Fortinet MR1 User Manual Page 1

FortiSwitch-100 Version 4.0 MR1 User Guide

10 5.8.2.3 username login ...207

100 all - All interfaces. no - This command disables IGMP Snooping on all interfaces. Default Setting Disabled Command Mode Global Config ip igmp

101 <sec> - Max time (Range: 1 – 3599). no - This command sets the IGMP Maximum Response time on the system to 10 seconds. Default Setting 10

102 ip igmp snooping mrouter This command configures a selected interface as a multicast router interface. When configured as a multicast router in

103 Command Mode Interface Config. ip igmp snooping vlan static This command is used to add a port to a multicast group. Syntax ip igmp snoopi

104 Default Setting None Command Mode Vlan Database set igmp groupmembership-interval This command sets the IGMP Group Membership Interval on a

105 Syntax set igmp maxresponse <1-3965> <1-3599> no set igmp maxresponse <1-3965> <1-3965> - VLAN ID (Range: 1 – 3965). n

106 Vlan Database set igmp fast-leave This command enables or disables IGMP Snooping fast-leave admin mode on a selected VLAN. Enabling fastleav

107 5.2.6 Port Channel 5.2.6.1 show port-channel This command displays the static capability of all port-channels (LAGs) on the device as well as a s

108 Display Message Log. Intf: The logical slot and the logical port. Port-Channel Name: The name of this port-channel (LAG). You may enter any strin

109 Command Usage 1. Max number of port-channels could be created by user are 6 and Max. Number of members for each port-channel are 8. 5.2.6.3 po

11 5.9.1.2 show cdp neighbors...226 5.9.

110 Default Setting Disabled Command Mode Interface Config 5.2.6.5 port-channel linktrap This command enables link trap notifications for the port-

111 port-channel name {<logical slot/port> | all} <name> <logical slot/port> - Port-Channel Interface number. all - all Port-Chann

112 Syntax lacp no lacp no - This command disables Link Aggregation Control Protocol (LACP) on a port. Default Setting Enabled Command Mode Interf

113 Note: Before adding a port to a port-channel, set the physical mode of the port. See ‘speed’ command. Syntax channel-group <logical slot/por

114 Syntax delete-channel-group <logical slot/port> all <logical slot/port> - Port-Channel Interface number. all - All members for spe

115 This command is used to display multicast storm control information. Syntax show storm-control multicast Default Setting None Command Mode Pr

116 5.2.7.2 storm-control broadcast This command enables broadcast storm recovery mode on the selected interface. If the mode is enabled, broadcast

117 Disabled Command Mode GlobaI Config 5.2.7.3 storm-control multicast This command enables multicast storm recovery mode on the selected interfac

118 5.2.7.4 storm-control unicast This command enables unicast storm recovery mode on the selected interface. Syntax storm-control unicast no stor

119 5.2.7.5 switchport broadcast packet-rate This command will protect your network from broadcast storms by setting a threshold level for broadcast

12 5.11.1.17 clear radius statistics ...243 5.

120 Level 4 Command Mode Global Config 5.2.7.6 switchport multicast packet-rate This command will protect your network from multicast storms by set

121 all - This command represents all interfaces. Note: pps (packet per second) Default Setting Level 4 Command Mode Global Config 5.2.7.7 switchp

122 switchport unicast all packet-rate {1 | 2 | 3 | 4} 1 - Threshold level represents 64 pps for 1G Port or 1042 pps for 10G port. 2 - Threshold lev

123 5.2.8.2 queue cos-map This command is used to assign class of service (CoS) value to the CoS priority queue. Syntax queue cos-map <priority&g

124 Default Setting None Command Mode Privileged Exec Display Message Session ID: indicates the session ID. Admin Mode: indicates whether the Port M

125 Syntax no port-monitor Default Setting None Command Mode Global Config 5.2.9.3 port-monitor session mode This command configures the admini

126 Syntax show ip interface Default Setting None Command Mode Privileged Exec Display Message IP Address: The IP address of the interface. The fac

127 5.3.1.3 show ip ipv6 This command displays the IPv6 forwarding status of all ports. Syntax show ip ipv6 Default Setting None Command Mode Pr

128 5.3.1.5 interface vlan This command is used to enter Interface-vlan configuration mode. Syntax interface vlan <vlanid> <vlanid>

129 Interface-Vlan Config Command Usage Once the IP address is set, the VLAN ID’s value will be assigned to management VLAN. 5.3.1.7 ip default-g

13 5.12.3.2 drop...

130 <dhcp> - Obtains IP address from DHCP. <none> - Obtains IP address by setting configuration. Default Setting None Command Mode Inter

131 Default Setting None Command Mode Global Config 5.3.1.10 ip ipv6 This command is used to enable the Ipv6 function on specific interface. Synta

132 Command Mode Global Config 5.3.2 Serial Interface Commands 5.3.2.1 show line console This command displays serial communication settings for th

133 Syntax line console Default Setting None Command Mode Global Config 5.3.2.3 baudrate This command specifies the communication rate of the t

134 <0-160> - max connect time (Range: 0 -160). no - This command sets the maximum connect time (in minutes) without console activity to 5. De

135 <0-65535> - silent time (Range: 0 - 65535) in seconds. no - This command sets the maximum value to the default. Default Setting 0 Command

136 Syntax show line vty Default Setting None Command Mode Privileged Exec Display Message Remote Connection Login Timeout (minutes): This object i

137 5.3.3.4 exec-timeout This command sets the remote connection session timeout value, in minutes. A session is active as long as the session has be

138 3 Command Mode Telnet Config 5.3.3.6 maxsessions This command specifies the maximum number of remote connection sessions that can be establishe

139 no - This command disables telnet sessions. If sessions are disabled, no new telnet sessions are established. Default Setting Enabled Command Mo

14 5.14.1 Show Commands...288

140 Syntax telnet maxsessions <0-5> no maxsessions <0-5> - max sessions (Range: 0 - 5). no - This command sets the maximum value to be

141 5.3.3.11 show telnet This command displays the current outbound telnet settings. Syntax show telnet Default Setting None Command Mode

142 Syntax show snmp Default Setting None Command Mode Privileged Exec Display Message SNMP Community Name: The community string to which this entr

143 Authentication Flag: May be enabled or disabled. The factory default is enabled. Indicates whether authentication failure traps will be sent. Lin

144 snmp-server location <loc> <loc> - range is from 1 to 31 alphanumeric characters. Default Setting None Command Mode Global Config

145 Syntax snmp-server community <name> no snmp-server community <name> <name> - community name (up to 16 case-sensitive characte

146 Command Mode Global Config This command sets a client IP mask for an SNMP community. The address is the associated community SNMP packet send

147 <ro> - access mode is read-only. <rw> - access mode is read/write. Default Setting None Command Mode Global Config 5.3.4.7 snm

148 Syntax snmp-server enable traps authentication no snmp-server enable traps authentication no - This command disables the Authentication trap.

149 Default Setting Enabled Command Mode Global Config This command enables Multiple User traps. When the traps are enabled, a Multiple User Tra

15 6.2.1.7 show ip route precedence ...311 6.2.1.8

150 Global Config This command enables PIM traps. Syntax snmp-server enable traps pim no snmp-server enable traps pim no - This command disabl

151 5.3.5 SNMP Trap Commands 5.3.5.1 show snmptrap This command displays SNMP trap receivers. Trap messages are sent across a network to an SNMP Netw

152 no snmp trap link-status no - This command disables link status traps by interface. Note: This command is valid only when the Link Up/Down Flag

153 5.3.5.3 snmptrap <name> <ipaddr> This command adds an SNMP trap name. The maximum length of the name is 16 case-sensitive alphanumeri

154 Default Setting None Command Mode Global Config 5.3.5.5 snmptrap mode This command activates or deactivates an SNMP trap. Enabled trap receiver

155 Default Setting None Command Mode Privileged Exec Display Message HTTP Mode (Unsecure): This field indicates whether the HTTP mode is enabled or

156 Syntax ip http port <1-65535> no ip http port <1-65535> - HTTP Port value. no - This command is used to reset the http port to the

157 5.3.6.5 ip http secure-port This command is used to set the SSLT port where port can be 1-65535 and the default is port 443. Syntax ip http sec

158 5.3.6.7 ip http secure-protocol This command is used to set protocol levels (versions). The protocol level can be set to TLS1, SSL3 or to both TL

159 Max SSH Sessions Allowed: The maximum number of inbound SSH sessions allowed on the switch. SSH Timeout: This field is the inactive timeout value

16 6.3.2.10 area nssa translator-role ...330 6.3.2

160 5.3.7.4 ip ssh maxsessions This command specifies the maximum number of SSH connection sessions that can be established. A value of 0 indicate

161 <1-160> - timeout interval in seconds. no - This command sets the SSH connection session timeout value, in minutes, to the default. Changin

162 no ip dhcp client-identifier <text> - A text string. (Range: 1-15 characters). <hex> - The hexadecimal value (00:00:00:00:00:00). no

163 Server IP Address - IP address of the BOOTP/DHCP server or the IP address of the next BOOTP/DHCP Relay Agent. Circuit Id Option Mode - This is

164 Syntax bootpdhcprelay serverip <ipaddr> no bootpdhcprelay serverip <ipaddr> - A server IP address. no - This command is used to re

165 None Command Mode Privileged Exec Display Message Bridge Priority: Configured value. Bridge Identifier: The MAC Address for the Bridge from which

166 Privileged Exec Display Message Port Mode: The administration mode of spanning tree. Port Up Time Since Counters Last Cleared: Time since the por

167 Syntax show spanning-tree mst detailed <0-4094> <0-4094> - multiple spanning tree instance ID. Default Setting None Command Mode P

168 For each MSTID: The multiple spanning tree instance ID. Associated FIDs: List of forwarding database identifiers associated with this instance.

