Benutzeranleitung / Produktwartung SMC6724L3 des Produzenten SMC Networks
Zur Seite of 618
T igerSwitch 10/100 24-P ort Layer 3 Switch ◆ 24 10B ASE-T/ 100B ASE-TX auto -MDI/MDI-X ports ◆ Optional 10 00B ASE-T or 1000B ASE-X GBIC modules ◆ 8.
.
38 T esla Irvine, CA 92618 Phone: (9 49) 679-8000 T igerSwitch 10/100 Manag ement Gui d e From SM C’ s T iger line of f eature-rich workgro up LAN solutio ns Octo be r 2003 Pub.
Infor matio n furn ished by SMC Networks , In c . (SMC) is believed to be accurate and reliable. Ho wever, no responsibili ty is assumed by SMC for its use, nor f or any infring eme nts of p atents or oth er righ ts of thir d par t ies which may result from its use.
v L IMITED W ARRANTY Limited W ar ranty Statement: SM C Networks, Inc. (“SMC ”) war rant s its pro ducts to be free from d efects in w orkmanship and materials , under normal use and service, for the applicable warranty term .
vi WARRA NTI ES E XCLUSIVE: IF AN SMC PR ODUCT DOES NOT OPERA TE AS W A RRANTED ABO VE, CUSTOMER’ S SOLE REMED Y SHALL BE REP A IR OR REPLA CEMENT OF THE PR ODUCT IN QUESTION , A T SMC’S OPTION .
vii C ONTENTS 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Key Featu res . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Descripti on of Softw are Feat ures . .
C ONTENTS viii Using DHCP/ BOOTP . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20 Managing F irmwa re . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22 Download ing System Software from a Server . . . . . . . . . . 3-22 Saving or Rest oring Confi guration Sett ings .
C ONTENTS ix Configuri ng Port Mir roring . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-70 Showing Port Sta tistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-71 Configuri ng Rate Limits . . . . . . . . . . . . . . .
C ONTENTS x Mapping IP Port Prior ity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-131 Copying IP Sett ings to A nother In terface . . . . . . . . . . . . . . . . 3-133 Multicast Filtering . . . . . . . . . . . . . . . . . . . . . . . .
C ONTENTS xi Specifying Ne twork In terfaces for RI P . . . . . . . . . . . . . . 3-178 Configuring Ne twork Inte rfaces for RIP . . . . . . . . . . . . . 3-179 Displaying RI P Informa tion and Sta tistics . . . . . . . . . . . 3-183 Configuri ng the Open Shor test Path First Proto col .
C ONTENTS xii Minimum Ab breviation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4 Command Completion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4 Getting Help on Command s . . . . . . . . . . . . . . . . .
C ONTENTS xiii username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-33 enable pas sword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-34 Web Serve r Command s . . . . . . . . . . . . . . . . . .
C ONTENTS xiv radius-ser ver timeou t . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-65 show radi us-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-65 802.1x Port Authenticatio n . . . . . . . . . . . . . . . . . .
C ONTENTS xv DHCP Comm ands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-97 DHCP Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-97 ip dhcp client -identifier . . . . . . . .
C ONTENTS xvi show inte rfaces s witchpo rt . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-131 Mirror Port C ommands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-133 port moni tor . . . . . . . . . . . . . . . .
C ONTENTS xvii switchpor t mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-166 switchport a ccepta ble-frame-ty pes . . . . . . . . . . . . . . . . . 4-167 switchpor t ingress-filt ering . . . . . . . . . . . . . . . . . . . . .
C ONTENTS xviii ip igmp snoo ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-197 ip igmp snoo ping vlan static . . . . . . . . . . . . . . . . . . . . . . . 4-197 ip igmp snoo ping versio n . . . . . . . . . . . . . . . . . . . . .
C ONTENTS xix ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-227 clear ip rou te . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-228 show ip rou te . . . . . . . . . . . . . . . . . .
C ONTENTS xx ip ospf prior ity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-268 ip ospf retra nsmit-inte rval . . . . . . . . . . . . . . . . . . . . . . . . 4-269 ip ospf tran smit-delay . . . . . . . . . . . . . . . . . . . .
C ONTENTS xxi ip pim trigg er-hello-inte rval . . . . . . . . . . . . . . . . . . . . . . . 4-305 ip pim join-pr une-hold time . . . . . . . . . . . . . . . . . . . . . . . 4-306 ip pim graft-r etry-inte rval . . . . . . . . . . . . . . . . . . . . . .
C ONTENTS xxii.
1-1 C HAPTER 1 I NTRODUCTION This sw itch provides a broad range of features for Layer 2 switching and La yer 3 routing . It i ncludes a management agent that allow s you to configur e the features lis ted in this man ual. The default co nfiguration can be used for most of the fea t ures pr ovided by this switch.
I NTR OD UC TI O N 1-2 Descri ption of Soft ware Feature s Th e switch pr ovides a wid e rang e of a dvanced pe rfor mance enhanc ing featu res. Flow contro l eliminates the loss of packet s due to bott lenecks caused by por t satur ation. Br oadc ast stor m supp ressio n prevents br oadc ast traff ic stor ms from engulfing t he netw ork.
D ESCRIPTION OF S OFTWARE F EAT UR ES 1-3 minimum delay for mo vin g real-time multimedia data across the network. While multicast filtering and routing provide supp or t for real-time n etwork applic ations . Some of th e management features are b riefly describe d belo w .
I NTR OD UC TI O N 1-4 netw ork traff ic during periods of c ongestion and p revent t he loss of pack ets when port buffer thresh olds are ex ceeded. The sw itch sup por ts flow co ntrol based on the IEEE 802 .3x standa rd. Rate Limiting – T his feature controls the m aximum rate for traffic transmi tted or recei ved on an interface .
D ESCRIPTION OF S OFTWARE F EAT UR ES 1-5 IEEE 802.1D Bridge – T he switch supports IEEE 802.1D transparent bridgin g . T he addr ess ta ble facil itates d ata sw itching by lear n ing add resse s, and then filterin g or forwarding tra ffic based on this info r mation.
I NTR OD UC TI O N 1-6 Vir t ua l L AN s – The swit ch supports up to 255 VLANs. A Virt ual LAN is a collection of ne twork nodes that share the same collision domain reg ardle ss of th eir p hysical loc ation or conn ect ion poin t in the ne twork.
D ESCRIPTION OF S OFTWARE F EAT UR ES 1-7 IP Routing – The switch provides Layer 3 IP routing . T o maintain a high rate of throughput, th e switch forwards all traffic passing within the same segment , and routes onl y traffic that pas ses between d ifferent subnetworks .
I NTR OD UC TI O N 1-8 Multicast Filteri ng – Specific multicast traffic can be assigned to its own VLAN to ensure that it do es not inte rfere with normal netw ork traffic and to guarantee real-time delivery by setting the required priority level for the desig nated VLAN .
S YSTEM D EFAULTS 1-9 Authentication Privileged Exec Leve l Username “ad min” Password “a dmin” Normal Exec Level Username “guest” Passwo rd “guest” Enable Privileged Exec from Normal E xec Level Password “s uper” RADIUS Authentication Disabled 802.
I NTR OD UC TI O N 1-10 Port Capability 1000BASE-SX/LX/LH – 1000 Mbps full d uplex Full-duple x flow control disa bled Symmetric flow control disable d Rate Limiting Input and output limits Disabled.
S YSTEM D EFAULTS 1-11 IP Precedence Priority Disabled IP DSCP Priority Disabled IP Port Priority Disabled IP Setting s Management. VL AN Any VLAN co nfigured with an IP addre ss IP Ad dress 0.
I NTR OD UC TI O N 1-12.
2-1 C HAPTER 2 I NITI AL C ONFIGURATI ON Connect ing to the Switch Configuration Opt ions The switc h includes a built-in ne twor k m anagemen t agent. The agent offer s a variety o f manag eme nt opt ions, including SN MP , R MON a nd a W eb-based i nterface.
I NI TI AL C ONFIGURATION 2-2 The switch’ s W eb interface, CLI configuration pro gram, and SNMP agent allow you to perf or m the following ma nage ment fu nctions: • Set user na mes and passwords.
C ONNECTING TO THE S WITCH 2-3 T o connect a ter minal to the co nsole port, compl ete the fol lowing s t eps: 1. Connect the console cabl e to the serial p o rt on a terminal, or a PC r unnin g ter minal e mulation software, and tighten the captiv e retaining screw s on th e DB- 9 conn ect or.
I NI TI AL C ONFIGURATION 2-4 Remote Connections Prior to accessing th e switch’ s onboard a g ent via a n etwork co nnection, you must fir st configur e it with a valid IP address , subnet mask, and de fault g ateway using a c onsole c onnec tion, DH CP or BOOTP pr otocol.
B ASIC C ONFIGURATION 2-5 Basic Configuratio n Console Connectio n The CLI program provid es tw o differ ent command lev els — normal access level (Nor mal Exec) and privileged access le vel (Pri vile ged Exec).
I NI TI AL C ONFIGURATION 2-6 Setting Passwords Note: If this is your first time to log into the CLI program, you should define new passw o rds f or both defa ult user names using the “usernam e” command, reco rd them and pu t them in a s afe place.
B ASIC C ONFIGURATION 2-7 Manual Con figuration Y ou can manually assign an IP address t o the s witch. Y ou ma y also need to speci fy a default gatew ay that resides be tween thi s device and management station s that ex ist on ano ther network segm ent (if r outing is not enable d on this sw itch).
I NI TI AL C ONFIGURATION 2-8 Dynamic Configu ration If you select the “boot p” or “dhcp” op tion, IP will be enabled but will no t function until a BOOTP or D H CP reply h as been receiv ed. Y ou therefore need to use the “ip d hcp restart cl ient” command to start broa dcasting ser vice requests.
B ASIC C ONFIGURATION 2-9 6. Then sa ve y our conf iguration c hanges b y typing “ copy running-conf ig star tu p-conf ig .” Enter t he star tu p file na me and press < Ente r>.
I NI TI AL C ONFIGURATION 2-10 Th e de fault stri ngs ar e: • public - wit h read-onl y access. Au thorized ma nagement stati ons are only able to retrieve MIB ob jects. • private - with re ad-write access. Authorize d management stations ar e abl e to both retrie ve and mo dify MIB objects.
B ASIC C ONFIGURATION 2-11 Trap Receiver s Y ou can a lso specify SN MP stations that are to re ceiv e traps from th e switch. T o configure a t rap receiv er, co mplete the fo llowing s t eps: 1.
I NI TI AL C ONFIGURATION 2-12 Managing Syst em File s Th e switch’ s fla sh memor y su ppor ts thr ee types of system f iles that can be managed by the CLI prog ram, W eb int erface, or SNMP . The switch’ s file syste m allo ws files to be uploaded an d downloade d, copied, deleted, and set as a start-up file .
M ANAGING S YSTEM F ILES 2-13 Note that configuration files should be downloaded using a file name th at reflects t he contents or usage of the fil e setting s. If you do wnload dire ctly to the r unn ing-c onfig, the s ystem wi ll reboot, and the setting s will have to be copi ed fro m the r unni ng-conf ig to a pe r ma nent file.
I NI TI AL C ONFIGURATION 2-14.
3-1 C HAPTER 3 C ONFIGU RING THE S WITCH Using the We b Interface This sw itch provides an embedded HTTP W eb ag ent. Using a W eb bro wser you can configure the s w itch and view statis tics to monito r netw ork acti vity . The W eb agent can be acc essed by any computer on the network us ing a sta ndar d W eb browse r ( Inter n et E xplor er 5 .
C ONFIGURING THE S WI TC H 3-2 Notes: 1. Yo u are al lowed th ree atte mpts to enter the corr ect passw ord; on th e third failed at tempt the curr ent connec tion is terminate d. 2. If you log in to the W eb inte rface as guest ( Normal Exec le vel), you ca n view the co nfiguratio n settings or change the guest password.
N AVIGATIN G THE W EB B RO WS ER I NTE RF AC E 3-3 Navigati ng t he Web Brow ser I nterfac e T o acce ss the W e b-browse r interfac e you must firs t enter a user name and passw ord. The administrator h as Read/W rite access to all co nfiguration parameter s and stati stics .
C ONFIGURING THE S WI TC H 3-4 Configuration Opt ions Configur able paramet ers hav e a dialog bo x or a dro p-down lis t. Once a config urati on chan ge ha s been made on a pa ge, be sure t o click on the “ Apply” or “ Apply Chang es” button to confir m the new set ting .
N AVIGATIN G THE W EB B RO WS ER I NTE RF AC E 3-5 Main Menu Using the onboard W eb agent, y ou can def ine system p aramete rs, m anage and control the switch, and all its po rts, or monitor ne twork conditions. The following table brief ly describes the selections available from this prog r am.
C ONFIGURING THE S WI TC H 3-6 Spanning Tree 3-87 STA Information Displays STA values used for the bridge 3-89 STA Configuration Configures gl obal bridg e settings for STA 3-92 STA Port Information C.
N AVIGATIN G THE W EB B RO WS ER I NTE RF AC E 3-7 Traffic Classe s Maps IEEE 802.1p priority tags to outp ut queu es 3-122 Queue Scheduling Configures Wei ghted Round Robin queueing 3-124 IP Precedence/ DSCP Priority Sta tus Globally s elects IP Precedence or D SCP Priority, or disab les both.
C ONFIGURING THE S WI TC H 3-8 Statistics Lists Ethernet and RMON port s tatis tics 3-71 Rate Limit 3-77 Input Rate Limit Port Configura tion Sets the input rate limit for each port 3-77 Input Rate Li.
N AVIGATIN G THE W EB B RO WS ER I NTE RF AC E 3-9 Dynamic Addr esses Shows dynami cally learne d entries in the IP routing table 3-161 Other Add resses Shows i nternal a ddresses used by the switch 3.
C ONFIGURING THE S WI TC H 3-10 Routing Protoc ol 3-152 RIP 3-175 General Settin gs Enables or d isables RI P, sets the glob al RIP version and timer values 3-176 Network Addresses Configures the netw.
N AVIGATIN G THE W EB B RO WS ER I NTE RF AC E 3-11 NSSA Settings Configures s ettings fo r importing routes int o or exporting routes out of not-so- stubby areas 3-212 Link State Database Inform atio.
C ONFIGURING THE S WI TC H 3-12 Basic Configuratio n Displaying System I nformation Y ou can e asily identi fy the system by displa ying the device name, location and conta ct infor mation. Field Attributes • Sy stem Na me – Nam e assigned to the switch sy stem.
B ASIC C ONFIGURATION 3-13 We b – Click System , Sy stem Info r ma tion. S pecif y the syst em n ame, location , and contact information for th e system admini strator , then cl ick Apply . (T hi s pag e also inclu des a Te l net bu tton that allows acces s to th e Command Line Interface via T elnet.
C ONFIGURING THE S WI TC H 3-14 Displaying Switch Hardware/Software Versions Use the Swi tch Information page to display hardware/firmware version numbe rs for th e main board and management soft ware, as w ell as the pow er status of t he system. Field Attributes Main Board • Serial Number – The ser i al numb er of the swit ch.
B ASIC C ONFIGURATION 3-15 We b – Click System, Switch Infor mation . CLI – Use the followin g command to display version infor mation. Console#show version 4-52 Unit1 Serial number :1111111111 Se.
C ONFIGURING THE S WI TC H 3-16 Displaying Bridge Extension Capabilities Th e Bridg e MIB in clude s extens ions for manag ed d evices th at sup por t Multicast Filtering , T raffic Classes, and V ir tual LANs .
B ASIC C ONFIGURATION 3-17 We b – Click System, Bridg e Extension . CLI – Enter the following command. Setting the Switch’s IP Address Th is sectio n desc ribes how to conf ig ure an initial IP interface for manageme nt access o ver t he netw ork.
C ONFIGURING THE S WI TC H 3-18 Y ou can m anually con figure a spec ific IP addres s, or direct the d evice to obtain an address from a BOOTP or DHCP server . V alid IP addres s es consist of four dec im al numbers , 0 to 255, separated by periods . Anything outside this for mat will not be accepted by the CLI p rog ram.
B ASIC C ONFIGURATION 3-19 • Subnet Mask – This mask id entifi es the host ad dress bi ts used for routing to spec ific su bnets. (Defa ult: 255 .0.0.0) • Default Gateway – IP addr ess of th e gat eway router betw een t his de vice and mana gement stations that exist on oth er net work segment s.
C ONFIGURING THE S WI TC H 3-20 CLI – Specify t he management interf ace, IP addres s and default gatew ay . Usin g DHC P/B OOT P If you r network provid es D HCP /BO OTP s er vice s, you can con figu re th e switc h to be dyna m ical ly configured b y these se r vices .
B ASIC C ONFIGURATION 3-21 CLI – Specif y the manageme nt interface , and s et the IP Add ress Mode to DHCP or BOOT P , and th en en ter t he “ip dhcp re sta rt c lie nt” co mman d. Renewing DCHP – DHCP may lea se add res ses to cl ien ts inde fin itely or for a sp ecific period of time .
C ONFIGURING THE S WI TC H 3-22 Managing Firmware Y ou c an upload /downl oad fir mware to or from a TFTP ser ver . By saving r untime code to a file on a TFTP ser ver , that file can later be downloaded to the sw itch to res tore op eratio n. Y o u can also set th e switch to u se new fir mware without overwriting the pr evious version.
B ASIC C ONFIGURATION 3-23 If you download to a new destination file, then se lect the file from the drop-do wn bo x for the ope ration code use d at startup , and cli ck Apply Chang es. T o s tar t the new fir m ware, rebo ot the system via th e Syst em/ Res e t m e nu .
C ONFIGURING THE S WI TC H 3-24 31 characters for files on the switch. (Valid c haracters: A-Z, a-z, 0-9, “ . ”, “-”, “_”) Note: The maximum numbe r of user-defined configuration files is limited only by available fl ash memory space.
B ASIC C ONFIGURATION 3-25 CLI – Enter the IP address of the TF T P ser ver , specify the source fi le on the ser ver, set the star tu p file name on the sw itch, and t hen re star t the switch.
C ONFIGURING THE S WI TC H 3-26 Confi g uring SNTP Y ou can c onfigure t he switc h to send t ime sync hronizat ion requests to specific time se r vers (i.e., client mode), upda te its clock based on broadc asts from time se r vers, or use bot h method s .
B ASIC C ONFIGURATION 3-27 CLI – This example c onfigures t h e swi t ch t o operat e as an SNTP broadc ast c lient. Sett ing the Tim e Zo ne SNTP uses Co ordinated Uni versal T ime (or UTC , for merly Greenwi ch Mean T ime, or GMT) based on the time at the Ea r th’ s prime mer idian, zero deg rees long itude.
C ONFIGURING THE S WI TC H 3-28 Resetting the System We b – Cli ck Syst em, R eset. C l ic k the R eset bu tton to r estart the s witch . CLI – Use th e reloa d command to restart th e switc h. Note: When restartin g the system, it will always run th e Power-On Self-Test.
U SER A UTHENTICATION 3-29 The default gue s t name is “ g uest” wit h the passw ord “guest. ” The default administrator n ame is “admin” with the pas sword “ad m in. ” Note that user names c an only be assig ned vi a the CLI. Command Attributes • User Name* – The nam e of the user.
C ONFIGURING THE S WI TC H 3-30 Configuring L ocal/Remote Logo n Authentication Use th e Authen tication Settings m enu to res trict manageme nt access bas ed on specif ied user names and pas s w ords . Y ou can manuall y configure access rights on the switc h, or you can use a remote ac cess authenti cation ser ver based on the RA DIUS pr otoc ol.
U SER A UTHENTICATION 3-31 (1) RADIUS a nd ( 2) Loca l, the u ser name and p asswo rd on th e RADIUS server is verified first. If the RADIUS server is not av ailable, then the local us er name and pa ssword is c hecked.
C ONFIGURING THE S WI TC H 3-32 We b – Click System, Radius . T o configure local or remote aut hentication prefe rences, specify the auth entication seq uence (i.e ., one to tw o methods) , fill in the parameters for RADIUS au thentic ation if sele cted, and click Apply .
U SER A UTHENTICATION 3-33 ports in a n etwor k can be cent rally cont rolled from a ser ver , whic h means that autho rized users can use the same cred entials for authent ication from any point w ithin th e network.
