Instruction/ maintenance manual of the product D2 D2G124-12P Enterasys
Go to page of 496
Enterasys ® D-Series Ether net Switches CLI Reference Firmware V ersion 1.0.xx P/N 903439 4.
.
Notice Enterasys Networks reserves the right to make changes in spec ifications and other information contained in this document and its web si te without prior notice.
ENTERASYS NETWORKS, INC. FIRMWARE LICENSE AGREEMENT BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT, CAREFULLY READ THIS LICENSE AGREEMENT. This document is an agreement (“ Agreement”) betwee n the end user (“Y ou”) and Enterasys Networks, Inc.
If the Program is exported from the United Stat es pursuant to the License Ex ception TSR und er the U.
10. ENFORCEMENT. You ac knowledge and agree that any breach of Sections 2, 4, or 9 of this Ag reement by You may cause E.
i Contents About This Guide Using This Guide ................ ............. ................ ............. ................ ............. ................ ....... ............... ............. ... xxi Structure of This Guide .......... ............. .
ii set banner motd ...... ................ ............. ................ ................ ............. ................ ............. ... ................ 2-21 clear banner motd ... ................ ............. ................ ................ ..
iii set tftp timeout ........ ............. ................ ............. ................ ............. ................ ................ ...... ............. 2-47 clear tftp timeout ........... ............. ................ ............. .........
iv Disabling / Enabling and Naming Ports ........ ................... ................ ................... ................. .......... ...... ........... 4-7 Purpose ........... ............. ................ ............. ................ ..........
v Purpose ........... ............. ................ ............. ................ ............. ................ ............. ........ .............. ............. 4-31 Commands ............... ............. ................. ............ .........
vi clear snmp community ...................... ............ ................. ............. ................ ............. .............. ........... 5-14 Configuring SNMP Access Rights ...... ............. ................ ............. .............
vii set spantree version ............... ................ ............. ................ ............. ................ ............. ..... ................ 6-8 clear spantree version ............... ................ ............. ................ ...
viii set spantree adminpathcost ...................... .................... ................ ................... ................ ........ ..... ... 6-36 clear spantree adminpathcos t ................... ................ ................. ............
ix Configuring the VLAN Egress List ... ................ ............. ............. ................ ............. ................ .... .................. 7-12 Purpose ........... ............. ................ ............. ................ .......
x show diffserv service stats ................ ................ ................ ............. ................ ............. .......... ............ 8-15 set diffserv service ........ ............. ................ ............. ................ ....
xi Configuring Priority to Transmit Queue Mapping ......................... ............. ................ ................ .......... ......... 10-4 Purpose ........... ............. ................ ............. ................ ............. .....
xii ping .................. ............. ................ ............. ................ ............. ................ ............. ..... ...................... 12-13 show users ................ ................ ............. ................ .....
xiii clear rmon history ............ ............. ................ ............. ................. ............ ................. ......... ................ 13-7 Alarm Group Commands ................. ............. ................ ............. ....
xiv set dhcp pool network ... ............. ................ ................ ............. ................ ............. ................ .......... . 14-13 clear dhcp pool network ... ................. ............ ................. ............. .
xv show macauthentication ...................... ............. ................ ............. ................ ............. ............ ........ 15-20 show macauthentication sess ion ............ ................ ............. ................ .....
xvi set maclock firstarrival .. .................... ............ ............. ................. ............ ................. .......... ............ . 15-53 clear maclock first arrival ............ ................ ............. ................ .
xvii 2-6 show system Output Details ...... ................... .......... ................ ................ ............. ................ .. ........... 2-12 2-7 show version Output Details ............. ............ ................. ............. .
xviii.
D-Series CLI Reference xxi About This Guide We l c o m e to the Enterasys Netw orks D ‐ Series CL I Refer ence . Thi s manual explains how to acce.
Related Documents xxii About This Guide Chapter 6 , Spanning Tr e e Configuration , describes how to review and set Spanning Tr e e bridge parameter.
Conventions Used in This Guide D-Series CLI Reference xxiii Conventions Used in This Guide The following conventions are used in the text of this document: The .
Getting Help xxiv About This Guide Before calling Enterasys Networks, have the following information ready: •Y o u r Enterasys Networks service contra.
D-Series CLI Reference 1-1 1 Introduction This chapter provides an ov erview of the D ‐ Series’ uniqu e features and functionality , an over vie.
Factory Default Settings 1-2 Introduction • Remotely using We b V i e w ™ , Enterasys Netw orks’ embedded web server application.
Factory Default Settings D-Series CLI Reference 1-3 Link aggregation flow regeneration Disabled. Link aggregation system priority Set to 32768 for all ports.
Factory Default Settings 1-4 Introduction S panning Tree edge port administrative status Edge port administrative status begins with the value set to fals e initially after the device is powered up. If a S panning T ree BDPU is not rece ived on the port within a few seconds, the status setting changes to true .
Using the Command Line Interface D-Series CLI Reference 1-5 Using the Command Line Interface S t arting a CLI Session Connecting Using th e Console Port Connect a terminal to the local console port as described in your D ‐ Series Installation Guide .
Using the Command Line Interface 1-6 Introduction Refer to the instructions included with the Te l n e t application for information about establishing a Te l n e t session.
Using the Command Line Interface D-Series CLI Reference 1-7 Figure 1-2 Samp le CLI Default s Description CLI Command Modes Each command description in this guide includes a.
Using the Command Line Interface 1-8 Introduction Displaying Scrolling Screens If the CLI screen length has be en set using the set length command a.
Using the Command Line Interface D-Series CLI Reference 1-9 Basic Line Editing Commands The CLI supports EMACs ‐ like line editing commands. Ta b l e 1 ‐ 2 li sts some commonly used commands. T able 1-2 Basic Line Editing Commands Key Sequence Command Ctrl+A Move cursor to beginning of line.
Using the Command Line Interface 1-10 Introduction.
D-Series CLI Reference 2-1 2 Basic Configuration At startup, the D ‐ Series switch is configured wi th many defaul ts and standard features. This chapter describes how to customize basic system settings to adapt to you r wo rk envir onment.
Setting User Accounts and Passwords 2-2 Basic Configuration Setting User Account s and Passwords Purpose To change the switch’ s defaul t user login and passw ord settings, and to add new user accounts and passwords.
show system login D-Series CLI Reference 2-3 show system login Use this command to display user login account information. Synt ax show system login Parameters None. Default s None. Mode Switch command, super user .
set system login 2-4 Basic Configuration set system login Use this command to create a new user login account, or to disable or enable an ex isting account.
set password D-Series CLI Reference 2-5 Example This example shows how to remove the “netops” user account: D2(su)->clear system login n etops set p assword .
set system password length 2-6 Basic Configuration set system p assword length Use this command to set the minimum user login password length. Synt ax set system password length characters Parameters Default s None.
set system password history D-Series CLI Reference 2-7 set system p assword history Use this command to set the number of previously used user login passwords that will be checked for password duplication.
Setting Basic Switch Properties 2-8 Basic Configuration Setting Basic Switch Properties Purpose To display and set the system IP address and other basic system (switch) properties.
show ip address D-Series CLI Reference 2-9 show ip address Use this command to display the system IP address and subnet mask. Synt ax show ip address Parameters None. Default s None. Mode Switch command, read ‐ only .
clear ip address 2-10 Basic Configuration Parameters Default s If not s pecified, ip ‐ mask will be set to the natural mask of the ip ‐ address and ip ‐ gateway will be set to the ip ‐ address .
show ip protocol D-Series CLI Reference 2-11 show ip protocol Use this command to display the method used to acquire a netw ork IP address for swi tch management. Synt ax show ip protocol Parameters None.
show system 2-12 Basic Configuration show system Use this command to display system information, including contact information, pow er and fan tray status and uptime. Synt ax show system Parameters None.
show system hardware D-Series CLI Reference 2-13 show system hardware Use this command to display the system’ s hardware c onfiguration. Synt ax show system hardware Parameters None. Default s None. Mode Switch command, read ‐ only .
show system utilization 2-14 Basic Configuration Parameters Default s None. Mode Switch command, read ‐ only . Examples This example shows how to display the syst.
show system enhancedbuffermode D-Series CLI Reference 2-15 show system enhancedbuffermode Use this command to display the status of enhanced buffer mode, which optimizes buffer distribution for si ngle CoS queue operation.
show time 2-16 Basic Configuration show time Use this command to display the current time of day in the sy stem clock. Synt ax show time Parameters None. Default s None. Mode Switch command, read ‐ only .
show summertime D-Series CLI Reference 2-17 show summertime Use this command to display daylight savings time settings. Synt ax show summertime Parameters None. Default s None. Mode Switch command, read ‐ only .
set summertime date 2-18 Basic Configuration set summertime date Use this command to configure specific dates to start and stop daylight sa vings time. These settings will be non ‐ recurring and will hav e to be reset annually .
clear summertime D-Series CLI Reference 2-19 Default s If an offset is not spe cified, none will be applied. Mode Switch command, read ‐ write.
set prompt 2-20 Basic Configuration set prompt Use this command to modify the command prompt. Synt ax set prompt prompt_string Parameters Default s None.
set banner motd D-Series CLI Reference 2-21 set banner mot d Use this command to set the banner message of the day display ed at session login. Synt ax set banner motd message Parameters Default s None.
show version 2-22 Basic Configuration Example This example shows how to clear the message of the day banner to a blank string: D2(rw)->clear banner motd show version Use this command to display hardware and firmware information.
set system name D-Series CLI Reference 2-23 set system name Use this command to configure a name for the syst em. Synt ax set system name [ string ] Parameters Default s If string is not specif ied, the system name will be cleared.
set system con tact 2-24 Basic Configuration set system cont act Use this command to identify a contact person for the system. Synt ax set system contact [ string ] Parameters Default s If string is not specif ied, the contact name will be cleared.
set length D-Series CLI Reference 2-25 Example This example shows how to set the terminal columns to 50: D2(su)->set width 50 set length Use this command to set the number of lines the CLI will display .
set logout 2-26 Basic Configuration Example This example shows how to display the CLI logout setting: D2(su)->show logout Logout currently set to: 10 minutes.
set console baud D-Series CLI Reference 2-27 Mode Switch command, read ‐ only . Example This example shows how to display all console settings: D2(su)->sho.
set license 2-28 Basic Configuration License Key Field Descriptions When Enterasys supplies a license, it wil l be sent to you as a character string similar to the following: INCREMENT D2Policy 2006.
show license D-Series CLI Reference 2-29 Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to activate a permanent license ke y on the switch wi th serial number 075103099041 .
clear license 2-30 Basic Configuration Usage Licenses can be displ ayed, applied, and cleared only with the license commands described in this chapter .
show inlinepower D-Series CLI Reference 2-31 Commands The commands used to review and set system pow er parameters are listed below . show inlinepower Use this command to display system power properties.
set inlinepower trap 2-32 Basic Configuration Default s None. Mode Switch command, read ‐ write. Example This example shows how to set the pow er threshold .
set port inlinepower D-Series CLI Reference 2-33 Example This example shows how to display PoE information for port ge.
