FortiSwitch-100 Version 4.0 MR1 User Guide
10 5.8.2.3 username login ...207
100 all - All interfaces. no - This command disables IGMP Snooping on all interfaces. Default Setting Disabled Command Mode Global Config ip igmp
101 <sec> - Max time (Range: 1 – 3599). no - This command sets the IGMP Maximum Response time on the system to 10 seconds. Default Setting 10
102 ip igmp snooping mrouter This command configures a selected interface as a multicast router interface. When configured as a multicast router in
103 Command Mode Interface Config. ip igmp snooping vlan static This command is used to add a port to a multicast group. Syntax ip igmp snoopi
104 Default Setting None Command Mode Vlan Database set igmp groupmembership-interval This command sets the IGMP Group Membership Interval on a
105 Syntax set igmp maxresponse <1-3965> <1-3599> no set igmp maxresponse <1-3965> <1-3965> - VLAN ID (Range: 1 – 3965). n
106 Vlan Database set igmp fast-leave This command enables or disables IGMP Snooping fast-leave admin mode on a selected VLAN. Enabling fastleav
107 5.2.6 Port Channel 5.2.6.1 show port-channel This command displays the static capability of all port-channels (LAGs) on the device as well as a s
108 Display Message Log. Intf: The logical slot and the logical port. Port-Channel Name: The name of this port-channel (LAG). You may enter any strin
109 Command Usage 1. Max number of port-channels could be created by user are 6 and Max. Number of members for each port-channel are 8. 5.2.6.3 po
11 5.9.1.2 show cdp neighbors...226 5.9.
110 Default Setting Disabled Command Mode Interface Config 5.2.6.5 port-channel linktrap This command enables link trap notifications for the port-
111 port-channel name {<logical slot/port> | all} <name> <logical slot/port> - Port-Channel Interface number. all - all Port-Chann
112 Syntax lacp no lacp no - This command disables Link Aggregation Control Protocol (LACP) on a port. Default Setting Enabled Command Mode Interf
113 Note: Before adding a port to a port-channel, set the physical mode of the port. See ‘speed’ command. Syntax channel-group <logical slot/por
114 Syntax delete-channel-group <logical slot/port> all <logical slot/port> - Port-Channel Interface number. all - All members for spe
115 This command is used to display multicast storm control information. Syntax show storm-control multicast Default Setting None Command Mode Pr
116 5.2.7.2 storm-control broadcast This command enables broadcast storm recovery mode on the selected interface. If the mode is enabled, broadcast
117 Disabled Command Mode GlobaI Config 5.2.7.3 storm-control multicast This command enables multicast storm recovery mode on the selected interfac
118 5.2.7.4 storm-control unicast This command enables unicast storm recovery mode on the selected interface. Syntax storm-control unicast no stor
119 5.2.7.5 switchport broadcast packet-rate This command will protect your network from broadcast storms by setting a threshold level for broadcast
12 5.11.1.17 clear radius statistics ...243 5.
120 Level 4 Command Mode Global Config 5.2.7.6 switchport multicast packet-rate This command will protect your network from multicast storms by set
121 all - This command represents all interfaces. Note: pps (packet per second) Default Setting Level 4 Command Mode Global Config 5.2.7.7 switchp
122 switchport unicast all packet-rate {1 | 2 | 3 | 4} 1 - Threshold level represents 64 pps for 1G Port or 1042 pps for 10G port. 2 - Threshold lev
123 5.2.8.2 queue cos-map This command is used to assign class of service (CoS) value to the CoS priority queue. Syntax queue cos-map <priority&g
124 Default Setting None Command Mode Privileged Exec Display Message Session ID: indicates the session ID. Admin Mode: indicates whether the Port M
125 Syntax no port-monitor Default Setting None Command Mode Global Config 5.2.9.3 port-monitor session mode This command configures the admini
126 Syntax show ip interface Default Setting None Command Mode Privileged Exec Display Message IP Address: The IP address of the interface. The fac
127 5.3.1.3 show ip ipv6 This command displays the IPv6 forwarding status of all ports. Syntax show ip ipv6 Default Setting None Command Mode Pr
128 5.3.1.5 interface vlan This command is used to enter Interface-vlan configuration mode. Syntax interface vlan <vlanid> <vlanid>
129 Interface-Vlan Config Command Usage Once the IP address is set, the VLAN ID’s value will be assigned to management VLAN. 5.3.1.7 ip default-g
13 5.12.3.2 drop...
130 <dhcp> - Obtains IP address from DHCP. <none> - Obtains IP address by setting configuration. Default Setting None Command Mode Inter
131 Default Setting None Command Mode Global Config 5.3.1.10 ip ipv6 This command is used to enable the Ipv6 function on specific interface. Synta
132 Command Mode Global Config 5.3.2 Serial Interface Commands 5.3.2.1 show line console This command displays serial communication settings for th
133 Syntax line console Default Setting None Command Mode Global Config 5.3.2.3 baudrate This command specifies the communication rate of the t
134 <0-160> - max connect time (Range: 0 -160). no - This command sets the maximum connect time (in minutes) without console activity to 5. De
135 <0-65535> - silent time (Range: 0 - 65535) in seconds. no - This command sets the maximum value to the default. Default Setting 0 Command
136 Syntax show line vty Default Setting None Command Mode Privileged Exec Display Message Remote Connection Login Timeout (minutes): This object i
137 5.3.3.4 exec-timeout This command sets the remote connection session timeout value, in minutes. A session is active as long as the session has be
138 3 Command Mode Telnet Config 5.3.3.6 maxsessions This command specifies the maximum number of remote connection sessions that can be establishe
139 no - This command disables telnet sessions. If sessions are disabled, no new telnet sessions are established. Default Setting Enabled Command Mo
14 5.14.1 Show Commands...288
140 Syntax telnet maxsessions <0-5> no maxsessions <0-5> - max sessions (Range: 0 - 5). no - This command sets the maximum value to be
141 5.3.3.11 show telnet This command displays the current outbound telnet settings. Syntax show telnet Default Setting None Command Mode
142 Syntax show snmp Default Setting None Command Mode Privileged Exec Display Message SNMP Community Name: The community string to which this entr
143 Authentication Flag: May be enabled or disabled. The factory default is enabled. Indicates whether authentication failure traps will be sent. Lin
144 snmp-server location <loc> <loc> - range is from 1 to 31 alphanumeric characters. Default Setting None Command Mode Global Config
145 Syntax snmp-server community <name> no snmp-server community <name> <name> - community name (up to 16 case-sensitive characte
146 Command Mode Global Config This command sets a client IP mask for an SNMP community. The address is the associated community SNMP packet send
147 <ro> - access mode is read-only. <rw> - access mode is read/write. Default Setting None Command Mode Global Config 5.3.4.7 snm
148 Syntax snmp-server enable traps authentication no snmp-server enable traps authentication no - This command disables the Authentication trap.
149 Default Setting Enabled Command Mode Global Config This command enables Multiple User traps. When the traps are enabled, a Multiple User Tra
15 6.2.1.7 show ip route precedence ...311 6.2.1.8
150 Global Config This command enables PIM traps. Syntax snmp-server enable traps pim no snmp-server enable traps pim no - This command disabl
151 5.3.5 SNMP Trap Commands 5.3.5.1 show snmptrap This command displays SNMP trap receivers. Trap messages are sent across a network to an SNMP Netw
152 no snmp trap link-status no - This command disables link status traps by interface. Note: This command is valid only when the Link Up/Down Flag
153 5.3.5.3 snmptrap <name> <ipaddr> This command adds an SNMP trap name. The maximum length of the name is 16 case-sensitive alphanumeri
154 Default Setting None Command Mode Global Config 5.3.5.5 snmptrap mode This command activates or deactivates an SNMP trap. Enabled trap receiver
155 Default Setting None Command Mode Privileged Exec Display Message HTTP Mode (Unsecure): This field indicates whether the HTTP mode is enabled or
156 Syntax ip http port <1-65535> no ip http port <1-65535> - HTTP Port value. no - This command is used to reset the http port to the
157 5.3.6.5 ip http secure-port This command is used to set the SSLT port where port can be 1-65535 and the default is port 443. Syntax ip http sec
158 5.3.6.7 ip http secure-protocol This command is used to set protocol levels (versions). The protocol level can be set to TLS1, SSL3 or to both TL
159 Max SSH Sessions Allowed: The maximum number of inbound SSH sessions allowed on the switch. SSH Timeout: This field is the inactive timeout value
16 6.3.2.10 area nssa translator-role ...330 6.3.2
160 5.3.7.4 ip ssh maxsessions This command specifies the maximum number of SSH connection sessions that can be established. A value of 0 indicate
161 <1-160> - timeout interval in seconds. no - This command sets the SSH connection session timeout value, in minutes, to the default. Changin
162 no ip dhcp client-identifier <text> - A text string. (Range: 1-15 characters). <hex> - The hexadecimal value (00:00:00:00:00:00). no
163 Server IP Address - IP address of the BOOTP/DHCP server or the IP address of the next BOOTP/DHCP Relay Agent. Circuit Id Option Mode - This is
164 Syntax bootpdhcprelay serverip <ipaddr> no bootpdhcprelay serverip <ipaddr> - A server IP address. no - This command is used to re
165 None Command Mode Privileged Exec Display Message Bridge Priority: Configured value. Bridge Identifier: The MAC Address for the Bridge from which
166 Privileged Exec Display Message Port Mode: The administration mode of spanning tree. Port Up Time Since Counters Last Cleared: Time since the por
167 Syntax show spanning-tree mst detailed <0-4094> <0-4094> - multiple spanning tree instance ID. Default Setting None Command Mode P
168 For each MSTID: The multiple spanning tree instance ID. Associated FIDs: List of forwarding database identifiers associated with this instance.
