Command Line User’s Guide
Page
Table of Contents
101
103
181
232
326
389
462
532
Preface
AT-S62 Command Line User’s Guide
This document uses the following conventions
Contacting Allied Telesyn
Starting a Command Line Management Session
Starting a Management Session
Command Line Interface Features
Command Formatting
Basic Command Line Commands
Clear screen
This command clears the screen
Following command clears the screen
Clear Screen
Following command displays the Main Menu
Exit
Exit
Following command displays the CLI keywords
Help
Help
Following command ends a management session
Logoff Logout Quit
Logoff
Following command displays the AT-S62 Main Menu
Menu
Menu
Save configuration
Save Configuration
Prompt
Set prompt=Sales Switch
SET Prompt
Set prompt=prompt
SET Switch Consolemode
Set switch consolemode=menucli
Set switch consolemode=menu
Show user
Show User
Guide for background information on enhanced stacking
Enhanced Stacking Commands
Either of the following formats
Access Switch
Access switch number=numbermacaddress=macaddress
Macaddress
Access switch macaddress=003084520211
Access switch number=12
Stackmode
SET Switch Stackmode
Set switch stackmode=masterslaveunavailable
Possible settings are
Set switch stackmode=master
Show remotelist
Following command displays the switches sorted by name
Show Remotelist
Show remotelist sorted by=macaddressname
Basic Switch Commands
AT-S62 Command Line User’s Guide
Disable dhcpbootp
Disable Dhcpbootp
Disable ip remoteassign
Disable IP Remoteassign
Disable Telnet
Disable telnet
Following command deactivates the Telnet server
Enable bootp
Enable Bootp
Enable dhcp
Enable Dhcp
Enable ip remoteassign
Enable IP Remoteassign
Enable Telnet
Enable telnet
Following command activates the Telnet server
Drive
AT-8500 Series switch supports only one
Format Device
Format drive=flash
Basic Switch Commands
Ping
Ping
Purge ip ipaddress route
Purge IP
Purge ip ipaddress netmask route
Purge ip ipaddress netmask
Reset Switch
Reset switch
This command performs the functions described above
Reset system name
Reset System
Reset system name contact location
Reset system
Restart Reboot
Restart reboot
Following command resets the switch
Exist on the switch. The value None returns
Restart Switch
Restart switch config=nonefilename.cfg
Config
Restart switch config=switch12.cfg
Following command resets the switch to its default values
Restart switch config=none
Set asyn speed=115200
SET Asyn
SET IP Interface
Set ip interface=eth0 ipaddress=dhcp
Following command sets just the subnet mask
Following command activates the Dhcp client software
Set ip interface=eth0 netmask=255.255.255.252
Set ip route ipaddress=140.35.22.12
Following command sets the default gateway to
SET IP Route
Set ip route ipaddress=ipaddress
Follow the prompts to enter the new password
SET Password Manager
Set password manager
Following command changes the manager’s password
SET Password Operator
Set password operator
Following command changes the operator’s password
Set switch consoletimer=25
SET Switch Consoletimer
Set switch consoletimer=value
Following command sets the console timer to 25 minutes
SET System
Set system name=name contact=contact location=location
Set system name=PR Office
Following command changes the operator’s password to newby
SET User Password
Show user manageroperator password=password
Password
Show asyn
Show Asyn
Show config info
Show Config
Show config dynamic info
Show config
Show dhcpbootp
Show Dhcpbootp
Show ip interface=eth0
Show IP Interface
Show ip route
Show IP Route
Show switch
Show Switch
Following command displays the above information
Show System
Show system
Guide for background information on Sntp
Simple Network Time Protocol Sntp Commands
Ipaddress Parameters are equivalent
ADD Sntpserver Peeripaddress
Add sntpserver peeripaddress=ipaddress
Peer
Delete Sntpserver Peeripaddress
Delete sntpserver peeripaddress=ipaddress
Delete sntpserver ipaddress=148.35.16.248
Disable Sntp
Disable sntp
Following command disables Sntp on the switch
Enable Sntp
Enable sntp
Following command enables the Sntp client software
Following command resets Sntp
Purge Sntp
Purge sntp
Set date=11-03-2004 time=163452
Following command sets just the date to April 2
SET Date Time
Time in 24-hour format
SET Sntp
Set sntp dst=enabled pollinterval=300 utcoffset=-8
Following command displays Sntp client software information
Show Sntp
Show sntp
Show time
This command shows the switch’s current date and time
Following command shows the system’s date and time
Show Time
Guide for background information on Snmp
SNMPv1 and SNMPv2 Community Strings and Trap Commands
Point. Otherwise, the quotes are optional
ADD Snmp Community
Community
Must be enclosed in double quotes if it contains a
Add snmp community=public traphost=149.212.10.11
Create Snmp Community
Have up to eight IP addresses of management
Can use the community string to access the switch
This option applies if you specify the status
Community string as closed. a community string can
Create snmp community=serv12 access=read open=yes
Delete Snmp Community
Delete snmp community=public traphost=149.212.44.45
Destroy Snmp Community