Downloading a Firmware Image 2-34 Basic Configuration –H y p e r T e r m i n a l Copyright 1999 –T e r a Te r m Pro Ve r s i o n 2.3 Any other terminal applications may wor k but are not explicitly supported.
Downloading a Firmware Image D-Series CLI Reference 2-35 3. T ype 2 . The following baud rate sel ection screen displays: 1 - 1200 2 - 2400 3 - 4800 4 - 9600 5 - 19200 6 - 38400 7 - 57600 8 - 115200 0 - no change 4. T ype 8 to set the switch baud rate to 115200.
Reviewing and Selecting a Boot Firmware Image 2-36 Basic Configuration Reverting to a Previous Image In the event that you need to downgrade to a previous v.
set boot system D-Series CLI Reference 2-37 Example This example shows how to display the switch’ s boot fi rmware image: D2(su)->show boot system Current .
show telnet 2-38 Basic Configuration show telnet Use this command to display the status of Te l n e t on the switch. Synt ax show telnet Parameters None. Default s None. Mode Switch command, read ‐ only .
telnet D-Series CLI Reference 2-39 telnet Use this command to start a Te l n e t connection to a remote host. The D ‐ Series switch allows a total of four inbound and / or outbound Te l n e t session to run simul taneously .
show snmp persistmode 2-40 Basic Configuration Purpose To set and view the persistence mode for CLI conf iguration commands, manually save the r.
set snmp persistmode D-Series CLI Reference 2-41 saved. In order to make configurat ion changes persistent when the mode is manual, the save .
dir 2-42 Basic Configuration Default s None. Mode Switch command, read ‐ write. Example This example shows how to save the run ning configuration: D2(su)->save config dir Use this command to list configuration and image files stored in the file system.
show file D-Series CLI Reference 2-43 Files: Size ============================ ==== ======== configs: SSH 8293 baserouter_dec 4197 baserouter_jan 8293 baserouter_mar 8293 baserouter_apr 8293 logs: current.log 90129 show file Use this command to display the contents of a file.
show config 2-44 Basic Configuration show config Use this command to display the system configuration or write the configuration to a file .
configure D-Series CLI Reference 2-45 configure Use this command to execute a previously downloaded configuration file stored on the switch.
delete 2-46 Basic Configuration Examples This example shows how to download an image via TFTP: D2(su)->copy tftp://10.
set tftp timeout D-Series CLI Reference 2-47 Usage The TFTP timeout val u e can be set with the set tftp timeout command. The TFTP retry va lu e can be set with the set tftp retry command.
set tftp retry 2-48 Basic Configuration Mode Switch command, read ‐ write. Example This example shows how to clear the timeout va l u e to the default of 2 seconds.
Clearing and Closing the CLI D-Series CLI Reference 2-49 Example This example shows how to clear the retry va l ue to the default of 5 retries.
Resetting the Switch 2-50 Basic Configuration Parameters None. Default s None. Mode Switch command, read ‐ only . Usage By default, switch timeout occurs after 15 minutes of user inactivity , automatically closing yo u r CLI session.
clear config D-Series CLI Reference 2-51 Examples This example shows how to reset the system: D2(su)->reset This command will reset all modules and may disconnect your telnet se ssion.
show webview 2-52 Basic Configuration Commands show webview Use this command to display We b V i e w status. Synt ax show webview Parameters None.
show ssl D-Series CLI Reference 2-53 Usage It is good practice for security reasons to disable HTTP access on the switch when finished c.
set ssl 2-54 Basic Configuration Mode Switch command, read ‐ write. Example This example shows how to enable SSL: D2(rw)->set ssl enabled.
D-Series CLI Reference 3-1 3 Discovery Protocol Configuration This chapter describe s how to configure discovery protocols. Configuring CDP Purpose To review and configure the Enter asys CDP discovery protocol.
show cdp 3-2 Discovery Protocol Configuration Parameters Default s If port ‐ string is not specif ied, all CDP information will be displayed. Mode Switch command, read ‐ only . Example This example shows how to display CDP information for ports ge .
set cdp state D-Series CLI Reference 3-3 set cd p state Use this command to enable or disable the CDP discov ery protocol on one or more ports.
set cdp interval 3-4 Discovery Protocol Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage The authentication code va l u e determines a switch’ s CDP domain.
set cdp hold-time D-Series CLI Reference 3-5 set cd p hold-time Use this command to set the hold time va l ue for CDP discovery protocol configurat ion messages. Synt ax set cdp hold-time hold-time Parameters Default s None.
show neighbors 3-6 Discovery Protocol Configuration show neighbors This command displays Neighbor Discov ery information for either the CDP or Cisco DP protocols.
show ciscodp D-Series CLI Reference 3-7 Commands The commands used to review and configure the Cisco di scover y protocol are listed below . Refer also to “ show neighbors ” on page 3 ‐ 6.
show ciscodp port info 3-8 Discovery Protocol Configuration show ciscod p port info Use this command to display summary information about the Cisco discovery protocol on one or more ports.
set ciscodp status D-Series CLI Reference 3-9 set ciscod p st atus Use this command to enable or disable the Cisco discov ery protocol globally on the switch. Synt ax set ciscodp state { auto | disable | enable } Parameters Default s None.
set ciscodp holdtime 3-10 Discovery Protocol Configuration Mode Switch command, read ‐ write. Example This example shows how to set the Cisco DP timer to 120 seconds.
set ciscodp port D-Series CLI Reference 3-11 Default s •S t a t u s : ena bled •V o i c e VLAN: none •T r u s t mode: trusted •C o S va lu e : 0 Mode Switch mode, read ‐ write.
clear ciscodp 3-12 Discovery Protocol Configuration Examples This example shows how to set the Cisco DP port voic e VLAN ID to 3 on port ge .1.6 and enab le the port operational state.
D-Series CLI Reference 4-1 4 Port Configuration This chapter describe s the Po r t Configuration set of commands and how to use them.
Port Configuration Summary 4-2 Port Configuration Port Slot/Unit Parameters Used in the CLI The “unit” parameter is often used interchangeably wi th “module” in the standalone switch CLI to indicate a module slot location.
Reviewing Port Status D-Series CLI Reference 4-3 Example This example shows how to configure por t ge.2.1 in the D2G124 ‐ 12 to operate with a 100BASE ‐ FX transceiver installed.
show port 4-4 Port Configuration show port Use this command to display whether or not one or more ports are enabled for switching .
show port counters D-Series CLI Reference 4-5 Example This example shows how to display status information for ge .3.14: D2(su)->show port status ge. 3.14 Port Alias Oper Admin Speed Duplex Type (truncated) Status Status ------------ -------------- ------- ------- -------- ------- --- ---------- ge.
show port counters 4-6 Port Configuration Mode Switch command, read ‐ only . Examples This example shows how to display all counter statistics, including MIB2 network traffic and traffic through the device for ge .
Disabling / Enabling and Naming Ports D-Series CLI Reference 4-7 Disabling / Enabling and Naming Port s Purpose To disable and re ‐ enable one or more ports, and to assign an alias to a port.
set port enable 4-8 Port Configuration set port enable Use this command to administratively enable one or more ports. Synt ax set port enable port-string Parameters Default s None. Mode Switch command, read ‐ write.
set port alias D-Series CLI Reference 4-9 set port alias Use this command to assign an alias name to a port. Synt ax set port alias port-string [ name ] Parameters Default s If name is not specified, the alias assigned to the port will be cleared.
show port speed 4-10 Port Configuration show port speed Use this command to display the default spee d setting on one or more ports.
show port duplex D-Series CLI Reference 4-11 Example This example shows how to set ge .3.3 to a port speed of 10 Mbps: D2(su)->set port speed ge.
Enabling / Disabling Jumbo Frame Support 4-12 Port Configuration Mode Switch command, read ‐ write. Example This example shows how to set ge.
set port jumbo D-Series CLI Reference 4-13 Example This example shows how to display the status of jumbo frame support for ge .1.1: D2(su)->show port jumbo ge.1 .1 Port Number Jumbo Status Max Frame Size ------------- -------------- - ------------------ ge.
Setting Auto-Negotiation and Advertised Ability 4-14 Port Configuration Mode Switch command, read ‐ write. Example This example shows how to reset jumbo frame support status for Gigabit Ethernet port 14 in slot 3: D2(su)->clear port jumbo ge.
set port negotiation D-Series CLI Reference 4-15 Parameters Default s If port ‐ string is not specif ied, auto ‐ negotiation status for all ports will be displayed. Mode Switch command, read ‐ only .
set port advertise 4-16 Port Configuration Parameters Default s If port ‐ string is not specif ied, adv ertiseme nt for all ports will be display ed.
clear port advertise D-Series CLI Reference 4-17 Default s None. Mode Switch command, read ‐ write. Example This example shows how to configure port 1 to advertise 1000BASE ‐ T full duplex: D2(su)->set port advertise g e.
Setting Flow Control 4-18 Port Configuration Example This example shows how to configure port 1 to not adv ertise 10 MB capability for auto ‐ negotiation: D2(su)->clear port advertise ge.
set flowcontrol D-Series CLI Reference 4-19 set flowcontrol Use this command to enable or disable flow control. Synt ax set flowcontrol { enable | disable } Parameters Default s None. Mode Switch command, read ‐ write.
show port trap 4-20 Port Configuration show port trap Use this command to display whether the port is enabled for generating an SNMP trap message if its link state changes.
show linkflap D-Series CLI Reference 4-21 Parameters Default s Sending traps when link statu s changes is enabled by default. Mode Switch command, read ‐ write. Example The following example disables sending trap on ge.
show linkflap 4-22 Port Configuration Default s •I f not specified, information about all link flap detection settings will be display ed. •I f port ‐ string is not specif ied, information for all ports will be displayed.
set linkflap globalstate D-Series CLI Reference 4-23 This example shows how to display the link flap metrics table: D2(rw)->show linkflap metric s Port LinkStatus Curre ntCount TotalCount TimeElapsed Violati ons -------- ----------- ----- ------- ---------- ----------- -------- ----- ge.
set linkflap portstate 4-24 Port Configuration Mode Switch mode, read ‐ write. Usage By default, the function is disabled global ly and on all ports.
set linkflap action D-Series CLI Reference 4-25 Default s None. Mode Switch command, read ‐ write. Example This example shows how to set the link flap interv al on port ge .1.4 to 10 00 seconds.
set linkflap threshold 4-26 Port Configuration Parameters Default s If port ‐ string is not specif ied, actions will be cleared on al l ports.
set linkflap downtime D-Series CLI Reference 4-27 set linkflap downtime Use this command to set the time interv al (in seconds) one or more ports will be held down after a link flap violation.
clear linkflap 4-28 Port Configuration clear linkflap Use this command to clear all link flap options and / or stati stics on one or more ports .
show port broadcast D-Series CLI Reference 4-29 show port broadcast Use this command to display port broadcast suppression thresholds.
clear port broadcast 4-30 Port Configuration Default s None. Mode Switch command, read ‐ write. Usage Pe r port broadcast suppression is hardset to be globally enabled on the D2.