169 Auto-calculate Port Path Cost: Indicate the port auto-calculate port path cost Auto-calculate External Port Path Cost - Displays whether the exte
17 6.5 Domain Name Server Relay Commands ... 350 6.5.1 Sh
170 STP Mode: Indicate STP mode. Type: Currently not used. STP State: The forwarding state of the port in the specified spanning tree instance. Port
171 Default Setting None Command Mode Privileged Exec Display Message Bridge Priority: Configured value. Bridge Identifier: The bridge ID of current
172 Syntax spanning-tree protocol-migration {<slot/port> | all} no spanning-tree protocol-migration {<slot/port> | all} <slot/port&
173 This command sets the Configuration Identifier Revision Level for use in identifying the configuration that this switch is currently using. Th
174 Command Mode Global Config 5.4.2.5 spanning-tree forward-time This command sets the Bridge Forward Delay parameter to a new value for the com
175 <1-10> - hellotime value (Range: 1 – 10). no - This command sets the Hello Time parameter for the common and internal spanning tree to the
176 Syntax spanning-tree max-hops <1-127> no spanning-tree max-hops <1-127> - the Maximum hops value (Range: 1-127). no - This command
177 This command sets the bridge priority for a specific multiple spanning tree instance. The instance <mstid> is a number that corresponds
178 spanning-tree mst vlan <0-4094> <1-3965> no spanning-tree mst vlan <0-4094> <1-3965> <0-4094> - multiple spanning
179 If the ‘cost’ token is specified, this command sets the path cost for this port within a multiple spanning tree instance or the common and inter
18 6.7.2 ip irdp ...
180 Interface Config 5.4.2.10 spanning-tree port mode This command sets the Administrative Switch Port State for this port to enabled. Syntax s
181 5.4.2.11 spanning-tree edgeport This command specifies that this port is an Edge Port within the common and internal spanning tree. This will al
182 Display Message Logging Client Local Port The port on the collector/relay to which syslog messages are sent CLI Command Logging The mode for CLI
183 Syntax show logging traplogs Default Setting None Command Mode Privileged Exec Display Message Number of Traps since last reset: The number o
184 5.5.4 Configuration Commands 5.5.4.1 logging buffered This command enables logging to in-memory log where up to 128 logs are kept. Syntax lo
185 5.5.4.2 logging console This command enables logging to the console. Syntax logging console [<severitylevel> | <0-7>] no logg
186 Default Setting None Command Mode Privileged Exec This command disables logging to hosts. Syntax logging host remove <hostindex> &
187 Privileged Exec 5.5.4.4 logging syslog This command enables syslog logging. Syntax logging syslog no logging syslog no - Disables sys
188 Command Mode Privileged Exec 5.5.4.5 clear logging buffered This command clears all in-memory log. Syntax clear logging buffered Defau
189 None Command Mode Privileged Exec 5.6.2 script delete This command deletes a specified script or all the scripts presented in the switch.
19 7.2.1 Show Commands...38
190 Default Setting None Command Mode Privileged Exec 5.6.4 script show This command displays the content of a script file. Syntax script sh
191 Syntax show users Default Setting None Command Mode Privileged Exec Display Message User Name: The name the user will use to login using the se
192 no username <username> <username> - is a new user name (Range: up to 8 characters). no - This command removes a user name created be
193 Global Config 5.7.2.3 username snmpv3 encryption This command specifies the encryption protocol and key to be used for the specified login user
194 Syntax show users authentication Default Setting None Command Mode Privileged Exec Display Message User: This field lists every user that has
195 5.8.1.3 show authentication users This command displays information about the users assigned to the specified authentication login list. If the l
196 5.8.1.5 show dot1x detail This command is used to show a summary of the global dot1x configuration and the detailed dot1x configuration for a spe
197 5.8.1.6 show dot1x statistics This command is used to show a summary of the global dot1x configuration and the dot1x statistics for a specified
198 5.8.1.7 show dot1x summary This command is used to show a summary of the global dot1x configuration and summary information of the dot1x configu
199 None Command Mode Privileged Exec Display Message User: Users configured locally to have access to the specified port. 5.8.1.9 show radius-serv
FortiSwitch-100 Userl Guide Version 4.0 MR1 Revision 2 November 23, 2009 © Copyright 2009 Fortinet, Inc. All rights reserved. No part of this publi
20 7.4.1.1 show ip pimdm...406 7
200 Command Mode Privileged Exec Display Message Current Server IP Address: Indicates the configured server currently in use for authentication Numbe
201 Requests: The number of RADIUS Accounting-Request packets sent to this accounting server. This number does not include retransmissions. Retransmi
202 Access Requests: The number of RADIUS Access-Request packets sent to this server. This number does not include retransmissions. Access Retransmis
203 Server 1 Retry: Retry count if TACACS server has no response Server 1 Mode: Current TACACS server admin mode (disable, master or slave) Server 2
204 Syntax show port-security { <slot/port> | all } Default Setting None Command Mode Privileged Exec Display Message Intf Interface Number.
205 None Command Mode Privileged Exec Display Message MAC address Statically locked MAC address. This command displays the source MAC address of th
206 The value of local indicates that the user’s locally stored ID and password are used for authentication. The value of radius indicates that the u
207 <listname> - an authentication login list. Default Setting None Command Mode Global Config 5.8.2.3 username login This command assigns
208 5.8.3 Dot1x Configuration Commands 5.8.3.1 dot1x initialize This command begins the initialization sequence on the specified port. This command i
209 5.8.3.3 dot1x login This command assigns the specified authentication login list to the specified user for 802.1x port security. The <user&g
21 8.2.1.4 Defining Forwarding Database...437 8.2.1.5 Vie
210 Global Config 5.8.3.5 dot1x user This command adds the specified user to the list of users with access to the specified port or all ports. The
211 dot1x port-control all {auto | force-authorized | force-unauthorized} no dot1x port-control all all - All interfaces. no - This command sets the
212 5.8.3.7 dot1x max-req This command sets the maximum number of times the authenticator state machine on this port will transmit an EAPOL EAP Reque
213 5.8.3.9 dot1x re-reauthenticate This command begins the re-authentication sequence on the specified port. This command is only valid if the cont
214 server-timeout: Sets the value, in seconds, of the timer used by the authenticator state machine on this port to timeout the authentication serv
215 no - This command is used to set the RADIUS accounting function to the default value - that is, the RADIUS accounting function is disabled. Defa
216 Default Setting None Command Mode Global Config 5.8.4.3 radius-sever key This command is used to configure the shared secret between the RADIU
217 no radius-server retransmit <retries> - the maximum number of times (Range: 1 - 15). no - This command sets the maximum number of times a
218 Syntax radius-server msgauth <ipaddr> <ipaddr> - is a IP address. Default Setting None Command Mode Global Config 5.8.4.7 radiu
219 5.8.5 TACACS Configuration Commands 5.8.5.1 tacacs This command is used to enable /disable the TACACS function. Syntax tacacs no tacacs no - T
22 8.2.5 QOS Menu ...
220 5.8.5.3 tacacs server-ip This command is used to configure the TACACS server IP address. Syntax tacacs server-ip <1-3> <ipaddr> no
221 Command Mode Global Config 5.8.5.5 tacacs key This command is used to configure the TACACS server shared secret key. Syntax tacacs key <1-
222 Default Setting 5 Command Mode Global Config 5.8.5.7 tacacs timeout This command is used to configure the TACACS request timeout of an instanc
223 port-security no port-security Default Setting None Command Mode Global Config, Interface Config 5.8.6.2 port-security max-dynamic This comma
224 Syntax port-security max-static [<0-20>] no port-security max-static no - This command resets the maximum number of statically locked
225 5.8.6.5 port-security mac-address move This command converts dynamically locked MAC addresses to statically locked addresses. Syntax port-s
226 show cdp Default Setting None Command Mode Privileged Exec Display Message CDP Admin Mode: CDP enable or disable CDP Holdtime (sec): The length
227 5.9.1.3 show cdp traffic This command displays the CDP traffic counters information. Syntax show cdp traffic Default Setting None Command Mode
228 5.9.2.2 cdp run This command is used to enable CDP on a specified interface. Syntax cdp run no cdp run no - This command is used to disabl
229 5.9.2.3 cdp timer This command is used to configure an interval time (seconds) of the sending CDP packet. Syntax cdp timer <5-254> no cdp
23 1 Introduction 1.1 Switch Description The Fortinet FortiSwitch-100 Ethernet Switch is a modular Gigabit Ethernet backbone switch designed for adap
230 5.10 SNTP (Simple Network Time Protocol) Commands 5.10.1 Show Commands 5.10.1.1 show sntp This command displays the current time and configuratio
231 Command Mode Privileged Exec Display Message Client Supported Modes Supported SNTP Modes (Broadcast, Unicast, or Multicast). SNTP Version The hig
232 5.10.2 Configuration Commands 5.10.2.1 sntp broadcast client poll-interval This command will set the poll interval for SNTP broadcast clients in
233 Default Setting None Command Mode Global Config 5.10.2.3 sntp client port This command will set the SNTP client port id and polling interval
234 no sntp unicast client poll-interval <6-10> - Polling interval. It's 2^(value) seconds where value is 6 to 10. no - This command will
235 Syntax sntp unicast client poll-retry <poll-retry> no sntp unicast client poll-retry < poll-retry> - Polling retry in seconds. The
236 Command Mode Global Config 5.10.2.8 sntp clock timezone This command sets the time zone for the switch’s internal clock. Syntax sntp clock
237 Syntax clear arp Default Setting None Command Mode Privileged Exec 5.11.1.2 clear traplog This command clears the trap log. Syntax clear tr
238 Command Mode Privileged Exec 5.11.1.4 clear logging buffered This command is used to clear the message log maintained by the switch. The messag
239 5.11.1.6 clear pass This command resets all user passwords to the factory defaults without powering off the switch. You are prompted to confirm t
24 • TraceRoute support • Traffic Segmentation • TFTP upgrade • SysLog support • Simple Network Time Protocol • Web GUI Traffic Monitoring • SSH S
240 Syntax clear dns counter Default Setting None Command Mode Privileged Exec 5.11.1.9 clear dns cache This command clears all entries from
241 Default Setting None Command Mode Privileged Exec 5.11.1.11 clear vlan This command resets VLAN configuration parameters to the factory defaul
242 5.11.1.13 clear igmp snooping This command clears the tables managed by the IGMP Snooping function and will attempt to delete these entries from
243 clear ip filter Default Setting None Command Mode Privileged Exec 5.11.1.16 clear dot1x statistics This command resets the 802.1x statistics f
244 None Command Mode Privileged Exec 5.11.1.18 clear tacacs This command is used to clear TACACS configuration. Syntax clear tacacs Default Set
245 copy startup-config <sourcefilename> <url> copy {errorlog | log | traplog} <url> copy script <sourcefilename> <url>
246 sslpem-root - Secure Root PEM file. sslpem-server - Secure Server PEM file. sslpem-dhweak - Secure DH Weak PEM file. sslpem-dhstrong - Secure DH
247 no clibanner <url> - xmodem or tftp://ipaddr/path/file. no - Delete CLI banner. Default Setting None Command Mode Privileged Exec 5.11.3
248 <filename> - name of the configuration or image file. boot-rom - bootrom. config - configuration file. opcode - run time operation code.