169 Auto-calculate Port Path Cost: Indicate the port auto-calculate port path cost Auto-calculate External Port Path Cost - Displays whether the exte

17 6.5 Domain Name Server Relay Commands ... 350 6.5.1 Sh

170 STP Mode: Indicate STP mode. Type: Currently not used. STP State: The forwarding state of the port in the specified spanning tree instance. Port

171 Default Setting None Command Mode Privileged Exec Display Message Bridge Priority: Configured value. Bridge Identifier: The bridge ID of current

172 Syntax spanning-tree protocol-migration {<slot/port> | all} no spanning-tree protocol-migration {<slot/port> | all} <slot/port&

173 This command sets the Configuration Identifier Revision Level for use in identifying the configuration that this switch is currently using. Th

174 Command Mode Global Config 5.4.2.5 spanning-tree forward-time This command sets the Bridge Forward Delay parameter to a new value for the com

175 <1-10> - hellotime value (Range: 1 – 10). no - This command sets the Hello Time parameter for the common and internal spanning tree to the

176 Syntax spanning-tree max-hops <1-127> no spanning-tree max-hops <1-127> - the Maximum hops value (Range: 1-127). no - This command

177 This command sets the bridge priority for a specific multiple spanning tree instance. The instance <mstid> is a number that corresponds

178 spanning-tree mst vlan <0-4094> <1-3965> no spanning-tree mst vlan <0-4094> <1-3965> <0-4094> - multiple spanning

179 If the ‘cost’ token is specified, this command sets the path cost for this port within a multiple spanning tree instance or the common and inter

18 6.7.2 ip irdp ...

180 Interface Config 5.4.2.10 spanning-tree port mode This command sets the Administrative Switch Port State for this port to enabled. Syntax s

181 5.4.2.11 spanning-tree edgeport This command specifies that this port is an Edge Port within the common and internal spanning tree. This will al

182 Display Message Logging Client Local Port The port on the collector/relay to which syslog messages are sent CLI Command Logging The mode for CLI

183 Syntax show logging traplogs Default Setting None Command Mode Privileged Exec Display Message Number of Traps since last reset: The number o

184 5.5.4 Configuration Commands 5.5.4.1 logging buffered This command enables logging to in-memory log where up to 128 logs are kept. Syntax lo

185 5.5.4.2 logging console This command enables logging to the console. Syntax logging console [<severitylevel> | <0-7>] no logg

186 Default Setting None Command Mode Privileged Exec This command disables logging to hosts. Syntax logging host remove <hostindex> &

187 Privileged Exec 5.5.4.4 logging syslog This command enables syslog logging. Syntax logging syslog no logging syslog no - Disables sys

188 Command Mode Privileged Exec 5.5.4.5 clear logging buffered This command clears all in-memory log. Syntax clear logging buffered Defau

189 None Command Mode Privileged Exec 5.6.2 script delete This command deletes a specified script or all the scripts presented in the switch.

19 7.2.1 Show Commands...38

190 Default Setting None Command Mode Privileged Exec 5.6.4 script show This command displays the content of a script file. Syntax script sh

191 Syntax show users Default Setting None Command Mode Privileged Exec Display Message User Name: The name the user will use to login using the se

192 no username <username> <username> - is a new user name (Range: up to 8 characters). no - This command removes a user name created be

193 Global Config 5.7.2.3 username snmpv3 encryption This command specifies the encryption protocol and key to be used for the specified login user

194 Syntax show users authentication Default Setting None Command Mode Privileged Exec Display Message User: This field lists every user that has

195 5.8.1.3 show authentication users This command displays information about the users assigned to the specified authentication login list. If the l

196 5.8.1.5 show dot1x detail This command is used to show a summary of the global dot1x configuration and the detailed dot1x configuration for a spe

197 5.8.1.6 show dot1x statistics This command is used to show a summary of the global dot1x configuration and the dot1x statistics for a specified

198 5.8.1.7 show dot1x summary This command is used to show a summary of the global dot1x configuration and summary information of the dot1x configu

199 None Command Mode Privileged Exec Display Message User: Users configured locally to have access to the specified port. 5.8.1.9 show radius-serv

FortiSwitch-100 Userl Guide Version 4.0 MR1 Revision 2 November 23, 2009 © Copyright 2009 Fortinet, Inc. All rights reserved. No part of this publi

20 7.4.1.1 show ip pimdm...406 7

200 Command Mode Privileged Exec Display Message Current Server IP Address: Indicates the configured server currently in use for authentication Numbe

201 Requests: The number of RADIUS Accounting-Request packets sent to this accounting server. This number does not include retransmissions. Retransmi

202 Access Requests: The number of RADIUS Access-Request packets sent to this server. This number does not include retransmissions. Access Retransmis

203 Server 1 Retry: Retry count if TACACS server has no response Server 1 Mode: Current TACACS server admin mode (disable, master or slave) Server 2

204 Syntax show port-security { <slot/port> | all } Default Setting None Command Mode Privileged Exec Display Message Intf Interface Number.

205 None Command Mode Privileged Exec Display Message MAC address Statically locked MAC address. This command displays the source MAC address of th

206 The value of local indicates that the user’s locally stored ID and password are used for authentication. The value of radius indicates that the u

207 <listname> - an authentication login list. Default Setting None Command Mode Global Config 5.8.2.3 username login This command assigns

208 5.8.3 Dot1x Configuration Commands 5.8.3.1 dot1x initialize This command begins the initialization sequence on the specified port. This command i

209 5.8.3.3 dot1x login This command assigns the specified authentication login list to the specified user for 802.1x port security. The <user&g

21 8.2.1.4 Defining Forwarding Database...437 8.2.1.5 Vie

210 Global Config 5.8.3.5 dot1x user This command adds the specified user to the list of users with access to the specified port or all ports. The

211 dot1x port-control all {auto | force-authorized | force-unauthorized} no dot1x port-control all all - All interfaces. no - This command sets the

212 5.8.3.7 dot1x max-req This command sets the maximum number of times the authenticator state machine on this port will transmit an EAPOL EAP Reque

213 5.8.3.9 dot1x re-reauthenticate This command begins the re-authentication sequence on the specified port. This command is only valid if the cont

214 server-timeout: Sets the value, in seconds, of the timer used by the authenticator state machine on this port to timeout the authentication serv

215 no - This command is used to set the RADIUS accounting function to the default value - that is, the RADIUS accounting function is disabled. Defa

216 Default Setting None Command Mode Global Config 5.8.4.3 radius-sever key This command is used to configure the shared secret between the RADIU

217 no radius-server retransmit <retries> - the maximum number of times (Range: 1 - 15). no - This command sets the maximum number of times a

218 Syntax radius-server msgauth <ipaddr> <ipaddr> - is a IP address. Default Setting None Command Mode Global Config 5.8.4.7 radiu

219 5.8.5 TACACS Configuration Commands 5.8.5.1 tacacs This command is used to enable /disable the TACACS function. Syntax tacacs no tacacs no - T

22 8.2.5 QOS Menu ...

220 5.8.5.3 tacacs server-ip This command is used to configure the TACACS server IP address. Syntax tacacs server-ip <1-3> <ipaddr> no

221 Command Mode Global Config 5.8.5.5 tacacs key This command is used to configure the TACACS server shared secret key. Syntax tacacs key <1-

222 Default Setting 5 Command Mode Global Config 5.8.5.7 tacacs timeout This command is used to configure the TACACS request timeout of an instanc

223 port-security no port-security Default Setting None Command Mode Global Config, Interface Config 5.8.6.2 port-security max-dynamic This comma

224 Syntax port-security max-static [<0-20>] no port-security max-static no - This command resets the maximum number of statically locked

225 5.8.6.5 port-security mac-address move This command converts dynamically locked MAC addresses to statically locked addresses. Syntax port-s

226 show cdp Default Setting None Command Mode Privileged Exec Display Message CDP Admin Mode: CDP enable or disable CDP Holdtime (sec): The length

227 5.9.1.3 show cdp traffic This command displays the CDP traffic counters information. Syntax show cdp traffic Default Setting None Command Mode

228 5.9.2.2 cdp run This command is used to enable CDP on a specified interface. Syntax cdp run no cdp run no - This command is used to disabl

229 5.9.2.3 cdp timer This command is used to configure an interval time (seconds) of the sending CDP packet. Syntax cdp timer <5-254> no cdp

23 1 Introduction 1.1 Switch Description The Fortinet FortiSwitch-100 Ethernet Switch is a modular Gigabit Ethernet backbone switch designed for adap

230 5.10 SNTP (Simple Network Time Protocol) Commands 5.10.1 Show Commands 5.10.1.1 show sntp This command displays the current time and configuratio

231 Command Mode Privileged Exec Display Message Client Supported Modes Supported SNTP Modes (Broadcast, Unicast, or Multicast). SNTP Version The hig

232 5.10.2 Configuration Commands 5.10.2.1 sntp broadcast client poll-interval This command will set the poll interval for SNTP broadcast clients in

233 Default Setting None Command Mode Global Config 5.10.2.3 sntp client port This command will set the SNTP client port id and polling interval

234 no sntp unicast client poll-interval <6-10> - Polling interval. It's 2^(value) seconds where value is 6 to 10. no - This command will

235 Syntax sntp unicast client poll-retry <poll-retry> no sntp unicast client poll-retry < poll-retry> - Polling retry in seconds. The

236 Command Mode Global Config 5.10.2.8 sntp clock timezone This command sets the time zone for the switch’s internal clock. Syntax sntp clock

237 Syntax clear arp Default Setting None Command Mode Privileged Exec 5.11.1.2 clear traplog This command clears the trap log. Syntax clear tr

238 Command Mode Privileged Exec 5.11.1.4 clear logging buffered This command is used to clear the message log maintained by the switch. The messag

239 5.11.1.6 clear pass This command resets all user passwords to the factory defaults without powering off the switch. You are prompted to confirm t

24 • TraceRoute support • Traffic Segmentation • TFTP upgrade • SysLog support • Simple Network Time Protocol • Web GUI Traffic Monitoring • SSH S

240 Syntax clear dns counter Default Setting None Command Mode Privileged Exec 5.11.1.9 clear dns cache This command clears all entries from

241 Default Setting None Command Mode Privileged Exec 5.11.1.11 clear vlan This command resets VLAN configuration parameters to the factory defaul

242 5.11.1.13 clear igmp snooping This command clears the tables managed by the IGMP Snooping function and will attempt to delete these entries from

243 clear ip filter Default Setting None Command Mode Privileged Exec 5.11.1.16 clear dot1x statistics This command resets the 802.1x statistics f

244 None Command Mode Privileged Exec 5.11.1.18 clear tacacs This command is used to clear TACACS configuration. Syntax clear tacacs Default Set

245 copy startup-config <sourcefilename> <url> copy {errorlog | log | traplog} <url> copy script <sourcefilename> <url>

246 sslpem-root - Secure Root PEM file. sslpem-server - Secure Server PEM file. sslpem-dhweak - Secure DH Weak PEM file. sslpem-dhstrong - Secure DH

247 no clibanner <url> - xmodem or tftp://ipaddr/path/file. no - Delete CLI banner. Default Setting None Command Mode Privileged Exec 5.11.3

248 <filename> - name of the configuration or image file. boot-rom - bootrom. config - configuration file. opcode - run time operation code.