C ONFIGURING THE S WI TC H 3-34 • Each switch port that will be used must be set to dot1x “ Auto” mode. • Each cli ent that needs to b e authenti cated mu st have do t1x clie nt software installe d and properly conf igured. • The RADIUS server and 802.
U SER A UTHENTICATION 3-35 • Server timeout – The ti me the swit ch waits for a response from the authen tication s erver (RADIU S) to an authent ication reques t. • Re-authentication Max Count – The number of times the sw itch will attempt t o re-authenticat e a connected client before th e port becomes unauthoriz ed.
C ONFIGURING THE S WI TC H 3-36 Configur ing 802.1x Global S ettings Th e dot1 x protoc ol incl udes gl obal para meter s that co ntro l the clie nt authen ticatio n proces s that runs betw een the cl ient and t he switc h (i.
U SER A UTHENTICATION 3-37 • Timeout for Quiet Period – Sets the time that a s witch port waits a fter the do t1X Max Request Coun t has been exce eded before at tempting to ac quire a n ew c lient .
C ONFIGURING THE S WI TC H 3-38 Configur ing Port Authoriza tion Mode Whe n dot1x is en abled , you need to specify the dot1x au thentic ation mo de configur ed for each p or t. Command Attributes • Status – Indicates if authen tication i s enabled or disabled on the port.
U SER A UTHENTICATION 3-39 CLI – This ex ample sets the auth enticatio n mode to enable do t1x on por t 2. Displaying 802.1x S tatistics This sw itch can display statistics for dot1x p rotocol exc h ang es for any por t.
C ONFIGURING THE S WI TC H 3-40 We b – Select d ot1X, dot1X Stat istics . Select th e required port and then click Query . Click Refresh t o update the st atistics. CLI – This example displays the dot1x statisti cs for port 4. Tx EAP Req/Id The number of EAP Req/I d frames that have been transmitted by this Authenticator.
A CCES S C ONTROL L ISTS 3-41 Access Control L ists Access Control Lists (AC L) provide packet filtering f or IP frames (b ased on add ress, protocol, TC P/UD P por t numbe r or TCP contro l code) o r any fram es (based on MA C address or Ethernet type).
C ONFIGURING THE S WI TC H 3-42 The order in wh ich activ e ACLs ar e check ed is as follows: 1. User-defined r ules in th e MAC ACL. 2. User-defined r ules in th e IP ACL. 3. Explicit def ault r ule (permit any any) in the IP A CL. 4. Explicit def ault r ule (permit any any) in the MA C A CL.
A CCES S C ONTROL L ISTS 3-43 We b – Click A C L, A CL Co nfiguration. Enter an A CL name in the Name field, select the lis t type (IP Stan dard, IP Ext ended, or MA C), and clic k Add to open th e configuration pag e for the new lis t. CLI – This example creates a standard IP A CL named bill.
C ONFIGURING THE S WI TC H 3-44 We b – Speci fy the action ( i.e., P er mit or Deny ). Select the address type (Any , Host , or IP). If you select “Host, ” enter a s pecific addres s. I f you select “IP , ” en ter a subnet addre ss an d the ma sk for an add ress ra ng e.
A CCES S C ONTROL L ISTS 3-45 • Src/Ds t SubMask – Subnet mask for source or destinatio n address. (See Sub Mask in the pr eceding sec tion.) • Protocol – Spec ifies t he prot ocol ty pe to match as T CP, UDP or Others , where others indicates a specific p rotocol number (0-255).
C ONFIGURING THE S WI TC H 3-46 We b – Specify the acti on (i.e. , Permit or Deny). Specif y the source and/o r desti nation addr esses . Select t he address typ e (Any , Host, or I P). If y o u selec t “Host ,” e nter a speci fic address . If you se lect “IP , ” enter a s ubnet address an d the mask for an address range .
A CCES S C ONTROL L ISTS 3-47 3. P er mit all TCP packets from class C addresses 192.168.1.0 with the TCP contr ol code set to “SYN .” Configur ing a MAC ACL Command Usa ge Egress MA C A CLs only w ork for destina tion-mac-kn own pac kets , not for multicast, br oadcas t, or des tination -mac- unknown packets.
C ONFIGURING THE S WI TC H 3-48 We b – Specify the acti on (i.e. , Permit or Deny). Specif y the source and/o r desti nation addr esses . Enter a speci fic address ( e.g ., 11-22-33 -44-55-66). Or enter a base address and a h exadecimal bitmask for an address range.
A CCES S C ONTROL L ISTS 3-49 Binding a Port t o an Access Control List After co nfiguring Acces s Control List s (ACL ), you can bin d the ports that need to filter tra ffic to the appr opriate A CLs . Y ou can o nly assign o ne IP access list and/or o ne MA C access list to any port.
C ONFIGURING THE S WI TC H 3-50 Simple Netw ork Management Protoc ol Simple Ne twork Manag ement P rotoc ol (SNMP) is a communic ation protoc ol de signed s pecif ically f or managi ng de vices on a network. Equipmen t commonly ma naged with SNMP in cludes switch es, ro uters and h ost co mpu ter s .
S IMP LE N ETWORK M ANAGEME NT P RO TO CO L 3-51 • Acce ss Mo de - Read-Only – Specifies read-only access. Authorized manag ement stations are only able to retrieve MIB ob jects. - Read/Write – Sp ecifies read-write acc ess. Authorize d management stations are able to both retrieve and mo dify MIB objects.
C ONFIGURING THE S WI TC H 3-52 Command Usa ge • You can enable or disable authe ntication mess ages via the Web i nterface. • You can ena ble or di sable auth enticatio n messages or link-up -down messages via the CLI. Command Attributes • Trap Manager Capability – This switch supports up to five trap managers.
D YNAMIC H OST C ONFIGURATION P RO TO CO L 3-53 Dynamic Host Configu ration Protoco l Dynamic Ho st Configu ration P rotocol (DH CP) ca n dynamica lly alloca te an IP address and other confi guration in for mation to netw ork clien t s when the y boot up .
C ONFIGURING THE S WI TC H 3-54 Command Usa ge Y ou must specif y the I P addr ess fo r at le ast one DHC P ser ver . Otherwi se, the switch’ s DHCP relay agent will no t forward clien t requests to a DHCP ser ver . Command Attributes • VLAN ID – ID of configured VLAN.
D YNAMIC H OST C ONFIGURATION P RO TO CO L 3-55 Configuring th e DHCP Server This sw itch includes a Dynamic Host Co nfiguration Protocol (DHC P) ser ver t hat can assign temp orar y IP addresse s to any attac hed host requestin g ser vice.
C ONFIGURING THE S WI TC H 3-56 Enabling the Server, Sett ing Excluded Addr es ses Enable the DHCP Ser v er and specify the IP ad dresses that it should n ot be assig ned to clie nts. Command Attributes • DHCP Server – Ena bles or di sables the DHCP ser ver on this sw itch.
D YNAMIC H OST C ONFIGURATION P RO TO CO L 3-57 Confi guring Address Pools Y ou mu st configur e IP address pools for each IP interface th at will pr ovide addres ses to a ttached clients via th e DHC P ser ver. Command Usa ge • First config ure address po ols for the netw ork interfaces .
C ONFIGURING THE S WI TC H 3-58 Command Attributes Crea ting a New A ddr ess Pool • Pool Name – A string or integer . (Range: 1-8 characters) Setting the Network P arameters • IP – The IP ad dress of the D HCP addr ess pool.
D YNAMIC H OST C ONFIGURATION P RO TO CO L 3-59 • Bootfile – The default boot imag e for a DHCP client. T his file should placed on the T rivial File T ransfer Protocol (T FTP) ser ver specified as the Next Ser ver.
C ONFIGURING THE S WI TC H 3-60 Configuring a Network Address Pool We b – Click DHCP , Ser v er, P o ol Conf iguration. Clic k the Configure button for any ent r y . Click the r adio butto n for “N etwork. ” E nter th e IP addres s and su bnet ma sk for th e network poo l.
D YNAMIC H OST C ONFIGURATION P RO TO CO L 3-61 Configuring a Ho st Addr ess Pool We b – Click DHCP , Ser v er, P o ol Conf iguration. Clic k the Configure button for any ent r y . Click the rad io butto n for “Hos t.” Enter the IP address , subnet mas k, and hardw are address for t he client device.
C ONFIGURING THE S WI TC H 3-62 CLI – This example configures a host address po ol. Displaying Address Binding s Y ou can d isplay th e host device s which ha ve acq uired an IP addr ess from this switch’ s DHCP ser ver . Command Attributes • IP Address – IP addre ss ass igned to host.
P ORT C ONFIGURATION 3-63 We b – Click DHCP , Ser ver, IP Binding . Y o u may use the Delete button to clear an ad dress from the DH CP ser v er’ s database . CLI – This exampl e displays the current bindin g, and then clea rs all auto matic binding .
C ONFIGURING THE S WI TC H 3-64 • Speed/Duplex Status – Shows the cur rent speed and duplex mo de. (Auto, o r fixed ch oice ) • Flow Control Status – Indi cates type of f low control currently in use. (IEEE 802.3x, Back-Pressure or None) • Auto negot iat ion – Shows if auto-negoti ation is enab led or disabl ed.
P ORT C ONFIGURATION 3-65 • Speed-duplex – Show s the curre nt speed and d uplex mode . (Auto, or fixed ch oice) • Capabilities – Spec ifies the capabilities to be advertised for a port during auto-ne gotiatio n. (To access this item o n the Web, see “Configur ing Interface Conn ections” o n page 3-48.
C ONFIGURING THE S WI TC H 3-66 CLI – This example s hows the co nnection sta t us for P ort 13. Console#show interfaces status ethernet 1/13 4-128 Information of Eth 1/13 Basic information: Port ty.
P ORT C ONFIGURATION 3-67 Configuring I nterface Connections Y ou can use the P or t Config uration or T r unk Con figuration page to enable/disable an int erface, set a uto-negotia tion and the inte rface capabilities to advert ise, or manually fix the speed, dup lex mode, and f low contr ol.
C ONFIGURING THE S WI TC H 3-68 port connected to a hub unless it is actually required to so lve a proble m. Otherw ise bac k press ure jammin g signa ls may de grade overall performance for the segm ent attached to the hub.
P ORT C ONFIGURATION 3-69 Setting Broadcast Storm Thre sholds Broadc ast stor ms may o ccur when a devi ce on your net work is malfunctioning, o r if application prog rams are not well designed or proper ly configured.
C ONFIGURING THE S WI TC H 3-70 CLI – Sp ecify any i nterf ace, and then enter the th reshol d. T he followin g sets broadcast suppression at 600 pack ets p er second. Configuri ng Port Mirr oring Y ou can mi r ror traffic fr om any source por t to a targ et po r t for r eal -time analysis .
P ORT C ONFIGURATION 3-71 • Type – Allows you to select wh ich traffic to mirror to th e target port, Rx (receive), T x (trans mit), or Both. • Target Port – The port that will “duplicate” or “m irror” the traffic on the s ource por t.
C ONFIGURING THE S WI TC H 3-72 passing thro ugh each port. A ll values displayed hav e been acc umulated sinc e the last sy stem reboot , and are sh own as co unts per sec ond. Statisti cs are refres hed every 60 sec onds by de fault. Note: RMO N gro ups 2, 3 and 9 can on ly be acce ssed us ing SNMP management software such as SMC’s EliteView.
P ORT C ONFIGURATION 3-73 Transmit Multicast Packets The total number of packets that higher-level p rotocols requested be transmitted, a nd which were addressed to a multicast addr ess at this su b-layer, incl uding those th at were discarded or not sent.
C ONFIGURING THE S WI TC H 3-74 Multiple C ollision Frames A count of successful ly transmitted frames for whic h transmission is inhibi ted by more than one collis ion. Carrier Sense Errors The number of times t hat the carrier sens e condition was lost or ne ve r asserted when attemp ting to transm it a frame.
P ORT C ONFIGURATION 3-75 CRC/Alignm ent Errors The number of CRC/align ment erro rs (FCS or alignment errors). Undersize Fra mes The tota l number of fram es received that were less than 64 octets long (excluding f raming bits, but includ i ng FCS octets) and were othe rwise well formed.
C ONFIGURING THE S WI TC H 3-76 We b – Click Statistics , Port Statistic s . Select the required int erface, and click Quer y . Y o u can al so use the R e fre sh button at the bott om of th e pag e to up date the s cree n.
P ORT C ONFIGURATION 3-77 CLI – This example show s statistics for por t 13. Configuring Rate Lim its This f unctio n allows the ne twork manag er to co ntro l the maximum rate for traffic transmitted or receiv e d on an interface.
C ONFIGURING THE S WI TC H 3-78 Command Usa ge Due to a switch chip limitation , the input rate limit c an only be enabled or disabled glob ally for all interfaces on the switch. However , the output rat e limit can be enabled or disabl ed for individual interfaces .
T RUN K C ONFIGURATION 3-79 CLI - This example sets the rate limit for inp ut and output traffic passing through por t 1 to 60 Mbps. Trunk Co nfiguration Y ou can c reate multipl e links between d evices that w ork as one virtual, ag g regate link.
C ONFIGURING THE S WI TC H 3-80 Command Usa ge Beside s balanc ing the lo ad ac ross each por t i n the t r unk, the oth er por ts provide re dund ancy by taki ng over the load if a por t in th e tr unk fa ils .
T RUN K C ONFIGURATION 3-81 • A trunk formed with another switc h using LACP will automatically be assign ed the next available trunk ID . • If more than fou r ports a ttached to the same target switch have LACP enabled, the addition al ports will be placed in st andby mod e, and will only be enabled if one of the active links fails.
C ONFIGURING THE S WI TC H 3-82 CLI – The follow ing example enabl es LA CP for ports 17 and 18. J ust connec t these ports t o two L AC P-enabled trunk po r ts on anot her switc h to for m a tr unk.
T RUN K C ONFIGURATION 3-83 We b – Click T r unk, T r unk Configuration. Enter a tr unk ID of 1-6 in the T r unk field, sel ect any of the switch po r ts from th e scroll-do wn port list, and cl ick Add. Aft er you ha ve com p lete d adding ports to the member lis t, click Apply .
C ONFIGURING THE S WI TC H 3-84 Addre ss Ta ble Settin gs Switches sto re t he addre sses for all known devices. This infor mation is used to pass traff ic directly b etween t he inbound and outbou nd ports . All the add resses learned b y monitorin g traffic are s t ored i n the dy namic address t able.
A DDR ES S T ABLE S ETTINGS 3-85 We b – Click Address T able, Static Addresse s . Specify th e interface, the MA C address and VLAN , then click Ad d Static Address . CLI – This example adds an address to the static ad dress table, but sets it to be deleted w hen the switch is rese t.
C ONFIGURING THE S WI TC H 3-86 • Address Table Sort Key – You ca n sort the info rmation displa yed based on inter face (p ort or tru nk) or MAC addr ess.
S PANNING T RE E A LGOR ITHM C ONFIGURATION 3-87 Changing the Agin g Time Y ou c an set the a ging tim e for entri es in the d ynamic addres s tabl e. Command Attributes • Aging Time – The time af ter which a lea rned entry is discarded. (Range: 10-1000000 seconds; Default: 300 seconds) We b – Click Address T able, Addre ss Aging .
C ONFIGURING THE S WI TC H 3-88 ST A uses a dist ributed algorithm to select a bri dging device (STA-complian t switch, br idg e or rou ter) that ser ves as the root o f the spann ing tree netw ork.
S PANNING T RE E A LGOR ITHM C ONFIGURATION 3-89 Displaying Global Settings Y ou can d isplay a summary of the current bri dg e ST A inform atio n that applies to the entire switch u s ing the STA Inform ation screen. Field Attributes • Spanning Tree State – Shows if the switch is enable d to participate in an STA-compli ant netw ork.
C ONFIGURING THE S WI TC H 3-90 - Root Path Cost – The p ath c ost f rom t he ro ot po rt on this sw itch to the root device. • Configuration Changes – The numb er of time s the Sp anning Tr ee has been re configured. • Last Topology Change – Time si nce the Span ning Tree w as last reconfi gured.
S PANNING T RE E A LGOR ITHM C ONFIGURATION 3-91 • Root Hold Time – The in terval (in seco nds) during wh ich no m ore than two brid ge conf igura tion pro toco l data unit s shall be transmit ted by th is node. We b – Click Spanning T r ee, ST A Infor m ation.
C ONFIGURING THE S WI TC H 3-92 Configuring Global Setti ngs Global sett ings ap ply to the e ntire sw itch. Command Usa ge • Spannin g Tree Prot ocol Uses RSTP fo r the internal state machine, but sends only 802.
S PANNING T RE E A LGOR ITHM C ONFIGURATION 3-93 device with th e lowest MAC ad dress will then be come the root d evice. (Note t hat lower nu meric values ind icate higher priority.
C ONFIGURING THE S WI TC H 3-94 Advance d Conf igurat ion S etting s for RS TP • Path Cost Method – T he path cost is us ed to de term ine the best pat h betwee n devices. The path co st method is used to determi ne the range of values that can be assi gned to each int erface.
S PANNING T RE E A LGOR ITHM C ONFIGURATION 3-95 CLI – T his examp le en able s Span ning Tree Proto col, an d the n sets the indicated att ributes . Displaying Interface Setti ngs The ST A P or t Infor mation and STA T r unk Infor mation pages d isplay the cur rent s tatus o f por ts an d tr unks in the S pannin g T ree.
C ONFIGURING THE S WI TC H 3-96 • Designated Cost – The cost for a packet to tr avel from this port t o the root in the current Span ning Tree conf iguration.
S PANNING T RE E A LGOR ITHM C ONFIGURATION 3-97 • Trunk Member – Indicates if a port is a member of a trunk. (STA Port Information o nly) These additio n al parameter s are only displ ayed for the CLI: • Admin status – Shows if STA has bee n enabled on this int erface.
C ONFIGURING THE S WI TC H 3-98 directl y through to t h e span ning tree forw arding state. Sp ecifying Edge Ports provides quicker convergence for devices s uch as workstatio ns or server s, reta in.
S PANNING T RE E A LGOR ITHM C ONFIGURATION 3-99 CLI – This example s hows the ST A attributes fo r port 5. Configuring I nterface Settings Y ou can c onfigure RSTP a t tribut es for specific interfaces , includin g port priorit y , path co st, link type, an d edg e po rt.
C ONFIGURING THE S WI TC H 3-100 - Forwarding - Port fo rwards packets, and continues learning addr esses. • Trunk – Indica t es if a port is a member of a trunk.
S PANNING T RE E A LGOR ITHM C ONFIGURATION 3-101 • Admin Link Type – The link type a ttached to this inte rface. - Poin t-to-Poin t – A conn ecti on to exa ctly one other bridge.
C ONFIGURING THE S WI TC H 3-102 We b – Click Sp anning T ree, ST A P o r t Configuration or STA T r unk Configuration. Modify the requir ed attri b utes , then cl ick Apply .
VLAN C ONFIGURATION 3-103 An IEEE 802.1Q VLAN is a g roup of por ts that can be located anywhere in the n etwork, but commun icate as thoug h they belong to th e same ph ysical segment. VLANs he lp to sim plify network mana g ement by allowing you to move device s to a new VL AN with out h aving to chang e an y physical conne ction s .
C ONFIGURING THE S WI TC H 3-104 switch to par ticipate in one or more VLANs, but none of the inter mediat e network dev ice s nor the host at the othe r end of the conn ecti on su ppor ts VLANs , then yo u should add this port to the VL A N as an un tag ged port.
VLAN C ONFIGURATION 3-105 used to man ually isolate user groups or s ubnets . Howe ver, you should use IEEE 802.3 tag g ed VLANs with GV RP whenever poss ible to fully auto mate V LAN regis trati on.
C ONFIGURING THE S WI TC H 3-106 still enable GVRP on th ese edge switc hes, as well as on the core switch es in the netw ork. Forwardin g Tagged/Untagged Frames If you wan t to crea te a sm all p or t-ba sed VLAN for de vices atta ched direc tly to a single swit ch, you ca n assi gn por ts to the s ame unt ag g ed VLAN .
VLAN C ONFIGURATION 3-107 Enabling or Disabling GVRP (Global Setting) GARP VLA N R egistrat ion Protocol (GVRP) define s a way for s witches to exc hang e VLA N infor mat ion in order to reg ister VLAN me mbers on ports acro ss the netw ork.
C ONFIGURING THE S WI TC H 3-108 • Maximum Number of Supported VLANs – Maximum number of VLANs t hat can be configured on this switch. *W e b O n l y We b – Click VLAN, VLAN Base Infor matio n.
