format, or as a number in the range 0 to 4294967295. Description Using the area command, you can enter an OSPF area view. Using the undo area command, you can exit from the OSPF area view. Example To enter the OSPF area view 0, enter the following: [SW7700-ospf]area 0 [SW7700-ospf-area-0.0.0.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS After the summarization of imported routes is configured, if the local router is an autonomous system border router (ASBR), this command summarizes the imported Type-5 LSAs in the summary address range. When NSSA is configured, this command will also summarize the imported Type-7 LSAs in the summary address range. If the local router acts as both an ABR and a router in the NSSA, this command summarizes Type-5 LSAs transformed from Type-7 LSAs.
OSPF Configuration Commands 133 Example To set the OSPF area 0 to support MD5 cipher text authentication, enter the following: [SW7700-ospf-area-0.0.0.0]authentication-mode md5 default cost Syntax default cost value undo default cost View OSPF view Parameter value Enter the default routing cost of the external route imported by OSPF, in the range 0 to 16777215. Description Using the default cost command, you can configure the default routing cost of an external route imported by OSPF.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Using the undo default interval command, you can restore the default value of 1 second. OSPF requires a default interval when redistributing a route found by other routing protocols.
OSPF Configuration Commands 135 Description Using the default tag command, you can configure the default tag of OSPF when it redistributes an external route. Using the undo default tag command, you can restore the default tag of OSPF when it redistributes the external route. OSPF requires a default tag when redistributing a route found by other routing protocols. Related command: default type.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS View OSPF Area view Parameter value Enter the cost value of the default route transmitted by OSPF to the STUB or NSSA area, in the range 0 to 16777215. The default value is 1. Description Using the default-cost command, you can configure the cost of the route transmitted by OSPF to the STUB or NSSA area. Using the undo default-cost command, you can restore the default cost of the default route transmitted by OSPF to the STUB or NSSA.
OSPF Configuration Commands 137 Description Using the default-route-advertise command, you can import the default route to the OSPF route area. Using the undo default-route-advertise command, you can cancel the import of default route. This is the default. The import-route command cannot import the default route. When local router is not configured with default route, the keyword always should be used by ase lsa to generate default route. Related command: import-route.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS View All views Parameter ip_address Enter an IP address. ip_mask Enter an IP subnet mask. Description Using the display ospf asbr-summary command, you can view the summary information of an OSPF imported route, or all OSPF imported routes. If you do not specify an IP address and subnet mask, the summary information of all OSPF imported routes is displayed. Related command: asbr-summary.
OSPF Configuration Commands 139 Example To display OSPF summary information, enter the following: display ospf brief The information displays in the following format: RouterID: 10.110.95.189 Border Router: AS spf-schedule-interval: 5 Routing preference: Inter/Intra: 10 External: 150 Default ASE parameters: Metric: 1 Tag: 0.0.0.1 Type: 2 SPF computation count: 16 Area Count: 1 Nssa Area Count: 0 Area 0.0.0.0: Authtype: none Flags: <> SPF scheduled: <> Interface: 201.1.1.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Area 0.0.00.0: Neighbors: 1 Interfaces: 1 Spf: 54 Checksum Sum F020 rtr: 2 net: 0 sumasb: 0 sumnet: 1 Area 0.0.0.1: Neighbors: 0 Interfaces: 1 Spf: 19 Checksum Sum 14EAD rtr: 1 net: 0sumasb: 1sumnet: 1 Routing Table: Intra Area: 2 Inter Area: 0ASE: 1 display ospf error Syntax display ospf error View All views Parameter None Description Using the display ospf error command, you can view OSPF error information.
OSPF Configuration Commands display ospf interface 141 Syntax display ospf interface [ interface_type interface_number ] View All views Parameter interface_type Enter the interface type. interface_number Enter the port number. Description Using the display ospf interface command, you can view OSPF interface information for a specified port, or for all ports. The information displayed includes OSPF configuration and running state.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS The information displays in the following format: Link State Database Area: 0.0.0.0 TypeLinkStateID AdvRouter Age Len Stub 10.10.0.0 0.0.0.1 388 24 Rtr 0.0.0.1 0.0.0.1 362 48 Rtr 0.0.0.2 0.0.0.2 389 48 SNet 10.110.0.0 0.0.0.1 193 28 Area: 0.0.0.1 TypeLinkStateID AdvRouter Age Len Stub 10.110.0.0 0.0.0.1 2074 24 Rtr 0.0.0.1 0.0.0.1 363 36 SNet 10.10.0.0 0.0.0.1 193 28 ASB 0.0.0.2 0.0.0.1 193 28 AS External Database TypeLinkStateIDAdvRouter Age Len ASE 2.2.0.
OSPF Configuration Commands 143 The information displays in the following format: Address Type Refcount Intf Addr Intf Name -------------------------------------------------------------------202.38.160.1 Direct 3 202.38.160.1 Vlan-interface2 202.38.160.2 Neighbor 1 202.38.160.1 Vlan-interface2 display ospf peer Syntax display ospf peer [ brief ] View All views Parameter None Description Using the display ospf peer command, you can view detailed OSPF peer information.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS View All views Parameter None Description Using the display ospf request-queue command, you can view information about the OSPF request-queue. Example To display the information on the OSPF request-queue, enter the following: display ospf request-queue The information displays in the following format: The Router's Neighbors is RouterID: 1.1.1.1 Address: 1.1.1.1 Interface: 1.1.1.3 Area: 0.0.0.0 LSID:1.1.1.3 AdvRouter:1.1.1.
OSPF Configuration Commands 145 View All views Parameter None Description Using the display ospf routing command, you can view the information about the OSPF routing table. Example To view information on the OSPF routing table, enter the following: display ospf routing The information displays in the following format: Routing for Destination 10.110.0.0 10.10.0.0 Routing for Destination 2.2.0.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS filter-policy export Syntax filter-policy { acl_number | ip-prefix ip_prefix_name } export [ routing_protocol ] undo filter-policy {acl_number | ip-prefix ip_prefix-name} export [ routing_protocol ] View OSPF view Parameter acl_number Enter an access control list number. ip_prefix_name: Enter the name of the address prefix list. routing_protocol Enter the protocol advertising the routing information.
OSPF Configuration Commands 147 gateway ip_prefix_name Enter the name of address prefix list used for filtering the addresses of the neighboring routers advertising the routing information. Description Using the filter-policy import command, you can configure how OSPF filters the routing information received. Only the routing information that meets these conditions is can be received. Using the undo filter-policy import command, you can cancel the filtering of the received routing information received.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Example To configure an imported RIP route with the route of type 2, a route tag of 33 and a route cost of 50, enter the following: [SW7700-ospf]import-route rip type 2 tag 33 cost 50 network Syntax network ip_address ip_mask undo network ip_address ip_mask View OSPF Area view Parameter ip_address Enter the IP address of the network segment where the interface is located.
OSPF Configuration Commands 149 Parameter default-route-advertise Enter to import the default route to the NSSA area. no-import-route Enter to block the import of the default route to the NSSA area. no-summary: ABR is disabled to transmit summary_net LSAs to the NSSA area. Description Using the nssa command, you can configure the type of an OSPF area as an NSSA area. Using the undo nssa command, you can cancel the function. By default, NSSA area is not configured.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Example To enable the running of the OSPF protocol, enter the following: [SW7700]ospf ospf authentication-mode Syntax ospf authentication-mode { simple password | md5 key_id key } undo ospf authentication-mode { simple | md5 } View VLAN interface view Parameter simple password Enter a password of no more than 8 characters. key_id Enter the ID of the MD5 authentication key, in the range from 1 to 255. key Enter the MD5 authentication key.
OSPF Configuration Commands 151 View VLAN interface view Parameter value Enter the cost for running the OSPF protocol, in the range 1 to 65535. Description Using the ospf cost command, you can configure the cost of sending messages from each interface. Using the undo ospf cost command, you can restore the default costs.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS View VLAN interface view Parameter None. Description Using the ospf mtu-enable command, you can enable the interface to write the MTU value when sending DD packets. Using the undo ospf mtu-enable command, you can restore the default. By default, the MTU value is 0 when sending DD packets, that is the MTU value of the interface is not written.
OSPF Configuration Commands 153 ■ Non-Broadcast Muli-access (nbma): If Frame Relay, ATM, HDLC or X.25 is adopted, OSPF defaults the network type to NBMA. ■ Point-to-Multipoint (p2mp): OSPF will not default the network type of any link layer protocol to p2mp. The general undertaking is to change a partially connected NBMA network to p2mp network if the NBMA network is not fully-meshed. ■ Point-to-point (p2p): If PPP, LAPB or POS is adopted, OSPF defaults the network type to p2p.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS If no Hello message is received from a neighbor in the specified time, the neighbor is considered invalid. The timer dead value should be at least four times that of the timer hello value. The timer dead value for routers on the same network segment must be identical. Related commands: ospf timer hello.
OSPF Configuration Commands 155 Parameter seconds Enter the the poll Hello interval in seconds, in the range 1 to 65535. The default value is 120 seconds. Description Using the ospf timer poll command, you can configure the poll Hello packet interval. Using the undo ospf timer poll command, you can restore the default poll interval. The Poll interval should be at least three times the Hello interval.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS ospf trans-delay Syntax ospf trans-delay value undo ospf trans-delay View VLAN interface view Parameter value Enter the LSA transmission delay, in seconds, in the range 1 to 3600. By default, the value is 1 second. Description Using the ospf trans-delay command, you can configure the LSA transmission delay on an interface. Using the undo ospf trans-delay command, you can restore the default value of the LSA transmission delay.
OSPF Configuration Commands 157 Example To configure the IP address of the neighboring router to 10.1.1.1, enter the following: [SW7700]peer 10.1.1.1. preference Syntax preference [ ase ] value undo preference [ ase ] View OSPF view Parameter value Enter the OSPF protocol route preference, ranging from 1 to 255. ase Enter to indicate the preference of an imported external route of the AS. Description Using the preference command, you can configure the OSPF protocol route preference.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS ■ If the Router ID changes, a new Router ID takes effect to execute the command. ■ Re-elect DR and BDR conveniently. ■ OSPF configuration before the restart will not lose. After you enter the command, you are asked to confirm that the OSPF protocol should be re-enabled.
OSPF Configuration Commands silent-interface 159 Syntax silent-interface interface_type interface_number undo silent-interface interface_type interface_number View OSPF view Parameter interface_type Enter the interface type interface_number Enter the interface number. Description Using the silent-interface command, you can prevent an interface from transmitting OSPF packets. Using the undo silent-interface command, you can restore the default setting. By default, the interface transmits OSPF packets.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS SPF calculation interval, network frequently changing can be restrained, which may lead to that too many bandwidth resources and router resources will be used. Example To set the OSPF route calculation interval of the Switch 7700 to 6 seconds, enter the following: [SW7700-ospf]spf-schedule-interval 6 stub Syntax stub [ no-summary ] undo stub View OSPF Area view Parameter no-summary Enter to prevent the transmission of Summary LSAs to the STUB area.
Integrated IS-IS Configuration Commands 161 retransmit seconds Enter the interval for the retransmission of LSA packets on an interface, in the range 1 to 8192 seconds. The default value is 5 seconds. trans-delay seconds Enter the delay interval for transmitting LSA packets on an interface, in the range 1 to 8192 seconds. The default value is 1 second. dead seconds Enter the dead time interval, in the range 1 to 8192 seconds.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS area-authenticationmode Syntax area-authentication-mode { simple | md5 } password [ ip | osi ] undo area-authentication-mode { simple | md5 } [ ip | osi ] View IS-IS view Parameter password: Specify the password, ranging from 1 to 24 characters. simple: Configure to transmit the password in simple text. md5: Configure to transmit the password encrypted with MD5 algorithm. ip: Specify the IP authentication password.
Integrated IS-IS Configuration Commands 163 Parameter route-policy route_policy_name: Only the route that satisfies the matching requirement of specified Route-policy can generate default route. Description ■ Use the default-route-advertise command to create the default route of L1, L2 router. ■ Use the undo default-route-advertise command to cancel this configuration. By default, L2 router creates the default route. This command can be set on L1 router or L2 router.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Interface IP Address Id Link.Sta Vlan-interface3 2.1.1.12 001 Up Secondary IP Address(es): Csnp-Interval : L1 10 L2 10 Hello-Interval: L1 10 L2 10 Hold Time : L1 30 L2 30 Lsp Interval: 1 Cost : L1 10 L2 10 Priority : L1 64 L2 64 Retransmit Interval: 5 display isis lsdb IP.
Integrated IS-IS Configuration Commands display isis mesh-group 165 Syntax display isis mesh-group View All views Parameter None Description Use the display isis mesh-group command to view the configuration of the IS-IS mesh group of the current router interface. Example Add Interface Vlan-interface 1 and Interface Vlan-interface 2 running IS-IS into mesh group 100.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS View IS-IS peer information. display isis peer NET Interface Id State 0001.0002.0002Vlan-interface1 0001.0002.0008.01 0001.0002.0002 Vlan-interface2 002 display isis route HoldTimeType Pri Up 26s L1(L12)64 Up 29s L1 0 Syntax display isis route View All views Parameter None Description Use display isis route command to view IS-IS routing information. Example View IS-IS routing information.
Integrated IS-IS Configuration Commands 167 Example View the SPF calculation log of IS-IS. display isis spf-log Details of Level 1 SPF Run: ------------------------------Trig.Event No.Of Nodes IS_SPFTRIG_ADJDOWN 2 IS_SPFTRIG_NEWADJ 3 IS_SPFTRIG_LSPCHANGE 3 IS_SPFTRIG_PERIODIC 2 IS_SPFTRIG_PERIODIC 2 IS_SPFTRIG_CIRC_UP 3 IS_SPFTRIG_CIRC_UP 3 IS_SPFTRIG_LSPCHANGE 3 Details of Level 2 SPF Run: ------------------------------Trig.Event No.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Description ■ Use the domain-authentication-mode command to configure IS-IS to authenticate the received level-2 routing packets (LSP, CSNP, PSNP), according to the pre-defined mode and password. ■ Use the undo domain-authentication-mode command to configure IS-IS not to authenticate the said packets. In default configuration, the system will not authenticate the received level-2 routing packets, and there is no password.
Integrated IS-IS Configuration Commands 169 Example Use acl 6 to filter the routes distributed by IS-IS. [SW7700-isis]filter-policy 6 export filter-policy import Syntax filter-policy acl-number import undo filter-policy acl-number import View IS-IS view Parameter acl-number: Specify the number of the access control list, ranging 1 to 199. Description ■ Use the filter-policy import command to configure to filter the routes received by IS-IS.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS By default, the checksum error of LSP is not ignored. After receiving an LSP packet, the local IS-IS will calculate its checksum and compares the result with the checksum in the LSP packet. This process is the checksum authentication over the received LSP. By default, if the checksum in the packet is found not in consistent with the calculated result, the LSP is discarded without being processed.
Integrated IS-IS Configuration Commands 171 By default, IS-IS does not import the routing information of other protocols. For IS-IS, the routes discovered by other routing protocols are processed as the routes outside the routing domain. When importing the routes of other protocols, you can specify the routing metric of them. When IS-IS imports routes, you can also specify to import the routes to Level-1, Level-2 or Level-1-2.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS isis authentication-mode Syntax isis authentication-mode { simple | md5 } password [ { level-1 | level-2 } [ ip | osi ] ] undo isis authentication-mode { simple | md5 } password [ { level-1 | level-2 } [ ip | osi ] ] View VLAN interface view Parameter password: Specify the authentication password. md5: Configure to transmit the password encrypted with MD5 algorithm. simple: Configure to transmit the password in plain text.
Integrated IS-IS Configuration Commands isis circuit-level 173 Syntax isis circuit-level [ level-1 | level-1-2 | level-2 ] undo isis circuit-level View VLAN interface view Parameter level-1: Configure Level-1, instead of Level-2, adjacency on the current interface only. level-1-2: Configure both Level-1 and Level-2 adjacency on the current interface. level-2: Configure Level-2 adjacency on the current interface only.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS level-2: indicate that the link cost corresponds to level-2 Description ■ Use the isis cost command to configure the link cost of this interface when performing SPF calculation. ■ Use the undo isis cost command to restore the default link cost. If neither Level 1 nor Level 2 is specified in the configuration, level-1 will be the default value. We recommend that you configure the appropriate link cost for all the interfaces.
