Manuals / Brands / Computer Equipment / Switch / SMC Networks / Computer Equipment / Switch

SMC Networks SMC7816M, SMC7816VSW 802.1X Port Authentication

1 962

Download 962 pages, 11.22 Mb

SER

A

UTHENTICATION

C

OMMANDS

22-34

802.1X Port Authentication

The switch supports IEEE 802.1X (dot1x) port-based access control that

prevents unauthorized access to the network by requiring users to first

submit credentials for authentication. Client authentication is controlled

centrally by a RADIUS server using EAP (Extensible Authentication

Protocol).

Table 22-12 802.1X Port Authentication Commands

Command Function Mode Page

dot1x

system-auth-control

Enables dot1x globally on the switch. GC 22-35

dot1x default Resets all dot1x parameters to their

default values

GC 22-35

dot1x max-req Sets the maximum number of times

that the switch retransmits an EAP

request/identity packet to the client

before it times out the authentication

session

IC 22-36

dot1x port-control Sets dot1x mode for a port interface IC 22-36

dot1x operation-mode Allows single or multiple hosts on an

dot1x port

IC 22-37

dot1x re-authenticate Forces re-authentication on specific

ports

PE 22-38

dot1x re-authentication Enables re-authentication for all ports IC 22-39

dot1x timeout

quiet-period

Sets the time that a switch port waits

after the Max Request Count has been

exceeded before attempting to acquire

a new client

IC 22-39

dot1x timeout

re-authperiod

Sets the time period after which a

connected client must be

re-authenticated

IC 22-40

Contents

Main TigerAccess EE 6-Band VDSL2 Switch Management Guide Page Page Trademarks: W IMITED v ARRANTY vi vii ONTENTS 2 Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1 C viii 4 Basic Management Tasks . . . . . . . . . . . . . . . . . . . . . . 4-1 5 Simple Network Management Protocol . . . . . . . . . . . 5-1 C ix 6 User Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1 7 Client Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1 Page C xi 13 VLAN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . .13-1 14 Class of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-1 Page C xiii 19 General Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-1 20 System Management Commands . . . . . . . . . . . . . . . .20-1 C xiv C xv 21 SNMP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . .21-1 22 User Authentication Commands . . . . . . . . . . . . . . . .22-1 C xvi C xvii 23 Client Security Commands . . . . . . . . . . . . . . . . . . . . .23-1 C xviii 24 Access Control List Commands . . . . . . . . . . . . . . . . . 24-1 25 Interface Commands . . . . . . . . . . . . . . . . . . . . . . . . . 25-1 Page C xx C xxi 30 Address Table Commands . . . . . . . . . . . . . . . . . . . . .30-1 C xxii 31 Spanning Tree Commands . . . . . . . . . . . . . . . . . . . . 31-1 32 VLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 32-1 C xxiii 33 Class of Service Commands . . . . . . . . . . . . . . . . . . . .33-1 C xxiv 34 Quality of Service Commands . . . . . . . . . . . . . . . . . . 34-1 35 Multicast Filtering Commands . . . . . . . . . . . . . . . . . 35-1 C xxv 36 Domain Name Service Commands . . . . . . . . . . . . . . 