VLAN C ONFIGURATION 3-109 • Status – Shows h ow this VL AN was adde d to the swi tch. - Dynamic GVRP : Automatically learned via GVRP. - Permanent : Adde d as a static entry. • Egress Ports – Show s all the VL AN po rt mem bers. • Untagged Ports – Show s the unta gged VL AN port me mbers.
C ONFIGURING THE S WI TC H 3-110 CLI – Cur rent VLAN infor mat ion can be disp layed with the following command. Creati ng VLANs Use th e VLAN Static Li st to create or remov e VLAN g roups . T o propagate information about VLAN groups used on this switch t o external netw ork devices , you m ust specify a VLAN I D for each of t hese gro up s .
VLAN C ONFIGURATION 3-111 • Remove – Rem oves a VLA N group f rom the c urrent lis t. If an y port is assigned to t his grou p as untagged , it will be reass igned to VLAN group 1 as untagged.
C ONFIGURING THE S WI TC H 3-112 2. VLAN 1 is th e defau lt untagge d VLAN c ontaini ng all ports on the switch, and can only be modified by first reassigning the default p ort VLAN ID as de scribed un der “Configuring VLAN Behavior for Interfaces” on page 3-114.
VLAN C ONFIGURATION 3-113 We b – Click VLAN, VLAN Static T a ble. Select a VL AN ID from th e scroll-down list. Modify the VLAN n ame and status if required. Select the membersh ip type by ma rking th e appr opriate r adio bu tton in the list of por ts or tr unks.
C ONFIGURING THE S WI TC H 3-114 We b – Open V LAN, VLAN Static Memb ership . Select an i n terface f rom the scr oll-down box (P or t or T r unk ). Click Que r y to d isplay member ship infor mation for the interf ace. Select a VLAN ID , and then click Add to add the interface as a tag ged member , or clic k Remo ve to remov e the interf ace.
VLAN C ONFIGURATION 3-115 media acc ess method or data rate . These value s should no t be changed unless you are exper iencing diffic ulties with GVRP registra tion/ dere gistra tion . Command Attributes • PVID – VLAN ID assigned to untagged fram es received on the inte rface.
C ONFIGURING THE S WI TC H 3-116 • GARP J oin T imer * – The i nterval betw een transmi tting request s/ queries t o participate in a VLAN group. (Ran ge: 20-1000 centiseco nds; Default: 20) • GARP Leav e Time r * – The interval a p ort waits be fore leaving a VLAN group.
VLAN C ONFIGURATION 3-117 We b – Click VLAN , VL AN P o rt Configura tion or VLA N T r unk Configuration. Fill in the required se ttings for each interface, click Apply .
C ONFIGURING THE S WI TC H 3-118 Configuring P rivate VLANs Pri vate VLAN s provide por t-based security and isolation be tween ports withi n the assign ed VLAN . Data t raffic on do wnlink ports can on ly be forw arded to , and from, up link port s .
VLAN C ONFIGURATION 3-119 Confi guring Uplink a nd Downlink Ports Use the Pri vate VLAN Link Status page to set ports as dow nlink or uplink ports . P orts designate d as downl ink ports can not communicate w ith any other por ts on th e switch except for the uplink po r ts.
C ONFIGURING THE S WI TC H 3-120 Class o f Service Configura tion Class of Ser vic e (CoS) allows you to specify wh ich data pack e ts hav e greater pr ecedence when traf fic is buff ered in the swit ch due to cong esti on. T his sw itch suppo rts CoS wit h four priorit y que ues fo r each port.
C LASS OF S ER VICE C ONFIGURATION 3-121 We b – Click Priority , Defa ult Po r t P riority or De fault T r u nk Priority . Modify th e default p riority for any inter face, the n click Apply . CLI – T his examp le assigns a d efault priority of 5 to por t 3.
C ONFIGURING THE S WI TC H 3-122 Mappin g CoS Valu es to E gress Queues This sw itch processes Class of Ser vice (Co S) priority tag g ed traffic by using four priority queues fo r each port, with service sche dules based on W eighte d Ro und R obin (W RR).
C LASS OF S ER VICE C ONFIGURATION 3-123 Command Attributes • Priority – CoS value. (Range: 0-7, where 7 is the high est priority) • Traffic Class * – O utpu t que ue buf fer. (Rang e: 0-3 , wh ere 3 i s the h ighes t CoS prior ity queue) * CLI s hows Qu eue ID .
C ONFIGURING THE S WI TC H 3-124 CLI – The follow ing example s hows how to map CoS v alues 0, 1 a nd 2 to priority queue 0, va lue 3 to priority queue 1, values 4 and 5 to priority queue 2, a nd values 6 and 7 to priority queue 3.
C LASS OF S ER VICE C ONFIGURATION 3-125 We b – Click Priority , Queue Scheduling. Sele c t a traffic class (i.e., output queue), enter a wei ght, then cli ck Apply . CLI – The follow ing example s hows how to assign WRR weights o f 16, 64, 128 and 240 to the CoS priori t y queues 0, 1, 2 and 3.
C ONFIGURING THE S WI TC H 3-126 Because different p riority infor mation may be contain ed in the traffic, this switch maps priority values to the output queues in the following manner : • The preceden ce for priorit y mapping is I P Port Priority , IP Preceden ce or DSCP Prio rity, and then De fault Port Pr iority.
C LASS OF S ER VICE C ONFIGURATION 3-127 Mapping IP Precedence The T ype of Se r vice (T oS) oct et in the IPv4 he ader includes three preceden ce bits de fining eight different p riority lev els rang ing from hi ghest prior ity for ne twor k control packet s to low est prio rity for rout ine traffi c.
C ONFIGURING THE S WI TC H 3-128 We b – Clic k Priority , IP Preceden ce Priority . Select a p or t or trunk from the Int erface field. Select an entry from the IP Pr ecedence Priority T able , enter a value in the Class of Ser vice V alue field, and then clic k Apply .
C LASS OF S ER VICE C ONFIGURATION 3-129 Mapping DSCP Priority The DSCP is six bits wide, allo wing coding for up t o 64 different forwardi ng behavior s .
C ONFIGURING THE S WI TC H 3-130 We b – Click Priority , IP DSCP Priority . Select a por t or tr unk from the Interf ace field. Sele ct an entry from the D SCP table, ent er a val ue in the Class of Ser vice V alue field, then click Ap ply .
C LASS OF S ER VICE C ONFIGURATION 3-131 Map ping IP Por t Priorit y Y ou ca n also ma p network applic ations to Class of Ser vice values base d on the IP por t number (i.e., TCP/UDP por t number ) in the frame header. Some of the more common TCP ser vice ports inclu de: HTTP: 80, FTP: 21, T elnet: 23 and POP3: 110.
C ONFIGURING THE S WI TC H 3-132 Click Priority , IP Po r t Priori ty . Sel ect a port or tr unk from the Interface field. Enter the por t number for a network application in the IP P or t Number b ox and t h e new Co S value i n the Class o f Ser vice bo x, and then click Add IP P ort .
C LASS OF S ER VICE C ONFIGURATION 3-133 Copying IP Setti ngs to Another I nterface Y ou c an copy IP Pr eced ence, DSC P prio rity , or IP por t pr iority se tting s from one interface (por t or tr unk) to oth er inte rfaces on the switch.
C ONFIGURING THE S WI TC H 3-134 Mult ica st F ilt eri ng Multicasting is used to suppor t real-time applications such as videocon ferencing or streaming audio . A multicast s er ver does no t have to establish a sep arate conne ction with each client.
M ULTICAST F ILTE RIN G 3-135 This sw itch not only suppor ts IP multicast filt ering by passiv e ly monit oring IGMP que r y and repo r t messages an d multicast routing pr obe messag es to register .
C ONFIGURING THE S WI TC H 3-136 Note that IGMP neit her alters nor routes IP multicast packets . A multicast routing protoco l must be used to deliver IP mu lt icast packets across differe nt subnetw orks . Therefore , when D VMRP or PIM ro uting is enabled f or a subnet on this swit ch, you also need to enable IGMP .
M ULTICAST F ILTE RIN G 3-137 IGMP Query (Lay er 2 or 3) – IGMP Query can onl y be enabled glo bally at Layer 2, but can be e nabled for individ ual VLAN interfaces at Layer 3 (page 3-144). However , note that Layer 2 query is disabled if La yer 3 quer y is enabled.
C ONFIGURING THE S WI TC H 3-138 • Act as I GMP Qu erier — When en abled, the sw itch can ser ve as the Querier , which is r espon sible f or askin g host s if they want to recei ve multicast traffic.
M ULTICAST F ILTE RIN G 3-139 CLI – T his example modifies th e settings for multicast filtering, and then disp lays the current s t atus . Displaying Inte rfaces Attached to a M u lticast Route r M.
C ONFIGURING THE S WI TC H 3-140 We b – Click IGMP Snooping, Multicast Router P or t Infor matio n. Select the req uired VLAN I D from the scro ll-down list to disp lay the as sociated multicast routers . CLI – T his example shows that Port 11 has bee n statically config ured as a port attached to a multicast router .
M ULTICAST F ILTE RIN G 3-141 We b – Click IGMP Snoopin g, Static Mult icast Router P or t Config uration. Specify the interfaces at tached to a multicast r outer , indicate the VLAN which will forward all the corre sponding multicast traffic, and then click Add.
C ONFIGURING THE S WI TC H 3-142 Displaying Port Members of Multicast Service s Y ou can d isplay th e port members associated wit h a specified V LAN and multicast ser vi ce. Command Attribute • VLAN I D – Selects th e VLAN for which to display port members.
M ULTICAST F ILTE RIN G 3-143 Assigning Ports to Multicast Services Multicast filte ring can be dyn amically configured using IGMP Snoo ping and IG MP Que r y me ssag es as de scri bed in “Con figuri ng IGM P Sno oping P arameters” on page 3-137.
C ONFIGURING THE S WI TC H 3-144 CLI – This example assigns a m ulticast address to VLAN 1, and then displays all the known multicast ser vices suppor ted on VLAN 1.
M ULTICAST F ILTE RIN G 3-145 Confi g uring I GMP Interface Param eters Th is switch us es IGM P (In ter net Group Ma nag ement P rotoc ol) to q uer y for any at tached hos ts that want to receiv e a specific m ulticast service. The hos ts may respond wi th sev eral t ypes of I P mult icast me ssages .
C ONFIGURING THE S WI TC H 3-146 • Max Query Response Time – Configures t he maximum response time advertised in IGMP queries. (Range : 0-25 seconds; Default: 10 seconds) - The swit ch must be using I G MPv2 for this command to take e ffect. - Thi s comman d define s how lo ng any respon der (i.
M ULTICAST F ILTE RIN G 3-147 • Querier – Devi ce currently serving as the IGMP querier for th is multicast se rvice. We b – Clic k IP , IGMP , Interface Set t ings . Specify eac h interface t h at will suppo r t IGMP (La yer 3), speci fy the IGMP parameters for each int erface, then cl ick Appl y .
C ONFIGURING THE S WI TC H 3-148 CLI – This example c onfigures the IGMP parameters for VLAN 1. Displaying Multicast Group Info rmation When IGMP ( Layer 3) is enabled on th is switch t h e current m ulticast g roups le ar ned v ia IGMP c an be di splayed in th e IP/I GMP/Gr oup Information page.
IP R OUTING 3-149 • V1 Timer – The time remaining until the swit ch assumes that the re are no long er any IGMP Vers ion 1 members on the IP subnet a ttached to this interface.
C ONFIGURING THE S WI TC H 3-150 networks . Howeve r, when the switch is first booted, no default routing is defined. As with all tradition al routers , th e routing functions must first be config ured to work.
IP R OUTING 3-151 IP Switch ing IP Swi tching (or packe t forward ing) en compa sses tas ks requ ired t o forw ard packets for bo th Layer 2 and Layer 3, as well as tra d itional routing .
C ONFIGURING THE S WI TC H 3-152 there, th e switch broadca sts an A RP packet to a ll the por t s on the destination VLAN to find out th e destinatio n MA C addre ss . After the MA C a ddr ess is discovere d, the packet is refo r m atte d and se nt ou t to th e destin ation.
IP R OUTING 3-153 • Dynamic routin g uses a ro uting pr otoc ol to exc hange r outing information, calculate routing tables, and respon d to changes i n the status or loading of the net work. Th e swit ch suppor ts R IP , R IP-2 and OSP Fv2 d ynamic routin g prot ocols.
C ONFIGURING THE S WI TC H 3-154 Basic IP In terface Configuration T o allow routing be tween different I P subnets, y o u must enable I P Routing as desc ribe d in this sect ion . Y ou also nee d to you d efine a VLAN f or each IP subnet that w ill be conn ected directly to this sw itch.
IP R OUTING 3-155 We b - Clic k IP , Gener al, Glob al Settings . Set IP R outing Status to D isabled to restr ict operation t o Layer 2, o r E nabled to allow multilayer switching, specif y the default gatew ay whic h will be forw arded pac kets for a ll unknown su bne ts, and click Appl y .
C ONFIGURING THE S WI TC H 3-156 • Before you co nfigure any ne twork interfa ces on this ro uter, you should first cre ate a VLAN for each u nique user group , or for e ach network applic ation and i ts associat ed users. T h en ass ign the por ts associated with each of these VLANs .
IP R OUTING 3-157 We b - Click IP , General, Ro utin g Interface. Spec ify a n IP int erf ace f or each VLAN that will supp or t routing to oth er subnets.
C ONFIGURING THE S WI TC H 3-158 approp riate field in the fr ame header, and forwards t h e frame on to the next hop. IP traffic pa sse s along the path to its final dest ination in this way , with e.
IP R OUTING 3-159 request by send ing its o wn MA C address to the request ing node . That node th en send s traffic to th e rou ter, which in turn uses its own routin g table to for ward the traffic to the rem ote destin ation.
C ONFIGURING THE S WI TC H 3-160 We b - Click IP , ARP , General. Se t the timeo ut to a suita ble value for the ARP cac he, enable Proxy ARP for s ubnetworks that do not hav e routing or a default gate way , and click A pply . CLI - This exam ple sets the ARP cac h e timeout for 15 minutes (i.
IP R OUTING 3-161 • MAC Address – MAC a ddress static ally mapped t o the correspon ding IP address . (Valid MAC add resses are hexadecimal n umbers in the format: xx-xx-xx-xx-xx-xx. ) • Entry Count – The num b er of static entries in the ARP ca che.
C ONFIGURING THE S WI TC H 3-162 • Dynamic to Static * – Chang es a selected dynamic ent ry to a stat ic entry. • Clear Al l * – Delet es all dynamic entries fr om the ARP cache. • Entry Count – The num b er of dynamic entries in the ARP ca che.
IP R OUTING 3-163 Displaying Local ARP Entries The ARP ca che also co ntains entri es for lo cal interfaces , including subnet, host , and broad cast addr esses . Command Attributes • IP Address – I P address of a l ocal entry i n the cache. • MAC Address – MAC address mapp ed to the corresp onding IP address.
C ONFIGURING THE S WI TC H 3-164 Displaying ARP Statistics Y ou can d isplay s tatistics for ARP messages cro s sing al l interfac es on this router . Statistical V alues We b - Cl ick IP , ARP , St atist ics . Parameter Description Received Request Number of ARP Requ est packets rec eived b y the router.
IP R OUTING 3-165 CLI - This exampl e provides detailed sta tistics on common IP-related protoc ols. Displaying Statistics for IP Protocols IP Statis tics The I nter ne t Protoc ol (IP) pr ovides a mecha nism for tra nsmittin g blocks of da ta (often call ed pack ets or fram es) from a so urce to a dest ination, where t h ese net work devi ces (i.
C ONFIGURING THE S WI TC H 3-166 Statistical V alues Parameter Description Packets Received The total number of input datagram s received from interfaces, in cluding those received in error.
IP R OUTING 3-167 We b - Cl ick IP , Statis tics , IP . CLI - See the example o n page 3-164. Unknown P rotocols Received The numbe r of locally-a ddress ed datagr ams received success fully but disc arded beca use of an unkno wn or unsupport ed protocol.
C ONFIGURING THE S WI TC H 3-168 ICMP Sta tistics Inter n et Con trol Messag e Proto col ( ICMP) is a network laye r prot ocol tha t transm its message p ackets to report errors in pro cessing IP pac kets . ICMP is ther efore an int eg ral part of the In ter net Pr otocol.
IP R OUTING 3-169 We b - Cl ick IP , Statis tics , ICMP . CLI - See the example o n page 3-164. Timestamp Replies The number of ICM P Timestamp Re ply messages received/s ent. Address Masks The number of ICMP Addr ess Mask Reque st mes sages received/s ent.
C ONFIGURING THE S WI TC H 3-170 UDP Statistics User Da tag ram Prot ocol (UDP) pr ovides a datag ram mode o f pack et-switc hed comm unications . It us es IP as the un derlying tran sport mechanism, providing access to IP -like serv ices .
IP R OUTING 3-171 TCP Statistics The T rans mission Con trol Protocol (TCP) provides highly reliable host -to-host connectio ns in pac ket-s witched netw orks , and i s used in conju nction with IP to supp or t a wide varie ty of Inte r net prot ocols .
C ONFIGURING THE S WI TC H 3-172 We b - Cl ick IP , Statis tics , TCP . CLI - See the example o n page 3-164. Configuring Stat ic Routes This router c an dynamically c onfigure routes to other netw ork segments using d ynamic ro uting pr otocols (i. e.
IP R OUTING 3-173 We b - Click IP , R o uting, Static Routes . CLI - This example forwards all tra ffic for subnet 192.168. 1.0 to the router 192.168.5.
C ONFIGURING THE S WI TC H 3-174 • Netmask – Network mask fo r the associated IP subnet. This mask ident ifies the host address bit s used for routi ng to specifi c subnets. • Next Hop – The I P address of th e next hop (or gateway) in this route.
IP R OUTING 3-175 Configuring th e Routing Infor mation Protocol Th e RIP pr otoc ol is the mos t wi dely us ed rou ting p rotoco l. Th e RIP protoc ol us es a d istan ce-vect or-base d appr oach to ro utin g .
C ONFIGURING THE S WI TC H 3-176 • There are se veral se riou s prob lems wit h RIP that you shou ld cons ider. First o f all, RIP (vers ion 1) ha s no kn owledge of sub nets, both R IP versio ns ca.
IP R OUTING 3-177 Command Attributes Global Settings • RIP Routing Process – Enable s RIP routing for all IP interfaces on t he router . (Default: Disabl ed) • Glo bal R IP V ersio n – Specifies a RIP version used globally by the router . (Default : RIP V ersio n 1) Timer Se ttin gs • Update – Sets the rate at which updates are sent .
C ONFIGURING THE S WI TC H 3-178 CLI - T his exampl e sets the router to use RIP V ersion 2, and sets t h e basic timer to 15 seco nds. Specifyin g Network Interfaces for RI P Y ou mus t specify ne twork i n terfaces that will be included in the RIP routing p rocess .
IP R OUTING 3-179 We b - Click Routing Protocol, RIP , Network Addresses. Add all interfaces that will par ticipate in RIP, and click Apply. CLI - T his example i n cludes netw ork interface 10.
C ONFIGURING THE S WI TC H 3-180 Command Usa ge Speci fyin g Rece iv e and Send Pr o toc ol Types • Setting the RIP Receive Versio n or Send Vers ion for an interf ace ov errides the g lobal setti ng specified by the RIP / G enera l Se ttings, Global RIP V ersio n field.
IP R OUTING 3-181 three m ethods that can provi de faster con vergence w hen the netw ork topolo g y changes and pr event mo st loops from occurring: • Split Hori zon – Never propagate ro utes back to an interface port from which th ey have been a cquire d.
C ONFIGURING THE S WI TC H 3-182 - RIPv2 : Sends onl y RIPv2 pack ets. - RIPv1 Compati ble : Rout e inform ation is broad cas t to othe r route rs with RI Pv2.
IP R OUTING 3-183 We b - Clic k Routin g Protocol, RIP , Inter face Settings . Select th e RIP protocol messag e types that will be receiv e d and sent, the method used to provide faster convergence and p revent loopback (i.e., prevent instability in the net work topolog y), and th e auth entic ation op tion and cor res ponding passw ord.
C ONFIGURING THE S WI TC H 3-184 RIP Infor m ation and Statistics Parameter Description Globals RIP Routing Process Indicates if RIP has been enabled or disa bled.
