Yamaha L3 Switch Standard L3 SWX3220 Series Command Reference Rev.4.02.
| Command Reference | TOC Contents Preface: Introduction ............................................................................................19 Chapter 1: How to read the command reference ...............................................20 1.1 Applicable firmware revision .....................................................................................................................20 1.2 How to read the command reference .......................................................................
Command Reference | TOC | 3 4.3.5 Erase startup configuration ..........................................................................................................42 4.3.6 Copy startup configuration ..........................................................................................................42 4.3.7 Select startup config ....................................................................................................................43 4.3.8 Set description for startup config ...........
| Command Reference | TOC 4.10.10 Show log ..................................................................................................................................65 4.11 SNMP .......................................................................................................................................................66 4.11.1 Set host that receives SNMP notifications ................................................................................66 4.11.
Command Reference | TOC | 5 4.18.1 Start SSH server and change listening port number ..................................................................92 4.18.2 Show SSH server settings ..........................................................................................................92 4.18.3 Set host that can access the SSH server .....................................................................................93 4.18.4 Set client that can access the SSH server .................................
| Command Reference | TOC 4.22.4 Set L2MS slave watch interval ................................................................................................119 4.22.5 Set number of times that is interpreted as L2MS slave down .................................................120 4.22.6 Set terminal management function ..........................................................................................120 4.22.7 Set the device information acquisition time interval ..................................
Command Reference | TOC | 7 5.1.2 Shutdown ...................................................................................................................................145 5.1.3 Set communication speed and communication mode ...............................................................145 5.1.4 Auto negotiation type settings ...................................................................................................146 5.1.5 Auto negotiation information display ...............................
| Command Reference | TOC 5.3.20 Set number of times to resend requests to RADIUS server ....................................................180 5.3.21 Set RADIUS server shared password ......................................................................................180 5.3.22 Set time of RADIUS server usage prevention .........................................................................181 5.3.23 Set NAS-Identifier attribute sent to RADIUS server .................................................
Command Reference | TOC | 9 6.2.20 Show multiple VLAN group setting information ....................................................................207 6.3 STP (Spanning Tree Protocol) ..................................................................................................................208 6.3.1 Set spanning tree for the system ................................................................................................208 6.3.2 Set forward delay time .........................................
| Command Reference | TOC 7.3.4 Set ARP timeout ........................................................................................................................235 7.4 IPv4 forwarding control ...........................................................................................................................235 7.4.1 IPv4 forwarding settings ............................................................................................................236 7.4.2 Show IPv4 forwarding settings ...
Command Reference | TOC | 11 7.12.16 Set priority of route taken from OSPF into FIB (OSPFv2) ...................................................258 7.12.17 Set filtering for route information between RIB and OSPF routing table (OSPFv2) ...........258 7.12.18 Set stub host route (OSPFv2) ................................................................................................259 7.12.19 Set number of concurrent DD exchange processes (OSPFv2) ..............................................260 7.12.
| Command Reference | TOC 7.12.65 Restart OSPF process (IPv4) .................................................................................................281 7.12.66 Show OSPF process information (IPv4) ...............................................................................281 7.12.67 Show ABR and ASBR route information (IPv4) ..................................................................281 7.12.
Command Reference | TOC | 13 7.13.18 Set RIP packet reception .......................................................................................................299 7.13.19 Set RIP version that can be received .....................................................................................299 7.13.20 Set RIP packet transmission ..................................................................................................300 7.13.21 Set RIP version that can be transmitted .......................
| Command Reference | TOC Chapter 8: IP multicast control .........................................................................324 8.1 IP multicast basic settings ........................................................................................................................324 8.1.1 Set IP multicast routing .............................................................................................................324 8.1.2 Set IP multicast routing (physical port) ........................
Command Reference | TOC | 15 8.4.18 Set Join/Prune message transmission interval .........................................................................349 8.4.19 Set RP Keepalive Timer ..........................................................................................................349 8.4.20 Set SPT move operation ..........................................................................................................350 8.4.21 Set PIM-SSM .......................................................
| Command Reference | TOC 9.1.11 Clear counters ..........................................................................................................................380 9.1.12 Show access list applied to interface .......................................................................................380 9.1.13 Set VLAN access map and move to VLAN access map mode ...............................................381 9.1.14 Set access list for VLAN access map .............................................
Command Reference | TOC | 17 9.3.1 Set flow control (IEEE 802.3x PAUSE send/receive) (system) ................................................415 9.3.2 Set flow control (IEEE 802.3x PAUSE send/receive) (interface) .............................................416 9.3.3 Show flow control operating status ...........................................................................................417 9.4 Storm control ...............................................................................................
| Command Reference | TOC 10.4.10 Issuing a client certificate ......................................................................................................444 10.4.11 Aborting the issue of a client certificate ................................................................................445 10.4.12 Revoking client certificates ...................................................................................................445 10.4.13 Exporting client certificates (copying to SD card) ......
Preface Introduction • • • • • • Unauthorized reproduction of this document in part or in whole is prohibited. The contents of this document are subject to change without notice. Yamaha disclaims all responsibility for any damages caused by loss of data or other problems resulting from the use of this product. The warranty is limited to this physical product itself. Please be aware of these points. The information contained in this document has been carefully checked and is believed to be reliable.
| Command Reference | How to read the command reference Chapter 1 How to read the command reference 1.1 Applicable firmware revision This command reference applies to firmware Yamaha Standard L3 Switch SWX3220 of Rev.4.02.07. For the latest firmware released after printing of this command reference, manuals, and items that differ, access the following URL and see the information in the WWW server. http://www.rtpro.yamaha.co.jp 1.
Command Reference | How to read the command reference | 21 1.4 Input syntax for commands starting with the word "no" Many commands also have a form in which the command input syntax starts with the word no. If you use a syntax that with begins with the word no, the settings of that command are deleted and returned to the default value, unless explained otherwise.
| Command Reference | How to use the commands Chapter 2 How to use the commands The SWX3220 lets you perform command operations in the following two ways. Type of operation Method of operation Description Operation via console • • • Access from a console terminal Access from a TELNET client Access from a SSH client Issue commands one by one to interactively make settings or perform operations.
Command Reference | How to use the commands | 23 To make VTY port settings, use the line vty command to specify the target VTY port, and then move to line mode. ID management for virtual terminal ports is handled within the SWX3220, but since login session and ID assignments depend on the connection timing, you should normally make the same settings for all VTY ports. 2.1.3 Access from an SSH client You can use an SSH client on a computer to connect to the SSH server of the SWX3220 and control it.
| Command Reference | How to use the commands Setting item Content of setting command Setting 1) is a function that temporarily applies to the user who is using the terminal, and is applied as soon as the command is executed. Setting 2) applies starting with the next session. 2.2 Operation via configuration (config) files A file containing a set of needed commands is called a configuration (config) file.
Command Reference | How to use the commands | 25 Applicable configuration startup-config #3 startup-config #4 startup-config #SD Applicable file Remote path Load (GET) Save (PUT) Automatic restart CONFIG file (.txt) config3 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) config4 ✓ ✓ - All settings (.zip) ✓ ✓ - CONFIG file (.txt) configsd ✓ ✓ - All settings (.
| Command Reference | How to use the commands commands that can be entered in each mode are different. By noting the prompt, the user can see which mode they are currently in. The basic commands related to moving between command input modes are described below. For commands that move from global configuration mode mode to individual configuration mode, refer to "individual configuration mode.
Command Reference | How to use the commands | 27 individual configuration mode Transition command Prompt policy map class mode class command SWX3220(config-pmap-c)# L2MS mode l2ms configuration command SWX3220(config-l2ms)# LLDP agent mode lldp-agent command SWX3220(lldp-agent)# OSPFv2 mode router ospf command SWX3220(config-router)# OSPFv3 mode router ipv6 ospf command SWX3220(config-router)# RIP mode router rip command SWX3220(config-router)# RIPng mode router ipv6 rip command SWX32
| Command Reference | How to use the commands • Keyboard operation Description and notes Press Esc, then B Move left one word (move to the first character of the word at the cursor location) Ctrl + A Move to the beginning of the line Ctrl + E Move to the end of the line Deleting an input character Keyboard operation Backspace Ctrl + H Ctrl + D Press Esc, then D • Description and notes Delete the character at the left of the cursor Delete the character at the cursor.
Command Reference | How to use the commands | 29 SWX3220(config)#vlan "press the key" access-map database filter SWX3220(config)#vlan 2.5.4 Entering command abbreviations When you enter commands or parameters in abbreviated form, and the characters you entered can be recognized unambiguously as a command or parameter, that command is executed. Example of entering a command abbreviation (show running-config) SWX3220# sh run 2.5.
| Command Reference | How to use the commands State Forwarding % port1.
Command Reference | Configuration | 31 Chapter 3 Configuration 3.1 Manage setting values The SWX3220 uses the following configurations to manage its settings. Types of configuration Description User operations that can be performed Running configuration (running-config) Setting values currently used for operation. Managed in RAM. Note / Save to startup configuration Startup configuration (startup-config) These are the saved setting values.
| Command Reference | Configuration Category Setting item Default value Download URL firmware-update url http:// www.rtpro.yamaha.co.jp/firmware/ revision-up/swx3220.
Command Reference | Configuration | 33 Category L2MS L2 switching Traffic control PoE power supply LLDP agent • Settings for the default VLAN (vlan1) • IPv4 Address : 192.168.100.240/24 • IGMP Snooping: Enable • Querier : Disable • Fast-Leave : Disable • Check TTL : Enable Setting item Default value EEE disabled Port Mode Access Associated VLAN ID 1 (default VLAN) L2MS filter disabled Spanning tree enabled Proprietary loop detection enabled QoS trust mode CoS Flow control (IEEE 802.
| Command Reference | Maintenance and operation functions Chapter 4 Maintenance and operation functions 4.1 Passwords 4.1.
Command Reference | Maintenance and operation functions | 35 [Description] Specifies the administrator password needed to enter privileged EXEC mode. If this command is executed with the "no" syntax, the administrator password is deleted. [Note] If the password was encrypted by the password-encryption command, it is shown in the configuration in the form "enable password 8 password." The user cannot enter the password in this form when making configuration settings from the command line.
| Command Reference | Maintenance and operation functions [Parameter] switch : Allow login by special password Setting value Description enable Allow disable Don't allow [Initial value] force-password enable [Input mode] global configuration mode [Description] Enable login with special password.
Command Reference | Maintenance and operation functions | 37 Single-type alphanumeric characters and " and ' and | and > and ? and single-byte symbols other than space characters (32 characters or less) The first character must be a single-byte alphanumeric character [Initial value] none [Input mode] global configuration mode [Description] Sets user information. A maximum of 32 items of user information can be registered. The following words cannot be registered as user names.
| Command Reference | Maintenance and operation functions --------------------------------------------------------------------------------------------con 0 user1234 Login 02:15:23 vty 0 * operators1 Login 00:12:59 192.168.100.1 vty 1 abcdefghijklmnopqrstuvwxyzabcdef Login 00:00:50 192.168.100.24 vty 2 Login 00:00:21 192.168.100.10 vty 3 vty 4 vty 5 vty 6 vty 7 http 0 user1234 Login 01:12:25 192.168.100.4 http 1 (noname) Login 00:18:04 192.168.100.
Command Reference | Maintenance and operation functions | 39 SWX3220>enable SWX3220#configure terminal Enter configuration commands, one per line. SWX3220(config)#banner motd Hello World! SWX3220(config)#exit SWX3220#exit End with CNTL/Z. Username: Password: Hello World! SWX3220>enable SWX3220#configure terminal Enter configuration commands, one per line. SWX3220(config)#no banner motd SWX3220(config)#exit SWX3220#exit End with CNTL/Z. Username: Password: SWX3220 Rev.4.02.
| Command Reference | Maintenance and operation functions [Parameter] config_num : Configuration number Setting value Description <0-1> Startup configuration #0-#1 sd Startup config in SD card [Input mode] privileged EXEC mode, individual configuration mode [Description] Saves the current operating settings (running configuration) as the settings for startup (startup configuration). If config_num is omitted, it is saved in the startup config that was used for the current startup.
Command Reference | Maintenance and operation functions | 41 Setting value Description router-id Router ID related schedule Schedule related snmp SNMP related spanning-tree STP related ssh-server SSH server related telnet-sever TELNET server related [Input mode] privileged EXEC mode, individual configuration mode [Description] Shows the currently-operating settings (running configuration). If section is not specified, all settings are shown. [Example] Show the running configuration.
| Command Reference | Maintenance and operation functions SWX3220#show startup-config ! ! Last Modified: 00:00:00 JST Mon Jan 01 2018 ! interface port1.1 switchport switchport mode access no shutdown ! ... ! interface vlan1 no switchport ip address 192.168.100.240/24 no shutdown ! clock timezone JST ! http-server enable http-proxy enable ! telnet-server enable ! line con 0 line vty 0 7 ! end SWX3220# 4.3.
Command Reference | Maintenance and operation functions | 43 [Parameter] src_config_num dst_config_num : : Copy source configuration number Setting value Description <0-1> Startup configuration #0-#1 sd Startup config in SD card Copy destination configuration number Setting value Description <0-1> Startup configuration #0-#1 sd Startup config in SD card [Input mode] privileged EXEC mode [Description] Copy the startup settings (startup config) and the information associated with them.
| Command Reference | Maintenance and operation functions SWX3220#startup-config select 1 reboot system? (y/n): y 4.3.
Command Reference | Maintenance and operation functions | 45 Shows a list of the boot history. SWX3220>show boot list No. Date Time --- ---------- -------0 2018/03/15 09:50:29 1 2018/03/14 20:24:40 --- ---------- -------- Info ------------------------------------------------Restart by reload command Power-on boot ------------------------------------------------- 4.4.2 Clear boot information [Syntax] clear boot list [Input mode] privileged EXEC mode [Description] Clears the boot information history.
| Command Reference | Maintenance and operation functions [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the setting of the SD card boot function. [Example] Show the setting of the SD card boot function. SWX3220#show boot prioritize sd SD boot configuration: firmware : enable 4.5 Show unit information 4.5.
Command Reference | Maintenance and operation functions | 47 • • • • • • • • • • • • • • CPU usage ratio Memory usage ratio Fan status Fan speed Firmware file Startup configuration file Serial baud rate Boot time Current time Elapsed time from boot Temperature status Temperature Voltage Current [Example] Show operating information. SWX3220>show environment SWX3220-16MT BootROM Ver.1.00 SWX3220 Rev.4.02.02 (Mon Dec 14 12:07:35 2020) main=SWX3220-16MT ver=00 serial=S00000000 MAC-Address=00a0.de00.
| Command Reference | Maintenance and operation functions [Description] Shows all currently-executing processes. [Example] Show currently-executing processes. SWX3220#show process 4.5.5 Display memory usage [Syntax] show memory [Input mode] privileged EXEC mode [Description] Shows how much memory is used by each process. The following items are shown.
Command Reference | Maintenance and operation functions | 49 Command Stack disabled Stack enabled Master switch Slave switch show environment ✓ ✓ ✓ show disk-usage ✓ ✓ ✓ show inventory ✓ (※1) ✓ (※1) ✓ (※1) show boot all ✓ ✓ ✓ show boot prioritize sd ✓ ✓ ✓ show fan history ✓ ✓ ✓ show logging ✓ ✓ ✓ show process ✓ ✓ ✓ show users ✓ ✓ ✓ show interface ✓ ✓ - show frame-counter ✓ ✓ - show vlan brief ✓ ✓ - show spanning-tree mst detail ✓ ✓ - show etherchannel
| Command Reference | Maintenance and operation functions Command Stack disabled Stack enabled Master switch Slave switch show ip ospf ✓ ✓ - show ip ospf database ✓ ✓ - show ip ospf interface ✓ ✓ - show ip ospf neighbor ✓ ✓ - show ip ospf route ✓ ✓ - show ipv6 ospf ✓ ✓ - show ipv6 ospf database ✓ ✓ - show ipv6 ospf interface ✓ ✓ - show ipv6 ospf neighbor ✓ ✓ - show ipv6 ospf route ✓ ✓ - show ip mroute ✓ ✓ - show ip mroute summary ✓ ✓ - show ip mroute co
Command Reference | Maintenance and operation functions | 51 [Example] Show technical support information. SWX3220#show tech-support # # Information for Yamaha Technical Support # *** show running-config *** ! ! - Running Configuration ! Current Time: Fri Jan 1 00:00:00 JST 2021 ! dns-client enable ! vlan database vlan 2 name VLAN0002 vlan 3 name VLAN0003 ! interface port1.1 switchport switchport mode access ... *** show startup-config *** ... *** show stack *** ... *** show environment *** ...
| Command Reference | Maintenance and operation functions SWX3220# 4.5.8 Show fan operating history [Syntax] show fan history [Input mode] unprivileged EXEC mode、privileged EXEC mode [Description] Shows the fan operating history. [Example] Shows the fan operating history. SWX3220>show fan history 2020/10/22 15:45:54: FAN1 status:Low perform:80% 4.6 Time management 4.6.1 Set clock manually [Syntax] clock set time month day year [Parameter] time : hh:mm:ss Time month : <1-12> or Jan, Feb, Mar, ...
Command Reference | Maintenance and operation functions | 53 [Initial value] clock timezone UTC [Input mode] global configuration mode [Description] Sets the time zone. If this command is executed with the "no" syntax, UTC is specified. [Example] Set the time zone to JST. SWX3220(config)#clock timezone JST Set the time zone to UTC+9 hours. SWX3220(config)#clock timezone +9:00 4.6.
| Command Reference | Maintenance and operation functions [Description] Registers the address or host name of the NTP server. Up to two instances of this command can be set. If this command is executed with the "no" syntax, the NTP server setting is deleted. If time synchronization is performed with two NTP servers specified, they are queried in the order of NTP server 1 and NTP server 2 as shown by the show ntpdate command.
Command Reference | Maintenance and operation functions | 55 SWX3220(config)#ntpdate interval 2 Disable periodic time synchronization. SWX3220(config)#ntpdate interval 0 4.6.7 Show NTP server time synchronization settings [Syntax] show ntpdate [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the settings that are related to time synchronization from an NTP server. [Example] Show time synchronization settings.
| Command Reference | Maintenance and operation functions [Example] Enable the PTP function for the entire system. SWX3220(config)#ptp enable Disable the PTP function for the entire system. SWX3220(config)#ptp disable 4.7.
Command Reference | Maintenance and operation functions | 57 Setting value transparent mechanism : Description Transparent clock Delay mechanism Setting value e2e step-mode : Description End-to-end mode Step mode Setting value one-step Description One-step mode [Initial value] ptp mode transparent delay-mechanism e2e step one-step [Input mode] global configuration mode [Description] This configures the PTP operation mode, delay mechanism and step mode.
| Command Reference | Maintenance and operation functions [Description] Sets the forwarding protocol settings for PTP messages. If this command is executed with the "no" syntax, the setting returns to the default. [Note] If the system-wide PTP function is disabled, this will not operate. [Example] This uses IPv6 in UDP to forward PTP messages. SWX3220(config)#ptp transport protocol udp ipv6 4.7.
Command Reference | Maintenance and operation functions | 59 SWX3220>show ptp interface port1.1 Interface PTP ------------------port1.1 Disable 4.8 Terminal settings 4.8.1 Move to line mode (console terminal) [Syntax] line con port [Parameter] port : 0 Serial console port number [Initial value] line con 0 [Input mode] global configuration mode [Description] Moves to line mode in order to make console terminal settings. [Note] To return from line mode to global configuration mode, use the exit command.
| Command Reference | Maintenance and operation functions [Example] Enable VTY port #0 and then move to line mode. SWX3220(config)#line vty 0 SWX3220(config-line)# 4.8.
Command Reference | Maintenance and operation functions | 61 [Example] Change the number of lines displayed per page for the terminal in use to 100 lines. SWX3220>terminal length 100 SWX3220> 4.8.
| Command Reference | Maintenance and operation functions 4.9.1 Set management VLAN [Syntax] management interface interface no management interface [Parameter] interface : VLAN interface name [Initial value] management interface vlan1 [Input mode] global configuration mode [Description] Set the VLAN that is used for management. By setting this command, it will be possible to set and acquire the IP address assigned by the L2MS master to the corresponding VLAN when operating as an L2MS slave.