Integrated IS-IS Configuration Commands 175 Example Set the priority of Interface Vlan-interface 1 to 127. [SW7700]interface Vlan-interface 1 [SW7700-Vlan-interface1]isis dis-priority 127 level-2 isis enable Syntax isis enable [ tag ] undo isis enable [ tag ] View VLAN interface view Parameter tag: the name given to an IS-IS routing process, when executing the isis command in the system view. If not specified, it is null.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Parameter mesh_group_number: Specify the mesh group number, ranging from 1 to 4294967295. mesh-blocked: Configure to block a specified interface, so that it will not flood the received LSP to other interfaces. Description ■ Use the isis mesh-group command to add an interface to a specified mesh group. ■ Use the undo isis mesh-group command to delete this interface from the mesh group.
Integrated IS-IS Configuration Commands ■ 177 Use the undo isis timer csnp command to restore the default value, that is, 10 seconds. Only DIS can periodically send CSNP packets, therefore, this command is valid only for the router that is selected as the DIS. Furthermore, DIS is divided into level-1 and level-2, and their intervals of sending CSNP packets must be set respectively. Example Set the CSNP packet of Level-2 to be transmitted every 15 seconds on the interface Vlan-interface 1.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Example Set the Level-2 Hello interval to 30 seconds on Interface Vlan-interface 1. [SW7700]interface Vlan-interface 1 [SW7700-Vlan-interface1]isis enable [SW7700-Pos 1/0/0]isis timer hello 30 level-2 isis timer hello Syntax isis timer hello seconds [ level-1 | level-2 ] undo isis timer hello [ level-1 | level-2 ] View VLAN interface view Parameter seconds: Specify the Hello interval, ranging from 3 to 255 and measured in seconds.
Integrated IS-IS Configuration Commands 179 View VLAN interface view Parameter time: Specify the LSP interval, ranging from 1 to 1000 and measured in milliseconds. The default value is 33 milliseconds. Description ■ Use the isis timer lsp command to configure IS-IS LSP interval on the interface. ■ Use the undo isis timer lsp command to restore the default setting. FRelated command: isis timer retransmit. Example Set the LSP interval on Interface Vlan-interface 1 to 500 milliseconds.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS is-level Syntax is-level { level-1 | level-1-2 | level-2 } undo is-level View IS-IS view Parameter level-1: Configure the router to operate at Level-1, only calculate the intra-area routes and maintain the LSDB of L1. level-1-2: Configure the router to operate at Level-2, calculate both the L1 and L2 routes and maintain the LSDB of L1 and L2.
Integrated IS-IS Configuration Commands ■ 181 Use the undo log-peer-change command to configure not to log the peer changes. By default, peer changes log disabled. After peer changes log is enabled, the IS-IS peer changes will be output on the configuration terminal until the log is disabled. Example Configure to output the IS-IS peer changes on the current router.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS undo preference View IS-IS view Parameter value: Specify the preference, ranging from1 to 255. By default, the value is 15. Description ■ Use the preference command to configure the preference of IS-IS protocol. ■ Use the undo preference command to restore the default value. Several dynamic routing protocols could run simultaneously on a router.
Integrated IS-IS Configuration Commands 183 View User view Parameter system-id: Specifies the system ID of IS-IS neighbor. Description Use the reset isis peer command to reset the specified IS-IS peer. This command is used when you want to reconfigure a certain neighbor. Example Clear the IS-IS neighbor whose system ID is 0000.0c11.1111. reset isis peer 0000.0c11.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Parameter silent_interface_type: Specifies the interface type. silent_interface_number: Specifies the interface number. Description ■ Use the silent-interface command to disable a specified interface to transmit IS-IS packet. ■ Use the undo silent-interface command to enable the interface to transmit IS-IS packet. By default, all the interface are allowed to transmit/receive IS-IS packets.
Integrated IS-IS Configuration Commands 185 Example Set IS-IS to release CPU once after processing every 3000 pieces of routes. [SW7700-isis]spf-delay-interval 3000 spf-slice-size Syntax spf-slice-size seconds undo spf-slice-size View IS-IS view Parameter seconds: Duration time in second for SPF calculation each time in the range from 0 to 120. When the calculation duration time reaches or exceeds the set value, the calculation of this time ends.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Parameter ip-address: Aggregated network segment address. mask: Aggregated network mask. level-1: Configure to aggregate the routes imported into Level-1. level-2: Configure to aggregate the routes imported into Level-2 routing table. level-1-2: Configure to aggregate the routes imported into Level-1 and Level-2. Description ■ Use the summary command to configure IS-IS route summary. ■ Use the undo summary command to cancel the summary.
Integrated IS-IS Configuration Commands 187 Example Set the lifetime of an LSP generated by the current system to 25 minutes, i.e., 1500 seconds. [SW7700-isis]timer lsp-max-age 1500 timer lsp-refresh Syntax timer lsp-refresh seconds undo timer lsp-refresh View IS-IS view Parameter seconds: Specifies the LSP refresh interval, measured in seconds. The range is 1 to 65535. The default value is 900 seconds. Description ■ Use the timer lsp-refresh command to configure the refresh interval of LSP.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Description ■ Use the timer spf command to configure the interval for the SPF calculation of corresponding level. ■ Use the undo timer spf command to restore the system default value, that is, 5 seconds. Usually, when the LSDB of the corresponding level is changed, SPF calculation is required. However, when the network is unstable and LSDB changes frequently, if the SPF calculation is performed too frequently, the system efficiency will be lowered.
BGP Configuration Commands 189 attribute-policy route_policy_name: Set the attributes of the aggregated route. Description ■ Using aggregate command, you can establish an aggregated record in the BGP routing table. ■ Using undo aggregate command, you can disable the function. By default, there is no route aggregation. The keywords is explained as follows: Table 8 The use of the keywords keywords use as-set Used to produce an aggregated route whose AS path information includes detailed routes.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS This command is used to enable and disable BGP as well as to specify the local AS number of BGP. Example Enable BGP. [SW7700]bgp 100 [SW7700-bgp] compare-different-asmed Syntax compare-different-as-med undo compare-different-as-med View BGP view Parameter none Description ■ Use the compare-different-as-med command to enable comparison of MED values from different AS neighboring routes when determining the best route.
BGP Configuration Commands 191 Description ■ Use the confederation id command to configure confederation identifier. ■ Use the undo confederation id command to cancel the BGP confederation specified by as-number parameter. By default, the confederation ID is not configured. Confederation can be adopted to solve the problem of too many IBGP full connections in a large AS domain. The solution is, first dividing the AS domain into several smaller sub-ASs, and each sub-ASs remains full-connected.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Example AS100 contains routers following nonstandard, which is composed of two sub-ASs, 64000 and 65000. [SW7700]bgp 64000 [SW7700-bgp]confederation id 100 [SW7700-bgp]confederation peer-as 65000 [SW7700-bgp]confederation nonstandard confederation peer-as Syntax confederation peer-as as_number-1 [... as_number_n ] undo confederation peer-as [ as-number_1 ] [... as-number_n] View BGP view Parameter as-number_1...as-number_n: Sub-AS number.
BGP Configuration Commands 193 Parameter half_life_reachable: Specify the semi-dampening when the route is reachable. The range is 1 to 45 minutes. By default, the value is 15 minutes. half_life_unreachable: Specify the semi-dampening when the route is unreachable. The range is 1 to 45 minutes. By default, the value is 15 minutes. reuse: The penalty value of a route when it start to be reused. The range is 1 to 20000. By default, the value is 750.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS packet: Indicating to enable BGP packet information debugging. route-refresh: Indicating to enable BGP route-refresh packet information debugging. update: Indicating to enable BGP Update packet information debugging. receive: Information of receiving packets. send: Information of sending packets. verbose: Detailed information. Description ■ Use the debugging bgp all command to enable all the information debugging of BGP packet and events.
BGP Configuration Commands 195 Example The two routers RTA and RTB in the same autonomous area use X.25 and Frame Relay protocols separately to connect with external autonomous areas. The command can be used to configure the default local preference of RTB as 180 so that the route via RTB is selected first when the same route goes through RTA and RTB at the same time. [SW7700-bgp]default local-preference 180 default med Syntax default med med_value undo default med View BGP view.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Example View the information of the peer group aaa. display bgp group aaa group : aaa no as-number still members in this group : Description : aaa route-policy specified in export policy : aaa filter-policy specified in export policy : list no.30304410 acl specified in export policy : list no.30304410 ip-prefix specified in export policy : aaa route-policy specified in import policy : aaa filter-policy specified in import policy : list no.
BGP Configuration Commands 197 Table 10 Description of information generated by the command display bgp network display bgp paths Field Description Network Network address Mask Mask Route-policy Configured route policy Syntax display bgp paths as_regular_expression View All views Parameter as_regular_expression: Matched AS path regular expression. Description Use the display bgp paths command to view the information about AS paths Example Display the information about the AS paths.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Table 11 Description of information generated by the command display bgp paths INC As-path display bgp peer Short for INCOMPLETE: indicates that the original source of the route information is unknown (learned by other methods). BGP sets the origin of the route imported through other IGP protocols as INCOMPLETE AS-path attribute of route, which records all AS areas that the route passes.
BGP Configuration Commands 199 Table 12 Description of information generated by the command display bgp peer verbose display bgp routing-table Last Event Last event of neighbor state machine Last Error Last error of neighbor state machine Options Options Syntax display bgp routing-table [ ip_address ip_mask ] View All views Parameter ip_address: Destination of the network. ip_mask: Mask of the network. Description Use the display bgp routing-table command to view all the BGP routing information.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Table 13 Description of information generated by the command display bgp routing-table Next Hop IP address of next hop Med MULTI_EXIT_DISC attribute value, which ranges from 0 to 4294967295 Local-Pref Local preference, which ranges from 0 to 4294967295 Origin Origin attribute of route, which indicates that the route updates its origin relative to the route originating it from AS.
BGP Configuration Commands 201 Table 14 Description of information generated by the command display bgp routing-table as-path-acl Field Description Dest/Mask Destination address/Mask Pref Preference Nexthop IP address of next hop Med MULTI_EXIT_DISC attribute value Local-pref Local preference Origin Origin attribute of route, which indicates that the route updates its origin relative to the route originating it from AS.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS display bgp routing-table community Syntax display bgp routing-table community [ aa:nn | no-export-subconfed | no-advertise | no-export ] [ whole-match ] View All views Parameter aa:nn: Specify a community number. no-export-subconfed: Not sending matched route outside AS. no-advertise: Send matched route to no peers. no-export: Not passing route through AS but advertise to other sub Ass. whole-match: Configure to display the exactly matched routes.
BGP Configuration Commands 203 Example Display the routing information matching BGP community list 1. [SW7700]display bgp routing-table community-list 1 Flags: # - valid, ^ - best, D - damped, H - history, I - internal, S Ð aggregate suppressed Destination/Mask Pref Next-hop Med Local-Pref Origin As-Path ------------------------------------------------------------------1.1.1.0/24 256 10.10.10.1 0 IGP 200 1.1.2.0/24 256 10.10.10.1 0 IGP 200 1.1.3.0/24 256 10.10.10.1 0 IGP 200 2.2.3.0/24 256 10.10.10.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Table 15 Description of information generated by the command display bgp routing-table dampening Item Description Flags State flags: # - valid (valid) ^ - best (selected) D - damped (discarded) H - history (history) I - internal (interior gateway protocol) S - aggregate suppressed (suppressed) #D The valid and damped route Dest/Mask The dampened route to the destination network 11.1.0.
BGP Configuration Commands 205 For detailed description of the output information, see Table 13. display bgp routing-table flap-info Syntax display bgp routing-table flap-info [ { regular-expression as_regular_expression } | { as-path-acl acl_number } | { network_address [ mask [ longer-match ] ] } ] View All views Parameter as_regular_expression: The route flap-info matching AS path regular expression. acl_number: Number of the specified AS path to be matched, ranging 1 to 199.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Table 16 Description of information generated by the command display bgp routing-table flap-info Flap-times The times of the route flap Origin Origin attribute of route, which indicates that the route updates its origin relative to the route originating it from AS. It has three optional values: As-path display bgp routing-table peer IGP The route belongs to inside of AS.
BGP Configuration Commands 207 Parameter as-regular-expression: Matched AS regular expression. Description Use the display bgp routing-table regular-expression command to view the routing information matching the specified AS regular expression Example Display the routing information matched with ^200$.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS If the parameter protocol is specified, only the imported route generated by the specified protocol is filtered and the imported routes generated by other protocols are not affected. If the parameter protocol is not specified, the imported route generated by any protocol will be filtered. Example Use acl 3 to filter the routing information advertised by BGP.
BGP Configuration Commands 209 View BGP view Parameter group-name: Specify the name of the peer group. Description ■ Use the group group_name command to establish a peer group. ■ Use the undo group group_name command to cancel the configured peer group. The use of BGP peer group is for the convenience of the user’s configuration. When the user starts several peers with the same configuration, a peer group can be established first and be configured.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS By default, BGP does not import routes of other protocols. Example Import routes of RIP. [SW7700-bgp]import-route rip ip as-path acl Syntax ip as-path acl acl_number { permit | deny } as_regular_expression undo ip as-path acl acl_number View System view Parameter acl_number: Number of AS path list ranging from 1 to 199. as_regular_expression: AS regular expression. Description ■ Use the ip as-path acl command to configure an AS path regular express.
BGP Configuration Commands 211 ext_comm_list_number: Number of the extended community list ranging from 100 to 199. permit: Permit those that match conditions to access. deny: Deny those that match conditions to access. aa:nn: Community number. internet: Advertise all routes. no-export-subconfed: Used not to advertise the matched route beyond the confederation. no-advertise: Used not to send the matched route to any peer.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Description ■ Use the network command to configure the network routes advertised by the local BGP. ■ Use the undo network command to cancel the existing configuration. By default, there is no networks sent through BGP Example Advertise routes to network segment 10.0.0.0/16. [SW7700-bgp]network 10.0.0.1 255.255.0.
BGP Configuration Commands 213 number: Specify the repeating times of local AS, ranging from 1 to 10. Description ■ Use the peer allow-as-loop command to configure the repeating time of local AS. ■ Use the undo peer allow-as-loop command to remove the repeating time of local AS. Related commands: display current-configuration, display bgp routing-table peer, display bgp routing-table group Example Specify to configure the repeating times of local AS to 2. [SW7700-bgp]peer 1.1.1.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS View BGP view Parameter group_name: Specify name of the peer group. peer_address: Specify IP address of the peer. acl_number: Specify the filter list number of an AS regular expression. The range is 1 to 199. import: For the received routes. export: For the advertised routes. Description ■ Use the peer as-path-acl command to configure BGP route filtering Policy based on AS path list.
BGP Configuration Commands 215 Usually, BGP uses the optimal route to update the source interface of the packets. However, you can set the mode of the interface to Loopback in order to send route updates even if the interface is not work normally. Example Specify Vlan-interface1 as the source interface of a route update packet.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS peer_address: Address of the peer. description_line: Description information configured, which can be letters or figures. Description ■ Use the peer description command to configure the description information of the peer/peer group. ■ Use the undo peer description command to cancel the description information of the peer/peer group. By default, description information of peers/peer group is not configured.
BGP Configuration Commands 217 undo peer { group_name | peer_address } enable View BGP view Parameter group_name: Specify the name of the peer group which specifies the entire peer group. peer_address: IP address of a peer, which specifies a certain peer. Description ■ Use the peer enable command to enable the specified peer/peer group. ■ Use the undo peer enable command to disable the specified peer/peer group. By default, BGP peer/peer group is enabled.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS ■ Use the undo peer filter-policy command to cancel the existing configuration. By default, a peer/peer group has no access control list (acl). Related commands: ip as-path acl, peer as-path-acl. Example Set the filter-policy list of a peer group test.
BGP Configuration Commands 219 Parameter group_name: Name of peer group. peer_address: IP address of the peer. prefixname: Name of the specified ip-prefix. import: Apply the filtering policy on the route received by the specified peer/peer group. export: Apply the filtering policy on the route transmitted to the specified peer/peer group. Description ■ Use the peer ip-prefix command to configure the route filtering policy of the peer/peer group based on the ip-prefix.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Example When BGP distributes the routes to the peer group “test”, it will take its own address as the next hop. [SW7700-bgp]peer test next-hop-local peer public-as-only Syntax peer { group_name | peer_address } public-as-only undo peer { group_name | peer_address } public-as-only View BGP view Parameter group_name: Name of a peer group. ip_address: IP address of a peer.