Port Mirroring D-Series CLI Reference 4-31 Port Mirroring The D ‐ Series device allows you to mirror (or redirect) the traffic being switched on a port for the purposes of netw ork traffic analysis and connection assu rance.
set port mirroring 4-32 Port Configuration Default s None. Mode Switch command, read ‐ only . Example This example shows how to display port mirroring information. In this case, ge .1.4 is configured as a source port and ge .
clear port mirroring D-Series CLI Reference 4-33 Usage Note that LAG ports and their underlying physical ports , as described in “ Link Aggregation Control Protocol (LACP) ” on page 4 ‐ 33, cannot be mir rored.
Link Aggregation Control Protocol (LACP) 4-34 Port Configuration standard. This standard allow s the switch to determine which po rts are in LAGs and configure them dynamically . Since the protocol is based on the IEEE 802.
Link Aggregation Control Protocol (LACP) D-Series CLI Reference 4-35 D-Series Usage Considerations In normal usage (and typical implementations) there is no need to modify any of the default LACP parameters on the switch.
show lacp 4-36 Port Configuration There are a few cases in which ports wi ll not aggregat e: •A n underlying physical port is atta ched to another port on this same switch (loopback).
show lacp D-Series CLI Reference 4-37 Parameters Default s If port ‐ string is not specif ied, link aggregation information for all LAGs will be display ed. Mode Switch command, read ‐ only .
set lacp 4-38 Port Configuration set lacp Use this command to disable or enable the Link Aggregation Control Protocol (LACP) on the device. Synt ax set lacp {disable | enable} Parameters Default s None.
set lacp aadminkey D-Series CLI Reference 4-39 Mode Switch command, read ‐ write. Usage LACP uses this va l u e to determine aggregation precedence.
set lacp static 4-40 Port Configuration Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear the actor admin key for LAG port 6: D2(su)->clear lacp aadminkey lag.
clear lacp static D-Series CLI Reference 4-41 clear lacp st atic Use this command to remove specific ports from a Link Aggregation Group. Synt ax clear lacp static lagportstring port -string Parameters Default s None.
clear lacp singleportlag 4-42 Port Configuration previous LAG member ports comes up connected to the same switch as before th e LAG wen t down.
show port lacp D-Series CLI Reference 4-43 Mode Switch command, read ‐ only . Usage State definitions, such as ActorAdminState and Par t n e r AdminState, are indicated with letter abbreviations.
set port lacp 4-44 Port Configuration set port lacp Use this command to set link aggrega tion parameters for one or more ports.
clear port lacp D-Series CLI Reference 4-45 Default s At least one parameter must be entered per port ‐ string. If enable or disable are not specified, port(s) will be enabled with the LACP parameters entered.
clear port lacp 4-46 Port Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage If you set a port to LACP passiv e using the .
Configuring Protected Ports D-Series CLI Reference 4-47 Configuring Protected Port s The Protected Por t feature is used to prevent por ts from forw arding traffic to each other , even when they are on the same VLAN.
show port protected 4-48 Port Configuration Example This example shows how to assign ports ge .1.1 through ge .1.3 to protected port group 1: D2(rw)->set port protected g e.
set port protected name D-Series CLI Reference 4-49 Mode Switch command, read ‐ write. Example This example shows how to clear protected ports ge .1.1 through ge .1.3: D2(rw)->clear port protected ge.
clear port protected name 4-50 Port Configuration Example This example shows how to show the name of protected port group 1: D2(ro)->show port pr.
D-Series CLI Reference 5-1 5 SNMP Configuration This chapter describe s the Simple Network Management Protocol (SNMP) set of commands and how to use them.
SNMP Configuration Summary 5-2 SNMP Configuration •S N M P network management applications, such as the Enterasys Ne tSight application, whic h communicate with agents to get statistics and alerts from the managed devices.
Reviewing SNMP Statistics D-Series CLI Reference 5-3 Using SNMP Context s to Access S pecific MIBs By default, when operating from the switch CLI, D ‐ Se ries devices allow access to all SNMP MIBs or contexts.
show snmp engineid 5-4 SNMP Configuration Commands show snmp engineid Use this command to display the SNMP local engine ID. This is the SNMP v3 engine’ s administratively unique identifier .
show snmp counters D-Series CLI Reference 5-5 show snmp counters Use this command to display SNMP traffic counter val u e s . Synt ax show snmp counters Parameters None. Default s None. Mode Switch command, read ‐ only .
show snmp counters 5-6 SNMP Configuration usmStatsUnknownEngineIDs = 0 usmStatsWrongDigests = 0 usmStatsDecryptionErrors = 0 Ta b l e 5 ‐ 19 provides an explanation of the command output. T able 5-19 show snmp counters Out put Det ails Output Field What It Displays.
Configuring SNMP Users, Groups, and Communities D-Series CLI Reference 5-7 Configuring SNMP Users, Group s, and Communities Purpose To review and configure SNMP users, groups, and v1 and v2 communities.
show snmp user 5-8 SNMP Configuration Commands show snmp user Use this command to display information about SNMP users.
set snmp user D-Series CLI Reference 5-9 Examples This example shows how to display an SNMP user list: D2(su)->show snmp user list --- SNMP user information -- -.
clear snmp user 5-10 SNMP Configuration Default s If remote is not specified , the user will be registered for the local SNMP engine. If authenticat ion is not specified, no authentication wi ll be applied.
show snmp group D-Series CLI Reference 5-11 show snmp group Use this command to display an SNMP group configuration. An SNMP group is a collection of SNMPv3 users who share the same access privileges.
set snmp group 5-12 SNMP Configuration set snmp group Use this command to create an SN MP group. This associates SNMPv3 users to a group that shares common access privileges.
show snmp community D-Series CLI Reference 5-13 Parameters Default s If not specified, settings r elated to all security models will be cle ared. Mode Switch command, read ‐ write.
set snmp community 5-14 SNMP Configuration set snmp community Use this command to configure an SNMP community group. Synt ax set snmp community community [ securi tynam.
Configuring SNMP Access Rights D-Series CLI Reference 5-15 Default s None. Mode Switch command, read ‐ write. Example This example shows how to delete the community name “vip.
show snmp access 5-16 SNMP Configuration Default s If groupname is not specified, access information for all SNMP groups will be displayed. If security ‐ mode l is not specified, access information for all SNMP versions wil l be display ed.
set snmp access D-Series CLI Reference 5-17 set snmp access Use this command to set an SNMP access configuration. Synt ax set snmp access groupname security-m odel .
clear snmp access 5-18 SNMP Configuration If read view is not specified none will be applied. If write view is not specified, none will be applied. If notify view is not specified, none will be applied.
Configuring SNMP MIB Views D-Series CLI Reference 5-19 Configuring SNMP MIB V iews Purpose To review and configure SNMP MIB views.
show snmp cont ext 5-20 SNMP Configuration Example This example shows how to display SNMP MIB view configuration information: D2(su)->show snmp view --- SNMP.
set snmp view D-Series CLI Reference 5-21 Mode Switch command, read ‐ only . Usage An SNMP context is a collection of management information that can be accessed by an SNMP agent or entity .
clear snmp view 5-22 SNMP Configuration clear snmp view Use this command to delete an SNMP v3 MIB view . Synt ax clear snmp view viewname subtree Parameters Default s None.
show snmp targetparams D-Series CLI Reference 5-23 Parameters Default s If targetPara ms is not specified, entries associated with all target paramete rs will be displayed. If not specified, entries of all storage types will be displayed.
set snmp targetparams 5-24 SNMP Configuration set snmp t argetp arams Use this command to set SNMP target parameters, a named set of security/authorization criteria used to generate a message to a target.
Configuring SNMP Target Addresses D-Series CLI Reference 5-25 Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear SN.
set snmp targetaddr 5-26 SNMP Configuration If not specified, entries of all storage types will be displayed for a target address.
clear snmp targetaddr D-Series CLI Reference 5-27 Default s If not specified, udpport will be set to 162 . If not specified, mask will be set to 255.255.255.255 If not specified, timeout will be set to 1500 .
Configuring SNMP Notification Parameters 5-28 SNMP Configuration Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear .
show newaddrtrap D-Series CLI Reference 5-29 show newaddrtrap Use this comman d to display the global and port ‐ specif ic status of the SNMP new MAC addre sses trap function.
set newaddrtrap 5-30 SNMP Configuration set newaddrtrap Use this command to enable or disable SNMP trap messaging, globally or on one or more ports, when new source MAC addresses are detected.
set snmp notify D-Series CLI Reference 5-31 Default s If a notify name is not specified, all entries will be displayed. If volatile , no nvolatile , or read ‐ only are not s pecified, all storage type entries will be di splayed.
clear snmp notify 5-32 SNMP Configuration Default s If not specified, message type will be set to trap . If not specified, storage type will be set to nonvolatile . Mode Switch command, read ‐ write.
show snmp notifyfilter D-Series CLI Reference 5-33 show snmp notifyfilter Use this command to display SNMP notify filter information, ide ntifying which profiles will not receiv e SNMP notifications.
clear snmp notifyfilter 5-34 SNMP Configuration Parameters Default s If not specified, mask is not set. If not specified, subtree will be included . If storage type is not specified, nonvolatile (permanent) will be applied.
show snmp notifypr ofile D-Series CLI Reference 5-35 Example This example shows how to delete the SNMP notify filter “pilot1”: D2(su)->clear snmp notifyfil ter pilot1 subtree 1.3.6 show snmp notifyprofile Use this command to display SNMP notify profile information.
clear snmp notifyprofile 5-36 SNMP Configuration Parameters Default s If storage type is not specified, nonvolatile (permanent) will be applied.
Creating a Basic SNMP Trap Configuration D-Series CLI Reference 5-37 Creating a Basic SNMP T rap Configuration T raps are notification messages sent by an SNMPv1 or .