36-1 Page Page Page xxix ABLES xxx xxxi xxxii xxxiii IGURES xxxiv xxxv xxxvi Page Page 1-1 NTRODUCTION Key Features K F 1-2 Table 1-1 Key Features (Continued) 1-3 Description of Software Features F S 1-4 1-5 F S 1-6 1-7 Page 1-9 System Defaults Table 1-2 System Defaults D 1-10 Table 1-2 System Defaults (Continued) 1-11 Table 1-2 System Defaults (Continued) Page NITIAL 2-1 Connecting to the Switch Configuration Options S 2-2 Required Connections C 2-3 C 2-4 Remote Connections Basic Configuration Console Connection C 2-5 Setting Passwords C 2-6 Setting an IP Address C 2-7 C 2-8 Manual Configuration C 2-9 Dynamic Configuration C 2-10 C 2-11 Enabling SNMP Management Access Community Strings (for SNMP version 1 and 2c clients) C 2-12 Trap Receivers C 2-13 Configuring Access for SNMP Version 3 Clients S F Managing System Files C 2-15 Saving Configuration Settings Page ECTION II M WITCH Page ONFIGURING THE 3-1 WITCH Using the Web Interface Page Navigating the Web Browser Interface Page I B W 3-5 S 3-6 I B W 3-7 S 3-8 I B W 3-9 S 3-10 I B W 3-11 S 3-12 I B W 3-13 Page 4-1 4 B T M ASIC ASKS Page S I 4-3 CLI Specify the hostname, location and contact information. M Displaying System Health Page M T ASIC ASKS 4-6 Displaying Hardware/Software Versions Page B C E 4-9 Displaying Bridge Extension Capabilities Page IP A S 4-11 Setting the Switchs IP Address Page IP A WITCH S THE M T 4-14 Using DHCP/BOOTP IP A S 4-15 M Configuring Support for Jumbo Frames F 4-17 Managing Firmware Page Page M T 4-20 Saving or Restoring Configuration Settings S C R 4-21 Page Page M T 4-24 Console Port Settings P S 4-25 M T Telnet Settings S 4-27 M T 4-28 E L Configuring Event Logging System Log Configuration M T 4-30 E L 4-31 Remote Log Configuration Page E L 4-33 Displaying Log Messages M T 4-34 Sending Simple Mail Transfer Protocol Alerts Page M T 4-36 Resetting the System C S 4-37 Setting the System Clock Configuring SNTP M T 4-38 Page Page Page N P M 5-2 5-3 Note: The predefined default groups and view can be deleted from the system. You can then define customized groups and views for the SNMP clients that require access. Table 5-1 SNMPv3 Security Models and Levels (Continued) Enabling the SNMP Agent Setting Community Access Strings Page N P M 5-6 Specifying Trap Managers and Trap Types T M 5-7 Page Page Configuring SNMPv3 Management Access SNMP A 5-11 Specifying a Remote Engine ID N P M 5-12 Configuring SNMPv3 Users Page Page SNMP A 5-15 Configuring Remote SNMPv3 Users Page Page N P M 5-18 Configuring SNMPv3 Groups SNMP A 5-19 Notify View The configured view for notifications. (Range: 1-64 characters) Table 5-2 Supported Notification Messages N P M 5-20 SNMP A 5-21 N P M 5-22 Page N P M 5-24 Setting SNMPv3 Views Page N P M ETWORK IMPLE 6 U A SER UTHENTICATION Configuring User Accounts A 6-2 L A L Configuring Local/Remote Logon Authentication A 6-4 L A L /R 6-5 A 6-6 HTTPS 6-7 Configuring HTTPS A 6-8 HTTPS 6-9 Replacing the Default Secure-site Certificate A 6-10 Configuring the Secure Shell S 6-11 A 6-12 S 6-13 Generating the Host Key Pair A 6-14 Page A 6-16 Configuring the SSH Server Page A SER 6-18 802.1X P A Configuring 802.1X Port Authentication A 6-20 802.1X P A 6-21 Displaying 802.1X Global Settings Page 802.1X P A 6-23 Configuring Port Settings for 802.1X A 6-24 802.1X P A 6-25 A 6-26 Displaying 802.1X Statistics This switch can display statistics for dot1x protocol exchanges for any port. Table 6-2 802.1X Statistics 802.1X P A Parameter Description 6-27 Figure 6-9 802.1X Port Statistics CLI This example displays the dot1x statistics for port 4. Filtering IP Addresses for Management Access Page Page LIENT 7-1 ECURITY S 7-2 Configuring Port Security P S 7-3 S 7-4 IP S G 7-5 Configuring IP Source Guard S 7-6 Page S 7-8 Configuring DHCP Snooping DHCP S 7-9 S 7-10 DHCP S 7-11 S 7-12 DHCP S I 7-13 Displaying DHCP Snooping Information