Command Reference | Maintenance and operation functions | 63 4.10.2 Set log output level (debug) [Syntax] logging trap debug no logging trap debug [Initial value] no logging trap debug [Input mode] global configuration mode [Description] Output the debug level log to SYSLOG. If this command is executed with the "no" syntax, the log is not output. Since enabling debug level will output a large volume of log data, you should enable this only if necessary.
| Command Reference | Maintenance and operation functions SWX3220(config)#logging trap error 4.10.5 Set log console output [Syntax] logging stdout info no logging stdout info [Initial value] no logging stdout info [Input mode] global configuration mode [Description] Outputs the informational level SYSLOG to the console. If this command is executed with the "no" syntax, the log is not output. [Example] Output the informational level SYSLOG to the console. SWX3220(config)#logging stdout info 4.10.
Command Reference | Maintenance and operation functions | 65 /swx3220/log/YYYYMMDD_syslog.txt YYYYMMDD … Year month day that the save logging command was executed [Example] Back up the log. SWX3220#save logging 4.10.
| Command Reference | Maintenance and operation functions [Keyword] reverse : Shows the log in reverse order [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the log that records the operating status of the unit. Normally the log is shown starting with the oldest events, but the display order is reversed if "reverse" is specified. The log contains a maximum of 10,000 events. If this maximum number is exceeded, the oldest events are successively deleted.
Command Reference | Maintenance and operation functions | 67 This can be specified if version is '1' or '2c' seclevel : Security level requested for authenticating the notification This can be specified only if version is '3' Setting value user : Description noauth No authentication / No encryption (noAuthNoPriv) auth Authentication / No encryption (authNoPriv) priv Authentication / Encryption (authPriv) User name (maximum 32 characters) This can be specified only if version is '3' [Initial val
| Command Reference | Maintenance and operation functions Setting value Description linkdown At linkdown linkup At linkup authentication When authentication fails l2ms When L2MS slave is detected or lost errdisable When ErrorDisable is detected or canceled rmon When RMON event is executed termmonitor When terminal monitoring is detected bridge When spanning tree root is detected / When topology is changed temperature When temperature abnormality is detected or resolved fan When fan s
Command Reference | Maintenance and operation functions | 69 [Example] Set the system contact to "swx_admin@sample.com". SWX3220(config)#snmp-server contact swx_admin@sample.com 4.11.4 Set system location [Syntax] snmp-server location location no snmp-server location [Parameter] location : Name to register as the system location (255 characters or less) [Initial value] no snmp-server location [Input mode] global configuration mode [Description] Sets the MIB variable sysLocation.
| Command Reference | Maintenance and operation functions SWX3220(config)#no snmp-server community public 4.11.
Command Reference | Maintenance and operation functions | 71 seclevel : Security level required of users belonging to this group Setting value Description noauth No authentication / No encryption (noAuthNoPriv) auth Authentication / No encryption (authNoPriv) priv Authentication / Encryption (authPriv) read_view : Name of the MIB view (maximum 32 characters) that can be read by users belonging to this group write_view : Name of the MIB view (maximum 32 characters) that can be written by users
| Command Reference | Maintenance and operation functions priv : Encryption algorithm Setting value priv_pass : Description des DES-CBC aes AES128-CFB Encryption password (8 or more characters, maximum 32 characters) [Initial value] none [Input mode] global configuration mode [Description] Specifies a user.
Command Reference | Maintenance and operation functions | 73 4.11.10 Show SNMP view settings [Syntax] show snmp view [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the contents of the SNMP view settings. Shows the view name, object ID, and type. [Example] Show the contents of the SNMP view settings. SWX3220#show snmp view SNMP View information View Name: most OID: 1.6.1 Type: include View Name: standard OID: 1.3.6.1.2.1 Type: include 4.11.
| Command Reference | Maintenance and operation functions SNMP User information EngineID: 0x8000049e0300a0deaeb90e User Name: admin1 Group Name: admins Auth: sha Priv: aes User Name: user1 Group Name: users Auth: sha Priv: none 4.12 RMON 4.12.
Command Reference | Maintenance and operation functions | 75 Index of the Ethernet statistical information group (etherStatsIndex) owner : Name of the Ethernet statistical information group owner (etherStatsOwner) Maximum 127 characters (if omitted : RMON_SNMP) [Initial value] none [Input mode] interface mode [Description] Enables the RMON Ethernet statistical information group setting for the applicable interface.
| Command Reference | Maintenance and operation functions If this command is set, it will be possible to acquire the RMON MIB's historyControlTable. After setting this command, history information is collected at the specified interval, and the RMON MIB's etherHistoryTable can be acquired. This command can be specified a maximum number of eight times for the same interface. If this command is executed with the "no" syntax, delete the setting and the collected historical information.
Command Reference | Maintenance and operation functions | 77 [Note] To enable the event group setting of the RMON function, it is necessary to enable the system-wide RMON function in addition to this command. In order for RMON to send an SNMP trap, you must have made SNMP trap transmission settings. [Example] After making SNMP trap settings, enable the RMON event group setting. Set the type of event as "log-trap", and the community name of the trap as "public". SWX3220(config)#snmp-server host 192.168.100.
| Command Reference | Maintenance and operation functions Setting value Description 1 Use only upper threshold value (risingAlarm) 2 Use only lower threshold value (fallingAlarm) 3 Use both upper threshold value and lower threshold value (risingOrFallingAlarm) (if omitted : 3) owner : Name of alarm group owner (alarmOwner) maximum 127 characters (if omitted : RMON_SNMP) [Initial value] none [Input mode] global configuration mode [Description] Enables the RMON alarm group settings.
Command Reference | Maintenance and operation functions | 79 If the system-wide RMON function is disabled, sampling is interrupted. Subsequently, if the system-wide RMON function is enabled, the previous sampling data is deleted, and sampling is once again started. [Example] Enable the RMON alarm group settings with the following conditions. • The MIB object to be monitored is etherStatsPkts.1. • The sampling interval is 180 seconds. • The sampling type is delta.
| Command Reference | Maintenance and operation functions alarm Startup Alarm = 3 alarm Owner is RMON_SNMP 4.12.7 Show RMON Ethernet statistical information group status [Syntax] show rmon statistics [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the settings and status of the RMON Ethernet statistical information group. The following items are shown.
Command Reference | Maintenance and operation functions | 81 • • • • Type of event Community name when sending trap Time of executing event Owner name [Example] SWX3220>show rmon event event Index = 1 Description RMON_SNMP Event type Log Event community name RMON_SNMP Last Time Sent = 00:00:58 Owner RMON_SNMP 4.12.10 Show RMON alarm group status [Syntax] show rmon alarm [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the settings and status of the RMON alarm group.
| Command Reference | Maintenance and operation functions SWX3220(config)#interface port1.1 SWX3220(config-if)#rmon clear counters 4.13 Telnet server 4.13.
Command Reference | Maintenance and operation functions | 83 4.13.3 Set host that can access the Telnet server [Syntax] telnet-server interface interface no telnet-server interface interface [Parameter] interface : VLAN interface name [Initial value] none [Input mode] global configuration mode [Description] Sets the VLAN interface that allows access to the Telnet server. If this command is executed with the "no" syntax, the specified interface is deleted.
| Command Reference | Maintenance and operation functions [Description] Restrict access to the TELNET server according to the client terminal's IPv4/IPv6 address. Up to eight instances of this command can be set, and those that are specified earlier take priority for application. If this command is set, all access that does not satisfy the registered conditions is denied. However, if this command is not set, all access is permitted.
Command Reference | Maintenance and operation functions | 85 Setting value Description enable Enable disable Disable [Initial value] telnet-client disable [Input mode] global configuration mode [Description] Enables use of the telnet command as a Telnet client. If this command is executed with the "no" syntax, the Telnet client is disabled. [Example] Enable the Telnet client. SWX3220(config)#telnet-client enable 4.14.
| Command Reference | Maintenance and operation functions [Parameter] port : <1-65535> Listening port number of the TFTP server (if omitted: 69) [Initial value] tftp-server disable [Input mode] global configuration mode [Description] Enables the TFTP server. You can also specify the listening TCP port number. If this command is executed with the "no" syntax, the TFTP server is disabled. [Example] Start the TFTP server with 12345 as the listening port number.
Command Reference | Maintenance and operation functions | 87 SWX3220(config)#tftp-server interface vlan1 SWX3220(config)#tftp-server interface vlan2 4.16 HTTP server 4.16.
| Command Reference | Maintenance and operation functions To avoid a high usage rate, it is desirable to avoid access by multiple users to an automatically updated web page such as the dashboard or the LAN map. [Example] Start the secure HTTP server with 8080 as the listening port number. SWX3220(config)#http-server secure enable 8080 4.16.3 Show HTTP server settings [Syntax] show http-server [Input mode] privileged EXEC mode [Description] Shows the settings of the HTTP server.
Command Reference | Maintenance and operation functions | 89 4.16.5 Restrict access to the HTTP server according to the IP address of the client [Syntax] http-server access action info no http-server access [action info] [Parameter] action : Specifies the action for the access condition Setting value info : Description deny "Deny" the condition permit "Permit" the condition Specifies the transmission-source IPv4 address or IPv6 address that is the condition. Setting value Description A.B.C.
| Command Reference | Maintenance and operation functions [Parameter] lang : Specify the language Setting value Description japanese Japanese english English [Initial value] http-server language japanese [Input mode] global configuration mode [Description] Sets the Web GUI display language. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Set the Web GUI display language to English. SWX3220(config)#http-server language english 4.16.
Command Reference | Maintenance and operation functions | 91 [Parameter] switch : Whether to enable HTTP Proxy function Setting value Description enable Enable disable Disable [Initial value] http-proxy disable [Input mode] global configuration mode [Description] Enables the HTTP Proxy function of the HTTP server. If this command is executed with the "no" syntax, the function is disabled. [Example] Enable the HTTP Proxy function of the HTTP server. SWX3220(config)#http-proxy enable 4.17.
| Command Reference | Maintenance and operation functions SWX3220#show http-proxy Service:Enable Timeout:60 4.18 SSH server 4.18.
Command Reference | Maintenance and operation functions | 93 Service:Enable Port:23 Hostkey:Generated Management interface(vlan): 1 Interface(vlan):1, 2, 3 Access: deny 192.168.100.5 permit 192.168.100.0/24 4.18.3 Set host that can access the SSH server [Syntax] ssh-server interface ifname no ssh-server interface ifname [Parameter] ifname : VLAN interface name [Initial value] none [Input mode] global configuration mode [Description] Sets the VLAN interface that allows access to the SSH server.
| Command Reference | Maintenance and operation functions [Initial value] none [Input mode] global configuration mode [Description] Restrict access to the SSH according to the client terminal's IPv4/IPv6 address. Up to eight instances of this command can be set, and those that are specified earlier take priority for application. If this command is set, all access that does not satisfy the registered conditions is denied. However, if this command is not set, all access is permitted.
Command Reference | Maintenance and operation functions | 95 [Input mode] privileged EXEC mode [Description] Deletes the host RSA key and host DSA key of the SSH server. [Note] This command can be executed only if the SSH server is disabled. [Example] Delete the host RSA key and host DSA key. SWX3220#clear ssh-server host key 4.18.
| Command Reference | Maintenance and operation functions +---[DSA 1024]----+ | . +E. | | o o | | o X S | | + = * . | | o . B * . | | + o . | | * * + | |X+.@ +o= | |@*o.= o. | +----[SHA256]-----+ ssh-rsa 2048 MD5:XX:XX:b8:07:e3:5e:57:b8:80:e3:fc:b3:24:17:XX:XX +---[RSA 2048]----+ | | |...* | |*+. | | . | | . + | | | | E | | . B.. | | . oo | +------[MD5]------+ 2048 SHA256:XXXXMkUuEbkJggPD68UoR+gobWPhgu7qqXzE8iUXXXX +---[RSA 2048]----+ |*.==+ | |*o+= . . | |*=o. . S | | * S . . | | + B * o | | = = . . .
Command Reference | Maintenance and operation functions | 97 4.19.1 Start SSH client [Syntax] ssh [user@] host [port] [Parameter] user : User name used when logging in to the remote host host : Remote host name, IPv4 address (A.B.C.
| Command Reference | Maintenance and operation functions [Description] Enables use of the ssh command as an SSH client. If this command is executed with the "no" syntax, the SSH client is disabled. [Example] Enable the SSH client. SWX3220(config)#ssh-client enable 4.19.3 Clear SSH host information [Syntax] clear ssh host host [Parameter] host : Remote host name, IPv4 address (A.B.C.
Command Reference | Maintenance and operation functions | 99 Setting value starttls username : Description Encrypting communication ( STARTTLS ) User name used for SMTP authentication (64 characters or less, ? " | > and aingle-byte alphanumeric characters and symbols other than spaces) password : Passwords used for SMTP authentication (64 characters or less,? " | > and aingle-byte alphanumeric characters and symbols other than spaces) [Initial value] none [Input mode] global configuration mode [Descr
| Command Reference | Maintenance and operation functions mail notify temp-id trigger stack no mail notify temp-id trigger lan-map no mail notify temp-id trigger terminal no mail notify temp-id trigger stack [Keyword] lan-map : Notify events related to the LAN map terminal : Notify events related to the terminal monitoring function stack : Notify events related to the stack function : <1-10> [Parameter] temp-id E-mail template ID Specify a template to use for event notification [Initial valu
Command Reference | Maintenance and operation functions | 101 4.20.5 E-mail transmission server ID settings [Syntax] send server server-id no send server [Parameter] server-id : <1-10> E-mail template ID [Initial value] no send server [Input mode] E-mail template mode [Description] Sets the ID of the e-mail server to be used. [Example] Specifies server ID #1 for the e-mail server used in e-mail template #1. SWX3220(config)#mail template 1 SWX3220(config-mail)#send server 1 4.20.
| Command Reference | Maintenance and operation functions [Description] Sets the destination e-mail addresses (maximum of four). [Note] This setting is used as the destination for event notifications, and is not used for the destinations when distributing certificates or sending notifications. [Example] Specifies “user@test.com” as the destination e-mail address for e-mail template #1. SWX3220(config)#mail template 1 SWX3220(config-mail)#send to user@test.com 4.20.
Command Reference | Maintenance and operation functions | 103 [Example] Sets the transmission wait time for e-mail template #1 to 60 seconds. SWX3220(config)#mail template 1 SWX3220(config-mail)#send notify wait-time 60 4.20.
| Command Reference | Maintenance and operation functions --------------------------------Your certificate will expire in [X] days. Name : [Name] - Setting value for the NAME option in the “user” command Account : [User name] - USERID value for the “user” command MAC address : XX:XX:XX:XX:XX:XX Expire : YYYY/MM/DD --------------------------------[Example] Specifies “#2” for the template to use when sending notifications of RADIUS server client certificates by e-mail.
Command Reference | Maintenance and operation functions | 105 Encryption : Wait time : Mail address (from) : Mail address (to) : STARTTLS 30 sec sample@test.com user1@test.com user2@test.com user3@test.com user4@test.com 4.21 LLDP 4.21.1 Enable LLDP function [Syntax] lldp run no lldp run [Initial value] none [Input mode] global configuration mode [Description] Enable the LLDP function for the entire system. If this command is executed with the "no" syntax, disable the LLDP function for the entire system.
| Command Reference | Maintenance and operation functions SWX3220(config)#lldp system-description SWITCH1_POINT_A 4.21.3 Set system name [Syntax] lldp system-name name no lldp system-name [Parameter] name : System name text string (255 characters or less) [Initial value] no lldp system-name [Input mode] global configuration mode [Description] Sets the system name used by the LLDP function. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Maintenance and operation functions | 107 Setting value Description enable Enable automatic setting function by LLDP disable Disable automatic setting function by LLDP [Initial value] lldp auto-setting disable [Input mode] global configuration mode [Description] Enables the function by which LLDP frames transmitted by specific Yamaha devices can automatically modify the settings of a switch. The functions that can be set are flow control, QoS, IGMP snooping, and EEE.
| Command Reference | Maintenance and operation functions 4.21.7 Set type of management address [Syntax] set management-address-tlv type no set management-address-tlv [Parameter] type : Type of management address Setting value Description ip-address Set IP address as the management address mac-address Set MAC address as the management address [Initial value] set management-address-tlv ip-address [Input mode] LLDP agent mode [Description] Sets the type of port management address used by LLDP.
Command Reference | Maintenance and operation functions | 109 4.21.9 Set IEEE-802.1 TLV [Syntax] tlv-select ieee-8021-org-specific no tlv-select ieee-8021-org-specific [Initial value] none [Input mode] LLDP agent mode [Description] Adds IEEE-802.1 TLVs to transmitted frames. If this command is executed with the "no" syntax, exclude IEEE-802.1 TLVs from transmitted frames. This command adds the following TLVs to LLDP frames.
| Command Reference | Maintenance and operation functions 4.21.11 Set LLDP-MED TLV [Syntax] tlv-select med no tlv-select med [Initial value] none [Input mode] LLDP agent mode [Description] If this command is executed with the "no" syntax, exclude LLDP-MED TLVs from transmitted frames. This command adds the following TLVs to LLDP frames.
Command Reference | Maintenance and operation functions | 111 [Parameter] fast_tx : <1-3600> LLDP frame transmission interval for high speed transmission period (seconds) [Initial value] set timer msg-fast-tx 1 [Input mode] LLDP agent mode [Description] Sets the LLDP frame transmission interval during the high speed transmission period. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Maintenance and operation functions [Initial value] set msg-tx-hold 4 [Input mode] LLDP agent mode [Description] Sets the multiplier for calculating the time to live (TTL) of device information. If this command is executed with the "no" syntax, the setting returns to the default. This setting is multiplied with the LLDP frame transmission interval (msg-tx-interval), and then increased by +1 to become the TTL value (seconds). The TTL value is set in "Time To Live TLV".
Command Reference | Maintenance and operation functions | 113 [Description] Sets the maximum number of connected devices that can be managed by a port. If this command is executed with the "no" syntax, the setting returns to the default. If the maximum number of connected device for a port is exceeded, LLDP frames sent from new devices are ignored. [Note] When this command is set, the remote device management table is cleared once when the first LLDP frame is received on the applicable port.
| Command Reference | Maintenance and operation functions Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows LLDP information for the interface specified by ifname. If "neighbor" is specified, information for the device connected to the interface is shown. The following items are shown.
Command Reference | Maintenance and operation functions | 115 ID of port VLAN PP Vlan id ID of protocol VLAN VLAN ID ID of port VLAN VLAN Name Name of port VLAN Remote Protocols Advertised List of supported protocols Remote VID Usage Digestt VID Usage Digestt value Remote Management Vlan Name of management VLAN Link Aggregation Status Link aggregation enabled/disabled Link Aggregation Port ID ID of link aggregation port • Port Vlan id 8023 ORIGIN SPECIFIC TLV information Auto negotiation
| Command Reference | Maintenance and operation functions Datum Geodetic datum 0: USA's World Geodetic System (WGS 84) 1: North American Datum (NAD 83) 2: Average historical minimum sea level of North American Datum (NAD 83) LCI length Length of location information data What Place of reference location 0: Location of the DHCP server 1: Position of the network element thought to be nearest the client 2: Location of client Country Code Country code CA type CA (Civic Address) type MED Inventory
Command Reference | Maintenance and operation functions | 117 CHASSIS ID TYPE IP ADDRESS : 0.0.0.0 PORT ID TYPE INTERFACE NAME : port1.
| Command Reference | Maintenance and operation functions SWX3220>clear lldp counters 4.22 L2MS (Layer 2 management service) settings 4.22.1 Move to L2MS mode [Syntax] l2ms configuration [Input mode] global configuration mode [Description] Moves to L2MS mode in order to make L2MS settings. [Note] To return from L2MS mode to global configuration mode, use the exit command. To return to privileged EXEC mode, use the end command. [Example] Move to L2MS mode.