IP R OUTING 3-185 We b - Click Routing Pr otocol , RIP , Statis tics..
C ONFIGURING THE S WI TC H 3-186 CLI - The infor mation dis played b y the RIP Statisti cs screen via the W eb inte rface can be acces sed from the C LI using the fo llowing commands.
IP R OUTING 3-187 OSPF rout ers exis t; as wel l as the no t-so-s tubby ar ea optio n (RFC 1587). Command Usa ge • OSPF looks at more th an just the simple ho p count. When adding the shorte st path to any node into the tr ee, the op timal path is chos en on the basis of d elay, throughput and connectivity.
C ONFIGURING THE S WI TC H 3-188 • OSPFv2 is a compati ble upgrade to OSPF. It invol ves enhancement s to protoc ol m essage authe ntic ation , and the additi on o f a point-to- multipoint int erface which allows OSPF to run ove r non-bro adca st ne tworks , as we ll as su pport fo r ov erlap ping are a ran ges.
IP R OUTING 3-189 • OSPF Router ID – A s s i g n s a u n i q u e r o u t e r I D f o r t h i s d e v i c e w i t h i n t h e autonomous system. (Default: The lowest interface address ) • Version Number 1 – This ro uter only s upports O SPF Version 2.
C ONFIGURING THE S WI TC H 3-190 • SPF Hold Time (seconds) – The ho ld time betwee n makin g two consecutive shortest path first (SPF) calculations. (Range: 0-65535 ; Default: 10) • Area Numbers 1 – The number of OSPF area s configured on this router.
IP R OUTING 3-191 We b - Click Routing Pr otocol , OSPF , Gener al Con figurati on. En able OSPF , speci fy the R outer ID , configur e the other g lobal parameter s as required, and click Apply . CLI - This exampl e configures the router w ith the sa m e sett ings as s hown in the s creen capture f or the W eb interface.
C ONFIGURING THE S WI TC H 3-192 Configur ing OSPF Areas An auto nomous syste m must be config ured with a backbone area, design ated by area i dentifier 0.0.0. 0. By default, all other areas are cre ated as nor mal transit areas. R outers in a nor mal area ma y impor t or expor t routing infor mation about indi vidual nodes .
IP R OUTING 3-193 • By default, a stub can only pass tra ffic to other areas i n the autonomous system via t he default extern al route. H owever, you also can co nfigure an area border router to send Type 3 summary link a dvertisements into the stub.
C ONFIGURING THE S WI TC H 3-194 Command Usa ge • Before you cre ate a stub or N SSA, first sp ecify the addr ess range for a n area using the Network Area Address Configuration screen (page 3-206). • Stubs and NSSAs cann ot be used as a transit area, and should therefore be placed at the edge of t he routing do m ain.
IP R OUTING 3-195 We b - Click Routin g Protocol, OSPF , Area Configuration. Set any area to a stub or N SSA as required, sp ecify the cost for the default sum mar y route sent into a stub , and click Apply . CLI - T his example conf ig ures area 0.0.
C ONFIGURING THE S WI TC H 3-196 Configur ing Area Ranges (Rou te Summarization for ABRs) An OSPF ar ea can include a la rg e numb er of node s. I f the Area Bo rder R outer (ABR) h as to adv ert ise rout e info r m ati on f or each o f these nodes , this w astes a lot of ba ndwidth and pro cessor time .
IP R OUTING 3-197 Command Attributes • Area ID – I denti fie s an ar ea for whic h the r out es ar e sum mar ized . (The area ID must be in the form of a n IP address. ) • Range Network – Base add ress f or the r out es to s umma rize . • Range Netmask – Netw ork mask for the summary route.
C ONFIGURING THE S WI TC H 3-198 CLI - This example s ummarizes al l the routes fo r area 1. Note th at the default for the area range command i s to adv ertise the route s umm ary . The conf igured summar y route is shown in the list of infor mation displ ayed for area 1.
IP R OUTING 3-199 Field Attributes OSPF Interf ace List • VLAN I D – The VLAN t o which an IP interf ace has been assigned. • Interface IP – The IP interface ass ociated with th e selected VLA N . • Area ID – The area to which this interface has been assigned .
C ONFIGURING THE S WI TC H 3-200 interface when estimating this d ela y. Set the tra nsmit de lay ac cording to link speed, using larg er values for lower-speed links. - Th e t r an s m i t d el ay m u s t b e th e s a m e f or a l l r o u t e rs i n a n a ut o n o m ou s system .
IP R OUTING 3-201 • Authentication Type – Spec ifies th e authe nticatio n typ e used for an interface. (Option s: None, Simp le password, MD5 ; Default: None) - Use a uthentic ation to prevent routers from inadv ertentl y joinin g an unauth orized area.
C ONFIGURING THE S WI TC H 3-202 - When changing to a new key, the router will send mult iple copies of all protoc ol mes sages, one wit h the ol d key a nd ano ther with the new key. Once all the neighbor ing routers start sen ding protoc ol messages bac k to th is router wit h the new key, the router w ill stop us ing the old key.
IP R OUTING 3-203 Change any of t he interface-sp ecific protocol pa rameters , and then click Apply CLI - This example confi g ures the in terface parameters for V LAN 1.
C ONFIGURING THE S WI TC H 3-204 Configur ing Virtual Links All OSPF a reas must conne ct to the backbon e. If an area d oes not hav e a direct p hysical connection to the ba ckbone , you can configure a virtual lin k that pro vides a log ical path to the backbo ne.
IP R OUTING 3-205 We b - Click R outing Protocol, OSPF , Virtual Link Co nfiguration. T o create a new virtual link, spec ify the Area I D and Neighbor Router ID , configure the link attribut es , and click Add.
C ONFIGURING THE S WI TC H 3-206 Confi g uring Ne twork Area Addres ses OSPF pro tocol broa dcast messages (i .e., Link State Ad vertisements o r LSAs ) are restric ted by are a to limit their imp act on netw ork pe rfor mance .
IP R OUTING 3-207 Command Attributes • IP Address – Address of th e inter faces to ad d to the area. • Netmask – Ne twork ma sk of the add ress ran ge to add to the ar ea. • Area ID – Area to which the s pecified add ress or rang e is assign ed.
C ONFIGURING THE S WI TC H 3-208 CLI - This example c onfigures the bac kbone area and one trans i t area. Confi g uring Su mmary Addresses (for External AS Routes) An Autonom ous S ystem B ounda r y Router (ASBR) can redistrib ute r outes learned f rom other pr otocols i nto all atta ched auto nomous sys t ems .
IP R OUTING 3-209 Command Attributes • IP Address – Summ ar y address c overin g a range of addres ses. • Netmask – Netwo rk mask for the summary route. Note: This router support s up 16 Type-5 s ummary routes. We b - Clic k Rout ing Protoc ol, OSPF , Sum m ary Address Co nfiguratio n.
C ONFIGURING THE S WI TC H 3-210 Redist ribut ing Ext ernal Rout es Y ou can c onfigure this ro uter to impor t exter nal routing info r mation from other rout ing p rotoc ols in to the au tonom ous sy ste m. Command Usa ge • This r oute r supp orts re distr ibut ion fo r both RIP an d sta tic ro utes .
IP R OUTING 3-211 Command Attributes • Redistribute Protocol – Specifies the external routing p rotocol type for which routing in formation is to be redistribute d into the local routin g domain. (Option s: RIP, Static; Default: RIP) • Redistribute Metric Type – Indicates the m ethod used to ca lculate extern al rou te co sts.
C ONFIGURING THE S WI TC H 3-212 Confi g uring NSS A Settings Use the OSPF / NSSA Settings page to c o nfigure a not-so-stubb y area (NSSA), and to contro l the use o f default rout es for ABRs and ASB Rs, or extern al routes lear ned from other routing domains and imp orted via an ABR.
IP R OUTING 3-213 We b - Click R outing Protocol, OSPF , NSSA Settings. Cr ea te a new NSSA or modi fy the routing be havior fo r an ex isting NSSA, and click Apply . CLI - T his exam ple conf igur es a rea 0.0. 0. 1 as a stub and sets the cost for the de fault sum mar y rout e to 10.
C ONFIGURING THE S WI TC H 3-214 The full database is e xc hang ed between neighboring routers as soon as a new rou ter is disc overe d. Afterw ards , any chan g es that o ccur in the ro uting tables are synchr oniz ed with n eighb oring route rs thro ugh a pr ocess called reliable f loodi ng .
IP R OUTING 3-215 • Adv R ou ter – IP address of the advertising router. If no t entere d, information about all advertising routers is disp layed. • Age * – Age of LSA (in second s). • Seq * – Sequenc e number of LSA (u sed to detect older dupli cate LSAs).
C ONFIGURING THE S WI TC H 3-216 Displaying Info rmation on Border R outers Y ou can d isplay e n tries i n the local r o uting t able for Area Bord er Rout ers (ABR) and Autonomous Syste m Bound ar y Routers (AS BR) known by this devic e. Field Attributes • Dest inatio n – Identi fier for the des t ination router.
IP R OUTING 3-217 Displa ying Information on Neighbor Rou ters Y ou can display about neighb oring routers on each interface within an OSPF area. Field Attributes • ID – Neig hbor’s router ID . • Priority – Neighbor ’s router pri ority. • State – OSPF state and identificati on flag.
C ONFIGURING THE S WI TC H 3-218 We b - Click R outing Proto col, OSPF , Neighbor In for mation. CLI - This shows a designated route r and backup de s ignated ro uter as neig hbors.
M ULTICAST R OUTING 3-219 it rout ing protoc ol independe nt. Also note th at the Dense Mo de versio n of PIM is su ppor te d on this r outer be caus e it is suitable for densely pop ulated multicast g roups whi ch occur primarily in the LAN environment.
C ONFIGURING THE S WI TC H 3-220 routes to forward m u lticast traffic only if g roup members appe ar on directl y-attached sub networ ks or on subnetw orks attach ed to downstr eam routers . Field Attributes • Group Address – IP group address for a multicast service.
M ULTICAST R OUTING 3-221 We b – Click IP , Multicast Routing, Multicast Routing T able. Click Detail to displa y additional information for any entry .
C ONFIGURING THE S WI TC H 3-222 CLI – T his example shows that multic ast fo rward ing is en abl ed . T he mult icast routin g table disp lays one entr y for a m ulticast sou rce routed b y D V MRP , and an othe r sour ce rou ted v ia PIM.
M ULTICAST R OUTING 3-223 to build up a source-rooted multicast delivery tree that allows it to prevent looping and dete r mine t he shor test pat h to the source of this multicast traffic.
C ONFIGURING THE S WI TC H 3-224 Command Usa ge Broadca sting period icall y f loods the network with traffic from any active multicast ser ver . I f IGMP snooping is disabled, multicast t raffic is floode d to all por ts on the rou ter .
M ULTICAST R OUTING 3-225 The globa l setting s that contro l the prune and graft messa g es (i.e ., prune lifetime) should be configured to the same values on all routers througho ut the ne twor k to allo w D VMRP to func tion prope rly .
C ONFIGURING THE S WI TC H 3-226 to th e router. When t he router recei ves these mess ages, it reco rds all the do wnstream route rs for the default route.
M ULTICAST R OUTING 3-227 CLI – This sets th e global parame ters for D VMRP and displays the current se ttings. Confi guring DVMRP In terface Setting s T o fully enable D V MRP , you need to enable.
C ONFIGURING THE S WI TC H 3-228 • Status – E nable s or dis able s DVMR P. - If DVMRP is enab l ed on any interf ace, Layer 3 IGMP should also be enabled on t he router (page 3-144). - If DVMRP is disabl ed, the interface canno t propagate IP multicast routing information.
M ULTICAST R OUTING 3-229 Displaying Neighbor Information Y ou can d isplay a ll the nei ghboring D VMRP router s. Command Attributes • Neighbor Address – The IP addres s of the network devic e immedia t ely upstream for this multicast deliver y tree.
C ONFIGURING THE S WI TC H 3-230 CLI – T his example displays the only neighbor ing DV M RP router. Displaying th e Routing Table Th e rout er lear ns sourc e-ro uted in for m ation f rom nei ghborin g DVMRP routers an d also adv ert ises learned r outes to its ne i ghbors .
M ULTICAST R OUTING 3-231 • Up time – The ti me elapsed since this entry was cr eated. • Expire – The time remainin g before this e ntry will be aged out. We b – Click R outing Prot ocol, DVMRP , D V MRP Routing T able. CLI – This exampl e displays known D V MRP rout es.
C ONFIGURING THE S WI TC H 3-232 network. If it is not, t he ro uter d rops th e packet a nd send s a pr une message bac k out the s ource interface . If it is the same interface used by the un icast .
M ULTICAST R OUTING 3-233 CLI – T his example enables PIM-DM globally and displays the cur rent status . Configur ing PIM-DM Interf ace Settings T o fully enable PIM-DM, you need to enable multicast.
C ONFIGURING THE S WI TC H 3-234 not these neigh bors are still active me mbers of the multicast tree. (Rang e: 1-65535 seconds; Default: 30) • Hello Holdtime – Sets the interval to wait for hello mess ages from a neighb oring PIM rout er before dec l ar ing it dead.
M ULTICAST R OUTING 3-235 We b – Click R outing Prot ocol, PIM-D M, Interface Settin gs . Sele ct a VLAN, enable o r disabl e PI M-D M for t he se lect ed i nterf ace, modif y any of the pr otocol par ameter s as requir ed, and click App ly .
C ONFIGURING THE S WI TC H 3-236 Displaying Inte rface Information Y ou can d isplay a summar y of th e cur rent int erface status fo r PIM-DM, includ ing the number of neig hbor ing PIM r out ers, an d the addre ss of th e des ignat ed P IM ro uter .
M ULTICAST R OUTING 3-237 Displaying Neighbor Information Y ou can d isplay a ll the ne ighboring PIM-DM router s . Command Attributes • Neighbor Address – IP addres s of th e next-h op ro uter. • Interface – VLAN that is a t tached to this n eig hbor.
C ONFIGURING THE S WI TC H 3-238.
4-1 C HAPTER 4 C OMMAND L INE I NTERFACE This ch apter descr ibes how t o use the Com m and Li ne Interface ( CLI). Using the Com m and Line Interface Accessing the CLI When acces sing the man ag emen.
C OMMAND L IN E I NTE RF AC E 4-2 3. W hen finis hed, ex it the ses sion wi th the “q uit” or “exit ” comma nd. After c onnecting to the sy stem through the conso le port, the logi n screen displ ays: Telnet Connection T elnet operat es over the IP trans p ort protocol .
E NTERING C OMMANDS 4-3 After y ou configure t he switch with an IP addre ss, y ou can open a T elnet session by perfo r ming these st e ps: 1. From t he remote ho st, enter t he T elnet co mmand and the IP address of the device you w ant to access . 2.
C OMMAND L IN E I NTE RF AC E 4-4 Y ou can e nter commands as follows : • To enter a si mple command, enter the com mand keyword. • To enter multiple commands, ent er each command in the required or der.
E NTERING C OMMANDS 4-5 Showing Commands If you enter a “?” at the command prompt , the system will dis play the first lev el of key words for the current comm and class (No r mal Ex ec or Pri vileged Exec) or configurati on class (Gl obal, A CL, DHCP , Interfac e, Line, Router or VL AN Dat abase).
C OMMAND L IN E I NTE RF AC E 4-6 Partial Keyword Lookup If yo u ter minate a partial ke yword with a question mark, alternativ es that match the initial letters are provided. ( Re me mber not to le av e a spac e betw een the command and questi on mark.
E NTERING C OMMANDS 4-7 command classes and associated mo des are displa yed in the fo llowing table: Exec Commands When y ou open a ne w console s ession on th e switch with the user name and pas sword “ guest, ” the sy stem enters t he Nor mal Exec command mode ( or guest mo de), disp laying t he “Conso le>” command prompt.
C OMMAND L IN E I NTE RF AC E 4-8 Configura tion Commands Configuration commands are privileged level commands used to modify switch setting s . T hese comman ds modify the r unning config uration only and are n ot sav ed when the s witch is r ebooted.
E NTERING C OMMANDS 4-9 T o enter the Gl obal Conf iguratio n mode, ente r the c omma nd configure in Privileged Exec mode. The system prom pt will chang e to “Console(c onfig)#” wh ich gives y ou acce ss privilege to all Global Configuration co mmands .
C OMMAND L IN E I NTE RF AC E 4-10 Command Line Pr ocessing Commands are not case sensitiv e. Y ou can abb reviate comman ds and para mete rs as long as they con tai n enou gh lett ers to d iffer ent iate t he m from an y other currently a vailab le commands o r paramete rs.
C OMMAND G RO UP S 4-11 Comman d Groups The syst em commands c an be brok en down i nto the funct ional groups shown below . Command Group Description Page Line Sets communica tion parameters for the .
C OMMAND L IN E I NTE RF AC E 4-12 The access m ode shown i n the follo wing tables i s indi cated by t h ese abbr eviations: NE (Nor mal Exec) IC (Interface Configuration ) PE (Privilege d Exec) LC (Line Configuration) GC (Global Con figuration) RC (Router Conf iguration ) ACL (Access Co ntrol List C onfig .
L INE C OMMANDS 4-13 Line Co mma nds Y ou can access the onboard c o nfiguration program by attaching a VT100 compa t ible de vi ce to the ser ver’ s serial p or t. These co m mands ar e used to set com munication p arameters for the serial po r t or T elnet (i.
C OMMAND L IN E I NTE RF AC E 4-14 line Use this command to ide ntify a specifi c line for con figuration, an d to proce ss subs eque nt line config uratio n comm ands. Syntax line { console | vty } • console - Consol e terminal l i ne. • vty - Virtual termin al for remote console acce ss (i.
L INE C OMMANDS 4-15 login Use this command to enabl e passwo rd checki ng at login. Use the no for m to di sable passw ord chec king and al low con nection s without a passw ord. Syntax login [ local ] no login local - Sele cts local password checking .
C OMMAND L IN E I NTE RF AC E 4-16 Example Related Commands username ( 4-33) password (4-16) password Use this command to s p ecify t he passw ord for a li n e.
L INE C OMMANDS 4-17 configuration file during system bootup or when down loading the confi g uration file from a TFTP serve r. There is no need for you to manual ly configu re encrypted passwords.
C OMMAND L IN E I NTE RF AC E 4-18 Example T o set th e timeou t to tw o mi nutes , ent er thi s comman d: password-thr esh Use this comman d to se t the password intr usion t hresho ld which l imits th e number of failed lo g on attemp ts . Us e the no for m to remove the threshold val u e.
L INE C OMMANDS 4-19 Related Commands silent-time ( 4-19) silen t-tim e Use this comma nd to set th e amou nt of time th e manag eme nt conso le is inacce ssible after th e number of unsuccessful l og on attemp ts exceed s the threshold set by th e pass word-thresh comma nd.
C OMMAND L IN E I NTE RF AC E 4-20 databits Use this c ommand to se t the number of data bits per charact er that a re inter prete d and g e nera ted by th e con sole por t. Us e the no fo r m to r est ore the de fault value. Syntax databi ts { 7 | 8 } no databits • 7 - Seven d ata bit s per ch arac ter.
L INE C OMMANDS 4-21 parity Use this comman d to def ine generati on of a par ity bit. Use the no for m to restore the defaul t settin g . Syntax parity { none | even | odd } no parity • none - No p.
C OMMAND L IN E I NTE RF AC E 4-22 spee d Use this comma nd to set th e t er mina l line ’ s bau d rate. T his c ommand sets both the tr ansmit (to terminal) and r eceive (fr om ter minal) spee ds . Use the no for m t o restore the de fault set ting .
L INE C OMMANDS 4-23 stopbit s Use this co mmand to se t the number o f the stop bit s transm itted per byte. Use the no for m to restore th e default setting.
C OMMAND L IN E I NTE RF AC E 4-24 Example T o show all lines, ente r this command: General Comman ds Console#show line Console configuration: Password threshold: 3 times Interactive timeout: Disabled.
G ENERAL C OMMANDS 4-25 enable Use this command to activate Pri v ilege d Exec mode. In pri vileg ed mode, addition al commands are av ailable, an d cer tain commands dis p lay addition al infor mation. See “Under s tanding Command Modes” on page 4-6.