Page P F 7-15 Configuring Packet Filtering Filtering Service Packets S 7-16 P F 7-17 S 7-18 Filtering IP/MAC Address Pairs Page Page CCESS ONTROL 8-1 ISTS Configuring Access Control Lists C L 8-2 A L C 8-3 Setting the ACL Name and Type Page Page C L 8-6 Page C L 8-8 Configuring a MAC ACL Page C L 8-10 Configuring ACL Masks Specifying the Mask Type A L C 8-11 Configuring an IP ACL Mask Page Page C L 8-14 Configuring a MAC ACL Mask Page C L 8-16 Binding a Port to an Access Control List Page Page 9-1 9 P C ORT Displaying Connection Status Field Attributes (Web) C 9-2 Field Attributes (CLI) Basic information: Configuration: C S 9-3 Current status: C Configuring Interface Connections I C 9-5 C 9-6 I C 9-7 C 9-8 Creating Trunk Groups T G 9-9 Statically Configuring a Trunk Page T G 9-11 Enabling LACP on Selected Ports C 9-12 T G 9-13 Configuring LACP Parameters Dynamically Creating a Port Channel C 9-14 Page C 9-16 T G 9-17 Displaying LACP Port Counters You can display statistics for LACP protocol messages. C 9-18 CLI The following example displays LACP counters for port channel 1. Displaying LACP Settings and Status for the Local Side Table 9-2 LACP Internal Configuration Information T G 9-19 Table 9-2 LACP Internal Configuration Information (Continued) C 9-20 T G 9-21 Displaying LACP Settings and Status for the Remote Side Table 9-3 LACP Neighbor Configuration Information C 9-22 B T S Setting Broadcast Storm Thresholds C 9-24 P M 9-25 Configuring Port Mirroring C 9-26 Configuring Rate Limits Page C 9-28 P S 9-29 Showing Port Statistics C 9-30 P S 9-31 C 9-32 Page Page P S HOWING TATISTICS 9-35 Page 10-1 10 VDSL C Configuring Global Settings for VDSL Ports 10-2 G VDSL P S 10-3 Page Page 10-6 I VDSL P S Configuring Interface Settings for VDSL Ports 10-8 I VDSL P S 10-9 10-10 I VDSL P S 10-11 Page Page Page Page 10-16 Configuring Line Profiles Page Page Page 10-20 VDSL S I 10-21 Displaying VDSL Status Information LRE Status Communication status of the VDSL line Table 10-1 LRE Status signal bands for the specified interface 10-22 LRE Rate Information Data Rates for the VDSL line Table 10-2 Rate Status Table 10-1 LRE Status (Continued) Page 10-24 CLI This example displays connection status and data rates for the selected VDSL port. VDSL P S Ethernet Receive Performance Counters Displaying VDSL Performance Statistics Error Statistics Table 10-3 Error Statistics Table 10-4 Ethernet Receive Performance Counters 10-26 Ethernet Transmit Performance Counters Table 10-5 Ethernet Transmit Performance Counters Table 10-4 Ethernet Receive Performance Counters (Continued) Page Page VDSL P S ERFORMANCE TATISTICS 10-29 Configuring an Alarm Profile P A 10-31 10-32 P A 10-33 Page Page 10-36 Displaying CPE Information CO Firmware Buffer Information CPE Firmware Versions Table 10-7 CPE Firmware Versions Table 10-8 CO Firmware Buffer Information CPE I 10-37 CPE Performance Counters Table 10-9 CPE Performance Counters Page Page 10-40 CLI This example displays information about the CPE attached to the selected VDSL port. OAM F CPE F U Configuring OAM Functions and Upgrading CPE Firmware 10-42 Page 10-44 DDRESS 11-1 ETTINGS Setting Static Addresses Displaying the Address Table Page T S 11-4 Changing the Aging Time PANNING REE 12-1 LGORITHM T A 12-2 12-3 T A 12-4 Displaying Global Settings G S 12-5 T A 12-6 G S CLI LOBAL 12-7 Configuring Global Settings G S 12-9 T A 12-10 Page Page I S 12-13 Displaying Interface Settings T A 12-14 Page T A 12-16 I S NTERFACE 12-17 CLI This example shows the STA attributes for port 