Creating a Basic SNMP Trap Configuration 5-38 SNMP Configuration Example This example shows how to: • Create an SNMP community called mgmt . • Configure a trap notification called TrapSink .
D-Series CLI Reference 6-1 6 Spanning T ree Configuration This chapter describes the Spanning Tr e e Configuration set of commands and how to use them. Sp anning T ree Configuration Summary Overview: Single, Rapid, and Mult iple S p anning T ree Protocols The IEEE 802.
Spanning Tree Configuration Summary 6-2 Spanning Tree Configuration blocking for all traffic flowing between the tw o switches. The blocking links are effectively used only if the forw arding link goes down.
Configuring Spanning Tree Bridge Parameters D-Series CLI Reference 6-3 learning and the priorit y vect or is wor s e than tha t already held by th e port. If a disputed BPDU is receiv ed, the port is forced to the li stening state.
Configuring Spanning Tree Bridge Parameters 6-4 Spanning Tree Configuration Commands For information about... Refer to p age... show spantree stat s 6-5 set spantree 6-7 show spantree version 6-7 set .
show spantree stats D-Series CLI Reference 6-5 show sp antree stat s Use this command to display Spanning Tr e e information for one or more ports.
show spantree stats 6-6 Spanning Tree Configuration Example This example shows how to display the device’ s Spanning Tr e e configuration: D2(su)->show spa.
set spantree D-Series CLI Reference 6-7 set sp antree Use this command to globally enable or disable the Spanning Tr e e protocol on the switch. Synt ax set spantree { disable | enable } Parameters Default s None.
set spantree version 6-8 Spanning Tree Configuration Mode Switch command, read ‐ only . Example This example shows how to display Spanning Tr e e ver si o n .
show spantree bpdu-forwarding D-Series CLI Reference 6-9 Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset t.
show spantree bridgeprioritymode 6-10 Spanning Tree Configuration Default s By default BP DU forw arding is disabled . Mode Switch command, read ‐ write.
clear spantree bridgeprioritymode D-Series CLI Reference 6-11 Default s None Mode Switch command, read ‐ write. Usage The mode affects the range of priority val u.
show spantree mstilist 6-12 Spanning Tree Configuration show sp antree mstilist Use this command to display a list of Multiple Spanning Tr e e (M ST) instances configured on the device. Synt ax show spantree mstilist Parameters None.
clear spantree msti D-Series CLI Reference 6-13 clear sp antree msti Use this command to delete one or more Multiple Spanning Tr e e instances. Synt ax clear spantree msti [ sid sid ] Parameters Default s If sid is not specifie d, all MST instances will be cleared.
set spantree mstmap 6-14 Spanning Tree Configuration set sp antree mstmap Use this command to map one or more filtering database IDs (FIDs) to a SID.
show spantree vlanlist D-Series CLI Reference 6-15 show sp antree vlanlist Use this command to display the Spanning Tr e e ID(s) assigned to one or more VLANs.
set spantree mstcfgid 6-16 Spanning Tree Configuration D2(su)->show spantree mstcfg id MST Configuration Identifie r: Format Selector: 0 Configuration Name: 00:01: f4:89:51:94 Revision Level: 0 Con.
set spantree priority D-Series CLI Reference 6-17 set sp antree priority Use this command to set the device’ s Spanning Tr e e priority .
set spantree hello 6-18 Spanning Tree Configuration Example This example shows how to reset the bridge priority on SID 1: D2(su)->clear spantree prior it.
set spantree maxage D-Series CLI Reference 6-19 set sp antree maxage Use this command to set the bridge maxim um aging time. Synt ax set spantree maxage agingtime Parameters Default s None. Mode Switch command, read ‐ write.
set spantree fwddelay 6-20 Spanning Tree Configuration Example This example shows how to globally reset the maximum aging time: D2(su)->clear spantree maxag e set sp antree fwddelay Use this command to set the Spanning Tr e e forward delay .
show spantree backuproot D-Series CLI Reference 6-21 Mode Switch command, read ‐ write. Example This example shows how to globally reset the bridge forwar.
clear spantree backuproot 6-22 Spanning Tree Configuration Usage The Spanning Tr e e backup root function is di sabled by default on the D ‐ Series.
set spantree tctrapsuppress D-Series CLI Reference 6-23 Mode Switch command, read ‐ only . Example This example shows how to display the status of topolog.
set spantree protomigration 6-24 Spanning Tree Configuration Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear .
set spantree spanguard D-Series CLI Reference 6-25 Default s None. Mode Switch command, read ‐ only . Example This example shows how to display the SpanGuard .
clear spantree spanguard 6-26 Spanning Tree Configuration clear sp antree spanguard Use this command to reset the statu s of the Spanning Tr e e SpanGuard function to disable d. Synt ax clear spantree spanguard Parameters None.
clear spantree spanguardtimeout D-Series CLI Reference 6-27 Synt ax set spantree spanguardtimeou t timeout Parameters Default s None. Mode Switch command, read ‐ write.
clear / set spantree spanguardlock 6-28 Spanning Tree Configuration Parameters Default s If no port string is specifie d, the SpanGuard lock status for all ports is display ed. Mode Switch command, read ‐ only .
set spantree spanguardtrapenable D-Series CLI Reference 6-29 Synt ax show spantree spanguardtrape nable Parameters None. Default s None. Mode Switch command, read ‐ only .
show spantree legacypathcost 6-30 Spanning Tree Configuration Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset .
clear spantree legacypathcost D-Series CLI Reference 6-31 Default s None. Mode Switch command, read ‐ write. Usage By default, legacy path cost is disabled.
set spantree portadmin 6-32 Spanning Tree Configuration set sp antree portadmin Use this command to disable or enable the Spanning Tr e e algorit hm on one or more ports. Synt ax set spantree portadmin port-string { disable | enable} Parameters Default s None.
show spantree portadmin D-Series CLI Reference 6-33 Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset the default Spanning Tr e e admin state to enable on ge .
set spantree portpri 6-34 Spanning Tree Configuration Parameters Default s If port ‐ string is not specif ied, port priority will be display ed for all Spanning Tr e e ports.
clear spantree portpri D-Series CLI Reference 6-35 clear sp antree portpri Use this command to reset the bridge priority of a Spanning Tr e e port to a def ault va l u e of 128.
set spantree adminpathcost 6-36 Spanning Tree Configuration Example This example shows how to display the admin path cost for ge .3.4 on SID 1: D2(su)->show spantree adminp athcost port ge.3.4 sid 1 Port ge.
show spantree adminedge D-Series CLI Reference 6-37 Default s If sid is not specifie d, admin path cost will be reset for Spanning Tr e e 0.
clear spantree adminedge 6-38 Spanning Tree Configuration Default s None. Mode Switch command, read ‐ write. Usage The default behavior of the edge port administr.
set spantree lp D-Series CLI Reference 6-39 Commands set sp antree lp Use this command to enable or disable the Loop Protect feature per port and optionally , per SID. The Loop Protect feature is disabled by default.
show spantree lp 6-40 Spanning Tree Configuration Default s If no SID is specified, SID 0 is assumed. Mode Switch command, read ‐ write. Usage Loop Protect takes precedence ov er per port STP enable/disable (portAdmin).
clear spantree lp D-Series CLI Reference 6-41 clear sp antree lp Use this command to return the Loop Protect status per port and optionally , per SID, to its default state of disabled.
clear spantree lplock 6-42 Spanning Tree Configuration Mode Switch command, read ‐ only . Example This example shows how to display Loop Protect lock status on ge .1.1: D2(rw)->show spantree lplock port ge.
show spantree lpcapablepartner D-Series CLI Reference 6-43 Default s None. Mode Switch command, read ‐ write. Usage The default val ue for Loop Protect capable partner is false.
clear spantree lpcapablepartner 6-44 Spanning Tree Configuration clear sp antree lpcapablep artner Use this command to reset the Loop Protect capability of port link partners to the default state of false.
show spantree lpthreshold D-Series CLI Reference 6-45 Example This example shows how to set the Loop Protect threshold val u e to 4: D2(rw)->set span.
set spantree lpwindow 6-46 Spanning Tree Configuration set sp antree lpwindow Use this command to set the Loop Protect event window val u e in seconds. Synt ax set spantree lpwindow value Parameters Default s None.
clear spantree lpwindow D-Series CLI Reference 6-47 clear sp antree lpwindow Use this command to reset the Loop Protect event window to the defau lt va lu e of 180 seconds. Synt ax clear spantree lpwindow Parameters None.
show spantree lptrapenable 6-48 Spanning Tree Configuration show sp antree lptrapenable Use this command to display the current status of Loop Protect ev ent notification. Synt ax show spantree lptrapenable Parameters None.
show spantree disputedbpduthreshold D-Series CLI Reference 6-49 Synt ax set spantree disputedbpduthr eshold value Parameters Default s None. Mode Switch command, read ‐ write.
clear spantree disputedbpduthreshold 6-50 Spanning Tree Configuration Mode Switch command, read ‐ only . Example This example shows how to display the current .
show spantree nonforwardingreason D-Series CLI Reference 6-51 Mode Switch command, read ‐ only . Usage Exceptional conditions causing a port to be placed in .
show spantree nonforwardingreason 6-52 Spanning Tree Configuration.
D-Series CLI Reference 7-1 7 802.1Q VLAN Configuration This chapter describe s the D ‐ Series system’ s capabilities to implement 802.
Viewing VLANs 7-2 802.1Q VLAN Configuration If the D ‐ Series device is to be configured for multiple VLANs, it may be desirable to configure a management ‐ only VLAN.
show vlan D-Series CLI Reference 7-3 Command show vlan Use this command to display all information related to one or more VLANs.
Creating and Naming Static VLANs 7-4 802.1Q VLAN Configuration Creating and Naming St atic VLANs Purpose To create a new static VLAN, or to enable or disable exist ing VLAN(s). Commands set vlan Use this command to create a new static IEEE 802.
set vlan name D-Series CLI Reference 7-5 Mode Switch command, read ‐ write. Usage Once a VLAN is created, you can assign it a name using the set vlan name command described in “ set vlan name ” on page 7 ‐ 5.
clear vlan name 7-6 802.1Q VLAN Configuration Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to remove a static .
show port vlan D-Series CLI Reference 7-7 Commands show port vlan Use this command to display port VLAN identifier (PVID) information. PVID determines the VLAN to which all untagged frames receiv ed on one or more ports will be classified.
set port vlan 7-8 802.1Q VLAN Configuration set port vlan Use this command to configure the PVID (port VLAN identifier) for one or more ports. Synt ax set port vlan port-string pvid [ modi fy-egress | no-modify-egress ] Parameters Default s None.
show port ingress filter D-Series CLI Reference 7-9 Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset ports ge .1.3 through 11 to a VL AN ID of 1 (Host VLAN): D2(su)->clear port vlan ge.
set port ingress filter 7-10 802.1Q VLAN Configuration set port ingress filter Use this command to discard all frames received with a VLAN ID that don’ t match the port’ s VLAN egress list.
set port discard D-Series CLI Reference 7-11 Mode Switch command, read ‐ only . Example This example shows how to display the frame discard mode for ge.
