Configure a Hwtacacs scheme, Create ISP domain | 3Com 10014298

240CHAPTER 9: AAA AND RADIUS OPERATION

switch, set the shared key for AAA packet encryption to expert. Configure the switch to send usernames to the TACACS server with isp-name removed.

On the TACACS server, set the shared key for encrypting the packets exchanged with the switch to expert; add the usernames and passwords of users:

1Configure a HWTACACS scheme.

[Quidway]hwtacacs scheme hwtac [Quidway-hwtacacs-hwtac]primary authentication 10.110.91.164 1812

[Quidway-hwtacacs-hwtac]primary authorization 10.110.91.164 1813

[Quidway-hwtacacs-hwtac]key authentication expert

[Quidway-hwtacacs-hwtac]key authorization expert

[Quidway-hwtacacs-hwtac]undo user-name-format with-domain

[Quidway-hwtacacs-hwtac]quit

2Associate the domain with the HWTACACS.

[Quidway]domain hwtacacs

[Quidway-isp-hwtacacs]scheme hwtacacs-scheme hwtac

Dynamic VLAN with The RADIUS server (taking Windows IAS as example) delivers sting VLAN ID test, RADIUS Server which corresponds to the name of VLAN 100 on the switch. The switch can add

Configuration Example the port to VLAN 100 when the server delivers test.

1Specify RADIUS scheme

[Quidway]radius scheme ias [Quidway-radius-ias]primary authentication 10.11.1.1

[Quidway-radius-ias]primary accounting 10.11.1.2

[Quidway-radius-ias]key authentication hello

[Quidway-radius-ias]key accounting hello

[Quidway-radius-ias]quit

2Create ISP domain

[Quidway]domain ias

[Quidway-isp-ias]scheme radius-scheme ias

3Configure VLAN delivery mode as string

[Quidway-isp-ias]vlan-assignment-mode string

[Quidway-isp-ias]quit

4Create a VLAN and specify its name.

Create a VLAN.

[Quidway]vlan 100

Configure name of the delivered VLAN.

[Quidway-vlan100]name test

5Configure on the Windows IAS server the VLAN delivery mode to string and the name of the delivered VLAN to test.

For the string delivery mode, the VLAN to be delivered must be an existing one on the switch. That is, you must have created the VLAN and configured a name for it on the switch. There is no such a restriction for the integer mode.

Image 240

3Com 10014298 manual Configure a Hwtacacs scheme, Associate the domain with the Hwtacacs, Create ISP domain