C OMMAND L IN E I NTE RF AC E 4-26 disable Us e t h i s c o m m a n d to r e t u r n t o N o r m a l Exe c m o d e fr o m p r iv i le g e d mo d e . In normal acce ss mode, y ou can onl y displa y basic infor mation on the switch's configuration or Ethe rn et statistics .
G ENERAL C OMMANDS 4-27 configure Use this comman d to activate Glo bal Configu ration m ode. Y ou must ente r this mo de to modif y any s etti ngs on the s witch.
C OMMAND L IN E I NTE RF AC E 4-28 Example In this exam ple, th e show his tor y com mand lists the con tent s of th e comma nd history buffe r : The ! comman d re peats c ommands from th e Executi on.
G ENERAL C OMMANDS 4-29 Command Usage This comman d resets t h e enti re system. Example Th is example shows how to r eset th e switch : end Use this command to re tur n to Pr ivileged Ex ec mode.
C OMMAND L IN E I NTE RF AC E 4-30 Example This examp le shows ho w to return to the Privi leged Exec mode from the Global Configur ation mode , and then qui t the CLI se ssion: quit Use this command to exi t the config uration program.
S YSTE M M ANAGEME NT C OMMANDS 4-31 System Mana gemen t Comman ds These comman ds are used to control sys tem logs , passw ords , user names , browser config uratio n opti ons, and di splay or c onfigu re a varie ty of ot her system inf or ma tion.
C OMMAND L IN E I NTE RF AC E 4-32 hostname Use this co mmand to specify or modi fy the host name for th is device. Use the no for m to restor e the defa ult host n ame.
S YSTE M M ANAGEME NT C OMMANDS 4-33 username Use this command to ad d named users , require aut hentication at login, specify o r change a user's p assword ( o r spec i fy that n o passwor d is require d), or speci fy or change a u ser's access l evel.
C OMMAND L IN E I NTE RF AC E 4-34 Command Usage The en cr ypted password is required for compatibili ty with leg acy pas sword settings (i.e ., plain text or en cr ypted) when readi ng the conf iguration file duri ng system bo otup or when d ownlo ading the config urati on fil e from a TFT P se r ver .
S YSTE M M ANAGEME NT C OMMANDS 4-35 Command Usage • You c annot s et a null p asswo rd. You will have to enter a pa ssword to change the command mod e from Norma l Exec to Privileged Exec with the enable command (page 4-25). • The encr ypted passwo rd is required for compatibility wit h legacy passw ord settin gs (i.
C OMMAND L IN E I NTE RF AC E 4-36 Default Setting 80 Command Mode Global Configuratio n Example Related Commands ip http se r ver (4-36) ip http server Use th i s comm and to allo w this device to be monito red or config ured from a b rowser . Use the no form to disable this funct ion.
S YSTE M M ANAGEME NT C OMMANDS 4-37 Event Logging Commands logging on Use this command to con trol log ging o f error me ssages. This command sen ds deb ug or error messa g es to swit ch me mor y .
C OMMAND L IN E I NTE RF AC E 4-38 logging history Use this c ommand to limit sy slog mes sages saved to switch me mor y ba sed on severity . T he no for m returns t he log ging of syslo g mess ag es to the default level.
S YSTE M M ANAGEME NT C OMMANDS 4-39 Command Mode Global Configuratio n Command Usage The messag e level specified for f lash memor y must be a highe r priority (i.e. , numerically low er) than that spec i fied for RAM. Example clear logging Use this command to clear mes sag es from the log buffer .
C OMMAND L IN E I NTE RF AC E 4-40 show l og ging Use th i s comma nd to displ ay the logg ing configuration, alon g with any system and event me ssag es st ored in memor y . Syntax show loggi ng { fl a sh | ram } • flash - Even t histo ry stor ed in flas h memory (i.
S YSTE M M ANAGEME NT C OMMANDS 4-41 Example The following example shows that s ystem log ging is enabled, the messag e level for flash memor y is “errors ” (i.
C OMMAND L IN E I NTE RF AC E 4-42 sntp cli ent Use this co mmand to enab le SNTP client requ ests for time sync hronizat ion from NT P or SNTP tim e ser ver s specified with the sntp ser vers command. Us e the no for m of this command to d i sable SNTP client requests .
S YSTE M M ANAGEME NT C OMMANDS 4-43 Example Related Commands sntp ser ver (4-43) sntp poll (4-44) sntp br oadcast c lient (4 -45) show sntp (4-45) sntp se rver Use this command to s et the IP addre ss of the server s to whic h SNTP time requ ests are issued .
C OMMAND L IN E I NTE RF AC E 4-44 Command Usage This c ommand sp ecifies time ser vers from which the switch will poll for time update s when set to SNTP client mode. T he client will p oll the time ser vers in th e order specified until a respon se is received.
S YSTE M M ANAGEME NT C OMMANDS 4-45 Example Related Commands sntp clien t (4-42) sntp broadcast client Use thi s command to sync hronize th e switch ’ s cloc k based on t ime broadcast from time servers (using the multicast address 224.0.1.1). Use the no form to disabl e SNTP br oadcast cli ent mode .
C OMMAND L IN E I NTE RF AC E 4-46 Command Usage This comman d displa ys the current time , the pol l interval used for sendin g time s ynchron ization requ ests (w hen t he switch is set to SN TP client mo de), and the cu r rent S NTP mode (i.e., client or broadc ast).
S YSTE M M ANAGEME NT C OMMANDS 4-47 a time corr espondin g to your local time, y ou must indicate the number of hours an d minutes your time zone is east (b efore) o r west (after ) of UTC.
C OMMAND L IN E I NTE RF AC E 4-48 Command Usage • Use th is command in conjunct ion with the show running-config command to compare the informatio n in running memory to the infor mation st ored in non- volatile memory. • Thi s comman d display s settings for key c omma nd modes.
S YSTE M M ANAGEME NT C OMMANDS 4-49 Related Commands show r unn ing-co nfig (4 -49) show runnin g-config Use this command to d isplay t h e conf igura t ion infor m ation cur rently in use .
C OMMAND L IN E I NTE RF AC E 4-50 - Rout i ng pr otocol c onfigurati on settings - Spann ing tr ee sett ings - Any co nfigured set t ings for the cons ole port and T elnet Example Related Commands show star tup-con fig (4-47) Console#show running-config building running-config, please wait.
S YSTE M M ANAGEME NT C OMMANDS 4-51 show system Use this command to disp lay system infor mation. Default Setting None Command Mode Nor m al Exec , Privileged Exec Command Usage • For a descr iption o f the ite ms sho wn by thi s comma nd, ref er to “Displaying Sys tem Information” o n page -12.
C OMMAND L IN E I NTE RF AC E 4-52 Command Usage The session us ed to execu te this comman d is indicated by a “*” symbol next to t he Li ne (i.e., ses sion) in dex number. Example show ve rsio n Use th i s comma nd to displa y hardwar e and so ftware ver s ion infor m ation for the system.
F LASH /F ILE C OMMANDS 4-53 Example Flash/File Commands These comma nds are used t o manage the sy stem code or configuration files . copy Use this command to move (upload/d ownload) a code image or configu ration file between the switch ’ s fla sh memor y and a TF TP ser ver .
C OMMAND L IN E I NTE RF AC E 4-54 Syntax copy file {file | running-con fig | start up-config | tftp} copy running-config {file | star tup-config | tftp} copy startup-config {file | r unning-config | tftp} copy tftp {file | r unning-config | star tup-config} • file - Key word tha t allows y ou to co py to/from a file.
F LASH /F ILE C OMMANDS 4-55 the do wnload men u du ring a boot u p to downlo ad th e Boot ROM (o r diagno stic) im age. See “U pgrad ing Firm ware via the Seria l Port” o n page B-1 f or mo re d et ails .
C OMMAND L IN E I NTE RF AC E 4-56 delete Use this co mmand to delete a file or imag e. Syntax delete filename filename - Name of the configuration file or image name. Default Setting None Command Mode Pri vileged Exec Command Usage • If the file type is used for system startup, then th is file cannot be delete d.
F LASH /F ILE C OMMANDS 4-57 dir Use this command to d i spla y a li st of files in f lash memor y . Syntax dir [ boot-rom | config | opcode [: filename ]] The ty pe of file or imag e to display includes: • boot-rom - Boot ROM (or diagnostic) image file.
C OMMAND L IN E I NTE RF AC E 4-58 Example The following example shows how to display all file infor m ation: whichboot Use th i s comm and to disp lay whic h files w ere booted wh en the sys t em powered u p . Default Setting None Command Mode Pri vileged Exec Example This examp le shows the infor mation di splayed b y the whichboot comma nd.
F LASH /F ILE C OMMANDS 4-59 boot system Use this command to s p ecify t he file or image us ed to start up the sys tem. Syntax boot system { boot-rom | config | opcode }: filename The ty pe of file or imag e to set as a defaul t includes : • boot-rom - Boot ROM.
C OMMAND L IN E I NTE RF AC E 4-60 Authen tication C o mmands Y ou can configure t his switc h to authenticate users logging in to the sys tem for manag emen t access using local or R ADIUS authen tication me thods. Y ou can a l so en able port-based authent ication for net work clie nt access using IEEE 802.
A UTHE NTI CA TI ON C OMMANDS 4-61 Command Mode Global Configuratio n Command Usage • RADI US us es UDP wh ich on ly offer s best effort de liver y. Also , note that RADIUS encrypts only the pa ssword in th e access-request packet from the clie nt to th e server .
C OMMAND L IN E I NTE RF AC E 4-62 radius-server h ost Use this co mmand to spe cify the RADIUS server . Use the no for m to restore the defau lt. Syntax radius-server host host_ip_address no radius-server host host_ip_ address - I P add ress of ser ver.
A UTHE NTI CA TI ON C OMMANDS 4-63 radius-serve r port Use this command to s et the RADIUS se r ver netw ork port. Use the no for m to restore the default. Syntax radius-ser ver port por t_number no radius-server por t por t_n um ber - RADIUS ser ver UDP por t used for au thentication messages .
C OMMAND L IN E I NTE RF AC E 4-64 Command Mode Global Configuratio n Example radius-server re transmit Use this comm and to set th e number of r etries.
A UTHE NTI CA TI ON C OMMANDS 4-65 radius-server timeout Use this comma nd to set th e inter val between transm itting authentica tion request s to the RADIUS ser ver .
C OMMAND L IN E I NTE RF AC E 4-66 802.1x Port Authentication The switch suppor ts IEEE 802.1x (dot1x) por t-based access control that prev ents unautho rized access to the netw ork by requiring users to first enter a use r ID and p assword for auth entica tion.
A UTHE NTI CA TI ON C OMMANDS 4-67 authentication dot1x default Sets th e defau lt auth entic ation se r ver ty pe. Use the no for m to res tore the defau lt.
C OMMAND L IN E I NTE RF AC E 4-68 dot1x max-req Sets the maximum number of times the swit ch port will retrans mit an EAP requ est pac ket to t he client before i t times o ut the au thentic ation sess ion.
A UTHE NTI CA TI ON C OMMANDS 4-69 Default forc e-auth ori zed Command Mode Interf ace Configuratio n Example dot1x re-authenticate F orces re-authentic ation on all por ts or a specific interface. Syntax dot1x re-authenticate [ interfac e ] interface • ethernet unit / port - unit - This is device 1.
C OMMAND L IN E I NTE RF AC E 4-70 Command Mode Global Configuratio n Example dot1x timeout quiet -period Sets the tim e that a switc h port w aits a fter the Max R equest C ount ha s been ex ceeded befor e attempting t o acquire a new cli ent. Use th e no fo r m of this com mand to r eset th e defaul t.
A UTHE NTI CA TI ON C OMMANDS 4-71 Default 3600 seconds Command Mode Global Configuratio n Example dot1x timeout tx-p eriod Sets the time that the swi tch waits during an authen tication se ssion befo re re-tra nsmitting an E AP packet. Use th e no for m to reset to the default val u e.
C OMMAND L IN E I NTE RF AC E 4-72 show d ot1x Use this command to show g ener al por t au thentica tion r elated settings on the switch or a specific interface. Syntax show dot1x [ stat is tics ] [ inte rfac e interface ] interfa ce • ethernet unit / port - unit - This is device 1.
A UTHE NTI CA TI ON C OMMANDS 4-73 (page 4-71 ), and Port-c ontrol (page 4- 68). It also displays the following information: - Statu s– Au thoriz ation stat us (au thorize d or una uthorize d).
C OMMAND L IN E I NTE RF AC E 4-74 Access Co ntrol List Co mmands Access Control Lis t s (A CL) pro vide pac ket filt ering for IP fr ames (based on add ress, protocol, TC P/UD P por t numbe r or TCP contro l code) o r non-IP frames (b ased on MAC address or Ether n et type ).
A CCES S C ONTROL L IST C OMMANDS 4-75 There are t h ree filt ering modes: • Standa rd IP A CL mode (S TD-ACL ) filters pa ckets b ased o n the s ource IP addr ess. • Extended IP ACL mode (EXT- A CL) fi lters packets based on so urce or desti nation IP a ddress, as we ll as protoco l type and TC P/UDP port number .
C OMMAND L IN E I NTE RF AC E 4-76 IP ACLs access-list ip Use this co mmand to add an IP acces s list and enter configura tion mode for st andard or exte nded IP A CLs .
A CCES S C ONTROL L IST C OMMANDS 4-77 • extended – Specifi es an ACL that filters packets based on the source or destinati o n IP add ress, and ot her more spec i fic crit eria.
C OMMAND L IN E I NTE RF AC E 4-78 permit , deny (Standard ACL) Use this co mmand to add a r ule to a Standa rd IP A CL. Th e r ule sets a filter condition for p ackets emanating from the specified source.
A CCES S C ONTROL L IST C OMMANDS 4-79 Related Commands access-list ip (4- 76) permit , deny (Extended ACL) Use this command to add a r ule to an Extended IP AC L.
C OMMAND L IN E I NTE RF AC E 4-80 • host – Keyword followed by a specific IP address. • sour ce-p ort – TCP/UDP source port number. (Range: 0-65535) • destination -por t – TCP /UDP d estina tion por t number . (Ran ge: 0-65535) • protoc ol-number – A specific protocol nu mber.
A CCES S C ONTROL L IST C OMMANDS 4-81 - Both S YN and ACK valid , use “con trol-co de 18 18 ” - SYN valid and ACK invalid, use “control-code 2 18” Example This exampl e accepts any incomi ng packe ts if the sour ce address is wi thin subnet 10.
C OMMAND L IN E I NTE RF AC E 4-82 Default Setting None Command Mode Interf ace Configur ation (Eth er net) Example Related Commands show ip access-list (4-83) show ip access-group Use this command to s h ow the p orts assigne d to IP ACLs.
A CCES S C ONTROL L IST C OMMANDS 4-83 show ip access- list Use this command to d isplay the r ules for configured IP A CLs . Syntax show i p access-list { standard | extended } [ acl_name ] • standard – Specifies a standard IP ACL. • extended – Specifi es an extended IP ACL.
C OMMAND L IN E I NTE RF AC E 4-84 MAC AC Ls access-list m ac Use this command to ad d a MA C access li st and enter MA C A CL config urati on mod e. Use the no for m to remov e the specified A CL. Syntax access-list mac acl _name no access-list ma c acl_ name acl_n ame – Na me of the ACL.
A CCES S C ONTROL L IST C OMMANDS 4-85 the bot t om of th e list. To create an ACL, you must add at leas t one rule to the li st. •T o r e m o v e a r u l e , u s e t h e no permit or no deny co mman d fo llo we d by the ex act text of a p reviously confi gured rule.
C OMMAND L IN E I NTE RF AC E 4-86 • any – Any MAC source addr ess, dest ination addre ss, or Ethe rnet protoc ol. • source – Source MAC add ress. • source bitmas k – Binary mask for the source M A C addres s. • destination – Destinati on MAC address.
A CCES S C ONTROL L IST C OMMANDS 4-87 mac access- group Use this command to b ind a port to a MA C A CL. Use the no for m to remov e the port. Syntax mac access-group ac l_na me in acl_n ame – Na me of the ACL.
C OMMAND L IN E I NTE RF AC E 4-88 Example Related Commands mac access -g roup (4-87) show mac access -list Use th i s comma nd to displa y the r ules for configured MAC ACL s.
A CCES S C ONTROL L IST C OMMANDS 4-89 ACL Informatio n show access-list Use this command to s how all A CLs and asso ciated r ules . Command Mode Pri vileged Exec Example show access-group Use this command to s how the p or t assig nments of A CLs .
C OMMAND L IN E I NTE RF AC E 4-90 SNMP Commands Con trol s ac ces s to thi s sw itch fr om manag ement s tations using t he Simple Netw ork Managem ent Protoc ol (SNMP), as well as the error ty pes sent to trap manag e rs .
SNMP C OMMANDS 4-91 Default Setting • public - Read-only access . Authorized managem ent stations are only able to retrieve MIB objects. • private - Read/writ e access. Authorized man agement stations are ab le to bo th retri eve an d modify M IB obje cts.
C OMMAND L IN E I NTE RF AC E 4-92 Related Commands snmp-server locatio n (4-92) snmp-serve r location Use th i s comm and to set the system locati on string . Use the no for m to remov e the location s tring . Syntax snmp-ser ver location te xt no snmp-ser ver location text - String that describe s the syste m location.
SNMP C OMMANDS 4-93 snmp-serv er ho st Use this command to s pecify the rec ipient of a Sim ple Netw ork Manag eme nt Prot ocol notif icatio n oper ation .
C OMMAND L IN E I NTE RF AC E 4-94 • However , some no tification types ca nnot be con trolled wit h the snmp-server enable traps comm and. For exampl e, some notifi cation types are always enabled.
SNMP C OMMANDS 4-95 notifi cations are ena bled. If you enter the comm and with a key w ord, only the notificati on type relate d to that keyw ord is enable d. •T h e snmp-server enabl e traps comman d is used in conj unction with the snmp-server host comma n d.
C OMMAND L IN E I NTE RF AC E 4-96 Example Console#show snmp SNMP traps: Authentication: enable Link-up-down: enable SNMP communities: 1. private, and the privilege is read- write 2.
DHCP C OMMANDS 4-97 DHCP Commands These commands are used to configure Dy namic Host Configura t ion Protoc ol (DHCP) clie nt, relay , and s er ver funct ions . Y ou can con figure any VLAN int erface to be automa tically assig n ed an IP address via DHCP .
C OMMAND L IN E I NTE RF AC E 4-98 Default Setting None Command Mode Interf ace Configur ation (VLA N) Command Usage This c ommand is used to include a client id entifier in all comm unications with the DH CP ser ver . T he ide ntifier type depe nds on the requ irements of your DHCP ser v er .
DHCP C OMMANDS 4-99 • If t he BOOTP or DHC P serv er has been moved t o a di fferent doma in, the ne twork portio n of t he ad dress pro vided to the client will be base d on this ne w domain . Example In the fo llowing ex ample, th e device is reas signed the sa m e addres s.
C OMMAND L IN E I NTE RF AC E 4-100 Default Setting Disabled Command Mode Interf ace Configur ation (VLA N) Command Usage This c ommand is used to configure DHCP re lay functions for host devices attached to the switch.
DHCP C OMMANDS 4-101 ip dhcp relay server Use th is command t o specify th e addresses of DHCP servers to be used b y the sw itch’ s DHCP rela y agent. Use the no form to clear al l addresses . Syntax ip dhcp relay ser ver address1 [ addr ess2 [ addr ess3 .
C OMMAND L IN E I NTE RF AC E 4-102 DHCP Server Command Function Mode Page service dhcp E nables the DHCP se rver feature on this switc h GC 4-103 ip dhcp excluded -address Specifi es IP addre sses th.
DHCP C OMMANDS 4-103 servi ce dhc p Use this command to en able the DHCP server on this switc h. Use the no for m to disable the DHCP s er ver. Syntax ser vice dhcp no ser vice dhcp Default Setting En.
C OMMAND L IN E I NTE RF AC E 4-104 ip dhcp excluded-address Use th i s comma nd to specif y IP addresses that the DHCP server should not ass i gn to D HCP clients .
DHCP C OMMANDS 4-105 Command Mode Global Configuratio n Usage Guidelines • After execut ing this command, the switch cha nges to DHCP Pool Config uration mo de, identi fied by the (config-d hcp)# promp t. • Fro m this mo de, fir st conf igure ad dress pools for the ne twork interfa ces (using the network command ).