Command Reference | Maintenance and operation functions | 119 Setting value Description master Operate as an L2MS master that sets and controls SWR series or SWX series units that are connected subordinate to it slave Be managed from a Yamaha device that is operating as an L2MS master, such as a router, firewall, or SWX series unit that is set as the L2MS master [Initial value] l2ms role slave [Input mode] L2MS mode [Description] Sets the role when using the L2MS function.
| Command Reference | Maintenance and operation functions 4.22.5 Set number of times that is interpreted as L2MS slave down [Syntax] slave-watch down-count count no slave-watch down-count [Parameter] count : <2-10> Number of times that is interpreted as down [Initial value] slave-watch down-count 3 [Input mode] L2MS mode [Description] Sets the number of query frames that are transmitted without receiving a response frame from the slave until it is determined that the L2MS slave is down.
Command Reference | Maintenance and operation functions | 121 SWX3220(config-l2ms)#l2ms role master SWX3220(config-l2ms)#terminal-watch enable 4.22.7 Set the device information acquisition time interval [Syntax] terminal-watch interval time no terminal-watch interval [Parameter] time : <1800-86400> Acquisition interval (seconds) [Initial value] terminal-watch interval 1800 [Input mode] L2MS mode [Description] Specifies the time interval at which network device information is acquired.
| Command Reference | Maintenance and operation functions Regardless of the setting of this command, L2MS control frames might not be transmitted or received if any of the following conditions exist. • The interface is in the Blocking status due to STP or the loop detection function • The switchport trunk native vlan none command has been specified • It is inside a logical interface [Example] Prevent port1.5 from transmitting or receiving L2MS control frames. SWX3220(config)#interface port1.
Command Reference | Maintenance and operation functions | 123 • • Information for the L2MS slaves being managed • MAC address • Model name • Device name • Route • Linked-up ports • Uplink port • Downlink port • Settings applied • Number of terminals connected to the L2MS slave • Information of terminals connected to the L2MS slave (in the case of a switch) • MAC address • Ports connected • Time at which terminal was discovered • Information of terminals connected to the L2MS slave (in the case of an AP) •
| Command Reference | Maintenance and operation functions [Parameter] slave : MAC address (HHHH.HHHH.HHHH) or route (portD.D-D.D) Specify the MAC address or route of the applicable L2MS slave terminal. If omitted, this applies to all L2MS slave terminals. [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Show the config information of the L2MS slave terminal (SWX2200). The following content is shown.
Command Reference | Maintenance and operation functions | 125 Item poe-class port class Description Set upper limit for class of power supplied from each port [Example] Show the config information of all L2MS slave terminals. SWX3220>show l2ms slave-config [port1.23-1.23-8] system-name TEST3_SWX2200-8G vlan-id 2 2 vlan-id 3 3 vlan-port-mode 1 hybrid vlan-access 5 2 vlan-access 6 3 vlan-trunk 1 2 join vlan-trunk 1 3 join [00a0.de00.
| Command Reference | Maintenance and operation functions vlan-access 6 3 vlan-trunk 1 2 join vlan-trunk 1 3 join 4.22.
Command Reference | Maintenance and operation functions | 127 SWX3220(config-l2ms)#l2ms role master SWX3220(config-l2ms)#event-watch disable 4.22.14 Set event information acquisition time interval [Syntax] event-watch interval time no event-watch interval [Parameter] time : <60-1800> Acquisition time interval (seconds) [Initial value] event-watch interval 300 [Input mode] L2MS mode [Description] Sets the time interval at which event information is acquired from L2MS slaves existing on the network.
| Command Reference | Maintenance and operation functions SWX3220(config-l2ms)#l2ms role master SWX3220(config-l2ms)#config-auto-set enable 4.23 Snapshot 4.23.1 Set snapshot function [Syntax] snapshot enable snapshot disable no snapshot [Keyword] enable : Snapshot function is enabled disable : Snapshot function is disable [Initial value] snapshot disable [Input mode] global configuration mode [Description] Enables the snapshot function.
Command Reference | Maintenance and operation functions | 129 4.23.3 Create snapshot [Syntax] snapshot save [after-update] [Keyword] after-update : After updating the network's connection state, save it as a snapshot [Input mode] privileged EXEC mode [Description] Saves a snapshot file that is the base for the LAN map's snapshot function. If the after-update option is not included, the network connection state currently maintained by the master is saved as the snapshot file.
| Command Reference | Maintenance and operation functions If the server's port number is other than 80, you must specify this within the URL, using the syntax "http://server IP address or hostname:port number/path name". [Example] Specify http://192.168.100.1/swx3220.bin as the firmware download URL. SWX3220(config)#firmware-update url http://192.168.100.1/swx3220.bin SWX3220(config)# 4.24.
Command Reference | Maintenance and operation functions | 131 SWX3220(config)#firmware-update timeout 120 SWX3220(config)# 4.24.4 Allow revision-down [Syntax] firmware-update revision-down enable no firmware-update revision-down [Initial value] no firmware-update revision-down [Input mode] global configuration mode [Description] When using a firmware file from a web server to update the firmware, this allows the firmware to be changed to a revision that is older than the current revision.
| Command Reference | Maintenance and operation functions If you want to maintain the mounted state of the SD card, enter "Y"; if you want to unmount, enter "N." If you specify no-confirm, the mounted state of the SD card is maintained and the firmware is updated without asking for confirmation. If you specify sd-unmount, the SD card is unmounted without asking for confirmation. [Note] The firmware file references the "/swx3220/firmware/swx3220.bin" file on the SD card.
Command Reference | Maintenance and operation functions | 133 Setting value Description normal Reload stack master and slaves simultaneously sequential Reload stack master and slaves sequentially [Initial value] firmware-update reload-method normal [Input mode] global configuration mode [Description] Sets the method of restarting after a firmware update when using a stack configuration. "normal" restarts the master and slaves simultaneously.
| Command Reference | Maintenance and operation functions SWX3220(config)#stack disable 4.25.2 Change ID of stack member [Syntax] stack stack_id renumber new_stack_id [Parameter] stack_id : <1-2> Stack member ID to be changed. If a non-existent ID is specified, an error results new_stack_id : <1-2> Stack member ID after change [Initial value] none [Input mode] global configuration mode [Description] Changes the ID of the specified stack member.
Command Reference | Maintenance and operation functions | 135 Status Explanation Setting Status for carrying out necessary settings to configure stacks between member switches. Active Status when stacks are configured between member switches. Inacive Status when a fault has occurred on a stacked switch, where this switch is separated from the virtualized switch.
| Command Reference | Maintenance and operation functions The fixed subnet 255.255.255.0 is applied to NETWORK_ADDR. In the case of auto-ip, the Auto IP function is used between the stacked devices. If this command is executed with the "no" syntax, the setting returns to the default. The IP address space specified by this command cannot be used by ports other than the stack port. A restart is required in order to apply the settings of this command to operation.
Command Reference | Maintenance and operation functions | 137 event template_id : : Hour setting examples Setting contents 12 12:00 12.13 12:00 and 13:00 12- From 12:00 to 23:00 10-20 From 10:00 to 20:00 -20 From 0:00 to 20:00 * Hourly Minute setting examples Setting contents 30 30 minutes 15.
| Command Reference | Maintenance and operation functions 4.26.2 Schedule template description text settings [Syntax] description line no description [Parameter] line : Single-byte alphanumeric characters and single-byte symbols (64 characters or less) Schedule template description text [Initial value] no description [Input mode] Schedule template mode [Description] Sets the schedule template description text.
Command Reference | Maintenance and operation functions | 139 no schedule template [Parameter] template_id : <1-10> Schedule template number [Initial value] None [Input mode] global configuration mode [Description] Switches to the mode for setting the schedule template. If this command is executed with the "no" syntax, the specified schedule template is deleted. [Example] This switches to the mode for setting schedule template #1. SWX3220(config)#schedule template 1 SWX3220(config-schedule)# 4.26.
| Command Reference | Maintenance and operation functions ssh-server host key generate, commands beginning with “stack,” commands beginning with “no stack,” startup-config select, no startup-config select, telnet, traceroute, traceroute6 [Example] This registers the “copy tech-support sd” command in number #1 of schedule template #1. SWX3220(config)#schedule template 1 SWX3220(config-schedule)#cli-command 1 copy tech-support sd 4.26.
Command Reference | Maintenance and operation functions | 141 [Description] Specifies the host name. The host name specified by this command is used as the command prompt. If SNMP access is possible, this is used as the value of the MIB variable sysName. If this command is executed with the "no" syntax, the setting returns to the default value. [Example] Set the host name as "yamaha." SWX3220(config)#hostname yamaha yamaha(config)# 4.27.
| Command Reference | Maintenance and operation functions 4.27.4 Mount SD card [Syntax] mount sd [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Mounts the SD card. When you insert an SD card, this command is executed automatically, so you do not need to execute it. If you have unmounted the card by the unmount sd command, you will need to execute this. [Note] The SD card cannot be used if the SD card is in an unmounted state. [Example] Mount the SD card. SWX3220>mount sd 4.27.
Command Reference | Maintenance and operation functions | 143 If this command is executed with the "no" syntax, the setting returns to the default. [Example] Set the default LED mode to OFF mode. SWX3220(config)#led-mode default off 4.27.7 Show LED mode [Syntax] show led-mode [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the LED mode setting and status. The following items are shown.
| Command Reference | Maintenance and operation functions If the SD card's "/swx3220/firmware" folder contains "swx3220.bin", copy it to the backup folder. This can be executed only if the SD card is mounted. [Note] Do not edit or delete the files that are backed up to the SD card. [Example] Execute a system information backup. SWX3220#backup system Succeeded to backup system files and firmware file. 4.27.
Command Reference | Interface control | 145 Chapter 5 Interface control 5.1 Interface basic settings 5.1.1 Set description [Syntax] description line no description [Parameter] line : Single-byte alphanumeric characters and single-byte symbols (80characters or less) Description of the applicable interface [Initial value] no description [Input mode] interface mode [Description] Specifies a description of the applicable interface.
| Command Reference | Interface control [Parameter] type : Communication speed and communication mode types Communication speed and communication mode types Description auto Auto negotiation 10000-full 10Gbps/Full 100-full 100Mbps/Full 100-half 100Mbps/Half [Initial value] speed-duplex auto [Input mode] interface mode [Description] Sets the communication speed and communication mode. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Interface control | 147 Communication type Explanation 10000-full 10Gbps/Full 5000-full 5Gbps/Full 2500-full 2.5Gbps/Full 1000-full 1000Mbps/Full 100-full 100Mbps/Full 100-half 100Mbps/Half [Initial value] negotiation 10000-full 5000-full 2500-full 1000-full 100-full 100-half [Input mode] interface mode [Description] Sets the communication type supported by auto negotiation. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control Interface Nego Link Advertisement ------------------------------------------------------------------------port1.1 Enabled All port1.2 Enabled 10000-full, 5000-full, 2500-full, 1000-ful, 100-full port1.3 Enabled 100-full, 100-half port1.4 Enabled All port1.5 Enabled -port1.6 Enabled -port1.7 Enabled -port1.8 Enabled -- 5.1.
Command Reference | Interface control | 149 When this command is used to change the settings, link-down temporarily occurs for the corresponding interface. [Example] Disable cross/straight automatic detection for LAN port #1. SWX3220(config)#interface port1.1 SWX3220(config-if)#mdix auto disable 5.1.
| Command Reference | Interface control [Note] If another unit is not connected, the display indicates that EEE is not supported. [Example] Show EEE capabilities for LAN port #1. [If the other unit supports EEE] SWX3220#show eee capabilities interface port1.1 interface:port1.1 EEE(efficient-ethernet): yes (1000-T, 100-TX) Link Partner : yes (1000-T, 100-TX) [If the other unit does not support EEE] SWX3220#show eee capabilities interface port1.1 interface:port1.
Command Reference | Interface control | 151 Rx LPI Status Tx LPI Status Wake Error Count : : : Interrupted Interrupted 0 [If EEE is enabled and has transitioned to low-power mode] SWX3220#show eee status interface port1.1 interface:port1.1 EEE(efficient-ethernet): Operational Rx LPI Status : Low Power Tx LPI Status : Low Power Wake Error Count : 0 5.1.
| Command Reference | Interface control [Parameter] ifname : Interface name of the LAN/SFP port Monitor port to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the port mirroring setting. If interface is omitted, the settings for all monitor ports are shown. The following items are shown for each monitor port.
Command Reference | Interface control | 153 Item Description Interface Interface name Link is Link status *2 (if shutdown, shows the cause) • If shutdown is specified : (by shutdown) • If port error is detected : (by errdisable) Hardware is Interface type (e.g.
| Command Reference | Interface control Item Description bytes Number of transmitted bytes *2 multicast packets Number of transmitted multicast packets *2 broadcast packets Number of transmitted broadcast packets *2 drop packets Number of tail-dropped packets transmitted *2, *5 *1 Shown only for physical interface *2 Shown only for physical interface and logical interface *3 Shown only for VLAN interface *4 In the case of logical interface and VLAN interface, shows the minimum value for the phy
Command Reference | Interface control | 155 [Description] Shows brief interface status. The following items are shown.
| Command Reference | Interface control -------------------------------------------------------------------------------sa1 AGG 1 access up -1g -- 5.1.15 Resetting an interface [Syntax] interface reset ifname [Parameter] ifname : LAN/SFP port or logical interface Interface to reset [Input mode] privileged EXEC mode [Description] This resets the specified interface. [Note] The link status for the specified interface will be reset, and the link is re-established.
Command Reference | Interface control | 157 Item Description FCS errors Number of FCS error packets received RX errors Number of reception errors TX errors Number of transmission errors Collisions Number of collision occurrences Drop packets Number of tail-dropped packets transmitted, number of packets not received due to buffer overflow *2 64octet packets Number of packets with 64 octet length transmitted/received 65-127octet packets Number of packets with 65--127 octet length transmitted/ r
| Command Reference | Interface control 5.1.17 Clear frame counters [Syntax] clear counters ifname clear counters all [Keyword] all : Clearing the frame counter information for all interfaces : Interface name of LAN/SFP port or logical interface [Parameter] ifname Applicable interface [Input mode] privileged EXEC mode [Description] This clears the frame counter for the interfaces. If ifname is specified, the frame counter for that interface is cleared.
Command Reference | Interface control | 159 port1.26 port1.27 port1.28 3.34 Unsupported 3.89 Unsupported 3.70 Unsupported 2.89 Unsupported 2.70 Unsupported Current Interface (mA) ------------ -----------port1.25 4.0 port1.26 port1.27 6.2 port1.28 Unsupported High Alarm Threshold -----------16.0 17.0 Unsupported High Warning Threshold -----------15.0 14.0 Unsupported Low Warning Threshold -----------2.0 2.0 Unsupported Low Alarm Threshold -----------2.0 1.
| Command Reference | Interface control [Parameter] link-id : <1-96> static logical interface number [Input mode] interface mode [Description] Associates the applicable interface with the static logical interface specified by link-id. If this command is executed with the "no" syntax, the applicable interface is dissociated from the static logical interface. [Note] This command can be specified only for LAN/SFP port.
Command Reference | Interface control | 161 5.2.3 Set LACP logical interface [Syntax] channel-group link-id mode mode no channel-group [Parameter] link-id : <1-127> LACP logical interface number mode : Operation mode mode Description active Operate LACP in active mode. In active mode, it actively sends LACP frames to the other device. passive Operate LACP in passive mode. In passive mode, it sends LACP frames only if LACP frames are received from the other device.
| Command Reference | Interface control SWX3220(config)#interface port1.1 SWX3220(config-if)#channel-group 10 mode active 5.2.4 Show LACP logical interface status [Syntax] show etherchannel [ifname] [Parameter] ifname : Interface name of the LAN/SFP port Interfaces that make up the LACP logical interface [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] If ifname is omitted, shows the status of the LACP logical interface.
Command Reference | Interface control | 163 Item Aggregator ID Description Distinguishing ID on LACP Information shows the following items.
| Command Reference | Interface control LACP system priority irder Lower numbers have higher priority [Initial value] lacp system-priority 32768 [Input mode] global configuration mode [Description] Sets the LACP system priority order. If this command is executed with the "no" syntax, the setting returns to the default value. [Note] If an LACP logical interface is connected to the other device, the system priorities are compared, and control privilege is given to the device with the higher priority.
Command Reference | Interface control | 165 [Description] Enables or disables different-speed link aggregation in an LACP. If this command is executed with the "no" syntax, the setting returns to the default value. [Note] Operations when different-speed link aggregation is enabled • All associated ports up to the maximum (eight ports) are set to active, regardless of communication speed. • Load balancing is handled the same for all associated ports.
| Command Reference | Interface control 5.2.9 Clear LACP frame counters [Syntax] clear lacp [link-id] counters [Parameter] link-id : <1-127> LACP logical interface number [Input mode] privileged EXEC mode [Description] Clears the LACP frame counters. If link-id is omitted, the frame counter of every existing LACP logical interface is cleared. [Example] Clear the frame counter for every LACP logical interface. SWX3220#clear lacp counters 5.2.
Command Reference | Interface control | 167 type Description dst-ip Destination IPv4/IPv6 address dst-mac Destination MAC address dst-port Destination TCP/UDP port number src-dst-ip Source and destination IPv4/IPv6 address src-dst-mac Source and destination MAC address src-dst-port Source and destination TCP/UDP port number src-ip Source IPv4/IPv6 address src-mac Source MAC address src-port Source TCP/UDP port number [Initial value] port-channel load-balance src-dst-mac [Input mode] glob
| Command Reference | Interface control Item Description Aggregator LACP logical interface ID Distinguishing ID on the LACP logical interface Actor LAG The actor's own LACP system ID (priority, MAC address) Admin Key The ID that is the basis of the actor's own LACP key (logical port number) Status Link aggregation status ("Not ready"/"Ready") Partner LAG The partner's LACP system ID (priority, MAC address) Partner Key The ID that is the basis of the partner's LACP key Link count Number
Command Reference | Interface control | 169 ID 4727 Status Not ready Partner LAG 0x8000, 00-a0-de-11-11-11 Partner Key 0001 Link count 0/ 1 SWX3220#show etherchannel status detail Aggregator po1 ID 4601 Status Ready Actor LAG 0x8000, 00-a0-de-e0-e0-e0 Admin Key 0001 Partner LAG 0x8000, 00-a0-de-11-11-11 Partner Key 0001 Link count 1/ 1 Link port1.
| Command Reference | Interface control 2 ) If the LACP port priority is the same, priority is given to the lower interface number. If an SFP port is to be given priority, its LACP port priority must be set lower than other ports. [Example] Set the LACP port priority order to 1024. SWX3220(config-if)#channel-group 1 mode active SWX3220(config-if)#lacp port-priority 1024 5.3 Port authentication 5.3.1 Configuring the IEEE 802.
Command Reference | Interface control | 171 no aaa authentication auth-web [Initial value] no aaa authentication auth-web [Input mode] global configuration mode [Description] Enables Web authentication for the entire system. If this command is executed with the "no" syntax, Disables Web authentication for the entire system. Use a RADIUS server for authentication on which the radius-server host command has been configured.
| Command Reference | Interface control [Parameter] direction : Sets the packet forwarding operation for unauthenticated ports Forwarding operation Description both Both send and receive packets are discarded. in Only receive packets are discarded. [Initial value] dot1x control-direction both [Input mode] interface mode [Description] Changes the packet forwarding operation for the applicable interface when the IEEE 802.1X authentication is unauthenticated.
Command Reference | Interface control | 173 [Example] Set the EAPOL packet transmission count for LAN port #1 to "3". SWX3220(config)#interface port1.1 SWX3220(config-if)#dot1x max-auth-req 3 5.3.7 Set the MAC authentication function [Syntax] auth-mac enable auth-mac disable no auth-mac enable [Initial value] auth-mac disable [Input mode] interface mode [Description] Enables MAC authentication for the applicable interface.
| Command Reference | Interface control During MAC authentication, the MAC address of the supplicant is used as a user name and password, and a request is sent to the RADIUS server for authentication. If this command is executed with the "no" syntax, the setting returns to the default. [Note] To use this command, you must enable the port authentication function for the applicable interface.