BGP Configuration Commands 221 Description ■ Use the peer reflect-client command to configure a peer/peer group as the route reflector client. ■ Use the undo peer reflect-client command to cancel the existing configuration. Generally speaking, it is not necessary to configure this command for the peer group, because IBGP peers are in its default group. A single peer peer-address reflect-client command should be used to configure the route reflector clients.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS peer route-update-interval Syntax peer { group_name | peer_address } route-update-interval seconds undo peer { group_name | peer_address } route-update-interval View BGP view Parameter group_name: Specify the name of the configured peer group. peer_address: Specify the IP address of the peer. seconds: The minimum interval of sending BGP update packets route. The range is 0 to 600.
BGP Configuration Commands ■ 223 Use the undo peer timer command to restore the timer to the default value. The timer configured by using this command has a higher priority than the one configured by using the timer command. Example Configure Keepalive and Holdtime intervals of the peer group “test”.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS ■ Use the undo reflect cluster-id command to delete the cluster ID of the route reflector. By default, each route reflector uses its Router ID as the cluster ID. Related commands: reflect between-clients, peer reflect-client. Example Set the cluster ID of the route reflector as 80.
BGP Configuration Commands 225 Description Use the reset bgp flap-info command to reset the flap-info of a route. Related command: dampening. Example Reset the flap-info of all the routes that go through filter list 10. reset bgp flap-info as-path-acl 10 reset bgp group Syntax reset bgp group group_name View User view Parameter group-name: Specify the name of the peer group. Description Use the reset bgp group command to reset the connections between the BGP and all the members of a group.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS summary automatic Syntax summary automatic undo summary automatic View BGP view Parameter none Description ■ Use the summary automatic command to configure auto aggregation of sub-network routes. ■ Use the undo summary automatic command to disable auto aggregation of sub-network routes. By default, no auto aggregation of sub-network routes is executed.
IP Routing Policy Configuration Commands 227 Example Configure the Keep-alive timer as 30 seconds and Hold-time timer as 90 seconds. [SW7700-bgp]timer keep-alive 30 hold 90 IP Routing Policy Configuration Commands This section describes the commands you can use to configure IP Routing Policy. These commands operate across all routing protocols. When the Switch 7700 runs a routing protocol, it is able to perform the functions of a router.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS no-export-subconfed: Not sending matched route outside AS. no-advertise: Not sending matched route to any peer. no-export: Not passing route through AS but advertise to other sub Ass. additive: Additional known community attribute. none: Deleted route community attribute. Description ■ Use the apply community command to configure the set BGP community attribute of Route-policy.
IP Routing Policy Configuration Commands 229 Example Define one apply sub-statement. When it is used for setting route information attribute, it sets the route metric value of route information as 120. [SW7700-route-policy]apply cost 120 apply cost-type Syntax apply cost-type [ internal | external ] undo apply cost-type View Route policy View Parameter internal: Use the cost type of IGP as MED value of BGP to advertise route to EBGP peer. external: external cost type of IS-IS.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS By default, no apply sub-statement is defined. When it is used for setting route information attribute, it sets the next hop address area of route information passing filtration. Related command: if-match interface, if-match acl, if-match ip-prefix, if-match ip next-hop, if-match cost, if-match tag, route-policy, apply local-preference, apply cost, apply origin and apply tag. Example Set the next hop address of route information as 193.1.1.
IP Routing Policy Configuration Commands 231 View Route policy view Parameter local_preference: New set local preference. Description ■ Use the apply local-preference command to configure to apply the local preference of route information. This command is one apply sub-statements of Route-policy attribute set. ■ Use the undo apply local-preference command to cancel the apply sub-statement.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Example Define one apply sub-statement. When it is used for setting route information attribute, it sets the route source of BGP route information as igp. [SW7700-route-policy]apply origin igp apply tag Syntax apply tag value undo apply tag View Route policy view Parameter value: Specifies the tag value of route information. Description ■ Use the apply tag command to configure to set the tag area of OSPF route information.
IP Routing Policy Configuration Commands 233 Example Display the information of the address prefix list named as p1. display ip ip-prefix p1 ip-prefix p1 index 10: permit 192.168.10.10/16 greater-equal 17 less-equal 18 display route-policy Syntax display route-policy [ route_policy_name ] View All views Parameter route_policy_name: Specifies displayed Route-policy name. Description Use the display route-policy command, you can view the configured Route-policy Related command: route-policy.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Description ■ Use the filter-policy export command to configure to set the filtering conditions of the routing information advertised by a certain type of routing protocols. ■ Use the undo filter-policy export command to cancel the filtering conditions set. By default, the advertised routing information is not filtered. In some cases, it may be required that only the routing information meeting some conditions can be advertised.
IP Routing Policy Configuration Commands 235 ■ Use the filter-policy import command to set the condition for filtering the routing information. ■ Use the undo filter-policy import command to cancel the setting of filter condition By default, the received routing information is not filtered. In some cases, it may be required that only the routing information meeting some conditions can be received.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS if-match as-path Syntax if-match as-path acl_number undo if-match as-path View Route policy view Parameter acl_number: AS path list number, ranging from 1 to 199. Description ■ Use the if-match as-path command to configure the matched AS path list number of Route-policy. ■ Use the undo if-match as-path command to delete the matched path list number. By default, AS path list number is not matched.
IP Routing Policy Configuration Commands ■ 237 Use the undo if-match community command to cancel the configuration of the matched community list number. One of the match sub-statements of route-policy is used to filter BGP routing information. The match condition is specified according to the community attributes of the routing information. Related command: route-policy, ip community-list.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS View Route policy view Parameter interface_type: Specify interface type. interface_number: Specify interface number. interface_name: Specify interface name. Description ■ Use the if-match interface command to configure to match the route whose next hop is designated interface. ■ Use the undo if-match interface command to cancel the setting of matching condition. By default, no match sub-statement is defined.
IP Routing Policy Configuration Commands 239 Related commands: if-match interface, if-match acl, if-match ip-prefix, if-match cost, if-match tag, route-policy, apply ip next-hop, apply cost, apply local-preference, apply origin, apply tag. Example Define a match sub-statement. It permits the routing information, whose route next hop address passes the filtration of the prefix address list p1, to pass this match sub-statement.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS index_number: Identify an item in the prefix address list. The item with smaller index-number will be tested first. permit: Specify the match mode of the defined address prefix list items as permit mode. deny: Specify the match mode of the defined address prefix list items as deny mode. network: The IP address prefix range (IP address). If it is 0.0.0.0 0, all the IP addresses are matched. len: The IP address prefix range (mask length). If it is 0.0.0.
IP Routing Policy Configuration Commands route-policy 241 Syntax route-policy route_policy_name { permit | deny } node { node_number } undo route-policy route_policy_name [ permit | deny | node node_number ] View System view Parameter route_policy_name: Specifies the Route-policy name to identify one Route-policy uniquely. permit: Specify the match mode of the defined Route-policy node as permit mode. deny: Specifies the match mode of the defined Route-policy node as deny mode.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Route Capacity Configuration Commands display memory limit This section describes the commands you can use to configure route capacity on the Switch 7700.
Route Capacity Configuration Commands 243 Table 17 The description for the information displayed by the display memory limit command memory auto-establish disable The times of disconnect: 0 The times of the connection disconnecting of the Ethernet switch is 0. The times of reconnect: 0 The times of the connection reestablishment of the Ethernet switch is 0. The current state: Normal The current state is normal.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS Parameter None Description Use the memory auto-establish enable command to allow the routing protocol connection that is forcibly disconnected to recover automatically when the idle memory of the Ethernet switch reaches this value.
Route Capacity Configuration Commands 245 ■ Use the memory safety safety_value command to configure the safety value of the Ethernet switch idle memory. If you use the memory auto-establish enable command (the default configuration), the routing protocol connection that is forcibly disconnected will automatically recover when the idle memory of the Ethernet switch reaches this value.
CHAPTER 5: USING ROUTING PROTOCOL COMMANDS
6 USING MULTICAST PROTOCOL COMMANDS This chapter describes how to use the following commands: GMRP Configuration Commands ■ debugging gmrp ■ display gmrp statistics ■ display gmrp status ■ gmrp IGMP Snooping Configuration Commands ■ display igmp-snooping configuration ■ display igmp-snooping group ■ display igmp-snooping statistics ■ igmp-snooping ■ igmp-snooping host-aging-time ■ igmp-snooping max-response-time ■ igmp-snooping router-aging-time ■ reset igmp-snooping statistics Mul
CHAPTER 6: USING MULTICAST PROTOCOL COMMANDS GMRP Configuration Commands debugging gmrp ■ display pim bsr ■ display pim interface ■ display pim neighbor ■ display pim routing-table ■ display pim rp-info ■ pim ■ pim bsr-boundary ■ pim dm ■ pim sm ■ pim timer hello ■ spt-switch-threshold This section describes how to use the Group Multicast Registration Protocol (GMRP) configuration commands on your Switch 7700.
GMRP Configuration Commands 249 View All views Parameter interface interface-list: Specifies Ethernet port list, expressed as interface-list = { { interface_type interface_num | interface_name } [ to { interface_type interface_num | interface_name } ]}&<1-10>. For meanings and value ranges of interface-type, interface-number and interface-name, refer to the syntax description in the Port Configuration of this manual.
CHAPTER 6: USING MULTICAST PROTOCOL COMMANDS gmrp Syntax gmrp undo gmrp View System view/Ethernet port view Parameter None Description ■ Use the gmrp to enable global GMRP or enable GMRP on a port. ■ Use the undo gmrp to set the GMRP back to the default setting, namely disabled. By default, GMRP is disabled Executed in system view, this command will enable the global GMRP. After performing this command in Ethernet port view, GMRP will be enabled on a port.
IGMP Snooping Configuration Commands 251 enabled, router port timeout, maximum response timeout of a query and the member port timeout. Related command: igmp-snooping. Example Display the IGMP Snooping configuration information of the switch. display igmp-snooping configuration Enable IGMP-Snooping. The router port timeout is 300 second(s). The max response timeout is 50 second(s). The member port timeout is 500 second(s).
CHAPTER 6: USING MULTICAST PROTOCOL COMMANDS We can know from the information listed above that : display igmp-snooping statistics ■ There is a multicast group in VLAN 2; ■ The router port is Ethernet 1/0/1; ■ The address of the multicast group is 230.45.45.
IGMP Snooping Configuration Commands 253 Parameter enable: Enable IGMP Snooping. disable: Disables IGMP Snooping; By default, the switch disables IGMP Snooping feature. Description ■ Use the igmp-snooping command to enable/disable IGMP Snooping. ■ Use the undo igmp-snooping command to restore the default setting. This command is used to enable or disable IGMP Snooping on the switch. Example Enable IGMP Snooping.
CHAPTER 6: USING MULTICAST PROTOCOL COMMANDS View System view Parameter seconds: Maximum response time for a query ranging from 1 to 100 and measured in seconds; By default, 10. Description ■ Use the igmp-snooping max-response-time command to configure the maximum response time for a query. ■ Use the undo igmp-snooping max-response-time command to restore the default value. The set maximum response time decides the time limit for the switch to respond to IGMP Snooping general query packets.
Multicast Common Configuration Commands reset igmp-snooping statistics 255 Syntax reset igmp-snooping statistics View User view Parameter None Description Use the reset igmp-snooping statistics command to reset the IGMP Snooping statistics information. Related command: igmp-snooping. Example Clear IGMP Snooping statistics information.
CHAPTER 6: USING MULTICAST PROTOCOL COMMANDS Parameter None Description debugging multicast status-forwarding ■ Use the debugging multicast kernel-routing to enable multicast kernel routing debugging functions. ■ Use the undo debugging multicast kernel-routing to disable the debugging functions.
Multicast Common Configuration Commands 257 Example View the multicast forwarding table information.
CHAPTER 6: USING MULTICAST PROTOCOL COMMANDS Example View virtual interface information for multicast. display multicast vif multicast routing-enable Syntax multicast routing-enable undo multicast routing-enable View System view Parameter None Description ■ Use the multicast routing-enable to enable IP multicast routing. ■ Use the undo multicast routing-enable to disable IP multicast routing. By default, IP multicast routing is disabled.
PIM Configuration Commands ■ 259 Use the undo register-policy to remove the configured message filtering. Example If the local device is the RP in the network, using the following command can only accept multicast message register of the source sending multicast address in the range of 225.1.0.0/16 on network segment 10.10.0.0/16. system-view [SW7700]acl number 110 [SW7700-acl-adv-110]rule permit ip source 10.10.0.0 255.255.0.0 destination 225.1.0.0 255.255.0.
CHAPTER 6: USING MULTICAST PROTOCOL COMMANDS c-rp Syntax c-rp interface-type interface-number [ group-policy acl-number ] undo c-rp interface-type interface-number View PIM view Parameter interface-type interface-number: Specified interface with the IP address advertised as a candidate RP address. acl-number: Number of the basic ACL that defines a group range, which is the service range of the advertised RP. The value ranges from 1 to 99.
PIM Configuration Commands 261 Description ■ Use the debugging pim common to enable common PIM debugging functions. ■ Use the undo debugging pim common to disable the debugging functions. By default, common PIM debugging functions are disabled.
CHAPTER 6: USING MULTICAST PROTOCOL COMMANDS mrt: debugging information of PIM-SM multicast routing table. timer: debugging information of PIM-SM timer. warning: debugging information of PIM-SM warning message. recv: debugging information of PIM-SM receiving packets. send: debugging information of PIM-SM sending packets. assert | graft | graft-ack | join | prune: packets type. Description ■ Use the debugging pim sm to enable PIM-SM debugging functions.
PIM Configuration Commands 263 interface-number: Specifies interface number. Description Use the display pim interface to display the PIM configuration information about an interface. If the interface type and number are not specified, the PIM configuration information about all the interfaces will be displayed, otherwise the information about the specified interface will be displayed. Example display pim interface Address Interface Ver/Mode 8.8.8.8 VLAN-interface1v2/S 1 192.168.1.
CHAPTER 6: USING MULTICAST PROTOCOL COMMANDS Table 21 Output description about PIM neighbors display pim routing-table Uptime Time passed since the multicast group has been discovered Expires Specifies when the member will be removed from the group Syntax display pim routing-table [ { { *g [ group-address [ mask { mask-length | mask } ] ] | **rp [ rp-address [ mask { mask-length | mask } ] ] } | { group-address [ mask { mask-length | mask } ] | source-address [ mask { mask-length | mask } ] } *
PIM Configuration Commands display pim rp-info 265 Syntax display pim rp-info [ group-address ] View All views Parameter group-address: Specify the group address to be showed. If no multicast group is specified, the RP information about all multicast groups will be displayed. Description Use the display pim rp-info to view the RP information of multicast group. In addition, this command can also show the BSR and static RP information.
CHAPTER 6: USING MULTICAST PROTOCOL COMMANDS undo pim bsr-boundary View Interface view Parameter None Description ■ Use the pim bsr-boundary to configure an interface to be the PIM domain border. ■ Use the undo pim bsr-boundary to remove the border. By default, no domain border is set. You can use this command to set border of bootstraps messages, that is to say, bootstrap messages cannot pass interfaces that are configured with pim bsr-boundary command while other PIM messages can.
PIM Configuration Commands 267 Example Enable PIM DM on VLAN-interface10 of the Ethernet switch. [SW7700]multicast routing-enable [SW7700-vlan-interface10]pim dm pim sm Syntax pim sm undo pim sm View Interface view Parameter None Description ■ Use the pim sm to enable the PIM-SM protocol on an interface. ■ Use the undo pim sm to disable the PIM-SM protocol. By default, PIM-SM is disabled. Once enabled PIM-SM on an interface, PIM-DM cannot be enabled on the same interface and vice versa.
CHAPTER 6: USING MULTICAST PROTOCOL COMMANDS spt-switch-threshold Syntax spt-switch-threshold { traffic-rate | infinity } [ group-policy acl-number ]undo spt-switch-threshold { traffic-rate | infinity } [ group-policy acl-number ] View PIM view Parameter traffic-rate: Indicate switch rate threshold from RPT to SPT in Kbps. By default, the switch threshold value is 0, i.e., switching starts when the RPT receives the first data packet. infinity: Indicate never to switch to SPT.