Destroy snmp community=community
Destroy snmp community=wind44
Disable Snmp
Disable snmp
Following command disables Snmp on the switch
Disable Snmp Authenticatetrap
Disable snmp authenticatetrapauthenticatetrap
Disable snmp authenticatetrap
String must be enclosed in double quotes if it
Disable Snmp Community
Disable snmp community=community
Disable snmp community=sw1200
Enable Snmp
Enable snmp
Following command activates Snmp on the switch
Enable Snmp Authenticatetrap
Enable snmp authenticatetrapauthenticatetrap
Enable snmp authenticatetrap
Enable Snmp Community
Enable snmp community=community
Enable snmp community=private
Set snmp community=sw44 open=no
SET Snmp Community
Set snmp community=serv12 access=write open=yes
Show snmp community=community
Otherwise, the quotes are optional. Default
This command displays the following Snmp information
Show Snmp
Show snmp community=private
Show snmp
SNMPv3 Commands
Guide for background information on the SNMPv3 protocol
ADD SNMPV3 User
This command creates an SNMPv3 User Table entry
Entry to the configuration file on
Switch. This is the default
Configuration file on the switch
Clear SNMPV3 Access
An optional parameter
Writeview Specifies a Write View Name that allows the users
Notifyview
Assigned to this security group to send traps
Parameter
Clear snmpv3 community index=421 transporttag
Clear SNMPV3 Community
Clear snmpv3 community index=index transporttag
Clear snmpv3 community index=1005 transporttag
Clear snmpv3 notify=hwenginform tag
Clear SNMPV3 Notify
Clear snmpv3 notify=notify tag
Clear snmpv3 notify=hwengtraptag tag
Clear snmpv3 targetaddr=snmphost79 taglist
Clear SNMPV3 Targetaddr
Clear snmpv3 targetaddr=targetaddr taglist
Clear snmpv3 targetaddr=snmphost44 taglist
Clear snmpv3 view=private subtree=1.3.6.1.4 mask
Clear SNMPV3 View
Clear snmpv3 view=view subtree=OIDtext mask
Clear snmpv3 view=1.3.6.1.2.1.1 mask
Create SNMPV3 Access
Information in the specified View Table. This is an
Parameter, then the writeview parameter defaults to
Notifyview parameter defaults to none
This command creates an SNMPv3 Access Table entry
111
Create SNMPV3 Community
113
Create SNMPV3 Group
Groupname Specifies a group name configured in the SNMPv3
SNMPV3 Access on
This command creates an SNMPv3 SecurityToGroup Table entry
115
Inform Inform messages are sent, with a
NMS or manager. This is the default
This command creates an SNMPv3 Notify Table entry
Create SNMPV3 Notify
117
Create SNMPV3 Targetaddr
119
Create SNMPV3 Targetparams
Targetparams Specifies the name of the SNMPv3 Target
User Table
This command creates an SNMPv3 Target Parameters Table entry
This command creates an SNMPv3 View Table entry
Create SNMPV3 View
Options are
123
Delete snmpv3 user=75murthy75
Delete SNMPV3 User
Delete snmpv3 user=user
Delete snmpv3 user=wilson890
Destroy SNMPv3 Access
126
Destroy snmpv3 community index=index
Destroy snmpv3 community index=1001
Destroy snmpv3 community index=5
Destroy snmpv3 group username=May securitymodel=v3
Destroy snmpv3 group username=Dave securitymodel=v3
Destroy snmpv3 notify=notify
Destroy snmpv3 notify=systemtestnotifytrap
Destroy snmpv3 notify=engineeringinform1
Destroy snmpv3 targetaddr=target
Destroy snmpv3 targetaddr=snmpv3host77
Destroy snmpv3 targetaddr=snmpmanager
Destroy snmpv3 targetparams=snmpmanager
Destroy snmpv3 targetparams=targetparams
Targetparams
Destroy snmpv3 targetparams=targetparameter1
Text Text name of the view
Destroy SNMPV3 View
Destroy snmpv3 view=view subtree=OIDtext
Subtree Specifies the view subtree view. The options are
Specified View
SET SNMPV3 Access
Specified by the View Table entry
Information in the specified View Table
This command modifies an SNMPv3 Access Table entry
SET SNMPV3 Community
This command modifies an SNMPv3 Community Table entry
136
SET SNMPV3 Group
This command modifies an SNMPv3 SecurityToGroup Table entry
138
SET SNMPV3 Notify
This command modifies an SNMPv3 Notify Table entry
140
Retries Specifies the number of times the switch retries to
SET SNMPV3 Targetaddr
Parameter Udpport
This command modifies an SNMPv3 Target Address Table entry
Username Specifies the user name Securitymodel
SET SNMPV3 Targetparams
This command modifies a Target Parameters Table entry
SET SNMPV3 User
146
This command modifies an SNMPv3 View Table entry
SET SNMPV3 View
Name to see the specified subtree
Set snmpv3 view=system subtree=1.3.6.1.2.1 type=excluded
Set snmpv3 view=internet1 subtree=internet type=included
Show snmpv3 access
Show SNMPV3 Access
Show snmpv3 access=access
Show snmpv3 access=production
Show snmpv3 community
Show SNMPV3 Community
Show snmpv3 community index=index
Show snmpv3 community index=246
Show snmpv3 group
Show snmpv3 group username=Dave securitymodel=v3
Show snmpv3 notify
Show SNMPV3 Notify
Show snmpv3 notify=notify
Show snmpv3 notify=testengtrap1
Show snmpv3 targetaddr
Show SNMPV3 Targetaddr
Show snmpv3 targetaddr=targetaddr
Show snmpv3 targetaddr=snmpv3host55
Show snmpv3 targetparams
Show SNMPV3 Targetparams
Show snmpv3 targetparams=targetparams
Show snmpv3 targetparams=snmpv3manager95
Show snmpv3 user
Show SNMPV3 User
Show snmpv3 user=user
Show snmpv3 user=Robert