C OMMAND L IN E I NTE RF AC E 4-106 Usage Guidelines • When a client request is receive d, the switch first checks for a network address pool match i ng th e gateway where t he request ori ginated (i.e. , if the reques t was forwarded by a relay server).
DHCP C OMMANDS 4-107 Command Mode DHCP P ool Configuration Usage Guidelines T h e I P a d d r e s s o f t h e r o u t e r s h o u l d b e o n t h e s a m e s u b n e t a s t h e client . Y ou can spe cify up to t wo r outers . Ro uters are lis ted in orde r of prefer ence (starting wit h address1 as the most prefer red router) .
C OMMAND L IN E I NTE RF AC E 4-108 dns-server Use this c ommand to specify th e Doma in Name Sy stem (DNS) IP ser vers av ailable to a DH CP clien t . Use th e no for m to remove t he DNS ser ver list. Syntax dns-ser ver address1 [ a ddr ess2 ] no dns-ser ver • address1 - Specifies the IP address of the primar y DNS server.
DHCP C OMMANDS 4-109 next-server Use this command to co nfigure the next ser ver i n the boot process of a DHCP client. Use the no for m to remov e the boot server list.
C OMMAND L IN E I NTE RF AC E 4-110 Default Setting None Command Mode DHCP P ool Configuration Example Related Commands next-ser ver (4-109) netbios-name-server Use this command t o configure NetBIOS Wind ows Intern et Naming Servi ce (WINS ) name servers t h at are a vailab le to Microsoft D HCP clie nts .
DHCP C OMMANDS 4-111 Example Related Commands netbios-node-type (4-111) netbios-node-type Use this command to configure t he NetBIOS n ode type for Microsoft DHCP client s.
C OMMAND L IN E I NTE RF AC E 4-112 lease Use this co mmand to configure the durati on that an IP address is assign ed to a DHCP cl ient. Use the no form to restore the default value. Syntax leas e { days [ hours ][ minutes ] | infinite } no lease • days - Specifies the duration of the lease in num bers of days.
DHCP C OMMANDS 4-113 host Use this command to specify the IP address and netw ork mask to manually bind to a DHCP client. Use the no for m to remove t he IP addr ess for the c lient . Syntax host address [ mask ] no host • address - Specifies the IP addres s of a client.
C OMMAND L IN E I NTE RF AC E 4-114 is used (see page 3-178). This command is valid for manual bindings only. •T h e no host com m and on ly clears t h e addres s from the D HCP server data base. It doe s not cancel th e IP address c urrently in use by the h o st.
DHCP C OMMANDS 4-115 • BOOTP clients cannot transmit a clien t identifier. To bind an address to a BOOTP clien t , you must as sociate a hardware ad dress with the host ent ry. Example Related Commands host (4-113) hardware-address Use this co mmand to specify the ha rdware addres s of a DHCP client.
C OMMAND L IN E I NTE RF AC E 4-116 Command Usage T h i s c o m m a n d i d e n t i f i e s a D H C P o r B O O T P c l i e n t t o b i n d t o a n addre ss specif ied in th e host comm and.
DHCP C OMMANDS 4-117 Example Related Commands show ip dhcp bind ing (4-1 17) show ip dhcp bind ing Use this command to d i spla y address bin dings on the D HCP ser ver . Syntax show ip dhcp binding [ address ] address - Specifies the IP address of the DHCP client for which bindings will be displayed.
C OMMAND L IN E I NTE RF AC E 4-118 Interface Commands These comman ds are used to displa y or set comm unication parameters fo r an Ethernet port, a g greg ated link, or VLAN .
I NTERFACE C OMMANDS 4-119 interface Use this command to co nfigure an i nterface ty pe and enter i n terf ace config urati on mod e. Use the no for m to remove a tr unk. Syntax interf ace interface no interface port-channel chann el-i d interface • ethernet unit / port - unit - This is device 1.
C OMMAND L IN E I NTE RF AC E 4-120 Default Setting None Command Mode Interf ace Configur ation (Eth er net, P or t Channel ) Example The follo wing example adds a descriptio n to port 25. speed-duplex Use th i s comm and to conf igure the speed and duplex mo de of a gi ven interface when auto neg otiat ion is disabl ed.
I NTERFACE C OMMANDS 4-121 Command Usage • To force o peration to the speed and d uplex mode speci fied in a speed-duplex comm and, use the no negotiation command to disa ble auto-ne gotiatio n on the selec ted interf ace.
C OMMAND L IN E I NTE RF AC E 4-122 Command Usage • When auto-n egotiation is e nabled the switch will n egotiate the best settings for a link based on the capabilities command. W h en auto-ne gotiation i s disabled, you must manua lly specify t he link attribut es wit h the speed-duplex and flowcontrol commands.
I NTERFACE C OMMANDS 4-123 • symmetric (Gigabit o nly) - W hen specifie d, the po rt transmits and receives p ause frames; when not specified, t he port will auto-ne gotiate to deter mine the sende r and recei ver for asymmetric pause fram es. ( The current switch ASIC only supports sy mmetric pause frames.
C OMMAND L IN E I NTE RF AC E 4-124 flowcontrol Use this command to enable flow contro l . Use the no fo r m t o d i s a b l e f l o w contr ol. Syntax fl o w c o n t ro l no f l ow contr ol Default S.
I NTERFACE C OMMANDS 4-125 Example The follo wing example enables flow control on port 5. Related Commands nego tiation ( 4-121) capabilities (f lowcontrol, symmet ric) (4-122) shutdown Use this command to disable an inter face. T o restart a disabled inter face, use the no for m .
C OMMAND L IN E I NTE RF AC E 4-126 switchport broadcas t packet-rate Use this command to con figure broadcas t storm contr ol. Use the no for m to disa ble broadcast st or m contr ol. Syntax swi tc hpor t broadcast packet-rate rate no switchpor t broadcast rate - Threshol d level as a rate; i.
I NTERFACE C OMMANDS 4-127 clear counters Use this command to cle ar statist ics on an interfa ce. Syntax clear counters inte rface interface • ethernet unit / port - unit - This is device 1.
C OMMAND L IN E I NTE RF AC E 4-128 show i nterface s st atus Use this co mmand to dis play the st atus for an inter face. Syntax show i nte rfaces status [ interface ] interface • ethernet unit / port - unit - This is device 1. - port - Port number.
I NTERFACE C OMMANDS 4-129 Example show interfaces counters Use this command to display i nterface stat istics . Syntax show interfaces counters [ interface ] interface • ethernet unit / port - unit - This is device 1. - port - Port number. • port-channel chann el-id (Range: 1-6) Default Setting Shows the counters for all interfaces.
C OMMAND L IN E I NTE RF AC E 4-130 Command Usage If no interface is specified, in for mation o n all interfaces is d isplayed. F or a descrip tion of the item s display ed by this co m mand, see “Showing Port Sta tistics ” on pag e 3-71 .
I NTERFACE C OMMANDS 4-131 show i nterfac es sw itch port Use this command to d i spla y the admini strativ e and operat ional status of the specif ied in terfa ces . Syntax show interfaces s wi tchpor t [ interface ] interface • ethernet unit / port - unit - This is device 1.
C OMMAND L IN E I NTE RF AC E 4-132 Field Description Broadcast t hreshol d Shows if broadcast st orm suppres sion is enabled or disable d; if enabled it also shows the thres hold level (page 4-1 26). Lacp stat us Shows if Lin k Aggreg ation Control P rotocol has been enabled or disabled (page 4-139).
M IR R OR P ORT C OMMANDS 4-133 Mirror Port Commands Th is sectio n desc ribe s how to mir ror traff ic fr om a sour ce por t to a targ et por t. port monitor Use this comma nd to co nfigu re a mir r or sessi on. Us e the no for m to clear a mirror sess ion.
C OMMAND L IN E I NTE RF AC E 4-134 probe to the destinat ion port and stu dy the traffic cro ssing the so urce port in a completely unobt rusive manner. • The dest ination port i s set by spec ifying an Eth ernet interf ace. • The mirror port a nd monitor port speeds should match, otherwise traff i c may b e dropped fr om the mon itor port.
R ATE L IMIT C OMMANDS 4-135 Example The foll owing shows mirrorin g configured from port 6 to por t 11: Rate Limit Commands This f unctio n allows the ne twork manag er to co ntro l the maximum rate for traffic transmitted or receiv e d on an interface.
C OMMAND L IN E I NTE RF AC E 4-136 rate-limit Use this command to d efine the rat e limit for a sp ecific inter face. Use t his command without spec ifying a rate t o restore th e default rate . Use the no for m to restore the defau lt statu s of disab led.
L INK A GG RE G A T I O N C OMMANDS 4-137 Link Aggregation Comman ds P or ts can be statically g roupe d into an ag g re gate lin k (i.e., tr unk) to incre ase the bandw idth of a network con nec tion or to ensur e faul t recover y .
C OMMAND L IN E I NTE RF AC E 4-138 • All the ports in a trunk have to be trea ted as a whole when moved from/t o, added or de leted from a VLAN via the spec ified port -chann el. • STP, VL AN, and IGMP se ttings can o nly be made for the entire trunk via the specified port-channel.
L INK A GG RE G A T I O N C OMMANDS 4-139 lacp Use this command to enable 802.3ad Link Agg reg ation Control Protocol (LA C P) for the c ur ren t interfa ce.
C OMMAND L IN E I NTE RF AC E 4-140 Example Th e following shows LA CP enab led on por ts 1 1-13. Be caus e LACP has also bee n enabled on the ports at the o ther end of the links , the show interfaces status por t-channel 1 command shows that Trunk1 ha s been established.
A DDRESS T ABL E C OMMANDS 4-141 Addre ss T able Comma nds These comma nds are used t o confi gure the addre ss table for filtering speci fied addres ses, display ing current entri es, clearing t h e ta ble, or setting the agin g time. mac-add ress-table st atic Use this command to map a st atic ad dress to a destination port in a VLAN .
C OMMAND L IN E I NTE RF AC E 4-142 • action - - delete-on-reset - Assignment lasts un til the switch is rese t. - permanent - As signment i s permanen t.
A DDRESS T ABL E C OMMANDS 4-143 Command Mode Pri vileged Exec Example show mac-address -table Use this command to vi ew classes of e ntries in th e bridge-forwa rding datab ase.
C OMMAND L IN E I NTE RF AC E 4-144 Command Usage • The MAC Address Tab le contains the MAC addr esses associa ted with each interface. Note th at the Type fie ld may include t he followin g types: .
A DDRESS T ABL E C OMMANDS 4-145 Command Usage The aging t ime is used to age out d ynamically lear ned forwarding infor mation . Example show mac-address -table aging-time Use this command t o show the aging time for entries in the addr ess table.
C OMMAND L IN E I NTE RF AC E 4-146 Spanni ng Tree Com man ds This secti on includes co mmands that configure th e Spanning T ree Alg orith m (STA) globally for the switch, and com mands tha t configure ST A for the select ed interface .
S PANNING T REE C OMMANDS 4-147 spanning- tree Use th is command to enable th e Spanning T ree Al g orit h m glo bally for the switch. U se t he no for m to disable it.
C OMMAND L IN E I NTE RF AC E 4-148 spanning- tree mode Use th i s comma nd to select t he spanning tr ee mode for th is switch . Use the no for m to restor e the defa ult. Syntax spanning-tree mode { stp | rst p } no spanning-tree mode • stp - Spanning Tree Protocol (IEEE 802.
S PANNING T REE C OMMANDS 4-149 Example The follo wing example configures t h e swi t ch t o use Rapid Spann ing T ree: spanning-tree for ward-time Use this command to co nfigure the spanning tre e bridge forwa rd time globally for this sw itch. Use the no for m to rest ore the d efault.
C OMMAND L IN E I NTE RF AC E 4-150 spanning-tree hello-t ime Use th i s comm and to confi gure the span ning tree bri dge hello time globally for this sw itch. Use the no for m to rest ore the d efault. Syntax spanning-tree hello-ti m e tim e no spanning-tree hello-time time - Time in seconds .
S PANNING T REE C OMMANDS 4-151 Default Setting 20 seconds Command Mode Global Configuratio n Command Usage This command s ets the maxim um time (in s econds) a devi ce can wait without receiving a co nfigura tion mess age befo re atte mpting to reconfi gure.
C OMMAND L IN E I NTE RF AC E 4-152 Command Mode Global Configuratio n Command Usage Bridge prio rity is used in sele cting the root d evice, root por t, and designa ted por t. T he d evice wi th the h ighes t priorit y beco mes th e STA root devi ce.
S PANNING T REE C OMMANDS 4-153 Example spanning-tree transm ission-limit Use this command to co nfigure the minimum interval b etween th e transm ission of cons ecutiv e RSTP BPDUs .
C OMMAND L IN E I NTE RF AC E 4-154 spanning-tree cos t Use th i s comma nd to confi g ure the spanning tre e path cost for t he specified inte rface. Use the no for m to res tore the default. Syntax spanning-tree cost cost no spanning-tree cost cost - The p ath cost for the port.
S PANNING T REE C OMMANDS 4-155 spanning- tree port-priorit y Use this co mmand to configu re the priority for th e specified interfac e. Use the no for m to re store th e default. Syntax spanning-tree por t-priority priority no spanning-tree por t-priority priority - The priority fo r a port.
C OMMAND L IN E I NTE RF AC E 4-156 spanning-tree edge-p ort Use thi s command to sp ecify an inte rface as an ed g e port. Use the no for m to restore th e default.
S PANNING T REE C OMMANDS 4-157 spanning-tree por tfast Use this command to s et an interface t o fast forw arding . Use th e no for m to disa ble fast forw arding .
C OMMAND L IN E I NTE RF AC E 4-158 Related Commands spanning-tree edge-por t (4-156) spanning-tree link- type Use this command to co nfigure the li nk type for Rapi d Spanning T ree.
S PANNING T REE C OMMANDS 4-159 spanning-tree protocol-m igration Use this command to re-check the appropriate BPDU format to send on the se lected interfa ce. Syntax spanning-tree protocol -mig ration in terface interface • ethernet unit / port - unit - This is device 1.
C OMMAND L IN E I NTE RF AC E 4-160 show spa nning-t ree Use th i s comma nd to show the spanning tree configurat ion. Syntax show spanning-tree [ interface ] interface • ethernet unit / port - unit - This is device 1.
S PANNING T REE C OMMANDS 4-161 Example Console#show spanning-tree Spanning-tree information ----------------------------------------- ---------------------- Spanning tree mode :RSTP Spanning tree enable/disable :enable Priority :32768 Bridge Hello Time (sec.
C OMMAND L IN E I NTE RF AC E 4-162 VLAN Commands A VLAN is a g rou p of por t s that ca n be locat ed any where in the network, but co m mun icate as thoug h they belong to the same p hysical segment.
VLAN C OMMANDS 4-163 Command Mode Global Configuratio n Command Usage • Use the VLA N datab ase co mmand mo de to ad d, cha nge, and delete VLANs. After fini shing configur ation chan ges, you can di splay the VLAN set tings by e ntering the show vlan command.
C OMMAND L IN E I NTE RF AC E 4-164 Default Setting By default only VL AN 1 exists and is active . Command Mode VLAN Da tabase C onfigur ation Command Usage • no vlan vlan-i d del etes the VL AN. • no vlan vlan-i d name r emoves the VLAN name. • no vlan vl an- id state returns the VL AN to the defau lt state (i.
VLAN C OMMANDS 4-165 interface vlan Use this co mmand to enter int erface configurati on mode for VLANs , and configure a physical interface . Syntax interface vlan vlan- id vlan-id - ID of the configur ed VLAN .
C OMMAND L IN E I NTE RF AC E 4-166 switchport mode Use th i s comm and to conf igure the VLAN membership m o de for a p or t. Use the no form to restore the defaul t . Syntax swi tc hpor t mode { tr unk | hy bri d } no switchpor t mode • trunk - Specifies a po rt as an end-po int for a VL AN trunk.
VLAN C OMMANDS 4-167 switch port acceptable- frame-types Use this command to config ure the acceptable fra m e types for a port. Use the no for m to re store th e default. Syntax swi tc hpor t acceptable-frame-types { all | tagged } no switchpor t acceptable-fr am e-types • all - The p ort accepts all frames, tagg ed or untagge d .
C OMMAND L IN E I NTE RF AC E 4-168 switchport ingres s-filtering Use this co mmand to enab le ing ress fil tering for an i nterface. Us e the no for m to restore the default.
VLAN C OMMANDS 4-169 switchport native vlan Use this comma nd to con figure th e PVID (i. e., default VLA N ID) for a port. U se the no for m to r estore the de fault. Syntax swi tc hpor t nativ e vlan vl an- id no switchpor t nativ e vlan vlan-id - Default VLAN ID for a p or t.
C OMMAND L IN E I NTE RF AC E 4-170 switchport allowed vlan Use th i s comm and to conf igure VLAN groups on th e selected in terface . Use the no form to restore the defaul t .
VLAN C OMMANDS 4-171 • If a VLAN on the forb idden list for an interface is manually added to that int erfac e, the VLAN i s auto matical ly remo ved from the forbidde n list for that interface.
C OMMAND L IN E I NTE RF AC E 4-172 Example Th e following examp le shows how to pr event por t 1 from be ing ad ded to VLAN 3: Displaying VLAN Inform ation show v lan Use th i s comma nd to show VLAN information. Syntax show v lan [ id vlan -id | name vlan-name ] • id - Keyw ord to be followe d by the VLAN ID.
VLAN C OMMANDS 4-173 Example Th e following exam ple s hows how to di splay inf or ma tion f or V LAN 1: Configuring P rivate VLANs Pri vate VLAN s provide por t-based se curity and i solation be tween ports with in the assign ed VLAN . This section describes co mmands used to config ure pr ivate VlANs.
C OMMAND L IN E I NTE RF AC E 4-174 Command Usage • A priv ate VLA N prov ides po rt-bas ed sec urity and isola tion bet ween por ts with in the VLAN . Data tra ffic on the downli nk port s can only be forwarde d to, and from, t he uplink port. • Private VLANs and n ormal VLANs can exist simultaneous l y within the same sw itch.
GVRP AND B RIDGE E XTENSION C OMMANDS 4-175 GVRP and Bridg e Exte nsio n Com mands GARP VLA N Registratio n Prot ocol de fines a way for switches to exc hang e VLAN info r mation in ord e r t o automa ticall y regist er VLAN members on interface s across t h e netw ork.
C OMMAND L IN E I NTE RF AC E 4-176 Command Mode Global Configuratio n Command Usage GVRP defines a way for switches to exchange VLAN infor mat ion in order to registe r VLAN member s on por ts a cross the net work.
GVRP AND B RIDGE E XTENSION C OMMANDS 4-177 Example swit chport gvr p Use this command to enable GVRP for a por t. Use the no form to disable it. Syntax s w it ch po rt g vrp no switchpor t gvr p Defa.
C OMMAND L IN E I NTE RF AC E 4-178 show gvrp configuration Use this command to show if GVRP is en abled. Syntax show gvr p configuration [ interface ] interface • ethernet unit / port - unit - This is device 1.
GVRP AND B RIDGE E XTENSION C OMMANDS 4-179 Default Setting • join: 20 centise conds • leave: 60 centiseconds • leaveall: 1000 centiseconds Command Mode Interfac e Con figurat ion (Ethe rn et, P.
C OMMAND L IN E I NTE RF AC E 4-180 show garp timer Use th i s comm and to sho w the GARP timer s for the s elected inter face. Syntax show garp timer [ inter face ] interface • ethernet unit / port - unit - This is device 1. - port - Port number. • port-channel chann el-id (Range: 1-6) Default Setting Sho ws al l GARP timer s .
P RIORITY C OMMANDS 4-181 Priority Commands The com mands describe d in this section all ow yo u to specify which data pack ets hav e g reater p recedence when traffic is buffer ed in the switc h due to con g estion . T his swit ch supp or ts CoS w ith four pri ority queue s for each port.
C OMMAND L IN E I NTE RF AC E 4-182 switchport prior ity default Use this co mmand to set a priority for incoming untagg ed frames . Use the no for m t o restor e the d efault value.
P RIORITY C OMMANDS 4-183 Example Th e following examp le shows how to se t a def ault pr iority on por t 3 to 5: queue bandwidth Use this c ommand to a ssign weig hted ro und-rob in (WRR) we ights to the four class of ser vice (CoS) pr iority queues .