Contents

Switch Configuration Guide 3Com Corporation Campus DriveMarlborough, MA 01752-3064 Contents 104 Route Capacity 105 Configuring Route Capacity IP Multicast Overview 109110 IP Multicast Protocols 112 137 Configuring PIM-SM 138 Gmrp Configuring Gmrp 146 STP Overview 181 Configuring STPConfiguring the Mstp Running Mode 192 191 Dynamic Vlan with Radius Server Configuration Example 240 244 Configuring File Management 245237 239 274 Configuring Rmon 278 Configuring NTP 279286 Page Lists icon conventions that are used throughout this book Lists the text conventions used in this bookText Conventions Icon Description Display user-interface Product Overview Configuring SwitchConsole port. To set up the local configuration environment Setting Terminal ParametersTo set terminal parameters Dialog box, as shown in Figure Select Properties HyperTerminal Window Connecting the PC to the Switch TelnetEnter system view, return to user view by pressing Ctrl+Z Connecting Two Switch 7750 Systems Run Telnet Dial-up Modem SW7750telnet Set Up Remote Configuration Environment Interface Dial the Remote PC Configuring the Attributes of the AUX Console Port Configure the Attributes of the AUX Console PortEntering the User Interface View Enter User Interface View Configuring the Terminal Attributes By default, the terminal screen length is 24 lines Managing Users Perform the following configuration in user interface view Authorize users to use the command linesConfigure Authentication Method Configure the Local Authentication Password Perform the following configuration in local-user view Set Command Level Used After a User LogsSet Command Level After User Login Configuring the Attributes of a Modem Configuring RedirectionSet Command Priority Configure Modem Perform the following configuration in user view Configure to Send Messages Between User InterfacesConfigure Automatic Command Execution Displaying and Debugging User Interface Command Line Interface Command Line Interface Function Feature of Command View Command Line Displaying Features of the Command LineEditing Features of the Command Line Online Help Common Command Line Error Messages History CommandCommon Command Line Error Messages Retrieve History Command Editing Features of the Command Line Displaying Features of the Command LineEditing Functions Display Functions System Access Port Configuration Ethernet Port Overview Setting Description Character String for Ethernet Port Entering Ethernet Port ViewEnabling and Disabling Ethernet Ports Setting Duplex Attribute of the Ethernet Port Setting the Speed of the Ethernet PortSetting Cable Type for Ethernet Port Setting Flow Control for Ethernet Port Setting Ethernet Port Broadcast Suppression RatioPermitting/Forbidding Jumbo Frames on the Ethernet port Set Flow Control for Ethernet Port Setting the Link Type for an Ethernet Port Setting Ethernet Port Broadcast Suppression RatioAdding the Ethernet Port to a Vlan Set Link Type for Ethernet Port Setting the Default Vlan ID for Ethernet Port Set the Default Vlan ID for the Ethernet PortAdding the Ethernet Port to Specified VLANs Copying a Port Configuration to Other Ports Copying a Port Configuration to Other PortsDisplaying and Debugging Ethernet Ports Display and Debug Ethernet Port Configuring Link Example Configuring the Default Vlan ID of the Trunk PortPort Configuration Aggregation Manual and Static Lacp Aggregation Port Configuration Dynamic Lacp aggregation Lacp enable Undo lacp enableEnabling or Disabling Lacp at a Port Enabling/Disabling Lacp at a Port Creating or Deleting an Aggregation Group Create or Delete an Aggregation GroupAdd/Delete Ethernet Port to/from Aggregation Group Setting or Deleting an Aggregation Group Descriptor By default, an aggregation group has no descriptorConfiguring System Priority By default, system priority is Default value for port priority is Configure Port PriorityDisplaying and Debugging Link Aggregation Display and Debug Link Aggregation Example Link Aggregation Configuration Networking For Link Aggregation Configuring Link Aggregation Port Configuration Configuring VLANs Configuring GARP/GVRPVlan Overview Vlan Overview Setting the Broadcast Suppression Ratio for Vlan Creating or Deleting a VlanSpecifying the Broadcast Suppression Ratio for a Vlan Creating or Deleting a Vlan Setting or Deleting the Vlan Description Character String By default, the string parameter is nullSpecifying or Removing Vlan Interfaces Create a Vlan before creating an interface for it Example Vlan Configuration Displaying and Debugging a Vlan By default, the system adds all ports to VLAN1 Adding Ethernet Ports to a VlanAdding Ethernet Ports to a Vlan Creating and