Show snmpv3 view=view subtree=OIDtext
Show SNMPV3 View
Guide for background information on the port parameters
Port Parameter Commands
Activate Switch Port
Activate switch port=port autonegotiate
Activate switch port=1,4 autonegotiate
Disable interface=21
Disable Interface Linktrap
Disable interface=port linktrap
Following command disables link traps on port
Disable switch port=12,24
Disable Switch Port
Disable switch port=port
Following command disables ports 12
Disable Switch Port Flow
Disable switch port=port flow=pause
Disable switch port=6 flow=pause
Enable interface=21
Enable Interface Linktrap
Enable interface=port linktrap
Following command enables Snmp link traps on port
Disable switch port=1-4
Enable Switch Port
Enable switch port=port
Following command enables ports 1 to
This command activates flow control on port
Enable Switch Port Flow
Enable switch port=port flow=pause
Port Specifies the port where you want to activate flow
Reset switch port=5-8
Reset Switch Port
Reset switch port=port
Following command resets ports 5 to
Mdimode=mdimdixauto
SET Switch Port
Auto-Negotiation
Default setting
Mdi Sets the port’s configuration to MDI Mdix
To the port. This is the default setting
Default is 57,344 cells
Is using flow control, the switch port
Is not using flow control, neither will
Switch port
A port’s operating parameters
Duplex mode
Softreset
Only value is
Following command resets port
Following command disables ports 1 to
Set switch port=1-6 status=disabled
Set switch port=8 speed=10mhalf
SET Switch Port Ratelimit
Yes, on, true, enabled Activates multicast
No, off, false, disabled Deactivates multicast
Set switch port=all unkucastratelimiting=enabled
This command changes the rate limit to 15,000 packets
Set switch port=all rate=15000
Set switch port=all unkucastratelimiting=disabled
Show Interface
Show interface=port
Port Specifies the port whose interface information you
Show interface=21
Following command displays the above information on port
Show switch port=14
Show Switch Port
Show switch port=port
Show switch port
Guide for background information on the MAC address table
MAC Address Table Commands
ADD Switch Fdbfilter
179
Delete switch fdb macaddress=00a0c1112244 vlan=sales
Delete Switch FDB
Delete switch fdb macaddress=macaddress vlan=namevid
Delete switch fdb macaddress=00A0D2181A11 vlan=1
Specify more than one port at a time
Reset Switch FDB
Reset switch fdb port=port
Reset switch fdb port=5
SET Switch Agingtimerageingtimer
Set switch agingtimerageingtimer=value
Set switch agingtimer=120
Show Switch Agingtimerageingtimer
Show switch agingtimerageingtimer
Show switch agingtimer
Show Switch FDB
Show switch fdb
Show switch fdb status=static
Show switch fdb vlan=sales
Show switch fdb status=multicast
Show switch fdb address=00A0D2181A11
Show switch fdb port=2
Port Trunking Commands
Add switch trunk=load22 port=5
ADD Switch Trunk
Add switch trunk=name port=port
Following command adds port 5 to a port trunk called load22
Create Switch Trunk
Create switch trunk=trunk4 port=15,17,23
Create switch trunk=load22 port=3-6 select=macdest
Trunk Specifies the name of the trunk to be modified Port
Delete Switch Trunk
Delete switch trunk=name port=port
Delete switch trunk=Devtrunk port=9
Destroy Switch Trunk
Destroy switch trunk=name
Destroy switch trunk=load22
SET Switch Trunk
Set switch trunk=Load11 select=ipdest
Trunk Specifies the name of the port trunk Select
Show Switch Trunk
Show switch trunk
Following command displays port trunking information
This chapter contains the following commands
Networking Stack Commands
Delete ip arp
Following command deletes the ARP entry with the IP address
Delete IP ARP
Delete ip arp ipaddressall
Delete TCP
Delete tcp indexnumber
Delete tcp
Reset ip arp
Reset IP ARP
SET IP ARP
Set ip arp timeout=integer
Following command sets the timer to 600 seconds
Set ip arp timeout=600
IP addresses and their corresponding MAC addresses
Following command displays the ARP table
Show IP ARP
Show ip arp
IP address of a destination network, subnetwork, or end node
Following command displays the IP route table
Show tcp
Show TCP
Internal socket ID number assigned to the connection
Number of segments transmitted with the RST bit set
203
Guide for background information and guidelines on Lacp
Lacp Commands
ADD Lacp Port
Add lacp port=8,22 aggregator=agg1
Add lacp port=6 adminkey=0x1a priority=0x10
Create Lacp Aggregator
Following command creates an Lacp aggregator named
Delete Lacp Port
Delete lacp port=port aggregator=name
Delete lacp port=9
Destroy Lacp Aggregator
Destroy lacp aggregator=nameadminkey=key
Following command deletes an aggregator named agg15
Destroy lacp adminkey=0x1a
Disable Lacp
Disable lacp
Following command disables Lacp on the switch
Enable Lacp
Enable lacp
Following command enables Lacp
Set lacp aggregator=server11trunk adminkey=0x22
SET Lacp Aggregator
Set lacp aggregator=agg5 distribution=macsrc
SET Lacp Port
Set lacp port=6 priority=0x2b
Set lacp port=2,5 aggregator=switchtrunk
Set lacp port=8-9 adminkey=0x11
Following command changes the priority of port 6 to 0x2B
This is a hexadecimal value from 0x1 to 0xffff.