Command Reference | Interface control | 175 Operation mode multi-supplicant Description This mode allows communication with multiple supplicants for each port. Communication is allowed or denied on a per-supplicant basis. [Initial value] auth host-mode single-host [Input mode] interface mode [Description] Changes the port authentication operation mode for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control 5.3.12 Set dynamic VLAN [Syntax] auth dynamic-vlan-creation no auth dynamic-vlan-creation [Initial value] no auth dynamic-vlan-creation [Input mode] interface mode [Description] Sets dynamic VLAN for the applicable interface. If this is executed with the "no" syntax, the dynamic VLAN is disabled. For interfaces on which dynamic VLAN is enabled, the associated VLAN is actively changed based on the property (TunnelPrivate-Group-ID) specified by the RADIUS server.
Command Reference | Interface control | 177 SWX3220(config)#interface port1.1 SWX3220(config-if)#auth guest-vlan 10 5.3.
| Command Reference | Interface control 5.3.16 Set the reply wait time for the RADIUS server overall [Syntax] auth timeout server-timeout time no auth timeout server-timeout [Parameter] time : <1-65535> Reply wait time from the authentication server for the authentication request (seconds) [Initial value] auth timeout server-timeout 30 [Input mode] interface mode [Description] Sets the reply wait time for the RADIUS server overall when authenticating a port of the applicable interface.
Command Reference | Interface control | 179 5.3.
| Command Reference | Interface control [Parameter] time : <1-1000> Standby time for replying to requests (seconds) [Initial value] radius-server timeout 5 [Input mode] global configuration mode [Description] Sets the reply wait time for each RADIUS server. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Interface control | 181 Single-byte alphanumeric characters, and single-byte symbols other than the characters '?' and spaces (128 characters or less) [Initial value] no radius-server key [Input mode] global configuration mode [Description] Sets the shared password used when communicating with a RADIUS server. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Interface control If this setting is made, it is notified to RADIUS server as the NAS-Identifier attribute. If this setting is deleted, notification is stopped. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Set "Nas-ID-001" as the NAS-Identifier attribute that is sent to the RADIUS server. SWX3220(config)#auth radius attribute nas-identifier Nas-ID-001 5.3.
Command Reference | Interface control | 183 Dynamic VLAN creation Guest VLAN Reauthentication Reauthentication period MAX request Supplicant timeout Server timeout Quiet period Controlled directions Protocol version Clear-state time : : : : : : : : : : : Disabled Disabled Disabled 3600 sec 2 times 30 sec 30 sec 60 sec In (configured:both) 2 Not configured 5.3.
| Command Reference | Interface control EAP Response Invalid EAPOL EAP Length error Last EAPOL version Last EAPOL source Transmitted frames EAP Request ID EAP Request EAP Success EAP Fail RADIUS packets: Received packets Access Request Access Challenge Access Accept Access Reject Transmitted packets Access Request : : : : : : : : : : 9 0 0 1 0011.2233.4455 11 1 9 1 0 : : : : : : : 10 0 9 1 0 10 10 5.3.
Command Reference | Interface control | 185 Authentication Port Secret Key Timeout Retransmit Count Deadtime : : : : : 1645 fghij 5 sec 3 0 min 5.3.
| Command Reference | Interface control 5.3.31 Setting the time for clearing the authentication state (system) [Syntax] auth clear-state time time no auth clear-state time [Parameter] time : <0-23> Time at which the authentication state is cleared [Initial value] no auth clear-state time [Input mode] global configuration mode [Description] Sets the time at which the authentication state for the supplicant is cleared for the entire system.
Command Reference | Interface control | 187 [Keyword] all : Copies the file for customizing all Web authentication screens : Single-byte alphanumeric characters and single-byte symbols [Parameter] filename Filename of the file for customizing the Web authentication screen src_config_num dst_config_num : : Copy source configuration number Setting value Description 0-1 Number of the start-up config sd SD card Copy destination configuration number Setting value Description 0−1 Number of the
| Command Reference | Interface control [Description] Deletes the file for customizing the Web authentication screen. [Note] In a state in which the SD card is not mounted, executing this command on a config that is in the SD card produces an error. [Example] Deletes logo.png from startup configuration #0. SWX3220#erase auth-web startup-config logo.png 0 5.3.
Command Reference | Interface control | 189 [Description] Enables the port security function for the applicable interface. If this is executed with the "no" syntax, or disable is specified, port security will be disabled for the applicable interface. [Note] This command can be specified only for both LAN/SFP port and logical interface. Any unregistered terminals will be discarded at the time when the port security function is enabled. [Example] Enable port security for LAN port #1.
| Command Reference | Interface control SWX3220(config)#interface port1.1 SWX3220(config-if)#port-security violation shutdown 5.4.4 Show port security information [Syntax] show port-security status [Input mode] privileged EXEC mode [Description] Shows the port security information. [Example] Show the port security information. SWX3220#show port-security status Port Security Action Status Last violation -------- --------- --------- --------- ----------------port1.1 Enabled Discard Blocking 00a0.de00.
Command Reference | Interface control | 191 [Note] For a LAN/SFP port that was put in the errdisable state by the BPDU guard function before this command was executed, the change in the setting is applied the next time BPDU is detected. [Example] Enable automatic recovery after BPDU guard has caused the errdisable state, and set the recovery time to 600 seconds. SWX3220(config)#errdisable auto-recovery bpduguard interval 600 Disable automatic recovery after loop detection has caused the errdisable state.
| Command Reference | Layer 2 functions Chapter 6 Layer 2 functions 6.1 FDB (Forwarding Data Base) 6.1.
Command Reference | Layer 2 functions | 193 SWX3220(config)#mac-address-table ageing-time 400 6.1.3 Clear dynamic entry [Syntax] clear clear clear clear mac-address-table mac-address-table mac-address-table mac-address-table dynamic dynamic adress mac-addr dynamic vlan vlan-id dynamic interface ifname [instance inst] [Keyword] address : Specifies the MAC address vlan : Specifies the VLAN ID interface : Specifies the interface instance : Specifies the MST instance : hhhh.hhhh.
| Command Reference | Layer 2 functions ifname : Setting value Description discard Discard Name of LAN/SFP port or logical interface Applicable interface vlan-id : <1-4094> Applicable VLAN ID [Initial value] none [Input mode] global configuration mode [Description] Registers a static entry in the MAC address table. If action is specified as "forward," received frames that match the specified MAC address and VLAN ID are forwarded to the specified interface.
Command Reference | Layer 2 functions | 195 1 1 sa1 sa2 1803.731e.8c2b 782b.cbcb.218d forward forward dynamic dynamic 300 300 6.1.
| Command Reference | Layer 2 functions [Keyword] name : Specifies the name of the VLAN state : Specifies the state of the VLAN : <2-4094> [Parameter] vlan-id VLAN ID name : Single-byte alphanumeric characters and single-byte symbols(32characters or less) Name of the VLAN state : Whether frame forwarding is enabled or disabled Setting value Description enable Frames are forwarded disable Frames are not forwarded [Initial value] none [Input mode] VLAN mode [Description] Sets the VLAN
Command Reference | Layer 2 functions | 197 Setting value Description isolated Secondary VLAN (isolated VLAN) [Initial value] none [Input mode] VLAN mode [Description] Uses vlan-id as a private VLAN. If this command is executed with the "no" syntax, the private VLAN setting is deleted, and it is used as a conventional VLAN.
| Command Reference | Layer 2 functions [Description] Specify the association of the secondary VLAN (isolated VLAN, community VLAN) with the primary VLAN of the private VLAN. By specifying "add," specify the association of the vlan-id with the 2nd-vlan-ids. By specifying "remove," remove the association of the vlan-id and the 2nd-vlan-ids. If this command is executed with the "no" syntax, all associations to the primary VLAN are deleted.
Command Reference | Layer 2 functions | 199 [Input mode] interface mode [Description] Sets the VLAN ID that is associated as an access port with the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be set only for a LAN/SFP port or logical interface for which the switchport mode access command is set.
| Command Reference | Layer 2 functions 6.2.
Command Reference | Layer 2 functions | 201 SWX3220(config)#interface port1.1 SWX3220(config-if)#switchport mode trunk SWX3220(config-if)#switchport trunk allowed vlan add 2 6.2.
| Command Reference | Layer 2 functions [Initial value] none [Input mode] interface mode [Description] Specifies the private VLAN port type for the applicable interface. If this is executed with the "no" syntax, the setting of the private VLAN specified for the applicable interface is deleted. [Note] This command can be set only for a LAN/SFP port for which the switchport mode access command is set. In addition, promiscuous can be specified for the following interfaces.
Command Reference | Layer 2 functions | 203 SWX3220(config)# interface port1.1 SWX3220(config-if)# switchport mode private-vlan host SWX3220(config-if)# switchport private-vlan host-association 100 add 101 SWX3220(config-if)# interface port1.2 SWX3220(config-if)# switchport mode private-vlan host SWX3220(config-if)# switchport private-vlan host-association 100 add 102 SWX3220(config-if)# interface port1.
| Command Reference | Layer 2 functions SWX3220(config)# interface port1.1 SWX3220(config-if)# switchport mode private-vlan promiscuous SWX3220(config-if)# switchport private-vlan mapping 100 add 101 SWX3220(config-if)# switchport private-vlan mapping 100 add 102 SWX3220(config-if)# switchport private-vlan mapping 100 add 103 6.2.
Command Reference | Layer 2 functions | 205 SWX3220(config)#interface port1.1 SWX3220(config-if)#switchport voice cos 6 6.2.15 Set DSCP value for voice VLAN [Syntax] switchport voice dscp value no switchport voice dscp [Parameter] value : <0-63> DSCP value to specify for connected device [Initial value] switchport voice dscp 0 [Input mode] interface mode [Description] Specify the DSCP value to use for voice traffic by the connected device.
| Command Reference | Layer 2 functions Even if multiple VLAN is specified, correct communication might not be possible due to the following. • Spanning tree block status • IGMP snooping or MLD snooping status • Loop detection block status [Example] Assign LAN port #1 to multiple VLAN group #10. SWX3220(config)#interface port1.1 SWX3220(config-if)#switchport multiple-vlan group 10 SWX3220(config-if)#exit 6.2.
Command Reference | Layer 2 functions | 207 Item Description Name Name of the VLAN State VLAN status (whether frames are forwarded) • ACTIVE : forwarded • SUSPEND : not forwarded Member ports Interfaces associated with the VLAN ID • (u) : Access port (untagged port) • (t) : Trunk port (tagged port) [Example] Show all VLAN information.
| Command Reference | Layer 2 functions [Parameter] group-id : <1-256> Multiple VLAN group ID [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the setting status for multiple VLAN groups. If the "group" specification is omitted, all groups that are actually assigned to the interface are shown. [Example] Shows the setting status for multiple VLAN groups.
Command Reference | Layer 2 functions | 209 If this command is executed with the "no" syntax, the setting returns to the default. [Note] The setting of this command must satisfy the following conditions. 2 x (hello time + 1) <= maximum aging time <= 2 x (forward delay time - 1) The maximum aging time can be set by the spanning-tree max-age command. The hello time is always 2 seconds, and cannot be changed. [Example] Set the forward delay time to 10 seconds. SWX3220(config)#spanning-tree forward-time 10 6.
| Command Reference | Layer 2 functions [Note] In the case of MSTP, this is the setting for CIST (instance #0). [Example] Set the bridge priority to 4096. SWX3220(config)#spanning-tree priority 4096 6.3.
Command Reference | Layer 2 functions | 211 [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface. If a LAN/SFP port is associated with a logical interface, the setting of this command for the corresponding LAN/SFP port returns to the default. [Example] Set the LAN port #1 link type to "shared." SWX3220(config)#interface port1.
| Command Reference | Layer 2 functions [Initial value] spanning-tree bpdu-guard disable [Input mode] interface mode [Description] Sets BPDU guard for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface.
Command Reference | Layer 2 functions | 213 SWX3220(config)#interface port1.1 SWX3220(config-if)#spanning-tree path-cost 100000 6.3.10 Set interface priority [Syntax] spanning-tree priority priority no spanning-tree priority [Parameter] priority : <0-240> (multiple of 16) Priority value [Initial value] spanning-tree priority 128 [Input mode] interface mode [Description] Sets the priority of the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Layer 2 functions 6.3.12 Show spanning tree status [Syntax] show spanning-tree [interface ifname] [Keyword] interface : Specifies the interface to show : Name of LAN/SFP port or logical interface [Parameter] ifname Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the spanning tree status. If "interface" is omitted, the status of all interfaces is shown. In the case of MSTP, shows CIST (instance #0) information.
Command Reference | Layer 2 functions | 215 Item Description Root Root bridge identifier. This consists of the root bridge priority (the first four hexadecimal digits) and MAC address Designated Bridge Bridge identifier.
| Command Reference | Layer 2 functions % % % % % % port1.1: port1.1: port1.1: port1.1: port1.1: port1.1: No portfast configured - Current portfast off bpdu-guard disabled - Current bpdu-guard off bpdu-filter disabled - Current bpdu-filter off no root guard configured - Current root guard off Configured Link Type point-to-point - Current point-to-point No auto-edge configured - Current port Auto Edge off 6.3.
Command Reference | Layer 2 functions | 217 % Other Port-Specific Info -----------------------% Max Age Transitions % Msg Age Expiry % Similar BPDUS Rcvd % Src Mac Count % Total Src Mac Rcvd % Next State % Topology Change Time : : : : : : : 1 0 0 0 3 Discard/Blocking 0 % Other Bridge information & Statistics -------------------------------------% STP Multicast Address : 01:80:c2:00:00:00 % Bridge Priority : 32768 % Bridge Mac Address : ac:44:f2:30:01:10 % Bridge Hello Time : 2 % Bridge Forward Delay : 15
| Command Reference | Layer 2 functions [Example] Move to MST mode. SWX3220(config)#spanning-tree mst configuration SWX3220(config-mst)# 6.3.16 Generate MST instance [Syntax] instance instance-id no instance [Parameter] instance-id : <1-15> Instance ID [Initial value] none [Input mode] MST mode [Description] Generates an MST instance. If this command is executed with the "no" syntax, the MST instance is deleted.
Command Reference | Layer 2 functions | 219 SWX3220(config)#spanning-tree mst configuration SWX3220(config-mst)#instance 1 vlan 2 6.3.18 Set priority of MST instance [Syntax] instance instance-id priority priority no instance instance-id priority [Parameter] instance-id : <1-15> Instance ID priority : <0-61440> (multiple of 4096) Priority value [Initial value] instance instance-id priority 32768 [Input mode] MST mode [Description] Sets the priority of the MST instance.
| Command Reference | Layer 2 functions [Parameter] revision : <0-65535> Revision number [Initial value] revision 0 [Input mode] MST mode [Description] Sets the revision number of the MST region. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Set the revision number as 2 for the MST region. SWX3220(config)#spanning-tree mst configuration SWX3220(config-mst)#revision 2 6.3.
Command Reference | Layer 2 functions | 221 Priority value [Initial value] spanning-tree instance instance-id priority 128 [Input mode] interface mode [Description] Sets the priority for the applicable interface in the MST instance. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for LAN/SFP port and logical interface. It is not possible to specify this command for a LAN/SFP port that is associated to a logical interface.
| Command Reference | Layer 2 functions SWX3220(config)#interface port1.1 SWX3220(config-if)#spanning-tree instance 2 SWX3220(config-if)#spanning-tree instance 2 path-cost 100000 6.3.24 Show MST region information [Syntax] show spanning-tree mst config [Input mode] unprivileged EXEC mode, privileged EXEC mode, interface mode [Description] Shows distinguishing information for the MST region. [Example] Show distinguishing information for the MST region.
Command Reference | Layer 2 functions | 223 % % 0: 1: 1 100 (port1.8) Show detailed MSTP information for LAN port #8. SWX3220>show spanning-tree mst detail interface port1.
| Command Reference | Layer 2 functions [Description] Shows information for the specified MST instance. If "interface" is omitted, information is shown for all interfaces that are assigned the specified MST instance. [Note] A LAN/SFP port that is associated with a logical interface cannot be specified as ifname. [Example] Show information for MST instance #1.
Command Reference | Layer 2 functions | 225 SWX3220(config)#loop-detect enable Disable the loop detection function for the entire system. SWX3220(config)#loop-detect disable 6.4.
| Command Reference | Layer 2 functions 6.4.
Command Reference | Layer 2 functions | 227 The following items are shown. • Setting of the system-wide loop detection function • Loop detection status for each LAN/SFP port • Interface name (port) • Setting of the loop detection function (loop-detect) for LAN/SFP port. If the loop detection function is operating, (*) is added • Status of the Port Blocking setting (port-blocking) • Loop detection status (status) [Example] Show the loop detection status.
| Command Reference | Layer 3 functions Chapter 7 Layer 3 functions 7.1 IPv4 address management 7.1.1 Set IPv4 address [Syntax] ip ip no no no address ip_address/mask [secondary] [label textline] address ip_address netmask [secondary] [label textline] ip address ip_address/mask [secondary] ip address ip_address netmask [secondary] ip address [Keyword] label : Set label as IPv4 address secondary : Set as the secondary address : A.B.C.
Command Reference | Layer 3 functions | 229 [Parameter] interface : VLAN interface name [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the IPv4 address for each interface. The following content is shown. • IPv4 address • For secondary addresses, “(secondary)” is appended to the end of IPv4 addresses. • If an IPv4 address has been specified by the ip address dhcp command, an "*" is shown added before the displayed IPv4 address.
| Command Reference | Layer 3 functions [Note] The lease time requested from the DHCP server is fixed at 72 hours. However, the actual lease time will depend on the setting of the DHCP server. Even if this command is used to obtain the default gateway, DNS server, and default domain name from the DHCP server, the settings of the ip route, ip name-server, ip domain-name commands take priority.
Command Reference | Layer 3 functions | 231 [Parameter] switch : Behavior of the auto IP function Setting value Description enable Enable the auto IP function disable Disable the auto IP function [Initial value] auto-ip disable [Input mode] interface mode [Description] For the VLAN interface, enables the Auto IP function which automatically generates the IPv4 link local address (169.254.xxx.xxx/16).
| Command Reference | Layer 3 functions Netmask in address format Set this to 0.0.0.0 if specifying the default gateway gateway : A.B.C.D IPv4 address of gateway number : <1-255> Administrative distance (priority order when selecting route) (if omitted: 1) Lower numbers have higher priority. [Initial value] none [Input mode] global configuration mode [Description] Adds a static route for IPv4. If this command is executed with the "no" syntax, the specified route is deleted.
Command Reference | Layer 3 functions | 233 Number of mask bits (if omitted: 32) [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the IPv4 Forwarding Information Base (FIB). If the IPv4 address is omitted, the entire content of the FIB is shown. If the IPv4 address or network address is specified, detailed information for the routing entry that matches the destination is shown. [Example] Show the entire IPv4 forwarding information base.
| Command Reference | Layer 3 functions SWX3220>show ip route summary IP routing table name is Default-IP-Routing-Table(0) IP routing table maximum-paths is 1 Route Source Networks connected 2 static 3 Total 5 7.2.6 Clear IPv4 route [Syntax] clear ip route * clear ip route ip_address/mask [Parameter] ip_address : A.B.C.D IPv4 address mask : <0-32> Number of mask bits [Input mode] privileged EXEC mode [Description] Clear the RIP and OSPFv2 route of the IPv4 forwarding table.