249 5.11.6 boot-system This command is used to specify the file or image used to start up the system. Syntax boot-system {boot-rom | config | opcod

25 1.3 Front-Panel Components The front panel of the switch consists of 48 1-Giga interfaces, 4 LED indicators, an RS-232 communication port, and t

250 Privileged Exec Ping on changing parameter value Syntax ping <host> count <0-20000000> [size <32-512>] ping <host> siz

251 <1-255> - The maximum time to live used in outgoing probe packets. Default Setting None Command Mode Privileged Exec 5.11.9 logging cli

252 <2000-2099> - Year (4-digit). (Range: 2000 - 2099). Default Setting None Command Mode Privileged Exec 5.11.11 reload This command resets

253 5.11.13 disconnect This command is used to close a telnet session. Syntax disconnect {<0-10> | all} <0-11> - telnet session ID

254 5.11.15 quit This command is used to exit a CLI session. Syntax quit Default Setting None Command Mode Privileged Exec 5.12 Differentiated

255 Note that the type of class - all, any, or acl - has a bearing on the validity of match criteria specified when defining the class. A class type

256 Syntax Diffserv Command Mode Global Config 5.12.1.2 no diffserv This command sets the DiffServ operational mode to inactive. While disabled,

257 5.12.2.1 class-map This command defines a new DiffServ class of type match-all, match-any or match-access-group. Syntax class-map [ match-all

258 <class-map-name> is the name of an existing DiffServ class. Note: The class name 'default' is reserved and is not allowed here.

259 Command Mode Class-Map Config 5.12.2.5 match class-map This command adds to the specified class definition the set of match conditions defin

26 1.6 Management Options The system may be managed out-of-band through the console port on the front panel or in-band using Telnet, a Web Browser, o

260 no match class-map <refclassname> <refclassname> is the name of an existing DiffServ class whose match conditions are being referenc

261 echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, www. Each of these translates into its equivalent port number, which is used as both the star

262 5.12.2.10 match ip precedence This command adds to the specified class definition a match condition based on the value of the IP Precedence fiel

263 Note: In essence, this the “free form” version of the IP DSCP/Precedence/TOS match specification in that the user has complete control of specif

264 <ipaddr> specifies an IP address. <ipmask> specifies an IP address bit mask; note that although it resembles a standard subne

265 5.12.3 Policy Commands The 'policy' command set is used in DiffServ to define: Traffic Conditioning Specify traffic conditioning ac

266 5.12.3.2 drop This command specifies that all packets for the associated traffic stream are to be dropped at ingress. Syntax drop Comma

267 5.12.3.4 conform-color This command is used to enable color-aware traffic policing and define the conform-color class maps used. Used in conjunc

268 Policy-Class-Map Config Policy Type In 5.12.3.6 class This command creates an instance of a class definition within the specified policy fo

269 mark ip-dscp <value> <value> is specified as either an integer from 0 to 63, or symbolically through one of the following keywords

27 • RFC 1850 (OSPF-MIB) • RFC 1850 (OSPF-TRAP-MIB) • RFC 2787 (VRRP-MIB) • RFC 3289 - DIFFSERV-DSCP-TC • RFC 3289 - DIFFSERV-MIB • QOS-DIFFSERV-EX

270 from 0-7. <set-dscp-transmit> is required and is specified as either an integer from 0 to 63, or symbolically through one of the following

271 policy-map rename <policyname> <newpolicyname> <policyname> - Old Policy name. <newpolicyname> - New policy name.

272 Note: This command effectively enables DiffServ on an interface (in a particular direction). There is no separate interface administrative &apos

273 • Classes • Policies • Services This information can be displayed in either summary or detailed formats. The status information is only shown w

274 Precedence, IP TOS, Protocol Keyword, Reference Class, Source IP Address, Source Layer 4 Port, Source MAC Address, and VLAN. Values This field

275 Class Rule Table Size Current/Max The current or maximum number of entries (rows) in the Class Rule Table. Policy Table Size Current/Max The curr

276 Mark IP Precedence Denotes the mark/re-mark value used as the IP Precedence for traffic matching this class. This is not displayed if either mark

277 Syntax show diffserv service <slot/port> in <slot/port> specifies a valid slot number and port number for the system. The direc

278 DiffServ Admin Mode The current setting of the DiffServ administrative mode. An attached policy is only active on an interface while DiffServ is

279 The following information is repeated for each class instance within this policy: Class Name The name of this class instance. In Offered Octet

28 2 Installation and Quick Startup 2.1 Package Contents Before you begin installing the switch, confirm that your package contains the following ite

280 Privileged EXEC Display Message The following information is repeated for each interface and direction (only those interfaces configured with

281 5.13 ACL Command 5.13.1 Show Commands 5.13.1.1 show mac access-lists This command displays a MAC access list and all of the rules that are defin

282 5.13.1.2 show mac access-lists This command displays a summary of all defined MAC access lists in the system. Syntax show mac access-list

283 Default Setting None Command Mode Privileged EXEC Display Message Current number of ACLs The number of user-configured rules defined for this

284 ACL Type This displays ACL type is IP or MAC. ACL ID This displays the ACL ID. Sequence Number This indicates the order of this access list rel

285 Syntax mac access-list extended rename <name> <newname> <name> - Old name which uniquely identifies the MAC access list.

286 Default Setting None Command Mode Mac Access-list Config 5.13.2.4 mac access-group in This command attaches a specific MAC Access Control L

287 5.13.2.5 access-list This command creates an Access Control List (ACL) that is identified by the parameter. Syntax access-list {( <1-99>

288 no access-list {<1-99> | <100-199>} Note: The ACL number is an integer from 1 to 199. The range 1 to 99 is for the normal ACL List a

289 support independent per-port class of service mappings. If specified, the 802.1p mapping table of the interface is displayed. If omitted, the mos

29 2.2.2 Installing the Switch in a Rack You can install the switch in most standard 19-inch (48.3-cm) racks. Refer to the illustrations below. 1. Us

290 Command Mode Privileged EXEC, User EXEC Display Message The following information is repeated for each user priority. IP Precedence The IP Pre

291 5.14.1.4 show queue cos-queue This command displays the class-of-service queue configuration for the specified interface. The slot/port paramete

292 5.14.2 Configuration Commands 5.14.2.1 queue cos-map This command maps an 802.1p priority to an internal traffic class on a "per-port"

293 5.14.2.2 queue ip-precedence-mapping This command maps an IP precedence value to an internal traffic class on a "per-port" basis.

294 None Command Mode Global Config. 5.14.2.3 queue trust This command sets the class of service trust mode of an interface. The mode can be

295 no - This command sets the class of service trust mode to untrusted for all interfaces. Default Setting None Command Mode Global Config.

296 Syntax queue cos-queue min-bandwidth all <bw-0> <bw-1> … <bw-6> no queue cos-queue min-bandwidth all <bw-0> <bw-1

297 Command Mode Interface Config. This command activates the strict priority scheduler mode for each specified queue on a device. Syntax qu

298 <bw> - Valid range is (0 to 100) in increments 5. no - This command restores the default shaping rate value. Default Setting None Co

299 6 Routing Commands VLAN Routing You can configure the FortiSwitch-100 software with some ports supporting VLANs and some supporting routing. You

3 Table of Contents 1 INTRODUCTION...

30 2.3 Quick Starting the Switch 1. Read the device Installation Guide for the connectivity procedure. In-band connectivity allows access to the For

300 Figure 1. VLAN Routing Example Network Diagram Step 1: Create Two VLANs The following code sequence shows an example of creating two VLANs , and

301 Step 2: Set Up VLAN Routing for the VLANs and the Switch. The following code sequence shows how to enable routing for the VLANs: config vlan data

302 6.1 Address Resolution Protocol (ARP) Commands 6.1.1 Show Commands 6.1.1.1 show ip arp This command displays the Address Resolution Protocol (

303 show ip arp brief Default Setting None Command Mode Privileged Exec Display Message Age Time: Is the time it takes for an ARP entry to age out.