Following command sets the Lacp priority on the switch to
SET Lacp Priority
Set lacp priority=priority
Set lacp state=enabledisable
Set lacp state=enable
SET Lacp State
Show Lacp
Port Mirroring Commands
Set switch mirror=0
SET Switch Mirror
Set switch mirror=port
Set switch mirror=11
Set switch port=5,7,10 mirror=none
SET Switch Port Mirror
Set switch port=port mirror=nonerxtxboth
Set switch port=16-17 mirror=rx
Show Switch Mirror
Show switch mirror
Following command displays the ports of a port mirror
Guide for background information on statistics
Statistics Commands
Reset switch port=14-15 counter
Reset Switch Port Counter
Reset switch port=port counter
This command returns a port’s statistics counters to zero
Show switch counter
Show Switch Counter
Show switch port counter
Show Switch Port Counter
Show switch port=port counter
Show switch port=14 counter
Guide for background information on the switch’s file system
File System Commands
Copy admin.cfg admin2.cfg
Copy switch 12.cfg backup.cfg
Copy
Filename contains spaces, it must be enclosed
Create Config
Create config=filename.cfg
Create config=Switch12.cfg
Delete file=SW55a.csr
Delete file=Switch 12.cfg
Delete File
Delete file=filename
Rename Switch12.cfg Sw 44a.cfg
Rename
If the name contains spaces, enclose it
SET Config
Set config=filename.cfg
Spaces, it must be enclosed in double quotes
Set config=switch22.cfg
Show file=*.cfg
Show File
Show file=filename
Show file=
File Download and Upload Commands
Name in double quotes. These parameters are
Load METHOD=LOCAL
System that you want to download into the application
Block. If the filename contains a space, enclose
Load method=local destfile=appblock srcfile=ats62v1 3 0.img
Load METHOD=TFTP
Request
AT-S62 configuration file
Public key certificate
Public key certificate enrollment
240
241
Method Specifies an Xmodem download Destfile
As the new active image file on the switch
Load METHOD=XMODEM
Load method=xmodem destfile=appblockfilename
243
Load method=xmodem destfile=switch12.cfg
Load method=xmodem destfile=sw12ssl.cer
Load method=xmodem destfile=appblock
Load method=xmodem destfile=ats62v130.img
Active AT-S62 image file is stored
Upload METHOD=LOCAL
Upload method=local destfile=sw12 s62 image.img src=appblock
Upload METHOD=REMOTESWITCH
249
250
Upload method=remoteswitch srcfile=appblock switchlist=2
252
Upload METHOD=TFTP
254
255
Appblock
Switch’s file system
Upload METHOD=XMODEM
Specifies the name of a file
Upload method=xmodem srcfile=sw22 boot.cfg
Upload method=xmodem srcfile=switchcfg
Upload method=xmodem srcfile=sw12sslenroll.csr
Event Log and Syslog Server Commands
ADD LOG Output
Add log output=3 module=estack severity=e
Add log output=5 module=all severity=all
Add log output=4 module=stp,vlan severity=e,w
Create LOG Output
263
Clock daemon Time- based modules Time system time and Sntp
Security Security modules Authorization
Authentication modules
Messages
LOCAL1 LOCAL2 LOCAL3 LOCAL4 LOCAL5 LOCAL6 LOCAL7
Syslogformat parameter defines the content of the events
Destroy log output=3
Following command deletes syslog server definition number
Destroy LOG Output
Destroy log output=idnumber
Disable LOG
Disable log
Following command disables the event log on the switch
Disable log output
Disable LOG Output
Disable log output=idnumber
Disable log output=7
Enable log
Enable LOG
Enable log output
Enable LOG Output
Enable log output=idnumber
Enable log output=4
Purge log=temporary
Purge LOG
Save LOG
Save log=temporary filename=switch 2.log
SET LOG Fullaction
Set log fullaction temporary=haltwrap
Set log fullaction temporary=halt
SET LOG Output
Normal Sends only the severity, module, Description Module
Example, MAC,PACCESS. For a list
According to its impact on the switch’s operation
Address for each event. This is
Set log output=11 module=stp,igmpsnooping severity=e,w
Set log output=3 server=198.45.12.1
Displayed oldest to newest
Show LOG
Modules Reverse Specifies the order in which the events are
Newest to oldest. Without it, the events are
Denial of service defense
Port access control list
Switch configuration
Command line interface commands
Power over Ethernet AT-8524POE switch only
Management access control list
802.1x port-based access control
Port configuration
Event Log Example
Selects all severity levels
Show log=temporary module=file,qos
Following command displays all the entries in the event log
Show log=temporary
Show log=temporary full
Server definition. If an output ID number is not
On the switch are displayed
Show LOG Output
Show log output=idnumber full
Show log output=5 full
Following command displays information about the event log
Show log output
Show log output=1 full
Following command displays event log status information
Show LOG Status
Show log status
Guide for background information on classifiers
Classifier Commands
Create Classifier
You can specify other Layer 2 protocols by entering
A specific node or a subnet. To filter using the IP
VID number
Protocol Specifies a Layer 2 protocol. Options are ARP
Ipsaddr
Create classifier=4 description=IP flow protocol=ip
This command creates a classifier for all IP traffic
Destroy Classifier
Destroy classifier=idnumber
Destroy classifier=2,4
This command deletes all classifiers on the switch
Purge Classifier
Purge classifier
SET Classifier
Classifier Specifies the ID number of the classifier to be
Number can be from 1 to
Number with
You can specify additional Layer 2 protocols by
Entering the protocol number in either decimal or
Hexadecimal format. For the latter, precede
Set classifier=6 ipprotocol=igmp
This command adds the Layer 3 protocol Igmp to classifier ID
Set classifier=5 udpdport=any
Show classifier=12
Show Classifier
Show classifier=idnumber
Show classifier
Guide for background information on access control lists ACL
ACL Commands
Create ACL
ACL Commands
Destroy acl=integer
This command deletes an ACL from the switch
Following command deletes ACL IDs 14
Destroy ACL
This command deletes all ACLs on the switch
Purge ACL
Purge acl
SET ACL
Set acl=6 action=permit portlist=4-7
This command changes the description of ACL ID
This command changes the classifiers of ACL ID