Command Reference | Layer 3 functions | 235 [Example] Clear the ARP cache. SWX3220#clear arp-cache 7.3.3 Set static ARP entry [Syntax] arp ip_address mac_address interface no arp ip_address [Parameter] ip_address : A.B.C.D IP address mac_address : HHHH.HHHH.HHHH MAC address interface : portN.M Physical interface name [Initial value] none [Input mode] global configuration mode [Description] Creates a static group ARP entry.
| Command Reference | Layer 3 functions 7.4.1 IPv4 forwarding settings [Syntax] ip forwarding switch no ip forwarding [switch] [Parameter] switch : IPv4 packet forwarding settings Setting value Description enable Enable forwarding of IPv4 packets disable Disable forwarding of IPv4 packets [Initial value] ip forwarding enable [Input mode] global configuration mode [Description] Enables or disables forwarding of IPv4 packets.
Command Reference | Layer 3 functions | 237 [Description] This configures the forwarding of directed broadcasts for the VLAN interface from other VLAN interfaces. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for VLAN interfaces. This only works if an IP address is assigned to the VLAN interface. Use caution, as this may be exploited by Smurf attacks and similar attacks when directed broadcast forwarding is enabled.
| Command Reference | Layer 3 functions --- 192.168.100.254 ping statistics --3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 8.368/9.461/10.069 ms 7.5.2 Check IPv4 route [Syntax] traceroute host [Parameter] host : Destination for which to check the route Host name, or target IP address (A.B.C.D) [Input mode] privileged EXEC mode [Description] Shows information for the route to the specified host. [Example] Check the route to 192.168.100.1. SWX3220#traceroute 192.
Command Reference | Layer 3 functions | 239 [Example] Enable IPv6 for VLAN #1. SWX3220(config)#interface vlan1 SWX3220(config-if)#ipv6 enable 7.6.2 Set IPv6 address [Syntax] ipv6 address ipv6_address/prefix_len no ipv6 address ipv6_address/prefix_len no ipv6 address [Parameter] ipv6_address : X:X::X:X IPv6 address prefix_len : <1-127> IPv6 prefix length [Input mode] interface mode [Description] Specifies the IPv6 address and prefix length for the VLAN interface.
| Command Reference | Layer 3 functions [Example] Use RA to set the IPv6 address for VLAN #1. SWX3220(config)#interface vlan1 SWX3220(config-if)#ipv6 address autoconfig 7.6.4 Show IPv6 address [Syntax] show ipv6 interface [interface] brief [Parameter] interface : VLAN interface name Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the IPv6 address for each interface. • IPv6 address • If an IPv6 address has not been set, this will be "unassigned.
Command Reference | Layer 3 functions | 241 prefix_len : <1-127> IPv6 prefix Set this to 0 if specifying the default gateway gateway : X:X::X:X IPv6 address of gateway If you specify an IPv6 link local address, you must also specify the output interface (fe80::X%vlanN format) number : <1-255> Management route (priority order when selecting route) (if omitted: 1) Lower numbers have higher priority. [Input mode] global configuration mode [Description] Adds a static route for IPv6.
| Command Reference | Layer 3 functions S C 2001:db8:2::/64 [1/0] via 2001:db8:1::1, vlan1, 00:01:52 fe80::/64 via ::, vlan1, 00:03:08 Show the route used for sending packets that are addressed to 2001:db8:1::2. SWX3220>show ipv6 route 2001:db8:1::2 Routing entry for 2001:db8:1::/64 Known via "connected", distance 0, metric 0, best Last update 00:18:27 ago * directly connected, vlan1 7.7.
Command Reference | Layer 3 functions | 243 IPv6 address mask : <0-128> IPv6 prefix length [Input mode] privileged EXEC mode [Description] Clear the RIPng and OSPFv3 route of the IPv4 forwarding table. The first syntax clears all RIPng and OSPFv3 routes. The second syntax clears only the route within the network that was specified within the RIPng and OSPFv3 routes. [Note] This command cannot be used if the stack function is enabled.
| Command Reference | Layer 3 functions [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the neighbor cache table. [Note] This command cannot be used if the stack function is enabled. [Example] Show the neighbor cache table. SWX3220>show ipv neighbors IPv6 Address 2001:db8:1:0:3538:5dc7:6bc4:1a23 2001:db8:cafe::1 fe80::0211:22ff:fe33:4455 fe80::6477:88ff:fe99:aabb MAC Address 0011.2233.4455 00a0.de80.cafe 0011.2233.4455 6677.8899.
Command Reference | Layer 3 functions | 245 [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the IPv6 packet forwarding settings. [Example] Shows the IPv6 packet forwarding settings. SWX3220>show ipv6 forwarding IPv6 forwarding is on 7.10 IPv6 ping 7.10.
| Command Reference | Layer 3 functions 64 64 64 64 64 bytes bytes bytes bytes bytes from from from from from fe80::2a0:deff:fe11:2233: fe80::2a0:deff:fe11:2233: fe80::2a0:deff:fe11:2233: fe80::2a0:deff:fe11:2233: fe80::2a0:deff:fe11:2233: seq=0 seq=1 seq=2 seq=3 seq=4 ttl=64 ttl=64 ttl=64 ttl=64 ttl=64 time=2.681 ms time=4.760 ms time=10.045 ms time=10.078 ms time=10.
Command Reference | Layer 3 functions | 247 [Example] Enable the DNS lookup function. SWX3220(config)#dns-client enable 7.11.2 Set DNS server list [Syntax] dns-client name-server server no dns-client name-server server [Parameter] server : A.B.C.
| Command Reference | Layer 3 functions [Note] The setting of this command takes priority if the default domain name (option code 15) was obtained from the DHCP server by the ip address dhcp command. If a search domain list is specified by the dns-client domain-list command, the default domain name specified by this command and the default domain name automatically specified by the ip address dhcp command are not used. [Example] Set the default domain name to "example.com".
Command Reference | Layer 3 functions | 249 SWX3220>show dns-client DNS client is enabled Default domain : example.com Domain list : example1.com example2.com Name Servers : 192.168.100.1 2001:db8::1234 fe80::2a0:deff:fe11:2233%vlan1 * - Values assigned by DHCP Client. 7.12 OSPF 7.12.
| Command Reference | Layer 3 functions [Example] SWX3220(config)# router ipv6 ospf SWX3220(config-router)# SWX3220(config-router)# exit SWX3220(config)# 7.12.3 Set authentication for an OSPF area [Syntax] area area_id authentication [message-digest] no area area_id authentication [Keyword] message-digest : Use MD5 digest authentication : Area ID [Parameter] area_id Setting value Description A.B.C.
Command Reference | Layer 3 functions | 251 [Parameter] area_id metric : : Area ID Setting value Description A.B.C.D OSPF area ID in IPv4 address format <0-4294967295> OSPF area ID in four-octet integer format <0-16777215> Metric value of default route advertised to NSSA or stub area [Initial value] area area_id default-cost 1 [Input mode] OSPFv2 mode [Description] Sets the metric value of the default route that is advertised to an NSSA or stub area.
| Command Reference | Layer 3 functions This is valid only for an ABR. [Example] Using an access list, prevent all route information other than 203.0.113.0/24 from being advertised to area 1. SWX3220(config)# access-list 1 deny 203.0.113.0 0.0.0.255 SWX3220(config)# access-list 1 permit any SWX3220(config)# router ospf SWX3220(config-router)# area 1 filter-list access 1 in 7.12.6 Set area as NSSA (OSPFv2) [Syntax] area area_id nssa [option [option ...]] no area area_id nssa [option [option ...
Command Reference | Layer 3 functions | 253 [Input mode] OSPFv2 mode [Description] Sets the specified area as an NSSA. If the "no" syntax is used with a specified option, the specified option can be disabled. [Example] Set area 1 as an NSSA. SWX3220(config-router)# area 1 nssa 7.12.
| Command Reference | Layer 3 functions 7.12.8 Set area as stub area (OSPFv2) [Syntax] area area_id stub [no-summary] no area area_id stub [no-summary] [Keyword] no-summary : Route information to other areas is not advertised to the applicable stub area (specify as a totally stubby area). : Area ID [Parameter] area_id Setting value Description A.B.C.
Command Reference | Layer 3 functions | 255 Setting value Description performed using the simple password specified by the "authentication-key" option. If type is specified as "message-digest", authentication is performed using the MD5 digest authentication key specified by the "message-digest-key" option. If type is specified as "null", authentication is not performed on the virtual link. authentication-key string Specify the simple password as eight characters or fewer.
| Command Reference | Layer 3 functions [Description] Specifies the bandwidth value used when calculating the default metric value of the interface. [Example] Calculate the default metric value with 100 Mbps as the bandwidth of the interface. SWX3220(config-router)# auto-cost reference-bandwidth 100 7.12.11 Set Opaque-LSA [Syntax] capability opaque mode no capability opaque [Parameter] mode : Opaque-LSA Setting value Description enable Enable the Opaque-LSA. disable Disable the Opaque-LSA.
Command Reference | Layer 3 functions | 257 [Initial value] mode : disable [Input mode] OSPFv2 mode [Description] Enables optimization of the LSDB summary list. When this function is enabled, if the LSA in the LSDB summary list is the same or newer when compared to the LSA included in the DD (Database Description) packet received from the neighbor, then that LSA is deleted from the LSDB summary list, thereby optimizing exchange of database information. 7.12.
| Command Reference | Layer 3 functions [Input mode] OSPFv2 mode [Description] Specifies the metric value used when advertising external route information to the OSPF routing domain. This is used in conjunction with the redistribute command. 7.12.
Command Reference | Layer 3 functions | 259 process_id : Setting value Description connected Applies to direct routes. ospf [process_id] Applies to route information held by OSPF. rip Applies to route information held by RIP. static Applies to static route information.
| Command Reference | Layer 3 functions [Example] Advertise 203.0.113.1 to area 1 as the stub host route. SWX3220(config-router)# host 203.0.113.1 area 1 7.12.19 Set number of concurrent DD exchange processes (OSPFv2) [Syntax] max-concurrent-dd dd_num no max-concurrent-dd [dd_num] [Parameter] dd_num : <1-65535> Number of concurrent DD exchange processes [Initial value] max-concurrent-dd 5 [Input mode] OSPFv2 mode [Description] Sets the number of DD exchange processes that can occur concurrently.
Command Reference | Layer 3 functions | 261 SWX3220(config-if)# exit SWX3220(config)# interface vlan2 SWX3220(config-if)# ip address 172.16.0.1/16 SWX3220(config-if)# exit SWX3220(config)# router ospf SWX3220(config-router)# network 203.0.113.0/24 area 0 SWX3220(config-router)# network 172.16.0.0/16 area 1 7.12.
| Command Reference | Layer 3 functions 7.12.23 Set upper limit of receivable AS external LSA [Syntax] overflow database external lsa_num time no_overflow database external [Parameter] lsa_num : <0-2147483647> Upper limit of AS external LSA time : <0-65535> Time until recovery from overflow condition (seconds) [Initial value] none [Input mode] OSPFv2 mode [Description] c If time is set as 0, do not recover automatically. 7.12.
Command Reference | Layer 3 functions | 263 option : Setting value Description connected Applies to direct routes. ospf [process_id] Applies to route information held by OSPF. rip Applies to route information held by RIP. static Applies to static route information. Option Setting value Description metric <0-16777214> Sets the metric value used when redistributing external routing information into the OSPF area.
| Command Reference | Layer 3 functions [Input mode] OSPFv2 mode [Description] Specifies the summary destination network address for when summarizing external route information and advertising it to the OSPF area. Summarization applies to the external route information with destinations that are included in the specified network address. This is valid only for an ASBR. [Example] When 172.16.1.0/24 and 172.16.2.0/24 are registered in the RIB as external route information, summarize them to 172.16.0.
Command Reference | Layer 3 functions | 265 7.12.
| Command Reference | Layer 3 functions 7.12.31 Set area as NSSA (OSPFv3) [Syntax] area area_id nssa [option [option ...]] no area area_id nssa [option [option ...]] [Parameter] area_id option : : Area ID Setting value Description A.B.C.
Command Reference | Layer 3 functions | 267 SWX3220(config-router)# area 1 nssa 7.12.32 Summarize route information of a specified network address region, and advertise to other areas (OSPFv3) [Syntax] area area_id range range [type] no area area_id range range [type] [Parameter] area_id range type : : : Area ID Setting value Description A.B.C.
| Command Reference | Layer 3 functions Setting value Description A.B.C.D OSPF area ID in IPv4 address format <0-4294967295> OSPF area ID in four-octet integer format [Initial value] none [Input mode] OSPFv3 mode [Description] Sets the specified area as a stub area. If the "no" syntax is used with a specified option, the specified option can be disabled. 7.12.34 Specify virtual link on area (OSPFv3) [Syntax] area area_id virtual-link router_id [option [option ...
Command Reference | Layer 3 functions | 269 7.12.35 Set bandwidth of interface (OSPFv3) [Syntax] auto-cost reference-bandwidth bandwidth no auto-cost reference-bandwidth bandwidth [Parameter] bandwidth : <1-4294967> Bandwidth (Mbps) [Initial value] auto-cost reference-bandwidth 100 [Input mode] OSPFv3 mode [Description] Specifies the bandwidth value used when calculating the default metric value of the interface.
| Command Reference | Layer 3 functions Setting value Description always Notify default route information even if no default route information is held. If this is omitted, default external route information is advertised only if default route information is held. metric <0-16777214> Specifies the metric value used when advertising default external route information to the OSPF routing domain. If omitted, this is 10.
Command Reference | Layer 3 functions | 271 option : Option Setting value Description intra-area <1-254> Priority of route information within the area inter-area <1-254> Priority of route information between areas external <1-254> Priority of external routing information [Initial value] priority 110 [Input mode] OSPFv3 mode [Description] Sets priority of route taken from OSPF into FIB. If priority is specified, it is handled as the priority for all routing information. 7.12.
| Command Reference | Layer 3 functions area_id : Area ID Setting value Description A.B.C.D OSPF area ID in IPv4 address format <0-4294967295> OSPF area ID in four-octet integer format [Initial value] none [Input mode] OSPFv3 mode [Description] For the specified area, advertises the specified IP address as the stub host route. [Example] Advertise 1000::1 to area 1 as the stub host route. SWX3220(config-router)# host 1000::1 area 1 7.12.
Command Reference | Layer 3 functions | 273 7.12.44 Advertise the specified external route information to the OSPF area as an AS external LSA (OSPFv3) [Syntax] redistribute kind [option [option ...]] no redistribute kind [option [option ...]] [Parameter] kind option : : Type of route Setting value Description connected Applies to direct routes. ospf [process_id] Applies to route information held by OSPF. rip Applies to route information held by RIP. static Applies to static route information.
| Command Reference | Layer 3 functions Although several ways to specify the OSPF router ID are provided, the decision is based on the following priority order. 1. Value set by the router-id command or the ospf router-id command entered in OSPFv3 mode 2. Value set by the router-id command entered in global configuration mode 3.
Command Reference | Layer 3 functions | 275 [Description] For each interface, enables authentication within the area. If type is not specified, simple password authentication is used. In this case, use the ip ospf authentication-key command to specify the authentication key. If "message-digest" is specified as the type, MD5 digest authentication is used. In this case, use the ip ospf message-digest-key command to specify the authentication key.
| Command Reference | Layer 3 functions 7.12.50 Reduce LSA flooding for an interface [Syntax] ip ospf [ip_address] database-filter all out no ip ospf [ip_address] database-filter all out [Parameter] ip_address : IP address of interface (IPv4 format) [Initial value] none [Input mode] interface mode [Description] Reduces LSA flooding for the specified interface. 7.12.
Command Reference | Layer 3 functions | 277 Interval time (seconds) [Initial value] ip ospf hello-interval 10 [Input mode] interface mode [Description] Sets transmission interval of Hello packets. 7.12.
| Command Reference | Layer 3 functions [Parameter] ip_address : IP address of interface (IPv4 format) interval : <1-1800> Interval time (seconds) [Initial value] ip ospf retransmit-interval 5 [Input mode] interface mode [Description] Sets the time interval at which Link State Request, Link State Update, and Database Description packets are retransmitted. 7.12.
Command Reference | Layer 3 functions | 279 no ipv6 ospf dead-interval [instance-id id] [Parameter] interval : <1-65535> Interval time (seconds) id : <0-31><64-95> Instance ID [Initial value] ipv6 ospf dead-interval 40 [Input mode] interface mode [Description] Sets the time from when Hello packets are no longer received until the neighboring router is considered to be down. [Note] This command cannot be used if the stack function is enabled. 7.12.
| Command Reference | Layer 3 functions [Description] Sets the priority for selecting the designated router (DR). The device with the highest priority in the OSPF network is selected as the designated router. If there are multiple devices that have the same priority, the designated router is selected by router ID. If the priority is specified as 0, the device will not be selected as the designed router. [Note] This command cannot be used if the stack function is enabled. 7.12.
Command Reference | Layer 3 functions | 281 [Note] This command cannot be used if the stack function is enabled. 7.12.
| Command Reference | Layer 3 functions [Parameter] process_id : <0-65535> OSPF process ID [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows route information for Area Border Router (ABR) and AS border router (ASBR). If the process_id parameter is omitted, this applies to all currently running OSPF processes. 7.12.
Command Reference | Layer 3 functions | 283 [Description] Show ASBR summary LSA information (type 4) in the link state database. 7.12.70 Show AS external LSA information in the link state database (IPv4) [Syntax] show ip ospf [process_id] database external [condition] [Parameter] process_id : <0-65535> OSPF process ID condition : Information to show Setting value Description A.B.C.D Show only the LSAs that match the ID specified by the link state ID in the ASBR. adv-router A.B.C.
| Command Reference | Layer 3 functions [Parameter] process_id : <0-65535> OSPF process ID condition : Information to show Setting value Description A.B.C.D Show only the LSAs that match the ID specified by the link state ID in the ASBR. adv-router A.B.C.D Show only the LSAs of the IP address specified by the advertisement source. self-originate Show only the LSAs whose advertisement source is its own router ID.
Command Reference | Layer 3 functions | 285 Setting value Description A.B.C.D Show only the LSAs that match the ID specified by the link state ID in the ASBR. adv-router A.B.C.D Show only the LSAs of the IP address specified by the advertisement source. self-originate Show only the LSAs whose advertisement source is its own router ID. [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Show networkR summary LSA information (type 3) in the link state database. 7.12.
| Command Reference | Layer 3 functions [Parameter] process_id : <0-65535> OSPF process ID condition : Information to show Setting value Description A.B.C.D Show specified route information. A.B.C.D/M Show route information within the specified network. summary Show the route information summary. [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows OSPF routing table. 7.12.
Command Reference | Layer 3 functions | 287 7.12.81 Show OSPF process information (IPv6) [Syntax] show ipv6 ospf [process_id] [Parameter] process_id : <0-65535> OSPF process ID [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows OSPF process information. If the process_id parameter is omitted, information is shown for all currently running OSPF processes. [Note] This command cannot be used if the stack function is enabled. 7.12.
| Command Reference | Layer 3 functions [Description] Shows LSA information in the link state database matching the specified conditions. If conditions are not specified, all LSA information is shown. [Note] This command cannot be used if the stack function is enabled. 7.12.
Command Reference | Layer 3 functions | 289 [Note] This command cannot be used if the stack function is enabled. 7.12.86 Show Inter-Area-Router LSA information in the link state database (IPv6) [Syntax] show ipv6 ospf [process_id] database inter-router [condition] [Parameter] process_id : <0-65535> OSPF process ID condition : Information to show Setting value Description A.B.C.D Show only the LSAs that match the ID specified by the link state ID in the ASBR. adv-router A.B.C.
| Command Reference | Layer 3 functions 7.12.88 Show Link LSA information in the link state database (IPv6) [Syntax] show ipv6 ospf [process_id] database link [condition] [Parameter] process_id : <0-65535> OSPF process ID condition : Information to show Setting value Description A.B.C.D Show only the LSAs that match the ID specified by the link state ID in the ASBR. adv-router A.B.C.D Show only the LSAs of the IP address specified by the advertisement source.
