INTRODUCTION
The GWN78xx series switches can be managed locally or remotely, through Web access or via Command Line, offering more flexibility along with secured login sessions. The various features and operations on the GWN78xx switches can now be managed either through Web GUI offering a friendly user interface, or via Command Line through SSH/Telnet access.
SSH is a secure protocol used for the connection to a remote host, through command lines and text-based interface. Once authenticated and connected, all typed commands on the terminal are sent to the remote device and executed there.
This guide will describe the usage of Command Line to manage the GWN78xx switches, and will be illustrated using Putty tool, as SSH client Console.
CONNECTING TO THE SWITCH
Connect using SSH
Secure Shell (SSH) provides both secure authentication and secure communications to the CLI. First step to do is to run the SSH client application (PuTTY in our case) and set the following:
- Host Name or IP Address: GWN78xx’s IP Address, (ex: 192.168.5.152).
- Port: 22, this is the by default port for SSH protocol.
- Connection type: Set this to SSH
The settings should be similar to the following figure:
Once done, you can press Open to start the SSH session and open the console.
Once pressing Open to start the session, the login prompt will appear on the CLI, enter the Username and the Password to login.
After clicking “Enter”, the user should now have access to the switch.
Connect using Console port
First, connect the GWN switch with the computer using the console port on the switch, then in device manager (ex: windows) under ports check what Serial line (ex: COM3, COM7 …) has been used. Please refer to the figure below:
Then, left click on the port used (USB Serial Device (COM3)) → Properties → Port Settings and make sure to match the port settings as shown below:
We can use PuTTY again to connect to the GWN switch, please use the following configuration below:
- Serial line: use the same serial line previously checked on the device manager.
- Connection type: select Serial
- Speed: 115200
Once finished, click on “Open” button at the bottom to open the CLI.
OVERVIEW
Configure
Command: configure
Mode: Privileged Exec Mode
Parameter: none
Description: Enter global configuration mode
Example:
Switch # configure
Switch(config)#
Interface
Command:
- interface IF_PORTS
- interface range IF_PORTS
Mode: interface configuration mode
Parameter:
Parameter | Description |
IF_PORTS | Interfaces, including Ethernet ports , optical ports, and aggregation interfaces |
Description: Enter interface configuration mode
Example:
Enter the configuration of port 1
Switch # configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)#
Enter the configuration of ports 1-5
Switch # configure
Switch(config)# interface range Ethernet 1/0/1-1/0/5
Switch(config-if-range)#
End
Command: end
Mode: none
Parameter: none
Description: Return directly to privileged EXEC mode in other configuration modes except user mode
Example:
Switch # configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# end
Switch#
Exit
Command: exit
Mode: none
Parameter: none
Description: return to parent schema In user mode, the current CLI session will be closed directly
Example:
Switch # configure
Switch(config)# exit
Switch#
System messages
Check the basic information of the switch
Command: show info
Mode: Privileged Exec Mode
Parameter:
Parameter | Description |
System Name | device name |
System Location | device location |
System Contact | Equipment contact information |
MAC Address | MAC address |
IP Address | IP address |
Subnet Mask | subnet mask |
Loader Version | bootloader version |
Loader Date | bootstrap date |
Firmware Version | Software version/system version |
Firmware Date | software date |
Hardware Version | hardware version |
PN Series number | PN serial number |
SN Series number | SN serial number |
System Object ID | System OIDs |
System Up Time | run time |
Description: Check the basic information of the switch
Example:
View basic switch information
Switch # show info
System Name : Switch
System Location : Default
System Contact : Default
MAC Address : C0:74:AD:B9:3B:44
IP Address : 192.168.80.202
Subnet Mask : 255.255.255.0
Loader Version: 3.6.9.55156
Loader Date : Sep 09 2022 - 16:06:39
Firmware Version: 1.0.1.11
Firmware Date : Nov 01 2022 - 05:07:20
Hardware Version : V1.2A
PN Series number : 9640004612A
SN Series number : 20VXU28N90B93B44
System Object ID : 1.3.6.1.4.1.27282.3.2.10
System Up Time: 1 days, 22 hours, 43 mins, 38 secs
Configure basic switch information
- Configure switch name
Command:
- system name NAME
- show info
Mode: global configuration mode
Parameter:
Parameter | Description |
name | Character range: 1-32 If the string is empty, use “” to quote it. |
Description: Modify the switch name
Example:
Set the switch name to MySwitch and check
Switch# configure
Switch (config) #system name MySwitch
MySw itch (config) # do show info
System Name : MySwitch
System Location : Default
System Contact : Default
MAC Address : C0:74:AD:B9:3B:44
IP Address : 192.168.80.202
Subnet Mask : 255.255.255.0
Loader Version: 3.6.9.55156
Loader Date : Sep 09 2022 - 16:06:39
Firmware Version: 1.0.1.11
Firmware Date : Nov 01 2022 - 05:07:20
Hardware Version : V1.2A
PN Series number : 9640004612A
SN Series number : 20VXU28N90B93B44
System Object ID : 1.3.6.1.4.1.27282.3.2.10
System Up Time: 1 days, 22 hours, 45 mins, 6 secs
- Configure switch location
Command: system location LOCATION
Mode: global configuration mode
Parameter:
Parameter | Description |
LOCATION | switch location If the string is empty, use “” to quote it |
Description: Modify switch location
Example:
Modify the location of the switch to shenzhen and check
Switch # configure
Switch(config)#system location shenzhen
Switch(config)#do show info
System Name : MySwitch
System Location: shenzhen
System Contact : Default
MAC Address : C0:74:AD:B9:3B:44
IP Address : 192.168.80.202
Subnet Mask : 255.255.255.0
Loader Version: 3.6.9.55156
Loader Date : Sep 09 2022 - 16:06:39
Firmware Version: 1.0.1.11
Firmware Date : Nov 01 2022 - 05:07:20
Hardware Version : V1.2A
PN Series number : 9640004612A
SN Series number : 20VXU28N90B93B44
System Object ID : 1.3.6.1.4.1.27282.3.2.10
System Up Time: 1 days, 22 hours, 47 mins, 55 secs
- Configure switch contact information
Command: system contact CONTACT
Mode: global configuration mode
Parameter:
Parameter | Description |
CONTACT | switch contact If the string is empty, use “” to quote it. |
Description: Modify the switch contact information
Example:
Modify the switch contact information to 13546879513 and check
Switch # configure
Switch(config)#system contact 13546879513
Switch(config)#do show info
System Name : MySwitch
System Location: shenzhen
System Contact : 13546879513
MAC Address : C0:74:AD:B9:3B:44
IP Address : 192.168.80.202
Subnet Mask : 255.255.255.0
Loader Version: 3.6.9.55156
Loader Date : Sep 09 2022 - 16:06:39
Firmware Version: 1.0.1.11
Firmware Date : Nov 01 2022 - 05:07:20
Hardware Version : V1.2A
PN Series number : 9640004612A
SN Series number : 20VXU28N90B93B44
System Object ID : 1.3.6.1.4.1.27282.3.2.10
System Up Time: 1 days, 22 hours, 48 mins, 1 secs
View the switch CPU information
- View the input frame rate of the CPU
Command: show cpu input rate
Mode: Privileged Exec Mode
Parameter: none
Description: View the rate of CPU input frames
Example:
Switch# show cpu input rate
Input Rate to CPU is 1 pps
- View CPU usage
Command: show cpu utilization
Mode: Privileged Exec Mode
Parameter: none
Description: Show CPU usage
Example:
Switch# show cpu utilization
CPU utilization
---------------
Current: 0%
View memory information
Command: show memory statistics
Mode: Privileged Exec Mode
Parameter:
Parameter | description |
total | total memory |
used | used memory |
free | free memory |
shared | Shared memory |
buffer | cache |
cache | cache |
Description: Display memory statistics, including total, used, free, shared, buffer, cache, unit KB
Example:
Switch# show memory statistics
total(KB) used(KB) free(KB) shared(KB) buffer(KB) cache(KB)
--------------------+-----------+----------+------ ----+------------+------------
Mem: 126028 78792 47236 0 0 0
-/+ buffers/cache: 78792 47236
Swap: 0 0 0
View switch version information
Command: show version
Mode: Privileged Exec Mode
Parameter:
Parameter | description |
Loader Version | bootloader version |
Loader Date | bootstrap date |
Firmware Version | Software version/system version |
Firmware Date | software date |
Description: Displays version information, including bootloader version, date and software version, date
Example:
Switch # show version
Loader Version: 3.6.9.55156
Loader Date : Sep 09 2022 - 16:06:39
Firmware Version: 1.0.1.11
Firmware Date : Nov 01 2022 - 05:07:20
Viewing the Running Status of the Switch Fans
Command: show fans
Mode: Privileged Exec Mode
Parameter: none
Description: Viewing the Running Status of the Switch Fans.
Example:
Viewing the Running Status of the GWN7803P Fan
Switch # show fan
FanId Status Speed
1 NORMAL LOW
2 NORMAL LOW
ETHERNET SERVICE
Basic port configuration
Open/close port
Command:
- no shutdown
- shutdown
Mode: interface configuration mode
Parameter: none
Description: Open/close port
Example:
close port 1
Switch#config
Switch (config) # interface Ethernet 1/0/1
Switch (config-if) #shutdown
open port 1
Switch (config-if) #no shutdown
Configure port description
Command: description DESCRIPTION
Mode: interface configuration mode
Parameter:
Parameter | Description |
DESCRIPTION | Character range: 1-128, used to describe the port, “\?/, characters are not supported. |
Description: Configure the description information of the interface
Example:
Configure the description of port 2 as port-2
Switch # configure
Switch(config)# interface Ethernet 1/0/2
Switch(config-if)# description port-2
Modify port description
Command: description WORD<1-128>
Mode: interface configuration mode
Parameter:
Parameter | Description |
WORD<1-128> | Character range: 1-128, used to describe the port. “\?/, characters are not supported. |
Description: Modify port description
Example:
Modify the description of port 1 to 111111
Switch#config
Switch (config) # interface Ethernet 1/0/1
Switch (config-if) # description 111111
Clear port description
Command: no description
Mode: interface configuration mode
Parameter: none
Description: clear port description
Example:
Switch#config
Switch (config) # interface Ethernet 1/0/1
Switch (config-if) #no description
Configuring Combo port working mode
Command:
- media-type (auto-select|rj45|sfp)
- no media-type
Mode: interface configuration mode
Parameter:
Parameter | Description |
auto-select | The auto-negotiation working mode will determine whether to use the electrical port or the optical port based on the actual access. If both have access, the optical port mode will be given priority. |
rj45 | Electrical port working mode |
sfp | Optical port working mode |
Description: Configure the working mode of the Combo port.
Example:
Turn on the working mode of port 1 as optical port
Switch# config
Switch (config) # interface Ethernet 1/0/1
Switch (config-if) # media-type sfp
Configure port automatic detection
Command:
- auto-detect
- no auto-detect
Mode: interface configuration mode
Parameter: none
Description: Configure whether to enable automatic detection of the SFP+ port. Automatically adjust the port rate according to the connected optical module.
Example:
Enable auto- detection of port 50
Switch#config
Switch (config) # interface Ethernet 1/0/50
Switch (config-if) # auto-detect
Disable auto-detection of port 50
Switch (config-if) # no auto-detect
Configure port rate
Command:
- speed [ 10|100|1000|10000 ]
- speed auto [(10|100|1000|10/100)]
Mode: interface configuration mode
Parameter:
Parameter | Description |
10 | Force 10 Mbps operation , force the port rate of 10 Mbps |
100 | Force 100 Mbps operation , force the port rate of 100 Mbps |
1000 | Force 1000 Mbps operation , force the port rate of 1000 Mbps |
10000 | Force 10Gbps operation , force the port rate of 10 Gbps Note : Supported only on GWN78xx(P) switches with SFP+ port. |
auto | The auto-negotiation rate has the following four situations: • 10: Include 10 Mbps in auto-negotiation advertisement • 10/100 : Include 10 Mbps and 100Mbps in auto-negotiation advertisement • 100 : Include 100 Mbps in auto-negotiation advertisement • 1000 : Include 1000 Mbps in auto-negotiation advertisement |
Description: Configure port speed
- Gigabit Ethernet port supports Auto, 10 Mbps, 100 Mbps, 1000 Mbps
- Gigabit optical port supports Auto, 10 Mbps, 100 Mbps, 1000 Mbps
- 10 Gigabit optical port supports 100 Mbps, 1000 Mps, 10000 Mbps
Example:
Configure port 1 to 1000 Mbps
Switch#config
Switch (config) # interface Ethernet 1/0/1
Switch (config-if) #speed 1000
Configure port DAC line
Command: dac [(0.5m|1m|3m|5m|none)]
Mode: interface configuration mode
Parameter:
Parameter | Description |
0.5m | 0.5 meters long |
1m | 1 meter long |
3m | 3 meters long |
5m | 5 meters long |
none | Disabled |
Description:
- Configuring the DAC cable length of the SFP+ port.
- The configuration is supported only if the SFP+ port auto-detection function is disabled and the rate is set to 10 Gbps.
Example:
Set the DAC cable of port 50 to 3m
Switch#config
Switch (config) # interface Ethernet 1/0/50
Switch (config-if) # no auto-detect
Switch(config-if)#speed 10000
Switch(confgi-if)#dac 3m
Configure port duplex mode
Command: duplex auto|full|half
Mode: interface configuration mode
Parameter:
Parameter | Description |
auto | Enable AUTO duplex configuration , automatic configuration mode |
full _ | Force full duplex operation , full duplex mode |
half | Force half-duplex operation , half-duplex mode |
Description: Configure port duplex mode
Example:
Configure the duplex mode of port 1 to auto
Switch#config
Switch (config) # interface Ethernet 1/0/1
Switch (config-if) # duplex auto
Configure port flow control
Command: flowcontrol auto|off|on
Mode: interface configuration mode
Parameter:
Parameter | Description |
auto | Enable AUTO flow-control configuration , automatic configuration |
off | Force flow-control as disabled , close |
on | Force flow-control as enabled , open |
Description: Configure port flow control
Example:
Configure the flow control of port 1 to auto
Switch#config
Switch (config) # interface Ethernet 1/0/1
Switch (config-if) # flowcontrol auto
Turn off port flow control
Command: no flow control
Mode: interface configuration mode
Parameter: none
Description: Turn off port flow control
Example:
Turn off flow control on port 1
Switch#config
Switch (config) # interface Ethernet 1/0/1
Switch (config-if) #no flowcontrol
View port information or status
Command:
- show interfaces IF_PORTS
- show interfaces IF_PORTS status
Mode: Privileged Exec Mode
Parameter:
Parameter | Description |
IF_PORTS | port number |
status | Display port information as follows: • Port: port number • Name: port name • Status : port status • Vlan: the Vlan where the port is located • Duplex: port duplex mode • Speed: port speed • Type: port type |
Description: View port information or status
Example:
Check port 1 information
Switch# show interface Ethernet 1/0/1
Ethernet1/0/1 is down
Hardware is Gigabit Ethernet
Auto-duplex, Auto-speed, media type is Copper
flow-control is off
back-pressure is enabled
0 packets input, 0 bytes, 0 throttles
Received 0 broadcasts (0 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frames
0 multicast, 0 pause input
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underrun
0 output errors, 0 collisions
0 babbles, 0 late collision, 0 deferred
0 PAUSE output
Check the status of port 1
Switch# show interface Ethernet 1/0/1 status
Port Name Status Vlan Duplex Speed Type
eth1/0/1 notconnect 1 auto auto Copper
Clear port statistics counters
Command: clear interfaces IF_PORTS counters
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
IF_PORTS | port number |
Description: Clear the statistical counters of the specified port
Example:
Clear statistics counters for port 1
Switch# clear interfaces interfaces Ethernet 1/0/1 counters
Traffic statistics
View interface statistics
Command: show interfaces IF_PORTS
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
IF_PORTS | The port number |
Description: the statistics of the specified interface
Example:
View statistics on port 1
Switch# show interfaces Ethernet 1/0/1
View interface traffic information
Command: show tech-support mib-counters
Mode: privileged EXEC mode
Parameter: none
Description: View interface traffic information
Example:
Switch# show tech-support mib-counters
Port auto recovery
Configure port recovery
Command:
- errdisable recovery interval seconds
- errdisable recovery cause {all | acl | arp-inspection|bpduguard| dhcp-rate-limit| selfloop|udld |psecure-violation |broadcast-flood |unicast-flood|unknown-multicast-flood}
Mode: global configuration mode
Parameter:
Parameter | Description |
seconds | Port recovery time , the value range is 30 -86400 seconds |
cause {all | acl | arp-inspection|bpduguard|dhcp-rate-limit| selfloop|udld |psecure-violation |broadcast-flood |unicast-flood|unknown-multicast-flood} | Mechanism of port recovery triggering |
Description: Configure port recovery
Example:
Configure the port recovery trigger mechanism as unicast flooding, and the recovery time is 30 seconds
Switch # configure
Switch(config)# errdisable recovery cause unicast-flood
Switch(config)# errdisable recovery interval 30s
View the port restoration table
Command: show errdisable recovery
Mode: privileged EXEC mode
Parameter: none
Description: View port recovery entries
Example:
Switch# show errdisable recovery
Link aggregation
Add/delete Link Aggregation Group
Command:
- lag <1-8> mode (static | active | passive)
- no lag
Mode: interface configuration mode
Parameter:
Parameter | Description |
<1-8> | Aggregation group ID , range <1-8> |
static | static mode |
active | Active mode of LACP |
passive | Passive mode of LACP |
Description: Use no lag configuration command to remove port aggregation
Example:
Port 1 and port 2 join static lag 1
Switch # configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# lag 1 mode static
Switch(config)# interface Ethernet 1/0/2
Switch(config-if)# lag 1 mode static
Switch # show lag
Load balancing
Command: lag load-balance { src-dst-mac | src-dst-mac-ip }
Mode: global configuration mode
Parameter:
Parameter | Description |
src-dst-mac | Load sharing based on src-mac|dst-mac |
src-dst-mac-ip | Load sharing based on src-mac|dst-mac|src-ip|dst-ip |
Description: Setting Link Aggregation Load Balancing Mode
Example:
Switch # configure
Switch(config)# lag load-balance src-dst-mac
LACP Configuration
- LACP system priority
Command: lacp system-priority <1-65535>
Mode: global configuration mode
Parameter:
Parameter | Description |
<1-65535> | LACP system priority range, the value range is an integer from 1 to 65535 , and the default is 32768 |
Description: Set the system priority of LACP
Example:
Set the global LACP system priority to 1
Switch(config-if)# lacp system-priority 1
- LACP port priority
Command: lacp port-priority <1-65535>
Mode: interface configuration mode
Parameter:
Parameter | Description |
<1-65535> | The range of LACP port priority, the value range is an integer from 1 to 65535 , the default is 1 |
Description: Configure LACP port priority, the default value is 1, the smaller the port priority value, the higher the LACP priority
Example:
Set the LACP priority of port 1 to 2
Switch# configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# lacp port-priority 2
- LACP port timeout mechanism
Command: lacp timeout {long|short}
Mode: interface configuration mode
Parameter:
Parameter | Description |
short | The timeout period for receiving LACP protocol packets is 3 seconds |
long | The timeout period for receiving LACP protocol packets is 90 seconds |
Description: Set the timeout time for receiving LACP packets, the default is short
Example:
Set the timeout period for receiving LACP packets on port 1 to long
Switch # configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# lacp timeout long
- Show LACP
Command:
- show lacp { <1-8> | counters |internal|neighbor|sys-id}
- show lag
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
<1-8> | Aggregation group ID , range <1-8> |
Description: View LAG/LACP entries
Example:
Switch # show lag
Switch# show lacp sys-id
Switch# show lacp counters
Switch # show lacp internal
Switch# show lacp neighbor
MAC address table
Set MAC Aging Time
Command: mac address-table aging-time
Mode: global configuration mode
Parameter:
Parameter | Description |
aging-time | Dynamic address aging time, the value range is 0 or an integer from 60 to 1000000, 0 means no aging . Default 300 seconds |
Description: Set the aging time of dynamic MAC
Example:
Switch#conf
Switch(config)# mac address-table aging-time 60
Set MAC static address
Command:
- mac address-table static MAC-address vlan vlan-id interface interface-id
- no mac address-table static MAC-address vlan vlan-id interface interface-id
Mode: global configuration mode
Parameter:
Parameter | Description |
MAC-address | MAC address: format A:B:C:D:E:F, such as 00:00:00:00:00:01 |
vlan vlan-id | vlan id value range <1-4094> |
interface interface-id | There are 2 interface modes {Ethernet|LAG } |
Description:
- mac address-table static command sets a static MAC address and binds the user device to an interface, thereby preventing illegal users from fraudulently obtaining data
- The no mac address-table static command deletes the specified static MAC address
Example:
Switch # configure
Switch(config)# mac address-table static 00:00:00:00:00:01 vlan 1 interfaces Ethernet 1/0/1
Switch(config)#mac address-table static 00:00:00:00:00:02 vlan 2 interfaces LAG 1
Switch(config)# no mac address-table static 00:00:00:00:00:01 vlan 1
Set black hole MAC address
Command:
- mac address-table static MAC-address vlan vlan-id drop
- no mac address-table static MAC-address vlan vlan-id drop
Mode: global configuration mode
Parameter:
Parameter | Description |
MAC-address | mac address: format A:B:C:D:E:F, such as 00:00:00:00:00:01 |
vlan-id | vlan id value range <1-4094> |
Description:
- mac address-table static command sets a blackhole MAC address. When the device receives a packet with a destination or source MAC address that is a blackhole MAC address, it discards it directly
- The no mac address-table static command deletes the specified blackhole MAC address
Example:
Switch# configure
Switch(config)# mac address-table static 00:00:00:00:00:01 vlan 3 drop
Switch(config)# no mac address-table static 00:00:00:00:00:01 vlan 3
Clearing dynamic MAC address entries
Command:
- clear mac address-table dynamic
- clear mac address-table dynamic interface interface-id
- clear mac address-table dynamic vlan vlan-id
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
vlan-id | vlan id value range <1-4094> |
interface-id | There are 2 interface modes {Ethernet|LAG} |
Description: Clear dynamic address entries
Example:
Switch# clear mac address-table dynamic
Switch# clear mac address-table dynamic interfaces Ethernet 1/0/1
Switch# clear mac address-table dynamic vlan 1
View MAC address entries
Command:
- show mac address-table aging-time
- show mac address-table counters
- show mac address-table
- show mac address-table mac-address
- show mac address-table interfaces interface-id
- show mac address-table vlan vlan-id
- Switch# show mac address-table dynamic
- show mac address-table dynamic interfaces interface-id
- show mac address-table dynamic vlan vlan-id
- show mac address-table static interfaces interface-id
- show mac address-table static vlan vlan-id
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
mac-address | mac address: format A:B:C:D:E:F, such as 00:00:00:00:00:01 |
vlan-id | vlan id value range <1-4094> |
interface-id | There are 2 interface modes {Ethernet|LAG } |
Description:
- show mac address-table aging-time : Check the aging time of dynamic mac address entries
- show mac address-table counters : Check the number of all MAC entries of the switch
- show mac address-table : Check the MAC address table entries
- show mac address-table mac-address : Check the entry of the specified MAC address
- show mac address-table interfaces interface-id : Check the interface entry of the mac address table entry
- show mac address-table vlan vlan-id : Check the MAC address entry of the vlan in the mac address entry
- Switch# show mac address-table dynamic : Check dynamic MAC address table entries
- show mac address-table dynamic interfaces interface-id : Check the interface entries of the dynamic mac address table entries
- show mac address-table dynamic vlan vlan-id : Check the M AC address entry of the vlan of the dynamic mac address entry
- show mac address-table static interfaces interface-id : Check the interface entries of the static mac address table entries
- show mac address-table static vlan vlan-id : Check the MAC address entry of the vlan of the static mac address entry
Example:
Switch# show mac address-table aging-time
Switch# show mac address-table counters
Switch# show mac address-table
Switch# show mac address-table 00:00:00:00:00:01
Switch# show mac address-table vlan 1
Switch# show mac address-table static
Switch# show mac address-table dynamic
Switch# show mac address-table interfaces Ethernet 1/0/1
VLAN
Configure access mode VLAN
Command:
- switchport mode { access/ hybrid/ trunk }
- switchport access vlan <1-4094>
Mode: interface configuration mode
Parameter:
Parameter | Description |
access/ hybrid/ trunk | Configure the link type access/hybrid/trunk of the port |
<1-4094> | Configure the port to join a vlan, the effective VLAN ID is 1-4094 |
Description: Set the port link type to Access, and add the port to the specified VLAN
Example:
Set the port link type to Access, and add port GE1 to VLAN 1
Switch#
Switch # configure
Switch(config)# vlan 2
Switch(config-vlan)# exit
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 1
Switch(config-if)# exit
Switch(config)# exit
Switch# copy running-config startup-config
Success
Switch#
Configure hybrid mode VLAN
Command:
- switchport mode { access/ hybrid/ trunk }
- switchport hybrid allowed vlan {add/ remove} VLAN-LIST {untagged/tagged}
- switchport hybrid pvid <1-4094>
- switchport hybrid acceptable-frame-type {all/tagged-only/untagged-only}
- switchport hybrid ingress-filtering
Mode: interface configuration mode
Parameter:
Parameter | Description |
access/ hybrid/ trunk | Configure the link type access/hybrid/trunk of the port |
add/remove | Configure the port link type as hybrid to add /remove vlan |
VLAN-LIST | The range of the vlan list is 1-4094 |
untagged/tagged | Configure the port to receive this VLAN frame as untagged/tagged |
<1-4094> | Configure the PVID of the port |
all/tagged-only/untagged-only | Configure the type of frame received by the port as all/only tagged/only untagged |
Description:
- The switchport mode command configures the port link type as hybrid
- switchport hybrid allowed vlan command configures the VLAN added /removed by the hybrid port, and the received frame type of this vlan is tagged/untagged
- switchport hybrid pvid command configures the PVID of the hybrid port
- switchport hybrid acceptable-frame-type command configures the frame type received by the hybrid port to be all
- switchport hybrid ingress-filtering command to enable inbound filtering
Example:
Switch#
Switch # configure
Switch(config)# vlan 3
Switch(config-vlan)# exit
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# switchport mode hybrid
Switch(config-if)# switchport hybrid allowed vlan add 2 tagged
Switch(config-if)# switchport hybrid allowed vlan add 3 untagged
Switch(config-if)# switchport hybrid allowed vlan remove 1
Switch(config-if)# switchport hybrid pvid 3
Switch(config-if)# switchport hybrid acceptable-frame-type all
Switch(config-if)# switchport hybrid ingress-filtering
Switch(config-if)# exit
Switch(config)# exit
Switch# copy running-config startup-config
Success
Configure Trunk mode VLAN
Command:
- switchport mode { access/ hybrid/ / trunk}
- switchport trunk allowed vlan {add/ remove} { VLAN-LIST/all }
- switchport trunk native vlan <1-4094>
Mode: interface configuration mode
Parameter:
Parameter | Description |
access/ hybrid/ trunk | Configure the link type access/hybrid/trunk of the port |
add/remove | Configure the port link type as Trunk to add /remove vlan |
VLAN-LIST/all | The range of the VLAN list is 1-4094 or all VLANs |
<1-4094> | Configure the PVID range of the port to be 1-4094 |
Description:
- The switchport mode command configures the port link type as trunk
- switchport trunk allowed vlan command configures the VLAN added /removed by the trunk port
- switchport trunk native vlan command configures the PVID of the trunk port
Example:
Switch#
Switch # configure
Switch(config)# vlan 2-4
Switch(config-vlan)# exit
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk allowed vlan add 3-4
Switch(config-if)# switchport trunk allowed vlan remove 1
Switch(config-if)# switchport trunk native vlan 4
Switch(config-if)# exit
Switch(config)# exit
Switch#
Display and maintain VLANs
Command:
- show vlan
- show vlan VLAN-LIST
- show interfaces switchport {Ethernet/ LAG} <interface-id>/<1-8>
Mode: none
Parameter:
Parameter | Description |
VLAN-LIST | The range of VLAN list is 1-4094 |
Ethernet/ LAG | Select Ethernet Port or Aggregated Port |
<interface-id> | Take GWN 7803P as an example, Ethernet port 1-28 |
<1-8> | Take GWN7803P as an example, aggregation port 1-8 |
Description:
- show vlan command displays all VLAN information
- show vlan VLAN-LIST command displays a certain VLAN information
- show interfaces switchport command displays port VLAN information
Example:
Switch# show vlan
VID | VLAN Name | Untagged Ports | Tagged Ports |
-----+-------------+-------------------+---------- ------+---------
1 | default | eth1/0/1-1/0/10, lag1-8 | --- | Default
Voice VLAN
- Configure Global Voice VLAN
Command:
- voice-vlan
- no voice-vlan
- voice-vlan [ state (oui-mode | auto-mode | untagged-oui-mode) ]
- voice-vlan vlan <2-4094>
- voice-vlan aging-time <30-65536>
- voice-vlan cos <0-7> [remark]
- voice-vlan dscp <0-63>
- voice-vlan oui-table A:B:CA:B:C
Mode: global configuration mode
Parameter:
Parameter | Description |
oui-mode | Tagged OUI mode, the port is added to the voice VLAN in tagged form. |
auto-mode | Automatic voice VLAN mode |
untagged-oui-mode | Untagged OUI mode, the port is added to the voice VLAN in untagged form. |
<2-4094> | Specify voice vlan range 2-4094 |
<30-65536> | The specified aging time range is 30-65536 minutes |
<0-7> | Specify voice VLAN service class as 0-7 |
[ remark ] | Whether to remark the CoS |
<0-63> | Specifies the DSCP priority of the automatic voice VLAN , the default is 46 |
A:B:C | Configure OUI address |
A:B:C | Configure OUI mask |
Description:
- voice-vlan: enable voice VLAN function.
- no voice-vlan : turn off the voice VLAN function.
- voice-vlan [ state (oui-mode | auto-mode | untagged-oui-mode) ] : select voice VLAN mode.
- The voice-vlan vlan command configures voice VLAN.
- The voice-vlan aging-time command enables the voice VLAN aging time.
- The voice-vlan cos command configures the cos priority.
- The voice-vlan cos <0-7> remark command configures CoS remark.
- voice-vlan dscp <0-63> command configures the DSCP priority of automatic voice VLAN.
- The voice-vlan oui-table command configures the OUI address and mask.