Set acl=4 description=ARP flow
Show acl=22
Show ACL
Show acl=integer
Show acl
Quality of Service QoS Commands
307
ADD QOS Flowgroup
Add qos flowgroup=integer classifierlist=integers
Add qos flowgroup=12 classifierlist=4,7
11,12
This command adds the traffic class 16 to policy
ADD QOS Policy
Add qos policy=integer trafficclasslist=integers
Add qos trafficclass=17 flowgrouplist=21
ADD QOS Trafficclass
Create qos flowgroup=integer
Create QOS Flowgroup
Remarkpriority
New value specified with the Priority
With the Priority parameter
313
Create QOS Policy
14-22
Ingress ports. On switches with 24 ports plus
Uplinks, ports 1-26 form a port block. On switches
This command creates a new QoS policy
Parts of the policies are
Policy 11 Commands
Example 2 Video Application
Example 3 Critical Database
Policy 32 Commands
Policy 15 Commands
Create qos trafficclass=integer
Create QOS Trafficclass
Policy level
Specified at the traffic class or policy level. a
Used only if no value has been specified at
Flow group level. It will override any value set at
Increases, the excess traffic will be discarded
Continue to the point where all the unused
Traffic. However, no unused tokens will
Accumulate in the bucket. If the traffic
Priority parameter. This is
Packets with the new value
Specified with the Priority
Value specified in with
Delete qos flowgroup=22 classifierlist=6
Delete QOS Flowgroup
Delete qos policy=1 trafficclasslist=17
Delete QOS Policy
Delete qos trafficclass=22 flowgrouplist=5
Delete QOS Trafficclass
Destroy qos flowgroup=16-20,23
Destroy QOS Flowgroup
Destroy qos flowgroup=integer
Destroy qos flowgroup=22
Destroy qos policy=5,23
Destroy QOS Policy
Destroy qos policy=integer
Destroy qos policy=41
Destroy qos trafficclass=16-20,23
Destroy QOS Trafficclass
Destroy qos trafficclass=integer
Destroy qos trafficclass=22
If you specify a new priority in a flow group and a
SET QOS Flowgroup
To modify. The range is 0 to
If the None option is used, the frame’s current
Packets with the new value specified
Set qos flowgroup=15 priority=6
Set qos flowgroup=25 classifierlist=23,41
Set qos flowgroup=41 markvalue=none
TOS field of the packets. The range is 0 to
SET QOS Policy
ALL option adds it to all ports
To another policy with one command
Ingressport
14-22. The None option removes the policy
Set qos policy=41 trafficclasslist=12,23
This command changes the ingress port for policy 8 to port
This command changes the traffic classes assigned to policy
Set qos policy=8 ingressport=8
SET QOS Port
Set qos port=5-8 type=ingress policy=12
Set qos port=1,5 type=egress policy=none
Set qos trafficclass=integer
SET QOS Trafficclass
Flow group, traffic class, and policy. a Dscp value
Bucket size without also specifying a maximum
When they leave the switch
Tokens are added. The range is 4 to 512 Kbps
This parameter should be used with
With commas e.g., 4,11,13
Set qos trafficclass=42 priority=17
Set qos trafficclass=41 maxbandwidth=80 burstsize=400
Show qos flowgroup=12
Show QOS Flowgroup
Show qos flowgroup=idnumber
Show qos flowgroup
Show qos policy=54
Show QOS Policy
Show qos policy=idnumber
Show qos policy
Show qos trafficclass=14
Show QOS Trafficclass
Show qos trafficclass=idnumber
Show qos trafficclass
Guide for background information on Quality of Service
Class of Service CoS Commands
MAP QOS Cosp
Map qos cosp=4,5 qid=3
Following command maps priorities 4 and 5, to egress queue
Following command maps priorities 5 and 6, to egress queue
SET QOS Cosp
Set qos cosp=5,6 qid=1
Set qos scheduling=strict
Set qos scheduling=strictwrr weights=weights
Set qos scheduling=wrr weights=1,5,10,15
SET QOS Scheduling
Show QOS Config
Show qos config
Displays the QoS priority queues and scheduling
Guide for background information on Power over Ethernet PoE
Power Over Ethernet Commands
Disable poe port=5,7
Disable POE Port
Disable poe port=port
This command disables PoE on port 5
Enable poe port=2
Enable POE Port
Enable poe port=port
This commands activates PoE on port
SET POE Port
Set poe port=14 powerlimit=12500
Following command disables PoE on ports 4
Set poe port=4-5 poefunction=disable
This command sets the priority on port 6 and 11 to high
SET POE Threshold
Set poe threshold=value
Set poe threshold=80
Show poe config port=4
Show POE Config
Show poe config port=port
Show poe config
Show poe status port=port
Show POE Status
Show poe status port=4
Show poe status
Guide for background information on Igmp Snooping
Igmp Snooping Commands
Disable Igmpsnooping
Disable igmpsnooping
This command deactivates Igmp snooping
Enable Igmpsnooping
Enable igmpsnooping
This command activates Igmp snooping
SET IP Igmp
Set ip igmp hoststatus=singlehost
Set ip igmp snoopingstatus=disabled
Show igmpsnooping
Show Igmpsnooping
Show ip igmp hostlist
Show IP Igmp
Show ip igmp hostlist routerlist
Show ip igmp
Show ip igmp routerlist
Denial of Service DoS Defense Commands
SET DOS
Set dos ipaddress=ipaddress subnet=mask uplinkport=port
Set dos ipaddress=149.11.11.1 subnet=0.0.0.63
Mirrorport
Set dos ipoption port=5,7,10 state=enable
SET DOS Ipoption
Than one port at a time
Set dos land port=port state=enabledisable mirrorport=port
Set dos land port=5,7 state=enable
SET DOS Land
SET DOS Pingofdeath
Set dos pingofdeath port=1,5 state=enable
Following command activates the defense on ports 1
Set dos smurf port=17 state=enable
Set dos smurf port=port state=enabledisable
Port Specifies the switch ports on which you want to
Following command activates this defense on port
SET DOS Synflood
Set dos synflood port=port state=enabledisable
Following command activates the defense on ports 18 to
Set dos synflood port=18-20 state=enable
SET DOS Teardrop
Set dos teardrop port=22 state=enable
Following command activates the defense on port
Show dos ipaddress subnet
Show DOS
Show dos ipaddress subnet uplinkport
Show dos defense port=port
Show dos smurf port=4
STP Commands
Activate stp
Activate STP
Disable STP
Disable stp
Following command disables STP
Enable STP
Enable stp
Following command enables STP on the switch
Purge stp
Purge STP
32768
SET STP
Following table. You specify the increment that
Represents the desired bridge priority value.