249 5.11.6 boot-system This command is used to specify the file or image used to start up the system. Syntax boot-system {boot-rom | config | opcod
25 1.3 Front-Panel Components The front panel of the switch consists of 48 1-Giga interfaces, 4 LED indicators, an RS-232 communication port, and t
250 Privileged Exec Ping on changing parameter value Syntax ping <host> count <0-20000000> [size <32-512>] ping <host> siz
251 <1-255> - The maximum time to live used in outgoing probe packets. Default Setting None Command Mode Privileged Exec 5.11.9 logging cli
252 <2000-2099> - Year (4-digit). (Range: 2000 - 2099). Default Setting None Command Mode Privileged Exec 5.11.11 reload This command resets
253 5.11.13 disconnect This command is used to close a telnet session. Syntax disconnect {<0-10> | all} <0-11> - telnet session ID
254 5.11.15 quit This command is used to exit a CLI session. Syntax quit Default Setting None Command Mode Privileged Exec 5.12 Differentiated
255 Note that the type of class - all, any, or acl - has a bearing on the validity of match criteria specified when defining the class. A class type
256 Syntax Diffserv Command Mode Global Config 5.12.1.2 no diffserv This command sets the DiffServ operational mode to inactive. While disabled,
257 5.12.2.1 class-map This command defines a new DiffServ class of type match-all, match-any or match-access-group. Syntax class-map [ match-all
258 <class-map-name> is the name of an existing DiffServ class. Note: The class name 'default' is reserved and is not allowed here.
259 Command Mode Class-Map Config 5.12.2.5 match class-map This command adds to the specified class definition the set of match conditions defin
26 1.6 Management Options The system may be managed out-of-band through the console port on the front panel or in-band using Telnet, a Web Browser, o
260 no match class-map <refclassname> <refclassname> is the name of an existing DiffServ class whose match conditions are being referenc
261 echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, www. Each of these translates into its equivalent port number, which is used as both the star
262 5.12.2.10 match ip precedence This command adds to the specified class definition a match condition based on the value of the IP Precedence fiel
263 Note: In essence, this the “free form” version of the IP DSCP/Precedence/TOS match specification in that the user has complete control of specif
264 <ipaddr> specifies an IP address. <ipmask> specifies an IP address bit mask; note that although it resembles a standard subne
265 5.12.3 Policy Commands The 'policy' command set is used in DiffServ to define: Traffic Conditioning Specify traffic conditioning ac
266 5.12.3.2 drop This command specifies that all packets for the associated traffic stream are to be dropped at ingress. Syntax drop Comma
267 5.12.3.4 conform-color This command is used to enable color-aware traffic policing and define the conform-color class maps used. Used in conjunc
268 Policy-Class-Map Config Policy Type In 5.12.3.6 class This command creates an instance of a class definition within the specified policy fo
269 mark ip-dscp <value> <value> is specified as either an integer from 0 to 63, or symbolically through one of the following keywords
27 • RFC 1850 (OSPF-MIB) • RFC 1850 (OSPF-TRAP-MIB) • RFC 2787 (VRRP-MIB) • RFC 3289 - DIFFSERV-DSCP-TC • RFC 3289 - DIFFSERV-MIB • QOS-DIFFSERV-EX
270 from 0-7. <set-dscp-transmit> is required and is specified as either an integer from 0 to 63, or symbolically through one of the following
271 policy-map rename <policyname> <newpolicyname> <policyname> - Old Policy name. <newpolicyname> - New policy name.
272 Note: This command effectively enables DiffServ on an interface (in a particular direction). There is no separate interface administrative &apos
273 • Classes • Policies • Services This information can be displayed in either summary or detailed formats. The status information is only shown w
274 Precedence, IP TOS, Protocol Keyword, Reference Class, Source IP Address, Source Layer 4 Port, Source MAC Address, and VLAN. Values This field
275 Class Rule Table Size Current/Max The current or maximum number of entries (rows) in the Class Rule Table. Policy Table Size Current/Max The curr
276 Mark IP Precedence Denotes the mark/re-mark value used as the IP Precedence for traffic matching this class. This is not displayed if either mark
277 Syntax show diffserv service <slot/port> in <slot/port> specifies a valid slot number and port number for the system. The direc
278 DiffServ Admin Mode The current setting of the DiffServ administrative mode. An attached policy is only active on an interface while DiffServ is
279 The following information is repeated for each class instance within this policy: Class Name The name of this class instance. In Offered Octet
28 2 Installation and Quick Startup 2.1 Package Contents Before you begin installing the switch, confirm that your package contains the following ite
280 Privileged EXEC Display Message The following information is repeated for each interface and direction (only those interfaces configured with
281 5.13 ACL Command 5.13.1 Show Commands 5.13.1.1 show mac access-lists This command displays a MAC access list and all of the rules that are defin
282 5.13.1.2 show mac access-lists This command displays a summary of all defined MAC access lists in the system. Syntax show mac access-list
283 Default Setting None Command Mode Privileged EXEC Display Message Current number of ACLs The number of user-configured rules defined for this
284 ACL Type This displays ACL type is IP or MAC. ACL ID This displays the ACL ID. Sequence Number This indicates the order of this access list rel
285 Syntax mac access-list extended rename <name> <newname> <name> - Old name which uniquely identifies the MAC access list.
286 Default Setting None Command Mode Mac Access-list Config 5.13.2.4 mac access-group in This command attaches a specific MAC Access Control L
287 5.13.2.5 access-list This command creates an Access Control List (ACL) that is identified by the parameter. Syntax access-list {( <1-99>
288 no access-list {<1-99> | <100-199>} Note: The ACL number is an integer from 1 to 199. The range 1 to 99 is for the normal ACL List a
289 support independent per-port class of service mappings. If specified, the 802.1p mapping table of the interface is displayed. If omitted, the mos
29 2.2.2 Installing the Switch in a Rack You can install the switch in most standard 19-inch (48.3-cm) racks. Refer to the illustrations below. 1. Us
290 Command Mode Privileged EXEC, User EXEC Display Message The following information is repeated for each user priority. IP Precedence The IP Pre
291 5.14.1.4 show queue cos-queue This command displays the class-of-service queue configuration for the specified interface. The slot/port paramete
292 5.14.2 Configuration Commands 5.14.2.1 queue cos-map This command maps an 802.1p priority to an internal traffic class on a "per-port"
293 5.14.2.2 queue ip-precedence-mapping This command maps an IP precedence value to an internal traffic class on a "per-port" basis.
294 None Command Mode Global Config. 5.14.2.3 queue trust This command sets the class of service trust mode of an interface. The mode can be
295 no - This command sets the class of service trust mode to untrusted for all interfaces. Default Setting None Command Mode Global Config.
296 Syntax queue cos-queue min-bandwidth all <bw-0> <bw-1> … <bw-6> no queue cos-queue min-bandwidth all <bw-0> <bw-1
297 Command Mode Interface Config. This command activates the strict priority scheduler mode for each specified queue on a device. Syntax qu
298 <bw> - Valid range is (0 to 100) in increments 5. no - This command restores the default shaping rate value. Default Setting None Co
299 6 Routing Commands VLAN Routing You can configure the FortiSwitch-100 software with some ports supporting VLANs and some supporting routing. You
3 Table of Contents 1 INTRODUCTION...
30 2.3 Quick Starting the Switch 1. Read the device Installation Guide for the connectivity procedure. In-band connectivity allows access to the For
300 Figure 1. VLAN Routing Example Network Diagram Step 1: Create Two VLANs The following code sequence shows an example of creating two VLANs , and
301 Step 2: Set Up VLAN Routing for the VLANs and the Switch. The following code sequence shows how to enable routing for the VLANs: config vlan data
302 6.1 Address Resolution Protocol (ARP) Commands 6.1.1 Show Commands 6.1.1.1 show ip arp This command displays the Address Resolution Protocol (
303 show ip arp brief Default Setting None Command Mode Privileged Exec Display Message Age Time: Is the time it takes for an ARP entry to age out.