7 USING QOS/ACL COMMANDS This chapter describes how to use the following commands: ACL Configuration Command List ■ acl ■ acl mode ■ display acl config ■ display acl mode ■ display acl running-packet-filter ■ display time-range ■ packet-filter ■ reset acl counter ■ rule ■ time-range QoS Configuration Commands List ■ display mirroring-group ■ display priority-trust ■ display qos cos-local-precedence- map ■ display qos-interface queue-scheduler ■ display qos-interface all ■ di
CHAPTER 7: USING QOS/ACL COMMANDS ■ traffic-limit ■ traffic-priority ■ traffic-red ■ traffic-statistic Logon user’s ACL Control Command ACL Configuration Command List ■ acl ■ snmp-agent community ■ snmp-agent group ■ snmp-agent usm-user This section describes how to use the Access Control List (ACL) configuration commands on your Switch 7700.
ACL Configuration Command List 271 all ( for the undo command): Configures to delete all the ACLs (including numbered and named ACLs). Description ■ Use the acl command to configure a numbered or named ACL, and enter the corresponding ACL view. ■ Use the undo acl command to cancel all the rules of a numbered or named ACL or all the ACLs. By default, the ACLs are matched in config order.
CHAPTER 7: USING QOS/ACL COMMANDS For the L2 and L3 traffic classification rules configured globally, there is an issue about discriminate usage. You can use this command to select between the L2 and L3 traffic classification rules. Example Configures to run L2 traffic classification rule. [SW7700]acl mode link-based display acl config Syntax display acl config { all | acl-number | acl-name } View All views Parameter all: Configures to display all the ACLs (including numbered and named ACLs).
ACL Configuration Command List 273 Parameter None Description Use the display acl mode command to view the ACL mode chosen by the switch. Example Display the ACL mode chosen by the switch. display acl mode ACL mode: ip-based display acl running-packet-filter Syntax display acl running-packet-filter { all | interface { interface-name | interface-type interface-num } } View All views Parameter all: Configures to display all the ACLs (including numbered and named ACLs).
CHAPTER 7: USING QOS/ACL COMMANDS Description Use the display time-range command to view the configuration and status of the current time range. You will see the active or inactive state outputs respectively. Note that the system has a delay of about 1 minute when updating the ACL state, while the display time-range command applies the current time. Therefore when display time-range displays that a time range is active, the ACL using it may not have been activated. This is a kind of normal case.
ACL Configuration Command List 275 rule rule: Specifies the rule in the ACL to be activated, ranging from 0 to 127. If it is not specified, all the rules in the ACL will be activated. Description ■ Use the packet-filter command to activate the ACL. ■ Use the undo packet-filter command to disable the ACL. Example Activate ACL 1 and ACL 200 at the same time.
CHAPTER 7: USING QOS/ACL COMMANDS [ precedence precedence ] [ tos tos ] [ dscp dscp ] [ fragment ] [ time-range name ] undo rule rule-id [ source ] [ destination ] [ source-port ] [ destination-port ] [ precedence ] [ tos ] [ dscp ] [ fragment ] time-range ] [ Define/delete a rule for interface acl: rule [ rule-id ] { permit | deny } [ interface { interface-name | interface-type interface-num | any } ] [ time-range name ] undo rule rule-id Define/delete a rule for link acl rule [ rule-id ] { permit
ACL Configuration Command List 277 dest-addr dest-wildcard | any: dest-addr dest-wildcard is the destination IP address and destination address wildcard, expressed in dotted decimal notation. any represents any destination address. source-port operator port1 [ port2 ]: This parameter is to define the source TCP or UDP port number. Here, operator represents port operation character, including eq (equal to), gt (greater than), lt (less than), neq (not equal to), and range (in certain range).
CHAPTER 7: USING QOS/ACL COMMANDS the packet, and [ source-mac-addr ] specifies the source MAC address of the data packets. any represents all the packets received from all the ports. egress { [ dest-vlan-id ] [ dest-mac-addr ] | any }: Specifies the destination information of data packets. dest-vlan-id specifies the destination VLAN of the packet, dest-mac-addr specifies the destination MAC address of the data packets. any represents all the packets forwarded by all the ports.
QoS Configuration Commands List 279 days-of-the-week: Determines in which day(s) of a week in the special time range a command takes effect. The command takes effect everyday within the time range, if this parameter is omitted.
CHAPTER 7: USING QOS/ACL COMMANDS Example Display parameter settings of port mirror. [SW7700]display mirroring-group mirroring-group 1 inbound Ethernet6/0/1 mirrored-to Ethernet6/0/2 display priority-trust Syntax display priority-trust View All views Parameter None Description Use the display priority-trust command to view the settings of priority used for putting the packet to the sending queue. Related command: priority-trust.
QoS Configuration Commands List 281 View All views Parameter interface-name | interface-type interface-num: Specifies a port of the switch. For more information, refer to the port command manual. Description Use the display qos-interface queue-scheduler command to view the queue scheduling mode and parameters. Related command: queue-scheduler. Example Display the queue scheduling mode and parameters.
CHAPTER 7: USING QOS/ACL COMMANDS View All views Parameter interface-name | interface-type interface-num: Specifies a port of the switch. For more information, refer to the port command manual. Description Use the display qos-interface traffic-bandwidth command to view the settings of bandwidth. Related command: traffic-bandwidth. Example Display the settings of traffic bandwidth assurance.
QoS Configuration Commands List 283 View All views Parameter interface-name | interface-type interface-num: Specifies a port of the switch. Description Use the display qos-interface traffic-priority command to view the settings of traffic priority. This command is used for displaying the settings of traffic priority. The information displayed includes the ACL corresponding to the traffic tagged with priority, priority type and value. Related command: traffic-priority.
CHAPTER 7: USING QOS/ACL COMMANDS View All views Parameter interface-name | interface-type interface-num: Specifies a port of the switch. Description Use the display qos-interface traffic-statistic command to view the traffic statistics information. This command is used for displaying the traffic statistics information. The information displayed includes the ACL corresponding to the traffic to be counted and the number of packets counted. Related command: traffic-statistic.
QoS Configuration Commands List 285 mirrored-to monitor-port: Indicates the monitor port. Description ■ Use the mirroring-group command to configure the mirroring group of the switch. ■ Use the undo mirroring-group command to cancel the configuration of mirroring group. The Switch 7700 realizes the mirroring function by configure the mirroring group. Every mirroring group has one monitor port and a group monitored ports. The packets received or sent by monitored ports will monitored by monitor port.
CHAPTER 7: USING QOS/ACL COMMANDS You can set a priority for a port and replace the 802.1p priority carried in the packet with it. After transmitting a packet, the switch will replace the packet 802.1p priority with the priority of the received port. Example Set the priority of Ethernet1/0/1 port to 7.
QoS Configuration Commands List 287 Description Use the priority-trust command to choose putting the packet to corresponding sending queue based on which priority. By default, switch chooses the local preference as the based priority. Switch supports 8 output queues with different priorities. The packets in the higher-priority queue will be transmitted first.
CHAPTER 7: USING QOS/ACL COMMANDS cos3-map-local-prec: Specifies the mapping value of “COS 3->local-prec”, which ranges from 0 to 7. cos4-map-local-prec: Specifies the mapping value of “COS 4->local-prec”, which ranges from 0 to 7. cos5-map-local-prec: Specifies the mapping value of “COS 5->local-prec”, which ranges from 0 to 7. cos6-map-local-prec: Specifies the mapping value of “COS 6->local-prec”, which ranges from 0 to 7.
QoS Configuration Commands List Table 23 queue-scheduler 289 “COS->Local-precedence” map 4 4 5 5 6 6 7 7 Syntax queue-scheduler { 0 | 1 | 2 } undo queue-scheduler View Ethernet Port view Parameter Keywords 0, 1 and 2 specify the different modes, as described below: 0: Mode 0 (defaulted): the true strict priority mode.
CHAPTER 7: USING QOS/ACL COMMANDS Parameter inbound: specify the traffic received by the Ethernet port. outbound: specify the traffic sent by the Ethernet port. all: Indicates to clear all the traffic statistics information of the ACLs configured with this function (including the combination items). ip-group { acl-number | acl-name } [ rule rule ]: Specifies a basic or advanced ACL. acl-number: Specifies the ACL sequence number, ranging from 1 to 199.
QoS Configuration Commands List 291 a rule of an ACL, ranging from 0 to 127. If you do not set this parameter, all the rules will be considered. link-group { acl-number | acl-name } [ rule rule ]: Specifies a Layer-2 ACL. acl-number: Specifies the ACL sequence number, ranging from 200 to 299, acl-name: Specifies the ACL name with a character string starting with English letters ([a-z, A-Z]) and excluding space and quotation mark. rule rule: Specifies a rule of an ACL, ranging from 0 to 127.
CHAPTER 7: USING QOS/ACL COMMANDS traffic-limit Syntax traffic-limit { inbound | outbound } { ip-group { acl-number | acl-name } [ rule rule ] | link-group { acl-number | acl-name } [ rule rule ] } target-rate undo traffic-limit { inbound | outbound } { ip-group { acl-number | acl-name } [ rule rule ] | link-group { acl-number | acl-name } [ rule rule ] } View Ethernet port view Parameter inbound: specify the traffic received by the Ethernet port.
QoS Configuration Commands List 293 undo traffic-priority outbound { ip-group { acl-number | acl-name } [ rule rule ] | link-group { acl-number | acl-name } [ rule rule ] } View Ethernet port view Parameter outbound: specify the traffic sent by the Ethernet port. ip-group { acl-number | acl-name } [ rule rule ]: Specifies a basic or advanced ACL. acl-number specifies the ACL sequence number, ranging from 1 to 199.
CHAPTER 7: USING QOS/ACL COMMANDS traffic-red Syntax traffic-red outbound { ip-group { acl-number | acl-name } [ rule rule ] | link-group { acl-number | acl-name } [ rule rule ] } qstart qstop probability undo traffic-red outbound { ip-group { acl-number | acl-name } [ rule rule ] | link-group { acl-number | acl-name } [ rule rule ] } View Ethernet port view Parameter outbound: specify the traffic sent by the Ethernet port.
Logon user’s ACL Control Command 295 undo traffic-statistic { inbound | outbound } { ip-group { acl-number | acl-name } [ rule rule ] | link-group { acl-number | acl-name } [ rule rule ] } View Ethernet port view Parameter inbound: specify the traffic received by the Ethernet port. outbound: specify the traffic sent by the Ethernet port. ip-group { acl-number | acl-name } [ rule rule ]: Specifies a basic or advanced ACL. acl-number specifies the ACL sequence number, ranging from 1 to 199.
CHAPTER 7: USING QOS/ACL COMMANDS Parameter acl-number: Specifies a basic ACL with a number in the range of 1 to 99. inbound: Perform ACL control over the users that telnet to the local switch. outbound: Perform ACL control over the users that telnet to other switches from the local switch. Description Use the acl command to call an ACL and perform ACL control over the TELNET users. This command calls numbered basic ACL only.
Logon user’s ACL Control Command 297 Example Configures MyCompany as the community name, allows read-only access to the switch by the name, meanwhile, performs the ACL control to the network management user by ACL 20. (Suppose ACL 20 has been defined.
CHAPTER 7: USING QOS/ACL COMMANDS Example Creates a new SNMP group: MyCompany, and perform the ACL control to the group through ACL 21. (Suppose ACL 21 has been defined.
Logon user’s ACL Control Command ■ 299 Use the undo snmp-agent usm-user command to cancel a user from corresponding SNMP group,meanwhile delete the configuration of the user’s ACL control. Example Add a user John for MyGroup (an SNMP group), configure to authenticate with HMAC-MD5-96 and set authentication password as hello, meanwhile perform the ACL control to the user through ACL 20 (suppose ACL 20 has been defined).
CHAPTER 7: USING QOS/ACL COMMANDS
8 USING STP COMMANDS This chapter describes how to use the following commands: RSTP Configuration Commands ■ display stp ■ reset stp ■ stp ■ stp bpdu-protection ■ stp cost ■ stp edged-port ■ stp loop-protection ■ stp mcheck ■ stp mode ■ stp point-to-point ■ stp port priority ■ stp priority ■ stp root primary ■ stp root secondary ■ stp root-protection ■ stp timeout-factor ■ stp timer forward-delay ■ stp timer hello ■ stp timer max-age ■ stp transit-limit MSTP Configu
CHAPTER 8: USING STP COMMANDS RSTP Configuration Commands ■ stp ■ stp bpdu-protection ■ stp bridge-diameter ■ stp bridge-priority ■ stp edged-port ■ stp instance cost ■ stp instance port priority ■ stp instance root primary ■ stp instance root secondary ■ stp interface ■ stp interface edged-port ■ stp interface instance cost ■ stp interface instance port priority ■ stp interface loop-protection ■ stp interface mcheck ■ stp interface point-to-point ■ stp interface root
RSTP Configuration Commands 303 View All views Parameter interface_list: Specifies the Ethernet port list, including multiple Ethernet ports. Expressed as interface _list={ { interface_type interface_num | interface_name } [ to { interface_type interface_num | interface_name } ] }&<1-10>. For details about interface_type, interface_num and interface_name, refer to the Port Command Manual. &<1-10> indicates the preceding parameter can be input up to 10 times.
CHAPTER 8: USING STP COMMANDS interface_name } [ to { interface_type interface_num | interface_name } ] }&<1-10>. For details about interface_type, interface_num and interface_name, refer to the Port Command Manual. &<1-10> indicates the preceding parameter can be input up to 10 times. Description Using the reset stp command, you can reset the statistics information about Rapid Spanning Tree Protocol (RSTP). This command can be used to clear the statistics information about a specified port.
RSTP Configuration Commands 305 Example Enable RSTP on a switch. [SW7700]stp enable Disable RSTP on Ethernet1/0/1. [SW7700-Ethernet1/0/1]stp disable stp bpdu-protection Syntax stp bpdu-protection undo stp bpdu-protection View System view Parameter None Description Using the stp bpdu-protection command, you can enable BPDU protection on a switch. Using the undo stp bpdu-protection command, you can resume the default status of BPDU protection function. By default, BPDU protection is not enabled.
CHAPTER 8: USING STP COMMANDS Parameter cost: Specifies the path cost, ranging from 1 to 200000. Description Using the stp cost command, you can configure the path cost on a spanning tree for the current Ethernet port. Using the undo stp cost command, you can restore the default cost. By default, the bridge gets the path cost directly through the speed of the link connected to the port. The path cost of an Ethernet port is related to the link speed. You can refer to the following table.
RSTP Configuration Commands 307 If the current Ethernet port is connected to other switch, you can use the stp edged-port disable or undo stp edged-port command to specify it as a non-edge port. The stp edged-port enable command can be used to configure the current Ethernet port as an edge port. All the Ethernet ports have been set to non-edge ports by initialization.
CHAPTER 8: USING STP COMMANDS If there is any bridge running STP on the segment connected to the current Ethernet port, the port will switch to run RSTP in STP compatible mode. If the network is rather stable, even when the bridge running STP on the segment is removed, the corresponding port will still work in the STP compatible mode. In this case, you can use this command to force the port to work in RSTP mode.
RSTP Configuration Commands 309 View Ethernet port view Parameter force-true: Indicates that the link to the current Ethernet port is point-to-point link. force-false: Indicates that the link to the current Ethernet port is not point-to-point link. auto: Specifies to check if the link to the Ethernet port is point-to-point link or not automatically. Description Using the stp point-to-point command, you can configure the link to the current Ethernet port as point-to-point link or not point-to-point link.
CHAPTER 8: USING STP COMMANDS Example Set the priority of Ethernet1/0/1 to 64. [SW7700-Ethernet1/0/1]stp port priority 64 stp priority Syntax stp priority bridge-priority undo stp priority View System view Parameter bridge-priority: Specifies the priority of a switch, ranging from 0 to 61440. The values are not consecutive integers. The step length is 4096. By default, the value is 32768. Description Using the stp priority command, you can configure the bridge priority of the switch.
RSTP Configuration Commands 311 CAUTION: In a switching network, you can configure no more than one primary root for a spanning tree but you can configure one or more secondary roots for it. Remember not to designate more than one primary root in a spanning tree; otherwise, the calculation result will be unpredictable. After a switch is configured as primary root switch or secondary root switch, user can’t modify the bridge priority of the switch.
CHAPTER 8: USING STP COMMANDS View Ethernet port view Parameter None Description Using the stp root-protection command, you can enable Root protection function on a switch. Using the undo stp root-protection command, you can restore the default status of Root protection function. By default, Root protection is not enabled.
RSTP Configuration Commands 313 interval to a longer time by define the multiple of hello time. The stp timeout-factor command can be used to modify the value of multiple. It is recommended to set 5, 6 or 7 as the value of multiple in the steady network. Example Set the multiple value of hello time to 7.