5. Configuring Interface Settings I S 12-19 T A 12-20 Page T A 12-22 Configuring Multiple Spanning Trees Page T A LGORITHM 12-24 CLI This displays STA settings for instance 1, followed by settings for each port. Displaying Interface Settings for MSTP T A LGORITHM 12-26 I Configuring Interface Settings for MSTP T A 12-28 Page Page 13-1 13 VLAN C Selecting the VLAN Operation Mode 13-2 IEEE 802.1Q VLANs 13-3 13-4 13-5 13-6 Enabling or Disabling GVRP (Global Setting) 13-7 Displaying Basic VLAN Information 13-8 Displaying Current VLANs Command Attributes (Web) 13-9 Command Attributes (CLI) 13-10 Creating VLANs 13-11 13-12 Adding Static Members to VLANs (VLAN Index) 13-13 13-14 Adding Static Members to VLANs (Port Index) 13-15 Configuring VLAN Behavior for Interfaces 13-16 13-17 Configuring Private VLANs P VLAN 13-19 Configuring Uplink and Downlink Ports 13-20 Configuring Protocol-Based VLANs Page 13-22 Mapping Protocols to VLANs Page 13-24 Configuring IEEE 802.1Q Tunneling IEEE 802.1Q T 13-25 13-26 IEEE 802.1Q T 13-27 13-28 Page 13-30 Adding an Interface to a QinQ Tunnel Page 13-32 VLAN S 13-33 Configuring VLAN Swapping Page VLAN S WAPPING 13-35 Page LASS 14-1 Layer 2 Queue Settings Setting the Default Priority for Interfaces Page 2 Q S UEUE AYER 14-3 S 14-4 2 Q S UEUE AYER 14-5 S 14-6 Selecting the Queue Mode 2 Q S 14-7 Setting the Service Weight for Traffic Classes Page 3/4 P S 14-9 Layer 3/4 Priority Settings Mapping Layer 3/4 Priorities to CoS Values Page Page S 14-12 3/4 P S 14-13 Mapping DSCP Priority S 14-14 Page S 14-16 Mapping IP Port Priority 3/4 P S 14-17 Page 15-1 15 Q S UALITY Configuring Quality of Service Parameters Q P S 15-3 S 15-4 Page S 15-6 Creating QoS Policies Q P S 15-7 S 15-8 Page S 15-10 Attaching a Policy Map to Ingress Queues Page Page ULTICAST 16-1 ILTERING F 16-2 Layer 2 IGMP (Snooping and Query) 2 IGMP (S Q 16-3 F 16-4 Configuring IGMP Snooping and Query Parameters 2 IGMP (S Q 16-5 F 16-6 Page F 16-8 Specifying Static Interfaces for a Multicast Router Page F 16-10 Page F 16-12 Page F 16-14 IGMP Filtering and Throttling Page F 16-16 Configuring IGMP Filter Profiles T 16-17 F 16-18 Configuring IGMP Filtering and Throttling for Interfaces T 16-19 F 16-20 Multicast VLAN Registration VLAN R 16-21 Configuring Global MVR Settings F 16-22 Page Page Page F 16-26 Configuring MVR Interfaces VLAN R 16-27 Page VLAN R 16-29 Page Page Page 17-1 17 D S AME N OMAIN N S 17-2 Page N S 17-4 Configuring Static DNS Host to Address Entries Page N S 17-6 Displaying the DNS Cache DNS C THE ACHE 17-7 Page ECTION III I INE L OMMAND Page Page I L C 18-2 Telnet Connection C 18-3 Entering Commands Keywords and Arguments Page C NTERING 18-5 Showing Commands Page C 18-7 Using Command History Understanding Command Modes Page C 18-9 I L C 18-10 Table 18-2 Configuration Command Modes C 18-11 Command Line Processing I Command Groups The system commands can be broken down into the functional groups shown below Table 18-4 Command Group Index Table 18-3 Keystroke Commands (Continued) G 18-13 Table 18-4 Command Group Index (Continued) Page 19-1 19 G C ENERAL Table 19-1 General Commands C 19-2 enable 19-3 disable configure C 19-4 show history 19-5 reload C 19-6 prompt end 19-7 exit quit Page YSTEM 20-1 Table 20-1 System Management Commands M C Device Designation Commands hostname S C 20-3 System Status Commands This section describes commands used to display system information. show startup-config Table 20-3 System Status Commands Page S C 20-5 Example show running-config (20-6) M C 20-6 show running-config