Example:
Switch#
Switch # configure
Switch(config)# voice-vlan
Switch(config)# voice-vlan state oui-mode
Switch(config)# voice-vlan vlan 4
Switch(config)# voice-vlan aging-time 30
Switch(config)# voice-vlan cos 5
Switch(config)# voice-vlan oui-table c0:74:ad ff:ff:ff
Switch(config)# exit
Switch#
- Configure port voice VLAN
Command:
- voice-vlan
- no voice-vlan
- voice-vlan mode {auto/manual}
Mode: interface configuration mode
Parameter:
Parameter | Description |
auto | Specify port voice VLAN as automatic mode |
manual | Specify port voice VLAN as manual mode |
Description:
- The voice-vlan command configures the port to enable the voice VLAN
- The no voice-vlan command configures and disables the port voice VLAN function
- The voice-vlan mode command configures the port voice as vlan in automatic /manual mode
Example:
Switch#
Switch # configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# voice-vlan
Switch(config-if)# voice-vlan mode auto
Switch(config-if)# voice-vlan mode manual
Switch(config-if)# exit
Switch(config)# exit
Switch#
- Display voice VLAN information
Command:
- show voice-vlan
- show voice-vlan interfaces {Ethernet/ LAG} <interface-id>/<1-8>
Mode: none
Parameter:
Parameter | Description |
Ethernet/ LAG | Select Ethernet Port or Aggregated Port |
<interface-id> | Take GWN 7803P as an example, Ethernet port 1-28 |
<1-8> | Take GWN7803P as an example, aggregation port 1-8 |
Description:
- show voice-vlan command displays voice VLAN information
- show voice-vlan interfaces command displays port voice VLAN information
Example:
Switch# show voice-vlan
Administrate Voice VLAN state : disabled
Voice VLAN ID: none (disable)
Voice VLAN Aging : 1440 minutes
Voice VLAN CoS : 6
Voice VLAN 1p Remark: disabled
Switch# show voice-vlan interface Ethernet 1/0/1
Voice VLAN Aging : 1440 minutes
Voice VLAN CoS : 6
Voice VLAN 1p Remark: disabled
OUI table
OUI MAC | OUI MASK | Description
-----------+-------------+-----------------
00:0B:82 | FF:FF:FF | Grandstream
C0:74:AD | FF:FF:FF | Grandstream
EC:74:D7 | FF:FF:FF | Grandstream
00:E0:BB | FF:FF:FF | 3COM
00:03:6B | FF:FF:FF | Cisco
00:E0:75 | FF:FF:FF | Veritel
00:D0:1E | FF:FF:FF | Pingtel
00:01:E3 | FF:FF:FF | Siemens
00:60:B9 | FF:FF:FF | NEC/Philips
00:0F:E2 | FF:FF:FF | H3C
00:09:6E | FF:FF:FF | Avaya
Port | State | Port Mode | Cos Mode
-----+---------+-------------+-----------
eth1/0/1 | Disabled | Manual | Src
Spanning tree
Global Settings
- Turn on/off spanning tree
Command:
- spanning-tree
- no spanning-tree
Mode: global configuration mode
Parameter: none
Description: Enable/ disable spanning tree function
Example:
Switch(config)# no spanning-tree
Switch(config)# spanning-tree
- BPDU processing method
Command: spanning-tree bpdu {filtering|flooding}
Mode: global configuration mode
Parameter:
Parameter | Description |
filtering | When spanning tree is disabled, filter DU packets |
flooding | Flood BPDU packets when spanning tree is disabled |
Description: Set the processing mode of BPDU packets when the spanning tree is disabled
Example:
Switch(config)# no spanning-tree
Switch(config)# spanning-tree bpdu filtering
- Spanning tree mode
Command: spanning-tree mode {stp|rstp|mstp|pvst}
Mode: global configuration mode
Parameter:
Parameter | Description |
stp | spanning tree protocol |
rstp | Rapid Spanning Tree Protocol |
mstp | Multiple Spanning Tree Protocol |
pvst | VLAN – based Spanning Tree Protocol |
Description: Set spanning tree mode , default RSTP
Example:
Switch(config)# spanning-tree mode rstp
- Path cost
Command: spanning-tree pathcost method {long|short}
Mode: global configuration mode
Parameter:
Parameter | Description |
long | Specify the global path cost as long, ranging from 1 to 200000000 |
short | Specify the global path cost as short, the range is between 1-65535 |
Description: Set the global spanning tree path cost, the default is long
Example:
Switch(config)# spanning-tree mode rstp
- Bridge priority
Command: spanning-tree priority PRIORITY
Mode: global configuration mode
Parameter:
Parameter | Description |
priority | Global bridge priority, an integer ranging from 0 to 61440 , and a multiple of 4096 |
Description: Set global bridge priority
Example:
Switch(config)# spanning-tree priority 0
- BPDU contact time
Command: spanning-tree hello-time SECONDS
Mode: global configuration mode
Parameter:
Parameter | Description |
seconds | BPDU contact time setting, the value range is an integer from 1 to 10, and it needs to satisfy (Hello Time+1)*2≤Max Age≤(Forward Delay-1)*2 |
Description: Set BPDU contact time
Example:
Switch(config)# spanning-tree hello-time 2
- Aging time
Command: spanning-tree maximum-age SECONDS
Mode: global configuration mode
Parameter:
Parameter | Description |
seconds | maximum aging time setting, the value range is an integer from 6 to 40 , and it needs to satisfy (Hello Time+1)*2≤Max Age≤(Forward Delay-1)*2 |
Description: Set the maximum aging time
Example:
Switch(config)# spanning-tree maximum-age 20
- Forwarding delay time
Command: spanning-tree forward-delay SECONDS
Mode: global configuration mode
Parameter:
Parameter | Description |
seconds | Forwarding delay time, an integer ranging from 4 to 30 , and must satisfy (Hello Time+1)*2≤Max Age≤(Forward Delay-1)*2 |
Description: Set forwarding delay time
Example:
Switch(config)# spanning-tree forward-delay 15
- Send retain count
Command: spanning-tree tx-hold-count COUNT
Mode: global configuration mode
Parameter:
Parameter | Description |
count | an integer ranging from 1 to 10 |
Description: Set send hold count
Example:
Switch(config)# spanning-tree tx-hold-count 6
- Maximum hop count
Command: spanning-tree max-hops HOP
Mode: global configuration mode
Parameter:
Parameter | Description |
hop | The maximum number of hops, an integer ranging from 1 to 40 |
Description: Set the maximum number of hops
Example:
Switch(config)# spanning-tree max-hops 20
- Show spanning tree
Command: show spanning tree
Mode: privileged EXEC mode
Parameter: none
Description: View spanning tree information
Example:
Switch # show spanning tree
Port settings
- Port selection
Command:
- interface Ethernet id/LAG id
- interface range Ethernet/LAG <nm>
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Ethernet id/LAG id | Select switch ports, including common interfaces and aggregated interfaces. |
Ethernet/LAG <nm> | Select the switch port range , including common interfaces and aggregated interfaces. |
Description: Select ports for spanning tree related configuration
Example:
Switch(config)# interface range Ethernet 1/0/2-1/0/10
- Port path cost
Command: spanning-tree cost COST
Mode: global configuration mode
Parameter:
Parameter | Description |
cost | When the global path cost is set to long, the range is an integer between 0 and 200000000; when the global path cost is set to short, the range is an integer between 0 and 65535; when it is set to 0, it automatically matches the global setting |
Description: Set port path cost
Example:
Switch(config-if-range)# spanning-tree cost 100
- Port priority
Command: spanning-tree port-priority PRIORITY
Mode: global configuration mode
Parameter:
Parameter | Description |
priority | Port priority, the value is an integer between 0 and 240, and it is a multiple of 16 |
Description: Set port priority
Example:
Switch(config-if-range)# spanning-tree port-priority 0
- Configure edge ports
Command: spanning-tree-edge {auto|true|false}
Mode: global configuration mode
Parameter:
Parameter | Description |
auto|true|false | port edge setting |
Description: Set the edge port function of the port
Example:
Switch(config-if-range)# spanning-tree edge auto
- Enable/disable BPDU filtering
Command:
- spanning-tree bpdu-filter
- no spanning-tree bpdu-filter
Mode: global configuration mode
Parameter: none
Description: Set the BPDU filtering function of the port
Example:
Switch(config-if-range)# spanning-tree bpdu-filter
- Enable/disable BPDU protection
Command:
- spanning-tree bpdu-guard
- no spanning-tree bpdu-guard
Mode: global configuration mode
Parameter: none
Description: Set the BPDU protection function of the port
Example:
Switch(config-if-range)# spanning-tree bpdu-guard
- Point-to-point link
Command:
- spanning-tree link-type (point-to-point|shared)
- no spanning-tree link-type
Mode: interface configuration mode
Parameter:
Parameter | Description |
point-to-point | Start a point-to-point link |
shared | Disable point-to-point link |
Description:
Set the point-to-point link function of the port
no spanning-tree link-type : restore the port as an automatic identification link
Example:
Switch(config-if-range)# no spanning-tree link-type shared
- Show port
Command: show spanning-tree interfaces IF_PORTS [statistic]
Mode: privileged EXEC mode
Parameter:
parameter | describe |
interfaces IF_PORTS | Port ID or range of port IDs |
statistic | Display the spanning tree data information of the port |
Description: View port spanning tree information
Example:
Switch# show spanning-tree interfaces Ethernet 1/0/2
Port eth1/0/2 enabled
State: forwarding
Role: root
Port id: 12 8.2
Port cost: 4
Type: P2P (STP)
Edge Port: No
Designated bridge Priority : 32767
Address: c0:74:ad:98:d5:10
Designated port id: 128.2
Designated path cost: 0
BPDU Filter: Disabled
BPDU guard: Disabled
BPDU: sent 6, received 692
MST instance
- Enter MST configuration
Command: spanning-tree mst configuration
Mode: global configuration mode
Parameter: none
Description: MST configuration to enter MSTP mode
Example:
Switch(config)# spanning-tree mst configuration
- Domain name
Command: name NAME
Mode: MST configuration mode
Parameter:
Parameter | Description |
name | MST domain name , up to 32 characters |
Description: Set MST domain name
Example:
Switch(config-mst)# name 123
- Revision
Command: revision REVISION
Mode: MST configuration mode
Parameter:
Parameter | Description |
revision | MSTP revision, an integer ranging from 0 to 65535 |
Description: Set MSTP revision
Example:
Switch(config-mst)# revision 123
- Instances and VLANs
Command: instance instance-id vlan vlan-list
Mode: MST configuration mode
Parameter:
Parameter | Description |
instance-id | Instance ID (0-15) |
vlan-list | instance mapping, you can only fill in one VLAN , or take a range, if not filled, the default is 1-4094 |
Description: Set the mapping relationship between instances and VLANs
Example:
Switch(config-mst)# instance 2 vlan 50-100
- Instance priority
Command: spanning-tree mst instance-id priority priority
Mode: MST configuration mode
Parameter:
Parameter | Description |
instance-id | Instance ID (0-15) |
priority | Instance priority, an integer ranging from 0 to 61440 and a multiple of 4096 |
Description: Set instance priority
Example:
Switch(config-mst)# instance 2 priority 0
- Show MST configuration
Command: show spanning-tree mst configuration
Mode: privileged EXEC mode
Parameter: none
Description: View MST configuration
Example:
Switch# show spanning-tree mst configuration
MST port settings
- Port selection
Command:
- interface Ethernet id/LAG id
- interface range Ethernet/LAG <nm>
Mode: global configuration mode
Parameter:
Parameter | Description |
Ethernet id/LAG id | Select switch ports, including common interfaces and aggregated interfaces |
Ethernet/LAG <nm> | Select the switch port range , including common interfaces and aggregated interfaces |
Description: Select port for MST port configuration
Example:
Switch(config)# interface range Ethernet 1/0/2-1/0/10
- Port path cost
Command: spanning-tree mst instance-id cost cost
Mode: interface configuration mode
Parameter:
Parameter | Description |
instance-id | Instance ID |
cost | Path cost , an integer ranging from 0 to 200000000 |
Description: Set the path cost of the specified port in the MST instance
Example:
Switch(config-if-range)# spanning-tree mst 2 cost 100
- Port priority
Command: spanning-tree mst instance-id port-priority priority
Mode: interface configuration mode
Parameter:
Parameter | Description |
instance-id | Instance ID |
priority | Port priority , an integer ranging from 0 to 240 , and a multiple of 16 |
Description: Set the priority of the specified port in the MST instance
Example:
Switch(config-if-range)# spanning-tree mst 2 port-priority 0
- Show MST instance configuration
Command: show spanning-tree mst instance-id interface IF_PORTS
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
instance-id | Instance ID (0-15) |
IF_PORTS | port or port range |
Description: View the configuration of the MST instance on the specified port
Example:
Switch# show spanning-tree mst 2
VLAN settings (PVST)
- Create a VLAN instance
Command: spanning-tree pvst vlan VLAN-LIST
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN ID, enter an integer from 1 to 4094 , multiple choices |
Description: Create a VLAN instance
Example:
Switch(config)# spanning-tree pvst vlan 1
- Delete a VLAN instance
Command: no spanning-tree pvst vlan VLAN-LIST
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN ID, enter an integer from 1 to 4094 , multiple choices |
Description: Delete a VLAN instance
Example:
Switch(config)# no spanning-tree pvst vlan 1
- Contact time
Command: spanning-tree pvst vlan VLAN-LIST hello-time <1-10>
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN ID, enter an integer from 1 to 4094 , multiple choices |
<1-10> | Contact time , an integer ranging from 1 to 10 , the default is 2 , and it needs to satisfy (Hello Time+1)*2≤Max Age≤(Forward Delay-1)*2 |
Description: Set contact time for VLAN instance
Example:
Switch(config)# spanning-tree pvst vlan 1 hello-time 2
- Reset Contact Hours
Command: no spanning-tree pvst vlan VLAN-LIST hello-time
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN ID, enter an integer from 1 to 4094 , multiple choices |
Description: Reset the contact time of the VLAN instance to the default value of 2 seconds
Example:
Switch(config)# no spanning-tree pvst vlan 1 hello-time
- Forwarding delay time
Command: spanning-tree pvst vlan VLAN-LIST forward-delay <4-30>
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN ID, the input range is an integer from 1 to 4094 , multiple choices are possible |
<4-30> | Forwarding delay time , the value range is an integer from 4 to 30 , the default is 15 seconds , and it needs to satisfy (Hello Time+1)*2≤Max Age≤(Forward Delay-1)*2 |
Description: Set the forwarding delay time of the VLAN instance
Example:
Switch(config)# spanning-tree pvst vlan 1 forward-delay 15
- Reset forwarding delay time
Command: no spanning-tree pvst vlan VLAN-LIST forward-delay
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN ID, the input range is an integer from 1 to 4094 , multiple choices are possible |
Description: Reset the forwarding delay time of the VLAN instance to the default value of 15 seconds
Example:
Switch(config)# no spanning-tree pvst vlan 1 forward-delay
- Aging time
Command: spanning-tree pvst vlan VLAN-LIST maximum-age <6-40>
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN ID, the input range is an integer from 1 to 4094 , multiple choices are possible |
<6-40> | The maximum presbyopia time , an integer ranging from 6 to 40 , the default is 20 seconds , and it needs to satisfy (Hello Time+1)*2≤Max Age≤(Forward Delay-1)*2. |
Description: Set the maximum aging time of a VLAN instance
Example:
Switch(config)# spanning-tree pvst vlan 1 maximum-age 20
- Reset max aging time
Command: no spanning-tree pvst vlan VLAN-LIST forward-delay
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN ID, the input range is an integer from 1 to 4094 , multiple choices are possible |
Description: time of VLAN instances to the default value of 20 seconds
Example:
Switch(config)# no spanning-tree pvst vlan 1 maximum-age
- Priority
Command: spanning-tree pvst vlan VLAN-LIST priority <0-61440>
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN ID, the input range is an integer from 1 to 4094 , multiple choices are possible |
<0-61440> | Priority , the value range is an integer from 0 to 61440 , and it is a multiple of 4096 , the default is 32768 |
Description:
- set priority
- Note: In PVST mode, the actual priority of each instance is the sum of priority and VLAN ID
Example:
Switch(config)# spanning-tree pvst vlan 1 priority 32768
- Reset priority
Command: no spanning-tree pvst vlan VLAN-LIST priority
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN ID, the input range is an integer from 1 to 4094 , multiple choices are possible |
Description: Reset priority to default 32768
Example:
Switch(config)# no spanning-tree pvst vlan 1 priority
- View VLAN instance
Command: show spanning-tree pvst VLAN-LIST
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN ID, enter an integer from 1 to 4094 , multiple choices |
Description: View VLAN instance
Example:
Switch(config)# show spanning-tree pvst 1
PVST port settings
- Port selection
Command:
- interface Ethernet id/LAG id
- interface range Ethernet/LAG <nm>
Mode: global configuration mode
Parameter:
Parameter | Description |
Ethernet id/LAG id | Select switch ports, including common interfaces and aggregated interfaces |
Ethernet/LAG <nm> | Select the switch port range , including common interfaces and aggregated interfaces |
Description: Select port for PVST port configuration
Example:
Switch(config)# interface range Ethernet 1/0/2-1/0/10
- Port priority
Command: spanning-tree pvst vlan <1-4094> port- priority <0-240>
Mode: interface configuration mode
Parameter:
Parameter | Description |
<1-4094> | VLAN ID, the input range is an integer from 1 to 4094 , multiple choices are possible. |
<0-240> | Port priority , the value range is an integer from 0 to 240 , and it is a multiple of 16 , and the default is 128. |
Description: Set port priority
Example:
Switch(config-if-range)# spanning-tree pvst vlan 1 port-priority 128
- Reset port priority
Command: no spanning-tree pvst vlan <1-4094> port- priority
Mode: interface configuration mode
Parameter:
Parameter | Description |
<1-4094> | VLAN ID, the input range is an integer from 1 to 4094 , multiple choices are possible |
Description: Reset port priority to default 128
Example:
Switch(config-if-range)# no spanning-tree pvst vlan 1 port-priority
- Port path cost
Command: spanning-tree pvst vlan <1-4094> port-cost cost
Mode: interface configuration mode
Parameter:
Parameter | Description |
<1-4094> | VLAN ID, the input range is an integer from 1 to 4094 , multiple choices are possible |
cost | Port path overhead. The value range is determined according to the setting of the global path cost. If the global path cost is “long”, the value range is an integer from 0 to 200000000 ; if the global path cost is “short”, the value range is an integer from 0 to 65535 . 0 indicates that the path cost calculation is performed automatically. |
Description: Set the path cost of the port
Example:
Switch(config-if-range)# spanning-tree pvst vlan 1 port-cost 4096
- Reset port path cost
Command: no spanning-tree pvst vlan <1-4094> port-cost
Mode: interface configuration mode
Parameter:
Parameter | Description |
<1-4094> | VLAN ID, the input range is an integer from 1 to 4094 , multiple choices are possible. |
Description: Reset the path cost of the port
Example:
Switch(config-if-range)# no spanning-tree pvst vlan 1 port-cost
IP
View switch gateway
Command: show ip
Mode: privileged EXEC mode
Parameter: none
Description: View switch gateway
Example:
Switch # show ip
VLAN IPv4 interface
View all VLAN IPv4 interfaces
Command: show ip interface
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
IP Address | IPv4 address |
I/F | VLAN IDs |
I/F Status | Interface status (up/down) |
Type | Interface type (Default/Static/DHCP) |
Status | Interface status (Valid/Not Received) |
Description: View all IPv4 interfaces
Example:
Switch# show ip interface
View the specified VLAN IPv4 interface
Command:
- show ip interface loopback1
- show ip interface vlanxxx
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
vlanxxx | VLAN ID, the value range is 1-4094 |
IP Address | IPv4 address |
I/F | VLAN IDs |
I/F Status | Interface status (up/down) |
type | Interface type (Default/Static/DHCP) |
Status | Interface status (Valid/Not Received) |
Description: View the specified VLAN IPv4 interface
Example:
View the IPv4 interfaces of loopback1 , VLAN 1 and VLAN 1000
Switch# show ip interface Loopback1
Switch# show ip interface vlan1
Switch# show ip interface vlan1000
Configure static type VLAN IPv4 interface
Command:
- ip address ip/masklength
- ip address ip netmask
Mode: interface configuration mode
Parameter:
Parameter | Description |
ip | IPv4 address |
mask length | mask length |
netmask | subnet mask |
Description: Configure static type VLAN IPv4 interface
Example:
Configure the static IPv4 address of VLAN 100 as 192.168.70.111 and the subnet mask as 255.255.255.0
Switch#config
Switch(config)#interface vlan 100
Switch(config-if)#ip address 192.168.70.111/24
Switch(config-if)#ip address 192.168.70.111 255.255.255.0
Configure DHCP type VLAN IPv4 interface
Command: ip dhcp client
Mode: interface configuration mode
Parameter: none
Description: Configure DHCP-type VLAN IPv4 interface
Example:
Configure a dynamic IPv4 interface address for VLAN 101
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#ip dhcp client
Configure the DHCP gateway priority of IPv4 interface
Command: ip dhcp gateway priority <2-255>
Mode: interface configuration mode
Parameter:
Parameter | Description |
<2-255> | Gateway priority, the value range is 2-255 , the default is 2. The smaller the value , the higher the priority. |
Description: Configuring the DHCP Gateway Priority of an IPv4 Interface.
Example:
Configure the DHCP gateway priority of VLAN 101 as 10
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#ip dhcp client
Switch(config-if)#ip dhcp gateway priority 10
Clear the static address configuration of the VLAN IPv4 interface
Command:
- no ip address
- no ip address ABCD
Mode: interface configuration mode
Parameter:
Parameter | Description |
ABCD | IPv4 address |
Description: Clear the static address configuration of the VLAN IPv4 interface
Example:
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#no ip address
Switch(config-if)#no ip address 192.168.10.10
Clear the DHCP address configuration of the VLAN IPv4 interface
Command: no ip dhcp client
Mode: interface configuration mode
Parameter: none
Description: Clear the DHCP address configuration of the VLAN IPv4 interface
Example:
Clear the IPv4 DHCP address configuration of VLAN 101
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#no ip dhcp client
Set the VLAN interface as the management VLAN interface
Command: management-vlan
Mode: interface configuration mode
Parameter: none
Description: Set the interface as the management VLAN interface
Example:
Set the VLAN 101 interface as the management VLAN interface
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#management-vlan
Restore the management VLAN interface to the default VLAN 1 interface
Command: no management-vlan
Mode: interface configuration mode
Parameter: none
Description: Restore the management VLAN interface to the default VLAN 1 interface
Example:
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#no management-vlan
VLAN IPv6 interface
View all VLAN IPv6 interfaces
Command: show ip v6 interface
Mode: privileged EXEC mode
Parameter: none
Description: View all IPv6 interfaces
Example:
Switch# show ip v6 interface
View the specified VLAN IPv6 interface
Command:
- show ip v6 interface loopback1
- Show ip v6 interface vlanxxx
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
vlanxxx | VLAN ID , the value range is 1-4094 |
Description: View the specified VLAN IPv6 interface
Example:
View the IPv6 interfaces of loopback1 , VLAN 1 and VLAN 1000
Switch# show ipv6 interface Loopback1
Switch# show ipv6 interface vlan1
Switch# show ipv6 interface vlan1000
Enabling the IPv6 function on a VLAN interface
Command: ip v6 enable
Mode: interface configuration mode
Parameter: none
Description: Enabling the IPv6 function on a VLAN interface it is enabled , the link-local address automatic generation function is enabled by default.
Example:
Enable the IPv6 function on VLAN 100 interface
Switch#config
Switch(config)#interface vlan 100
Switch(config-if)#ipv6 enable
Disable the IPv6 function of the VLAN interface
Command: no ip v6 enable
Mode: interface configuration mode
Parameter: none
Description: Disable the IPv6 function of the VLAN interface
Example:
Disable the IPv6 function of VLAN 100 interface
Switch#config
Switch(config)#interface vlan 100
Switch(config-if)#no ipv6 enable
Statically configuring the IPv6 link-local address of a VLAN interface
Command: ip v6 address X:X::X:X link-local
Mode: interface configuration mode
Parameter:
Parameter | Description |
X:X::X:X | link local address |
Description: Statically configuring the IPv6 link-local address of a VLAN interface.
Example:
Configure the IPv6 link-local address of VLAN 101 interface as fe80::1111
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#ipv6 enable
Switch(config-if)#ipv6 address fe80::1111 link-local
Statically configuring the IPv6 global unicast address of a VLAN interface
Command: ip v6 address X:X::X:X/<1-128>
Mode: interface configuration mode
Parameter:
Parameter | Description |
X:X::X:X/<1-128> | global unicast address |
Description: Configuring an IPv6 global unicast address for a VLAN interface
Example:
Configure the IPv6 global unicast address of VLAN 101 interface as 2002: : 1111/64
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#ipv6 enable
Switch(config-if)#ipv6 address 2002::1111/64
Configure the IPv6 global unicast address of the VLAN interface as stateful DHCPv6
Command: ip v6 dhcp client
Mode: interface configuration mode
Parameter: none
Description: Configure the IPv6 global unicast address of the VLAN interface as stateful DHCPv6
Example:
Configure the IPv6 global unicast address of VLAN 1 0 1 interface as stateful DHCPv6
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#ipv6 enable
Switch(config-if)#ipv6 dhcp client
Configure the IPv6 global unicast address of the VLAN interface as stateless DHCPv6
Command: ip v6 dhcp client stateless
Mode: interface configuration mode
Parameter: none
Description: Configure the IPv6 global unicast address of the VLAN interface as stateless DHCPv6
Example:
Configure the IPv6 global unicast address of VLAN 101 interface as stateless DHCPv6
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#ipv6 enable
Switch(config-if)#ipv6 dhcp client stateless
Configure the IPv6 global unicast address of the VLAN interface as stateless auto-configuration
Command: ip v6 address autoconfig
Mode: interface configuration mode
Parameter: none
Description: Configure the IPv6 global unicast address of the VLAN interface as stateless auto-configuration
Example:
Configure the IPv6 global unicast address of VLAN 101 interface as stateless automatic configuration
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#ipv6 enable
Switch(config-if)#ipv6 address autoconfig
Configure the automatic configuration gateway priority of the IPv6 interface global unicast address
Command: ipv6 dhcp gateway priority <2-255>
Mode: interface configuration mode
Parameter:
Parameter | Description |
<2-255> | Gateway priority, the value range is 2-255 , the default is 2. The smaller the value , the higher the priority |
Description: Configure the gateway priority for stateful DHCPv6, stateless DHCPv6, or stateless auto-configuration of the IPv6 interface global unicast address.
Example:
Configure the IPv6 global unicast address of VLAN 101 with a stateful DHCPv6 gateway priority of 10
Switch#config
Switch(config)#interface vlan 101
Switch(config)#ipv6 enable
Switch(config-if)#ip v6 dhcp client
Switch(config-if)#ip v6 dhcp gateway priority 10
Clear the address configuration of the VLAN IPv6 interface
Command:
- no ip v6 address
- no ipv6 address X:X::X:X/<1-128>
- no ipv6 address autoconfig
- no ipv6 dhcp client
- no ipv6 dhcp client stateless
Mode: interface configuration mode
Parameter:
Parameter | Description |
X:X::X:X/<1-128> | global unicast address |
Description:
- no ip v6 address : Clear the IPv6 manually configured address of the VLAN interface, including link- local addresses and global unicast addresses.
- no ipv6 address X:X::X:X/<1-128> : Clear the specified IPv6 manually configured address , link-local address or global unicast address of the VLAN interface.
- no ipv6 address autoconfig : Clear the IPv6 global unicast stateless autoconfig address of the VLAN interface.
- no ipv6 dhcp client : Clear the IPv6 global unicast stateful DHCPv6 address of the VLAN interface.
- no ipv6 dhcp client stateless : Clear the IPv6 global unicast stateless DHCPv6 address of the VLAN interface.
Example:
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#no ipv6 address
Switch(config-if)#no ipv6 address 2002 ::1111 /64
Switch(config-if)#no ipv6 address autoconfig
Switch(config-if)#no ipv6 dhcp client
Switch(config-if)#no ipv6 dhcp client stateless
Disable VLAN interface
Command: shutdown
Mode: interface configuration mode
Parameter: none
Description: Disable VLAN interface
Example:
Disable VLAN 101 interface
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#shutdown
Undisable vlan interface
Command: no shutdown
Mode: interface configuration mode
Parameter: none
Description: undisable vlan interface
Example:
Undisable VLAN 101 interface
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#no shutdown
VLAN IPv6 interface route advertisement
Enable the VLAN interface route advertisement function
Command: Ipv6 nd ra enable
Mode: Interface VLAN configuration mode
Parameter: none
Description: Enable the VLAN interface route advertisement function
Example:
Enable the route advertisement function of VLAN 101
Switch # config
Switch(config)# interface vlan101
Switch(config-if ) # ipv6 enable
Switch(config-if)# ipv6 nd ra enable
Disable the VLAN interface route advertisement function
Command: no ipv 6 nd ra enable
Mode: Interface VLAN configuration mode
Parameter: none
Description: Disable interface route advertisement function
Example:
Switch(config-if)# no ipv6 nd ra enable
Turn on option information
Command: ipv6 nd ra adv-interval-option
Mode: Interface VLAN configuration mode
Parameter: none
Description: Open option information
Example:
Enable route advertisement option information for VLAN 101
Switch # config
Switch(config)# interface vlan101
Switch(config-if)# ipv6 enable
Switch(config-if)# ipv6 nd ra enable
Switch(config-if)# ipv6 nd ra adv-interval-option
Close option information
Command: no ipv6 nd ra adv-interval-option
Mode: Interface VLAN configuration mode
Parameter: none
Description: Close option information
Example:
Switch(config-if)# no ipv6 nd ra adv-interval-option
Route Advertisement Interval
Command: ipv6 nd ra interval <1-1800>
Mode: Interface VLAN configuration mode
Parameter:
Parameter | Description |
<1-1800> | Route advertisement interval time, an integer ranging from 1 to 1800 , the default is 600 seconds. |
Description: Set the route advertisement interval.
Example:
Set the route advertisement interval of VLAN 101 to 900 seconds
Switch # config
Switch (config)# interface vlan101
Switch(config-if)# ipv6 enable
Switch(config-if)# ipv6 nd ra enable
Switch(config-if)# ipv6 nd ra interval 900
Survival time
Command: ipv6 nd ra lifetime <0-9000>
Mode: Interface VLAN configuration mode
Parameter:
Parameter | Description |
<0-9000> | Set the life time of IP v6 routing advertisement, the value range is an integer from 0 to 9000, and the default is 1800 seconds. |
Description: Set the VLAN interface route advertisement lifetime.