CHAPTER 8: USING STP COMMANDS Description Using the stp timer hello command, you can configure hello time of the switch. Using the undo stp timer hello command, you can restore the default hello time. The Ethernet switch transmits RSTP packets every hello time. The longer hello time can ease the load of the switch, but it will also affect the performances of RSTP. The stp timer hello command can be used to modify the value of hello time. The default value is recommended.
MSTP Configuration Commands 315 View Ethernet port view Parameter packetnum: Specifies the maximum transmission speed of the port, ranging from 1 to 255. (It is a counter without unit.) By default, the value is 3. Description Using the stp transit-limit command, you can configure a limit to the transmission speed of the current Ethernet port. Using the undo stp transit-limit command, you can restore the default speed limit.
CHAPTER 8: USING STP COMMANDS Related commands: instance, region-name, revision-level, vlan-mapping modulo, check region-configuration. Example Manually activate MST region configurations.
MSTP Configuration Commands display stp 317 Syntax display stp [ instance instance-id ] [ interface interface-list ] [ brief ] View All views Parameter instance-id: Specifies the spanning tree instance ID, ranging from 0 to 48. interface-list: Ethernet port list, containing multiple Ethernet ports and expressed as interface _list = { { interface_type interface_num | interface_name } [ to { interface_type interface_num | interface_name } ] }&<1-10>.
CHAPTER 8: USING STP COMMANDS 4 MSTIs port parameter: Port state, role, priority, path cost, designated bridge, and Remaining Hops. Statistics information: Count of TCN, CONFIG BPDU, RST, and MST BPDU transmitted/received via the port. Related command: reset stp. Example Display the state and statistics information about the spanning tree.
MSTP Configuration Commands 319 Related command: stp region-configuration. Example Display the MST region configuration information. display stp region-configuration Oper.
CHAPTER 8: USING STP COMMANDS A VLAN cannot be mapped to different instances at the same time. The latter configured association will replace the former one. Related commands: region-name, revision-level, check region-configuration, vlan-mapping modulo, active region-configuration. Example Map VLAN 2 to STI 1.
MSTP Configuration Commands 321 Parameter interface-list: Ethernet port list, containing multiple Ethernet ports and expressed as interface _list = { { interface_type interface_num | interface_name } [ to { interface_type interface_num | interface_name } ] }&<1-10>. For detail descriptions of interface_type, interface_num and interface_name parameters, refer to the corresponding descriptions in Port Command Manual. &<1-10> means that the preceding parameters can be entered up to 10 times.
CHAPTER 8: USING STP COMMANDS Example Set the MSTP revision level of the switch MST region to 5. [SW7700-mst-region]revision-level 5 stp Syntax stp { enable | disable } undo stp View System view, Ethernet port view Parameter enable: Enables global or port MSTP. disable: Disables global or port MSTP. Description ■ Use the stp command to enable or disable MSTP on a device or a port. ■ Use the undo stp command to restore the default MSTP state on a device or a port.
MSTP Configuration Commands 323 Parameter None Description ■ Use the stp bpdu-protection command to enable the BPDU protection on the switch. ■ Use the undo stp bpdu-protection command to restore the default state of BPDU protection. By default, BPDU protection is disabled. Generally, the access ports of the access layer devices are directly connected to user terminals (such as PC) or file servers. In this case, the access ports are set to edge ports to implement fast state transition.
CHAPTER 8: USING STP COMMANDS The stp bridge-diameter command configures the switching network diameter and determines the three time parameters of MSTP accordingly. This configuration takes effect on CIST only but makes no sense for MSTI. The spanning tree convergence can be speeded up, when Hello Time, Forward Delay, and Max Age are well configured. These parameters are related to the network scale. You can configure the network scale to get the time parameters.
MSTP Configuration Commands stp edged-port 325 Syntax stp edged-port { enable | disable } undo stp edged-port View Ethernet port view Parameter enable: Configure the current port as an edge port. disable: Configure the current port as a non-edge port. Description ■ Use the stp edged-port enable command to configure the current Ethernet port as an edge port. ■ Use the stp edged-port disable command to configure the current Ethernet port as a non-edge port.
CHAPTER 8: USING STP COMMANDS View Ethernet port view Parameter instance instance-id: Specifies the spanning tree instance ID, ranging from 0 to 16. The Instance 0 represents CIST. cost cost: Specifies the port path cost, ranging from 1 to 200000. Description ■ Use the stp instance cost command to configure the port path cost on the specified STI for the current port. ■ Use the undo stp instance cost command to restore the path cost on the specified STI.
MSTP Configuration Commands ■ 327 Use the undo stp instance port priority command to restore the default priority of the port on the specified STI. You may specify the instance-id parameter as 0 to configure CIST priority of the port. The port priority has effect on the port role selection. A port can be configured with different priorities on different MSTIs. Thus the traffic from different VLANs can run over different physical links, thereby implementing the VLAN-based load-balancing.
CHAPTER 8: USING STP COMMANDS recommended to set the network diameter to get the other two time parameter of the switch accordingly. CAUTION: In a switching network, you can configure only one root bridge for each STI and one or more secondary switches. Do not configure more than one root bridge for an STI at the same time, otherwise, the calculation result will be unpredictable.
MSTP Configuration Commands 329 parameters, Forward Delay and Max Age, of the switch can be determined. To configure the current switch as the root bridge of CIST, simply specify instance-id as 0. You can configure only one root bridge for an STI and one or more secondary root bridges for it. After a switch is configured as primary root switch or secondary root switch, you cannot modify the bridge priority of the switch.
CHAPTER 8: USING STP COMMANDS stp interface edged-port Syntax stp interface interface-list edged-port {enable | disable } undo stp interface interface-list edged-port View System view Parameter interface-list: Ethernet port list, containing multiple Ethernet ports and expressed as interface _list = { { interface_type interface_num | interface_name } [ to { interface_type interface_num | interface_name } ] }&<1-10>.
MSTP Configuration Commands stp interface instance cost 331 Syntax stp interface interface-list instance instance-id cost cost undo stp interface interface-list instance instance-id cost View System view Parameter interface-list: Ethernet port list, containing multiple Ethernet ports and expressed as interface _list = { { interface_type interface_num | interface_name } [ to { interface_type interface_num | interface_name } ] }&<1-10>.
CHAPTER 8: USING STP COMMANDS Example Set the path cost of Ethernet5/0/3 on STI 2 to 400 in system view: [SW7700]stp interface Ethernet5/0/3 instance 2 cost 400 stp interface instance port priority Syntax stp interface interface-list instance instance-id port priority priority undo stp interface interface-list instance instance-id port priority View System view Parameter interface-list: Ethernet port list, containing multiple Ethernet ports and expressed as interface _list = { { interface_type inte
MSTP Configuration Commands 333 undo stp interface interface-list loop-protection View System view Parameter interface-list: Ethernet port list, containing multiple Ethernet ports and expressed as interface _list = { { interface_type interface_num | interface_name } [ to { interface_type interface_num | interface_name } ] }&<1-10>. For detail descriptions of interface_type, interface_num and interface_name parameters, refer to the corresponding descriptions in Port Command Manual.
CHAPTER 8: USING STP COMMANDS and cannot automatically transit back to MSTP mode. In this case, you can perform mCheck operation to transit the port to MSTP mode by force. Related command: stp mcheck, stp mode. Example Set mcheck parameter of Ethernet5/0/3 in system view.
MSTP Configuration Commands 335 port not physically connected with the point-to-point link as connected to such a link by force. Related command: stp point-to-point. Example Configure Ethernet5/0/3 to be connected to the point-to-point link in system view.
CHAPTER 8: USING STP COMMANDS Example Enable Root protection on the Ethernet5/0/1.
MSTP Configuration Commands 337 Parameter None Description ■ Use the stp loop-protection command to enable loop protection function. ■ Use the undo stp loop-protection command to restore the restore setting. By default, the loop protection function is not enabled. Example Enable loop protection function in Ethernet5/0/1. [SW7700-Ethernet5/0/1]stp loop-protection stp max-hops Syntax stp max-hops hop undo stp max-hops View System view Parameter hop: Specifies the max hops, ranging from 1 to 40.
CHAPTER 8: USING STP COMMANDS Parameter None Description Use the stp mcheck command to perform an mcheck on the current port. If a port of an MSTP switch on a switching network has ever been connected to an STP switch, the port will automatically transit to operate in STP-compatible mode. However, when the STP switch is removed, the port stays in STP-compatible mode and cannot automatically transit back to MSTP mode.
MSTP Configuration Commands 339 Example Set MSTP operation mode as STP-compatible. [SW7700]stp mode stp stp point-to-point Syntax stp point-to-point { force-true | force-false | auto } undo stp point-to-point View Ethernet port view Parameter force-true: Indicates the Ethernet port connected to a point-to-point link. force-false: Indicates the Ethernet port not connected to a point-to-point link. auto: Configure to automatically check if the link to the Ethernet port is a point-to-point link.
CHAPTER 8: USING STP COMMANDS View System view Parameter None Description ■ Use the stp region-configuration command to enter MST region view. ■ Use the undo stp region-configuration command to restore the default MSTP region configurations. By default, the three MST region parameters take the default values. The MST region name of the switch is the first MAC address, all the VLANs are mapped to CIST, and MSTP revision level takes 0.
MSTP Configuration Commands 341 MSTP provides Root protection function to protect the root bridge: The port configured with Root protection only plays a role of designated port on every instance. Whenever such port receives a higher-priority BPDU, it will be set to listening state and not forward packets any more (as if the link to the port is disconnected). If the port has not received any higher-priority BPDU for a certain period of time thereafter, it will resume the normal state.
CHAPTER 8: USING STP COMMANDS diameter of the switching network, so that MSTP can automatically calculate and give the moderate values for the time parameters. Related commands: stp timer hello, stp timer max-age, stp bridge-diameter. Example Set the Forward Delay of the device to 2000 centiseconds.
MSTP Configuration Commands 343 Example Set Hello Time of the switch 300 centiseconds. [SW7700]stp timer hello 300 stp timer max-age Syntax stp timer max-age centi-seconds undo stp timer max-age View System view Parameter centiseconds: Specifies the Max Age, ranging from 600 to 4000 and measured with centiseconds. By default, the Max Age of the switch is 2000 centiseconds. Description ■ Use the stp timer max-age command to configure the Max Age of the switch.
CHAPTER 8: USING STP COMMANDS stp transit-limit Syntax stp transit-limit packetnum undo stp transit-limit View Ethernet port view Parameter packetnum: Specifies the amount limit to the transmitted packets, ranging from 1 to 255 (expressed as a counter value without any units). By default, the value is 3. Description ■ Use the stp transit-limit command to configure an amount limit to the configuration BPDU transmitted via a port during the Hello Time.
MSTP Configuration Commands 345 ID-1) %modulo performs modulo operation on (VLAN ID-1). Taking the operation modulo 16 as an example, vlan 1 maps to MSTI 1, vlan 2 maps to MSTI2 ...vlan 16 maps to MSTI16, vlan 17 maps to MSTI 1, and so on.) Related commands: region-name, revision-level, display configuration, active configuration. Example Map VLAN to STI modulo 16.
CHAPTER 8: USING STP COMMANDS
9 USING AAA AND RADIUS COMMANDS This chapter describes how to use the following commands: 802.
CHAPTER 9: USING AAA AND RADIUS COMMANDS RADIUS Protocol Configuration Commands 802.
802.1x Configuration Commands 349 interface-list: Ethernet interface list including several Ethernet interfaces, expressed in the format interface-list = { interface-num [ to interface-num ] } & < 1-10 >. interface-num specifies a single Ethernet interface in the format interface-num = { interface-type interface-num | interface-name }, where interface-type specifies the interface type, interface-num specifies the interface number and interface-name specifies the interface name.
CHAPTER 9: USING AAA AND RADIUS COMMANDS Ethernet1/0/1 is link-down 802.
802.1x Configuration Commands 351 Related commands: display dot1x. Example Enable 802.1x on Ethernet 1/0/1. [SW7700]dot1x interface ethernet 1/0/1 Enable the 802.1x globally. [SW7700]dot1x dot1x authentication-method Syntax dot1x authentication-method { chap | pap | eap md5-challenge } undo dot1x authentication-method View System view Parameter Chap: Use CHAP authentication method. Pap: Use PAP authentication method. EAP: Use EAP authentication method.
CHAPTER 9: USING AAA AND RADIUS COMMANDS Example Configure 802.1x user to use PAP authentication [SW7700]dot1x authentication-method pap dot1x dhcp-launch Syntax dot1x dhcp-launch undo dot1x dhcp-launch View System view Parameter None Description ■ Use the dot1x dhcp-launch command to configure whether 802.1x enables the Ethernet switch to launch the user ID authentication when the supplicant runs DHCP and applies for dynamic IP addresses.
802.1x Configuration Commands 353 interface interface-list: Ethernet interface list including several Ethernet interfaces, expressed in the format interface-list = { interface-num [ to interface-num ] } & < 1-10 >. interface-num specifies a single Ethernet interface in the format interface-num = { interface-type interface-num | interface-name }, where interface-type specifies the interface type, interface-num specifies the interface number and interface-name specifies the interface name.
CHAPTER 9: USING AAA AND RADIUS COMMANDS interface interface-list: Ethernet interface list including several Ethernet interfaces, expressed in the format interface-list = { interface-num [ to interface-num ] } & < 1-10 >. interface-num specifies a single Ethernet interface in the format interface-num = { interface-type interface-num | interface-name }, where interface-type specifies the interface type, interface-num specifies the interface number and interface-name specifies the interface name.
802.1x Configuration Commands 355 the format interface-num = { interface-type interface-num | interface-name }, where interface-type specifies the interface type, interface-num specifies the interface number and interface-name specifies the interface name. For the respective meanings and value ranges, see the parameters in the Port Command chapter. Description ■ Use the dot1x port-method command to configure the base for 802.1x to perform access control on the specified interface.
CHAPTER 9: USING AAA AND RADIUS COMMANDS If an 802.1x user has not passed the authentication, the Authenticator will keep quiet for a while (which is specified by quiet-period timer) before launching the authentication again. During the quiet period, the Authenticator does not do anything related to 802.1x authentication. Related command: display dot1x, dot1x timer. Example Enable quiet-period timer.
802.1x Configuration Commands dot1x supp-proxy-check 357 Syntax dot1x supp-proxy-check { logoff | trap } [ interface interface-list ] undo dot1x supp-proxy-check { logoff | trap } [ interface interface-list ] View System view and Ethernet interface view Parameter logoff: Deny the logon of the access user via proxy. trap: Allow logon of the user via proxy, but the switch will send trap message.
CHAPTER 9: USING AAA AND RADIUS COMMANDS dot1x timer Syntax dot1x timer { quiet-period quiet-period-value | server-timeout server-timeout-value | supp-timeout supp-timeout-value | tx-period tx-period-value } undo dot1x timer { quiet-period | server-timeout | supp-timeout | tx-period } View System view Parameter quiet-period: Specify the quiet timer. If an 802.
802.1x Configuration Commands 359 Related command: display dot1x. Example Set the Authentication Server timeout timer is 150s. [SW7700]dot1x timer server-timeout 150 dot1x timer handshake-period Syntax dot1x timer handshake-period interval undo dot1x timer handshake-period View system view Parameter interval: handshake period, range from 1 to 1024, unit in second. Description ■ Use the dot1x timer handshake-period command to set the handshake period of 802.1x.
CHAPTER 9: USING AAA AND RADIUS COMMANDS Description Use the reset dot1x statistics command to reset the statistics information of 802.1x. This command can be used to re-perform information statistics if the user wants to delete the former statistics information of 802.1x. When the original statistics information is cleared, if no port type or port number is specified, the global 802.1x statistics information of the switch and 802.1x statistics information on all the ports will be cleared.
AAA Configuration Commands attribute 361 Syntax attribute { ip ip-address | mac mac-address | idle-cut second | access-limit max-user-number | vlan vlanid | location [ nas-ip ip-address ] port portnum } undo attribute {ip | mac | idle-cut | access-limit | vlan |location } View Local user view Parameter idle-cut second: Allows/Disallows the local users to enable the idle-cut function. (The specific data for this function depends on the configuration of the ISP domain where the users locate.
CHAPTER 9: USING AAA AND RADIUS COMMANDS cut connection Syntax cut connection { all | access-type { dot1x | gcm } | domain domain-name | interface portnum | ip ip-address | mac mac-address | radius-scheme radius-scheme-name | vlan vlanid | ucibindex ucib-index | user-name user-name } View System view Parameter all: Configures to disconnect all connection. access-type { dot1x | gcm }: Configures to cut a category of connections according to logon type. dot1x means the 802.1x users.