S C 20-7 M C 20-8 show system S C 20-9 show users M C 20-10 show version show bme version S C Example 20-11 Example M C Example 20-12 show memory status System Mode Commands system mode M C 20-14 show system mode S Frame Size Commands jumbo frame M C 20-16 File Management Commands M C 20-17 copy M C 20-18 M C 20-19 M C 20-20 The following example shows how to copy the running configuratio n to a startup file. The following example shows how to download a configuration file: M C 20-21 Page M C 20-23 dir M C 20-24 whichboot M C 20-25 boot system M Line Commands Table 20-11 Line Commands C 20-27 line M C 20-28 login C 20-29 password M C 20-30 timeout login response C 20-31 exec-timeout M C 20-32 password-thresh C 20-33 silent-time databits M C 20-34 parity C 20-35 speed Page C 20-37 show line Page L C 20-39 Event Logging Commands logging on M C 20-40 logging history L C 20-41 logging host M C 20-42 logging facility L C 20-43 logging trap Page Page M C The following example displays settings for the trap function. 20-46 Table 20-14 show logging flash/ram - display description L C 20-47 show log M SMTP Alert Commands logging sendmail host SMTP A C 20-49 logging sendmail level M C 20-50 logging sendmail source-email logging sendmail destination-email Page Page C 20-53 Time Commands sntp client M C 20-54 sntp server C 20-55 sntp poll Page C 20-57 clock timezone M C 20-58 calendar set show calendar Page Page 21-1 21 SNMP C 21-2 snmp-server 21-3 show snmp 21-4 snmp-server community 21-5 snmp-server contact snmp-server location 21-6 snmp-server host 21-7 21-8 21-9 snmp-server enable traps 21-10 snmp-server engine-id 21-11 21-12 show snmp engine-id 21-13 snmp-server view 21-14 show snmp view 21-15 snmp-server group 21-16 show snmp group 21-17 Table 21-4 show snmp group - display description 21-18 snmp-server user 21-19 21-20 show snmp user This command shows information on SNMP users. Command Mode Example Table 21-5 show snmp user - display description 22 U A SER UTHENTICATION Table 22-1 Authentication Commands User Account Commands username A C 22-3 A C 22-4 enable password S Authentication Sequence authentication login A C 22-6 S 22-7 authentication enable A C RADIUS Client RADIUS C 22-9 radius-server host A C 22-10 radius-server port radius-server key RADIUS C 22-11 radius-server retransmit radius-server timeout A C 22-12 show radius-server TACACS+ C TACACS+ Client tacacs-server host A C 22-14 tacacs-server port tacacs-server key Web Server Commands Page S C 22-17 ip http secure-server A C 22-18 ip http secure-port Page A C 22-20 Telnet Server Commands ip telnet server S C 22-21 Secure Shell Commands Table 22-10 Secure Shell Commands A C 22-22 S C 22-23 A C 22-24 S C 22-25 ip ssh server A C 22-26 ip ssh timeout S C 22-27 ip ssh authentication-retries ip ssh server-key size Page S C 22-29 ip ssh crypto zeroize A C 22-30 ip ssh save host-key S C 22-31 show ip ssh show ssh A C 22-32 show public-key Table 22-11 show ssh - display description (Continued) S C 22-33 A C 802.1X Port Authentication Table 22-12 802.1X Port Authentication Commands A 22-35 dot1x system-auth-control dot1x default A C 22-36 dot1x max-req dot1x port-control A 22-37 dot1x operation-mode A C 22-38 dot1x re-authenticate A 22-39 dot1x re-authentication dot1x timeout quiet-period A C 22-40 dot1x timeout re-authperiod A 22-41 dot1x timeout tx-period show dot1x A C 22-42 A 22-43 A C SER 22-44 IP F Management IP Filter Commands management A C 22-46 show management IP F C ILTER 22-47 Page LIENT 23-1 ECURITY S C Port Security