Configuring the VLAN Egress List 7-12 802.1Q VLAN Configuration Configuring the VLAN Egress List Purpose To assign or re move ports on the egress list of a particular VLAN.
set vlan forbidden D-Series CLI Reference 7-13 Mode Switch command, read ‐ write. Example This example shows you how to show VLAN egress information for ge .
set vlan egress 7-14 802.1Q VLAN Configuration set vlan egress Use this command to add ports to the VLAN egress list for the device, or to prevent one or mor e ports from participating in a VLAN.
show vlan dynamicegress D-Series CLI Reference 7-15 Synt ax clear vlan egress vlan-list port-string [ for bidden ] Parameters Default s If forbidden is not specified, tagged and untagged settings will be cleared.
set vlan dynamicegress 7-16 802.1Q VLAN Configuration Example This example shows how to display the dynamic egress status for VLANs 50 ‐ 55: D2(rw)-&g.
Setting the Host VLAN D-Series CLI Reference 7-17 Setting the Host VLAN Purpose To configure a host VLAN that only select devices are allow ed to access. This se cures the host port for management ‐ only tasks.
clear host vlan 7-18 802.1Q VLAN Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage The host VLAN should be a secure VLAN where only designated users ar e allowed access.
Enabling/Disabling GVRP (GARP VLAN Registration Protocol) D-Series CLI Reference 7-19 Enabling/Disabling GVRP (GARP VLAN Registration Protocol) About GARP VLAN Registration Prot ocol (GVRP) The fo.
Enabling/Disabling GVRP (GARP VLAN Registration Protocol) 7-20 802.1Q VLAN Configuration Figure 7-7 Example of VLAN Propagation via GVRP Purpose To dynamically create VLANs acr oss a switched netw ork.
show gvrp D-Series CLI Reference 7-21 show gvrp Use this command to display GVRP configuration information. Synt ax show gvrp [ port-string ] Parameters Default s If po.
set gvrp 7-22 802.1Q VLAN Configuration Example This example shows how to display GARP timer information on ports 1 through 10 in slot 1: D2(su)->show garp timer ge.
clear gvrp D-Series CLI Reference 7-23 Mode Switch command, read ‐ write. Examples This example shows how to enable GVRP globally on the device: D2(su.
set garp timer 7-24 802.1Q VLAN Configuration Default s None. Mode Switch command, read ‐ write. Usage The setting of these timers is critical and should only be changed by personnel familiar with the 802.
D-Series CLI Reference 8-1 8 Dif f erentiated Services Configuration This chapter describe s the Differentiated Services (Diffserv) set of commands and how to use them.
Globally Enabling or Disabling Diffserv 8-2 Differentiated Services Configuration Globally Enabling or Disabling Diffserv Purpose To globally enable or disable Diffserv on the device.
Creating Diffserv Classes and Matching Conditions D-Series CLI Reference 8-3 Creating Diffserv Classes and Matching Conditions Purpose To review , create, and configure Diffserv classes and match ing conditions.
show diffserv class 8-4 Differentiated Services Configuration show diffserv class Use this command to display information about Diffserv classes. Synt ax show diffserv class { summary | detai led classname } Parameters Default s None.
set diffserv class delete D-Series CLI Reference 8-5 Example This example shows how to create a Diffserv class called “admin”: D2(rw)->set diffserv c.
set diffserv class match 8-6 Differentiated Services Configuration dstip | srcip classname ipaddr ipmask Matches to a specific class based on dest ination or source IP address.
set diffserv class match D-Series CLI Reference 8-7 Default s None. Mode Switch command, read ‐ write. Usage Any policy that is applied must be com posed of rules that come from only one of the foll owing four groups.
set diffserv class rename 8-8 Differentiated Services Configuration Yo u cannot create and add a class to a policy before adding any rules (match conditions) to the class.
Configuring Diffserv Poli cies and Assigning Classes D-Series CLI Reference 8-9 Configuring Diffserv Policies and Assigning Classes Purpose To review , create, and configure Diffserv policies and assi gn classes.
set diffserv policy create 8-10 Differentiated Services Configuration Example This example shows how to display a summary of Diffserv policy information.
set diffserv policy class D-Series CLI Reference 8-11 Mode Switch command, read ‐ write. Usage In order to delete a policy you must first remove the .
set diffserv policy police style simple 8-12 Differentiated Services Configuration Parameters Default s None. Mode Switch command, read ‐ write.
set diffserv policy police action conform D-Series CLI Reference 8-13 set diffserv policy police action conform Use this command to configure traffic policing actions for pac kets that conform to associated Diffserv classifications.
set diffserv policy rename 8-14 Differentiated Services Configuration Default s None. Mode Switch command, read ‐ write. Example This example shows how to set the .
show diffserv service info D-Series CLI Reference 8-15 Commands The commands used to review and assign Diffserv policies to service po rts are list ed below and described in the associated section as shown.
set diffserv service 8-16 Differentiated Services Configuration Parameters Default s None. Mode Switch command, read ‐ only . Example This example shows how to display a detailed incoming traffic statistics about servic e port ge.
DiffServ Configuration Examples D-Series CLI Reference 8-17 DiffServ Configuration Examples Ty p i c a l l y , yo u wo u ld use the Diffserv command set to complete configuration tasks in the following order: 1.
DiffServ Configuration Examples 8-18 Differentiated Services Configuration.
D-Series CLI Reference 9-1 9 Policy Classification Configuration This chapter describe s the Po l i cy Classification set of commands and how to use them.
show policy profile 9-2 Policy Classification Configuration Commands show policy profile Use this command to display policy profil e information.
show policy profile D-Series CLI Reference 9-3 Example This example shows how to display policy information for prof ile 11: D2(su)->show policy profile .
set policy profile 9-4 Policy Classification Configuration set policy profile Use this command to create a policy profile ent ry .
clear policy profile D-Series CLI Reference 9-5 clear policy profile Use this command to delete a policy profile ent ry . Synt ax clear policy profile profile-index Parameters Default s None. Mode Switch command, read ‐ write.
show policy rule 9-6 Policy Classification Configuration show policy rule Use this command to display policy classification rule information.
show policy rule D-Series CLI Reference 9-7 Default s If verbose is not s pecified, summary informat ion will be display ed.
show policy capability 9-8 Policy Classification Configuration show policy cap ability Use this command to display de tailed policy classification capabilities supported by you r D ‐ Series device.
show policy capability D-Series CLI Reference 9-9 Example This example shows how to display the device’ s policy classification capabilities.
set policy ru le 9-10 Policy Classification Configuration set policy rule Use this command to assign incoming untagged frames to a speci fic policy profile and to VLAN rules.
set policy rule D-Series CLI Reference 9-11 Default s None. Mode Switch command, read ‐ write. Usage Ta b l e 9 ‐ 35 provides the set policy rule data va l u e .
clear policy rule 9-12 Policy Classification Configuration Examples This example shows how to use Ta b l e 9 ‐ 35 to assign a rule to policy profi.
clear policy all-rules D-Series CLI Reference 9-13 Default s When applicable, data and mask must be specified for i ndividual rules to be cleared.
Assigning Ports to Policy Profiles 9-14 Policy Classification Configuration Mode Switch command, read ‐ write. Example This example shows how to remove al l admin.
clear policy port D-Series CLI Reference 9-15 Example This example shows how to allow Gigabit Etherne t ports 5 through 15 in slot 1 to transmit frames according to policy prof ile 1: D2(su)->set policy port ge.
Configuring Policy Clas s of Service (CoS) 9-16 Policy Classification Configuration enabled, the defaul t and user ‐ assigned policy ‐ based settings will override port ‐ based settings described in Chapter 10 .
Configuring Policy Class of Service (CoS) D-Series CLI Reference 9-17 D2(su)->show cos port-resour ce irl 1.0 1 Group Index Resource Type Un it Rate Rate Limit Type Action ----------- -------- ---- -- -- ---------- --------------- ------ 1.0 1 irl kb ps 512 drop none D2(su)->show cos port-resou rce irl 2.
set cos state 9-18 Policy Classification Configuration Commands set cos st ate Use this command to enable or disable Class of Service. Synt ax set cos state { enable | disable } Parameters Default s None. Mode Switch command, read ‐ write.
show cos state D-Series CLI Reference 9-19 Example This example shows how to enable Class of Service: D2(rw)->set cos state enable show cos st ate Use this command to display the Class of Service enable state.
set cos settings 9-20 Policy Classification Configuration set cos settings Use this command to configure a Class of Service entry in the CoS settings table.
clear cos settings D-Series CLI Reference 9-21 Example This example shows how to create CoS entry 8 with a priority va l u e of 3: D2(rw)->set cos settings 8 p riority 3 clear cos settings Use this command to clear Class of Service entry settings.
set cos port-config 9-22 Policy Classification Configuration Example This example shows how to show all CoS settings: D2(su)->show cos settings CoS Index Priority To.
show cos port-config D-Series CLI Reference 9-23 groups (1 through 7) can be configured. Currently , only one port type (type 0) is supported. This port type supports 100 limiters .
clear cos port-config 9-24 Policy Classification Configuration Inbound Rate Limiting Port C onfiguration Entries ---------------------------- ----------------------------------------- - Port Group Nam.
set cos port-resource D-Series CLI Reference 9-25 Example This example deletes all Por t Groups except for the Default gro up 0.
show cos port-re source 9-26 Policy Classification Configuration Example This ex ample se ts the inbound rate limit re source index number 1 for port group 2.0 to 10000 Kbps or 1 MB: D2(su)->set cos port-resourc e irl 2.
set cos reference D-Series CLI Reference 9-27 Parameters Default s None. Mode Switch command, read ‐ write. Example This example clears the data rate to 0 for IRL resource index 1 for gr oup 2.
show cos reference 9-28 Policy Classification Configuration Mode Switch command, read ‐ write. Usage The CoS refere nce table maps the user ‐ defined IRL re.
clear cos reference D-Series CLI Reference 9-29 Example This example shows the Class of Service IRL references for port group 1.0. Note tha t not all of the 100 possible references are display ed in this output example.
show cos unit 9-30 Policy Classification Configuration show cos unit Use this command to show possible CoS unit entries. Synt ax show cos unit Parameters None. Default s None. Mode Switch command, read ‐ only .
show cos port-type D-Series CLI Reference 9-31 show cos port-type Use this command to display Class of Service port type configurations.
show cos port-type 9-32 Policy Classification Configuration.