Seconds
Set stp hellotime=7 forwarddelay=25
Set stp default
Set stp priority=11
SET STP Port
Set stp port=7-10 portcost=auto
Set stp port=6 portcost=15 portpriority=12
Multicastmode Specifies one of the following
SET Switch Multicastmode
Set switch multicastmode=abcd
Where the ingress port is a member
Set switch multicastmode=a
Show stp port=1-4
Show STP
Show stp port=port
Show stp
Rstp Commands
Activate rstp
Activate Rstp
Disable Rstp
Disable rstp
Following command disables Rstp
Enable Rstp
Enable rstp
Following command enables Rstp
Following command resets Rstp
Purge Rstp
Purge rstp
Increment that represents the desired bridge priority
SET Rstp
Range is divided into sixteen increments, as
Shown in the following table. You specify
Seconds
Forwarddelay
STP compatible mode
Parameter settings, but
Set rstp forceversion=stpcompatible
Set rstp priority=5 hellotime=5 forwarddelay=20
Set rstp default
SET Rstp Port
Values are equivalent. This is
Mbps 20,000 Portpriority
You specify the increment that corresponds to
Port is an edge port.
Set rstp port=6-8 edgeport=no
Set rstp port=4 portcost=1000000 portpriority=14
Show rstp
Show rstp portconfig=portportstate=port
Show rstp portconfig=1-4
Show Rstp
Show rstp portstate=15
Following command displays Rstp port status for port
Mstp Commands
407
Activate mstp
Activate Mstp
Add mstp mstiid=11 mstivlanassoc=24,44
ADD Mstp
Add mstp mstiid=mstiid mstivlanassoc=vids
Add mstp mstiid=8 mstivlanassoc=4
Create mstp mstiid=8 mstivlanassoc=4
Create Mstp
Create mstp mstiid=mstiid mstivlanassoc=vids
At a time. The range is 1 to
Delete mstp mstiid=11 mstivlanassoc=24,44
Delete Mstp
Delete mstp mstiid=mstiid mstivlanassoc=vids
Delete mstp mstiid=8 mstivlanassoc=4
Destroy mstp mstiid=4
Destroy Mstp Mstiid
Destroy mstp mstiid=mstiid
This example deletes the spanning tree instance
Disable Mstp
Disable mstp
Following command disables Mstp
Enable Mstp
Enable mstp
Following command enables Mstp
Purge mstp
Purge Mstp
SET Mstp
Performs the same function as the Reset Mstp
Command. The spanning tree protocol must be
Disabled to use this parameter
Maxhops Specifies the maximum hops counter. Mstp
Seconds Forwarddelay
Those ports operating in the STP compatible mode
Configname
Set mstp forceversion=forcestpcompatible
Set mstp default
Is divided into sixteen increments, as shown
Default value is 32,768, which is increment
SET Mstp Cist
Set mstp cist priority=priority
Set mstp cist priority=11
SET Mstp Msti
Set mstp msti mstiid=mstiid priority=priority
Msti Priority Value Increments
Set mstp msti mstiid=6 priority=2
Set mstp msti mstiid=4 priority=11
Set mstp mstivlanassoc mstiid=11 vlanlist=24,44
SET Mstp Mstivlanassoc
Set mstp mstivlanassoc mstiid=mstiid vlanlist=vids
Set mstp mstivlanassoc mstiid=8 vlanlist=4
SET Mstp Port
BPDUs indefinitely. Set the migrationcheck
Mbps 20,000 Edgeport
Connected to any device running STP or Mstp
Selections are Yes, on, true Port is an edge port. These
Mbps ports, and 20,000 for one gigabit ports
Default setting is Auto-detect 0, which sets port
Cost depending on the speed of the port. Default
An internal port cost. The range is 0 to 200,000,000
Set mstp port=6-8 ptp=yes
Set mstp port=14,23 extportcost=500
Set mstp port=6-8 edgeport=yes
Set mstp port=2-5 extportcost=auto
Set mstp port=7,10 intportcost=500
Set mstp port=7,10 portpriority=4 stpid=2
Set mstp port=2-5 intportcost=auto
Show Mstp
Msti priority Regional root ID
Show mstp cist
Show mstp portconfig=5 stpid=2
Show mstp
Show mstp portstate=4
VLANs and Multiple Vlan Mode Commands
Add vlan=name vid=vid port=portsall frame=untaggedtagged
ADD Vlan
Add vlan=production port=3 frame=tagged
Add vlan=Service untaggedports=7-8 taggedports=5
Add vlan=sales port=4,7 frame=untagged
Add vlan=sales untaggedports=4,7
Create vlan=name vid=vid port=portsall frame=untaggedtagged
Create Vlan
Frame parameter
Port Specifies the ports on the switch that are either
This command creates a new port-based or tagged Vlan
Example, 1, 5, 14-22. To specify all ports on
Create vlan=Production vid=22 port=3,6 frame=tagged
Create vlan=Service vid=16 port=1,4,5-7 frame=untagged
Create vlan=Sales vid=3 port=4-8,12-16 frame=untagged
Create vlan=Sales vid=3 untaggedports=4-8,12-16
438
This parameter must be used with the Frame
Delete Vlan
Delete vlan=name vid=vid port=ports frame=untaggedtagged
Vlan Specifies the name of the Vlan to be modified Vid
Delete vlan=production untaggedports=13
Delete vlan=sales port=4,7 frame=untagged
Delete vlan=sales untaggedports=4,7
Delete vlan=production port=13 frame=tagged
Delete vlan=Service untaggedports=6-8 taggedports=2
To 8, the commands would be
Destroy vlan vlan=Sales vid=102
Destroy Vlan
Destroy vlan vlan=nameall vid=vid
Destroy vlan vlan=Sales
SET Switch Infiltering
Set switch infiltering=yesnoonofftruefalse