304 6.1.2 Configuration Commands 6.1.2.1 arp This command creates an ARP entry. The value for <ipaddress> is the IP address of a device on a s

305 6.1.2.3 arp cachesize This command configures the maximum number of entries in the ARP cache. Syntax arp cachesize <256-1920> no arp ca

306 <ipaddr> - The IP address to be removed from the ARP table. Default Setting None Command Mode Privileged Exec 6.1.2.6 arp resptime Thi

307 6.1.2.8 arp timeout This command configures the ARP entry ageout time. Syntax arp timeout <15-21600> no arp timeout <15-21600>

308 show ip brief Default Setting None Command Mode Privileged Exec, User Exec Display Message Default Time to Live: The computed TTL (Time to Liv

309 Link Speed Data Rate: Is an integer representing the physical link data rate of the specified interface. This is measured in Megabits per second

31 show Interface status { <slot/port> | all } Displays the Ports slot/port Type - Indicates if the port is a special type of port Admin Mode -

310 Command Mode Privileged Exec Display Message Total Number of Routes: The total number of routes. for each next hop Network Address: Is an I

311 Syntax show ip route entry <networkaddress> <networkaddress> - Is a valid network address identifying the network on the spec

312 Static: This field displays the static route preference value. OSPF Intra: This field displays the OSPF intra route preference value. OSPF Inte

313 6.2.2.2 ip routing This command enables the IP Router Admin Mode for the master switch. Syntax ip routing no ip routing no - Disable t

314 Syntax ip route <networkaddr> <subnetmask> [ <nexthopip> [<1-255 >] ] no ip route <networkaddr> <subnetmask>

315 the default precedence does not update the precedence of existing static routes, even if they were assigned the original default precedence. The

316 no ip directed-broadcast no - Drop network directed broadcast packets. Default Setting Enabled Command Mode Interface Config 6.2.2.9 ip

317 The default value is ethernet. Command Mode Interface Config Restrictions Routed frames are always Ethernet encapsulated when a frame is rout

318 External LSA Checksum A number which represents the sum of the LS checksums of external link-state advertisements contained in the link-state dat

319 Syntax show ip ospf database Default Setting None Command Mode Privileged Exec, User Exec Display Messages Router ID Is a 32 bit dotted d

32 confirmed password match a message will be displayed. The user password should not be more than eight characters in length. copy running-config s

320 Router Priority A number representing the OSPF Priority for the specified interface. This is a configured value. Retransmit Interval A number rep

321 6.3.1.6 show ip ospf interface stats This command displays the statistics for a specific interface. Syntax show ip ospf interface stats &l

322 <ipaddr> - IP address of the neighbor. <slot/port> - Interface number. Default Setting None Command Mode Privileged Exec

323 Syntax show ip ospf neighbor brief {<slot/port> | all} Default Setting None Command Mode Privileged Exec, User Exec Display Messages

324 Command Mode Privileged Exec, User Exec Display Messages Area ID The area id of the requested OSPF area. IP Address An IP Address which repre

325 Syntax show ip ospf virtual-link <areaid> <neighbor> <areaid> - Area ID. <neighbor> - Neighbor's router ID.

326 Neighbor Is the neighbor interface of the OSPF virtual interface. Hello Interval Is the configured hello interval for the OSPF virtual interface.

327 None Command Mode Router OSPF Config 6.3.2.3 ip ospf This command enables OSPF on a router interface. Syntax ip ospf no ip ospf <

328 Router OSPF Config 6.3.2.5 area default-cost This command configures the monetary default cost for the stub area. Syntax area <areaid

329 6.3.2.7 area nssa default-info-originate This command configures the metric value and type for the default route advertised into the NSSA. Sy

33 show ip interface Displays the Network Configurations IP Address - IP Address of the interface Default IP is 0.0.0.0 Subnet Mask - IP Subnet Mask

330 6.3.2.9 area nssa no-summary This command configures the NSSA so that summary LSAs are not advertised into the NSSA Syntax area <areaid>

331 6.3.2.11 area nssa translator-stab-intv This command configures the translator stability interval of the NSSA. The <stabilityinterval>

332 Router OSPF Config 6.3.2.13 area stub This command creates a stub area for the specified area ID. A stub area is characterized by the fact

333 Disabled Command Mode Router OSPF Config 6.3.2.15 area virtual-link authentication This command configures the authentication type and key

334 Syntax area <areaid> virtual-link <neighborid> dead-interval <1-65535> no area <areaid> virtual-link <neighborid>

335 6.3.2.18 area virtual-link retransmit-interval This command configures the retransmit interval for the OSPF virtual interface on the interface

336 The default value of hello interval is 1 second. Command Mode Router OSPF Config 6.3.2.20 default-information originate This command is u

337 <1-16777215> - The range of default metric is 1 to 16777215. <no> - This command configures the default advertisement of default ro

338 Syntax distribute-list <1-199> out {rip | static | connected} no distribute-list <1-199> out {rip | static | connected} <1

339 6.3.2.25 external-lsdb-limit This command configures the external LSDB limit for OSPF. If the value is -1, then there is no limit. When the

34 2.4.6 Quick Start up Downloading from Out-of-Band PC to Switch (Only XMODEM) Table 2-6 Quick Start up Downloading from Out-of-Band PC to Switch C

340 Default Setting None Command Mode Interface Config 6.3.2.27 ip ospf authentication This command sets the OSPF Authentication Type and K

341 Syntax ip ospf cost <1-65535> no ip ospf cost < 1-65535 > - The range of the cost is 1 to 65535. <no> - This command confi

342 6.3.2.30 ip ospf hello -interval This command sets the OSPF hello interval for the specified interface. Syntax ip ospf hello-interval &l

343 Interface Config 6.3.2.32 ip ospf retransmit-interval This command sets the OSPF retransmit Interval for the specified interface. The retrans

344 < 1-3600 > - The range of transmit delay is 1 to 3600. <no> - This command sets the default OSPF Transit Delay for the specified in

345 6.3.2.35 router-id This command sets a 4-digit dotted-decimal number uniquely identifying the router ospf id. Syntax router-id <ipaddress

346 6.3.2.37 maximum-paths This command sets the number of paths that OSPF can report for a given destination where <maxpaths> is platform d

347 Maximum Hop Count: Is the maximum allowable relay agent hops. Minimum Wait Time (Seconds) Is the minimum wait time. Admin Mode Represents w

348 6.4.4 bootpdhcprelay maxhopcount This command configures the maximum allowable relay agent hops for BootP/DHCP Relay on the system. Syntax

349 6.4.6 bootpdhcprelay serverip This command configures the server IP Address for BootP/DHCP Relay on the system. Syntax bootpdhcprelay ser

35 copy running-config startup-config [filename] Enter yes when the prompt pops up that asks if you want to save the configurations made to the sw

350 <text> - A text string which length is 1 to 15. <hex> - A hex string which format is XX:XX:XX:XX:XX:XX (X is 0-9, A-F). Defaul

351 show dns Default Setting None Command Mode Privileged Exec Display Message Domain Lookup Status: Enable or disable the IP Domain Naming Syste

352 6.5.2 Configuration Commands 6.5.2.1 ip hosts This command creates a static entry in the DNS table that maps a host name to an IP address. S

353 Command Mode Privileged Exec 6.5.2.3 ip domain-name This command defines the default domain name to be appended to incomplete host names (i.e

354 Default Setting None Command Mode Privileged Exec 6.5.2.5 ip name-server This command specifies the address of one or more domain name server

355 <no> - This command disables the IP Domain Naming System (DNS)-based host name-to-address translation. Default Setting None Command Mode

356 Default Setting None Command Mode Privileged Exec 6.5.2.9 clear dns cache This command clears all entries in the DNS cache table. Syntax c

357 6.6 Routing Information Protocol (RIP) Commands 6.6.1 Show Commands 6.6.1.1 show ip rip This command displays information relevant to the RIP r

358 6.6.1.2 show ip rip interface This command displays information related to a particular RIP interface. Syntax show ip rip interface <slot/po

359 Syntax show ip rip interface brief Default Setting None Command Mode Privileged Exec Display Message Interfacet: Valid slot and port number sep

36 ---------- -------------------------------- -------------- ------- ----------- Total: 5 files. Note whether there is one file with the file ty

360 6.6.2.2 ip rip This command enables RIP on a router interface. Syntax Ip rip no ip rip no - This command disables RIP on a router interfac

361 6.6.2.4 default-information originate This command is used to set the advertisement of default routes. Syntax default-information originate no

362 6.6.2.6 distance rip This command sets the route preference value of RIP in the router. Lower route preference values are preferred when determin

363 6.6.2.8 split-horizon This command sets the RIP split horizon mode. None mode will not use RIP split horizon mode. Simple mode will be that a rou

364 0 Command Mode Router RIP Config 6.6.2.10 redistribute This command configures RIP protocol to redistribute routes from the specified source pr

365 The value for authentication key [key] must be 16 bytes or less. The [key] is composed of standard displayable, non-control keystrokes from a St

366 Default Setting Both Command Mode Interface Config 6.6.2.13 ip rip send version This command configures the interface to allow RIP control pa

367 show ip irdp {slot/port | all} <slot/port> - Show router discovery information for the specified interface. <all> - Show router

368 6.7.3 ip irdp broadcast This command configures the address to be used to advertise the router for the interface. Syntax ip irdp broadcas

369 6.7.5 ip irdp maxadvertinterval This commands configures the maximum time, in seconds, allowed between sending router advertisements from the

37 Note: When configuring a static IP address, you must also configure a default gateway. Use the following commands, substituting the appropriate

370 6.7.7 ip irdp preference This command configures the preferability of the address as a default router address, relative to other router address

371 Logical Interface Indicates the logical slot/port associated with the VLAN routing interface. IP Address Displays the IP Address associated with

372 None Command Mode Privileged Exec, User Exec Display Message Admin Mode Displays the administrative mode for VRRP functionality on the switch.

373 <vrid> - Virtual router ID. Default Setting None Command Mode Privileged Exec, User Exec Display Message VRID Represents the router ID

374 Authentication Failure Represents the total number of VRRP packets received that don't pass the authentication check. IP TTL errors Represen

375 ip vrrp <1-255> no ip vrrp <1-255> <1-255> - The range of virtual router ID is 1 to 255. <no> - This command removes

376 Syntax ip vrrp <1-255> mode no ip vrrp <1-255> mode <1-255> - The range of virtual router ID is 1 to 255. <no> - Disab

377 Syntax ip vrrp <1-255> preempt no ip vrrp <1-255> preempt <1-255> - The range of virtual router ID is 1 to 255. <n

378 Syntax ip vrrp <1-255> timers advertise <1-255> ip vrrp <1-255> timers advertise <1-255> - The range of virtua

379

38 ---------- -------------------------------- -------------- ------- ----------- 2007/05/14 b4b-b-0.2.0514.biz Boot-Rom image

380 7 IP Multicast Commands 7.1 Distance Vector Multicast Routing Protocol (DVMRP) Commands This section provides a detailed explanation of the DVM

381 7.1.1.2 show ip dvmrp interface This command displays the interface information for DVMRP on the specified interface. Syntax show ip dvmrp int

382 Nbr IP Addr This field indicates the IP Address of the DVMRP neighbor for which this entry contains information. State This field displays the st

383 Default Setting None Command Mode Privileged Exec User EXEC Display Message Group IP This field identifies the multicast Address that is pruned.