Deleting a Vlan Protocol Type Add Ethernet1/0/1 and Ethernet1/0/2 to VLAN2Creating and Deleting a Vlan Protocol Type Example Protocol-Based Vlan Configuration Add Ethernet1/0/3 and Ethernet1/0/4 to VLAN3SW7750-vlan2port ethernet1/0/1 to ethernet1/0/2 SW7750-vlan3port ethernet1/0/3 to ethernet1/0/4 Configure the protocol Vlan on port G1/0/1 SW7750-vlan2protocol-vlan ?SW7750-vlan2protocol-vlan ip SW7750int g1/0/1 Configure port G1/0/3 as Vlan 3 and port G1/0/2 as Vlan Vlan and multicast addresses Setting the Garp Timers Setting the Garp Timers Displaying and Debugging Garp Display and Debug Garp By default, Gvrp is disabled on a port Setting the Gvrp Registration TypeEnabling or Disabling Global Gvrp Enabling or Disabling Port Gvrp By default, the Gvrp registration type is normal Example Gvrp Configuration ExampleSetting the Gvrp Registration Type Displaying and Debugging Gvrp Enable Gvrp globally Enable Gvrp on the trunk portCreate VLANs Configuring IP Address Configure IP Address and HostName for a Host Configuring the IP Address of the Vlan InterfaceConfigure the Host Name and the Corresponding IP Address Subnet and Mask Example Configuring an IP Address Configure IP Address for a Vlan InterfaceDisplaying and Debugging an IP Address Display and Debug IP Address Configure the IP address for Vlan interface Address ConfigurationExample IP Address Resolution Enter Vlan interface Manually Adding/Deleting Static ARP Mapping Entries Learning Gratuitous ARPsManually Adding/Deleting Static ARP Mapping Entries Learning Gratuitous ARPs Configuring the Dynamic ARP Aging Timer Dhcp RelayDisplaying and Debugging ARP Configuring a Dhcp Server IP Address in a Dhcp Server Group Configure/Delete the IP Address of the Dhcp ServerDhcp-server groupNo ip ipaddress1 Ipaddress2 Configuring the Dhcp Server Group for the Vlan Interface Configuring the Address Table EntryEnabling/Disabling Dhcp Security Features Configure/Delete the Address Table Entry Example Configuring Dhcp Relay Displaying and Debugging Dhcp Relay Show the configuration of Dhcp server groups in User view Relay Configuration DynamicallySW7750display dhcp-server SW7750display dhcp-server interface vlan-interface IP Performance Attributes Configure Whether to Forward L3 Broadcast Packets Display and Debug IP Performance SW7750terminal debugging SW7750debugging tcp packet SW7750terminal debugging SW7750debugging tcp transact Network Protocol Operation IP Routing Protocol Operation About Hops Routing Table Static Routes Unreliable sourceIndividual static routes can be different Routes Shared Between Routing Protocols Default Route Configuring a Static RouteConfiguring a Static Route Configuring a Default Route Configuring a Default RouteParameters are explained as follows IP address and mask Transmitting interface or next hop address Example Typical Static Route Configuration Displaying and Debugging Static RoutesDeleting All Static Routes Displaying and Debugging the Routing Table Configure the static route for Ethernet Switch a Configure the static route for Ethernet Switch BConfigure the static route for Ethernet Switch C Enabled, but the IP packets cannot be forwarded normally RIP Network or host is unreachable Enabling RIP and Entering the RIP View Enabling RIP and Entering the RIP ViewRip Undo rip By default, RIP is not enabled Configuring Unicast RIP MessagesEnabling the RIP Interface Specifying the RIP Version Configuring RIP Timers Specifying RIP Version of the Interface Configuring RIP-1 Zero Field Check of the Interface Packet By default, RIP-1 performs zero field check on the packetConfiguring Zero Field Check of the Interface Packet Specifying the Operating State of the Interface By default, the router receives the host route By default, RIP-2 uses the route aggregation functionSetting RIP-2 Packet Authentication Disabling Host Route Configuring Split Horizon By default, split horizon of the interface is enabledSetting RIP-2 Packet Authentication Configuring Split Horizon Configuring the Default Cost for the Imported Route By default, the cost value for the RIP imported route isSetting the RIP Preference By default, the preference of RIP is Configuring Route Filtering Configuring RIP to Filter RoutesDisplaying and Debugging RIP Example Typical RIP Configuration Configure RIP on Switch aConfigure RIP on Switch B Configure RIP on Switch C IP Routing Policy Information that meets its conditionsAdvertise, receive, and import the route information IP Prefix IP Prefix Defining a Route PolicyDefining a Route Policy Permit deny node By default, no matching is performed Defining If-match Clauses for a Route PolicyDefining If-match Conditions Configuring Importing