C OMMAND L IN E I NTE RF AC E 4-184 queue cos-map Use this c ommand to a ssign cl ass of ser vice (C oS) values to the priori ty queues ( i.e., h ardware outp ut queues 0 - 3). Use t he no for m set the CoS map to the d efault values . Syntax queue cos-map queue_ id [ cos 1 .
P RIORITY C OMMANDS 4-185 Command Usage CoS assig ned at the ingress port is used to select a Co S priority at the egress port. Example The f ollowing exa mple shows how to map C oS values 0, 1 and 2 .
C OMMAND L IN E I NTE RF AC E 4-186 show queue cos-map Use th i s com mand to sho w the cla ss of service prior ity map . Syntax show queue cos-map [ interface ] interface • ethernet unit / port - unit - This is device 1.
P RIORITY C OMMANDS 4-187 Priority Commands (Layer 3 and 4) map ip port (Global Configuration) Use this command to en able IP port map ping (i.e ., class o f ser vice mapping for TC P/UDP sockets).
C OMMAND L IN E I NTE RF AC E 4-188 Example Th e following examp le shows how to enab le TCP/U DP por t mapping globally: map ip port (Interface Configuration) Use this c ommand to se t IP por t prio rity (i.e., TCP/UDP por t priority ). Use the no form to remov e a specific se tting .
P RIORITY C OMMANDS 4-189 map ip precedence (Global Configuration) Use this command to en able IP pr ecedence mappin g (i.e ., IP T ype of Service). Use the no for m to dis able IP prec edence mappi ng .
C OMMAND L IN E I NTE RF AC E 4-190 Default Setting The l ist below shows th e default priority mappin g . Command Mode Interf ace Configur ation (Eth er net, P or t Channel ) Command Usage • The prece dence for prio rity mapping is I P Port, IP Preced ence or IP DSCP, and default switch port priorit y.
P RIORITY C OMMANDS 4-191 map ip dscp (Global Configuration) Use this command to en able IP DSCP map ping (i.e ., Differen tiated Ser vices Code Point mapping).
C OMMAND L IN E I NTE RF AC E 4-192 Default Setting The D SCP d efault values are define d in the fo llowing table. No te that all the DSCP values that are not speci fied are mapped to CoS valu e 0.
P RIORITY C OMMANDS 4-193 show map ip por t Use this command to s how the I P port priority ma p. Syntax show map ip port [ in terface ] interface • ethernet unit / port - unit - This is device 1.
C OMMAND L IN E I NTE RF AC E 4-194 show map ip precedence Use th i s comm and to sho w the IP prece dence priori ty map . Syntax show map ip precedence [ in terface ] interface • ethernet unit / port - unit - This is device 1. - port - Port number.
P RIORITY C OMMANDS 4-195 show map ip dscp Use this command to show the IP DSCP priority map . Syntax show map ip dscp [ interface ] interface • ethernet unit / port - unit - This is device 1.
C OMMAND L IN E I NTE RF AC E 4-196 Mult icast Fi lteri ng Co mman ds Th is switch us es IGM P (Int er net Gro up Man age ment Pr otocol) to qu er y for any a ttached ho sts that w ant to recei ve a spec ific multi cast ser vice. It ident ifies the po r ts containi ng hosts requesting a se r vice and sen ds data out to those ports onl y .
M ULTICAST F ILTERING C OMMANDS 4-197 ip igmp snooping Use this command t o enable I G MP snooping on this s w itch. Use t h e no for m to disable it. Syntax ip igm p snooping no ip igmp snooping Default Setting Enabl ed Command Mode Global Configuratio n Example The follo wing exam ple enables I GMP snooping .
C OMMAND L IN E I NTE RF AC E 4-198 Default Setting None Command Mode Global Configuratio n Example The following shows how to statically config ure a multicast g roup on a por t: ip igmp snooping version Use th i s comm and to conf igure the IGMP s nooping v ersion.
M ULTICAST F ILTERING C OMMANDS 4-199 Example The following co nfigures the switch to use IGMP V e rsion 1: show ip igmp snooping Use this comman d to show the IGMP sn ooping co nfiguration.
C OMMAND L IN E I NTE RF AC E 4-200 show mac-address -table multicast Use th i s comma nd to show known m ulticast addre sses . Syntax show mac-address-ta ble multicast [ vlan vlan-id ] [ user | igmp- snoopi ng ] • vlan -i d - VLAN ID (1 to 4094) • user - Display only the user-con figured multicast entries.
M ULTICAST F ILTERING C OMMANDS 4-201 IGMP Query Co mmands (Layer 2) ip igmp snooping querier Use this command to en able the switc h as an IGMP q uerier .
C OMMAND L IN E I NTE RF AC E 4-202 ip igmp snooping query-count Use th i s comma nd to confi g ure the quer y count. Use the no for m to restore the defau lt.
M ULTICAST F ILTERING C OMMANDS 4-203 ip igmp snooping query-int erval Use this command to configure t h e query interval. Use the no form to restore the defau lt. Syntax ip igmp snooping quer y-inter val seconds no ip igmp snooping quer y -inter val seconds - T he fre quency a t which the sw itch sends IG MP host- quer y messages .
C OMMAND L IN E I NTE RF AC E 4-204 Command Usage • The switch m ust b e using IGMPv2 for this co mmand to take e ffect. • Thi s co mmand de fines the time afte r a q uery, duri ng whic h a r espons e is exp ected from a mul t icast client.
M ULTICAST F ILTERING C OMMANDS 4-205 Command Mode Global Configuratio n Command Usage The switc h must u se IGMPv2 for t his command to take effe ct. Example Th e followin g shows how to c onfigu re .
C OMMAND L IN E I NTE RF AC E 4-206 ip igmp Use th i s comma nd to enable I G MP on a VLAN interface . Use th e no form of this comm and to disabl e IGMP on the specified in terface.
M ULTICAST F ILTERING C OMMANDS 4-207 ip igmp robustval Use thi s comma nd to spe cif y the ro bust ness (i.e., expect ed pa cket loss) fo r this interface. Use the no form of this command to re s tore the default val u e. Syntax ip igmp robustva l robu st -v a lue no ip igmp robustval rob us t- val ue - T he robustness of this interface .
C OMMAND L IN E I NTE RF AC E 4-208 Default Setting 125 seconds Command Mode Interf ace Configur ation (VLA N) Command Usage • Multicas t routers send host quer y m essag es to determin e the interfaces that are connec t ed to downst ream hosts requesting a specific multicast service.
M ULTICAST F ILTERING C OMMANDS 4-209 Command Mode Interf ace Configur ation (VLA N) Command Usage • The switch m ust b e using IGMPv2 for this co mmand to take e ffect. • Thi s comman d defi nes how lo ng an y respon der (i.e ., client or ro uter) still in the group has to respond to a query message before the router delete s the gr oup.
C OMMAND L IN E I NTE RF AC E 4-210 Default Setting 1 second Command Mode Interf ace Configur ation (VLA N) Command Usage • A multicast clien t sends an IGMP leave message wh en it leaves a group. The router th en checks to see if this w as the last host in the group by sending an IGMP query and starting a timer based on t his command.
M ULTICAST F ILTERING C OMMANDS 4-211 Command Mode Interf ace Configur ation (VLA N) Command Usage • All route rs on the s ubnet must sup port the sam e version. Ho wever, the multicast host s on the su bnet ma y su pport e ither IGMP versio n 1 or 2.
C OMMAND L IN E I NTE RF AC E 4-212 Example Th e following examp le shows the IG MP co nfigur atio n for V LAN 1 , as wel l as the device currentl y ser ving as the I GMP querier fo r this mult icast ser vic e. clear ip igmp group Use th i s comma nd to delete en tries from th e IGMP cach e.
M ULTICAST F ILTERING C OMMANDS 4-213 Example The following example clears all multicast g roup entries for VL AN 1: show ip igmp groups Use thi s command to displa y information o n multica st groups acti ve on this switch.
C OMMAND L IN E I NTE RF AC E 4-214 Example Th e following shows the IGMP g r oups c ur rently active on VLAN 1: Console #sho w ip igmp grou ps vlan 1 GroupA ddre ss Inte rfac eVlan Last repo rter Up time Expi re V1Ti mer ------- ---- --- - ----- -- ---- --- - ----- -- ----- -- - ----- -- - ----- -- - ----- --- - 2 34.
IP I NTERFACE C OMMANDS 4-215 IP Inte rface Commands There are no IP ad dresses assigned to t his router b y default. Y ou must man ually config ure a new addres s to manage the router ov er your net work or to connect the r outer to exis ting IP subne ts.
C OMMAND L IN E I NTE RF AC E 4-216 ip address Use th i s comma nd to set the IP address fo r the cur rentl y selected VLA N interface. Use the no form to restore th e defaul t IP address .
IP I NTERFACE C OMMANDS 4-217 You can manually confi gure a specif ic IP address, o r direct the de vice to obta i n an addres s from a BOOTP or DHCP ser ver. Valid IP addresses consist of four numbe r s, 0 to 255, separated by periods. Anyth ing outsid e this format w ill not be accep ted by the co nfiguration progr am.
C OMMAND L IN E I NTE RF AC E 4-218 ip default-gateway Use th i s comma nd to a estab lish a static route betw een this rout er and devices th at ex ist on ano ther network se gment.
IP I NTERFACE C OMMANDS 4-219 show ip interface Use this command to d isplay t he settings of an IP in terface. Default Setting All interfaces Command Mode Pri vileged Exec Example Related Commands show ip redirects (4-219) show ip redirects Use this command to sho w the default gatew ay configur ed for this devic e.
C OMMAND L IN E I NTE RF AC E 4-220 ping Use this command to se nd ICMP ech o request pack ets to another no de on the netw ork. Syntax ping host [ co unt count ][ size size ] • host - IP address or IP alias of the host. • coun t - Number of packets to send.
IP I NTERFACE C OMMANDS 4-221 Example Related Commands interface (4-119) Address Resolution Protocol (ARP) Console#ping 10.1.0.9 Type ESC to abort. PING to 10.1.0.9, by 5 32-byte payload IC MP packets, timeout is 5 seconds response time: 10 ms response time: 10 ms response time: 10 ms response time: 10 ms response time: 0 ms Ping statistics for 10.
C OMMAND L IN E I NTE RF AC E 4-222 arp Use this command to add a static entry in the A ddress R esolutio n Protocol (ARP) ca che. Use the no for m to remov e an entry from the ca che. Syntax ar p ip-address hardware-address no ar p ip-addr ess • ip-address - IP address t o map to a specifie d hardware address.
IP I NTERFACE C OMMANDS 4-223 arp-timeout Use thi s command t o set the aging tim e for dynami c entries in the Ad dress R esolutio n Proto col (ARP) cac he. Us e the no form to restore th e default. Syntax ar p-timeout second s no ar p-timeout seconds - T h e time a d ynamic entr y remains in the ARP cache.
C OMMAND L IN E I NTE RF AC E 4-224 show a rp Use th i s comm and to disp lay entri es in the Add ress R esolution Protocol (ARP) cache. Command Mode Nor m al Exec , Privileged Exec Command Usage This command d isplays i nfor mation about th e ARP cache .
IP R OUTING C OMMANDS 4-225 Command Mode Interf ace Configur ation (VLA N) Command Usage Pro xy ARP allows a non-rou ting device to deter mine the MA C address of a ho st on anot her su bnet or net work.
C OMMAND L IN E I NTE RF AC E 4-226 Global Routing Configurati on ip routing Use this co mmand to enab le IP routing . Use the no form to disable IP routing . Syntax ip r outing no ip routing Default Setting Enabl ed Command Mode Global Configuratio n Command Usage • The comma nd affects both s tatic and dynam ic unicast rout ing.
IP R OUTING C OMMANDS 4-227 ip route Use this command to co nfigure sta t ic rou t es . Use the no for m to remov e static r out es. Syntax ip r oute { destin ation-ip netmask | default } { gat e wa y.
C OMMAND L IN E I NTE RF AC E 4-228 clear ip route Use th i s comma nd to remov e dynamically lear ned ent ries from the I P routing t able. Syntax clear ip route { network [ ne tm ask ] | * } • netw ork – Ne twork or subne t addr ess. • netm as k - Network mask for t he associated IP s ubnet.
IP R OUTING C OMMANDS 4-229 Command Usage If the address is sp ecified with out the netmask parameter, the route r disp lays all ro utes for the correspo nding natur al class a ddress (page 4-233). Example show ip traffic Use this command to d isplay s t atist i cs for IP , ICMP , UDP , TCP and ARP protoc ols.
C OMMAND L IN E I NTE RF AC E 4-230 Example Console#show ip traffic IP statistics: Rcvd: 5 total, 5 local destination 0 checksum errors 0 unknown protocol, 0 not a gate way Frags: 0 reassembled, 0 tim.
IP R OUTING C OMMANDS 4-231 Routing Informatio n Protocol (RIP) router rip Use thi s command to enable R outin g Inform atio n Protocol ( RIP) routi ng for all I P interfaces on the rout er .
C OMMAND L IN E I NTE RF AC E 4-232 Command Mode Global Configuratio n Default Setting Disabled Command Usage • RIP is us ed to specify how routers exchange ro uting table in formation. • This com mand is also us ed to enter ro uter configu ration mode.
IP R OUTING C OMMANDS 4-233 Command Usage •T h e update timer sets the r ate at whic h updat es are se nt. This is the fundamental timer used to con trol all basic RIP processes. •T h e timeout t imer is the ti me after whi ch there have b een no update message s that a route is declared dead.
C OMMAND L IN E I NTE RF AC E 4-234 Default Setting No netw orks are specified . Command Usage • RIP only se nds upda tes to int erfa ces spe cifie d by this c ommand . • Subnet addresses a re interpr eted as cl ass A, B or C, based on the first field in the specified address.
IP R OUTING C OMMANDS 4-235 Command Usage This c ommand can be used to c onfigure a static n eighbor wit h which this router wil l ex ch ange in for matio n, rather than relyin g on broadcast messa g es generated b y the RIP p rotocol. Example vers i on Use this command to s p ecify a RIP version used global l y b y the router .
C OMMAND L IN E I NTE RF AC E 4-236 Example This example s ets the global v ersion for RIP to s end and recei ve vers ion 2 packet s . Related Commands ip rip recei ve v ersion (4-236) ip rip send version (4-237) ip rip receive version Use this command to specify a R IP v ersion to rec eive on an interface .
IP R OUTING C OMMANDS 4-237 • Y ou can s p ecify t he receiv e v ersion base d on these op tions: - Use “no ne” if you do not want t o add any dyn amic entries to the routing t able for an inter face. (For examp le, you may only wan t to allow stat i c routes for a specific interface.
C OMMAND L IN E I NTE RF AC E 4-238 Default Setting The de fault dep ends on th e setting sp ecified wit h the ve r s i o n command: Global RIPv1 - R outes br oadcast to ot her routers wit h RIPv2 Global RIPv2 - RIPv2 packets Command Usage • Use this command to o verride the global sett i ng specif i ed by t he RIP ver si o n command.
IP R OUTING C OMMANDS 4-239 ip split-horizon Use this command t o enable split-horiz on or poison -reverse (a var iat ion) on an in terface. Us e the no fo r m to d isabl e split-h orizon . Syntax ip split-h orizon [ poison-rever se ] no ip split-horiz o n poison-reverse - Enables poiso n-reverse on the cu r rent inter face.
C OMMAND L IN E I NTE RF AC E 4-240 ip rip authenticat ion key Use this co mmand to enab le authenticatio n for RIPv2 pack ets and to specify t he key that must be used on an interface .
IP R OUTING C OMMANDS 4-241 ip rip authenticat ion mode Use this comma nd to sp ecify th e type of authentic ation tha t can be u sed on a n interfa ce. N ote that the current fi r mw are v ersion o nly supp or ts a simple pass word. Use th e no for m to res tore the default value .
C OMMAND L IN E I NTE RF AC E 4-242 show rip globals Use th i s comm and to disp lay global configuratio n setting s for RIP . Command Mode Pri vileged Exec Example show ip rip Use this command to d i spla y infor mation ab out interfaces configured for RIP .
IP R OUTING C OMMANDS 4-243 Command Mode Pri vileged Exec Example Console#show ip rip configuration Interface SendMode ReceiveMode Poison Authentication --------------- --------------- ------------- -------------- ------------------ 10.1.0.253 rip1Compatible RIPv1Orv2 SplitHorizon noAuthentication 10.
C OMMAND L IN E I NTE RF AC E 4-244 Open Shortest Path Fir st (OSPF) Version Whethe r RIPv1 or RIPv2 pa ckets were rece ived from this peer. RcvBadPackets Number of bad RIP pa ckets received from this peer. RcvBadRoutes Number of bad rou tes received from this pe er.
IP R OUTING C OMMANDS 4-245 Interface Configuration ip ospf authentication Specifies the authentication type for an inte rface IC 4-263 ip ospf authen tication-key Assig ns a simple pass word to be us.
C OMMAND L IN E I NTE RF AC E 4-246 router ospf Use this co mmand to en able Ope n Shor test Path First (OSP F) routin g for all I P inter faces on the router .
IP R OUTING C OMMANDS 4-247 router-id Use this command t o assign a un ique router ID for this d evice within the autonomo us syst em. U se the no for m to use t h e def ault route r ident ification metho d (i.e ., the lo west int erface addres s). Syntax router-id ip-address no router-id ip-address - R outer ID f or matted as an I P address .
C OMMAND L IN E I NTE RF AC E 4-248 compatible rfc1583 Use this command to calculate summary route costs using RFC 1583 (OSPFv1). Use t he no for m to calculate costs using RFC 2328 (OSPFv2).
IP R OUTING C OMMANDS 4-249 Command Mode R outer Configuration Default Setting Disabled Command Usage • The me tric for the default e xternal r oute is used to calcula te the path cost f or traffic pas s ed from other routers w ithin the A S out through the A SBR.
C OMMAND L IN E I NTE RF AC E 4-250 timers spf Use th i s comm and to conf igure the hol d time betwee n making tw o consec utive shortest path fi rst (SPF) calcu lations . Use the no fo r m to restore the defa ult value. Syntax timer s spf sp f- ho l dt im e no timer s spf sp f-holdtime - Minimum time between two consecutive SPF calculations .
IP R OUTING C OMMANDS 4-251 area range Use this command to sum marize the rout es advertised b y an Area Borde r Router (ABR). Use the no fo r m to dis ab le thi s fu nct i on.
C OMMAND L IN E I NTE RF AC E 4-252 area default-cost Use this command to spe cify a cost fo r the default sum mar y route sent into a s tub or not-s o-stubby ar ea (NSSA) from a n Area Border R outer (ABR). Us e the no for m to remove the ass igned de fault co st.
IP R OUTING C OMMANDS 4-253 summary-address Use this command to agg regate routes learned fr om other prot ocols . Use the no for m to remove a summ ar y address . Syntax summar y-address summar y-address netmask no summar y-addr ess summar y-addr ess net mask • summar y-addr ess - Summary address co vering a ra nge of addresses .
C OMMAND L IN E I NTE RF AC E 4-254 redistribute Use th is command to import external ro uting info r mation from othe r routing do mains (i.e., pr otoco ls) into the auton omous syst em.
IP R OUTING C OMMANDS 4-255 • Metric t ype specifies th e way to adverti se routes to de stinations outside the AS via E xternal LSAs. Sp ecify Type 1 to add th e interna l cost metric to t he external route met ric.
C OMMAND L IN E I NTE RF AC E 4-256 Command Usage • An area ID un iquely defines an OSPF bro adcast area. The area ID 0.0.0. 0 ind icates the OSPF bac kbone for an a utonom ous syst em. Ea ch route r mus t be co nnect ed to the ba ckbo ne via a direc t conn ect ion or a virtual link.
IP R OUTING C OMMANDS 4-257 area stub Use this co mmand to defi ne a stub area. T o remo ve a stub , use the no for m wi thout the optio nal keyword. T o remove the summar y attrib ute, use the no form with the summar y k eywor d. Syntax area area-id stub [ summar y ] no area ar ea-id stub [ summa r y ] • area-id - Identifies the stub area .
C OMMAND L IN E I NTE RF AC E 4-258 Related Commands area default-co s t (4-252) area nssa Use this c ommand to de fine a not-s o-stubby a rea (N SSA). T o remove an NSSA, use t he no for m without any optional keyw ords . T o remo ve an optiona l attrib ute, use the no for m wi thout th e relevant keyword.