384 7.1.2 Configuration Commands 7.1.2.1 ip dvmrp This command sets administrative mode of DVMRP in the router to active. IGMP must be enabled before

385 7.2 Internet Group Management Protocol (IGMP) Commands This section provides a detailed explanation of the IGMP commands. The commands are divide

386 show ip igmp groups <slot/ports> [detail] <slot/port> - Valid slot and port number separated by a forward slash. [detail] - Display

387 Privileged Exec User EXEC Display Message Slot/Port Valid slot and port number separated by a forward slash. IGMP Admin Mode This field displays

388 IInterface Valid slot and port number separated by a forward slash. Interface IP This displays the IP address of the interface participating in t

389 Wrong Version Queries This field indicates the number of queries received whose IGMP version does not match the IGMP version of the interface. Nu

39 • If there is no response from the TFTP server, verify the IP settings by typing show ip interface to ensure that the IP address and default gate

390 Default Setting 3 Command Mode Interface Config 7.2.2.3 ip igmp last-member-query-count This command sets the number of Group-Specific Qu

391 no - This command resets the Maximum Response Time being inserted into Group-Specific Queries sent in response to Leave Group messages on the int

392 no - This command resets the maximum response time interval for the specified interface, which is the maximum query response time advertised in I

393 no - This command resets the number of Queries sent out on startup, separated by the Startup Query Interval on the interface to the default value

394 Syntax show ip mcast Default Setting None Command Mode Privileged Exec Display Message Admin Mode: This field displays the administrative statu

395 Interface: Valid slot and port number separated by a forward slash. Group IP: The group IP address. Mask: The group IP mask. 7.3.1.3 show ip m

396 None Command Mode Privileged Exec Display Message If the “detail” parameter is specified, the following fields are displayed: Source IP: This fie

397 RPF Neighbor: This field displays the IP address of the RPF neighbor. Flags: This field displays the flags associated with this entry. If the su

398 This command displays all the static routes configured in the static mcast table if is specified or displays the static route associated with

399 Command Mode Privileged Exec Display Message Router Interface: The IP address of this neighbor. Neighbor: The neighbor associated with the router

4 3.2 How to log in ...

40 Figure 3-1: Console Setting Environment 2.6 Set Up your Switch Using Telnet Access Once you have set an IP address for your switch, you can us

400 show mtrace Default Setting None Command Mode Privileged Exec Display Message Hops Away From Destination: The ordering of intermediate routers b

401 Disbale Command Mode Global Config 7.3.2.2 ip multicast staticroute This command creates a static route which is used to perform RPF checking i

402 The source parameter is used to clear the routes in the mroute table entries containing the specified <sourceipaddr> or <sourceipaddr&g

403 no - This command deletes an administrative scope multicast boundary specified by <groupipaddr> and <mask> for which this multicast a

404 Syntax mrinfo [<ipaddr>] <ipaddr> - the IP address of the multicast capable router. Default Setting None Command Mode Privileged

405 7.3.2.8 mtrace This command is used to find the multicast path from a source to a receiver (unicast router ID of the host running mtrace). A trac

406 no disable ip multicast mdebug mtrace no - This command is used to enable the processing capability of mtrace query on this router. If the mode

407 7.4.1.2 show ip pimdm interface This command displays the interface information for PIM-DM on the specified interface. Syntax show ip pimdm in

408 Privileged Exec Display Message Interface: Valid slot and port number separated by a forward slash. IP Address: This field indicates the IP Addre

409 Syntax ip pimdm no ip pimdm no - This command disables the administrative mode of PIM-DM in the router. IGMP must be enabled before PIM-DM can

41 3 Web-Based Management Interface 3.1 Overview The Fortinet FortiSwitch-100 Managed Switch provides a built-in browser interface that lets yo

410 Syntax ip pimdm query-interval <10 - 3600> no ip pimdm query-interval <10 - 3600> - This is time interval in seconds. no - This com

411 Data Threshold Rate (Kbps): This field shows the data threshold rate for the PIM-SM router. This is a configured value. Register Threshold Rate (

412 < slot/port > - Interface number. Default Setting None Command Mode Privileged Exec Display Message Slot/Port: Valid slot and port number

413 Subnet Mask: This field indicates the Subnet Mask of this PIM-SM interface. Designated Router: This indicates the IP Address of the Designated Ro

414 < group-mask > - the multicast group address mask. candidate - this command display PIM-SM candidate-RP table information. all - this comma

415 Group Mask: This field displays the group mask for the group address. 7.5.1.8 show ip pimsm staticrp This command displays the static RP inform

416 Disbaled Command Mode Global Config 7.5.2.2 ip pimsm message-interval This command is used to configure the global join/prune interval for PIM-

417 no - This command is used to reset the Threshold rate for the RP router to switch to the shortest path to the default value. Default Setting 50

418 ip pimsm staticrp <rp-address> <group-address> <group-mask> no ip pimsm staticrp <rp-address> <group-address> <g

419 7.5.2.7 ip pimsm query-interval This command configures the transmission frequency of hello messages in seconds between PIM enabled neighbors. Th

42 4. Type the default user name of admin and default of no password, or whatever password you have set up. Once you have entered your access point

420 7.5.2.9 ip pimsm cbsrhashmasklength This command is used to configure the CBSR hash mask length to be advertised in bootstrap messages for a par

421 <-1 - 255> - The preference value for the local interface. no - This command is used to reset the Candidate Rendezvous Point (CRP) for a pa

422

423 8 Web-Based Management Interface 8.1 Overview Your Layer 3 Network Switch provides a built-in browser software interface that lets you configure

424 8.2 Main Menu 8.2.1 System Menu 8.2.1.1 View ARP Cache The Address Resolution Protocol (ARP) dynamically maps physical (MAC) addresses to Intern

425 8.2.1.2 Viewing Inventory Information Use this panel to display the switch's Vital Product Data, stored in non-volatile memory at the facto

426 Additional Packages - A list of the optional software packages installed on the switch, if any. Command Buttons Refresh - Updates the informati

427 System Description - The product name of this switch. System Object ID - The base object ID for the switch's enterprise MIB. System IP A

428

429 Configuring Network Connectivity Page The network interface is the logical interface used for in-band connectivity with the switch via any of the

43 • Routing • Security • QoS • IP Multicast Figure 4-4: Main Menus Secondary Menus The Secondary Menus under the Main Menu contain

430 Configuring Telnet Session Page Configurable Data Telnet Session Timeout (minutes) - Specify how many minutes of inactivity should occur on a

431 Configuring Outbound Telnet Client Configuration Page Configurable Data Admin Mode - Specifies if the Outbound Telnet service is Enabled or

432 Baud Rate (bps) - Select the default baud rate for the serial port connection from the pull-down menu. You may choose from 1200, 2400, 4800, 9600

433 User Name Selector - You can use this screen to reconfigure an existing account, or to create a new one. Use this pulldown menu to select one of

434 Defining Authentication List Configuration Page You use this screen to configure login lists. A login list specifies the authentication method

435 select a method that does not time out as the second method, the third method will not be tried. Note that this parameter will not appear when yo

436 Viewing Authentication List Summary Page Non-Configurable Data Authentication List - Identifies the authentication login list summarized in this

437 the user's access to the switch from all CLI, web, and telnet sessions will be blocked until the authentication is complete. Refer to the di

438 Viewing Forwarding Database Page Use this panel to display information about entries in the forwarding database. These entries are used by the

439 8.2.1.5 Viewing Logs Viewing Buffered Log Configuration Page This log stores messages in memory based upon the settings for message component

44 • Spanning Tree — see “Spanning Tree Commands” • Class of Service — see “L2 Priority Commands” • Port Security — see “Port Security Configuratio

440 Viewing Buffered Log Page This help message applies to the format of all logged messages which are displayed for the buffered log, persistent log

441 Configuring Command Logger Page Configurable Data Admin Mode - Enable/Disable the operation of the CLI Command logging by selecting the correspon

442 Viewing Event Log Page Use this panel to display the event log, which is used to hold error messages for catastrophic events. After the event

443 IP Address - This is the ip address of the host configured for syslog. Status -This specifies wether the host has been configured to be activel

444 Messages Relayed - The count of syslog messages relayed. Messages Ignored - The count of syslog messages ignored. Command Buttons Submit - Up

445 Link Trap - This object determines whether or not to send a trap when link status changes. The factory default is enabled. Maximum Frame Size -

446 Viewing Switch Interface Configuration Page This screen displays the status for all ports in the box. Selection Criteria MST ID - Select the

447 Disable - spanning tree is disabled for this port. Forwarding State - The port's current state Spanning Tree state. This state controls wh

448

449 Configuring Multiple Port Mirroring Function Page Configurable Data Session ID - A session ID or "All Sessions" option may be selected.