Routes of Other Protocols Defining Apply Clauses for a Route PolicyDefining Apply Clauses Configuring for Filtering Received Routes Configuring Filtering for Received RoutesDefining IP Prefix Defining Prefix-list Configuring for Filtering Distributed Routes Configuring Filtering of Distributed RoutesDisplaying and Debugging the Routing Policy Displaying and Debugging the Route Policy Configuring Route Capacity Setting the Lower Limit for Switch MemorySetting the Safety Value for Switch Memory Setting the Lower Limit of the Ethernet Switch Memory Setting the Lower Limit and the Safety Value Simultaneously Setting the Safety Value of the Ethernet Switch Memory Operation Command Enable automatic recovery of disconnected Memory auto-establish enableDisplaying and Debugging Route Capacity Displaying and Debugging Route Capacity IP Routing Protocol Operation Multicast Protocol Comparison Between the Unicast and Multicast Transmission Ranges and meanings of Class D addresses are shown in Table Ethernet Multicast MAC AddressesRanges and Meanings of Class D Addresses Reserved Multicast Address List Internet Group Management Protocol Igmp Multicast Routing Protocol PIM-SM Protocol-Independent Multicast Sparse Mode RPF Reverse Path Forwarding By default, multicast routing is disabled Multicast routing-enableUndo multicast routing-enable Enabling Multicast Configuring the Multicast Route Limit By default, the multicast route-limit isClearing MFC Forwarding Entries or Statistic Information Configuring Igmp Displaying and Debugging Common Multicast ConfigurationDisplay and Debug Common Multicast Configuration Participating in multicast must implement Igmp Specific group query By default, Igmp is not enabled Configuring the Igmp VersionDefault is Igmp Version Enabling Igmp on an Interface By default, the interval is 1 second Igmp lastmember-queryintervalSeconds Undo igmp Configuring the Limit of Igmp Groups on an Interface Configuring a Router to be a Member of a GroupConfigure a Router to Be a Member of a Group By default, a router does not join a multicast group Limiting Access to IP Multicast GroupsConfiguring the Igmp Query Message Interval Default interval is 60 seconds Configuring the Igmp Querier Present Timer Configuring the Maximum Query Response TimeConfigure the Igmp Querier Present Timer Configure the Maximum Query Response Time Displaying and Debugging Igmp Display and Debug Igmp Igmp Snooping Implement Igmp Snooping Multicast Packet Transmission With Igmp Snooping Implementing Igmp Snooping Configure Router Port Aging Time Configure Router Port Aging TimeEnabling/Disabling Igmp Snooping By default, the port aging time is 260 seconds Configuring Maximum Response TimeBy default, the maximum response time is 10 seconds Configure Aging Time of Multicast Group Member Example Igmp Snooping Configuration Enable Igmp Snooping if it is disabledDisplay the status of Gmrp Multicast Protocol Assert Mechanism Diagram See Configuring Common Multicast on Configuring the Interface Hello Message IntervalEnabling PIM-DM Entering PIM View Configuring the Filtering of Multicast Source/Group Perform the following configuration in the PIM viewConfiguring the Filtering of PIM Neighbors Configure Hello Message Interval on an Interface Displaying and Debugging PIM-DM Displaying and Debugging PIM-DM Example PIM-DM Configuration Configuration procedureEnable the multicast routing protocol Enable PIM-DM Neighbor discovery mechanism is the same as that of PIM-DM Build the RP shared tree RPT Preparing to Configure Configure Candidate RPsConfigure BSRs Configure Static RP Refer to Configuring Common Multicast on Refer to Configuring Igmp onEnabling PIM-SM Enabling PIM-SM Setting the PIM-SM Domain Border Configuring Candidate-BSRsSetting the PIM-SM Domain Border Pim bsr-boundary Configuring Candidate-RPs Configuring Static RPConfiguring Candidate-BSRs Configuring Candidate-RPs See Configuring PIM-DMon Configuring the Filtering of PIM NeighborConfiguring RP to Filter the Register Messages Sent by DR Configuring the Interface Hello Message Interval Limiting the Range of Legal BSR Limiting the Range of Legal C-RPBsr-policy acl-number Undo bsr-policy Clearing Multicast Route Entries from PIM Routing Table Clearing PIM NeighborsDisplaying and Debugging PIM-SM Clearing Multicast Route Entries from PIM Routing Table Execute the debugging command in user view to debug PIM-SM Example Configuring PIM-SIMConfigure Switch a Enable PIM-SM Display and Debug PIM-SM Configure Switch B Enable PIM-SM Configure the C-BSRConfigure the C-RP Configure PIM domain border Configure Switch C Enable PIM-SM Information dynamically registered by other switchesMulticast in