Command Reference | Layer 3 functions | 291 [Parameter] process_id : <0-65535> OSPF process ID condition : Information to show Setting value Description A.B.C.D Show only the LSAs that match the ID specified by the link state ID in the ASBR. adv-router A.B.C.D Show only the LSAs of the IP address specified by the advertisement source. self-originate Show only the LSAs whose advertisement source is its own router ID.
| Command Reference | Layer 3 functions Setting value Description [detail] all Show information for all neighbors. If "detail" is specified, detailed information is shown. [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows OSPF neighbor information. [Note] This command cannot be used if the stack function is enabled. 7.12.
Command Reference | Layer 3 functions | 293 7.13 RIP 7.13.1 Move to RIP mode [Syntax] router rip no router rip [Input mode] global configuration mode [Description] Transition to RIP mode and make settings related to RIPv1 and RIPv2. [Note] If this command is executed with the "no" syntax, all RIP mode settings are deleted. To transition from RIP mode to global configuration mode, use the exit command. 7.13.
| Command Reference | Layer 3 functions [Parameter] metric : Metric value (for RIP mode : 1 .. 15, for RIPng mode : 1 .. 16) [Initial value] default-metric 1 [Input mode] RIP mode, RIPng mode [Description] Set default metric value when redistributing an external route in RIP. If a metric value has been specified by the redistribute command, the setting of the redistribute command takes priority. 7.13.
Command Reference | Layer 3 functions | 295 7.13.7 Set neighbor RIP router [Syntax] neighbor ip_address [vlan_interface] [Parameter] ip_address : IP address registered as neighbor vlan_interface : VLAN interface [Initial value] none [Input mode] RIP mode, RIPng mode [Description] Explicitly specifies the neighbor RIP router. RIP packets for the specified RIP router are transmitted as unicast. The vlan_interface parameter can be selected only in RIPng mode.
| Command Reference | Layer 3 functions metric : Setting value Description out out direction <0-16> Metric value vlan_interface : VLAN interface [Initial value] none [Input mode] RIP mode, RIPng mode [Description] Adds an offset metric value for route information that matches the specified access list. If this is specified with the "in" direction, the specified metric value is added when registering from the RIP routing table to the RIB.
Command Reference | Layer 3 functions | 297 metric : <0-16> Metric value [Initial value] none [Input mode] RIP mode, RIPng mode [Description] Redistributes the specified external route information to the RIP network. 7.13.
| Command Reference | Layer 3 functions [Initial value] none [Input mode] interface mode [Description] Specifies the key chain used for RIPv2 authentication. You must use the key chain command to create a key chain in advance. 7.13.15 Set authentication method used for RIPv2 [Syntax] ip rip authentication mode mode no ip rip authentication mode [mode] [Parameter] mode : Authentication method Setting value Description text Authenticate using a simple password. md5 Authenticate using MD5 digest.
Command Reference | Layer 3 functions | 299 Setting value Description enable If a route whose metric is 0 is received, it is applied to the routing information. disable If a route whose metric is 0 is received, it is not applied to the routing information. [Initial value] ip rip metric-zero-accept disable [Input mode] interface mode [Description] Sets the operation when a route whose metric is 0 is received. 7.13.
| Command Reference | Layer 3 functions The setting of this command takes priority over the setting of the version command. 7.13.20 Set RIP packet transmission [Syntax] ip rip send-packet mode no ip rip send-packet [mode] [Parameter] mode : RIP packet transmission Setting value Description enable Transmit RIP packets at the applicable interface. disable Don't transmit RIP packets at the applicable interface.
Command Reference | Layer 3 functions | 301 Setting value Description enable Enable split horizon. disable Disable split horizon. [Initial value] ip rip split-horizon enable [Input mode] interface mode [Description] Specifies whether split horizon is enabled or disabled. 7.13.23 Set poison reverse (IPv4) [Syntax] ip rip poison-reverse mode no ip rip poison-reverse [Parameter] mode : Poison reverse Setting value Description enable Enable poison reverse. disable Disable poison reverse.
| Command Reference | Layer 3 functions no ipv6 rip split-horizon [Parameter] mode : Split horizon Setting value Description enable Enable split horizon. disable Disable split horizon. [Initial value] ipv6 rip split-horizon enable [Input mode] interface mode [Description] Specifies whether split horizon is enabled or disabled. [Note] This command cannot be used if the stack function is enabled. 7.13.
Command Reference | Layer 3 functions | 303 7.13.28 Generate key chain used for RIPv2 authentication [Syntax] key chain key_name no key chain key_name [Parameter] key_name : Key chain name [Initial value] none [Input mode] global configuration mode [Description] Generates a key chain used for RIPv2 authentication. Also transitions to key chain mode in order to generate key information for the key chain. To transition from key chain key mode to global configuration mode, use the exit command. 7.13.
| Command Reference | Layer 3 functions no accept-lifetime [Parameter] start : Day and time at which to start accepting the "time date" key as valid Setting value Description time <0-23>:<0-59>:<0-59> Time at which to start accepting the key as valid date end : <1-31> month <1993-2035> Date on which to start receiving the key as valid "month" is the first three characters of the English name of the month Day and time at which to stop accepting the key as valid, or the duration of the term of v
Command Reference | Layer 3 functions | 305 Setting value Description Time at which to start transmitting the key as valid date end : <1-31> month <1993-2035> Date on which to start transmitting the key as valid "month" is the first three characters of the English name of the month Day and time at which to stop transmitting the key as valid, or the duration of the term of validity Setting value time date duration infinite Description Date and time at which to stop transmitting the key as valid The
| Command Reference | Layer 3 functions Setting value Description rip Deletes RIP routes from the RIP routing table. static Deletes static routes from the RIP routing table. [Input mode] privileged EXEC mode [Description] Deletes the specified type of route information from the RIP routing table. 7.13.
Command Reference | Layer 3 functions | 307 [Input mode] privileged EXEC mode [Description] Shows the RIP settings and status. 7.13.37 Show RIPng settings and status (IPv6) [Syntax] show ipv6 protocols rip [Input mode] privileged EXEC mode [Description] Shows the RIPng settings and status. [Note] This command cannot be used if the stack function is enabled. 7.13.38 Show RIP routing table (IPv4) [Syntax] show ip rip [Input mode] privileged EXEC mode [Description] Shows the RIP routing table. 7.13.
| Command Reference | Layer 3 functions [Input mode] privileged EXEC mode [Description] Shows the RIPng status for each interface. If VLAN interface is specified, only the RIPng status for the specified VLAN interface is shown. [Note] This command cannot be used if the stack function is enabled. 7.13.
Command Reference | Layer 3 functions | 309 SWX3220)#configure terminal SWX3220(config)#no router vrrp 1 vlan1 7.14.2 Move to VRRP mode(IPv6) [Syntax] router ipv6 vrrp vrid ifname no router ipv6 vrrp vrid ifname [Parameter] vrid : <1-255> Virtual router ID ifname : VLAN interface name [Initial value] none [Input mode] global configuration mode [Description] Transition to a mode for making VRRP settings. If the applicable virtual router has not been generated, it will be generated.
| Command Reference | Layer 3 functions [Example] Specify 5 seconds (500) as the interval at which advertisement packets are transmitted. SWX3220(config-router)#advertisement-interval 500 7.14.
Command Reference | Layer 3 functions | 311 [Description] Enables/disables the virtual router. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command cannot be used if the stack function is enabled. [Example] Enable the virtual router. SWX3220(config-router)#virtual-router enable 7.14.
| Command Reference | Layer 3 functions priority 100 (if the virtual-ip command is not set with the "owner" keyword) [Input mode] VRRP mode [Description] Set the virtual router's priority order. If the virtual-ip command is set with the "owner" keyword, this cannot be changed from the default value (255). If the virtual-ip command is not set with the "owner" keyword, this can be set in the range of 1-254. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | Layer 3 functions | 313 no virtual-ipv6 [Keyword] owner : Specify this only if setting the same IPv6 address as the IPv6 address of the VLAN interface specified by the router vrrp command. : X:X::X:X [Parameter] ipv6_address IPv6 address [Initial value] no virtual-ipv6 [Input mode] VRRP mode [Description] Set the virtual IP address. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Layer 3 functions Operational primary IP address: 192.168.100.240 Operational master IP address: 192.168.100.240 Priority not configured; Current priority: 100 Advertisement interval: 100 centi sec Master Advertisement interval: 100 centi sec Skew time: 60 centi sec Accept mode: FALSE Preempt mode: TRUE Monitored circuit: vlan10, Priority Delta: 30, Status: UP Multicast membership on IPv4 interface vlan1: JOINED V2-Compatible: FALSE 7.14.
Command Reference | Layer 3 functions | 315 [Example] Show statistical information for virtual router #1 of VLAN #1.
| Command Reference | Layer 3 functions 7.15.
Command Reference | Layer 3 functions | 317 [Parameter] line : Comment to add Up to 32 ASCII characters can be specified [Initial value] none [Input mode] Route map mode [Description] This adds a comment (remark) to the route map. If this is executed with the "no" syntax, the comment is deleted from the route map. [Note] If a comment has already been set, any succeeding comments will overwrite that comment. [Example] Creates a route map and adds the “Test” comment.
| Command Reference | Layer 3 functions 7.15.4 Processing content (IPv4 forwarding destination) settings for route map entries [Syntax] set ip next-hop ip_address no set ip next-hop [ip_address] [Parameter] ip_address : A.B.C.D IPv4 address for forwarding [Initial value] none [Input mode] Route map mode [Description] Sets the processing content (IPv4 forwarding destination) for route map entries.
Command Reference | Layer 3 functions | 319 [Note] On entries with “set ipv6 next-hop” settings, packets received that match the application parameters (match) will be forwarded to the next hop. However, when the IPv6 address of the next hop does not exist in the ARP cache, packets are forwarded using the usual routing function. Only one processing content (set) can be set for the entry, and an error will occur if the command is executed in the case where processing contents are already set.
| Command Reference | Layer 3 functions [Parameter] route-map-id : <1-4094> Route map ID [Initial value] none [Input mode] interface mode [Description] This applies the route map for IPv4 to the interface. If this is executed with the "no" syntax, the application of the route map is cleared from the interface. [Note] The types of interfaces to which this can be adapted are as follows. • VLAN interface Route maps that can be applied to an interface include up to one for IPv4 and IPv6 each.
Command Reference | Layer 3 functions | 321 Route maps that can be applied to an interface include up to one for IPv4 and IPv6 each. If a route map has already been applied, an error will occur. An error will also occur if no valid entries exist. The conditions for valid entries are shown below.
| Command Reference | Layer 3 functions [Parameter] route-map-id : <1-4094> Rute map ID [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows information for the registered route map. When “route-map-id” has been omitted, information for all route maps will be displayed. [Example] Shows information for all route maps. SWX3220#show route-map Route Map 100 Description: 10 permit Match clauses: access-list 1 Set clauses: ip next-hop 10.0.0.
Command Reference | Layer 3 functions | 323 7.15.12 Show IPv6 PBR information [Syntax] show ipv6 route pbr [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Displays the route map information to be applied as IPv6 for each interface. [Note] Displays all entries of the applied route map (including invalid entries and entries for which the next hop does not exist in the ARP cache). This command cannot be used if the stack function is enabled.
| Command Reference | IP multicast control Chapter 8 IP multicast control 8.1 IP multicast basic settings 8.1.1 Set IP multicast routing [Syntax] ip multicast-routing no ip multicast-routing [Initial value] no ip multicast-routing [Input mode] global configuration mode [Description] Enables IP multicast routing. If this command is executed with the "no" syntax, the IP multicast routing is disabled. [Example] Enable the IP multicast routing. SWX3220(config)#ip multicast-routing 8.1.
Command Reference | IP multicast control | 325 8.1.3 Set RFP check unicast routing information [Syntax] ip mroute source/mask [protocol] rpfneighbor [distance] no ip mroute source/mask [protocol] [Parameter] source : IPv4 address of multicast sender (A.B.C.D) mask : <0-32> Number of mask bits protocol : Unicast routing protocol Setting value Description rip Specifies RIP for the unicast routing protocol ospf Specifies OSPF for the unicast routing protocol rpfneighbor : RPF address ( A.B.C.
| Command Reference | IP multicast control If the threshold value for a warning has been set, a warning message will be output when the threshold value has been exceeded. Set the threshold value for warnings to a value equal to or lower than the maximum number of entries for IP multicast routing. If this command is executed with the "no" syntax, the maximum number and threshold value are both 2147483647.
Command Reference | IP multicast control | 327 Owner PIM-DM, Flags: TF Incoming interface: vlan2 Outgoing interface list: vlan1 (1) SWX3220#show ip mroute 239.1.1.5 IP Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (TTL) (192.168.100.2, 239.1.1.5), uptime 00:02:26, stat expires 00:01:04 Owner PIM-DM, Flags: TF Incoming interface: vlan1 Outgoing interface list: vlan2 (1) SWX3220#show ip mroute 239.1.1.5 192.168.
| Command Reference | IP multicast control [Example] Show the information for virtual interfaces used for IP multicasts. SWX3220#show ip mvif Interface Vif Owner TTL Local Remote Uptime Idx Module Address Address vlan1 1 PIM-DM 1 192.168.100.100 0.0.0.0 00:00:05 vlan2 2 PIM-DM 1 192.168.200.100 0.0.0.0 00:38:25 SWX3220#show ip mvif vlan1 Interface Vif Owner TTL Local Remote Uptime Idx Module Address Address vlan1 1 PIM-DM 1 192.168.100.100 0.0.0.0 00:00:44 8.1.
Command Reference | IP multicast control | 329 SWX3220# clear ip mroute 225.1.1.1 8.1.9 Set processing method for unknown multicast frames [Syntax] l2-unknown-mcast mode [Parameter] mode : Sets the processing method for multicast frames Setting value Description discard Discard flood Flood [Initial value] l2-unknown-mcast flood [Input mode] global configuration mode [Description] Specifies the processing method for multicast frames that are not registered in the MAC address table.
| Command Reference | IP multicast control Disable IGMP snooping for VLAN #2. SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#ip igmp snooping disable 8.2.2 Set IGMP snooping fast-leave [Syntax] ip igmp snooping fast-leave no ip igmp snooping fast-leave [Initial value] none [Input mode] interface mode [Description] Enables IGMP snooping fast-leave for the interface. If this is executed with the "no" syntax, IGMP snooping fast-leave is disabled.
Command Reference | IP multicast control | 331 SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#ip igmp snooping mrouter interface port1.8 Remove LAN port #8 as a connection destination of the multicast router. SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#no ip igmp snooping mrouter interface port1.8 8.2.
| Command Reference | IP multicast control SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#ip igmp snooping query-interval 30 Return the VLAN #2 query transmission interval to the default setting. SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#no ip igmp snooping query-interval 8.2.
Command Reference | IP multicast control | 333 [Description] Sets the IGMP version. If this command is executed with the "no" syntax, the IGMP version returns to the default setting (V3). [Note] This command can be specified only for VLAN interface. Also, this can be specified only if IGMP snooping is enabled. If an IGMP packet of a different version than this setting is received, the following action occurs.
| Command Reference | IP multicast control [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows IGMP group membership information. [Example] Show IGMP group membership information. SWX3220#show ip igmp snooping groups IGMP Snooping Group Membership Group source list: (R - Remote, S - Static) Vlan Group/Source Address Interface Reporter Version 1 239.255.255.250 port1.5 192.168.100.11 V3 Flags R Show detailed IGMP group membership information.
Command Reference | IP multicast control | 335 8.2.11 Clear IGMP group membership entries [Syntax] clear ip igmp snooping clear ip igmp snooping group A.B.C.D clear ip igmp snooping interface ifname [Keyword] group : Specifies the multicast group address to be cleared interface : Specifies the VLAN interface to be cleared : Multicast group address [Parameter] A.B.C.
| Command Reference | IP multicast control SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#ipv6 mld snooping enable Disnable MLD snooping for VLAN #2. SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#ipv6 mld snooping disable 8.3.2 Set MLD snooping fast-leave [Syntax] ipv6 mld snooping fast-leave no ipv6 mld snooping fast-leave [Initial value] none [Input mode] interface mode [Description] Enables MLD snooping fast-leave for the interface.
Command Reference | IP multicast control | 337 SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#ipv6 mld snooping mrouter interface port1.8 Remove LAN port #8 as a connection destination of the multicast router. SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#no ipv6 mld snooping mrouter interface port1.8 8.3.
| Command Reference | IP multicast control SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#ipv6 mld snooping query-interval 30 Return the VLAN #2 query transmission interval to the default setting. SWX3220#configure terminal SWX3220(config)#interface vlan2 SWX3220(config-if)#no ipv6 mld snooping query-interval 8.3.
Command Reference | IP multicast control | 339 [Example] Show multicast router connection port information for VLAN #2. SWX3220#show ipv6 mld snooping mrouter vlan2 VLAN Interface IP-address Expires 2 port1.11(dynamic) fe80::ae44:f2ff:fe30:291 00:01:04 8.3.
| Command Reference | IP multicast control [Description] Show a VLAN interface's MLD-related information. [Example] Show MLD-related information for VLAN #1.
Command Reference | IP multicast control | 341 [Parameter] mode : PIM operation mode Setting value Description dense-mode Enables PIM-DM. sparse-mode Enables PIM-SM. [Initial value] none [Input mode] interface mode [Description] When dense-mode is specified, this enables PIM-DM; and when sparse-mode is specified, this enables PIM-SM for the applicable interface. If this command is executed with the "no" syntax, the function is disabled. The same operation mode must be used on all VLAN interfaces.
| Command Reference | IP multicast control If Hello Holdtime is less than Hello Period as a result of the Hello Period setting value being changed with this command, Hello Holdtime will be updated to (Hello Period x 3.5) seconds. [Example] This sets the Hello message transmission interval to 20 seconds. SWX3220(config)#interface vlan2 SWX3220(config-if)#ip pim hello-interval 20 8.4.
Command Reference | IP multicast control | 343 [Note] For the IPv4 access list, specify permit to form a neighboring relationship with PIM neighbors, and deny to prevent forming a neighboring relationship. [Example] Prevent a neighboring relationship to be formed with a PIM router that has an IP address of 192.168.1.10. SWX3220(config)#interface vlan1 SWX3220(config-if)#ip pim neighbor-filter 10 SWX3220(config-if)#exit SWX3220(config)#access-list 10 deny any 192.168.1.10 0.0.0.
| Command Reference | IP multicast control 8.4.7 Set static RP [Syntax] ip pim rp-address address [listnum] no ip pim rp-address address [listnum] [Parameter] address : RP IP address ( A.B.C.D ) listnum : <1-2000> ID of IPv4 access list [Initial value] none [Input mode] global configuration mode [Description] Statically sets the rendezvous point (RP). If this command is executed with the "no" syntax, deletes static RP information. [Note] Multiple static RPs can be registered.
Command Reference | IP multicast control | 345 Priority for RP selection [Initial value] none [Input mode] global configuration mode [Description] Sets the interface that will operate as a candidate rendezvous point (C-RP). If this command is executed with the "no" syntax, disables operations as a C-RP. [Note] If both the RP that was learned by the BSR and the static RP exist simultaneously, the RP that was learned by the BSR is given priority for use.
| Command Reference | IP multicast control Hash mask length when RP is selected priority : <0-255> BSR priority order [Initial value] none [Input mode] global configuration mode [Description] Enables operations as a candidate bootstrap router (C-BSR), using the IP address configured for the interface. The BSR performs mapping of the multicast group and rendezvous point (RP). The higher the BSR priority, the greater the likelihood of selection as a BSR.
Command Reference | IP multicast control | 347 8.4.13 Set source IP address for Register messages [Syntax] ip pim register-source address ip pim register-source ifname no ip pim register-source [Parameter] address : Register message source IP address (A.B.C.D) ifname : Interface name. The IP address of the specified interface will be used as the source IP address for Register messages.
| Command Reference | IP multicast control 8.4.15 Set upper limit value of the Register message transmission rate [Syntax] ip pim register-rate-limit limit no ip pim register-rate-limit [Parameter] limit : <1-65535> The upper limit for the number of packets that can be transmitted within 1 second.