45 Figure 4-5: System-wide menus You can also access the main navigation menu by right clicking on the image of the switch and browsing to the men

450 These are well-known communities, you can use this menu to change the defaults or to add other communities. Only the communities that you define

451 Configuring SNMP Trap Receiver Configuration Page This menu will display an entry for every active Trap Receiver. Configurable Data SNMP Com

452 Viewing SNMP supported MIBs Page This is a list of all the MIBs supported by the switch. Non-configurable Data Name - The RFC number if appl

453 8.2.1.8 Viewing Statistics Viewing the whole Switch Detailed Statistics Page Non-Configurable Data ifIndex - This object indicates the ifInd

454 Multicast Packets Received - The total number of packets received that were directed to a multicast address. Note that this number does not inclu

455 Command Buttons Clear Counters - Clear all the counters, resetting all switch summary and detailed statistics to default values. The discarded pa

456 Transmit Packet Errors - The number of outbound packets that could not be transmitted because of errors. Address Entries Currently in Use - The

457 Packets RX and TX 128-255 Octets - The total number of packets (including bad packets) received or transmitted that were between 128 and 255 octe

458 Packets Received 1024-1518 Octets - The total number of packets (including bad packets) received that were between 1024 and 1518 octets in length

459 Packets Transmitted 65-127 Octets - The total number of packets (including bad packets) received that were between 65 and 127 octets in length in

46 4 Command Line Interface Structure and Mode-based CLI The Command Line Interface (CLI) syntax, conventions, and terminology are described in this

460 Tx Oversized - The total nummber of frames that exceeded the max permitted frame size. This counter has a max increment rate of 815 counts per se

461 Refresh - Refresh the data on the screen with the present state of the data in the switch.

462

463 Viewing Each Port Summary Statistics Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured.

464 8.2.1.9 Managing System Utilities Saving All Configuration Changed Page Command Buttons Save - Click this button to have configuration changes yo

465 Resetting the Passwords to Default Values Page Command Buttons Reset - Select this button to have all passwords reset to their factory default

466 Start File Transfer - To initiate the download you need to check this box and then select the submit button. Non-Configurable Data The last row

467 Defining Configuration and Runtime Startup File Page Specify the file used to start up the system. Configurable Data Configuration File - Co

468 Copying Running Configuration to Flash Page Use this menu to copy a start-up configuration file from the running configuration file on switch.

469 Submit - This will initiate the ping. Managing CDP Function Defining CDP Configuration Page Use this menu to configure the parameters for

47 The {} curly braces indicate that a parameter must be chosen from the list of choices. Values ipaddr This parameter is a valid IP address, made

470

471 Viewing Neighbors Information Page Non-Configurable Data Use this menu to display CDP neighbors device information in the LAN. Command Buttons

472 8.2.1.10 Defining Trap Manager Configuring Trap Flags Page Use this menu to specify which traps you want to enable. When the condition identif

473 Viewing Trap Log Page This screen lists the entries in the trap log. The information can be retrieved as a file by using System Utilities, Upl

474 8.2.1.11 Configuring SNTP Configuring SNTP Global Configuration Page Configurable Data Client Mode - Specifies the mode of operation of SNTP

475 Unicast Poll Retry - Specifies the number of times to retry a request to an SNTP server after the first time-out before attempting to use the nex

476 • Server Kiss Of DeathThe SNTP server indicated that no further queries were to be sent to this server. This is indicated by a stratum field equ

477 Address - Specifies the address of the SNTP server. This is a text string of up to 64 characters containing the encoded unicast IP address or hos

478 Address - Specifies all the existing Server Addresses. If no Server configuration exists, a message saying "No SNTP server exists" flas

479 Hour - Hour in 24-hour format. (Range: 0 - 23). Minute - Minute. (Range: 0 - 59). Second - Second. (Range: 0 - 59). Command Buttons Submi

48 Empty strings (““) are not valid user defined strings. Command completion finishes spelling the command when enough letters of a command are type

480 Submit - Send the updated screen to the switch. Changes take effect on the switch but these changes will not be retained across a power cycle unl

481 z Specific Text String z Specific Hexadecimal Value Text String - A text string. Hex Value - The hexadecimal value. Command Buttons Sub

482 z Autodetect - Specifies that port may be dynamically registered in this VLAN via GVRP. The port will not participate in this VLAN unless it rec

483 VLAN Name - The name of the VLAN. VLAN ID 1 is always named `Default`. VLAN Type - The VLAN type: Default ( VLAN ID = 1) -- always present

484 Viewing VLAN Port Summary Page Non-Configurable Data Slot/Port - The interface. Port VLAN ID - The VLAN ID that this port will assign to unt

485 Resetting VLAN Configuration Page Command Buttons Reset - If you select this button and confirm your selection on the next screen, all VLAN co

486 8.2.2.2 Managing Protocol-based VLAN Protocol-based VLAN Configuration Page You can use a protocol-based VLAN to define filtering criteria f

487 Slot/Port(s) - Select the interface(s) you want to be included in the group. Note that a given interface can only belong to one group for a given

488 VLAN - The VLAN ID associated with the group. Slot/Port(s) - The interfaces associated with the group. Command Buttons Refresh - Update the s

489 1.5*LeaveAllTime. Permissible values are 200 to 6000 centiseconds (2 to 60 seconds). The factory default is 1000 centiseconds (10 seconds).

49 5 Switching Commands 5.1 System Information and Statistics commands 5.1.1 show arp This command displays connectivity between the switch and oth

490 Configuring each Port GARP Configuration Page Note: It can take up to 10 seconds for GARP configuration changes to take effect. Selection Cr

491 8.2.2.4 Managing IGMP Snooping Configuring IGMP Snooping Global Configuration Page Use this menu to configure the parameters for IGMP Snooping

492 Defining IGMP Snooping Interface Configuration Page Configurable Data Slot/Port - The single select box lists all physical ,VLAN and LAG inte

493 Multicast Router Present Expiration Time - Specify the amount of time you want the switch to wait to receive a query on an interface before remov

494 Configuring IGMP Snooping VLAN Page Configurable Data VLAN ID - Specifies list of VLAN IDs for which IGMP Snooping is enabled. VLAN ID -

495 Viewing Multicast Router Statistics Page Non-Configurable Data Slot/Port - The single select box lists all physical and LAG interfaces. Select

496 Viewing Multicast Router VLAN Statistics Page Selection Criteria Slot/Port - The select box lists all Slot/Ports. Select the interface for which

497 Configuring L2 Static Multicast Group Configuration Page Non-Configurable Data MAC Address Table - This is the list of MAC address and VLAN ID

498 Selection Criteria Static - Displays static unit for L2Mcast Groups. Dynamic - Displays dynamic unit for L2Mcast Groups. All - Displays all o

499 Viewing L2 Multicast Router Port Information Page Use this panel to display information about entries in the L2Mcast Static/Dynamic router ports.

5 5.2.3.2 show vlan id...7

50 show calendar Default Setting None Command Mode Privileged Exec Display Message Current Time displays system time 5.1.3 show eventlog This com

500 8.2.2.5 Managing Port-Channel Configuring Port-Channel Configuration Page Selection Criteria Port Channel Name – You can use this screen to recon

501 Refresh - Refresh the data on the screen with the present state of the data in the switch. Viewing Port-Channel Information Page Non-Configur

502 Active Ports - A listing of the ports that are actively participating members of this Port Channel, in Slot/Port notation. There can be a maximum

503 Refresh - Refresh the data on the screen with the present state of the data in the switch. Viewing GMRP MFDB Table Page This screen will dis

504 Description - The text description of this multicast table entry. Possible values are Management Configured, Network Configured, and Network Assi

505 8.2.2.7 Managing Spanning Tree Configuring Switch Spanning Tree Configuration Page Configurable Data Spanning Tree Mode - Specifies whether spann

506 Bridge Max Age - Specifies the bridge max age for the Common and Internal Spanning tree (CST). The value lies between 6 and 40, with the value be

507 Configuring Spanning Tree MST Configuration Page Selection Criteria MST ID - Create a new MST which you wish to configure or configure already

508 Topology change - The value of the topology change parameter for the switch indicating if a topology change is in progress on any port assigned t

509 Port Path Cost - Set the Path Cost to a new value for the specified port in the common and internal spanning tree. It takes a value in the range

51 5.1.4 show running-config This command is used to display/capture the current setting of different protocol packages supported on switch. This c

510 Configuring each Port MST Configuration Page Selection Criteria MST ID - Selects one MST instance from existing MST instances. Slot/Port -

511 Port ID - The port identifier for the specified port within the selected MST instance. It is made up from the port priority and the interface num

512 Viewing Spanning Tree Statistics Page Selection Criteria Slot/Port - Selects one of the physical or LAG interfaces of the switch. Non-Configura

513 Submit - Update the switch with the values on this screen. If you want the switch to retain the new values across a power cycle, you must perform

514 Slot/Port - Selects the interface to be configured. Configurable Data Allow Port Security - Used to enable or disable the Port Security feature

515 Deleting Port Security Statically Configured MAC Address Page Selection Criteria Slot/Port - Select the physical interface for which you want to

516 Number of Dynamic MAC addresses learned - Displays the number of dynamically learned MAC addresses on a specific port. Viewing Port Security

517 IP - Specifies all the existing static ARP along with an additional option "Create". When the user selects "Create" another t

518 Remove from Table - Allows the user to remove certain entries from the ARP Table. The choices listed specify the type of ARP Entry to be deleted:

519 8.2.3.2 Managing IP Interfaces Configuring IP Use this menu to configure routing parameters for the switch as opposed to an interface. Confi

52 Privileged Exec Display Message System Description: The text used to identify this switch. System Name: The name used to identify the switch. Syst

520 Viewing IP Statistics The statistics reported on this panel are as specified in RFC 1213. Non-Configurable Data IpInReceives - The total num

521 that this counter would include datagrams counted in ipForwDatagrams if any such packets met this (discretionary) discard criterion. IpNoRoutes

522 IcmpInTimestampReps - The number of ICMP Timestamp Reply messages received. IcmpInAddrMasks - The number of ICMP Address Mask Request messages

523

524 Configuring IP Interfaces Selection Criteria Slot/Port - Select the interface for which data is to be displayed or configured. Configurable D

525 8.2.3.3 Managing OSPF Configuring OSPF Configurable Data Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the r

526 non-default AS-external-LSAs. If you enter 0, the router will not leave Overflow State until restarted. The range is 0 to 2147483647 seconds. D

527 Configuring Area Selection Criteria Area ID - Select the area to be configured. Configurable Data Import Summary LSAs - Select enable or d

528 Translator Stability Interval - Enter the translator stability interval of the NSSA. The stability interval is the period of time that an elected

529 Delete Stub Area - Delete the stub area designation. The area will be returned to normal state. Create NSSA - Configure the area ads a NSSA Del