Vlan Enable/Disable Gmrp Globally Example Configuring GmrpEnabling/Disabling Gmrp on the Port Displaying and Debugging Gmrp Enable Gmrp on the port Configure LSB Enable Gmrp globally ACL Overview Filtering or ClassifyingHardware Quantitative Limitation to the ACL Value range Maximum Configuring ACLs Configuring the TimeBe done in sequence Range Defining a Basic ACL Basic ACL is defined by numbers from 2000 toDefine an Advanced ACL Define Basic ACL Perform the following configuration in designated view Defining a Layer-2 ACLDefine Advanced ACL Define Layer-2 ACL Displaying and Debugging an ACL Activate ACL ACL Configuration Examples Access Control Select ACL mode Select ip-based ACL mode Define the work time range Set the time range 800 toActivate ACL Activate the traffic-of-payserver ACL Define the time range Define time range 800 to Configuring QoS Select ACL mode Select link-based ACL modeDefine the rules for packet with source IP address Activate ACL Activate the ACL traffic-of-host Traffic refers to all packets passing through a switch TrafficTraffic Classification Packet Filter Traffic PolicingBandwidth Assurance Port Traffic Limit Traffic Mirroring Traffic Counting Setting Port Priority Setting Port PriorityOperation Command Set port priority Restore the default priority Undo priority Setting Port Mirroring Setting Queue SchedulingSetting Port Mirroring Configure the COS local-precedence mapping table Restore the default mappingBy default, the switch selects the default mapping Mapping Between Dscp Priority Levels and Outbound Queues Configuring the Traffic Limit Configuring the Priority for Queue SchedulingConfiguring the Traffic Limit Entering QoS View Setting Line Limit Setting Traffic BandwidthSetting Traffic Redirection Setting the Line Rate Configuring the RED Operation Configure RED OperationRelabeling the Priority Level Relabeling the Priority Level Configuring Traffic Statistics Configuring Traffic StatisticsDisplaying and Debugging QoS Display and Debug QoS Traffic Bandwidth Traffic Statistics Traffic Limit and Line RateDisplay priority-trust Define the traffic-of-payserver rule in the advanced ACL Set traffic limit for the wage server Enter QoS viewPort Mirroring Priority Relabeling Configuration Example Define traffic classification rules for PC1 packetsSW7750acl number Packet Redirection View the configuration with the display command Other interface units support only SP algorithmRule 0 interface gigabitetherent7/0/8 SW7750queue-scheduler wrr 5 5 10 10 15 15 9 Define traffic rules for the packets of IP address Traffic Bandwidth Traffic Statistics Traffic Bandwidth Configuring ACL Security, see System AccessControl Define traffic rules for PC1 packets Defining an ACL Importing an ACLExample Controlling Telnet Users with ACL Defining a Basic ACL Call an ACL Importing an ACL to Control Snmp UsersDefine a Numbered Basic ACL Authentication privacy read-view Example Controlling Snmp Users with an ACLRead-view read-view write-view Snmp-agent group v3 group-name Import the basic ACLs QOS/ Operation Configuring STP STP Overview Algorithm Illustrates the network Configuring STP STP Operation Final Stabilized Spanning Tree Mstp Overview MST Region Vlan Mapping TableInternal Spanning Tree IST Common Spanning Tree CST Multiple Spanning Tree Instance Msti Msti Region rootCommon Root Bridge Boundary port Configuring Mstp Mstp PrinciplesCist calculation Msti calculation Stp region-configuration Undo stp Region-configurationEntering MST region view Enter MST Region View Configuring the MST Region Perform the following configuration in MST region viewRoot Switch Configure the MST Region for a Switch Specify the Switch as Primary or Secondary Root Switch By default, the switch priority is Configure the Mstp Running ModeConfigure the Priority for a Switch Configure the Max Hops in an MST Region Configure the Switching Network Diameter Configure the Time Parameters of a Switch Configuring in system view Configuring in Ethernet port viewConfigure the Max Transmission Speed on a Port Port Configure a Port as an Edge Port or a Non-edge Port Configure the Path Cost of a Port Specify the Standard To BeFollowed in Path Cost CalculationInstance instance-id cost Stp instance instance-id cost Calculates the default Path Cost for the connected Link Restore the default standard to be usedStp pathcost-standard Dot1d-1998 dot1t legacy Configure the Port Priority Instance instance-id portPriority priority Stp instance instance-idport Configuring the Port Connection with Point-to-Point Link Configure the Port Connection With the Point-to-point Link Configure the mCheck Variable of a Port Variable of a PortSecurity Function