Commands S C 23-3 port security S C 23-4 F C Packet Filtering Commands filter ipmac S C 23-6 F C 23-7 filter netbios S C 23-8 filter dhcp-request F C 23-9 filter dhcp S C ECURITY LIENT 23-10 IP Source Guard Commands ip source-guard S C 23-12 G C 23-13 S C 23-14 ip source-guard binding G C 23-15 show ip source-guard Page C 23-17 DHCP Snooping Commands Table 23-5 DHCP Snooping Commands S C 23-18 ip dhcp snooping C 23-19 S C 23-20 ip dhcp snooping vlan C 23-21 ip dhcp snooping verify mac-address S C 23-22 ip dhcp snooping database write ip dhcp snooping service-provider-mode C 23-23 ip dhcp snooping client limit S C 23-24 ip dhcp snooping trust C 23-25 show ip dhcp snooping Page Page C L 24-2 IP ACLs Table 24-2 IP ACL Commands 24-3 access-list ip C L 24-4 permit, deny (Standard IP ACL) 24-5 permit, deny (Extended IP ACL) C L 24-6 24-7 show ip access-list C L 24-8 access-list ip mask-precedence 24-9 mask (IP ACL) C L 24-10 24-11 C IST L ONTROL CCESS 24-13 Page 24-15 show ip access-group C L 24-16 MAC ACLs Table 24-3 MAC ACL Commands 24-17 access-list mac C L 24-18 permit, deny (MAC ACL) 24-19 Page 24-21 mask (MAC ACL) Page 24-23 C L 24-24 show access-list mac mask-precedence 24-25 mac access-group Page ACL I 24-27 Example show access-group This command shows the port assignments of IP ACLs. Page 25-1 Table 25-1 Interface Commands C 25-2 interface 25-3 description speed-duplex C 25-4 25-5 negotiation C 25-6 capabilities 25-7 flowcontrol C 25-8 media-type 25-9 switchport mdix C 25-10 shutdown 25-11 switchport packet-rate C 25-12 clear counters Page C 25-14 show interfaces counters INTERFACES SHOW COUNTERS 25-15 C 25-16 show interfaces switchport 25-17 Table 25-2 show interfaces switchport - display description Page INK 26-1 GGREGATION A C 26-2 26-3 channel-group A C 26-4 lacp LACP 26-5 A C 26-6 lacp system-priority I (E 26-7 lacp admin-key (Ethernet Interface) A C 26-8 lacp admin-key (Port Channel) 26-9 lacp port-priority A C 26-10 show lacp 26-11 Table 26-2 show lacp counters - display description Table 26-3 show lacp internal - display description A C 26-12 Table 26-3 show lacp internal - display description (Continued) 26-13 Table 26-4 show lacp neighbors - display description A C GGREGATION INK 26-14 27 C ORT P IRROR P C 27-2 show port monitor 27-3 Page 28-1 28 R C IMIT L ATE L C 28-2 rate-limit 28-3 rate-limit trap-input L C 28-4 show rate-limit vlan 29-1 29 VDSL C Table 29-1 VDSL Commands 29-2 Long-Reach Ethernet Commands Table 29-2 Long-Reach Ethernet Commands E C 29-3 Table 29-2 Long-Reach Ethernet Commands (Continued) 29-4 lre band-plan E C 29-5 This example sets the band plan to 998-640-30000. show lre (29-79) 29-6 lre option-band E C 29-7 lre ham-band 29-8 E C 29-9 lre region-ham-band 29-10 E C 29-11 29-12 lre psd-breakpoints E C 29-13 lre psd-frequencies 29-14 E C 29-15 lre psd-value 29-16 lre psd-mask-level E C 29-17 29-18 lre pbo-config E C 29-19 lre upbo 29-20 E C 29-21 lre tone 29-22 lre max-power E C 29-23 lre min-protection 29-24 lre channel E C 29-25 lre interleave-max-delay 29-26 lre datarate E C 29-27 lre rate-set 29-28 lre noise-mgn target E C 29-29 lre noise-mgn min 29-30 lre shutdown lre reset E C 29-31 lre auto-retraining 29-32 lre retraining E C 29-33 lre rate-adaption 29-34 lre apply P C 29-35 Line Profile Commands Table 29-7 Line Profile Commands 29-36 line-profile P C 29-37 lre line-profile 29-38 band-plan P C 29-39 option-band 29-40 ham-band P C 29-41 region-ham-band 29-42 tone P C 29-43 max-power 29-44 min-protection P C 29-45 channel 29-46 down/up-max-inter-delay