Example:
Set the route advertisement lifetime of VLAN 101 to 1200 seconds
Switch # config
Switch(config)# interface vlan101
Switch(config-if)# ipv6 enable
Switch(config-if)# ipv6 nd ra enable
Switch(config-if)# ipv6 nd ra lifetime 1200
Turn on the flag bit M Flag
Command: ipv6 nd ra managed-config-flag
Mode: Interface VLAN configuration mode
Parameter: none
Description: Turn on the flag bit M Flag
Example:
Switch # config
Switch(config)# interface vlan101
Switch(config-if)# ipv6 enable
Switch(config-if)# ipv6 nd ra enable
Switch (config-if)# ipv6 nd ra managed-config-flag
Close the flag bit M Flag
Command: no ipv6 ra managed-config-flag
Mode: Interface VLAN configuration mode
Parameter: none
Description: Close the flag bit M Flag
Example:
Switch (config-if)# no ipv6 nd ra managed-config-flag
Turn on the flag O Flag
Command: ipv6 nd ra other-config-flag
Mode: Interface VLAN configuration mode
Parameter: none
Description: Turn on the flag O Flag
Example:
Switch # config
Switch(config)# interface vlan101
Switch(config-if)# ipv6 enable
Switch(config-if)# ipv6 nd ra enable
Switch(config-if)# ipv6 nd ra other-config-flag
Close the flag O Flag
Command: no ipv6 nd ra other-config-flag
Mode: Interface VLAN configuration mode
Parameter: none
Description: Close the flag O Flag
Example:
Switch(config-if)# no ipv6 nd ra other-config-flag
Default route priority
Command: ipv6 nd ra router-preference { high / low / medium }
Mode: Interface VLAN configuration mode
Parameter:
Parameter | Description |
high / low / medium | Set the default route priority to high/low/medium |
Description: Set default route priority
Example:
Set the default route priority of VLAN 101 to high
Switch # config
Switch(config)# interface vlan101
Switch(config-if)# ipv6 enable
Switch(config-if)# ipv6 nd ra enable
Switch (config-if)# no ipv6 nd ra router-preference high
IPv6 addresses and prefixes
Command: ipv6 nd ra prefix X:X::X:X/<1-127>
Mode: Interface VLAN configuration mode
Parameter:
Parameter | Description |
X:X::X:X/<1-127> | Set IPv6 address/prefix |
Description: Set IPv6 address /prefix
Example:
Switch # config
Switch(config)# interface vlan101
Switch(config-if)# ipv6 enable
Switch(config-if)# ipv6 nd ra enable
Switch(config-if)# ipv6 nd ra prefix 2001::1/64
Survival time
Command: ipv6 nd ra prefix X:X::X:X/<1-127> <0-4294967295> <0-4294967295>
Mode: Interface VLAN configuration mode
Parameter:
Parameter | Description |
X:X::X:X/<1-127> | Set IPv6 address/prefix |
<0-4294967295> | Set the effective survival time and preferred survival time, the value range is an integer from 0 to 4294967295 , the default effective survival time is 2592000 seconds , and the preferred survival time is 604800 seconds |
Description: the effective lifetime and preferred lifetime for IPv6 addresses /prefixes
Example:
Set the effective lifetime and preferred lifetime of the 2001::1/64 address of the VLAN 101 interface to 3000 seconds and 1200 seconds respectively
Switch # config
Switch(config)# interface vlan101
Switch(config-if)# ipv6 enable
Switch(config-if)# ipv6 nd ra enable
Switch(config-if)# ipv6 nd ra prefix 2001::1/64
Switch(config-if)# ipv6 nd ra prefix 2001::1/64 3000 1200
Enable/disable flag A Flag, O Flag, R Flag
Command:
- ipv6 nd ra prefix X:X::X:X/<1-127>
- ipv6 nd ra prefix X:X::X:X/<1-127> router-address
- ipv6 nd ra prefix X:X::X:X/<1-127> no-autoconfig
- ipv6 nd ra prefix X:X::X:X/<1-127> off-link
Mode: Interface VLAN configuration mode
Parameter:
Parameter | Description |
X:X::X:X/<1-127> | Set IPv6 address/prefix |
router-address | Enable A Flag , O Flag and R Flag |
no-autoconfig | Turn off A Flag and R Flag |
off-link | Close O Flag |
Description: Enable/disable flag A Flag, O Flag and R Flag
Example:
Switch # config
Switch(config)# interface vlan101
Switch(config-if)# ipv6 enable
Switch(config-if)# ipv6 nd ra enable
Switch(config-if)# ipv6 nd ra prefix 2001::1/64
Switch(config-if)# ipv6 nd ra prefix 2001::1/64 router-address
Switch(config-if)# ipv6 nd ra prefix 2001::1/64 no-autoconfig
Switch(config-if)# ipv6 nd ra prefix 2001::1/64 off-link
DHCP Server
Enable/disable DHCP Server
Command:
- ip dhcp server
- no ip dhcp server
Mode: global configuration mode
Parameter: none
Description: Enable/ disable DHCP server
Example:
Switch(config)# ip dhcp server
Switch(config)# no ip dhcp server
Add global address pool
Command: ip dhcp server global pool LISTNAME ABCD a .bcd lease <60-2880>
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
ABCD | Subnet IP |
abcd | subnet mask |
<60-2880> | Lease time, in minutes, an integer ranging from 60 to 2880 |
Description: Configure the global address pool
Example:
Switch # config
Switch(config)# ip dhcp server global pool 1 192.168.3.0 255.255.255.0 lease 60
Delete the global address pool
Command: no ip dhcp server global pool LISTNAME
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes, “\?/, characters are not supported. |
Description: Delete the global address pool
Example:
Switch # config
Switch(config)# no ip dhcp server global pool 1
Add interface address pool
Command: ip dhcp server interface pool LISTNAME ABCD a .bcd lease <60-2880>
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
ABCD | start ip |
abcd | end IP |
<60-2880> | Lease time, in minutes, an integer ranging from 60 to 2880 |
Description: Configure an interface address pool
Example:
Switch(config)# ip dhcp server interface pool 1 192.168.4.2 192.168.4.254 lease 90
Delete interface address pool
Command: no ip dhcp server interface pool LISTNAME
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
Description: Delete interface address pool
Example:
Switch(config)# ip dhcp server interface pool 1
Configure address pool lease
Command: ip dhcp server pool LISTNAME lease <60-2880>
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
<60-2880> | Lease time, in minutes, an integer ranging from 60 to 2880 |
Description: Configure address pool lease
Example:
Switch(config)# ip dhcp server pool 1 lease 120
Add/Delete Address Pool DNS
Command: [no] ip dhcp server pool LISTNAME dns A.B.C.D [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D]
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
A.B.C.D | DNS server, configure up to 8 |
Description: Add/Delete Address Pool DNS
Example:
Add DNS server address 8.8.8.8 of address pool 1
Switch(config)# ip dhcp server pool 1 dns 8.8.8.8
Delete the DNS server address 8.8.8.8 of address pool 1
Switch(config)# no ip dhcp server pool 1 dns 8.8.8.8
Add address pool Netbios node type
Command: ip dhcp server pool LISTNAME netbios {b/h/m/p}
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
b/h/m/p | Netbios node type |
Description: Configure Netbios node type
Example:
Switch(config)# ip dhcp server pool 1 netbios b
Delete the address pool Netbios node type
Command: no ip dhcp server pool LISTNAME netbios
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
Description: Delete Netbios node type
Example:
Switch(config)# no ip dhcp server pool 1 netbios
Add DHCP Options
Command: ip dhcp server pool LISTNAME option <2-254> type { ascii /ip/hex} WORD
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
<2-254> | DHCP options , integers ranging from 2 to 254 , excluding 50 to 54 , 56, 58, 59, 61 and 82 |
{ ascii /ip/hex} | DHCP option type, including ASCII, IP and Hex |
WORD | DHCP option content, according to the option type, enter the content that conforms to the format. ASCII : string of 0-255 _ IP : IPv4 address format , up to 8 H ex: 0-256 characters , the number of digits must be even |
Description: Add DHCP Option
Example:
Switch(config)# ip dhcp server pool 1 option 3 type ip 192.168.1.1
Delete DHCP Option
Command: ip dhcp server pool LISTNAME option <2-254>
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
<2-254> | DHCP options , integers ranging from 2 to 254 , excluding 50 to 54 , 56, 58, 59, 61 and 82 |
Description: Delete DHCP Option
Example:
Switch(config)# no ip dhcp server pool 1 option 3
Add/Remove WINS Servers
Command: [no] ip dhcp server pool LISTNAME wins A.B.C.D [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D]
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
A.B.C.D | WINS server, configure up to 8 |
Description: Add/remove WINS server addresses
Example:
Add WINS server 192.168.3.2 of address pool 1
Switch(config)# ip dhcp server pool 1 wins 192.168.3.2
Delete the WINS server 192.168.3.2 of address pool 1
Switch(config)# no ip dhcp server pool 1 wins 192.168.3.2
Delete address pool
Command: no ip dhcp server pool LISTNAME
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
Description: delete address pool
Example:
Switch(config)# no ip dhcp server pool 1
Add static binding table
Command:
- ip dhcp server pool LISTNAME bind A.B.C.D A:B:C:D:E:F (ethnet|ieee802)
- ip dhcp server pool LISTNAME bind A.B.C.D A:B:C:D:E:F (ethnet|ieee802) cName NAME
- ip dhcp server pool LISTNAME bind A.B.C.D A:B:C:D:E:F (ethnet|ieee802) cId Id
- ip dhcp server pool LISTNAME bind A.B.C.D A:B:C:D:E:F (ethnet|ieee802) cName NAME cId Id
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
A.B.C.D | IPv4 address to which the client is bound |
A:B:C:D:E:F | Client MAC address |
ethnet|ieee802 | Client hardware address type |
name | Client name, up to 64 characters, “\?/, characters are not supported. |
ID | Client ID |
Description: Add static binding table
Example:
Switch(config)# ip dhcp server pool 1 bind 192.168.1.2 00:0b:82:90:78:02 ethnet cName 2222 cId 4444
Delete static binding table
Command: no ip dhcp server pool LISTNAME bind ABCD A:B:C:D:E:F
Mode: global configuration mode
Parameter:
Parameter | Description |
LISTNAME | Address pool name, the length is limited to 1-64 bytes |
ABCD | IPv4 address to which the client is bound |
A:B:C:D:E:F | Client MAC address |
Description: delete static binding table
Example:
Switch(config)# no ip dhcp server pool 1 bind 192.168.1.2 00:0b:82:90:78:02
DHCP Relay
Enable/disable DHCP relay
Command: [no] ip dhcp relay enable
Mode: global configuration mode
Parameter: none
Description: Enable/disable DHCP relay
Example:
Switch # config
Switch(config)# ip dhcp relay enable
Switch(config)# no ip dhcp relay enable
Enable/disable DHCP polling
Command: [no] ip dhcp relay loop
Mode: global configuration mode
Parameter: none
Description: Enable/disable DHCP polling
Example:
Switch(config)# ip dhcp relay loop
Switch(config)# no ip dhcp relay loop
Configure TTL
Command: ip dhcp relay ttl <1-16>
Mode: global configuration mode
Parameter:
Parameter | Description |
1-16 | TTL, an integer ranging from 1 to 16 |
Description: Configure TTL
Example:
Switch(config)# ip dhcp relay ttl 6
Add DHCP server
Command: ip dhcp relay nexthop A.B.C.D [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D] [A.B.C.D]
Mode: global configuration mode
Parameter:
Parameter | Description |
ABCD | next hop IP address |
Description: Configure DHCP server
Example:
Switch(config)# ip dhcp relay nexthop 192.168.3.1
Delete DHCP server
Command: no ip dhcp relay nexthop
Mode: Interface VLAN configuration mode
Parameter: none
Description: Delete DHCP server
Example:
Switch(config)# no ip dhcp relay nexthop
ARP
Set the ARP aging time
Command: arp timeout seconds
Mode: global configuration mode
Parameter:
Parameter | Description |
seconds | ARP address aging time, the value range is 30-21600 seconds, the default is 1200 seconds. |
Description: Set the ARP aging time
Example:
Set the ARP aging time to 600 seconds
Switch # configure
Switch(config)# arp timeout 600
Add static ARP address
Command:
- arp ABCD A:B:C:D:E:F
- arp ABCD A:B:C:D:E:F vlan vlan-id
Mode: global configuration mode
Parameter:
Parameter | Description |
ABCD | IP address , the format is ABCD such as 192.168.1.100 |
A:B:C:D:E:F | MAC address, the format is A:B:C:D:E:F, such as 00:00:00:00:00:00 |
vlan-id | VLAN ID, an integer ranging from 1 to 4094 |
Description:
- arp ABCD A:B:C:D:E:F : Add A RP address, no VLAN specified , default added to VLAN 1
- arp ABCD A:B:C:D:E:F vlan vlan-id : add A RP address to the specified VLAN
Example:
Switch # configure
Switch(config)# arp 192.168.60.100 00:00:00:00:00:18
Switch(config)# arp 10.1.1.10 00:00:00:00:00:10 vlan 10
Delete static ARP address
Command:
- no arp A.B.C.D
- no arp A.B.C.D vlan vlan-id
Mode: global configuration mode
Parameter:
Parameter | Description |
ABCD | IP address, the format is A.B.C.D , such as 192.168.1.100 |
vlan-id | VLAN ID, an integer ranging from 1 to 4094 |
Description:
- no arp A.B.C.D : Delete the specified ARP address
- no arp A.B.C.D vlan vlan-id : delete the ARP address of the specified VLAN
Example:
Switch # configure
Switch(config)# no arp 192.168.60.10
Switch(config)# no arp 10.1.1.10 vlan 10
Set the ARP address capacity
Command: arp cache capacity
Mode: global configuration mode
Parameter:
Parameter | Description |
Capacity | ARP table capacity, the value range is 79 -512 Note : Different models have different specifications , for example, the maximum capacity of GWN7801 is 512 |
Description: Specify ARP capacity
Example:
Set the ARP capacity to 79
Switch # configure
Switch(config)# arp cache 79
Unset the ARP address capacity
Command: no arp cache
Mode: global configuration mode
Parameter: none
Description: Unset the ARP address capacity
Example:
Switch # configure
Switch(config)# no arp cache
View ARP entries
Command:
- show arp
- show arp configuration
- show arp ip-address A.B.C.D
- show arp mac-address A:B:C:D:E:F
- show arp vlan vlan-id
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
A.B.C.D | ARP address aging time, the value range is 15-21600 seconds, the default is 1200 seconds |
A:B:C:D:E:F | MAC address |
vlan-id | VLAN ID, an integer ranging from 1 to 4094 |
Description: View ARP entries
Example:
Switch # show arp
Neighbor found
View neighbor table
Command: show ipv6 neighbors
Mode: privileged EXEC mode
Parameter: none
Description: view neighbor table
Example:
Switch # show ipv6 neighbors
VLAN Interface IPv6 address HW address Status Router State Aging time Interface
-------------------------------------------------- ------- ------------------ ---------- ------ --------- - ----------- ----------
VLAN 1 11::3 00:00:00:00:00:25 Static No NULL
VLAN 1 fe80::c274:adff:fe23:adb0 c0:74:ad:23:ad:b0 Static No 1/0/7
VLAN 1 11::5 00:00:00:00:00:09 Static No NULL
Total number of entries: 3
Add a static neighbor entry
Command: ipv6 neighbor ipv6-addr vlan [vlan interface number] [mac address]
Mode: global configuration mode
Parameter:
Parameter | Description |
ipv6-addr | Neighbor IPv6 address |
vlan interface number | VLAN interface ID |
mac address | neighbor MAC address |
Description: Add a static neighbor entry
Example:
Add a neighbor entry with IPv6 address 11::2, VLAN 1 , and MAC address 00 : 00: 00:00:00:02
Switch #config
Switch(config)# ipv6 neighbor 11::2 vlan 1 00:00:00:00:00:02
Delete static neighbor entries
Command: no ipv6 neighbor ipv6-addr vlan [vlan interface number] [mac address]
Mode: global configuration mode
Parameter:
Parameter | Description |
ipv6-addr | Neighbor IPv6 address |
vlan interface number | VLAN interface ID |
mac address | neighbor MAC address |
Description: Delete static neighbor entries
Example:
Delete the neighbor entry with IPv6 address 11::2, VLAN 1 , and MAC address 00 : 00: 00:00:00:02
Switch(config)# no ipv6 neighbor 11::2 vlan 1 00:00:00:00:00:02
DNS
Enable the DNS function
Command: ip domain lookup
Mode: global configuration mode
Parameter: none
Description: Enable the DNS function
Example:
Switch # config
Switch (config)# ip domain lookup
Turn off the DNS function
Command: no ip domain lookup
Mode: global configuration mode
Parameter: none
Description: Turn off the DNS function
Example:
Switch # config
Switch(config)# no ip domain lookup
Add domain extension
Command: ip domain suffix suffix_name
Mode: global configuration mode
Parameter:
Parameter | Description |
suffix_name | Domain name suffix , 1-64 characters , support numbers, letters and special characters._ – |
Description: Add domain extension
Example:
Add the domain name suffix of com
Switch # config
Switch(config)# ip domain suffix com
Delete domain extension
Command: no ip domain suffix suffix_name
Mode: global configuration mode
Parameter:
Parameter | Description |
suffix_name | Domain name suffix , 1-64 characters , support numbers, letters and special characters._ – |
Description: delete domain extension
Example:
Remove com domain name suffix
Switch # config
Switch ( config)# no ip domain suffic com
Add DNS server
Command: ip name-server A.B.C.D/ X:X::X:X
Mode: global configuration mode
Parameter:
Parameter | Description |
A.B.C.D | IPv4 DNS server |
X:X::X:X | IPv6 DNS server |
Description: Add DNS server
Example:
Add DNS server of 114.114.114.114
Switch # config
Switch(confgi)# ip name-server 114.114.114.114
Delete DNS server
Command: no ip name-server A.B.C.D/ X:X::X:X
Mode: global configuration mode
Parameter:
Parameter | Description |
A.B.C.D | IPv4 DNS server |
X:X::X:X | IPv6 DNS server |
Description: delete DNS server
Example:
the DNS server for 114.114.114.114
Switch # config
Switch(config)# no ip name-server 114.114.114.114
Add a static domain name
Command: ip host HOSTNAME A.B.C.D/X:X::X:X
Mode: global configuration mode
Parameter:
Parameter | Description |
HOSTNAME | Host name , 1-191 characters , support numbers, letters and special characters._ – |
ABCD | IPv4 address |
X:X::X:X | IPv6 address |
Description: Add a static domain name
Example:
Add a static domain name with host name www.test.com and IP address 192.168.1.1
Switch # config
Switch (config)# ip host www.test.com 192.168.1.1
Delete static domain name
Command: no ip host HOSTNAM
Mode: global configuration mode
Parameter:
Parameter | Description |
HOSTNAME | Host name , 1-191 characters , support numbers, letters and special characters._ – |
Description: delete static domain name
Example:
Delete the static domain name with hostname www.test.com
Switch # config
Switch(config)# no ip host www.test.com
View DNS configuration
Command: show hosts
Mode: privileged EXEC mode
Parameter: none
Description: View DNS configuration
Example:
Switch# show host
View static domain name mapping table
Command: show dns static-map
Mode: privileged EXEC mode
Parameter: none
Description: View static domain name mapping table
Example:
Switch# show dns static-map
View dynamic domain name mapping table
Command: show dns dynamic-map
Mode: privileged EXEC mode
Parameter: none
Description: View dynamic domain name mapping table
Example:
Switch# show dns dynamic-map
MULTICAST
IGMP Snooping
IGMP Snooping global configuration
- Enable/disable IGMP Snooping
Command:
- ip igmp snooping
- no ip igmp snooping
Mode: global configuration mode
Parameter: none
Description: Enable/disable the global IGMP Snooping function
Example:
Switch(config)# ip igmp snooping
- Multicast Forwarding Mode
Command: ip igmp snooping forward-method ( dip|mac )
Mode: global configuration mode
Parameter:
Parameter | Description |
dip | IP -based multicast forwarding mode |
mac | based multicast forwarding mode |
Description: Set the multicast forwarding mode, the default is based on MAC
Example:
Switch(config)# ip igmp snooping forward-method mac
- Enable/disable packet suppression
Command:
- ip igmp snooping report-suppression
- no ip igmp snooping report-suppression
Mode: global configuration mode
Parameter: none
Description: Enable/disable message suppression function
Example:
Switch(config)# ip igmp snooping report-suppression
- IGMP version
Command: ip igmp snooping version (2|3)
Mode: global configuration mode
Parameter:
Parameter | Description |
version (2|3) | Global IGMP running version, including IGMPv2 and IGMPv3 |
Description: running version of IGMP
Example:
Switch(config)# ip igmp snooping version 2
- Unknown multicast packet
Command: ip igmp snooping unknown-multicast action (drop|flood|router-port)
Mode: global configuration mode
Parameter:
Parameter | Description |
(drop|flood|router-port) | method of unknown multicast packets |
Description: Set the processing method for unknown multicast packets
Example:
Switch(config)# ip igmp snooping unknown-multicast action drop
- View IGMP Snooping
Command: show ip igmp snooping
Mode: privileged EXEC mode
Parameter: none
Description: View Global IGMP Snooping Settings
Example:
Switch# show ip igmp snooping
Configure IGMP Snooping in a specified VLAN
- VLAN selection
Command:
- ip igmp snooping vlan <VLAN-LIST>
- no ip igmp snooping vlan VLAN-LIST
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
Description: Select VLAN to enable IGMP Snooping function
Example:
Switch(config)# ip igmp snooping vlan 1
- Port fast leave
Command:
- ip igmp snooping vlan VLAN-LIST immediate-leave
- no ip igmp snooping vlan VLAN-LIST immediate-leave
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
Description: Set the port fast leave function in the specified VLAN
Example:
Switch(config)# ip igmp snooping vlan 1 immediate-leave
- Last Member Query Counter
Command: ip igmp snooping vlan VLAN-LIST last-member-query-count count
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
count | number of last member queries , an integer ranging from 1 to 7 , the default is 2 |
Description: Set the last member query count
Example:
Switch(config)# ip igmp snooping vlan 1 last-member-query-count 3
- Last member query interval
Command: ip igmp snooping vlan VLAN-LIST last-member-query-interval interval
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
interval | The last member query interval, an integer ranging from 1 to 25 , the default is 1 |
Description: Set the last member query interval
Example:
Switch(config)# ip igmp snooping vlan 1 last-member-query-interval 20
- Query interval
Command: ip igmp snooping vlan VLAN-LIST query-interval interval
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
interval | Query interval , an integer ranging from 30 to 18000 , the default is 125 |
Description: Set query interval
Example:
Switch(config)# ip igmp snooping vlan 1 query-interval 111
- Query maximum response time
Command: ip igmp snooping vlan VLAN-LIST response-time time
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
time | Query the maximum response time, an integer ranging from 5 to 20 , the default is 10 |
Description: Set query maximum response time
Example:
Switch(config)# ip igmp snooping vlan 1 response-time 15
- Query Robustness
Command: ip igmp snooping vlan VLAN-LIST robustness-variable robustness
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
robustness | Query robustness , an integer ranging from 1 to 7 , default 2 |
Description: Set query robustness
Example:
Switch(config)# ip igmp snooping vlan 1 robustness-variable 5
- Routing port automatic learning
Command:
- ip igmp snooping vlan VLAN-LIST router learnpim-dvmrp
- no ip igmp snooping vlan VLAN-LIST router learnpim-dvmrp
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
Description: Enable/disable the automatic learning function of the routing port on the specified VLAN
Example:
Switch(config)# ip igmp snooping vlan 1 router learn pim-dvmrp
- View VLAN IGMP Snooping configuration
Command: show ip igmp snooping vlan VLAN-LIST
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
Description:
View the IGMP Snooping configuration information of a specified VLAN. If not specified , the IGMP Snooping configuration information of all VLANs will be viewed by default.
Example:
Switch(config)# do show ip igmp snooping vlan 1
- View IGMP Snooping querier information
Command: show ip igmp snooping querier
Mode: privileged EXEC mode
Parameter: none
Description: Display IGMP Snooping querier information for all VLANs
Example:
Switch# show ip igmp snooping querier
VID | State | Status | Version | Querier IP
------+----------+------------+---------+--------- ---
1 | Disabled | Non-Querier | No | -----------
Total Entry 1
IGMP Snooping querier related configuration
- IGMP Snooping querier running version
Command:
- ip igmp snooping vlan VLAN-LIST query version (2|3)
- no ip igmp snooping vlan VLAN-LIST queryer
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | range is 1-4094 , it can be a single VLAN or multiple VLANs |
version (2|3) | of the IGMP Snooping querier, including IGMPv2 and IGMPv3 |
Description: Set the IGMP Snooping querier switch and running version of the specified VLAN
Example:
Switch(config)# ip igmp snooping vlan 1 querier version 2
- IGMP Snooping querier IP address
Command: ip igmp snooping vlan VLAN-LIST query version (2|3) ip ip-addr
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | range is 1-4094 , it can be a single VLAN or multiple VLANs |
version (2|3) | of the IGMP Snooping querier, including IGMPv2 and IGMPv3 |
ip-addr | Querier IP address , if not set, the VLAN interface IPv4 address will be used |
Description: Set the IGMP Snooping querier switch , running version , and IP address of the specified VLAN
Example:
Switch(config)# ip igmp snooping vlan 1 querier version 2 ip 192.168.0.254
- View IGMP Snooping querier information
Command: show ip igmp snooping querier
Mode: privileged EXEC mode
Parameter: none
Description: Display IGMP Snooping querier information for all VLANs
Example:
Switch# show ip igmp snooping querier
VID | State | Status | Version | Querier IP
------+----------+------------+---------+--------- ---
1 | Disabled | Non-Querier | No | -----------
Total Entry 1
IGMP Routing port configuration
- Disable routed ports
Command: ip igmp snooping vlan VLAN-LIST forbidden-router-port (Ethernet|LAG) <1-10>
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
(Ethernet|LAG) <1-10> | Switch ports, including Ethernet ports , optical ports, and aggregation ports |
Description: Set the disabled routing port on the specified VLAN, which will not forward the received query message.
Example:
Switch(config)# ip igmp snooping vlan 1 forbidden-router-port Ethernet 1/0/3-1/0/4
- Static route port
Command: ip igmp snooping vlan VLAN-LIST static-router-port (Ethernet|LAG) <1-10>
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
(Ethernet|LAG) <1-10> | Switch ports, including Ethernet ports , optical ports, and aggregation ports |
Description: Set the static routing port on the specified VLAN , and all query packets will be forwarded to this port
Example:
Switch(config)# ip igmp snooping vlan 1 static-router-port Ethernet 1/0/5-1/0/6
- Show routing port
Command: do show ip igmp snooping router [(dynamic | forbidden |static)]
Mode: global configuration mode
Parameter:
Parameter | Description |
(dynamic | forbidden |static) | Routing port type, including dynamic routing port, disabled routing port and static routing port |
Description: View routing ports, you can specify to view dynamic, disabled or static. If not specified , all types of routing ports will be viewed by default
Example:
Switch(config)# do show ip igmp snooping router
Multicast group address configuration
- Static multicast address
Command:
- ip igmp snooping vlan VLAN-LIST static-group [<ip-add>] interfaces (Ethernet|LAG) <1-10>
- no ip igmp snooping vlan VLAN-LIST static-group [<ip-add>] interfaces (Ethernet|LAG) <1-10>
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
ip-add | IPv4 multicast address , expressed in dotted decimal notation |
(Ethernet|LAG) <1-10> | Switch ports, including Ethernet ports , optical ports, and aggregation ports |
Description: /delete static multicast group address on specified VLAN
Example:
Switch(config)# ip igmp snooping vlan 1 static-group 224.1.1.1 interfaces Ethernet 1/0/3
- Set the multicast entry of the specified multicast source address
Command: ip igmp snooping group [multicast ipv4-address] filter [ipv4-address]
Mode: global configuration mode
Parameter:
Parameter | Description |
multicast ipv4-address | Multicast IPv4 address |
ipv4-address | Specifies the IPv4 address of the multicast source |
Description:
Set the multicast entry of the specified multicast source address
Prerequisite : The global IGMP version must be enabled as IGMPv3
Example:
Switch(config)# ip igmp snooping group 225.1.1.2 filter 192.168.70.1
- Show multicast group address
Command: show ip igmp snooping groups [(dynamic |static)]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
(dynamic | static) | Multicast group address type, including dynamic multicast group address and static multicast group address |
Description: View multicast group address, you can specify to view dynamic or static multicast group address. If not specified , all types of multicast group addresses will be viewed by default
Example:
Switch(config)# show ip igmp snooping groups
- Show multicast forwarding information
Command: show ip igmp snooping forward-all [vlan VLAN-LIST]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
Description: View the multicast forwarding information of the specified VLAN . If not specified , the multicast forwarding information of all VLANs will be displayed by default
Example:
Switch# show ip igmp snooping forward-all
IGMP Snooping VLAN : 1
IGMP Snooping static port : None
IGMP Snooping forbidden port : None
Multicast policy configuration
- Add/Remove Multicast Policy
Command:
- ip igmp profile <1-128>
- no ip igmp profile <1-128>
Mode: global configuration mode
Parameter:
Parameter | Description |
<1-128> | Multicast Policy ID |
Description: Add/Remove Multicast Policy
Example:
Switch(config)# ip igmp profile 1
- Edit Multicast Policy
Command: profile range ip <ip-addr> [ip-addr] action (permit|deny)
Mode: IGMP policy configuration mode
Parameter:
Parameter | Description |
<ip-addr> | IP v4 multicast start address |
[ip-addr] | IPv4 multicast end address |
(permit|deny) | multicast policy on the specified packet includes allow and deny |
Description: Configure Multicast Policy
Example:
Switch(config-igmp-profile)# profile range ip 224.1.1.1 224.1.1.8 action permit
- Show multicast policy
Command: show ip igmp profile
Mode: IGMP policy configuration mode
Parameter: none
Description: View multicast policy
Example:
Switch(config-igmp-profile)# show ip igmp profile
- Bind/unbind multicast policy
Command:
- ip igmp filter <1-128>
- no ip igmp filter
Mode: interface configuration mode
Parameter:
Parameter | Description |
<1-128> | Multicast Policy ID |
Description: Interface binding/unbinding multicast policy
Example:
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# ip igmp filter 1
- Show the existing port multicast policy configuration
Command: do show ip igmp filter [interfaces IF_PORTS]
Mode: interface configuration mode
Parameter:
Parameter | Description |
interfaces IF_PORTS | Designated interfaces , including Ethernet interfaces, optical interfaces, and aggregation interfaces |
Description: Check the existing port multicast policy configuration . If no port is specified , the multicast policy configuration of all ports will be displayed by default
Example:
Switch(config-if)# do show ip igmp filter
Switch(config-if)# do show ip igmp filter interfaces Ethernet 1/0/1
Maximum Multicast Group Configuration
- Maximum number of multicast groups
Command: ip igmp max-groups <0-256>
Mode: interface configuration mode
Parameter:
Parameter | Description |
<0-256> | maximum number of multicast groups , the value range is an integer from 0 to 256 , and the default is 256 Set to 0, which means no limit |
Description: Set the maximum number of multicast groups on the port
Example:
Switch(config-if)# ip igmp max-groups 10
- Operation exceeded
Command: ip igmp max-groups action (deny|replace)
Mode: interface configuration mode
Parameter:
Parameter | Description |
(deny|replace) | The operation after the maximum number of multicast groups is exceeded , supports rejection and replacement |
Description: Set the operation after the maximum number of multicast groups is exceeded, which is rejected by default
Example:
Switch(config-if)# ip igmp max-groups action replace
- Show the maximum number of multicast groups
Command: do show ip igmp max-group [interfaces IF_PORTS]
Mode: interface configuration mode
Parameter:
Parameter | Description |
interfaces IF_PORTS | Designated interfaces , including Ethernet interfaces, optical interfaces, and aggregation interfaces |
Description: Check the maximum number of multicast groups on the specified interface. If not specified , the maximum number of multicast groups of all interfaces will be displayed by default
Example:
Switch(config-if)# do show ip igmp max-group
Switch(config-if)# do show ip igmp max-group interfaces Ethernet 1/0/1
- View Exceeded Maximum Group Operations
Command: do show ip igmp max-group action [interfaces IF_PORTS]
Mode: interface configuration mode
Parameter:
Parameter | Description |
interfaces IF_PORTS | Designated interfaces , including Ethernet interfaces, optical interfaces, and aggregation interfaces |
Description: Check the operation of the specified interface exceeding the maximum multicast number . If not specified , the operation of all interfaces exceeding the maximum multicast number will be displayed by default
Example:
Switch(config-if)# do show ip igmp max-group action
Switch(config-if)# do show ip igmp max-group action interfaces Ethernet 1/0/1
Clear operation
- Clear multicast group address
Command: clear ip igmp snooping groups [(dynamic |static)]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
(dynamic|static) | Multicast group address type, including dynamic multicast address and static multicast address |
Description: Specify the type of multicast group address to be cleared, including dynamic multicast address and static multicast address. If not specified , all multicast group addresses will be cleared by default
Example:
Switch# clear ip igmp snooping groups
Switch# show ip igmp snooping groups
VLAN | Group IP Address | Type | Life(Sec) |
-----+------------------+------+-----------+-----
Total Number of Entry = 0
- Clear all statistics
Command: clear ip igmp snooping statistics
Mode: privileged EXEC mode
Parameter: none
Description: Clear IGMP statistics information
Example:
Switch# clear ip igmp snooping statistics
Switch# show ip igmp snooping
IGMP Snooping Status
--------------------
Snooping : Enabled
Report Suppression : Disabled
Operation Version: v2
Forward Method : mac
Unknown IP Multicast Action : Flood
Packet Statistics
Total RX : 0
Valid RX : 0
Invalid RX : 0
Other RX : 0
Leave RX : 0
Report RX : 0
General Query RX : 0
Specail Group Query RX : 0
Specail Group & Source Query RX : 0
Leave TX : 0
Report TX : 0
General Query TX : 0
Specail Group Query TX : 0
Specail Group & Source Query TX : 0
MLD Snooping
MLD snooping global configuration
- Enable/disable MLD Snooping
Command:
- ipv6 mld snooping
- no ipv6 mld snooping
Mode: global configuration mode
Parameter: none
Description: Enable/disable the global MLD snooping function
Example:
Switch(config)# ipv6 mld snooping
- Multicast forwarding mode
Command: Ipv6 mld snooping forward-method ( dip|mac )
Mode: global configuration mode
Parameter:
Parameter | Description |
dip | IP -based multicast forwarding mode |
mac | based multicast forwarding mode |
Description: Set the multicast forwarding mode, the default is based on MAC
Example:
Switch(config)# ipv6 mld snooping forward-method mac
- Enable/disable packet suppression
Command:
- ipv6 mld snooping report-suppression
- no ipv6 mld snooping report-suppression
Mode: global configuration mode
Parameter: none
Description: Enable/disable message suppression function
Example:
Switch(config)# ipv6 mld snooping report-suppression
- MLD version
Command: Ipv6 mld snooping version (1|2)
Mode: global configuration mode
Parameter:
Parameter | Description |
version (1|2) | Global MLD running version, including MLDv1 and MLD v2 |
Description: Set the MLD running version
Example:
Switch(config)# ipv6 mld snooping version 2
- Unknown multicast packet
Command: Ipv6 mld snooping unknown-multicast action (drop|flood|router-port)
Mode: global configuration mode
Parameter:
Parameter | Description |
(drop|flood|router-port) | method of unknown multicast packets |
Description: Set the processing method for unknown multicast packets
Example:
Switch(config)# ipv6 mld snooping unknown-multicast action drop
- View MLD Snooping
Command: show ipv6 mld snooping
Mode: privileged EXEC mode
Parameter: none
Description: View global MLD snooping settings
Example:
Switch(config)# show ip v6 mld snooping
Configure MLD snooping in a specified VLAN
- VLAN selection
Command:
- ipv6 mld snooping vlan VLAN-LIST
- no ipv6 mld snooping vlan VLAN-LIST
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
Description: Select VLAN to enable MLD Snooping function
Example:
Switch(config)# ipv6 mld snooping vlan 1
- Port fast leave
Command:
- ipv6 mld snooping vlan VLAN-LIST immediate-leave
- no ipv6 mld snooping vlan VLAN-LIST immediate-leave
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
Description: Set the port fast leave function in the specified VLAN
Example:
Switch(config)# ipv6 mld snooping vlan 1 immediate-leave
- Last Member Query Counter
Command: Ipv6 mld snooping vlan VLAN-LIST last-member-query-count count
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
count | number of last member queries , an integer ranging from 1 to 7 , the default is 2 |
Description: Set the last member query count
Example:
Switch(config)# ipv6 mld snooping vlan 1 last-member-query-count 3
- Last Member query interval
Command: Ipv6 mld snooping vlan VLAN-LIST last-member-query-interval interval
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
interval | The last member query interval, an integer ranging from 1 to 25 , the default is 1 |
Description: Set the last member query interval
Example:
Switch(config)# ipv6 mld snooping vlan 1 last-member-query-interval 20
- Query interval
Command: Ipv6 mld snooping vlan VLAN-LIST query-interval interval
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
interval | Query interval , an integer ranging from 30 to 18000 , the default is 125 |
Description: Set query interval
Example:
Switch(config)# ipv6 mld snooping vlan 1 query-interval 111
- Query maximum response time
Command: Ipv6 mld snooping vlan VLAN-LIST response-time time
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
time | Query the maximum response time, an integer ranging from 5 to 20 , the default is 10 |
Description: Set query maximum response time
Example:
Switch(config)# ipv6 mld snooping vlan 1 response-time 15
- Query Robustness
Command: Ipv6 mld snooping vlan VLAN-LIST robustness-variable robustness
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
robustness | Query robustness , an integer ranging from 1 to 7 , default 2 |
Description: Set query robustness
Example:
Switch(config)# ipv6 mld snooping vlan 1 robustness-variable 5
- Routing port automatic learning
Command:
- ipv6 mld snooping vlan VLAN-LIST router learnpim-dvmrp
- no ipv6 mld snooping vlan VLAN-LIST router learnpim-dvmrp
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
Description: Enable/disable the automatic learning function of the routing port on the specified VLAN
Example:
Switch(config)# ipv6 mld snooping vlan 1 router learn pim-dvmrp
- Show the MLD Snooping configuration of a VLAN
Command: show ipv6 mld snooping vlan VLAN-LIST
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
Description: View the MLD snooping configuration information of a specified VLAN. If not specified , the MLD Snooping configuration information of all VLANs will be viewed by default.
Example:
Switch(config)# do show ipv6 mld snooping vlan 1
MLD Snooping querier related configuration
- MLD Snooping querier running version
Command:
- ipv6 mld snooping vlan VLAN-LIST querier version (1|2)
- no ipv6 mld snooping vlan VLAN-LIST querier
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | range is 1-4094 , it can be a single VLAN or multiple VLANs |
version (1|2) | MLD Snooping querier running version, including MLD v 1 and MLDv2 |
Description: Set the MLD Snooping querier switch and running version of the specified VLAN
Example:
Switch(config)# ipv6 mld snooping vlan 1 querier version 1
- MLD Snooping querier IP address
Command: ipv6 mld snooping vlan VLAN-LIST query version (1|2) ip ipv6-addr
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | range is 1-4094 , it can be a single VLAN or multiple VLANs |
version (1|2) | MLD Snooping querier running version, including MLDv 1 and MLDv2 |
Ipv6-addr | Querier IPv6 address , if not set, the VLAN interface IPv6 address will be used |
Description: Set the MLD Snooping querier switch , running version , and IPv6 address of the specified VLAN
Example:
Switch(config)# ipv6 mld snooping vlan 1 querier version 2 ipv6 c0a8:fe:0:18::
- View MLD Snooping Querier Information
Command: show ipv6 mld snooping querier
Mode: privileged EXEC mode
Parameter: none
Description: Display MLD snooping querier information for all VLANs
Example:
Switch# show ipv6 mld snooping querier
VID | State | Status | Version | Querier IP
------+----------+------------+---------+--------- ---
1 | Disabled | Non-Querier | No | -----------
Total Entry 1
MLD Routing port configuration
- Disable routed ports
Command: ipv6 mld snooping vlan VLAN-LIST forbidden-router-port (Ethernet|LAG) <1-10>
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
(Ethernet|LAG) <1-10> | Switch ports, including Ethernet ports , optical ports, and aggregation ports |
Description: Set the disabled routing port on the specified VLAN , which will not forward the received query message
Example:
Switch(config)# ipv6 mld snooping vlan 1 forbidden-router-port Ethernet 1/0/3-1/0/4
- Static router port
Command: Ipv6 mld snooping vlan VLAN-LIST static-router-port (Ethernet|LAG) <1-10>
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
(Ethernet|LAG) <1-10> | Switch ports, including Ethernet ports , optical ports, and aggregation ports |
Description: Set the static routing port on the specified VLAN , and all query packets will be forwarded to this port
Example:
Switch(config)# ipv6 mld snooping vlan 1 static-router-port Ethernet 1/0/5-1/0/6
- Show routing port
Command: do show ipv6 mld snooping router [(dynamic | forbidden |static)]
Mode: global configuration mode
Parameter:
Parameter | Description |
(dynamic | forbidden |static) | Routing port type, including dynamic routing port, disabled routing port and static routing port |
Description: View routing ports, you can specify to view dynamic, disabled or static. If not specified , all types of routing ports will be viewed by default.