304 6.1.2 Configuration Commands 6.1.2.1 arp This command creates an ARP entry. The value for <ipaddress> is the IP address of a device on a s
305 6.1.2.3 arp cachesize This command configures the maximum number of entries in the ARP cache. Syntax arp cachesize <256-1920> no arp ca
306 <ipaddr> - The IP address to be removed from the ARP table. Default Setting None Command Mode Privileged Exec 6.1.2.6 arp resptime Thi
307 6.1.2.8 arp timeout This command configures the ARP entry ageout time. Syntax arp timeout <15-21600> no arp timeout <15-21600>
308 show ip brief Default Setting None Command Mode Privileged Exec, User Exec Display Message Default Time to Live: The computed TTL (Time to Liv
309 Link Speed Data Rate: Is an integer representing the physical link data rate of the specified interface. This is measured in Megabits per second
31 show Interface status { <slot/port> | all } Displays the Ports slot/port Type - Indicates if the port is a special type of port Admin Mode -
310 Command Mode Privileged Exec Display Message Total Number of Routes: The total number of routes. for each next hop Network Address: Is an I
311 Syntax show ip route entry <networkaddress> <networkaddress> - Is a valid network address identifying the network on the spec
312 Static: This field displays the static route preference value. OSPF Intra: This field displays the OSPF intra route preference value. OSPF Inte
313 6.2.2.2 ip routing This command enables the IP Router Admin Mode for the master switch. Syntax ip routing no ip routing no - Disable t
314 Syntax ip route <networkaddr> <subnetmask> [ <nexthopip> [<1-255 >] ] no ip route <networkaddr> <subnetmask>
315 the default precedence does not update the precedence of existing static routes, even if they were assigned the original default precedence. The
316 no ip directed-broadcast no - Drop network directed broadcast packets. Default Setting Enabled Command Mode Interface Config 6.2.2.9 ip
317 The default value is ethernet. Command Mode Interface Config Restrictions Routed frames are always Ethernet encapsulated when a frame is rout
318 External LSA Checksum A number which represents the sum of the LS checksums of external link-state advertisements contained in the link-state dat
319 Syntax show ip ospf database Default Setting None Command Mode Privileged Exec, User Exec Display Messages Router ID Is a 32 bit dotted d
32 confirmed password match a message will be displayed. The user password should not be more than eight characters in length. copy running-config s
320 Router Priority A number representing the OSPF Priority for the specified interface. This is a configured value. Retransmit Interval A number rep
321 6.3.1.6 show ip ospf interface stats This command displays the statistics for a specific interface. Syntax show ip ospf interface stats &l
322 <ipaddr> - IP address of the neighbor. <slot/port> - Interface number. Default Setting None Command Mode Privileged Exec
323 Syntax show ip ospf neighbor brief {<slot/port> | all} Default Setting None Command Mode Privileged Exec, User Exec Display Messages
324 Command Mode Privileged Exec, User Exec Display Messages Area ID The area id of the requested OSPF area. IP Address An IP Address which repre
325 Syntax show ip ospf virtual-link <areaid> <neighbor> <areaid> - Area ID. <neighbor> - Neighbor's router ID.
326 Neighbor Is the neighbor interface of the OSPF virtual interface. Hello Interval Is the configured hello interval for the OSPF virtual interface.
327 None Command Mode Router OSPF Config 6.3.2.3 ip ospf This command enables OSPF on a router interface. Syntax ip ospf no ip ospf <
328 Router OSPF Config 6.3.2.5 area default-cost This command configures the monetary default cost for the stub area. Syntax area <areaid
329 6.3.2.7 area nssa default-info-originate This command configures the metric value and type for the default route advertised into the NSSA. Sy
33 show ip interface Displays the Network Configurations IP Address - IP Address of the interface Default IP is 0.0.0.0 Subnet Mask - IP Subnet Mask
330 6.3.2.9 area nssa no-summary This command configures the NSSA so that summary LSAs are not advertised into the NSSA Syntax area <areaid>
331 6.3.2.11 area nssa translator-stab-intv This command configures the translator stability interval of the NSSA. The <stabilityinterval>
332 Router OSPF Config 6.3.2.13 area stub This command creates a stub area for the specified area ID. A stub area is characterized by the fact
333 Disabled Command Mode Router OSPF Config 6.3.2.15 area virtual-link authentication This command configures the authentication type and key
334 Syntax area <areaid> virtual-link <neighborid> dead-interval <1-65535> no area <areaid> virtual-link <neighborid>
335 6.3.2.18 area virtual-link retransmit-interval This command configures the retransmit interval for the OSPF virtual interface on the interface
336 The default value of hello interval is 1 second. Command Mode Router OSPF Config 6.3.2.20 default-information originate This command is u
337 <1-16777215> - The range of default metric is 1 to 16777215. <no> - This command configures the default advertisement of default ro
338 Syntax distribute-list <1-199> out {rip | static | connected} no distribute-list <1-199> out {rip | static | connected} <1
339 6.3.2.25 external-lsdb-limit This command configures the external LSDB limit for OSPF. If the value is -1, then there is no limit. When the
34 2.4.6 Quick Start up Downloading from Out-of-Band PC to Switch (Only XMODEM) Table 2-6 Quick Start up Downloading from Out-of-Band PC to Switch C
340 Default Setting None Command Mode Interface Config 6.3.2.27 ip ospf authentication This command sets the OSPF Authentication Type and K
341 Syntax ip ospf cost <1-65535> no ip ospf cost < 1-65535 > - The range of the cost is 1 to 65535. <no> - This command confi
342 6.3.2.30 ip ospf hello -interval This command sets the OSPF hello interval for the specified interface. Syntax ip ospf hello-interval &l
343 Interface Config 6.3.2.32 ip ospf retransmit-interval This command sets the OSPF retransmit Interval for the specified interface. The retrans
344 < 1-3600 > - The range of transmit delay is 1 to 3600. <no> - This command sets the default OSPF Transit Delay for the specified in
345 6.3.2.35 router-id This command sets a 4-digit dotted-decimal number uniquely identifying the router ospf id. Syntax router-id <ipaddress
346 6.3.2.37 maximum-paths This command sets the number of paths that OSPF can report for a given destination where <maxpaths> is platform d
347 Maximum Hop Count: Is the maximum allowable relay agent hops. Minimum Wait Time (Seconds) Is the minimum wait time. Admin Mode Represents w
348 6.4.4 bootpdhcprelay maxhopcount This command configures the maximum allowable relay agent hops for BootP/DHCP Relay on the system. Syntax
349 6.4.6 bootpdhcprelay serverip This command configures the server IP Address for BootP/DHCP Relay on the system. Syntax bootpdhcprelay ser
35 copy running-config startup-config [filename] Enter yes when the prompt pops up that asks if you want to save the configurations made to the sw
350 <text> - A text string which length is 1 to 15. <hex> - A hex string which format is XX:XX:XX:XX:XX:XX (X is 0-9, A-F). Defaul
351 show dns Default Setting None Command Mode Privileged Exec Display Message Domain Lookup Status: Enable or disable the IP Domain Naming Syste
352 6.5.2 Configuration Commands 6.5.2.1 ip hosts This command creates a static entry in the DNS table that maps a host name to an IP address. S
353 Command Mode Privileged Exec 6.5.2.3 ip domain-name This command defines the default domain name to be appended to incomplete host names (i.e
354 Default Setting None Command Mode Privileged Exec 6.5.2.5 ip name-server This command specifies the address of one or more domain name server
355 <no> - This command disables the IP Domain Naming System (DNS)-based host name-to-address translation. Default Setting None Command Mode
356 Default Setting None Command Mode Privileged Exec 6.5.2.9 clear dns cache This command clears all entries in the DNS cache table. Syntax c
357 6.6 Routing Information Protocol (RIP) Commands 6.6.1 Show Commands 6.6.1.1 show ip rip This command displays information relevant to the RIP r
358 6.6.1.2 show ip rip interface This command displays information related to a particular RIP interface. Syntax show ip rip interface <slot/po
359 Syntax show ip rip interface brief Default Setting None Command Mode Privileged Exec Display Message Interfacet: Valid slot and port number sep
36 ---------- -------------------------------- -------------- ------- ----------- Total: 5 files. Note whether there is one file with the file ty
360 6.6.2.2 ip rip This command enables RIP on a router interface. Syntax Ip rip no ip rip no - This command disables RIP on a router interfac
361 6.6.2.4 default-information originate This command is used to set the advertisement of default routes. Syntax default-information originate no
362 6.6.2.6 distance rip This command sets the route preference value of RIP in the router. Lower route preference values are preferred when determin
363 6.6.2.8 split-horizon This command sets the RIP split horizon mode. None mode will not use RIP split horizon mode. Simple mode will be that a rou
364 0 Command Mode Router RIP Config 6.6.2.10 redistribute This command configures RIP protocol to redistribute routes from the specified source pr
365 The value for authentication key [key] must be 16 bytes or less. The [key] is composed of standard displayable, non-control keystrokes from a St
366 Default Setting Both Command Mode Interface Config 6.6.2.13 ip rip send version This command configures the interface to allow RIP control pa
367 show ip irdp {slot/port | all} <slot/port> - Show router discovery information for the specified interface. <all> - Show router
368 6.7.3 ip irdp broadcast This command configures the address to be used to advertise the router for the interface. Syntax ip irdp broadcas
369 6.7.5 ip irdp maxadvertinterval This commands configures the maximum time, in seconds, allowed between sending router advertisements from the
37 Note: When configuring a static IP address, you must also configure a default gateway. Use the following commands, substituting the appropriate
370 6.7.7 ip irdp preference This command configures the preferability of the address as a default router address, relative to other router address
371 Logical Interface Indicates the logical slot/port associated with the VLAN routing interface. IP Address Displays the IP Address associated with
372 None Command Mode Privileged Exec, User Exec Display Message Admin Mode Displays the administrative mode for VRRP functionality on the switch.
373 <vrid> - Virtual router ID. Default Setting None Command Mode Privileged Exec, User Exec Display Message VRID Represents the router ID
374 Authentication Failure Represents the total number of VRRP packets received that don't pass the authentication check. IP TTL errors Represen
375 ip vrrp <1-255> no ip vrrp <1-255> <1-255> - The range of virtual router ID is 1 to 255. <no> - This command removes
376 Syntax ip vrrp <1-255> mode no ip vrrp <1-255> mode <1-255> - The range of virtual router ID is 1 to 255. <no> - Disab
377 Syntax ip vrrp <1-255> preempt no ip vrrp <1-255> preempt <1-255> - The range of virtual router ID is 1 to 255. <n
378 Syntax ip vrrp <1-255> timers advertise <1-255> ip vrrp <1-255> timers advertise <1-255> - The range of virtua
379
38 ---------- -------------------------------- -------------- ------- ----------- 2007/05/14 b4b-b-0.2.0514.biz Boot-Rom image
380 7 IP Multicast Commands 7.1 Distance Vector Multicast Routing Protocol (DVMRP) Commands This section provides a detailed explanation of the DVM
381 7.1.1.2 show ip dvmrp interface This command displays the interface information for DVMRP on the specified interface. Syntax show ip dvmrp int
382 Nbr IP Addr This field indicates the IP Address of the DVMRP neighbor for which this entry contains information. State This field displays the st
383 Default Setting None Command Mode Privileged Exec User EXEC Display Message Group IP This field identifies the multicast Address that is pruned.