P C 29-47 down/up-fast/slow-max/min-datarate 29-48 down/up-target-noise-mgn P C 29-49 down/up-min-noise-mgn 29-50 P C 29-51 Alarm Profile Commands Table 29-8 Alarm Profile Commands 29-52 alarm-profile lre alarm-profile P C 29-53 init-failure 29-54 thresh-15min-ess P C 29-55 thresh-15min-lofs 29-56 thresh-15min-lols P C 29-57 thresh-15min-loss 29-58 thresh-15min-lprs P C 29-59 thresh-15min-sess 29-60 thresh-15min-uass VDSL I 29-61 Displaying VDSL Information Table 29-9 Commands for Displaying VDSL Information 29-62 show lre band-plan This command displays the frequency bands used for VDSL signals. Table 29-9 Commands for Displaying VDSL Information (Continued) VDSL I 29-63 show lre option-band 29-64 show lre ham-band VDSL I 29-65 show lre region-ham-band 29-66 VDSL I 29-67 show lre psd 29-68 show lre psd-mask-level VDSL I 29-69 show lre pbo-config 29-70 show lre upbo VDSL I 29-71 show lre tone 29-72 show lre interleave-max-delay VDSL I 29-73 show lre datarate 29-74 show lre noise-mgn VDSL I 29-75 show lre rate-adaption 29-76 show lre config VDSL I 29-77 show lre line-profile 29-78 show lre alarm-profile VDSL I 29-79 show lre 29-80 show lre phys-info VDSL I 29-81 show lre rate-info 29-82 show lre perf VDSL I 29-83 Table 29-13 show lre phys-info - display description 29-84 Table 29-13 show lre phys-info - display description (Continued) VDSL I 29-85 Table 29-13 show lre phys-info - display description (Continued) 29-86 CPE Configuration oam local clear counter 29-87 efm remote eeprom-write copy tftp firmware 29-88 29-89 29-90 oam remote upgrade firmware oam remote firmware active 29-91 show cpe-info 29-92 Table 29-15 show cpe-info - display description DDRESS 30-1 Table 30-1 Address Table Commands T C 30-2 mac-address-table static Page T C 30-4 show mac-address-table 30-5 mac-address-table aging-time Page PANNING REE 31-1 Table 31-1 Spanning Tree Commands T C 31-2 Table 31-1 Spanning Tree Commands (Continued) 31-3 spanning-tree T C 31-4 spanning-tree mode 31-5 spanning-tree forward-time T C 31-6 spanning-tree hello-time 31-7 spanning-tree max-age T C 31-8 spanning-tree priority 31-9 spanning-tree pathcost method T C 31-10 spanning-tree transmission-limit spanning-tree mst-configuration 31-11 mst vlan T C 31-12 mst priority 31-13 name T C 31-14 revision max-hops 31-15 spanning-tree spanning-disabled T C 31-16 spanning-tree cost 31-17 T C 31-18 spanning-tree port-priority spanning-tree edge-port 31-19 spanning-tree portfast T C 31-20 31-21 spanning-tree link-type T C 31-22 spanning-tree mst cost 31-23 spanning-tree mst port-priority T C 31-24 spanning-tree protocol-migration 31-25 show spanning-tree T C 31-26 Page Page 32-1 32 VLAN C Table 32-1 VLAN Commands 32-2 GVRP and Bridge Extension Commands bridge-ext gvrp GVRP C E B 32-3 32-4 switchport gvrp show gvrp configuration GVRP C E B 32-5 32-6 show garp timer VLAN G 32-7 Editing VLAN Groups vlan database 32-8 VLAN I 32-9 Related Commands show vlan (32-16) Configuring VLAN Interfaces interface vlan 32-10 switchport mode VLAN I 32-11 switchport acceptable-frame-types 32-12 switchport ingress-filtering VLAN I 32-13 switchport native vlan 32-14 switchport allowed vlan VLAN I 32-15 switchport forbidden vlan 32-16 Displaying VLAN Information show vlan P VLAN 32-17 Configuring Private VLANs pvlan 32-18 P VLAN This example shows the information displayed a group is defined. RIVATE 32-19 32-20 Configuring Protocol-based VLANs P VLAN 32-21 protocol-vlan protocol-group (Configuring Groups) 32-22 protocol-vlan protocol-group (Configuring Interfaces) Page 