Command Reference | IP multicast control | 349 no ip pim register-suppression [Parameter] time : <1-65535> Register message transmission standby time (seconds.) [Initial value] ip pim register-suppression 60 [Input mode] global configuration mode [Description] Sets the Register Suppression Timeout time before resending a Register message after receiving a Register-Stop message. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | IP multicast control [Input mode] global configuration mode [Description] Sets the (S, G) entry Keepalive Timer (KAT) on the rendezvous point (RP). When the number of seconds on the KAT have elapsed after data traffic has stopped, the Join status on the (S, G) entries is deleted. If this command is executed with the "no" syntax, the setting returns to the default.
Command Reference | IP multicast control | 351 [Initial value] none [Input mode] global configuration mode [Description] Enables the PIM-SSM (Source Specific Multicast). When "default" is specified, 232.0.0.0/8 is used for the SSM range, and the standard IPv4 access list can be used to specify the desired SSM range. If this command is executed with the "no" syntax, disables PIM-SSM and deletes the settings for the SSM range.
| Command Reference | IP multicast control [Input mode] interface mode [Description] Sets the Graft message maximum resend count for applicable interfaces on which PIM-DM is enabled. If this command is executed with the "no" syntax, messages continue to be resent until a Graft Ack message is received. [Example] Set the Graft message maximum resend count to 5. SWX3220(config)# interface vlan2 SWX3220(config-if)# ip pim graft-retransmit 5 8.4.
Command Reference | IP multicast control | 353 no ip pim register-rp-reachability [Initial value] none [Input mode] global configuration mode [Description] Enables checking of RP-reachability messages. If this command is executed with the "no" syntax, RP-reachability messages will not be checked. [Example] Enable checking of RP-reachability messages. SWX3220(config)#ip pim register-rp-reachability 8.4.
| Command Reference | IP multicast control State refresh origination interval is 3 seconds Propagation delay is 500 milli-seconds Neighbors: 192.168.110.1 PIM neighbor count: 1 PIM configured DR priority: 1 PIM border interface: no PIM Neighbor policy: not configured vlan130 (vif 2): Address 192.168.130.
Command Reference | IP multicast control | 355 [Parameter] group : Multicast group address (A.B.C.D; only when PIM-SM is used) source : Source IPv4 address (A.B.C.D; only when PIM-SM is used) [Initial value] none [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the IP multicast routing information base. [Example] Show the IP multicast routing information base when PIM-DM is in operation. SWX3220#show ip pim mroute PIM-DM Multicast Routing Table (192.168.30.100, 239.0.0.
| Command Reference | IP multicast control Upstream State: NOT PRUNED Local ................................ Pruned ................................ Outgoing ..o............................. Show detailed information for the IP multicast routing information base when PIM-SM is in operation. SWX3220#show ip pim mroute 239.0.0.1 detail (*, 239.0.0.1) Uptime: 00:13:40 RP: 192.168.120.1, RPF nbr: 192.168.110.
Command Reference | IP multicast control | 357 192.168.110.1 192.168.130.2 vlan110 vlan130 02:14:48/00:01:28 00:37:50/00:01:27 v2 v2 N / N / Uptime/Expires Ver 00:19:30/00:01:40 v2 DR Priority/Mode 1 / Show the detailed PIM neighbor information when PIM-DM is in operation. SWX3220#show ip pim neighbor detail Nbr 192.168.110.1 (vlan110) Expires in 88 seconds, uptime 02:15:48 Nbr 192.168.130.
| Command Reference | IP multicast control [Initial value] none [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the rendezvous point (RP) information. [Example] Shows the static rendezvous point (RP) information. SWX3220#show ip pim rp mapping PIM Group-to-RP Mappings Group(s): 238.0.0.0/8, Static RP: 172.17.10.1 Uptime: 00:00:13 Group(s): 239.0.0.0/8, Static RP: 172.17.10.2 Uptime: 00:00:23 Shows the dynamic rendezvous point (RP) information.
Command Reference | IP multicast control | 359 [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the bootstrap router (BSR) information. [Example] Show the BSR information (during non-BSR operations). SWX3220#show ip pim bsr-router PIMv2 Bootstrap information BSR address: 192.168.120.1 Uptime: 00:20:37, BSR Priority: 70, Hash mask length: 0 Expires: 00:01:33 Role: Non-candidate BSR State: Accept Preferred Show the BSR information (during BSR operations).
| Command Reference | IP multicast control [Initial value] ip igmp disable [Input mode] interface mode [Description] Enables IGMP on the applicable interface, even when multicast routing protocols such as PIM are not in effect. When multicast routing protocols are in effect, IGMP will be enabled regardless of the settings for this command.
Command Reference | IP multicast control | 361 [Description] Sets the transmission interval for General Membership Query (Query Interval) on the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This should be set to a greater value than the setting in the ip igmp query-max-response-time command. [Example] Set the transmission interval for the General Membership Query to 120 seconds.
| Command Reference | IP multicast control SWX3220(config)#interface vlan2 SWX3220(config-if)#ip igmp last-member-query-interval 2000 8.5.6 Set Last Member Query Count [Syntax] ip igmp last-member-query-count count no ip igmp last-member-query-count [Parameter] count : <2-7> Number of times to transmit group-specific queries on the applicable interface, after receiving a Leave Group message.
Command Reference | IP multicast control | 363 8.5.8 Set Robustness Variable [Syntax] ip igmp robustness-variable variable no ip igmp robustness-variable [Parameter] variable : <2-7> Parameter that indicates robustness against packet loss. [Initial value] ip igmp robustness-variable 2 [Input mode] interface mode [Description] Sets the Robustness Variable of the IGMP operating parameter for the applicable interface.
| Command Reference | IP multicast control 8.5.10 Set source address check for IGMP packets [Syntax] ip igmp check source-address type no ip igmp check source-address [Parameter] type : Address check operations Setting value Description disable Disables source address checking enable Enables source address checking [Input mode] interface mode [Description] If disable is specified, this disables IGMP packet (Report/Leave message) source address checking for the applicable interface.
Command Reference | IP multicast control | 365 8.5.
| Command Reference | IP multicast control [Note] The IP address of the multicast sender can be specified only when using IGMPv3. Setting this command will determine that a multicast receiver statically exists on the applicable interface, and the multicast traffic will be forwarded. However, this unit will not receive multicast traffic, and an IGMP report will not be transmitted. [Example] Add a static IGMP group member (multicast group: 226.1.2.4; multicast sender: 10.0.0.1).
Command Reference | IP multicast control | 367 [Description] Sets the static entries for IGMP SSM mapping. The IPv4 address of a multicast sender can be associated with the multicast group specified in the IPv4 access list. This will cause the requests for membership to the relevant IGMPv2 group to be processed as requests for membership, with which the associated source address is specified. If this command is executed with the "no" syntax, deletes the specified static entry.
| Command Reference | IP multicast control [Description] Set the applicable interface as an IGMP proxy upstream interface (multicast router side). If this command is executed with the "no" syntax, disables the operations of the IGMP proxy as a upstream interface. [Note] When using the IGMP proxy function, the following settings should be made. • Enable the multicast routing function using the ip multicast-routing command.
Command Reference | IP multicast control | 369 [Parameter] ifname : Interface name [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows IGMP-related information for a specified interface or for all interfaces. [Example] Show IGMP-related information for all interfaces on which IGMP is enabled. SWX3220#show ip igmp interface Interface vlan1 (Index 301) IGMP Enabled, Active, Querier, Version 3 (default) Internet address is 192.168.100.
| Command Reference | IP multicast control [Keyword] groups : Shows the IGMP proxy group information. detail : Detailed information groups : Multicast group address (A.B.C.D) ifname : VLAN interface name [Parameter] [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows IGMP-related information for interfaces on which the IGMP proxy is enabled. [Example] Show IGMP-related information for all interfaces on which the IGMP proxy is enabled.
Command Reference | IP multicast control | 371 SWX3220#clear ip igmp group 224.1.1.
| Command Reference | Traffic control Chapter 9 Traffic control 9.1 ACL 9.1.1 Generate IPv4 access list [Syntax] access-list ipv4-acl-id [seq_num] action protocol src-info [src-port] dst-info [dst-port] [ack] [fin] [psh] [rst] [syn] [urg] no access-list ipv4-acl-id [seq_num] [action protocol src-info [src-port] dst-info [dst-port] [ack] [fin] [psh] [rst] [syn] [urg]] [Keyword] ack : If tcp is specified as the protocol, the ACK flag of the TCP header is specified as a condition.
Command Reference | Traffic control | 373 Setting value src-port : Description A.B.C.D/M Specifies an IPv4 address (A.B.C.D) with subnet mask length (Mbit) host A.B.C.D Specifies a single IPv4 address (A.B.C.D) any Applies to all IPv4 addresses <0-65535> If protocol is specified as tcp or udp, this specifies the transmission source port number <0-65535> that is the condition. This can also be omitted.
| Command Reference | Traffic control SWX3220(config)#access-list 1 deny any 192.168.1.0 0.0.0.255 host 172.16.1.1 Delete IPv4 access list #1. SWX3220(config)#no access-list 1 9.1.2 Add comment to IPv4 access list [Syntax] access-list ipv4-acl-id description line no access-list ipv4-acl-id description [Parameter] ipv4-acl-id : <1-2000> ID of IPv4 access list to which a comment will be added line : Comment to add.
Command Reference | Traffic control | 375 If the received/transmitted frame matches the conditions in the access list, the action in the access list will be the action (permit, deny) for the corresponding frame. If this command is executed with the "no" syntax, the applied access list is deleted from both LAN/SFP port and logical interface. [Note] Only one access list for each direction can be registered for incoming frames (in) and for outgoing frames (out) on the same interface.
| Command Reference | Traffic control To apply the generated access list, use the access-group command of interface mode. If the "no" syntax is used to specify "action" and following, the IPv6 access list that matches all conditions is deleted. If the "no" syntax is used without specifying "action" and following, the IPv6 access list of the matching ID of access list is deleted. [Note] An access list that is applied to LAN/SFP port and logical interface cannot be deleted using the "no" syntax.
Command Reference | Traffic control | 377 Setting value Description in Apply to received frames out Apply to transmitted frames [Initial value] none [Input mode] interface mode [Description] Applies an IPv6 access list to both LAN/SFP port and logical interface. If the received/transmitted frame matches the conditions in the access list, the action in the access list will be the action (permit, deny) for the corresponding frame.
| Command Reference | Traffic control Setting value dst-info : Description HHHH.HHHH.HHHH WWWW.WWWW.WWWW Specifies the MAC address (HHHH.HHHH.HHHH) with wildcard bits (WWWW.WWWW.WWWW) host HHHH.HHHH.HHHH Specifies an individual MAC address (HHHH.HHHH.HHHH) any Applies to all MAC addresses Specifies the destination MAC address information that is the condition Setting value Description HHHH.HHHH.HHHH WWWW.WWWW.WWWW Specifies the MAC address (HHHH.HHHH.HHHH) with wildcard bits (WWWW.WWWW.
Command Reference | Traffic control | 379 [Initial value] none [Input mode] global configuration mode [Description] Adds a comment (remark) to the already-generated MAC access list. If this is executed with the "no" syntax, the comment is deleted from the MAC access list. [Note] You can use this command to add a comment even after the access list has been applied to LAN/SFP port and logical interface. (The last-written comment overwrites the previous one.
| Command Reference | Traffic control 9.1.10 Show generated access list [Syntax] show access-list [acl_id] [Parameter] acl-id : <1-2000>, <2001-3000>, <3001-4000> ID of access list [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows the registered access list. If acl-id is omitted, all access lists are shown.
Command Reference | Traffic control | 381 [Example] Show a list. SWX3220>show access-group Interface port1.1 : IPv4 access group 1 in Interface port1.7 : IPv6 access group 3002 in Interface port1.8 : MAC access group 2001 in 9.1.
| Command Reference | Traffic control SWX3220(config)#access-list 2 deny any 192.168.0.1/32 any SWX3220(config)#vlan access-map VAM001 SWX3220(config-vlan-access-map)#match access-list 2 9.1.
Command Reference | Traffic control | 383 The following items are shown. • Name of the VLAN access map • Access list applied to VLAN access map [Example] Show VLAN access map information. SWX3220>show vlan access-map Vlan access-map VAM001 match ipv4 access-list 2 9.1.17 Show VLAN access map filter [Syntax] show vlan filter [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Show VLAN access map filter application information. The following items are shown.
| Command Reference | Traffic control SWX3220(config)#qos enable Disable QoS. SWX3220(config)#qos disable 9.2.2 Set default CoS [Syntax] qos cos value no qos cos [Parameter] value : <0-7> Default CoS value [Initial value] qos cos 0 [Input mode] interface mode [Description] Sets the default CoS of LAN/SFP port and logical interface. If this is executed with the "no" syntax, the default value (CoS=0) is specified.
Command Reference | Traffic control | 385 [Input mode] interface mode [Description] Specifies the trust mode of LAN/SFP port and logical interface. If this is executed with the "no" syntax, the default value (CoS trust mode) is specified. In the case of "CoS" trust mode, the CoS value of incoming frames is used to determine the egress queue. In the case of "DSCP," the DSCP value of incoming frames is used to determine the egress queue.
| Command Reference | Traffic control 9.2.5 Show QoS information for interface [Syntax] show qos interface [ifname] [Parameter] ifname : Name of the LAN/SFP port or logical interface. If this is omitted, the command applies to all ports. Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows QoS settings for the specified interface. The following content is shown.
Command Reference | Traffic control | 387 Special Queue Assignment: Sent From CPU: Queue7 Show the QoS settings of LAN port #1. (trust mode DSCP) SWX3220#show qos interface port1.
| Command Reference | Traffic control no qos cos-queue [Parameter] cos-value : <0-7> CoS value of conversion source queue-id : <0-7> Egress queue ID corresponding to CoS value [Initial value] See [Note] [Input mode] global configuration mode [Description] Specifies the values of the CoS - egress queue ID conversion table that is used to determine the egress queue. If this is executed with the "no" syntax, the egress queue ID for the specified CoS value is returned to the default setting.
Command Reference | Traffic control | 389 [Description] Specifies the values of the DSCP - egress queue ID conversion table that is used to determine the egress queue. If this is executed with the "no" syntax, the egress queue ID for the specified DSCP value is returned to the default setting. The DSCP - egress queue ID conversion table is used when the trust mode is set to DSCP. [Note] In order to execute this command, QoS must be enabled.
| Command Reference | Traffic control SWX3220#interface port1.1 SWX3220(config-if)#qos port-priority-queue 4 9.2.
Command Reference | Traffic control | 391 If the specified class map has already been generated, the change is applied to the previous settings. However, if a policy map has been applied to LAN/SFP port and logical interface, then the class map that is associated with the policy map cannot be edited or deleted. [Example] Create class map "class1." SWX3220(config)#class-map class1 SWX3220(config-cmap)# 9.2.
| Command Reference | Traffic control 9.2.13 Set traffic classification conditions (access-list) [Syntax] match access-list acl-id no match access-list acl-id [Parameter] acl-id : <1 - 2000> IPv4 access list ID : <2001 - 3000> MAC access list ID : <3001 - 4000> IPv6 access list ID [Input mode] class map mode [Description] Uses the access list as the conditions to classify the traffic class.
Command Reference | Traffic control | 393 9.2.15 Set traffic classification conditions (TOS precedence) [Syntax] match ip-precedence tos-list no match ip-precedence [Parameter] tos-list : <0 - 7> Value of the IP header's TOS precedence field used as a classification condition. Up to eight can be registered. [Input mode] class map mode [Description] Uses the value of the IP header's TOS precedence field as a condition to classify the traffic class.
| Command Reference | Traffic control [Keyword] tagged : Set conditional VLAN tagging untagged : Set conditional VLAN untagging [Parameter] type : Specifies the type of the Ethernet frame. Setting value Description 0xXXXX Hexadecimal expression of type value any All frame [Input mode] class map mode [Description] Uses the Ethernet frame's type value and the presence of a VLAN tag as the conditions to classify the traffic class.
Command Reference | Traffic control | 395 [Parameter] id-start : <1 - 4094> Starting VLAN ID value used as classification condition. id-end : <1 - 4094> Ending VLAN ID value used as classification condition. The range from the specified starting value to the ending value can be a maximum of 30. [Input mode] class map mode [Description] Uses the VLAN ID as the condition to classify the traffic class. To delete the classification condition, use the no match vlan command.
| Command Reference | Traffic control Class-Map Name: class1 Match vlan 10 9.2.21 Generate policy map for received frames [Syntax] policy-map name no policy-map name [Parameter] name : Name of policy map (maximum 32 characters; uppercase and lowercase are distinguished) [Input mode] global configuration mode [Description] Generates a policy map. The policy map combines the following processing for received frames, for each traffic class.
Command Reference | Traffic control | 397 [Input mode] interface mode [Description] Applies the policy map to the corresponding LAN/SFP port and logical interface. If this is executed with the "no" syntax, the policy map is deleted from the LAN/SFP port and logical interface. [Note] In order to execute this command, QoS must be enabled. If a policy map has already been applied to the LAN/SFP port and logical interface, an error occurs.
| Command Reference | Traffic control [Description] Changes the CoS value of the classified traffic class to the specified CoS value. In addition, reassign the egress queue according to the egress queue ID table that corresponds to the trust mode. If this is executed with the "no" syntax, pre-marking processing of the CoS value corresponding to the traffic class is removed. [Note] In order to execute this command, QoS must be enabled.
Command Reference | Traffic control | 399 SWX3220(config-pmap-c)#set ip-precedence 5 SWX3220(config-pmap-c)#exit SWX3220(config-pmap)#exit SWX3220(config)#interface port1.1 SWX3220(config-if)#service-policy input policy1 9.2.25 Set pre-marking (DSCP) [Syntax] set ip-dscp value no set dscp [Parameter] value : <0 - 63> DSCP value specified by pre-marking [Input mode] policy map class mode [Description] Changes the DSCP value of the classified traffic class to the specified DSCP value.
| Command Reference | Traffic control [Keyword] single-rate : Use single-rate policer : <1 - 102300000> [Parameter] CIR Traffic rate (kbps) CBS : <11 - 2097120> Burst size of conformant token bucket (kbyte) EBS : <11 - 2097120> Burst size of excess token bucket (kbyte) action : Operation for packets categorized by bandwidth class Setting value Operation transmit Forward drop Discard remark Remarking (CoS/TOS/DSCP) [Input mode] policy map class mode [Description] Specifies individua
Command Reference | Traffic control | 401 SWX3220(config-pmap-c)#police 48 12 12 yellow-action remark red-action drop SWX3220(config-pmap-c)#remark-map yellow ip-dscp 10 SWX3220(config-pmap-c)#exit SWX3220(config-pmap)#exit SWX3220(config)#interface port1.1 SWX3220(config-if)#service-policy input policy1 9.2.
| Command Reference | Traffic control [Example] Make the following settings for received frames of LAN port #1 • Permit traffic from the 10.1.0.0 network • Categorize bandwidth classes as CIR:48kbps, PIR:96kbps, CBS:12kbyte, and PBS:12kbyte • Green: forward, Yellow: rewrite DSCP value to 10, Red: discard [Traffic class definition] SWX3220(config)#ip-access-list 1 permit 10.1.0.0 0.0.255.
Command Reference | Traffic control | 403 [Note] In order to execute this command, QoS must be enabled. Remarking can be used in conjunction with pre-marking and specifying the egress queue. Up to four user-defined values may be used for pre-marking/remarking to a DSCP value not recommended in the RFC. The following table shows the DSCP values that are recommended in the RFC.
| Command Reference | Traffic control • • On the SWX3200-52GT, logical interfaces that group ports 1 - 24, 49, 50 with ports 25 - 48, 51, 52 Logical interfaces that are grouped across member switches constituting a stack [Example] Generate aggregate policer "AGP-01". SWX3220(config)#aggregate-police AGP-01 SWX3220(config-agg-policer)# 9.2.