384 7.1.2 Configuration Commands 7.1.2.1 ip dvmrp This command sets administrative mode of DVMRP in the router to active. IGMP must be enabled before
385 7.2 Internet Group Management Protocol (IGMP) Commands This section provides a detailed explanation of the IGMP commands. The commands are divide
386 show ip igmp groups <slot/ports> [detail] <slot/port> - Valid slot and port number separated by a forward slash. [detail] - Display
387 Privileged Exec User EXEC Display Message Slot/Port Valid slot and port number separated by a forward slash. IGMP Admin Mode This field displays
388 IInterface Valid slot and port number separated by a forward slash. Interface IP This displays the IP address of the interface participating in t
389 Wrong Version Queries This field indicates the number of queries received whose IGMP version does not match the IGMP version of the interface. Nu
39 • If there is no response from the TFTP server, verify the IP settings by typing show ip interface to ensure that the IP address and default gate
390 Default Setting 3 Command Mode Interface Config 7.2.2.3 ip igmp last-member-query-count This command sets the number of Group-Specific Qu
391 no - This command resets the Maximum Response Time being inserted into Group-Specific Queries sent in response to Leave Group messages on the int
392 no - This command resets the maximum response time interval for the specified interface, which is the maximum query response time advertised in I
393 no - This command resets the number of Queries sent out on startup, separated by the Startup Query Interval on the interface to the default value
394 Syntax show ip mcast Default Setting None Command Mode Privileged Exec Display Message Admin Mode: This field displays the administrative statu
395 Interface: Valid slot and port number separated by a forward slash. Group IP: The group IP address. Mask: The group IP mask. 7.3.1.3 show ip m
396 None Command Mode Privileged Exec Display Message If the “detail” parameter is specified, the following fields are displayed: Source IP: This fie
397 RPF Neighbor: This field displays the IP address of the RPF neighbor. Flags: This field displays the flags associated with this entry. If the su
398 This command displays all the static routes configured in the static mcast table if is specified or displays the static route associated with
399 Command Mode Privileged Exec Display Message Router Interface: The IP address of this neighbor. Neighbor: The neighbor associated with the router
4 3.2 How to log in ...
40 Figure 3-1: Console Setting Environment 2.6 Set Up your Switch Using Telnet Access Once you have set an IP address for your switch, you can us
400 show mtrace Default Setting None Command Mode Privileged Exec Display Message Hops Away From Destination: The ordering of intermediate routers b
401 Disbale Command Mode Global Config 7.3.2.2 ip multicast staticroute This command creates a static route which is used to perform RPF checking i
402 The source parameter is used to clear the routes in the mroute table entries containing the specified <sourceipaddr> or <sourceipaddr&g
403 no - This command deletes an administrative scope multicast boundary specified by <groupipaddr> and <mask> for which this multicast a
404 Syntax mrinfo [<ipaddr>] <ipaddr> - the IP address of the multicast capable router. Default Setting None Command Mode Privileged
405 7.3.2.8 mtrace This command is used to find the multicast path from a source to a receiver (unicast router ID of the host running mtrace). A trac
406 no disable ip multicast mdebug mtrace no - This command is used to enable the processing capability of mtrace query on this router. If the mode
407 7.4.1.2 show ip pimdm interface This command displays the interface information for PIM-DM on the specified interface. Syntax show ip pimdm in
408 Privileged Exec Display Message Interface: Valid slot and port number separated by a forward slash. IP Address: This field indicates the IP Addre
409 Syntax ip pimdm no ip pimdm no - This command disables the administrative mode of PIM-DM in the router. IGMP must be enabled before PIM-DM can
41 3 Web-Based Management Interface 3.1 Overview The Fortinet FortiSwitch-100 Managed Switch provides a built-in browser interface that lets yo
410 Syntax ip pimdm query-interval <10 - 3600> no ip pimdm query-interval <10 - 3600> - This is time interval in seconds. no - This com
411 Data Threshold Rate (Kbps): This field shows the data threshold rate for the PIM-SM router. This is a configured value. Register Threshold Rate (
412 < slot/port > - Interface number. Default Setting None Command Mode Privileged Exec Display Message Slot/Port: Valid slot and port number
413 Subnet Mask: This field indicates the Subnet Mask of this PIM-SM interface. Designated Router: This indicates the IP Address of the Designated Ro
414 < group-mask > - the multicast group address mask. candidate - this command display PIM-SM candidate-RP table information. all - this comma
415 Group Mask: This field displays the group mask for the group address. 7.5.1.8 show ip pimsm staticrp This command displays the static RP inform
416 Disbaled Command Mode Global Config 7.5.2.2 ip pimsm message-interval This command is used to configure the global join/prune interval for PIM-
417 no - This command is used to reset the Threshold rate for the RP router to switch to the shortest path to the default value. Default Setting 50
418 ip pimsm staticrp <rp-address> <group-address> <group-mask> no ip pimsm staticrp <rp-address> <group-address> <g
419 7.5.2.7 ip pimsm query-interval This command configures the transmission frequency of hello messages in seconds between PIM enabled neighbors. Th
42 4. Type the default user name of admin and default of no password, or whatever password you have set up. Once you have entered your access point
420 7.5.2.9 ip pimsm cbsrhashmasklength This command is used to configure the CBSR hash mask length to be advertised in bootstrap messages for a par
421 <-1 - 255> - The preference value for the local interface. no - This command is used to reset the Candidate Rendezvous Point (CRP) for a pa
423 8 Web-Based Management Interface 8.1 Overview Your Layer 3 Network Switch provides a built-in browser software interface that lets you configure
424 8.2 Main Menu 8.2.1 System Menu 8.2.1.1 View ARP Cache The Address Resolution Protocol (ARP) dynamically maps physical (MAC) addresses to Intern
425 8.2.1.2 Viewing Inventory Information Use this panel to display the switch's Vital Product Data, stored in non-volatile memory at the facto
426 Additional Packages - A list of the optional software packages installed on the switch, if any. Command Buttons Refresh - Updates the informati
427 System Description - The product name of this switch. System Object ID - The base object ID for the switch's enterprise MIB. System IP A
429 Configuring Network Connectivity Page The network interface is the logical interface used for in-band connectivity with the switch via any of the
43 • Routing • Security • QoS • IP Multicast Figure 4-4: Main Menus Secondary Menus The Secondary Menus under the Main Menu contain
430 Configuring Telnet Session Page Configurable Data Telnet Session Timeout (minutes) - Specify how many minutes of inactivity should occur on a
431 Configuring Outbound Telnet Client Configuration Page Configurable Data Admin Mode - Specifies if the Outbound Telnet service is Enabled or
432 Baud Rate (bps) - Select the default baud rate for the serial port connection from the pull-down menu. You may choose from 1200, 2400, 4800, 9600
433 User Name Selector - You can use this screen to reconfigure an existing account, or to create a new one. Use this pulldown menu to select one of
434 Defining Authentication List Configuration Page You use this screen to configure login lists. A login list specifies the authentication method
435 select a method that does not time out as the second method, the third method will not be tried. Note that this parameter will not appear when yo
436 Viewing Authentication List Summary Page Non-Configurable Data Authentication List - Identifies the authentication login list summarized in this
437 the user's access to the switch from all CLI, web, and telnet sessions will be blocked until the authentication is complete. Refer to the di
438 Viewing Forwarding Database Page Use this panel to display information about entries in the forwarding database. These entries are used by the
439 8.2.1.5 Viewing Logs Viewing Buffered Log Configuration Page This log stores messages in memory based upon the settings for message component
44 • Spanning Tree — see “Spanning Tree Commands” • Class of Service — see “L2 Priority Commands” • Port Security — see “Port Security Configuratio
440 Viewing Buffered Log Page This help message applies to the format of all logged messages which are displayed for the buffered log, persistent log
441 Configuring Command Logger Page Configurable Data Admin Mode - Enable/Disable the operation of the CLI Command logging by selecting the correspon
442 Viewing Event Log Page Use this panel to display the event log, which is used to hold error messages for catastrophic events. After the event
443 IP Address - This is the ip address of the host configured for syslog. Status -This specifies wether the host has been configured to be activel
444 Messages Relayed - The count of syslog messages relayed. Messages Ignored - The count of syslog messages ignored. Command Buttons Submit - Up
445 Link Trap - This object determines whether or not to send a trap when link status changes. The factory default is enabled. Maximum Frame Size -
446 Viewing Switch Interface Configuration Page This screen displays the status for all ports in the box. Selection Criteria MST ID - Select the
447 Disable - spanning tree is disabled for this port. Forwarding State - The port's current state Spanning Tree state. This state controls wh
448
449 Configuring Multiple Port Mirroring Function Page Configurable Data Session ID - A session ID or "All Sessions" option may be selected.