AAA Configuration Commands 363 Related command: display connection. Example Cut all the connections in the ISP domain, marlboro.net. [SW7700]cut connection domain marlboro.
CHAPTER 9: USING AAA AND RADIUS COMMANDS This command displays the information about a specified or all the users. The output can help you with the user connection diagnosis and troubleshooting. Related command: cut connection. Example Display the relevant information of all the users. display connection Total 0 connections matched ,0 listed.
AAA Configuration Commands 365 Parameter domain isp-name: Configures to display all the local users in the specified ISP domain. isp-name specifies the ISP domain name with a character string not exceeding 24 characters. The specified ISP domain shall have been created. idle-cut: Configures to display the local users according to the state of idle-cut function. disable means that the user disables the idle-cut function and enable means the user enables the function.
CHAPTER 9: USING AAA AND RADIUS COMMANDS View System view Parameter isp-name: Specifies an ISP domain name. The name is expressed with a character string not exceeding 24 characters, excluding “/”, “: ”, “*”, “? ”, “<”, and “>”. default: configure default ISP. disable: Disable default ISP configuration. enable: Enable default ISP configuration. Description ■ Use the domain command to configure an ISP domain or enter the view of an existing ISP domain.
AAA Configuration Commands idle-cut 367 Syntax idle-cut { disable | enable minute flow } View ISP domain view Parameter disable: means disabling the user to use idle-cut function . enable: means enabling the user to use the function. minute: Specifies the maximum idle time, ranging from 1 to 120 and measured in minutes. flow: The minimum data traffic, ranging from 1 to 10,240,000 and measured in bytes. Description Use the idle-cut command to configure the user template in the current ISP domain.
CHAPTER 9: USING AAA AND RADIUS COMMANDS View System view Parameter user-name: Specifies a local username with a character string not exceeding 32 characters, excluding “/”, “:”, “*”, “?”, “<” and “>”. The @ character can only be used once in one username. The pure username (the part before @, namely the user ID) cannot exceed 24 characters. service-type: Specifies the service type. telnet means that: the specified user type is telnet. ftp means that: the specified user type is ftp.
AAA Configuration Commands 369 If cipher-force has been adopted, the user efforts of specifying to display passwords in simple text will render useless. The password display mode of all the accessing users defaults to auto. Related commands: display local-user, password. Example Force all the accessing users to display passwords in cipher text.
CHAPTER 9: USING AAA AND RADIUS COMMANDS Parameter radius-scheme-name: Specifies a RADIUS server group, with a character string not exceeding 32 characters. Description Use the radius-scheme command to configure the RADIUS server group used by the current ISP domain. After an ISP domain is created, it uses the default RADIUS server group (named “default”. For configuration of relevant parameters, read the RADIUS Configuration section of this chapter) of the system.
AAA Configuration Commands 371 Example Set to provide the lan-access service for the user JohnQ. [SW7700-user-JohnQ]service-type lan-access state Syntax state { active | block } View ISP domain view Local user view Parameter active: Configures the current ISP domain (ISP domain view)/current user (local user view) as being in active state, that is, the system allows the users in the domain (ISP domain view) or the current user (local user view) to request network service.
CHAPTER 9: USING AAA AND RADIUS COMMANDS RADIUS Protocol Configuration Commands data-flow-format This section describes how to use the RADIUS Protocol configuration commands on your Switch 7700. Syntax data-flow-format data [ byte | giga-byte | kilo-byte | mega-byte ] packet [ giga-byte | kilo-byte | mega-byte | one-packet ] View RADIUS server group view Parameter data: Set data unit. byte: Set 'byte' as the unit of data flow. giga-byte: Set 'giga-byte' as the unit of data flow.
RADIUS Protocol Configuration Commands 373 Parameter None Description Use the display local-server statistics command to view the configuration information of local RADIUS server group. Related command: local-server. Example Display local RADIUS server group information.
CHAPTER 9: USING AAA AND RADIUS COMMANDS Retry sending times of noresponse acct-stop-PKT =500 Username format =with-domain Data flow unit =Byte Packet unit =1 -----------------------------------------------------------------ServerName =3Com Index=1 Type=standard Primary Auth IP =10.11.1.1 Port=1812 State=Up Primary Acct IP =10.11.1.2 Port=1813 State=Up Second Auth IP =10.11.1.2 Port=1812 State=Up Second Acct IP =10.11.1.
RADIUS Protocol Configuration Commands Code= 2,Num=0 Code= 3,Num=0 Code= 5,Num=0 Code=11,Num=0 Code=22,Num=0 375 ,Err=0 ,Err=0 ,Err=0 ,Err=0 ,Err=0 Running statistic: RADIUS received messages statistic: Normal auth request ,Num=0 EAP auth request ,Num=0 Account request ,Num=0 Account off request ,Num=0 Leaving request ,Num=0 PKT auth timeout ,Num=0 PKT acct_timeout ,Num=0 Realtime Account ,Num=2317 PKT response ,Num=0 EAP reauth_request ,Num=0 PORTAL access ,Num=0 Update ack ,Num=0 PORTAL access ack ,Nu
CHAPTER 9: USING AAA AND RADIUS COMMANDS specifies the RADIUS server name with a character string not exceeding 32 characters, excluding “/”, “:”, “*”, “?”, “<” and “>”. session-id session-id: Configures to display the saved stopping accounting requests according to the session ID. session-id specifies the session ID with a character string not exceeding 50 characters. time-range start-time stop-time: Configures to display the saved stopping accounting requests according to the saving time.
RADIUS Protocol Configuration Commands 377 Parameter accounting: Configures to set/delete the authentication key for the RADIUS accounting packet. authentication: Configures to set/delete the encryption key for RADIUS authentication/authorization packet. string: Specifies the key with a character string not exceeding 16 characters, excluding “/”, “: ”, “*”, “? ”, “<” and “>”. By default, the key is “3Com”.
CHAPTER 9: USING AAA AND RADIUS COMMANDS Description ■ Use the local-server command to configure the parameters of local RADIUS server. ■ Use the undo local-server command to cancel a local RADIUS server. RADIUS service, which adopts authentication/authorization/accounting servers to manage users, is widely used in SW7700 switches. Besides, local authentication/authorization/accounting service is also used in these products and it is called local RADIUS function, i.e.
RADIUS Protocol Configuration Commands 379 Related commands: key, radius scheme, state. Example Set the IP address of the primary accounting server of RADIUS server group, “3Com”, to 10.110.1.2 and the UDP port 1813 to provide RADIUS accounting service. [SW7700-radius-3Com]primary accounting 10.110.1.2 1813 primary authentication Syntax primary authentication ip-address [ port-number ] undo primary authentication View RADIUS server group view Parameter ip-address: IP address, in dotted decimal format.
CHAPTER 9: USING AAA AND RADIUS COMMANDS View System view Parameter radius-server-name: Specifies the Radius server name with a character string not exceeding 32 characters, excluding “/”, “:”, “*”, “?”, “<” and “>”. Description ■ Use the radius scheme command to configure a RADIUS server group and enter its view. ■ Use the undo radius scheme command to cancel the specified RADIUS server group. By default, there is RADIUS server group named “default” has been created in the system.
RADIUS Protocol Configuration Commands 381 name. radius-server-name specifies the RADIUS server name with a character string not exceeding 32 characters, excluding “/”, “:”, “*”, “?”, “<” and “>”. session-id session-id: Configures to delete the stopping accounting requests from the buffer according to the specified session ID. session-id specifies the session ID with a character string not exceeding 50 characters.
CHAPTER 9: USING AAA AND RADIUS COMMANDS View RADIUS server group view Parameter retry-times: Specifies the maximum times of retransmission, ranging from 1 to 20. By default, the value is 3. Description ■ Use the retry command to configure the RADIUS request retransmission times. ■ Use the undo retry command to restore the retry-times to default value. Because RADIUS protocol uses UDP packets to carry the data, its communication process is not reliable.
RADIUS Protocol Configuration Commands 383 NAS will disconnect the user if it has not received real-time accounting response from RADIUS server for some specified times. How to calculate the value of count? Suppose RADIUS server connection will timeout in T and the real-time accounting interval of NAS is t, then the integer part of the result from dividing T by t is the value of count. Therefore, when applied, T is suggested the numbers which can be divided exactly by t. Related command: radius scheme.
CHAPTER 9: USING AAA AND RADIUS COMMANDS undo secondary accounting View RADIUS server group view Parameter ip-address: IP address, in dotted decimal format. By default, the IP addresses of second accounting server is at 0.0.0.0. port-number: Specifies the UDP port number, ranging from 1 to 65535. By default, the accounting service is provided via UDP 1813. Description ■ Use the secondary accounting command to configure the IP address and port number for the second RADIUS accounting server.
RADIUS Protocol Configuration Commands 385 Related commands: key, radius scheme, state. Example Set the IP address of the second authentication/authorization server of RADIUS server group, “3Com”, to 10.110.1.2 and the UDP port 1812 to provide RADIUS authentication/authorization service. [SW7700-radius-3Com]secondary authentication 10.110.1.
CHAPTER 9: USING AAA AND RADIUS COMMANDS state Syntax state { primary | secondary } { accounting | authentication } { block | active } View RADIUS server group view Parameter primary: Configures to set the state of the primary RADIUS server. secondary: Configures to set the state of the second RADIUS server. accounting: Configures to set the state of RADIUS accounting server. authentication: Configures to set the state of RADIUS authentication/authorization.
RADIUS Protocol Configuration Commands 387 View RADIUS server group view Parameter None Description ■ Use the stop-accounting-buffer enable command to configure to save the stopping accounting requests without response in the switch system buffer. ■ Use the undo stop-accounting-buffer enable command to cancel the function of saving the stopping accounting requests without response in the switch system buffer. By default, enable to save the stopping accounting requests in the buffer.
CHAPTER 9: USING AAA AND RADIUS COMMANDS is controlled by the RADIUS server response timeout timer in the switch system. This command is used to set this timer. Setting a suitable timer according to the network situation will enhance the system performance. Related commands: radius scheme, retry. Example Set the response timeout timer of RADIUS server group, 3Com, to 5 seconds.
RADIUS Protocol Configuration Commands 389 Example Set the real-time accounting interval of RADIUS server group, “3Com”, to 51 minutes. [SW7700-radius-3Com]timer realtime-accounting 51 user-name-format Syntax user-name-format { with-domain | without-domain } View RADIUS server group view Parameter with-domain: Specifies to send the username with domain name to RADIUS server. without-domain: Specifies to send the username without domain name to RADIUS server.
CHAPTER 9: USING AAA AND RADIUS COMMANDS
10 USING RELIABILITY COMMANDS This chapter describes how to use the following commands: VRRP Configuration Commands ■ debugging vrrp ■ display vrrp ■ vrrp authentication-mode ■ vrrp method ■ vrrp ping-enable ■ vrrp vrid preempt-mode ■ vrrp vrid priority ■ vrrp vrid timer ■ vrrp vrid track ■ vrrp vrid virtual-ip HA Configuration Commands VRRP Configuration Commands debugging vrrp ■ display switch state ■ slave restart ■ slave switchover ■ slave update config This section descr
CHAPTER 10: USING RELIABILITY COMMANDS Description ■ Use the debugging vrrp command to enable VRRP debugging. ■ Use the undo debugging vrrp command to disable VRRP debugging. By default, VRRP debugging is disabled. Example Enable VRRP state debugging. debugging vrrp state display vrrp Syntax display vrrp [{ interface | statistics } vlan-interface interface-num ] [ virtual-router-ID ] View All views.
VRRP Configuration Commands 393 View VLAN interface view. Parameter type: Authentication type. There are following types: simple: Indicates to perform simple character authentication. md5: Indicates to perform the AH authentication with MD5 algorithm. key: Authentication key. When simple authentication is configured, the key cannot exceed 8 characters. When md5 authentication is configured, the key cannot exceed 16 characters.
CHAPTER 10: USING RELIABILITY COMMANDS Description ■ Use the vrrp method command to set correspondence between the MAC address and the virtual IP address of the backup group: matching the real MAC address or the virtual address with the virtual IP address. ■ Use the undo vrrp method command to reset the correspondence to the default value. By default, the switch matches the virtual MAC address with the IP address of the backup group.
VRRP Configuration Commands vrrp vrid preempt-mode 395 Syntax vrrp vrid virtual-router-ID preempt-mode [ timer delay delay-value ] undo vrrp vrid virtual-router-ID preempt-mode View VLAN interface view. Parameter virtual-router-ID: VRRP virtual router ID, ranging from 1 to 255. delay-value: Delay in seconds, ranging from 0 to 255. Description ■ Use the vrrp vrid preempt-mode command to configure the preemption and delay of the virtual router.
CHAPTER 10: USING RELIABILITY COMMANDS ■ Use the undo vrrp vrid priority command to clear the virtual router priority. The priority decides the status of a switch in the virtual router. A higher-priority switch is more likely to be a Master. Priority 0 is reserved for a special purpose. 255 is reserved for the IP address owner. The priority of the IP address owner is always 255 and cannot be modified. Example Set the virtual router priority on VLAN-interface2.
VRRP Configuration Commands 397 interface-name: Interface which is to be tracked, the interface form is VLAN-interface interface-num. value-reduced: Reduced value of priority, ranging from 1 to 255; By default, the reduced value of the priority is 10. Description ■ Use the vrrp vrid track command to configure tracking of the interface. ■ Use the undo vrrp vrid track command to stop tracking the interface.
CHAPTER 10: USING RELIABILITY COMMANDS Add a virtual IP address to an existing virtual router. [SW7700-vlan-interface2]vrrp vrid 1 virtual-ip 10.10.10.11 Delete a virtual IP address. [SW7700-vlan-interface2]undo vrrp vrid 1 virtual-ip 10.10.10.10 Delete a virtual router. [SW7700-vlan-interface2]undo vrrp vrid 1 virtual-ip HA Configuration Commands display switch state This section describes how to use the HA configuration commands on your Switch 7700.
HA Configuration Commands 399 Example Implement the restart of the backup system. slave restart The slave will reset! Continue?[Y/N]:y slave switchover Syntax slave switchover View User view Parameter None Description Use the slave switchover command to perform manual switchover on master/slave system. The user can use this command to perform master/slave switchover. The master/slave switchover can be performed only when the slave board operates normally and the switchover is enabled.
CHAPTER 10: USING RELIABILITY COMMANDS system. When the command is performed once, the configuration file will be backup once, too. Related command: slave auto-update config. Example Achieve configuration files synchronization between master/slave systems. slave update config Now synchronizing startup-config to slave. Please wait for a while(2 minutes in worst case)... Command failed, please try it again! Synchronize startup-config to slave successfully.
11 USING SYSTEM MANAGEMENT COMMANDS This chapter describes how to use the following commands: File System Management Commands ■ cd ■ copy ■ delete ■ dir ■ file prompt ■ format ■ mkdir ■ more ■ move ■ pwd ■ rename ■ reset recycle-bin ■ rmdir ■ undelete Configuration File Management Commands ■ reset saved-configuration ■ save FTP Server Configuration Commands ■ display ftp-server ■ display ftp-user ■ ftp server ■ ftp timeout ■ local-user ■ password ■ service-type
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS ■ bye ■ cd ■ cdup ■ close ■ delete ■ dir ■ disconnect ■ ftp ■ get ■ lcd ■ ls ■ mkdir ■ passive ■ put ■ pwd ■ quit ■ remotehelp ■ rmdir ■ user ■ verbose TFTP Configuration Commands ■ tftp ■ tftp get ■ tftp put MAC Address Table Management Commands ■ display mac-address learning ■ display mac-address aging-time ■ display mac-address ■ mac-address ■ mac-address mac-learning disable ■ mac-address max-mac-
■ display bootloader ■ display cpu ■ display device ■ display environment ■ display fan ■ display memory ■ display power ■ reboot ■ reboot slot ■ temperature-limit Basic System Configuration and Management Commands ■ clock datetime ■ clock summer-time ■ clock timezone ■ sysname System Status and System Information Display Commands ■ display clock ■ display current-configuration ■ display debugging ■ display saved-configuration ■ display users ■ display version Sy
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS ■ info-center snmp channel ■ info-center source ■ info-center timestamp ■ info-center trapbuffer ■ rename channel ■ reset logbuffer ■ reset trapbuffer ■ terminal debugging ■ terminal logging ■ terminal monitor ■ terminal trapping SNMP Configuration Commands ■ display snmp-agent community ■ display snmp-agent ■ display snmp-agent group ■ display snmp-agent mib-view ■ display snmp-agent statistics ■ display snmp-agent sys-info
File System Management Commands ■ display rmon eventlog ■ display rmon history ■ display rmon prialarm ■ display rmon statistics ■ rmon alarm ■ rmon event ■ rmon history ■ rmon prialarm ■ rmon statistics 405 NTP Configuration Commands File System Management Commands ■ debugging ntp-service ■ display ntp-service sessions ■ display ntp-service status ■ display ntp-service trace ■ ntp-service access ■ ntp-service authentication enable ■ ntp-service authentication-keyid ■ nt
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Parameter directory: Destination directory. The default directory is the working path configured by the user when the system starts. Description Using the cd command, you can change the current user configuration path on the Ethernet Switch. Example Change the current working directory of the switch to flash. cd flash: pwd flash: copy Syntax copy fileurl-source fileurl-dest View User view Parameter fileurl-source: Source file name.