D-Series CLI Reference 10-1 10 Port Priority and Rate Limiting Configuration This chapter describes the Po r t Priority and Rate Li miting set of commands and how to use them.
Configuring Port Priority 10-2 Port Priority and Rate Limiting Configuration Configuring Port Priority Purpose To view or configure port priority characteristics as fol.
set port priority D-Series CLI Reference 10-3 set port priority Use this command to set the 802.1D (802.1p) Class ‐ of ‐ Service transmit priority (0 through 7) on each port.
Configuring Priority to Transmit Queue Mapping 10-4 Port Priority and Rate Limiting Configuration Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset ge .1.11 to the default priority: D2(rw)->clear port priority ge.
set port priority-queue D-Series CLI Reference 10-5 Parameters Default s If port-string is not specified, priority queue informati on for all ports will be displayed. Mode Switch command, read ‐ only . Example This example shows how to display priority queue information for ge .
clear port priority-queue 10-6 Port Priority and Rate Limiting Configuration Usage Priority to transmit queue mapping on an individual port basis can only be configured on Gigabit Ethernet ports ( ge .
show port txq D-Series CLI Reference 10-7 show port txq Use this command to display QoS transmit queue informat ion for one or more physical ports.
clear port txq 10-8 Port Priority and Rate Limiting Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage Queues can be set for strict priority (SP) or weig h te d round ‐ robin (WRR).
clear port txq D-Series CLI Reference 10-9 Parameters Default s By default, transmit queues are de fined as follows: Mode Switch command, read ‐ write. Example This example shows how to clear transmit queue va l u e s on ge .
clear port txq 10-10 Port Priority and Rate Limiting Configuration.
D-Series CLI Reference 11-1 11 IGMP Configuration This chapter describe s the IGMP Configuration set of commands and how to use them.
Configuring IGMP at Layer 2 11-2 IGMP Configuration multicast switch/router it passes through to ensure that traffic is only passed to the hosts that subscribed to this service.
set igmpsnooping adminmode D-Series CLI Reference 11-3 Usage Configured information is display ed whether or not IGMP snooping is enabled. Status information is display ed only when the function is enabled.
set igmpsnooping interfacemode 11-4 IGMP Configuration set igmp snooping interfacemode Use this command to enable or disable IGMP on one or all ports. Synt ax set igmpsnooping interfacemo de port-string {enable | disable} Parameters Default s None.
set igmpsnooping maxresponse D-Series CLI Reference 11-5 Usage The IGMP group membership interv al time sets the frequency of host ‐ query frame trans.
set igmpsnooping add-static 11-6 IGMP Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage This timer is for expiring the switch from the multicast database.
set igmpsnooping remove-static D-Series CLI Reference 11-7 Example This example creates an IGMP entry for the multicast group with IP address of 233.11.22.33 configured on VLAN 20 configured with the port ge .
show igmpsnooping mfdb 11-8 IGMP Configuration Mode Switch command, read ‐ only . Example This example displays the static IGMP ports for VLAN 20.
clear igmpsnooping D-Series CLI Reference 11-9 Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear all IGM.
clear igmpsnooping 11-10 IGMP Configuration.
D-Series CLI Reference 12-1 12 Logging and Network Management This chapter describe s switch ‐ related logging and network management commands and how to use them.
show logging ser ver 12-2 Logging and Network Management show logging server Use this command to display the Syslog configuration for a particular serv er .
set logging server D-Series CLI Reference 12-3 set logging server Use this command to configure a Syslog server . Synt ax s et logging server index [ ip-addr ip-addr ] [ fa.
clear logging server 12-4 Logging and Network Management clear logging server Use this command to remove a serv er from the Syslog serv er table. Synt ax clear logging server index Parameters Default s None.
set logging default D-Series CLI Reference 12-5 set logging default Use this command to set logging default val u e s . Synt ax set logging default {[ facility facil ity] [ severity severity ] port port] } Parameters Default s None.
show logging application 12-6 Logging and Network Management Default s At least one optional parameter must be entere d. All three optional keywor ds must be entered to reset all logging val u e s to defaults.
set logging application D-Series CLI Reference 12-7 Example This example shows how to display system logging information pertaining to the SNMP application.
clear logging application 12-8 Logging and Network Management Default s If level is not specified, none will be applied.
show logging local D-Series CLI Reference 12-9 Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset the logging severity lev el to 6 for SNMP .
clear logging local 12-10 Logging and Network Management Parameters Default s None. Mode Switch command, read ‐ write. Example This command shows how to enable loggin.
Monitoring Network Events and Status D-Series CLI Reference 12-11 Default s None. Mode Switch command, read ‐ only . Example This example shows a porti on of the information display ed with the show logging buffer command: D2(su)->show logging buffer <165>Sep 4 07:43:09 10.
show history 12-12 Logging and Network Management Mode Switch command, read ‐ only . Example This example shows how to display the contents of the command history buffer .
ping D-Series CLI Reference 12-13 Mode Switch command, read ‐ write. Example This example shows how to set the size of the command histor y bu.
disconnect 12-14 Logging and Network Management Mode Switch command, read ‐ only . Example This example shows how to use the show users command.
Managing Switch Network Addresses and Routes D-Series CLI Reference 12-15 Managing Switch Network Addresses and Routes Purpose To display or delete switch ARP table entries, and to display MAC address information.
set arp 12-16 Logging and Network Management Example This example shows how to display the ARP table: D2(su)->show arp LINK LEVEL ARP TABLE IP Address Phys Addres s Flags Interface ---------------------------- ------------------------- 10.
clear arp D-Series CLI Reference 12-17 clear arp Use this command to delete a specific entry or all entries from the switch’ s ARP tab le. Synt ax clear arp { ip-address | all } Parameters Default s None.
show mac 12-18 Logging and Network Management Default s If not specified, waittime will be set to 5 seconds. If not specified, first ‐ tt l will be set to 1 second. If not specified, max ‐ ttl will be set to 30 seconds.
show mac agetime D-Series CLI Reference 12-19 Mode Switch command, read ‐ only . Example This example shows how to display MAC addre ss information for ge .3.1: D2(su)->show mac port ge.3.1 MAC Address FID Port Type ----------------- ---- ----- -------- -------- 00-09-6B-0F-13-E6 15 ge.
set mac agetime 12-20 Logging and Network Management Mode Switch command, read ‐ only . Example This example shows how to display the MAC timeout period: .
set mac algorithm D-Series CLI Reference 12-21 Example This example shows how to reset the MAC timeout period to the default val u e of 300 seconds.
clear mac algorithm 12-22 Logging and Network Management Default s None. Mode Switch command, read ‐ only . Example This example shows the output of this command. D2(su)->show mac algorithm Mac hashing algorithm is mac -crc16-upperbits.
clear mac address D-Series CLI Reference 12-23 Default s If no port ‐ string is defined, the command will apply to all ports.
set mac unreserved-flood 12-24 Logging and Network Management Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example displays the status of multicast flood protection. D2(su)->show mac unreserved- flood mac unreserved flood is disa bled.
Configuring Simple Network Time Protocol (SNTP) D-Series CLI Reference 12-25 Configuring Simple Network T ime Protocol (SNTP) Purpose To configure the Simple Network Time Protocol (SNTP), which synchronizes device clocks in a network.
show sntp 12-26 Logging and Network Management Example This example shows how to display SNTP client settings: D2(su)->show sntp SNTP Version: 3 Current Time: TUE SE.
set sntp client D-Series CLI Reference 12-27 set sntp client Use this command to set the SNTP operation mode. Synt ax set sntp client { broadcast | unicast | disab le } Parameters Default s None. Mode Switch command, read ‐ write.
set sntp server 12-28 Logging and Network Management set sntp server Use this command to add a serv er from which the SNTP client will retrieve the current time when operating in unicast mode.
set sntp poll-interval D-Series CLI Reference 12-29 set sntp poll-interval Use this command to set the poll interval betw een SNTP unicast requests. Synt ax set sntp poll-interval interval Parameters Default s None.
clear sntp poll-retry 12-30 Logging and Network Management Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to set the .
clear sntp poll-timeout D-Series CLI Reference 12-31 Mode Switch command, read ‐ write. Example This example shows how to set the SNTP poll timeout to.
show nodealias config 12-32 Logging and Network Management show nodealias config Use this command to display node alias configuration settings on one or more ports.
clear nodealias config D-Series CLI Reference 12-33 Parameters Default s None. Mode Switch command, read ‐ write. Usage Upon packet reception, node al iases are dynam.
clear nodealias config 12-34 Logging and Network Management.
D-Series CLI Reference 13-1 13 RMON Configuration This chapter describe s the commands used to configure RMON on a D ‐ Series switch.
RMON Monitoring Group Functions 13-2 RMON Configuration History Records periodic st atistical samples from a network. Sample period, number of samples and item(s) sampled.
Statistics Group Commands D-Series CLI Reference 13-3 S t atistics Group Commands Purpose To display , configure, and clear RMON statistics. Commands show rmon st ats Use this command to display RMON statistics measured for one or more ports.
set rmon stats 13-4 RMON Configuration Example This example shows how to display RMON statistics for Gigabit Ethernet port 1 in switch 1. : D2(su)->show rmon stats ge.1 .1 Port: ge.1.1 ---------------------------- --------- Index = 1 Owner = monitor Data Source = ifIndex.
clear rmon stats D-Series CLI Reference 13-5 clear rmon st ats Use this command to delete one or more RMON statistics entries. Synt ax clear rmon stats { index-list | to-de faults } Parameters Default s None. Mode Switch command, read ‐ write.
set rmon history 13-6 RMON Configuration Parameters Default s If port ‐ string is not specif ied, information about all RMON history entries will be displayed. Mode Switch command, read ‐ only .
clear rmon history D-Series CLI Reference 13-7 Default s If buckets is not specif ied, the maximum number of entries maintained will be 50. If not specified, interval will be set to 30 seconds.
show rmon alarm 13-8 RMON Configuration Commands show rmon alarm Use this command to display RMON alarm entrie s. The RMON alarm group periodically .
set rmon alarm properties D-Series CLI Reference 13-9 set rmon alarm properties Use this command to configure an RMON alarm entr y , or to create a new alarm entry with an unused alarm index number .
set rmon alarm status 13-10 RMON Configuration Default s interval ‐ 3600 seconds type ‐ absolute startup ‐ rising rthresh ‐ 0 fthresh ‐ 0 revent ‐ 0 fevent ‐ 0 owner ‐ monitor Mode Switch command, read ‐ write.
clear rmon alarm D-Series CLI Reference 13-11 Parameters Default s None. Mode Switch command, read ‐ write. Usage An RMON alarm entry can be created us ing th.