45 Figure 4-5: System-wide menus You can also access the main navigation menu by right clicking on the image of the switch and browsing to the men
450 These are well-known communities, you can use this menu to change the defaults or to add other communities. Only the communities that you define
451 Configuring SNMP Trap Receiver Configuration Page This menu will display an entry for every active Trap Receiver. Configurable Data SNMP Com
452 Viewing SNMP supported MIBs Page This is a list of all the MIBs supported by the switch. Non-configurable Data Name - The RFC number if appl
453 8.2.1.8 Viewing Statistics Viewing the whole Switch Detailed Statistics Page Non-Configurable Data ifIndex - This object indicates the ifInd
454 Multicast Packets Received - The total number of packets received that were directed to a multicast address. Note that this number does not inclu
455 Command Buttons Clear Counters - Clear all the counters, resetting all switch summary and detailed statistics to default values. The discarded pa
456 Transmit Packet Errors - The number of outbound packets that could not be transmitted because of errors. Address Entries Currently in Use - The
457 Packets RX and TX 128-255 Octets - The total number of packets (including bad packets) received or transmitted that were between 128 and 255 octe
458 Packets Received 1024-1518 Octets - The total number of packets (including bad packets) received that were between 1024 and 1518 octets in length
459 Packets Transmitted 65-127 Octets - The total number of packets (including bad packets) received that were between 65 and 127 octets in length in
46 4 Command Line Interface Structure and Mode-based CLI The Command Line Interface (CLI) syntax, conventions, and terminology are described in this
460 Tx Oversized - The total nummber of frames that exceeded the max permitted frame size. This counter has a max increment rate of 815 counts per se
461 Refresh - Refresh the data on the screen with the present state of the data in the switch.
463 Viewing Each Port Summary Statistics Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured.
464 8.2.1.9 Managing System Utilities Saving All Configuration Changed Page Command Buttons Save - Click this button to have configuration changes yo
465 Resetting the Passwords to Default Values Page Command Buttons Reset - Select this button to have all passwords reset to their factory default
466 Start File Transfer - To initiate the download you need to check this box and then select the submit button. Non-Configurable Data The last row
467 Defining Configuration and Runtime Startup File Page Specify the file used to start up the system. Configurable Data Configuration File - Co
468 Copying Running Configuration to Flash Page Use this menu to copy a start-up configuration file from the running configuration file on switch.
469 Submit - This will initiate the ping. Managing CDP Function Defining CDP Configuration Page Use this menu to configure the parameters for
47 The {} curly braces indicate that a parameter must be chosen from the list of choices. Values ipaddr This parameter is a valid IP address, made
471 Viewing Neighbors Information Page Non-Configurable Data Use this menu to display CDP neighbors device information in the LAN. Command Buttons
472 8.2.1.10 Defining Trap Manager Configuring Trap Flags Page Use this menu to specify which traps you want to enable. When the condition identif
473 Viewing Trap Log Page This screen lists the entries in the trap log. The information can be retrieved as a file by using System Utilities, Upl
474 8.2.1.11 Configuring SNTP Configuring SNTP Global Configuration Page Configurable Data Client Mode - Specifies the mode of operation of SNTP
475 Unicast Poll Retry - Specifies the number of times to retry a request to an SNTP server after the first time-out before attempting to use the nex
476 • Server Kiss Of DeathThe SNTP server indicated that no further queries were to be sent to this server. This is indicated by a stratum field equ
477 Address - Specifies the address of the SNTP server. This is a text string of up to 64 characters containing the encoded unicast IP address or hos
478 Address - Specifies all the existing Server Addresses. If no Server configuration exists, a message saying "No SNTP server exists" flas
479 Hour - Hour in 24-hour format. (Range: 0 - 23). Minute - Minute. (Range: 0 - 59). Second - Second. (Range: 0 - 59). Command Buttons Submi
48 Empty strings (““) are not valid user defined strings. Command completion finishes spelling the command when enough letters of a command are type
480 Submit - Send the updated screen to the switch. Changes take effect on the switch but these changes will not be retained across a power cycle unl
481 z Specific Text String z Specific Hexadecimal Value Text String - A text string. Hex Value - The hexadecimal value. Command Buttons Sub
482 z Autodetect - Specifies that port may be dynamically registered in this VLAN via GVRP. The port will not participate in this VLAN unless it rec
483 VLAN Name - The name of the VLAN. VLAN ID 1 is always named `Default`. VLAN Type - The VLAN type: Default ( VLAN ID = 1) -- always present
484 Viewing VLAN Port Summary Page Non-Configurable Data Slot/Port - The interface. Port VLAN ID - The VLAN ID that this port will assign to unt
485 Resetting VLAN Configuration Page Command Buttons Reset - If you select this button and confirm your selection on the next screen, all VLAN co
486 8.2.2.2 Managing Protocol-based VLAN Protocol-based VLAN Configuration Page You can use a protocol-based VLAN to define filtering criteria f
487 Slot/Port(s) - Select the interface(s) you want to be included in the group. Note that a given interface can only belong to one group for a given
488 VLAN - The VLAN ID associated with the group. Slot/Port(s) - The interfaces associated with the group. Command Buttons Refresh - Update the s
489 1.5*LeaveAllTime. Permissible values are 200 to 6000 centiseconds (2 to 60 seconds). The factory default is 1000 centiseconds (10 seconds).
49 5 Switching Commands 5.1 System Information and Statistics commands 5.1.1 show arp This command displays connectivity between the switch and oth
490 Configuring each Port GARP Configuration Page Note: It can take up to 10 seconds for GARP configuration changes to take effect. Selection Cr
491 8.2.2.4 Managing IGMP Snooping Configuring IGMP Snooping Global Configuration Page Use this menu to configure the parameters for IGMP Snooping
492 Defining IGMP Snooping Interface Configuration Page Configurable Data Slot/Port - The single select box lists all physical ,VLAN and LAG inte
493 Multicast Router Present Expiration Time - Specify the amount of time you want the switch to wait to receive a query on an interface before remov
494 Configuring IGMP Snooping VLAN Page Configurable Data VLAN ID - Specifies list of VLAN IDs for which IGMP Snooping is enabled. VLAN ID -
495 Viewing Multicast Router Statistics Page Non-Configurable Data Slot/Port - The single select box lists all physical and LAG interfaces. Select
496 Viewing Multicast Router VLAN Statistics Page Selection Criteria Slot/Port - The select box lists all Slot/Ports. Select the interface for which
497 Configuring L2 Static Multicast Group Configuration Page Non-Configurable Data MAC Address Table - This is the list of MAC address and VLAN ID
498 Selection Criteria Static - Displays static unit for L2Mcast Groups. Dynamic - Displays dynamic unit for L2Mcast Groups. All - Displays all o
499 Viewing L2 Multicast Router Port Information Page Use this panel to display information about entries in the L2Mcast Static/Dynamic router ports.
5 5.2.3.2 show vlan id...7
50 show calendar Default Setting None Command Mode Privileged Exec Display Message Current Time displays system time 5.1.3 show eventlog This com
500 8.2.2.5 Managing Port-Channel Configuring Port-Channel Configuration Page Selection Criteria Port Channel Name – You can use this screen to recon
501 Refresh - Refresh the data on the screen with the present state of the data in the switch. Viewing Port-Channel Information Page Non-Configur
502 Active Ports - A listing of the ports that are actively participating members of this Port Channel, in Slot/Port notation. There can be a maximum
503 Refresh - Refresh the data on the screen with the present state of the data in the switch. Viewing GMRP MFDB Table Page This screen will dis
504 Description - The text description of this multicast table entry. Possible values are Management Configured, Network Configured, and Network Assi
505 8.2.2.7 Managing Spanning Tree Configuring Switch Spanning Tree Configuration Page Configurable Data Spanning Tree Mode - Specifies whether spann
506 Bridge Max Age - Specifies the bridge max age for the Common and Internal Spanning tree (CST). The value lies between 6 and 40, with the value be
507 Configuring Spanning Tree MST Configuration Page Selection Criteria MST ID - Create a new MST which you wish to configure or configure already
508 Topology change - The value of the topology change parameter for the switch indicating if a topology change is in progress on any port assigned t
509 Port Path Cost - Set the Path Cost to a new value for the specified port in the common and internal spanning tree. It takes a value in the range
51 5.1.4 show running-config This command is used to display/capture the current setting of different protocol packages supported on switch. This c
510 Configuring each Port MST Configuration Page Selection Criteria MST ID - Selects one MST instance from existing MST instances. Slot/Port -
511 Port ID - The port identifier for the specified port within the selected MST instance. It is made up from the port priority and the interface num
512 Viewing Spanning Tree Statistics Page Selection Criteria Slot/Port - Selects one of the physical or LAG interfaces of the switch. Non-Configura
513 Submit - Update the switch with the values on this screen. If you want the switch to retain the new values across a power cycle, you must perform
514 Slot/Port - Selects the interface to be configured. Configurable Data Allow Port Security - Used to enable or disable the Port Security feature
515 Deleting Port Security Statically Configured MAC Address Page Selection Criteria Slot/Port - Select the physical interface for which you want to
516 Number of Dynamic MAC addresses learned - Displays the number of dynamically learned MAC addresses on a specific port. Viewing Port Security
517 IP - Specifies all the existing static ARP along with an additional option "Create". When the user selects "Create" another t
518 Remove from Table - Allows the user to remove certain entries from the ARP Table. The choices listed specify the type of ARP Entry to be deleted:
519 8.2.3.2 Managing IP Interfaces Configuring IP Use this menu to configure routing parameters for the switch as opposed to an interface. Confi
52 Privileged Exec Display Message System Description: The text used to identify this switch. System Name: The name used to identify the switch. Syst
520 Viewing IP Statistics The statistics reported on this panel are as specified in RFC 1213. Non-Configurable Data IpInReceives - The total num
521 that this counter would include datagrams counted in ipForwDatagrams if any such packets met this (discretionary) discard criterion. IpNoRoutes
522 IcmpInTimestampReps - The number of ICMP Timestamp Reply messages received. IcmpInAddrMasks - The number of ICMP Address Mask Request messages