File System Management Commands 407 View User view Parameter file-url: Path and name of the file you want to delete. Description Using the delete command, you can delete a specified file from the storage device of the Ethernet Switch. The deleted files are kept in the recycle bin and will not be displayed when you use the dir command. However they will be displayed, using the dir /all command.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Directory of flash:/test/ 1 -rw- 248 Aug 29 2000 17:49:36 text.txt 2 -drw- 0 Oct 01 2000 18:42:53 3Com 3 -rw- 639 Oct 02 1997 12:09:32 foo 20578304 bytes total (3104544 bytes free) Display all files with the names starting with "t" in the directory flash:/test/ dir flash:/test/t* Directory of flash:/test/t* 1 -rw- 248 Aug 29 2000 17:49:36 text.
File System Management Commands 409 Example Configure the prompt mode of file operation as quiet. [SW7700]file prompt quiet format Syntax format filesystem View User view Parameter filesystem: Device name. Description Using the format command, you can format the storage device. Format operation will cause non-recoverable loss of all the files on the device. Specially, configuration files will be lost after formatting the flash memory.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS View User view Parameter file-url: File name. Description Using the more command, you can display content of specified file. At present, file system can display files in the text format. Example Display contents of file test.txt. more test.txt AppWizard has created this test application for you. This file contains a summary of what you will find in each of the files that make up your test application. Test.
File System Management Commands Move flash:/test/sample.txt to flash:/sample.txt. move flash:/test/sample.txt flash:/sample.txt Move flash:/test/sample.txt to flash:/sample.txt ?[confirm]:y % Moved file flash:/test/sample.txt flash:/sample.txt Display the directory after moving a file.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS If the destination file name is the same as an existing directory name, operation fails. If the destination file name is the same as an existing file name, prompt whether to overwrite. Example Display the current directory information. dir Directory of * 0 -rw2145718 Jul 12 2001 12:28:08 1 drw0 Jul 12 2001 19:41:20 2 -rw50 Jul 12 2001 20:26:48 16125952 bytes total (13970432 bytes free) vrp.bin test sample.txt Rename the file sample.
File System Management Commands 413 View User view Parameter directory: Directory name. Description Using the rmdir command, you can delete a directory. The directory to be deleted must be empty. Example Delete the directory altdir. rmdir altdir Rmdir dd?[confirm] Removed dir flash:/test/text.txt flash:/test/altdir undelete Syntax undelete file-url View User view Parameter file-url: Name of the file to be recovered. Description Using the undelete command, you can recover deleted file.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Display the information of all the files (including the deleted ones) in the current directory. dir /all Directory of * 0 -rw50 Jul 12 2001 20:34:19 1 -rw595 Jul 12 2001 20:13:19 16125952 bytes total (13972480 bytes free) Configuration File Management Commands reset saved-configuration sample.bak test.txt This section describes the commands you can use to manage the configuration files on your Switch 7700.
FTP Server Configuration Commands save 415 Syntax save View User view Parameter None Description Using the save command, you can save the current configuration files to Flash memory. After finishing a group of configurations and achieving corresponding functions, user should remember to get the current configuration files stored in the flash memory. Related commands: reset saved-configuration, display current-configuration, display saved-configuration.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS User count Timeout(minute) display ftp-user 0 30 Syntax display ftp-user View All views Parameter None Description Using the display ftp-user command, you can display the parameters of current FTP user. You can perform this command to examine the configuration after setting FTP parameters. Example Show the configuration of FTP user parameters.
FTP Server Configuration Commands 417 View System view Parameter minute: Connection timeouts (measured in minutes), ranging from 1 to 35791; The default connection timeout time is 30 minutes. Description Using the ftp timeout command, you can configure connection timeout interval. Using the undo ftp timeout command, you can restore the default connection timeout interval.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Related commands: display local-user, server-type. Example To add a local user named 3Com1, enter the following: [SW7700]local-user 3Com1 password Syntax password {simple | cipher } password undo password View Local user view Parameters simple: Specifies that passwords are displayed in simple text. cipher: Specifies that passwords are displayed in cipher text.
FTP Client Commands 419 level level: Enter the user level of the Telnet user, in the range 0 to 3. The default is 3. Optional. ftp: Specifies the user’s service type as FTP. ftp-directory directory: Enter an FTP directory, up to 64 characters in length. Optional. lan-access: Specifies the user’s service type as LAN access, which refers mainly to Ethernet users. Description Using the service-type command, you can configure a service type for a particular user.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS View FTP Client view Parameter None Description Using the binary command, you can configure file transmission type as binary mode. Example Configure to transmit data in the binary mode. [ftp]binary 200 Type set to B. bye Syntax bye View FTP Client view Parameter None Description Using the bye command, you can disconnect with the remote FTP Server and return to user view.
FTP Client Commands 421 This command is used to access another directory on FTP Server. Note that the user can only access the directories authorized by the FTP server. Example Change the working path to flash:/temp [ftp]cd flash:/temp cdup Syntax cdup View FTP Client view Parameter None Description Using the cdup command, you can change working path to the upper level directory. This command is used to exit the current directory and return to the upper level directory.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Parameter remotefile: File name. Description Using the delete command, you can delete the specified file. This command is used to delete a file. Example Delete the file temp.c [ftp]delete temp.c dir Syntax dir [ filename ] [ localfile ] View FTP Client view Parameter filename: File name to be queried. localfile: Saved local file name. Description Using the dir command, you can query a specified file.
FTP Client Commands 423 Example Terminate connection with the remote FTP Server and stays in FTP Client view. [ftp]disconnect ftp Syntax ftp [ ipaddress [ port ] ] View User view Parameter ipaddress: IP address of the remote FTP Server. port: Port number of remote FTP Server. Description Using the ftp command, you can establish control connection with the remote FTP Server and enter FTP Client view. Example Connect to FTP Server at the IP address 1.1.1.1 ftp 1.1.1.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS View FTP Client view Parameter None Description Using the lcd command, you can display local working path of FTP Client. Example Show local working path. [ftp]lcd % Local directory now flash:/temp ls Syntax ls [ remotefile ] [ localfile ] View FTP Client view Parameter remotefile: Remote file to be queried. localfile: Saved local file name. Description Using the ls command, you can query a specified file.
FTP Client Commands 425 Example Create the directory flash:/lanswitch on the remote FTP Server. [ftp]mkdir flash:/lanswitch passive Syntax passive undo passive View FTP Client view Parameter None Description Using the passive command, you can set the data transmission mode to be passive mode. Using the undo passive command, you can set the data transmission mode to be active mode. By default, the data transmission mode is passive mode Example Set the data transmission to passive mode.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS View FTP Client view Parameter None Description Using the pwd command, you can display the current directory on the remote FTP Server. Example Show the current directory on the remote FTP Server. [ftp]pwd "flash:/temp" is current directory. quit Syntax quit View FTP Client view Parameter None Description Using the quit command, you can terminate the connection with the remote FTP Server and return to user view.
FTP Client Commands 427 Example Show the syntax of the protocol command user. [ftp]remotehelp user 214 Syntax: USER rmdir Syntax rmdir pathname View FTP Client view Parameter pathname: Directory name of remote FTP Server. Description Using the rmdir command, you can delete the specified directory from FTP Server. Example Delete the directory flash:/temp1 from FTP Server.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Parameter None Description Using the verbose command, you can enable verbose. Using the undo verbose command, you can disable verbose. By default, verbose is disabled. Example Enable verbose. [ftp]verbose TFTP Configuration Commands This section describes the Trivial File Transfer Protocol (TFTP) Commands on your Switch 7700. tftp Syntax tftp { ascii | binary } View System view Parameter ascii: Text format. binary: Binary format.
TFTP Configuration Commands 429 Parameter //A.A.A.A/xxx.yyy: Information about the file to be downloaded from the TFTP server. A.A.A.A: IP address of the TFTP server. mmm.nnn: Specify the filename saved as after downloaded to the switch, which can be different from xxx.yyy. Description Using the tftp get command, you can download a file xxx.yyy from the specified directory of the TFTP server (at A.A.A.A) and saving it as mmm.nnn on the switch. For the related commands, see tftp, tftp put.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS MAC Address Table Management Commands display mac-address learning This section describes the commands you can use to manage the MAC Address Table on your Switch 7700. Syntax display mac-address learning [ interface-type interface-num | interface-name ] View All views Parameter interface-type: Specify the interface type. interface-num: Specify the interface number. interface-name: Specify the interface name.
MAC Address Table Management Commands 431 Example Display the aging time of the dynamic entry in the MAC address table. [SW7700]display mac-address aging-time mac-address timer: 300s The above information indicates that the aging time of the dynamic entry in the MAC address is 300s.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS mac-address Syntax mac-address { static | dynamic } mac-addr interface { interface-name | interface-type interface-num } vlan vlan-id undo mac-address [ static | dynamic ] [ [ mac-addr ] interface [interface-name | interface-type interface-num ] vlan vlan-id ] View System view Parameter static: Static table entry, lost after resetting switch. dynamic: Dynamic table entry, which will be aged. mac-addr: Specify the MAC address.
MAC Address Table Management Commands mac-address mac-learning disable 433 Syntax mac-address mac-learning disable undo mac-address mac-learning disable View System view, Ethernet port view Parameter disable: Disable the address learning. Description Using the mac-address mac-learning disable command, you can disable the MAC address learning function of the switch or one of its port. Using the undo mac-address mac-learning disable command, you can enable the MAC address learning function.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Use the undo mac-address-table max-mac-count command to cancel the maximum limit on the number of MAC addresses learned by an Ethernet port. This is the default. If you set no maximum limit, the MAC address table controls the number of MAC addresses a port can learn.
Device Management Commands 435 Example Configure the entry aging time of Layer-2 dynamic address table to be 500 seconds. [SW7700]mac-address timer aging 500 Device Management Commands boot bootloader This section describes the device management commands available on your Switch 7700. Syntax boot bootloader file-url View User view Parameter file-url: Path and name of APP file. Description Using the boot bootloader command, you can specify the app file used for boot of the next time.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS View User view Parameter file-url: File path and file name of Bootrom. slot-num-list: slot-num-list = [ slot-num1 [ to slot-num2 ] ]&<1-10>, slot need to be upgraded, the range of slot-num is from 0 to 6. &<1-10> indicates that parameter in front of this mark can be input up to 10 times. Description Using the boot bootrom command, you can upgrade bootrom. Example Upgrade bootrom of No. 0 slot. boot bootrom PLATV100R002B09D002.
Device Management Commands 437 Parameter None Description Using the display bootloader command, you can display APP file used next time. Example display bootloader The app to boot at the next time is: PLATV100R002B09D002.APP display cpu Syntax display cpu View All views. Parameter None Description Using the display cpu command, you can display CPU occupancy.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Parameter shelf-no: Cabinet number. frame-no: Chassis number. slot-no: Slot number.
Device Management Commands 439 System temperature information: ---------------------------------------------------Board 0 2 display fan Temperature 46 48 Downlimit 0 10 Uplimit 80 75 Syntax display fan [ fan-id ] View All views Parameter None Description Using the display fan command, you can display the working state of the built-in fans. Example Display the working state of the fans.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS The information displays in the following format: System Total Memory(bytes): 32491008 Total Used Memory(bytes): 13181348 Used Rate: 40% Table 32 Display information display power Field Description System Total Memory (bytes) The Total Memory of switch, unit in byte Total Used Memory (bytes) The Total used Memory of switch, unit in byte Used Rate The memory used rate Syntax display power [ power-ID ] View All views Parameter power-ID: Power ID.
Device Management Commands reboot slot 441 Syntax reboot [ slot slot-num ] View User view Parameter slot-num: Specifies the physical card number, generally taken 0. Description Using the reboot slot command, you can reset the whole system. If no parameter is specified with the reboot command, it will reset the Ethernet switch. You can use the reboot command to reset the card, when the Ethernet switch fails. Example Reset the card in Slot 1.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Table 33 temperature-limit Backboard mode 0 1 2 3 4 5 slot1 8G 8G 8G 8G 8G 8G slot2 8G 8G 8G 8G 8G 8G slot3 8G 4G 8G 8G 6G 6G slot4 8G 4G 4G 6G 6G 4G slot5 0 4G 4G 2G 2G 4G slot6 0 4G 0 0 2G 2G Syntax temperature-limit slot down-value up-value View User view Parameter slot: Physical card number. down-value: Lower temperature limit (0-70 centigrade). up-value: Upper temperature limit (20-90 centigrade).
Basic System Configuration and Management Commands 443 Description Using the clock datetime command, you can set the current system time and date.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Example To set the summer time for zone 2 to start at 06:00:00 on 08/06/2002, and end at 06:00:00 on 01/09/2002, with a time added of one hour, enter the following: clock summer-time z2 one-off 06:00:00 2002/06/08 06:00:00 2002/09/01 01:00:00 To set the summer time for zone 2 to start at 06:00:00 on 08/06, and end at 06:00:00 on 01/09 in each year starting in 2002, with a time added of one hour, enter the following: clock summer-time z2 rep
System Status and System Information Display Commands 445 Parameter sysname: Specify the hostname with a character string with the length ranging from1 to 30 characters. Description Using the sysname command, you can set the hostname of Ethernet Switch. By default, the hostname of Ethernet Switch is SW7700. Changing the hostname name of Ethernet Switch will affect the prompt of command line interface. E.g. the host name of Ethernet Switch is SW7700, and the prompt in user view is .
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Parameter None Description Using the display current-configuration command, you can display the current effective configuration parameters of Ethernet Switch and verify the current effective parameters. If some effective configuration parameters are the same as the default working parameters, there is no display. For the related commands, see save, reset saved-configuration, display saved-configuration.
System Status and System Information Display Commands 447 vrrp ip 2 10.110.65.10 ip pim sparse-mode # interface Vlan-interface6 ip address 10.110.66.1 255.255.255.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS interface-num: Specify the Ethernet port number. Description Using the display debugging command, you can display the enabled debugging process. Show all the enabled debugging when there is no parameter. For the related commands, see debugging. Example Show all the enabled debugging. display debugging IP packet debugging switch is on.
System Status and System Information Display Commands # ip multicast-routing # vlan 1 # vlan 2 # vlan 3 # vlan 5 # vlan 6 # interface Vlan-interface1 # interface Vlan-interface2 ip address 1.1.2.1 255.255.255.0 # interface Vlan-interface3 ip address 1.1.3.1 255.255.255.0 # interface Vlan-interface5 ip address 10.110.65.1 255.255.255.0 vrrp ip 1 10.110.65.2 vrrp ip 2 10.110.65.10 ip pim sparse-mode # interface Vlan-interface6 ip address 10.110.66.1 255.255.255.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS ip pim rp-candidate Vlan-interface5 # line aux 0 no login exec-timeout 0 0 line vty 0 4 # end display users Syntax display users [ all ] View All views Parameter all: display all users connected to the switch. Description Using the display users command, you can know users connected to the switch. Example Display the status of the current users.
System Debug Commands 451 SW7700 with 1 MPC8260 Processor 128M bytes SDRAM 16384K bytes Flash Memory 0K bytes NVRAM Memory Pcb Version: REV.0 BootROM Version: 300 CPLD Version: 001 MOD1: uptime is 1 week, 1 day, 17 hours, 33 minutes. SW7700 MOD1 with 1 MPC850 Processor 64M bytes SDRAM 0K bytes Flash Memory 0K bytes NVRAM Memory Pcb Version: REV.1 BootROM Version: 300 CPLD Version: 001 MOD2: uptime is 1 week, 1 day, 17 hours, 33 minutes.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Enabling the debugging will generate a large amount of debugging information and decrease the system efficiency. Specially, network system may collapse after all the debugging is enabled by the debugging all command. So it is not suggested to use the debugging all command. It is convenient for the user to disable all the debugging with the undo debugging all command. For the related commands, see display debugging. Example Enable IP Packet debugging.