Example:
Switch(config)# do show ipv6 mld snooping router
MLD Multicast group address
- Static multicast address
Command:
- ipv6 mld snooping vlan VLAN-LIST static-group [<ipv6-add>] interfaces (Ethernet|LAG) <1-10>
- no ipv6 mld snooping vlan VLAN-LIST static-group [<ipv6-add>] interfaces (Ethernet|LAG) <1-10>
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
ipv6-add | IPv6 multicast address _ |
(Ethernet|LAG) <1-10> | Switch ports, including Ethernet ports , optical ports, and aggregation ports |
Description: /delete static multicast group address on specified VLAN
Example:
Switch(config)# ipv6 mld snooping vlan 1 static-group ff13::1 interfaces Ethernet 1/0/3
- Show multicast group address
Command: do show ipv6 mld snooping groups [(dynamic |static)]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
(dynamic | static) | Multicast group address type, including dynamic multicast group address and static multicast group address |
Description: View multicast group address, you can specify to view dynamic or static multicast group address. If not specified , all types of multicast group addresses will be viewed by default
Example:
Switch(config)# do show ipv6 mld snooping groups
- Show multicast forwarding information
Command: show ipv6 mld snooping forward-all [vlan VLAN-LIST]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
Description: View the multicast forwarding information of the specified VLAN . If not specified , the multicast forwarding information of all VLANs will be displayed by default
Example:
Switch# show ipv6 mld snooping forward-all
MLD Snooping VLAN : 1
MLD Snooping static port : None
MLD Snooping forbidden port : None
MLD Multicast policy configuration
- Add/Remove multicast policy
Command:
- ipv6 mld profile <1-128>
- no ipv6 mld profile <1-128>
Mode: global configuration mode
Parameter:
Parameter | Description |
<1-128> | Multicast Policy ID |
Description: Add/Remove Multicast Policy
Example:
Switch(config)# ipv6 mld profile 1
- Edit Multicast policy
Command: profile range ipv6 [ipv6-addr] action (permit|deny)
Mode: MLD policy configuration mode
Parameter:
Parameter | Description |
<ipv6-addr> | IP v6 multicast start address |
[ip v6-addr] | IPv6 multicast end address |
(permit|deny) | multicast policy on the specified packet includes allow and deny |
Description: Configure Multicast Policy
Example:
Switch(config-igmp-profile)# profile range ipv6 ff13::1 ff13::10 action permit
- Show multicast policy
Command: show ipv6 mld profile
Mode: MLD policy configuration mode
Parameter: none
Description: View multicast policy
Example:
Switch(config-igmp-profile)# show ip igmp profile
- Bind/unbind multicast policies
Command:
- ip igmp filter <1-128>
- no ip igmp filter
Mode: interface configuration mode
Parameter:
Parameter | Description |
<1-128> | Multicast Policy ID |
Description: Interface binding/unbinding multicast policy
Example:
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# ipv6 mld filter 1
- View the existing port multicast policy configuration
Command: do show ipv6 mld filter [interfaces IF_PORTS]
Mode: interface configuration mode
Parameter:
Parameter | Description |
interfaces IF_PORTS | Designated interfaces , including Ethernet interfaces, optical interfaces, and aggregation interfaces |
Description: Check the existing port multicast policy configuration . If no port is specified , the multicast policy configuration of all ports will be displayed by default
Example:
Switch(config-if)# do show ipv6 mld filter
Switch(config-if)# do show ipv6 mld filter interfaces Ethernet 1/0/1
MLD Maximum multicast group configuration
- Maximum number of multicast groups
Command: ipv6 mld max-groups <0-256>
Mode: interface configuration mode
Parameter:
Parameter | Description |
<0-256> | maximum number of multicast groups , the value range is an integer from 0 to 256 , and the default is 256 Set to 0, which means no limit |
Description: Set the maximum number of multicast groups on the port
Example:
Switch(config-if)# ipv6 mld max-groups 10
- Operation exceeded
Command: ipv6 mld max-groups action (deny|replace)
Mode: interface configuration mode
Parameter:
Parameter | Description |
(deny|replace) | The operation after the maximum number of multicast groups is exceeded , supports rejection and replacement |
Description: Set the operation after the maximum number of multicast groups is exceeded, which is rejected by default
Example:
Switch(config-if)# ipv6 mld max-groups action replace
- Show the maximum number of multicast groups
Command: do show ipv6 mld max-group [interfaces IF_PORTS]
Mode: interface configuration mode
Parameter:
Parameter | Description |
interfaces IF_PORTS | Designated interfaces , including Ethernet interfaces, optical interfaces, and aggregation interfaces |
Description: Check the maximum number of multicast groups on the specified interface. If not specified , the maximum number of multicast groups of all interfaces will be displayed by default
Example:
Switch(config-if)# do show ipv6 mld max-group
Switch(config-if)# do show ipv6 mld max-group interfaces Ethernet 1/0/1
- Show Exceeding maximum group operations
Command: do show ipv6 mld max-group action [interfaces IF_PORTS]
Mode: interface configuration mode
Parameter:
Parameter | Description |
interfaces IF_PORTS | Designated interfaces , including Ethernet interfaces, optical interfaces, and aggregation interfaces |
Description: Check the operation of the specified interface exceeding the maximum multicast number . If not specified , the operation of all interfaces exceeding the maximum multicast number will be displayed by default
Example:
Switch(config-if)# do show ipv6 mld max-group action
Switch(config-if)# do show ipv6 mld max-group action interfaces Ethernet 1/0/1
MLD Clear operation
- Clear multicast group address
Command: clear ipv6 mld snooping groups [(dynamic |static)]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
(dynamic|static) | Multicast group address type, including dynamic multicast address and static multicast address |
Description: Specify the type of multicast group address to be cleared, including dynamic multicast address and static multicast address. If not specified , all multicast group addresses will be cleared by default
Example:
Switch# clear ipv6 mld snooping groups
Switch# show ip v6 mld snooping groups
VLAN | Group IP Address | Type | Life(Sec) |
-----+------------------+------+-----------+-----
Total Number of Entry = 0
- Clear all statistics
Command: clear ipv6 mld snooping statistics
Mode: privileged EXEC mode
Parameter: none
Description: Clear MLD statistics information
Example:
Switch# clear ipv6 mld snooping statistics
Switch# show ipv6 mld snooping
MLD Snooping Status
--------------------
Snooping : Disabled
Report Suppression : Disabled
Operation Version: v1
Forward Method : mac
Unknown IPv6 Multicast Action : Flood
Packet Statistics
Total RX : 0
Valid RX : 0
Invalid RX : 0
Other RX : 0
Leave RX : 0
Report RX : 0
General Query RX : 0
Specail Group Query RX : 0
Specail Group & Source Query RX : 0
Leave TX : 0
Report TX : 0
General Query TX : 0
Specail Group Query TX : 0
Specail Group & Source Query TX : 0
ROUTING
Routing table
Check the IPv4 routing table
Command:
- show ip route
- show ip route { connected/detail/static}
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
{ connected/detail/ static } | Select the route type to view, including direct route, route and static route |
Description: View IPv4 routing table
Example:
Switch # show ip route
Check the IPv6 routing table
Command:
- show ipv6 route
- show ipv6 route { connected/detail/static}
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
{ connected/detail/ static } | Select the route type to view, including direct route, route and static route |
Description: View IPv6 routing table
Example:
Switch# show ipv6 route
Static route
IPv4 static routing
- Add IPv4 static route
Command: ip route { Destination prefix [Destination prefix mask]/ Destination prefix and length} { Forwarding router’s address/ interface [vlan <1-4094>] / loopback [<1-1>] / null0 } { preference/ description}
Mode: global configuration mode
Parameter:
Parameter | Description |
Destination prefix | Specify the destination address in dotted decimal format |
Destination prefix mask | Specify the mask of the destination address, in dotted decimal format |
Destination prefix and length | Specify the destination address + mask, the destination address uses dotted decimal format, and the mask length is an integer ranging from 0 to 32 |
Forwarding router’s address | Specify the next hop address in dotted decimal format |
interface [vlan <1-4094>] | Specifies that the outbound interface of the router forwarding packets is a VLAN interface |
loopback [<1-1>] | Specify the outbound interface of the router to forward packets as loopback |
null0 | the specified route forwarding packets is null0 |
preference | Specify the priority of the route, the value range is an integer from 1 to 255 , the default is 1 |
description | Used to describe the route, the length ranges from 0 to 31 characters |
Description: Add IPv4 static route
Example:
IPv4 static route with destination address 192.168.30.0, mask 24 bits, next hop 192.168.20.1 priority 60
Switch(config)# ip route 192.168.30.0/24 192.168.20.1 preference 60
- Delete IP v4 static route
Command: no ip route { Destination prefix [ Destination prefix mask ]/ Destination prefix and length } { Forwarding router’s address / interface [vlan <1-4094>] / loopback [<1-1>] / null0 }
Mode: global configuration mode
Parameter:
Parameter | Description |
Destination prefix | Specify the destination address in dotted decimal format |
Destination prefix mask | Specify the mask of the destination address, in dotted decimal format |
Destination prefix and length | Specify the destination address + mask, the destination address uses dotted decimal format, and the mask length is an integer ranging from 0 to 32 |
Forwarding router’s address | Specify the next hop address in dotted decimal format |
interface [vlan <1-4094>] | Specifies that the outbound interface of the router forwarding packets is a VLAN interface |
loopback [<1-1>] | Specify the outbound interface of the router to forward packets as loopback |
null0 | the specified route forwarding packets is null0 |
Description: Delete IPv4 static route
Example:
teIPv4 static route with a destination address of 192.168.30.0, a mask of 24 bits, and a next hop of 192.168.20.1
Switch(config)# no ip route 192.168.30.0/24 192.168.20.1
IPv6 static routing
- Add IPv6 static route
Command: ipv6 route { Destination prefix and length}{ Forwarding router’s address/ interface [vlan <1-4094>] / loopback [<1-1>] / null0 } { preference/ description}
Mode: global configuration mode
Parameter:
Parameter | Description |
Destination prefix and length | Specify the destination IPv6 address + mask, the destination address uses hexadecimal format, the mask length is an integer ranging from 1-128 |
Forwarding router’s address | Specifies the next hop address, in hexadecimal format |
interface [vlan <1-4094>] | Specifies that the outbound interface of the router forwarding packets is a VLAN interface |
loopback [<1-1>] | Specify the outbound interface of the router to forward packets as loopback |
null0 | the specified route forwarding packets is null0 |
preference | Specify the priority of the route, the value range is an integer from 1 to 255 , the default is 1 |
description | Used to describe the route, the length ranges from 0 to 31 characters |
Description: Add IPv6 static route
Example:
IPv6 static route with an destination address of 2023::, a prefix of 64 bits, a next hop of 2001::1, and a priority of 60.
Switch(config)# ipv6 route 2023::/64 2001::1 preference 60
- Delete IP v6 static route
Command: no ip v6 route { Destination prefix and length} { Forwarding router’s address / interface [vlan <1-4094>] / loopback [<1-1>] / null0 }
Mode: global configuration mode
Parameter:
Parameter | Description |
Destination prefix and length | Specify the destination IPv6 address + mask, the destination address uses hexadecimal format, and the mask length is an integer ranging from 0 to 32 |
Forwarding router’s address | Specifies the next hop address, in hexadecimal format |
interface [vlan <1-4094>] | Specifies that the outbound interface of the router forwarding packets is a VLAN interface |
loopback [<1-1>] | Specify the outbound interface of the router to forward packets as loopback |
null0 | the specified route forwarding packets is null0 |
Description: Delete IPv6 static route
Example:
Delete the IPv6 static route whose destination address is 2023::, prefix 64 bits, next hop 2001::1
Switch(config)# no ipv6 route 2023::/64 2001::1
RIP
Global RIP configuration
- Enable/disable global RIP
Command:
- router rip
- no router rip
Mode: global configuration mode
Parameter: none
Description: Enable/disable global RIP function
Example:
Enable global RIP function
Switch(config)# router rip
- Configure the RIP version
Command:
- version (1|2)
- no version (1|2)
Mode: Global RIP configuration mode
Parameter:
Parameter | Description |
1 | RIP version 1 |
2 | RIP version 2 |
Description: Configure the RIP version
Example:
Configure RIP version 2
Switch(config-rip-router)# version 2
- Configure the RIP administrative distance
Command:
- distance [<1-255>]
- no distance [<1-255>]
Mode: Global RIP configuration mode
Parameter:
Parameter | Description |
<1-255> | Specify the RIP management distance, the default is 120 |
Description: Configure the RIP administrative distance
Example:
Configure the RIP management distance to 100
Switch(config-rip-router)# distance 100
- Import external routes
Command:
- import-route (connected|static|ospf) [metric <0-16>]
- no import-route (connected|static|ospf) [metric <0-16>]
Mode: Global RIP configuration mode
Parameter:
Parameter | Description |
connected | Import direct route |
ospf | Import OSPF routes |
static | import static route |
<0-16> | Metrics of imported routes |
Description: Import external routes
Example:
Import direct routes with a metric of 10
Switch(config-rip-router)# import-route connected metric 10
- Configure/Cancel Timer
Command:
- timers <5-2147483647> <5-2147483647> <5-2147483647>
- no timers <5-2147483647> <5-2147483647> <5-2147483647>
- no timers
Mode: Global RIP configuration mode
Parameter:
Parameter | Description |
<5-2147483647> | Routing table update time ( in seconds) , default 30 seconds |
<5-2147483647> | Routing timeout ( in seconds) , default 180 seconds |
<5-2147483647> | Garbage route collection time ( in seconds ) , default 120 seconds |
Description: Configure/Cancel Timer
Example:
The configuration update time is 30 seconds , the timeout time is 180 seconds , and the garbage route collection time is 120 seconds
Switch(config-rip-router)# no timers 30 180 120
- View RIP global information
Command: show ip rip [status]
Mode: privileged EXEC mode
Parameter: none
Description: View RIP global information
Example:
View global RIP information
Switch # show ip rip status
- View RIP Neighbor Information
Command: show ip rip neighbor
Mode: privileged EXEC mode
Parameter: none
Description: View RIP Neighbor Information
Example:
Switch # show ip rip neighbor
Interface RIP configuration
- Enable/disable VLAN interface RIP
Command:
- ip rip enable
- no ip rip enable
Mode: VLAN interface configuration mode
Parameter: none
Description: Enabling /disabling the RIP function of the VLAN interface
Example:
Enable the RIP function of VLAN 1 interface
Switch(config)# interface vlan 1
Switch(config-if)# ip rip enable
- Configure RIP send/receive version
Command:
- ip rip (send|receive) version (1 | 2 | 1 2)
- no ip rip (send|receive) version (1 | 2 | 1 2)
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
send | Specifies to configure the RIP sending version |
receive | Specifies to configure the RIP receiving version |
1 | 2 | 1 2 | Specifies the sending /receiving version number of RIP |
Description: Configure RIP send /receive version
Example:
the RIP sending version of VLAN 1 interface as 2
Switch(config-if)# ip rip send version 2
- Enable/disable RIPv2 broadcast
Command:
- ip rip v2-broadcast
- no ip rip v2-broadcast
Mode: VLAN interface configuration mode
Parameter: none
Description: Enable/disable the broadcast function of RIPv2
Example:
Enable the RIPv2 broadcast function on the VLAN 1 interface
Switch(config-if)# ip rip v2-broadcast
- Enable/disable interface suppression
Command:
- ip rip suppress
- no ip rip suppress
Mode: VLAN interface configuration mode
Parameter: none
Description: Enable/disable interface suppression function
Example:
Enable the suppression function of VLAN 1 interface
Switch(config-if)# ip rip suppress
- Configuring split horizon and poison reverse
Command:
- ip rip split-horizon [poisoned-reverse]
- no ip rip split-horizon [poisoned-reverse]
Mode: VLAN interface configuration mode
Parameter: none
Description: Configuring split horizon and poison reverse
Example:
Enable split horizon
Switch(config-if)# ip rip split-horizon
- Configure authentication and keys
Command:
- ip rip authentication mode (simple|md5)
- no ip rip authentication mode (simple|md5)
- ip rip authentication string [AUTH_KEY]
- no ip rip authentication string [AUTH_KEY]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
Simple | Specify the authentication mode as simple authentication |
md5 | Specify the authentication mode as MD5 authentication |
AUTH_KEY | Specify the authentication key , limited to 1-16 characters |
Description: Configure authentication and keys
Example:
Set simple authentication for VLAN 1 interface with key 123456
Switch(config-if)# ip rip authentication simple
Switch(config-if)# ip rip authentication string 123456
RIPng
Global RIPng configuration
- Enable/disable global RIPng
Command:
- router ripng
- no router ripng
Mode: global configuration mode
Parameter: none
Description: Enable/disable global RIPng function
Example:
Enable global RIPng function
Switch(config)# router ripng
- Configure/Cancel Timer
Command:
- timers <0-65535> <0-65535> <0-65535>
- no timers <0-65535> <0-65535> <0-65535>
Mode: Global RIPng configuration mode
Parameter:
Parameter | Description |
<0-65535> | Routing table update time (in seconds ), the value range is an integer from 0 to 65535 , and the default is 30 seconds. |
<0-65535> | Routing timeout (in seconds ), the value range is an integer from 0 to 65535 , and the default is 180 seconds. |
<0-65535> | Garbage route collection time (in seconds ), the value range is an integer from 0 to 65535 , and the default is 120 seconds. |
Description: Configure/Unconfigure Timers
Example:
Set the timer , the routing table update time is 300 seconds , the routing timeout time is 1800 seconds, and the garbage routing collection time is 1200 seconds
Switch(config-ripng-router)# timers 300 1800 1200
- Import route
Command:
- import-route connected (connected|static|ospfv3) [metric <0-16>]
- no import-route connected (connected|static|ospfv3)[metric <0-16>]
Mode: Global RIPng configuration mode
Parameter:
Parameter | Description |
connected|static|ospfv3 | Import direct route /static route/OSPFv3 |
metric <0-16> | The metric value of the imported route, the value range is an integer from 0 to 16 |
Description: Configure the imported route and set the metric value of the imported route
cancel imported route
Example:
Import the direct route and set the metric value to 3
Switch (config-ripng-router)# import-route connected metric 3
Import OSPFv3 routes and set the metric to 5
Switch(config-ripng-router)# import-route ospfv3 metric 5
Import static routes and set the metric to 6
Switch(config-ripng-router)# import-route static metric 6
- Announce route
Command:
- router X:X::X:X/<1-128>
- no router X:X::X:X/<1-128>
Mode: Global RIPng configuration mode
Parameter:
Parameter | Description |
X:X::X:X/<1-128> | IPv6 address and prefix length |
Description: Declare/delete routes
Example:
advertise route 2001:1011::3126:2003/64
Switch(config-ripng-router)# route 2001:1011::3126:2003/64
- View RIPng Global Information
Command: show ipv6 ripng [status]
Mode: privileged EXEC mode
Parameter: none
Description: View RIPng Global Information
Example:
Switch# show ipv6 ripng status
- Viewing RIPng Neighbor Information
Command: show ipv6 ripng neighbor
Mode: privileged EXEC mode
Parameter: none
Description: Viewing RIPng Neighbor Information
Example:
Switch# show ipv6 ripng neighbor
Interface RIPng Neighbor Information
- Enable/disable VLAN interface RIPng
Command:
- ipv6 ripng enable
- no ipv6 ripng enable
Mode: VLAN interface configuration mode
Parameter: none
Description: Enable/disable the RIPng function of the VLAN interface
Example:
Enable the RIPng function on the VLAN 1 interface (prerequisite : first enable the interface IPv6 function and configure an IPv6 global unicast address )
Switch#config
Switch(config)#interface vlan 101
Switch(config-if)#ipv6 enable
Switch(config-if)#ipv6 address 2002::1111/64
Switch(config-if)# ipv6 ripng enable
- Configuring split horizon and poison reverse
Command:
- ipv6 ripng split-horizon [poisoned-reverse]
- no ipv6 ripng split-horizon [poisoned-reverse]
Mode: VLAN interface configuration mode
Parameter: none
Description: Configuring split horizon and poison reverse
Example:
Enable split horizon
Switch(config-if)# ipv6 ripng split-horizon
- Enable/disable route suppression
Command:
- ipv6 ripng suppress
- no ipv6 ripng suppress
Mode: VLAN interface configuration mode
Parameter: none
Description: Enable/disable route suppression
Example:
Enable route suppression
Switch(config-if)# ipv6 ripng suppress
OSPF
Global OSPF configuration
- Enable/disable global OSPF
Command:
- router ospf
- no router ospf
Mode: global configuration mode
Parameter: none
Description: Enabling/disabling the global OSPF function
Example:
Enable the global OSPF function
Switch(config)# router ospf
- Restart the OSPF process
Command: restart router ospf
Mode: global configuration mode
Parameter: none
Description: Restart the OSPF process
Example:
Switch(config)# restart router ospf
- Configure Router ID
Command:
- router-id ABCD
- no router-id ABCD
- no router-id
Mode: Global OSPF configuration mode
Parameter:
Parameter | Description |
ABCD | Set the Router ID of the switch, configured in IPv4 address format |
Description: Configure Router ID
Example:
Set Router ID to 1.1.1.1
Switch(config)# router ospf
Switch(config-ospf-router)# router-id 1.1.1.1
- Compatible with RFC1583
Command:
- ospf rfc1583 compatibility
- no ospf rfc1583 compatibility
Mode: Global OSPF configuration mode
Parameter: none
Description: Compatible with RFC1583
Example:
Switch(config-ospf-router)# ospf rfc1583compatibility
- Opaque LSA
Command:
- ospf capability opaque
- no ospf capability opaque
Mode: Global OSPF configuration mode
Parameter: none
Description: Enable the Opaque LSA function
Example:
Switch(config-ospf-router)# ospf capability opaque
- Configuring SPF timers
Command:
- spf-schedule-interval [<0-600000> <0-600000> <0-600000>]
- no spf-schedule-interval [<0-600000> <0-600000> <0-600000>]
Mode: Global OSPF configuration mode
Parameter:
Parameter | Description |
<0-600000> | Set the waiting time of the SPF timer (in milliseconds ) , the value range is an integer from 0 to 600000 , and the default is 0 |
<0-600000> | Set the minimum time interval between two S PF timers (in milliseconds ) , the value range is an integer from 0 to 600000 , and the default is 5 0 |
<0-600000> | Set the maximum time interval between two S PF timers (in milliseconds ) , the value range is an integer from 0 to 600000, and the default is 5 000 |
Description: Configuring SPF timers
Example:
Set the SPF timer , the waiting time is 50 milliseconds , the minimum time interval is 500 milliseconds , and the maximum time interval is 5000 milliseconds
Switch(config-ospf-router)# spf-schedule-interval 50 500 5000
- Configure LSA transmission delay
Command:
- timers lsa all [<0-5000>]
- no timers lsa all [<0-5000>]
Mode: Global OSPF configuration mode
Parameter:
Parameter | Description |
<0-5000> | Set the minimum delay time for receiving a new LSA (in milliseconds ) , the value range is an integer from 0 to 5000 , and the default is 5 000 |
Description: Configure LSA transmission delay time
Example:
Configure the LSA transmission delay time to 50 milliseconds
Switch(config-ospf-router)# timers lsa all 50
- Configure LSA arrival time
Command:
- timers lsa arrival [<0-600000>]
- no timers lsa arrival [<0-600000>]
Mode: Global OSPF configuration mode
Parameter:
Parameter | Description |
<0-600000> | Set the minimum receiving interval of LSA (in milliseconds ) , the value range is an integer from 0 to 600000 , and the default is 1 000 |
Description: Configure LSA arrival time
Example:
Set the LSA arrival interval to 2000 milliseconds
Switch(config-ospf-router)# timers lsa arrival 2000
- Turn on/off advertise max metric
Command:
- max-metric router-lsa administrative
- no max-metric router-lsa administrative
Mode: Global OSPF configuration mode
Parameter: none
Description: Turn on/off advertise max metric
Example:
Enable Advertise Max Metrics
Switch(config-ospf-router)# max-metric router-lsa administrative
- configure/unset route metric
Command:
- distance ospf intra-area <1-255> inter-area <1-255> external <1-255>
- no distance ospf
Mode: Global OSPF configuration mode
Parameter:
Parameter | Description |
intra-area <1-255> | Set the route metric value in the area, the default is 110 |
inter-area <1-255> | Set the routing metric between areas, the default is 110 |
external <1-255> | Set external routing metric, default 110 |
Description: configure/unset route metric
Example:
Configure the route metric value. The intra-area route metric value is 10, the inter-area route metric value is 20, and the external route metric value is 30.
Switch(config -ospf-router)# distance ospf intra-area 10 inter-area 20 external 30
- Configure/un-always advertise the default route
Command:
- default-route-advertise always metric <0-16777214> metric-type (1|2)
- no default-route-advertise
Mode: Global OSPF configuration mode
Parameter:
Parameter | Description |
metric <0-16777214> | Specify the default route metric, default 1 |
metric-type (1|2) | Specifies the default routing metric type, default type 2 |
Description: Configure/un -always advertise the default route
Example:
Enable always advertise default route, metric value 10, metric type 1
Switch(config-ospf-router)# default-route-advertise always metric 10 metric-type 1
- Import external routes
Command:
- import-route (connected|static|rip) [metric <0-16777214> metric-type (1|2)]
- no import-route (connected|static|rip)
Mode: Global OSPF configuration mode
Parameter:
Parameter | Description |
connected|static|rip | Set the imported external route type |
metric <0-16777214> | Set the redistributed metric value when importing external routes , default 1 |
metric-type (1|2) | Set the imported external route metric type, the default type is 2 |
Description: Import external routes
Example:
Import direct route, metric value 10, metric type 1
Switch(config-ospf-router)# import-route connected metric 10 metric-type 1
Regional settings
- Stub area
Command:
- area {<0-4292967295>/ABCD} stub [no-summary]
- no area {<0-4292967295>/ABCD} stub [no-summary]
Mode: global configuration mode
Parameter:
Parameter | Description |
{<0-4294967295> / ABCD} | Zone ID, integer from 0-4294967295 or IPv4 address format |
no-summary | Set whether to prohibit the ABR from sending LSA type 3 to the Stub area, that is, configure the area as a Totally Stub area |
Description: set/unset locale as stub/totally stub
Example:
Set area 1 as stub area
Switch(config)# area 1 stub
- NSSA area
Command:
- area {<0-4294967295> / ABCD} nssa [(translate-candidate|translate-never|translate-always)] [no-summary]
- no area {<0-4294967295> / ABCD} nssa [(translate-candidate|translate-never|translate-always)] [no-summary]
Mode: global configuration mode
Parameter:
Parameter | Description |
{<0-4294967295> / ABCD} | Zone ID, integer from 0-4294967295 or IPv4 address format |
{translate-always / translate-never} | Set NSSA conversion type, the default is Never |
no-summary | Set whether to prohibit the ABR from sending LSA type 3 to the area, that is, configure the area as a Totally NSSA area |
Description: configure/unset zone to nssa/totally nssa
Example:
Set area 1 to nssa area
Switch(config)# area 1 nssa translate-always
Interface OSPF configuration
- Configure area ID
Command:
- ip ospf area { <0-4294967295> /[ABCD]}
- no ip ospf area { <0-4294967295> /[ABCD]}
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
<0-4294967295> /[ABCD] | Zone ID, integer from 0-4294967295 or IPv4 address format, default is 0.0.0.0 |
Description: Configure/Cancel Zone ID
Example:
Configure the area of the VLAN 10 interface as 1
Switch(config)# int vlan 10
Switch(config-if)# ip ospf area 1
- Configure network type
Command:
- ip ospf network [(broadcast|non-broadcast|point-to-multipoint|point-to-point)]
- no ip ospf network [(broadcast|non-broadcast|point-to-multipoint|point-to-point)]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
{ broadcast / non-broadcast/ point-to-multipoint/ point-to-point} | Set the network type of the interface , the default is broadcast |
Description: Configure/Cancel Network Type. If it is set to NBMA type, additional NBMA neighbors need to be set.
Example:
Enable the network type of VLAN 10 interface as P2P
Switch(config-if)# ip ospf network point-to-point
- Enable/disable interface suppression
Command:
- ip ospf suppress
- no ip ospf suppress
Mode: VLAN interface configuration mode
Parameter: none
Description: Enable/disable interface suppression function
Example:
Enable VLAN 10 interface suppression function
Switch(config-if)# ip ospf suppress
- Ignore MTU checksum
Command:
- ip ospf mtu-ignore
- no ip ospf mtu-ignore
Mode: VLAN interface configuration mode
Parameter: none
Description: Enable/disable ignore MTU check
Example:
Enable Ignore MTU check on VLAN 10 interface
Switch(config-if)# ip ospf mtu-ignore
- Configure/Cancel LSA Retransmission Interval
Command:
- ip ospf retransmit-interval [<3-65535>]
- no ip ospf retransmit-interval [<3-65535>]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
<3-65535> | Set the LSA retransmission interval (in seconds ) , default 5 |
Description: Configure/Cancel LSA Retransmission Interval
Example:
Set the LSA retransmission interval of VLAN 10 interface to 10 seconds
Switch(config-if)# ip ospf retransmit-interval 10
- Configure/Cancel LSA Transmission Delay Time
Command:
- ip ospf transmit-delay [<1-500>]
- no ip ospf transmit-delay [<1-500>]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
<1-500> | Set LSA transmission delay time (in seconds ) , default 1 |
Description: Configure/Cancel LSA Transmission Delay Time
Example:
LSA transmission delay time of VLAN 10 interface to 10 seconds
Switch(config-if)# ip ospf transmit-delay 10
- Configure/Cancel Hello Interval
Command:
- ip ospf hello-interval [<1-65535>]
- no ip ospf hello-interval [<1-65535>]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
<1-65535> | Set the time interval for the interface to send Hello packets (in seconds ) , the default is 10. |
Description: Configure/Cancel Hello Interval
Example:
Set the Hello interval of the VLAN10 interface to 10 seconds
Switch(config-if)# ip ospf hello-interval 10
- Configure/Cancel Fast Hello
Command:
- ip ospf dead-interval minimal hello-multiplier [<1-10>]
- no ip ospf dead-interval minimal hello-multiplier [<1-10>]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
<1-10> _ | Enable Fast Hello, and set the number of Hello packets sent by the interface per second , the default is 1 |
Description: Configure/Cancel Fast Hello
Example:
Enable the Fast Hello function of the VLAN 10 interface , and set the interface to send 10 Hello packets per second
Switch(config-if)# ip ospf dead-interval minimal hello-multiplier 10
- Configure /Cancel Neighbor Dead Time
Command:
- ip ospf dead-interval [<1-65535>]
- no ip ospf dead-interval [<1-65535>]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
<1-65535> _ | Set the failure time of adjacent neighbors (in seconds ) , default 40 |
Description: Configure/Cancel Neighbor Dead Time
Example:
Set the neighbor failure time of VLAN 10 interface to 10 seconds
Switch(config-if)# ip ospf dead-interval 10
- Configure/unset overhead value
Command:
- ip ospf cost [<1-65535>]
- no ip ospf cost [<1-65535>]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
<1-65535> _ | Set the cost value of the interface, the default is 10 |
Description: Configure/deactivate the cost value of an interface
Example:
Set the cost value of the VLAN 10 interface to 100
Switch(config-if)# ip ospf cost 100
- Configure/de-prioritize
Command:
- ip ospf priority [<0-255>]
- no ip ospf priority [<0-255>]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
<0-255> _ | Set the priority when the interface selects DR, the default is 1 |
Description: Configure/Cancel Interface Priority
Example:
Set priority 0 for VLAN 10 interface
Switch(config-if)# ip ospf priority 0
- Turn on/off authentication
Command:
- ip ospf authentication
- no ip ospf authentication
Mode: VLAN interface configuration mode
Parameter: none
Description: Enable/disable interface authentication
Example:
Enable authentication on the VLAN10 interface
Switch(config-if)# ip ospf authentication
- Configure Simple Authentication
Command:
- ip ospf authentication-key [AUTH_KEY]
- no ip ospf authentication-key [AUTH_KEY]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
AUTH_KEY | Set the key used in simple authentication, the input limit is 1-8 characters |
Description: Configure Simple Authentication
Example:
Set simple authentication key 123456 for VLAN10 interface
Switch(config-if)# ip ospf authentication
Switch(config-if)# ip ospf authentication-key 123456
- Configure MD5 authentication
Command:
- ip ospf authentication message-digest
- no ip ospf authentication message-digest
- ip ospf message-digest-key <1-255> [md5 KEY]
- no ip ospf message-digest-key <1-255> [md5 KEY]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
<1-255> | Set the key ID used for interface MD5 authentication |
md5 KEY | Set the key used for interface MD5 authentication, the input limit is 1-16 characters |
Description: Configure MD5 authentication
Example:
Set MD5 authentication for VLAN10 interface , key ID 1 , key 12345678
Switch(config-if)# ip ospf authentication message-digest
Switch(config-if)# ip ospf message-digest-key 1 md5 12345678
NBMA neighbor configuration
- Configuring NBMA neighbors
Command:
- neighbor ABCD [hello-interval <1-65535> priority <0-255>]
- no neighbor ABCD [hello-interval <1-65535> priority <0-255>]
Mode: VLAN interface configuration mode
Parameter:
Parameter | Description |
ABCD | specify neighbor interface address |
<1-65535> | (in seconds ) for sending polling Hello packets on the NBMA network , the default is 6 0 |
<0-255> | Set the priority when participating in the DR election , the default is 0 |
Description: Configure/Cancel NBMA Neighborhood
Example:
Set the neighbor, the interface address is 192.168.10.2, the Hello interval is 20 seconds , and the priority is 1
Switch(config-ospf-router)# neighbor 192.168.10.2 hello-interval 20 priority 1
View OSPF related information
- Check the OSPF routing table
Command: show ip ospf route
Mode: privileged EXEC mode
Parameter: none
Description: Check the OSPF routing table
Example:
Switch# show ip ospf route
- View OSPF neighbor information
Command: show ip ospf neighbor {A.B.C.D/detail}
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
ABCD | View the details of a specified neighbor by selecting the neighbor ID |
detail | View all neighbor details |
Description: View OSPF neighbor information
Example:
Check neighbor 2.2.2.2 information
Switch# show ip ospf neighbor 2.2.2.2
- View OSPF interface information
Command: show ip ospf interface {vlan <1-4094>}
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
vlan <1-4094> | Select to view the corresponding VLAN interface information |
Description: View OSPF interface information
Example:
View OSPF information on VLAN 10 interfaces of the device
Switch# show ip ospf interface vlan 10
- View OSPF database
Command: show ip ospf database { asbr-summary / external/ max-age/ network/ nssa-external/ opaque-area/ opaque-as/ opaque-link/ router/ self-originate/ summary} { self-originate}
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
{ asbr-summary / external/ max-age/ network/ nssa-external/ opaque-area/ opaque-as/ opaque-link/ router/ self-originate/ summary} | View the corresponding database information by selecting the corresponding Type LSA |
{self-originate} | Select to view the data information generated by the switch itself |
Description: View OSPF database
Example:
View OSPF link state database
Switch# show ip ospf database
View link state information of Type 3 LSAs
Switch# show ip ospf database summary
the Type 1 LSA generated by the device itself
Switch# show ip ospf database router self-originate
- View OSPF statistics
Command: show ip ospf statistic interface {all/vlan <1-4094>}
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
vlan <1-4094> | Choose whether to view the corresponding vlan data statistics |
Description: View OSPF statistics
Example:
View statistics on all OSPF interfaces on the device
Switch# show ip ospf statistic interface all
View the data statistics of the VLAN 10 interface of the device
Switch# show ip ospf statistic interface vlan 10
POE
Configure PoE global attributes
Configure PoE reserved power
Command:
- poe reserved_power (0-119)
- do show poe
Mode: global configuration mode
Parameter:
Parameter | Description |
(0-119) | Value range of reserved power |
Description:
- poe reserved_power (0-119) : configure PoE reserved power
- do show poe : View PoE information
Example:
Switch> enable
Switch # configure
Switch(config)#poe reserved_power 100
Switch(config)# do show poe
Configure PoE restart
Command:
- poe sofe_reboot
- do show poe
Mode: global configuration mode
Parameter: none
Description:
- poe sofe_reboot : Reboot all PoE interfaces
- do show poe : View PoE information
Example:
Switch> enable
Switch # configure
Switch(config)#poe sofe_reboot
Switch(config)# do show poe
Enable/disable port protection
Command:
- poe port_protect
- no poe port_protect
Mode: global configuration mode
Parameter: none
Description: occurs three times in a minute , the port will be disabled immediately to protect the port.
Example:
Switch> enable
Switch#configure
Switch(config)# poe port_protect
Configure PoE interface properties
Configure the power supply mode of an interface
Command:
- poe mode {enable | forcepower | disable }
- do show poe port ethernet interface-id
Mode: interface configuration mode
Parameter:
Parameter | Description |
enable | Auto Power Mode |
forcepower | forced power mode |
disable | power off mode |
Ethernet interface-id | Switch Ethernet port |
Description:
- poe mode (enable | forcepower) : This command is used to enable PoE on the interface.
- poe mode disable : This command is used to disable PoE on the interface.
- do show poe port Ethernet interface-id : View POE interface information
By default, the PoE function of an interface is enabled , and it is in automatic power supply mode.