524 Configuring IP Interfaces Selection Criteria Slot/Port - Select the interface for which data is to be displayed or configured. Configurable D
525 8.2.3.3 Managing OSPF Configuring OSPF Configurable Data Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the r
526 non-default AS-external-LSAs. If you enter 0, the router will not leave Overflow State until restarted. The range is 0 to 2147483647 seconds. D
527 Configuring Area Selection Criteria Area ID - Select the area to be configured. Configurable Data Import Summary LSAs - Select enable or d
528 Translator Stability Interval - Enter the translator stability interval of the NSSA. The stability interval is the period of time that an elected
529 Delete Stub Area - Delete the stub area designation. The area will be returned to normal state. Create NSSA - Configure the area ads a NSSA Del
53 5.1.7 show loginsession This command displays current telnet and serial port connections to the switch. Syntax show loginsession Default Set
530 Viewing Stub Area Summary Information Non-Configurable Data Area ID - The Area ID of the Stub area Type of Service - The type of service asso
531 LSDB Type - Select the type of Link Advertisement associated with the specified area and address range. The default type is 'Network Summary
532 SPF Runs - The number of times that the intra-area route table has been calculated using this area's link-state database. Area Border Rout
533 Configuring OSPF Interface Selection Criteria Slot/Port - Select the interface for which data is to be displayed or configured. Configura
534 Retransmit Interval - Enter the OSPF retransmit interval for the specified interface. This is the number of seconds between link-state advertisem
535 LSA Ack Interval - The number of seconds between LSA Acknowledgment packet transmissions, which must be less than the Retransmit Interval. OSPF
536 Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a
537 designated router. The Neighbor IP address is learned when Hello packets are received from the neighbor. For virtual links, the Neighbor IP addre
538 Down - This is the initial state of a neighbor conversation. It indicates that there has been no recent information received from the neighbor
539 Viewing OSPF Link State Database Non-Configurable Data Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the
54 <slot/port> - is the desired interface number. all - This parameter displays information for all interfaces. Default Setting None Command M
540 Checksum - The checksum is used to detect data corruption of an advertisement. This corruption can occur while an advertisement is being flooded,
541 Dead Interval - Enter the OSPF dead interval for the specified interface in seconds. This specifies how long a router will wait to see a neighbor
542 network-LSA for the network node. The network- LSA will contain links to all routers (including the Designated Router itself) attached to the net
543 Viewing OSPF Virtual Link Summary Table Non-Configurable Data Area ID - The Area ID portion of the virtual link identification for which data
544 Configuring OSPF Route Redistribution This screen can be used to configure the OSPF Route Redistribution parameters. The allowable values for eac
545 Viewing OSPF Route Redistribution Summary Information This screen displays the OSPF Route Redistribution Configurations. Non Configurable
546 8.2.3.4 Managing BOOTP/DHCP Relay Agent Configuring BOOTP/DHCP Relay Agent Configurable Data Maximum Hop Count - Enter the maximum number of
547 Viewing BOOTP/DHCP Relay Agent Status Non-Configurable Data Maximum Hop Count - The maximum number of Hops a client request can go without bei
548 8.2.3.5 Managing DNS Relay Configuring DNS Relay The DNS protocol controls the Domain Name System (DNS), a distributed database with which
549 Configuring Domain Name You can use this panel to change the configuration parameters for the domain names that can be appended to incomplete
55 Privileged Exec Display Message The display parameters when the argument is '<slot/port>' are as follows: Packets Received Withou
550 Configuring Name Server You can use this panel to change the configuration parameters for the domain name servers. You can also use this screen t
551 TTL - The time to live reported by the name server. Flag - The flag of the record. Command Buttons Refresh - Refresh the page with the latest
552 8.2.3.6 Managing Routing Information Protocol (RIP) Configuring RIP Global Configuration Page Configurable Data RIP Admin Mode - Select enabl
553 Viewing Each Routing Interface’s RIP Configuration Page Non-Configurable Data Slot/Port - The slot and port for which the information is being
554 Defining The Routing Interface’s RIP Configuration Page Selection Criteria Slot/Port - Select the interface for which data is to be configur
555 Encrypt - If you select 'Encrypt' you will be prompted to enter both an authentication key and an authentication ID. Encryption uses th
556 Configuring Route Redistribution Configuration This screen can be used to configure the RIP Route Redistribution parameters. The allowable values
557 Viewing Route Redistribution Configuration This screen displays the RIP Route Redistribution Configurations. Non Configurable Data Source
558 Command Buttons Refresh - Displays the latest RIP Route Redistribution Configuration data. 8.2.3.7 Managing Router Discovery Configuring
559 Viewing Router Discovery Status Non-Configurable Data Slot/Port - The router interface for which data is displayed. Advertise Mode - The
56 Command Mode Privileged Exec Display Message The display parameters when the argument is ' <slot/port>' are as follows: Total
560 8.2.3.8 Managing Route Table Viewing Router Route Table Non-Configurable Data Network Address - The IP route prefix for the destination.
561 OSPF Type-1 OSPF Type-2 RIP BGP4 Next Hop Slot/Port - The outgoing router interface to use when forwarding traffic to the destina
562 OSPF Type-2 RIP BGP4 Next Hop Slot/Port - The outgoing router interface to use when forwarding traffic to the destination. Next Hop
563 OSPF Intra OSPF Inter OSPF Type-1 OSPF Type-2 RIP BGP4Local Next Hop Slot/Port - The outgoing router interface to use whe
564 Preference - Specifies a preference value for the configured next hop. Command Buttons Add Route - Go to a separate page where a route can be
565 Local - This field displays the local route preference value. Command Buttons Submit - Send the updated configuration to the switch. Configur
566 Instructions for creating a VLAN Enter a new VLAN ID in the field labeled VLAN ID. Click on the Create button. The page will be updated t
567 8.2.3.10 Managing VRRP Configuring VRRP Configurable Data VRRP Admin Mode - This sets the administrative status of VRRP in the router to
568 Slot/Port - This field is only configurable if you are creating new Virtual Router, in which case select the Slot/Port for the new Virtual Router
569 Viewing Virtual Router Status Non-Configurable Data VRID - Virtual Router Identifier. Slot/Port - Indicates the interface associate with th
57 Total Packets Received Without Errors Unicast Packets Received: The number of subnetwork-unicast packets delivered to a higher-layer protocol. Mul
570 Owner - Set to 'True' if the Virtual IP Address and the Interface IP Address are the same, otherwise set to 'False'. If this
571 Router Checksum Errors - The total number of VRRP packets received with an invalid VRRP checksum value. Router Version Errors - The total numbe
572 Refresh - Refresh the data on the screen with the present state of the data in the switch. 8.2.4 Security Menu 8.2.4.1 Managing Access Con
573 Command Buttons Submit - Sends the updated screen to the switch and causes the changes to take effect on the switch but these changes will not
574 Maximum Requests - This input field allows the user to enter the maximum requests for the selected port. The maximum requests value is the maximu
575 Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newl
576 "Initialize" "Disconnected" "Connecting" "Authenticating" "Authenticated" "Aborting&q
577 Viewing Access Control Summary Page Non-Configurable Data Port - Specifies the port whose settings are displayed in the current table row. Cont
578 Viewing each Port Access Control Statistics Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a
579 Last EAPOL Frame Source - This displays the source MAC address carried in the most recently received EAPOL frame. EAP Response/Id Frames Receiv
58 Broadcast Packets Transmitted: The total number of packets that higher-level protocols requested be transmitted to the Broadcast address, includin
580 Configurable Data Login - Selects the login to apply to the specified user. All configured logins are displayed. Command Buttons Submit - Sen
581 Port - Displays the port in Slot/Port format. Users - Displays the users that have access to the port. Command Buttons Refresh - Update the
582 sum of (retransmit times timeout) for all configured servers. If the RADIUS request was generated by a user login attempt, all user interfaces wi
583 Configuring RADIUS Server Configuration Page Selection Criteria RADIUS Server IP Address - Selects the RADIUS server to be configured. Select a
584 RADIUS Server IP Address - Selects the IP address of the RADIUS server for which to display statistics. Non-Configurable Data Round Trip Time (s
585 Defining RADIUS Accounting Server Configuration Page Selection Criteria Accounting Server IP Address - Selects the accounting server for which
586 Viewing RADIUS Accounting Server Statistics Page Non-Configurable Statistics Accounting Server IP Address - Identifies the accounting server a
587 Resetting All RADIUS Statistics Page Command Buttons Clear All RADIUS Statistics - This button will clear the accounting server, authenticat
588 Authen. Port - The TCP port number of TACACS+. Server Time Out - Timeout value of TACACS+ packet transmit. Retry Count - Retry count after tr
589 Command Buttons Submit - Send the updated screen to the switch. Changes take effect on the switch but these changes will not be retained across
59 Receive Packets Discarded: The number of inbound packets which were chosen to be discarded even though no errors had been detected to prevent thei
590 8.2.4.6 Defining Secure Shell Configuration Configuring Secure Shell Configuration Page Configurable Data Admin Mode - This select field is
591 8.2.5 QOS Menu 8.2.5.1 Managing Access Control Lists Configuring IP Access Control List Configuration Page An IP ACL consists of a set of rul
592 Viewing IP Access Control List Summary Page Non-Configurable Data IP ACL ID - The IP ACL identifier. Rules - The number of rules currently
593 Selection Criteria IP ACL ID - Use the pulldown menu to select the IP ACL for which to create or update a rule. Rule - Select an existing rul
594 Destination IP Address - Enter an IP address using dotted-decimal notation to be compared to a packet's destination IP Address as a match cr
595 Configuring MAC Access Control List Configuration Page A MAC ACL consists of a set of rules which are matched sequentially against a packet. W
596 Viewing MAC Access Control List Summary Page Non-Configurable Data MAC ACL Name - MAC ACL identifier. Rules - The number of rules currently
597 Configurable Data Rule - Enter a whole number in the range of (1 to 8) that will be used to identify the rule. Action - Specify what action sho
598 Command Buttons Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be
599 number. If the sequence number is not specified by the user, a sequence number that is one greater than the highest sequence number currently in
6 5.2.6.8 lacp ...