IP R OUTING C OMMANDS 4-259 Command Usage • All rout ers in a NSSA mu st be configure d with the same area ID. • An NSSA is similar t o a stub, b ecause when the router is an AB R, it can send a de fault rou te for oth er are as in the AS into the NS SA using the default- infor mati on-originate keyw ord.
C OMMAND L IN E I NTE RF AC E 4-260 area virtual-link Use this command to define a virtual link. T o rem ov e a vir tual link, use the no form with no op tional k eywords . T o restore th e default va lue for an attribut e, use the no for m wi th the requi red keyword.
IP R OUTING C OMMANDS 4-261 to an autonomous system. (Rang e: 1-65535 seconds; Default: 10 second s) • retransmit-inter v al seconds - Specifies the i nter val at wh ich the ABR retransmits link-state advertisements (LSA) ov e r the virt ual link.
C OMMAND L IN E I NTE RF AC E 4-262 Default Setting area-id : Non e ro ute r- id : No ne hello-inter val : 10 seconds retransmit-inter v al : 5 sec onds transmit-delay : 1 se cond dead-inter val : 40 seconds authentication-key : None message-digest-key : No ne Command Usage • All are as must be co nnected to a backbone area (0.
IP R OUTING C OMMANDS 4-263 ip ospf authentication Use this co mmand to specify the authen tication ty pe used for an interf ace. Enter this comma nd withou t any opti onal paramet ers to speci fy plain t ext (or simple password) auth entica tion. Use the no for m to restore t h e default of n o authen tication .
C OMMAND L IN E I NTE RF AC E 4-264 ip ospf authentication- key Use this command to assign a simple passw ord to be use d by n e ighboring routers . Use the no for m to remov e the passw o rd. Syntax ip ospf authentication-key key no ip ospf authentication-key key - Sets a p lain text passw ord.
IP R OUTING C OMMANDS 4-265 ip ospf message-diges t-key Use this command to enable mes s age-digest (M D5) authen tication on the specified int erface and to assig n a key-id an d key to be used by neighboring routers . Use the no for m to re move an existing key .
C OMMAND L IN E I NTE RF AC E 4-266 Related Commands ip ospf authentication (4-263) ip ospf cost Use th i s comm and to expl icitly set th e cost of sen ding a pac ket on an interface. Use the no form to restore the default value . Syntax ip ospf cos t cost no ip ospf cost cost - Link metric for this inte rface .
IP R OUTING C OMMANDS 4-267 ip ospf dead-interval Use this command to set the int er va l at which hello pac kets are not seen before n eighbors d eclare the rou t er do wn.
C OMMAND L IN E I NTE RF AC E 4-268 ip ospf hello-interval Use this command to s pecify the inter val between sendin g hello p ackets on an interface . Use the no for m to restore the defau l t value . Syntax ip ospf hello-inter val seconds no ip ospf hello-inter v al seconds - In ter val at which he llo packets are sent fr om an interfa ce.
IP R OUTING C OMMANDS 4-269 Command Mode Interf ace Configur ation (VLA N) Default Setting 1 Command Usage • Set the priority to z ero to prevent a router from bei ng elected a s a DR or BDR.
C OMMAND L IN E I NTE RF AC E 4-270 Command Usage A router will resen d an LSA to a neighb or if it receives no ackno w ledgment. T he retransm it inter val should be set to a conse r vative value that p rovides an adeq uate flow o f ro uting information, but does n o t produ ce unnecessa r y protoco l traffic .
IP R OUTING C OMMANDS 4-271 show ip ospf Use thi s command to show bas ic infor matio n about th e routing config urati on. Command Mode Pri vileged Exec Example Console#show ip ospf Routing Process with ID 10.
C OMMAND L IN E I NTE RF AC E 4-272 show ip ospf bord er-routers Use this command to sh ow entri es in the routi ng table that lead to an Ar ea Border Router (A BR) or Autono mous Syst em Boundar y Router (ASBR) .
IP R OUTING C OMMANDS 4-273 show ip ospf database Use this command to s h ow i nformation abo ut different OS PF Link State Advertisement s (LSAs) stored in t his router’ s database.
C OMMAND L IN E I NTE RF AC E 4-274 Als o , no te th at w hen an T yp e 5 ASB R E xter nal LSA is des crib ing a default route , its link-state-id is set to the default dest inati on (0.0.0.0). • self-originate - Shows LSAs origin ated by this r outer.
IP R OUTING C OMMANDS 4-275 Th e followi ng shows output when using the asbr-summary keyw ord. Consol e#sh ow i p os pf d atabas e as br-s umma ry OSPF Ro uter with id (10.1.1. 253) Displ aying Summ ary ASB Link State s(Area 0. 0.0.0) LS age : 43 3 Optio ns: (No TOS- capabili ty) LS Type : Summary Li nks (AS Boun dary Route r) Link St ate ID: 192.
C OMMAND L IN E I NTE RF AC E 4-276 Th e followi ng shows output when using the database-s um mar y keyword . Th e followi ng shows output when using the exter nal keyw ord.
IP R OUTING C OMMANDS 4-277 Field Description OSPF Router id Router ID LS age Age of LSA (in seco nds) Options Optiona l capabilities as sociated with the LSA LS Type A S External Links - LSA desc rib.
C OMMAND L IN E I NTE RF AC E 4-278 Th e followi ng shows output when using the network keyw ord. Consol e#sh ow i p os pf d atabas e ne twor k OSPF Ro uter with id (10.
IP R OUTING C OMMANDS 4-279 Th e followi ng shows output when using the router keyw ord. Consol e#sh ow i p os pf d atabas e ro uter OSPF Ro uter with id (10.
C OMMAND L IN E I NTE RF AC E 4-280 Th e followi ng shows output when using the summar y keyw ord. Lin k ID Lin k type and co rresp onding Rout er ID or net work ad dress Link Data • Router ID for t.
IP R OUTING C OMMANDS 4-281 show ip ospf interface Use this co mmand to disp l ay s ummar y infor mation fo r OSPF interfaces . Syntax show ip os pf inter face [ vla n vlan-id ] vlan-id - VLAN ID (Ran.
C OMMAND L IN E I NTE RF AC E 4-282 show ip osp f neighbor Use th is command to displa y information abou t neighbor ing routers on each interface with in an OSPF area.
IP R OUTING C OMMANDS 4-283 show ip ospf summary-address Use this command t o display all summar y address infor mation. Syntax show ip ospf s um mar y-address Command Mode Pri vileged Exec Example This e xample sh ows a summar y addres s and asso ciate d network mask.
C OMMAND L IN E I NTE RF AC E 4-284 Related Commands summar y-address (4-253) show ip ospf virtual-links Use th i s comma nd to displ ay detaile d inform ation about vir tual links.
M ULTICAST R OUTING C OMMANDS 4-285 Multic ast Ro uting Comman ds This router u ses IGMP snoo ping and query to de ter mine the ports connecte d to downstream m ulticast hosts , and to propagate this .
C OMMAND L IN E I NTE RF AC E 4-286 ip igmp snooping vlan mrouter Use this command to st atically config ure a multicast router port . Use the no form t o remo ve the configurat ion.
M ULTICAST R OUTING C OMMANDS 4-287 show ip igmp snooping mr outer Use this command to d i spla y infor mat ion on statically config ured and dynamically lear ned multicast rout er port s .
C OMMAND L IN E I NTE RF AC E 4-288 ip multicast-routing Use this command to enable IP multicast routin g . Use the no form to disable IP multicast routing.
M ULTICAST R OUTING C OMMANDS 4-289 Command Mode Pri vileged Exec Command Usage This c ommand displays infor matio n for mu l ticast routing . If no option al parameter s are sel ected, detai led infor mation for each en tr y in the multicast address t able is displayed.
C OMMAND L IN E I NTE RF AC E 4-290 This example lists all entries in the multicast table in sum mar y for m: DVMRP Multicast Rout ing Commands Console#show ip mroute summary IP Multicast Forwarding is enabled.
M ULTICAST R OUTING C OMMANDS 4-291 router dvmrp Use this co mmand to en able Distanc e-V ecto r Multicas t Routing (D VM RP) global ly for the router and to enter router configurat ion mode .
C OMMAND L IN E I NTE RF AC E 4-292 Related Commands ip dvmrp (4-296) show router dvmrp (4-298) probe-interval Use this comm and to s et the in ter val for sending neig hbor pr obe messa ge s to the multicast g roup addre ss for all DVMRP routers . Use the no for m to restore the defa ult value.
M ULTICAST R OUTING C OMMANDS 4-293 nbr-timeou t Use this co mmand to set the inter val to wait for messa ges from a D V MRP neighb or before dec laring it dead. Use the no for m to restor e the defa ult val u e. Syntax nbr-timeout seconds second s - Inter val before declari n g a neighbor dead.
C OMMAND L IN E I NTE RF AC E 4-294 Command Mode R outer Configuration Example flash-update-inter val Use th is command to speci fy how o ften to se nd trigg er update s, w hich ref le ct chan ge s in th e net work topol og y . Use th e no for m to restor e the defau lt value.
M ULTICAST R OUTING C OMMANDS 4-295 Default Setting 7200 seconds Command Mode R outer Configuration Command Usage This command s ets the prune state life time. Aft er the pr une sta te expires , the router will resum e floo ding multicast traffic from th e multicast source device.
C OMMAND L IN E I NTE RF AC E 4-296 to th e router. When t he router recei ves these mess ages, it reco rds all the do wnstream route rs for the default route.
M ULTICAST R OUTING C OMMANDS 4-297 Example ip dvmrp metric Use this command to con figure the metric used in selecting the reverse path t o ne tworks co nne cted d ire ctly to an inte rfac e on this route r. Use the no for m t o restor e the d efault value.
C OMMAND L IN E I NTE RF AC E 4-298 clear ip dvmrp route Use this command to cle ar all dynami c routes learned b y DVM RP . Command Mode Pri vileged Exec Example As sh own belo w , this comman d clears ev er ything from th e route tabl e ex cept for the defaul t route.
M ULTICAST R OUTING C OMMANDS 4-299 Example The defa ult setting s are sho wn in the f ollowin g example: show ip dvmrp route Use this command to d i spla y all en tries in the D V MRP routing tabl e.
C OMMAND L IN E I NTE RF AC E 4-300 show ip dvmrp neighbor Use this command to d i spla y all of the D VMRP neighbo r routers . Command Mode Nor m al Exec , Privileged Exec Example UpTime The time elapsed since this entry was created. Expire The time remaining before this entry will be aged out.
M ULTICAST R OUTING C OMMANDS 4-301 show i p dvmrp interf ace Use this command to d i spla y the D VMRP configurat ion for inte rfaces which have enab led DVMRP .
C OMMAND L IN E I NTE RF AC E 4-302 router pim Use thi s command t o enable Pr otocol-I nde pende nt Multic ast - Dens e Mode (PIM -DM) globally f or the router a nd to enter r outer configurat ion mode. Use the no for m to disa ble PIM-DM multicast routing .
M ULTICAST R OUTING C OMMANDS 4-303 ip pim dense-mode Use this command to en able PIM-DM on t h e speci fied interface . Use the no form t o disable PI M-DM on this interface .
C OMMAND L IN E I NTE RF AC E 4-304 Example ip pim hello-interval Use th i s comma nd to confi g ure the frequency at whic h PIM hel lo messages ar e transmitte d. Use the no form to restore the default v alue. Syntax ip pim hello-inter val seconds no pim hello-inter val second s - Inter val between sending PIM he llo messag es .
M ULTICAST R OUTING C OMMANDS 4-305 ip pim hello-holdtime Use this command to con figure the inter val to wait for hello messag es from a n eighbori n g PIM r outer before declaring it dead.
C OMMAND L IN E I NTE RF AC E 4-306 Default Setting 5 second s Command Mode Interf ace Configur ation (VLA N) Command Usage • When a rout er first starts or PIM is enabled on an interface, the hello-int erval is se t to ra ndom valu e betw een 0 an d the trigger-hello-inte rval.
M ULTICAST R OUTING C OMMANDS 4-307 Command Usage The multicast in terface that fi rst receiv e s a multicast stream from a particular source forw ards this traffic t o all other PIM interface s on the router .
C OMMAND L IN E I NTE RF AC E 4-308 Example ip pim max-graft-r etries Use this comm and to configure the maximum number of time s to resend a Graft m essage if it has not b een ackno wledged.
M ULTICAST R OUTING C OMMANDS 4-309 show ip pim interface Use this command to d i spla y infor mation ab out interfaces configured for PIM. Syntax show ip pi m interf ace vlan-id vlan-id - VLAN ID (Ra.
C OMMAND L IN E I NTE RF AC E 4-310 Command Mode Nor m al Exec , Privileged Exec Example Console#show ip pim neighbor Address VLAN Interface Uptime Expire Mode --------------- ---------------- -------- -------- ------- 10.1.0.254 1 17:38:16 00:01:25 Dense Console# Field Description Add ress IP addr ess of the nex t-hop router .
A-1 A PPENDIX A T ROUBLESHOOTING Troubleshooting Chart Symptom Actio n Cannot co nnect using Teln et, W eb br owser, or SNMP software • Be sure you have confi gured the agent with a valid IP address, subnet mask a nd default gateway.
T R OUBLESHOOTING A-2.
B-1 A PPENDIX B U PGRADING F IRMW ARE VIA THE S ERIAL P ORT Th e switch c onta ins thr ee fi r mwar e comp onents that ca n be up g rad ed; the loader code, di agnostics (o r Boot-R OM) code, and r untime o p eratio n code .
U PGRADING F IRMW ARE VIA THE S ERIAL P ORT B-2 power on or rebo oting th e swit ch. Screen te xt similar to that s hown below displ ays: 5. Press <c> to chan g e the baud r ate of the switc h’ s seri al connectio n. 6. Press <b> to select the option for 115200 baud.
B-3 12. If u sing Wi ndows Hyper T er min al, click the “Transfer” butt on, and then c lick “Send Fi le.... ” Select the XModem Protoc ol and then use the “Br owse” button to select the req uired fir mware co de file from your PC sy stem .
U PGRADING F IRMW ARE VIA THE S ERIAL P ORT B-4 16. T o set the new do wnloaded file as the startup file , use the [S ]et Star tup File menu option. 17. When y ou hav e finished do wnloading co de files , use the [C]h ange Baudrate menu option to ch ang e the baud r ate of the switch ’ s serial connection b ack to 9600 baud.
Glossary-1 G LOSSA RY Acc ess Co ntro l Li st (AC L) A CLs can limit network traffic and restrict acc ess to cer tain users or devic es by checking each pack e t for cert ain IP or MAC (i.e., La y er 2) infor mation. Address Re soluti on Proto col (ARP) ARP converts between IP addresse s and MAC (i.
G LOSSAR Y Glossary-2 Dynamic Ho st Control Protoc ol (DHCP) Provides a framework for passing c onfiguration in for mation t o hosts on a TCP/I P network. DHCP is based on the Bootstrap Proto col (BOOTP), ad ding the capabilit y of automatic all ocati on of reusable net work addresses and addit ional configurat ion o ptions.
G LOSSAR Y Glossary-3 IEEE 802.1Q VLAN T a g ging—De fines Eth erne t frame tags which ca rr y VLAN in for mation. It allows switches to assign ends tations to different vir tual LANs, and defines a standard wa y for VLANs to communicate across switched networks .
G LOSSAR Y Glossary-4 Internet Group Management Protocol (I GMP) A protocol through which hosts can register wit h their local router for multicast ser vic es . If t here is more than one multicas t router on a given subnetwork, one of the routers is made the “que rier” and assumes resp onsibility for kee ping track of grou p membersh ip .
G LOSSAR Y Glossary-5 Management Inf or mation Base (MIB) An acronym fo r Manag ement Info r mation Ba se. It is a set o f database object s that contains inf or mation abo ut a specifi c device.
G LOSSAR Y Glossary-6 Private VLANs Private VLANs provide port- based se curity and isolation betwee n ports within the assigned V LAN . Data tra ffic on downlink por ts can only be forwarded to, and from, uplink por ts.
G LOSSAR Y Glossary-7 Simple Networ k Time Proto col (SNTP) SNTP allows a device to set it s inter nal clock based on pe riodic updates from a Network Time Protocol (NTP) ser ver . Update s can be requeste d from a specific NTP ser ver, or can be receiv ed via broadcasts se nt by NTP ser vers .
G LOSSAR Y Glossary-8 XModem A protocol used to transfer file s between devices. Data is groupe d in 128-byte blocks and er ror-corr ected..
Index-1 A acceptab le frame type 3 -115 , 4-167 Access Control List See ACL ACL Extended IP 3-42 , 4-7 5 , 4-76 , 4-79 MAC 3-42 , 4-75 , 4- 84 , 4-84 – 4-88 Standard IP 3-42 , 4-75 , 4- 76 , 4-78 Ad.
I NDE X Index-2 F firmware displaying version 3 -14 , 4-52 upgra ding 3-2 2 , 4-53 , B-1 G GARP VLAN Regis tration Proto col See GVRP gateway, defau lt 3 -154 , 4-218 GVRP global setting 3-107 , 4-175 interface configu ration 3-115 , 4-1 77 H hardware version, displ aying 3-14 , 4- 52 I IEEE 802.
I NDEX Index-3 routing table 3-219 , 4-288 multicast services configuring 3-1 43 , 4-197 displaying 3-142 , 4-200 multicast, static router port 3-140 , 4-28 6 O OSPF 3-186 , 4-244 area borde r router .
I NDE X Index-4 S serial port configuring 4-1 3 XModem down loads B-1 Simple Network M anagement Protocol Se e SNMP SNMP 3-50 community string 3-50 , 4-90 enab ling tr aps 3-51 , 4-94 trap manag er 3-.
I NDEX Index-5 W Web interface access requirements 3-1 configurat ion b uttons 3-4 home page 3-3 menu list 3 -5 pan el displa y 3-4 X XMode m downlo ads B-1.
I NDE X Index-6.
.
38 T esla Irvine, CA 92 618 Phone: (9 49) 67 9-8000 FOR TECHNICAL SUPPOR T , CALL: From U.S.A. an d Cana da (2 4 hours a day , 7 da ys a w ee k) (800) SMC-4-YOU; Ph n: (94 9) 679 -8000; Fax: (949 ) 679- 1481 From Europ e Co nt act detail s ca n be found on www .
Ein wichtiger Punkt beim Kauf des Geräts SMC Networks SMC6724L3 (oder sogar vor seinem Kauf) ist das durchlesen seiner Bedienungsanleitung. Dies sollten wir wegen ein paar einfacher Gründe machen:
Wenn Sie SMC Networks SMC6724L3 noch nicht gekauft haben, ist jetzt ein guter Moment, um sich mit den grundliegenden Daten des Produkts bekannt zu machen. Schauen Sie zuerst die ersten Seiten der Anleitung durch, die Sie oben finden. Dort finden Sie die wichtigsten technischen Daten für SMC Networks SMC6724L3 - auf diese Weise prüfen Sie, ob das Gerät Ihren Wünschen entspricht. Wenn Sie tiefer in die Benutzeranleitung von SMC Networks SMC6724L3 reinschauen, lernen Sie alle zugänglichen Produktfunktionen kennen, sowie erhalten Informationen über die Nutzung. Die Informationen, die Sie über SMC Networks SMC6724L3 erhalten, werden Ihnen bestimmt bei der Kaufentscheidung helfen.
Wenn Sie aber schon SMC Networks SMC6724L3 besitzen, und noch keine Gelegenheit dazu hatten, die Bedienungsanleitung zu lesen, sollten Sie es aufgrund der oben beschriebenen Gründe machen. Sie erfahren dann, ob Sie die zugänglichen Funktionen richtig genutzt haben, aber auch, ob Sie keine Fehler begangen haben, die den Nutzungszeitraum von SMC Networks SMC6724L3 verkürzen könnten.
Jedoch ist die eine der wichtigsten Rollen, die eine Bedienungsanleitung für den Nutzer spielt, die Hilfe bei der Lösung von Problemen mit SMC Networks SMC6724L3. Sie finden dort fast immer Troubleshooting, also die am häufigsten auftauchenden Störungen und Mängel bei SMC Networks SMC6724L3 gemeinsam mit Hinweisen bezüglich der Arten ihrer Lösung. Sogar wenn es Ihnen nicht gelingen sollte das Problem alleine zu bewältigen, die Anleitung zeigt Ihnen die weitere Vorgehensweise – den Kontakt zur Kundenberatung oder dem naheliegenden Service.