Example:
Switch> enable
Switch # configure
Switch(config)#interface Ethernet 1/0/1
Switch(config-if)#poe mode enable
Switch(config-if)#poe mode disable
Switch(config)#do show poe port Ethernet 1/0/1-1/0/8
Configure the PoE interface priority
Command:
- poe priority (critical|high|low)
- do show poe port Ethernet interface-id
Mode: interface configuration mode
Parameter:
Parameter | Description |
critical | highest priority |
high _ | second highest priority |
low | lowest priority |
Ethernet interface-id | Switch Ethernet port |
Description:
- poe priority (critical |high| low) : configure the PoE interface priority
- do show poe port Ethernet interface-id : View PoE interface information
Example:
Switch > enable
Switch # configure
Switch(config)#interface Ethernet 1/0/1
Switch(config-if)#poe priority critical
Switch(config)#do show poe port Ethernet 1 /0/1 - 1/0/8
Configure the PoE interface power supply standard
Command:
- poe af_at (af | at)
- poe standard (af | at | bt)
- do show poe port Ethernet interface-id
Mode: interface configuration mode
Parameter:
Parameter | Description |
af | The power supply standard is PoE |
at | The power supply standard is PoE+ |
bt | The power supply standard is PoE++ (Type 3 ) |
Ethernet interface-id | Switch Ethernet port |
Description:
- poe af_at (af | at): Configure PoE interface priority (Supported only on GWN78xx(P) switches with PoE/PoE+ support).
- poe standard (af|at|bt) : configure PoE interface priority (Supported only on GWN78xx(P) switches with PoE++ support).
- do show poe port Ethernet interface-id : View PoE interface information.
Example:
Switch > enable
Switch # configure
Switch(config)#interface Ethernet 1/0/1
Switch(config-if)#poe af_at af
Switch(config)#do show poe port Ethernet 1/0/1 - 1/0/8
Configure the maximum power supply power of the PoE interface
Command:
- poe limit (1-30)
- poe limit_bt (1-60)
- do show poe port Ethernet interface-id
Mode: interface configuration mode
Parameter:
Parameter | Description |
(1-30) | Range of maximum power supply power of PoE interface |
Ethernet interface-id | ethernet port |
Description:
- poe limit (1-30) : Configure the maximum power supply power of the PoE interface
- poe limit_bt (1-60) : configure the maximum power of PoE interface 802.3bt power supply
- do show poe port Ethernet interface-id : View PoE interface information
Example:
Switch > enable
Switch # configure
Switch(config)#interface Ethernet 1/0/1
Switch(config-if)#poe limitmode user
Switch(config-if)#poe limit 20
Switch(config)#do show poe port Ethernet 1/0/1 - 1/0/8
Configure the PoE interface limit mode
Command:
- poe limitmode (class | user)
- do show poe port Ethernet interface-id
Mode: interface configuration mode
Parameter:
Parameter | Description |
class | Automatic configuration of power limits |
user | Custom Power Limits |
Ethernet interface-id | ethernet port |
Description:
- poe limitmode (class | user): configure the Poe interface limit mode
- do show poe port Ethernet interface-id : View PoE interface information
Example:
Switch > enable
Switch # configure
Switch(config)#interface Ethernet 1/0/1
Switch(config-if)#poe limitmode user
Switch(config-if)#poe limit 20
Switch(config)#do show poe port Ethernet 1/0/1 - 1/0/8
PoE power supply disconnection time policy
Command:
- poe schedule id {id} mode class
- poe schedule no
Mode: interface configuration mode
Parameter:
Parameter | Description |
{id} | Time policy ID, an integer ranging from 1 to 32 |
Description:
- poe schedule id {id} mode class : set the power-off time on the port
- poe schedule no : turn off the power off function on the port
Example:
Port 1 uses time policy 1
Switch # config
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# poe schedule id 1 mode class
Port 1 does not use time policy
Switch(config-if)# poe schedule no
View PoE related information
Command:
- show poe
- show poe chip chip-id
- show poe port Ethernet interface-id
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
chip-id | Chip ID |
Ethernet interface-id | ethernet port |
Description:
- Show poe: View POE global information
- show poe chip chip-id : View POE chip information, GWN7801P has 1 chip, GWN7802P has 1 chip, GWN 7803P has 3 chips
- show poe port Ethernet interface-id : View POE interface information
Example:
Switch> enable
Switch # Show poe
Switch # show poe chip 1
Switch# show poe port Ethernet 1/0/1 - 1/0/8
QOS
Configure port QoS trust mode
Command:
- qos trust (802.1p| 802.1p-dscp| dscp| ip-precedence | none )
Mode: interface configuration mode
Parameter:
Parameter | Description |
802.1p | Trust 802.1p Priority |
802.1p – dscp | Support 802.1p and DSCP priority at the same time, and trust DSCP priority first |
dscp | trust DSCP priority |
ip- precedence | Trust IP Priority |
none | no trust mode |
Description:
- qos trust: This command is used to configure the QoS trust mode of a certain port.
- By default, the global trust mode is CoS priority.
Example:
Switch > enable
Switch# configure
Switch(config)# interface Ethernet 1/0/1
Switch (config-if) # qos trust dscp
Switch(config-if)# do show qos interface Ethernet 1/0/1
Configure port priority
Command: qos cos <0-7>
Mode: interface configuration mode
Parameter:
Parameter | Description |
<0-7> | The allowed CoS value range is 0-7 |
Description:
- qos cos : Used to configure the default priority of the port.
- By default, the port priority is 0.
Example:
Switch > enable
Switch# configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# qos cos 3
Switch(config-if)# do show qos interface Ethernet 1/0/1
Configure port remarking
Command:
- qos remark (cos| dscp| precedence)
- no qos remark (cos| dscp| precedence)
Mode: interface configuration mode
Parameter:
Parameter | Description |
cos | Re-mark CoS priority |
dscp | Remark DSCP Priority |
precedence | Remark IP priority |
Description:
- qos remark (cos| dscp| precedence): This command is used to configure the remark priority of the port.
- no qos remark (cos| dscp| precedence): This command is used to delete the port remark configuration.
By default, the remark function is disabled for all ports.
After remarking is enabled, the corresponding remarking mapping table needs to be configured synchronously.
Note: dscp and IP priority re-marking functions cannot be enabled at the same time.
Example:
Switch > enable
Switch# configure
Switch(config)# interface Ethernet 1/0/1
Switch (config-if) # qos trust dscp
Switch(config-if)# do show qos interface Ethernet 1/0/1
Configure CoS – Queue Mapping Table
Command:
- qos map cos-queue <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> to <0-7>
- show qos map cos-queue
Mode: global configuration mode
Parameter:
Parameter | Description |
[<0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7>] | Select one or more CoS values |
<0-7> | Select a queue for the target CoS value, the queue index is 0~7 |
Description:
- qos map cos-queue <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> to <0-7> : Configure queue values for each CoS value
- show qos map cos-queue : View configuration
Example:
Switch > enable
Switch# configure
Switch (config) # qos map cos-queue 0 to 1
Switch (config) # qos map cos-queue 2 3 4 to 7
Switch (config) # do show qos map cos-queue
Configure DSCP – Queue Mapping Table
Command:
- qos map dscp-queue <0-63> <0-63> <0-63> <0-63> <0-63> <0-63> <0-63> <0-63> to <0-7>
- show qos map dscp-queue
Mode: global configuration mode
Parameter:
Parameter | Description |
[<0-63> <0-63> …<0-63>] | Select one or more dscp values, it is recommended to select up to 8 dscp values at the same time |
<0-7> | Select a queue for the target dscp value, the queue index is 0~7 |
Description:
- qos map dscp-queue <0-63> <0-63> <0-63> <0-63> <0-63> <0-63> <0-63> <0-63> to <0-7>: configure each Queue value for DSCP value
- show qos map dscp-queue: View configuration
Example:
Switch > enable
Switch# configure
Switch (config) # qos map dscp -queue 50 to 7
Switch (config) # qos map dscp-queue 0 1 2 3 4 5 6 7 to 2
Switch (config) # do show qos map dscp-queue
Configuration IP Priority – Queue Mapping Table
Command:
- qos map precedence-queue <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> to <0-7>
- show qos map precedence-queue
Mode: global configuration mode
Parameter:
Parameter | Description |
[<0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7>] | Select one or more ip precedence values |
<0-7> | Select a queue for the target ip precedence value, the queue index is 0~7 |
Description:
- qos map precedence-queue <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> to <0-7>: Configure the queue value for each ip precedence value
- show qos map precedence-queue: View configuration
Example:
Switch > enable
Switch# configure
Switch (config) # qos
Switch (config) # qos map precedence-queue 5 to 7
Switch (config) # qos map precedence-queue 0 1 2 3 4 5 6 7 to 2
Switch# show qos map precedence-queue
Configure Queue – CoS remark mapping table
Command:
- qos map queue-cos <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> < 0-7> to <0-7>
- show qos map queue-cos
Mode: global configuration mode
Parameter:
Parameter | Description |
[<0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7>] | Select one or more queue values, the queue index is 0~7 |
<0-7> | Choose a cos value for the target queue value |
Description:
- qos map queue-cos <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7>to<0-7> : Configure the remark cos value for each queue
- show qos map queue-cos: view the configuration
Example:
Switch > enable
Switch# configure
Switch (config) # qos map queue-cos 1 to 4
Switch (config) # qos map queue-cos 2 3 4 5 6 7 to 5
Switch (config) # do show qos map queue-cos
Configure queue – DSCP remark mapping table
Command:
- qos map queue-dscp <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> to <0-63>
- show qos map queue-dscp
Mode: global configuration mode
Parameter:
Parameter | Description |
[<0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7>] | Select one or more queue values, the queue index is 0~7 |
<0-63> | Select a dscp value for the target queue value |
Description:
- qos map queue-dscp <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> < 0-7> to <0-63> :Configure the remark dscp value for each queue
- show qos map queue-dscp: view the configuration
Example:
Switch > enable
Switch# configure
Switch (config) # qos map queue-dscp 1 to 40
Switch (config) # qos map queue-dscp 2 3 4 5 6 7 to 55
Switch (config) # do show qos map queue-dscp
Configure Queue – IP priority remark mapping table
Command:
- qos map queue-precedence <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> to <0-7>
- show qos map queue-precedence
Mode: global configuration mode
Parameter:
Parameter | Description |
[<0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7>] | Select one or more queue values, the queue index is 0 ~ 7 |
<0-7> | Choose an ip precedence value for the target queue value |
Description:
- qos map queue-precedence <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> <0-7> < 0-7 > to <0-7> : configure the remark ip precedence value for each queue
- show qos map queue-precedence: View configuration
Example:
Switch > enable
Switch# configure
Switch (config) # qos map queue-precedence 1 to 4
Switch (config) # qos map queue-precedence 2 3 4 5 6 7 to 5
Switch (config) # do show qos map queue-precedence
Configure Scheduling Algorithm
Command:
- qos queue type sp
- qos queue type (wfq |wrr) weight <1-1 27> <1-1 27> <1-1 27> <1-1 27> <1-1 27> <1-1 27> <1-1 27> <1-1 27>
- qos queue type (sp-wfq |sp-wrr) weight <0-127> <0-127> <0-127> <0-127> <0-127> <0-127> <0-127> <0 -127>
Mode: interface configuration mode
Parameter:
Parameter | Description |
sp | Configure the queue to which the SP scheduling algorithm is applied, but the weight cannot be set |
weight [weight1 ~ weight8] | Configure the weight of each queue; weight is an octet data, namely {weight1 ~ weight8}, where the value of a single queue weightN of wfq/wrr scheduling algorithm is an integer between 1-127, sp-wfq/sp- The weightN of a single queue in the wrr scheduling algorithm is an integer ranging from 0 to 127 . Enter the ratio of how often the scheduler forwards packets in each queue. Separate each value with a space. The ratio of queue number N is weightN / SumOf{ weight1 — weight8} |
Description:
- SP: Strict Priority (strict priority), scheduling is strictly in accordance with the priority of the queue, and the weight cannot be set.
- WRR: weighted round robin, queues are scheduled according to weighted round robin, and the weight of each queue is set by package.
- WFQ : weighted fair queue, scheduled according to weighted fair queue, and the weight of each queue is set in bytes.
- SP-WRR: Join the SP group first, schedule according to strict priority, and then schedule according to the weight of weighted round robin.
- SP-WFQ: Join the SP group first, schedule according to the strict priority, and then schedule according to the weight of the weighted fair queue. By default, the scheduling algorithm applied to all queues is SP.
Example:
Switch > enable
Switch# configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# qos queue type sp-wfq weight 0 1 2 3 4 5 6 7
Switch(config-if)# do show qos queuing
Configure queue shaping (egress queue rate limit CIR)
Command:
- rate-limit egress queue < 0-7> <16-1000000>
- no rate-limit egress queue <0-7>
Mode: interface configuration mode
Parameter:
Parameter | Description |
<0-7> | port queue index |
<16-1000000> | The average rate limit of the queue, the allowed input range is 16-1000000, the unit is Kbps, and it needs to be a multiple of 16. (If the input is not a multiple of 16, the program will automatically convert to the nearest multiple of 16 to the input value.) |
Description:
- rate-limit egress queue <0-7> <16-1000000>: Under the specified port, configure the rate limit of the egress queue.
- no rate-limit egress queue <0-7>: Used to clear the rate limit configuration of the specified egress queue.
- By default, the egress queue rate is not limited.
Example:
Switch > enable
Switch# configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# rate-limit egress queue 3 6400
Switch(config-if)# no rate-limit egress queue 3
Configure queue shaping (egress queue speed limit CBS)
Command:
- rate-limit egress queue <0-7> burst <burst-53247>
- no rate-limit egress queue <0-7> burst
Mode: interface configuration mode
Parameter:
Parameter | Description |
<0-7> | port queue index |
<16-1000000> | The average rate limit of the queue, the allowed input range is 16-1000000, the unit is Kbps, and it needs to be a multiple of 16. (If the input is not a multiple of 16, the program will automatically convert to the nearest multiple of 16 to the input value.) |
<burst-53247> | The committed burst traffic that can pass instantly , the value range is: GWN7806(P)/GWN7832/GWN7816(P): 1368-53247bytes , default 53247bytes GWN7811(P)/GWN7812P/GWN7813(P)/GWN7830/GWN7831: 678-53247bytes , default 53247bytes |
Description:
- rate-limit egress queue <0-7> burst <678-53247> : Under the specified port, configure the committed burst flow CBS of the egress queue ( CIR must be set first ) .
- no rate-limit egress queue <0-7> burst : Used to clear the committed burst CBS of the specified egress queue.
- By default, the egress queue CIR/CBS is not limited.
Example:
Switch > enable
Switch# configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# rate-limit egress queue 1 6400
Switch(config-if)# no rate-limit egress queue 1 burst 53247
Configuring Port Rate Limiting CIR
Command:
- rate-limit (egress | ingress) <16-1000000>
- no rate-limit (egress| ingress)
Mode: interface configuration mode
Parameter:
Parameter | Description |
egress | Export |
ingress | Entrance |
<16-1000000> | Average rate limit, the allowable input range is 16-1000000, the unit is Kbps, and it needs to be a multiple of 16 (if the input is not a multiple of 16 , the program will automatically convert it to the closest multiple of 16 to the input value). |
Description:
- rate-limit egress <16-1000000>: Under the specified port, configure the egress rate limit.
- rate-limit in progress <16-1000000>: Under the specified port, configure the ingress rate limit.
- no rate-limit (egress | ingress): Used to clear egress/ingress rate-limit configuration.
- By default, the egress and ingress rates are not limited.
Example:
Switch > enable
Switch# configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# rate-limit egress 6400
Switch(config-if)# rate-limit ingress 10000
Switch(config-if)# no rate-limit egress
Configure port speed limit CBS
Command:
- rate-limit egress burst <burst-53247>
- no rate-limit egress burst
- rate-limit ingress burst <32768-burst>
- no rate-limit ingress burst
Mode: interface configuration mode
Parameter:
Parameter | Description |
Egress burst | Export commitment burst traffic |
Ingress burst | Ingress committed burst traffic |
<burst-53247> | In the outbound direction , the value range is: GWN7806(P)/GWN7832 /GWN7816(P) : 1368-53247 bytes GWN7811(P)/GWN7812P/GWN7813(P)/GWN7830/GWN7831: 678-53247bytes |
<32768-burst> | Incoming direction CBS, the value range is: GWN7806(P)/GWN7832/GWN7816(P): 32768-65535 bytes. GWN7811(P)/12P/13(P)/GWN7830/GWN7831: 32768-2147483647bytes |
Description:
- rate-limit egress burst <burst-53247> : Configure egress CBS under the specified port.
- no rate-limit egress burst : used to clear the CBS of the exit, if the speed limit in the exit direction is not closed, it will return to the default value of 32768 after clearing the CBS.
- rate-limit in regression burst <32768-burst> : Configure ingress CBS under the specified port.
- no rate-limit in gress burst : used to clear the exit/entry CBS , if the speed limit in the inbound direction is not closed, it will return to the default value of 32768 after clearing the CBS
- By default, the egress and ingress rates are not limited.
Example:
Switch > enable
Switch# configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# rate-limit egress burst 678
Switch(config-if)# no rate-limit egress burst
Switch(config-if)# rate-limit ingress burst 327699
Switch(config-if)# no rate-limit ingress burst
View QoS related information
Command:
- show qos map
- show qos map (cos-queue| dscp-queue| precedence-queue| queue-cos| queue-dscp| queue-precedence)
- show qos interfaces (Ethernet| LAG) <id>
- show qos queuing
- show running-config
- show running-config {interfaces Ethernet| LAG <id>}
Mode: privileged EXEC mode
Parameter: none
Description:
- show qos map: View all mapping tables
- show qos map (cos-queue| dscp-queue| precedence-queue| queue-cos| queue-dscp| queue-precedence): View the specified mapping table.
- show qos interfaces (Ethernet| LAG) <1- 2 8>: View the Q oS attributes of the specified port, including the port priority value, trust status, and remark status.
- show qos queuing: View the scheduling algorithm being used.
- show running-config: You can view all non-default configurations related to QoS.
- show running-config {interfaces Ethernet| LAG <1- 2 8>}: You can view all non-default configurations of the specified port.
Example:
Switch > enable
Switch# show qos map dscp-queue
Switch# show qos interfaces LAG 1
Switch# show running-config interfaces Ethernet 1/0/1
SECURITY
Storm control
Check – storm control
Command: show storm-control
Mode: privileged EXEC mode
Parameter: none
Description: View the configuration details of each port storm
Example:
switch # show storm-control
Global configuration – strom control
Command:
- storm control preamble and IFG {Excluded | Included}
- storm control unit {bps | pps}
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
[include\exclude] | Configure frame interval |
[bps\pps] | statistical unit |
Description:
- IFG {Excluded | Included}: configure frame interval
- unit {bps | pps}: statistical unit
Example:
Switch# storm control preamble and IFG Excluded
Switch# storm control unit bps
Port configuration – storm control
Command:
- storm-control
- no storm-control
- storm-control {broadcast | unkbown-multicast | unknown-unicast} level x[1-1024]
Mode: interface configuration mode
Parameter:
Parameter | Description |
[no] storm-control | [ Close ] Enable port storm control function |
action {drop | shutdown} | action {discard illegal packets | close port} |
broadcast level [1-1024] | Broadcast packet, the value range is 1-1024 (the value is related to the measurement unit) |
unknown-multicast | unknown multicast packet |
unknown-unicast | unknown unicast packet |
Description:
- no storm-control: Disable the port storm control function
- storm-control: enable port storm control function
- storm-control {broadcast | unkbown-multicast | unknown-unicast} level x[1-1024] : Configure storm control threshold for broadcast / unkbown- multicast /unknown -unicast
Example:
Switch(config-if)# no storm-control
Switch(config-if)# storm-control
Switch(config-if)# storm-control broadcast level 1024
Port security
Check – port security
Command:
- show port-security
- show port-security address
- show port-security interfaces Ethernet interface id
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Ethernet interface id | The port number |
Description:
- show port-security: View port security settings
- show port-security address: View port security MAC address
- show port-security interfaces Ethernet interface id: View port security status
Example:
Switch# show port-security
Switch# show port-security address
Switch# show port-security interfaces Ethernet interface 1/0/2
Global configuration – port security
Command:
- port-security
- no port-security
- port-security rate-limit x[1-600]
Mode: global configuration mode
Parameter:
Parameter | Description |
x[1-600] | Value range of port security rate limit |
Description:
- port-security: Enable the global port security function
- no port-security: Turn off the global port security function
- port-security rate-limit x[1-600] : configure port security rate limit
Example:
Switch(config)# port-security
Switch(config)# no port-security
Switch(config)# port-security rate-limit 600
Port configuration – port security
Command:
- port-security
- no port-security
- port-security address-limit x[1-256]
- port-security mac-address sticky
- no port-security mac-address sticky
- port-security mac-address [mac] [vlan x]
- port-security violation [protect\restric\shutdown]
Mode: interface configuration mode
Parameter:
Parameter | Description |
x[1-256] | Configuring the maximum number of MAC addresses on a port |
[mac] [vlan x] | Entries in the port security MAC address table : MAC address and VLAN |
[protect\restrict\shutdown] | Port Protection Action protect : discard illegal packets, keep silent restrict : Discard illegal packets and report alarm notifications shutdown : close the port |
Description:
- port-security: Enable port security
- no port-security: turn off port security
- port-security address-limit x[1-256] : Configure the maximum number of MACs
- port-security mac-address sticky: enable Sticky MAC address function
- no port-security mac-address sticky: disable Sticky MAC address function
- port-security mac-address [mac] [vlan x]: configure port security MAC address and VLAN
- port-security violation [protect\restrict\shutdown]: Configure port security protection action
Example:
Switch(config-if)# port-security
Switch(config-if)# port-security address-limit 256
Switch(config-if)# [no] port-security mac-address sticky
Switch(config-if)# port-security mac-address aa:bb:cc:ff:ee:dd vlan 1
Switch(config-if)# port-security violation protect
Port isolation
Command: protected
Mode: interface configuration mode
Parameter:
Parameter | Description |
protected | Enable port isolation |
Description: Enable port isolation
Example:
Switch # configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# protected
Switch(config-if)# exit
Switch(config)# exit
Switch#
ACL
MAC ACL
- Create/delete MAC ACL
Command:
- mac acl name
- no mac acl name
Mode: global configuration mode
Parameter:
Parameter | Description |
name | MAC ACL name, 1-64 characters, support numbers, letters and special characters ( excluding “\?/, ). |
Description: Create/delete MAC ACL
Example:
Create an ACL named test1
Switch(config)# mac acl test1
- Create/delete permit rules
Command:
- sequence <1-2147483647> permit {source mac} {dest mac} {vlan xx} {cos value} {ethtype <0x0600-0xFFFF>} schedule {id}
- no sequence <1-2147483647>
Mode: ACL configuration mode
Parameter:
Parameter | Description |
<1-2147483647> | rule ID |
{source mac} | Source MAC address and mask |
{dest mac} | Destination MAC address and mask |
{vlan xx} | VLAN ID of the packet |
{cos value} | CoS priority |
ethtype <0x0600-0xFFFF> | Ethernet protocol |
{id} | Time policy ID, an integer ranging from 1 to 32 |
Description: Create/delete permit rules
Example:
a rule that allows LLDP packets with a destination MAC address of 22:33:44:55:66:77 and a VLAN 3 tag to pass within the time range of time policy ID 1
Switch(config-mac-acl)# permit any 22:33:44:55:66:77/FF:FF:FF:FF:FF:FF:FF vlan 3 ethtype 0x88CC schedule 1
- Create/delete deny rules
Command:
- sequence <1-2147483647> deny {source mac} {dest mac} {vlan xx} {cos value} {ethtype <0x0600-0xFFFF>} schedule {id}
- no sequence <1-2147483647>
Mode: ACL configuration mode
Parameter:
Parameter | Description |
<1-2147483647> | rule ID |
{source mac} | Source MAC address and mask |
{dest mac} | Destination MAC address and mask |
{vlan xx} | VLAN ID of the packet |
{cos value} | CoS priority |
ethtype <0x0600-0xFFFF> | Ethernet protocol |
{id} | Time policy ID , an integer whose value ranges from 1 to 32 |
Description: Create/delete deny rules
Example:
Create a rule to deny the passage of MPLS packets with a source MAC address of 1C:69:7A:B4:E5:AA, a VLAN 20 tag, and a CoS value of 2 within the time range of time policy ID 1
Switch(config-mac-acl)# deny 1C:69:7A:B4:E5:AA/FF:FF:FF:FF:FF:FF any vlan 20 cos 2 7 ethtype 0x8847 schedule 1
- Create/delete shutdown rules
Command:
- sequence <1-2147483647> deny {source mac} {dest mac} {vlan xx} {cos value} {ethtype <0x0600-0xFFFF>} schedule {id} [shutdown]
- no sequence <1-2147483647>
Mode: ACL configuration mode
Parameter:
Parameter | Description |
<1-2147483647> | rule ID |
{source mac} | Source MAC address and mask |
{dest mac} | Destination MAC address and mask |
{vlan xx} | VLAN ID of the packet |
{cos value} | CoS priority |
ethtype <0x0600-0xFFFF> | Ethernet protocol |
{id} | Time policy ID, an integer ranging from 1 to 32 |
[shutdown] | when the rule matches |
Description: Create/delete shutdown rules
Example:
Created within the time range of time policy ID 1 , when the source MAC is 1C:69:7A:B4:E5:AA with VLAN When the ARP packet with 10 labels and CoS value is 2, the port executes the shutdown action rule
Switch(config-mac-acl)# deny 1C:69:7A:B4:E5:AA/FF:FF:FF:FF:FF:FF any vlan 10 cos 2 7 ethtype 0x806 schedule 1 shutdown
- MAC ACL binding
Command:
- mac acl name
- no mac acl
Mode: interface configuration mode
Parameter:
Parameter | Description |
name | MAC ACL name, 1-64 characters, support numbers, letters and special characters ._@ |
Description: Bind/unbind MAC ACL
Example:
Bind the mac acl named "test" to the port
Switch(config-if)# mac acl test
unbind mac acl
Switch(config-if)# no mac acl
- Show rules
Command: show mac acl [ name ]
Mode: global configuration mode
Parameter:
Parameter | Description |
name | MAC ACL name, 1-64 characters, support numbers, letters and special characters ._@ |
Description: View MAC Detailed rules of ACL
Example:
View the detailed rules of mac acl named test1
Switch# show mac acl test1
IPV4 ACL
- Create/delete IPv4 ACL
Command:
- ip acl name
- no ip acl name
Mode: global configuration mode
Parameter:
Parameter | Description |
name | ip ACL name, 1-64 characters, support numbers, letters and special characters ( excluding “\?/, ). |
Description: Create/delete IPv4 ACL
Example:
Create an ACL named test1
Switch(config)# ip acl test1
- Create/delete permit rules
Command:
- sequence <1-2147483647> permit {protocol} {source ip} {dest ip} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> permit tcp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} match-all {TCP_FLAG} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> permit udp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> permit icmp {source ip} {dest ip} {icmp type} {icmp code} {dscp/precedence} {value} schedule {id}
- no sequence <1-2147483647>
Mode: ACL configuration mode
Parameter:
Parameter | Description |
<1-2147483647> | rule ID |
{protocol} | an integer ranging from 0 to 255 |
{source ip} | Source IP address and mask |
{source port/source port range} | Source IP address port /port range |
{dest ip} | Destination IP address and mask |
{dest port/dest port range} | Destination IP address port /port range |
{TCP_FLAG} | TCP flag |
{icmp type} {icmp code} | ICMP message type and message code |
{dscp/precedence}{value} | Match the type of ToS |
{id} | Time policy ID, an integer ranging from 1 to 32 |
Description: Create/delete permit rules
Example:
Created within the time range of time policy ID 1 , allow TCP data with source IP address 192.168.1.245, source port 20, destination port 5001-5006 , with TCP flags ack and urg, and DSCP priority 63 package through
Switch(config-ip-acl)# permit tcp 192.168.1.245/255.255.255.255 ftp-data any 5001-5006 match-all +ack+urg dscp 63 schedule 1
Created within the time range of time policy ID 1 , UDP packets with source port 68 , destination IP 192.168.1.17 , destination port 37 , and IP priority 7 are allowed to pass
Switch(config-ip-acl)# permit udp any bootpc 192.168.1.17/255.255.255.255 time precedence 7 schedule 1
Created within the time range of time policy ID 1 , all ICMP packets with unreachable destinations and message code 21 are allowed to pass
Switch(config-ip-acl)# permit icmp any any destination-unreachable 21 dscp 60 schedule 1
- Create/delete deny rules
Command:
- sequence <1-2147483647> deny {protocol} {source ip} {dest ip} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> deny tcp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} match-all {TCP_FLAG} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> deny udp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> deny icmp {source ip} {dest ip} {icmp type} {icmp code} {dscp/precedence} {value} schedule {id}
- no sequence <1-2147483647>
Mode: ACL configuration mode
Parameter:
Parameter | Description |
<1-2147483647> | rule ID |
{protocol} | an integer ranging from 0 to 255 |
{source ip} | Source IP address and mask |
{source port/source port range} | Source IP address port /port range |
{dest ip} | Destination IP address and mask |
{dest port/dest port range} | Destination IP address port /port range |
{TCP_FLAG} | TCP flag |
{icmp type} {icmp code} | ICMP message type and message code |
{dscp/precedence}{value} | Match the type of ToS |
{id} | Time policy ID, an integer ranging from 1 to 32 |
Description: Create/delete deny rules
Example:
Created within the time range of time policy ID 1 , reject TCP packets with source IP address 192.168.1.245 , source port 20 , destination port 5001-5006 , flag bits ack and urg , and DSCP priority 63 pass
Switch(config-ip-acl)# deny tcp 192.168.1.245/255.255.255.255 ftp-data any 5001-5006 match-all +ack+urg dscp 63 schedule 1
Created within the time range of time policy ID 1 , deny the UDP packets with source port 68 , destination IP address 192.168.1.17 , destination port 37 , and IP priority 7
Switch(config-ip-acl)# deny udp any bootpc 192.168.1.17/255.255.255.255 time precedence 7 schedule 1
Created within the time range of time policy ID 1 , all ICMP packets whose destination is unreachable and whose message code is 21 are rejected from passing
Switch(config-ip-acl)# deny icmp any any destination-unreachable 21 dscp 60 schedule 1
- Create/delete shutdown rules
Command:
- sequence <1-2147483647> deny {protocol} {source ip} {dest ip} {dscp/precedence} {value} schedule {id} [shutdown]
- sequence <1-2147483647> deny tcp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} match-all {TCP_FLAG} {dscp/precedence} {value} schedule {id} [shutdown]
- sequence <1-2147483647> deny udp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} {dscp/precedence} {value} schedule {id} [ shutdown ]
- sequence <1-2147483647> deny icmp {source ip} {dest ip} {icmp type} {icmp code} {dscp/precedence} {value} schedule {id} [shutdown]
- no sequence <1-2147483647>
Mode: ACL configuration mode
Parameter:
Parameter | description |
<1-2147483647> | rule ID |
{protocol} | an integer ranging from 0 to 255 |
{source ip} | Source IP address and mask |
{source port/source port range} | Source IP address port /port range |
{dest ip} | Destination IP address and mask |
{dest port/dest port range} | Destination IP address port /port range |
{TCP_FLAG} | T CP flag |
{icmp type} {icmp code} | ICMP message type and message code |
{dscp/precedence}{value} | Match the type of ToS |
{id} | Time policy ID, an integer ranging from 1 to 32 |
[shutdown] | when the rule matches |
Description: Create/delete shutdown rules
Example:
Created within the time range of time policy ID 1 , when a TCP with source IP address 192.168.1.245 , source port 20 , destination port 5001-5006 , flag bits ack and urg , and DSCP priority 63 is encountered Packet, port execution shutdown action
Switch(config-ip-acl)# deny tcp 192.168.1.245/255.255.255.255 ftp-data any 5001-5006 match-all +ack+urg dscp 63 schedule 1 shutdown
Created within the time range of time policy ID 1 , when a UDP data packet with source port 68 , destination IP address 192.168.1.17 , destination port 37 , and IP priority 7 is encountered, the port will execute shutdown action
Switch(config-ip-acl)# deny udp any bootpc 192.168.1.17/255.255.255.255 time precedence 7 schedule 1 shutdown
Created within the time range of time policy ID 1 , when encountering all ICMP data packets whose destination is unreachable and whose message code is 21 , the port will execute the shutdown action
Switch(config-ip-acl)# deny icmp any any destination-unreachable 21 dscp 60 schedule 1 shutdown
- IPv4 ACL binding
Command:
- ip acl name
- no ip acl
Mode: interface configuration mode
Parameter:
Parameter | Description |
name | IPv4 ACL name, 1-64 characters, support numbers, letters and special characters ._@ |
Description: Bind/unbind IPv4 ACL
Example:
v4 acl named "test" to the port
Switch(config-if)# ip acl test
unbind ipv4 acl
Switch(config-if)# no ip acl
- View rules
Command: show ip acl [ name ]
Mode: global configuration mode
Parameter:
Parameter | Description |
name | IPv4 ACL name, 1-64 characters, support numbers, letters and special characters ._@ |
Description: View IPv4 Detailed rules of ACL
Example:
View the detailed rules of ip v4 acl named test1
Switch# show ip acl test1
IPV6 ACL
- Create/delete IPv6 ACL
Command:
- ipv6 acl name
- no ipv6 acl name
Mode: global configuration mode
Parameter:
Parameter | Description |
name | ipv6 ACL name, 1-64 characters, support numbers, letters and special characters ( excluding “\?/, ). |
Description: Create/delete IPv6 ACL
Example:
Create an ACL named test1
Switch(config)# ipv6 acl test1
- Create/delete permit rules
Command:
- sequence <1-2147483647> permit {protocol} {source ip} {dest ip} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> permit tcp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} match-all { TCP_FLAG} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> permit udp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> permit icmp {source ip} {dest ip} {icmp type} {icmp code} {dscp/precedence} {value} schedule {id}
- no sequence <1-2147483647>
Mode: ACL configuration mode
Parameter:
Parameter | Description |
<1-2147483647> | rule ID |
{protocol} | an integer ranging from 0 to 255 |
{source ip} | Source IPv6 address and mask |
{source port/source port range} | Source IPv6 address port /port range |
{dest ip} | Destination IPv6 address and mask |
{dest port/dest port range} | Destination IPv6 address port /port range |
{TCP_FLAG} | TCP flag |
{icmp type} {icmp code} | ICMP message type and message code |
{dscp/precedence}{value} | Match the type of ToS |
{id} | Time policy ID, an integer ranging from 1 to 32 |
Description: Create/delete permit rules
Example:
Created within the time range of time policy ID 1 , the source IPv6 address is allowed to be 2409:8754:3020:11:585e:67e:c77b:aef , the source port is 80 , the destination port is 1000-1200 , with the TCP flag Bit fin and psh , TCP packets with DSCP priority 1 pass
Switch(config-ipv6-acl)# permit tcp 2409:8754:3020:11:585e:67e:c77b:aef/128 www any 1000-1200 match-all +fin+psh dscp 1 schedule 1
Create UDP with source port 7 , destination IPv6 address 2409:8754:3020:11:4dc:b5b6:2f2d:1415 , destination port 514 , and IP priority 3 within the time range of time policy ID 1 . packets through
Switch(config-ipv6-acl)# permit udp any echo 2409:8754:3020:11:4dc:b5b6:2f2d:1415/128 syslog precedence 3 schedule 1
Created within the time range of time policy ID 1 , all ICMP packets with message code 29 and IP priority 7 are allowed to pass through
Switch(config-ipv6-acl)# permit icmp any any packet-too-big 29 precedence 7 schedule 1
- Create/delete deny rules
Command:
- sequence <1-2147483647> deny {protocol} {source ip} {dest ip} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> deny tcp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} match-all {TCP_FLAG} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> deny udp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} {dscp/precedence} {value} schedule {id}
- sequence <1-2147483647> deny icmp {source ip} {dest ip} {icmp type} {icmp code} {dscp/precedence} {value} schedule {id}
- no sequence <1-2147483647>
Mode: ACL configuration mode
Parameter:
Parameter | Description |
<1-2147483647> | rule ID |
{protocol} | an integer ranging from 0 to 255 |
{source ip} | Source IPv6 address and mask |
{source port/source port range} | Source IPv6 address port /port range |
{dest ip} | Destination IPv6 address and mask |
{dest port/dest port range} | Destination IPv6 address port /port range |
{TCP_FLAG} | TCP flag |
{icmp type} {icmp code} | ICMP message type and message code |
{dscp/precedence}{value} | Match the type of ToS |
{id} | Time policy ID, an integer ranging from 1 to 32 |
Description: Create/delete deny rules
Example:
Created within the time range of time policy ID 1 , deny source IPv6 address 2409:8754:3020:11:585e:67e:c77b:aef , source port 80 , destination port 1000-1200 , with flag fin and psh, TCP packets with DSCP priority 1 pass through
Switch(config-ipv6-acl)# deny tcp 2409:8754:3020:11:585e:67e:c77b:aef/128 www any 1000-1200 match-all +fin+psh dscp 1 schedule 1
Create a UDP with source port 7 , destination IPv6 address 2409:8754:3020:11:4dc:b5b6:2f2d:1415 , destination port 514 , and IP priority 3 within the time range of time policy ID 1. packets through
Switch(config-ipv6-acl)# deny udp any echo 2409:8754:3020:11:4dc:b5b6:2f2d:1415/128 syslog precedence 3 schedule 1
Create within the time range of time policy ID 1 , reject all ICMP data packets with message code 29 and IP priority 7 that are too large to pass through
Switch(config-ipv6-acl)# deny icmp any any packet-too-big 29 precedence 7 schedule 1
- Create/delete shutdown rules
Command:
- sequence <1-2147483647> deny {protocol} {source ip} {dest ip} {dscp/precedence} {value} schedule {id} [shutdown]
- sequence <1-2147483647> deny tcp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} match-all {TCP_FLAG} {dscp/precedence} {value} schedule {id} [shutdown]
- sequence <1-2147483647> deny udp {source ip} {source port/source port range} {dest ip} {dest port/dest port range} {dscp/precedence} {value} schedule {id} [ shutdown ]
- sequence <1-2147483647> deny icmp {source ip} {dest ip} {icmp type} {icmp code} {dscp/precedence} {value} schedule {id} [shutdown]
- no sequence <1-2147483647>
Mode: ACL configuration mode
Parameter:
Parameter | description |
<1-2147483647> | rule ID |
{protocol} | an integer ranging from 0 to 255 |
{source ip} | Source IPv6 address and mask |
{source port/source port range} | Source IPv6 address port /port range |
{dest ip} | Destination IPv6 address and mask |
{dest port/dest port range} | Destination IPv6 address port /port range |
{TCP_FLAG} | TCP flag |
{icmp type} {icmp code} | ICMP message type and message code |
{dscp/precedence}{value} | Match the type of ToS |
{id} | Time policy ID, an integer ranging from 1 to 32 |
[shutdown] | when the rule matches |
Description: Create/delete shutdown rules
Example:
Created within the time range with the time policy ID of 1 , when the source IPv6 address is 2409:8754:3020:11:585e:67e:c77b:aef , the source port is 80 , the destination port is 1000-1200, with a flag Bit fin and psh, TCP data packets with DSCP priority 1 , the port executes the shutdown action
Switch(config-ipv6-acl)# deny tcp 2409:8754:3020:11:585e:67e:c77b:aef/128 www any 1000-1200 match-all +fin+psh dscp 1 schedule 1 shutdown
Created within the time range of time policy ID 1 , when the source port is 68 , the destination IPv6 address is 2409:8754:3020:11:4dc:b5b6:2f2d:1415 , the destination port is 514 , and the IP priority is 3 UDP packets, the port executes the shutdown action
Switch(config-ipv6-acl)# deny udp any echo 2409:8754:3020:11:4dc:b5b6:2f2d:1415/128 syslog precedence 3 schedule 1 shutdown
Created within the time range of the time policy ID 1 , when encountering all ICMP data packets with a message
code of 29 and an IP priority of 7 , the port will perform a shutdown action
Switch(config-ipv6-acl)# deny icmp any any packet-too-big 29 precedence 7 schedule 1 shutdown
- IPv6 ACL binding
Command:
- ipv6 acl name
- no ipv6 acl
Mode: interface configuration mode
Parameter:
Parameter | Description |
name | IPv6 ACL name, 1-64 characters, support numbers, letters and special characters ._@ |
Description: Bind/unbind IPv6 ACL
Example:
v6 acl named "test" to the port
Switch(config-if)# ipv6 acl test
unbind ipv6 acl
Switch(config-if)# no ipv6 acl
- View rules
Command: show ipv6 acl [ name ]
Mode: global configuration mode
Parameter:
Parameter | Description |
name | IPv6 ACL name, 1-64 characters, support numbers, letters and special characters ._@ |
Description: Check the detailed rules of IPv6 ACL
Example:
View the detailed rules of ip v6 acl named test1
Switch# show ip v6 acl test1
ACL Statistics
- Configure ACL Statistics
Command:
- acl-counter-set [name] sequence <1-2147483647>
- acl-counter-set [name] sequence <1-2147483647> (byte64|packet32)
- acl-counter-set [name] sequence <1-2147483647> (byte64|packet32) idx <1-32>
Mode: global configuration mode
Parameter:
Parameter | Description |
name | ACL name |
<1-2147483647> | ACL rule ID |
byte64|packet32 | statistical unit Note : Only GWN7801(P)/02(P)/03(P)/11(P)/12P/13(P) /GWN7830/GWN7831/GWN7816(P) support configuration. |
<1-32> | Statistics ID Note : Only supported by GWN7801(P)/02(P)/03(P) |
Description:
- Configure ACL Statistics
- acl-counter-set [name] sequence <1-2147483647> : Set ACL statistics count , applicable model: GWN7806(P).