Set switch infiltering=off
SET Switch Managementvlan
Set switch managementvlan=nameVID
Set switch managementvlan=TechSupport
Set switch vlanmode=dotqmultiple uplinkport=4
SET Switch Vlanmode
Set switch vlanmode=userconfig
SET Vlan
Set vlan=name vid=vid type=portbased
Set vlan=gvrpvlan22 type=portbased
Show vlan=sales
Show Vlan
Show vlan=namevid
Show vlan
Guide for background information on the Gvrp
Garp Vlan Registration Protocol Commands
Disable Garp
Disable garp=gvrp gip
Disable garp=gvrp
Enable garp=gvrp
Enable Garp
Enable garp=gvrp gip
This commands enables Gvrp on the switch
Purge garp=gvrp
Purge Garp
Set garp=gvrp port=3 mode=normal
SET Garp Port
Set garp=gvrp port=port mode=normalnone
Set garp=gvrp port=1-4 mode=none
SET Garp Timer
Set garp=gvrp timer default
Following command sets the timers to their default values
Following command displays the above Gvrp information
Show Garp
Show garp=gvrp
Show garp=gvrp counter
Show Garp Counter
Following command displays the above Garp counters
Following command displays the Garp database
Show Garp Database
Show garp=gvrp database
Following command displays the GIP-connected ring
Show Garp GIP
Show garp=gvrp gip
Port App Reg
Following command displays GID state machines
Show Garp Machine
Show garp=gvrp machine
Protected Ports Vlan Commands
ADD Vlan Group
Following command accomplishes the same thing using syntax
Add vlan=InternetGroups untaggedports=11 group=uplink
Add vlan=InternetGroups port=5,6 frame=untagged group=4
Add vlan=InternetGroups untaggedports=5,6 group=4
Create Vlan Portprotected
Create vlan=name vid=vid portprotected
Create vlan=InternetGroups vid=12 portprotected
VID
Vlan Specifies the name or VID of the Vlan to be
Delete vlan=InternetGroups untagged=12
Delete vlan=InternetGroups port=12 frame=untagged
Destroy vlan=InternetGroups
Following command deletes the Vlan called InternetGroups
Following command deletes all VLANs
Destroy vlan=namevidall
Set vlan=Sales port=4 frame=untagged
Set vlan=namevid port=ports frame=taggeduntagged
Following command displays the Sales Vlan
Guide for background information on port security
MAC Address Security Commands
Snmp trap
SET Switch Port Intrusionaction
Port Specifies the port where you want to change
Set switch port=12,21 intrusionaction=trap
SET Switch Port Securitymode
Action is set to discard. Options are
Trap, and disables the port
Disable. This option does not apply when intrusion
To the Limited security mode. Intrusion actions are
Set switch port=12-24 securitymode=secured
Set switch port=8 securitymode=limited learn=5
Set switch port=15-16 learn=150
Set switch port=2,6,18 securitymode=locked
Show switch port=12,21 intrusion
Show Switch Port Intrusion
Show switch port=port intrusion
Port Specifies the port where you want to view
Show Switch Port Securitymode
Show switch port=port securitymode
Show switch port=1-5 securitymode
802.1x Port-based Access Control Commands
Disable portaccess
Disable Portaccessportauth
Disable portaccessportauth
Portaccess and Portauth keywords are equivalent
Disable Radiusaccounting
Disable radiusaccounting
Following command disables Radius accounting
Enable Portaccessportauth
Enable portaccessportauth
Enable portaccess
Enable radiusaccounting
Enable Radiusaccounting
Control
SET Portaccessportauth Port ROLE=AUTHENTICATOR
Port-based authentication
Control on the port
Switch by using the clients
Authentication messages
Authentication server. Each
Access the network is
Is disabled by default. The default value is
Switch or the switch is
Reset or power cycled
Client before retransmitting the request. The default
Client’s authentication
Authenticator port will handle egress broadcast
Multicast traffic when in the unauthorized state. You
Client has logged on. This is the default
This command sets ports 4 to 6 to the Authenticator role
Set portaccess port=4-6 role=authenticator
Set portaccess port=12,15 role=none
Port Specifies the port that you want to set to
SET Portaccessportauth Port ROLE=SUPPLICANT
To adjust. You can specify more than one port at a
To 60 seconds. The default is 30 seconds
Set portaccess port=4-6 role=supplicant
SET Radiusaccounting
Set radiusaccounting updateenable=enabled interval=200
Interim accounting updates to the Radius server
Range is 30 to 300 seconds. The default is
Set radiusaccounting status=enabled trigger=stoponly
Show portaccess status
Show Portaccessportauth
Show portaccessportauth configstatus
Show portaccess config
Show portaccess port=12 supplicant config
Show Portaccessporauth Port
Settings you want to view. You can specify more
Show portaccess port=10 authenticator status
Show radiusaccounting
Show Radiusaccounting
Guide for background information on the web server
Web Server Commands
Disable Http Server
Disable http server