Mcheck Configure the Switch Security Function Enable/Disable Mstp on a Device Enable/Disable Mstp on a PortDevice Configuring Digest Digest SnoopingSnooping Configure digest snooping Prerequisites Ieee 802.1x Authentication Process Implement 802.1x on Ethernet Switch Setting the Port Access Control Mode Setting Port Access Control MethodEnabling/Disabling Checking the Users that Log on the Switch by Proxy Setting Number of Users on a PortEnabling Dhcp to Launch Authentication Set to Enable Dhcp to Launch Authentication Configuring the Authentication Method for 802.1x Users Setting the Maximum Retransmission TimesConfiguring Timers Enabling/Disabling Quiet-Period Timer Example 802.1x ConfigurationEnable/Disable a Quiet-Period Timer Displaying and Debugging SW7750dot1x interface ethernet 1/0/2 SW7750dot1x port-method macbased interface ethernet 1/0/2SW7750radius scheme radius1 Implementing AAA and RadiusProtocols Network security management Radius Configuring AAA Implementing AAA/RADIUS on Ethernet SwitchCreating/Deleting an ISP Domain Configuring Relevant Attributes of an ISP Domain Configure Relevant Attributes of ISP DomainCreate/Delete ISP Domain By default, there is no local user in the system Setting Attributes of a Local UserCreating a Local User Disconnecting a User by Force By default, no online user will be disconnected by forceRadius Protocol Radius server type, etc Creating/Deleting a Radius Server Group Create/Delete a Radius Server GroupUndo radius scheme Setting the IP Address and Port Number of Radius Server Set IP Address and Port Number of Radius Server Setting the Radius Packet Encryption Key Setting the Response Timeout Timer of Radius ServerBy default, timeout timer of Radius server is 3 seconds Setting Retransmission Times of the Radius Request Packet Setting a Real-time Accounting Interval Enable the Selection of the Radius Accounting OptionEnabling the Selection of the Radius Accounting Option Set Retransmission Times of Radius Request Packet By default, minute is set to 12 minutes Setting Maximum Times of Real-time Accounting RequestEnabling/Disabling Stop Accounting Request Buffer Recommended Ratio of Minute to Number of Users Setting the Supported Type of Radius Server By default, the Radius server type is standardSetting Radius Server State Enable/Disable Stopping Accounting Request Buffer Setting Username Format Transmitted to Radius Server Set Radius Server StateSet the Unit of Data Flow Transmitted to Radius Server Configuring a Local Radius Server Group Configuring Source Address for Radius Packets Sent by NASSetting the Timers of the Radius Server Setting the Response Timeout Timer of the Radius Server 229 III. Configure the Radius Server Response Timer 35 Configure the Radius server response timerHwtacacs configuration tasks include 36 Hwtacacs configuration Configuring Hwtacacs AAA and Radius Operation Configuring Hwtacacs Perform the following configuration in Hwtacacs view Configuring Hwtacacs Setting Tacacs Server Timers Default response timeout timer is set to 5 secondsInterval is in minutes and must be a multiple Displaying Debugging the AAARADIUS, Hwtacacs Protocols Examples Remote Radius Server Configure the domain Configure Radius schemeConfigure the association between domain and Radius Authentication at a Configure a Hwtacacs scheme Configure Vlan delivery mode as stringConfigure name of the delivered Vlan Associate the domain with the Hwtacacs Configurations User authentication/authorization always failsRadius packet cannot be transmitted to Radius server AAA and Radius Operation File System File SystemManaging the MAC Address Table Managing Devices Mode of the File System Perform the following operation in system viewFile Operation File System Operation Example File System Operation Format the flashDisplay the working directory in the flash Create a directory named test Perform the following configuration in all views Saving the Current ConfigurationErasing the Configuration Files from Flash Memory Configuring the FTP Server Authentication and Authorization Enable/Disable FTP ServerConfigure the FTP Server Authentication and Authorization Enabling and Disabling the FTP Server Configuring FTP Server Parameters By default, the FTP server connection timeout is 30 minutesDisplaying and Debugging the FTP Server Introduction to FTP Client Configuring the File Transmission Mode By default, Tftp transmits files in binary modeDownloading Files with Tftp Uploading Files with Tftp Setting MAC Address Table Entries By default, the MAC address learning function is enabled Disabling or Enabling Global MAC Address LearningDisabling or Enabling MAC Address Learning on a Port Setting