- acl-counter-set [name] sequence <1-2147483647> (byte64|packet32) : Set ACL statistics count , applicable model: GWN7811(P)/12P/13(P)
- acl-counter-set [name] sequence <1-2147483647> (byte64|packet32) idx <1-32> : set ACL statistics count, applicable model: GWN7801(P)/02(P)/03(P)
Example:
Configure the statistics of ACL name 1 and sequence number 1
GWN7806(config)# acl-counter-set 1 sequence 1
Configure the statistics of ACL name 2 and sequence number 2, and the statistical unit is packet32
GWN7811 (config)# acl-counter-set 2 sequence 2 packet32
Configure the statistics of ACL name 3 and sequence number 3 , the statistics unit is packet32, and the statistics ID is 3
GWN7801 (config)# acl-counter-set 3 sequence 3 packet32 idx 3
- Cancel ACL Statistics
Command: no acl-counter-set [name] sequence (<1-2147483647>|all)
Mode: global configuration mode
Parameter:
Parameter | Description |
name | ACL name |
<1-2147483647>|all | Cancel the statistics of a single rule, or cancel the statistics of all |
Description: Cancel ACL Statistics
Example:
Cancel the statistical binding of ACL name 1 and serial number 1
GWN7806(config)# no acl-counter-set 1 sequence 1
all statistical bindings for ACL name 2
GWN7811 (config)# no acl-counter-set 2 sequence all
- Clear ACL Statistics
Command: acl-counter-clear [name] sequence (<1-2147483647>|all)
Mode: global configuration mode
Parameter:
Parameter | Description |
name | ACL name |
<1-2147483647>|all | Clear statistics for a single rule, or all |
Description: Clear ACL Statistics
Example:
Clear the statistical binding of ACL name 1, sequence number 1
GWN7806(config)# no acl-counter- clear 1 sequence 1
all stat bindings for ACL name 2
GWN7811 (config)# no acl-counter- clear 2 sequence all
- View ACL Statistics
Command: show acl-counter [name] sequence <1-2147483647>
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
name | ACL name |
<1-2147483647> | ACL rule ID |
Description: View ACL Statistics
Example:
Check the statistics of ACL name 1 and sequence number 1
GWN7806# show acl-counter 1 sequence 1
acl counter status : enabled
hit count: 0 Bytes
ACL Mirror
- Configure ACL Mirror
Command: acl-mirror-set [name] sequence <1-2147483647> original groupId <1-4>
Mode: global configuration mode
Parameter:
Parameter | Description |
name | ACL name |
<1-2147483647> | ACL rule ID |
<1-4> | ACL mirroring joins |
Description: Configure ACL Mirror
Note : For the configuration of the related ACL mirroring observation port, you need to go to Mirroring Settings
Example:
Configure ACL name 1, sequence number 1 to join mirroring group 1
Switch (config)# acl- mirror -set 1 sequence 1 original groupId 1
- Cancel ACL Mirror
Command: no acl-mirror-set [name] sequence <1-2147483647>
Mode: global configuration mode
Parameter:
Parameter | Description |
name | ACL name |
<1-2147483647> | ACL rule ID |
Description: Cancel ACL Mirror
Example:
Cancel the mirroring of ACL name 1, sequence number 1
Switch (config)# no acl-mirror-set 1 sequence 1
- View ACL Mirror
Command: show acl-mirror-set [name] sequence <1-2147483647>
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
name | ACL name |
<1-2147483647> | ACL rule ID |
Description: Configure ACL Mirror
Example:
View the image of ACL name 1, sequence number 1
Switch # show acl-mirror-set 1 sequence 1
acl mirror status : enabled
gid: group0
mirror type: original
ACL Priority Remapping
- Configuring ACL Priority Remapping
Command: acl-remap-set [name] sequence <1-2147483647> remap <0-7>
Mode: global configuration mode
Parameter:
Parameter | Description |
name | ACL name |
<1-2147483647> | ACL rule ID |
<0-7> | ACL priority , the larger the value, the higher the priority |
Description: Configuring ACL Priority Remapping
Example:
Configure ACL name 1, the priority of sequence number 1 is 7
Switch (config)# acl-remap-set 1 sequence 1 remap 7
- Cancel ACL Priority Remapping
Command: no acl-remap-set [name] sequence (<1-2147483647>|all)
Mode: global configuration mode
Parameter:
Parameter | Description |
name | ACL name |
<1-2147483647>|all | ACL rule ID , you can cancel the priority setting of a single rule , or cancel the priority setting of all rules |
Description: Cancel ACL Priority Remapping
Example:
Cancel ACL name 1, the priority of sequence number 1 is configuration
Switch (config)# no acl-remap-set 1 sequence 1
- View ACL Priority Remapping
Command: show acl-remap-set [name] sequence <1-2147483647>
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
name | ACL name |
<1-2147483647> | ACL rule ID |
Description: View ACL Priority Remapping
Example:
priority configuration of ACL name 1 and sequence number 1
Switch # show acl-remap-set 1 sequence 1
acl remap status : enabled
remap priority: 1
IP Source Guard
Check – IP source guard
Command:
- show ip source binding
- show ip source interfaces Ethernet [1-x]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
[1-x] | Port ID |
Description:
- show ip source binding : View ip-mac-port-vlan binding list
- show ip source interfaces Ethernet [1-x]: View port configuration
Example:
Switch# show ip source binding
Switch# show ip source interfaces Ethernet 1/0/2
Global configuration – IP source guard
Command:
- ip source binding [mac] vlan [x] [ip] [interface]
- ip source binding vlan [x] [ip] [interface]
Mode: global configuration mode
Parameter:
Parameter | Description |
[mac] | bound MAC address cannot be set to FFFF-FFFF-FFFF, multicast address and all-zero MAC address |
vlan [x] | Binding VLAN ID, the range is 1-4094 |
[ip] | Binding IP address, supports IPv4 and IPv6 |
[interface] | Bonded switch ports, including electrical ports, optical ports, and aggregated ports |
Description:
- ip source binding [mac] vlan [x] [ip] [interface] : add static quad binding table
- ip source binding vlan [x] [ip] [interface] : add static ternary binding table
Example:
Switch(config)# ip source binding aa:aa:aa:bb:ff:ff vlan 1 192.168.1.11 interface Ethernet 1/0/2
Port configuration – IP source guard
Command:
- ip source verify
- no ip source verify
- ip source verify [mac-and-ip\ip]
- ip source binding max-entry [ no-limit \x]
Mode: interface configuration mode
Parameter:
Parameter | Description |
[mac-and-ip\ip] | port check mode |
[ no-limit \x] | maximum number of binding entries for the port , the range is 0-50, 0 means unlimited |
Description:
- [no] ip source verify : enable /disable IP source verification
- ip source verify [mac-and-ip\ip] : Set port verification mode
- ip source binding max-entry [ no-limit \x] : Set the maximum number of binding ports
Example:
Switch(config-if)# ip source verify
Switch(config-if)# ip source verify mac-and-ip
Switch(config-if)# ip source binding max-entry 10
Attack defense
Check – attack defense
Command:
- show dos
- show dos interface IF_PORTS
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
IF_PORTS | Port ID |
Description:
- show dos : View DoS information
- show dos interface IF_PORTS : View the DoS information of the specified interface
Example:
Switch # show dos
Switch# show dos interfaces Ethernet 1/0/2
Global configuration – attack defense
Command: Switch(config)# [no] dos [option name]
Mode: global configuration mode
Parameter:
Parameter | Description |
[option name] | DoS related function options mainly include: daeqsa-deny : deny source mac address = destination mac address icmp-frag-pkts-deny : Deny fragmented ICMP packets icmp-ping-max-length : limit the maximum length of ICMP icmpv4-ping-max-check : Verify the maximum ping packet of IPV4 icmpv6-ping-max-check : Verify the maximum ping packet of IPV6 ipv6-min-frag-size-check : Verify the minimum fragmentation of an IPV6 data frame ipv6-min-frag-size-length : check the minimum length of IPV6 data frame fragmentation land-deny : Deny source IP=destination IP nullscan-deny : Deny NULL Scan attacks pod-deny : Deny death Ping attack smurf-deny : Deny Smurf attacks smurf-netmask : Configure the subnet mask for Smurf attacks syn-sportl1024-deny : Deny TCP-sport attacks synfin-deny : Deny TCP-FIN attacks synrst-deny : deny TCP-RST attack tcp-frag-off-min-check : Deny TCP minimum fragment carrying offset attack tcpblat-deny : Deny TCP packet source port = destination port attack tcphdr-min-check : Check the minimum header length of TCP packets tcphdr-min-length : configure the minimum header field length udpblat-deny : Deny UDP packet source port=destination port attack xma-deny : Deny Christmas tree TCP attacks |
Description: Enable/disable the designated DoS function
Example:
Switch(config)# [no] dos daeqsa-deny
Port configuration – attack defense
Command: [no] dos
Mode: interface configuration mode
Parameter: none
Description: Enable/disable port DoS function
Example:
Switch(config-if)# dos
Switch(config-if)# no dos
Dynamic ARP Inspection (DAI)
Check – DAI
Command:
- show ip arp inspection
- show ip arp inspection interfaces Ethernet [1-x]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Ethernet [x] | Port ID |
Description:
- show ip arp inspection: View the global switch status of DAI
- show ip arp inspection interfaces Ethernet [x]: View the DAI settings of the specified port
Example:
Switch# show ip arp inspection
Switch# show ip arp inspection interfaces Ethernet 1/0/2
Global configuration – DAI
Command:
- [no] ip arp inspection
- [no] ip arp inspection vlan [vlan-id]
Mode: global configuration mode
Parameter:
Parameter | Description |
[vlan-id] | Port ID |
Description:
- [no] ip arp inspection: enable/disable the global DAI function
- [no] ip arp inspection vlan [vlan-id]: enable/disable the DAI function of the specified VLAN
Example:
Enable the DAI function on VLAN 1
Switch(config)# ip arp inspection vlan 1
Port configuration – DAI
Command:
- [no] ip arp inspection trust
- [no] ip arp inspection validate [dst-mac\ip\src-mac]
- ip arp inspection rate-limit rate
Mode: interface configuration mode
Parameter:
Parameter | Description |
dst-mac | Check whether the destination MAC address of the data frame matches the destination MAC address in the ARP message |
ip | Check whether the ARP packet contains illegal IP addresses, such as all 0s, all 1s, and multicast addresses, etc. |
src-mac | Check whether the source MAC address of the data frame matches the sender MAC address in the ARP message |
rate | Port check rate, an integer ranging from 0 to 50 ( unit : pps ) , 0 means no speed limit |
Description:
- ip arp inspection rate-limit rate : Configure port inspection rate
- [no] ip arp inspection trust : enable/disable port trust mode
- [no] ip arp inspection validate [dst-mac\ip\src-mac] : Set port verification mode
Example:
Enable the port trust mode, set the verification based on the destination MAC address, and set the detection rate to 50 pps
Switch(config-if)# ip arp inspection trust
Switch(config-if)# ip arp inspection validate dst-mac
Switch(config-if)# ip arp inspection rate-limit 50
RADIUS
Check – RADIUS
Command:
- show radius
- show radius default-config
Mode: privileged EXEC mode
Parameter: none
Description:
- show radius: View server list
- show radius default-config: View port configuration
Example:
Switch# show radius
Switch# show radius default-config
Global configuration – RADIUS
Command:
- no radius [host]
- radius host [ipv4\ipv6\domain] []
- radius default-config [key\retransmit\timeout]
Mode: global configuration mode
Parameter:
Parameter | Description |
[host] | RADIUS server host name |
auth-port | UDP port used by RADIUS , an integer ranging from 1 to 65535 , and the default is 1818 |
key | RADIUS public key |
priority | server priority |
retransmit | Specify the number of retransmissions |
Description:
- no radius [host]: Delete items in the radius list, specify a single record or delete all
- radius host [ipv4\ipv6\domain] []: add a radius server, and optionally specify a profile parameter
- radius default-config [key\retransmit\timeout]: Configure the default profile configuration of the radius server
Example:
Switch(config)# radius host 192.168.1.3 auth-port 1812 key test retransmit 2 timeout 2 type login
TACACS+
Check – TACACS+
Command:
- show tacacs
- show tacacs default-config
Mode: privileged EXEC mode
Parameter: none
Description:
- Show tacacs: View the list of TACACS+ servers
- Show tacacs default-config: View TACACS+ default configuration
Example:
Switch # show tacacs
Prio | Timeout | IP Address | Port |
------+---------+-------------------+--------+---- ------
Switch# show tacacs default-config
Timeout | Key
--------+---------
5 |
Global configuration – TACACS+
Command:
- no tacacs [host]
- tacacs host [ipv4\ipv6\domain] []
- tacacs default-config [key\timeout]
Mode: global configuration mode
Parameter:
Parameter | Description |
[host] | TACACS+server hostname |
auth-port | UDP port used by TACACS+ , an integer ranging from 1 to 65535 , the default is 1818 |
key | TACACS+ public key |
priority | server priority |
retransmit | Specify the number of retransmissions |
Description:
- no tacacs [host]: Delete items in the TACACS+ list, specify a single record or delete all
- tacacs host [ipv4\ipv6\domain] []: add TACACS+ server, and optionally specify profile parameters
- tacacs default-config [key\timeout] : Configure TACACS+ server default profile configuration
Example:
Switch(config)# tacacs host 192.168.1.3 port 49 key test priority 2 timeout 2
AAA
Check – AAA
Command:
- show aaa authentication login lists
- show aaa authentication enable lists
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
login lists | View login authentication request sequence |
enable lists | View enable’s authentication request sequence |
Description: View the enable command and the list of configured authentication methods corresponding to the login operation
Example:
Switch# show aaa authentication login lists
Switch# show aaa authentication enable lists
Global configuration – AAA
Command: [no] aaa authentication [enable\login] [name] [enable\local\none\radius\tacacs]
Mode: global configuration mode
Parameter:
Parameter | Description |
[enable\login] | Specify the configuration authentication method to the enable command or the login process |
[name] | Specifies the sequence name of the configuration operation |
[enable\local\none\radius\tacacs] | Specify the authentication sequence, up to four items |
Description: AAA sets different authentication method sequences for enable and login respectively, and can be configured to ssh\telnet\console\http\https
Example:
Add an authentication method named tacacs_1 for the login process, and the order is tacacs, radius, none
Switch(config)# aaa authentication login tacacs_1 tacacs+ radius none
802.1X
Check – 802.1X
Command: show authentication sessions
Mode: privileged EXEC mode
Parameter: none
Description: View the current 802.1x authentication session status
Example:
Switch # show authentication sessions
Global configuration – 802.1X
Command:
- [no] dot1x
- dot1x guest-vlan x
Mode: global configuration mode
Parameter:
Parameter | Description |
guest-vlan x | Guest VLAN ID |
Description: Enable/disable the global 802.1X function
opening , specify the Guest VLAN
Example:
Switch(config)# dot1x
Switch(config)# dot1x guest-vlan 4
Port configuration – 802.1X
Command: authentication [parameter] [sub-parameter]
Mode: interface configuration mode
Parameter:
Parameter | Description |
dot1x | Enable 802.1x on the port |
guest-vlan | Enable guest-vlan for port |
host-mode | Configure the user authentication mode for a port |
multi-auth | Based on mac authentication mode, each mac address needs to be authenticated separately |
multi-host | Based on the port authentication mode, any host under the port is successfully authenticated without re-authentication |
single-host | Single-user authentication mode, allowing only one successfully authenticated host |
mac | Configure mac-based authentication mode for ports |
max-hosts | Configure the maximum number of hosts allowed for the port, only multi-auth is valid |
method | Configure the authentication method for the port, only MAC-Based/Web-Based is valid |
order | Configure the order of authentication modes for ports, including mac, web, dot1x |
port-control | Configure the authentication control mode for a port |
auto | choose automatic |
force-auth | Port automatic authentication passed |
force-unauth | port force denial of authentication |
radius-attributes | Configure whether to obtain radius server information |
reauth | Whether to enable re-authentication for port configuration |
timer | Configure various timers |
inactive | Offline timer when there is no active message |
quiet | Re-authentication interval timer after authentication failure |
reauth | Authentication success follow-up interval timer |
Web | Configure web authentication related information |
max-login-attempts | Login Max Attempts |
Description: For the 802.1x module, the parameter configuration of each port
Example:
Configure the user authentication mode as mac authentication
Switch(config-if)# authentication host-mode multi-auth
Configure port control mode
Switch(config-if)# authentication port-control force-auth
Configure the inactivity timer
Switch(config-if)# authentication timer inactive 60
DHCP Snooping
DHCP snooping global configuration
- Enable/disable DHCP Snooping
Command:
- ip dhcp snooping
- no ip dhcp snooping
Mode: global configuration mode
Parameter: none
Description: Enable/disable DHCP Snooping function
Example:
Switch(config)# ip dhcp snooping
- Select VLAN
Command: ip dhcp snooping vlan VLAN-LIST
Mode: global configuration mode
Parameter:
Parameter | Description |
VLAN-LIST | VLAN, the value range is 1-4094 , it can be a single VLAN or multiple VLANs |
Description: Enable the DHCP snooping function on the specified VLAN
Example:
switch(config)# ip dhcp snooping vlan 1-100
- View DHCP Snooping
Command: show ip dhcp snooping
Mode: privileged EXEC mode
Parameter: none
Description: View DHCP snooping settings
Example:
switch # show ip dhcp snooping
DHCP Snooping: disabled
Enable on following Vlans : None
circuit-id default format: vlan-port
remote-id: : c0:74:ad:b9:3b:44 (Switch Mac in Byte Order)
Port configuration – DHCP Snooping
- Port trust mode
Command:
- ip dhcp snooping trust
- no ip dhcp snooping trust
Mode: interface configuration mode
Parameter: none
Description: Configure the trust mode of the port , the default is not trusted
Example:
Switch # configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# ip dhcp snooping trust
- Chaddr check
Command: ip dhcp snooping verify mac-address
Mode: interface configuration mode
Parameter: none
Description: Set to check whether the source MAC address of the reported DHCP message frame header is the same as the Chaddr field, which is disabled by default
Example:
switch(config)# interface Ethernet 1/0/1
switch(config-if)# ip dhcp snooping verify mac-address
- Port speed limit
Command:
- ip dhcp snooping rate-limit <1-300>
- no ip dhcp snooping rate-limit
Mode: interface configuration mode
Parameter:
Parameter | Description |
<1-300> | Limit rate, an integer ranging from 1 to 300 |
Description: Set the rate at which the port processes DHCP packets (pps) , the default is unlimited
Example:
switch(config)# interface Ethernet 1/0/1
switch(config-if)# ip dhcp snooping rate-limit 30
- View port configuration
Command: show ip dhcp snooping interfaces IF_PORTS
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
IF_PORTS | Designated interfaces , including Ethernet interfaces, optical interfaces, and aggregation interfaces |
Description: Check the DHCP snooping settings of the port
Example:
switch# show ip dhcp snooping interface Ethernet 1/0/1
Interfaces | Trust State | Rate (pps) | hwaddr Check | Insert Option82 |
-----------+-------------+------------+----------- ---+------------------+
eth1/0/1 | Untrusted | None | disabled | disabled |
- View DHCP snooping data
Command: show ip dhcp snooping interfaces IF_PORTS statistics
Mode: interface configuration mode
Parameter:
Parameter | Description |
IF_PORTS | Switch interfaces , including electrical ports, optical ports, and aggregation interfaces |
Description: View the DHCP snooping data of a specified interface
Example:
switch# show ip dhcp snooping interfaces Ethernet 1/0/1 statistics
switch# show ip dhcp snooping interfaces Ethernet 1/0/1 statistics
Interfaces | Forwarded | Chaddr Check Dropped | Untrust Port Dropped|Untrust Port With Option82 Dropped | InvalidDrop
-----------+-----------+----------------------+--- ------------------+------------------------------- ----+-------
eth1/0/1 | 0 | 0 | 0 | 0 | 0
- Clear DHCP snooping data
Command: clear ip dhcp snooping interfaces IF_PORTS statistics
Mode: interface configuration mode
Parameter:
Parameter | Description |
IF_PORTS | Switch interfaces , including electrical ports, optical ports, and aggregation interfaces |
Description: Clear the DHCP snooping data of the specified interface
Example:
switch# clear ip dhcp snooping interfaces Ethernet 1/0/1 statistics
switch# show ip dhcp snooping interfaces Ethernet 1/0/1 statistics
Interfaces | Forwarded | Chaddr Check Dropped | Untrust Port Dropped|Untrust Port With Option82 Dropped | InvalidDrop
----- ------+-----------+----------------------+--- ------------------+------------------------------- ----+-------
eth1/0/1 | 0 | 0 | 0 | 0 | 0
Configure Option 82
- Enable/disable option 82
Command:
- ip dhcp snooping option
- no ip dhcp snooping option
Mode: interface configuration mode
Parameter: none
Description: Set to enable/disable the Option 82 function on the specified interface
Example:
Switch # configure
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# ip dhcp snooping option
- Option 82 mode
Command: ip dhcp snooping option action (drop|keep|replace)
Mode: interface configuration mode
Parameter:
Parameter | Description |
drop | If the message contains Option 82, the message will be discarded directly |
keep | If the message contains Option 82, keep Option 82 in the message unchanged and forward it |
replace | If there is Option 82 in the message, replace the original Option 82 in the message and forward it |
Description: Set the processing of the message when the received message contains Option 82 , support discard, retain and replace, and discard by default
Example:
switch(config)# interface Ethernet 1/0/1
switch(config-if)# ip dhcp snooping option action replace
- Add/delete circuit ID
Command:
- ip dhcp snooping [vlan <1-4094>] option circuit-id STRING
- no ip dhcp snooping [vlan <1-4094>] option circuit-id
Mode: interface configuration mode
Parameter:
Parameter | Description |
vlan <1-4094> | VLAN , an integer ranging from 1 to 4094 |
STRING | Circuit ID value, up to 63 characters, “\?/, characters are not supported. |
Description: the custom Circuit ID of the specified interface
Example:
switch(config)# interface Ethernet 1/0/1
switch(config-if)# ip dhcp snooping vlan 1 option circuit-id test
- Add/Remove Remote ID
Command:
- ip dhcp snooping option remote-id STRING
- no ip dhcp snooping option remote-id
Mode: global configuration mode
Parameter:
Parameter | Description |
STRING | Remote ID value, up to 63 characters, “\?/, characters are not supported. |
Description: Set the remote ID of the switch, the default is the MAC address of the switch
Example:
switch(config)# ip dhcp snooping option remote-id test_remote
- View Remote ID
Command: do show ip dhcp snooping option remote-id
Mode: global configuration mode
Parameter: none
Description: View the remote ID of the switch
Example:
switch(config)# do show ip dhcp snooping option remote-id
Remote ID: test_remote
Configure database
- Save to flash
Command: ip dhcp snooping database flash
Mode: global configuration mode
Parameter: none
Description: Save DHCP Snooping to flash
Example:
Switch(config)# ip dhcp snooping database flash
- Save to TFTP server
Command: ip dhcp snooping database tftp (A.B.C.D|HOSTNAME)NAME
Mode: global configuration mode
Parameter:
Parameter | Description |
ABCD|HOSTNAME | IP address or hostname of the TFTP server |
name | saved to the TFTP server |
Description: Save DHCP Snooping to TFTP Server
Example:
Switch(config)# ip dhcp snooping database tftp 192.168.5.231 switch_backup
- The waiting time after configuring table entries to be updated
Command:
- ip dhcp snooping database write-delay <15-86400>
- no ip dhcp snooping database write-delay
Mode: global configuration mode
Parameter:
Parameter | Description |
<15-86400> | The waiting time after the DHCP snooping table is updated , the value range is an integer from 15 to 86400 , and the default is 300 seconds |
Description:
- Set the waiting period after DHCP snooping entries are updated
- no ip dhcp snooping databasewrite-delay: reset the waiting time to the default 300 seconds
Example:
switch(config)# ip dhcp snooping database write-delay 60
- Configure how long to retry write operations
Command:
- ip dhcp snooping database timeout <0-86400>
- no ip dhcp snooping database timeout
Mode: global configuration mode
Parameter:
Parameter | Description |
<0-86400> | DHCP Snooping table fails, the duration of the re-attempted write operation. The value range is an integer from 0 to 86400, and the default is 300 seconds. |
Description:
- Set the duration of retrying the write operation after the failed attempt to write the DHCP snooping table
- no ip dhcp snooping database timeout: reset the duration to the default 300 seconds
Example:
Switch(config)# ip dhcp snooping database timeout 600
- Viewing DHCP snooping entries
Command: show ip dhcp snooping database
Mode: privileged EXEC mode
Parameter: none
Description: Viewing DHCP Snooping Entries
Example:
switch# show ip dhcp snooping database
- Clear DHCP snooping entries
Command: clear ip dhcp snooping database statistics
Mode: privileged EXEC mode
Parameter: none
Description: Clearing DHCP Snooping Entries
Example:
switch# clear ip dhcp snooping database statistics
- Read DHCP snooping entries
Command: renew ip dhcp snooping database
Mode: privileged EXEC mode
Parameter: none
Description: Read DHCP Snooping entries from the saved database file
Example:
Switch# show ip dhcp snooping database
Type : None
FileName:
Write delay Timer : 300 seconds
Abort Timer : 300 seconds
Agent Running : None
Delay Timer Expiry : Not Running
Abort Timer Expiry : Not Running
Last Succeded Time : None
Last Failed Time : None
Last Failed Reason :
Total Attempts : 0
Successful Transfers : 0 Failed Transfers : 0
Successful Reads : 0 Failed Reads : 0
Successful Writes : 0 Failed Writes : 0
Switch# show ip dhcp snooping binding
Bind Table: Maximum Binding Entry Number 256
Port | VID | MAC Address | IP | Type |
-------+------+------------------+---------------- ------+------------+-----------
eth1/0/1|1|48:5B:39:C7:12:62|192.168.1.100(255.255.255.255)|DHCP Snooping|86400
- Display the binding entries learned by DHCP snooping
Command: show ip dhcp snooping binding
Mode: privileged EXEC mode
Parameter: none
Description: Display the binding entries learned by DHCP snooping
Example:
Switch# show ip dhcp snooping binding
Bind Table: Maximum Binding Entry Number 256
Port | VID | MAC Address | IP | Type |
-------+------+------------------+---------------- ------+------------+-----------
eth1/0/1|1|48:5B:39:C7:12:62|192.168.1.100(255.255.255.255)|DHCP Snooping|86400
MAINTENANCE
Upgrade
Configure the firmware upgrade method
Command: upgrade protocol [ http | https | tftp ]
Mode: global configuration mode
Parameter:
Parameter | Description |
http | via http protocol |
https | Upgrade via https protocol |
tftp | Upgrade via tftp protocol |
Description: Configure the firmware upgrade method, the default upgrade method is https.
Example:
Set the upgrade method to HTTP
Switch(config)# upgrade protocol http
Configure firmware server path
Command: upgrade server [ip v4 -addr|hostname|ip v6 -addr]
Mode: global configuration mode
Parameter:
Parameter | Description |
ip v4 -addr | Specify the firmware server IPv4 address |
hostname | Specify the firmware server host address |
ip v6 -addr | Specify the firmware server IPv6 address |
Description: Set the IP address or URL of the firmware (software) upgrade server, the default address is fm.grandstream.com/gs
Example:
Set the upgrade server address to fm.grandstream.com/gs
Switch(config)# upgrade server fm.grandstream.com/gs
Configure DHCP option upgrade
Command: upgrade dhcpoverride [disable | enable | enablefallback]
Mode: global configuration mode
Parameter:
Parameter | Description |
disable | Disable DHCP Option Upgrade |
enable | Enable DHCP Option upgrade |
enable fallback | Set the upgrade method of DHCP Option to be used first, fall back when it fails, and use the local firmware server address to upgrade |
Description: Set the DHCP Option upgrade method, the default is to enable DHCP Option upgrade.
Example:
Enable DHCP Option upgrade
Switch(config)# upgrade dhcpoverride enable
Configuration upgrade immediately
Command: upgrade [hostname]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
hostname | (Optional) Specify the firmware server address |
Description: firmware server address for immediate upgrade
Example:
Switch#upgrade
System: upgrade firmware. Do you want to upgrade now? (y/n)
Configuration appointment upgrade
Command:
- schedule use id {id} provision
- no schedule use provision
Mode: privileged EXEC mode
Parameter: none
Description:
- schedule use id {id} provision : Refer to the time policy for appointment upgrade.
- no schedule use provision : Close appointment upgrade.