Network Connection Test Commands 453 -d: Configure the socket to be in DEBUGGING mode. interface-type: Specify the interface type. interface-num: Specify the interface number. interface-name: Specify the interface name. -i: Configure to choose packet sent on the interface. -n: Configure to take the host parameter as IP address without domain name resolution. -p: pattern is the hexadecimal padding of ICMP ECHO-REQUEST, e.g. -p ff pads the packet completely with ff.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS The ping command sends ICMP ECHO-REQUEST message to the destination. If the network to the destination works well, then the destination host will send ICMP ECHO-REPLY to the source host after receiving ICMP ECHO-REQUEST. Perform the ping command to troubleshoot the network connection and line quality. The output information includes: ■ Responses to each of the ECHO-REQUEST messages.
Network Connection Test Commands 455 -w: Configure to verify the -wf switch, timeout is an integer specifying IP packet timeout in seconds, larger than 0. host: IP address of the destination host or the hostname of the remote system. Description Using the tracert command, you can check the reachability of network connection and troubleshoot the network. User can test gateways passed by the packets transmitted from the host to the destination.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS 16 * * * 17 * * * 18 ALLSPICE.LCS.MIT.EDU (18.26.0.115) 339 ms 279 ms 279 ms Log Commands display channel This section displays the logging options available on your Switch 7700. Syntax display channel [ channel-number | channel-name ] View All views Parameter channel-number: Channel number, ranging from 0 to 9, that is, the system has ten channels. channel-name: Specify the channel name.
Log Commands 457 If the information in the current log/trap buffer is less than the specified sizeval, display the actual log/trap information. For the related commands, see info-center enable, info-center loghost, info-center logbuffer, info-center console channel, info-center monitor channel. Example Show the system log information.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Example Configure to output log information to the console through channel 0. [SW7700]info-center console channel 0 info-center enable Syntax info-center enable undo info-center enable View System view Parameter None Description Using the info-center enable command, you can enable the system log function. Using the undo info-center enable command, you can disable system log function. By default, system log function is enabled.
Log Commands 459 channel-number: Channel number, ranging from 0 to 9, that is, system has ten channels. channel-name: Specify the channel name. Description Using the info-center logbuffer command, you can configure to output information to the memory buffer. Using the undo info-center logbuffer command, you can cancel the information output to buffer This command takes effect only after the system logging is enabled. For the related commands, see info-center enable, display info-center.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS This command takes effect only after the system logging is enabled. For the related commands, see info-center enable, display info-center. Example Configure to send log information to the UNIX workstation at 202.38.160.1. [SW7700]info-center loghost 202.38.160.
Log Commands 461 Related commands: display snmp. Example Configure channel 6 as the SNMP information channel. [SW7700]info-center snmp channel 6 info-center source Syntax info-center source { modu-name | default } channel { channel-number | channel-name } [ { log | trap | debug } * { level severity | state state ] } * undo info-center source { modu-name | default } channel { channel-number | channel-name } View System view Parameter modu-name: Module name. default: All the modules.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS state: Specify the state as on or off. Description Using the info-center source command, you can add/delete a record to the information channel. Using the undo info-center source command, you can delete the contents of the information channel. For example, for the filter of IP module log output, you can configure to output the logs at a level higher than warnings to the log host and output those higher than informational to the log buffer.
Log Commands 463 Parameter log: Log information. trap: Trap information. debugging: Debugging information. boot: Time elapsing after system starts. Format: xxxxxx.yyyyyy, xxxxxx is the high 32 bits of the elapsed time (in milliseconds) after system starts, and yyyyyy is the low 32 bits. date: Current system date and time. It shows as yyyy/mm/dd-hh:mm:ss in Chinese environment and mm/dd/yyyy-hh:mm:ss in Western language environment. None: No timestamp format.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Description Using the info-center trapbuffer command, you can output information to the trap buffer. Using the undo info-center trapbuffer command, you can cancel output information to trap buffer. By default, output information is transmitted to trap buffer and size of trap buffer is 20. This command takes effect only after the system logging is enabled. Related commands: info-center enable, display info-center.
Log Commands 465 Example # Clear information in log buffer. reset logbuffer display info-center history 20 Trapping Buffer Confiuration & Information: enabled allowed max buffer size : 1024 actual buffer size : 256 channel number : 3 , channel name : trapbuf dropped messages : 0 overwrote messages : 0 current messages : 1 #9/5/2001 7:15:47-IFNET-5-TRAP:1.3.6.1.6.3.1.1.5.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Example Enable the terminal display debugging. terminal debugging terminal logging Syntax terminal logging undo terminal logging View User view Parameter None Description Using the terminal logging command, you can start terminal log information display. Using the undo terminal logging command, you can disable terminal log information display. By default, this function is enabled. Example Disable the terminal log display.
SNMP Configuration Commands 467 undo terminal trapping commands. When the terminal monitor is enabled, you can use terminal debugging / undo terminal debugging, terminal logging / terminal logging and terminal trapping / undo terminal trapping respectively to enable or disable the corresponding functions. Example Disable the terminal monitor.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Example Display the currently configured community names. display snmp-agent community community name:public group name:public storage-type: nonVolatile community name:tom group name:3Com storage-type: nonVolatile display snmp-agent Syntax display snmp-agent { local-engineid | remote-engineid } View All views Parameter local-engineid: local engine ID. remote-engineid: remote engine ID.
SNMP Configuration Commands 469 display snmp-agent group groupname: public readview:v1default writeview: no writeview specified notifyview: *tv.FFFFFFFF storage-type: volatile The following table describes the output fields.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS The following table describes the output fields. Table 36 Output description of the display snmp-agent mib-view command Field Description View name View name MIB Subtree MIB subtree storage-type Storage type included/excluded Permit or forbid access to an MIB object active Indicate the line state in the table CAUTION: If the SNMP Agent is disabled, "Snmp Agent disabled" will be displayed after you execute the above display commands.
SNMP Configuration Commands 471 The following table describes the output fields.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS View All views Parameter None Description Using the display snmp-agent sys-info location command, you can display the character string describing the system location. Example Display the system location.
SNMP Configuration Commands 473 Description Using the display snmp-agent usm-user command, you can display information of all the SNMP usernames in the group username list. Example Display the information of all the current users. display snmp-agent usm-user User name: authuser Engine ID: 00000009020000000C025808 storage-type: nonvolatile The following table describes the output fields.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS snmp-agent community Syntax snmp-agent community { read | write } community-name [ [ mib-view view-name ] [ acl acl-list ] ] undo snmp-agent community community-name View System view Parameter community-name: Community name character string. view-name: MIB view name. ro: Indicate that MIB object can only be read. rw: Indicate that MIB object can be read and written. acl acl-list: set access control list for specified community.
SNMP Configuration Commands 475 Parameter group_name: Enter a group name, up to 32 characters in length. read-view: Configures read-only view settings. read_view: Enter a read-only view name, up to 32 characters in length. write-view: Configures read and write view settings. write_view: Enter a read and write view name, up to 32 characters in length. notify: Configures notify view settings. notify_view: Enter a notify view name, up to 32 characters in length.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Parameter view-name: Specify the view name, with a character string, ranging from 1 to 32 characters. oid-tree: MIB object subtree. It can be a character string of the variable OID, or a variable name, ranging from 1 to 255 characters. included: Include this MIB subtree. excluded: Exclude this MIB subtree. Description Using the snmp-agent mib-view command, you can create or update the view information.
SNMP Configuration Commands snmp-agent sys-info 477 Syntax snmp-agent sys-info { contact sysContact | location sysLocation | version { { v1 | v2c | v3 } * | all } } undo snmp-agent sys-info { contact | location | version { { v1 | v2c | v3 } * | all } } View System view Parameter sysContact: Specify a character string describing the system maintaining contact (in bytes), with a length ranging from 1 to 255; The default contact information is "3Com Marlborough USA".
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS address: Specifies the transport address to be used in the generation of SNMP messages. udp-domain: Specifies the transport domain over UDP for the target address. host-address: Enter the IP address of destination host. udp-port udp_port_number: Enter the UDP port number of the host to receive the SNMP notification. params: Specifies the SNMP target information to be used in the generation of SNMP messages.
SNMP Configuration Commands 479 Parameter snmp: Configure to send SNMP Trap packets. authentication: Configure to send SNMP authentication Trap packets. coldstart: Configure to send SNMP cold start Trap packets. linkdown: Configure to send SNMP link down Trap packets. linkup: Configure to send SNMP link up Trap packets. warmstart: Configure to send SNMP warm start Trap packets. Description Using the snmp-agent trap enable command, you can enable the device to send Trap message.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS For the related commands, see snmp-agent trap enable, snmp-agent target-host. Example Configure the timeout interval of Trap packet as 60 seconds. [SW7700]snmp-agent trap life 60 snmp-agent trap queue-size Syntax snmp-agent trap queue-size length undo snmp-agent trap queue-size View System view Parameter length: Length of queue, ranging from 1 to 1000; the default length is 100.
SNMP Configuration Commands 481 Example Configure the IP address of the VLAN interface 1 as the source address for transmitting the Trap packets.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS acl acl-list: Enter the access control list for this user, based on USM name. Description Using the snmp-agent usm-user command, you can add a new community name or, if you use the V3 parameter, a new user to an SNMP group. Using the undo snmp-agent usm-user command, you can delete a user from SNMP group. SNMP engineID (for v3) is required when configuring remote users. This command will not be effective if engineID is not configured.
RMON Configuration Commands 483 View All views Parameter alarm-table-entry: Alarm table entry index. Description Using the display rmon alarm command, you can display RMON alarm information. For the related commands, see rmon alarm. Example Display the RMON alarm information. display rmon alarm Alarm table 1 is UNDERCREATION, and owned by Configer, every 1 second(s) monitoring Ethernet1/0/1 ebcastpkts. Rising threshold is 1, linked with event 5. Falling threshold is 2, linked with event 5.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Related command: rmon event. Example Show the RMON event. display rmon event Event table 1 is VALID, and owned by 3COM. Description: none. Event firing causes log ,last fired at 0.
RMON Configuration Commands 485 Table 41 Output description of the display rmon eventlog command display rmon history Field Description Event table Index 1 in event table VALID The entry corresponding to the index is valid 3Com Owner Description Event description Event firing causes log-and-trap Log and trap triggered by event last fired at 102300 Occurrence time of the latest event (counted since system initiate/boot time in centisecond) Syntax display rmon history [ port-num ] View All
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Table 42 Output description of the display rmon history command display rmon prialarm packets Packets sent/transmitted in sampling time broadcastpackets Number of broadcast packets multicastpackets Number of multicast packets CRC alignment errors Number of CRC error packets undersized Number of undersized packets oversized packets Number of oversized packets fragments Number of undersized and CRC error packets jabbers Number of oversized an
RMON Configuration Commands 487 Example Show RMON statistics. display rmon statistics Ethernet 2/0/1 Statistics entry 1 owned by 3Com-rmon is VALID. Gathers statistics of interface Ethernet2/0/1.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS sampling-time: Specifies the sampling interval, ranging from 5 to 65535 (measured in seconds). delta: Sampling type is delta. absolute: Sampling type is absolute. rising-threshold threshold-value1: Rising threshold, ranging from 0 to 2147483647. event-entry1: Event number corresponding to the upper limit of threshold, ranging from 0 to 65535. falling-threshold threshold-value2: Falling threshold, ranging from 0 to 2147483647.
RMON Configuration Commands 489 trap-community: Name of the community that trap message is sent to. log-trap: Log and trap event. log-trapcommunity: Name of the community that trap message is sent to. none: neither log nor trap event. owner rmon-station: Name of the network management station that creates this entry. The length of the character string ranges from 1 to 127. Description Using the rmon event command, you can add an entry to the event table.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS save for query on this port. Sample information includes utility, error number and total packet number. Example Delete the entry 15 from the history control table.
NTP Configuration Commands 491 Description Using the rmon prialarm command, you can add an entry to the extended RMON alarm table. Using the undo rmon prialarm command, you can delete an entry from the extended RMON alarm table. The number of instances can be created in the table depends on the hardware resource of the product. Example Delete line 10 from the extended RMON alarm table.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS undo debugging ntp-service { access | adjustment | authentication | event | filter | packet | parameter | refclock | selection | synchronization | validity | all } View User view. Parameter access: NTP access control debugging. adjustment: NTP clock adjustment debugging. all: All NTP debugging functions. authentication: NTP authentication debugging. event: NTP event debugging. filter: NTP filter information debugging. packet: NTP packet debugging.
NTP Configuration Commands 493 Description Using display ntp-service sessions command, you can display the status of all the sessions maintained by NTP service provided by the local equipment. By default, the status of all the sessions maintained by NTP service provided by the local equipment will be displayed. When you configure this command without the verbose parameter, the Ethernet switch will display the brief information about all the sessions it maintains.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS The following table describes the outputs: Table 44 NTP service status information display ntp-service trace Output Meaning clock status:unsynchronized Local clock status: do not synchronize to any remote NTP server.
NTP Configuration Commands 495 View System view. Parameters query: Allow to control query authority. synchronization: Only allow the server to access. server: Allow query to server and access. peer: Full access authority. acl-number: IP address list number, ranging from 1 to 99. Description Using ntp-service access command, you can set the authority to access the local equipment. Using undo ntp-service access command, you can cancel the access authority settings.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Example Enable NTP authentication function. [SW7700]ntp-service authentication enable ntp-service authentication-keyid Syntax ntp-service authentication-keyid number authentication-mode md5 value undo ntp-service authentication-keyid number View System view Parameter number: Specify the key number and range from 1 to 4294967295. value: Specify the value of the key with 1 to 32 ASCII characters.
NTP Configuration Commands 497 starts a brief client/server mode to switch messages with a remote server for estimating the network delay. Thereafter, the local Ethernet Switch enters broadcast client mode and continues listening to the broadcast and synchronizes the local clock according to the arrived broadcast message. Example Configure to receive NTP broadcast packets via Vlan-Interface1.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS Parameter number: The maximum sessions can be created locally, ranging from 0 to 100. Description Using ntp-service max-dynamic-sessions command, you can set how many sessions can be created locally. Using undo ntp-service max-dynamic-sessions command, you can resume the default maximum session number By default, a local device allows up to 100 sessions. Example Set the local equipment to allow up to 50 sessions.
NTP Configuration Commands 499 View VLAN interface view Parameter ip-address: Specify a multicast IP address of Class D and default to 224.0.1.1. authentication-keyid: Specify authentication key. keyid: Key ID used in multicast, ranging from 0 to 4294967295. ttl: Define the time to live of a multicast packet. ttl-number: Specify the ttl of a multicast packet and range from 1 to 255. version: Define NTP version number. number: Specify NTP version number and range from 1 to 3.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS ntp-service refclock-master command, you can cancel the NTP master clock settings. By default, ip-address is not specified and stratum:defaults to 1. You can use this command to designate an NTP external reference clock or the local clock as an NTP master clock to provide synchronized time for other equipment. ip-address specifies the IP address of an external clock as 127.127.t.u.
NTP Configuration Commands 501 View System view Parameter interface-name : Specify an interface. The source IP address of the packets will be taken from the address of the interface. interface-type : Specify the interface type and determine an interface with the interface-number parameter. interface-number : Specify the interface number and determine an interface with the interface-type parameter.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS ntp-service unicast-peer Syntax ntp-service unicast-peer ip-address [ version number ] [ authentication-key keyid ] [ source-interface { interface-name | interface-type interface-number } ] [ priority ] undo ntp-service unicast-peer ip-address View System view Parameter ip-address : Specify the IP address of a remote server. version : Define NTP version number. number : NTP version number, ranging from 1 to 3.
NTP Configuration Commands ntp-service unicast-server 503 Syntax ntp-service unicast-server ip-address [ version number ] [ authentication-keyid keyid ] [ source-interface { interface-name | interface-type interface-number } ] [ priority ] undo ntp-service unicast-server ip-address View System view Parameter p-address : Specify the IP address of a remote server. version : Define NTP version number. number : NTP version number, ranging from 1 to 3. authentication-keyid : Define authentication key.
CHAPTER 11: USING SYSTEM MANAGEMENT COMMANDS