60 Display Message Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received by the pr
600 on a per-class instance basis, and it is these attributes that are applied when a match occurs. The configuration process begins with defining o
601 Class Selector - Along with an option to create a new class, this lists all the existing DiffServ class names, from which one can be selected. Th
602 Class Type - Displays types of the configured classes as 'all', 'any', or 'acl'. Class types are platform dependent
603 Viewing DiffServ Policy Summary Page Non-Configurable Data Policy Name - Displays name of the DiffServ policy. Policy Type - Displays type o
604 Viewing DiffServ Policy Attribute Summary Page Non-Configurable Data Policy Name - Displays name of the specified DiffServ policy. Policy Ty
605 Slot/Port - Shows the Slot/Port that uniquely specifies an interface. Direction - Shows the traffic direction of this service interface. Oper
606 Viewing DiffServ Service Detailed Statistics Page This screen displays class-oriented statistical information for the policy, which is specifi
607 8.2.5.3 Configuring Diffserv Wizard Page Operation The DiffServ Wizard enables DiffServ on the switch by creating a traffic class, adding the tr
608 8.2.5.4 Managing Class of Service Managing Table Configuration Page Selection Criteria Slot/Port - Specifies all CoS configurable interface
609 Non-IP Traffic Class - Displays traffic class (i.e. queue) to which all non-IP traffic is directed when in 'trust ip-precedence' or &ap
61 speed-duplex {10 | 100} {full-duplex | half-duplex} 100 - 100BASE-T 10 - 10BASE-T full-duplex - Full duplex half-duplex - Half duplex Default Se
610 Slot/Port - Specifies all CoS configurable interfaces. The option "Global" represents the most recent global configuration settings. Th
611 Scheduler Type - Specifies the type of scheduling used for this queue. Scheduler Type can only be one of the following: strict weighte
612 Minimum Bandwidth - Specifies the minimum guaranteed bandwidth allotted to this queue. The value 0 means no guaranteed minimum. Sum of individual
613 Non-Configurable Data Version - The current value of the DVMRP version string. Total Number of Routes - The number of routes in the DVMRP routi
614 Viewing DVMRP Configuration Summary Selection Criteria o Slot/Port - Select the interface for which data is to be displayed. You must confi
615 Neighbor Expiry Time - The DVMRP expiry time for the specified neighbor on the selected interface. This is the time left before this neighbor ent
616 Viewing DVMRP Next Hop Configuration Summary Non-Configurable Data Source IP - The IP address used with the source mask to identify the source
617 Viewing DVMRP Prune Summary Non-Configurable Data Group IP - The group address which has been pruned. Source IP - The address of the source
618 Source Mask - The subnet mask to be combined with the source address to identify the sources for this entry. Upstream Neighbor - The address of
619 Configuring IGMP Interface Configuration Page Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed or c
62 negotiate no negotiate no - This command disables automatic negotiation on a port. Default Setting Enable Command Mode Interface Config Thi
620 Command Buttons Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be
621 Query Max Response Time - The maximum query response time advertised in IGMPv2 queries sent from the selected interface. Robustness - The robus
622 Viewing IGMP Cache Information Selection Criteria Slot/Port - Select the Slot and port for which data is to be displayed. Slot 0 is the ba
623 Version 1 Host Timer - The time remaining until the local router will assume that there are no longer any IGMP version 1 members on the IP subnet
624 Source Filter Mode - The source filter mode (Include/Exclude/NA) for the specified group on this interface. Source Hosts - This parameter shows
625 Configuring Interface’s Multicast Configuration Page Selection Criteria Slot/Port - Select the routing interface you want to configure from
626 Source IP - Enter the IP address of the multicast packet source to be combined with the Group IP to fully identify a single route whose Mroute ta
627 Configurable Data Source IP - Enter the IP Address that identifies the multicast packet source for the entry you are creating. Source Mask - Ent
628 Configuring Multicast Admin Boundary Configuration Page The definition of an administratively scoped boundary is a mechanism is a way to stop
629 Slot/Port - The router interface to which the administratively scoped address range is applied. Group IP - The multicast group address for the
63 no capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex } 10 - 10BASE-T 100 - 100BASE-T 1000 - 1000BASE-T full-duplex - Ful
630 Non-Configurable Data Router Interface - The IP address of the router interface for which configuration information was requested. Neighboring r
631 Viewing Mstat Summary Page This screen is used to display the results of an mstat command. Non-Configurable Data This screen shows the path
632 Admin Mode - Select enable or disable from the pulldown menu. If you select enable the router will process and forward mtrace requests received f
633 Viewing Mtrace Summary Page This screen displays the results of an mtrace command. The mtrace command is used to trace the path from source to a
634 Configuring Interface’s PIM-DM Configuration Page Selection Criteria Slot/Port - Select the Slot and port for which data is to be displayed or
635 Protocol State - The operational state of the PIM-DM protocol on this interface. Hello Interval - The frequency at which PIM hello messages are
636 Data Threshold Rate - Enter the minimum source data rate in K bits/second above which the last-hop router will switch to a source-specific shorte
637 Configuring Interface’s PIM-SM Configuration Page Selection Criteria Slot/Port - Select the slot and port for which data is to be displayed or
638 Protocol State - The operational state of the PIM-SM protocol on this interface. IP Address - The IP address of the selected PIM interface. Net
639 Component Index - Unique number identifying the component index. Component BSR Address - Displays the IP address of the bootstrap router (BSR)
64 Note: This command only applies to full-duplex mode ports. Syntax storm-control flowcontrol no storm-control flowcontrol no - This command dis
640 Group Address - The group address transmitted in Candidate-RP-Advertisements. Group Mask - The group address mask transmitted in Candidate-RP-Ad
65 Syntax shutdown no shutdown no - This command enables a port. Default Setting Enabled Command Mode Interface Config This command is used
66 5.2.2 L2 MAC Address and Multicast Forwarding Database Tables 5.2.2.1 show mac-addr-table This command displays the forwarding database entries. I
67 5.2.2.2 show mac-address-table gmrp This command displays the GARP Multicast Registration Protocol (GMRP) entries in the Multicast Forwarding Data
68 01:23:45:67:89:AB. In an IVL system the MAC address will be displayed as 8 bytes. In an SVL system, the MAC address will be displayed as 6 bytes.
69 5.2.2.5 show mac-address-table stats This command displays the MFDB statistics. Syntax show mac-address-table stats Default Setting None Comman
7 5.3.3 Telnet Session Commands...135 5.3.
70 Syntax mac-address-table aging-time <10-1000000> no mac-address-table aging-time <10-1000000> <10-1000000> - aging-time (Rang
71 5.2.3.2 show vlan id This command displays detailed information, including interface information, for a specific VLAN. Syntax show vlan {id <
72 5.2.3.3 show protocol group This command displays the Protocol-Based VLAN information for either the entire system, or for the indicated Group.
73 Command Mode Privileged Exec Display Message Slot/port: Indicates by slot id and port number which port is controlled by the fields on this line.
74 vlan <vlanid> [<name>] no vlan <vlanid> <vlanid> - VLAN ID (Range: 2 –3965). <name> - Configure an optional VLAN Na
75 5.2.3.8 vlan makestatic This command changes a dynamically created VLAN (one that is created by GVRP registration) to a static VLAN (one that is p
76 5.2.3.10 switchport acceptable-frame-type This command sets the frame acceptance mode per interface. For VLAN Only mode, untagged frames or prio
77 interface VLAN ID for this port. With either option, VLAN tagged frames are forwarded in accordance with the IEEE 802.1Q VLAN Specification. Defa
78 no switchport ingress-filtering all all - All interfaces. no - This command disables ingress filtering for all ports. If ingress filtering is dis
79 <vlanid> - VLAN ID (Range: 1 –3965). all - All interfaces. no - This command sets the VLAN ID for all interfaces to 1. Default Setting 1 C
8 5.3.7.2 ip ssh ...
80 switchport allowed vlan {add {tagged | untagged} | remove} all <vlanid> <vlanid> - VLAN ID (Range: 1 –3965). all - All interfaces. ad
81 This command configures the tagging behavior for all interfaces in a VLAN to be enabled. If tagging is enabled, traffic is transmitted as tagged f
82 This command configures the port priority assigned for untagged packets for all ports presently plugged into the device. Any subsequent per port c
83 This command adds a protocol-based VLAN group to the system. The <group-name> is a character string of 1 to 16 characters. When it is cre
84 Default Setting None Command Mode Global Config This command adds the <protocol> to the protocol-based VLAN identified by <group-name
85 Syntax switchport forbidden vlan {add | remove} <vlanid> no switchport forbidden <vlanid> - VLAN ID (Range: 1 –3965). add - VLAND ID
86 5.2.4.2 show gvrp configuration This command displays Generic Attributes Registration Protocol (GARP) information for one or all interfaces. Syn
87 5.2.4.3 show gmrp configuration This command displays Generic Attributes Registration Protocol (GARP) information for one or All interfaces. Synt
88 Syntax show garp configuration {<slot/port> | all} <slot/port> - An interface number. all - All interfaces. Default Setting None Co
89 5.2.4.6 bridge-ext gmrp This command enables GARP Multicast Registration Protocol (GMRP) on the system. The default value is disabled. Syntax b
9 5.5.4 Configuration Commands ...184 5.
90 This command enables GVRP (GARP VLAN Registration Protocol) for all ports. Syntax switchport gvrp all no switchport gvrp all all - All interfa
91 Interface Config This command enables GMRP Multicast Registration Protocol on all interfaces. If an interface which has GMRP enabled is enable
92 no - This command sets the GVRP join time per port and per GARP to 20 centiseconds (0.2 seconds). This command has an effect only when GVRP and GM
93 Note: This command has an effect only when GVRP and GMRP are enabled. Syntax garp timer leave < 20-600 > no garp timer leave <20-600&
94 Default Setting 60 centiseconds (0.6 seconds) Command Mode Global Config This command sets how frequently Leave All PDUs are generated per por
95 Syntax garp timer leaveall all < 200-6000 > no garp timer leaveall all <200-6000> - leave time (Range: 200 – 6000) in centiseconds.
96 Display Message Admin Mode: This indicates whether or not IGMP Snooping is active on the switch. Multicast Control Frame Count: This displays the
97 <vlanid> - VLAN ID (Range: 1 – 3965). static - Displays only the configured multicast entries. dynamic - Displays only entries learned thro
98 Max Response Time This displays the amount of time the switch will wait after sending a query on an interface, participating in the VLAN, because
99 Default Setting 260 seconds Command Mode Global Config, Interface Config ip igmp snooping interfacemode This command enables IGMP Snooping on
Comments to this Manuals