32-24 show interfaces protocol-vlan protocol-group IEEE 802.1Q T 32-25 Configuring IEEE 802.1Q Tunneling 32-26 qinq priority map IEEE 802.1Q T 32-27 switchport mode dot1q-tunnel 32-28 show dot1q-tunnel IEEE 802.1Q T 32-29 switchport dot1q-ethertype 32-30 Configuring VLAN Swapping VLAN S 32-31 switchport vlan swap 32-32 show vlan-swap Page Page LASS 33-1 Priority Commands (Layer 2) C S 33-2 priority bits C (L 2) 33-3 queue mode C S 33-4 show priority Page C S 33-6 C (L 2) 33-7 queue bandwidth C S 33-8 queue cos-map C (L 2) 33-9 show queue bandwidth C S 33-10 show queue cos-map C 3 (L 4) 33-11 Page Page C S 33-14 map ip precedence (Interface Configuration) Page C S 33-16 map ip dscp (Interface Configuration) C 3 (L 4) 33-17 C S 33-18 show map ip port C 3 (L 4) 33-19 C S 33-20 show map ip dscp 34 Q S UALITY Table 34-1 Quality of Service Commands C S 34-2 34-3 class-map C S 34-4 match 34-5 C S 34-6 policy-map 34-7 class C S 34-8 set 34-9 police C S 34-10 service-policy 34-11 show class-map C S 34-12 show policy-map Page Page ULTICAST 35-1 ILTERING Table 35-1 Multicast Filtering Commands F C 35-2 IGMP Snooping Commands ip igmp snooping IGMP S C 35-3 ip igmp snooping vlan static F C 35-4 ip igmp snooping version IGMP S C 35-5 ip igmp snooping immediate-leave F C 35-6 show ip igmp snooping show mac-address-table multicast C 35-7 IGMP Query Commands F C 35-8 ip igmp snooping querier ip igmp snooping query-count C 35-9 ip igmp snooping query-interval F C 35-10 ip igmp snooping query-max-response-time C 35-11 ip igmp snooping router-port-expire-time F C 35-12 Static Multicast Routing Commands ip igmp snooping vlan mrouter Page F C 35-14 IGMP Filtering and Throttling Commands Table 35-5 IGMP Filtering and Throttling Commands Page F C 35-16 ip igmp profile permit, deny C T 35-17 range F C 35-18 ip igmp filter (Interface Configuration) ip igmp max-groups C T 35-19 ip igmp max-groups action F C 35-20 show ip igmp filter C T 35-21 show ip igmp profile F C 35-22 show ip igmp throttle interface VLAN R C 35-23 Multicast VLAN Registration Commands F C 35-24 mvr (Global Configuration) VLAN R C 35-25 F C 35-26 mvr (Interface Configuration) VLAN R C 35-27 F C 35-28 mvr immediate VLAN R C 35-29 show mvr F C 35-30 Example The following shows the global MVR settings: Table 35-7 show mvr - display description VLAN R C 35-31 The following displays information about the interfaces attached to the MVR VLAN: Table 35-8 show mvr interface - display description F C 35-32 Table 35-9 show mvr members - display description 36-1 36 D S AME N OMAIN Page 36-3 clear host N C S 36-4 ip domain-name 36-5 ip domain-list N C S 36-6 ip name-server 36-7 ip domain-lookup N C S 36-8 show hosts 36-9 show dns show dns cache Page 37-1 37 DHCP C DHCP Client ip dhcp restart client 37-2 DHCP Relay 37-3 ip dhcp relay server 37-4 ip dhcp information option 37-5 37-6 ip dhcp information policy 37-7 show ip dhcp relay server Page 38-1 38 IP I C Basic IP Configuration C 38-2 ip address IP C 38-3 ip default-gateway C 38-4 show ip interface show ip redirects IP C 38-5 ping C NTERFACE 38-6 Example Related Commands interface (25-2) Page Page PPENDIX OFTWARE A-1 PECIFICATIONS Software Features S A-2 F A-3 Management Features Standards S A-4 Management Information Bases I B A-5 Page PPENDIX B-1 B ROUBLESHOOTING Problems Accessing the Management Interface B-2 S L B-3 Using System Logs Page G Glossary-1 LOSSARY Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 Glossary-8 Glossary-9 Glossary-10 NDEX Numerics A B C E F G H I J L M P Q R S T U V W