53 5.1.7 show loginsession This command displays current telnet and serial port connections to the switch. Syntax show loginsession Default Set

530 Viewing Stub Area Summary Information Non-Configurable Data Area ID - The Area ID of the Stub area Type of Service - The type of service asso

531 LSDB Type - Select the type of Link Advertisement associated with the specified area and address range. The default type is 'Network Summary

532 SPF Runs - The number of times that the intra-area route table has been calculated using this area's link-state database. Area Border Rout

533 Configuring OSPF Interface Selection Criteria Slot/Port - Select the interface for which data is to be displayed or configured. Configura

534 Retransmit Interval - Enter the OSPF retransmit interval for the specified interface. This is the number of seconds between link-state advertisem

535 LSA Ack Interval - The number of seconds between LSA Acknowledgment packet transmissions, which must be less than the Retransmit Interval. OSPF

536 Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a

537 designated router. The Neighbor IP address is learned when Hello packets are received from the neighbor. For virtual links, the Neighbor IP addre

538  Down - This is the initial state of a neighbor conversation. It indicates that there has been no recent information received from the neighbor

539 Viewing OSPF Link State Database Non-Configurable Data Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the

54 <slot/port> - is the desired interface number. all - This parameter displays information for all interfaces. Default Setting None Command M

540 Checksum - The checksum is used to detect data corruption of an advertisement. This corruption can occur while an advertisement is being flooded,

541 Dead Interval - Enter the OSPF dead interval for the specified interface in seconds. This specifies how long a router will wait to see a neighbor

542 network-LSA for the network node. The network- LSA will contain links to all routers (including the Designated Router itself) attached to the net

543 Viewing OSPF Virtual Link Summary Table Non-Configurable Data Area ID - The Area ID portion of the virtual link identification for which data

544 Configuring OSPF Route Redistribution This screen can be used to configure the OSPF Route Redistribution parameters. The allowable values for eac

545 Viewing OSPF Route Redistribution Summary Information This screen displays the OSPF Route Redistribution Configurations. Non Configurable

546 8.2.3.4 Managing BOOTP/DHCP Relay Agent Configuring BOOTP/DHCP Relay Agent Configurable Data Maximum Hop Count - Enter the maximum number of

547 Viewing BOOTP/DHCP Relay Agent Status Non-Configurable Data Maximum Hop Count - The maximum number of Hops a client request can go without bei

548 8.2.3.5 Managing DNS Relay Configuring DNS Relay The DNS protocol controls the Domain Name System (DNS), a distributed database with which

549 Configuring Domain Name You can use this panel to change the configuration parameters for the domain names that can be appended to incomplete

55 Privileged Exec Display Message The display parameters when the argument is '<slot/port>' are as follows: Packets Received Withou

550 Configuring Name Server You can use this panel to change the configuration parameters for the domain name servers. You can also use this screen t

551 TTL - The time to live reported by the name server. Flag - The flag of the record. Command Buttons Refresh - Refresh the page with the latest

552 8.2.3.6 Managing Routing Information Protocol (RIP) Configuring RIP Global Configuration Page Configurable Data RIP Admin Mode - Select enabl

553 Viewing Each Routing Interface’s RIP Configuration Page Non-Configurable Data Slot/Port - The slot and port for which the information is being

554 Defining The Routing Interface’s RIP Configuration Page Selection Criteria Slot/Port - Select the interface for which data is to be configur

555 Encrypt - If you select 'Encrypt' you will be prompted to enter both an authentication key and an authentication ID. Encryption uses th

556 Configuring Route Redistribution Configuration This screen can be used to configure the RIP Route Redistribution parameters. The allowable values

557 Viewing Route Redistribution Configuration This screen displays the RIP Route Redistribution Configurations. Non Configurable Data Source

558 Command Buttons Refresh - Displays the latest RIP Route Redistribution Configuration data. 8.2.3.7 Managing Router Discovery Configuring

559 Viewing Router Discovery Status Non-Configurable Data Slot/Port - The router interface for which data is displayed. Advertise Mode - The

56 Command Mode Privileged Exec Display Message The display parameters when the argument is ' <slot/port>' are as follows: Total

560 8.2.3.8 Managing Route Table Viewing Router Route Table Non-Configurable Data Network Address - The IP route prefix for the destination.

561  OSPF Type-1  OSPF Type-2  RIP  BGP4 Next Hop Slot/Port - The outgoing router interface to use when forwarding traffic to the destina

562  OSPF Type-2  RIP  BGP4 Next Hop Slot/Port - The outgoing router interface to use when forwarding traffic to the destination. Next Hop

563  OSPF Intra  OSPF Inter  OSPF Type-1  OSPF Type-2  RIP  BGP4Local Next Hop Slot/Port - The outgoing router interface to use whe

564 Preference - Specifies a preference value for the configured next hop. Command Buttons Add Route - Go to a separate page where a route can be

565 Local - This field displays the local route preference value. Command Buttons Submit - Send the updated configuration to the switch. Configur

566 Instructions for creating a VLAN  Enter a new VLAN ID in the field labeled VLAN ID.  Click on the Create button. The page will be updated t

567 8.2.3.10 Managing VRRP Configuring VRRP Configurable Data VRRP Admin Mode - This sets the administrative status of VRRP in the router to

568 Slot/Port - This field is only configurable if you are creating new Virtual Router, in which case select the Slot/Port for the new Virtual Router

569 Viewing Virtual Router Status Non-Configurable Data VRID - Virtual Router Identifier. Slot/Port - Indicates the interface associate with th

57 Total Packets Received Without Errors Unicast Packets Received: The number of subnetwork-unicast packets delivered to a higher-layer protocol. Mul

570 Owner - Set to 'True' if the Virtual IP Address and the Interface IP Address are the same, otherwise set to 'False'. If this

571 Router Checksum Errors - The total number of VRRP packets received with an invalid VRRP checksum value. Router Version Errors - The total numbe

572 Refresh - Refresh the data on the screen with the present state of the data in the switch. 8.2.4 Security Menu 8.2.4.1 Managing Access Con

573 Command Buttons Submit - Sends the updated screen to the switch and causes the changes to take effect on the switch but these changes will not

574 Maximum Requests - This input field allows the user to enter the maximum requests for the selected port. The maximum requests value is the maximu

575 Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newl

576 "Initialize" "Disconnected" "Connecting" "Authenticating" "Authenticated" "Aborting&q

577 Viewing Access Control Summary Page Non-Configurable Data Port - Specifies the port whose settings are displayed in the current table row. Cont

578 Viewing each Port Access Control Statistics Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a

579 Last EAPOL Frame Source - This displays the source MAC address carried in the most recently received EAPOL frame. EAP Response/Id Frames Receiv

58 Broadcast Packets Transmitted: The total number of packets that higher-level protocols requested be transmitted to the Broadcast address, includin

580 Configurable Data Login - Selects the login to apply to the specified user. All configured logins are displayed. Command Buttons Submit - Sen

581 Port - Displays the port in Slot/Port format. Users - Displays the users that have access to the port. Command Buttons Refresh - Update the

582 sum of (retransmit times timeout) for all configured servers. If the RADIUS request was generated by a user login attempt, all user interfaces wi

583 Configuring RADIUS Server Configuration Page Selection Criteria RADIUS Server IP Address - Selects the RADIUS server to be configured. Select a

584 RADIUS Server IP Address - Selects the IP address of the RADIUS server for which to display statistics. Non-Configurable Data Round Trip Time (s

585 Defining RADIUS Accounting Server Configuration Page Selection Criteria Accounting Server IP Address - Selects the accounting server for which

586 Viewing RADIUS Accounting Server Statistics Page Non-Configurable Statistics Accounting Server IP Address - Identifies the accounting server a

587 Resetting All RADIUS Statistics Page Command Buttons Clear All RADIUS Statistics - This button will clear the accounting server, authenticat

588 Authen. Port - The TCP port number of TACACS+. Server Time Out - Timeout value of TACACS+ packet transmit. Retry Count - Retry count after tr

589 Command Buttons Submit - Send the updated screen to the switch. Changes take effect on the switch but these changes will not be retained across

59 Receive Packets Discarded: The number of inbound packets which were chosen to be discarded even though no errors had been detected to prevent thei

590 8.2.4.6 Defining Secure Shell Configuration Configuring Secure Shell Configuration Page Configurable Data Admin Mode - This select field is

591 8.2.5 QOS Menu 8.2.5.1 Managing Access Control Lists Configuring IP Access Control List Configuration Page An IP ACL consists of a set of rul

592 Viewing IP Access Control List Summary Page Non-Configurable Data IP ACL ID - The IP ACL identifier. Rules - The number of rules currently

593 Selection Criteria IP ACL ID - Use the pulldown menu to select the IP ACL for which to create or update a rule. Rule - Select an existing rul

594 Destination IP Address - Enter an IP address using dotted-decimal notation to be compared to a packet's destination IP Address as a match cr

595 Configuring MAC Access Control List Configuration Page A MAC ACL consists of a set of rules which are matched sequentially against a packet. W

596 Viewing MAC Access Control List Summary Page Non-Configurable Data MAC ACL Name - MAC ACL identifier. Rules - The number of rules currently

597 Configurable Data Rule - Enter a whole number in the range of (1 to 8) that will be used to identify the rule. Action - Specify what action sho

598 Command Buttons Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be

599 number. If the sequence number is not specified by the user, a sequence number that is one greater than the highest sequence number currently in

6 5.2.6.8 lacp ...