Event Group Commands 13-12 RMON Configuration Event Group Commands Purpose To display and clear RMON ev ents, and to configure RMON ev ent properties. Commands show rmon event Use this command to display RMON event entry properties.
set rmon event properties D-Series CLI Reference 13-13 set rmon event properties Use this command to configure an RMON event entry , or to create a new eve nt entry with an unused event index number .
set rmon event status 13-14 RMON Configuration Example This example shows how to create and enable an RMON event entry called “STP topology .
Filter Group Commands D-Series CLI Reference 13-15 Default s None. Mode Switch command, read ‐ write. Example This example shows how to clear RMON event 1: D2(rw)->clear rmon event 1 Filter Group Commands The packet capture and filter function is di sabled by default.
show rmon channel 13-16 RMON Configuration show rmon channel Use this command to display RMON channel entries for one or more ports.
clear rmon channel D-Series CLI Reference 13-17 Default s If an action is not specified, packets will be accepted on filter matches. If not specified, control will be set to off .
set rmon filter 13-18 RMON Configuration Parameters Default s If no options are specified, information for all filter entries will be display ed.
clear rmon filter D-Series CLI Reference 13-19 Default s If owner is not spec ified, it will be set to monitor. If no other options are specifie d, none (0) will be applied.
Packet Capture Commands 13-20 RMON Configuration Packet Capture Commands Note that packet capture filter is sampling only and does not guarantee receipt of back ‐ to ‐ back packets.
set rmon capture D-Series CLI Reference 13-21 Example This example shows how to display RMON capture entries and as sociated buffer entries: D2(rw)->show rmon capture Buf.
clear rmon capture 13-22 RMON Configuration Default s If not specified, action defaults to lock . If not specified, offset defaults to 0 . If not specified, asksize defaults to ‐ 1 (which will request as many octets as possible).
D-Series CLI Reference 14-1 14 DHCP Server Configuration This chapter describe s the commands to configure the IPv4 DHCP serv er functionality on a D ‐ Series switch.
DHCP Overview 14-2 DHCP Server Configuration • Boot file •D H C P options as defined by RFC 2132 Configuring a DHCP Server For DHCP to function on D.
Configuring General DHCP Server Parameters D-Series CLI Reference 14-3 Configuring General DH CP Server Paramete rs Purpose To configure DHCP server parameters, and to display and clear address binding information, server statistics, and conflict information.
set dhcp bootp 14-4 DHCP Server Configuration Example This example enables DHCP server functionality . D2(rw)->set dhcp enable set dhcp bootp Use this command to enable or disable automatic address allocation for BOOTP clients.
show dhcp conflict D-Series CLI Reference 14-5 show dhcp conflict Use this command to display conflict information, for one address or al l addresses.
set dhcp exclude 14-6 DHCP Server Configuration Examples This example disables DHCP conflict logging. D2(rw)->clear dhcp conflict logging This example clears the conflict information for the IP address 192.
set dhcp ping D-Series CLI Reference 14-7 Default s None. Mode Switch command, read ‐ write. Example This example clears the previously excluded range of IP addres ses between 192.1 68.1.88 through 192.
show dhcp binding 14-8 DHCP Server Configuration Default s None. Mode Switch command, read ‐ write. Example This example resets the number of ping packets sent back to the default val u e .
show dhcp server statistics D-Series CLI Reference 14-9 Parameters Default s None. Mode Switch command, read ‐ write. Example This example deletes the DHCP address binding for IP address 192.168.1.1. D2(rw)->clear dhcp binding 1 92.
clear dhcp server st atistics 14-10 DHCP Server Configuration clear dhcp server st atistics Use this command to clear all DHCP server counters. Synt ax clear dhcp server statistics Parameters None. Default s None. Mode Switch command, read ‐ write.
Configuring IP Address Pools D-Series CLI Reference 14-11 Commands For information about... Refer to p age... set dhcp pool 14-12 clear dhcp pool 14-12 set dhcp pool ne twork 14-1 3 clear dhcp pool ne.
set dhcp pool 14-12 DHCP Server Configuration set dhcp pool Use this command to create and assign a name to a DHCP serv er pool of addres ses. Up to 16 address pools may be configured on a D ‐ Series.
set dhcp pool network D-Series CLI Reference 14-13 set dhcp pool network Use this command to configure the subnet number and mas k for an automatic DHCP address pool. Synt ax set dhcp pool poolname network numbe r { mask | prefix-length } Parameters Default s None.
set dhcp pool hardware -address 14-14 DHCP Server Configuration Default s None. Mode Switch command, read ‐ write. Example This example deletes the netw ork and mask from the address pool named “auto1.
set dhcp pool host D-Series CLI Reference 14-15 Parameters Default s None. Mode Switch command, read ‐ write. Example This example deletes the client hardw are address from the address pool named “manual1.
clear dhcp pool host 14-16 DHCP Server Configuration clear dhcp pool host Use this command to remove the host IP address from a manual binding address pool. Synt ax clear dhcp pool poolname host Parameters Default s None.
clear dhcp pool client-identifier D-Series CLI Reference 14-17 Example This example shows how to configure the minimum requirem ents for a manual bindin.
clear dhcp pool client-name 14-18 DHCP Server Configuration Mode Switch command, read ‐ write. Example This example configures the client name “appsvr1” to the manual binding pool “manual2.
clear dhcp pool bootfile D-Series CLI Reference 14-19 Mode Switch command, read ‐ write. Example This example sets the boot image filename for addres s pool named “auto1.” D2(rw)->set dhcp pool auto1 bootfile image1.
clear dhcp pool next-ser ver 14-20 DHCP Server Configuration Mode Switch command, read ‐ write. Example This example specifies the file serv er from which clients being served by addre ss pool “auto1” should download the boot image file “image1.
clear dhcp pool lease D-Series CLI Reference 14-21 Default s If no lease time is specified, a lease duration of 1 day is configured.
clear dhcp pool default-router 14-22 DHCP Server Configuration Synt ax set dhcp pool poolname default-route r address [ address2 ... address8 ] Parameters Default s None. Mode Switch command, read ‐ write. Example This example assigns a default router at 10.
clear dhcp pool dns-server D-Series CLI Reference 14-23 Synt ax set dhcp pool poolname dns-server ad dress [ address2 ... address8 ] Parameters Default s None. Mode Switch command, read ‐ write. Example This example assigns a DNS serve r at 10.
clear dhcp pool domain-name 14-24 DHCP Server Configuration Synt ax set dhcp pool poolname domain-name d omain Parameters Default s None. Mode Switch command, read ‐ write. Example This example assigns the “mycompany .com” doma in name to the address pool “auto1.
clear dhcp pool netbios-name-server D-Series CLI Reference 14-25 Synt ax set dhcp pool poolname netbios-name- server address [ address2 ... address8 ] Parameters Default s None. Mode Switch command, read ‐ write. Example This example assigns a NetBIOS name serv er at 10.
set dhcp pool netbio s-node-type 14-26 DHCP Server Configuration set dhcp pool netbios-node-type Use this command to specify a NetBIOS node (server) type for the DHCP clients serv ed by the address pool being configured.
set dhcp pool option D-Series CLI Reference 14-27 Example This example removes the NetBIOS node type from the address pool “auto1.
show dhcp pool configuration 14-28 DHCP Server Configuration Parameters Default s None. Mode Switch command, read ‐ write. Example This example removes option 19 from address pool “auto1.
show dhcp pool configuration D-Series CLI Reference 14-29 Example This example displays configuration information for all address pools. D2(rw)->show dhcp pool confi guration all Pool: Atg_Pool Pool Type Dynamic Network 192.
show dhcp pool configuration 14-30 DHCP Server Configuration.
D-Series CLI Reference 15-1 15 Security Configuration This chapter describe s the Security Configurat ion set of commands and how to use them.
Overview of Security Methods 15-2 Security Configuratio n ports. For details on using CLI command s to configure 802.1X, refer to “ Config uring 802.1X Authentication ” on page 15 ‐ 9.
Configuring RADIUS D-Series CLI Reference 15-3 •T o specify a management level ( management access authentication): Enterasys:ve rsion=1:mgmt= level where level indicates the management lev el, either ro , rw , or su .
show radius 15-4 Security Configuratio n Parameters Default s If no parameters are specified, all RA DIUS configuration information will be displayed .
set radius D-Series CLI Reference 15-5 set radius Use this command to enable, disable, or configure RADIUS authentication.
clear radius 15-6 Security Configuratio n Examples This example shows how to enable the RADIUS client for authentica ting with RADIUS ser ver 1 at IP address 192.
show radius accounting D-Series CLI Reference 15-7 Examples This example shows how to clear all settings on all RADIUS servers: D2(su)->clear radius serv.
set radius accounting 15-8 Security Configuratio n set radius accounting Use this command to configure RADIUS accounting. Synt ax set radius accounting {[ enable | dis able ] [ retries retries ] [ timeout timeout ] [ server ip_address port [ server-secr et ] Parameters Mode Switch command, read ‐ write.
clear radius accounting D-Series CLI Reference 15-9 clear radius accounting Use this command to clear RADIUS accounting configuration setting s. Synt ax clear radius accounting { server ip-a ddress | retries | timeout | counter } Parameters Mode Switch command, read ‐ write.
show dot1x 15-10 Security Configuration show dot1x Use this command to display 802.1X statu s, diagnostics, statistics, and reauthenti cation or initialization control informa tion for one or more ports.
show dot1x auth-config D-Series CLI Reference 15-11 Examples This example shows how to display 802.1X status: D2(su)->show dot1x DOT1X is disabled. This example shows how to display authentication diagnostics information for ge .
show dot1x auth-config 15-12 Security Configuration Parameters Default s If no parameters are specified, all 802.1X setti ngs will be display ed. If port ‐ string is not specif ied, information for all ports will be displayed.
set dot1x D-Series CLI Reference 15-13 This example shows how to display all 802.1X authentication configuration set tings for ge .
set dot1x auth-config 15-14 Security Configuration set dot1x auth-config Use this command to configure 802.1X authentica tion. Synt ax set dot1x auth-config {[ authcontroll ed-.
clear dot1x auth-config D-Series CLI Reference 15-15 Examples This example shows how to enable reauthenti cation control on ports ge .1.1 ‐ 3: D2(su)->set dot1x auth-confi g reauthenabled true ge.1.1-3 This example shows how to set the 802.
show eapol 15-16 Security Configuration This example shows how to reset the 802.1X quiet period to 60 seconds on ports ge .
set eapol D-Series CLI Reference 15-17 set eapol Use this command to enable or disable EAPOL port ‐ based user authentication with the RADIUS server and to set the authentication mode for one or more ports .
clear eapol 15-18 Security Configuration Parameters Default s None. Mode Switch command, read ‐ write. Examples This example shows how to enable EAPOL: D2(su)->set eapol enable This example shows how to enable EAPOL with forced authorized mode on port ge .