Following command disables the web server
Enable Http Server
Enable http server
Following command activates the web server
Purge http server
Purge Http Server
Secure Https mode
Will listen on. The default for non-secure Http
SET Http Server
Set http server security=enabled sslkeyid=5
Set http server security=disabled
This command enables the web server enable http server
Set http server security=enabled sslkeyid=4
503
This command disables the web server disable http server
Set system distinguishedname=cn=149.44.44.44
Create pki enrollmentrequest=sw24cer keypair=8
Set http server security=enabled sslkeyid=8
Following command displays the status of the web server
Show Http Server
Show http server
Encryption Key Commands
Create Enco KEY
Version 2 users
Ssh
Version 1 users
Ssh2
Syntax 2 Description
Create enco key=12 type=rsa length=512
Create enco key=12 type=rsa file=public12.key format=ssh
Destroy Enco KEY
Destroy enco key=key-id
Destroy enco key=4
Set enco key=1 descriptionSwitch 22 key
SET Enco KEY
Set enco key=key-iddescription=description
Show enco key=1
This command displays information about encryption key
Show Enco
Show enco key=key-id
Public Key Infrastructure PKI Certificate Commands
ADD PKI Certificate
517
Create PKI Certificate
519
520
Type Formats the request according to Pkcs #10
Create PKI Enrollmentrequest
Enclosed in double quotes. The management
Software automatically adds the .csr extension
PKCS10
Create pki enrollmentrequest=Switch12 keypair=4
Be enclosed in double quotes. Wildcards are not
Delete pki certificate=Switch 12 certificate
Delete PKI Certificate
Delete pki certificate=name
Purge pki
Purge PKI
Yes, on, true Specifies that the certificate is from a
Entity EE. This is the default
SET PKI Certificate
Spaces, it must be enclosed in quotes
Set pki certificate=Switch 12 certificate trusted=true
SET PKI Certstorelimit
Set pki certstorelimit=value
Set pki certstorelimit=100
SET System Distinguishedname
Set system distinguishedname=name
Set system distinguishedname=cn=169.22.22.22
Show pki
Show PKI
Show pki certificate
Show pki certificate=Switch 12 certificate
Show PKI Certificate
Show pki certificate=name
Secure Sockets Layer SSL Commands
Set ssl cachetimeout=value maxsessions=value
Set ssl cachetimeout=180
SET SSL
Show ssl
Show SSL
Secure Shell SSH Commands
Disable SSH Server
Disable ssh server
Following command disables the Secure Shell server
Enable SSH Server
General Configuration Steps for SSH Operation
Enable ssh server hostkey=0 serverkey=1
Enable ssh server hostkey=1 serverkey=2
SET SSH Server
Set ssh server expirytime=1
Show ssh
Show SSH
TACACS+ and Radius Commands
ADD Radiusserver
Add radiusserver ipaddress=149.245.22.22 order=1
Add radiusserver ipaddress=149.245.22.22 order=3
TACACS+ and Radius Commands
Add tacacsserver ipaddress=149.245.22.26 order=3
ADD Tacacsserver
Being the first server queried
Add tacacsserver ipaddress=149.245.22.20 order=1
Delete Radiusserver
Delete radiusserver serveripaddress=ipaddress
Delete radiusserver ipaddress=149.245.22.22
Delete Tacacsserver
Delete tacacsserver serveripaddress=ipaddress
Delete tacacsserver ipaddress=149.245.22.20
Disable authentication
Disable Authentication
Enable authentication
Enable Authentication
Purge Authentication
Purge authentication
Following command disables authentication on your switch
SET Authentication
Set authentication method=tacacs
Set authentication method=tacacs secret=tiger54
Set authentication method=radius secret=leopard09 timeout=15
Show authentication=radius
Show Authentication
Show authentication=tacacsradius
Show authentication
Guide for background information on the Management ACL
Management ACL Commands
ADD Mgmtacl
Management ACL Commands
Following command deletes an ACE from the Management ACL
Delete Mgmtacl
Tcp Transmission control protocol Interface
Disable Mgmtacl
Disable mgmtacl
Following command disables the Management ACL
Enable Mgmtacl
Enable mgmtacl
Following command enables the Management ACL
SET Mgmtacl
561
SET Mgmtacl State
Set mgmtacl state=disableenable
Enable Enables the Management ACL Disable
Set mgmtacl state=enable
Show mgmtacl entries
Show Mgmtacl
Show mgmtacl stateentries
Show mgmtacl state
Index
Configuring timeout value 198 aging timer
Create PKI Certificate command
Clear Screen command
Disable Snmp command
Disable Radiusaccounting command 481 Disable Rstp command
Modifying 308, 324
Flow group
Aging time 182 multicast groups
Disabling 480 displaying 493, 494
SET QOS Port command
SET Mgmtacl command
SET Mstp command SET Mstp Msti command
SET POE Threshold command
Show Switch Port Counter command
SET Switch Port command
Show PKI Certificate command 530 Show PKI command
Show Switch command
Modifying 259
Sntp
Adding Converting dynamic VLANs Creating
System files Deleting Downloading 238