60 Display Message Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received by the pr

600 on a per-class instance basis, and it is these attributes that are applied when a match occurs. The configuration process begins with defining o

601 Class Selector - Along with an option to create a new class, this lists all the existing DiffServ class names, from which one can be selected. Th

602 Class Type - Displays types of the configured classes as 'all', 'any', or 'acl'. Class types are platform dependent

603 Viewing DiffServ Policy Summary Page Non-Configurable Data Policy Name - Displays name of the DiffServ policy. Policy Type - Displays type o

604 Viewing DiffServ Policy Attribute Summary Page Non-Configurable Data Policy Name - Displays name of the specified DiffServ policy. Policy Ty

605 Slot/Port - Shows the Slot/Port that uniquely specifies an interface. Direction - Shows the traffic direction of this service interface. Oper

606 Viewing DiffServ Service Detailed Statistics Page This screen displays class-oriented statistical information for the policy, which is specifi

607 8.2.5.3 Configuring Diffserv Wizard Page Operation The DiffServ Wizard enables DiffServ on the switch by creating a traffic class, adding the tr

608 8.2.5.4 Managing Class of Service Managing Table Configuration Page Selection Criteria Slot/Port - Specifies all CoS configurable interface

609 Non-IP Traffic Class - Displays traffic class (i.e. queue) to which all non-IP traffic is directed when in 'trust ip-precedence' or &ap

61 speed-duplex {10 | 100} {full-duplex | half-duplex} 100 - 100BASE-T 10 - 10BASE-T full-duplex - Full duplex half-duplex - Half duplex Default Se

610 Slot/Port - Specifies all CoS configurable interfaces. The option "Global" represents the most recent global configuration settings. Th

611 Scheduler Type - Specifies the type of scheduling used for this queue. Scheduler Type can only be one of the following:  strict  weighte

612 Minimum Bandwidth - Specifies the minimum guaranteed bandwidth allotted to this queue. The value 0 means no guaranteed minimum. Sum of individual

613 Non-Configurable Data Version - The current value of the DVMRP version string. Total Number of Routes - The number of routes in the DVMRP routi

614 Viewing DVMRP Configuration Summary Selection Criteria o Slot/Port - Select the interface for which data is to be displayed. You must confi

615 Neighbor Expiry Time - The DVMRP expiry time for the specified neighbor on the selected interface. This is the time left before this neighbor ent

616 Viewing DVMRP Next Hop Configuration Summary Non-Configurable Data Source IP - The IP address used with the source mask to identify the source

617 Viewing DVMRP Prune Summary Non-Configurable Data Group IP - The group address which has been pruned. Source IP - The address of the source

618 Source Mask - The subnet mask to be combined with the source address to identify the sources for this entry. Upstream Neighbor - The address of

619 Configuring IGMP Interface Configuration Page Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed or c

62 negotiate no negotiate no - This command disables automatic negotiation on a port. Default Setting Enable Command Mode Interface Config Thi

620 Command Buttons Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be

621 Query Max Response Time - The maximum query response time advertised in IGMPv2 queries sent from the selected interface. Robustness - The robus

622 Viewing IGMP Cache Information Selection Criteria Slot/Port - Select the Slot and port for which data is to be displayed. Slot 0 is the ba

623 Version 1 Host Timer - The time remaining until the local router will assume that there are no longer any IGMP version 1 members on the IP subnet

624 Source Filter Mode - The source filter mode (Include/Exclude/NA) for the specified group on this interface. Source Hosts - This parameter shows

625 Configuring Interface’s Multicast Configuration Page Selection Criteria Slot/Port - Select the routing interface you want to configure from

626 Source IP - Enter the IP address of the multicast packet source to be combined with the Group IP to fully identify a single route whose Mroute ta

627 Configurable Data Source IP - Enter the IP Address that identifies the multicast packet source for the entry you are creating. Source Mask - Ent

628 Configuring Multicast Admin Boundary Configuration Page The definition of an administratively scoped boundary is a mechanism is a way to stop

629 Slot/Port - The router interface to which the administratively scoped address range is applied. Group IP - The multicast group address for the

63 no capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex } 10 - 10BASE-T 100 - 100BASE-T 1000 - 1000BASE-T full-duplex - Ful

630 Non-Configurable Data Router Interface - The IP address of the router interface for which configuration information was requested. Neighboring r

631 Viewing Mstat Summary Page This screen is used to display the results of an mstat command. Non-Configurable Data This screen shows the path

632 Admin Mode - Select enable or disable from the pulldown menu. If you select enable the router will process and forward mtrace requests received f

633 Viewing Mtrace Summary Page This screen displays the results of an mtrace command. The mtrace command is used to trace the path from source to a

634 Configuring Interface’s PIM-DM Configuration Page Selection Criteria Slot/Port - Select the Slot and port for which data is to be displayed or

635 Protocol State - The operational state of the PIM-DM protocol on this interface. Hello Interval - The frequency at which PIM hello messages are

636 Data Threshold Rate - Enter the minimum source data rate in K bits/second above which the last-hop router will switch to a source-specific shorte

637 Configuring Interface’s PIM-SM Configuration Page Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed or

638 Protocol State - The operational state of the PIM-SM protocol on this interface. IP Address - The IP address of the selected PIM interface. Net

639 Component Index - Unique number identifying the component index. Component BSR Address - Displays the IP address of the bootstrap router (BSR)

64 Note: This command only applies to full-duplex mode ports. Syntax storm-control flowcontrol no storm-control flowcontrol no - This command dis

640 Group Address - The group address transmitted in Candidate-RP-Advertisements. Group Mask - The group address mask transmitted in Candidate-RP-Ad

65 Syntax shutdown no shutdown no - This command enables a port. Default Setting Enabled Command Mode Interface Config This command is used

66 5.2.2 L2 MAC Address and Multicast Forwarding Database Tables 5.2.2.1 show mac-addr-table This command displays the forwarding database entries. I

67 5.2.2.2 show mac-address-table gmrp This command displays the GARP Multicast Registration Protocol (GMRP) entries in the Multicast Forwarding Data

68 01:23:45:67:89:AB. In an IVL system the MAC address will be displayed as 8 bytes. In an SVL system, the MAC address will be displayed as 6 bytes.

69 5.2.2.5 show mac-address-table stats This command displays the MFDB statistics. Syntax show mac-address-table stats Default Setting None Comman

7 5.3.3 Telnet Session Commands...135 5.3.

70 Syntax mac-address-table aging-time <10-1000000> no mac-address-table aging-time <10-1000000> <10-1000000> - aging-time (Rang

71 5.2.3.2 show vlan id This command displays detailed information, including interface information, for a specific VLAN. Syntax show vlan {id <

72 5.2.3.3 show protocol group This command displays the Protocol-Based VLAN information for either the entire system, or for the indicated Group.

73 Command Mode Privileged Exec Display Message Slot/port: Indicates by slot id and port number which port is controlled by the fields on this line.

74 vlan <vlanid> [<name>] no vlan <vlanid> <vlanid> - VLAN ID (Range: 2 –3965). <name> - Configure an optional VLAN Na

75 5.2.3.8 vlan makestatic This command changes a dynamically created VLAN (one that is created by GVRP registration) to a static VLAN (one that is p

76 5.2.3.10 switchport acceptable-frame-type This command sets the frame acceptance mode per interface. For VLAN Only mode, untagged frames or prio

77 interface VLAN ID for this port. With either option, VLAN tagged frames are forwarded in accordance with the IEEE 802.1Q VLAN Specification. Defa

78 no switchport ingress-filtering all all - All interfaces. no - This command disables ingress filtering for all ports. If ingress filtering is dis

79 <vlanid> - VLAN ID (Range: 1 –3965). all - All interfaces. no - This command sets the VLAN ID for all interfaces to 1. Default Setting 1 C

8 5.3.7.2 ip ssh ...

80 switchport allowed vlan {add {tagged | untagged} | remove} all <vlanid> <vlanid> - VLAN ID (Range: 1 –3965). all - All interfaces. ad

81 This command configures the tagging behavior for all interfaces in a VLAN to be enabled. If tagging is enabled, traffic is transmitted as tagged f

82 This command configures the port priority assigned for untagged packets for all ports presently plugged into the device. Any subsequent per port c

83 This command adds a protocol-based VLAN group to the system. The <group-name> is a character string of 1 to 16 characters. When it is cre

84 Default Setting None Command Mode Global Config This command adds the <protocol> to the protocol-based VLAN identified by <group-name

85 Syntax switchport forbidden vlan {add | remove} <vlanid> no switchport forbidden <vlanid> - VLAN ID (Range: 1 –3965). add - VLAND ID

86 5.2.4.2 show gvrp configuration This command displays Generic Attributes Registration Protocol (GARP) information for one or all interfaces. Syn

87 5.2.4.3 show gmrp configuration This command displays Generic Attributes Registration Protocol (GARP) information for one or All interfaces. Synt

88 Syntax show garp configuration {<slot/port> | all} <slot/port> - An interface number. all - All interfaces. Default Setting None Co

89 5.2.4.6 bridge-ext gmrp This command enables GARP Multicast Registration Protocol (GMRP) on the system. The default value is disabled. Syntax b

9 5.5.4 Configuration Commands ...184 5.

90 This command enables GVRP (GARP VLAN Registration Protocol) for all ports. Syntax switchport gvrp all no switchport gvrp all all - All interfa

91 Interface Config This command enables GMRP Multicast Registration Protocol on all interfaces. If an interface which has GMRP enabled is enable

92 no - This command sets the GVRP join time per port and per GARP to 20 centiseconds (0.2 seconds). This command has an effect only when GVRP and GM

93 Note: This command has an effect only when GVRP and GMRP are enabled. Syntax garp timer leave < 20-600 > no garp timer leave <20-600&

94 Default Setting 60 centiseconds (0.6 seconds) Command Mode Global Config This command sets how frequently Leave All PDUs are generated per por

95 Syntax garp timer leaveall all < 200-6000 > no garp timer leaveall all <200-6000> - leave time (Range: 200 – 6000) in centiseconds.

96 Display Message Admin Mode: This indicates whether or not IGMP Snooping is active on the switch. Multicast Control Frame Count: This displays the

97 <vlanid> - VLAN ID (Range: 1 – 3965). static - Displays only the configured multicast entries. dynamic - Displays only entries learned thro

98 Max Response Time This displays the amount of time the switch will wait after sending a query on an interface, participating in the VLAN, because

99 Default Setting 260 seconds Command Mode Global Config, Interface Config ip igmp snooping interfacemode This command enables IGMP Snooping on