Command Reference | Traffic control | 405 • • Executing metering by SrTCM with CIR:48kbps, CBS:12kbyte, and EBS:12kbyte Yellow: rewrite DSCP value to 10, Red: discard [Aggregate policer creating] SWX3220(config)#aggregate-police AGP-01 SWX3220(config-agg-policer)#police single-rate 48 12 12 yellow-action remark redaction drop SWX3220(config-agg-policer)#remark-map yellow ip-dscp 10 SWX3220(config-agg-policer)#exit 9.2.
| Command Reference | Traffic control [Example] Create an aggregate policer "AGP-01". • Executing metering by TrTCM with CIR:48kbps, PIR:96kbps, CBS:12kbyte, and EBS:12kbyte • Yellow: rewrite DSCP value to 10, Red: discard [Aggregate policer creating] SWX3220(config)#aggregate-police AGP-01 SWX3220(config-agg-policer)#police twin-rate 48 96 12 12 yellow-action remark redaction drop SWX3220(config-agg-policer)#remark-map yellow ip-dscp 10 SWX3220(config-agg-policer)#exit 9.2.
Command Reference | Traffic control | 407 PHB DSCP value RFC default 0 2474 Class Selector 0, 8, 16, 24, 32, 40, 48, 56 2474 Assured Forwarding 10, 12, 14, 18, 20, 22, 26, 28, 30, 34, 36, 2597 38 Expedited Forwarding(EF) 46 2598 [Example] Make the following settings for aggregate policer "AGP-01".
| Command Reference | Traffic control [Description] Specifies an aggregate policer for a traffic class. If this is executed with the "no" syntax, the aggregate policer settings for the traffic class are removed. This cannot be used in conjunction with an individual policer (the police single-rate and police twin-rate commands of policy map class mode). [Note] In order to execute this command, QoS must be enabled. Metering cannot be performed on the following logical interfaces.
Command Reference | Traffic control | 409 [Example] Show the metering totals for LAN port #1. SWX3220#show qos metering-counters port1.1 Interface: port1.1(policy1) ****** Individual ****** Class-map : class1 Green Bytes : 178345 Yellow Bytes : 0 Red Bytes : 0 ****** Aggregate ******* Aggregate-policer: AGP-01 Class-map : class2 class3 Green Bytes : 28672 Yellow Bytes : 2048 Red Bytes : 51552 9.2.
| Command Reference | Traffic control Egress queue specification based on CoS is only for CoS trust mode. If a policy map contains even one class map that includes this command, that policy map cannot be applied to a port that uses DSCP trust mode. [Example] Make the following settings for received frames of LAN port #1 • Permit traffic from the 10.1.0.0 network • Change the classified traffic class to egress queue 3 (CoS:3) [Traffic class definition] SWX3220(config)#access-list 1 permit any 10.1.0.0 0.
Command Reference | Traffic control | 411 SWX3220(config)#interface port1.1 SWX3220(config-if)#service-policy input policy1 9.2.39 Show policy map information [Syntax] show policy-map [name] [Parameter] name : Policy map name. If this is omitted, all policy map information is shown. [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows information for the specified policy map. The following content is shown.
| Command Reference | Traffic control Item Description burst size Burst size of conformant token bucket (kBytes) peak burst size Burst size of peak token bucket (kBytes) Action for bandwidth class Yellow (transmit/drop/remark) red-action Action for bandwidth class Red (drop/ remark) • • yellow-action Of the various items in the "Match" and the "Set", only the single item that has been specified is shown.
Command Reference | Traffic control | 413 Item Display information edit/erase Whether policy-map/no policy-map can be executed attach limitation Whether attachment is possible for each trust mode class-map Item Display information policy-map asociation List of policy maps to which the class map is associated edit/erase Whether class-map/no class-map can be executed attach limitation Whether attachment is possible for each trust mode Use the show policy-map and show class-map commands to check
| Command Reference | Traffic control no qos wrr-weight 7 [Input mode] global configuration mode [Description] Specifies the WRR (weighted round robin) weight for the egress queue. The scheduling method setting is common to all LAN/SFP ports and logical interfaces. If this is executed with the "no" syntax, the egress queue uses the strict priority (SP) method. [Note] In order to execute this command, QoS must be enabled.
Command Reference | Traffic control | 415 [Parameter] queue-id : <0-7> Egress queue ID CIR : <18-10000000> Traffic rate (kbps). Since rounding occurs, the value actually applied to the input value might be less BC : <16-16000> Burst size (kbyte). Specified in 4 kbyte units.
| Command Reference | Traffic control [Description] Enables flow control for the entire system (IEEE 802.3x PAUSE frames send/receive). If this is executed with the "no" syntax, flow control is disabled. [Note] If the QoS function is enabled, it is not possible to enable flow control for the system. If flow control is enabled, the tail drop function is automatically disabled. However, this limitation does not apply if the stack function is enabled.
Command Reference | Traffic control | 417 9.3.3 Show flow control operating status [Syntax] show flowcontrol [inteface ifname] [Keyword] interface : Specifies the interface to show : Name of LAN/SFP port. If this is omitted, the command applies to all interfaces. [Parameter] ifname Interface to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows information related to flow control (enabled/disabled, number of PAUSE frames sent/received).
| Command Reference | Traffic control Specifies the threshold value as a percentage of the bandwidth The threshold value can be specified to the second decimal place [Initial value] no storm-control [Input mode] interface mode [Description] Applies reception restrictions to a LAN/SFP port, enabling broadcast storm control, multicast storm control, and control of unicast frames with unknown address. Incoming frames that exceed the threshold value are discarded.
Command Reference | Application | 419 Chapter 10 Application 10.1 DHCP server 10.1.1 Set the DHCP server function (system) [Syntax] dhcp-server switch no dhcp-server [Parameter] switch : Behavior DHCP server function Setting value Description enable Enable the DHCP server function disable Disable the DHCP server function [Initial value] dhcp-server disable [Input mode] global configuration mode [Description] Configures the operations of the DHCP server function for the entire system.
| Command Reference | Application [Input mode] interface mode [Description] Configures the operations for the DHCP server of the applicable interface. This can only be set for VLAN interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] To enable the DHCP server function, you must enable the DHCP server function for the entire system in addition to using this command.
Command Reference | Application | 421 [Parameter] pool_name : DHCP pool name Single-byte alphanumeric characters and single-byte symbols(31 characters or less) [Initial value] none [Input mode] global configuration mode [Description] Moves to DHCP mode to configure the DHCP pool settings. In DHCP mode, this configures the settings for the DHCP pool name specified by this command. If this command is executed with the "no" syntax, the setting value is deleted.
| Command Reference | Application SWX3220(config)#dhcp pool pool_vlan1 SWX3220(config-dhcp)#network 192.168.100.0/24 10.1.6 Set range of IP addresses to be assigned [Syntax] range start_ip_address [end_ip_address] no range [start_ip_address [end_ip_address]] [Parameter] start_ip_address : A.B.C.D The first IP address amongst all assigned IP addresses end_ip_address : A.B.C.
Command Reference | Application | 423 [Description] Sets the IP address to assign to a client in the applicable DHCP pool that has a specific MAC address. The addresses to assign must be within the network specified by the network command. Up to 64 addresses can be set. The same IP address cannot be specified for multiple MAC addresses within a single pool. Multiple IP addresses cannot be specified for a single MAC addresses within a single pool.
| Command Reference | Application [Parameter] switch : Operations for duplication checks of leased IP addresses Setting value Description enable Enables duplication checks disable Disables duplication checks [Initial value] probe enable [Input mode] DHCP mode [Description] Sets duplication checks of leased IP addresses for the applicable DHCP pool. If this command is executed with the "no" syntax, the setting returns to the default. [Example] Enable duplication checks.
Command Reference | Application | 425 [Parameter] ip_address : A.B.C.D IP address [Initial value] none [Input mode] DHCP mode [Description] Sets the IP address to notify as a default gateway from the applicable DHCP pool. The specified address must be within the network specified by the network command. Up to eight addresses can be set. If this command is executed with the "no" syntax by specifying a parameter, the setting value with the specified parameter will be deleted.
| Command Reference | Application no domain-name [Parameter] domain_name : Domain name Single-byte alphanumeric characters and single-byte symbols(127 characters or less) [Initial value] none [Input mode] DHCP mode [Description] Sets the domain name for the applicable DHCP pool. If this command is executed with the "no" syntax, the setting value is deleted. [Note] The "Domain Name" DHCP option (option code 15) notified to the client uses the value for this command.
Command Reference | Application | 427 [Input mode] DHCP mode [Description] Configures the server on which the boot file is located for the applicable DHCP pool. If this command is executed with the "no" syntax, the setting value is deleted. [Example] Set 192.168.100.1 on the server on which the boot file is located.4 SWX3220(config-dhcp)#next-server 192.168.100.1 10.1.
| Command Reference | Application Option number / Mnemonics that can be used with a command Option type 1/subnet mask IP address 2/time_offset 4-octet integer 3/router Array of IP addresses 4/time_server Array of IP addresses 5/name_server Array of IP addresses 6/dns Array of IP addresses 7/log_server Array of IP addresses 8/cookie_server Array of IP addresses 9/lpr_server Array of IP addresses 10/impress_server Array of IP addresses 11/resource_location_server Array of IP address
Command Reference | Application | 429 Option number / Mnemonics that can be used with a command Option type 38/tcp_keepalive_interval 4-octet integer 39/tcp_keepalive_garbage Switches 40/nis_domain Text string 41/nis_server Array of IP addresses 42/ntp_server Array of IP addresses 44/wins_server Array of IP addresses 45/nbt_dd_server Array of IP addresses 46/nbt_node_type 1-octet integer 47/nbt_scope Text string 48/x_font_server Array of IP addresses 49/x_display_manager Array of IP a
| Command Reference | Application [Parameter] pool_name : Pool name Pool name to show [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Shows information of DHCP pool. When POOL_NAME is specified, only the information for the specified POOL_NAME will be shown. The following items are shown.
Command Reference | Application | 431 • • • • MAC address of the assigned client Type (dynamic assignment or static assignment) Lease finish time HostName [Note] IP addresses set as static assignments will always be displayed with this command. Large amounts of lease information may take time to display. When a notification is received via DHCP HostName option from a client, the HostName is displayed for dynamicallydistributed addresses.
| Command Reference | Application SWX3220#clear dhcp-server lease 10.2 DHCP relay 10.2.
Command Reference | Application | 433 [Note] For VLAN interface, the IPv4 address must be specified. For this command, up to 32 for the VLAN interface can be set. Up to five can be set for one VLAN interface with this command. [Example] DHCP packets received by VLAN #1 will be forwarded to 192.168.200.1. SWX3220(config)#interface vlan1 SWX3220(config-if)#dhcp-relay server-address 192.168.200.1 10.2.
| Command Reference | Application [Example] SWX3220#show dhcp relay DHCP relay is running running interface list : vlan1 DHCP relay system setting : enable DHCP relay broadcast setting : disable Server address list : vlan1 : 192.168.200.1 10.3 DNS Relay 10.3.
Command Reference | Application | 435 [Initial value] dns-forwarding disable [Input mode] interface mode [Description] Specifies the forwarding address for the DNS relay function on the applicable interface. This can only be set for VLAN interface. DNS packets received at a VLAN interface for which this is enabled are forwarded to the address specified by the dnsforwarding name-server command. If this command is executed with the "no" syntax, the setting returns to the default.
| Command Reference | Application [Example] Add 192.168.100.1 as a forwarding address for the DNS relay function. SWX3220(config)#dns-forwarding name-server 192.168.100.1 Of the DNS relay function's forwarding destination addresses, make queries to the "swr.example.com" domain be forwarded to 192.168.100.100. SWX3220(config)#dns-forwarding name-server 192.168.100.100 swr.example.com 10.3.
Command Reference | Application | 437 address : A.B.C.D IPv4 address of host time : <1-2147483647> TTL (seconds) for static records (if omitted: 1800) [Initial value] none [Input mode] global configuration mode [Description] Sets the DNS relay function's static records. When a DNS client requests a host name or address specified by this command, a response is returned using the setting value of this command, without forwarding the packet to the server.
| Command Reference | Application [Input mode] unprivileged EXEC mode, privileged EXEC mode [Description] Show the cache of the DNS relay. The following items are shown. • Maximum TTL for cache entries • Number of entries shown • Record type • TTL • Host name • Record information [Note] Up to 1000 cache entries are shown. If there are more than 1000 cache entries, the most recent 1000 cache entries are shown. [Example] Show the cache status for DNS relay.
Command Reference | Application | 439 10.4.2 Set access interface [Syntax] radius-server local interface interface no radius-server local interface [Parameter] interface : VLAN interface name [Initial value] none [Input mode] global configuration mode [Description] Sets the VLAN interface that allows access to the local RADIUS server. Up to seven access interfaces can be specified. If the command is executed with the "no" syntax, the specified interface is deleted.
| Command Reference | Application 10.4.4 RADIUS configuration mode [Syntax] radius-server local-profile [Input mode] global configuration mode [Description] Switches to the RADIUS configuration mode. This mode is used to configure the operating specifications for the local RADIUS server function. [Example] Switches to the RADIUS configuration mode. SWX3220(config)#radius-server local-profile SWX3220(config-radius)# 10.4.5 Authentication method settings [Syntax] authentication mode [mode...
Command Reference | Application | 441 [Keyword] key : Sets the password used for communicating with the RADIUS client (NAS) : IP address, or IP network address [Parameter] host Setting value secret : Description IPv4 address (A.B.C.D) Range from 0.0.0.1 to 223.255.255.255, except for 127.0.0.1 IPv4 network address (A.B.C.
| Command Reference | Application mail : Set the e-mail addresses to which client certificates will be distributed auth : Set the authentication method type expire : Set the term of validity for the client certificate (this is enabled only when the authentication method is EAP-TLS) : User ID [Parameter] userid (within 3–32 characters; cannot specify “DEFAULT”) Authentication method password : Characters that can be inputted EAP-MD5, EAP-TTLS, PEAP, PAP Single-byte alphanumeric character
Command Reference | Application | 443 [Description] This registers the user to be authenticated with the RADIUS server. The maximum number of registered entries is 2000. If this command is executed with the "no" syntax, the specified user is deleted. When the authentication method is EAP-TLS, client certificates need to be issued by executing the certificate user command. Client certificates must be reissued for users for whom the term of validity has been changed on their password or client certificate.
| Command Reference | Application [Note] When this command is executed, operations will be temporarily halted and restarted afterwards, so that the data can be applied to the local RADIUS server. [Example] Applies the current settings to the local RADIUS server. SWX3220#radius-server local refresh 10.4.10 Issuing a client certificate [Syntax] certificate [mail] user [userid] [Keyword] mail : This issues a client certificate and sends the certificate to the user via e-mail attachment.
Command Reference | Application | 445 [Example] Bulk issuance of client certificates. SWX3220#certificate user 10.4.11 Aborting the issue of a client certificate [Syntax] certificate abort [Input mode] privileged EXEC mode [Description] This aborts the bulk issuance of client certificates. The issuance of client certificates can be restarted by executing the certificate user command once more. [Example] Aborts the bulk issuance of client certificates. SWX3220#certificate abort 10.4.
| Command Reference | Application 10.4.
Command Reference | Application | 447 [Parameter] userid : User ID (within 3–32 characters; cannot specify “DEFAULT”) Authentication method Characters that can be inputted: EAP-MD5, EAP-TTLS, PEAP, PAP Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces EAP-TLS Single-byte alphanumeric characters and symbols other than the characters \ [ ] / : * | < > " ? and spaces [Input mode] privileged EXEC mode [Description] Sends client certificates to each user via e
| Command Reference | Application [Note] If an SD card that is not mounted is specified, an error will occur. [Example] This copies the config #0 RADIUS data to the SD card. SWX3220#copy radius-server local 0 sd Succeeded to copy Radius configuration 10.4.16 Show RADIUS client (NAS) status [Syntax] show radius-server local nas host [Parameter] host : IP address or IP network address Setting value Description IPv4 address (A.B.C.D) Range from 0.0.0.1 to 223.255.255.255, except for 127.0.0.
Command Reference | Application | 449 Authentication method Characters that can be inputted Single-byte alphanumeric characters and symbols other than the characters \ [ ] / : * | < > " ? and spaces EAP-TLS [Input mode] privileged EXEC mode [Description] This shows the user information. [Example] Shows the user information list.
| Command Reference | Application [Keyword] detail : Output the list of details : User ID [Parameter] userid (within 3–32 characters; cannot specify “DEFAULT”) Authentication method Characters that can be inputted EAP-MD5, EAP-TTLS, PEAP, PAP Single-byte alphanumeric characters and symbols other than the characters \ [ ] " ? and spaces EAP-TLS Single-byte alphanumeric characters and symbols other than the characters \ [ ] / : * | < > " ? and spaces [Input mode] privileged EXEC mode [Descript
Command Reference | Application | 451 revoked Yamaha-DF598EE9B44D22CD
| Command Reference | Index Index A C aaa authentication auth-mac 170 aaa authentication auth-web 170 aaa authentication dot1x 170 accept-lifetime 303 access-group (IPv4) 374 access-group (IPv6) 376 access-group (MAC) 379 access-list (IPv4) 372 access-list (IPv6) 375 access-list (MAC) 377 access-list description (IPv4) 374 access-list description (IPv6) 376 access-list description (MAC) 378 action 138 advertisement-interval 309 aggregate-police 403 area authentication 250 area default-cost (OSPFv2) 2
Command Reference | Index | 453 default-metric (RIP) 293 default-router 424 description 145 description (route-map) 316 description (schedule) 138 dhcp pool 420 dhcp-relay 432 dhcp-relay broadcast 433 dhcp-relay server-address 432 dhcp-server (global configuration mode) 419 dhcp-server (interface mode) 419 distance (OSPFv2) 258 distance (OSPFv3) 270 distance (RIP) 294 distribute-list (OSPFv2) 258 distribute-list (OSPFv3) 271 distribute-list (RIP) 294 dns-client 246 dns-client domain-list 248 dns-client doma
| Command Reference | Index ip pim register-checksum 348 ip pim register-rate-limit 348 ip pim register-rp-reachability 352 ip pim register-source 347 ip pim register-suppression 348 ip pim rp-address 344 ip pim rp-candidate 344 ip pim rp-register-kat 349 ip pim spt-disable 350 ip pim ssm 350 ip pim state-refresh origination-interval 351 ip pim unicast-bsm 352 ip policy route-map 319 ip rip authentication key-chain 297 ip rip authentication mode 298 ip rip authentication string 298 ip rip metric-zero-ac
Command Reference | Index | 455 ntpdate server 53 O offset-list 295 option 427 ospf router-id 261 overflow database 261 overflow database external 262 P pass-through eap 188 passive-interface (OSPFv2) 262 passive-interface (OSPFv3) 272 passive-interface (RIP) 296 password 34 password-encryption 35 pbr enable 321 ping 237 ping6 245 police single-rate (aggregate policer mode) 404 police single-rate (policy map class mode) 399 police twin-rate (aggregate policer mode) 405 police twin-rate (policy map class m
| Command Reference | Index show boot 44 show boot prioritize sd 45 show class-map 395 show clock 53 show config(show running-config) 40 show config(show startup-config) 41 show ddm status 158 show dhcp binding 430 show dhcp lease 230 show dhcp pool 429 show dhcp relay 433 show dhcp server 431 show disk-usage 47 show dns-client 248 show dns-forwarding 437 show dns-forwarding cache 437 show eee capabilities interface 149 show eee status interface 150 show environment 46 show errdisable 191 show error por
Command Reference | Index | 457 show rmon 79 show rmon alarm 81 show rmon event 80 show rmon history 80 show rmon statistics 80 show route-map 321 show running-config 40 show snmp community 72 show snmp group 73 show snmp user 73 show snmp view 73 show spanning-tree 214 show spanning-tree mst 222 show spanning-tree mst config 222 show spanning-tree mst instance 223 show spanning-tree statistics 216 show ssh-server 92 show ssh-server host key 95 show stack 134 show startup-config 41 show static-channel-group
| Command Reference | Index vlan 195 vlan access-map 381 vlan database 195 vlan filter 382 W wireless-terminal-watch interval 126 write 39