MAC Address Aging Time Setting the MAC Address Aging Time for the SystemDisplaying and Debugging the MAC Address Table Displaying and Debugging MAC Address Table Example Configuring MAC Address Table Management Enter the system view of the switchDisplay the MAC address configurations in all views Add a MAC address specify the native VLAN, port and state Is booted Perform the following configuration in user view Upgrading BootROMResetting a Slot If you input reboot only, the whole system will be reset Setting the Slot Temperature Limit Setting the Backboard ViewMaintaining Debugging System Setting the System Name Setting the System ClockSetting the Time Zone Setting Daylight Saving Time Perform this command in user view By default, daylight saving time is not setSetting Daylight Saving Time Display Commands of the System Displaying Diagnostic Information Enabling and Disabling Debugging Testing Tools for Following sections Ping Tracert CommandTracert Command Ping Tracert Command Operation Command Trace a routeTimeout host Tracert -f first-TTL -m Setting the Output Channel of the Log Enable/Disable the Logging FunctionEnabling and Disabling the Logging Function Defining the Log Filtering Rules Log OutputNumbers and Names of the Channels for Log Output Syslog-Defined Severity Configuring the Snmp Timestamp Output Format Configuring the Snmp Timestamp Output FormatDefine the Filtering Rules of the Channels Configuring the Info-center Loghost Example Log ConfigurationEnable Rstp module debugging SW7750 security messages Displaying and Debugging the Syslog Function Displaying and Debugging the Syslog Function Architecture of the MIB Tree Setting the Community Name MIBs Supported by the Ethernet SwitchMIB Attribute MIB Content References Setting the Destination Address of a Trap Setting the Community NameSetting the Destination Address of a Trap Enabling and Disabling the Snmp Agent to Send a Trap Setting the Lifetime of the Trap Message By default, the lifetime of a trap message is 120 secondsSetting Snmp Information By default, syslocation is specified as Marlborough MA Setting and Deleting an Snmp Group Setting the Source Address of the TrapSetting and Deleting an Snmp Group Setting the Source Address of the Trap Creating and Updating View Information or Deleting a View Adding and Deleting a User to or from an Snmp GroupCreating and Updating View Information or Deleting a View Enabling and Disabling Transmission of Trap Information Disabling the Snmp AgentDisplaying and Debugging Snmp Example Snmp Configuration Operation Command Display the contact character stringEnter the system view Set the community name, group name, and user Used network management standards Networks Adding and Deleting an Entry to or from the Alarm Table Adding or Delete an Entry to or from the Alarm TableAdding and Deleting an Entry to or from the Event Table Add or Delete an Entry to or from the Event Table Add or Delete an Entry to or from the Statistics Table Displaying the Rmon Configuration Example Rmon ConfigurationConfigure Rmon View the configurations in user view NTP Configuring NTP Operating Mode Configuring NTP Time Server Ntp-service unicast-serverAuthentication-keyid keyid Undo ntp-service unicast-server Perform the following configurations in Vlan interface view Configuring NTP Peer ModeConfiguring NTP Broadcast Server Mode Configuring NTP Broadcast Client Mode Configuring NTP Multicast Server ModeConfiguring NTP Multicast Client Mode Configuring NTP ID Authentication Setting the NTP Authentication KeySetting the Specified Key to Be Reliable Key number key-numberranges from 1 to Setting the NTP Master Clock Designating an Interface to Transmit NTP Message Setting the Authority to Access a Local Switch Setting Maximum Local SessionsDisplaying and Debugging NTP Example Configuring NTP Servers Configure the Switch SW77501 Enter system viewConfigure Ethernet Switch SW77502 Enter system view Set the local clock as the NTP master clock at stratum SW77502display ntp-service status Example Configuring NTP Peers Configure Ethernet Switch SW77504 Enter system view SW77504display ntp-service status SW77504display ntp-service sessions Example Configuring NTP Broadcast Mode Configure Ethernet Switch SW77501 Enter system viewEnter Vlan-interface2 view Set it as broadcast server Example Configuring NTP Multicast Mode Configure Ethernet Switch SW77503 Enter system view# Set the local clock as a master NTP clock at stratum Set it as a multicast server Example Configuring Authentication-Enabled NTP Server Mode Configure the key as reliable SW77501ntp-service authentication enableSW77501ntp-service reliable authentication-keyid System Management