Example:
Enable appointment escalation ( reference strategy 1 )
Switch # config
Switch(config)# schedule use id 1 provision
Close Appointment Upgrade
Switch)config)# no schedule use provision
View upgrade configuration
Command: show upgrade
Mode: privileged EXEC mode
Parameter: none
Description: View upgrade configuration
Example:
switch # show upgrade
Diagnosis
Log
- Configure global log on/off
Command:
- [no] logging [buffered | console | file]
- show logging
Mode: global configuration mode
Parameter:
Parameter | Description |
buffered | buffer logging |
console | Serial port print record |
file | file logging |
Description:
- [no] logging [buffered | console | file]: enable /disable the global log function
- By default, the global log function is enabled
Example:
Switch > enable
Switch# configure
Switch (config) # logging
Switch (config) # no logging
Switch# show logging
- Clear log
Command: clear logging [ buffered | file]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
buffered | buffer logging |
file | file logging |
Description: Clear log messages in RAM and FLASH
Example:
Switch > enable
Switch# clear logging buffered
Switch# clear logging file
- Configure logging level
Command: logging [buffered | console | file] [severity sev]
Mode: global configuration mode
Parameter:
Parameter | Description |
buffered | buffer logging |
console | Serial port print record |
file | file logging |
severity sev | Specify the log level, the value range is 0-7 |
Description: Configure the switch to record different levels of log information, including the following eight different levels of information:
- 0 : Emergency
- 1 : Alert
- 2 : Critical
- 3 : Error
- 4 : Warning
- 5 : Notice
- 6 : Information
- 7 : Debug
Example:
Switch(config)# logging buffered severity 7
Switch(config)# logging file severity 7
- Configure remote server
Command:
- logging host [ip-addr | hostname] [ facility facility] [ port port] [severity sev]
- no logging host [ip-addr | hostname]
Mode: global configuration mode
Parameter:
Parameter | Description |
ip-addr | Specifies the log server IPv4 address |
hostname | Specifies the URL of the log server |
facility | Specify the recording tool of the log server, there are 8 local 0-7 , the default is Local 7 |
port | Specify the port number of the log server, the value range is an integer from 1 to 65535 , and the default is 514 |
severity sev | Specify the minimum log level, a total of eight levels from 0 to 7 , respectively: • 0 : Emergency • 1 : Alert • 2 : Critical • 3 : Error • 4 : Warning • 5 : Notice • 6 : Information • 7 : Debug |
Description: Add remote log server.
Example:
Add the log server address as 1.2.3.4
Switch(config)# logging host 1.2.3.4
- View log configuration information
Command: show logging [buffered | file]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
buffered | buffer logging |
file | file logging |
Description: View log configuration information
Example:
Switch# show logging
Mirror image
Command:
- mirror Session Session-ID source interface {Ethernet|LAG} interfaced-id {both|rx|tx}
- mirror Session Session-ID destination interface Ethernet interfaced-id allow-ingress
- show mirror/show mirror session Session-ID
Mode: global configuration mode
Parameter:
Parameter | Description |
Session-ID | Mirroring group, value range <1-4> |
source | source port, mirrored port |
{Ethernet|LAG} interfaced-id | Switch port numbers, including Ethernet ports and aggregated interfaces |
destination | Destination port, monitored port |
both | Monitor data in and out of the source port |
rx | Monitor the data in the inbound direction of the source port |
tx | Monitor the outbound data of the source port |
allow-ingress | Allow receiving data from the destination port (monitoring port) |
Description:
• Use the no mirror session configuration command to turn off Mirror
• Use the no mirror session source configuration command to delete the Mirror source port
• Use the no mirror session destination configuration command to delete the Mirror destination port
Note: When configuring the destination port of the mirror, there is a parameter of allow-ingress. After this configuration, the port can receive the message of the connected device. In other words, after this configuration, the device connected to this port can communicate normally.
Example:
enter global mode
Switch # configure
Configure mirror source port
Switch(config)# mirror session 1 source interfaces Ethernet 1 /0/ 2 both
Configure mirror destination port
Switch(config)# mirror session 1 destination interface Ethernet 1/0/4 allow-ingress
Switch(config)# exit
View mirror entries
Switch # show mirror
delete mirror
Switch(config)# no mirror session 1
remove all mirrors
Switch(config)# no mirror session all
Delete mirror source port
Switch(config)# no mirror session 1 source interfaces Ethernet 1/0/2 both
delete mirror destination port
Switch(config)# no mirror session 1 destination interface Ethernet 1/0/4
Cable detection
Command: show cable-diag interfaces Ethernet interfaced-id
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
interfaced-id | port number, such as 1/0/1 |
Description: View cable tests for ports.
Example:
the cable detection result of port 1/0/1
Switch# show cable-diag interfaces Ethernet 1/0/1
Port | Speed | Local pair | Pair length |
--------+-------+------------+-------------+----- ----------
eth1/0/1 | auto | Pair A | 0.98 |
Pair B | 0.97 | Open
Pair C | 1.05 | Open
Pair D | 0.98 | Open
Backup and Restore
Backup and upload files
Command:
- copy [flash:// | tftp://] [flash:// | tftp://]
- copy tftp:// [backup-config | running-config |startup-config]
- copy [backup-config | running-config | startup-config]
- tftp://
- copy [backup-config | startup-config] running-config
- copy [backup-config | running-config] startup-config
- copy [running-config | startup-config] backup-config
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
flash:// | Specifies the file stored in flash |
tftp:// | Specify the file path under the remote tftp server, such as ” tftp://192.168.1.111/remote_file_name” |
backup-config | backup configuration |
running-config | run configuration |
startup-config | launch configuration |
Description: Backup or upload configuration files.
Example:
Switch# copy flash://dsa2 tftp://192.168.1.111/dsa2
Uploading file. Please Wait...
Uploading Done
Delete files
Command: delete [startrup-config | backup-config | flash://]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
flash:// | Specifies the file stored in flash |
startrup-config | launch configuration |
backup-config | backup configuration |
Description: Delete configuration files or files stored in flash.
Example:
delete backup configuration file
Switch# delete backup-config
Restore factory
Command: restore-defaults [ interfaces IF_PORTS ]
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Interfaces IF_PORTS | Specify the port to perform the factory reset operation |
Description: Restores factory defaults for all systems. This command is equivalent to delete startup-config
Example:
Switch#restore-defaults
Restore Default Success. Do you want to reboot now? (y/n)n
Save configuration
Command: save
Mode: privileged EXEC mode
Parameter: none
Description: Save the running configuration to the startup configuration file.
Example:
Switch # save
Success
SNMP
View SNMP configuration
Command: show snmp
Mode: privileged EXEC mode
Parameter: none
Description: View the status of Simple Network Management Protocol (SNMP)
Example:
Switch # show snmp
SNMP is enabled.
View SNMP community configuration
Command: show snmp community
Mode: privileged EXEC mode
Parameter: none
Description: View SNMP community configuration
Example:
Switch# show snmp community
Commnunity Name Group Name View Access
--------------- -- ---------------- --------- -------- ---
public all ro
Total Entries: 1
View SNMP engine ID configuration
Command: show snmp engineid
Mode: privileged EXEC mode
Parameter: none
Description:View the SNMPv3 engine ID defined on the switch
Example:
Switch# show snmp engineid
Local SNMPV3 Engine id: 80006a9203c074ad2202b1
IP address Remote SNMP engineID
------ ------ --- ----------------------------------- -
Total Entries: 0
View SNMP group configuration
Command: show snmp group
Mode: privileged EXEC mode
Parameter: none
Description: Check the configuration of the SNMP group
Example:
Switch# show snmp group
Group Name Model Level ReadView WriteView NotifyView
---------- ------ ------ -------- ---------- ---------- -
Total Entries: 0
View SNMP notification configuration
Command: show snmp host
Mode: privileged EXEC mode
Parameter: none
Description: View the configuration of SNMP notification
Example:
Switch# show snmp host
Server Community/User Name Notification Version Notification Type UDP Port Retries Timeout
-------- - ----------------------- ---------------------- ------------------- ------------ ----------- --------- - -
192.168.6.162 public v1 trap 162 -- --
Total Entries: 1
View SNMP trap configuration
Command: show snmp trap
Mode: privileged EXEC mode
Parameter: none
Description: View SNMP trap configuration
Example:
Switch# show snmp trap
SNMP auth failed trap : Enable
SNMP linkUpDown trap : Enable
SNMP cold-start trap : Enable
SNMP warm-start trap : Enable
View SNMP view configuration
Command: show snmp view
Mode: privileged EXEC mode
Parameter: none
Description: Check the configuration of the SNMP view
Example:
Switch# show snmp view
View Name Subtree OIDs OID Mask View Type
---------- -- ---------------- - - ------------ -------- - --
all .1 all included
Total Entries: 1
View SNMP user configuration
Command: show snmp user
Mode: privileged EXEC mode
Parameter: none
Description: View SNMP user configuration
Example:
Switch# show snmp user
Username: v3
Password: ***********
Privilege Mode: rw
Access GroupName: v3
Authentication Protocol: md5
Encryption Protocol: none
Access SecLevel: auth
Total Entries: 1
Configure SNMP
Command:
- snmp
- no snmp
Mode: global configuration mode
Parameter: none
Description: To enable SNMP on the switch, use the SNMP command in global configuration mode. Use the no form of the command to disable SNMP.
Example:
Enable SNMP function
Switch(config)# snmp
Configure SNMP community
Command:
- snmp community community-name [ view view-name] ( ro|rw )
- snmp community community-name group group-name
- no snmp community community-name
Mode: global configuration mode
Parameter:
Parameter | Description |
community-name | Group name, up to 32 characters, “\?/, characters are not supported. |
view view-name | referenced view name |
ro | set to read-only |
rw | set to read-write |
group group-name | referenced group name |
Description: Define SNMP communities that allow access to SNMP v1 and v2
Example:
community named private that references all view and is read-only
Switch(config)# snmp community private ro
Configure SNMP engine ID
Command: snmp engineid [ default |ENGINEID]
Mode: global configuration mode
Parameter:
Parameter | Description |
default | Default local engine ID |
ENGINEID | Set the local engine ID, in hexadecimal form of 2-56 characters, and the number of digits must be an integer |
Description: Define SNMP local engine
Example:
Switch(config)# snmp engineid 00036D001122
Configure SNMP remote engine ID
Command:
- snmp engineid remote [ip-addr|ipv6-addr] ENGINEID
- no snmp engineid remote [ip-addr|ipv6-addr]
Mode: global configuration mode
Parameter:
Parameter | Description |
ENGINEID | Remote engine ID, 10-64 characters in hexadecimal form, and the number of digits must be even |
ip-addr | Server IPv4 address |
Ipv6-addr | Server IPv6 address |
Description:
- snmp engineid remote [ ip-addr|ipv6-addr ] ENGINEID : Define the remote host of the SNMP engine
- no snmp engineid remote [ip-addr|ipv6-addr] : Remove remote host from SNMP engine.
Example:
Switch(config)# snmp engineid remote 192.168.1.11 00036D10000A
Configure SNMP group
Command:
- snmp group group-name (1|2c|3) (noauth|auth|priv) read-view read-view write-view write-view [ notify-view notify-view ]
- no snmp group group-name security-mode version (1|2c|3)
Mode: global configuration mode
Parameter:
Parameter | Description |
group-name | Group name, up to 32 characters, “\?/, characters are not supported. |
(1|2c|3) | SNMP version |
noauth | no authentication no encryption |
auth | Authentication only without encryption |
private | Both authentication and encryption |
read-view read-view | read-only view name |
write-view write-view | Read and write view names |
notify-view notify-view | notification view name |
Description:
- snmp group group-name (1|2c|3) ( noauth|auth|priv ) read-view read-view write-view write-view [ notify-view notify-view ] : define SNMP group
- no snmp group group-name security-mode version (1|2c|3) : delete the configuration
Example:
Switch(config)# snmp group v3 version 3 auth read-view all write-view all notify-view all
Configure SNMP notification
Command:
- snmp host (ip-addr|ipv6-addr|hostmane) [ traps|informs ] [ version (1|2c) ] community-name [ udp-port udp-port] [ timeout timeout] [ retries retries]
- snmp host (ip-addr|ipv6-addr|hostmane) [ traps|informs ] version 3 [ (auth|noauth|priv) ] community-name [ udp-port udp-port] [ timeout timeout] [ retries retries]
- no snmp host (ip-addr|ipv6-addr|hostmane) [ traps|informs ] [ version (1|2c|3) ]
Mode: global configuration mode
Parameter:
Parameter | Description |
ip-addr | Server IPv4 address |
ipv6-addr | Server IPv6 address |
hostmane | server hostname |
traps | notification type is traps |
informs | notification type is informs |
version (1|2c|3) | Notified SNMP version |
noauth | no authentication no encryption |
auth | Authentication only without encryption |
private | Both authentication and encryption |
community-name | The community name under which notifications are sent |
udp-port | UDP port number |
timeout timeout | v 2 c notification timeout , the value range is an integer from 1 to 300 , the default is 15 seconds |
retries retries | The maximum number of retransmissions for v 2 c notifications , an integer ranging from 1 to 255 , defaulting to 3 times |
Description:
- The snmp host command defines SNMP notifications
- no snmp host delete notification configuration
Example:
Switch(config)# snmp host 192.168.1.11 private
Configure SNMP traps
Command:
- snmp trap (auth|cold-start|linkUpDown|warm-start)
- no snmp trap (auth|cold-start|linkUpDown|warm-start)
Mode: global configuration mode
Parameter:
Parameter | Description |
auth | Set authentication failure trap |
cold-start | Set cold start trap |
linkUpDown | Set port up/down trap |
warm-start | Set hot start trap |
Description:
- snmp trap command defines SNMP trap
- no snmp trap delete trap configuration
Example:
Switch(config)# no snmp trap linkUpDown
Switch(config)# snmp trap linkUpDown
Configure SNMP user
Command:
- snmp user username group-name [ auth (md5|sha) AUTHPASSWD]
- snmp user username group-name auth (md5|sha) AUTHPASSWD priv PRIVPASSWD
- no snmp user username
Mode: global configuration mode
Parameter:
Parameter | Description |
username | SNMP username, up to 32 characters, “\?/, characters are not supported. |
group-name | referenced v3 group name |
auth md5 | MD5 authentication method |
auth sha | SHA authentication method |
AUTHPASSWD | authentication password |
priv PRIVPASSWD | encrypted password |
Description:
- snmp user command defines an SNMP user
- no snmp user command deletes user configuration
Example:
Switch(config)# snmp user v3 v3 auth md5 12345678
Configure SNMP view
Command:
- snmp view view-name subtree oid-tree oid-mask (all|oid-mask) viewtype (included|excluded)
- no snmp view view-name subtree (all|oid-tree)
Mode: global configuration mode
Parameter:
Parameter | Description |
view-name | view name, up to 32 characters, “\?/, characters are not supported. |
subtree oid-tree | view subtree |
oid-mask (all|oid-mask) | subtree mask |
viewtype ( included|excluded ) | Include or exclude selected MIBs from the view |
Description: Use the command SNMP view to define the SNMP view; use the no command to delete the configuration
Example:
Switch(config)# snmp view private subtree 1.3.3.1 oid-mask all viewtype included
RMON
Configure RMON events
Command:
- rmon event <1-65535> [log] [trap COMMUNITY] [description DESCRIPTION] [owner NAME]
- no rmon event <1-65535>
Mode: global configuration mode
Parameter:
Parameter | Description |
<1-65535> | event ID |
log | The event type is log |
trap COMMUNITY | The event type is trap |
description DESCRIPTION | Event description, up to 32 characters, “\?/, characters are not supported. |
owner NAME | The owner of the event, up to 32 characters, “\?/, characters are not supported. |
Description:
- rmon event command adds or modifies rmon evnet entries
- no rmon event command to delete events can be viewed through the show rmon event command
Example:
switch(config)# rmon event 1 log trap public description test owner admin
switch(config)# show rmon event 1
Rmon Event Index 1
Rmon Event Type : Log and Trap
Rmon Event Community :
public Rmon Event Description : test
Rmon Event Last Sent :
Rmon Event Owner : admin
Configuring RMON alarm
Command:
- rmon alarm <1-65535> interface IF_PORT (drop-events|octets|pkts|broadcast-pkts|multicast-pkts|crc-align-errors|undersize-pkts|oversize-pkts|fragments|jabbers|collisions |pkts64octets|pkts65to127octets| pkts128to255octets|pkts256to511octets|pkts512to1023octets |pkts1024to1518octets) <1-2147483647> (absolute|delta) rising <0-2147483647> <0-65535> falling <0-2147483647> <0-65535> startup (rising|rising-falling|falling) [owner NAME]
- no rmon alarm <1-65535>
Mode: global configuration mode
Parameter:
Parameter | Description |
<1-65535> | event ID |
IF_PORT | Specify the sampling port |
<1-2147483647> | sampling interval |
absolute|delta | Specify the sampling method, including absolute sampling and incremental sampling |
<0-2147483647> | Specify thresholds to trigger rising or falling alarms |
<0-65535> | Specify the event to be executed when the rising or falling alarm is triggered |
rising|rising-falling|falling | Specifies the rising or falling mode of the start event |
owner NAME | (Optional) Specifies the owner of the alarm. The maximum length is 32 characters, “\?/, characters are not supported. |
Description:
- The rmon alarm command adds or modifies rmon alarm entries. Before adding an alarm entry, at least one event entry must be added.
- no rmon alarm command to delete.
- The settings can be verified by the show rmon alarm command
Example:
switch(config)# rmon event 1 log
switch(config)# rmon event 2 log
Switch(config)# rmon alarm 1 interface eth1/0/1 pkts 300 delta rising 10000 1 falling 100 1 startup rising-falling owner admin
Rmon Alarm Index 1
Rmon Alarm Sample Interval 300
Rmon Alarm Sample Interface : eth1/0/1
Rmon Alarm Sample Variable : Pkts
Rmon Alarm Sample Type : delta
Rmon Alarm Type : Rising or Falling
Rmon Alarm Rising Threshold : 10000
Rmon Alarm Rising Event 1
Rmon Alarm Falling Threshold 100
Rmon Alarm Falling Event 1
Rmon Alarm Owner : admin
Configure RMON history
Command:
- rmon history <1-65535> interface IF_PORT [buckets <1-65535>] [interval <1-3600>] [owner NAME]
- no rmon history <1-65535>
Mode: global configuration mode
Parameter:
Parameter | Description |
<1-65535> | history table ID |
IF_PORT | Specify the sampling port |
buckets <1-65535> | (Optional) Specify the maximum number of samples |
interval <1-3600> | (Optional) specify the sampling interval |
owner NAME | (Optional) Specifies the owner of the history table. The maximum length is 32 characters, “\?/, characters are not supported. |
Description:
- rmon history command adds or modifies rmon history entries.
- no rmon history command to delete.
- The settings can be verified with the show rmon history command.
Example:
switch(config)# rmon history 1 interface eth1/0/1 interval 60 owner admin
switch(config)# show rmon history 1
Rmon History Index 1
Rmon Collection Interface: eth1/0/1
Rmon History Bucket 50
Rmon history Interval 60
Rmon History Owner : admin
Clear RMON statistics
Command: clear rmon interfaces IF_PORTS statistics
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
IF_PORTS | Specifies the interface for clearing statistics |
Description:
- Clear the statistics recorded on the specified interface.
- You can verify the result with the show rmon interface statistics command.
Example:
switch# clear rmon interfaces eth1/0/1 statistics
switch# show rmon interfaces eth1/0/1 statistics
==== Port eth1/0/1 ================================
etherStatsDropEvents 0
etherStatsOctets0
etherStatsPkts0
etherStatsBroadcastPkts0
etherStatsMulticastPkts0
etherStatsCRCAlignErrors 0
etherStatsUnderSizePkts0
etherStatsOverSizePkts0
etherStatsFragments 0
etherStatsJabbers0
etherStatsCollisions0
etherStatsPkts64Octets0
etherStatsPkts65to127Octets0
etherStatsPkts128to255Octets 0
etherStatsPkts256to511Octets 0
etherStatsPkts512to1023Octets 0
etherStatsPkts1024to1518Octets 0
View RMON statistics
Command: show rmon interfaces IF_PORT statistics
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
IF_PORT | specified port |
Description: Use the show rmon interfaces statistics command to display interface statistics
Example:
switch# show rmon interfaces eth1/0/8 statistics
==== Port eth1/0/8 ================================
etherStatsDropEvents : 0
etherStatsOctets : 0
etherStatsPkts : 0
etherStatsBroadcastPkts : 0
etherStatsMulticastPkts : 0
etherStatsCRCAlignErrors : 0
etherStatsUnderSizePkts : 0
etherStatsOverSizePkts : 0
etherStatsFragments : 0
etherStatsJabbers : 0
etherStatsCollisions : 0
etherStatsPkts64Octets : 0
etherStatsPkts65to127Octets : 0
etherStatsPkts128to255Octets : 0
etherStatsPkts256to511Octets : 0
etherStatsPkts512to1023Octets : 0
etherStatsPkts1024to1518Octets : 0
View RMON events
Command: show rmon event (<1-65535> | all)
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
<1-65535> | event ID |
all | all existing events |
Description: Run the show rmon event command to display existing RMON event entries.
Example:
switch(config)# rmon event 1 log trap public description test owner admin
switch(config)# show rmon event 1
Rmon Event Index 1
Rmon Event Type : Log and Trap
Rmon Event Community : public
Rmon Event Description : test
Rmon Event Last Sent :
Rmon Event Owner : admin
View the logs of RMON events
Command: show rmon event <1-65535> log
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
<1-65535> | event log id |
Description: Use the show rmon event command to display logs triggered by RMON alarms.
Example:
switch(config)# show rmon event 1 log
==================================================== =====
Index 1
Alarm Index 1
Action : Startup Falling
Time : (32918334) 3 days, 19:26:23.34
Description : fa1.Pkts=0 <= 100
View RMON alarms
Command: show rmon alarm (<1-65535> | all)
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
<1-65535> | Alarm ID |
all | all existing warnings |
Description: show rmon alarm command to display RMON alarm entries
Example:
Switch(config)# rmon alarm 1 interface eth1/0/1 pkts 300 delta rising 10000 1 falling 100 1 startup rising-falling owner admin
Rmon Alarm Index 1
Rmon Alarm Sample Interval 300
Rmon Alarm Sample Interface : eth1/0/1
Rmon Alarm Sample Variable : Pkts
Rmon Alarm Sample Type : delta
Rmon Alarm Type : Rising or Falling
Rmon Alarm Rising Threshold : 10000
Rmon Alarm Rising Event 1
Rmon Alarm Falling Threshold 100
Rmon Alarm Falling Event 1
Rmon Alarm Owner : admin
View RMON history group
Command: show rmon history (<1-65535> | all)
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
<1-65535> | history group id |
all | all existing history groups |
Description: Use show rmon history command to display the entries of the RMON history group
Example:
switch(config)# rmon history 1 interface eth1/0/1 interval 30 owner admin
switch(config)# show rmon history 1
Rmon History Index 1
Rmon Collection Interface: eth1/0/1
Rmon History Bucket 50
Rmon history Interval 30
Rmon History Owner : admin
View RMON history group statistics
Command: show rmon history <1-65535> statistic
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
<1-65535> | History group statistics table ID |
Description: show rmon history command to display the statistical data of the RMON historical group
Example:
switch(config)# show rmon history 1 statistics
==================================================== =====
Sample Index 2
Interval Start : (32940466) 3 days, 19:30:04.66
DropEvents 0
Octets : 117226
Pkts 763
Broadcast Pkts 9
MulticastPkts 0
CRCAlignErrors 0
UnderSizePkts0
OverSizePkts0
Fragments 0
Jabbers 0
Collisions 0
Utilization 1
==================================================== =====
Sample Index 1
Interval Start : (32939462) 3 days, 19:29:54.62
DropEvents 0
Octets 220
Pkts 3
BroadcastPkts 1
MulticastPkts 0
CRCAlignErrors 0
UnderSizePkts0
OverSizePkts0
Fragments 0
Jabbers 0
Collisions 0
Utilization 0
LLDP
LLDP global configuration
- Enable/disable LLDP
Command:
- lldp
- no lldp
Mode: global configuration mode
Parameter: none
Description: Enable/disable LLDP
Example:
Enable the global LLDP function
Switch (config)# lldp
- TLV sending interval
Command: lldp tx-interval <5-32767>
Mode: global configuration mode
Parameter:
Parameter | Description |
<5-32767> | sending LLDP packets , the value range is an integer from 5 to 32767 , and the default is 30 seconds |
Description: Set TLV sending interval
Example:
Globally set the TLV interval to 30 seconds
Switch(config)# lldp tx-interval 30
- TTL multiplier
Command: lldp holdtime-multiplier <2-10>
Mode: global configuration mode
Parameter:
Parameter | Description |
<2-10> | The value of the TTL field of LLDPDU time to live, the value range is an integer from 2 to 10 , and the default is 4 |
Description: Set TTL multiplier
Example:
Globally set the TTL multiplier to 2 seconds
Switch(config)# lldp holdtime-multiplier 2
- Port initialization delay time
Command: lldp reinit-delay <1-10>
Mode: global configuration mode
Parameter:
Parameter | Description |
<1-10> | LLDP initialization, the value range is an integer from 1 to 10 , the default is 2 seconds |
Description: Set port initialization delay time
Example:
Globally set the port initialization delay time to 10 seconds
Switch(config)# lldp reinit-delay 10
- LLDPDU sending delay time
Command: lldp tx-delay <1-8191>
Mode: global configuration mode
Parameter:
Parameter | Description |
<1-8191> | Send LLDPDU sending delay time, the value range is an integer from 1 to 8191 , the default is 2 seconds |
Description: Set LLDPDU sending delay time
Example:
Globally set the LLDPDU sending delay time to 30 seconds
Switch(config)# lldp tx-delay 30
- LLDP processing
Command: lldp lldpdu {bridging/filtering/flooding}
Mode: global configuration mode
Parameter:
Parameter | Description |
bridging | Bridging , the LLDP packet received by the switch is directly forwarded to the port of the same VLAN domain except the ingress |
filtering | Filtering , the LLDP packets received by the switch will not be forwarded to the downstream device, and will be discarded directly |
flooding | Flooding , the LLDP packets received by the switch are directly forwarded to ports other than the ingress, regardless of VLAN |
Description: When LLDP is disabled, set the processing of LLDP packets.
Example:
When lldp is disabled globally, set the flood operation when receiving lldp packets
Switch (config)# no lldp
switch(config)# lldp lldpdu flooding
- View LLDP configuration and port information
Command: show lldp
Mode: privileged EXEC mode
Parameter: none
Description: View global LLDP configuration and port information
Example:
View LLDP global information and port information
Switch # show lldp
State: Enabled
Timer: 30 Seconds
Hold multiplier: 4
Reinit delay: 2 Seconds
Tx delay: 2 Seconds
LLDP packet handling: Flooding
Port | State | Optional TLVs | Address
-------- + ------ + -------------- + --------
eth1/0/1 | RX,TX | |192.168.80.202
eth1/0/2 | RX,TX | |192.168.80.202
eth1/0/3 | RX,TX | |192.168.80.202
eth1/0/4 | RX,TX | |192.168.80.202
eth1/0/5 | RX,TX | |192.168.80.202
eth1/0/6 | RX,TX | |192.168.80.202
eth1/0/7 | RX,TX | |192.168.80.202
eth1/0/8 | RX,TX | |192.168.80.202
eth1/0/9 | RX,TX | |192.168.80.202
eth1/0/10 | RX,TX | |192.168.80.202
Port ID: eth1/0/1
802.3 optional TLVs:
802.1 optional TLVs
PVID: Enabled
--More--
LLDP port setting
- The working mode is to send
Command: LLDP tx
Mode: interface configuration mode
Parameter: none
Description: Set the working mode of the specified interface to send
Example:
Set the working mode on the port to send
Switch(config-if)# lldp tx
- The working mode is receiving
Command: LLDP rx
Mode: interface configuration mode
Parameter: none
Description: Set the working mode of the specified interface to receive
Example:
Set the working mode on the port to receive
Switch(config-if)# lldp rx
- The working mode is sending and receiving
Command:
- LLDP tx
- LLDP rx
Mode: interface configuration mode
Parameter: none
Description: Set the working mode of the specified interface to send and receive
Example:
Set the working mode on the port to send and receive
Switch(config-if)# lldp tx
Switch(config-if)# lldp rx
- Working mode is disabled
Command:
- no lldp tx
- no lldp rx
Mode: interface configuration mode
Parameter: none
Description: Set the working mode of the specified interface to disabled.