Configuring MAC Authentication D-Series CLI Reference 15-19 Mode Switch command, read ‐ write. Example This example shows how to clear the EAPOL au thentication mode for port ge .1.3: D2(su)->clear eapol auth-mod e ge.
show macauthentication 15-20 Security Configuration show macauthentication Use this command to display MAC authentication information for one or more ports.
show macauthentication session D-Series CLI Reference 15-21 show macauthentication session Use this command to display the active MAC authe nticated se ssions. Synt ax show macauthentication sessi on Parameters None.
set macauthentication 15-22 Security Configuration Example This example shows how to display MAC se ssion information: D2(su)->show macauthenticati on session Port MAC Address Duration Reauth Period Reauthenticati ons ----- ----------------- ---------- ------------- ----------------- ge.
set macauthentication password D-Series CLI Reference 15-23 set macauthentication p assword Use this command to set a MAC authentication password. Synt ax set macauthentication passwo rd password Parameters Default s None.
set macauthentication portinitialize 15-24 Security Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage Enabling port(s) for MAC authentication .
set macauthentication portquietperiod D-Series CLI Reference 15-25 set macauthentication portquietperiod This sets the number of seconds following a failed authentication before another attempt may be made on the port.
set macauthentication macinitialize 15-26 Security Configuration set macauthentication macinitialize Use this command to force a current MAC authentication session to re ‐ init ialize and remove the session.
set macauthentication portreauthenticate D-Series CLI Reference 15-27 set macauthentication portreauthenticate Use this command to force an immediate reauthentication of the currently active sessions on one or more MAC authenticati on ports.
set macauthentication reauthperiod 15-28 Security Configuration set macauthentication reauthperiod Use this command to set the MAC reauthentication period (in seconds).
set macauthentication significant-bits D-Series CLI Reference 15-29 Example This example shows how to globally clear the MAC reauthentication period: D2(su)->.
Configuring Multiple Authentication Methods 15-30 Security Configuration Parameters None. Default s None. Mode Switch command, read ‐ write. Example This example resets the MAC authentication significant bits to 48.
show multiauth D-Series CLI Reference 15-31 show multiauth Use this command to display multiple authenticati on system configuration. Synt ax show multiauth Parameters None. Default s None. Mode Switch command, read ‐ only .
clear multiauth mode 15-32 Security Configuration Parameters Default s None. Mode Switch command, read ‐ write. Usage Multiauth multi mode requires that MAC, PW A, and 802.
set multiauth precedence D-Series CLI Reference 15-33 set multiauth precedence Use this command to set the system’ s multi ple authentication administrative precedence. Synt ax set multiauth precedence {[ dot1x ] [ mac ] } Parameters Default s None.
show multiauth port 15-34 Security Configuration show multiauth port Use this command to display multiple authenticati on properties for one or more ports .
clear multiauth port D-Series CLI Reference 15-35 Default s None. Mode Switch command, read ‐ write. Examples This example shows how to set the port multipl e authentica tion mode to required on ge .
show multiauth station 15-36 Security Configuration show multiauth st ation Use this command to display multiple authenticati on station (end user) entries. Synt ax show multiauth station [ mac address ] [ port port-stri ng ] Parameters Mode Switch command, read ‐ only .
show multiauth idle-timeout D-Series CLI Reference 15-37 Default s If no options are specified, multiple au thentication session entries will be disp layed for all sessions, authentication types, MAC addresses, and ports.
set multiauth idle-timeout 15-38 Security Configuration set multiauth idle-timeout Use this command to set the maximum number of consecutive seconds an authenticated session may be idle before termination of the session.
show multiauth session-timeout D-Series CLI Reference 15-39 Parameters Default s If no authentica tion method is specified, the idle timeout va lu e is reset to its default va lu e of 0 for all authentica tion methods.
set multiauth session-timeout 15-40 Security Configuration set multiauth session-timeout Use this command to set the maximum number of seconds an authenticate d session may last before termination of the session.
Configuring VLAN Authorization (RFC 3580) D-Series CLI Reference 15-41 Parameters Default s If no authentica tion method is specified, the session timeout val u e is reset to its default va l ue of 0 for all authentication methods.
show policy maptable response 15-42 Security Configuration Commands show policy mapt able response Displays the current policy maptable response setting.
set vlanauthorization D-Series CLI Reference 15-43 Parameters Default s Set to policy . Mode Switch command, read ‐ write. Examples This example shows how to set .
set vlanauthorization egress 15-44 Security Configuration set vlanauthorization egress Controls the modification of the current VLAN egress list of 802.1x authenticated ports for the VLANs returned in the RADIUS authorization filter id string.
show vlanauthorization D-Series CLI Reference 15-45 Mode Switch command, read ‐ write. Example This example show how to clear VLAN authorization for all ports on slots 3, 4, and 5: D2(rw)->clear vlanauthorizat ion ge.
Configuring MAC Locking 15-46 Security Configuration Configuring MAC Locking This feature locks a MAC address to one or more ports, preventing connection of unauthorized devices through the port(s).
show maclock D-Series CLI Reference 15-47 show maclock Use this command to display the status of MAC locking on one or more port s.
show maclock stations 15-48 Security Configuration show maclock st ations Use this command to display MAC locking information about end stations connected to the switch.
set maclock enable D-Series CLI Reference 15-49 Example This example shows how to display MAC locking information for the end stations connected to all Gigabit Ethernet ports in unit/module 2: D2(su)->show maclock station s ge.
set maclock disable 15-50 Security Configuration Usage When enabled and configured, MAC locking defines which MAC addresses , as wel l as how many MAC addresses are permitted to use sp ecific port(s).
clear maclock D-Series CLI Reference 15-51 Default s None. Mode Switch command, read ‐ write. Usage Configuring a port for MAC locking requ ires globally enab.
set maclock s tatic 15-52 Security Configuration Usage The MAC address that is cleared will no longer be able to communicate on the port .
set maclock firstarriv al D-Series CLI Reference 15-53 Parameters Default s None. Mode Switch command, read ‐ write. Example This example shows how to reset the number of allow able static MACs on ge .
clear maclock firstarrival 15-54 Security Configuration Example This example shows how to restrict MAC locking to 6 MAC addresses on ge .
clear maclock agefirstarriva l D-Series CLI Reference 15-55 Mode Switch mode, read ‐ write. Example This example enables first arrival ag ing on port ge .
set maclock trap 15-56 Security Configuration Mode Switch command, read ‐ write. Usage If there are more first arriva l MACs than the allow ed maximum static MACs, then only the latest first arriv al MACs wil l be moved to static entries.
Configuring Port Web Authentication (PWA) D-Series CLI Reference 15-57 Configuring Port W eb Authentication (PW A) About PW A PW A provides a wa y of authenticating users b.
show pwa 15-58 Security Configuration show pwa Use this command to display port web authentication information for one or more ports.
set pwa D-Series CLI Reference 15-59 set pwa Use this command to enable or disable port web authentication. Synt ax set pwa { enable | disable } Parameters Default s None. Mode Switch command, read ‐ write.
show pwa banner 15-60 Security Configuration Example This example shows how to enable port web authentication: D2(su)->set pwa enable show pwa banner Use this command to display the port web a uthentication login banner string.
clear pwa banner D-Series CLI Reference 15-61 clear pwa banner Use this command to reset the PW A log in banner to a blank string. Synt ax clear pwa banner Parameters None. Default s None. Mode Switch command, read ‐ write.
set pwa ipaddress 15-62 Security Configuration set pwa ip address Use this command to set the PW A IP address. This is the IP addres s of the end stati on from which PW A will prevent network access until the user is authentica ted.
set pwa guestname D-Series CLI Reference 15-63 set pwa guestname Use this command to set a guest user name for PW A netw orking. PW A will use this name to grant network access to guests without established login names and passw ords.
set pwa guestpassword 15-64 Security Configuration set pwa guestp assword Use this command to set the guest user password for PW A networking. Synt ax set pwa guestpassword Parameters None. Default s None.
set pwa initialize D-Series CLI Reference 15-65 Usage PW A will use a guest passw ord and guest user name to grant network access with default policy privileges to users without established login names and passwords.
set pwa maxrequest 15-66 Security Configuration Default s If port ‐ string is not specif ied, quiet period will be set for all ports.
show pwa session D-Series CLI Reference 15-67 Default s If port ‐ string is not specif ied, PW A will enabled on all ports.
set pwa enhancedmode 15-68 Security Configuration set pwa enhancedmode This command enables PW A URL redirection. The switch intercepts all HTTP packets .
set ssh D-Series CLI Reference 15-69 Parameters None. Default s None. Mode Switch command, read ‐ only . Example This example shows how to display SSH status .
set ssh hostkey 15-70 Security Configuration Default s If reinitialize is not specified, the user must supply SSH authentication key va l u e s .
1 Index Numerics 802.1D 6-1 802.1p 9-15 , 10-1 802.1Q 7-1 802.1s 6-1 802.1w 6-1 802.1x 15-5 , 15-17 A Advertised Ability 4-14 Alias node 12-31 Authentication EAPOL 15-17 MAC 15-19 Port web 15-57 RADIU.
2 configuring 10-2 Port String syntax used in the CLI 4-1 Port Trunking 4-33 Port web authenti cation configuring 15-57 Port(s) alias 4-9 assignment scheme 4-1 auto-negotiation and adverti sed ability.
An important point after buying a device Enterasys Enterasys D2 D2G124-12P (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought Enterasys Enterasys D2 D2G124-12P yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data Enterasys Enterasys D2 D2G124-12P - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, Enterasys Enterasys D2 D2G124-12P you will learn all the available features of the product, as well as information on its operation. The information that you get Enterasys Enterasys D2 D2G124-12P will certainly help you make a decision on the purchase.
If you already are a holder of Enterasys Enterasys D2 D2G124-12P, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime Enterasys Enterasys D2 D2G124-12P.
However, one of the most important roles played by the user manual is to help in solving problems with Enterasys Enterasys D2 D2G124-12P. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device Enterasys Enterasys D2 D2G124-12P along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center