Example:
Set the working mode on the port to disabled
Switch(config-if)# no lldp tx
Switch(config-if)# no lldp rx
- TLV selection
Command:
- lldp tlv-select TLV{port-desc/sys-name/sys-desc/sys-cap/mac-phy/lag/max-frame-size/management-addr}
- lldp tlv-select pvid(disable|enable)
- lldp tlv-select vlan-name (add|remove) VLAN-LIST
Mode: interface configuration mode
Parameter:
Parameter | Description |
TLV{port- desc/sys- name/sys- desc/sys- cap/mac- phy/lag/max- frame-size/management-addr} | Select the specified TLV, including port description TLV, system name TLV , system description TLV, system function TLV, MAC / PHY TLV , link aggregation TLV, maximum frame size TLV, management address TLV |
(disable|enable) | Enable/disable PVID TLV |
(add|remove) | Add /delete VLAN in VLAN name TLV |
VLAN-LIST | VLAN Name TLV Added /Deleted VLAN |
Description: Set the TLV of the specified interface
Example:
TLVs on ports 1, 2, and 3 are port description TLV, system name TLV, PVID TLV, and VLAN name TLV with added VLAN name 1
Switch(config)# interface range eth1/0/1-eth1/0/3
Switch(config-if)# lldp tlv-select port-desc sys-name
Switch(config-if)# lldp tlv-select pvid enable
Switch(config-if)# lldp tlv-select vlan-name add 1
- View port LLDP configuration information
Command: show lldp interfaces Ethernet xx
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Ethernet xx | Port ID |
Description: View the LLDP configuration information of a specified port
Example:
Check port 1 information
Switch# show lldp interface Ethernet 1/0/1
State: Enabled
Timer: 30 Seconds
Hold multiplier: 4
Reinit delay: 2 Seconds
Tx delay: 2 Seconds
LLDP packet handling: Flooding
Port | State | Optional TLVs | Address
-------- + ------ + -------------- + --------
eth1/0/1 | RX,TX | |192.168.80.202
Port ID: eth1/0/1
802.3 optional TLVs:
802.1 optional TLVs
PVID: Enabled
LLDP MED global configuration
- Number of fast packets
Command: lldp med fast-start-repeat-count <1-10>
Mode: global configuration mode
Parameter:
Parameter | Description |
<1-10> | of LLDPDU packets containing LLDP-MED, an integer ranging from 1 to 10 , the default is 3 |
Description: Set the number of fast packets
Example:
Set the number of fast packets to 10
Switch(config)# lldp med fast-start-repeat-count 10
- Add/remove network policies
Command:
- lldp med network-policy <1-32> app(voice|voice-signaling|guest-voice|guest-voice-signaling|softphone-voice|video-conferencing|streaming-video|video-signaling) vlan <0-4095> vlan-type (tag|untag) priority <0-7> dscp <0-63>
- no lldp med network-policy <1-32>
Mode: global configuration mode
Parameter:
Parameter | Description |
<1-32 > | Network Policy ID |
app(voice|voice-signaling|guest-voice|guest-voice-signaling|softphone-voice|video-conferencing|streaming-video|video-signaling) | Network policy application types, including Voice, Voice Signaling, Guest Voice, Guest Voice Signaling, Softphone Voice, Video Conferencing, Streaming Video, and Video Signaling |
<0-4095> | Specify Voice VLAN ID |
(tag|untag) | VLAN tag type |
<0-7> | CoS priority |
<0-63> | DSC P Priority |
Description: Add/Remove Network Policies
Example:
Set a voice network policy, tag it with VLAN 10, set the Co S priority to 7, and set the DSCP priority to 56
Switch(config)# lldp med network-policy 1 app voice vlan 10 vlan-type tag priority 7 dscp 56
Delete the policy whose network policy ID is 1
Switch(config)# no lldp med network-policy 1
- Enable/disable automatic voice network policy
Command:
- lldp med network-policy voice-auto
- no lldp med network-policy voice-auto
Mode: global configuration mode
Parameter: none
Description: Enable/disable automatic voice network policy
Example:
Enable automatic voice network policy
Switch(config)# lldp med network-policy voice-auto
- View LLDP-MED configuration information
Command: show lldp med
Mode: privileged EXEC mode
Parameter: none
Description: View LLDP MED configuration information
Example:
View LLDP MED information
Switch #show lldp med
Fast Start Repeat Count: 3
Network policy 1
-------------------
Application type: Voice
VLAN ID: 222 tagged
Layer 2 priority: 0
DSCP: 0
Network policy 2
-------------------
Application type: Voice
VLAN ID: 2 tagged
Layer 2 priority: 0
DSCP: 0
Port | Capabilities | Network Policy | Location | Inventory | PoE PSE
------ + ------------ + -------------- + -------- + ------ --- + -------
eth1/0/1 | Yes | No | No | No | N/A
eth1/0/2 | Yes | No | No | No | N/A
eth1/0/3 | Yes | No | No | No | N/A
eth1/0/4 | Yes | No | No | No | N/A
eth1/0/5 | Yes | No | No | No | N/A
eth1/0/6 | Yes | No | No | No | N/A
eth1/0/7 | Yes | No | No | No | N/A
--More--
LLDP MED port setting
- Enable/disable LLDP-MED
Command:
- no lldp med
- lldp med
Mode: interface configuration mode
Parameter: none
Description: Enable/disable the LLDP-MED function of the specified interface
Example:
Enable the LLDP-MED function of port 1 and disable the lLDP-MED function of port 2
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# lldp med
Switch(config)# interface Ethernet 1/0/2
Switch(config-if)# no lldp med
- MED TLV selection
Command:
- lldp med tlv-select MEDTLV{network-policy/location/inventory/poe-pse}
- no lldp med tlv-select
Mode: interface configuration mode
Parameter:
Parameter | Description |
MEDTLV{network-policy/location/inventory/poe-pse} | Select to specify MED TLV, including Network Policy TLV, Location TLV, Asset Inventory TLV and PoE-PSE TLV |
Description: Select /delete the MED TLV of the specified interface
Example:
Specify the TLV sent by port 2 as location, inventory, and network policy information
Switch(config)# interface eth1/0/2
Switch(config-if)# lldp med tlv-select location inventory network-policy
Cancel the TLV sent by port 2
Switch(config-if)#no lldp med tlv-select
- Add/remove location information
Command:
- lldp med location (coordination|civic-address|ecs-elin) ADDR
- no lldp med location(coordination|civic-address|ecs-elin)
Mode: interface configuration mode
Parameter:
Parameter | Description |
coordination | Position coordinates , 16 pairs of hexadecimal |
civic-address | City address , 6-16 pairs of hexadecimal |
ecs-elin | Emergency phone number , 10 -25 pairs of hexadecimal |
ADDR | Specifies the location information data format |
Description: Add/delete LLDP MED location information
Example:
the location information of port 1
Switch(config)# interface Ethernet 1/0/1
Switch(config-if)# lldp med location coordinate
112233445566778899AABBCCDDEEFF00
Switch(config-if)# lldp med location civic-address
112233445566
Switch(config-if)# lldp med location ecs-elin
112233445566778899AA
- Add/remove network policy information
Command: lldp med network-policy (add|remove) <1-32>
Mode: interface configuration mode
Parameter:
Parameter | Description |
add | Add a binding between a network policy and an interface |
remove | Delete the binding of a network policy to an interface |
< 1-32 > | Specifies the network policy ID |
Description: Add/remove network policy for specified interface
Example:
/ remove network policy with policy ID 1 to port binding
Switch(config-if)# lldp med network-policy add/remove 1
- View port LLDP-MED configuration information
Command: show lldp interfaces Ethernet xx med
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Ethernet xx | Specify port ID |
Description: View LLDP-MED configuration information on a specified port
Example:
View LLDP-MED configuration information on port 1
Switch# show lldp interfaces eth1/0/1 med
Port | Capabilities | Network Policy | Location |
Inventory
---- + ------------ + -------------- + -------- + ------
eth1/0/1 | Yes | Yes | Yes |
Yes
Port ID: eth1/0/1
Network policies: 1, 32
Location:
Coordinates: 112233445566778899AABBCCDDEEFF00
Civic-address: 112233445566
Ecs-elin: 112233445566778899AA
Information viewing and clearing
- View device local information
Command: show lldp local-device
Mode: privileged EXEC mode
Parameter: none
Description: View device local information
Example:
View device local information
Switch# show lldp local-device
LLDP Local Device Information:
Chassis Type : Mac Address
Chassis ID: C0:74:AD:B9:3B:44
System Name : Switch
System Description : GWN7801
System Capabilities Support : Bridge, Router
System Capabilities Enable : Bridge, Router
Management Address : 192.168.80.202(IPv4)
Management Address : fe80::c274:adff:feb9:3b44(IPv6)
- View port local information
Command: show lldp interfaces Ethernet xx local-device
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Ethernet xx | Specify port ID |
Description: View the local information of the specified port
Example:
Check the local information of port 1
Switch121212(config)# show lldp interfaces eth1/0/1 local-device
Device ID: 00:12:12:12:12:12
Port ID: eth1/0/1
System Name: Switch121212
Capabilities: Bridge
System description:
Port description:
Management address: 192.168.1.254
Time To Live: 120
802.3 MAC/PHY Configur/Status
Auto-negotiation support: Supported
Auto-negotiation status: Enabled
Auto-negotiation Advertised Capabilities: 10BASE-T half
duplex, 10BASE-T full duplex, 100BASE-TX half duplex,
100BASE-TX full duplex
Operational MAU type: Other or unknown
802.3 Link Aggregation
Aggregation capability: Capable of being aggregated
Aggregation status: Not currently in aggregation
Aggregation port ID: 0
802.3 Maximum Frame Size: 1522
802.1 PVID: 1
LLDP-MED capabilities: Capabilities, Network Policy, Location,
Extended PSE, Inventory
LLDP-MED Device type: Network Connectivity
LLDP-MED Network policy
Application type: Voice Signaling
Flags: Unknown Policy
VLAN ID: 2
Layer 2 priority: 3
DSCP: 4
LLDP-MED Network policy
Application type: Conferencing
Flags: Unknown Policy
VLAN ID: 5
Layer 2 priority: 1
DSCP: 63
Hardware revision: 1123
Firmware revision: 2.5.0-beta.32801
Software revision: 2.5.0-beta.32801
Serial number: abc
Manufacturer Name:
Model name: RTL8328-24FE-4GE
Asset ID:
LLDP-MED Location
Coordinates: 11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:00
Civic-address: 11:22:33:44:55:66
Ecs-elin: 11:22:33:44:55:66:77:88:99:AA
- View neighbor information
Command:
- show lldp neighbor
- show lldp interfaces Ethernet xx neighbor
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Ethernet xx | Specify port ID |
Description:
- View Device Neighborhood Information
- View the neighbor information of a specified port
Example:
View Device Neighborhood Information
Switch# show lldp neighbor
Port | Device ID | Port ID | SysName
| Capabilities | TTL
---- + ----------------- + ---------------- + ---------- -----
-- + -------------- + -----
eth1/0/3 | 00:12:12:12:12:12 | eth1/0/1 |
Switch121212 | Bridge | 111
eth1/0/1 | TREEBASE |00:1A:4D:26:EB:E8 |
TREEBASE | Station Only | 33
Check the neighbor information of port 3
Switch# show lldp interface Ethernet 1/0/3 neighbor
Device ID: 00:12:12:12:12:12
Port ID: eth1/0/1
System Name: Switch121212
Capabilities: Bridge
System description:
Port description:
Management address: 192.168.1.254
Time To Live: 98
802.3 MAC/PHY Configur/Status
Auto-negotiation support: Supported
Auto-negotiation status: Enabled
Auto-negotiation Advertised Capabilities: 10BASE-T half
duplex, 10BASE-T full duplex, 100BASE-TX half duplex,
100BASE-TX full duplex
Operational MAU type: 100BASE-TX full duplex mode
802.3 Link Aggregation
Aggregation capability: Capable of being aggregated
Aggregation status: Not currently in aggregation
Aggregation port ID: 0
802.3 Maximum Frame Size: 1522
802.1 PVID: 1
LLDP-MED capabilities: Capabilities, Network Policy, Location,
Extended PSE, Inventory
LLDP-MED Device type: Network Connectivity
LLDP-MED Network policy
Application type: Voice Signaling
Flags: Unknown Policy
VLAN ID: 2
Layer 2 priority: 3
DSCP: 4
LLDP-MED Network policy
Application type: Conferencing
Flags: Unknown Policy
VLAN ID: 5
Layer 2 priority: 1
DSCP: 63
LLDP-MED Power over Ethernet
Device Type: Power Sourcing Entity
Power Source: Primary Power Source
Power priority: Low
Power value: 13.0 Watts
Hardware revision: 1123
Firmware revision: 2.5.0-beta.32801
Software revision: 2.5.0-beta.32801
Serial number: abc
Manufacturer Name:
Model name: RTL8328-24FE-4GE
Asset ID:
LLDP-MED Location
Coordinates: 11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:00
Civic-address: 11:22:33:44:55:66
Ecs-elin: 11:22:33:44:55:66:77:88:99:AA
- View LLDP statistics
Command:
- show lldp statistics
- show lldp interfaces Ethernet xx statistics
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Ethernet xx | Specify port ID |
Description:
- View LLDP statistics
- View LLDP statistics on a specified port
Example:
View LLDP statistics
LLDP Global Statistics:
Insertions: 0
Deletions: 0
Drops: 0
Age Outs : 0
| TX Frames | RX Frames | RX TLVs | RX Ageouts
Total | Total | Discarded | Errors | Discarded | Unrecognized | Total
--------+----------+-------+-----------+-------+ -----------+--------------+----------
eth1/0/1 | 0 | 0 | 0 | 0 | 0 | 0 | 0
eth1/0/2 | 5537 | 0 | 0 | 0 | 0 | 0 | 0
eth1/0/3 | 0 | 0 | 0 | 0 | 0 | 0 | 0
eth1/0/4 | 0 | 0 | 0 | 0 | 0 | 0 | 0
eth1/0/5 | 0 | 0 | 0 | 0 | 0 | 0 | 0
eth1/0/6 | 0 | 0 | 0 | 0 | 0 | 0 | 0
eth1/0/7 | 0 | 0 | 0 | 0 | 0 | 0 | 0
eth1/0/8 | 0 | 0 | 0 | 0 | 0 | 0 | 0
eth1/0/9 | 0 | 0 | 0 | 0 | 0 | 0 | 0
eth1/0/10 | 0 | 0 | 0 | 0 | 0 | 0 | 0
View LLDP statistics on port 1
Switch# show lldp interface Ethernet 1/0/1 statistics
LLDP Port Statistics:
| TX Frames | RX Frames | RX TLVs | RX Ageouts
Total | Total | Discarded | Errors | Discarded | Unrecognized | Total
--------+----------+-------+-----------+-------+ -----------+--------------+----------
Eth1/0/1 | 0 | 0 | 0 | 0 | 0 | 0 | 0
- Whether the port TLV is overloaded
Command: show lldp interfaces Ethernet xx tlvs-overloading
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Ethernet xx | Specify port ID |
Description: Check whether the TLV of the specified port is overloaded
Example:
Check whether the TLV of port 1 is overloaded
Switch# show lldp interface Ethernet 1/0/1 statistics
LLDP Port Statistics:
| TX Frames | RX Frames | RX TLVs | RX Ageouts
Total | Total | Discarded | Errors | Discarded | Unrecognized | Total
--------+----------+-------+-----------+-------+ -----------+--------------+----------
eth1/0/1 | 0 | 0 | 0 | 0 | 0 | 0 | 0
Switch#
Switch#
Switch# show lldp interface Ethernet tlvs-overloading
invalid port id
Switch# show lldp interface Ethernet 1/0/1 tlvs-overloading
eth1/0/1:
TLVs Group | Bytes | Status
---------------------------- + ------- + ------------- ---
Mandatory | 21 | Transmitted
LLDP-MED Capabilities | 9 | Transmitted
802.1 | 8 | Transmitted
Total: 38 bytes
Left: 1450 bytes
- Clear statistics
Command:
- clear lldp global statistics
- clear lldp interface Ethernet xx statistics
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Ethernet xx | Specify port ID |
Description:
- Clear global LLDP statistics
- Clear LLDP statistics on a specified port
Example:
Clear global LLDP statistics
Switch#clear lldp global statistics
Clear LLDP statistics on port 1
Switch#clear lldp interfaces Ethernet 1/0/1 statistics
EEE
Enable/disable 802.3 EEE
Command:
- lldp
- no lldp
Mode: global configuration mode
Parameter: none
Description: Enable/disable LLDP
Example:
Enable the global LLDP function
Switch (config)# lldp
SYSTEM
Basic Settings
Basic Setting
- Configure switch name
Command: system name WORD<1-64>
Mode: global configuration mode
Parameter:
Parameter | Description |
WORD<1-64> | Character range: 1-64, support letters, numbers and special characters (excluding “\?/,). If the string is empty, use “” to quote it. |
Description: Set switch name
Example:
Set the switch name to MySwitch and check
Switch # config
Switch(config)# system name MySwitch
MySw itch (config) # d o show info
System Name : MySwitch
System Location : Default
System Contact : Default
Device model : GWN7801
MAC Address : C0:74:AD:B9:3B:44
IP Address : 192.168.80.201
Subnet Mask : 255.255.255.0
Loader Version: 3.6.9.55156
Loader Date : Mar 17 2023 - 02:00:37
Firmware Version : 1.0.3.15
Firmware Date : Jan 12 2023 - 11:51:17
Hardware Version : V1.2A
PN Series number : 9640004612A
SN Series number : 20VXU28N90B93B44
System Object ID : 1.3.6.1.4.1.42379
System Up Time: 6 days, 18 hours, 51 mins, 3 secs
- Configure Switch Location
Command: system location LOCATION
Mode: global configuration mode
Parameter:
Parameter | Description |
LOCATION | Character range: 0-64, support letters, numbers and special characters (excluding “\?/,). If the string is empty, use “” to quote it. |
Description: Set switch location
Example:
Set the switch location to hangzhou and check
Switch # config
Switch(config)# system location Hangzhou
Switch(config)# do show info
System Name : Switch
System Location : hangzhou
System Contact : Default
Device model : GWN7801
MAC Address : C0:74:AD:B9:3B:44
IP Address : 192.168.80.201
Subnet Mask : 255.255.255.0
Loader Version: 3.6.9.55156
Loader Date : Mar 17 2023 - 02:00:37
Firmware Version : 1.0.3.15
Firmware Date : Jan 12 2023 - 11:51:17
Hardware Version : V1.2A
PN Series number : 9640004612A
SN Series number : 20VXU28N90B93B44
System Object ID : 1.3.6.1.4.1.42379
System Up Time: 6 days, 18 hours, 54 mins, 12 secs
- Configure Switch Contact Information
Command: system contact CONTACT
Mode: global configuration mode
Parameter:
Parameter | Description |
CONTACT | Character range: 0-64, support letters, numbers and special characters (excluding “\?/,). If the string is empty, use “” to quote it. |
Description: Set Switch Contacts
Example:
Set the switch contact to 15968140574 and check
Switch # config
Switch(config)# do show info
System Name : Switch
System Location : hangzhou
System Contact : 15968140574
Device model : GWN7801
MAC Address : C0:74:AD:B9:3B:44
IP Address : 192.168.80.201
Subnet Mask : 255.255.255.0
Loader Version: 3.6.9.55156
Loader Date : Mar 17 2023 - 02:00:37
Firmware Version : 1.0.3.15
Firmware Date : Jan 12 2023 - 11:51:17
Hardware Version : V1.2A
PN Series number : 9640004612A
SN Series number : 20VXU28N90B93B44
System Object ID : 1.3.6.1.4.1.42379
System Up Time: 6 days, 19 hours, 9 mins, 37 secs
Time setting
- View current system time
Command:
- show clock
- show clock details
Mode: Privileged Exec Mode
Parameter: none
Description: View current system time
Example:
Switch # show clock
Switch# show clock detail
- Set static time manually
Command: clock set HH:MM:SS (jan|feb|mar|apr|may|jun|jul|aug|sep|oct|nov|dec)
<1-31> <2000-2035>
Mode: Privileged Exec Mode
Parameter:
Parameter | Description |
HH:MM:SS | Minutes and seconds |
(jan|feb|mar|apr|may|jun|jul|aug|sep|oct|nov|dec) | month |
<1-31> | day |
<2000-2035> | years |
Description: Manually set the time
Example:
Switch# clock set 04:14 :2 4 jan 24 2034
- Set the time source to manual setting
Command: clock source local
Mode: global configuration mode
Parameter: none
Description: Set the time source to manual setting
Example:
Switch # configure
Switch (config) # clock source local
- Set time source as SNTP server
Command:
- clock source sntp
- show sntp
Mode: global configuration mode
Parameter: none
Description:
- clock source sntp set the time source as SNTP server
- show sntp View SNTP server
Example:
Switch # configure
Switch (config) # clock source local
Switch(config) #d o show sntp
- Configure sntp server
Command:
- sntp host A .BCD port<1-65535>
- sntp host HOSTNAME port<1-65535>
Mode: global configuration mode
Parameter:
Parameter | Description |
A.BCD _ _ | SNTP server IP address |
HOSTNAME | SNTP server domain name |
port<1-65535> | SNTP server port, an integer ranging from 1 to 65535 |
Description: Configure SNTP server address
Example:
Switch # configure
Switch (config) # sntp host 192.168.1.27 port 123
Switch(config) # sntp host time.windows.com port 124
- Clear SNTP server
Command: no sntp
Mode: global configuration mode
Parameter: none
Description: clear SNTP server
Example:
Switch # configure
Switch (config) #no sntp
- Configure time zone
Command: clock timezone ACRONYM HOUR-OFFSET minutes < 0-59>
Mode: global configuration mode
Parameter:
Parameter | Description |
ACRONYM | Acronym for time zone ( 1 -4 characters) |
HOUR-OFFSET <-12-13> | Time difference from UTC |
minutes <0-59> | Minutes difference from UTC |
Description: Configure time zone
Example:
Switch # configure
Switch (config) #clock timezone Pac -8 minutes 30
- Restore default timezone
Command: no clock timezone
Mode: global configuration mode
Parameter: none
Description: restore default timezone
Example:
Switch # configure
Switch (config) #no clock timezone
Scheduled restart
- Scheduled restart
Command:
- schedule use id {id} reboot
- no schedule use reboot
Mode: global configuration mode
Parameter:
Parameter | Description |
{id} | Time policy ID, an integer ranging from 1 to 32 |
Description:
- schedule use id {id} reboot : set switch restart time
- no schedule use reboot : Turn off the scheduled reboot function
Example:
Turn on timed restart ( refer to time policy 1 )
Switch # config
Switch(config)# schedule use id 2 reboot
Turn off scheduled restart
Switch (config)# no schedule use reboot
Access control
Web service management
- Enable telnet permission/ssh permission/https access
Command: ip telnet|ssh|https
Mode: global configuration mode
Parameter: none
Description: Enable telnet permission/ssh permission/https access
Example:
Switch # configure
Switch (config) # ip telnet|ssh|https
- Close telnet permission/ssh permission/https access
Command: no ip telnet|ssh|https
Mode: global configuration mode
Parameter: none
Description: Close telnet permission/ssh permission/https access
Example:
Switch # configure
Switch (config) #no ip telnet|ssh|https
- View https access status
Command: show ip https
Mode: Privileged Exec Mode
Parameter: none
Description: View https access status
Example:
Switch# show ip https
- Modify web (https) idle timeout
Command: ip web session-timeout session-timeout
Mode: Privileged Exec Mode
Parameter:
Parameter | Description |
session-timeout | HTTPS timeout, the value range is 1-1440 minutes |
Description: Modify web idle timeout
Example:
Switch#configure
Switch (config) # ip web session-timeout 500
Manager settings
- Turn on/off the Manager function
Command:
- manager
- no manager
Mode: global configuration mode
Parameter: none
Description: Turn on/off the Manager function
Example:
Enable the Manager function
Switch # config
Switch(config)# manager
- Configure the Manager server address
Command: manager server IP/HOSTNAM port <0-65535> dhcpOverwrite enable/disable
Mode: global configuration mode
Parameter:
Parameter | Description |
IP | Manager server IP address , including IPv4 address and IPv6 address |
HOSTNAM | Manager server hostname |
<0-65535> | port , an integer ranging from 0 to 65535 |
enable/disable | Enable/disable DHCP option 43 rewrite Manager server address function |
Description: Configure the Manager server address
Example:
Configure Manager server as 1 92.168.1.1 , port 8 443 , disable DHCP option 43 rewrite address function
Switch # config
Switch(config)# manager server 192.168.1.1 port 8443 dhcpOverwrite disable
- View Manager configuration
Command: show manager
Mode: privileged EXEC mode
Parameter: none
Description: View Manager configuration
Example:
Switch# show manager
MANAGER OPTION | VALUE
----------------------+--------------------------- ----
manager set | enabled
manager server | 192.168.1.1
manager port | 8443
allow dhcp overwrite | disabled
Telnet/SSH Client
- View help information 1
Command: ssh {ip-addr |domain} ?
Mode: global configuration mode
Parameter:
Parameter | Description |
ip-addr | Switch IPv4 address |
domain | Switch domain name |
Description: There are 5 items of information debug, keyfile, port , removeknownhosts, user , and corresponding descriptions.
Example:
Switch # config
Switch(config)# ssh 192.168.80.201
<cr>
debug config show debug log
keyfile Log in with the ssh Server specified public key
port TCP/UDP port
removeknownhosts Remove all keys belonging to hostname from known_hosts file
user ssh login user name
- View help information 2
Command: telnet {ip-addr | domain} ?
Mode: global configuration mode
Parameter:
Parameter | Description |
ip-addr | Switch IPv4 address |
domain _ | Switch domain name |
Description: There is a port option, and it corresponds to the relevant description.
Example:
Switch # config
Switch(config)# telnet 192.168.80.201
<cr>
port TCP/UDP port
- View help information 3
Command: ssh public key?
Mode: global configuration mode
Parameter: none
Description: There are 3 items of information delete , list , tftp: // , and corresponding to the relevant description
Example:
Switch # config
Switch(config)# sshpublickey
delete Delete the public key on the device
list The key file that has been downloaded to the device list
tftp:// SSH Server public key download
- SSH connection management device
Command: ssh {ip-addr |domain} {keyfile/port/removeknownhosts/user}
Mode: Privileged Exec Mode
Parameter:
Parameter | Description |
ip-addr | Device IPv4 address or IPv6 address |
domain | switch domain name |
keyfile | Specify the private key file to use |
port | Specify the port number of the device to be connected |
remove known hosts | Clear connected hosts |
user | Specify the username to connect to |
Description: and manage other devices through SSH , and specify the user name, port and private key file. In this way, you can log in to the gwnmenu interface of GWN AP/Route and the CLI interface of GWN Switch to manage devices. Use the specified private key to log in to the server encrypted by the corresponding public key
Example:
The IP address of the SSH server is 192.168.0.254, and the SSH service is enabled by default on the GWN switch
Log in to the SSH server using the default root account
Switch# ssh 192.168.0.254
Log in to the SSH server using the admin account
Switch# ssh 192.168.0.254 user admin
If the SSH server changes the SSH port to 6622, specify the port to log in
Switch# ssh 192.168.0.254 user admin port 6622
If the SSH server uses public key encryption and the private key is GWN, use the key to log in
Switch# ssh 192.168.0.254 user root keyfile GWN
The switch has been connected to the switch device, and the device has been restored to factory settings, you need to clear the knownhosts and then log in
Switch# ssh 192.168.0.254 removeknownhosts
- Telnet connection management device
Command: telnet {ip-addr |domain} {port}
Mode: Privileged Exec Mode
Parameter:
Parameter | Description |
ip-addr | Device IPv4 address or IPv6 address |
domain | switch domain name |
port | Specify the port number of the device to be connected |
Description: and manage other devices via Telnet
Example:
Telnet server is 192.168.0.254, and the SSH service is disabled by default on the GWN switch
Log in with telnet
Switch# telnet 192.168.0.254
Modify the port of the Telnet server to 6623, and specify the port to log in
Switch# telnet 192.168.0.254 port 6623
- Upload secret key
Command: sshpublickey tftp://target_ip/target_file
Mode: global configuration mode
Parameter:
Parameter | Description |
tftp://target_ip | Upload the key file through TFTP |
target_file | key file that needs to be uploaded |
Description: Upload the secret key file through TFTP , support to upload and use the private key file in RSA/ecdsa/ed26619 format
The secret key uploaded successfully Downloading Done
Failed to upload the secret key Downloading config file failed
Example:
Switch#configure
Switch(config)# sshpublickey list
Switch(config)# sshpublickey tftp://192.168.99.176/gwn
Downloading Done
- The list of uploaded keys
Command: ssh publickey list
Mode: global configuration mode
Parameter: none
Description: View all uploaded key files
Example:
Switch # configure
Switch(config)# sshpublickey list
gwn
- Delete uploaded key
Command: ssh publickey delete xxx
Mode: global configuration mode
Parameter:
Parameter | Description |
xxx | key file name |
Description: Delete the key file named xxx
Example:
Switch # configure
Switch(config)# ssh publickey delete xxx
Switch(config)# sshpublickey list
- View device key
Command: show flash
Mode: privileged EXEC mode
Parameter: none
Description: View device key file
Example:
Switch # show flash
File Name File Size Modified
------------------------ ---------------- ---------- --------------
startup-config 2283 2023-05-22 03:23:33
flash.log 3552 2023-05-19 11:56:38
rsa2 2455 2023-05-18 03:13:34
dsa2 668 2023-05-18 03:13:39
rsa2.pub 559 2023-05-18 03:13:34
dsa2.pub 595 2023-05-18 03:13:39
ssl_cert 1245 2023-05-18 03:13:44
image 12277439 2023-05-18 12:27:04
- Upload device key to other devices
Command: copy flash://target_file tftp://target_ip
Mode: privileged EXEC mode
Parameter: none
Description: Upload the device’s own key to other devices
Example:
Switch# copy flash://rsa2 tftp://192.168.99.176
Uploading file. Please wait...
Uploading Done
Login service
View telnet/ssh/console process status
Command: show line telnet/ssh/console
Mode: privileged EXEC mode
Parameter: none
Description: View telnet/ssh/console process status
Example:
Switch# show line telnet
Telnet =================================
Telnet Server : enabled
Session Timeout : 10 (minutes)
History Count : 128
Password Retry : 3
Silent Time : 180 (seconds)
Modify telnet/ssh/console idle time
Command:
- line telnet/ssh/console
- exec-timeout < 0-65535>
Mode: global configuration mode
Parameter:
Parameter | Description |
< 0-65535> | specified minutes, 0 means no timeout |
Description: Modify telnet/ssh/console idle time
Example:
Switch#configure
Switch (config) #line telnet /ssh/console
Switch (config) #exec -timeout 100
Switch (config) #do show line telnet/ssh/console
Modify telnet/ssh/console history command count
Command:
- line telnet/ssh/console
- history < 1-256>
Mode: global configuration mode
Parameter:
Parameter | Description |
< 1-256> | History command count |
Description: Modify telnet/ssh/console history command count
Example:
Switch#configure
Switch (config) #line telnet /ssh/console
Switch (config) #history 100
Switch (config) #do show line telnet/ssh/console
Modify the number of telnet/ssh/console password retries
Command:
- line telnet/ssh/console
- password-thresh < 0-120>
Mode: global configuration mode
Parameter:
Parameter | Description |
< 0-120> | Number of password retries allowed , 0 means unlimited |
Description: Modify the number of telnet/ssh/console password retries
Example:
Switch#configure
Switch (config) #line telnet /ssh/console
Switch (config) #password-thresh 5
Switch (config) #do show line telnet/ssh/console
Modify telnet/ssh/console silent time
Command:
- line telnet/ssh/console
- silent-time < 0-65535>
Mode: global configuration mode
Parameter:
Parameter | Description |
< 0-65535> | suppress console response , 0 means unlimited |
Description: Modify telnet/ssh/console silent time. When the user enters the password to log in, the authentication fails, the number of failed retries will be increased by one, when the number of failed retries exceeds the configured number, the cli will block the login for a silent time
Example:
Switch#configure
Switch (config) #line telnet /ssh/console
Switch (config) #silent-time 2400
Switch (config) #do show line telnet/ssh/console
Clear telnet/ssh process
Command: clear line telnet|ssh
Mode: privileged EXEC mode
Parameter: none
Description: Clear telnet /ssh processes
Example:
Switch# clear line telnet|ssh
User Management
View user list
Command: show username
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Priv | user level |
type | user type |
User Name | username |
Password | password |
Description: view user list
Example:
Switch# show username
View all current online users
Command: show users
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Username | username |
Protocol | protocol |
location | address |
Description: View all current online users
Example:
Switch # show users
Username Protocol Location
------------- -------------- -----------------------
console0.0.0.0
admin telnet 192.168.122.52
View current user’s level
Command: show privilege
Mode: privileged EXEC mode
Parameter:
Parameter | Description |
Current CLI Username | Current CLI username |
Current CLI Privilege | Current CLI user level |
Description: View current user’s level
Example:
Switch # show privilege
Current CLI Username: admin
Current CLI Privilege: 15
Add user
Command: username WORD<1-64> [privilege (admin|monitor|operator)]
(password UNENCRYPY-PASSWORD | secret UNENCRYPY-PASSWORD | secret encrypted ENCRYPT-PASSWORD)
Mode: global configuration mode
Parameter:
Parameter | Description |
WORD<1-64> | Username , character range : 1-64, “\?/, characters are not supported. |
privilege (admin|monitor|operator) | User level: administrator |monitor| operator |
password UNENCRYPY-PASSWORD | Password is not encrypted |
secret UNENCRYPY-PASSWORD | Encryption, the password is before encryption |
secret encrypted ENCRYPT-PASSWORD | Encrypted, the password is encrypted |
Description: Add user
Example:
Switch # configure
Switch (config) #username test1 privilege admin password 123456
Switch (config) #username test2 privilege monitor secret 123456
Switch (config) #username test3 privilege operator secret encrypted 123456
Switch (config) # show username
Delete user
Command: no username WORD<1-64>
Mode: global configuration mode
Parameter:
Parameter | Description |
WORD<1-64> | Username |
Description: delete users
Example:
Switch # configure
Switch (config) #no username test2
Modify the password for user mode to enter privileged mode
Command: enable password UNENCRYPY-PASSWORD
Mode: global configuration mode
Parameter:
Parameter | Description |
password UNENCRYPY-PASSWORD | Password is not encrypted |
Description: Modify the password for user mode to enter privileged mode
Example:
Switch # configure
Switch (config) # enable password 11111111
Modify user password
Command: username WORD<1-64>
(password UNENCRYPY-PASSWORD | secret UNENCRYPY-PASSWORD | secret encrypted ENCRYPT-PASSWORD)
Mode: global configuration mode
Parameter:
Parameter | Description |
WORD<1-64> | Username |
password UNENCRYPY-PASSWORD | Password is not encrypted |
secret UNENCRYPY-PASSWORD | Encryption, the password is before encryption |
secret encrypted ENCRYPT-PASSWORD | Encrypted, the password is encrypted |
Description: Modify user password
Example:
Switch # configure
Switch( config)#username test3 password aa33333333
Old password: 123456
Restore the password for user mode to enter privileged mode to default value (default is empty)
Command: enable password “”
Mode: global configuration mode
Parameter: none
Description: Restore the password for user mode to enter privileged mode to the default value (the default is empty)
Example:
Switch # configure
Switch (config) # enable password ""
Time strategy
View time policy
Command: show schedule
Mode: privileged EXEC mode
Parameter: none
Description: View time policy
Example:
Switch# show schedule
|------------------------------------------------- -------------|
| ID:1 | NAME: reboot | USE:
|------------------------------------------------- -------------|
| week1:0000-0030
| week2:0000-0030
| abtime1:
|------------------------------------------------- -------------|
Add time policy
Command:
- schedule id {id} name {name}
- schedule id {id} week {week} {hour} {minute} to {hour} {minute}
- schedule id {id} abtime {abtime} date {date} mon {mon} day {day}
Mode: global configuration mode
Parameter:
Parameter | Description |
{id} | Set the policy ID , an integer ranging from 1-32 |
{name} | Set the policy name, the input length is 1-64 characters, “\?/, characters are not supported. |
{week} | <1-7> monday to sunday |
{hour} | <0-24> |
{minute} | 0 or 30 |
{ab time} | Set special dates, up to 8 |
{date} | <2022-9999> years |
{mon} | <1-12> month |
{day} | <1-31> day |
Description: add time policy
Example:
Create a time policy with id 1 and name policy1, and the period is Wednesday 4:00-5:30
Switch(config)# schedule id 1 name policy1
Switch(config)# schedule id 1 week 3 hour 4 minute 0 to hour 5 minute 30
Delete time policy
Command: no schedule id {id}
Mode: global configuration mode
Parameter:
Parameter | Description |
{id} | Set the policy ID , an integer ranging from 1-32 |
Description: delete time policy
Example:
Delete time policy with id 1
Switch(config)# no schedule id 1
1588 v2 TC
Enable/disable global 1588v2 TC
Command:
- ptp enable
- no ptp enable
Mode: global configuration mode
Parameter: none
Description: Enable/disable global 1588v2 TC function
Example:
Enable the global 1588 v2 TC function
Switch # config
Switch(config)# ptp enable
Configure 1 588v2 TC clock type
Command: ptp clock-type e2e-tc | p2p-tc
Mode: global configuration mode
Parameter:
Parameter | Description |
e2e-tc | E2E TC clock type |
p2p-tc | PTP TC clock type |
Description: Configure 1588v2 TC clock type
Example:
Configure the 1588 v2 TC clock type as E2E TC
Switch # config
Switch(config)# ptp enable
Switch(config)# ptp clock-type e2e-tc
Configuring the Encapsulation Format of PTP TC Packets
Command: ptp protocol l ethernet|udpv4|udpv6
Mode: global configuration mode
Parameter:
Parameter | Description |
ethernet | Ethernet encapsulation |
udpv4 | UDP over IPv4 encapsulation |
udpv6 | UDP over IPv6 encapsulation |
Description: Configure the encapsulation format of PTP TC packets, the default is Ethernet encapsulation.
Example:
Configure the encapsulation format of PTP TC packets to Ethernet
Switch # config
Switch(config)# ptp enable
Switch(config)# ptp clock-type p2p-tc
Switch(config)# ptp protocol ethernet
Configure a PTP TC domain
Command: ptp domain <0-255>
Mode: global configuration mode
Parameter:
Parameter | Description |
<0-255> | Configure the PTP TC clock domain ID |
Description: Configure the PTP TC clock domain
Example:
Configure the PTP TC clock domain as 10
Switch # config
Switch(config)# ptp enable
Switch(config)# ptp clock-type p2p-tc
Switch(config)# ptp domain 10
Configure the PTP TC virtual clock ID
Command: ptp virtual0clock-id auto|xxxxxxxxxxxxxxxxx
Mode: global configuration mode
Parameter:
Parameter | Description |
auto | Automatically generate virtual clock ID, insert FFFE in the middle of MAC address as ID ( XXXXXX-FFFE-XXXXXX ) |
xxxxxxxxxxxxxxxx | 16 hexadecimal characters , if it is less than 16 digits , it will be automatically filled with 0 in front |
Description: Configure the PTP TC virtual clock ID
Example:
Configure the ID of the PTP TC virtual clock as 12365 acaaaaa
Switch # config
Switch(config)# ptp enable
Switch(config)# ptp clock-type p2p-tc
Switch(config)# ptp virtual-clock-id 12365acaaaaa
Enable/disable 1588 v2 TC on interface
Command:
- ptp enable
- no ptp enable
Mode: interface configuration mode
Parameter: none
Description: Enable/disable the 1588 v2 TC function of the port
Example:
Enable the 1588 v2 TC function of port 1/0/1 -1 /0/10
Switch # config
Switch(config)# interface range e1/0/1-e1/0/10
Switch(config-if-range)# ptp enable
View 1588 v2 TC related information
Command: show ptp state
Mode: privileged EXEC mode
Parameter: none
Description: View global and port 1588 v2 TC status
Example:
Switch# show ptp state
|---------------------------------------------------|
PTP clock type : e2e-tc
|---------------------------------------------------|
PTP state : enabled
|---------------------------------------------------|
| LogicPort mode |
--------------------------------------------------
| eth1/0/1 Disabled |
--------------------------------------------------
| eth1/0/2 Disabled |
--------------------------------------------------
| eth1/0/3 Disabled |
--------------------------------------------------
| eth1/0/4 Disabled |
--------------------------------------------------
| eth1/0/5 Disabled |
--------------------------------------------------
| eth1/0/6 Disabled |
--------------------------------------------------
| eth1/0/7 Disabled |
--------------------------------------------------
| eth1/0/8 Disabled |
--------------------------------------------------
| eth1/0/9 Disabled |
--------------------------------------------------
| eth1/0/10 Disabled |
--------------------------------------------------
| eth1/0/11 Disabled |
--------------------------------------------------
| eth1/0/12 Disabled |
--------------------------------------------------
| eth1/0/13 Disabled |
--------------------------------------------------
| eth1/0/14 Disabled |
--------------------------------------------------
| eth1/0/15 Disabled |
--------------------------------------------------
| eth1/0/16 Disabled |
--------------------------------------------------
Restart and view running configuration
Reboot
Command: Reboot
Mode: privileged EXEC mode
Parameter: none
Description: reboot switch
Example:
Switch # reboot
View running configuration
Command: show running-config
Mode: privileged EXEC mode
Parameter: none
Description: View running configuration
Example:
Switch# show running-config